Slashdot Mirror

← Back to Stories (view on slashdot.org)

China May Have Hacked International Hague Tribunal Over South China Sea Dispute (thediplomat.com)

Posted by Soulskill on from the how-not-to-diplomacy dept.

An anonymous reader writes: In July, the Permanent Court of Arbitration in The Hague conducted a hearing on the territorial dispute in the South China Sea between the Philippines and China. On the third day of the hearing, the Court's website was suddenly knocked offline. The attack reportedly originated from China and infected the page with malware, leaving anyone interested in the landmark legal case at risk of data theft. "By infecting the computers of journalists, diplomats, lawyers, and others who are involved or interested in the case, Chinese cyber units may be able to find out the names of people who are following the case and anticipate what their response might be if the court rules against China. For example, if Vietnamese or Japanese diplomats visited the website and their computers were infected, China could have access to internal documents and understand that country’s next moves over the disputed islands."

47 comments

  1. Ummm... Not Gonna RTFA by retroworks · · Score: 5, Funny

    At least until it's sterilized

    --
    Gently reply
    1. Re:Ummm... Not Gonna RTFA by khasim · · Score: 4, Informative

      Trust me, you're not missing anything from TFA's. Here's one quote:

      The Philippines (and its U.S. allies) should accordingly start preparing now for a massive digital tantrum by Chinese patriot hackers if the ruling, expected by the end of the year, goes against the Middle Kingdom.

      They blame "China" for the "attack" but then refer to "patriot hackers".

      There's a huge difference between a government operation and some kids doing it.

      And I have not been able to find any reference to the nature of the "malware" installed. I'm betting it wasn't a 0-day exploit.

    2. Re:Ummm... Not Gonna RTFA by MightyMartian · · Score: 2

      In China, I doubt there is. I imagine most hacking by Chinese nationals is, if not outright overseen by the Chinese government, is most certainly approved of.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    3. Re: Ummm... Not Gonna RTFA by Anonymous Coward · · Score: 0

      that is it.

      I'm taking my life offline.

    4. Re:Ummm... Not Gonna RTFA by Anonymous Coward · · Score: 1

      In China, I doubt there is. I imagine most hacking by Chinese nationals is, if not outright overseen by the Chinese government, is most certainly approved of.

      Exactly. In China people are brought up believing they have a duty to help the common (Chinese) good. All the government then needs to do is put out news about the big, old [fill in the latest opponent] and the masses have a duty to perform actions to help the government where they can. The Chinese news say a certain committee is (in their opinion) trying to steal what rightfully belongs to China to give to an undeserving country (all countries other than China are considered undeserving), and Chinese hackers start attacking. While a person in China can be executed for hacking into a Chinese bank, and Internet use is highly monitored, attacks against outside systems are let through the Great Firewall and there are no repercussions to the hackers. Throw in that Chinese hackers get under the table help and guidance from PLA Unit 61398 (all denied by China of course), and you have a setup where China claims it isn't "them" doing the attacks.

  2. Yes but it could have been *any* reflected State by Anonymous Coward · · Score: 1

    that's why the GCHQ/NSA/KGB each keep ~50k pwned/infected home routers distributed worldwide, to reflect an attack and make it appear like it came from $Eurasia - insert appropriate frenemy of the instant

  3. Windows Server 2003/ Microsoft-IIS/6.0 by Anonymous Coward · · Score: 0

    http://toolbar.netcraft.com/site_report?url=http://www.pca-cpa.org
    Apparently its Windows Server 2003. IIS 6

    So the fix here is to upgrade/patch IIS or dump Windows.

    Back in the real world, China's building an island. It's building an island in Philippines waters, with an airstrip (and no doubt military defenses) so it can claim a large part of the South China Seas as its own. Really these discussions are a side issue, since there is no middle ground possible only chit chat while China builds more islands. Do we act or capitulate? My guess is we'll do nothing due to weak leadership.

    And as for malware on a web page, that is a side issue, nobody has reason to visit that website, and these talks won't have an outcome as everyone bows to China.

