China-based Campaign Breached Satellite Operators, Defense Contractors and Telecommunications Companies in US: Symantec (reuters.com)

← Back to Stories (view on slashdot.org)

China-based Campaign Breached Satellite Operators, Defense Contractors and Telecommunications Companies in US: Symantec (reuters.com)

Posted by msmash on Tuesday June 19, 2018 @09:30AM from the tussle-continues dept.

A sophisticated hacking campaign launched from computers in China burrowed deeply into satellite operators, defense contractors and telecommunications companies in the United States and southeast Asia, security researchers at Symantec Corp said on Tuesday. Reuters: Symantec said the effort appeared to be driven by national espionage goals, such as the interception of military and civilian communications. Such interception capabilities are rare but not unheard of, and the researchers could not say what communications, if any, were taken. More disturbingly in this case, the hackers infected computers that controlled the satellites, so that they could have changed the positions of the orbiting devices and disrupted data traffic, Symantec said. "Disruption to satellites could leave civilian as well as military installations subject to huge [real world] disruptions," said Vikram Thakur, technical director at Symantec. "We are extremely dependent on their functionality." Satellites are critical to phone and some internet links as well as mapping and positioning data. Symantec, based in Mountain View, California, described its findings to Reuters exclusively ahead of a planned public release. It said the hackers had been removed from infected systems.

60 comments

Min score:

Reason:

Sort:

Tesla by 110010001000 · 2018-06-19 09:33 · Score: 1

And did they also sabotage Tesla? Or was that the "shorts" doing that? There are so many bad guys out there. It is a good thing companies like Symantec are out there stopping all this from happening.
1. Re:Tesla by Tablizer · 2018-06-19 13:13 · Score: 1
  
  Rumor had it that he got away with stuff like this because his father donated large sums to the school.
  Even military school couldn't prevent his spoilage.
  
  --
  Table-ized A.I.
NSA subsidiary Symantec that is. by Anonymous Coward · 2018-06-19 09:37 · Score: 1

Getting rid of competition like Kasperski like Goldman Sachs got rid of Bank of America. Not only destroying them in the country, but making every blame them too. An age-old strategy, actually dating back to the OSS and Nazis, and well-documented in the Snowden leaks.
Symantec Breached, or Symantec Reported... by apenzott · 2018-06-19 09:43 · Score: 1

When I read that initially, I thought the article was saying that Symantec was also breached.

--
The Roman Rule: The one who says it cannot be done shall not interrupt the one who is doing it.
Spy vs. Spy by Tablizer · 2018-06-19 09:47 · Score: 4, Insightful

How dare they do to us what we are probably doing to them.

--
Table-ized A.I.
1. Re:Spy vs. Spy by AlwinBarni · 2018-06-19 10:18 · Score: 3, Insightful
  
  It's not about that, it's about the fact that there is no sufficient protection of critical US telecom infrastructure from foreign espionage.
  As the article says, they do not know what communication was intercepted and that the foreign actors had access to satellites controls.
  If all it's true it's pretty serious defense issue, far beyond "how dare".
2. Re:Spy vs. Spy by Anonymous Coward · 2018-06-19 11:51 · Score: 0
  
  This is why we need a space defense!
3. Re:Spy vs. Spy by Tablizer · 2018-06-19 13:05 · Score: 1
  
  It's not about that, it's about the fact that there is no sufficient protection of critical US telecom infrastructure from foreign espionage.
  Do you mean spying in a "read-only" sense, or potential sabotage?
  I'm sure the USA looks for holes in other countries' infrastructure to use in case of a conflict. Maybe even "add" holes for future use. Who knows.
  
  --
  Table-ized A.I.
4. Re:Spy vs. Spy by Anonymous Coward · 2018-06-19 14:37 · Score: 0
  
  Yup, it is NOT critical if its not air-gaped. The CIO and CTO shoud be named and shamed for incompetence.
  Four baskets: Critical, Semi-hardened, Auxiliary, Domestic rubbish
  The negligent manager who allowed an insecure OS like Windows, and an open network is entirely foreseeable, right down to crapware routers with back-doors. Do remember that many penetrations are not discovered until 10 months after the event.
5. Re:Spy vs. Spy by rtb61 · 2018-06-19 14:56 · Score: 1
  
