Far East Spies Target U.S. Fed Computers

International hackers have reportedly been targeting American federal agency computers, stealing as much data as possible, and assuming control of PC files.

While this appears to be a very difficult and sophisticated endeavor to accomplish, international spies are simply using the same method that domestic hackers implement on a smaller scale: corrupt Microsoft Office files.

The actual virus is sent via email attachment and when government officials unwittingly open these Word, Excel or PowerPoint files, they relinquish control of their entire PC.

The attacker then uses the PC as a base from which to roam their organization's internal network.

MessageLab, an international security firm, has been intercepting a series of attacks, noting that some of the most recent attacks are coming from Far Eastern countries like Taiwan and China. (Source: usatoday.com)

While all federal agencies are on high alert, MessageLab believes that the attackers are aware of which ones carry the most influential information and are therefore selected as targets.

It is not uncommon for federal agencies to fall under attack, but the recent volume of hacking cases has significantly increased. At this time last year, federal agency sites reported one or two attacks on a weekly basis. This year, an average of 716 corrupted emails are sent to 216 different agencies on a weekly basis. (Source: usatoday.com)

Attacks from the Far East are surely alarming to U.S. officials. Most of the attacked PC's carry military, trade and infrastructure data that has been listed as strictly confidential. If these attackers become aware of their intentions, the Far East will have a significant strategic advantage over the United States.

At a recent congressional hearing on cyber security, Donald Reid, a senior State Department official, described how an employee had clicked on a corrupted Word document via a security hole for which Microsoft had no patch. Microsoft did not repair the problem until eight weeks after the attack. (Source: usatoday.com)

Microsoft has issued 10 patches for security holes in Office programs since January 2006.

The company feels that the best protection against future attacks is to keep Office security patches updated on a regular basis. (Source: blog.washingtonpost.com )