Breach, Data Security, Threat Management

U.S. Chamber of Commerce targeted in data heist

Hackers believed to be from China may have had reign over the U.S. Chamber of Commerce's network for more than a year before a devastating beach was detected, according to a Wednesday report.

According to a story in Wednesday's editions of The Wall Street Journal, a known hacker group operating out of China infiltrated the network of the U.S. Chamber, the world's largest lobbying group representing some 300,000 American businesses, from at least November 2009 to May 2010, but possibly longer.

Citing people familiar with the matter, the newspaper said the intruders came and went "as they pleased" thanks to "backdoors" and tactics used to cover their tracks.

The hackers used tools to mine for data on particular individuals and were able to obtain "access to everything stored on [the Chamber's] systems, though it is unclear how much of the assets they actually viewed or stole, according to the story. Dozens of members' emails are known to have been hijacked, and they contained information about the companies and their connection with the Chamber.

Evidence also shows that four Chamber employees were targeted in particular -- they were tasked with Asia policy -- and the infiltrators made off with six weeks of their emails.

It is unclear how the intruders got in, but security experts suspect they were invited through basic social engineering.

Andrew Storms, director of security operations, said information stolen may be used to conduct additional attacks against U.S. corporations, which are considered growing cyber adversaries and have been blamed for previous attacks.

“The data stolen in this attack was basically names and contacts of business owners, and that's definitely not a good sign," Storms said. "This kind of data can be used in targeted attacks against the companies and agencies whose data was breached."

A Chinese Embassy spokesman, quoted in the story, said the evidence pointing to China's involvement is flimsy. But according to the Journal story, the techniques used in the attack suggest it was perpetrated by a known group based in China.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.