Slashdot Mirror
FBI Warns Industry of Chinese Cyber Campaign
daten writes The FBI on Wednesday issued a private warning to industry that a group of highly skilled Chinese government hackers was in the midst of a long-running campaign to steal valuable data from U.S. companies and government agencies. "These state-sponsored hackers are exceedingly stealthy and agile by comparison with the People's Liberation Army Unit 61398 ... whose activity was publicly disclosed and attributed by security researchers in February 2013," said the FBI in its alert, which referred to a Chinese military hacker unit exposed in a widely publicized report by the security firm Mandiant.
Because at this point, they've already gone to war with us. It would be devastating for the US economy in the short term but long term I'm not so sure.
Free trade doesn't work if both sides are not playing the same game.
Anybody with a brain knows this has been going on for years.
The NSA refers to its own "Hacker Units" as TAO, or "Tailored Access Operations".
TAO is also a Chinese word that means "the Way".
Political correctness is really just herd psychology pushed by insecure people who desperately seek social conformity.
The group’s sophistication is demonstrated less in how it gains access to targets’ computers and more in how it moves “laterally’’ once inside the system, disguising its behavior to look normal so it goes undetected, said Peter B. LaMontagne, Novetta Solutions chief executive officer.
In my day, spies had to get into the building, gain access to the blueprint file cabinet drawers, photograph them - on film no less and getting the exposure right, and then make their way out without getting caught.
It was ALL social engineering back then - OLD school.
You whipper snappers sitting behind your keyboards eating Cheetoes or Lo Mein (whatever the case may be) and drinking Wired Bull, or whatever those caffeine drinks are called, are just a bunch of lazy good for nothings!
We had to WALK and GET INTO a building and even TALK to people!
Pffft!
I'd like to see some Chinese spy walk into a high tech firm and go un-noticed!
H1-bs? Oh, shit! Yeah, ....Um.....never mind.
Captcha "crackpot" - Ahahahahahahahahaha!
I presume the company I work for is a target, but it's no less a target from any other government.
This isn't news I can use. There's no behavior change that is a rational response to this. It's not like we didn't already know there are several governments trying to get access to all out stuff.
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
they'd have the world's largest stock of bad tech puns, as well as all the troll stock they'd need to stultify the entire military machine. just think! -- unable to launch total world war because they can't decide on which desktop and which distro to send into the field!
if this is supposed to be a new economy, how come they still want my old fashioned money?
What is it about the Chinese that compels them to grin and flatly deny that which is clearly and demonstrably so? No reasonable person above the age of three would be so disingenuous, so why the stupid and childish denials?
And this isn't an act of War why?
Jack of all trades,master of none
Yeah, how dare they trespass on the FBI's domain like that!
Since the US does not need any warrant to hack in a remote computer (out of US), why Chinese should not hack into US server without warrant or warning??
It's legal isn't it ?
I can't call that English
Asumming Unit 61398 was part of a 65535 strong platoon, I guess there are only 65534 units left to be worried abput?
This is news that nerds might be interested in. If you have no use for it, clearly you aren't a nerd. Go elsewhere for your news. I am tired of people bitching about stories that don't pertain to them. If you don't find them useful, then don't read them.
This is important news. If China is stepping up it's state sponsored spying and digital theft, I want to know about it. It might be useful background info to know so that when the president decides to park a cruse missile on a building in China, you know some of the history that lead to this decision.
HA! I just wasted some of your bandwidth with a frivolous sig!
The USA should have an agency (maybe call it the NSA+) that's tasked with helping companies shore up cyber defenses... Maybe even doing code reviews and penetration testing of common software to look for vulnerabilities. Instead we have an NSA that exploits vulnerabilities and creates new backdoors into software and networks with no real oversight or accountability
Sun Tzu said "I would rather have one good spy than 10,000 soldiers."
I WARN the world of fbi/nsa terrorist shit...good i hope the chinese rip you yanky fuckers a new asshole
Wow, now that's news. Did the Chinese give him a signing bonus too?
Consider the size of US debts to China. Consider that we could seize and keep Chinese assets for the crime of cyber espionage. Or as an alternative we could try a hack that destroys the economic system of China. Maybe China needs a formal warning that we make make them howl, gnash their teeth and cast them into darkness for eternity.
So man up about it. Hack them back, steal all their info and post it all online. Names locations connections accounts money.
The chinese might break into your secure email server, but they won't plant child porn on it in an attempt to incriminate you. The FBI, on the other hand..
