U.S. Commerce Department Hacked Again

evil agent writes "The Bureau of Industry and Security (BIS), a branch of the Commerce Department, has sustained several successful attacks. Chinese hackers were able to gain access to its computers and install rootkits and other malware." From the article: "This is the second major attack originating in China that's been acknowledged by the federal government since July. Then, the State Department said that Chinese attackers had broken into its systems overseas and in Washington. And last year, Britain's National Infrastructure Security Co-ordination Center (NISCC) claimed that Chinese hackers had attacked more than 300 government agencies and private companies in the U.K."

Chinese Hackers?

[IlliniECE]

Chinese hackers installing root kits? Are you sure they weren't Japanese (aka Sony)?

Meanwhile, at a government workstation...

[CompMD]

Hm...so this here purple panda bear says he wants to be my buddy and help me out on the intarweb. Sounds good to me! (click) Gosh I wonder why my workstation is so slow, almost as if its sending all its files to ch!@$!$JGOJ!THIS POST 0WNZ0R3D BY CHINESE HAXORS

Nothing real will happen

[frinkster]

The Chinese have been trying for years to lose that pesky Most-Favored-Nation status, and this administration is not going to give in.

It makes even less sense in TFA.

[khasim]

An August e-mail from acting Undersecretary of Commerce Mark Foulon quoted by the Washington Post said that BIS "had identified several successful attempts to attack unattended BIS workstations during the overnight hours." Last month, reported the Post, Foulon wrote: "It has become clear that Internet access in itself is a vulnerability that we cannot mitigate. We have tried incremental steps and they have proven insufficient."

What the fuck? Aren't they even behind a firewall?

Wouldn't a simple firewall "mitigate" that "vulnerability"?

How sure?

[fredistheking]

How can they be so sure that the attacks originated from China? Sure there may have been Chinese IP addresses involved but the attackers could have been anywhere. The chinese systems could have simply been compromised and used to cover the attackers tracks.

Its not about who did it

[in2mind]

Its not about whether the chinese or japanese did it. Its about whether the commerce dept knows enough to protect itself or not.

Another fake news?

[zitintheass]

There is no source cited etc. no example shown, no logs etc. only that "new york post" said that. If true, is that department admiting idiocy? Even simple rule on the router that restricts whole **ina IP block to only certaing data resources could do the job. Keeping us scary they want. Fear agenda again?

That's more true than you think

[Travoltus]

In the US, globalist free trade advocates would rather trade with people that are attacking us, than take the necessary steps to sanction them and defend our country from them.

They start throwing out off topic words like "protectionism" and "nativism", which when you ask them what it all means, alarmingly resembles "concern for national security" and "patriotism".

Ah, patriotism, that evil word. The notion that, just as caring for your family is more important than caring for someone else's, so is taking care of your country first.

Globalism. Another word for "screw national sovereignty, screw your own citizens, let's transfer all our wealth elsewhere". See: the national deficit and the national debt.

Re:That's more true than you think

[Travoltus]

1) If we continue to accept globalism, the US economy is ruined anyway. The global race for the bottom must eventually hit the rocks, because there is only so far wages can drop before the unrelenting cost of living becomes unbearable.

2) US companies already can't sell their goods abroad - or, more specifically, we're running a global trade deficit large enough to have its own gravitational field. Exactly what do we have to lose here?

3) US laws that tariff all goods made in sweatshop / undemocratic nations don't have that effect. If that law is put in place consistently, you can't undercut US companies in the US - not if you're Chinese, not if you're German, or British. Your rebuttal makes no sense - if Nike and its sweatshop operations moves to Singapore, they still have to deal with the tariff. If a Chinese Nike tries to undercut them, they too have to deal with the tariff. And if China decides not to buy any US goods... so what? We're in a deficit with them already! I propose that you don't even come into the US market unless you are an ethical player. Who's then going to undercut ethical companies in the US?

Oh, wait, offshoring to Europe won't hurt us as much because a) they also offshore heavily to us; and b) they have excellent worker protections and they're democratic.

4) Free trade with sweatshop nations / undemocratic regimes is going to ruin us any way. They're owning all our debt and they can also embargo us. (Oh yes, I know you think that despotic foreign nations can't embargo us. The 1970s and the oil embargo was all a lie. Sillyme.) Furthermore, we're transferring gobs of wealth to these monsters, impoverishing America and giving the world's most powerful enemies of freedom our cutting edge industrial capacity to boot. Germany should have sold us cheap shoes made of Jew labor, they would have won World War II with the help of the "surrender to globalism" agenda: there is nothing in your rhetoric that would provide for stopping them.

5) Free trade with nations that are attacking the United States will also lead to our annihilation. They can strike with impugnity, and others will follow.

Your theory is that fighting globalism leads to ruin. The facts say that giving into globalism leads to ruin anyway. I say die fighting; you say die in supplication.

looks like BIS workstations ..

[rs232]

"doesn't mean the hacked server wasn't using Windows, but there's also a good chance it was running Linux", xswl0931

It's not a server but hundreds of workstations. What OS do you think they are running on the desktop.

"Hundreds of computers must be replaced to cleanse the agency of malicious code, including rootkits and spyware."

"had identified several successful attempts to attack unattended BIS workstations during the overnight hours."

"The official also confirmed that BIS has limited Internet access to stand-alone workstations that are not connected to the bureau's internal network."

http://www.bis.doc.gov/ was running Microsoft-IIS on Windows 2000 when last queried at 7-Oct-2006 02:01:33 GMT

was Re:What OS? Looks like Linux

more than cheap labor

[zogger]

For the past several years china has been using their surplus cash to buy up resources around the planet, long term heavy deals in you-name-it, oil, natgas, various minerals and metals, etc. Manufacturing takes labor and energy and raw resources combined with an infrastructure that can combine those three things into manufactured goods then you need a shipping industry to move stuff in and out. You might be able to shift just the labor part in theory easily, but without the actual factory built and without the raw stock to feed it, it just sits there. To use an IT term, china has the whole stack. while everyplace else has been concerned with next quarter's profits, they have been working towards the next generation's profits. And they used a ton of free western resources and investments to accomploish this.

They got to be seriously laughing about it over there, how naieve and shortsighted the west has been to purposely kill off wealth producing for some relatively short term gains. That's what we have been primarily exporting to them, the ability to keep producing wealth.

Were government computers purposefully targeted?

[code65536]

My network, connected to the Internet via a vanilla DSL service from Verizon, logs tons of break-in attempts on various ports. Most of them are from Chinese IP addresses. And unless the Chinese government has waaaaaaaaaaaaaay too much time on its hands (they are barely able to keep domestic order right now, so I doubt that they'd give a damn about some home computer), I think it's safe to say that the attacks against my system are blind, automated attacks by regular hackers trying to steal passwords, financial/identity info, or to pull me into a botnet for things like spam.

So, in the case of the Commerce Department, are these hackers "Chinese" in the sense that they represent the Chinese regime (and are thus hacking for national interests)? Or "Chinese" in the sense that they just happen to originate from that part of the world (and are thus hacking for petty selfish criminal interests)?
- Given the prevalence of hackers hacking for selfish crimes (vs. for national interests), I would think lean towards the latter.
- If the Chinese government really wanted to hack the US government, they could've picked a more useful department. Like Defense or State. But Commerce?!?!
- Attacks originating from Chinese IP addresses are extremely common, mostly because of software piracy. Because over 90% of the Windows installations there are illegal, it is common practice for software updates to be disabled (you can thank WGA for that), and thus, a HUGE number of computers in China are zombies out on a mission to zombify (is that a word?) other computers.