Slashdot Mirror
China's Cyber-Warfare Capabilities Overstated
An anonymous reader writes "A new paper argues that China's cyber-warfare capability is actually pretty poor. '[China has] evinced little proficiency with more sophisticated hacking techniques. The viruses and Trojan Horses they have used have been fairly easy to detect and remove before any damage has been done or data stolen. There is no evidence that China's cyber-warriors can penetrate highly secure networks or covertly steal or falsify critical data,' the paper reads (PDF). 'They would be unable to systematically cripple selected command and control, air defense and intelligence networks and databases of advanced adversaries, or to conduct deception operations by secretly manipulating the data in these networks.'"
Thats what they want you to think.
Sig? Heil
Personally, I'd rather we far overstated China's abilities and designed our systems to counter such a threat.
Would you rather overestimate their abilities or underestimate them?
Agreed. What is your proposed alternative?
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
awwwww...
-Bill
Because governments love to publicize when someone breaks into their highly secure networks. Every day, the spokespeople for various government agencies get to work and say to themselves, "Boy, I really wish I could announce that our networks have been hacked! That would really make my day!!". The leaders of said agencies go to sleep every night wishing that they could spend tomorrow being grilled by a legislative body over their swiss-cheese network defenses. But alas, tomorrow just brings another boring day of budget meetings.
Or just maybe they don't talk about it.
Look at their stealth bomber and their stealth fighter.. look familiar? You might think to yourself "hmm.. their stealth bomber looks nearly identical to ours.. and hey!! so does their stealth fighter!" And they just magic'd them out of nowhere. No decades of research.. no skunk-works or area 51 for testing.. just POOF.. a few years after we come up with them and BAM.. China has nearly identical copies. Just a coincidence i'm sure.
Online, electronic, internet, or lots of other normal words that can already describe these sort of things. No new alternative is needed.
Does the summary strike anyone else as a bit xenophobic? Or perhaps a bit skewed toward occidental cultures?
looks like top gun! buzz the tower!!
Online sex.. hm, no please.
Electronic sex.. hm, it could be kinky, but no thanks.
Internet sex.. well that's just boring.
Now cybersex. That's something, and it's kinky too!
dang those Chinese
Did we really need this paper to tell us that China's pathetic, underpaid skeleton of a software industry was no match for the NSA?
The Imperial mindset is this - if a potential rival or adversary is capable of even token resistance, then this is a major emergency and they are a threat to our entire way of life! See also, Sandanistas three days drive from Texas, the peril posed by Sioux and Mexicans, Saddam and his mushroom cloud, and of course the Yellow Peril.
I don't doubt that the Chinese would love to develop some kind of "cyberwarfare" capability as a deterrent to a potential attack we might launch. You may get an occasional Chinese loose cannon who'll hack into something state-side, but they'd have to be insane to actually start anything. Meanwhile, our massive "cyberwarfare" capability would let us take their entire grid dark, if they had the poor taste to introduce modern computer control to their infrastructure, which they'll probably do anyway, counting on the continued alliance between the CPC and the 0.1% of Americans getting rich off of exploiting the slave labor the CPC sells them.
All of which have prior meanings.
"Online warfare" - Would that include stuxnet, which attacked stand alone systems and needed to be airgapped over?
"Electronic warfare" - Lots of prior art here. This includes stuff like radar jamming. Oh, and my calculator, thermostat, and car navigation system are electronic. Are they now in this war?
"Internet warfare" - What is that, World of Warcraft? Flame wars?
Changing a name in midstream, so to speak, would add to the confusion for most people, not decrease it. Whereas you propose abandoning a word commonly used for decades because it reminds you of "late 80s early 90s grade B films". Maybe you could just get over it instead.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
A few years ago, in Ramadi Iraq I got shot by a sniper (twice!). It was pretty bad, but not nearly as horrific as if a foreign nation had totally crashed my web domain and/or email server. God help me if those bastard wrecked my telnet... I probably wouldn't be here today to tell the tale.
Surely if Desmond Ball says it was not the Chinese military which took over control of U.S. Weather Satellites, potentially rendering them into anti-satellite weapons, then I guess we can stop worrying about it.
I don't know who this Desmond Ball person is, but... he published a paper! Wow.