  Foreign espionage, what does that even mean any more. The USA via the idiots in the NSA and especially in the CIA kicked off this game and now we all have to pay the price. Forget national interest espionage, this is all becoming corporate for profit hacking. You can destroy competing corporations with the right hack, you can free up the customers they have captured so you can take them, you can shut down operations, wipe out government contracts for security breaches, steal proprietary methods, capture code and obtain valuable data.
  By playing and actively promoting the game, including purpose inclusion and retention of security bugs, breaking security features that others could exploit and of course creating destructively code and releasing it to the wild (all subsequent attacks by law are their fault and they should be held accountable), the set this stupid element of the corporate wars off, got it going, fed it on purpose because ego and stupid.
  It is going to get worse, there is way too much money in corporations successfully hacking other corporations based upon the demonstrated lessons of the NSA and CIA for it not to happen and happen a lot. Could like trying to hire people now, training will take precedence of hiring in skill because trust and it only takes one bad leak to do an enormous amount of digital harm.
  
  --
  Chaos - everything, everywhere, everywhen
6. Re:Spy vs. Spy by gtall · 2018-06-19 21:50 · Score: 1
  
  Yep, China and Russia and Iran would never have figured out how to use the interwebs to do espionage with the NSA and CIA showing them how it's done. Geeze, what a bunch of dolts.
7. Re:Spy vs. Spy by AlwinBarni · 2018-06-20 01:39 · Score: 1
  
  It's not about that, it's about the fact that there is no sufficient protection of critical US telecom infrastructure from foreign espionage.
  Do you mean spying in a "read-only" sense, or potential sabotage?
  The article suggest ability to take control of the satellites. With the control of the satellites quite a lot can happen - from manipulating of the transmitted data, through bricking it, to even trashing it and the orbit it is in (satellites have some fuel for maneuvering, usually enough to reach the final orbit after launch and to reach "trash" orbit or de-orbit at the end of life).
  
  I'm sure the USA looks for holes in other countries' infrastructure to use in case of a conflict. Maybe even "add" holes for future use. Who knows.
  I am pretty sure the spying game is well on, but regardless of this, having such a deep penetration of critical systems is quite dangerous and would require some reevaluation of protocols, training, security clearances - I do not know how this suppose to work, but apparently it did not.
8. Re:Spy vs. Spy by Anonymous Coward · 2018-06-24 10:38 · Score: 0
  
  Who the fuck put the satellite control computers in a position where they could be remotely breached? Fucking idiots.
Why is this being reported? by Anonymous Coward · 2018-06-19 09:57 · Score: 0

We mustnâ(TM)t offend China
Suspect by duke_cheetah2003 · 2018-06-19 09:57 · Score: 3, Insightful

A sophisticated hacking campaign launched from computers in China burrowed deeply into satellite operators, defense contractors and telecommunications companies in the United States and southeast Asia, security researchers at Symantec Corp said on Tuesday.
I have no problem believing this. Seems legit. However, the TIMING of this report is extremely suspect. Why now? When there's a nasty trade-war brewing between China and the US. Yeah, suspect and shady as FUCK.
1. Re:Suspect by Anonymous Coward · 2018-06-19 13:07 · Score: 0
  
  A sophisticated hacking campaign launched from computers in China burrowed deeply into satellite operators, defense contractors and telecommunications companies in the United States and southeast Asia, security researchers at Symantec Corp said on Tuesday.
  I have no problem believing this. Seems legit. However, the TIMING of this report is extremely suspect. Why now? When there's a nasty trade-war brewing between China and the US. Yeah, suspect and shady as FUCK.
  We get this same story about Chinese/North Korea/Russia hacking every week.
  So why do you think the timing is suspect about a story that we've we hearing for years?
It would be worth it... by Anonymous Coward · 2018-06-19 10:01 · Score: 0

...to lose access to my own phone just so I could watch everyone freak out about not having access to theirs.
Why? by Anonymous Coward · 2018-06-19 10:08 · Score: 2, Insightful

Why are these critical systems connected to a public network, THE INTERNET, in the first place? Air-gap these things!
1. Re:Why? by Anonymous Coward · 2018-06-19 13:13 · Score: 0
  
  Why are these critical systems connected to a public network, THE INTERNET, in the first place? Air-gap these things!
  It has nothing to do with Internet connections. It is about employees inside the organization who do the hacks. I doubt that they're mostly even Chinese, as many Americans would sell their mothers for few bucks or a good fuck.
2. Re:Why? by AHuxley · 2018-06-19 13:21 · Score: 1
  
  Cost for contractor support. Contractors like the "free" internet for support. The NSA and GCHQ like their internet to spy back onto contractors.
  A contractor can support systems all over the USA, globally using the free internet and only need a few people with clearances and lawyers in any on nation.
  In the internet is a cost saving network allowing staff in one nation to work on many projects globally.
  The alternative is staff on site. Staff in that nation. Fly in fly out hours later to different locations all over the USA?
  Think of having to follow staff around the world and the USA using the FBI and CIA for every contractor working on a project.
  Vs real time internet support from the very best support contractors in CA using the fast internet?
  
