Category Archives: China

FBI charges Chinese national with distributing malware used in OPM hack attack

The malware has been linked to both the data breach of the US Office of Personnel Management as well as the Anthem breach.

The FBI has filed charges against a Chinese malware broker named Yu Pingan, alleging that he provided hackers with malware, including the Sakula trojan, to breach multiple computer networks belonging to companies in the US

The FBI alleges that Yu, also known as “GoldSun,” conspired with two unnamed hackers from around April 2011 through around January 2014 to maliciously target a group of US companies’ computer networks.

The complaint filed does not name which companies were targeted but notes that the different companies were headquartered in San Diego, California; Massachusetts; Los Angeles, California; and Arizona.

The rarely-used Sakula malware has been linked to both the 2014 breach of the US Office of Personnel Management as well as the 2015 breach of the health insurance firm Anthem.

The Anthem breach impacted 78.8 million current and former customers of the company, while the OPM hack affected more than 22 million records of Americans who had applied for security clearance to work for the government.

Chinese hacker who stole information on US military gets prison

Su Bin stole confidential data belonging to US defense contractors for clients in China.

new-locker-crypto-image www.intelagencies.com

A Chinese national has been thrown behind bars after admitting to his part in a year-long conspiracy to steal valuable technical data belonging to military and defense contractors in the United States.

Su Bin, a 51-year-old aviation specialist, pleaded guilty in March to a conspiracy to break into US contractor systems in order to steal sensitive military and “export-controlled” data. Once network defenses were breached and this information ended up in his hands, the data was given to clients in China.

Also known as “Stephen Su” and “Steven Subin,” the Chinese national was arrested in 2014 for his role, which also included telling co-conspirators — believed to be military officers in China — who the best marks were, which files needed to be stolen, and why the information was valuable to China’s military and government.

On Wednesday, US prosecutors said Su Bin has been given a jail term of 46 months in a federal prison.

Su pleaded guilty to one count of conspiring to gain unauthorized access to a protected computer and to violate the Arms Export Control Act by exporting defense articles on the US Munitions List contained in the International Traffic in Arms Regulations.

As part of Su’s trial, the Chinese national also admitted that computers belonging to Boeing — a contractor tasked with producing jets for the US military — were targeted.

Information concerning C-17 strategic transport aircraft and specific military fighter jets were of particular interest to the Su and his co-conspirators.

“Su Bin’s sentence is a just punishment for his admitted role in a conspiracy with hackers from the People’s Liberation Army Air Force to illegally access and steal sensitive U.S. military information,” said Assistant Attorney General Carlin. “Su assisted the Chinese military hackers in their efforts to illegally access and steal designs for cutting-edge military aircraft that are indispensable to our national defense.

These activities have serious consequences for the national security of our country and the safety of the men and women of our armed services. This prison sentence reinforces our commitment to ensure that hackers, regardless of state affiliation, are held accountable for their criminal conduct.”

The sentence was announced by US District Judge Christina Snyder of the Central District of California

kjntyu

Henry Sapiecha

U.S.A. Advised to Examine ‘Hack Back’ Options Against China

china-us-fight hack back option image www.intelagencies.com

The United States remains ill-prepared to combat state-backed cyber intrusions from China and lawmakers should look at whether U.S.-based companies be allowed to ‘hack back’ to recover or wipe stolen data, a congressional advisory body said Tuesday.

That’s the primary recommendation of this year’s report by the U.S.-China Economic and Security Review Commission that examines the national security implications of the relationship between the two world powers.

The report says China’s increasing use of cyber espionage has already cost U.S. companies tens of billions of dollars in lost sales and expenses in repairing the damage from hacking. It says in many cases, stolen trade secrets have been turned over to Chinese government-owned companies.

The commission, typically very critical of Beijing, is appointed by both parties in Congress but makes no bones about the “inadequate” U.S. response, saying China has also infiltrated a wide swath of U.S. government computer networks.

“The United States is ill-prepared to defend itself from cyber espionage when its adversary is determined, centrally coordinated, and technically sophisticated, as is the CCP and China’s government,” the report says, referring to the ruling Chinese Communist Party.

