Slashdot Mirror
Taiwan Under Cyber Attack from China
An anonymous reader writes: "O'Reilly Developer News is reporting this morning that Taipei is under cyber attack by a Chinese 'army of hackers'. The Taipei government is saying that the attacks are trojan-horses against windows machines that are being staged to break in to government databases."
Maybe they're just trying to undermine Windows by attacking it.
-Libertarian secular transhumanist
Cabinet says computers under attack
INFORMATION WARFARE: A Cabinet spokesman said Beijing is waging a campaign designed to access databases in Taiwan through the use of Trojan-horse computer programs
By Ko Shu-ling
STAFF REPORTER
Thursday, Sep 04, 2003,Page 1
China has launched a systematic information warfare campaign against Taiwan, spreading Trojan-horse programs into private companies' computers as a means to break into government databases, the Cabinet said yesterday.
"National intelligence has indicated that an army of hackers based in China's Hubei and Fujian provinces has successfully spread 23 different Trojan horse programs to the networks 10 private high-tech companies here to use them as a springboard to break into at least 30 different government agencies and 50 private companies," Cabinet Spokesman Lin Chia-lung () said yesterday.
The government agencies invaded by the Trojan-horse programs include the National Police Administration, the Ministry of National Defense, the Central Election Commission and the Central Bank of China.
To minimize the damage, Premier Yu Shyi-kun yesterday instructed all central government agencies to scrutinize their computer systems and report to the authorities within two days. Those failing or refusing to comply with the order may face punishment.
Yu made the remark yesterday morning during the weekly closed-door Cabinet meeting, in which Minister without Portfolio Tsai Ching-yen () briefed Yu on the matter.
"Trojan-horse attacks are one of the most serious threats to computer security," Tsai said. "A computer user may have not only been attacked but may also be attacking others unknowingly."
Because of the vast popularity and many weaknesses of the Windows operating system, most of the damage is done to Windows users, Tsai said.
Although the National Information Task Force has warned government agencies to be on alert, Tsai said, some agencies have failed to take the warning seriously.
"They either delayed reporting to authorities or tried to solve the problem themselves. It not only stalled our response efforts but also made the situation worse," Tsai said.
Since it appears no government information has been stolen, Tsai said, the deployment of the program is likely aimed at paralyzing the nation's computer systems.
"Of course there are other possibilities such as stealing sensitive government information in vast sums or preparing computers for future information warfare," he said.
To help government agencies invaded by the program clean up the mess, Tsai said the National Information Security Committee plans to complete the programming of the anti-Trojan-horse software today.
"We'll also post the solution manual on the Internet for the convenience of other countries facing the same problem," Tsai said, adding that Taiwan is the first country to have detected the program.
Lee Hsiang-chen (), captain of the National Police Administration's Criminal Investigation Bureau, said the situation has been monitored 24 hours a day over the past two months.
"We're glad that it has been detected before any damage was done," Lee said.
"If there's any lesson from this experience, it is not to use software developed in China or hire Chinese computer programmers, because you're running the risk of having the software you use implanted with the Trojan-horse program," he said.
Karma: Can there be a void?
.. -. - . .-. .-. --- -...
Show your hate for SCO
Now please, don't flame me as a fan of mainland China's repressive regime. But the Taiwanese government doesn't exactly have the world's best track record, as I recall. I hear occasional notes about "problems" with civil rights, and then there's the whole pirated anime problem.
So when I read this line:
"National intelligence has indicated that an army of hackers based in China..."
my BS-o-Meter starts clicking. Though the article is non-technical, it includes other notes that make the meter tick faster:
"...has successfully spread 23 different Trojan horse programs... 10 private high-tech companies... break into at least 30 different government agencies and 50 private companies," Cabinet Spokesman Lin Chia-lung said yesterday.
We have a lot of big, scary numbers... but no hard information about the programs, the companies, or the government agencies.
In fact, the "23 different Trojans" makes me think that the government cabinet member is talking out of his butt. More likely, nobody's been running virus protection, and those 24 Trojans are simply members of F-Secure's wildlist.
