China-based Campaign Breached Satellite Operators, Defense Contractors and Telecommunications Companies in US: Symantec (reuters.com)

← Back to Stories (view on slashdot.org)

China-based Campaign Breached Satellite Operators, Defense Contractors and Telecommunications Companies in US: Symantec (reuters.com)

Posted by msmash on Tuesday June 19, 2018 @09:30AM from the tussle-continues dept.

A sophisticated hacking campaign launched from computers in China burrowed deeply into satellite operators, defense contractors and telecommunications companies in the United States and southeast Asia, security researchers at Symantec Corp said on Tuesday. Reuters: Symantec said the effort appeared to be driven by national espionage goals, such as the interception of military and civilian communications. Such interception capabilities are rare but not unheard of, and the researchers could not say what communications, if any, were taken. More disturbingly in this case, the hackers infected computers that controlled the satellites, so that they could have changed the positions of the orbiting devices and disrupted data traffic, Symantec said. "Disruption to satellites could leave civilian as well as military installations subject to huge [real world] disruptions," said Vikram Thakur, technical director at Symantec. "We are extremely dependent on their functionality." Satellites are critical to phone and some internet links as well as mapping and positioning data. Symantec, based in Mountain View, California, described its findings to Reuters exclusively ahead of a planned public release. It said the hackers had been removed from infected systems.

28 of 60 comments (clear)

Min score:

Reason:

Sort:

Tesla by 110010001000 · 2018-06-19 09:33 · Score: 1

And did they also sabotage Tesla? Or was that the "shorts" doing that? There are so many bad guys out there. It is a good thing companies like Symantec are out there stopping all this from happening.
1. Re:Tesla by Tablizer · 2018-06-19 13:13 · Score: 1
  
  Rumor had it that he got away with stuff like this because his father donated large sums to the school.
  Even military school couldn't prevent his spoilage.
  
  --
  Table-ized A.I.
NSA subsidiary Symantec that is. by Anonymous Coward · 2018-06-19 09:37 · Score: 1

Getting rid of competition like Kasperski like Goldman Sachs got rid of Bank of America. Not only destroying them in the country, but making every blame them too. An age-old strategy, actually dating back to the OSS and Nazis, and well-documented in the Snowden leaks.
Symantec Breached, or Symantec Reported... by apenzott · 2018-06-19 09:43 · Score: 1

When I read that initially, I thought the article was saying that Symantec was also breached.

--
The Roman Rule: The one who says it cannot be done shall not interrupt the one who is doing it.
Spy vs. Spy by Tablizer · 2018-06-19 09:47 · Score: 4, Insightful

How dare they do to us what we are probably doing to them.

--
Table-ized A.I.
1. Re:Spy vs. Spy by AlwinBarni · 2018-06-19 10:18 · Score: 3, Insightful
  
  It's not about that, it's about the fact that there is no sufficient protection of critical US telecom infrastructure from foreign espionage.
  As the article says, they do not know what communication was intercepted and that the foreign actors had access to satellites controls.
  If all it's true it's pretty serious defense issue, far beyond "how dare".
2. Re:Spy vs. Spy by Tablizer · 2018-06-19 13:05 · Score: 1
  
  It's not about that, it's about the fact that there is no sufficient protection of critical US telecom infrastructure from foreign espionage.
  Do you mean spying in a "read-only" sense, or potential sabotage?
  I'm sure the USA looks for holes in other countries' infrastructure to use in case of a conflict. Maybe even "add" holes for future use. Who knows.
  
  --
  Table-ized A.I.
3. Re:Spy vs. Spy by rtb61 · 2018-06-19 14:56 · Score: 1
  
  Foreign espionage, what does that even mean any more. The USA via the idiots in the NSA and especially in the CIA kicked off this game and now we all have to pay the price. Forget national interest espionage, this is all becoming corporate for profit hacking. You can destroy competing corporations with the right hack, you can free up the customers they have captured so you can take them, you can shut down operations, wipe out government contracts for security breaches, steal proprietary methods, capture code and obtain valuable data.
  By playing and actively promoting the game, including purpose inclusion and retention of security bugs, breaking security features that others could exploit and of course creating destructively code and releasing it to the wild (all subsequent attacks by law are their fault and they should be held accountable), the set this stupid element of the corporate wars off, got it going, fed it on purpose because ego and stupid.
  It is going to get worse, there is way too much money in corporations successfully hacking other corporations based upon the demonstrated lessons of the NSA and CIA for it not to happen and happen a lot. Could like trying to hire people now, training will take precedence of hiring in skill because trust and it only takes one bad leak to do an enormous amount of digital harm.
  
