Chinese Hackers Infiltrate US Army Database, Compromise Safety of Dams 256
coolnumbr12 writes "Chinese hackers have infiltrated a sensitive U.S. Army database that contains information about the vulnerabilities of thousands of dams located throughout the United States. The U.S. Army Corps of Engineers' National Inventory of Dams (NID) has raised concerns that information gathered in the hack could help China carry out a cyber-attack on the national electrical power grid."
Article translation (Score:5, Informative)
According to http://www.wired.com/threatlevel/2013/05/hacker-breached-dam-database/:
"Chinese hackers" = “the Chinese government or military cyber warriors” according to unnamed officials
"sensitive U.S. army database" is a database where users are emailed their username and password in cleartext
"Non-government users can query the database but cannot download data from it" (???)
Re: What Information? (Score:5, Informative)
Actually army network passwords have or at least had to be when I worked for them 15 letters long, contain no dictionary words and have a minimum of 2 small letters, to caps and two symbols. They are also changed every 30 days and can not be reused.
Also at random times all passwords are just set to be reset because that is what the admins are told to do.
Re: What Information? (Score:3, Informative)
The Army Corps of Engineers manages public waterways & dams in the eastern states.
Re: What Information? (Score:5, Informative)
They operate at least 4 or 5 in the state or Arkansas alone. During the 50s and 60s they just about damed up everything bigger than a trickle from a water hose here.
That's the Core of Engineers. That are where the guys that build for the Army get practice for digging in the USA for when they go other places.
They have a totally cool model of the Mississippi river in Vicksburg that they use to simulate floods, droughts and other projects in the entire Mississippi river drainage.
That's a big area in case you didn't know.
Re:how is this not an act of war? (Score:5, Informative)
Even if the culprit turned out to be a person with Chinese citizenship, it could very well be the same thing as some pimply faced youth somewhere in a fly-over state hacking into a Chinese database. It does not have to be related to the government. However, if it is, China has some explanation to do.
The great firewall of china won't allow any access to foreign sites that they don't like, but turns a blind eye to wholesale hacking by pimply faced kids? Who is THAT naive any more?
That it came from their IP and means nothing in and of itself. Especially when you RTFA and find this nugget
“The U.S. Army Corps of Engineers is aware that access to the National Inventory of Dams (NID), to include sensitive fields of information not generally available to the public, was GIVEN to an unauthorized individual in January 2013 who was subsequently determined to not to have proper level of access for the information,” Pierce said in a statement.
“[U.S. Army Corps of Engineers] immediately revoked this user’s access to the database upon learning that the individual was not, in fact, authorized full access to the NID,” he said.
So there was no hacking involved. Simply someone handing out a password to a database to someone else who was not authorized. Since someone in the US Army or someone the Army authorized handed over the credentials you can hardly call it an act of war.
Someone screwed up, and it took months to find out about it. It may well have been something entirely innocent (if ill advised) as allowing hydrological engineers to compare notes on some aspect of dam construction or dam safety.
Re:Oh yeah, thats a great idea (Score:5, Informative)
http://www.usgovernmentspending.com/year_spending_2013USbn_14bs1n_3036508031#usgs302 [usgovernmentspending.com]
Looks like defense is ahead of education. That defense budget seems a little suspicious too. Lots of zeros. And does it include funding the wars?
Re:how is this not an act of war? (Score:5, Informative)
Re:how is this not an act of war? (Score:5, Informative)
Wow, so a computer operator 500 miles away badly repaired a 29yr 10mo old turbine which had a history of vibration, and caused it to lift out of its seat (by 15ft, not 50ft), and caused it to explode and kill 75. Well at least the Washington Times got one part correct. The accident happened in August 2009 and a report was released in October 2009, and in 2013 the Washington Post made up a fictional story on cause of the accident. I'm going to jump to conclusions here and say the they needed to pad out a shitty article with an example of "Cyber Terrorism" to reel naive reader in.
From Wikipedia [wikipedia.org]
The report states that the accident was primarily caused by the turbine vibrations which led to the fatigue damage of the mountings of the turbine 2, including the cover of the turbine. It was also found that at the moment of accident at least six nuts were missing from the bolts securing the turbine cover. After the accident 49 recovered bolts were investigated from which 41 had fatigue cracks. On 8 bolts, the fatigue damaged area exceeded 90% of the total cross-sectional area.[2]
I've already made this reply once, but seeing as two people have used the exploding turbine as an example of "what could go wrong", I felt I needed to correct somebody who was "wrong on the internet".
Re:Oh yeah, thats a great idea (Score:5, Informative)
Yeah, because the Chinese have bases in countries all over the world...
The People's Republic of China, A.K.A. communist China, has a growing number of military bases and access to facilities around the world. The Chinese fleet has been participating in anti-piracy actions around Somalia, giving them experience in extended naval deployments. The Chinese navy is planning to build something like four aircraft carriers and is currently flying aircraft off their first one that they are bringing into operation now after learning much from the Brazilian navy. Chinese special forces have been training the military in Venezuela. The Chinese are active in Africa.
The Chinese have also been bullying many of their neighbors, laying claim to distant islands and extensive land areas. Why don't you ask the Indians what they think of China's behavior, they are forming several new airborne infantry units to help deal with the threat? Or the Japanese, who are suffering a growing number of incursions by Chinese aircraft and sea vessels? Of perhaps the Philippines, which is seeing Chinese territory grabs on their doorstep?
No, it's the Chinese who are spending themselves into oblivion on weapons of war... Oh, wait, that's us again.
US military spending has recently generally been between 4% to 5% of GDP, well below historic levels. The army and navy and rumps of what they were at the end of the Cold War. Spending on social welfare programs is several times the military budget and is continuing to grow, and will grow for decades to come. It is Social Security, Medicare, Medicaid, now joined by Obamacare which really starts kicking in this year, that will bankrupt the US, not the military spending.
I'm afraid you don't know what you are talking about there.
We spend more on our military than the next 13 nations combined
A large part of that is personnel costs. The US has an all volunteer military that pays its members a salary competitive with the civilian sector unlike many other major nations that use conscription to fill their armies. An American corporal in the Army or Marines makes about what a Chinese general makes per month. I'm sure you can figure the impact of that out. Same thing applies to weapons purchases. Maybe you've heard that Chinese engineering staff and factory labor is cheaper than American?
On the other hand pretty much all European countries allied with the United States spend less than they should [nytimes.com] by treaty goals. As a result they had a hard time with the intervention in Libya without American assistance.
If it makes you feel better the Chinese are upping their military budget by 10.7% this year.
(but we can't afford to educate our children... bright.)
The US throws large amounts of money at education. The problem isn't with how much money, but what it is spent on, like growing numbers of administrators. There are also social factors that come into play that the education budget itself can't fix. The teachers unions don't help much either.
You don't really have this right either.
I dunno, perhaps if we moved from offense to defense, these things wouldn't be issues?
If platitudes could solve things they wouldn't be issues either.