Pentagon Ups Hacking Accusations Against China

wiredmikey writes "A new report from the Pentagon marked the most explicit statement yet from the United States that it believes China's cyber espionage is focused on the U.S. government, as well as American corporations. China kept up a steady campaign of hacking in 2012 that included attempts to target U.S. government computer networks, which could provide Beijing a better insight into America's policy deliberations and military capabilities, according to the Pentagon's annual assessment of China's military. 'China is using its computer network exploitation capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs,' said the report to Congress (PDF). The digital espionage was part of a broader industrial espionage effort that seeks to secure military-related U.S. and Western technology, allowing Beijing to scale back its reliance on foreign arms manufacturers, the report said. One day later, Beijing dismissed the Pentagon's report that accused it of widespread cyberspying on the U.S. government, rejecting it as an 'irresponsible' attempt to drum up fear of China as a military threat."

Surprising?

[venom85]

Is this supposed to surprise anyone? And, more importantly, does anyone out there actually believe that the US isn't doing the same thing toward [insert long list of nations here]? I, for one, certainly believe they are.

Polite pretense

[onyxruby]

How long do we uphold the polite pretense that China isn't behind the overwhelming majority of real world hacking? How long are we supposed to avoid to avoid offending them and continue to allow them to steal all of our intellectual property that we supposedly value? At least the Chinese government actually bothers to protect Chinese businesses from foreigners unlike the US government which only protects big business. Turn the other cheek, what if your out of cheeks?

Re:Polite pretense

[chill]

Intellectual Property? Like we give a shit. Here's one fine example from U.S. history.

http://www.bigsiteofamazingfacts.com/why-did-president-thomas-jefferson-smuggle-rice-out-of-italy

During their early years, the United States freely ignored existing European patents and copyrights as we saw fit. Developing our economy took precedence over some Old World kvetching about theft of ideas.

If you have knowledge, let others light their candles with it. - Margaret Fuller

To press China on theft of IP would require a truthful accounting of the cost. Look no further than the BSA for the depth of deception on the "cost of software piracy". There is no way China would accept valuation numbers like $200 per pirated copy of Windows 7.

It is my fervent wish that the BSA get just what they ask for -- the ability to absolutely prevent people from using their client's software without payment. Think of how many copies of Windows would be installed in China if it was *IMPOSSIBLE* to pirate. Think of a number close to zero.

There would be an utter explosion of growth in FOSS software. If Microsoft wanted to sell Windows and Office they'd have to lower the price to what the market would actually bear -- somewhere most likely around 10% of current prices.

Congress uses those inflated numbers every year to justify all sorts of bullshit. They value of bogus "IP" valuations far outweigh Chinese IP theft.

Re:Polite pretense

[chill]

Trade secrets, such as formulas and manufacturing processes are the responsibility of the individual companies to protect, not government. Copyrights and Patents are given governmental protection thru legal prosecution because they are, by nature, disclosed to the public. They are published and the protection of secrecy is not available.

We didn't abandon a manufacturing based economy. The United States is the number one manufacturing country in the world, measured by production. What has gone away is the manufacturing JOBS. This is a result of automation as much as outsourcing, and there isn't a damn thing you can do about it. Brush up on the history of the Luddite Movement and the Industrial Revolution to understand how futile an attempt at stopping progress and efficiency by refusing to automate is.

If you aren't talking about copyright and patents, then the answer becomes -- do we value the quality process improvements in Chinese manufacturing more than the supposed "theft" of trade secrets? I'd argue the answer is "no". We gain more from the stuff we're buying from China being better quality than we lose in any lost competitiveness.

I'd also argue that the competitive companies in the U.S. are not sitting still. IP that is "stolen" is ever evolving. If a Chinese company takes Process v1.0 and uses it to improve their manufacturing, they're still behind the company who is constantly upgrading their processes and already on Process v3.0. Copying isn't innovation, and innovation is much more important economically than mass production.

Internet Dispute

[WillgasM]

This is an Internet dispute, so let's settle this in our tried-and-true method. I'll begin:
Dear China,
Do you even lift, bro?

Government morons - just fix the problem

[Indy1]

Null route all the Chinese networks, problem solved. Worked great on my mail server, amount of spam I got dropped massively.

guess those

[nimbius]

sequestration cuts are getting a little close.
Seriously, terrorism or communism. I only have enough patience for one government-sponsored boogey man at a time.
Schedule it between the mandatory monthly fiscal cliff panic and the gay marriage thing if you could...or if you can roll it into some weird freedom war that works too.

Let's Troll 'em!

[caspy7]

I say we request that businesses and government agencies (especially ones we know they've gone after) set up poorly secured areas with misinformation about "important" projects and such.
Not only do we get them with misinformation, but try to bury them with gobs of data in the form of poorly scanned (un-OCRable) image files.

(Yes, I know the plan probably has flaws, but a boy can dream.)

Re:proof not speculation

[admdrew]

why does it *have* to be china that's doing the attacking?

The type of analysis used to reach this conclusion includes far more information than source IPs. Based on the wealth of attack data available to even some of the smallest security providers, it's not tough to eventually paint a pretty good picture of China (their military, especially) as a core of generally nefarious network activity. A single IP isn't enough to place blame, but billions of packets over years of activity are definitely enough to attribute a significant volume of the world's hacking directly to the Chinese.

Source: I do a significant amount of network traffic analysis specifically for security.

Re:proof not speculation

[interval1066]

unless the U.S. has access to the entire world's internet traffic plus all communications globally including mobile phones...

Stop being an idiot. I set up a simple OpenBSD name server back in the mid 2000's, about 2008 I noticed an unusual amount of acitivity on it. It had been attacked and comprimised, and whomever did the attacking had re-purposed it to do name serving to asian servers. I easily tracked the trail back to China. Its not fucking rocket science, and secured in my mind that if the Chinese were willing to attack a small name server in a dusty corner they'll certainly attack US Gov. servers. Stop being an apologist for the Chinese you shill.