Two Chinese hackers were indicted earlier in July by a grand jury in Spokane, Washington. Li Xiaoyu, age 34, and Dong Jiazhi, age 33, were charged with hacking into the computer systems of companies, government and non-government organizations, clergy, individual dissidents, and Human Rights activists. The attacks occurred throughout the world including Japan, the United States, Australia, Belgium, Germany, Lithuania, the Netherlands, Spain, South Korea, Sweden, and the United Kingdom. Industries infected in the attacks over the last ten years ranged from high tech manufacturing, medical devices, civil and industrial engineering, business, education, gaming software, solar energy, pharmaceutical, and defense. The two hackers carried out attacks for personal financial gain as well as for the benefit of the Chinese government. According to the indictment, the two that were charged exploited publicly known software vulnerabilities in popular web server software, web application development suites, and software collaboration programs. Some of the exploited vulnerabilities that were used were new at the time, which would have made it hard for victims to protect themselves. After initial infection, the attackers placed malicious web shell programs and credential-stealing software on the infected devices. The attackers were trained in computer application technologies at the same electrical engineering college in Chengdu, China.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security