US Weather System and Satellite Network Hacked 76
mpicpp writes with this story about Chinese hackers breaching the federal weather network. "Hackers attacked the U.S. weather system in October, causing a disruption in satellite feeds and several pivotal websites. The National Oceanic and Atmospheric Administration, NOAA, said that four of its websites were hacked in recent weeks. To block the attackers, government officials were forced to shut down some of its services. This explains why satellite data was mysteriously cut off in October, as well as why the National Ice Center website and others were down for more than a week. During that time, federal officials merely stated a need for "unscheduled maintenance." Still, NOAA spokesman Scott Smullen insisted that the aftermath of the attack "did not prevent us from delivering forecasts to the public." Little more is publicly known about the attack, which was first revealed by The Washington Post. It's unclear what damage, if any, was caused by the hack. But hackers managed to penetrate what's considered one of the most vital aspects of the U.S. government. The nation's military, businesses and local governments all rely on nonstop reports from the U.S. weather service."
correct me please (Score:5, Interesting)
so did the NOAA get hacked or just 4 of their websites.
Re:correct me please (Score:5, Insightful)
Indeed. An excellent headline, except for the fact that there's no mention of any hacked weather systems of satellite networks in the article. And it's been a long time since a hacked website was particularly newsworthy.
Re:correct me please (Score:4, Informative)
Hacked websites never were.
It's when the databases get breached that it becomes news.
Obligatory XKCD (Score:5, Interesting)
XKCD did it first [xkcd.com]
(Seriously, is there a geek-topic that guy hasn't written a cartoon about?)
Re: (Score:3)
It's a wonder he hasn't done one yet about people posting "obligatory xkcd" strips everywhere.
Re: (Score:2)
You didn't read the linked article, "Hackers attacked the U.S. weather system in October, causing a disruption in satellite feeds..."
Re: (Score:2)
Re:correct me please (Score:5, Informative)
From the article,
The National Oceanic and Atmospheric Administration, NOAA, said that four of its websites were hacked in recent weeks. To block the attackers, government officials were forced to shut down some of its services.
... NOAA makes satellite data and imagery available through the Web as well as file transfer networks for downloads.
It was just the web sites, not satellites. This is far overblown.
weather models actually impacted (Score:3)
Not true, not "just websites" were impacted. I work for a non-US national meteorological center. Those recent hacks meant for us that important satellite data that was usually provided by the NOAA suddenly stopped being accessible, having real impacts on weather forecasting quality. It took a few days to find alternatives. We learned and are in the process of making certain that such a situation does not happen once again. In other words, for some major 'foreign' weather forecasting operations, the impacts
Re: (Score:1)
Both. I regularly hack them to make sure I have good weather while on holliday!
Re: (Score:2)
i just use a coin and get the same results.
LOL (Score:3, Insightful)
If the NSA weren't so distracted by its mass surveillance of innocent US citizens it may have been able to prevent this from happening.
Re:LOL (Score:4, Interesting)
I was thinking exactly this (except that I was thinking about "citizens", not "US citizens").
But really, why not stop complaining about China hacking US systems (usually with no evidence) and start getting to asses risks and fix your leaky systems. If billions of dollars poured into the NSA to eavesdrop on people were instead used for finding and fixing vulnerabilities, the USA would be a lot safer.
Re: (Score:2, Interesting)
The NSA is unfortunately a necessary agency because every other country of note has agencies that have espionage programs targeting the US. The hysteria over some of the NSA programs and methods have made it look like the US is the only country with an active foreign intelligence service. Has anyone noticed that all the countries who loudly expressed their dismay over some the the NSA programs have went mute? I guess their intelligence services pulled the loud mouths aside and told them their intelligence s
Re: (Score:1)
On the domestic side has there been any evidence of just one person whose rights have been violated by the NSA?
No one, no. Millions. Remember that guy Snowden? Solid, cross-checkable documented proof. Not just evidence, proof.
That's why the NSA is a 4-letter word these days. Because they forgot that their mission was to protect the people of the USA when they started routinely spying on the people of the USA.
Re: (Score:3)
Really? In a world where responsible US web sites need to implement some sort of "we haven't gotten a national security letter in the last x seconds" sentinel in order to maintain their customers' trust and their own moral integrity?
