Richard Clarke: All Major U.S. Firms Hacked By China 311
bdking writes "Former White House cybersecurity advisor Richard Clarke says state-sanctioned Chinese hackers are stealing R&D from U.S. companies, threatening the long-term competitiveness of the nation. He said, 'The U.S. government is involved in espionage against other governments. There’s a big difference, however, between the kind of cyberespionage the United States government does and China. The U.S. government doesn’t hack its way into Airbus and give Airbus the secrets to Boeing [many believe that Chinese hackers gave Boeing secrets to Airbus]. We don’t hack our way into a Chinese computer company like Huawei and provide the secrets of Huawei technology to their American competitor Cisco. [He believes Microsoft, too, was a victim of a Chinese cyber con game.] We don’t do that. ... We hack our way into foreign governments and collect the information off their networks. The same kind of information a CIA agent in the old days would try to buy from a spy. ... Diplomatic, military stuff but not commercial competitor stuff.'"
US at it too (Score:0, Insightful)
The US is reconstructing thoughts from business execs all over the planet, stealing business information 24/7.
You don't say... (Score:5, Insightful)
http://en.wikipedia.org/wiki/ECHELON#Controversy [wikipedia.org]
Re:You don't say... (Score:4, Insightful)
yes but the US government is the good guys. Haven't you heard?
Everyone else is the bad guys.
And if we have to lie a bit to make the US government look better, then it's for a good cause.
Now shut the fuck up before your ass is NDAAed
Riiiiight. (Score:5, Insightful)
The government routinely shares information with its defense contractors. Where that information comes from? The corporation does not ask.
We are spying but.. (Score:5, Insightful)
Re:You don't say... (Score:5, Insightful)
Also, were it not for western industrial espionage against China, we wouldn't have paper or porcelain or tea.
The US doesn't steal commercial know-how because they already have plenty. China is decades behind (in some areas), and can benefit a lot from acquiring foreign IP.
In fact, China's subsidies of industrial inputs (land, energy, water, steel, etc) are there to drag in foreign manufacturing. Want to guess why they want everything made in China? It's so they can figure out how to make it themselves.
It's a hell of a lot better than invading resource-rich countries to try to build up your industrial base. And if no-one ever stole secrets, we'd still all be in the dark ages.
"we don't do that".... (Score:2, Insightful)
Those are the words of somebody who is feeling more than just a tad defensive, and trying to justify their own actions because of how they know it would look.
I'm not saying he was lying, but from where I sit, it sure looked like he was just trying to make excuses.
It just seems to scream points #7, #9, and #14 from this list [ethicsscoreboard.com], and raises some red flags, at least.
Over-globalization is the problem here. (Score:5, Insightful)
This is what we get when we get too friendly with nations that are still despotic in nature, reserving freedom for the few businesses and not the many. They are used to take away freedom from people under the canard of "competitiveness", something that is only used to wash the blood from indefensible actions.
Shame we can't have a national security directive to kill offshoring - since it is about the only thing that can kill this for good. It may not be the cleanest answer, but it is the one that cuts the lobbyists out of the equation. If we want offshoring, it cannot be in the current form - a form that is only used as retribution for successes and security gained by First World citizens. It must be in a form that clearly prioritizes citizens of all skill levels first for hiring and training (to get rid of the skill-level complaints) for long-term & direct hire jobs (to obliterate the permatemp culture); it cannot be simply a way to exact concessions in the name of Ricardian economics.
Re:US at it too (Score:3, Insightful)
>> The U.S. government doesn’t hack its way into Airbus and give Airbus the secrets to Boeing
Total bullshit. The US officially steals corporate information on an industrial scale by examinating the laptop of corporate travellers.
Re:You don't say... (Score:5, Insightful)
Re:Conflict of Interest? (Score:5, Insightful)
While it is true he makes more money the bigger the frenzy, keep in mind that doesn't necessarily mean he is incorrect or acting immorally. If he believes there is a problem, thinks there is a market for fixing it, and is attempting to raise awareness of the problem he may way be acting in a correct manner. In short conflict of interest is not proof of incorrectness.
So yes by all means take him him with a grain of salt, but also actually look at the evidence he presents.
Why Hack When We Give It Away (Score:4, Insightful)
If you want access to China's market, you have to build in China. And if you are building in China, China is figuring out how you build things.
Re:You don't say... (Score:5, Insightful)
Does it bother anybody else that the source in question is as bad as it is?
I looked at the source for the claim that the US has engaged in industrial espionage, which points to a 194 page report from a European commission and which the person who made the claim is clearly hoping was too long for anybody to read.
The only point relevant to the claim is this:
In other words, the industrial espionage they know about is something they aren't even willing to criticize.
