Chinese Hackers Whack DOD Security

By Edward Cone  |  Posted Tuesday, January 31, 2012 18:01 PM

by Tim Moran

Reports suggest that Chinese hackers have deployed a particularly nasty strain of malware, known as Sykipot, to effectively hijack the DOD and Windows smart card system used by government employees.

Writes AlienVault: "According to our research, these attacks originate from servers in China with what appears to be the purpose of obtaining information from the defense sector: the same sector that makes extensive use of PC/SC x509 Smartcards for authentication."

While it was not clear exactly what the alleged Chinese hackers were after--beyond the smartcard information itself--it certainly is unnerving. Once the hackers have the PIN for the card, the malware "can silently use the card to authenticate to secure resources, so long as the card remains physically present in the card reader."

This is serious stuff, and AlienVault suggests that it will continue to happen unless some changes are made: "Although smart cards are designed to provide a two factor system of 'chip and pin, 'again we see that true two-factor authentication is not possible without a physical component that is not accessible digitally."

If you such security is something you have to deal with in your enterprise, perhaps this is something to look into.