Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED 2 MINUTES AGO.
You are here: Home / Cybercrime / Outlook Hacked by China on Weekend
Outlook Hacked by China Over the Weekend
Outlook Hacked by China Over the Weekend
By Jef Cozza / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JANUARY
19
2015
Microsoft’s Outlook e-mail service has apparently been the victim of a cyberattack over the weekend, this time perpetrated by the Chinese government. The hack took the form of a man-in-the-middle (MITM) attack that would allow the government to monitor a user’s e-mail account, including login and password.

The news was first reported by Greatfire.org, an online watchdog group focused on providing information on Internet censorship in China. Greatfire said it first began receiving reports of the attack on Saturday. The report surfaced only a week after news that China had completely blocked access to Google’s Gmail system.

A Pattern of Attacks

The attack focused specifically on Outlook’s IMAP and SMTP connections. In other words, while users accessing their mail through the Outlook application would be affected, anyone connecting through the Microsoft Web interface was safe, according to Greatfire. The attack lasted for about a day, seemed to have been confined to Chinese users, and has since ended, Greatfire wrote.

The attack is notable for its particularly insidious nature. Users saw only a relatively benign looking warning indicating that the identity of the mail server could not be verified. Users had the option of continuing with the connection despite the warning. They would likely have attributed the warning to a network connection problem before proceeding, Greatfire wrote in its blog post.

The Chinese government has recently been accused of being behind a number of cyberattacks. In addition to the attack on Gmail, services by both Yahoo and Apple in China have been targeted. At this point, the recent events are beginning to form a pattern.

“Because of the similarity between this attack and previous, recent MITM attacks in China (on Google, Yahoo and Apple), we once again suspect that [Deputy Head of the Propaganda Department of the Communist Party of China] Lu Wei and the Cyberspace Administration of China have orchestrated this attack or have willingly allowed the attack to happen,” Greatfire wrote. “If our accusation is correct, this new attack signals that the Chinese authorities are intent on further cracking down on communication methods that they cannot readily monitor.”

Testing Its Technology

Just last month, China was suspected of blocking Chinese users’ access to Gmail through an e-mail client. The Chinese government denied any action on its part in the service disruption. Google had also accused China of blocking access to its e-mail services in 2011, a claim the government also denied.

Apple, meanwhile, has also apparently been on the receiving end of the Chinese government’s wrath. Apple’s iCloud was the subject of a similar MITM attack in October. Greatfire said that these types of attacks might represent an attempt by China to refine its methods through experimentation.

“The authorities are most likely continuing to test their MITM technology. The authorities may also be gauging user response,” Greatfire said. “By keeping track of how many users ignore the certificate warnings, the authorities will be able to determine the effectiveness of this type of attack.”

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN CYBERCRIME
CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.