freebeacon.com / Bill Gertz / December 27, 2012 10:11 pm
Advanced cyberespionage attack employed ‘drive-by’ method on CFR website
Computer hackers traced to China carried out an advanced cyberespionage attack against one of America’s most elite foreign policy web groups – the website of the Council on Foreign Relations (CFR).
According to private computer-security forensic specialists, the hacking incident involved a relatively new type of ploy called a “drive-by” website cyber attack that was detected around 2:00 p.m. on Wednesday.
The specialists, who spoke on condition of anonymity, said the attack involved penetrating the computer server that operates the New York City-based CFR’s website and then using the pirated computer system to attack CFR members and others who visited or “drove by” the site.
The activity ended on Thursday and the specialists believe the attackers either removed their malicious software to prevent further details of the attack from being discovered, or CFR was able to isolate the software and remove it.
The FBI was notified of the attack and is said to be investigating.
FBI spokeswoman Jennifer Shearer declined to comment when asked about the attack. But she told the Washington Free Beacon: “The FBI routinely receives information about threats and takes appropriate steps to investigate those threats.”
However, David Mikhail, a Council on Foreign Relations spokesman, confirmed the attack. “The Council on Foreign Relations’ website security team is aware of the issue and is currently investigating the situation,” Mikhail said in an email. “We are also working to mitigate the possibility for future events of this sort.” He provided no details.
According to the computer security specialists, the cyber espionage attack represents a new level of sophistication by foreign hackers seeking government and other secrets by computer.