Jump to content

China Labelled an "IT Menace"


Recommended Posts

For the general interest... ;)

 

ComputerActive - China is Labelled an IT Menace as Wars head to Cyberspace

 

 

Wars fought using computer code and hackers are affecting countries all over the world.
 
Earlier this month it was revealed that US President Barack Obama had powers to launch pre-emptive attacks if there was credible evidence that another country was planning to use cyber weaponry against the US.
 
If the President approves attacks the US will be able to attack other countries by disrupting their computer systems with destructive code.
 
Cyber warfare is nothing new. In 2011 the UK Government's top-secret GCHQ intelligence agency warned that the UK faced a "real and credible" threat of cyber-attacks from other states. GCHQ , which acts as a high-tech listening post searching for cyber-attacks, said that the country was under attack "every day, every hour, every minute and every second."
 
Responsibility for such attacks can be hard to trace. In a new book due to be released in April, Google boss Eric Schmidt labelled China an "IT menace" that uses cyber-crime for economic and political gains.
 
This statement came days after The New York Times revealed it was the subject of sustained and sophisticated attacks from Chinese hackers.
 
The newspaper, which has been exposing the financial dealings of Chinese Premier Wen Jiabao, said computer attacks originating in China had stolen passwords and broken into email accounts.
 
During a three month period the hackers installed 45 pieces of malicious software on the The Times' network and gained access to 53 employee computers. Once inside the network the hackers stole information relating to paper's investigation into Premier Wen Jiabao.
 
In the wake of the attacks The Times said that its security software had failed to identify all but one of the pieces of malicious software installed by hackers. Symantec, who provided the paper's security software, said that it was essential that companies and countries used the "full capability of security solutions" or risk falling victim to increasingly advanced cyber-attacks.
 
"Anti-virus software alone is not enough," it said.
 
Responding to accusations levelled at it for the attacks, the Chinese Ministry of National Defence said that such claims, made without solid proof, were "unprofessional and baseless."

 

"Cuius testiculos habeas, habeas cardia et cerebellum."

Link to post
Share on other sites

This is no surprise and long overdue, it was revealed recently that many cyber attacks against large USA corporations have been traced directly to a building in Shanghai and all the evidence points to a unit of the Chinese military unit being involved

 

http://abcnews.go.com/Blotter/mandiant-report-fingers-chinese-military-us-hack-attacks/story?id=18537307

 

The Chinese need to address this scourge, they are well aware of there own government funded illegal activities. The Chinese do this to gain economic advantage from companies in the USA. It is unacceptable that the Chinese behave this way.

"We don't stop playing because we grow old; we grow old because we stop playing.” -  George Bernard Shaw

 

"What counts in life is not the mere fact that we have lived. It is what difference we have made to the lives of others that will determine the significance of the life we lead" - Nelson Mandela

 

 

Link to post
Share on other sites

I think a well placed http://en.wikipedia.org/wiki/Stuxnet-worm with different agenda will even things out with China.

"Some men see things as they are and say why?"
"I dream things that never were and say why not?"
- George Bernard Shaw

"Hope in reality is the worst of all evils because it prolongs the torments of man."
- Friedrich Nietzsche

 

"The amount of energy necessary to refute bull**** is an order of magnitude bigger than to produce it."

- Some guy 

Link to post
Share on other sites

Waiting for obyknven to jump in with a picture of anti-American propaganda, a claim that " 'NO AMERICA, YOU ARE THE DEMONS' AND THEN AMERICA WAS A ZOMBIE.' "

I don't think he will. Oby correctly using "a" or "the" is not going to happen.
  • Like 1

"I am the expert, asshat." - Hurlshot

Link to post
Share on other sites

 

Waiting for obyknven to jump in with a picture of anti-American propaganda, a claim that " 'NO AMERICA, YOU ARE THE DEMONS' AND THEN AMERICA WAS A ZOMBIE.' "

I don't think he will. Oby correctly using "a" or "the" is not going to happen.

