Slashdot Mirror
FBI Warns Industry of Chinese Cyber Campaign
daten writes The FBI on Wednesday issued a private warning to industry that a group of highly skilled Chinese government hackers was in the midst of a long-running campaign to steal valuable data from U.S. companies and government agencies. "These state-sponsored hackers are exceedingly stealthy and agile by comparison with the People's Liberation Army Unit 61398 ... whose activity was publicly disclosed and attributed by security researchers in February 2013," said the FBI in its alert, which referred to a Chinese military hacker unit exposed in a widely publicized report by the security firm Mandiant.
Because at this point, they've already gone to war with us. It would be devastating for the US economy in the short term but long term I'm not so sure.
Free trade doesn't work if both sides are not playing the same game.
The NSA refers to its own "Hacker Units" as TAO, or "Tailored Access Operations".
TAO is also a Chinese word that means "the Way".
Political correctness is really just herd psychology pushed by insecure people who desperately seek social conformity.
The group’s sophistication is demonstrated less in how it gains access to targets’ computers and more in how it moves “laterally’’ once inside the system, disguising its behavior to look normal so it goes undetected, said Peter B. LaMontagne, Novetta Solutions chief executive officer.
In my day, spies had to get into the building, gain access to the blueprint file cabinet drawers, photograph them - on film no less and getting the exposure right, and then make their way out without getting caught.
It was ALL social engineering back then - OLD school.
You whipper snappers sitting behind your keyboards eating Cheetoes or Lo Mein (whatever the case may be) and drinking Wired Bull, or whatever those caffeine drinks are called, are just a bunch of lazy good for nothings!
We had to WALK and GET INTO a building and even TALK to people!
Pffft!
I'd like to see some Chinese spy walk into a high tech firm and go un-noticed!
H1-bs? Oh, shit! Yeah, ....Um.....never mind.
Captcha "crackpot" - Ahahahahahahahahaha!
I presume the company I work for is a target, but it's no less a target from any other government.
This isn't news I can use. There's no behavior change that is a rational response to this. It's not like we didn't already know there are several governments trying to get access to all out stuff.
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
they'd have the world's largest stock of bad tech puns, as well as all the troll stock they'd need to stultify the entire military machine. just think! -- unable to launch total world war because they can't decide on which desktop and which distro to send into the field!
if this is supposed to be a new economy, how come they still want my old fashioned money?
And this isn't an act of War why?
Jack of all trades,master of none
Yeah, how dare they trespass on the FBI's domain like that!
Since the US does not need any warrant to hack in a remote computer (out of US), why Chinese should not hack into US server without warrant or warning??
It's legal isn't it ?
I can't call that English
Asumming Unit 61398 was part of a 65535 strong platoon, I guess there are only 65534 units left to be worried abput?
This is news that nerds might be interested in. If you have no use for it, clearly you aren't a nerd. Go elsewhere for your news. I am tired of people bitching about stories that don't pertain to them. If you don't find them useful, then don't read them.
This is important news. If China is stepping up it's state sponsored spying and digital theft, I want to know about it. It might be useful background info to know so that when the president decides to park a cruse missile on a building in China, you know some of the history that lead to this decision.
HA! I just wasted some of your bandwidth with a frivolous sig!
Cultures are different. East is East, West is West.
Anybody with a brain knows this has been going on for years.
You are a WIT, my friend. Have you considered stand-up comedy? Good thing you posted anonymously, because that kind of blazing display of wordsmithery is likely to make you some enemies.
Cloudiot: A person who does not see offsite storage as a way to lose control over access to his or her own data.
The USA should have an agency (maybe call it the NSA+) that's tasked with helping companies shore up cyber defenses... Maybe even doing code reviews and penetration testing of common software to look for vulnerabilities. Instead we have an NSA that exploits vulnerabilities and creates new backdoors into software and networks with no real oversight or accountability
Sun Tzu said "I would rather have one good spy than 10,000 soldiers."
Wow, now that's news. Did the Chinese give him a signing bonus too?
