Slashdot Mirror
Chinese Hack Attacks on DoD Networks Coordinated
An anonymous reader writes " The Naval Network Warfare Command says that Chinese hackers are relentlessly targeting Defense Department networks with cyber attacks. The 'volume, proficiency and sophistication' of the attacks supports the theory that the attacks are government supported. The motives of the attacks emanating from China include technology theft, intelligence gathering, exfiltration, research on DOD operations and the creation of dormant presences in DOD network for future action. Onlookers warn that current US defenses against these attacks are 'dysfunctional', and that more aggressive measures should be taken to ensure government network safety."
Gee, ya think? China has more than a billion people. I know they're not all running around with shiny new laptops, but come on - this is akin to saying that the majority of low-temperature attacks on the United States come from Canada. Well, duh!
I can make the same "cyberattack" claims about my not-worth-cracking dedicated servers and the dinky firewall machine sitting on my cable modem, too, but that doesn't mean I'm engaged in a "cyberwar" with anyone. The majority of rooted machines trying to root mine are in China. Most of this comes in the form of automated attempts to bruteforce ssh, but I've seen targeted attempts where there's clearly a human on the other end of the wire.
While I don't doubt that DoD machines are probably being targeted intentionally, there's an overwhelming amount of garbage traffic coming out of central and eastern Asia, and it hits everyone. Nearly half of all my rejected SMTP traffic is from Chinese netspace, but most of it's trying to peddle western products to American consumers, the Chinese people have nothing to do with it. China's so full of compromised hosts that whoever's actually cracking DoD machines is probably sitting in an internet cafe in Milan, piping data through some rooted
Oh, and the next person to use "spear phishing" in an article is getting a swift kick in the nuts!
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
That's what you get for giving away jobs to other countries. They have the knowledge now and they are taking the initiative in bringing us down for good.
Time for the US to execute a "phased redeployment" away from the Internet.
Back to uunet or fidonet, where our bits can be safe.
Onlookers warn that current US defenses against these attacks are 'dysfunctional', and that more aggressive measures should be taken to ensure government network safety.
Sure... drop some bombs. What could possibly go wrong?
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
I am a civilian contractor for the US government, and I can guarantee that we are hit all the time with attempts to get into our networks on the secret and SCI sides.
However, I would like to know who these "onlookers" are... The defense measures (can't say specifically of course) that we take are plenty effective against all types of attacks we get. One of our top priorities is writing code that is solid and secure. We run scans (again, specifics are classified) nightly to test the security of our infrastructure and applications.
Whoever these "onlookers" are, I would love to hear about how THEY successfully hacked into our network instead of just criticizing with no actual knowledge.
The United States really needs to change doctrine to prevent these sorts of attacks in the future. An assault on government networks by a foreign country should be responded to like any other attempt to impair, hinder, or steal information from the government by a foreign country - with an escalating response based on severity from diplomatic rebukes, cyber counterattacks, sanctions, and ultimately military strikes.
"In God we trust, all others we monitor." -- Unofficial NSA motto
Like bombing the whole of China? (http://politics.slashdot.org/politics/06/01/27/18 57208.shtml)
Shouldn't this be expected? It's not as if this is a surprise. Their systems should be built from the ground up expecting every and any kind of attack.
It may also be possible that people from other nations route their hack through China.
But I guess it suits the political agenda of the US better.
1.3Billion chinese. Their detterent is pathetic, we could probably cripple it, and who gives a damn if they fry LA anyway? Take them down.
"Attacks coming from China, probably with government support, far outstrip other attackers in terms of volume, proficiency and sophistication" Government support of attacks on DOD networks is not a minor accusation. You would need a lot more evidence beyond potential motives and speculation to suggest that such an attack is government supported.
No sig for now.
From the targeted network? I can't think of any situation where having the Chinese needing to access DoD computers would outweigh the security risks of losing info.
Add a bunch of decoy servers full of porn, bootleg copies of GTA, images of Taiwanese flags, and anti-government rhetoric from the Chinese underground. When the attackers bring the loot to the attention of their bosses they'll be banned from coming back.
By creating a planetary network, mankind on Planet now has the ability to share information at light-speed. But by creating a single such network, each faction has brought themselves closer to discovery as well. At the speed of light, we will catch your information, tag it like an animal in the wild, and release it unharmed -- if such should serve our purposes.
I wonder how much China would complain if the NSA launched an attack against any confirmed hosts? If there is evidence that computers are attacking use, either live or as bots, can China make a real complaint about us protecting our interests?
http://bgcommonsense.blogspot.com
The DoD should create a firewall rule to automatically drop any packets it recieves from China, North Korea, South Korea, or any of those countries trying to root its machines. On my dad's dinky little small business network with one segment and 10 machines, I saw no less than 300 daily attempts to root the gateway via SSH coming from North Korean and Chinese IP addresses. Now, mind you, I use SSH to remotely administer the gateway. Naturally, the gateway is a secure BSD machine as I wouldn't dare front end a network with a Windows 2003 server. I was dismayed that, in these attempts, the attackers are getting a login and password prompt. Thank God syslog reported that no attempts got past that point. So, I made SSH listen to a non-standard port and added a PF firewall rule to drop ANY incoming connection attempts from Pacific Rim countries. I also checked to see if there were any strange binaries or daemons running and ran a netstat -n to look at activity and there was nothing suspicious. Finally, as an additional safety precaution, I decided I would add firewalls to drop the Microsoft ports in and outbound. Now, instead of reporting access denied, syslog reported copious amounts of dropped packets for about two weeks and then the attacks seemed to drop off altogether. Now I see one only occasionally.