 

"america was a zombie".... funny :biggrin:

"We don't stop playing because we grow old; we grow old because we stop playing.” -  George Bernard Shaw

 

"What counts in life is not the mere fact that we have lived. It is what difference we have made to the lives of others that will determine the significance of the life we lead" - Nelson Mandela

 

 

Link to post
Share on other sites

On related matters..

 

BBC News - Are We Really Facing Cyberwar?

 

A few weeks ago I was standing by a railway track in the small town of Gaithersburg in Maryland as a CSX freight train blasted through the level crossing; its horn blaring and bells sounding out a warning.

 

Passengers may have largely deserted America's rails but freight trains remain vital to America's economic well-being.

 

Like most other pieces of modern infrastructure the railways are controlled by complex digital systems. And there are growing fears that these computers

could fall prey to cyber-attack, as could all the other electronic support systems on which modern society now depends.

 

Last year the then US defence secretary Leon Panetta spoke of the possibility of a possible "digital Pearl Harbor"; a massive attack that might target US

transport infrastructure and utilities.

 

Just a few weeks ago in his State of the Union address President Barack Obama added his own warning.

 

"We know hackers steal people's identities and infiltrate private emails," he said. "We know foreign countries and companies swipe our corporate secrets," he

went on, "now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air traffic control systems."

 

Key services

 

Hundreds of private companies are springing up to respond to the possibility of a digital doomsday. Some believe infrastructure such as the railways is under cyber-threat

 

The stakes are high as Shawn Henry told me. "Other than a weapon of mass destruction going off in a major city," he says, "the cyber-threat is one of the

most significant challenges that we face." Mr Henry is a former executive assistant director of the FBI - he was responsible for its cyber-investigations worldwide.

He is now president of Crowdstrike, a company which helps firms protect against hackers.

 

"Everything we do day-to-day relies on cyber-communications," he said.

 

"All of our data that's being pushed to the network or financial services sector, our critical infrastructure, our electric power grid, our water systems. We know with certainty that there are groups that are actively seeking to target and harm the western world through attacks on the cyber-network. If that happens I think we are going to suffer some significant consequences."

 

Hurricane Katrina in 2005 showed how quickly a sophisticated society can start to break down once key services are destroyed. The Secretary of Homeland

Security at the time of the hurricane, Michael Chertoff, told me that the threat from cyber-attack is very real.

 

He said: "Even now as we speak there are millions of attacks every day on infrastructure, simply stealing information or stealing intellectual property. Now, the same capability that allows somebody to do that is a capability that allows someone to be destructive. So yes it is a distinct possibility that systems that are connected to the internet, if they control operations, could be damaged or destroyed."

 

Cyber City

 

In the US State of New Jersey, Ed Skoudis is preparing for the possibility of just such a catastrophe. His office is filled with extravagant curios - it's Jules Verne meets Steam-Punk - there's a turn of the century phonograph, reproductions of early light bulbs, and in the basement, a model train set.

 

But this model railway is no toy. Along with a battery of supporting computers it's used by government agencies and private companies to simulate what could happen if hackers tried to take control of a town's digital infrastructure.

 

"We built Cyber City," Skoudis told me, "so that there's actually 15,000 inhabitants… and the inhabitants aren't like physical little people, but instead they're actually data - they have hospital records, they have family relationships, so you can see that this person is related to that person. They have bank records, they have accounts on our social networking site… and cyber-warriors will look at these different relationships and try to discern things that they can use in their defence and attack against the city,"

 

It's a miniaturised visualisation of a digital training range and it is getting a good deal of use.

 

Real dangers?

 

The language of the cyber-warriors is certainly apocalyptic. But amid shrinking defence budgets some believe the cyber-threat has been exaggerated. Thomas Rid, a reader in War Studies at King's College London, is blunt about how he views the true extent of the threat. The title of his new book is - Cyber War Will Not Happen.

 

"I think the scenario of a cyber Pearl Harbor or sometimes even a cyber 9/11 is an overstatement," he told me.

 

"In fact if you talk to Pentagon officials on background. They may actually admit that such statements are overstated because it's useful for political reasons, to put pressure on Congress to pass cybersecurity legislation."

