Separately, Belgian minister of foreign affairs Karel De Gucht has told parliament that his ministry was the subject of cyber-espionage by Chinese agents several weeks ago.
"There simply isn't enough evidence to say whether these attacks were sponsored by the Chinese government or not, but these reports do underline the importance of everyone making computer security a priority," said Graham Cluley, senior technology consultant for Sophos. "Cyberhackers can cover their tracks, leapfrogging from computer to computer around the world, making it very hard to determine precisely who is behind an attack. Governments need to think carefully before accusing another of spying via the Internet unless they have strong proof. There is no doubt, however, of the importance of securing critical computers inside government from hackers whether motivated by politics, espionage or money."
Belgium is not the only country said to have been the alleged focus of attention by Chinese hackers.
In September 2007, the Chinese military were blamed for a cyberattack which targeted a Pentagon computer system serving the office of U.S. defense secretary Robert Gates. Unnamed sources are said to have told the Financial Times that the People's Liberation Army (PLA) were accused of perpetrating the attempted hack. Media reports in The Guardian claimed that the British and German governments have also been subject to similar probes by hackers working for the PLA.
Three years ago, Sophos reported how it had helped the National Infrastructure Security Co-ordination Centre (NISCC) analyze Trojan horses which had targeted government departments and British businesses. Much of the malware was thought to have originated from China.
"Spying has been going on between countries for thousands of years, and it would be naive to think that countries like China would not take advantage of computers and the Internet to assist them in this," continued Cluley. "It is unusual, however, for a nation to accuse another of engaging in this activity -- especially when it can be extraordinarily difficult to prove an attack is being sponsored by a government or is a lone hacker acting independently."