Yes, the NSA is a necessary agency. Your local police are also a necessary agency - but surely you don't think your local police agency should be able to shoot and kill anyone that they think might be suspicious "because they are a necessary agency".
*EFFECTIVE* JUDICIAL OVERSIG
Re: (Score:2)
The NSA is unfortunately a necessary agency because every other country of note has agencies that have espionage programs targeting the US.
No, not really. 3 guys in a basement reading Obaba's Medium posts and Republican tweets isn't an "espionage program". And really, most foreign governments don't do much more than read public information to make guesses and inferences from them. The only countries that routinely invaded other countries with CIA/KGB/FSB/MI6 operatives are referenced in those acronyms.
Re: (Score:2)
Clearly another apologist. Yes, lets blame those who got hacked, and pretend there's no problem with China's state operated hacking.
Re: (Score:3)
Well... while there sure as hell is a problem of China's state-operated hacking, it's not going away any time soon. We're not going to war over it (either physically or economically) and any treaty we signed to deal with it wouldn't be worth the paper it's written on. While I'd love to see the Chinese at least commit to removing the line item in their budget that says, "30 gazillion yuan for breaking into American computers", they'd surely just rename it and the actual hackers would do no more than change t
Re: (Score:1)
I'm not saying there are no hack attempts coming from Chinese IP-addresses, but the proof that this is "state operated hacking" is thin or non-existent. I wonder why all the headlines always talk about China. Is there no problem with cybercriminals from Russia, Ukraine, or even from the USA? Doesn't all economic espionage go both ways? This China bashing looks like a media campaign to create a new big bad cyber enemy to distract from actual problems (like lack of NOAA funding), to get new privacy-destroying
Re: (Score:3)
My kingdom for mod points (I had them a few hours ago :()
Commerce relies on the web feeds directly or indirectly (it may just be a contractor deciding if they will do Job A today [inside] or Job B today [Outside painting]). It would be nice if the government shutdown the data feed with message/press release "We have been compromised by hackers and are striving to harden our systems. Meanwhile, we have shutdown the feed. Please track our every four hour posts (or more frequently) at aaa.bbb.gov for updates o
False weather forecasting? (Score:4, Funny)
I mean, who would even notice.
Re: (Score:2)
"I mean, who would even notice."
The hackers will ruin the weather and make it rain all the time, obviously.
They'll stop only after the payment of a ransom.
Re: (Score:3)
We could use some of that in CA.
Re: (Score:1)
Early this morning, someone re-issued an old tornado watch from 2010 [wmcactionnews5.com], which was apparently distributed over official channels (not EAS, though). Everyone who saw it and possesses half a brain knew it was obviously a mistake of some kind, of course that didn't stop the news from making a big deal out of it.
Re: (Score:2)
I mean, who would even notice.
If you're old enough, you might remember a time when that joke was funny.
I was 14 years old when the GOES-1 satellite was launched. At the time the most powerful computer in the world was probably the CDC 7600, which ran at 34 MHz, had 64 Kilobytes of RAM, and delivered 10 MFLOPS. Today the highest end desktop delivers over 100 GigaFLOPS, and supercompuyters deliver into the PetaFLOPS -- that's eight orders of magnitude faster.
So until I was a teenager forecasts were essentially done by hand without compute
Re: (Score:1)
At the time the most powerful computer in the world was probably the CDC 7600, which ran at 34 MHz, had 64 Kilobytes of RAM, and delivered 10 MFLOPS.
No, it had 64K words. 60 bit words. That's 640K bytes (6 bit bytes of course).
Re: (Score:1)
No, it had 64K words. 60 bit words. That's 640K bytes (6 bit bytes of course).
6 bit bytes! Why?
Science doesn't need lower case.
Re: (Score:2)
No, it had 64K words. 60 bit words. That's 640K bytes (6 bit bytes of course).
6 bit bytes! Why?
Science doesn't need lower case.
Because they had to chisel them out of rock.
Re: (Score:1)
No, not out of rock, out of iron. (Each bit was a ferromagnetic donut, hand threaded onto three or four copper wires).
