Friday, 10 April 2009

Update on the Chinese hacking story

More has started to surface about connections to the recent hacking story towards the end of March, that said the Chinese gouverment could be behind a worldwide hacking campaign.

The Chinese gouverment deny such talk.

Now it appears this 'system' used to onfect the world, has a name and this name is Ghostnet [What a shock!] and security giant Symantec have released a demo video on how easy the system could be used to target an infected machine.

See the video by Symantec here.

It appears that various groups are hunting the source of this Ghostnet and have already obtained information.

Some feel the whole story about China hacking around the globe was created by the US to help them pass new rules.

Others are useing this to make a point that Microsoft's Windows really has more holes in it than a fishing net and that whe world could be better switching over the Linux.

More info on Ghostnet here via Wikipedia.

You can also download a very informative report by ISC handler Maarten Horenbeck on a similer topic to Ghostnet for SANSFIRE talk in 2008 which is located here and will give you some extra understanding as to what could be going on etc.

We will see what unfolds, but for now I would advise you all keep your China and Korean blocklists enabled.

This is not a gurantee against attack from the region, as I will explain in more detail at a later date but will keep you safe from direct contact with anything infected within the wall and it has to be said, lots of infections and insecure networks lie in the region.

No comments: