Apr 11 2008
This is a fantastic article by Brian Grow, Keith Epstein and Chi-Chu Tschang on The New E-spionage Threat. The detail of the article and actual investigation are well worth reading.
The Pentagon hadn’t sent the e-mail at all. Its origin is unknown, but the message traveled through Korea on its way to Booz Allen. Its authors knew enough about the “sender” and “recipient” to craft a message unlikely to arouse suspicion. Had the Booz Allen executive clicked on the attachment, his every keystroke would have been reported back to a mysterious master at the Internet address cybersyndrome.3322.org, which is registered through an obscure company headquartered on the banks of China’s Yangtze River.
The other part of the article I found interesting was the e-mail link from Wang Baodong, Press Counselor & Spokesperson Of the Chinese Embassy to the United States:
As I told you over phone, I read your questionnaire carefully, and I’m very much concerned about the purpose of your story—if it targets China and is aimed at fanning up a “China cyber threat”, I would strongly suggest that you do not do such stories as this would only serve the purpose of some anti-China forces, and is not conducive to increasing mutual understanding and friendship between the Chinese and American peoples.
To me, this suggests that Chinese hackers may be going after what they consider the softer targets (as compared to those of the US military network) of US defense contractors. The e-mail sent to Booz Allen also demonstrates a very sophisticated method of net-reconnaissance and social-engineering.
Update (from jumper): A good follow-up.