Cybersecurity has become an increasingly sore point in U.S.-China relations. It remains to be seen whether a September agreement between President Barack Obama and China’s President Xi Jinping that neither government will support commercial cyber theft will lead to an easing in the tensions.

Among the most serious breaches in the past year in which China is suspected was against the Office of Personnel Management, revealed in April. Hackers gained access to the personal information of more than 22 million U.S. federal employees, retirees, contractors and others, and millions of sensitive and classified documents.

“The Chinese government appears to believe that it has more to gain than to lose from its cyber espionage and attack campaign. So far, it has acquired valuable technology, trade secrets, and intelligence. The costs imposed have been minimal compared to the perceived benefit. The campaign is likely to continue and may well escalate,” says the report.

China describes itself as a victim of hacking and says that is combating cybercrimes. It denied involvement in the OPM hack.

The commission’s report says U.S. law does not allow retaliatory cyberattacks by private citizens and corporations, nor does it appear to allow ‘hack backs’ to recover, erase or alter stolen data in offending computer networks. It says international law has not kept up with developments in cyber warfare, and recommends Congress assess the coverage of U.S. law in this regard.

Congress should also study the feasibility of having a foreign intelligence cyber court to hear evidence from U.S. victims of cyberattacks and decide whether the U.S. government might hack back on a victim’s behalf, the report says.

Richard Bejtlich, chief security strategist at FireEye, a U.S. network security company, said there wouldn’t be much appetite in the private sector for this. He said it should be the U.S. government that conducts any counter intrusions, but publicly available information indicates that offensive cyber activities by the U.S. to date have been focused on intelligence targets and centers of state power rather than targeting groups that are hacking the private sector.

“We need to get our hackers to go after their hackers to put pressure on them and disrupt their operations,” Bejtlich said. “We need to start with more government pressure, not put the private sector in that role.”

The commission’s report, which surveys a wide range of economic and security developments in China, also criticizes its censorship and restrictions on Internet content and the impact that has on U.S. businesses. The report accused China of a “government effort to wall off the fastest-growing market in the world for digital commerce.”

Source: Associated Press

ooo

Henry Sapiecha

OPM hack: China blamed for massive breach of US government data

Denials from Beijing after computer systems are targeted at Office of Personnel Management, which holds details on entire staff of US government

The hack at the Office of Personnel Management follows an attack on the IRS that compromised the details of 100,000 taxpayers image www.intelagencies

The hack at the Office of Personnel Management follows an attack on the IRS that compromised the details of 100,000 taxpayers. Photograph: Thomas Trutschel/Photothek via Getty Images

The Obama administration is scrambling to assess the impact of a massive data breach involving the agency that handles security clearances and US government employee records, with suspicion quickly falling on China, which has been accused of carrying out cyber-espionage against the US in the past.

Government officials familiar with the situation told the Associated Press the hack occurred at the Office of Personnel Management (OPM) and the Interior Department, and could potentially affect four million people at every federal agency.

The OPM is the human resources department for the federal government and does checks for security clearances.

A US law enforcement source told the Reuters news agency on Thursday night that a “foreign entity or government” was believed to be behind the attack. Authorities were looking into a possible Chinese connection, the news agency said, quoting a source close to the matter.

Chinese officials issued swift denials, with foreign ministry spokesman Hong Lei branding the accusations irresponsible and unscientific at a news briefing on Friday. “We know that hacker attacks are conducted anonymously, across nations, and that it is hard to track the source,” Hong said. “It’s irresponsible and unscientific to make conjectural, trumped-up allegations without deep investigation.”

“The FBI is conducting an investigation to identify how and why this occurred,” the department of homeland security said in a statement on Thursday. “DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion.”

Reports in the New York Times and Washington Post on Thursday, both citing unnamed sources in the federal government, reported Chinese hackers were behind the breach.
Advertisement

Senator Susan Collins, a Maine Republican, said the hackers were believed to be based in China.

