White House Confirms Chinese Cyberattack 212
New submitter clam666 writes "White House sources partly confirmed that U.S. government computers — reportedly including systems used by the military for nuclear commands — were breached by Chinese hackers. From the article: 'The attempted hack used 'spear phishing,' in which an attacker sends an email to a specific target that uses familiar phrases in hopes that the recipient will follow links or download attachments that unleash the hacker's malware. None of the White House's secure, classified computer systems were affected, said the official, who reached out to POLITICO after the Free Beacon story appeared — without having been asked for comment. Nor had there been any attempted breach of a classified system, according to the official.'"
Lets see if there's parity.... (Score:2, Insightful)
.... between what happens to the chinese perpetrators and what has happened to Gary McKinnon over the years!
Nuclear weapons? (Score:5, Insightful)
Obligatory: Would you like to play a game of thermonuclear warfare?
Next up, petitioning the White House to find out why the fuck nuclear control systems are on the internet ...
Wait, what? (Score:5, Insightful)
How can the attack include military systems used for nuclear commands, yet not include any secure classified systems?
When they made a list of which government systems should be secured, they decided to leave the nukes off that list?!
Okay (Score:5, Insightful)
Backing up my suspicions for the last 2+ years:
How does the US know the actual nationality of the hackers and not just their end-proxy?
The US have been trying to insinuate a cyber-war for years now, and never said how they know who's behind it (if you said the *ATTACK* came from China, fair enough - to say it ORIGINATED there is more of a stretch, and to say it was Chinese hackers is just ludicrous).
Of course we have suspicions and think we might know who's behind it and who owns the net-blocks, but what a wonderful way to discredit a nation and put the blame on someone else when you want to cyber-attack the US - just proxy through China and start WW3 when the US relatiates.
Really, US? How do you *KNOW*? On the scale that you can confidently state the Chinese "attacked" you (and coupled with your statements that cyber-attacks could be considered acts of war?)? You're REALLY that sure it was China that did it? That you can announce on the news that it was the country itself?
Or do you just want to start a war with China for some reason?
Re:Okay (Score:5, Insightful)
How does the US know the actual nationality of the hackers and not just their end-proxy?
Perhaps they have collaborating intel from another source (e.g., spies or signals intelligence).
Or do you just want to start a war with China for some reason?
I wouldn't be surprised if it was posturing for election rhetoric. Could have been done to preempt a GOP leak ahead of Wednesday's debate, or it could tie-in with Obama's recent "tough on China" talking points. I try not to follow this stuff too closely though, so take my speculation with a grain of salt...
Chinese hackers or just Chinese IP address? (Score:2, Insightful)
How do they know the phishing emails were sent by Chinese hackers? Are they just using the IP address of where the email originated to determine the nationality of the hackers?
Re:So... (Score:3, Insightful)
Stupid talking point for dumb people, who don't realize that in real life, a crime can't be solve in 40 minutes, like on CSI: Miami.
It took me less than a minute to realize a coordinated attack on an embassy is not "spontaneous". If anything, it should be easier to determine the Embassy attack was "terrorism" (or at least coordinated and planned) than a Chinese hacker spearfished a certain person on a certain system at a certain time. Just because you stick your head in the sand and ignore warning signs of attack and indicators of planning, it doesn't mean the attack was spontaneous. Even during deployment in Iraq, I saw sugarcoating of events... I see through that bullshit. The Embassy attack was planned, plain and simple. It was well executed. A mob doesn't have that coordination.
Re:They aren't on the internet (Score:5, Insightful)
Proverb (Score:4, Insightful)
Re:They aren't on the internet (Score:5, Insightful)
No matter how secure you think a network is, there's always some idiot that does something like:
1. Upload 50 GB of downloaded music onto a secure network.
2. Upload 1 TB of downloaded movies onto a secure network.
3. General wants his/her Wikipedia fix, so there's one hole in the network security.
4. General #2 wants to check his/her Fantasy Football team from a secure network, hole #2 in security.
5. Etc. Etc. Etc.
So-called "secure" networks are nothing of the sort. They leak like a colander.
That's one problem with cyber (Score:5, Insightful)
Attribution.
Disclaimer: I am a Navy Information Warfare Officer.
First, it's important to note that the White House didn't confirm the suspected source. It was anonymous officials who said this appeared to originate "from China" -- take that as you will.
As you point out, an attack may appear to come from a particular (set of) IP address(es), network(s), or source(s). An attack may have a certain profile, or share a profile with other attacks. An attack may have an assumed motivation based on its target. The attacker(s) may even wish to make it appear that the attack is originating elsewhere.
Even if the "source" is established, is it a nation-state? Hacktivists? Nationalist hackers acting on behalf of government or at the government's explicit or implicit direction? Transnational actors? None of the above?
No one wants to "start a war" with China, but the error in balancing the cyber threat against the "hype" is assuming that all threats are bogus, or must be the result of hawks looking for neverending war, excuses to begin/escalate the next "Cold War", and similar. The threat from China is very real, long-established, and well-understood for anyone who cares to look. It has been discussed thoroughly, even for the Chinese, in their own strategic literature, and there are very public examples of China's offensive cyber capabilities. China's investment in offensive cyber capabilities comes because of the understanding that dominance of the information realm will essentially allow China to skip large chunks of military modernization and still be highly effective in any conflict with the United States.