It's all Dubya's fault because he's a war monger! If anyone else was president, China would be everyone's best friend.
You're mom was one.
US foreign policy sucks like a vacuum cleaner.
What's that you say, Skippy? Bonds? Deficit? Debt?
Hey... all the more reason to roll out the Los Alamos Lump-hammers!!
And I suppose you also agree that the many countries that USA does this to should also respond in the same way?
Oh, wait... you didn't seriously think America doesn't do exactly the same thing to everyone else, did you?
By 'hackers' do they mean people scanning their networks for machines with no firewall running PC Anywhere with default passwords like Gary McKinnon did?
..and you would attribute these supposed attacks to a specific state sanctioned effort...how?
Yes tit for tat has been proven to be sucessful historically, first proven in the school playground.
Dont sit in the cloud (internet) if you dont want attacked plain and simple, along with dont make yourself a target by being a world bully.
The 'volume, proficiency and sophistication' of the attacks supports the theory that the attacks are government supported.
Interesting, that would lead me to the conclusion that its obviously NOT government supported. Maybe we need to model the US government more closely after China's.
you can't win a war without starting a war
It's like their food: you hack away, but find you are not satisfied after a few hours and have to hack some *more* ;-P
Table-ized A.I.
I often find those postings one-sided. In this case,some posters are readily to advocate the USE of military as a result of this. We have the most sophisticated electronic and information warfare capability in the world and people just tend to pretend that we don't do this kind of information warfare everyday. And whenever other nations are "alleged" to conduct such, those ignorant people just ready to beat the drum of war.
Another thing is, as of now, China doesn't even need to fire a single bullet to beat the crap out of us if we decide to launch a war on them.
China currently has 1000 billion US dollar foreign reserve, that is somewhere 1/5 to 1/4 of ALL US dollar reserve held by foreign countries. At the onset of the war, China will have three options: one is conventional warfare, two is nuclear warfare, three is financial warfare.
Conventional warfare is something US would avoid, think Korean War. Nuclear Warfare is something both would avoid, unless the fat lady sings(the absolute last resort.)
At the beginning, we of course would bomb the crap out of their infrastructure and military installation, given our air superiority, as we did in Iraq. And China knows this and know they would not win in this course of action.
All they need to do is to make a threat or actually dump US dollar reserve on the international market.
Don't think this would happen? Brush up your knowledge of Suez Canal crisis of 1956. That was exactly what happened when British and French forces rapily withdrew after successful military invasion after Eisnehower threathened to sell US reserves of British pound and thereby to collapse the British currency. Of course the British pound was already under pressure after decades of British colonial expansions that spent a lot of money, not unlike the current US national debt of today. Most historians agree the Suez Canal is the major milestone of the demise of British empire.
When you have 25% of another country's currency on the market, that is a pretty powerful hand. All you need to do is dump all that at once onto the international market. It effectively and immediately collapses the US currency and the whole American economy. Do you think other countries will have the capacity and more importantly the willingness to buy those currency. Do you think other nations would be willing to lend us money by buying up treasury bills, knowing our money would be worthless on the market.Hell no. People all over the world will be dumping US dollar like crazy. US stockmarket will crash; there will be endless runs to the bank.
The economy as we know of will cease to exist.
Some people of course will doubt that China woud do this. But when you are been bombed crap out of you a-ss and you are getting desperate. Trust me, you'lldo anything.
This, my friend, is how the war between China and US will play out NOW. But very very unlikely to happen. It is like two big boys on the playground. Of course it is nice to be the only king of THE playground. But sometimes it easier to share it a little with someone as strong as you are. That is, the essence of international relation. Boy, I just hope we don't have some airheads in the administration thinking otherwise.
So for those people ignorant of economy and internation politics, you can stop making those senseless remarks. Brush up on your knowledge before making a fool out of yourself.
"My job is to pertect the American people from cyberattack. When we find IP packets that are in that country that are hurting our computers, we're going to do something about it. ... Does this mean I'm looking for a pretext to start a war with China? No. It means I'm trying to protect our computers. That's what that means.
.Hackers, go do this,. but we know it's a vital part of the Chinese government."
Despite our warrantless wiretaps, I don't think we know who picked up the phone and said
Secretary of States Bill Gates added "For the umpteenth time, we are not looking for an excuse to go to war with China. We are not planning a war with China. Yes, we do have contingency plans for wars with every other country in the world, but not China. And even it we did, we have not taken any actual final decisions to act on them in the immediately foreseeable future. We have just sent elint-equipped cruisers to the East China Sea, but those are just there to help Taiwan with its streaming internet video capacity."
In response to a question from reporters as to whether cyberattacks originating from other countries, such as Saudi Arabia, had been observed, Gates said "That's classified information. And besides, who cares? We're not talking about Saudi Arabia, we're talking about China."
"How to Do Nothing," kids activities, back in print!
Bullshit, that's for US people to be brainwashed by their goverment. To make them more acceptant and relaxed to US opposition to China and to comply with its future plans to cope with the China phenomenon. Don't believe to that bullshit. 95% of what you hear and read is artificial. Attacks happen all the time. Even to insignificant systems like honeypots, imagine DoD.. Furthermore, what's the proof for this? Who says that? The US goverment itself? You must be kidding. Bring the proof. You can't claim things up in the air. alex
Who said anything about a war? Just clamp down on trade policy, piracy, etc. Most countries have large tarrifs on China goods. We are the odd man out.
