Chinese Hacking of American Military Networks On the Rise

Anti-Globalism writes with this excerpt from the Guardian: "China is stealing sensitive information from American computer networks and stepping up its online espionage, according to a US congressional panel. Beijing's investment in rocket technology is also accelerating the militarization of outer space and lifting it into the 'commanding heights' of modern warfare, the advisory group claims. ... A summary of the study, released in advance, alleges that networks and databases used by the US government and American defense contractors are regularly targeted by Chinese hackers. 'China is stealing vast amounts of sensitive information from US computer networks,' says Larry Wortzel, chairman of the commission set up by Congress in 2000 to investigate US-China issues." The full study addresses these issues and others relating to the US-China relationship (PDF).

Obligitory...

But how much is the USA ramping up their attacks on China?

Well, you just saw the first propaganda salvos

They'll escalate it from there.

From TFA:

"says Larry Wortzel, chairman of the commission"

Larry Wortzel was:
http://www.heritage.org/about/staff/larrywortzel.cfm [heritage.org]

who are:
http://www.heritage.org/about/ [heritage.org]

"Our Mission
Founded in 1973, The Heritage Foundation is a research and educational institute - a think tank - whose mission is to formulate and promote conservative public policies based on the principles of free enterprise, limited government, individual freedom, traditional American values, and a strong national defense."

Yah got to have a bogeyman.

Re:Well, you just saw the first propaganda salvos

In the democratic theater that is modern western politics, the two governments that the population choose between (Republican/Democrat in the USA, Liberal/Labour in Australia, Conservative/Labour in the UK) need to be effectively identical in order that the real decisions get made not by the people, but by the neo-nobility.

There's no difference between modern western politics and autocratic regimes such as monarchy or even dictatorships. It's just that the ruling class hides behind the veil democratic system, and like the Wizard of Oz, pulls the string without the vastly dumbed down population being any the wiser.

They are kept in this subjugated state with a combination of bread and circuses to keep them politically passive as well as carefully constructed media content that portrays a monoculture as though it's freedom.

This is actually an on-topic point, that meandered for a bit. The point I'm trying to make is that only a fool would believe that the US does not have a cyber-warfare (ugh, idiotic term) program, and all this reporting on online attacks by the Chinese is an example of the media reporting bias.

Re:Obligitory...

No no, we need to stop the creation of nuclear weapons by dismantling our nuclear facilities and reducing our workforce of experts. By spearheading this initiative, we can expect other nations to follow suite.

Or they will surpass our technology and stockpiles while we hold hearings on the effects of global climate change. But I am confident they will not do so.

WTF?

Perhaps I'm just too simple minded, but WHY ON EARTH is ANY of that information even accessible from the interwebz?

Re:WTF?

My first though to, why is it even accessible if they think it's such a problem? Guess at least the military should know such basic things. (Though I do understand it makes their sharing easier.)

Get real.

This is propaganda. It's simply preparing the public for adding China to the Axis of Evil, erecting trade barriers etc.

 

Re:Get real.

I'd agree with you if this were a few decades ago, but right now we're too dependent on China's production and cheap labor.

Re:And even that is faked

Don't be to hard on them. China holding dollars gave the west cheap finance, which triggered an asset bubble, and encouraged overcapacity building in China (overcapacity and debt are the two main causes of depressions, depending on which economists you ask). Then they didn't pass on the wealth to their grunt workers, so Chinese demand won't be able to cushion the fall. Oh wait, that was pretty hard on them.

Re:Get real.

Bang on correct! When do people, especially government types admit that they have a problem and are hemorrhaging data to foreign states? Only when there is an advantage to doing so. In this case, I think you are right, it's part of a ramp up on public information to demonize the Chinese. Specifically who among the Chinese is yet to be determined, but the probably have a short list of targets.

No, it is not propaganda.

I have seen this. I used to work in a start-up and saw 2 seperate incidents. In one case, I was hiring for coders. Found a gal who was interesting. She had married a GI and moved to Northern Colorado Springs. Since we could do the work over the line, not an issue. I interviewed her and she was not interested. That is, until I mentioned taht we were doing work for DOD and NSA. Then her attitude changed dramatically. She very much wanted the job. Ok, not a big deal.

But a year later, we were looking for funding. Found a Tawain born guy from Loveland who use to own the chinese restaurant there. He wanted to invest. But he insisted on getting control of the hardware (which was the important part) if we defaulted. When would company be considered defaulted? When he said so. Told him no way. So, then he wanted to buy hardware and said that he would sell it in mainland china and we could all be worth 30 million or more. The hardware was only 1M. But he explained that mainland was willing to pay 30 for it and might go higher. I was actually shocked since I considered him Tawainese and would not do that. My opinion changed when at a slashdot posting, a tawain native said that the chinese who came there STILL consider themselves chinese, not tawainese. The original guy may not have been a spy. But, he was all too happy to sell tech to them. More interestingly, he indicated that he had been in touch WITH mainland china.

No, this is absolutely not propaganda. This is VERY real. Chinese ppl are happy to see their country coming up. And I understand that. But chinese gov is STILL in a cold war with us. They are very much spying on the west and buying tech. whenever possible. And yes, it is the west, not just America. That includes countries like Japan, Australia, Canada, France, UK, Israel, etc and even Russia. In fact, I consider your statement far more propaganda, because you have NO IDEA of what you are talking about.

Why would they bother?

America is sending all of it's wealth to China anyway and is happily enslaving future generations to chinese investors.