  --
  Chaos - everything, everywhere, everywhen
4. Re:Spy vs. Spy by gtall · 2018-06-19 21:50 · Score: 1
  
  Yep, China and Russia and Iran would never have figured out how to use the interwebs to do espionage with the NSA and CIA showing them how it's done. Geeze, what a bunch of dolts.
5. Re:Spy vs. Spy by AlwinBarni · 2018-06-20 01:39 · Score: 1
  
  It's not about that, it's about the fact that there is no sufficient protection of critical US telecom infrastructure from foreign espionage.
  Do you mean spying in a "read-only" sense, or potential sabotage?
  The article suggest ability to take control of the satellites. With the control of the satellites quite a lot can happen - from manipulating of the transmitted data, through bricking it, to even trashing it and the orbit it is in (satellites have some fuel for maneuvering, usually enough to reach the final orbit after launch and to reach "trash" orbit or de-orbit at the end of life).
  
  I'm sure the USA looks for holes in other countries' infrastructure to use in case of a conflict. Maybe even "add" holes for future use. Who knows.
  I am pretty sure the spying game is well on, but regardless of this, having such a deep penetration of critical systems is quite dangerous and would require some reevaluation of protocols, training, security clearances - I do not know how this suppose to work, but apparently it did not.
Suspect by duke_cheetah2003 · 2018-06-19 09:57 · Score: 3, Insightful

A sophisticated hacking campaign launched from computers in China burrowed deeply into satellite operators, defense contractors and telecommunications companies in the United States and southeast Asia, security researchers at Symantec Corp said on Tuesday.
I have no problem believing this. Seems legit. However, the TIMING of this report is extremely suspect. Why now? When there's a nasty trade-war brewing between China and the US. Yeah, suspect and shady as FUCK.
Why? by Anonymous Coward · 2018-06-19 10:08 · Score: 2, Insightful

Why are these critical systems connected to a public network, THE INTERNET, in the first place? Air-gap these things!
1. Re:Why? by AHuxley · 2018-06-19 13:21 · Score: 1
  
  Cost for contractor support. Contractors like the "free" internet for support. The NSA and GCHQ like their internet to spy back onto contractors.
  A contractor can support systems all over the USA, globally using the free internet and only need a few people with clearances and lawyers in any on nation.
  In the internet is a cost saving network allowing staff in one nation to work on many projects globally.
  The alternative is staff on site. Staff in that nation. Fly in fly out hours later to different locations all over the USA?
  Think of having to follow staff around the world and the USA using the FBI and CIA for every contractor working on a project.
  Vs real time internet support from the very best support contractors in CA using the fast internet?
  
  --
  Domestic spying is now "Benign Information Gathering"
2. Re:Why? by AHuxley · 2018-06-19 17:29 · Score: 1
  
  The USA gov did not have that level of problem in the past when it hired on merit and only used networks internally.
  Stop letting EU brands sell their services into the USA as a contractor via the internet.
  All workers have to be in the USA. That would allow the FBI to study the past of every worker. For their politics and for a split loyalty.
  Make contractors fly out all over the USA. In person. That at least reduces the risk of the open "internet" needed for every service offered to the US mil.
  Stop allowing other nations to follow the wide open contractors networks deep into US mil and gov buildings, camps, forts, ports, labs, production lines...
  Secure the networks. Dont let political investigations watch the data exit the USA again and again over months and years, looking to learn from what was stolen.
  All the data is getting stolen while US investigators sit back and watch networks and the network remain wide open. The data copied out with feds watching the data move.
  
