Article 43


Friday, September 02, 2011

Bad Moon Rising Part 44 - Infrastructure Cyber-Threat II


Is Someone in China Reading Your E-mails?

By Maura Moynihan,
January 12, 2009

On Dec. 16, 2008, Time magazine announced the annual People of the Year list. Barack Obama topped the list, and one runner-up was China’s Zhang Yimou, the epic filmmaker and Olympic impresario, for creating “arguably the grandest spectacle of the new millennium,” the opening and closing ceremonies of the 2008 BEIJING OLYMPIC GAMES, which “showcased the RISE OF CHINA as a WORLD POWER.”

The bland celebration of China’s version of Leni Riefenstahl dodged the uncomfortable truth that the Olympics enabled the Chinese Communist Party to expand its intelligence operations within the corporations and governments that flew to Beijing for a sports party.

China is now flexing its post-Olympic power with an aggressive new cyberespionage campaign, targeting government, military and civilians with equal force. If you use Windows, the Chinese Communist Party to knows how to hack into your laptop. If you have friends and associates in China, they’re reading your e-mails.

The Pentagon, the State Department and the U.S. Congress have been monitoring China’s cyberintelligence campaigns for years. The Congressional Record has a long list of hearings on the matter. In 2008 press statements, the Pentagon report that Chinese cyberespionage has “increased dramatically” before and after the Olympic Games.

During preparations for the Olympics, China installed massive new surveillance and security systems with the generous assist of U.S. corporations Honeywell, General Electric, United Technologies and IBM. Throughout the Olympic gold rush, the Bush administration routinely sidestepped the 1990 law stipulating that high-tech must not benefit the Chinese military. After all, the People’s Republic of China was a paying customer and owns a majority share of U.S. Treasury Bills.

The craven posturing of the International Olympic Committee and its corporate sponsors allowed Beijing party bosses to break every pledge to improve human rights, duly sworn when they lobbied for the contract. And what has the result been of this blind quest for corporate profit? On Nov. 20, 2008, the bipartisan U.S. China Economic and Security Review Commission sent its annual report to Congress. It states:

“China is targeting U.S. government and commercial computers for espionage (and) is stealing vast amounts of sensitive information from U.S. computer networks.”

The Web site of the independent research consortium INFOWAR MONITOR provides updates on China’s Web-infiltration methods. One alarming new report describes tracking devices carefully affixed INTO COMPUTERS hackers produced a “virtual guidebook for electronic warfare and jamming” after studying dozens of U.S. and NATO manuals on military tactics.

Chinese hackers have made numerous incursions into classified U.S. networks.In November 2006, retired Air Force Maj. Gen. Richard Goetze, a Naval War College professor, said the Chinese “took down” the entire Naval War College computer network—an operation that prompted the U.S. Strategic Command to raise the security alertlevel for the Pentagon’s 12,000 computer networks and 5 million computers. In June 2007, 150 computers in the $1.75 billion computer network at the Department of Homeland Security was quietly at work with programs that sent an unknown quantity of information to a Chinese-language Web site. Unisys Corp., the manager of the DHS computers, allegedly covered up the penetration for three months.

Do a brief Web search, and you will find a long list of U.S.-educated, high-level, Chinese-born agents serving time in U.S. prisons for spying and stealing military secrets for their homeland.  Last fall, FBI agents warned the Barack Obama and John McCain campaigns that Chinese networks were monitoring their computers. In June 2008, Rep. Frank Wolf, R-Va., revealed that computers in the House International Relations Committee had been HACKED by Chinese agents. 

“These cyber attacks permitted the source to probe our computers to evaluate our system’s defenses, and to view and copy information,” said Wolf. “My suspicion is that I was targeted by Chinese sources because of my long history of speaking out about China’s abysmal human rights record.”

On Feb. 15, 2006, representatives of GOOGLE, Yahoo, Microsoft and Cisco Systems were summoned before the House International Relations Committee to defend what Rep. Chris Smith, R-N.J., called a “sickening collaboration” with the Chinese government that was “decapitating the voice of the dissidents.” The Web executives defended their dealings with the Chinese government on the grounds that China is a global market.

The global market provides endless opportunities for cyberespionage. A February 2005 report from the Defense Science Board states “a significant migration of critical microelectronics manufacturing from the United States to other foreign countries has [occurred] and will continue to occur.” America’s defense systems are based on “trusted and classified” microchips. “Trust cannot be added to integrated circuits after fabrication; electrical testing and reverse engineering cannot be relied upon to detect undesired alterations in military integrated circuits.”

After Deng Xiaopeng took Chairman Mao Zedong to the shopping mall, Wall Street analysts proclaimed that China’s Maoists were different from Stalin’s Bolsheviks, and that Coca-Cola would magically engender democracy within a totalitarian state. China’s Maoists were supposedly different, making the economy work without dismantling state surveillance and control.

The financial tsunami that gushed out of Wall Street this fall forced the closure of over 30 Chinese factories, the ones that make the plastic Santas, socks and other such junk available at Wal-mart. But plenty more Chinese factories are churning out computers, digital chips, satellites and rockets for the high-tech universe that China has staked out as the next frontier of world war. Let’s hope that the only thing “Made in China” next Christmas is a plastic Santa—not spyware in our computers, where Big Brother, speaking Mandarin, is shifting through our cyberprofiles.

Maura Moynihan is the founding director of Friends of Moynihan Station. She lives in New York City.



From China with Love: The Chairman Meow Collection

August 26, 2011

Within the last year (since Stuxnet) the general populace has become more aware of the problems we all face from digital attacks and espionage. Of course sitting here today writing this blog entry, I look back at my past posts and wonder just why people are catching on now. China has been working us over for a long time and with each days passing we have been steadily more and more compromised by the 7th directorate and their proxy hacking groups. This is not to say that others aren’t doing the same thing as well. China just happens to be the more active due to their single minded desire to be the pre-eminent superpower and they have the politically charged populace to do it (i.e. PLA and their civilian hacking counterparts)

Israel, Russia, England, the list goes on, all spy on us as we spy on them. In the case of industrial espionage, the Chinese are first on the list, followed closely by Israel and Russia as well as France. Its a game we all play, its just that China has been going at it in a much smarter and cohesive way is all. All one need do is look at the current state of affairs to determine that they have been exceedingly adept at it as well, kudos to them really and shame on us. We (the US) have been too busy being slaves to greed and cheap products from, you guessed it, China, to notice that our collective clocks were being cleaned. Sure, some have been in the know about this (the military, DOD DIB parters) but we have been hampered by several things.

1) Contractors (i.e. private companies) do not have robust security postures and often are connected to DOD systems (say an air force base) Not to mention that these systems that the contractors own hold the goodies and escalation vectors that the APT want. Patching, IDS/IPS, SIEM, DLP, all words that are FOREIGN TO MANY EXECUTIVES MAKING DECISIONS about security and often have NOT ONE CLUE in the matter to start. I have in fact seen one place that had a C level exec with a 4 character password to their system! One that also had a pre-populated ID! YAY! Way to go there Mr. C level who manages a company that makes war-fighter systems! So, suffice to say that the companies have been ILL-EQUIPPED to handle security and the executives have been reticent to care.

2) Government regulations have been too lax in governing the security mandates and repercussions on any and all contractor companies that work on war-fighter systems. Sure, there are ITAR regs and potential fines, but really, how many of these companies have had true audits of their networks and environments to test their security postures? A good red team of many of these places I am sure would turn up shockingly scary vulnerabilities and network security gaffs that would, if leveraged by the likes of the Chinese, lead to huge compromises of the companies as well as their proprietary data. In the time I was at a defence contractor, I only saw one red team and in that event it only took about an hour to compromise the place utterly. We need to enforce security on all defense contractors for both sides of their businesses (defense base and public) in order to insure that the data is safe. Right now, even after everything that has happened with China, we still have no real regulation and control over these companies security postures and that is why we will keep failing.

3) Human nature and corporate group think are the lead causes in our failures mentioned above. We as beings seem to lack the ability to see the long term dangers with regard to this type of warfare. We are also being leveraged by social engineering attacks (phishing, vishing, etc) to gain the toehold into the networks that lead to escalation and persistence. We need to be teaching secure computer practices both on a personal and a corporate level in order to be better equipped to try and stop these attacks. ItҒs not going to be the new piece of hardware or software that the vendors want to sell you (though they do have a place if they work) but instead the human factor that will be able to help here. I just would like to see the C levels at least aware of the security threats and really understand them. So far, I have seen too many in management without a clue and who dont seem to care.

So, what I think we really need are some rules set up for companies doing government business that mandate secure practices and insure that if those companies are not following through, will be fined and shamed as well as lose their contracts. Its one thing to be compromised even if you are doing the due diligence, its quite another to be compromised and not really care nor understand the problem because there are no negative incentives to being that way. In today’s world, we need to be sharper than this if we want to stay in play on the global scale.

What we really need to be now is a Digital Spartan

Meanwhile, we are behind the game here. The government is trying to come to grips with all of this (poorly) all the while the Chinese and others now using the APT style of persistent attacks, are making bigger and more audacious hits against us (cough RSA & Lockheed cough!) while the news media spins on telling only half of the story that they comprehend to the masses that have little comprehension of the issues at all. Meanwhile, we in the security community talk about attribution and the problems of not only trying to stop all this from happening, but also deal with the repercussions politically trying to capture those carrying out the attacks.

