Chinese Spies May Have Spear-fished U.S. Diplomats

Wednesday, February 02, 2011



The son of an editor at the National Journal made an interesting observation while perusing some of the U.S. government cables released by WikiLeaks.

The astute reader noticed a series of emails sent in 2009 to five State Department officials requesting comment on climate change issues.

The emails were spoofed to appear to have originated from the National Journal’s editor and columnist Bruce Stokes, and were titled "China and Climate Change”.

At the time, the State Department officials contacted were engaged in sensitive negotiations with the Chinese government on greenhouse-gas emissions.

The emails contained attachments infested with malware that would have allowed the attackers access to the recipient's computers by way of a backdoor.

There is no evidence either way regarding the success of the spearfishing attack, and the assumption that the Chinese may have been behind the operation is purely circumstantial, based solely on the timing and the targets.

Spear-fishing refers to a social engineering strategy aimed at specific individuals using information tailored to fool the targets into providing sensitive information or, as was the case with the State Department officials, opening a malware-tainted document because they assume an attachment is from a trusted source.

This particular incident may have gone unacknowledged had it not been for the sharp eye of the unnamed editor's son who, after stumbling upon the emails, sent a message to his father stating, “I see that the Chinese government is using your magazine as a tool for international espionage.”

Spear-fishing as a social engineering tactic has continued to gain popularity with the increase in personal information shared on social networks.

Always exercise caution when opening attachments, even from sources assumed to be legitimate.


Possibly Related Articles:
China malware Social Engineering Headlines Espionage WikiLeaks State Department Attachments
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked