WikiLeaks: Hackers tried to infiltrate U.S. climate negotiators

Posted on  

"WikiLeaks: Hackers tried to infiltrate U.S. climate negotiators"

A diplomatic cable published by WikiLeaks reveals that hackers launched a sophisticated attack against United States climate negotiators about the same time the Climategate hacking of scientists happened last year.  Brad Johnson has the story.

The attack, a “spear phishing” attempt to gain control of Department of State (DoS) computers, took place in the months before the Copenhagen climate talks of December, 2009. The June 19, 2009, cable warned that these kinds of “socially engineered” attacks, trying to trick people into running malicious software, were likely to be repeated:

DoS personnel have been targeted with socially engineered climate change-related e-mail. It is probable that receipt of climate change-themed socially engineered messages will persist as negotiations continue.

Five officials within the State Department’s Special Envoy for Climate Change Todd Stern’s office received an email about “China and Climate Change” designed to look like it came from a National Journal columnist, with a PDF attachment that harbored malicious code. If the attack had been successful, the hackers could have gotten “nearly complete control” over the computer systems. However, State’s Cyber Threat Analysis Division detected the attack and the users’ software was kept up to date, preventing harm:

CTAD’s Technical Analysis/Special Operations monitoring detected a malicious e-mail massage targeting five DoS individuals employed within the Division of Ocean Affairs, Office of the Special Envoy for Climate Change. The socially engineered message had the subject line “China and Climate Change” and was spoofed to appear as if it were from a legitimate international economics columnist at the National Journal. In addition, the body of the e-mail contained comments designed to appeal to the recipients as it was specifically aligned with their job function, and a signature block with contact information for the spoofed sender was present. Attached to the message was a PDF file, also titled “China and Climate Change,” which harbored malicious code designed to exploit the Adobe Collab getIcon(), JavaScript vulnerability (CVE-2009-0927). This vulnerability, if executed successfully, would have allowed malicious actors to remotely execute arbitrary code on a victim computer. The PDF document also contained the Poison Ivy Remote Administration Tool “” a malicious software program that provides a remote user with nearly complete control over a comprised system. However, since the DoS users targeted in this intrusion attempt were operating with currently patched versions of Adobe software, there was neither compromise nor data lost as a result of this incident (for technical information about the incident, see CTAD Report TR-09-034).

China and the U.S. had just ended three days of negotiations in Beijing in early June. The cable gave no indication of who initiated the attack:

Though the incident has not been attributed to any known hostile actor, the event appears to be a targeted spear-phishing attempt and may be indicative of efforts to gather intelligence on the U.S.’s position on climate change issues.

Five months later, hackers uploaded an archive of thousands of emails stolen from England’s University of East Anglia’s servers of correspondence between climate scientists, as part of a campaign to derail the Copenhagen climate talks and cripple political action on global warming in the United States. Hackers and burglars also targeted climate scientists at the University of Victoria in Canada. No one has yet been charged in these crimes.

—  Brad Johnson, in a WonkRoom cross-post.

(HT Plains Justice Blog)

« »

13 Responses to WikiLeaks: Hackers tried to infiltrate U.S. climate negotiators

  1. Esop says:

    Isn’t the denialist claim that the emails were “leaked”…

    It is about time that these hackers are tracked down and their benefactors put on trial for crimes against humanity.

  2. Mike Roddy says:

    I agree with Esop. We haven’t heard much about investigations into the CRU burglary or tne attempted breakin at the University of Victoria. Law enforcement has dogged it, since they would rather bust $20 thieves than go after the most dangerous and powerful people on earth.

    Besides their obvious greed, the fossil fuel company owners are a little crazy, and may doom themselves through overreach- as Nixon did at Watergate.

    Their spokesmen reflect this madness. A good example is Steve McIntyre of Climate Audit, who, like Anthony Watts, is always shrieking “show me the code!”, implying that climate scientists were hiding it. In fact, they wearily responded by telling Mac that their results are on the internet, and any computer literate person can figure out the code. Denier bloggers and spokesmen like Limbaugh and Beck are looney tunes, and embarrassments to the human race.

    The oil companies are unpredictable and dangerous. Some part of them must be saying to their unconscious minds that maybe it’s not such a great idea to bribe Congress and sabotoge the world’s future. Appeals to their reason or better natures won’t succeed, since they’re too far gone. The good in us, not them, needs to be awakened, so we can defeat them once and for all.

    As Caesar Germanicus once said about the Germans: “You must hit them, hard, and then hit them again when they are down. Only then will they respect you”.

  3. Robert Nagle says:

    Of course, this is only idle speculation. But isn’t it reasonable to assume that Chinese hackers wouldn’t have launched their payload in a document titled “China and Climate Change”?

  4. Dano says:

    No wonder the usual suspects are making up charges, and the gullible rubes are harrumphing so indignantly…



  5. James Giese says:

    The most important point, “No one has yet been charged in these crimes” is the last sentence.