Then, there's this "helpful" suggestion:
"If there's any lesson from this experience, it is not to use software developed in China or hire Chinese computer programmers, because you're running the risk of having the software you use implanted with the Trojan-horse program," he said.
That sounds like nothing more than the usual tit-for-tat barbs that Taiwan and China have been throwing across the strait for decades. In fact, I suspect that's what this whole Trojan Horse issue is -- all bluster, no substance.
And finally, off the actual topic: let's watch the Slashdot effect in action! When I first hit the Taipei Times article, it included this text at the bottom:
This story has been viewed 1128 times.
By the time I typed this comment, the number had not changed, so I'm probably getting a cached copy. What did it show when you hit it?
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
Yu made the remark yesterday morning during the weekly closed-door Cabinet meeting, in which Minister without Portfolio Tsai Ching-yen briefed Yu on the matter.
I hadn't realized that I talked with China or Tiawan latley.
I'm not a prophet or a stone-age man,
I'm just a mortal with potential of a super man.
They're under another kind of cyber attack now. Can't get through to the linked website.
I fully expect this on the big screen in a few years.
~
~
:wq
It's only with the advent of the Internet that the two are suddenly in contact in meaningful ways. In a strange twist, and in many cases the Chinese government is in a position where they have to defend Taiwan against these kinds of attacks from their own citizens!
It's a strange, strange world. And as we grow more connected, it's getting more so every day. So buy SCOX stock.
It's interesting that this is happening now, after china has acquired windows' source code. Could they have found newer vulnarabilities that no one knows about yet?
Disclaimer: My opinions are my own and do not, in any way, reflect the opinions of my employer or university.
...couldn't they just impersonate techs, walk in and grab the government mainframes? :-)
Learning HOW to think is more important than learning WHAT to think.
all your (data)base are belong to us!
there i said it, i know its japanese but it had to be said.
Especially the last part of the article:
1 52525 2
"If there's any lesson from this experience, it is not to use software developed in China or hire Chinese computer programmers, because you're running the risk of having the software you use implanted with the Trojan-horse program"
on the heels of this report, regarding China's intentions of developing their own OS:
http://slashdot.org/article.pl?sid=03/08/31/
I did not make it to the article, so I am basing this comment upon the posted text.
"China has launched a systematic information warfare campaign against Taiwan"
That would be propoganda. Hackers, or more technically, computers, in China have launched an attack. Not the Chinese government, not the nation of China, a group of individuals using computers in China.
"'National intelligence has indicated that an army of hackers based...'"
Again, a little over the top with the "army of hackers" reference. This makes it seem like the hackers have some official link or even political cause.
"'If there's any lesson from this experience, it is not to use software developed in China or hire Chinese computer programmers,'"
Propoganda. Incredibly, this sort of logic would mean that living or working within a country means that you are a malicious agent of that country. Ludicrous.
Oh, and please do observe the editor who approved this article.
Because of the vast popularity and many weaknesses of the Windows operating system, most of the damage is done to Windows users, Tsai said.
Department of Hoeland Security, take note.
Does Taiwan have nukes?
Tom Clancy makes me insane. Whenever theres some sort of political or military conflict, all the CNNs and FOX News stations scramble to get Clancy to come on and comment. And he has no military or political experience, just a vivid imagination. They ask him all kinds of technical questions, like in Afghanistan they're asking him about the range of shoulder fired missiles and how many the Taliban have, and he's giving answers like "42" matter-of-factly.
It's ridiculous. What's next, getting Dennis Miller to be color man on Monday Night Football? Oh wait
I don't need no instructions to know how to rock!!!!
Only on slashdot are Civil rights violations mentioned in the same sentence as pirated anime of all things.
There's nothing Intelligent about Intelligent Design.
me chinese me play trick me ping -f'in on your nick
MoFscker
Well, this is the first I've learned of it. My ultra cheap standard issue 1.5Mbps DSL connection seems to be going just fine. Got a few connections to the WayBack machine going and I just finished the rounds at a dozen web sites, EETimes, DisplaySearch, BioTech East, Digitimes, Google News and on and on. None of them had any problems, nice snappy connections. A few of those are in Taiwan so locally and internationally the network itself seems fine.
