Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
China Security The Military United States Technology

White House Confirms Chinese Cyberattack 212

New submitter clam666 writes "White House sources partly confirmed that U.S. government computers — reportedly including systems used by the military for nuclear commands — were breached by Chinese hackers. From the article: 'The attempted hack used 'spear phishing,' in which an attacker sends an email to a specific target that uses familiar phrases in hopes that the recipient will follow links or download attachments that unleash the hacker's malware. None of the White House's secure, classified computer systems were affected, said the official, who reached out to POLITICO after the Free Beacon story appeared — without having been asked for comment. Nor had there been any attempted breach of a classified system, according to the official.'"
This discussion has been archived. No new comments can be posted.

White House Confirms Chinese Cyberattack

Comments Filter:
  • .... between what happens to the chinese perpetrators and what has happened to Gary McKinnon over the years!

  • Nuclear weapons? (Score:5, Insightful)

    by girlintraining ( 1395911 ) on Monday October 01, 2012 @01:40PM (#41516349)

    Obligatory: Would you like to play a game of thermonuclear warfare?

    Next up, petitioning the White House to find out why the fuck nuclear control systems are on the internet ...

    • by Billly Gates ( 198444 ) on Monday October 01, 2012 @01:53PM (#41516499) Journal

      "Next up, petitioning the White House to find out why the fuck nuclear control systems are on the internet ..."

      Well that is easy. That is because IE 6 is required to administer.

      • by Sparticus789 ( 2625955 ) on Monday October 01, 2012 @01:58PM (#41516559) Journal

        IE6? You are being way too generous. Try Netscape 3.0.

      • by girlintraining ( 1395911 ) on Monday October 01, 2012 @02:59PM (#41517411)

        Well that is easy. That is because IE 6 is required to administer.

        If software had to go through the same rigorous background checks that the employees who use it have to at these facilities, I don't think IE6 would have gotten a security clearance. How is it that the government can refuse to grant a security clearance based on sexual orientation under the notion that it could be used to blackmail someone, but allow the use of software with a proven and highly publicized record of leaking information? What's more, people with security clearances are subjected to intense scrutiny -- their supervisors know about every little aspect of their lives, including that little dimple on the inside of your right thigh, yet routinely employ software that is essentially a big black box -- nobody knows how or why it works.

        The government needs to start taking software review as seriously as it takes personnel review with regard to security clearances and access to classified and/or sensitive materials. From a security standpoint, it doesn't matter much whether it was a web browser or a person that passed information to an enemy; The end result is the same.

        Many of our enemies are now seeing that it is comparatively less costly to exploit technology than people. You'd think we'd have learned this lesson after the second world war -- wasn't cracking Enigma enough of a wake up call?

    • They aren't even on siprnet.

      • by girlintraining ( 1395911 ) on Monday October 01, 2012 @01:56PM (#41516545)
        Well, not directly. But clearly there's data from public networks leaking into it; Security is badly broken somewhere.
      • by Sparticus789 ( 2625955 ) on Monday October 01, 2012 @02:14PM (#41516801) Journal

        No matter how secure you think a network is, there's always some idiot that does something like:
        1. Upload 50 GB of downloaded music onto a secure network.
        2. Upload 1 TB of downloaded movies onto a secure network.
        3. General wants his/her Wikipedia fix, so there's one hole in the network security.
        4. General #2 wants to check his/her Fantasy Football team from a secure network, hole #2 in security.
        5. Etc. Etc. Etc.

        So-called "secure" networks are nothing of the sort. They leak like a colander.

    • Because they have to be, stupid! They're SCADA!

    • by couchslug ( 175151 ) on Monday October 01, 2012 @03:50PM (#41518031)

      "Next up, petitioning the White House to find out why the fuck nuclear control systems are on the internet ..."

      They aren't, (also Read The Fucking Article) but tech reporting and public ignorance in the US are so horrid that all PCs owned by the military are presumed to be connected to each other.

      Hint:
      Unclassified networks are used for Unclassified activities, of which there are many. They are different from Classified networks of various types. The usual communications necessary to getting ordinary business done (ordering asswipe, telling folks physical training is rescheduled, what the fuck ever) don't go on command and control networks.

      An office in one building may (shock, horror) have systems connected to DIFFERENT networks, technologically astounding as that concept may be.

      freebeacon got its page hits (hence the sensationalist title) and you got modded Insightful for displaying no Insight.

