China Phishing Scams Pressure Students
By ALISON THOET
The University of Mary Washington network has recently been subject to cyber phishing, resulting in compromised email accounts and UMW twitter and Facebook messages, according to Justin Webb, acting vice president for information technologies and chief information officer at UMW.
According to Computer Science Professor Ernie Ackermann, everyone is connected to Internet and all information can be accessed as a result. This one network is what makes phishing and other hacking techniques possible.
Foreign collectors can enter a system through phishing, which is a broad attempt to obtain information through personal email, according to Webb. The hacker poses as another party and attaches a virus to the email that will plague the victim’s computer, as well as any system it is attached to. A more targeted attack on a certain group of people is called spear-phishing.
Phishing has been used on numerous companies and facilities including Google and the Chamber of Congress, according to The Wall Street Journal, but also on UMW systems.
“We’re just as susceptible as anyone else,” said Webb. “There is not one organization that is not vulnerable to exploit in some way.”
Student email accounts have been compromised recently, according to Webb, which then subjects the account user and others to be exploited through spam mail.
Kaitlin Aquino, senior international affairs and Italian studies double major, is writing a memorandum on the Asian Question in the South China Sea for a Security and Conflict Studies course.
“Once the damage has been done, once the information has been accessed, there is no way to erase it from the attackers’ minds,” said Aquino.
As a result of recent phishing, the UMW Infrastructure services has developed ways to deter phishing attempts, such as spam filtering, password change requirements, anti-virus training and phishing alerts. The UMW website contains this information as well as ways for individuals to protect themselves and report any issues.
Phishing and hacking is also used to steal intellectual property through economic espionage.
According to a security counterintelligence report by the Office of the National Counterintelligence Executive, the Chinese are “the world’s most active and persistent perpetrators of economic espionage,” which involves stealing information from various companies or government facilities.
The Chinese have stolen billions of dollars in intellectual property and data through cyber espionage and U.S. military and civilian networks are probed thousands of times and scanned millions of times, according to William Lynn in his essay “Defending a New Domain,” published in the journal Foreign Affairs.
“China is doing this everyday and it’s not just against the United States,” said political science and international affairs professor, Elizabeth Larus.
Mike McConnell, vice chairman of Booz Allen Hamilton and former director of the National Security Agency and director of national intelligence, is an expert on the topic of cyber espionage.
“The Chinese government has a national policy of economic espionage in cyberspace. In fact, the Chinese are the world’s most active and persistent practitioners of cyber espionage today,” wrote McConnell in an article for The Wall Street Journal, co-written with William Lynn and Michael Chertoff, the former director of homeland security under President George W. Bush.
According to McConnell, the Chinese are using cyber espionage to gain an economic advantage. After stealing plans and other intellectual property from commercial industries, the Chinese can use these plans to create the same item but sell it for less, undermining competition for U.S. companies.
“China has a massive, inexpensive work force ravenous for economic growth. It is much more efficient for the Chinese to steal innovations and intellectual property…than to incur the cost and time of creating their own,” wrote McConnell, Chertoff and Lynn. “They turn those stolen ideas directly into production, creating products faster and cheaper than the U.S. and others.”
To put this in perspective, “Someone can sit in a remote place in China and touch down at a student’s computer at UMW,” said McConnell in an interview with the Bullet.
Also, foreign collectors may operate in the cyber network with little risk of detection, making it difficult to attribute responsibility, according to a counterintelligence report, according to counterintelligence report. In addition, the Chinese government has repeatedly denied using cyber espionage on the U.S.
“A cyber attack could leave millions without power, our financial sector (data) wiped out, and our military and governmental communication routes scrambled, all without us having a surefire way of knowing exactly who or what hit us,” said Sam Wascowicz, a senior economics major taking a security and conflicts course.
According to McConnell, the U.S. needs to create a policy to deter cyber espionage, such as developing an early-warning monitor and better ways to identify intrusions and locate the source. However, the U.S. has yet to make such a policy due to public privacy concerns.
“Cyberspace knows no borders, and our defensive efforts must be similarly seamless,” wrote McConnell in an article for The Washington Post. He went on to say, “The United States is fighting a cyber war today and we are losing.”