Slashdot Mirror
Australian Intelligence HQ Blueprints Hacked
SandmanWAIX writes "In an embarrassing revelation today it appears as though the blueprints to the new Australian federal intelligence agency ASIO headquarters have been stolen, reportedly by a cyber attack originating from China. Several other governmental departments have been reported as being breached also. The blueprints which have been compromised include the security system, comms network, floor plan and server locations of the new ASIO headquarters located in the Australian capital city, Canberra."
Why not...
Until China starts to face real responses?
Great warrior...hrmph! Wars not make one great.
Always assume your advasaries have these things and plan accordingly. Anyone in charge of operational security who would bat an eye about posting this information on the Internet deserves to be fired.
TFA comments there are wifi access points installed in government systems. I think they deserve everything they get, if they're stupid enough to allow any form of wireless communications inside a secured government facility.
the game
The original site is loading perfectly here... rendered in under 0.2 of a second.
... wait, what?
Is it the same agency that wants more money?
Questions raise, answers kill. Raise questions to stay alive.
Which is the bigger threat:
China spying on Austrailia now that it knows the floor plan of the intelligence agency?
Or them using the blue prints to rebuild it in China
God spoke to me
Anyone who says a "cyber attack" originates from China should be smacked in the head with an Ethernet cable. How would you know exactly where an attack originates?
Oh, and anyone who says "cyber attack" should be shot.
the more concerned that the rest of the west needs to become.
At this time, Australia is the weakest link in the western alliance and have loads more spies that are hitting their intelligence easily.
I prefer the "u" in honour as it seems to be missing these days.
nobody will be able to get away with lies.
When was the last time China attacked another country?
I'm sure the Military Industrial Complex can use this to spend more taxpayer money without accountability for certainly China is due to attack someone.
So the real question is... where exactly is the threat if there is one at all?
Do you think China would make it known that they have a quantum computer in operation for hacking into computer systems around the world?
There's always the possibility the attackers found a "fake" blueprint under a lighter level of security, put there to make them think they found something worthwhile and back out to avoid further detection. Then you make it public (like it now has) and make the enemy believe something that's actually a complete ruse.
Sure, it looks embarrassing for you, but one of the major elements of intelligence is counter-intelligence and misdirection. Let the enemy believe they now know something juicy, and they'll further base actions on incorrect intel.
Just a thought. Of could be as simple as the Aussie Government completely fucking up by running a poorly patched Windows XP infected with a compromised USB. Some idiot on the article's comments section (tonyy) did suggest Linux would have been more secure. As if the Chinese wouldn't know how to write Linux malware and infect via social engineering if it were the predominant OS used on Government machines (which it will never be - Windows is just too well designed for corporate use on the desktop).
who cares?
I mean honestly, what use is this for anyone?
Boss: Have you organised that world-class penetration testing of our new system yet?
Dazza: Yes, I'll need to expense $150,000 for the consultants though.
Boss: No worries.
Dazza: *clickety click ftp mss.cn files sent* Great. It should be done very soon.
At the risk of spilling top-secret intelligence procedures, I've heard about this thing called an "air gap" where, if you don't want anyone to be able to hack into a particular system, you don't plug it into the Internet. Seems like something they might want to consider.
(Yes, I know Stuxnet was designed to penetrate air gaps. But it wasn't designed to send packages home, either.)
Stop learning! Only you can prevent esoterrorism.
half this shit is wrong (i.e. the part that supports your argument)
Networked computers are great. I work with them all day every day. But if I had something even a 1/1000th as secret (say an embarrassing video) I would keep it offline, encrypted, and in a physically secure location. My assumption from a security standpoint is that networked cyber security is 99.9% to keep the script kiddies out. Keeping out the determined evildoer take some serious and continuous effort; or you just make it a physical effort for the bad guys.
Even the guys with the Rob Ford Crack video wouldn't let the reporter hold their phone.
Time to Great Firewall China in the other direction. Simply block all Internet communications with China and any other country that refuses to do the same. Once China is effectively isolated on its own little internal Internet, these attacks will be few and far between.
US/NATO/Australian companies and companies that operate in those countries control the vast majority of the Internet's infrastructure. Blocking nearly all Chinese traffic wouldn't be that difficult.
And how could China respond? A strongly worded letter? (better snail-mail it) Their economy depends on the rest of the world every bit as much as the rest of the world currently relies on their cheap labor. If China actually tried to block any economic activity (throwing out foreign companies, trade barriers, etc), their economy would rapidly grind to a halt and the Party leaders would find their heads on the end of spikes mounted all around Beijing. Meanwhile, the rest of the world would just have to get by with all the cheap labor in India, Indonesia, and every other country in that part of the world. Heck, nobody's using all the nearly-free labor sitting in most of Africa.
just saying, if they were hacked then they would biuld a gigantic MEC using the same parts just reconfigured, breaking into a computer system and stealing files does not mean those files were hacked, the system was
Canberra is the capital of Australia? Huh... I learned something new today.
