Slashdot Mirror

← Back to Stories (view on slashdot.org)

Details Emerge On the 2006 Hacking of Congress

Posted by kdawson on from the by-party-or-parties-unknown dept.

The National Journal just published an article with details about the hacking of Congress in 2006, possibly by agents in China, though the attack's origin is uncertain. The article notes the difficult work of the House Information Systems Security Office, which must set security policies and then try to enforce them on a population of the equivalent of C-level executives. The few members who have called attention to the issue of Congressional cyber-security have been advised to shut up about it, by whom the reporter did not discover. "Armed with this information about how the virus worked, the security officers scanned the House network again. This time, they found more machines that seemed to match the profile — they, too, were infected. Investigators found at least one infected computer in a member's district office, indicating that the virus had traveled through the House network and may have breached machines far away from Washington. Eventually, the security office determined that eight members' offices were affected; in most of the offices, the virus had invaded only one machine, but in some offices, it hit multiple computers. It also struck seven committee offices, including Commerce; Transportation and Infrastructure; Homeland Security; and Ways and Means; plus the Commission on China, which monitors human rights and laws in China."

24 of 77 comments (clear)

  1. It had to be the Chinese by HBI · · Score: 4, Insightful

    Only a paranoid totalitarian state would waste time penetrating Congress. There's not much there that isn't accessible via the news. Anyone who had half a brain would target the Executive branch, where there is data that is not publically accessible.

    Silly commies.

    --
    HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
    1. Re:It had to be the Chinese by Chrisq · · Score: 4, Interesting

      Only a paranoid totalitarian state would waste time penetrating Congress. There's not much there that isn't accessible via the news. Anyone who had half a brain would target the Executive branch, where there is data that is not publically accessible.

      Silly commies.

      Or maybe they are hoping finding this will divert attention from the real stealth virus in the Pentagon.

    2. Re:It had to be the Chinese by HBI · · Score: 4, Funny

      Shhh. We can't talk about that, yet.

      --
      HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
    3. Re:It had to be the Chinese by morgan_greywolf · · Score: 4, Insightful

      Anybody could have hacked Congress for any number of reasons. Why did Mitnick hack the phone system? Why does anybody attempt to gain unauthorized access to systems they're not supposed to be messing with?

      Many years ago, when I was a youngster, people were doing it just to prove they could.

      --
      My blog
    4. Re:It had to be the Chinese by colfer · · Score: 4, Informative

      Negotiations over trade policy, for one thing, were compromised. What makes you say there's not much there? Congressional committees monitor all the executive agencies, and keep tons of confidential info.

    5. Re:It had to be the Chinese by zappepcs · · Score: 3, Funny

      Or maybe they just did it for the RuRz?

      There, fixed that for you.

      --
      Support NYCountryLawyer RIAA vs People
    6. Re:It had to be the Chinese by jandersen · · Score: 3, Interesting

      Only a paranoid totalitarian state would waste time penetrating Congress. There's not much there that isn't accessible via the news. Anyone who had half a brain would target the Executive branch, where there is data that is not publically accessible.

      How about some of your own, homegrown extremists and quasi-terrorists? Or for that matter, other members of Congress? No other country in the world houses so many groups of people with extreme agendas as the US, sadly: ultra-rightwing Christians, anti-abortionists, this-or-that rights campaigners, neo-nazis etc. There is no need to go abroad to likely braindeads who would hack into Congress.

      It seems more likely to me that people who do this are after finding personal information on the PCs of members of Congress, something that could be used for extortion.

  2. If someone had told congressmen... by ethicalBob · · Score: 2, Funny

    If someone had told congressmen that buying mass-quantities of Viagra (and Vimax!) from canadian pharmacies was a bad idea, they may not have been exposed to so many security threats...

    But what's a horny old-guy to do...

    --
    Politics will sooner or later make fools of everybody... - Dick Armey
  3. Proofs? by VincenzoRomano · · Score: 2, Interesting

    Any proof about the Chinese origin?
    Why not the Italian Mafia, the Muslim Jihad or whatever else?
    Sounds more like FUD than real investigation!

    --
    Maybe Computers will never be as intelligent as Humans.
    For sure they won't ever become so stupid. [VR-1988]
  4. The virus is DENIAL by Bob_Who · · Score: 3, Insightful

    Its simple folks - there is no such thing complete security. Its a negotiation. If you want a sterile network, then neuter it. Congress can be completely free of network attacks if they disconnect from the Internet, and reality....which defeats the purpose. Short of that I think its a fair assumption that information is a virus. We need to understand that on line is like a public restroom in a football stadium. Relative privacy is available, but don't write any important phone numbers on the wall.

    1. Re:The virus is DENIAL by jeffshoaf · · Score: 3, Funny

      Congress can be completely free of network attacks if they disconnect from the Internet, and reality....

      Half way there!

      --
      Putting the "anal" back into "analyst"...
  5. You would have to be a total idiot to believe that by WindBourne · · Score: 5, Insightful

    Congress overseas ALL of what is going on. That is THEIR job. If the old white house, Pelosi and Reid are dumb enough to use Window boxes, then a lot of information has most likely been sent to China. They will be aware of operations throughout the world (though not necessarily who is in them). Pelosi will have access to very UNIQUE information about NK, Russia, and China that will have been fed to her from CIA, NSA, and NRO. By having access to that info, somebody in CHina or Russia could narrow suspects down. In fact, China has been at this for over a decade. My guess is that they have BEEN narrowing the trap for a long time (or have them).

    It is a disaster to America and most likely to the west to have this information get out. Sadly, NSA has been usurp by DHS who is LOADED with total idiots.