      Mods, "Insightful" doesn't mean "me like, yay!". :-)

  • Wait, what? (Score:5, Insightful)

    by Alphanos ( 596595 ) on Monday October 01, 2012 @01:43PM (#41516383)

    How can the attack include military systems used for nuclear commands, yet not include any secure classified systems?

    When they made a list of which government systems should be secured, they decided to leave the nukes off that list?!

    • Re:Wait, what? (Score:5, Informative)

      by Anubis IV ( 1279820 ) on Monday October 01, 2012 @01:49PM (#41516463)

      Key word: "reportedly".

      The initial report claimed that those were the systems that were compromised. The White House insider denied that those systems had been compromised, but confirmed that a non-classified network had been compromised.

      • More like: The air-force decided to make the Nuclear protection codes 50 diget, random ascii character monoliths imprinted on semi-holographic, impossible to put in a photo-copier keycards. After forgetting the card several times while going on vacation, several Generals got fed up, copied all the codes manually to a text file and stored it on their home PC and on their cellphones. Hackers got that text file. So while no classified networks were compromised, they still got the codes.

        imo, the best way to saf
    • Re:Wait, what? (Score:5, Informative)

      by Beardo the Bearded ( 321478 ) on Monday October 01, 2012 @01:54PM (#41516507)

      The press is most likely wrong. I've been on the news a couple of times, and they always get something wrong.

      Any classified info is airgapped, end of story. I can do drawings on the [system] on the same computer I'm using for /. The vast, vast majority of drawings are not classified. (I joke that part of the OpSec is that if we get captured, I tell them everything I know, and when they fall asleep, we tiptoe out of the room. "In this circuit, we use cable LS2SJ-14. But in this circuit, we went to LS2SJ-12. Hey, PAY ATTENTION!" So like I was saying, we used LS2SJ-12 here...) If I want to look at anything that's classified, or even something that's CG, I have to do the following:

      1. Have the clearance and the need to know.
      2. Get a copy of the document sent to me, usually by FedEx.
      3. Get a supervisor and go to the secure room, sign in, close the blinds and the door.
      4. Get the HDD from the safe.
      5. Check the computer, then put in the HDD.
      6. Power up the computer. It's a stand-alone machine, that's what I was checking for.
      7. Work.
      8. Finish working. Print up stuff or burn it onto a disk. Fill out the form that shows that another copy of the material exists.
      9. Power down the machine and put the HDD back in the safe.
      10. Sign out of the secure room.
      11. Mail the printout or CD to whoever it was that wanted it.

      And that's for CG stuff. The TS stuff is watched constantly by people with weapons.

      If someone can hack their way into a system where the info is not only powered off, but in a separate room from the equipment that can read it, inside a safe, then it's time to give the fuck up.

      • Re: (Score:3, Interesting)

        by Anonymous Coward

        That's funny. I was at a client site (aerospace contractor) doing some software training in the mid-2000s, and when I asked why IE wasn't working on the computer I was using to demonstrate something I was told, "Oh, that's a DoD station; use this one right next to it."

        So it was sort of airgapped, but all that Men In Black access control you were talking about was nowhere in sight.

        I've had similar experiences at other defense contractors, too; although in that case I wasn't allowed to actually use the clas

        • by Gryle ( 933382 )
          Where were you at? More than likely the DoD station was cleared for something other than SIPRNET access, possibly CENTRIX usage or FOUO/CONFIDENTIAL.
      • by jovius ( 974690 )

        If someone can hack their way into a system...

        The first step is enough.

        The problem is the bureaucracy of secrecy; not that secrets exist. On the other hand if everything was open there would be no threats, but it's immensely difficult to let go of the selfish illusions.

  • Okay (Score:5, Insightful)

    by ledow ( 319597 ) on Monday October 01, 2012 @01:46PM (#41516421) Homepage

    Backing up my suspicions for the last 2+ years:

    How does the US know the actual nationality of the hackers and not just their end-proxy?

    The US have been trying to insinuate a cyber-war for years now, and never said how they know who's behind it (if you said the *ATTACK* came from China, fair enough - to say it ORIGINATED there is more of a stretch, and to say it was Chinese hackers is just ludicrous).

    Of course we have suspicions and think we might know who's behind it and who owns the net-blocks, but what a wonderful way to discredit a nation and put the blame on someone else when you want to cyber-attack the US - just proxy through China and start WW3 when the US relatiates.

    Really, US? How do you *KNOW*? On the scale that you can confidently state the Chinese "attacked" you (and coupled with your statements that cyber-attacks could be considered acts of war?)? You're REALLY that sure it was China that did it? That you can announce on the news that it was the country itself?