    1. Re:Windows Server 2003/ Microsoft-IIS/6.0 by Anonymous Coward · · Score: 0

      Do we act or capitulate? My guess is we'll do nothing due to weak leadership.

      So you've already enlisted in case of a war? You're not just playing armchair general, right?

    2. Re:Windows Server 2003/ Microsoft-IIS/6.0 by Lunix+Nutcase · · Score: 1

      It's easy to beat your chest about war and call other people weak when you're nothing but a keyboard warrior who doesn't have to be accountable for the consequences of a military action.

    3. Re:Windows Server 2003/ Microsoft-IIS/6.0 by Anonymous Coward · · Score: 0

      "So you've already enlisted in case of a war? You're not just playing armchair general, right?"

      Me: "Act" You: "Act=war", the two are not synonymous.

      Can I suggest to you that action is needed, because if China is rewarded by aggression each time, there will be a point when its leaders start grabbing US interests and US territory and that will lead to wars.

      We can dismantle their island and arrest their ships before they make a substantial military base there.

    4. Re:Windows Server 2003/ Microsoft-IIS/6.0 by Anonymous Coward · · Score: 0

      So what are you actually doing of value rather than simply being an armchair general?

      And lol at you thinking China is just gonna let people dismantle their military bases and not take military action in return and I take military action in return.

    5. Re:Windows Server 2003/ Microsoft-IIS/6.0 by Anonymous Coward · · Score: 0

      "And lol at you thinking China is just gonna let people dismantle their military bases and not take military action "

      So you would capitulate? Not even on an action, or even on the threat of an action, but on the internal fear that they might threaten and action?

      Its a sandbank in filipino waters, and a police action to arrest the builders. When its a military base then its a problem.

    6. Re:Windows Server 2003/ Microsoft-IIS/6.0 by Anonymous Coward · · Score: 0

      2003 is EOL so a good start would be "move to an OS for which security related bug fixes are still available", this could be Windows or non-Windows. "Patching IIS" is not really possible, there are not any patches.

    7. Re:Windows Server 2003/ Microsoft-IIS/6.0 by Anonymous Coward · · Score: 0

      So then I go back to my original question, you've enlisted rather than playing armchair general then, right?

  4. Re:Yes but it could have been *any* reflected Stat by daveschroeder · · Score: 4, Insightful

    This post only demonstrates your misunderstanding of things (by talking about "home routers", for example, in this context). And yes, attribution in cyber is hard -- that's one of the most-discussed, fundamental problems of cyber.

    You can also go down the Princess Bride-esque rabbit hole of saying that China knows that some people -- like yourself -- will make arguments that "it could be the US or UK making it look like it's China", and thus conduct an attack, or that we know that they know that we know that, and therefore the US did it, etc.

    At some point, you have to apply Occam's Razor and ask: who benefits? And the most obvious, direct, and clear beneficiary of this kind of interference is China. Not the US, not the UK, not some imagined Western Illuminati cabal with China being innocent victims; no: China.

  5. who cares? by Anonymous Coward · · Score: 3, Interesting

    Seriously, it's pretty well established that states that have the resources to create "cyber-units" are going to hack systems for intelligence purposes. The recent Chinese-American agreement on hacking even recognizes that hacking for intelligence purposes is totes legit, so why do we frequently get these silly articles on Chinese hacking? It's nothing more than the Western media stirring up a cyber Red Scare. It's boring, predictable, and actually has the opposite effect of what these kinds of articles are meant to do. Instead scaring the public about Chinese hacking, these articles only highlight how bad the Chinese suck at hacking--they keep getting caught at it.

  6. Re: Yes but it could have been *any* reflected Sta by Anonymous Coward · · Score: 0

    Remember,the razor cuts both ways, both to and fro. The why is never a cause, and preconceived enemies are not always to blame. China may have done it, and the fillipinese have just a good hackers in their pocket also. Could it have been a third party trying to get some south sea retribution? After all, pirates are not the only thing running in the area.