Think of it this way: it's now assumed that the Stuxnet/Duqu/Flame family were created by the US and/or Israel. (Keep in mind that even overt admissions prove nothing, and can be self-serving...) Even before the books and articles about OLYMPIC GAMES, attribution was assumed because of the target and because of snippets of clues in the code. In general, why is that assumption any more or less valid than this? Is it because some are more inclined to believe that of course the US engages in cyber warfare; but any cyber attacks against us are suspect.
Of course, there are those who will assume that indications of any cyber attack will always be a "false flag" and/or used by those with ulterior motives who want war. It can't possibly be that there are aggressors who indeed want to attack the US, and who greatly benefit from the odd proclivity of those in free societies to see the enemy as their own government, while overlooking the actual adversary. Sun Tzu would be beaming.
Background:
Chinese Insider Offers Rare Glimpse of U.S.-China Frictions
http://www.nytimes.com/2012/04/03/world/asia/chinese-insider-offers-rare-glimpse-of-us-china-frictions.html?_r=1 [nytimes.com]
"The senior leadership of the Chinese government increasingly views the competition between the United States and China as a zero-sum game, with China the likely long-range winner if the American economy and domestic political system continue to stumble, according to an influential Chinese policy analyst. China views the United States as a declining power, but at the same time believes that Washington is trying to fight back to undermine, and even disrupt, the economic and military growth that point to China’s becoming the world’s most powerful country."
China is on track to exceed US military spending in real dollars by 2025
http://www.economist.com/node/21542155 [economist.com]
China’s military rise
http://www.economist.com/node/21552212 [economist.com]
The dragon’s new teeth: A rare look inside the world’s biggest military expansion
http://www.economist.com/node/21552193 [economist.com]
Essential
Re:Nuclear weapons? (Score:4, Insightful)
Well that is easy. That is because IE 6 is required to administer.
If software had to go through the same rigorous background checks that the employees who use it have to at these facilities, I don't think IE6 would have gotten a security clearance. How is it that the government can refuse to grant a security clearance based on sexual orientation under the notion that it could be used to blackmail someone, but allow the use of software with a proven and highly publicized record of leaking information? What's more, people with security clearances are subjected to intense scrutiny -- their supervisors know about every little aspect of their lives, including that little dimple on the inside of your right thigh, yet routinely employ software that is essentially a big black box -- nobody knows how or why it works.
The government needs to start taking software review as seriously as it takes personnel review with regard to security clearances and access to classified and/or sensitive materials. From a security standpoint, it doesn't matter much whether it was a web browser or a person that passed information to an enemy; The end result is the same.
Many of our enemies are now seeing that it is comparatively less costly to exploit technology than people. You'd think we'd have learned this lesson after the second world war -- wasn't cracking Enigma enough of a wake up call?
Re:Nuclear weapons? (Score:5, Insightful)
"Next up, petitioning the White House to find out why the fuck nuclear control systems are on the internet ..."
They aren't, (also Read The Fucking Article) but tech reporting and public ignorance in the US are so horrid that all PCs owned by the military are presumed to be connected to each other.
Hint:
Unclassified networks are used for Unclassified activities, of which there are many. They are different from Classified networks of various types. The usual communications necessary to getting ordinary business done (ordering asswipe, telling folks physical training is rescheduled, what the fuck ever) don't go on command and control networks.
An office in one building may (shock, horror) have systems connected to DIFFERENT networks, technologically astounding as that concept may be.
freebeacon got its page hits (hence the sensationalist title) and you got modded Insightful for displaying no Insight.
Mods, "Insightful" doesn't mean "me like, yay!". :-)
How it works (Score:5, Insightful)
I wonder if: the WH picks up a phone and calls somebody in the Chinese Embassy or straight to the right contact and says: yo, is this yours? Do you realize we interpret these things as an act of war?
US Diplomat: We have found out that there are attempts to gain access to US secure systems coming from Chinese controlled IP addresses. We take offense at this activity, and request that you cease immediately.
....And both sides keep hacking.
China Diplomat: The Peoples Republic abhor illegal and immoral activity, and in now way condone such behavior. While we are on the topic, we have discovered similar attacks on our systems coming from US controlled addresses.
US Diplomat: It is not the policy of the US to engage in clandestine cyber attacks on state controlled computer systems. We do not condone any such action.
China Diplomat: Excellent, we are in agreement then!
Re:So... (Score:4, Insightful)
Seriously. If the murder 3000+ Americans didn't put a dent in Saudi-US relations...
You're correct- It didn't put a dent in the relations the US has with a certain group of Saudis that hold power in their nation.
The ties of the powerful to any particular nation have been fading for a while now. The small groups in each wealthy nation across the world, groups that hold much of the assets and power, identify more with each other than their birth nations.
Remember the phrase "Any problem in computer science may be solved with another layer of abstraction"? Think of these groups of ridiculously wealthy and powerful people as a layer of abstraction placed above the nations of the world- In my opinion, the interactions between many nations that exist under this abstraction are largely attempts at scripted drama, random aberrations, or corrective actions brought about to manage those not yet aligned to the majority's interests.
I don't think it's any of this "New World Order" crap- It's just what people do, all the time: Those of similar socioeconomic position and means, with similar outlooks on how society should work, tend to clump together to their mutual benefit. I hang out with my neighbors, I belong to an investment group of similarly minded co-workers and friends that exist in roughly the same socioeconomic plane. If someone either fabulously wealthy or very poor were to join this group, it wouldn't work out very well.
I believe some of the extremely rich and powerful take this to a higher level in that they want to shape society to fit their own views, but this is the same principle writ large. I'm not trying to label this negatively or positively in regards to ethics or morality, just summarizing what I believe I have observed.