Chinese "Cyber-Attack" US Department of Commerce

Kranfer writes "The register has an article about how the Chinese have recently launched an attack against the US Department of Commerce. From the article: '...attacks originating from computer crackers largely located in China's Guangdong province are aimed at extracting sensitive information from targets such as the Commerce Department's technology export office. Security consultants and US government officials reckon the assaults have at least the tacit support of the Chinese government...' This is not the first time Chinese hackers have attempted to gain access to US Government systems."

Block China From the Firewall

[organgtool]

I was going to suggest blocking all traffic coming from the IP range of addresses from China, but they could easily circumvent that by using a proxy outside of China. Maybe the U.S. Department of Commerce could create a welcome message that promotes democrary and condemns the inhumane treatment of the Chinese government and have that message appear before prompting for the username. That traffic would probably get blocked by the Great Firewall of China. When your weapons fail to work, turn your enemy's weapons against them.

Re:Block China From the Firewall

[smilindog2000]

That would really PO the Chinese. They hate it when we point at their miserable human-rights record in public. A better way IMO to deal with the Chinese is to work behind the scenes to get them to improve while publicly praising their efforts. IMO, Chinese culture cares much about 'face', a concept of honor that requires the appearance of respect, even if we bicker shamelessly behind closed doors. Bush routinely shows his ignorance of the Chinese by publicly lashing them, and then he gets bent out of shape when the Chinese retaliate with substance rather than words.

When the Chinese accidentally rammed one of our surveillance planes was a great example. Bush immediately publicly blamed the Chinese overly-hostile pilots (who were, of course, at fault), and demanded back our plane and it's crew. The correct course would have been to call the Chinese first, and negotiate terms for getting our plane and crew back secretly. IMO, the Chinese can be far more reasonable if we agree to put on a face showing friendship, cooperation, and respect for each other. We could have agreed to publicly call it a freak accident, with no one to blame. That probably would have gotten our guys and maybe even the plane back far quicker.

So, I think changing the web site to shame the Chinese government would be a bad idea. Instead, we should work with the Chinese behind close doors to solve the problem. Of course, that wont end Chinese spying on the US, nor will it end our spying on them. In general, I feel that it is good for world stability when we know the truth about each other. Fear of the unknown can cause major problems (like WMD in Iraq).

Re:Not Chinese

[suv4x4]

I'd like to defend my viewpoint since I've been called, by some, an idiot and uninformed.

Consider you have to hack into Us givernment servers with confidential data. Even if you're not an incredible hax0r, it's obvious that if they find out about you, you're totally screwed. So the first thing you do, the MOMENT you grab the data, is cut the PC off the network.

Then encrypt and record the data on a mobile media (CD, DVD, Flash, whatever), and securely format the PC or even just destroy the original HDD.

Even before this, you'd turn off all possible logging activity, lock up the security, stop unneeded services, so that you can be relatively secure during the attack.

How is it that so much evidence in logs and what not was found on the "source" machines. This is WAY too much evidence. The contrast between the Windows hacked machines and the linux machines may be just a decoy to get the investigators stop tracing right there.

If the boxes were so secure, how did they get in there?

Why were the Windows boxes having "logs" of where the data was sent and so on. What kind of trojan would log their own activity on the compromised machine?

And the million dollar question is: how the f*ck they tied the Chinese *GOVERNMENT* with a Chinese *HACKER*... In fact, the first thought to occur to a government trying to hack into US's servers would be to hire hackers from another country to do it.

All the "evidence" presented is incredibly shallow and inconvincing if you try and put yourself in place of the people who did the attack.

Add to this the constant FUD that US spread that Lenovo puts spying chips in ThinkPads and similar conspiracy theories. It's apparent US find China a convenient target to blame, just the way they did with Iraq after 9/11.

Re:Not Chinese

[lawpoop]

"attacks have been conclusively back-traced to China."

How could one do this?

...you usually get one of two kinds of hosts: you get a wildly unpatched Windows box that's being used as a bot, or you get a decently-secured (usually linux or *BSD) system that is doing some rather specific things to a specific target.

Isn't the first thing that a hacker does when they get their hands on a decent box is apply all security patches so that *another* hacker cannot get into it? What's the point of co-opting a wide-open Windows box that anyone else on the net can use?

You're telling me that because it's a secured linux or BSD box doing specific things to specific hosts, instead of a promiscious zombie squirting spam everywhere, therefore it *must* be Chinese military, rather than random hacker from anywhere in the world (including China)?

How do you know it isn't a random hacker ssh'ing in (via a series of proxies, anonymous or compromised) to a host that they have secured for their own personal use?

Re:Not Chinese

Why is it as soon as something political is said on a POLITICS thread, everyone gets modded flamebait!?!? grrr...

Thats retorical by the way, yes I know why. Yes I've posted annon to avoid losing karma.

Lets solve this /. not perpetuate it. Its obvious people want to discuss politic openly. Its fairly clear to most what is simply meant to offend and what is meant to offer their side of an argument in a heated debate. But all too often mods are agender biased to the point of making a mockery of the system. How about no Flaimbate on politics. Politics is a heated issue! So modding everyone down for flamebaiting is nonesensical.