Table-ized A.I.
the military drove technology advances and used their money to get computer systems researched and built to their requirements.
Why aren't they running hardened clients on the inside? Why are they running systems against which phishing is useful? Why aren't they deploying advanced OS technology in which stealing a password or compromising a browser doesn't give away the entire machine?
Not to mention that the whole article doesn't make sense. Either the source IP addresses are in China or they aren't. If they are, why haven't they simply dropped all packets from China, and why are they so convinced that a Chinese IP means a Chinese attacker? If the IP addresses aren't from China, what is their reason for believing it's a Chinese-0wned set of machines?
Someone once posted me a rather hurtful letter from France once. It's only obvious that we bomb the shit out of the French postal service.
I think that's the sort of logic the OP is going for at least...
We didn't need a specific state sanctioned effort to invade Afghanistan and Iraq, why do we need it now?
Like what I said? You might like my music
you didn't seriously think America doesn't do exactly the same thing to everyone else, did you?
Yes, but we pray to Jesus before we do it. Makes all the difference.
Table-ized A.I.
When as the last time, or was there ever a first time, that the U.S. military publicly announce that we NEVER conduct any information warfare or surveillance on other nations? It is funny how we can do it, but others can.
This is the same thing happened when China destroyed a satellite a month ago. That technology is circa 1980s, we already did that back then. We can do it, but nobody else should.
...connected to the public internet in the first place. Most sensitive US DOD sites have armed soldiers guarding the physical gateways. They don't let the general public meander through the grounds. Yet they're doing exactly that with their computers.
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
This is most likely a coordinated attack by someone who wants US information (could be any country/organization in the world) and developed a botnet which happens to mostly reside in China, since China's computers tend not to get frequent security updates. The fact that the IP addresses are originating from China indicates that it's probably anyone but China.
However...China-bashing does score political points right now.
Why indeed?
And call me troll all you want but why can't they hack our
computers if they make them in the first place?
Years ago, a Japanese company found that a Chinese operative was attempting to steal info. So they fed her with their formulas for capacitors from the 60's. In particular, several formulas that were well known to fail after only a few years of service. Sound Familiar?
We need to do the same. China is bright enough to not run Windows in their equipment (frightening that USA does on our ships which will be used in defending Tiawan). But we can provide ideas/plans that we will not use or that we found subtly flawed. Basically, disinformation. I would be surprised if we are not doing just that.
I prefer the "u" in honour as it seems to be missing these days.
The amount of confusion and damage that this could do would be enormous. And it would have the added benefit (to the attacker) of leaving the hard assets (buildings, people) in place, unlike an actual war. These could be simply bought up later, rather cheaply.
There are different ways to root a country. Actual destruction is the most expensive and inefficent approach there is.
The real cause of these cyberspace attacks is that the U.S. government has actively encouraged them. First, the Feds have actually punished Government employees who have tried to stop these attacks. Read The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them) This is a variation on a common theme of the attitude of the U.S. government, unfortunately. Protecting the U.S. appears not to be a priority.
The second biggest problem is that the Federal Government has set up a hostile enviroment to discourage Security Research. Security researches are threatened with prosecution, jail time and civil lawsuits that can bankrupt them. The common occurance is when a Researcher reports a problem with a flaw in a product. There are no Safe Harbor procedures or provisions in any Federal law which allow this to happen so that society in general can benefit.
This has had a rather chilling effort on the IT industry as a whole. There is no safe way to study real cracking, so our students (and industry workers) really don't understand how the bad guys work. This also has the added downside that new technologies are developed without any real understanding (or even concern) of what the attack vectors are. MS Windows is the best known example. Javascript is the second best.
Had the U.S. implemented Safe Harbor provisions, we'd be in far better shape to deal with hostile attacks, throughout the entire industry.
While the offshoring of jobs has had an effect, without the above two points we'd still have this problem. Furthermore, if we had shored up and expanded our efforts in Security Research, we would be a lot more resistant to backoffice exploits.
It is also obvious that security can't be offshored. So if the Federal government had made security a priority, your original point would be moot.
The best way to predict the future is to create it. - Peter Drucker.
China is too lucrative a market, that American corporations are pressuring the US government to be lenient with China, despite of all the problems that you listed.
...etc.), and will probably be the next empire.
...
Some decades in the future, China will turn out to be a real and formidable rival (economically, geopolitically, culturally,
Meanwhile, instead of preparing for such a prospect, the US has forsaken the obvious means of combating terrorism, for example intelligence, infiltration, disruption, and targeted strikes, and went into a full all out war on two countries, draining its budget, increasing its dead, and earning it the wrath of much of the world.
Go figure
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
There are no atheists when recovering from tape backup.
Absolutely. The first thing the US should do is to sell the chinese president a presidential Jet that you pack full of hidden spying equipment:
9 642.stm
http://news.bbc.co.uk/1/hi/world/asia-pacific/176
wait... looks like you were doing that 5 years ago.
Don't kid yourself the USA doesn't do exactly this kind of stuff all the time. You still have guantanomo in plain view of everyone, does anyone really think you don't carry out covert cyber attacks on economics competitors? Every economy that size will be doing it.
I think the DoD has some people there they might want to be staying in touch with.
Yes tit for tat has been proven to be sucessful historically, first proven in the school playground.
Tit for Tat is the most successful strategy for the iterated prisoner's dilemma.
Granted, that is in a very simplified situation compared to the world at large.
