Weekly Security Digest: China Calls Out US, Japan; Hacktivist Thieves; and More

: China is now the number one target in the world for cyber attacks, and most of those attacks come from abroad, according to a study by the National Computer Network Emergency Response Co-ordination Center of China. The report says 8.9 million Chinese computers were attacked by 47,000 overseas IP addresses last year. The report also claims most of those IP addresses were located in Japan, the United States and South Korea, and that 1,116 domestic websites were tampered with by overseas-based hackers.

Hacktivists ‘steal more than criminals’: A study by Verizon found groups like Anonymous and LulzSec responsible for 58 percent of all data stolen from large corporations last year. The annual analysis of data breaches found a huge rise in politically-motivated attacks. According to the report, hacktivists are particularly hard to defend against because their attack strategies are much harder to predict. The study reported 174 million records were stolen in 855 incidents around the world last year.

Megaupload victims targeted by criminals: Innocent users of the locked-down Megaupload file-sharing service are getting fake legal shakedown letters. The letters look like they come from a law firm claiming to represent movie and music firms Sony, EMI, Universal and Paramount. They offer recipients a “no good, must miss” opportunity to settle out of court. As TorrentFreak notes: “No specific copyright works are named and the claim is missing the usual ‘cease and desist’ element common to these schemes. Furthermore, according to a OnlineKosten, any cash payments made would end up at an address in Slovakia.”

U.S. ISPs sign on to FCC cybersecurity plan: AT&T, CenturyLink, Comcast, Cox, Sprint, Time Warner Cable, T-Mobile, Verizon and other ISPs have signed on to a voluntary agreement with the FCC’s Communications, Security, Reliability and Interoperability Council. The agreement asks the ISPs to:

• Take steps to detect botnet activity on their networks; help customers identify when their computer is infected; and offer assistance in dealing with it
• Implement best practices for better securing the Domain Name System–this is still far short of calling for full implementation of DNSSEC.
• Work together to implement new technologies and practices to reduce the number of attacks on the routing infrastructure.