Slashdot Mirror
U.S. Commerce Department Hacked Again
evil agent writes "The Bureau of Industry and Security (BIS), a branch of the Commerce Department, has sustained several successful attacks. Chinese hackers were able to gain access to its computers and install rootkits and other malware." From the article: "This is the second major attack originating in China that's been acknowledged by the federal government since July. Then, the State Department said that Chinese attackers had broken into its systems overseas and in Washington. And last year, Britain's National Infrastructure Security Co-ordination Center (NISCC) claimed that Chinese hackers had attacked more than 300 government agencies and private companies in the U.K."
How can they be so sure that the attacks originated from China? Sure there may have been Chinese IP addresses involved but the attackers could have been anywhere. The chinese systems could have simply been compromised and used to cover the attackers tracks.
Hence more secure, and not "totally secure".
Yes, it would mitigate the risk. For many government computers, thats still an unacceptable level of risk. If a buisness/government computer doesn't have good reason for internet access, it shouldn't have it. A better solution is to give those people 2 computers, one on the internet and not the internal network, the other reversed.
I still have more fans than freaks. WTF is wrong with you people?
If they say it's most likely state sponsored hack attacks, why not fight back with state sponsored hack attacks, i doubt government agencies have people hacking away at china, and if they do, they arent doing it very well...why not supply the hacker community with what to attack and offer incentives for any help?
There is no source cited etc. no example shown, no logs etc. only that "new york post" said that. If true, is that department admiting idiocy? Even simple rule on the router that restricts whole **ina IP block to only certaing data resources could do the job. Keeping us scary they want. Fear agenda again?
My network, connected to the Internet via a vanilla DSL service from Verizon, logs tons of break-in attempts on various ports. Most of them are from Chinese IP addresses. And unless the Chinese government has waaaaaaaaaaaaaay too much time on its hands (they are barely able to keep domestic order right now, so I doubt that they'd give a damn about some home computer), I think it's safe to say that the attacks against my system are blind, automated attacks by regular hackers trying to steal passwords, financial/identity info, or to pull me into a botnet for things like spam.
So, in the case of the Commerce Department, are these hackers "Chinese" in the sense that they represent the Chinese regime (and are thus hacking for national interests)? Or "Chinese" in the sense that they just happen to originate from that part of the world (and are thus hacking for petty selfish criminal interests)?
- Given the prevalence of hackers hacking for selfish crimes (vs. for national interests), I would think lean towards the latter.
- If the Chinese government really wanted to hack the US government, they could've picked a more useful department. Like Defense or State. But Commerce?!?!
- Attacks originating from Chinese IP addresses are extremely common, mostly because of software piracy. Because over 90% of the Windows installations there are illegal, it is common practice for software updates to be disabled (you can thank WGA for that), and thus, a HUGE number of computers in China are zombies out on a mission to zombify (is that a word?) other computers.