  --
  Domestic spying is now "Benign Information Gathering"
3. Re:Why? by Anonymous Coward · 2018-06-19 16:46 · Score: 0
  
  Yes, those are all good points. However, it's going to take a major breach with real consequences before we realize that separating these networks from public networks may, in the long run, be more beneficial, both in monetary cost and possibly human life. That major breach is coming, better to be proactive in my opinion.
4. Re:Why? by AHuxley · 2018-06-19 17:29 · Score: 1
  
  The USA gov did not have that level of problem in the past when it hired on merit and only used networks internally.
  Stop letting EU brands sell their services into the USA as a contractor via the internet.
  All workers have to be in the USA. That would allow the FBI to study the past of every worker. For their politics and for a split loyalty.
  Make contractors fly out all over the USA. In person. That at least reduces the risk of the open "internet" needed for every service offered to the US mil.
  Stop allowing other nations to follow the wide open contractors networks deep into US mil and gov buildings, camps, forts, ports, labs, production lines...
  Secure the networks. Dont let political investigations watch the data exit the USA again and again over months and years, looking to learn from what was stolen.
  All the data is getting stolen while US investigators sit back and watch networks and the network remain wide open. The data copied out with feds watching the data move.
  
  --
  Domestic spying is now "Benign Information Gathering"
5. Re:Why? by Anonymous Coward · 2018-06-19 18:07 · Score: 0
  
  Yes, I agree with many of these points. See my replies to "Surprised?" below. (By the way, I'm not an anonymous coward, LOL. Who came up with that?)
6. Re:Why? by Anonymous Coward · 2018-06-19 20:44 · Score: 0
  
  Look, Chinaman, no American would ever sell his mother. They're rented out, they're not for sale.
7. Re:Why? by jbengt · 2018-06-20 01:22 · Score: 1
  
  A contractor can support systems all over the USA, globally using the free internet and only need a few people with clearances and lawyers in any on nation.
  Not as "free", but you could do the same thing with dedicated connections, rather than thru the open internet. For a lot of stuff, POTS would be enough.
this shit is boring by Anonymous Coward · 2018-06-19 10:12 · Score: 0

nt
Free advertising matters more to Symantec by raymorris · 2018-06-19 10:18 · Score: 3, Informative

What happens from this announcement, that Symantec cares about, is that their name is in the headlines. Free advertising.
Policy makers, the President and Congressional committees, already know from classified (an unclassified) intelligence that China is spying on the US all over the place. This latest marketing announcement by Symantec isn't going to make much difference to policy makers. Symantec doesn't care that much anyway - they don't have a major Chinese competitor they are trying to get rid of.
The free advertising is what Symantec cares about. If my company had uncovered this incident, we would absolutely put out a press release right away, in order to get our name in the press.
Heck, look at any of my CVEs, such as 2012-0206.
https://www.securityfocus.com/...
Do you think I thought about what the president was doing when I found and reported that? No, but I do very much like the first three words in the official description of the vulnerability.
More Crazy Conspiracy Theories by Anonymous Coward · 2018-06-19 10:20 · Score: 0

China is a great country that would never meddle like the USA does in Ukraine.
Slashdot is full of crazy conspiracy theories lately. You people need to get scientific facts about the fascist police state you're really living in: AE911Truth org
1. Re:More Crazy Conspiracy Theories by Anonymous Coward · 2018-06-19 13:32 · Score: 0
  
  Speaking of crazy....
Re:Because China is such a GOOD actor by Anonymous Coward · 2018-06-19 10:21 · Score: 0

Go fucking hang you chink cocksucker! YOU'RE THE SHADY FUCK.
I hope a pine beetle eats your shredded rectum, because that's all the Chinese will leave you: a destroyed environment and a ruined anus.
They used shit made ... by CaptainDork · 2018-06-19 10:24 · Score: 2

... by ZTE.