Even in the schoolyard, though, it's more true than not. If you get bullied and you pop him in the nose *every time* and do not initiate violence yourself, then he'll tend to pick on easier targets. It worked well for me and I got quite a bit of practice since I moved so much as a kid that at the start of most school years I was the new kid.
Your network chipsets are made in China. Sometimes even the drivers for the chipsets.
Busted on both fronts.
man iptables
SIPRNet is mostly separate. From what I've heard, people aren't allowed to move information between SIPRNet computers and other 'insecure' computers at all.
Or perhaps DoD should have secondary network physically separated from internet, where workstations with important data are kept. We do. I'll not go into any specifics, but yeah, we do.
Thank god the folks that are in this field are more intelligent than that. At least the few that I've met...
Since when does 'proficiency and sophistication' lead one to believe a Government is behind something? -shudder-
An evil communist (government supported) hacker but wouldn't a greater volume of attacks be a bad thing? Surely it would make sense to find a single or small number of vulnerabilities and target them, rather than set off alarm bells by using a 'carpet bomb' approach?
I mean, come on. The military invented the internet. I'm sure with the professional level of paranoia with which the American military structure comes installed that there is simply no possibility that a bunch of internet hackers from China could have any effect whatsoever on the well-being of military security.
Which means only one thing. . .
This story is propaganda. The government wants the public to fear China and to herd people in whatever new direction they have planned.
Anybody who believes this crap is not just a fool, but a dangerous fool, because if you get enough fools believing in propaganda, you get wars.
Iraq was the result of too many fools not waking up soon enough. --And thank-you all for that, BTW. I remember a lot of fools cheering like crazy on this site and others when the troops were first rolling into Baghdad, posters here drunk on war and acting as though the whole thing was a game level of some Westwood production and that the troops would be home in 10 weeks and that it wouldn't end up being a multi-billion dollar Vietnam-esque quagmire which anybody with any real awareness could see coming from a mile away. You were FOOLS! The lies were obvious, and everybody and their dog fell for them. I hope there are fewer fools out there today. --If you were a fool and have woken up since then, THANK-YOU!!! If not, I hope you wake up soon. The world is screwed up enough without a cold-war with the Chinese!
However, based on the number of foolish responses to this story already posted on Slashdot, I don't see how we're going to avoid more dumb conflict. Few things make me angry these days, but fools making the same mistakes over and over when it comes to war and the lies which lead to war is definitely one of those things.
-FL
> The theory is that free trade will turn them into a democracy. So far its proven to be hooey.
This has never been the reason the U.S. promotes "free trade". You shouldn't repeat it without thinking about it.
Nonetheless it has been demonstrably true. Compare the China of today to the China the 1987 Tienamen Square incident, and that in turn to the 1969 cultural revolution. That nation is dramatically more free than it was, the government has had to significantly loosen its grip, and there is a rapidly growing middle and upper class who are relatively empowered with respect to their own affairs and the nation as a whole. There is a long way to go yet, but anyone who thinks China has not made improvements in freedom in the last 38 years is utterly blind.
Compare that to two more isolated / non-traded-with communist regimes: Cuba and North Korea. Cuba has at least received trade from everyone but the US, but isolating them from the US has made it fairly impossible to loosen Castro's stranglehold. North Korea has been totally isolated, and as a result still looks very much like it did in the 1960's.
Trying to force democracy/personal freedom before economic stability and freedom is there to support it generally leaves a nation that quickly descends back into dictatorship: compare Russia, where sudden democracy failed resulting in the "Putinization" of their fledgling freedom, and (probably) Iraq.
Economic reform has to come first: the Marshall plan worked because it spent fifteen years economically reconstructing Germany and Japan before letting them off the leash. As a result, they are both successful democracies that get along with the world today. We can't pull a Marshall Plan on China because we can't occupy them. But we can trade with them, and it is having an effect.
I stole this sig from someone cleverer than me.
So MS gives China the source code to MS Windows. China starts to attack all the flaws it finds. Government people scratch their heads and still say to use crappy closed source, proprietary, MS-Only software!
Now if the US government used mostly Open Source software, this would not be an issue. The code would be available. The exploits would be found. Fixes would come quick. Not only that, being Open source, the governments top programmers could just fix the crap themselves.
So why exactly does the US Government use crappy closed sourced code from MS? How much money is changing hands behind-the-curtains?
General, you are listening to a machine! Do the world a favor and don't act like one.
Most of it's trying to peddle western products to American consumers, the Chinese people have nothing to do with it
I think I know what you are trying to say, but your statement as written above is probably not accurate..
Most "western products" (including the USA's flag), that I've have seen say "Made in China" on the bottom/back. I would say there would be those residing in China who would be interested in bumping up sales through all possible means.
...a state of emergency and retain office indefinitely!
We could just have our own "great firewall" and stop all Chinese traffic. ICANN and the US could (perhaps should) just deallocate Chinese ip space. Make all Chinese ip addresses non-routable. That would also cut down on a bunch of spam and zombies too.
Does anybody have any legitimate reason to route to china, beside exporting jobs to the offshore factories (which is AFAIAC another good reason to shut down their IP space)?
Time to start looking out for our own interests and cut these jokers afloat.
Block all Chinese IP blocks on all critical infrastructures, except those intended to provide service to persons in China, e.g. embassy/travel websites. Next, roll out optional Windows Updates and the like doing the same for consumers. After all, aside from BitTorrent, most of us probably don't ever connect to Chinese IPs.