    Or do you just want to start a war with China for some reason?

    • Re:Okay (Score:5, Insightful)

      by firewrought ( 36952 ) on Monday October 01, 2012 @01:53PM (#41516497)

      How does the US know the actual nationality of the hackers and not just their end-proxy?

      Perhaps they have collaborating intel from another source (e.g., spies or signals intelligence).

      Or do you just want to start a war with China for some reason?

      I wouldn't be surprised if it was posturing for election rhetoric. Could have been done to preempt a GOP leak ahead of Wednesday's debate, or it could tie-in with Obama's recent "tough on China" talking points. I try not to follow this stuff too closely though, so take my speculation with a grain of salt...

    • Because they got an agent into the hacker's den and looked over his shoulder as he was working?

      Maybe the same sources that assured our leadership that there were WMD in Iraq are still knocking around the intel branch?

    • by Hentes ( 2461350 )

      They don't want to start to war, but as the wars in the Middle East are about to end the US military sector needs another reason to justify its massive funding.

    • Re: (Score:3, Funny)

      by Anonymous Coward

      How did they know? Easy! The e-mail went like this:
      "Hello Sir, very fine day indeed. I would like to inquire you buy cheap Sony cameras from our company. Not Chinese product, 100% original product. Please, look our offer in attached brochure.

      I hope the day is very generous and we may come to agreement soon. Thank you!

      Yours faithfully,
      Clint Eastwood, CEO
      Sony Company LTD."

    • by daveschroeder ( 516195 ) * on Monday October 01, 2012 @02:20PM (#41516877)

      Attribution.

      Disclaimer: I am a Navy Information Warfare Officer.

      First, it's important to note that the White House didn't confirm the suspected source. It was anonymous officials who said this appeared to originate "from China" -- take that as you will.

      As you point out, an attack may appear to come from a particular (set of) IP address(es), network(s), or source(s). An attack may have a certain profile, or share a profile with other attacks. An attack may have an assumed motivation based on its target. The attacker(s) may even wish to make it appear that the attack is originating elsewhere.

      Even if the "source" is established, is it a nation-state? Hacktivists? Nationalist hackers acting on behalf of government or at the government's explicit or implicit direction? Transnational actors? None of the above?

      No one wants to "start a war" with China, but the error in balancing the cyber threat against the "hype" is assuming that all threats are bogus, or must be the result of hawks looking for neverending war, excuses to begin/escalate the next "Cold War", and similar. The threat from China is very real, long-established, and well-understood for anyone who cares to look. It has been discussed thoroughly, even for the Chinese, in their own strategic literature, and there are very public examples of China's offensive cyber capabilities. China's investment in offensive cyber capabilities comes because of the understanding that dominance of the information realm will essentially allow China to skip large chunks of military modernization and still be highly effective in any conflict with the United States.

      Think of it this way: it's now assumed that the Stuxnet/Duqu/Flame family were created by the US and/or Israel. (Keep in mind that even overt admissions prove nothing, and can be self-serving...) Even before the books and articles about OLYMPIC GAMES, attribution was assumed because of the target and because of snippets of clues in the code. In general, why is that assumption any more or less valid than this? Is it because some are more inclined to believe that of course the US engages in cyber warfare; but any cyber attacks against us are suspect.

      Of course, there are those who will assume that indications of any cyber attack will always be a "false flag" and/or used by those with ulterior motives who want war. It can't possibly be that there are aggressors who indeed want to attack the US, and who greatly benefit from the odd proclivity of those in free societies to see the enemy as their own government, while overlooking the actual adversary. Sun Tzu would be beaming.

      Background:

      Chinese Insider Offers Rare Glimpse of U.S.-China Frictions
      http://www.nytimes.com/2012/04/03/world/asia/chinese-insider-offers-rare-glimpse-of-us-china-frictions.html?_r=1 [nytimes.com]

      "The senior leadership of the Chinese government increasingly views the competition between the United States and China as a zero-sum game, with China the likely long-range winner if the American economy and domestic political system continue to stumble, according to an influential Chinese policy analyst. China views the United States as a declining power, but at the same time believes that Washington is trying to fight back to undermine, and even disrupt, the economic and military growth that point to China’s becoming the world’s most powerful country."

