[ISN] NSC computers targeted in hacker e-mail attack

InfoSec News isn at c4i.org
Fri Sep 16 05:03:40 EDT 2005


Sep 15, 2005

The National Security Council's (NSC) computer system was the target
of an attempted e-mail attack Monday, according to a report in the
Liberty Times, the Taipei Times' sister newspaper. According to
sources, the attempted break-in was discovered yesterday afternoon,
and a meeting was immediately called to discuss ways of beefing up
network security.

According to the Liberty Times' source, the NSC's computers began
acting up yesterday afternoon. An investigation revealed that e-mails
containing a "trojan" program had been sent to NSC Deputy Secretary
General Ko Cheng-heng's (¬_©Ó¦ë) current and former secretaries. Had
the e-mail been opened by either assistant, the program could have
installed a "backdoor" into the computer, giving the sender full
access to the computer system.

Ko is responsible for national security and cooperation with the US.  
As the e-mails contained the subject line "freedom" and "arms
procurement," it is suspected that the hacker had a clear idea of his
targets. Sources within the NSC said that such subject lines were
intended to dupe the recipients into opening the e-mails and
activating the trojan program.

Had the program been activated, the sender would have been able to see
the contents of all the files on the NSC's computer system, including
CDs and disks used on the system. Given the sensitivity of much of the
materials, this e-mail attack, though unsuccessful, is being viewed
with the utmost seriousness.

The e-mail was discovered on the computer of Ko's former secretary,
who had been transferred to another post in July.

The current secretary had not yet checked e-mail, and as a result, the
NSC's system was unaffected.

Similar e-mails were also sent to senior officials in other government
departments, although the full extent of the attack is not yet known.  
Officials said that an investigation was underway.

Copyright © 1999-2005 The Taipei Times

More information about the ISN mailing list