Consider the size of US debts to China. Consider that we could seize and keep Chinese assets for the crime of cyber espionage. Or as an alternative we could try a hack that destroys the economic system of China. Maybe China needs a formal warning that we make make them howl, gnash their teeth and cast them into darkness for eternity.
The chinese might break into your secure email server, but they won't plant child porn on it in an attempt to incriminate you. The FBI, on the other hand..
Yeah, Chinese bastards, they even wrote stuxnet and that chinese defelector, snowden, is the worst of lot. (Really, slashdot, really? )
The pen is mightier than the sword.
- Edward Bulwer-Lytton
The penis, mightier than the sword.
- Bill Clinton
I'm more concerned about NSA/FBI and police hacking than I am Chinese hackers.
Probably a feeling that such activities bring shame upon their people. Nothing like the USA.
Have gnu, will travel.
I work for a Chinese company. So should I just think of these hackers as automatic cloud storage?
The world is made by those who show up for the job.
No more hacking, nothing to hide, everything is free, no more locks on any sort of data, what an epic success!
Have you heard the US government say: "Yes, we spy on the whole internet including American civilians, including government leaders of friendly nations. Yes, we know it's against our own laws. Yes, we also engage in economic espionage."? I guess I missed that statement from Obama. Of course any government would deny any uncovered secret operation.
Also, have you thought about the scenario, that the Chinese government is actually NOT involved in this? Have you considered that all these reports from all these self-proclaimed security researchers, might be inaccurate or just wrong? Have you read these reports (I mean actual report, not the summaries in the press)? Would this report hold up in court as prove? And would the US government care whether it was wrong or inaccurate? Or would it benefit some (domestic) political agenda? Just asking questions. You should try it too.
Cultures are different. East is East, West is West.
Yes, but rational behavior transcends culture, does it not? What possible rational reason could an adult have for denying that which is patently obvious to anyone who cares to look?
In your firewall:
1. Whitelist destination IPs for destination port 53, workflow denials adding IPs that have reverse DNS entries. (e.g. don't allow access to fly-by night DNS servers)
2. Whitelist source IPs for destination port 53. (E.g. do not allow alternate DNS servers to be used inside your org)
Have your org's DNS servers point to OpenDNS or GoogleDNS -- they do a good job of filtering out the rifraf
"The FBI on Wednesday issued a private warning to industry that a group of highly skilled Chinese government hackers was in the midst of a long-running campaign to steal valuable data from U.S. companies and government agencies"
...
Nothing to read here, moving on
The chinese might break into your secure email server, but they won't plant child porn on it in an attempt to incriminate you. The FBI, on the other hand..
Citation needed. Most FBI & Justice types I've met would not do that kind of thing. People who are into law enforcement have political agendas, yes, but there's a big red line between acting on a political agenda and outright felony criminal behavior.
Sure, the FBI will sometimes publicly support things which hurt as a society because it makes it easier for them to do their jobs (e.g. fighting encryption), and they do a lot of entrapment of people who go along with whatever crime they set up (in most domestic terrorism cases you hear about the FBI is the one selling the arms to the "terrorists").
But at the end of the day, they're generally law enforcement guys interested in arresting people who violate the law, not in pretending innocent people have violated the law.
This is easy. See: Freedom Hosting.
http://arstechnica.com/tech-policy/2013/09/fbi-admits-what-we-all-suspected-it-compromised-freedom-hostings-tor-servers/
The FBI had compromised this guy's servers for months, and then viola, there's child porn on there. The fact that the dudes you know from the business seem like right ol' chaps is no reflection on the nature of the FBI or its sordid, filthy history.
You realize the FBI is constantly arming and training wannabe terrorists to the brink of action, right? http://occupywallst.org/forum/...
They're evolving!!!
Encryption bad;
http://yro-beta.slashdot.org/story/14/10/16/1915216/fbi-director-continues-his-campaign-against-encryption
Hackers Bad;
Ripping off data as per this story.
Does not encryption foil hackers? Then it's good unless it stops the FBI, then it's bad.
This good/Bad thing about who gets to steal your data is pretty confusing.
Chinese bad, FBI good?