Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chinese Websites Used As Launchpads For Cracking

Posted by Zonk on from the not-friendly-global-neighbors dept.

An anonymous reader writes "A Washington Post article reports that Chinese networks are being used to breach hundreds of unclassified U.S. government systems. The article goes on to say that some analysts believe the activity to be tied to the Chinese government, although there is also some dissent." From the article: "Whether the attacks constitute a coordinated Chinese government campaign to penetrate U.S. networks and spy on government databanks has divided U.S. analysts. Some in the Pentagon are said to be convinced of official Chinese involvement; others see the electronic probing as the work of other hackers simply using Chinese networks to disguise the origins of the attacks."

17 of 256 comments (clear)

  1. Idealism by mfh · · Score: 4, Insightful

    FTA: "It's not just the Defense Department but a wide variety of networks that have been hit," including the departments of State, Energy and Homeland Security as well as defense contractors, the official said. "This is an ongoing, organized attempt to siphon off information from our unclassified systems."

    This seems like the work of terrorists to me. They gather unclassified intel from multiple sources and then they can prove/disprove rumours (leaks?) of a secret nature. This puts a strain on the agencies to ensure that solid intel can not be assembled from less potent information, and yet many citizens complain about the slow pace in which free information flows out of the government. Look at what they are up against, today. (I know I'm going to get hammered on that statement) I think we're seeing that delicate balance between freedom of information and security will be tipping in the near future as a direct result of these attacks. It's never been very balanced anyway. I might be a touch left-wing, an idealist -- but to me there needs also to be a careful approach to protecting the homeland, whether it's in Canada, the US or abroad. I have a sneaky feeling that someone we know had something to do with this, and it's likely not the Chinese government -- I think it was the FSM, or possibly a smaller cell -- the Army of the 12 Monkeys!

    --
    The dangers of knowledge trigger emotional distress in human beings.
    1. Re:Idealism by servicemaster · · Score: 5, Funny

      Sounds like...

      "Now, a clever man would put the poison into his own goblet, because he would know that only a great fool would reach for what he was given. I am not a great fool, so I can clearly not choose the wine in front of you. But you must have known I was not a great fool, you would have counted on it, so I can clearly not choose the wine in front of me!" ...

      "You only think I guessed wrong - that's what's so funny! I switched glasses when your back was turned! Ha-ha, you fool! You fell victim to one of the classic blunders, the most famous of which is "Never get involved in a land war in Asia", but only slightly less famous is this: "Never go in against a Sicilian, when *death* is on the line!". Hahahahahah!"
      [Vizzini falls over dead]

      Vizzini, Princess Bride

    2. Re:Idealism by arkanes · · Score: 4, Insightful
      It's not a tough idea at all. Closed, authoritarian governments have been around as long as there have people. The problem is that this is in direct contradiction to the democratic ideal. The entire point of a democractic government is that its power derives from the citizens, and it is supposed to reflect those citizens interests. It is *not* supposed to be a totalitarian figure, benevolent or not.

      Now, it may very well be that (real) democracy isn't stable in the long run - certainly the US government has moved more and more toward the totalitarian mode over the last couple centuries - but the people who're upset over that aren't confused or misled about a need for secrecy. They're concerned with the fact that a government that nominally represents thier them is actively seeking to hide information and activities from them (again, not a poke at the Bush administration - this has been happing, and gradually increasing, for the entire history of the US).

      Historical fact bears this out, too - there's been more than one case of government agencies refusing FOIA requests, or censoring them, not because they contained information critical to national security, but because they were embarressing, or contradicted "official" reports.

      In terms of security at all, the *best* kind is the kind that works even when everyone knows what you're doing. Thats not always possible, of course, but your example of vacation time is a great one for exactly that reason. Suppose that some city had some large fraction of it's officers on vacation on the same week of every year. Thats hurtful to security whether it's published or not. Publishing it, in fact, is probably the best way to correct such a short sighted flaw in operating procedures. "Open and transparent" means that the public (remember, the people who're supposedly the important ones) can confirm that people who claim to be acting in thier interest are actually doing so.

      And the what matters as well, especially when we're a supposedly moral nation. For example, many people are uncomfortable with the idea of torturing prisoners, or assassinating foreign politicians. Now, those actions may be neccesary to protect the US. Or they may not. But, supposedly, it's the *people* of the US who should determine what the line they will not cross is. Thats why we have laws and such about treatment of prisoners, and regulating our international operations. And history has shown that we need public oversight if our government is to be trusted to abide by those laws. Here I will poke specifically at the Bush administration, because, whether you support torturing prisoners for information or not, the Bush adminstration official policy is to do it via legal loopholing and word games, not via straightforward public policy.

      Of course, this is all predicated on the idea that a democratic society is stable or even a good idea. Theres a lot of people who would disagree, even Americans (from the sound of it, even yourself). Humans are social animals and being led is very comforting to many people.

  2. Microsoft / China "shared source" initiative? by dyfet · · Score: 4, Funny
    Was it not all that long ago that Microsoft agreed to "share" it's source with the Chinese government? I had wondered what became of that...

  3. why don't they... by justforaday · · Score: 4, Funny

    I don't see why the government doesn't just create it's own private network for data communication. And maybe if they were feeling really generous they could let some of the more prestigious universities out there onto it also...

    --
    I'll turn into a supernova and burn up everything. Well I'll turn into a black little hole and you'll turn into string.
  4. At least we know it's not the Russians! by conJunk · · Score: 5, Interesting

    I used to work in physical security (a clerical job I had in high school), and it was always fun to talk to the old-timers and hear their stories.

    My favorite was about how the KGB operatives in DC in the late 50s stayed in good graces wtih their Moscow overloads with a minumum of effort:

    They were supposed to keep tabs on the ongoings of the US political system by establishing inside contacts, and reporting back. So, they just summarized the political news from each day's New York Times, and kept their jobs for years.