The only thing I couldn't get to was the feakin' story at the notoriously paranoid Taipei Times because apparently the greater threat to the local net than the mainland is slashdotting!
Please help me decide who to cheer for.
Here is the cause. Taiwan recently conducted military exercises simulating a Chinese invasion despite Chinese protests. I would imagine that this is China's response.
Or it could be preparation for an all out invasion by China. Now that would be a fun war to watch.
Taiwan should ditch their Windows boxes for something more secure. Like, say, Red Flag Linux?
How do they know "China" (as in the Chinese government) is attacking Taipei, instead of just a group of people? I mean, if Joe Hacker from the USA attacks the Belgium government servers do you call it an attack by Joe Hacker or an attack by the USA?
That Clancy is popular doesn't mean it's fair to dismiss his work as totally unrelated to political and military reality.
One of my friends of the asian persuasion has taught me the true Chinese way of attacking.
First, no not all Chinese people know kung-fu.
This is a common misconception bred from kung-fu movies. They actually get to choose their martial art. So some know karate instead.
Secondly, the Chinese use giant chopstick catapults to throw themselves to Taiwan, and then they use these martial arts to attack.
Third, the Chinese NEVER use technology to attack! It is simply not honourable. You must commit "harry-karry" (which is, yes, japanese and spelled american). The honourable way to attack is with martial arts. Possibly using weapons, if the other agrees to it in the duel, and their sensai throws them the same weapon you have.
Because a numchuck vs. sword fight simply isnt fair, or lengthly enough to make a good film.
I must get a glass of water...this is a little dry.
[I can picture a world without war, without hate. I can picture us attacking that world, because they'd never expect it]
and the CMS made the formally dynamic page static to save the server.
Fuck Beta. Fuck Dice
So after they do nuke, the computers that survive won't be running Windows.
-Libertarian secular transhumanist
Regardless of the implications of this:
1) This is, to put it concisely, goddamn cool. We've been hearing for years about how countries might wage some kind of hax0r-cyber-warfare on each other, but aside from a few isolated instances (e.g., the U.S. disabling Iraqi computers in 1992 by introducing a hardcore virus via, of all things, printer driver software), we've dismissed it as futurist hogwash. But it may be happening now. If so, it's an historic moment in computer science.
2) This is better for people than having any country invade or bomb another. This type of invasion may be a precursor to that one - but if, in the future, a country can be brought to its knees with minimal loss of life by just wrecking its computer infrastructure, then that is a good development of history.
- David Stein
Computer over. Virus = very yes.
This just in...
The Taipei Times is under attack from a group of computer experts in the United States. The group, calling themselves Slashdot, have bombarded the Taipei website with so many hits, that it cannot distribute web pages anymore.
More on this story at eleven.
I remember after 9/11 alot was said about information warfare being the new medium. It was made into a big deal by the media, but I also remember Wired writing an excellant article on how physical attacks would be much easier, much more destructive, and much less expensive to implament. Since all that, I have been very skeptical about if digital warfare is ever going to be in our future. Assuming this is a true claim, des this now prove that we are in that age? Its one thing to claim a few kids are doing it, its a whole different ball park if you say military trained personell are carrying out the attack...
It rebooted. China 0wns
me. Blue screen now red.
Sig Applied For
That's not the point. The point is not to use closed-source software anymore. If their software was supplied with source code, they could have scanned it thoroughly for trojans before implementing it.
Furthermore, I heard recently on CNN that the only restriction on defense weapons is that 50% be developed by US companies. Only 50%!!!
IMHO, one of the primary reasons USA is so strong in defense is because all the brains from overseas came to our country to profit from their work and flee from religious persecution. Now we're shipping opportunities overseas and the judge in Alabama is giving people the impression that Christianity is favored over all other religions here. Smooth move (imagine the next Einstein staying overseas and deveoping the next great weapon for some other country instead of us).
What will happen to our national security when we offshore 90%+ of all of our high-tech jobs and what will happen to the national security in countries (like India & China) where most of the high-tech jobs will be based?
