Amazing world

"There is an elevated risk, even for smaller companies, that they may become a potential target," said William Beer, a director in PWC's risk assurance services group and co-author of the report.

While not coming up with any new evidence to support the claims, the report assembles recent material from a number of sources to indicate what it sees as a growing danger.

For instance, it mentions that in late 2007, the head of MI5, the London-based security intelligence agency, sent a confidential letter to 300 U.K. business leaders at banks, accountants and legal firms, warning them of a coordinated, Web-based cyber-espionage campaign against the U.K. economy.

The report also cited that in November 2008, the U.K. Cabinet Office published the first National Risk Register, showing the likelihood and impact of various threats, from flu pandemics to attacks on crowded places. Included in the list was the risk of electronic attacks, which were seen as highly likely to occur, although of lower impact to the country as a whole.

The PWC cyber-espionage, or e-espionage, research also pointed out a March 2009 report from the University of Cambridge called "The Snooping Dragon: Social-malware Surveillance of the Tibetan Movement," which concluded: "What Chinese spooks did in 2008, Russian crooks will do in 2010, and even low-budget criminals from less developed countries will follow in due course," referring to possible external social-malware attacks that could allow malicious hackers to spy on users' machines.

The 'snooping dragon' report also warned: "Social malware [using email lures to get people to visit bogus websites that serve malicious code] is unlikely to remain a tool of governments. Certainly organisations of interest to governments should take proper precautions now, but other firms had better start to think about what it will mean for them when social-malware attacks become widespread."

In early 2009, the Canada-based research project, Information Warfare Monitor, published a report titled "Tracking GhostNet: Investigating a Cyber Espionage Network," which detailed the findings of a 10-month investigation into a global electronic spy network that had infiltrated computers in various government offices around the world. The report said the network used malware to compromise 1,295 computers in 103 countries, including systems belonging to foreign ministries and embassies and those linked with the Dalai Lama.

PWC's Beer said senior management needs to take security more seriously, especially since the rise in espionage coincides with a general rise in fraud caused by the economic downturn.

"Part of the challenge is that whenever senior managers hear about anything with 'cyber' or 'e' in it, they see it as an IT problem and delegate down," he said. "It requires more focus and a wider approach than just IT. Technology is the instrument that is used, but we need much better governance to try to provide a better assurance that these problems are not going to occur."

Beer said that in PWC's latest global research into security awareness, which questioned 7,000 senior management from 119 countries, 35% admitted they had no idea how many security incidents had occurred in their own organisations.

PWC has compiled a checklist of questions to help companies assess and tackle e-espionage risks:

1. Do you know the scale, number, nature and source of the incidents you have suffered to date?
2. Have you clearly identified your business's most valuable assets and which ones are most at risk from attack?
3. What would be the business impact of information/assets being stolen or compromised?
4. What is your strategy to manage, mitigate and minimise this risk?
5. Do you discuss this risk with investors and in the Annual Report?
6. What processes and technologies have you put in place to execute your security strategy?
7. What investment are you making to put these in place and ensure they remain effective?
8. How often do you reassess the risk and the strategy to manage it?
9. What new threats to your business are emerging in the e-espionage arena?
10. Have you educated and trained your staff to recognise and respond to the issue?[1]

WASHINGTON - Xiaodong Sheldon Meng, 44, a software engineer born in China and currently a resident of Cupertino, Calif., was sentenced today to a term of 24 months by the Honorable Jeremy Fogel, U.S. District Court Judge in San Jose and was also ordered to serve a three-year term of supervised release following his prison term; pay a fine of $10,000, and forfeit computer equipment seized in the case.

The sentence, the first handed down for a violation of the Economic Espionage Act of 1996 (18 USC Section 1831), was announced by Patrick Rowan, Acting Assistant Attorney General for National Security; Joseph P. Russoniello, U.S. Attorney for the Northern District of California; Arthur Cummings, Executive Assistant Director for the FBI’s National Security Branch; and Julie L. Myers, Department of Homeland Security Assistant Secretary for U.S. Immigration and Customs Enforcement (ICE).