It's obviously a conspiracy (Score:3)
I Told you So (Score:2)
More funding please (Score:1)
I just don't see how it's so easy to accomplish these insurgencies when lesser systems managed by organisations with smaller funding are able to keep their systems better protected. It's not like we don't already know 99++% of the possible attack vectors, and not like the US government won't have enough bandwidth to fend off any sort of DoS attack.
Perhaps we'll soon get wind of an appropriation bill floated by the meteorological agencies...
Re:More funding please (Score:5, Insightful)
It is very easy to see how this happens. "US Government" computers don't come from the same pile. There is no centralized, underground server farm protected by SEAL teams and NSA contractors, powered by triply redundant nuclear reactors and run through six proxies. It is thousands of separate systems run by agencies how often are pretty strapped for cash, often have systems that haven't been updated in decades and often run by people who don't live and breath security.
So it's no real surprise that NOAA (which could be a poster child for those underfunded, overstretched agencies) got hacked. Probably happens more times than anybody knows. Certainly is happening more times than anybody is saying.
Re: (Score:1)
I really don't think it should be too hard to find talented young people who can become security experts with the right push. And it shouldn't take an army of people to provide this push given all the cheap information propagation means that the Internet has afforded us.
As for cost of security systems, how expensive would it be to setup 6 layers of proxies or multiple firewalls using Linux? My mobile phone would probably handle the screening and NAT tasks for an agency with 1000s of employees.
Re: (Score:1)
Seems that you are both limited in your security knowledge and critical thinking skills at this time. I'll handle the unintentionally inflammatory second statement first. If they can't afford security experts now, then how are they going to keep security experts that they create? Secondly, nested proxies aren't significantly useful. If traffic can get through, potential attacks can too. Similarly, why would you need multiple firewalls for one system? Either unwanted external traffic gets blocked or it doesn
Re: (Score:1)
There is no centralized, underground server farm protected by SEAL teams and NSA contractors, powered by triply redundant nuclear reactors and run through six proxies
Don't give them ideas.
orly? (Score:1)
Picking temperatures and precipitation states out of a hat and then telling people it technically is delivering a forecast. Note that he never said "accurate."
Re: (Score:2)
You can't do that. I haven't got my new iPhone yet.
It's Superman III all over again! (Score:2)
.
Well at least... (Score:2)
Well at least no plane crashed because it flew into an undetected storm...
Re:Propaganda (Score:5, Interesting)
There is no country that engages in so much propaganda and spying on monumental levels as the U.S; if it comes out of the mouth of the U.S government, be skeptical.
You should travel the world more.
Re: (Score:1)
Perhaps to Maldives, if y'all want to know what propaganda really means.
List is growing of APT successes (Score:1)
They all happened more-or-less simultaneously, too.
They hacked out weather network (Score:2)
How long until Hurrican "Hitler did nothing wrong" hits land?
Always the Chinese Hackers (Score:3, Funny)
No Evidence what so ever that it is Chinese hackers, but we have a hunch so we'll report it as fact.
Re: (Score:1)
That's what Balotelli said...
Great American firewall for China?? (Score:2)
Maybe the USA needs to build a firewall that blocks all of China.... What I don't get, is how do we always know it is China, when all they need to do is use some VPN's and proxies to hide their location? They can break into satellites and every damn other thing, yet they don't take 2 seconds to hide their trail. Makes me think China is an easy scape-goat, otherwise China is giving a big middle finger to the US... Or maybe another country wants the USA to get pissed at China, by making the attacks all lo
Dysfunctional NOAA (Score:3)
Re: (Score:1)
"Unscheduled maintenance" sounds like something China would say when they had problems.
Real damage (Score:1)
From the article [cnn.com]:
The impact of the hack was real: Scientists at Atmospheric and Environmental Research in Lexington, Massachusetts were unable to send a preliminary report about weather patterns to traders and investors earlier this year.
So some traders did not bring an umbrella and got wet walking from their BMW to their office? Why can't they look out of the window like everybody else?
some captain midnight the weather channel! (Score:2)
best to do it in middle of there fine reality shows
NOAA websites hacked .. (Score:1)
Scarce information (Score:2)
Acts of war (Score:1)
These hacks sponsored by the Russian and/or Chinese governments are acts of war.
We quarantine infectious diseases don't we? (Score:2)
We're doomed (Score:2)
hack-a-day (Score:1)