Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chinese Hackers Targeting NYPD Computers

Posted by timothy on from the everyone-wants-a-bite-of-the-apple dept.

Mike writes "A network of hackers, most based in China, have been making up to 70,000 attempts a day to break into the NYPD's computer system, the city's Commissioner, Raymond Kelly, revealed Wednesday. Kelly suggested that 'perhaps it is because of the NYPD's reach into the international arena' that they are being targeted for computer hacking 'in much the way the Pentagon has been.' The hackers are apparently using a botnet to make up to 5,000 attempts a day at various unsecured portals into the NYPD's files. China's foreign ministry spokesman Qin Gang denied involvement in computer espionage. 'Some people outside of China are bent on fabricating lies of so-called Chinese computer spies,' he said last month. The obvious question is, why are the Chinese so interested in the NYPD computer network?"

16 of 212 comments (clear)

  1. Track an IP? by x_IamSpartacus_x · · Score: 5, Funny

    Someone should create a GUI interface using Visual-Basic to track an IP!

    1. Re:Track an IP? by TheRealMindChild · · Score: 5, Funny

      Don't hate! Visual Basic has always been great for creating GUIs. Just there are people who decided to write their code in it too

      --

      "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
    2. Re:Track an IP? by timeOday · · Score: 4, Insightful

      Wait a minute, you want to ban the world's most populus nation from the Internet until they get rid of botnets? No country on earth has done that. So I don't see how you can attribute the attacks to China. For that matter, we already know there are compromised computers everywhere, so why would somebody originate attacks from their own land? Or am I not giving network forensics enough credit here - can they actually tell where an attack ultimately originates? I doubt it.

  2. Foreign Ministry Spokesman by Toonol · · Score: 4, Insightful

    I like how the summary quotes the minister Qin Gang as denying any involvement, and then immediately goes on to ask "The obvious question is, why are the Chinese so interested in the NYPD computer network?".

    Hey, I'm sure he's lying too...

  3. They're not... by Thelasko · · Score: 5, Insightful

    The obvious question is, why are the Chinese so interested in the NYPD computer network?

    They're not. The bot herder is probably in New York, and controlling the bots by tunneling so it looks like he/she is in China.

    Haven't you seen the movie Hackers?

    --
    One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
    1. Re:They're not... by Red+Flayer · · Score: 4, Funny

      Oh, come one, that's just what they want you to believe.

      It's actually the Chinese pretending to be a New Yorker pretending to be the Chinese business mafia.

      It all comes down to logic. Are they the kind of criminals that would initiate the attacks from someone else's IP address block, or have they deduced that we would see through the ruse and would therefore host the attacks from their own IP address block?

      It appears we have made one of the classic blunders, which is never get involved in a technical war in asia.

      My guess is it's probably someone looking for inside information on investigations of financial companies in New York. That's where there are hundreds of millions to be made.

      --
      "Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
  4. the real reason why there were so many by TheGratefulNet · · Score: 4, Funny

    is that once they hacked the computer systems, an hour later they needed to hack it again!

    /sorry

    --

    --
    "It is now safe to switch off your computer."
  5. I just block most countries by rackserverdeals · · Score: 4, Informative

    They should do what I, and others do. Just block all traffic from certain countries.

    With most of my sites, I'm not interested in international traffic and all I get is spammers and content scrapers. I cam across this tip on blocking spammers and scrapers using IPFilter on Solaris and just update my ipf.conf file from time to time if I notice anything strange coming in, which I check from time to time. I also grab lists of ip ranges to add as well.

    While it bothers me a bit to limit access to sites in principle, I really don't get any benefit from international traffic that outweighs the nuisance of the few that ruin it for everyone else.

    --
    Dual Opteron < $600
  6. Obvious questoin by Spazmania · · Score: 5, Insightful

    The obvious question is, why are the Chinese so interested in the NYPD computer network?

    No, the obvious question is why are the NYPD's computer people so dumb that they're reporting the generic, worm-generated port, web and ssh scans that everybody sees from China and everywhere else as an out-of-the-ordinary hacking attempt?

    --
    Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
  7. Yeah that seems REAL LIKELY by phantomcircuit · · Score: 4, Insightful

    Right people in China are attacking the NYPD computer systems.

    That seems way more likely than people in NY using proxies in china.

  8. The Secret Stash! by tnk1 · · Score: 4, Funny

    The Chinese are trying to find out where the best and tastiest donuts in the NYC area are located.

    Unfortunately for them, I happen to know the information they seek is loaded on an air gapped mainframe in the heart of Police HQ which is guarded by automatic defense systems and can only be accessed by the Chief of Police and Rudy Guiliani.

    Yeah, they forgot to update who the mayor is... this is the police here, not the NSA, okay?

  9. It's the Triads! by GPLDAN · · Score: 5, Funny

    It's criminal overlord Mandarin, controlling his gang of Triads from an underground bunker that can only be accessed via secret door in the base of the Statue of Liberty.

    It will take an epic alliance of Tony Stark and Peter Parker to put aside their past differences, fighting over the woman they both loved, and both lost, to put a stop to this criminal masterplot to end the world as we know it.

    Starring: Jackie Chan as the Mandarin
    Zac Efron as Peter Parker
    and Robert Downey Jr. returns as Tony Stark.

  10. That's so cute! by jtownatpunk.net · · Score: 5, Interesting

    Awwww. The NYPD thinks they're special. :rolleyes:

    I must be special, too, because I log tons of probes. Hundreds, sometimes thousands a day.

  11. the NYPD ain't special by Lord+Ender · · Score: 5, Insightful

    Any company with ssh or, really, any common password-protection scheme exposed to the net is going to see thousands of brute-force attempts per day. The majority of the botnet may be in China or Eastern Europe, but that does not indicate that the actual hackers are either Chinese or Russian. It just means those countries have crap IT security overall.

    There is nothing special to see here. The NYPD is inflating its importance, probably for more funding.

    --
    A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
  12. I don't know that I'd block based on country by Sycraft-fu · · Score: 4, Insightful

    Just based on ISP. Some ISPs are just massive trouble spots. They don't care what their users do and don't respond to complaints. Now, that will mean blocking some countries, like China, since their state ISP is a problem spot.

    I really think that we need to start just shutting off people who won't play nice on the Internet. I'm not talking demanding perfection, but there are massive differences in ISPs. I work for an ISP, effectively, working for a large university. When we receive a complaint about a computer doing bad shit, the appropriate person gets notified and if the problem isn't cleared up, the connection is shut down. We also take some proactive steps to watch the network and see if someone is doing something bad. That's all I'm asking for is ISPs that will respond when they get contacted by someone saying "Hey you've got a system doing bad shit."

    However many providers don't. You contact them and they ignore you, or lie. The Chinese ISP is one of the liars. They say "That IP isn't ours," even though APNIC shows it is, to any complaint.

    So we need to just start blocking these people. If enough sites/networks do that, well then maybe they'll start playing well with others.

  13. Re:Why? by clarkkent09 · · Score: 4, Insightful

    Looking at my logs there are 1000s of "attempts to break in" as well, almost all from IPs located in China where apparently most botnet computers are - the botnet masters themselves may or may not be in China. The thing is, the sites are completely free and there is no reason to break in at all. It's just scripts trying out known vulnerabilities on a large numbers of sites. Maybe the same thing is happening with NYPD sites and someone panicked when they saw that it is coming from China.

    --
    Negative moral value of force outweighs the positive value of good intentions.