China and Russia – politically motivated cyber attacks

China as previously discussed, has the potential to wreak havoc so it’s no surprise to understand that is has developed a comprehensive cyber espionage programmes (which targets for example computer hardware and software); created citizen hacker groups; established cyber warfare units (very much like many other nation-states) and embedded logic bombs and trap doors in many nation-state infrastructure networks and computer software. Chinese warfare strategy is very much politically driven.

China has developed a detailed cyber warfare strategy which works very closely with private hacker groups. To date there are probably 2-300 hacker groups working directly with the Chinese government. Take into account that they now have the Microsoft source code; they can now fully understand the security vulnerabilities long before they are identified and fixed by Microsoft. The Chinese government do not use Microsoft software for their networks – rather they use open source software called Kylin. The reason for this is clear – they plan to use their knowledge of Microsoft to inflict sabotage and or exploit as yet unidentified software vulnerabilities on those nation-states that use Windows operating systems.

Russia however, still remains the biggest threat in cyber space according to leading US security researchers and the US government. After all this is the land of the chess masters. In January of 2009 the world witnessed the third successful cyber attack against a country (all cyber attacks by this time had been committed by Russia). The target was the small country of Kyrgyzstan. The country is only about 77,000 square miles in size with a population of just over 5 million. The attackers focused on the three of the four Internet service providers. They launched a distributed denial of service attack traffic and quickly overwhelmed the three and disrupting all Internet communications.

The IP traffic was traced back to Russian-based servers primarily known for cyber crime activity. Multiple sources have blamed the cyber attack on the Russian cyber militia and/or the Russian Business Network (RBN). RBN is thought to control the world’s largest botnet with between 150 and 180 million nodes. In this particular cyber attack it is believed that the Russian government wanted to put itself an arm’s length away from the hostile act.

Did you know? The Russian Business Network (RBN) is a cybercrime organization specializing in and in some cases monopolizing personal identity theft for resale. It is the originator of the MPack exploit kit and alleged operator of the Storm botnet. (Reference:Wikipedia/edited)

Source of Information : Hakin9 November 2010