I wonder if they are as idiotic as a lot of US intelligence agencies and still insist on using Windows everywhere. The PLA really should send Microsoft a nice fruit basket thanking them for all the easily-gathered intelligence that Microsoft's combination of shitty coding and massive lobbying efforts have enabled.
Monstar L
A million Chinese invading the shores of Australia, waving pitchforks and wearing pointed straw hats, each carrying the blueprints to the Canberra HQ in an Iphone clone running Android !!
The story is not this story !! Watch my hand !!
Back when most people on the internet were still computer literate, a report like this would explain how the attack happened, how it was discovered, and other interesting/important details.
Now all we hear is a few buzzwords, a few propaganda works, and no more real information than what is in the headline. For all we know it never actually happened. Maybe they just found malware on a computer and overreacted.
"First they came for the slanderers and i said nothing."
Thanks to things like VPNs and Tor, it's trivial to fake your location to make people believe you're coming from somewhere else. Thanks to the political climate right now, it seems obvious to route traffic trough China when cracking as they are an easy scapegoat.
So if these hackers are good enough to hack a federal system, what makes people think they didn't hack the chinese first? And are centralising the attack from Chinese servers?
Some of your clowns believe in the utter voodoo of polygraph tests so don't you dare pretend a small but professional agency is the weak link. Bay of Pigs is just the start of a long list of failures from a highly politicised bunch. Other places that keep politics out of their agencies are vastly more professional.
You're not taking security seriously and you deserve to be embarrassed repeatedly until you do or fail so spectacularly that no one ever trusts you again with anything.
Its a big issue in the US as well. Old government agencies and shotty IT.
You're not paranoid enough. You're literally paid to be paranoid and you're not doing your job. Its disgusting. Wake up and realize if you don't assume worst case you'll always be playing catch up.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
I think I've seen this episode of 24. Don't worry, the Australian Jack Bauer will keep everyone safe.
The really great thing about being Australian is that so many people under-estimate us... e.g. in the military sphere the Japanese at Kokoda received their first defeat at the hands of Aussie *reservists*, the Germans at Tobruk, the Viet Cong (one of whom told me they used to run away from Australian troops to find some easy-beat U.S. forces), the British (until they let us command our own forces under John Monash and we smashed through the Hindenburg Line and ended the stalemate in WWI)
Any attack made by against ASIO headquarters would be a useless gesture, no matter what technical data they've obtained.
I have discovered a wonderful
.. being as subtle as ever. An enormous building in the heart of the capital shaped like an A. There's probably a big sign on the front saying "Nothing to see here, move along".
since when did "hacked" mean "took a copy off" - come on if they had hacked the building plans they'd have added secret tunnels or something, at the very least installed the doors with the hinges on the outside
How Canberra was Hacked.
Anyone could just walk into the builder's office on site and scan or photocopy them. It's not like the apprentice from Joe's plumbing has Super Sekret Clearance.
As far as I can see the whole point of ASIO is to deflect attention from ASIS. I imagine that's why they don't lose their jobs for kicking down the wrong door. The best part is that nobody takes a bunch of clowns seriously, so they probably are effective at CI whenever no-one's looking.
Humans live in Antarctica, equatorial Africa, and everything between. Even vacuum. We'll have no trouble adapting our tech to supporting us wherever we care to be.
Help stamp out iliturcy.
As a kid I used to wonder around the grounds and bildings of the Russell Offices in Canberra and home of the Australian Department of Defence. Security in the 80's was a joke,I used to just wander in and out of buildings and around the grounds.. I was only quested once, and that was when I was about 13.. I sort of stopped going after that.
Most of my floppy disks as a kid came from ones just thrown out the windows.. If i needed paper to scribble on, reams of old school data prints were just thrown out, half used notepads etc, pens all sorts of cool bits and pieces..
Its not like that anymore =>
You have 5 Moderator Points!
Which Helpless Linux zealot/MS basher do you want to mod down today?
I mean, really. If you got shit you don't want anyone to get into, you do NOT put the fucking stuff on a computer that has internet access. How many stupid ass people/corporations/governments are going to keep getting hacked? Lots. Mainly if your a government, you are 100% a target.
Be seeing you...
May 2013: blueprints to the new Australian federal intelligence agency ASIO headquarters have been stolen
June 2013: a man in London plants a small tenant garden outside a flat in London. The peas and carrots are arranged in geometric shapes that depict the seating arrangement of the ASIO conference room. By the time this pattern is discovered in August, he will have disappeared.
