Establishing Digital Trust: Don't Sacrifice Security for Convenience
The Indian Express' Manu Pubby reports that Chinese hackers recently accessed sensitive computer systems belonging to the Indian Eastern Naval Command.
"The Eastern Naval Command plans operations and deployments in the South China Sea -- the theatre of recent muscle-flexing by Beijing -- and beyond," Pubby writes. "India’s first nuclear missile submarine, INS Arihant, is currently undergoing trials at the Command.The extent of the loss is still being ascertained, and officials said it was 'premature at this stage' to comment on the sensitivity of the compromised data."
"A 'person familiar with the investigation' revealed to [The Indian Express] that thumb drives were found at the site," writes The Register's Phil Muncaster. "These were apparently infected with malware which, once placed in the standalone computers, covertly collected information according to certain keywords. These documents remained hidden on a secret folder on the USB until it was connected to an internet-enabled PC again, when they were sent to certain IP addresses traced to China."
"The virus is similar to one that attacked the US military's classified networks in 2008," notes Ars Technica's Sean Gallager. "Those led to a Department of Defense ban on the use of USB drives and any other writable removable media. The DOD partially lifted the ban in 2009, restricting the use of USB drives to 'carefully controlled circumstances.'"