  7. Re:Yes but it could have been *any* reflected Stat by Anonymous Coward · · Score: 0

    Decent point at the end but tired rhetoric and a sad misapplication of the scientific method to something that is not scientific at all. Also, anyone with half a brain knows the "attributed source" of an attack in the press means nothing. In fact, reading about such a thing in the press AT ALL means nothing.

  8. Island gap! by mschaffer · · Score: 3, Funny

    So, why has the US allowed China to get ahead in the man-made island race?

    1. Re:Island gap! by Sir_Eptishous · · Score: 1

      The US is just waiting for them to finish. Then they will bust out their new weather control weapon and send a huge Typhoon to wash away their atolls...

      --
      We play the game with the bravery of being out of range
    2. Re:Island gap! by Anonymous Coward · · Score: 0

      typhoons dont melt steel beams

    3. Re:Island gap! by MiniMike · · Score: 2

      Not to worry, the warranty on these 'Made in China' island expires in three months, after which the islands will collapse back into the sea.

    4. Re: Island gap! by Anonymous Coward · · Score: 0

      Oh, then Japan should take care of that...

  9. Re:Yes but it could have been *any* reflected Stat by khasim · · Score: 1

    At some point, you have to apply Occam's Razor and ask: who benefits? And the most obvious, direct, and clear beneficiary of this kind of interference is China. Not the US, not the UK, not some imagined Western Illuminati cabal with China being innocent victims; no: China.

    No. You're limiting it too much.

    "Who benefits" could be some 15 year old kid who just got world-wide attention (and the respect of his friends) for his "hacking". So don't limit the list of suspects.

    It's not just nations.
    It's not just nations and NGO's.
    On the Internet, it is EVERYBODY.

  10. How is that even happening? by U2xhc2hkb3QgU3Vja3M · · Score: 2

    I mean, yeah okay let's say they get access to the server and they can upload new files or modify existing ones. How can a server infect a godamn computer via a stupid Web browser? Are we talking about yet another Adobe Reader, Adobe Flash or Microsoft Silverlight exploit here? Are computers running Linux, BSD and OS X safe from this shit?

    Fight for your bitcoins!

    1. Re:How is that even happening? by Anonymous Coward · · Score: 0

      Like it has not happened before...

  11. Re:Yes but it could have been *any* reflected Stat by U2xhc2hkb3QgU3Vja3M · · Score: 1

    At some point, you have to apply Occam's Razor and ask: who benefits?

    Nobody expects the Spanish Inquisition!

    Fight for your bitcoins!

  12. Good thing Obama is president by Anonymous Coward · · Score: 0

    He'll stop them

  13. Re:Yes but it could have been *any* reflected Stat by Type44Q · · Score: 1

    not some imagined Western Illuminati cabal

    Everything you had to say was spot-on until you sabotaged it with the above horseshit. No, of course the Illuminati isn't real, so repeat after me:

    There was no Adam Weishaupt and the organization he was purported to have created certainly doesn't exist.

    Take your Koolaid and feel free to give yourself an enema with it.

  14. Re: Yes but it could have been *any* reflected Sta by Anonymous Coward · · Score: 0

    Remember,the razor cuts both ways, both to and fro.

    So we need Occam's Safety Razor®!

  15. Lies and misdirection! by MiniMike · · Score: 4, Insightful

    Inevitable Chinese government response:

    This webserver is in Chinese territory and always has been! There is no virus on our webserver! This 'Hague' organization has no claim to this webserver! The virus was put on the webserver as a warning to browsers from other counties to stay at least 12 links away! We advise the 'Hague'. side to think twice before action, not to conduct any rash action, and not to create trouble out of nothing!

    1. Re:Lies and misdirection! by Coren22 · · Score: 1

      If only I had mod points. That is hilarious.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    2. Re:Lies and misdirection! by Anonymous Coward · · Score: 0

      I figured the response would be more like:

      "Translate server error"

  16. Great reasoning ala "follow the money"... apk by Anonymous Coward · · Score: 0

    See subject: I take a peek @ this a few times a day http://map.norsecorp.com/ & I found it on HEIMDAL security https://heimdalsecurity.com/bl...