All of this during the cacophony of vendors (and I mean you McAffee) spewing buzzword bingo out of your collective keisters trying to make sales and use the situation to your advantage.

It’s time to pay real attention to the PROBLEMS allowing these attacks to take place so easily and to the companies that are being targeted by the likes of China. For a little more history, I have collected the From China With LoveӔ collection on my blog. Dating back to 2008/2009 to today, you can see that this has been going on for a long time, and there is much more that has gone on that you might know about, or ever will unless you are cleared to know.




China Behind U.S. Hacking Attempts, Cyber Attacks?

By Nikki Seay
February 19, 2013

Cyber attackers who stole massive amounts of vital information from military contractors, energy companies and other military industries in the United States have now been traced back to a Chinese military unit, a U.S. security firm announced on Tuesday.

China’s own Foreign Ministry has dismissed the report as being “groundless” and denied any involvement in the hacking attacks.

A country who is no stranger to hacking accusations, China is frequently the culprit of cyber attacks. However, a recent REPORT [local copy] by the Virginia-based MANDIANT CORPORATION contains some of the most damaging and detailed INFORMATION to date, linking China’s military to a string of cyber-spying against United States, foreign companies and government agencies.

Mandiant alleges that it successfully traced the source of the hacking back to a neighborhood just outside of Shanghai. They actually pinpointed the location down to a white 12-story office building apparently run by “Unit 61398” of the People’s Liberation Army.

Unit 61398 “has systematically stolen hundreds of terabytes of data from at least 141 organizations,” Mandiant wrote. “From our observations, it is one of the most prolific cyber-espionage groups in terms of the sheer quantity of information stolen,” the company said. It added that the unit has been in operation since at least 2006.

Mandiant decided revealing the results of their investigation was well-worth the risk of having the hackers change tactics or become more difficult to track down.

“It is time to acknowledge the threat is originating in China, and we wanted to do our part to arm and prepare security professionals to combat that threat effectively,” it said.

In a STATEMENT faxed to The Associated Press, the Defense Ministry again denied any involvement in the hacking, stating that Chinese law forbids all activities that harm Internet security.

“The Chinese government has always firmly combated such activities and the Chinese military has never supported any form of hacking activity,” the ministry said. “Statements to the effect that the Chinese military takes part in Internet attacks are unprofessional and are not in accordance with the facts.”

A spokesperson for the Chinese Foreign Ministry, Hong Lei, did not directly address the allegations, but when questioned about the report on Tuesday, he said he did not believe that the evidence could possibly withstand scrutiny.

“To make groundless accusations based on some rough material is neither responsible nor professional,” Hong told reporters at a regularly scheduled news conference. As of now, the cyberattacks and cybercrimes China has suffered are rising rapidly every year,” Hong said.

News of the Mandiant report spread quickly on the Chinese Internet, with many calling it an excuse for the United States to impose greater restrictions on China’s growing technological grip.


Bad Moon Rising
Part 1 - Part 2 - Part 3 - Part 4 - Part 5
Part 6 - Part 7 - Part 8 - Part 9 - Part 10
Part 11 - Part 12 - Part 13 - Part 14 - Part 15
Part 16 - Part 17 - Part 18 - Part 19 - Part 20
Part 21 - Part 22 - Part 23 - Part 24 - Part 25
Part 26 - Part 27 - Part 28 - Part 29 - Part 30
Part 31 - Part 32 - Part 33 - Part 34 - Part 35
Part 36 - Part 37 - Part 38 - Part 39 - Part 40
Part 41 - Part 42 - Part 43 - Part 44 - Part 45
Part 46 - Part 47 - Part 48 - Part 49 - Part 50
Part 51 - Part 52 - Part 53 - Part 54

Posted by Elvis on 09/02/11 •
Section Bad Moon Rising
View (0) comment(s) or add a new one
Printable viewLink to this article
Page 1 of 1 pages


Total page hits 12187797
Page rendered in 2.7356 seconds
40 queries executed
Debug mode is off
Total Entries: 3450
Total Comments: 339
Most Recent Entry: 11/21/2022 01:12 pm
Most Recent Comment on: 09/26/2021 05:03 pm
Total Logged in members: 0
Total guests: 11
Total anonymous users: 0
The most visitors ever was 172 on 12/25/2019 07:40 am

Email Us


Login | Register
Resumes | Members

In memory of the layed off workers of AT&T

Today's Diversion

That which we do not bring to consciousness appears in our lives as fate. - Carl Jung


Advanced Search



December 2022
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31

Must Read

Most recent entries

RSS Feeds

CNN Top Stories

ARS Technica

External Links

Elvis Favorites

BLS and FRED Pages


Other Links

All Posts



Creative Commons License

Support Bloggers' Rights