Collins, a member of the Senate intelligence committee, said the breach was “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances”.

The Chinese embassy in Washington responded that jumping to conclusions was “not responsible” and “counterproductive”.

Embassy spokesman Zhu Haiquan said China had made great efforts to combat cyberattacks and that tracking such events conducted across borders was difficult.

A Pentagon report in April said hackers associated with the Chinese government repeatedly targeted US military networks seeking intelligence during 2014.

US Representative Adam Schiff, the ranking Democrat on the House select intelligence committee, said: “The last few months have seen a series of massive data breaches that have affected millions of Americans.

He called the latest intrusion “among the most shocking because Americans may expect that federal computer networks are maintained with state-of-the-art defences”.

“It’s clear that a substantial improvement in our cyber databases and defences is perilously overdue,” Schiff said.

Senate intelligence committee chairman Richard Burr said the government must overhaul its cybersecurity defenses. “Our response to these attacks can no longer simply be notifying people after their personal information has been stolen,” he said. “We must start to prevent these breaches in the first place.”
Advertisement

The largest federal employee union, the AFGE, said it would “demand accountability”. The union’s president, J David Cox, said it was working with the administration to ensure measures were taken to secure the personal information of affected employees.

In November a former DHS contractor disclosed another cyber-breach that compromised the private files of more than 25,000 DHS workers and thousands of other federal employees.

DHS said its intrusion detection system, known as Einstein, which screens federal internet traffic to identify potential cyber threats, identified the hack of OPM’s systems and the Interior Department’s data centre, which is shared by other federal agencies.

“DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion,” the statement said.

Members of Congress were briefed on the breach on Thursday.

The hack follows an attack on the Internal Revenue Service (IRS) that compromised the details of 100,000 taxpayers. On Wednesday the IRS commissioner John Koskinen appeared before a Senate committee and blamed the attack on underfunding and the agency’s inability to keep up with increasingly sophisticated threats.

“This incident provides a stark reminder that even security controls that may have been adequate in the past can be overcome by hackers, who are anonymous, persistent and have access to vast amounts of personal data and knowledge,” J Russell George, treasury inspector general for tax administration, told the Senate finance committee.

Ken Ammon, chief strategy officer at Xceedium, a government security contractor that specialises in securing privileged access to systems, said: “What we are seeing across the board is a particular weakness in our defence systems.”

Ammon said sophisticated hacking operations funded by nation states were targeting system administrators and gaining access to massive amounts of data. “What you want to be able to do is cut your loses, make sure the attack is isolated to that particular individual and not the terabytes of information stored on the servers.”

In April Barack Obama responded to a growing rash of attacks aimed at US computer networks by launching a sanctions program to target individuals and groups outside the United States that use cyber attacks to threaten US foreign policy, national security or economic stability.

The move followed indictments of five Chinese military officers who were charged with economic espionage. US officials also pointed the finger directly at North Korea for a high-profile attack on Sony over a film spoof depicting the assassination of North Korea’s leader.

China has routinely denied accusations by US investigators that hackers backed by the Chinese government have been behind attacks on US companies and federal agencies.

Obama has moved cybersecurity toward the top of his 2015 agenda after recent breaches and the White House says he raises the issue in meetings with Chinese President Xi Jinping. US military officials have become increasingly vocal about cyber espionage and attacks launched by China, Russia and others.

In unveiling an updated cyber strategy in May, the US defense secretary, Ash Carter, singled out threats from Russia, China, Iran and North Korea and stressed the military’s ability to retaliate with cyber weapons.

The Associated Press and Reuters contributed to this report

www.clublibido.com (8)

Henry Sapiecha

New Chinese law reinforces government control of cyberspace

Cyber_Security_at_the_Ministry_of_Defence_image www.intelagencies.com

BEIJING (AP) — China’s legislature passed sweeping legislation on Wednesday that reinforces government controls over cyberspace, as the nation’s leaders try to address what they see as growing threats to Chinese networks and national security.