"Supreme excellence consists in breaking the enemy's resistance without fighting." Sun Tsu. 2500 years ago so.
 

Re:Why would they bother?

You can have the oil, but only if you take Celine Dion and Ben Mulroney as well.

It's not one way

US hacks China, China hacks US, where is the news in that? It's like watching two kids fight and both of them saying "He started it!" when in fact, they're both annoying little bastards.

Re:It's not one way

The news is that they're fighting and that the fighting's escalating. The two kids on the playground are more like Godzilla and Mothra - if they fight, there's going to be lots of explosions and buildings falling over. Plus, there's going to be some terrible dub work and the Japanese are going to somehow be involved. Also, we're going to find out about new powers that Godzilla has that he didn't have in the last movie. And then Steven Spielberg will do a remake that'll flop.

That got out of hand fast. Anyway, just because "they're both annoying little bastards" doesn't mean you shouldn't keep an eye on them. Especially if you live in Tokyo.

Time to do what we did to the USSR

One of the largest non-nuclear explosions ever came as a result of US technology that was stolen by the Russians. Except, the CIA knew it was happening and instead of stopping it they decided to plant faulty chip designs. Once the USSR knew the tech was unreliable, they were stuck with one helluva an auditing problem, beyond their capability.

How much do you want to bet that somewhere on a "vulnerable" network, there are some designs that are just... a little... bit... off.

Here's the Link

It was part of the Farewell Dossier [wikipedia.org]

Boo!

Every age needs bogey man.

Old School Security

Perhaps this seems a bit extreme, but exactly WHY are these military computers even connected to the Internet? If it's really secret information, shouldn't they have their own network or just not put these things online?

Beijing's investment accelerating militarisation?

Beijing's investment in rocket technology is also accelerating the militarisation of outer space

Funny, I thought it was the US [commondreams.org] stance [eetimes.com] of space dominance [defensetech.org] that was accelerating militarisation of space.

Very off-topic pdf, except part of ch. 2

The pdf may be of interest to those studying relationships with China, but very little mention of any "cyber war" except part of chapter two that stresses its 'non-classified' information. The biggest hole in US computer security is Windows and how people use it. It is very common for 'users' of Windows not to set passwords, which just makes it even easier easier to penetrate the whole network. Hopefully, no Windows machine can even access classified information in the first place.

Unix isn't perfect either and again, its the human aspect that is the biggest risk. Anyone caught using an account with access to 'sensitive' or 'classified' without an adequate password should be warned, explained what a good password is and fired if they can't comply. It would seem that there is high compliance and regular audits anywhere 'classified' information can be accessed. Chapter 2 of the pdf only mentions 'unclassified' material, never mind all 'classified' material is created from 'unclassified' resources. Truly classified data should never be accessible from The Internet in any way, in the first place. Any information placed on, or close to The Internet should be considered 'public' on a worldwide basis.

Generally speaking, China uses the simplest, known techniques, to penetrate servers. Any admin can tell you how many dictionary attacks come from China. It is impossible to determine which ones are just 'script kiddies' or students and which are serious organized efforts. There is a very small rate of success from this method. Today it seems that these (Unix) machines are simply used to spread the simple scripts on a wider scale. Simply moving off port 22 (even to port 23) will stop 99% of the problem. Statistical programs that temporarily deny access to a certain IP address can be very effective as most scans never return, even if the access is denied for as little as five minutes. To combat the hardcore attempts where the attack returns, simply increase the 'access denied' time and ultimately blacklist the IP address and the whole net if necessary. (It is very rare it ever goes that far.)

In conclusion: Don't put classified information in the reach of The Internet. Never use any Microsoft product to view 'classified' or 'sensitive' information unless it can be assured there will never be any Internet connections of any sort. It is highly unlikely any government secrets leak out unless that was the intention, such as a "trial balloon". At this time, this is a non-problem that can be stopped. If absolutely nothing is done, it could escalate in much the way spam did. The official report appears to draw the same conclusion, however that is buried in a pile of irrelevant and off-topic material.

BillSF

                       

zeros

the DoD network will continue to be vulnerable as long as they insist on using windows. lest you think i'm a peacenik or something, i was a boom operator in the USAF for 20 years. i retired in 1997, and joined the local LUG. Alot of the members were NCO sysadmins from the base, who related that "all the officers coming out of the zoo (USAF Academy) only knew windows, and policy did not allow for anything else". So, being good NCOs, they snuck linux in the back door and had it running all over the place, as proxy servers, firewalls, etc. their officers didn't know about it, but as long as nobody complained and it made them look good, they were happy. then when they found out, and had it removed. problems increased dramatically soon thereafter. fuckin' zeros...they don't listen! MSgt, USAF (Ret.)

I wonder if it is personal?

The DoD takes everything personally, and for good reason, but I have a steady stream of chinese hackers attempting to break into the router in my tool shed that reports battery voltage and temperature at a cabin that is inaccessible for 6 months of the year.

I really should put a webcam in there so they can see what they have achieved if they ever do manage to get in.

(22.1F, batteries 25.3V, 600 watt hours of energy stored today.)

poisoned Honey pots

And you guys claim to read Schneiier?? Consider this: if the Chinese are spying on our tech, we can stick it to them rather badly by lettng them find pointless dead end projects upon which to waste their treasure. everything is an opportunity... .max

Re:Communist China! Your days are numbered!

This sends the message to the rest of the world that the US may not pay its debt to them if they do something the US does not like.... That would be a bad precedent, as we would soon find ourselves very isolated when it comes to finance and commerce...