--
It little behooves the best of us to comment on the rest of us.
1. Re:They used shit made ... by AmiMoJo · 2018-06-19 23:42 · Score: 1
  
  At least it wasn't Cisco. How many CVEs for hard coded tech support backdoors are we up to now?
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
2. Re:They used shit made ... by CaptainDork · 2018-06-20 03:32 · Score: 1
  
  I agree with you.
  I can't name one goddam hardware/software that has no CVE.
  
  --
  It little behooves the best of us to comment on the rest of us.
duke, you ignorant slut by Anonymous Coward · 2018-06-19 10:26 · Score: 0

I have no problem believing this. Seems legit. However, the TIMING of this report is extremely suspect. Why now? When there's a nasty trade-war brewing between China and the US. Yeah, suspect and shady as FUCK.
what a fucking clown you are!
you believe the report but you think the timing is fake
and the timing is explained in the report
coo-coo for coco-pufs
China breached US! by Mikkeles · 2018-06-19 10:27 · Score: 1

Good for them; and a plague on both their houses!

--
Great minds think alike; fools seldom differ.
DX all that shit by Anonymous Coward · 2018-06-19 10:27 · Score: 2, Informative

Christ almighty pull the jack already. It makes no sense at all that this type of stuff is connected to the internet.
1. Re: DX all that shit by Anonymous Coward · 2018-06-19 13:06 · Score: 0
  
  Who says it's all online?
  You can point a dish at a satellite and attack it directly. Once you gain access to the satellite network you can get into all kinds of things that aren't on the internet.
2. Re: DX all that shit by Anonymous Coward · 2018-06-19 17:25 · Score: 0
  
  Decreasing the number of access points allows you to monitor more effectively. A sensitive network connected to a public network means that every piece of hardware, and software, on that network is suspect and needs to be monitored; a daunting task. By purposely decreasing that access, for example to the satellite link you describe, and possibly a single VPN entry point, you have effectively created doors that can be monitored very closely.
3. Re:DX all that shit by DigiShaman · 2018-06-19 18:18 · Score: 1
  
  Dude, with all the motherfucking outsourcing and in-sourcing going on, China owns the US like a little bitch. This nation was sold out loooooonng ago.
  The other shoe to drop is a complete 0wnage of our infrastructure the hour war is declared. The first bomb wouldn't have to be dropped. Put a fork in it, done
  
  --
  Life is not for the lazy.
Re: Because China is such a GOOD actor by Anonymous Coward · 2018-06-19 10:30 · Score: 0

I apologize I forgot to take my meds this morning.
Re:Because China is such a GOOD actor by Anonymous Coward · 2018-06-19 10:33 · Score: 0

You Sir, have enough anus for all of us. Dirtbag dumb ass.
Cut off all internet to china by Anonymous Coward · 2018-06-19 10:44 · Score: 0

That would not stop I I realize. But if China were loading bags of plague on planes heading for the USA we'd stop flights that originated in China from entering the us. They might move their operations to another country but the punishment would help them realize what they have to lose.
1. Re:Cut off all internet to china by Anonymous Coward · 2018-06-19 13:10 · Score: 0
  
  How about we just cut off all internet to our command and control systems for satellites. China included.
Makes sense by Anonymous Coward · 2018-06-19 11:03 · Score: 0

Satellite use in China has increased quite substancially as a way around their censorship. And yes, that includes Millitary / international spying.
totally naive by Anonymous Coward · 2018-06-19 11:30 · Score: 0

Christ almighty pull the jack already. It makes no sense at all that this type of stuff is connected to the internet.
you expect intelligence from humans? you're just another dumb human
New Term: Air Gap by Anonymous Coward · 2018-06-19 11:54 · Score: 1

Know it. Use it. Love it.
When I worked in space control centers, we had air gapped control rooms. No VPN. No inbound traffic except through encrypted satellite links to the systems in space.
BTW, cell phones and cameras weren't allowed in the building either.
What has happened to our smart people? Do they need their diapers changed?
1. Re:New Term: Air Gap by Aighearach · 2018-06-19 21:21 · Score: 1
  
  Not only do I air-gap important digital electronics, I even air-gap my inductors and transformers! You never know when somebody is going to fuzz your inputs, you don't want to risk saturation leading to denial of service!
China=Symantec/SecurityFocus by Anonymous Coward · 2018-06-19 12:49 · Score: 0