Further along, under a big heading "Is ECHELON suitable for industrial espionage?" they go on to explain that if it finds any, it was an accident.
(their emphasis)
In other words, they took two paragraphs and three bullet points to say "no, they wouldn't bother using ECHELON for this."
It is followed by a chart of cases of industrial espionage (with no explanation as to how they arrived at any of the entries), and the only entry that may relate to ECHELON (rather than using an agent or taking photographs) is a 1994 NSA action where they intercepted calls and faxes related to how Airbus was bribing Saudi Arabian officials to win a contract. Those dastardly Americans! It's so rude to use spy on the competition when they're just trying to bribe somebody. Gosh! And yet still, I'm just supposing this entry is in any way related to ECHELON since it makes no such claim.
I am not claiming the US does not engage in this kind of behavior; they probably do, and for all I know they've been caught red-handed at it too. But this report is not proof of that, even if we were to take Wikipedia as a great source of anything to begin with.
Oy Vey! (Score:5, Insightful)
"The U.S. government is involved in espionage against other governments. There’s a big difference, however, between the kind of cyberespionage the United States government does and China. The U.S. government doesn’t hack its way into Airbus and give Airbus the secrets to Boeing [many believe that Chinese hackers gave Boeing secrets to Airbus]. "
Here is a hint: start doing it, you dumbasses. Im no expert in chinese culture, but i've been studying their story with reverse engineering and the way they've built their home industry to come to the conclusion that, to the chinese, this is business as usual.
You may be appalled by it, you may cringe with moral sentiment (and stubborn western-european hypocrisy), but you don't just stand there. Have a strategy to take a blow-by-blow approach to this and counterattack.... and maybe then you will realize all your strict IP laws and magical thinking make no sense at all in this brave new world.
Snap out of it NOW!
Re:You don't say... (Score:5, Insightful)
How about saying they "changed their mind", or "made a different decision" instead of "flip-flopping"? Why is it bad that somebody in a position of authority changes their mind in light of new information? Don't you want them to do that? Or do you think that if someone thought that something is bad 4 years ago, they should do everything they can to end it today, even if they now believe it's a bad decision?
You have to learn and adapt as you go along to be successful. We should be looking for that in leaders, instead of calling them "flip-floppers".
Comment removed (Score:5, Insightful)
Re:You don't say... (Score:5, Insightful)
Or how about saying "they lied to get elected" since that is the most likely scenario.
Re:US at it too (Score:2, Insightful)
it's a speculation on your part; have any info that supports you theory? they don't selectively screen just business laptops, they screen everyone, also there is a difference screening a laptop and hacking a network in another country to get secrets, so the only BS is your post.
A high horse "We don’t do that. ..." (Score:4, Insightful)
The EU, US, and others need to get off our high Pre-WWI moralistic espionage horse. Cyber-espionage is a pre-WWIII essential to national security and may be the only way to prevent WWIII nation-devastation.
A tit-4-tat cyber-cold-war is the best way to keep the government of CN from perceiving US, EU, and RU as virtual-tigers, and/or having foolish corporate interest politicians enter into a vintage pre-WWII "Appeasement Peace Conference" with CN.
We need to start state cyber-espionage to obtain all domestic, diplomatic, economic, corporate, and military information and appropriately share with US, EU, and RU ... countries and companies.
As they have exploited US and EU, so must we exploit CN. Do it now or regret it later.
Re:Having worked for a few firms... (Score:3, Insightful)
Is electricity a cost or an asset? It is a cost. Yes, without it you can't do much but cheap electricity is no different than expensive electricity. Why pay? The less electricity you need the less valuable it is.
Now if you were Amazon and needed your own hydroelectric plant for your cloud then it is more valuable and it is more of an asset and it would even make you money bordering a profit center.
If you work for a company making fish sticks (example), having contractors part time during the harvest and maybe just the bare minimum to survive for the rest of year freezing and packaging your product makes business sense. Investing in good distribution and sales teams to sell to grocery stores are far more important. maybe using expensive freezers that do not break. But I.T.? What value does that provide to the customer? Zero. They are paying for fish sticks. Not for Windows 7 deployments and upgrading to IE 8. So staying with IE 6 and XP for them gives the CFO and CEO a bonus as Wall Street agrees with this.
Work at Microsoft however, and you will get paid very handsomely if you make great contributions to the bottom line. Sorry, but I only am the messenger here. The .com days are over and its time to move on. Go work in an I.T. company or even a contracting company doing consulting if you have your experience and you will be paid well. Otherwise you are a cost there to make sure nothing breaks. Unless you can think of a magical way companies can increase their sales or cut their cost from your ideas? Have any?
Its war (Score:5, Insightful)
The West was on top. So its a target. Its values are oppsed by the enemy.
