Slashdot Mirror
U.S. Commerce Department Hacked Again
evil agent writes "The Bureau of Industry and Security (BIS), a branch of the Commerce Department, has sustained several successful attacks. Chinese hackers were able to gain access to its computers and install rootkits and other malware." From the article: "This is the second major attack originating in China that's been acknowledged by the federal government since July. Then, the State Department said that Chinese attackers had broken into its systems overseas and in Washington. And last year, Britain's National Infrastructure Security Co-ordination Center (NISCC) claimed that Chinese hackers had attacked more than 300 government agencies and private companies in the U.K."
Chinese hackers installing root kits? Are you sure they weren't Japanese (aka Sony)?
Hm...so this here purple panda bear says he wants to be my buddy and help me out on the intarweb. Sounds good to me! (click) Gosh I wonder why my workstation is so slow, almost as if its sending all its files to ch!@$!$JGOJ!THIS POST 0WNZ0R3D BY CHINESE HAXORS
The Chinese have been trying for years to lose that pesky Most-Favored-Nation status, and this administration is not going to give in.
What the fuck? Aren't they even behind a firewall?
Wouldn't a simple firewall "mitigate" that "vulnerability"?
How can they be so sure that the attacks originated from China? Sure there may have been Chinese IP addresses involved but the attackers could have been anywhere. The chinese systems could have simply been compromised and used to cover the attackers tracks.
Don't forget kids, all these problems will be solved when the US govt goes to ipv6. Since no-one else will be using it, it will confound and confuse anyone trying to hack in!
There is nothing interesting going on at my blog
You mean you're going to ask the Department, "Does it run Linux"?
Just out of curriosity -- how many exploits for linux are there in which your machine can be rooted simply by viewing a website? How many such exploits have there been for windows? I honestly don't know the true answer but I'm betting there is a large difference between the frequency of this type of exploit with windows having the "high score" by a large margin. Please correct me if I'm wrong (with actual examples, not opinions).
What changed under Obama? Nothing Good
Its not about whether the chinese or japanese did it. Its about whether the commerce dept knows enough to protect itself or not.
Wincopy
Hence more secure, and not "totally secure".
Yes, it would mitigate the risk. For many government computers, thats still an unacceptable level of risk. If a buisness/government computer doesn't have good reason for internet access, it shouldn't have it. A better solution is to give those people 2 computers, one on the internet and not the internal network, the other reversed.
I still have more fans than freaks. WTF is wrong with you people?
Nice job linking to extremely old article. Before you go spouting off facts, you could check netcraft.
o m
r my.mil
http://uptime.netcraft.com/up/graph?site=goarmy.c
http://uptime.netcraft.com/up/graph?site=www.us.a
Been running on Solaris for years. I'm sure your buddy Steve is happy your still drinking the kool-aid.
If they say it's most likely state sponsored hack attacks, why not fight back with state sponsored hack attacks, i doubt government agencies have people hacking away at china, and if they do, they arent doing it very well...why not supply the hacker community with what to attack and offer incentives for any help?
By that "logic", a house with a 10' hole next to the open front door is "less" "secure" than the same house with the front door closed and locked.
No, it is not.
Which is what I said that you had previously taken exception to.
And for others it is an acceptable risk. What is it with you and the pedantic generalizations?
Again with the pedantic generalization. Do you have ANY evidence that these workstations are not used to access legitimate web-based resources?
You even get your pedantic generalizations wrong.
Back in the old days, when computers weren't networked, we still had a virus problem that was spread from computer to computer via floppy disks. Having 2 computers available means "sneaker-net" would be easy. Not to mention that it depends upon ALWAYS getting the cables correct.
Why not just put those extra $$DOLLARS$$ into locking down the desktops, setting up the firewall and monitoring the traffic?
It's not like we don't have all those technologies TODAY. Look up "snort" and SELinux for starters.
There is no source cited etc. no example shown, no logs etc. only that "new york post" said that. If true, is that department admiting idiocy? Even simple rule on the router that restricts whole **ina IP block to only certaing data resources could do the job. Keeping us scary they want. Fear agenda again?
ARE YOU CRAZY OR SOMETHING? let's not let obvious facts such as these get in the way of a good xenophobic rant and/or nationalistic orgy
Well ok I should be more clear, I've banned the blocks allocated to an ISP which I'm told is the Chinese state ISP. The reason is that I get no legit traffic, tons and tons of hack attempts, and they just ignore abuse e-mails, including those translated to Chinese.
That's the real answer to this problem. If particular ISPs refuse to behave, just start banning them. I mean sure, all ISPs will have people who act bad, but if you contact them and get no response and if the bad/good ratio is vastly (or completely) slanted to bad just ban them. Eventually they'll have access to little enough of the Internet that they'll really have no choice but to reform, or it won't matter because for all intents and purposes they won't be a part anyhow.