 

Ed Skoudis acknowledges that there is a lot of "cyber-hype" around. But he insists that there are still real dangers out there. "There is something real behind all this," he said.

 

"We are seeing successful attacks where bad guys gain control of elements within the power grid, or other critical infrastructures, and they could use that to take serious action. There is hype," he adds, "but there's a core nugget to this where you can take action via cyber-means to have military effects."

 

This fear of a destructive cyber-threat is pushing the United States to bolster its defences - the Pentagon is recruiting 4000 new cyber-warriors.

 

A new presidential order has been signed to better protect America's critical infrastructure from hackers. Protecting against the risk of digital attack is a

rapidly expanding industry - one in which the military and private companies are aggressively competing to claim their share.

"Cuius testiculos habeas, habeas cardia et cerebellum."

Link to post
Share on other sites

Cyber warfare is a win/win for China.

 

- Assume that the only really effective action is to enact throttling or filtering of traffic across the Chinese internet 'border'. *

- Either we enact this by throttling, in which case we help the Chinese government control their citizens' access and integration with the WWW...

OR

- We don't, and the People Liberation Army Cyber Funtbags (PLACF) continue thieving profit enabling data and designs.

 

 

*I'm probably being too simplistic, but that's fun.

"It wasn't lies. It was just... bull****"."

             -Elwood Blues

 

tarna's dead; processing... complete. Disappointed by Universe. RIP Hades/Sand/etc. Here's hoping your next alt has a harp.

Link to post
Share on other sites

Cyber warfare is a win/win for China.

 

- Assume that the only really effective action is to enact throttling or filtering of traffic across the Chinese internet 'border'. *

- Either we enact this by throttling, in which case we help the Chinese government control their citizens' access and integration with the WWW...

OR

- We don't, and the People Liberation Army Cyber Funtbags (PLACF) continue thieving profit enabling data and designs.

 

 

*I'm probably being too simplistic, but that's fun.

 

 

The Chinese government already controls what there citizens can see and search for on the Internet. International condemnation is actually what the Chinese don't enjoy, so this public naming of that Chinese military building being the source of many cyber attack is probably the best thing to do.

"We don't stop playing because we grow old; we grow old because we stop playing.” -  George Bernard Shaw

 

"What counts in life is not the mere fact that we have lived. It is what difference we have made to the lives of others that will determine the significance of the life we lead" - Nelson Mandela

 

 

Link to post
Share on other sites

I wonder why all these important computers are even connected to the internet in a first place, they cannot hack you from China when you don't have connection, right ? Or maybe Im bit too simplistic about this issue.

"Have you ever spoken with the dead? Called to them from this side? Called them from their silent rest? Do you know what it is that they feel?

Pain. Pain, when torn into this wakefulness, this reminder of the chaos from which they had escaped. Pain of having to live! There will be no more pain. There will be... no more chaos."

 

 

Kerghan the Terrible,

first of the Necromancers,

voyager in the Lands of the Dead.

Link to post
Share on other sites

A bit too simplistic. Really high sensitivity targets ought to be on a wholly separate network, though this does not always save them eg the Iranian nuclear infrastructure hit by stuxnet, but for practicality you tend to want people to have access to the internet, email etc without too many hassles. You will often also want to have other devices (phones, pads) to have access, and by their very nature those are prone to wander onto unguarded networks. Given that, you have to balance security against reducing the all the advantages networking gives and make a decision about exactly where you draw the line on that equation. You will also, of course, get assurances from your security people that they are competent and everything is up to date.

 

It should be noted though that it is hardly just the Chinese who do that sort of thing- the classic example being the alleged siphoning of information to Boeing by the US government from Echelon so they could outbid Airbus.

Link to post
Share on other sites

I wonder why all these important computers are even connected to the internet in a first place, they cannot hack you from China when you don't have connection, right ? Or maybe Im bit too simplistic about this issue.