    * I like your use of common sense - it's using the old adage in my subject (except it's not about mere money - it's about control & power for those playing these games... worst part is, all it takes is 1 nation state to start pulling it, & the rest are FORCED into it too!).

    (MOD HIM UP!)

    REPOSTING THIS since the last time this was posted it was down moderated for NO justifiable reason http://it.slashdot.org/comment...

    APK

    P.S.=> Crazy world - So, I suppose it's best to try to be "sane in that crazy world" is about all we can do @ this point & to protect yourself as best you can vs. it... apk

  17. Another decent point - BUT... apk by Anonymous Coward · · Score: 0

    Let's say a "3rd party" that NO way can stand up to China or the USA (or USSR etc.) wants them out of the way - get them to blow one another away thru devious bs that LOOKS like one or the other attacking...

    All while the REAL troublemaker(s) sit back waiting in the wings to take the spoils (since there wouldn't BE a real victor between superpowers imo, only victims from everywhere).

    * So, yes, per my subject - you have a point also (as does the GP & other fellow you + myself both responded to).

    REPOSTING THIS since it was downmodded for no justifiable reason last time I posted it here http://it.slashdot.org/comment...

    (Thanks for blowing those modpoints trolls - I can get around them easily & repost again since I have no ac limits that way + I've just saved someone else from being unfairly treated getting you to blow them & run DRY of them, lol...)

    APK

    P.S.=> I put up a tool you all may be interested in here -> http://it.slashdot.org/comment... that, for the past few weeks now @ least, does INDEED show Saudi Arabia (#1 by a BIG margin lately the past few weeks), China, USSR/Russia being the biggest 'aggressors'... funniest part is, the MOST ATTACKED is usually always the USA though (which IS why I said what I did here to daveschroeder (since his reasoning uses what I just said - who's most attacked, USA, & who gains? You can see who -> http://it.slashdot.org/comment... & as far as "attribution"? That's only a matter of time... when Chinese jets get downed with UNALTERED Lockheed Martin (or others) PROMS still reading Lockheed Martin, it doesn't take a brain to know China's pulling the shit though, despite all their "deny, deny, deny" bs))... apk

  18. Re:Yes but it could have been *any* reflected Stat by Cederic · · Score: 1

    This post only demonstrates your misunderstanding of things (by talking about "home routers", for example, in this context). And yes, attribution in cyber is hard -- that's one of the most-discussed, fundamental problems of cyber.

    Given that 'cyber' when not used as an adjective is effectively short for 'cyber sex', this all rather puts an interesting slant on things.

  19. It's just a coincidence by WillAffleckUW · · Score: 1

    Just like the Russian and Chinese subs lurking off the data cables.

    Totally.

    That said, it's not like the US complies either.

    --
    -- Tigger warning: This post may contain tiggers! --
  20. Re:Yes but it could have been *any* reflected Stat by Coren22 · · Score: 1

    Yes, when cybering, it is a known issue that you have no idea if that is a male or a female on the other end of the keyboard.

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  21. Governments doing what Governments should do by im_thatoneguy · · Score: 1

    Good for China. They should be doing everything they can to non-violently gather intelligence that benefits their citizens. And I hope the NSA and CIA are also hacking everybody else. This is basic state craft. What deserves our ire is when the state (china) uses intelligence to benefit business interests and steal intellectual property for economic gain not China trying to gather intelligence for its government to benefit its citizens.

  22. Insert Chinese hackers scare story .. by nickweller · · Score: 1

    "The attack reportedly originated from China and infected the page with malware" but only if your running Microsoft Windows :)

    1. Re:Insert Chinese hackers scare story .. by Anonymous Coward · · Score: 0

      because it's really worthwhile developing tools to infect a rounding error

  23. Re:Yes but it could have been *any* reflected Stat by tehcyder · · Score: 1

    Yes, when cybering, it is a known issue that you have no idea if that is a male or a female on the other end of the keyboard.

    It's a male.

    --
    To have a right to do a thing is not at all the same as to be right in doing it
  24. Re: Another decent point - BUT... apk by Anonymous Coward · · Score: 0

    Did I read at some point someone made an extension that filters out apk? Or was that Bennett?