On June 1, 2009, messages with the heading ''China and Climate Change'' dropped into the email inboxes of five US State Department officers. The five officers, working in the Office of the Special Envoy for Climate Change, were involved in preparing for delicate bilateral climate change talks in Beijing in several days.
The email appeared to be from a respected economics columnist at a well-known US journal and contained information designed to be of particular and direct relevance to the five staff.
Attached to the email was a PDF file also titled ''China and Climate Change''. Unknown to the staff, lurking within this document was a piece of sophisticated malicious code (malware) known as Poison Ivy.
If the file was opened, a remote administration tool, or RAT, would slip onto the target's computer and allow the sender nearly complete control over the system.
''The event appears to be a targeted 'spear-phishing' [gleaning sensitive information via email] attempt and may be indicative of efforts to gather intelligence on the US's position on climate change issues,'' an officer with the department's cyber threat analysis division wrote in a secret State Department cable sent three weeks later.
While that intrusion attempt was blocked, it provides a glimpse of a shadow war being waged in cyberspace between hundreds of countries, as they at once take advantage of the massive and anonymous reach of the internet, and find themselves besieged by it.
Read more: http://www.smh.com.au/world/code-red-the-cyber-spy-threat-20110923-1kp9w.html#ixzz1Yn0rDPVN
The email appeared to be from a respected economics columnist at a well-known US journal and contained information designed to be of particular and direct relevance to the five staff.
Attached to the email was a PDF file also titled ''China and Climate Change''. Unknown to the staff, lurking within this document was a piece of sophisticated malicious code (malware) known as Poison Ivy.
If the file was opened, a remote administration tool, or RAT, would slip onto the target's computer and allow the sender nearly complete control over the system.
''The event appears to be a targeted 'spear-phishing' [gleaning sensitive information via email] attempt and may be indicative of efforts to gather intelligence on the US's position on climate change issues,'' an officer with the department's cyber threat analysis division wrote in a secret State Department cable sent three weeks later.
While that intrusion attempt was blocked, it provides a glimpse of a shadow war being waged in cyberspace between hundreds of countries, as they at once take advantage of the massive and anonymous reach of the internet, and find themselves besieged by it.
Read more: http://www.smh.com.au/world/code-red-the-cyber-spy-threat-20110923-1kp9w.html#ixzz1Yn0rDPVN
No comments:
Post a Comment