It's really not asking too much for ISPs to respond to abuse complaints. I remember one time I found my net connection off. Called the ISP, apparently I had a computer spewing worm traffic. Questioned my roommates and the system was located (unpatched Win 2000 will do that). Got it cleaned, they let me back on. That's how it should work. You get an e-mail saying there's abuse, you check you logs, if there is you shut off access. We have to do it at work from time to time. Usually an infected laptop but sometimes someone being malicious.
For ISPs/companies that won't, fuck it, ban them.
In the US, globalist free trade advocates would rather trade with people that are attacking us, than take the necessary steps to sanction them and defend our country from them.
They start throwing out off topic words like "protectionism" and "nativism", which when you ask them what it all means, alarmingly resembles "concern for national security" and "patriotism".
Ah, patriotism, that evil word. The notion that, just as caring for your family is more important than caring for someone else's, so is taking care of your country first.
Globalism. Another word for "screw national sovereignty, screw your own citizens, let's transfer all our wealth elsewhere". See: the national deficit and the national debt.
--- Grow a pair, liberals... stop letting the Republicans bully you!
"doesn't mean the hacked server wasn't using Windows, but there's also a good chance it was running Linux", xswl0931
It's not a server but hundreds of workstations. What OS do you think they are running on the desktop.
"Hundreds of computers must be replaced to cleanse the agency of malicious code, including rootkits and spyware."
"had identified several successful attempts to attack unattended BIS workstations during the overnight hours."
"The official also confirmed that BIS has limited Internet access to stand-alone workstations that are not connected to the bureau's internal network."
http://www.bis.doc.gov/ was running Microsoft-IIS on Windows 2000 when last queried at 7-Oct-2006 02:01:33 GMT
was Re:What OS? Looks like Linux
davecb5620@gmail.com
Apparently the the head of commerce has found a way to unclog the tubes. Now when chineese haxors put their message into the internet it won't be delayed.
For the past several years china has been using their surplus cash to buy up resources around the planet, long term heavy deals in you-name-it, oil, natgas, various minerals and metals, etc. Manufacturing takes labor and energy and raw resources combined with an infrastructure that can combine those three things into manufactured goods then you need a shipping industry to move stuff in and out. You might be able to shift just the labor part in theory easily, but without the actual factory built and without the raw stock to feed it, it just sits there. To use an IT term, china has the whole stack. while everyplace else has been concerned with next quarter's profits, they have been working towards the next generation's profits. And they used a ton of free western resources and investments to accomploish this.
They got to be seriously laughing about it over there, how naieve and shortsighted the west has been to purposely kill off wealth producing for some relatively short term gains. That's what we have been primarily exporting to them, the ability to keep producing wealth.
My network, connected to the Internet via a vanilla DSL service from Verizon, logs tons of break-in attempts on various ports. Most of them are from Chinese IP addresses. And unless the Chinese government has waaaaaaaaaaaaaay too much time on its hands (they are barely able to keep domestic order right now, so I doubt that they'd give a damn about some home computer), I think it's safe to say that the attacks against my system are blind, automated attacks by regular hackers trying to steal passwords, financial/identity info, or to pull me into a botnet for things like spam.
So, in the case of the Commerce Department, are these hackers "Chinese" in the sense that they represent the Chinese regime (and are thus hacking for national interests)? Or "Chinese" in the sense that they just happen to originate from that part of the world (and are thus hacking for petty selfish criminal interests)?
- Given the prevalence of hackers hacking for selfish crimes (vs. for national interests), I would think lean towards the latter.
- If the Chinese government really wanted to hack the US government, they could've picked a more useful department. Like Defense or State. But Commerce?!?!
- Attacks originating from Chinese IP addresses are extremely common, mostly because of software piracy. Because over 90% of the Windows installations there are illegal, it is common practice for software updates to be disabled (you can thank WGA for that), and thus, a HUGE number of computers in China are zombies out on a mission to zombify (is that a word?) other computers.
BIS systems contain all sort of useful information regarding applications for US businesses wanting to do business overseas, including technology reviews for export controls.
Of course the fucking Chinese are interested in Commerce. This is only one small piece of an over all plan to steal US technology and business secrets. Read some Bill Gertz.
This should scare the crap of the west. By something like 2020, China will have an estimated surplus of 20 million men over women. What do you do with an extra 20 million men who can't make babies after you've slowly, over the course of 30 years raped the west of it's technology advantage and destroyed it's industrial base? Bet even lame Slashdot liberals can guess!