Slashdot = Disinformative
..whistling past the graveyard. It sounds a /lot/ like what US automobile manufacturers said about the Japanese in the 60s and 70s. And then the Japanese whipped Ford, Chrysler, and GM's collective asses.
Go ahead, dismiss your opponent as incompetent. Down that road lies complacency and defeat.
--
BMO
Have they learned from the Japanese!
http://www.southparkstudios.com/clips/103420/japanese-charm
Who or what entity has been hacking into major US companies if it's not China? North Korea, nope. Russia? Not their style.
Politicians and journalists from English speaking countries ALWAYS overstate the potential of national threats. And boy do they love their security theatre. The best one: The American president giving a speech abroad. Hilarious!
the principles behind how geometric shapes deflect, refract or break the radio waves have been known since 1950s. any object made to do that, would resemble another object built to do that.
Read radical news here
They would be unable to systematically cripple selected command and control, air defense and intelligence networks and databases of advanced adversaries, or to conduct deception operations by secretly manipulating the data in these networks.
But, could we (as in the US) do those things? Because that would be super.
"Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery?" - Patrick Henry
What difference does it make whether the attacks are detectable? DDoS for example is detectable, but that doesn't make it any less potent of a weapon. As someone who has dealt with blocking Chinese break-in attempts for years, and at one point blacklisted IP blocks from the entire region, I can tell you that China is a scourge on the internet at best, and a damaging force against major targets at worst. There's more than enough evidence of that.
with out the safety
In the japan system there is a 45-year, nearly 7 billion-passenger history, there have been no passenger fatalities due to derailments or collisions,
China system is no where near that.
I'll agree to give it up as an adjective, but the verb is here to stay.
That's only OK if China's national anthom is "Close to the Edit".
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
are the ones that don't get caught. Americans only detect the lousy attempts.
How about Technosex?
'tis but a scratch.
Sounds kind of like the Bomber Gap.
HAHAHAHAHA, it's so adorable that you believe that Microsoft bullshit. You want to know why Microsoft servers are so rarely hacked? Because so many people got burned running Windows bullshit that very, VERY few websites actually run Windows or IIS, and thus they are not compromised. Also, the # of vulnerabilities is a bullshit metric that Microsoft likes to tout because it's the ONLY metric that makes them look good, the thing is the vast majority of Linux kernel bugs are actually escalation of privilege attacks that require a local account and even then they are mostly theoretical, now compare that to Windows where the patched vulnerabilities are serious remote exploit bugs that represent real threats. Not to mention that Linux, being OPEN, actually accurately reports it's vulnerabilities, whereas Microsoft does not.NOt to mention that huge security vulnerability that Microsoft calls a feature called Genuine Advantage.
But yeah, continue to use that toy called Windows and consider yourself secure, I'm sure the hackers will enjoy just how easy you are making it to hack you.
Monstar L
All I had to do was read the first line of your post to realize that you have 0 clue about anything, so there was no reason to even bother with the rest, you are just some MSCE who is worried because your platform is becoming irrelevant. Android uses the Linux kernel yes, but that doesn't make it some sort of "Linux variant", at least not in the same way that you seem to think it is. Unlike Windows, anyone is free to modify Linux, and the overwhelming majority of the "flaws" you point out are with things that Google or other parties have added on to the Linux kernel, Android and the OS that runs on web servers are very different beasts. But yeah, I'm sure with that MSCE cert you will go far in a world that is ditching Windows as fast as it can because it's such flaming pile of insecure shit.
Monstar L
I mean, since they (Corporate America) have offshored the majority of the production assets there, and the capital assets there, and along with offshoring all those jobs, they've offshored that technology many of us were involved in creating, and both the Clinton and the Bush administrations gave them free military technology (pretty much), why would anyone really care now that those scumbags and their shills want to create fear about them. They shipped them all the weaponry, let them go fight them or stew about them, but leave us sane and poor people out of their moronic scripts.
You should read the shill, David Wise's book, Tiger Trap, where he inverts everything and when one views the situation without Wise's assumptions, it becomes evident that it supports what Sibel Edmonds said about a secret weapons-selling network within the government (not to mention that his book was rife with errors: pay close attention to pp. 101, 106, 107, and p. 88). Although it's been long obvious to many that the FBI has been completely compromised, both the Wall Street and the Chinese Ministry of State Security.