      China is on track to exceed US military spending in real dollars by 2025
      http://www.economist.com/node/21542155 [economist.com]

      China’s military rise
      http://www.economist.com/node/21552212 [economist.com]

      The dragon’s new teeth: A rare look inside the world’s biggest military expansion
      http://www.economist.com/node/21552193 [economist.com]

      Essential

      • Comment removed based on user account deletion
        • The corruption is at worst a symptom of a larger problem. China appears to be suffering from the same problems experienced by Japan on its way to surpassing the US as an economic superpower. Now, that didn't happen, did it? Japan faltered because for the longest time Japan was virtually a one-party state. Now look at that other "great" one-party state, the Soviet Union.

          There are otther factors of course, such as Japan's graying population, a problem that China is also facing because of its ill-conceived one

      • ...and who greatly benefit from the odd proclivity of those in free societies to see the enemy as their own government, while overlooking the actual adversary.

        After noting your disclaimer and then reading your post, two thoughts occurred to me. First, that they've trained you well. Your response was concise, well-articulated, and you were careful to define the limits of what you know (and what, by extension, anyone could know from the data). As a US citizen, this is comforting to me. The information and understanding of our military is often sensationalized, spun, and twisted to serve particular political ends to the point that a clear picture of what our milita

        • Oh, and P.S. Thank you for your service. I would serve with you if I could, but at the time I would otherwise have been eligible to enlist, discrimination on the basis of sexual orientation was still legal and prevalent in our armed services. If I can't stand with you, the least I can do is stand behind you. Again, thank you.
          • by gmhowell ( 26755 )

            There are ways to serve in a similar capacity without coming anywhere near traditional military.

            • There are ways to serve in a similar capacity without coming anywhere near traditional military.

              True, but they require security clearances and background checks. I have no criminal record save a speeding ticket, but I fail every time; They still consider anyone who isn't heterosexual to be a security risk. They aren't allowed to say that's the reason for the denial, of course, but I've been told by enough people who hold or have held them it's still going to be awhile before people who are LGBT are considered equal in that area... like so many others. The other thing is, and it's something not many pe

              • by gmhowell ( 26755 )

                No idea about the trans portion, but the LGB part? You need to be applying to the right contractors with the right agencies. With the explosion of security theatre post 9/11, there are many openings, and an American boy who likes to kiss boys (or American girl who likes to kiss girls) is pretty low on the list.

              • This might be more true in the uniformed services (though I've certainly worked with a pretty diverse array of people and ideas; perhaps not as diverse as our society at large, but diverse nonetheless) and a lot of direct federal government employment at some of the intelligence agencies, but it's definitely not true of contractors. What you're describing is true in agencies that have a very established and rigid culture, like has been developed for a lot of the federal law enforcement positions (such as FB

        • If a system administrator misconfigures a router and damages our information infrastructure, is that any less relevant than someone sticking C4 to the side of a power transmission tower to cause a similar amount of damage?

          One word:

          Intent.

          Intent matters. That's why we punish people who kill someone or cause property damage, etc., intentionally, and don't punish those who do the same things, but don't do so intentionally (and also don't do so because of negligence or reckless disregard). It's the same result:

          • Well, again, you're pretty much right clear across the board. I guess the only thing I can say is, I think the reason people have lost perspective is because we don't see the whole production, just the highlight reel. It's not really newsworthy to report that everything went according to plan. I don't have absolute confirmation or proof that terrorists are out there, planning to include me in their next political statement. I don't need to either. I know that yes, there's probably some asshole in a cave rig

      • by jdogalt ( 961241 )

        ok, you trolled me into reading that first page of that one article, and then replying when drunk and stoned. So I read that, particularly the last lines of the page. As you seem to be someone doing a good job of portraying themselves as a rational actor- How do _you_ think the issue should come down on whether or not it is the civilians or the military that should have the crown of control over the internet? You make some legitimate references to people who too easily dismiss the foreign threat in the n

        • The answer is simple: in our country and system of government, the military fundamentally, and as a matter of law, answers to civilian authorities.

          The military doesn't need to have day-to-day "control", but we need to have the capability, when attacked militarily, to defend ourselves militarily -- including in the "cyber" realm.

          The mistake people make is believing it's a binary either/or; either civilian or military. The fact is that our information capabilities are so critical that they need appropriate le

          • by jdogalt ( 961241 )

            The answer is simple: in our country and system of government, the military fundamentally, and as a matter of law, answers to civilian authorities.

            That's not a simple answer at all. It's an easy 'corporate' line. But the truth is that strategic economic decisions made on the behalf of the US for the past 20 years have put China in a position to be able to use vast amounts of US currency to influence civilian businesses. But no, it's not like I think I'm telling you something you don't know. I just think that we deserve apologies from the companies that got rich selling out the human rights of the Chinese (e.g. the first public caving of Yahoo hand

            • A couple of things:

              1. I thought your Google manifesto was very good (I know it's a work in progress).
              2. I think you're reading WAY too much into certain things.