China goes out of its way to block the rest of the world, so maybe the rest of the world should do it a favor in return, and solve a security problem in the process.
Note: I am not suggesting the likes of Google, Wikipedia, or web hosting companies block Chinese visitors.
Everybody knows that all of this is - of course - merely a part of fighting terrorism, since industrial and military espionage require different, more sophisticated and technically more complex and costly measures. Calling any of these measures disproportionate is considered heresy.
Sarcasm aside: protect your networks, or prepare to be hacked.
I hope I didn't brain my damage.
Fear: "..Chinese hackers, who are constantly waging all-out warfare against Defense Department networks, Netwarcom officials said."
Uncertainty: "And although it is impossible to confirm the involvement of China's government, the attacks are so deliberate, "it's hard to believe it's not government-driven," the official said."
Doubt: "Current U.S. cyber warfare strategy is dysfunctional, said Gen. James Cartwright"
Emphases mine..
And here comes the trump card - invoke 9/11: "It may take a cyber version of the 2001 terrorist attacks for the country to realize it must re-examine its approach to cyber warfare, he added."
What else is this article but FUD? I'm all for staying vigilant and keeping potential evils at check. But running around spouting rhetoric in order to prepare the public for yet another war is just the wrong thing to do. The Chinese government doesn't have people run around stirring fear in their populace with slogans like "Be afraid of the US, be very afraid!". Remember, it's not nations like China that waged wars on foreign soil the last 50 years - it's countries like the US who did that (in the name of "peace"). And why is it that this war rhetoric always seems to come from the same sort of people?
Where are you intelligent people when your country really needs you?!
SCNR...
Not even addressing how many of these have Internet, and how many of those are "sophisticated" users, we're talking about Chinese government hackers here. How many Chinese there are is irrelivent.
If you want news from today, you have to come back tomorrow.
It always bothers me when people compare Iraq and Vietnam. Have you checked the casualty rate between the two? Don't get me wrong, 3000 American combat casualties is nothing to sneeze at, but in 1968 alone there were 14000 soldiers and Marines killed in action. So basically, you're an idiot who chides people for being sheep and going along with the popular "let's go to war!" sentiment while being a sheep and going along with the "Let's bash the war!" sentiment, using the same "It's another Vietnam" line of bullshit as all the other sheep. Congratulations.
I bet the Chinese hackers love seeing that tag on slashdot.
Fortune favors the bold.
why posts like this get modded to 2?
...like the one you've made today, I wish they had a "+5 Flamebait" rating on /. Sometimes the pot needs to be stirred.
When Nero burned the coliseum and blamed the fledgling Cristian faction, many people knew it was a red herring and yet did nothing while thouseands were tortured and killed. Flash ahead to 1933, the Reichstag fire in Germany. During the Leipzig Trial, the German officials blamed the communist party for the fire, though it is widely believed that the German government itself started the fire to justify a war. Cue world war 2. The year is 2001: several steel buildings supposedly collapse from fire damage, of all things, though a steel and concrete building has never collapsed from fire damage in the history of the world. The alleged culprit? Generic terrorists from the Middle East, with substantiated connections to the US government. Look where we are now.
Being passive is the same as being permissive. If we are not actively opposing these tactics, it's the same as supporting them. And like our predecessors, history will judge us harshly.
Really? Every huge corporation out there is transferring their crown jewels of high tech research to them, *gratis*. Every big manufacturing factory is closing shop, and in a lot of cases, crating up the machine tools and sending them there. We are telling domestic techs/engineers and scientists that they will shortly not even be needed, as they will be replaced "cheaper", and guess where? And yes, this means defense contractors as well, serious major high tech transfers go on daily, and if not directly, then to israel, where they get away with re-selling it. Oh, *rewarded* with further financial aid to boot. Every huge research university in the US has a plethora of Chinese students. They are undergoing brain wipes before they go home? I don't think so...
Give it up! This is a big fat joke! there is no "national security", we've even given up national sovereignty, they don't care about the borders-nothing, just their wall street profits, no matter what it takes. Most gain in the shortest period of time, that's all, nothing else matters to them.
It doesn't matter any longer. The US has been sold down the river by the profits at any costs globalists, they dig that chinese two class society fascist model, full technology with full totalitarian control. Maximum money and maximum power, what megalomaniacs always strive for.
It makes no difference if a few low level DOD computers get hacked, all they are doing is verifying the info *they already have been given* on a silver platter by the "bottom line" globalists and their sock puppet toady politicians.
First and foremost, Americans aren't the only people losing their lives in Iraq. Racism is for fools.
Second of all, we are talking about a government which we know lies as a matter of course. So taking the body counts they offer as proof in any sort of argument makes little sense. --Having learned from their experiences with Vietnam, the government now conceals the number of U.S. Service people wounded or killed in Iraq. There have been more than 3000 American casualties.
Consider also that a significant part of the war is being fought by 'private contractors' (a fancy name for mercenaries) whose deaths are not recorded by the official stats and whose own public records are almost certainly false.
Body armor has also improved much over the last thirty years. Many of the same kinds of wounds received in Vietnam led to death whereas we now have thousands more American kids coming home missing arms and legs than we did from Vietnam.
Thirdly, just because the official casualty statistics in Iraq and Vietnam do not happen to match on the front page of the New York Times does not mean that the two wars have no other significant parallels. Those who cannot see the parallels are either blind or are deliberately not looking.
