China has been caught cyber spying yet again this year. UK Times

the Director-General of MI5 sent a confidential letter to 300 chief executives and security chiefs at banks, accountants and legal firms this week warning them that they were under attack from “Chinese state organisations”. It is believed to be the first time that the Government has directly accused China of involvement in web-based espionage. Such a blunt and explicit warning from Jonathan Evans could have serious diplomatic consequences and cast a shadow over Gordon Brown’s first official visit to China as Prime Minister early in the new year.

A summary of the MI5 warning…says: “The contents of the letter highlight the following: the Director-General’s concerns about the possible damage to UK business resulting from electronic attack sponsored by Chinese state organisations, and the fact that the attacks are designed to defeat best-practice IT security systems.” It adds: “The letter acknowledges the strong economic and commercial reasons to do business with China, but the need to ensure management of the risks involved.”…

The document gives warning that British companies doing business in China are being targeted by the Chinese Army, which is using the internet to steal confidential commercial information. The Home Office refused to comment last night on what it called leaked private correspondence. A spokesman for the Chinese Embassy in London said he was unaware of the allegations and that the embassy had not received any complaints from the British authorities.

Martin Jordan, a principal adviser at the accountants KPMG, who has seen the contents of the letter, said: “If the Chinese know that a British firm is trying to buy a company or other assets such as land in China then they are using every means at their disposal to discover details such as exactly how much money the British company is prepared to spend for that asset.”

Firms known to have been compromised recently by Chinese attacks are one of Europe’s largest engineering companies and a large oil company, The Times has learnt. Another source familiar with the MI5 warning said, however, that known attacks had not been limited to large firms based in the City of London. Law firms and other businesses in the regions that deal even with only small parts of Chinese-linked deals are being probed as potential weak spots, he said.

A security expert who has also seen the letter said that among the techniques used by Chinese groups were “custom Trojans”, software designed to hack into the network of a particular firm and feed back confidential data. The MI5 letter includes a list of known “signatures” that can be used to identify Chinese Trojans and a list of internet addresses known to have been used to launch attacks.

We remind you of the previously disclosed cyber raids on Germany and also the United States, just in the past few months.

This entry was posted on Saturday, December 1st, 2007 at 11:52 am and is filed under China, EU, General, War, business. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.