  --
  Domestic spying is now "Benign Information Gathering"
3. Re:Why? by jbengt · 2018-06-20 01:22 · Score: 1
  
  A contractor can support systems all over the USA, globally using the free internet and only need a few people with clearances and lawyers in any on nation.
  Not as "free", but you could do the same thing with dedicated connections, rather than thru the open internet. For a lot of stuff, POTS would be enough.
Free advertising matters more to Symantec by raymorris · 2018-06-19 10:18 · Score: 3, Informative

What happens from this announcement, that Symantec cares about, is that their name is in the headlines. Free advertising.
Policy makers, the President and Congressional committees, already know from classified (an unclassified) intelligence that China is spying on the US all over the place. This latest marketing announcement by Symantec isn't going to make much difference to policy makers. Symantec doesn't care that much anyway - they don't have a major Chinese competitor they are trying to get rid of.
The free advertising is what Symantec cares about. If my company had uncovered this incident, we would absolutely put out a press release right away, in order to get our name in the press.
Heck, look at any of my CVEs, such as 2012-0206.
https://www.securityfocus.com/...
Do you think I thought about what the president was doing when I found and reported that? No, but I do very much like the first three words in the official description of the vulnerability.
They used shit made ... by CaptainDork · 2018-06-19 10:24 · Score: 2

... by ZTE.

--
It little behooves the best of us to comment on the rest of us.
1. Re:They used shit made ... by AmiMoJo · 2018-06-19 23:42 · Score: 1
  
  At least it wasn't Cisco. How many CVEs for hard coded tech support backdoors are we up to now?
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
2. Re:They used shit made ... by CaptainDork · 2018-06-20 03:32 · Score: 1
  
  I agree with you.
  I can't name one goddam hardware/software that has no CVE.
  
  --
  It little behooves the best of us to comment on the rest of us.
China breached US! by Mikkeles · 2018-06-19 10:27 · Score: 1

Good for them; and a plague on both their houses!

--
Great minds think alike; fools seldom differ.
DX all that shit by Anonymous Coward · 2018-06-19 10:27 · Score: 2, Informative

Christ almighty pull the jack already. It makes no sense at all that this type of stuff is connected to the internet.
1. Re:DX all that shit by DigiShaman · 2018-06-19 18:18 · Score: 1
  
  Dude, with all the motherfucking outsourcing and in-sourcing going on, China owns the US like a little bitch. This nation was sold out loooooonng ago.
  The other shoe to drop is a complete 0wnage of our infrastructure the hour war is declared. The first bomb wouldn't have to be dropped. Put a fork in it, done
  
  --
  Life is not for the lazy.
New Term: Air Gap by Anonymous Coward · 2018-06-19 11:54 · Score: 1

Know it. Use it. Love it.
When I worked in space control centers, we had air gapped control rooms. No VPN. No inbound traffic except through encrypted satellite links to the systems in space.
BTW, cell phones and cameras weren't allowed in the building either.
What has happened to our smart people? Do they need their diapers changed?
1. Re:New Term: Air Gap by Aighearach · 2018-06-19 21:21 · Score: 1
  
  Not only do I air-gap important digital electronics, I even air-gap my inductors and transformers! You never know when somebody is going to fuzz your inputs, you don't want to risk saturation leading to denial of service!
Re:surprised? by WindBourne · 2018-06-19 17:25 · Score: 1

We had that for a long time. In fact, Cisco still has a plant here where they make equipment for the secured world. And long ago, we would only accept equipment from our allies to be put in the loop. The fact that we accept equipment from China, and programming from Russia (as well as Indians that worked with/for Russians for decades) is nothing less than ludicrous.

--
I prefer the "u" in honour as it seems to be missing these days.
Sophisticated hacking campaign launched from China by najajomo · 2018-06-20 00:11 · Score: 1

Just how sophisticated can this 'hacking campaign' be if it can so easily be traced all the way from China. Yet more Chinese commie cyber hacker bullshit re-spouted on the slashdot :]
But... by oh_my_080980980 · 2018-06-20 02:37 · Score: 1

You're willing to blame the Russian government?

"Following its customary stance, Symantec did not directly blame the Chinese government for the hack. It said the hackers launched their campaign from three computers on the mainland. In theory, those machines could have been compromised by someone elsewhere. "
Re:Sophisticated hacking campaign launched from Ch by oh_my_080980980 · 2018-06-20 02:37 · Score: 1

If it quacks like a duck....