    --
    I prefer the "u" in honour as it seems to be missing these days.
  6. Why was this modded down? by WindBourne · · Score: 3, Insightful

    The number 1 spy in America IS Chinese. They are VERY active. Nearly all of the spies that we have caught over the last 20 years, have been Chinese that are working in DOD or intel jobs who then send back data to mainland. The same is true in Canada, Australia, EU, and I suspect, Russia. Any place that has more advanced military secrets is being actively infiltrated.

    Worse, we are not just sending our goods over there and having them come back loaded with virus, we continue to do so even KNOWING this. You may not have liked the tone of the parent, but it was still accurate.

    --
    I prefer the "u" in honour as it seems to be missing these days.
    1. Re:Why was this modded down? by c0y · · Score: 2, Informative

      And #2 is Israel. It's time to cut off all aid to them.
      They seem to think we're their enemy, so I cannot fathom why we keep giving them billions of dollars every year.

  7. Why?... by whisper_jeff · · Score: 2, Interesting

    "...possibly by agents in China, though the attack's origin is uncertain."

    Why mention that it was possibly by agents in China when, immediately afterwards, you admit their origin is unknown? They could be agents from Russia. Or Iran. Or Canada. If you don't know, that means they could be from anywhere. Sure, it's fun to paint China as the badguy and gawd knows it's en vogue right now but, if it's unknown who was behind the attack, leave it at that.

    1. Re:Why?... by HBI · · Score: 2, Insightful

      It's known where the attack originated from. No one wants to reveal *how* they know that, so it's left ambiguous.

      --
      HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
  8. Re:You would have to be a total idiot to believe t by WindBourne · · Score: 4, Insightful

    LOTS of information gets out. Far too much. The names of many projects are known all over. What is not known is all objectives, who all is involved (typically, the top person who is running it is known), and all the results. But far too often, congress members are given and sometimes leaked information that does make it on their system. They pass it in emails to each other, etc.

    Yes, Windows is the surest sign of an easy compromise. Even this virus was designed for Windows. Nearly all the virus on goods coming from China are for Windows. It will remain that way as long as Windows is easy to crack and dominant. The fact that a number of EU countries, Russia, and China are switching their govs to Linux (and some mac) should have generated LOADS of virus for these systems IF it were easy. Do you see them? NOPE. Get past your silly prejudice and bias and look at the facts. Virus are written for easy targets that yield information.

    --
    I prefer the "u" in honour as it seems to be missing these days.
  9. Re:Made in China = poor quality by zappepcs · · Score: 3, Insightful

    Right now, thanks in large part to Congress, there are more reasons than quality. Doing a small project at home, I found a need for a jig saw. A trip to one of the local pawn shops netted me a nearly new Skil jigsaw that currently retails for about $90 USD. My cost? $30 USD. I cleaned the dust off, looks new. If you have the time, great source of other tools too. Quality merchandise lasts long enough to end up in Pawn shops. Found complete set of deep set impact wrench sockets - $14 USD. Can't beat that.

    If Congress keeps up what they have been doing, it will soon be one of the few places I can afford to shop.

    --
    Support NYCountryLawyer RIAA vs People
  10. It doesn't surprise me by CXI · · Score: 5, Informative

    We've had to deal with a number of government agencies where I work. It's not surprising they get hacked. The Defense Security Service, for instance, tried to force us to "get a .com address if you want to interact with our online tools, because .edu addresses are insecure". After laughing to their face it took three weeks to convince them they had no clue what they were talking about. They also asked me to contact them any time we saw "anomalous" traffic on our network. I offered to forward them a copy of the 90% of our packets that are anomalous, but they weren't amused. As another example, the State Department is basing export restriction management on broken Active X that requires users to be Administrators to use. :/ The list goes on.

    I was going to go check something on their site, and discovered that it's now running a self signed cert. *sigh* Check out the mission of DSS, and the irony is... scary: http://en.wikipedia.org/wiki/Defense_Security_Service

    DSS is tasked with facilitating personnel security investigations, supervising industrial security, and performing security education and awareness training.

    Doomed I tell you, doomed.

    1. Re:It doesn't surprise me by LordKaT · · Score: 4, Funny

      I once sent DSS a resume containing nothing but "penispenispenis" in all of the sections, and got a reply that I should come down and take their employment test.

  11. Thank goodness for an illiterate Congress! by Chriscypher · · Score: 2, Funny

    Imagine the potential for disaster if our elected officials were tech savvy enough to actual use technologies such as "e-mail" and the "world wide web" and that "http" thing!

    --
    "You have liberated me from thought."
  12. Re:You would have to be a total idiot to believe t by Hillgiant · · Score: 2, Insightful

    Congress overseas ALL

    I really think we need to cut back on this outsourcing craze. I am not convinced foreign politicians are any more efficient than their American counterparts.

    Oh, "oversees"? nevermind.

    --
    -
  13. Re:The US hacked itself? by mweather · · Score: 2

    Nixon had nothing on Bush. Nixon kept COINTELPRO hidden, and denied it's existence. Bush not only admitted to it, he defended it. We have secret agents infiltrating Code Pink for Christ's sake. Even Hoover wasn't that paranoid.

  14. Re:You would have to be a total idiot to believe t by juan2074 · · Score: 2, Insightful

    This is the beauty of the US Constitution - the founders know that governments are corrupt, and designed a government that would be difficult to completely corrupt (unlike a dictatorship, which while it could be clean, is easy to completely corrupt).

    And yet, our elected officials have found many ways to massively -- if not completely -- corrupt the government.