They aren't. The US DoD, for example, and most similar organizations, use internal networks that aren't connected to the internet/WWW. I heard in an NPR interview on the subject of stuxnet that the most likely way it got into the Iranian system is through a USB/flash drive. Either they actually obtain one belonging to someone with regular access to the network and put the virus or trojan on it, or they just drop one in a place where someone with security clearance might find it, and stick it in attempting to see whose it is/what's on it. A less likely scenario is actual agents infiltrating the organization/operation and doing it personally.
Link to post
Share on other sites

I wonder why all these important computers are even connected to the internet in a first place, they cannot hack you from China when you don't have connection, right ? Or maybe Im bit too simplistic about this issue.

Are you suggesting that the president should have a separate computer just to tweet? preposterous

Edited by Orogun01
I'd say the answer to that question is kind of like the answer to "who's the sucker in this poker game?"*

 

*If you can't tell, it's you. ;)

village_idiot.gif

Link to post
Share on other sites

Perhaps the computer could be small and handheld. Maybe link it to some sort of telephone? ;)

 

Speaking just for myself, and being a dinosaur from before the rise of the net, I don't see why we need to net so badly in big organisations. 95% of what comes through it is pure bureaucratic hogwash. Even when a genuine instruction or idea is sent the impact of the medium is so weak you might as well sound the charge by farting through a trumpet.

"It wasn't lies. It was just... bull****"."

             -Elwood Blues

 

tarna's dead; processing... complete. Disappointed by Universe. RIP Hades/Sand/etc. Here's hoping your next alt has a harp.

Link to post
Share on other sites

  Orogun, rest assured, no I'm not suggesting something like that at all, it was just a hypotetical (rhetorical maybe?) question dripped from my sorry clueless brains. Yet if any president wants separated PC for this tweeting stuff he's free to do so, as he likes.

  Walsingham, I can't agree more, indeed.

  Anyway, Zoraptor, AGX, thank you guys for civilized explanations, now I roughly see a bigger picture. Still it's highly disturbing to merely think, that even on separated network, it's all in risk and even absent of any connection whatsoever, relaying on flash drivers and the likes is much more hazardous, is there any safety at all then? I'm highly afraid of what future may deliver.

"Have you ever spoken with the dead? Called to them from this side? Called them from their silent rest? Do you know what it is that they feel?

Pain. Pain, when torn into this wakefulness, this reminder of the chaos from which they had escaped. Pain of having to live! There will be no more pain. There will be... no more chaos."

 

 

Kerghan the Terrible,

first of the Necromancers,

voyager in the Lands of the Dead.

Link to post
Share on other sites

Dear God, your are wound up tight. You didn't have to take it serious.

I'd say the answer to that question is kind of like the answer to "who's the sucker in this poker game?"*

 

*If you can't tell, it's you. ;)

village_idiot.gif

Link to post
Share on other sites

 

I wonder why all these important computers are even connected to the internet in a first place, they cannot hack you from China when you don't have connection, right ? Or maybe Im bit too simplistic about this issue.

They aren't. The US DoD, for example, and most similar organizations, use internal networks that aren't connected to the internet/WWW. I heard in an NPR interview on the subject of stuxnet that the most likely way it got into the Iranian system is through a USB/flash drive. Either they actually obtain one belonging to someone with regular access to the network and put the virus or trojan on it, or they just drop one in a place where someone with security clearance might find it, and stick it in attempting to see whose it is/what's on it. A less likely scenario is actual agents infiltrating the organization/operation and doing it personally.

 

Exactly... "The Cyber War" is nothing but more FUD coming out of Washington. It's akin to "The Evil Empire" or "We've always been at war with Eastasia!" As long as people are worried about phantom threats they won't be on their representatives butts to fix real problems.

Fere libenter homines id quod volunt credunt. - Julius Caesar

 

:facepalm: #define TRUE (!FALSE)

I ran across an article where the above statement was found in a release tarball. LOL! Who does something like this? Predictably, this oddity was found when the article's author tried to build said tarball and the compiler promptly went into cardiac arrest. If you're not a developer, imagine telling someone the literal meaning of up is "not down". Such nonsense makes computers, and developers... angry.

Link to post
Share on other sites

 

 

I wonder why all these important computers are even connected to the internet in a first place, they cannot hack you from China when you don't have connection, right ? Or maybe Im bit too simplistic about this issue.