The vaguely worded National Security Law is one of several new regulatory moves by China that worry privacy advocates and have foreign businesses concerned about potential harm to their operations inside the country.

The law calls for strengthened management over the web and tougher measures against online attacks, theft of secrets, and the spread of illegal or harmful information.

It said core information technology, critical infrastructure and important systems and data must be “secure and controllable” in order to protect China’s sovereignty over its cyberspace.

The law offered no details on how China would achieve the goals, although a vast government Internet monitoring system has been in place for years.

China says it is a major target of hacking and other cyberattacks, and the ruling Communist Party has expended vast efforts in blocking online content it deems subversive or illegal.

China is also accused of running a state-sponsored effort to hack computers and steal government and commercial secrets overseas, while also spying on and harassing pro-democracy, Tibetan and human rights groups based abroad.

Most recently, Beijing was suspected as being behind a massive hack into a U.S. federal government computer server that resulted in the theft of personnel and security clearance records of 14 million employees and contractors. Chinese officials always deny engaging in such actions.

The National Security Law, passed overwhelmingly by the Standing Committee of the National People’s Congress, replaces a law that focused more narrowly on counter-espionage.

In addition to cyberspace, the new legislation covers a wide range of areas including the economy, social stability, territorial integrity, the military, culture, finance, technology, the environment and food safety.

Spokeswoman Zheng Shu’na said an overarching legislation was needed to deal with “ever-growing security challenges”.

“Externally speaking, the country must defend its sovereignty, as well as security and development interests, and … it must also maintain political security and social stability,” Zheng was quoted as saying by the official Xinhua News Agency.

The new law is an extension of the hard line on security and repeated warnings against foreign ideological subversion issued by the government of President Xi Jinping, who in 2013 established an overarching National Security Commission to coordinate such efforts with him as chairman.

A separate anti-terrorism proposal could require network operators and service providers fighting for a share of China’s $465 billion technology market to build in “backdoors” for government surveillance, hand over encryption keys to Chinese authorities and store user data within China.

Companies worry that could undermine their ability to send encrypted emails or operate the kind of private corporate networks commonly used to secure communications.

Other new regulations already require Chinese banks to have 75 percent of their IT infrastructure certified as “secure and controllable” by the Chinese government by 2019.

ooo

Henry Sapiecha

Cyberattack: US should retaliate for theft of personal data, congressmen say

Govt hacking could affect every federal agency

The entire US federal workforce may be at risk after yet another massive cyber breach involving what security experts believe were hackers based in China.

Washington: The Obama administration should retaliate for a cyberattack on federal employee records that US officials have linked to the Chinese government, members of the House Intelligence Committee said on Sunday.

“There has to be a price to pay for this,” Representative Peter King, who is on both the intelligence and Homeland Security committees, said on “Fox News Sunday.”

cyberwar hand press button image www.intelagencies.com

Congressmen are calling for payback for the massive hack of US government personnel data. Photo: Supplied

While the timing and method of retaliation should be determined by the administration and kept secret, “these countries or these terrorist groups should know there will be consequences when they act this way,” Mr King said.

Representative Adam Schiff of California, the top Democrat on the intelligence panel, said the administration must determine “when we’re going to go on offence.”

Neither lawmaker confirmed that the Chinese government was behind the breach at the Office of Personnel Management, which serves as the government’s human resources department. Hackers stole data on as many as 4 million current and former federal employees before the attack was discovered in April, the government said on Thursday.

“We’ve gotten very good at attribution,” or figuring out the source of cyber attacks, Mr Schiff said.

Mr King called China “certainly a likely suspect.”

A spokesman for the Chinese embassy in Washington, Zhu Haiquan, said in an email Friday: “Jumping to conclusions and making hypothetical accusations is not responsible and counterproductive.”

Mr Schiff and Mr King called for stepped-up actions to better protect US computer systems. “More has to be done,” Mr King said.

Senator Lindsey Graham of South Carolina, a Republican presidential candidate, said Congress should increase funding for cybersecurity.

