Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chinese "Cyber-Attack" US Department of Commerce

Posted by ryuzaki0 on from the and-you-thought-your-weekend-was-boring dept.

Kranfer writes "The register has an article about how the Chinese have recently launched an attack against the US Department of Commerce. From the article: '...attacks originating from computer crackers largely located in China's Guangdong province are aimed at extracting sensitive information from targets such as the Commerce Department's technology export office. Security consultants and US government officials reckon the assaults have at least the tacit support of the Chinese government...' This is not the first time Chinese hackers have attempted to gain access to US Government systems."

5 of 161 comments (clear)

  1. Not Chinese by suv4x4 · · Score: 5, Insightful

    As mentioned before, the attack are most likely not from China at all.

    No decent hacker would leave traces from his own machine when he could easily use a zombie network to carry out the attacks and collect information.

    They keep claiming China, China, China.. I'm starting to think it's convenient for them to stick to that version for their own internal affairs.

    1. Re:Not Chinese by Shoten · · Score: 5, Informative

      Well, yes and no. There are a few problems with this hypothesis; one, and the most important of them, is that attacks have been conclusively back-traced to China. And yes, the guy who did it actually broke the law in the process, but c'est la guerre, non? The event is known as "Titan Rain," and it began with a series of targeted attacks against the Department of Energy. A computer security worker, in his spare time (and a wink/nod from the FBI) counter-hacked hosts that were the source of the attacks, eventually following the trail back to mainland China. There, he saw that the logins which executed commands were being performed locally, and that the devices were not forwarding pilfered data on to other hosts but were instead the repositories of that data.

      Other things involve the fact that when you see attacks from China, you usually get one of two kinds of hosts: you get a wildly unpatched Windows box that's being used as a bot, or you get a decently-secured (usually linux or *BSD) system that is doing some rather specific things to a specific target. And last of all, let's not forget that most of the seminal works on information warfare were written by Chinese military officers, and that it's no secret whatsoever that China actually does have a significant infowar capability. We have no rules of engagement that classify hacking as an act of war, so they can get away with it; what are we going to do, bomb them over it? They have the world's largest standing army, are a (increasingly) crucial economic partner, and we're already overburdened militarily with a two-front war where we've bogged down fighting insurgents. They do it because they know they can get away with it, and they're correct in that thinking.

      --

      For your security, this post has been encrypted with ROT-13, twice.
  2. Export Control, and the Information Age. by lwap0 · · Score: 5, Insightful

    I frequently work with the U.S. government to prevent export control violations in the defense contracting world. While I can't name specific countries, I can tell you that East Asia accounts for 34% of all attacks both cyber and conventional targeting U.S. Industry and government agencies (as of 2005). My peers and I agree that this is likely directly or indirectly sponsored by the Chinese government. And contrary to popular belief, about 90% of what they want is export controlled information, not classified information.

    Why export controlled information? Think about how much money it takes to protect classified information - guards, safes, alarm systems etc., it's a lot of cash, and it's damn secure. Export controlled information doesn't enjoy those same protections, just export compliance waivers to sell or ship said products overseas. As an example: Say we have a dual use technology, both military and civilian use - like jet engines. We won't sell it to certain countries we compete with both economically, and militarily, but they will do their very damndest to steal it, either by forging state department waivers, lying, stealing, black-mailing, hacking - whatever it takes. Why do they want it? To equip their jets to compete with ours on the battlefield, or to sell, or maybe even find it's weaknesses to compromise if we ever went to war with them.

    I'm willing to bet here that the network used to launch the attack was a University school network, which to most people seems pretty innocent - except that in China, all schools are state run and owned. Is it an academic institution, or an extension of the Chinese government? Likely both. In this instance, the Chinese government gets plausible deniability - they had no control over, or knowledge of any cyber attack. I'll don my tin-foil hat, and disagree with that assertion only because I'm jaded and cynical enough to know better.

    --
    I bring nothing to the table.
  3. Re:Block China From the Firewall by smilindog2000 · · Score: 5, Interesting

    That would really PO the Chinese. They hate it when we point at their miserable human-rights record in public. A better way IMO to deal with the Chinese is to work behind the scenes to get them to improve while publicly praising their efforts. IMO, Chinese culture cares much about 'face', a concept of honor that requires the appearance of respect, even if we bicker shamelessly behind closed doors. Bush routinely shows his ignorance of the Chinese by publicly lashing them, and then he gets bent out of shape when the Chinese retaliate with substance rather than words.

    When the Chinese accidentally rammed one of our surveillance planes was a great example. Bush immediately publicly blamed the Chinese overly-hostile pilots (who were, of course, at fault), and demanded back our plane and it's crew. The correct course would have been to call the Chinese first, and negotiate terms for getting our plane and crew back secretly. IMO, the Chinese can be far more reasonable if we agree to put on a face showing friendship, cooperation, and respect for each other. We could have agreed to publicly call it a freak accident, with no one to blame. That probably would have gotten our guys and maybe even the plane back far quicker.

    So, I think changing the web site to shame the Chinese government would be a bad idea. Instead, we should work with the Chinese behind close doors to solve the problem. Of course, that wont end Chinese spying on the US, nor will it end our spying on them. In general, I feel that it is good for world stability when we know the truth about each other. Fear of the unknown can cause major problems (like WMD in Iraq).

    --
    Beer is proof that God loves us, and wants us to be happy.
  4. Re:To everyone who says it can't be China by ObsessiveMathsFreak · · Score: 5, Insightful
    China is our enemy
    Depends on who you are.

    If you're a democracy and liberty loving citizen, then yes, the Chinese regieme represents oppression and injustice and stands against you and your way of life.

    However, if you're a corporate shareholder, or one of their shills in public office, then the Chinese regieme represents untold potential to shaft billions and make billions in the process. Ergo, you'll want to keep them sweet.
    --
    May the Maths Be with you!