They aren't. The US DoD, for example, and most similar organizations, use internal networks that aren't connected to the internet/WWW. I heard in an NPR interview on the subject of stuxnet that the most likely way it got into the Iranian system is through a USB/flash drive. Either they actually obtain one belonging to someone with regular access to the network and put the virus or trojan on it, or they just drop one in a place where someone with security clearance might find it, and stick it in attempting to see whose it is/what's on it. A less likely scenario is actual agents infiltrating the organization/operation and doing it personally.

 

Exactly... "The Cyber War" is nothing but more FUD coming out of Washington. It's akin to "The Evil Empire" or "We've always been at war with Eastasia!" As long as people are worried about phantom threats they won't be on their representatives butts to fix real problems.

 

Has it occurred to you that a constant paranoia about threats from one's own government is no less pernicious to civil awareness and freedom than a constant paranoia about external threats?

 

I feel almost precisely the same way about you waffling on about Big Brother as you feel right now about what you think is a false threat from cyberwar.

 

I've experienced personally the damage done by hacking, and whatever the source, it is already real. It is already costing billions in security that could be better spent elsewhere. It can and will have subtle and far reaching effects on how we live our lives in the next twenty years. It may not make streelights explode or set fair to your socks, but it is going to matter. 

"It wasn't lies. It was just... bull****"."

             -Elwood Blues

 

tarna's dead; processing... complete. Disappointed by Universe. RIP Hades/Sand/etc. Here's hoping your next alt has a harp.

Link to post
Share on other sites

 

 

 

I wonder why all these important computers are even connected to the internet in a first place, they cannot hack you from China when you don't have connection, right ? Or maybe Im bit too simplistic about this issue.

They aren't. The US DoD, for example, and most similar organizations, use internal networks that aren't connected to the internet/WWW. I heard in an NPR interview on the subject of stuxnet that the most likely way it got into the Iranian system is through a USB/flash drive. Either they actually obtain one belonging to someone with regular access to the network and put the virus or trojan on it, or they just drop one in a place where someone with security clearance might find it, and stick it in attempting to see whose it is/what's on it. A less likely scenario is actual agents infiltrating the organization/operation and doing it personally.

 

Exactly... "The Cyber War" is nothing but more FUD coming out of Washington. It's akin to "The Evil Empire" or "We've always been at war with Eastasia!" As long as people are worried about phantom threats they won't be on their representatives butts to fix real problems.

 

Has it occurred to you that a constant paranoia about threats from one's own government is no less pernicious to civil awareness and freedom than a constant paranoia about external threats?

 

I feel almost precisely the same way about you waffling on about Big Brother as you feel right now about what you think is a false threat from cyberwar.

 

I've experienced personally the damage done by hacking, and whatever the source, it is already real. It is already costing billions in security that could be better spent elsewhere. It can and will have subtle and far reaching effects on how we live our lives in the next twenty years. It may not make streelights explode or set fair to your socks, but it is going to matter. 

 

You misunderstand me. The FUD I refer to is the overblown cyber security threat. There is a difference between saying "fishing is a dangerous profession" and "OMG you can't go out on a boat because you'll be swallowed up by the ocean!" As was mentioned earlier, many of these critical systems aren't even connected to the internet.

 

As for big brother... I'm not worried about people in office now. My concern is the expansion of power in certain offices. A great depression, starving people, an overpowered office and an ambitious and power hungry individual are a recipe for future tyranny. Power is almost always given to, rather than taken by, this type of leader. People forget that Adolph and his party were elected, and when he was appointed chancellor is when things started to get scary.

Edited by Luridis

Fere libenter homines id quod volunt credunt. - Julius Caesar

 

:facepalm: #define TRUE (!FALSE)

I ran across an article where the above statement was found in a release tarball. LOL! Who does something like this? Predictably, this oddity was found when the article's author tried to build said tarball and the compiler promptly went into cardiac arrest. If you're not a developer, imagine telling someone the literal meaning of up is "not down". Such nonsense makes computers, and developers... angry.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...