I get your point but I'd prefer to compare it to the overestimation of the Mig-25's capabilities. This seems more appropriate since it offers a comparable state vs state situation. So the Mig-25 is overestimated, the F-15 is designed to handle this "threat", and the F-15 go on to have a kill/loss ratio of 104:0. It seems there is something to be said for overestimating a potential foe.
Some people tend to worry more about fires, floods, hurricanes, tornadoes, etc, than they likely need to. But they still happen, and you don't want to be the unlucky individual hit by one and be unprepared for it.
I got drunk with a Chinese national in college once, he started going on about how China will be great in the future the way the US is great now, maybe greater.... real national pride coming through in a way I have never seen in any American, even the NASA heads in Houston weren't that fervently patriotic.
They outnumber the US in population by more than 3-1, they have at least as many children educated to a level where they can didactically learn h4x0r 5x1llz like our kids do. And, if they give these kids enough free time, they'll be growing cyberwarriors the same way we do, but I think they'll have an easier time inducting them into the military and giving them direction.
According to Richard Clarke, a former National Security advisor, and Special Advisor to the President on cybersecurity and cyberterrorism, it's not that China has extraordinary capabilities for cyber attack. It's the US that has essentially no defense. The US is the country with the highest penetration of the Internet in infrastructure (power grid, defense contractors, etc), often run with systems not designed to be exposed to the Internet itself. There is currently no government plan to defend against any attack. Contrary to that China has strong defenses and it can shut itself down from the rest of the internet, to prevent major infrastractural disruption. It's all in here:
http://www.amazon.com/Cyber-War-Threat-National-Security/dp/0061962244/
That's a genre of music isn't it? Not very good music either.
Uh Oh. Now, I'll be moded flamebait by some aging punk rocker who switched to techno.
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
So far all their attacks I've heard about were made by sending emails to employees at a company and asking them to run exe files. If that's all it takes then everyone who can speak decent English and has access to off-the-shelf Trojans is a potential Hacker.
It's not that the Chinese jump high, it's just that the bar is so low.
Did you go read that article about Turbo Pascal? Isn't that the precursor to Delphi?
Jesus was all right but his disciples were thick and ordinary. -John Lennon
In other news, Chinese scientists-make blood from rice!
http://www.cbsnews.com/8301-504763_162-20128572-10391704/scientists-get-blood-protein-from-rice-whats-it-for/
"Scientists have found a way to use rice to "grow" the critical human blood protein albumin, which is used to make vaccines and to treat cirrhosis of the liver and other medical problems. "It looks like an interesting technological step forward," Dr. Richard J. Benjamin, chief medical officer for the American National Red Cross, told Fox News. "It could potentially produce large quantities in a reasonable time." How did scientists pull off something that sounds like make-believe? It all started in China, where the protein is in short supply and blood samples are often contaminated. "That's what prompted me to do something like this," lead researcher Daichang Yang, a plant biotechnologist at China's Wuhan University, told Nature News."
So, the scientific and technical capacities of China continues to make the headlines in all scientific and technical fields, except, yes except that the Chinese just cannot seem to grasp the intricacies of cyber warfare, or?
I find it very ironic that someone posts a story about Chinese ability to hack, and it is a PDF. No way in hell I am clicking on that sucker.
"If you only knew the POWER of the DARK SIDE!"
"Appear weak when you are strong, and strong when you are weak.”
blindly antisocialist = antisocial
We have been in a "cyber" cold war with the Chinese (and others) for years. The recent theft of IP at RSA and many other companies is due to reasonably sophisticated persistent malware (advanced persistent threat in marketing terms) that can take a medium size business months to eradicate with outside professional help. Basically, there is a lot of information gathering going on and a lot of theft of things the US tries to restrict the Chinese from acquiring. To underestimate their abilities, goals, and motivation is foolish. To think we are being any nicer to them is absurd.
Do really dense people warp space more than others?
How about Technosex?
A/S/L?
To have a right to do a thing is not at all the same as to be right in doing it
Chinese chip manufacturers hack the VHDL source to install back-doors in all chips. The Chinese military then uses these back doors to install key-logging software on any computer controlled by these chips, then use the key-loggers to steal passwords from people who have control over very dangerous things. They then forge identities and start taking control of stuff that needs more than just a password to access.
Really, this is beyond their capabilities? A bit optimistic, aren't we?