June 2013: Better Bathrooms magazine June issue contains an artist's rendition of "a functional yet stylish layout, corporate washroom of the future", whose commodes and sinks are a direct match for ASIO facilities.
July 2013: A teacher presents an odd but intricate crayon drawing done by one of her students that matches the basement layout of ASIO HQ. This uncanny similarity is never explained, the parents are questioned then released.
August 2013: The first copies of ASIC HQ 3D plans are uploaded to Pastebin.
October 2013: Small 3D models of ASICHQ are being printed and displayed, feature in Wired Magazine: "Your own HQ"
February 2014: Full size scale 3D printed models of ASIC HQ are spotted all over the world, including one only a block away from the original ASIC HQ building. New employees and service companies become confused and arrive at the faux copy.
May 2018: China publishes the plans for its newest metropolis, from above the planned city's layout bears a striking resemblance to ASIC HQ.
June 2018: The jungle is cleared from around a newly discovered Aztec city abandoned around 1400AD... its network of narrow streets and communal buildings suggests...........
<blink>down the rabbit hole</blink>
How long will idiotic governments and corporations put ultra-sensitive information on computers connected to a public network (Internet)? The only reason they do this is so lazy-ass and OCD PHBs can access this information with the least effort as possible. THIS is the problem, not a third party exploiting the blatant stupidity.
Has nobody heard of disinformation? Fill your servers with files full of plausible but misleading information.
Attackers will waste time with them.
There are still some notable U.S. tool brands:
http://www.starrett.com/
http://www.graceusaguntools.com/screwdrivers.htm
http://www.bridgecitytools.com/ (almost bought a JointMaker Pro instead of a CNC Mill)
Here's a further list of brands w/ specifics: http://www.stillmadeinusa.com/tools.html (though I'm given to understand the quality of Klein tools has fallen off somewhat recently).
But yeah, it's depressing how few tools appear under the ``USA Made'' link at http://www.garrettwade.com/made-in-america/c/13618/
I really wish some politician would urge ``Buy American'' for say the Independence Day Holiday and try to get every retailer in the U.S. to (say) fill their end-caps (the displays at the end of an aisle) w/ only 100% Made in U.S. stuff (and to leave such empty as a symbolic gesture if they can't fill it w/ U.S. produced goods).
Sphinx of black quartz, judge my vow.
This is how a government, relates to, and coerces it's people into buying more security. The truth is they are all at it - hacking, lying, cheating, disinformation.
Take what happened in Woolwhich for example: the Mi5 were following one of those crims for a long time; they even offered to recruit him as a mole. Then it all kicked off yet they didn't pre-emptively act. The natural reaction? "We are not safe - TAKE MY MONEY". Same old tired story yet everyone is perpetually caught in a wave of emotion.
Now, and for a long time passed, we have had our respective agencies telling us that the internet is SO bad that they drastic measures need to be taken. Things like long term logging, domain blocking, backdoors in software, master keys, massive data mining operations, Google.. who want to know where you've been, what you look like, what your WiFi passwords are, who your contacts are, what you search for on the internet, and a lot more.. all uploaded to the cloud - then step in CISPA and private data sharing. Now they are telling us that they want unequivocal powers to hack anyone they want - anyone deemed a 'criminal':
"If you can control the meaning of words, you can control the people who use the words" -- Philip K. Dick
So what.. if your network got hacked? You shouldn't have left it deliberately open. In fact it was probably one of your own who done the business.. deliberately.. as planned..
We all know we are lied to, not just on a daily basis, but about everything - yet the majority eat it up like a fat kid who hoovers up KFC.
Yeah - it is THAT simple. They make you feel like you know something they don't - therefore they are just old men doing, and fucking up, old men stuff. Oh by the way - we need more money, power, and resources to fight the war against the *cough* 'commies'.
Eat it up.
"Australian Intelligence" is an oxymoron
*ducks*
=D
The makings for a successful attack of this nature include the intrusion not being detected. If they know that the plans were stolen then measures can be taken to mitigate the situation. The most successful cyber espionage or any other kind of espionage operation is a clandestine one; if everyone knows that you know what they know there is significantly less advantage there.
411 Y0UR 8453 4R3 8310NG 70 U5!! -NSA
This pack of bastards and the fedral police have hacked my web sites for years to stop my criticism of the rampant corruption in the Australian government ,hope they like their own medicine.ha ha ha.junkies against crime liberation front.
I keep writing comments that don't get published due to account preferences I want my comments published or I wouldn't waste my fucking time writing them.
The plans were not "hacked". They were copied, or stolen.
The computers or network were cracked.
A hack is an interesting or novel usage. If you know that some clever technique was used to access the plans, and you can describe it, then that's a hack which you could write about.
The ignorant people ask us about technical matters. We should know what we're talking about and use the right words.