Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chinese Websites Used As Launchpads For Cracking

Posted by Zonk on from the not-friendly-global-neighbors dept.

An anonymous reader writes "A Washington Post article reports that Chinese networks are being used to breach hundreds of unclassified U.S. government systems. The article goes on to say that some analysts believe the activity to be tied to the Chinese government, although there is also some dissent." From the article: "Whether the attacks constitute a coordinated Chinese government campaign to penetrate U.S. networks and spy on government databanks has divided U.S. analysts. Some in the Pentagon are said to be convinced of official Chinese involvement; others see the electronic probing as the work of other hackers simply using Chinese networks to disguise the origins of the attacks."

8 of 256 comments (clear)

  1. Idealism by mfh · · Score: 4, Insightful

    FTA: "It's not just the Defense Department but a wide variety of networks that have been hit," including the departments of State, Energy and Homeland Security as well as defense contractors, the official said. "This is an ongoing, organized attempt to siphon off information from our unclassified systems."

    This seems like the work of terrorists to me. They gather unclassified intel from multiple sources and then they can prove/disprove rumours (leaks?) of a secret nature. This puts a strain on the agencies to ensure that solid intel can not be assembled from less potent information, and yet many citizens complain about the slow pace in which free information flows out of the government. Look at what they are up against, today. (I know I'm going to get hammered on that statement) I think we're seeing that delicate balance between freedom of information and security will be tipping in the near future as a direct result of these attacks. It's never been very balanced anyway. I might be a touch left-wing, an idealist -- but to me there needs also to be a careful approach to protecting the homeland, whether it's in Canada, the US or abroad. I have a sneaky feeling that someone we know had something to do with this, and it's likely not the Chinese government -- I think it was the FSM, or possibly a smaller cell -- the Army of the 12 Monkeys!

    --
    The dangers of knowledge trigger emotional distress in human beings.
    1. Re:Idealism by arkanes · · Score: 4, Insightful
      It's not a tough idea at all. Closed, authoritarian governments have been around as long as there have people. The problem is that this is in direct contradiction to the democratic ideal. The entire point of a democractic government is that its power derives from the citizens, and it is supposed to reflect those citizens interests. It is *not* supposed to be a totalitarian figure, benevolent or not.

      Now, it may very well be that (real) democracy isn't stable in the long run - certainly the US government has moved more and more toward the totalitarian mode over the last couple centuries - but the people who're upset over that aren't confused or misled about a need for secrecy. They're concerned with the fact that a government that nominally represents thier them is actively seeking to hide information and activities from them (again, not a poke at the Bush administration - this has been happing, and gradually increasing, for the entire history of the US).

      Historical fact bears this out, too - there's been more than one case of government agencies refusing FOIA requests, or censoring them, not because they contained information critical to national security, but because they were embarressing, or contradicted "official" reports.

      In terms of security at all, the *best* kind is the kind that works even when everyone knows what you're doing. Thats not always possible, of course, but your example of vacation time is a great one for exactly that reason. Suppose that some city had some large fraction of it's officers on vacation on the same week of every year. Thats hurtful to security whether it's published or not. Publishing it, in fact, is probably the best way to correct such a short sighted flaw in operating procedures. "Open and transparent" means that the public (remember, the people who're supposedly the important ones) can confirm that people who claim to be acting in thier interest are actually doing so.

      And the what matters as well, especially when we're a supposedly moral nation. For example, many people are uncomfortable with the idea of torturing prisoners, or assassinating foreign politicians. Now, those actions may be neccesary to protect the US. Or they may not. But, supposedly, it's the *people* of the US who should determine what the line they will not cross is. Thats why we have laws and such about treatment of prisoners, and regulating our international operations. And history has shown that we need public oversight if our government is to be trusted to abide by those laws. Here I will poke specifically at the Bush administration, because, whether you support torturing prisoners for information or not, the Bush adminstration official policy is to do it via legal loopholing and word games, not via straightforward public policy.

      Of course, this is all predicated on the idea that a democratic society is stable or even a good idea. Theres a lot of people who would disagree, even Americans (from the sound of it, even yourself). Humans are social animals and being led is very comforting to many people.

  2. How much is spoofed? by m50d · · Score: 4, Insightful

    I wonder how many of these attacks are really coming from America. Standard practice is to spoof somewhere that seems to be not worth their time to look into if anyone catches you - eastern europe used to be a favourite, with its famously corrupt and incompetent police forces and the sheer physical distance acting to dissuade US companies or government agencies from bothering to try and bring anyone apparently from there to justice. With the additional hostile political environment and famed elite hackers, China would make a very attractive place to spoof an attack as being from.

    --
    I am trolling
  3. Some are said to be? by Anonymous Coward · · Score: 5, Insightful

    Talk about weak:

    "Some in the Pentagon are said to be convinced of official Chinese involvement..."

    So, other people have said that some people in the Pentagon are convinced. We don't even know who is doing the "saying."

    Sounds like weak speculation to me.

  4. Real story by GrAfFiT · · Score: 4, Insightful

    OK, further investigations revealed that the whole issue was seriously inflated. It was just about chinese user's (pirated) Windows XP computers being infected by worms and turned into zombies sending gazillions of blaster/sasser/zotob/whatever to .mil computers. OK nothing to worry about.
    Next story : old korean grand-mothers hacking Pentagon's SMTP servers.

  5. websites? by delirium+of+disorder · · Score: 4, Insightful

    Although there certainly are penetration methods that use web sites, I would guess that many other application layer IP services are being used for these attacks. The media's use of the term web site to mean any IP device is deceiving.

    --
    ------ Take away the right to say fuck and you take away the right to say fuck the government.
  6. The Currency of Fear. by delire · · Score: 3, Insightful

    Secondly, the notoriously paranoid government in Beijing has also long feared that Microsoft Windows has a "back door" that could allow for U.S. government snooping -- a fear no doubt enhanced by the January discovery of bugging devices in President Jiang Zemin's new personal Boeing 767. Microsoft, of course, denies that it would ever be involved in such matters, but many Chinese still feel safer using the open code of Linux. In China, after all, any company as big as Microsoft would be in cahoots with the government.
    From here.
  7. Nature of "Attacks" by MrCopilot · · Score: 4, Insightful
    Hmm, So they recieve hits on UNClassified Computers (Servers?). Is it possible someone in china just wants to know about corn production and distribution to soldiers?

    Nowhere does TFA describe the attacks themselves. I guess we are to assume they are malicious Attacks to gain control of DOD computers. I try to never assume anything based on vague DOD statements. So I'm going with hits on the serveer Logs. Seems like a cute way to get approval for Classifying these UNClassified Systems. This administration has been overly secretive in a whole slew of areas, add one more to the list.

    I give it a week, then quietly changes will be made and this info will dissappear off the web, innaccessible to all but the DOD.

    Wouldn't it be interesting to know how many "Attacks" the chinese government receives from the US.

    The number of attempted intrusions from all sources identified by the Pentagon last year totaled about 79,000, defense officials said, up from about 54,000 in 2003. Of those, hackers succeeded in gaining access to a Defense Department computer in about 1,300 cases. The vast majority of these instances involved what VanPutte called "low risk" computers.

    Gained access, Shit man, Raise Terror Threat Level to chartruse.

    This is an ongoing, organized attempt to siphon off information from our unclassified systems."

    No kidding, People are using computers to gather publicly available information. Oh.. My.. God.. Raise to level Periwinkle.....Get Dick to an undisclosed location. Get Condi on the horn.

    Either you are with us or your with the Chinese Websites.

    --
    OSGGFG - Open Source Gamers Guide to Free Games