Java, not China, to blame for Twitter attacks

 

Gallery

By Nicole Kobie

Posted on 5 Feb 2013 at 07:00

Forget China when it comes to the recent high-profile hacking attacks - focus on Java instead.

That's the message from security experts following a recent spate of hacks against US newspapers and Twitter.

Twitter didn't specifically say China was at fault for its security woes: it referenced the attack on the New York Times, for which the blame was pinned on Chinese hackers.

Based on the targets - journalists at the New York Times and Wall Street Journal who had been reporting on China - the source of the attacks seems clear, but little hard evidence has been revealed, said Jason Steer, EMEA product manager and architect at security firm FireEye.

It shouldn't make you feel paranoid, maybe it should make you feel more annoyed

"There’s a lot of elements that would certainly indicate that China would be one of the main potential perpetrators of it, but it’s very easy today for vendors to point the finger at China without any data to substantiate it," he told PC Pro. "If we put it into perspective, we see over 190 countries [launching] attacks... without having full data it’s really hard to say."

"There’s a lot of people going after China, but there’s a lot of other nation states equally guilty of playing at this level," he added. "The data speaks, and our data reveals that there’s a lot of other countries playing this game."

Asked who they are, he said: "Everyone... nation state attacks are on the rise, so everyone is after everyone, unfortunately."

Steer said it appears the newspaper attackers had different intentions than those who targeted Twitter, but said the hack was comparable to previous attacks on Gmail - which eventually led the company to pull out of China.

"It’s like the Aurora attacks against Gmail – I suspect Twitter is just the communications channel of choice in 2013," agreed Sean Sullivan, security advisor at F-Secure.

Sullivan suggested the attack against Twitter was targeting specific users, and other users simply got caught up as "collateral damage".

"In the case of Twitter, if they’re going after a few dozen accounts and managed to browse through 250,000, that’s not reassuring that those passwords were exposed," he said. "It shouldn't make you feel paranoid, maybe it should make you feel more annoyed. I guess that’s the world we’re living in."

Java woes

Sullivan said there's a common theme between the attacks: the recently highlighted Java vulnerabilities. Not only did they feature in the New York Times and Twitter attacks, but Apple and Mozilla have blocked affected versions - and more significantly, the US Department of Homeland Security (DHS) has advised users to disable it.