Fourth, NONE of this discounts my primary points; that propaganda and ignorance on the part of the populace are what to war. --We are now seeing the same tactics with regard to China. These are my main points.
Fifth, and finally. . . You say that bashing the war is sheep-like behavior. Sorry. Wrong. The war was started by those who were blind and foolish. The Administration lied. This is an uncontested fact. (Or rather, the facts are only contested by fools who cannot see reality when is is posted directly in front of their noses. Not even the Bush Administration is trying to sell the WMD's line of bullshit anymore. Not that it matters; fools are willing to accept any new lie which they put forth.)
Sheep are NOT those who see the lies and refuse to believe them. Seeing a lie
There are only so many computer experts inside the FBI.
If most of them are doing police work to stop people from trading music online, how many are left to actually, y'know, do work to protect and secure the U.S.?
The corporation's first and last concern is profit. If the FBI makes them more profitable, good for them.
Bad for the rest of us.
It's time to stop the FBI from being the investigative arms of the RIAA and MPAA. It's time for them to do the work that we expect them to.
Stating the obvious earns a troll rating?
Perhaps the comment doesn't deserve remarking upon, and it certainly doesn't deserve to be 'modded up.'
C'mon, troll rating though?
Whatever.
~
I hope you're not French....
-- Posted from my parent's basement
As a webmaster for several popular sites, I can attest that most probes\hack attempts\spambots come from net-blocks within China. I do wonder if it is a trick to get all of us to block all China traffic, so that it helps the Great Firewall?
OMG, this is gonna be *SO* *MUCH* *FUN*! I'll just bounce off of 7 random zombiefied boxes in China, and keep on attacking US .gov stuff. I can start a freaking war. How cool isn't that!
Bhahahaha.
You want to start a war with china.
Bhahahahahaha.
Oh man that's rich. Haven't the republicans learned anything from iraq?
evil is as evil does
If the US Federal government wants to get serious about cyber-security, they should refrain from firing competent staff such as Shawn Carpenter for doing their job. Current US law hinders counter-intelligence operators from gathering information and countering these attacks, since it is illegal to gain unauthorized access to the perpetrators' machines!
This means that security personnel who are doing their job to combat these attacks risk losing their job and even criminal prosecution.
Although Shawn Carpenter lost his job at the Sandia National Laboratory, he was eventually awarded $4 million for his termination which was found to be"malicious, willful, reckless, wanton, fraudulent or in bad faith."
The US intelligence community and Federal beaurocracy needs to wise up. National secrets are leaking like a sieve while the shortage of qualified operators continues to increase, and the beaurocrats are too busy covering their asses and fighting turf wars to do anything about it.
If you can prove they're government backed, drop the gateways to China flat. It'll make some U.S. businesses scream, and maybe make them less likely to spend money in China. India has almost as many consumers and they speak English (sorta).
the major advances in civilization are processes which all but wreck the societies in which they occur - A.N. White
China is our single biggest enemy on the face of the Earth right now. Lets face it, Iraq, and what soon will be Iran are cakewalks compared to what we will go through with China.. (Yes, world war 3 will involve the USA, japan, south korea, and taiwan, and other allied countries, versus China, North Korea and possibly Russia)..
Now I was once taught by a wise government official that EVERYTHING we do militarily is a diversion from what is really going on. That means, when we are in Iraq, that is just a front for the American people and the media to divert attention away from what they are really planning at the time. At this point in time, I am sure much covert action against the Chinese and North Korea is happening along with Russia. China has nukes that can hit our homeland, these other petty countries are respectable countries, but are 3rd world with militaries 60 years behind ours technology wise. China has 1/3rd of the USA's military budget. That amount of warfare money is no joke.
After the Iraq WMD fiasco I don't trust the US to know its ass from its elbow when it comes to these sorts of things.
The standards of evidence are obviously so low that nowadays all you have to do is imagine a threat and suddenly it's real and all sorts of circumstantial evidence points to it being true.
I get FAR more attacks on my non advertised private ftp. THERES NO ADMINISTRATOR USER FUCK OFF!
Most are from china or the jackasses at koreanet. I dont think the us has near as many compromised computers as people say. I would guess that most american ISPs would disconnect users (except for comcast of course). You cant even talk tot eh chinese mail admins to tell them theirs a problem. Look at a koreanet IP whois. The only symbols that are english words on that page are the copyright notice and the words koreanet. Everyone should at least post their whois in english.
Every Chinese connected to DoD computer and tried logging one password. After one million tries DoD computer agreed that password is 'Mao'
Barely started reading article. Ain't finished yet but, I couldn't help think about what I saw over at Snort.Org I was looking up numbers today. Anyway, it's this funny graphic on the top left of the page. http://www.snort.org/images/home/snortorg_yearofth epig.jpg
Year of the Pig. Today is the Chinese year of the pig. Is this some kind of demented geek humor? Now stop hacking government servers China. Bad China. Bad. And dear government, your security will improve, once you throw out and lift the security clearances of all that corruption, and bush shills who don't even know how to do the job they're in.
to compromise a Chinese government computer, they like to use Red Flag Linux, which is set up to log you in as Root with no password by default.
... nuke the entire site from orbit. It's the only way to be sure.
--
Good advice is something a man gives when he is too old to set a bad example.
"Why are they running systems against which phishing is useful? Why aren't they deploying advanced OS technology in which stealing a password or compromising a browser doesn't give away the entire machine?"
They are probably deploying vista as we speak, that will fix her right up...
Got Code?
Citizens behave yourselves or China the bogeyman will get us.