              There is no grand conspiracy at play to "prevent people from running their own servers". There are many normal things on even client systems that can be described as a "server" such that the distinction is almost meaningless. Yes, there are plenty of traditional "server" and cloud services which many people use. The reason that Google has such langua

    • by s.petry ( 762400 )

      You do realize that even with proxies one can track down addresses right? Sorry, but if you get a few hundred thousand probes come in from addresses that belong to China, you can probably be sure that it's China making the attack. Here is why: The US generally reports these attacks to China and asks them to stop the attack, so the Chinese Government is aware of the attack. Being the Chinese Government, they can either investigate and shut it down, or allow it to happen. If they choose the latter, they

    • by poity ( 465672 )

      Why would the Great Firewall allow other countries to tarnish China's good name?

    • by poity ( 465672 )

      Whitehouse confirms

      Yes, Obama wants to start a war with China. You have singlehandedly exposed this conspiracy. Enjoy your +5 Insightful

    • You should put away the tin-foil hat...

      It's SOP that the US government doesn't disclose HOW they get their information, nor do they disclose how quickly they discovered such information.

      The US most certainly has the resources and skilled personnel to track down the true perpetrators, even in the face of savvy use of chained proxies and zombie computer systems.

      And finally, China is now the #2 economy in the world, and our major trading partner. There's practically nobody in government who wants to start a w

  • White House sources partly confirmed that U.S. government computers ...including systems used by the military for nuclear commands, were breached by Chinese hackers. I'm speechless. May heads roll!
  • by Anonymous Coward

    How do they know the phishing emails were sent by Chinese hackers? Are they just using the IP address of where the email originated to determine the nationality of the hackers?

  • Definitely some interesting times ahead as the US's knee jerk SPREAD PEACE LOVE AND DEMOCRACY WITH BOMBS response meets the reality of that whole starting a war in Asia thing.

  • Proverb (Score:4, Insightful)

    by ThatsNotPudding ( 1045640 ) on Monday October 01, 2012 @02:06PM (#41516697)
    The web page is slow, but the phish is patient.
  • by asylumx ( 881307 ) on Monday October 01, 2012 @03:16PM (#41517613)

    White House sources partly confirmed that U.S. government computers — reportedly including systems used by the military for nuclear commands

    Wow, that sounds bad.

    None of the White House’s secure, classified computer systems were affected

    Wait, so there are only a couple ways that these could both be claimed:
    1. Someone is lying
    2. Our gov't is actually dumb enough to not classify & secure systems used by the military for nuclear commands
    3. Someone is lying

    I'm guessing it's either 1 or 3.

    • by asylumx ( 881307 )
      Oops, forgot to mention that also we have White House staff checking their email on systems used by the military for nuclear commands and clicking on links in emails that say things like "Your order receipt" and have a .zip attachment...
    • White House sources partly confirmed that U.S. government computers — reportedly including systems used by the military for nuclear commands

      Wow, that sounds bad.

      None of the White House’s secure, classified computer systems were affected

      Wait, so there are only a couple ways that these could both be claimed: 1. Someone is lying 2. Our gov't is actually dumb enough to not classify & secure systems used by the military for nuclear commands 3. Someone is lying I'm guessing it's either 1 or 3.

      No. See it's easy. Only the insecure, classified computer systems were affected!

  • Horrible Summary (Score:3, Informative)

    by Anonymous Coward on Monday October 01, 2012 @03:25PM (#41517755)

    Shame on you samzenpus. The white house has only confirmed that an unclassified computer has been hacked. Not one capable of nuclear commands, not that it was a Chinese attack.

  • With the amount of US Debt that China holds, Obama will say nothing and hope this goes away. At any other time and with any other Administration, we would be floating 2 carrier groups into the Sea of Japan and preventing any Chinese trade vessels from docking at our ports.

    They are nothing without the American consumer.

    • by blueg3 ( 192743 )

      What're they going to do, stop buying US bonds? They're still one of the world's most stable investments. China getting into a disagreement with us won't change that much (though China deciding they're not as valuable could), so there will still be plenty of buyers. So the rate we're currently paying on bonds, which is incredibly low, will go up slightly? Big deal.

      We sell bonds. As a result, we're not really beholden to the people who own that debt.

  • after the Free Bacon story appeared

    Which is it, shortage or surplus??

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...