[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Chinese hackers reportedly took classified data on MH370 a day after it went missing
From: InfoSec News <alerts () infosecnews ! org>
Date: 2014-08-21 9:40:55
Message-ID: alpine.DEB.2.02.1408210940440.7436 () infosecnews ! org
[Download RAW message or body]
http://www.washingtonpost.com/blogs/the-switch/wp/2014/08/20/chinese-hackers-reportedly-took-classified-data-about-mh370-a-day-after-it-went-missing/
By Jiaxi Lu
The Washington Post
August 20, 2014
Five months after Malaysia Airlines flight 370 went missing, a report
emerged on Wednesday saying that Chinese hackers have targeted Malaysian
government departments involved in the search for the jet.
According to the Malaysian newspaper the Star, on March 9, Malaysian
officials received a malware disguised as a news report claiming the MH370
had been found -- a day after the flight disappeared from radar while en
route from Kuala Lumpur to Beijing with 239 people on board. The newspaper
cited Amirudin Abdul Wahab, chief executive of CyberSecurity Malaysia, a
government agency under the Science, Technology and Innovation Ministry.
The newspaper said that a user clicked on a PDF document attached to the
e-mail and released the malware unknowingly to about 30 computers
belonging to high-ranking officials at agencies involved with the MH370
investigation. CyberSecurity Malaysia received reports from the
administrators saying their network was congested with e-mails going out
of their servers. Targeted agencies included Malaysia's Civil Aviation
Department, the National Security Council and Malaysia Airlines, most of
them owned by the government, according to the Star.
"Those e-mail contained confidential data from the officials' computers,
including the minutes of meetings and classified documents. Some of these
were related to the MH370 investigation," Wahab said, according to the
Star. "This was well-crafted malware that antivirus programs couldn't
detect. It was a very sophisticated attack."
Wahab added that CyberSecurity Malaysia was able to block the
transmissions of the data but that some information had already been sent
from those hacked computers to an IP address that was tracked to China.
Wahab said he suspects the motivation for the hacking was the MH370
investigation.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic