Home
News
E-mail Newsletters
Blogs
Tech Dispenser
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Print Subscriptions

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Finance
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 

Computerworld 2007Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.

Chinese hackers attack U.K. government using Windows security hole

Attack attempted to exploit Windows Metafile vulnerability
John E. Dunn   Today’s Top Stories    or  Other Security Stories  
 

Sign up to receive Security Resource Alerts

January 25, 2006 (TechWorld.com) -- Chinese hackers launched a major attack on the U.K. Parliament earlier this month, the government's e-mail filtering company, MessageLabs Ltd., has confirmed.
The attack, which occurred on Jan. 2, attempted to exploit the Windows Metafile (WMF) vulnerability to hijack the PCs of more than 70 named individuals, including researchers, secretaries and members of Parliament (MP) themselves.
E-mails with an attachment that contained the WMF-exploiting Setabortproc Trojan horse were sent to staffers. Anyone opening this attachment would have enabled attackers to browse files, and possibly install a keylogging program to attempt the theft of passwords. None of the e-mails got through to the intended targets, MessageLabs said, but the U.K. authorities were alerted.
The WMF flaw was first made public in November and patched by Microsoft Corp. on Jan. 5. Given that the first exploit was reported on Dec. 29, this offered the attackers a "zero-day" window in which to launch the Trojan assault.
MessageLabs was reported by The Guardian newspaper -- which broke the story -- as saying the source of the e-mails had been traced to servers in China's Guangdong Province, hence the suspicion that the latest attack was part of a more general campaign of electronic subversion.
This is not the first time the U.K. government has come under Trojan attack from China. Last summer, the National Infrastructure Security Co-ordination Centre (NISCC) reported that U.K. government departments had been hit by a wave of Trojans originating in China.
At the time, the organization was more circumspect in attributing blame, however, describing the source in general terms as "often linked to the Far East". There appear to be no such sensitivities this time around.
The use of targeted Trojans to carry out espionage was first reported by Techworld last May, when Israeli authorities uncovered a massive electronic spying operation by a large number of the country's companies to steal files from their business rivals. On that occasion, the information theft had succeeded on a scale involving tens of thousands of documents.
It is hard to say who looks worst from the latest news. Microsoft will be severely embarrassed that a major customer was attacked using a flaw the company had warned of but not managed to patch. Likewise, the fact the attack is being openly attributed to China must be uncomfortable for the authorities there, who know they are assumed to approve any sophisticated use of the Internet in the country.


Reprinted with permission from

For more enterprise technology news from the U.K., please visit TechWorld.com. Copyright 2006 IDG, all rights reserved.


Print this Story Send Us Feedback E-mail this Story Digg! Digg this Story Slashdot this Story

Blogs

"A couple of weeks ago at..." Read more...
"Most security companies tend to take a horizontal approach looking to capitalize on the finance, service provider, and federal government..." Read more...
Read more Security posts or See all Blogs

Elgan: You can be Batman, too
Study: IT jobs will drop in 2009
RIM fixes critical BlackBerry Enterprise Server bug
More top stories...
Apple's recall demand would probably kill Psystar, says IP attorney
DNS flaw discoverer says more permanent fixes will be needed
AT&T muffs free iPhone Wi-Fi offer again

11 cool new apps for the iPhone
With the opening of Apple's App Store, the iPhone takes a revolutionary leap from cool mobile phone to hot mobile platform. See our list of apps you should definitely check out for yourself.
Google is doing WHAT?
Its motto is "Don't be evil" — but it looks like anything and everything else imaginable is pretty much fair game — not to mention some wildly rumored projects that we asked the company to confirm or deny.
The new face of R&D: What's cooking at IBM, HP and Microsoft
The talk at three big research houses is all about "open innovation." Is that a feel-good catchphrase or the R&D strategy of the future?
Review: The iPhone 3G was worth the wait
After months of waiting for a 3G-based iPhone — and hours waiting in line to actually buy one — Ryan Faas says it "packs quite a punch, both in its design and in the 3G and GPS capabilities" it offers.

FROM THE BLOGOSPHERE

Windows Vista A to Z
Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS.
IT Careers 2010
Four years from now, the IT field will be a vastly different place. Will you be ready?
All Zones
Application Performance Zone
Business Continuity Zone
Data Center Management Zone
Enterprise-Class Security Zone
The File Data Management Zone
Grid Computing on Windows Zone
Security Management Zone
ITIL Best Practices Zone
The SAS Zone
Storage Virtualization Zone
Business Intelligence and Analytics Zone


Ads by TechWords

See your link here
Why SaaS is Vital to Email and Web Security
Why SaaS is Vital to Email and Web Security
Download this webcast, free, compilments of Webroot Software
Go to the webcast 
Computerworld Executive Bulletin: Building a Robust Antivirus Defense
Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs.
(Source: MessageLabs) Antivirus software alone isn't enough to prevent today's speedy, sophisticated virus attacks. Security managers should consider multitiered approaches that include behavior scanning, appliances that check e-mail for worms, and restricting user access to dangerous Web sites. Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs, to learn more.
Download this executive briefing download
Eliminate SPAM, Gain Productivity
Get this white paper now!
(Source: MessageLabs) Learn all about the dangers and the costs of spam in all its forms - from stock-touting to spreadsheet. Also, understand the drawbacks of traditional hardware- and software-based defenses - and the unique benefits of MessageLabs multi-layered, managed Anti-Spam solution; as illustrated by a real-world case study where MessageLabs stopped spam cold.
Download this white paper go
White Papers
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
New Fujitsu High-End Itanium Windows- and Linux-Based PRIMEQUEST Servers Offer the Utmost in High Availability
New Fujitsu High-End Itanium-Based PRIMEQUEST Servers Offer Industry-Leading System Management for Linux and Windows
Web Security SaaS: The Next Generation of Web Security
View more whitepapers 

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDG Connect IDG World Expo Infoworld
The Industry Standard ITworld JavaWorld LinuxWorld MacUser Macworld Network World PC World Playlist
Copyright © 2008 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.