Ray, SYMANTEC's OWNED BY CHINESE INTERESTS Iirc, it's "ringing a bell" here that THAT is the case w/ Symantec (not always, but in the past 10 yrs. or so, they were bought up by them) - LOL, & isn't SECURITYFOCUS owned by SYMANTEC? Yes, they are iirc! ... & YOU ARE DOING "YOUR REPORTING" (stating long known fact on DNS weakess) FOR THEM raymorris...
(HOWEVER - maybe you didn't know that...)
APK
P.S.=> Like it or not, it's fact ray - BUT you're welcome to PROVE me wrong (& I'll eat it IF you can)... apk
what makes me laugh and also sad by Anonymous Coward · 2018-06-19 13:01 · Score: 0

What makes me laugh and also sad is that thrre are Americans who still think We Ho Lee is innocent.
surprised? by WindBourne · 2018-06-19 13:22 · Score: 0

We continue to buy junk from China and install it sensitive areas and now we are surprised that China has access to these areas? LOL. Between traitors in America like W, Trump, Manning, Snowden, and Schulte, combined with our buying equipment that is loaded with backdoors, it would be amazing if we were NOT fully compromised.

--
I prefer the "u" in honour as it seems to be missing these days.
1. Re:surprised? by Anonymous Coward · 2018-06-19 17:03 · Score: 0
  
  I agree with you about the installation of third-party hardware in our nation's network infrastructure. I don't want to sound like some USA only patriot, however, in this case I believe it would be in our nation's best interest to use in-house hardware with governmental oversight of the underlying code. This may be accomplished through a government contracts division of any American technology company wishing to support our network infrastructure. Perhaps our government could set up a hardware division designing and building in-house equipment, providing both jobs and security to our nation?
2. Re:surprised? by WindBourne · 2018-06-19 17:25 · Score: 1
  
  We had that for a long time. In fact, Cisco still has a plant here where they make equipment for the secured world. And long ago, we would only accept equipment from our allies to be put in the loop. The fact that we accept equipment from China, and programming from Russia (as well as Indians that worked with/for Russians for decades) is nothing less than ludicrous.
  
  --
  I prefer the "u" in honour as it seems to be missing these days.
3. Re:surprised? by Anonymous Coward · 2018-06-19 17:48 · Score: 0
  
  Yes, I agree. However, the secured world, in my opinion, is too broad. This equipment needs to be manufactured in the US, in-house so-to-speak, for our use only. The software and firmware need to be handled with the same restrictions as sensitive government documents and information currently is. Employees with access to code gain a clearance the same as any other government employee needing access to sensitive data, and two, or even three party control of the code is adhered to at all times. There are no perfect solutions because of the human factor involved (greed, espionage, etc..), however, tightening control may make monitoring that data more effective.
  I was in the Marine Corps and had to handle codes for secure voice in military aircraft on a daily basis. To gain access to the codes I first had to have the clearance, I was required to have another person with clearance with me to receive the codes, and a third party, a security officer, was present when the codes were taken from the safe. At that point we could not separate until the plane coding was finished. Again, when returning the coder all of us were present and the task was officially logged. This control came about because of the Walker spying case that happened a few years prior to my joining the service. The point is, we learned from our mistakes and developed a better, more secure, system of handling, something we desperately need for our nation's network infrastructure.
America says "help! they are hurting us!" by Anonymous Coward · 2018-06-19 19:23 · Score: 0

while at the same time using electronic espionage and sabotage against all other countries in the world. Sorry, but nothing you say matter any more.
Sophisticated hacking campaign launched from China by najajomo · 2018-06-20 00:11 · Score: 1

Just how sophisticated can this 'hacking campaign' be if it can so easily be traced all the way from China. Yet more Chinese commie cyber hacker bullshit re-spouted on the slashdot :]
But... by oh_my_080980980 · 2018-06-20 02:37 · Score: 1

You're willing to blame the Russian government?

"Following its customary stance, Symantec did not directly blame the Chinese government for the hack. It said the hackers launched their campaign from three computers on the mainland. In theory, those machines could have been compromised by someone elsewhere. "
Re:Sophisticated hacking campaign launched from Ch by oh_my_080980980 · 2018-06-20 02:37 · Score: 1

If it quacks like a duck....
This is ridiculous by Anonymous Coward · 2018-06-20 03:37 · Score: 0

Anyone who connects critical infrastructure to the internet should be arrested.