Businesses warned by MI5 of Chinese espionage threat, Sophos offers advice

December 01, 2007 Sophos Press Release

Keyboard
MI5 is reported to have accused China of sponsoring hackers to spy on British companies.

IT security and control firm Sophos has reminded organizations of the importance of properly securing their computer networks following news reports that British firms have been warned by MI5 of the threat posed by Chinese hackers. According to a report in The Times, the UK Security Service sent a confidential letter to banks, accountants and law firms warning that they are under attack from "Chinese state organisations."

Jonathan Evans, the Director-General of MI5, is said to have written to 300 chief executives and security chiefs at British companies warning them of the "electronic espionage attack."

"Spying has been going on between countries for thousands of years, and it would be foolish to think that countries would not take advantage of computers and the internet to assist them in this," said Graham Cluley, senior technology consultant for Sophos. "It is, however, unusual for a country to so openly accuse another of engaging in this activity - especially when it can be extraordinarily difficult to prove an attack is being sponsored by a government or is a lone hacker acting independently."

Sophos noted earlier this year that 30% of all malware is now written in China, most of it taking the form of Trojans used for gaining a backdoor into users' computers. Perhaps surprisingly, Sophos revealed that 17% of the malicious code written in China is not designed to steal confidential information from businesses, but to phish passwords from online gamers.

"Wherever an attack may be originating, businesses need to ensure they are properly defended," explained Cluley. "Up-to-date anti-virus software, firewalls, and security patches are a must. Proactive protection against zero-day attacks and network access control are also invaluable."

Sophos experts note that this is not the first time that the Chinese authorities have been accused of cyber-espionage.

In September the Chinese military were blamed for a cyberattack which targeted a Pentagon computer system serving the office of US defense secretary Robert Gates. Unnamed sources are said to have told the Financial Times that the People's Liberation Army (PLA) were blamed in an internal investigation for perpetrating the attempted hack. Media reports in The Guardian claimed that the British and German governments have also been subject to similar probes by hackers working for the PLA.

Two years ago, Sophos reported how it had helped the National Infrastructure Security Co-ordination Centre (NISCC) analyze Trojan horses which had targeted government departments and British businesses. Much of the malware was thought to have originated from China.

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.