On August 1, 2007, Meng pleaded guilty to two national security violations: one count of violating the Economic Espionage Act and one count of violating the Arms Export Control Act and the International Traffic in Arms Regulations. Meng’s conviction was the first involving military source code under the Arms Export Control Act and marked the second case in which there was a conviction under the Economic Espionage Act for misappropriating a trade secret with the intent to benefit a foreign government.

According to court records, Meng committed economic espionage by misappropriating a trade secret, known as "Mantis 1.5.5," from his former employer, Quantum3D Inc., with the intent to benefit a foreign government, specifically the People’s Republic of China (PRC) Navy Research Center in Beijing. He did so by using the Mantis 1.5.5 trade secret as part of a demonstration project in attempting to sell products of his new employer, Orad, Hi-Tec Systems Ltd., which was a direct competitor of Quantum3D. The trade secret at issue, known as "Mantis," is a Quantum3D product used to simulate real world motion for military training and other purposes.

In addition, Meng violated the Arms Export Control Act by knowingly and willfully exporting to the PRC a defense article on the United States Munitions List (defense article viXsen) without authorization from the United States. The product viXsen is a Quantum3D visual simulation software program used for training military fighter pilots who use night visual sensor equipment, including thermal imaging.

According to court documents, the investigation established that Meng had, in fact, misappropriated two defense articles (specifically nVSensor, in addition to viXsen described above), at least six source code products which were also trade secrets, and more than one hundred materials and utilities belonging to his former employer, Quantum3D. Many of these misappropriated Quantum3D products were intended primarily for military purposes. For example, nVSensor is a Quantum3D product used to provide night vision simulation and is exclusively used in military applications for precision training and simulation applications.

The investigation also established that defendant Meng was assisting in developing two separate military proposals for two separate Air Forces in Southeast Asia involving visual simulation equipment and source code. Copies of two F-16 Full Mission Simulator proposals involving two different countries were found on Meng’s laptop.

"Today’s case demonstrates the importance of safeguarding sensitive U.S. military technology as well as trade secrets. It should also serve as a warning to others who would compromise our national security for profit," said Patrick Rowan, Acting Assistant Attorney General for National Security.

Mr. Rowan commended the teamwork of several agencies that worked on the case for nearly four years, including the U.S. Attorney’s Office Computer Hacking and Intellectual Property (CHIP) Unit in the Northern District of California; the National Security Division and Criminal Division at the U.S. Department of Justice; the FBI, and ICE, as well Customs & Border Protection. The Department of State and the Department of Defense also provided assistance on the case. The U.S. Attorney’s Offices in the Northern District of Alabama, District of Minnesota, and Middle District of Florida also joined the plea agreement as some conduct in the case occurred in those jurisdictions.

Joseph P. Russoniello, U.S. Attorney for the Northern District of California, stated, "In this case, a Silicon Valley trade secret was used in a demonstration project in Beijing with the intent to benefit the PRC Naval Research Center. Source code for military visual simulation programs to train military fighter pilots and restricted defense articles were also willfully exported outside the United States. We will continue to enforce the criminal laws against those who violate export restrictions and misappropriate our trade secrets. Many of the systems we protect are designed to safeguard our men and women in harm’s way and compromising them significantly adds to the perils that they face in defending us. It is imperative that we vigilantly protect the intellectual property developed in the Silicon Valley and elsewhere in the country so as to maintain as our nation’s military defense advantages, and to deter acts of aggression against vital American interests."

"ICE is committed to shutting down those who are willing to put America’s national security on sale for a profit," said Julie L. Myers, Department of Homeland Security Assistant Secretary for ICE. "The export of U.S. military products and sensitive technology is controlled for good reason – in the wrong hands, these items could be used to harm America or its allies. Enforcing U.S. export laws is one of ICE’s top priorities, and we will continue to work with our partners in law enforcement and industry to ensure that those who put our country at risk are brought to justice."

FBI Executive Assistant Director for the National Security Branch, Arthur Cummings stated, "Protecting our nation’s most sensitive trade secrets and critical technology is at the core of the FBI mission. The FBI is committed to safeguard our country’s economic well-being and national security."

Quantum3D, Inc., based in San Jose, California, has cooperated fully in the government’s investigation. Quantum3D produces hardware and software components for simulation systems for commercial and military customers. Some of the products include high-end visual simulation systems, and interactive, open-architecture visual computing solutions, image generators, and embedded graphics subsystems.