“People in the intelligence committee are more worried about this than anything else,” Senator Graham said on CNN’s “State of the Union.” A cyberattack could disrupt US financial systems, he said.

The government should encourage companies to enhance their defences, Senator Graham said.

“Incentivise the private sector to harden their infrastructure against the cyber-attack,” he said. “Give them liability protections if they do.”

Bloomberg

ooo

Henry Sapiecha

Chinese hackers reportedly steal millions of US government employees’ details

IS CHINA A NATION OF THIEVES?? ALIBABA CONNECTION.DEN OF THIEVES.

CHINA USA FLAGS IMAGE www.intelagencies.com

Suspects have not been officially announced, but US officials speaking anonymously say the hack was mounted from China.

Not knowing how to do things it seems that China steals from others to advance its cause.

They do this by producing technology from the west gained from manufacturing  products from the west because the west is hungry for cheaper production costs & now has backfired because of the stealth methodology of China.

Hackers in China breached US Office of Personnel Management computers and stole personal records of as many as 4 million current and former federal employees, a US official has said.

The hackers, believed to have links to the Chinese government, got into the government computer system last September, according to the official, who asked for anonymity to discuss the investigation.

A US intelligence official said, also speaking on condition of anonymity, Chinese hackers appear to have mounted an effort to get personnel files, health-care records and other personal information on millions of government employees and contractors.

The data could be used to target individuals with access to sensitive information who have financial, marital or other problems and might be subject to bribery, blackmail, entrapment and other traditional espionage tools, the official said.

ooo

Henry Sapiecha

China hackers make US uni unplug engineering computers-Is China a nation of thieves & cheats??

penn state seal-university image www.intelagencies.comchinese flag image www.druglinks.infohackers at work shadow image www.intelagencies.comchinese peoples faces image www.intelagencies.com

Washington: Penn State University, which develops sensitive technology for the US Navy, said on Friday that Chinese hackers have been sifting through the computers of its engineering school for more than two years.

One of the United States’ largest and most productive research universities, Penn State offers a potential treasure trove of technology that’s already being developed with partners for commercial applications. The breach suggests that foreign spies could be using universities as a backdoor to US commercial and defence secrets.

The hackers are so deeply embedded that the engineering college’s computer network will be taken offline for several days while investigators work to eject the intruders.

“This was an advanced attack against our College of Engineering by very sophisticated threat actors,” said Penn State President Eric Barron in a letter to professors and students. “This is an incredibly serious situation, and we are devoting all necessary resources to help the college recover as quickly as possible.”

The Federal Bureau of Investigation notified the university of the breach in November 2014, spawning a months-long investigation that eventually found two separate groups of hackers stealing data.

The first group has been linked by investigators to the Chinese government, according to a person familiar with the probe. The second group has not been identified, the university says, but investigators believe it is the work of state-sponsored hackers.

The investigation and remediation efforts have already cost Penn State millions of dollars, said Nicholas Jones, the university provost.

US engineering schools – Massachusetts Institute of Technology, the California Institute of Technology, Berkeley, Carnegie Mellon, and Johns Hopkins – have been among the top targets of Chinese hacking and other intelligence operations for many years. These forays have been for both commercial and defence purposes, and universities have struggled to secure their computers against these advanced attacks.

In addition to online activities, the Chinese have sent legions of graduate students to US schools and have tried to recruit students, faculty members and others at both universities and government research facilities, several recent law-enforcement investigations show.

“There is an active threat and it is against not just Penn State but against many different organisations across the world, including higher education institutions,” said Nick Bennett, a senior manager at Mandiant, a security division of FireEye Inc., which aided the university in the investigation.

Universities “need to start addressing these threats aggressively”, Mr Bennett said in an interview.

Among Penn State’s specialties is aerospace engineering, which has both commercial and defence applications important to China’s government. The university is also home to Penn State’s Applied Research Laboratory, one of 14 research centres around America that work mainly for the military.

That the hackers were in the network undetected for more than two years raises the possibility that they used connections between computers to move into more highly guarded networks, including defence contractors, government agencies or the Navy, according to the person familiar with the investigation.