War comes in multiple forms. There isn't any requirement for someone to fight you directly. The lessons of this are available through history. The problem is that in general, the population is cretinously stupid. In the west, in america, and prevelent on Slashdot.
The chinese long ago choose war with the west. And yes, this white house commentry is correct. Its years late to the party though. The chinese choose to make information and IP collection a military grade target, and applied military level resources to the task in hand.
In exchange for taking all your information, IP and data, they then went back to said companies and said - we can do what you do, at a 10th of the price.
Que economic damage doubled.
At no point have I see anything - anywhere thats showing any willingness to even begin to face up to this challenge.
Cutting to the chase, they do not have to use bombs and direct weapons to eliminate your factories, to commit economic damage, to diminish your state, lower your standard of living, and damage your way of life. If the end justifies the result - then its a valid technical stragetic aim. Its been and remains a highly effective strategic application of a militaristic and political plan.
Assuming nothing is done, and its simply allowed to continue, then you will simply see a spiralling issue of damage here, and benefit there. A zero sum game that favours only one side.
And there is no simple answer. In the west, we're so stupid, over payed, flabby, lazy and ill led that it will be a long time before an equalisation of fundamentals allows a reverse of the flow. American or Euro workers will still be paid many times the cost of a chinese worker. Even if you steal back the tech at a later date, the damage is largely done because you can't undercut enough to make stuff at the same cost level. But your structure will still have to pay out multiple times the cost to the now millions of unemployed. Que strike 3 of the cost of the enemy strategic plan.
And how will you defend yourselves?
With windows based networks that are an unholy security mess?
With a military thats suffering the same windows based security mess?
With open source software bases that however anyone might paint it, has enough security issues that its not a trivial issue?
All of these are treated like a play ground by the enemy. A proverbial open door.
Security worsens every day, and in the west IT is in most places simply treated as a red headed step child and an overhead people would like to eradicate if they could.
Until companies and governments get serious, its only going to worsen. And while this is the state of play - with no penalty for the chinese - its well worth playing to a very full extent. At the end of the day, in the west, as the unemployed grow, eventually your customers will dwindle. The fact you get your shit made in the enemy factory now won't help you find exhausted customers in your home lands, and you are not going to outsell Lenovo in china to make up the now drastic shortfall. In the end, binning your own workers in exchange for cheap goods made in china has a culmative effect in you losing your own customers. The unemployed can't really buy from you, and that will turn to bite sooner or later.
It could be ended tommorow assuming some spine can be found.
A singular threat of complete bans on any chinese imports - on scale and across the western would would have sobering affect on the chinese. And at the same time reparations and damages should gained. And some spine should be found, because everyone basically knows this is going on, and has been for an extended period.
China does not give a shit about you, or the west. It will under cut you, subsidise fuel to its operations, steal your data, rob you of your intellectual property, and take your job or life away from you. Its operating on the correct directive which is self interest. The nations and people's
Re:You don't say... (Score:5, Insightful)
Yes but changing your mind is a slow process, not something that happens in less than a year.
If a president can't change his mind about something in less than a year, he was not qualified to be president. The chief executive needs to be able to respond to changes, not be blindly attached to an existing policy in the face of new information.
Hacking vs murder (Score:3, Insightful)
Kind of refreshing really, when compared to western countries who send in tanks, warheads and troops and murder innocent civilians.
Re:You don't say... (Score:4, Insightful)
Now that brings up the question: How does /. reconcile its popularly held belief that people are by and large lazy/stupid/ignorant with its other popularly held belief that people deserve the truth from politicians and a say in policy?
Re:You don't say... (Score:5, Insightful)
The Chinese haven't privatized their companies in the sense that they are separate from the state: a lot of companies are part of the state and the army actually runs many companies since they have to create their own budget (and food). A self sufficient army is a big tenet of the Chinese strategy. That's what makes this a bit more unpleasant than otherwise because normally, there would be an independent arbiter reigning in the companies. No such thing in China. The arbiter is playing too.
Re:US at it too (Score:2, Insightful)
YOU: So what? The US flies planes, too...
Re:US at it too (Score:3, Insightful)
In truth go Google Department of Commerce hacked?
The US government did not, but the Chinese government cracked corporate laptops and infected them with malware at customs. Today they have a no laptop policy when traveling out of the country as the hacking did not start with even their termostats and printers using Chinese IP addresses until one of their executives flew to China for a conference.
If I were doing business in China, I would buy my routers here and fly them and use only US contractors to install them as I would assume it would be rootkitted. Same with servers etc.
It is insane
Re:US at it too (Score:4, Insightful)
It's speculation that US intelligence was involved, not confirmed fact.
Yep, just like the main article is nothing but speculation with no confirmed fact.