I bet you the Chinese Gov has better things to do than to start fights with the US (in contrast the US seems ever willing to start fights with everybody).
What does the US have that China _wants_ and can't make or copy within 5-10 years? There's no rush really (the rapid growth is starting to hurt already). China already makes most of the US's high tech stuff except for the military stuff. And the benefits of those military stuff are debatable nowadays - given that the US has the strongest conventional military force, if China wanted to hurt the US, using military might would be stupid eh?
So where is the US weak? The US is very dependent on the free flow of goods and financial services/commodities.
China's Central Bank is probably the number 2 largest holder of US bonds/securities (after Japan). If China wanted to hurt the US, China could just cash out their US bonds and take the hit. China has basically been lending the US money to buy Chinese stuff (it's almost a Ponzi scheme).
Financially blowing up the USA will hurt China a lot as well (who are they going to sell stuff to then?). BUT, the hurt might be tolerable in the future if the EU, the Pacific Rim and other countries grow enough to reduce the impact.
Would they do it? The thing is currently the average US citizen is spending >100% of what they make, the US Gov is spending lots in Iraq etc. So the odds of the US blowing up just by itself aren't that low either. China might just decide that they might as well start pulling out financially from the USA at a known point of time and risk blowing up the US, rather than wait and potentially have it happen at a more inconvenient moment.
If there's any Chinese Gov supported hacks of US DoD machines, it's probably done for _self_defense_ reasons, not because China wants to be a threat to the US - more because the US is a threat to China (and other countries). It would be useful to see who the US are really thinking of attacking next and so on.
Exactly- wait until all the Chinese compnies start trying to sell their iPod knockoffs here (Meizu already started), then the US (or more likely, the US with a large push from Apple) will start doing something about China .
OSx86 FTW
Political theory designates the Madisonian Republic (the government of the US) as a form of democracy. Likewise, parlimentary republics may also be called democracies. Justification: these republics form a subset of representative democracies, whereby the public directly or indirectly elects officials to represent their interests within a legislative body. That legislative body is responsible for creating (and, in the parliamentary model, executing) laws in accordance with the interests of the public. Note, however, that a republic merely designates a government whose power is derived from the people (usually through social compact). The effect of this being that while the Madesonian model requires a republican government to exist, the parliamentary model does not. For more information concerning this, one could compare the UK's Magna Carta to the Federal Constitution of the USA. The Constitution derives its powers from the people ("We the people..."), while Magna Carta defines rights granted to the people from the monarch. Both are democracies, but the UK is not (by definition) a republic. You may have intended to mean that the US federal government is not a direct democracy, but what you said is a far cry from that interpretation.
I realize at this point that no one will probably read this post. Nevertheless, as the original poster, I feel a bit insulted that people blew my comment into something that is not. I never said nor insinuated that we should go to war or escalate to war with China, my comment was much bigger than that.
As someone who has a degree in security studies and works in this field, I understand the importance of doctrine. I never once said we should do anything, I said the United States should change its doctrine. That is a world of difference.
The international system, ultimately, is an anarchy - power is the only thing that keeps it in check. Often times, these days, power is exercised collectively and through international institutions (UN, NATO, etc). Nevertheless, the ultimate arbiter of whether states "behave" or not, is who has the biggest stick (both hard and soft - hard power is military power, soft power is mostly economic power but has been extended to mean cultural and diplomatic power as well). The UN Security Council holds the weight of law only because it is assumed that the five permanent members - the U.S., Britain, France, Russia and China - collectively about 90% of all power in the world - will back the resolutions up with their power. All states want more and must constantly protect their turf. Power is most often exercised as an implication - the U.S. is important and holds weight in the international system because of its power - it does not need to exercise it regularly for everyone to listen to them.
The Department of Defense can often use doctrine as a deterrent. The very act of putting a documented response on the books from a state as enormously powerful as the United States can often dissuade states from even testing them on whether they choose to follow through with it. As an example, during the Cold War, the United States had a doctrine of nuclear retaliation for a conventional Soviet attack against Europe. Given the potential costs, the Soviet Union chose never to test the United States' resolve on that doctrine.
In this case, an established doctrine for responding to organized assaults on military computers could have a similar effect. The Chinese pale in comparison to current U.S. power. If China persists in its assaults, and I can basically guarantee that these are really state-to-state level attacks because it is well known that China conducts these operations globally (and yes, while the U.S. does conduct these operations, it is widely perceived that China does so much more often and much more intrusively/obviously), then having a doctrine may prevent them in the future. Once the doctrine is in place and we leak it to China intentionally, they launch a cyber attack like always - then we respond as per doctrine - say, by a public diplomatic rebuke. They persist, and we follow the next thing the doctrine tells us to do - say, launch a cyber counterattack that disabled some state computers for a day. China will not persist, because the potential costs of escalating further outweigh the gains of launching the attacks in the first place.
The international system is not a big campfire circle of people singing songs and playing nice, it is a constant game of chicken. Ninety-nine times in one hundred, the mere threat of the U.S. looking at a state in an unfavorable way will get them to behave in a friendly and acceptable manner towards it. The United States, like any state, has to protect its turf.
"In God we trust, all others we monitor." -- Unofficial NSA motto
A Horse ... of Course
... after the fact.
... The book, your new thriller is called "Break Point," set in the year 2012, a kind of asymmetrical warfare is prophesied here, dismantling of global communications, information systems. How about this, just out of the blue, a week ago China shot one of its old satellites out of orbit. Is this a cautionary tale or is it informed fantasy, or how would you describe it?
