Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
China United States

China Behind Another Hack as US Cybersecurity Issues Mount (nbcnews.com) 63

China is behind a newly discovered series of hacks against key targets in the U.S. government, private companies and the country's critical infrastructure, cybersecurity firm Mandiant said Wednesday. From a report: The hack works by breaking into Pulse Secure, a program that businesses often use to let workers remotely connect to their offices. The company announced Tuesday how users can check to see if they were affected but said the software update to prevent the risk to users won't go out until May. The campaign is the third distinct and severe cyberespionage operation against the U.S. made public in recent months, stressing an already strained cybersecurity workforce.

The U.S. government accused Russia in January of hacking nine government agencies via SolarWinds, a Texas software company widely used by American businesses and government agencies. In March, Microsoft blamed China for starting a free-for-all where scores of different hackers broke into organizations around the world through the Microsoft Exchange email program. In all three campaigns, the hackers first used those programs to hack into victims' computer networks, then created backdoors to spy on them for months, if not longer. The U.S. Cybersecurity and Infrastructure Security Agency, or CISA, said in a warning Tuesday evening the latest hacking campaign is currently "affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations."

This discussion has been archived. No new comments can be posted.

China Behind Another Hack as US Cybersecurity Issues Mount

Comments Filter:
  • by OrangeTide ( 124937 ) on Thursday April 22, 2021 @12:30PM (#61301386) Homepage Journal

    The only way out of this mess is put the brakes on the cyber arms race. Treat attacks on civilian targets and infrastructure as terrorism. And severely restrict what operations are allowed. A military approach will only lead to an arms race of offense and defense, with the peaceful civilians a casualty of war.

    The current regime of China is unlikely to agree to any terms from the US. They have internal goals that don't align with the peaceful existence of the rest of the world. And the US is unlikely to withdraw from cyber warfare unless they can get everyone else to stop first.

    • Rewrite it in Rust imo.

    • by DarkOx ( 621550 ) on Thursday April 22, 2021 @12:48PM (#61301430) Journal

      Treat attacks on civilian targets and infrastructure as terrorism.

      No! when its a nation state actor its not terrorism its an act of war! Treat it like the act of war that it is. Counter attack!

      I don't see any reason at all said counter attack has to be "Cyber." Its time we did the sensible thing and have the state department close our embassies in China, and tell Americans citizens to come home, and tell American business to remove their assets from Chinese territories. We need to get our hands unties so we can go to war effectively if necessary - and if this stuff does not stop that should be considered necessary.

      • Yeah, well, in all the hysteria, make sure you get the right guy. This shit is too easy to fake, and a lot of innocents will suffer for all this war mongering.

      • ...and tell American business to remove their assets from Chinese territories.

        What happened to capitalism?
        The US company I work for (for instance) makes something like $2 billion every year from their Chinese assets. Why would they give that up?

      • Comment removed based on user account deletion
    • by Dorianny ( 1847922 ) on Thursday April 22, 2021 @12:51PM (#61301438) Journal

      The only way out of this mess is put the brakes on the cyber arms race. Treat attacks on civilian targets and infrastructure as terrorism. And severely restrict what operations are allowed. A military approach will only lead to an arms race of offense and defense, with the peaceful civilians a casualty of war.

      The current regime of China is unlikely to agree to any terms from the US. They have internal goals that don't align with the peaceful existence of the rest of the world. And the US is unlikely to withdraw from cyber warfare unless they can get everyone else to stop first.

      Not sure what you are advocation for exactly. These are state-sponsored groups. U.S anti-terrorism laws would be completely ineffective against unknown individuals in China protected by the CCP.

      • Terrorism is the systematic use of violence, threat of violence, fear, or intimidation against primarily a civilian population for a political goal. There is no special exception for state sponsored activity. There are international laws that define some stated sponsored activities as war crimes, but that's not mutually exclusive and it still meets a colloquial definition of terrorism if not also a legal one.

        Not all cyber warfare is terrorism. So I would not necessarily want to restrict the discussion purel

        • Now I'm even more confused. In your original post you advocate "treat attacks on civilian targets and infrastructure as terrorism." yet claim sanctions which are really the only tool that anti-terrorism laws have against State-sponsors, should not be used. So in practical term how exactly do you want the U.S to respond?!
    • Tell us more about option B: 'GTFO.'
    • by cmarkn ( 31706 ) on Thursday April 22, 2021 @01:48PM (#61301650)
      Sure, the Chinese Communist Party would love to get an agreement to restrict cyberwarfare. And just like every other treaty they have ever signed, they would ignore it and do whatever they want, regardless, while accusing every other signatory of violating it to keep poor China down because of racism.

      Example:
      Treaty controlling turnover of Hong Kong.
      https://www.msn.com/en-us/news... [msn.com]

      The UNCLOS, which they ignored, which was arbitrated and the result has been ignored by the CCP.
      https://globalnation.inquirer.... [inquirer.net]

      Five border treaties between India and China.
      https://www.businessinsider.in... [businessinsider.in]
    • by kot-begemot-uk ( 6104030 ) on Thursday April 22, 2021 @01:48PM (#61301652) Homepage
      Ain't going to work for a number of reasons:

      1. The barrier to entry is minimal. A large crime gang has no issues gaining access to resources which would require a nation state if this was nukes, chemical or biological warfare.