Washington Post

ooo

Henry Sapiecha

China’s ‘Great Cannon’ cyber weapon is designed to censor the internet

Chinese President Xi Jinping's government has unveiled a new tool to censor Internet speech image www.intelagencies.com

A powerful new Internet weapon unleashed by the Chinese government against websites working to bypass the country’s online censorship was meant to deliver a not-so-subtle message to activists and foreign governments that the Communist nation will escalate efforts to control information on its networks.

The attacks last month, against the site of Chinese Internet freedom group Great Fire and U.S.-based site GitHub that hosts content banned in China, were performed by a new tool dubbed the “Great Cannon” that can steer the traffic of individual users to launch direct denial of service attacks against targeted websites, overwhelming the sites with data.

China has long imposed Internet censorship through a vast and expensive system dubbed the “Great Firewall” that prevents users from reaching much of the Web, but that system can be bypassed, permitting access to Western sites including the New York Times. Unlike the firewall, the new offensive weapon allows Chinese officials to launch attacks against sites they deem hostile, representing a “significant escalation in state-level information control,” according to a report by cybersecurity research group Citizen Lab, which first documented the weapon’s existence.

obama head shot image www.intelagencies.com

The Great Cannon raises the risks for activist websites aiming to report, for example, on corruption in China’s government or on the June 4 anniversary of the 1989 Tiananmen Square violence against pro-democracy protesters. But the Internet weapon could also be used to attack sites based in foreign countries, says Sarah Cook, senior research analyst for East Asia at Freedom House advocacy group.

“What is worrisome about this is that it could be used to attack the New York Times website on a critical day like a U.S. election,” she says. “Potential future escalation could be a use of this in conjunction with some real world tension around the East or South China seas. Maybe a few years down the road, if you see China in a crisis with Japan or the Philippines, they could redirect traffic against those networks.”

The attacks last month were indelicate and relatively easily traced back to China, so it was likely that officials there were sending a signal with the new weapon, Cook says.

An attack against the Times would be unlikely, in part because of the international outrage it would spark, says Ben FitzGerald, director of the Technology and National Security Program at the Center for a New American Security think tank. Media sites including the Times will still be able to bypass the Great Firewall using methods like proxy servers that allow access to the global Internet while evading domestic surveillance, but the Great Cannon shows Chinese resolve to take the offensive on cybersecurity, he says.

“There is a lot of power behind the Great Cannon,” says FitzGerald, who has consulted on cybersecurity for the U.S. and Australian governments. “It’s not very subtle, so for espionage they may choose to employ other methods.”

China Great Cannon system chart

Courtesy of Citizen Lab

China cracks down on the press and Internet freedom with online attacks or censorship when it anticipates political protest, and has launched direct denial of service attacks against sites like Human Rights in China or China Aid – but redirecting traffic is a new method.

The weapon redirected traffic flowing through China’s networks from not only Hong Kong and Taiwan, but also from the U.S., into a massive direct denial of service attack. Such data attacks could be costly for opponents of the Chinese Communist Party, as during the height of the attacks the Great Cannon redirected traffic from millions of users, raising GreatFire’s data-hosting bill with Amazon to $30,000 per day, Cook says.

china president at function image www.intelagencies.com

China’s apparent involvement with Internet weapons like this will likely raise more scrutiny from the Obama administration, which has criticized China for sponsoring hackers that steal trade secrets from U.S. businesses.

President Barack Obama recently issued an executive order giving agencies the authority to coordinate on sanctions that would penalize “individuals or entities that engage in malicious cyber-enabled activities that create a significant threat to the national security, foreign policy, or economic health or financial stability of the United States.” The Justice Department last May also indicted five members of China’s People’s Liberation Army for allegedly stealing trade secrets and communications from U.S. companies.

“Evidence of offensive activities like these will bolster those efforts,” FitzGerald says. “The Obama administration has gone out of its way to make cybersecurity a legal and economic problem – not a military problem, which is the right approach.”