Defendant Meng was ordered to surrender for this prison term on August 18, 2008. He has been out of custody after a $500,000 bond, secured by cash and real property, was posted at the beginning of the case.

The prosecution is being handled by Assistant U.S. Attorney Mark L. Krotoski, presently on assignment at the Computer Crime and Intellectual Property Section, with the assistance of Paralegal Lauri Gomez. Thomas P. Reilly, a Trial Attorney in the National Security Division’s Counterespionage Section, also assisted on the case. The case was investigated by a team of agents from the FBI and ICE.

Reference:http://www.justice.gov/opa/pr/2008/June/08-nsd-545.html

The Government has openly accused China of carrying out state-sponsored espionage against vital parts of Britain’s economy, including the computer systems of big banks and financial services firms.

In an unprecedented alert, the Director-General of MI5 sent a confidential letter to 300 chief executives and security chiefs at banks, accountants and legal firms this week warning them that they were under attack from “Chinese state organisations”. It is believed to be the first time that the Government has directly accused China of involvement in web-based espionage. Such a blunt and explicit warning from Jonathan Evans could have serious diplomatic consequences and cast a shadow over Gordon Brown’s first official visit to China as Prime Minister early in the new year.

A summary of the MI5 warning, a copy of which has been seen by The Times, was posted on a secure government website. It says that Mr Evans wrote to business leaders “warning them of the electronic espionage attack”.

The summary, on the website of the Centre for the Protection of the National Infrastructure, says: “The contents of the letter highlight the following: the Director-General’s concerns about the possible damage to UK business resulting from electronic attack sponsored by Chinese state organisations, and the fact that the attacks are designed to defeat best-practice IT security systems.”

It adds: “The letter acknowledges the strong economic and commercial reasons to do business with China, but the need to ensure management of the risks involved.”

Access to the site is limited to groups that form part of the country’s critical infrastructure, which include telecoms firms, banks and water and electricity companies. The document gives warning that British companies doing business in China are being targeted by the Chinese Army, which is using the internet to steal confidential commercial information. The Home Office refused to comment last night on what it called leaked private correspondence. A spokesman for the Chinese Embassy in London said he was unaware of the allegations and that the embassy had not received any complaints from the British authorities.

Martin Jordan, a principal adviser at the accountants KPMG, who has seen the contents of the letter, said: “If the Chinese know that a British firm is trying to buy a company or other assets such as land in China then they are using every means at their disposal to discover details such as exactly how much money the British company is prepared to spend for that asset.”

Firms known to have been compromised recently by Chinese attacks are one of Europe’s largest engineering companies and a large oil company, The Times has learnt. Another source familiar with the MI5 warning said, however, that known attacks had not been limited to large firms based in the City of London. Law firms and other businesses in the regions that deal even with only small parts of Chinese-linked deals are being probed as potential weak spots, he said.

A security expert who has also seen the letter said that among the techniques used by Chinese groups were “custom Trojans”, software designed to hack into the network of a particular firm and feed back confidential data. The MI5 letter includes a list of known “signatures” that can be used to identify Chinese Trojans and a list of internet addresses known to have been used to launch attacks.

A big study gave warning this week that Government and military computer systems in Britain are coming under sustained attack from China and other countries. It followed a report presented to the US Congress last month describing Chinese espionage in the US as so extensive that it represented “the single greatest risk to the security of American technologies”.

Ian Brown, of Oxford University, one of the report’s authors, said that attacks traced back to China have been found attempting to crack Whitehall passwords. The report identified China as the country most active in internet-enabled spying operations and attacks but says that 120 other countries are using the same techniques.

The Centre for the Protection of National Infrastructure, one of several British bodies charged with protecting the country’s computer systems, has described the threat posed by cyber attacks as enormous.

Defence departments across the globe are already rewriting manuals for a future of digital warfare. The US has recorded 37,000 attempted breaches of government and private systems this year and a new unit at the US Air Force, staffed by 40,000 people, has been set up to prepare for cyber-war.

The Virtual Criminology Report found that attacks had progressed from initial curiosity probes to well-funded and well-organised operations for political, military, economic and technical espionage.[1]

Reference:

[1]http://business.timesonline.co.uk/tol/business/industry_sectors/technology/article2980250.ece