And workers of US companies overseas don't have to pay taxes on the first $75,000 so think of all the lost taxes (billions in income taxes alone) that our government loses--not to mention that those workers if based in the US would have spent their earnings here.
Does anyone in Washington give a damn about our future or is it all about returning favors to those who contribute to campaigns while sacrificing our government budgets and national security?
Isn't it retarded to offshore development of critical products like anti-virus software to other countries? If this story about China attacking Taiwan (which I thought was part of China) is true, then we should stop all security-related software from being offshored--or simply requiring the use of only those developed 100% by companies AND individuals with security clearances.
You can't really take a pee in China without government sanction. If you think that rebellious feeling Chinese can just spontaneously gather and cary out a non-approved actiivty, then I have a nice prison cell filled with falun gong practicers to sell you. Get real.
"He who laughs last, didn't get the joke."-Cap
1st, Taiwan staged its largest-ever war games a few days back. It's trying to take an even-more-solid defensive posture because it knows that the US is too bogged down in Iraq to come fully to its defense if China invades soon.
2nd, when I worked in Taiwan in the late 80s, there was a single pipe into the country which the government heavily monitored. The pipe's much fatter now. Anyone know how heavy the monitoring is these days?
3rd, the mainland would be totally stupid not to try to break into Taiwanese databases. Any professional intelligence agency anywhere in the world has people assigned to breaking into friends' and neighbors' databases.
4th, the government on Taiwan is the only legitimate government of China. We may be making a terrible mistake not to back it, and not to demand the dissolution of the illegitimate government on the mainland. But hey, the mainland will sell us cheap goods made with slave and prison labor - good enough for us....
"with their freedom lost all virtue lose" - Milton
Mmm, what makes you say this? Oh, I know. A war in Iraq, right? Saddams and miloshevitches of the world are the only people to feel less secure because of it. Not much less secure, unfortunately -- thanks to you and your kind.
Confucionism or not, China maintains huge army and is known to have used it for highly illegal purposes. Your heart, I'm sure, bleeds, because of the questionable legal grounds for attacking Iraq, but you don't seem to care for China's annexation of Tibet and parts of India's northeast -- for which there are no legal grounds at all.
Criticizing US' and praising China's foreign (and domestic) policies in one breath is sheer stupidity.
In Soviet Washington the swamp drains you.
What's really interesting is that Microsoft allowed China access to the source code from Windows. Could the Chinese have used this information to aid in attacking Taiwan?
But Clancy does have - or is said to have - more access to the military than you will ever get.
This is a fact. I was a member of the 26th MEU(SOC) onboard the USS WASP when Clancy was doing research for his book, "Marine. A guided Tour of a Marine Expeditionary Unit" (ISBN: 0425154548) and I can tell you without a doubt that he had access to all levels of the unit, both during training and real world operations. I can't remember exactly how long he was there, but it was at least a week or two. Trust me, 99% of what the man writes is accurate. He does his homework.He's also a super nice guy.
"Some" being the key word there. GW Bush deserted the Texas Air National Guard for approximately a full year between 1972-1973. This was originally reported in the May 23rd issue of the Boston Globe.
More information on that here and here.
Regan is a old man with "alzheimers". Again, he did a lot of good, but sill managed to willfully break the law--better keeping quiet. As well as his lacky (responsible for pulling off the whole Iran-Contra thing) Bush Sr. who also needs to keep quiet to avoid jail time for the incident.. and like republicans, spend their time and wealth on themselves! Clinton left the position with all sorts of personal problems (whitewater, Paula, Monica, etc) that again, he's better off shutting up to stay out of jail.
So realize that Carter can spout off all he wants. He's the only living american president not to have any reason to go to jail..that would seem to be pretty impressive. Also, the contacts that a president makes have huge weight in the rest of the world. Carter seems to be the only President to make anything of them. (OK, Nixon did help out in China. That had to take guts.)
He inherited a disgraced position after years of presidents that started wars and trampled on rights. He was the first president since FDR that didn't throw the country INTO a war and tried to end some of them.