BY: Bill Gertz
Computer hackers traced to China carried out an advanced cyberespionage attack against one of America’s most elite foreign policy web groups – the website of the Council on Foreign Relations (CFR).
According to private computer-security forensic specialists, the hacking incident involved a relatively new type of ploy called a “drive-by” website cyber attack that was detected around 2:00 p.m. on Wednesday.
The specialists, who spoke on condition of anonymity, said the attack involved penetrating the computer server that operates the New York City-based CFR’s website and then using the pirated computer system to attack CFR members and others who visited or “drove by” the site.
The activity ended on Thursday and the specialists believe the attackers either removed their malicious software to prevent further details of the attack from being discovered, or CFR was able to isolate the software and remove it.
The FBI was notified of the attack and is said to be investigating.
FBI spokeswoman Jennifer Shearer declined to comment when asked about the attack. But she told the Washington Free Beacon: “The FBI routinely receives information about threats and takes appropriate steps to investigate those threats.”
The method used in a “drive-by” attack requires hackers to covertly plant malicious software in the CFR computer system. Then, they used the software and the web site to attack visitors to the site by infecting their computers in a hunt for secrets and other valuable information. One of the specialists said the attack also involved using the CFR site for what is called a “watering hole” attack, when people who visit the website are infected.
One of the victims who visited the CFR’s website, cfr.org, discovered the attack and alerted computer security specialists on Wednesday.
In response, a small group of private security specialists launched an investigation into the activity and found that that it only targeted computer users using the web browser Windows Internet Explorer 8 and higher versions. The attackers were able to exploit a security flaw in the browser software called a “zero-day” vulnerability – a previously unknown flaw that allows computer hackers to gain access to a targeted computer.
Investigators said the computer attackers that targeted CFR were able to set up a covert network capable of identifying, encrypting and sending stolen information found in targeted and infected computers back to a secret command and control computer.
In the case of the CFR hack, the malicious software involved software that included Mandarin Chinese language, the specialists said. Also, the attackers limited their targeting to CFR members and website visitors who used browsers configured for Chinese language characters – an indication the attackers were looking for people and intelligence related to China.
The CFR is one of the most elite foreign policy organizations in the United States with a membership of some 4,700 officials, former officials, journalists and others. Its members include NBC anchor Brian Williams, Hollywood actress Angelina Jolie, and former Sen. Chuck Hagel, President Obama’s embattled but as yet un-nominated choice for secretary of defense.
Current Secretary of State Hillary Clinton and Assistant Secretary of State Kurt Campbell, the Obama administration’s senior Asian affairs policy maker, also are CFR members. Senate Intelligence Committee Chairman Sen. Dianne Feinstein (D., Calif.) is also a member, as is Secretary of State-designate Sen. John Kerry.
Its board and members include a who’s who of U.S. foreign policy and national security elites, including former U.S. Central Command commander Army Gen. John Abizaid, and former Secretaries of State Madeleine K. Albright, Colin Powell and Henry Kissinger.
Fox News CEO Roger Ailes also is a member, as is News Corp. chairman and CEO Rupert Murdoch. Former Presidents George W. Bush and Bill Clinton are members, as is former CIA Director and former Defense Secretary Robert M. Gates and former CIA Director David Petraeus.
Now hear this!
The Chinese are not the enemies of the US – not unless we choose to make them so. That said, it is exceedingly unwise and improvident for the US government to allow itself to become indebted to anyone, let alone to a foreign government, friendly or otherwise.
Our enemies are Islam, socialism, and those who aid and abet either of the former. Our very worst enemies are those at home: the CFR and everyone involved with it, no matter which political party they claim to be allied with.
Our forebears condemned traitors to execution by means of stout hemp rope.
Dante Alighieri condemned traitors to the ninth circle of Hell.
They. Have. It. Coming.