    The Americans pulled an good one on them: To spy at the Russian consolate in New York, the CIA recruited Xerox to install a minature camera in the consolate's copy equipment. When he came to do "regular maitenance" each month, he'd also replace the full tapes with new ones.

    Sorry for no linkies, my source for these is an 80 year old CPP.

  5. How much is spoofed? by m50d · · Score: 4, Insightful

    I wonder how many of these attacks are really coming from America. Standard practice is to spoof somewhere that seems to be not worth their time to look into if anyone catches you - eastern europe used to be a favourite, with its famously corrupt and incompetent police forces and the sheer physical distance acting to dissuade US companies or government agencies from bothering to try and bring anyone apparently from there to justice. With the additional hostile political environment and famed elite hackers, China would make a very attractive place to spoof an attack as being from.

    --
    I am trolling
  6. Some are said to be? by Anonymous Coward · · Score: 5, Insightful

    Talk about weak:

    "Some in the Pentagon are said to be convinced of official Chinese involvement..."

    So, other people have said that some people in the Pentagon are convinced. We don't even know who is doing the "saying."

    Sounds like weak speculation to me.

  7. If you've done nothing wrong... by yotto · · Score: 5, Funny

    Then you have nothing to fear from the Chinese knowing all the information the US government has collected on you.

    --
    Pulp Audio Weekly - Geek News and Reviews
    1. Re:If you've done nothing wrong... by yotto · · Score: 4, Informative

      I'll assume for the moment that you didn't realize my sarcasm when I say:

      I was being sarcastic, and showing one obvious instance where, even if you /do/ believe that statement about the "Good Guys", you'll see why it's flawed anyway.

      --
      Pulp Audio Weekly - Geek News and Reviews
  8. Real story by GrAfFiT · · Score: 4, Insightful

    OK, further investigations revealed that the whole issue was seriously inflated. It was just about chinese user's (pirated) Windows XP computers being infected by worms and turned into zombies sending gazillions of blaster/sasser/zotob/whatever to .mil computers. OK nothing to worry about.
    Next story : old korean grand-mothers hacking Pentagon's SMTP servers.

  9. websites? by delirium+of+disorder · · Score: 4, Insightful

    Although there certainly are penetration methods that use web sites, I would guess that many other application layer IP services are being used for these attacks. The media's use of the term web site to mean any IP device is deceiving.

    --
    ------ Take away the right to say fuck and you take away the right to say fuck the government.
  10. unclassified could be espionage as well by HBI · · Score: 4, Informative

    Under the heading "unclassified documents":

    "For Official Use Only" - things which don't contain classified data, but contain information that should be kept within the government. Someone made a decision to mark this document as FOUO.

    "Sensitive" - a more generic type of document which contains information which is probably not suitable for public release, but is not determined as such. This may be marked FOUO at some future point.

    The big problem with the standard information classification guidelines is what you need to do if you classify the document. First, people can't attach them to the normal email system, or in fact even have it on an unclassified computer system. Second, if you print it out you have to print it on a classified-only printer, lock it in a safe and sign for it, sealing the room from those who have no clearance before taking a look. Google AR 25-2 and read the pdf (public distribution) for more specific information on how such documents are handled.

    This provides a lot of impetus to keep data that is not truly secret from being classified as such. So many documents are FOUO or considered "sensitive". It doesn't mean the data in the hands of an enemy couldn't be damaging, particularly in the aggregate.

    --
    HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
  11. Re:IT IS TRUE!!! by grasshoppa · · Score: 4, Funny

    China _does_ have oil.

    Well, there now, sounds to me like they may be harboring terrorists and weapons of mass destruction.

    We must persevere. Stay true to our convictions, and continue to sacrifice. For the good of the world, in our war on terrorism.

    --
    Mod me down with all of your hatred and your journey towards the dark side will be complete!
  12. Nature of "Attacks" by MrCopilot · · Score: 4, Insightful
    Hmm, So they recieve hits on UNClassified Computers (Servers?). Is it possible someone in china just wants to know about corn production and distribution to soldiers?

    Nowhere does TFA describe the attacks themselves. I guess we are to assume they are malicious Attacks to gain control of DOD computers. I try to never assume anything based on vague DOD statements. So I'm going with hits on the serveer Logs. Seems like a cute way to get approval for Classifying these UNClassified Systems. This administration has been overly secretive in a whole slew of areas, add one more to the list.

    I give it a week, then quietly changes will be made and this info will dissappear off the web, innaccessible to all but the DOD.

    Wouldn't it be interesting to know how many "Attacks" the chinese government receives from the US.

    The number of attempted intrusions from all sources identified by the Pentagon last year totaled about 79,000, defense officials said, up from about 54,000 in 2003. Of those, hackers succeeded in gaining access to a Defense Department computer in about 1,300 cases. The vast majority of these instances involved what VanPutte called "low risk" computers.

    Gained access, Shit man, Raise Terror Threat Level to chartruse.

    This is an ongoing, organized attempt to siphon off information from our unclassified systems."

    No kidding, People are using computers to gather publicly available information. Oh.. My.. God.. Raise to level Periwinkle.....Get Dick to an undisclosed location. Get Condi on the horn.

    Either you are with us or your with the Chinese Websites.

    --
    OSGGFG - Open Source Gamers Guide to Free Games
  13. When we learn? by MrCopilot · · Score: 4, Funny

    Did Matthew Broderick teach us nothing?

    --
    OSGGFG - Open Source Gamers Guide to Free Games
  14. Damn - More Outsourcing by ppp · · Score: 4, Funny

    Those hacking jobs rightfully belong to Americans!

    --
    -G
    www.pixelstatic.com