We're so good
Cleanup on isle 9.
A lot of our security people and experts in critical fields are now writing "thrillers" to get their messages across so they don't have to fend off the legions of second rate gun-slinging pundits.
(See comment about "chapter two" - PRICELESS)
Countdown with Keith Olbermann
Jan 22, 2007
http://www.msnbc.msn.com/id/16771741/
OLBERMANN: Joining us now with his own intelligence assessment Richard Clarke, top counter-terrorism adviser to presidents of both parties, chairman of GoodHarborReport.com, and now author of the new techno thriller "Break Point."
Sir, great pleasure to have you here. Pleasure to meet you.
RICHARD CLARKE, FORMER COUNTER-TERRORISM ADVISER: Great to be on. I love your show.
OLBERMANN:
CLARKE: It's meant to project us forward into 2012 so we can start thinking about the issues that I think we'll be facing then. China blowing up a satellite occurs in chapter two. I think we need to think seriously. There's a whole series of issues, Keith, that the administration is ignoring because it's playing hardball, and 99 percent of the time is worrying about Iraq. And that's sucking all of the Oxygen out of the room.
One of the many things that it's ignoring is cyber security. And everything we do depends on the security of cyber space. The administration is doing nothing to secure it.
OLBERMANN: Are these easily managed problems right now, that you address?
CLARKE: They're not easily managed. China is building cyber warfare units. The Chinese general said publicly that if we get into hostilities with the United States, we will reach out through cyber space and turn off the American electric power grid. From what I can tell and what I learned when I was in government, that's possible.
OLBERMANN: If we don't do it first with another blackout.
--------
Former U.S. Cyber Security Czar Richard Clarke Discusses Data Security
Richard A. Clarke, Chairman, Good Harbor Consulting, LLC
http://www.goodharbor.net/about-clarke.html
http://www.comnews.com/cgi-bin/story.asp?story=73
Featured speaker Richard Clarke, the internationally recognized expert on security - including homeland security, national security, cyber security, and counterterrorism - shared his views on IT security threats faced by Fortune 500 companies today and new threats on the horizon. Among Mr. Clarke's key observations were:
Today's IT security threats are increasingly focused on stealing valuable data. In this environment, relying on outdated measures like focusing exclusively on perimeter security is insufficient.
Corporations vastly underrate the value of data within the enterprise. While much of the media has focused on consumer credit card data and social security numbers, the theft of proprietary company information can be just as damaging. Organizations must begin to recognize the value of sensitive data stored in a corporate database like pricing models, customer billing and payment information, trade secrets, and valuable R&D intellectual property.
The risks from data leakage, cyber terrorism, and industrial espionage are real. To stay ahead of these threats, corporations must act quickly and decisively to know what risks exist within their enterprise; harden their existing IT infrastructure; and monitor ag
~hylas
"I never said nor insinuated that we should go to war or escalate to war with China"
Yes you did.
"The international system is not a big campfire circle of people singing songs and playing nice, it is a constant game of chicken."
Of course not. Like you said you are either the fucker or the fuckee. We are soon to become the fuckee as china plays us like a rag doll with their two trillion dollar surplus of US dollars. All they have to do is to exchange those for euros and they will collapse the US economy. So this means we can't do jack shit to them except to kill them and they can kill as just as easy.
evil is as evil does
You think that the dictators in Peking would understand that.
So much for the Interstellar Ark:
2 14.shtml
http://science.slashdot.org/science/07/02/18/1359
Only when humans decide to get out of and deprive governments and wealthy of the "defense" industry will humans have money and worthiness of being allowed doe DESERVE an interstellar ark.
Elevating Chinese attempts to breach a DOD (or any government) database to the level of military attack is just ASKING for excuses to wage war. Since vastly many interconnected ties exist in economics, land, and employment schemes, traditional war would be immensely devastating not only to average workers but to the wealthy land owners, property owners and even the high tech companies.
I call madness. Oh, and don't forget the US DOD is probably running stealth "attacks" on Chinese, Russian, French, Canadian, Australian, UK, Venezuelan and innumerable other nations' databases and networks, friend and foe alike.
remember, there are at least to sides to every story. Stop making Chinese out to be the big bad guy. Any nation with something to fear will do what China is known to have been doing for years, and what many informed as well as ignorant "red-blodded 'merkuns" overlook when the US is exposed for doing the same things. In the end, it's specious, corrosive human conduct. If all these people focus on poverty, disease, hunger, underemployment, and other things (like lessening the causes of reactive terrorism), then maybe we can concentrate as a collective on pursuing interstellar travels.
The database and network attacks will be less of a problem if the networks are not accessible via internet junctions. More honeypots need to be set up, more honeynets need to be spun off, and less classified information should be available.
Hell, I suspect that these things HAVE been done, and that the reports many of you armchair politicos (you know who you are-- just informed enough to be barely credible) and the rest of us see are the "leaked" stuff which was generated from logs of Chinese (and other nations') penetration attempts and successes against honeynets and honeypots, and the reports are just mostly useful for facilitating creation of domestic antipathy toward or or mistrust of the Chinese, or whomever is the boogieman of the quarter.
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Nah, Portuguese. America's not exactly very popular in Europe, but I live in America right now and it's really not that bad. I just don't want another war.
Btw, sorry if my comment offended you. Apparently it did. Sorry.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C1 bottles of beer on the wall. Take one down, pass it round... Oh, umm...