What makes you think most modern "hacks" aren't performed through social engineering?
Canada has such an agency - on paper at least, that's part of what the CSE does. I don't know how many "other" more sinister things they do.
Yeah, Chinese bastards, they even wrote stuxnet and that chinese defelector, snowden, is the worst of lot. (Really, slashdot, really? )
Pot calls kettle black, announces kettle responsible for cooking. Kettle has not responded to a request for comment.
The pen is mightier than the sword.
- Edward Bulwer-Lytton
The penis, mightier than the sword.
- Bill Clinton
I'm more concerned about NSA/FBI and police hacking than I am Chinese hackers.
I work for a Chinese company. So should I just think of these hackers as automatic cloud storage?
The world is made by those who show up for the job.
If the data is valuable then it wont be on the internet. Ipso facto, if it is on the internet then it isn't valuable.
No more hacking, nothing to hide, everything is free, no more locks on any sort of data, what an epic success!
In your firewall:
1. Whitelist destination IPs for destination port 53, workflow denials adding IPs that have reverse DNS entries. (e.g. don't allow access to fly-by night DNS servers)
2. Whitelist source IPs for destination port 53. (E.g. do not allow alternate DNS servers to be used inside your org)
Have your org's DNS servers point to OpenDNS or GoogleDNS -- they do a good job of filtering out the rifraf
"The FBI on Wednesday issued a private warning to industry that a group of highly skilled Chinese government hackers was in the midst of a long-running campaign to steal valuable data from U.S. companies and government agencies"
...
Nothing to read here, moving on
The real problem is the U.S and its government agencies. China is trying to maintain a balance, whereas the U.S is trying to take over the world. If you want a balance in the world power and freedom, look to China and be wary of the U.S.
The chinese might break into your secure email server, but they won't plant child porn on it in an attempt to incriminate you. The FBI, on the other hand..
Citation needed. Most FBI & Justice types I've met would not do that kind of thing. People who are into law enforcement have political agendas, yes, but there's a big red line between acting on a political agenda and outright felony criminal behavior.
Sure, the FBI will sometimes publicly support things which hurt as a society because it makes it easier for them to do their jobs (e.g. fighting encryption), and they do a lot of entrapment of people who go along with whatever crime they set up (in most domestic terrorism cases you hear about the FBI is the one selling the arms to the "terrorists").
But at the end of the day, they're generally law enforcement guys interested in arresting people who violate the law, not in pretending innocent people have violated the law.
China, by demanding that electronic devices and communications have crippled or faulty encryption.
Wait, what?
This is easy. See: Freedom Hosting.
http://arstechnica.com/tech-policy/2013/09/fbi-admits-what-we-all-suspected-it-compromised-freedom-hostings-tor-servers/
The FBI had compromised this guy's servers for months, and then viola, there's child porn on there. The fact that the dudes you know from the business seem like right ol' chaps is no reflection on the nature of the FBI or its sordid, filthy history.
You realize the FBI is constantly arming and training wannabe terrorists to the brink of action, right? http://occupywallst.org/forum/...
Most people don't know the FBI is primarily a Mormon organization.
Do they warn about their own surveillance?
More propaganda from a fascist state.
They're evolving!!!
Encryption bad;
http://yro-beta.slashdot.org/story/14/10/16/1915216/fbi-director-continues-his-campaign-against-encryption
Hackers Bad;
Ripping off data as per this story.
Does not encryption foil hackers? Then it's good unless it stops the FBI, then it's bad.
This good/Bad thing about who gets to steal your data is pretty confusing.
Chinese bad, FBI good?
China is good at conquering without sword/blood/rhetoric (unlinke Putin Russia), so it seems.
On one hand US/Canadian govts were giving notices for past decade to companies in US/CA about industrial espionage by Chinese agents, on the other hand US/Canadian govts allow Chinese made routers and other hardwares into the country, small businesses make use of those cheap routers, and subscribe to "free internet services" that helps Chinese businesses to steal customer data and starting a cloned-business, etc. I'm not sure what percentage of Chinese students/employees are there working-hard, and gradually collecting materials/technology to be shipped to motherland.
I think US/Canada should scrap WTO, instead of propping up China(closed/secrective/centrally manipulated economy), US/CA should lead on creating WTO-for-Democratic-Market-Economy-countries. It is not good idea to enrich China any more, rather make sure the rewards of global economy (WTO) goes to multiple countries surrounding China. We have to do this before China gets out of hand to harm the world.
I will simply say its interesting times and its very real