A sensitive computer network belonging to the US government has been compromised in a targeted spear-phishing attack - as reported by Bill Gertz on the Washington Free Beacon's web site.
Additional write up on CNET News.
Both stories say that China was behind the attack, but this brings to my mind the problem of attack attribution in this kind of situation. The only evidence the articles cite is that the attackers "used servers located in China". How easy is it to rent hosting space in a Chinese data center and attack the US, in order to make it look like the Chinese are behind it? I'm not sure. Wouldn't Chinese state-sponsored hackers use a third party country to avoid attracting attention? Or maybe that's what they want us to think?
No comments:
Post a Comment