    Who hacked those e-mails?

  6. Paulm says:

    AUSTRALIA’S top intelligence agency believes south-east Asia will be the region worst affected by climate change by 2030, with decreased water flows from the Himalayan glaciers triggering a ”cascade of economic, social and political consequences”.

    The dire outlook was provided by the deputy director of the Office of National Assessments, Heather Smith, in a confidential discussion on the national security implications of climate change with US embassy officials.

    The cable, obtained by WikiLeaks and released to the Herald, also revealed that the Australian government was encouraging Pacific nations expected to be inundated by rising sea levels to think ”incrementally”, despite the likelihood their citizens might be eventually forced to evacuate.

  7. MapleLeaf says:

    This is yet more evidence that Stephen McIntyre’s claim (and that made by many other self-proclaimed “skeptics”) that the UAE/CRU emails were leaked is most likely just another ruse.

    I wonder if the Norfolk police have been alerted to this? The US DoS may have some information of the people/groups involved that may of relevance to the CRU hack. I dedicated, and true investigative journalists might also be able to make some inroads– the reward, a huge story….

    Yes, I also want to know who hacked those emails?

  8. Lou Grinzo says:

    Of course we all want to know who did this, and we all want to see them brought to justice.

    But can we tap the brakes a couple of times on the talk about nothing being done, the relevant officials not wanting to look into it, etc.? I certainly don’t know what’s going on with this investigation, and I don’t think anyone here does, either. So please stick to the facts about climate change and the antics of the deniers, which are more than sufficiently terrifying.

  9. EDpeak says:

    “The oil companies are unpredictable and dangerous. Some part of them must be saying to their unconscious minds that maybe it’s not such a great idea to bribe Congress and sabotage the world’s future”

    JR has sometimes expressed similar sentiments, which, like yours, point the finger at the oil companies but neglects to add another extremely powerful, if not more powerful, source: the “free market fundamentalists” of the right-wing think tanks, WJS, etc, etc, whose religion is that protecting the publ- excuse me, that “regulation” is virtually always bad. They hate democracy, hate it, loathe it, they want “one dollar equals one vote” and never us “rabble” with “one person equals one vote” to have say over safety, be it drinking water, children’s toys, or cribs, etc, not just climate.

    Climate is just a case where the hard facts are so radically diametrically opposed to the “there’s no AWG” or “it’s a hoax” line these “free” (really: corporate-run) market fundamentalists repeat over and over again.

    Unless this root cause, too, in addition to the other one (profit motive of companies in fossil fuel businesses), is exposed equally, we’ll never identify accurately (much less be able to cure) the body politic and society of the poisonous democracy-hating ideas of the market fundamentalists that would push us towards extinction if left in place.

  10. Mulga Mumblebrain says:

    The Wikileaks I’ve seen have outlined US and allied attempts to sabotage Copenhagen, as part of a process of destroying Kyoto, in order to control climate change action while resolutely refusing to be bound by any constraints. This, of course, is how Messianic global empires, even those collapsing from economic and military over-reach and consequent social malaise, act. Cancun was a sea of greenwash, and the coup de grace will be delivered at Durban. Bet on it.

  11. Anne says:

    Ditto #5 – “No one has yet been charged in these crimes.” — and a more important and disturbing fact is most likely “And no one is looking for the perpetrators.” There is no investigation — likely because there is no perceived material “harm.” And yet the whole ugly crime did cause harm — it wasted precious time, took energy and spirit away from scientists, and raised the level of public doubt, despite the findings in favor of the scientists. In my mind, the hacking done by Julian Assange, now essentially a dead man walking, was a public service, where the hacking done by the weasels going after East Anglia is true treason — of a whole world not just a nation — and those hackers should be punished harshly. The injustice demonstrated by this comparison is heartbreaking.

  12. Unfortunately there’s no evidence to link the cyber-attack on the US climate change envoys to the CRU cyber-attack — the two may be perpetrated by completely unaffiliated groups, for all we know. :|

    And alas it’s also hard to figure out — using publicly known information — the people who are affiliated with the SwiftHackers. I’m theorizing that the SwiftHackers’ original intent was to get McIntyre to harp on the Briffa/Yamal issue, but even this theory doesn’t currently lead to anything useful.


  13. Anne:

    and a more important and disturbing fact is most likely “And no one is looking for the perpetrators.”

    Not exactly true. The UK police had been on the case as late as May this year, and they questioned one Sebastian Nokes and also got the Canadian police to contact Steve McIntyre, though I’ve not heard anything since then.

    It’s also worth noting that the SwiftHacker doesn’t seem to have made any rookie mistakes, unlike Pfc. Bradley Manning (who leaked out his own involvement in the leaks), and Alex Tapanaris (who left his name in the metadata of a manifesto of “Anonymous”).