Citizen Lab, based at the University of Toronto’s Munk School of Global Affairs, warned in its report that China’s use of the Great Cannon could pressure other governments to develop Internet weapons. The National Security Agency has reportedly also developed offensive cybersecurity systems, according to documents leaked to the press by former agency contractor Edward Snowden.

“The repurposing of the devices of unwitting users in foreign jurisdictions for covert attacks in the interests of one country’s national priorities is a dangerous precedent,” Citizen Lab said in its report.

ooo
Henry Sapiecha

FBI investigates possible China military involvement in cyber attack

hacking hackers chinese registry.com

The FBI is investigating possible Chinese military involvement in a cyber hack at Register.com, which manages more than 1.4m website addresses for businesses around the world.

Hackers, who appear to have stolen network and employee passwords, have accessed Register’s network for about a year, said people familiar with the probe. But the breach, which the company reported to the FBI but not to customers or investors, is not known to have caused disruptions or resulted in any theft of client data.

That has bolstered investigators’ belief that the hackers are state-sponsored rather than criminals intent on making money from credit card data or social security information.

Although the investigative trail has pointed to Chinese military involvement, it is unclear what China would want to accomplish by hacking the site. Some current and former law enforcement officials said, however, that the hack could be aimed at obtaining the ability to undermine large parts of internet infrastructure.

That would enable hackers to redirect traffic to unintended websites, steal data, access email accounts associated with those sites, or cause web pages to crash, among other consequences.

The Chinese defence ministry did not respond to a request for comment.

The Register.com threat reflects the growing danger of state-sponsored cyber hacks, which are more difficult to prosecute than criminal attacks. In 2014 in an unprecedented move, the Justice Department indicted five members of the Chinese military for hacking into several US companies to steal trade secrets but it is doubtful that they will ever be apprehended.

Register.com is a unit of Web.com, whose companies cater to businesses large and small as well as doctors’ practices. In addition to managing web addresses, known as domain names, they also host websites and provide ecommerce and email services, so they have access to a site’s files, credit card data and other information.

Other subsidiaries of parent company Web.com such as Network Solutions, the third largest internet registrar in the world with more than 4.5m domain names, could also be vulnerable, people familiar with the case said. In 2013, Network Solutions suffered a breach that caused a temporary outage at Linkedin.com, but the networking site is no longer a client.

The Securities and Exchange Commission has provided guidance on cyber breaches, urging publicly traded companies to disclose hacks if they are “material” events, but it is often left to companies to decide whether a cyber attack is “material.”

Web.com, which is publicly traded, has not specifically disclosed the breach in SEC filings, but expanded its description of cyber security risks in its 2014 annual report.

“We may not be able to remedy these problems in a timely manner, or at all,” it said in the February filing. “Because techniques used by outsiders to obtain unauthorised network access or to sabotage systems change frequently and generally are not recognised until launched against a target, we may be unable to anticipate these techniques or implement adequate preventive measures.”

A Web.com spokesman declined to comment on specific breaches but said the company had built up security protocols and tools to constantly monitor and mitigate threats. He added that the company was not aware of a “loss of any customer data resulting from an attack on any Web.com system.”

He acknowledged that Web.com clients have been targeted by hackers using “phishing” emails that encourage a user to click on what appears to be a legitimate message in an attempt to steal information.

“Despite our efforts to mitigate the impacts of customer infections through product improvements and user education, phishing and spear phishing activities remain a serious problem,” the spokesman said.

There are no federal standards for reporting cyber breaches and state laws vary, with most rules focusing on ensuring that companies disclose anything affecting an individual’s personal information like healthcare records and social security numbers but little else. Proposals in Congress to establish federal reporting standards also focus on personal information.

That means companies in sectors where breaches do not expose such data but instead are focused on stealing intellectual property, trade secrets or other business-oriented information are not required to report breaches and often do not.

In many attacks on defence and industrial sector targets, hackers have been linked to the Chinese military and have remained in company networks for several years because the companies cannot get rid of them, but the breaches remain undisclosed to the public, according to people familiar with those cases.

ooo

Henry Sapiecha