      2. 99% of the "attributions" have no merit in fact. They are utter shit. They are not fit to be presented in a discussion based in law. They are attributed to a particular actor solely on the basis of political convenience of the day.

      3. A normal weapon when deployed is expended. You cannot capture it, rearm it and lob it at somebody else. Not an issue with cyberwarfare and happens on a daily basis. That makes point 2 even more pertinent - even if you have identified the weapon correctly what is your rationale to declare that this Cyber-AK47 is Russian or Cyber-AR15 is American. They can be captured and reused.

      4... 5... 6...

      The real answer is re-engineering the whole thing with security in mind (and that implies surrendering any anonymity) from the ground up. Nothing else will work.

    • by jmccue ( 834797 )

      The way out of this is:

      1. Stop turing Linux into windows

      2. Stop using anything close to Microsoft Windows

      3. Take back control of your servers from the cloud providers

      • Industrialized nations definitely need to think of private computer networks as key infrastructure and a national security issue. Letting banks and power plants get hacked pretty much every day is downright irresponsible. Too bad the average citizen doesn't realize there is anything wrong until their bank account is empty or the lights go out.

      • by DarkOx ( 621550 )

        This will be really unpopular but the real fix is -

        Real actual answer. - Great Firewall of the US. With ingress controls that super strict and absolutely no encryption over the boarder; except via registered site-to-site vpns with defined use and penalties like no more vpn for you for organizations that are found to be violating those use agreements. Corporate VPNs would be fine and the like but not if they then allow egress for example.

        That pretty much make all the international hacking detectable. We hav

    • by rtb61 ( 674572 )

      We are way past that. I would suspect the military contractors, they hire people who want to kill for shits and giggles, they do not care who dies in their employ or who they kill. A lot of this is very organised very military and you have contractors who employ thousands, their only morality greed, I would suspect all of them hiring hackers and using them for insider trading hacks and contracting the information back to the vulture capitalists and having done so for quite some time. With servers in Russia

  • by Anonymous Coward

    Glad it didn't affect me THIS time, but something really needs to be done. It is hard as hell to block new attacks like this. I can see the US government going after them, but they just have less to lose. Or DO they. Their biggest issue is being exposed by bad press, like crimes against their own people. Time to start pulling all that dirty laundry out in the open maybe.

  • by Bodie1 ( 1347679 )

    I know it was two whole days ago, but...

    https://it.slashdot.org/story/... [slashdot.org]

  • I don't get it.. (Score:4, Interesting)

    by RightSaidFred99 ( 874576 ) on Thursday April 22, 2021 @01:19PM (#61301518)
    We have the funding and the people. Are we hacking them too and we're just better/quieter at it, or are we seriously just a bunch of cyberpussies?
  • These government agencies and companies and software so large that they are effectively US assets by the ubiquity they are used that they should have some input and forethought into exposing and correcting some of these vulnerabilities. It's clear these private companies cannot or will not put in the ffort to secure their products against state actors.

    Maybe I am wrong but doesn't the security of these government agencies fall somewhat under the purview of the NSA's responsibilities? If not them then some

  • Funny.. (Score:4, Insightful)

    by SuperDre ( 982372 ) on Thursday April 22, 2021 @01:48PM (#61301648) Homepage
    Calling the kettle black is what we call this. The US tries to hack every other country in the world, including it's own allies. So don't go pointing fingers and cry about it when others do it to you.
  • by cmarkn ( 31706 ) on Thursday April 22, 2021 @01:59PM (#61301698)
    You’ve got to admire the balls of Microsoft putting the blame on China for “starting a free-for-all where scores of different hackers broke into organizations around the world through the Microsoft Exchange email program.”

    Yes, these are bad guys doing bad things. But you know what? They could not do it if Microsoft hadn’t left the holes in their Exchange program for the bad guys to get in through.

    It’s not like they don’t know there are bad guys out there, and it’s not like they know there are holes in their program, but they just can’t be bothered to close the barn doors until after the horses have run off. Now they want to be treated like heroes for fixing the problem they created? At least a big part of the blame for this should fall on Microsoft.
  • If only the world had the collective will to tell them with a single voice to play nice or we'll just drop all of their traffic into the bit bucket.

  • ...we need to stop pussyfooting around pretending that the Chinese are interested in peaceful coexistence.

    They fully believe that they have the power of history, and that the corrupt and decadent West is bound to collapse before the inevitability of the Middle Kingdom.

    Let's be clear, the Chinese Communists WORKED WITH the Japanese in ww2 - to Chinese, this is literally comparable to Jews cheerfully working with Nazis - because they saw it as the best way they could get rid of Chiang Kai Shek and the KMT.

    Unt

  • That two pieces of software that are expressly used ostensibly by companies to 'improve' the security turned into huge gaping backdoors?

    I just like to raise this point as enterprises go to deploy probably more gaping backdoors from various companies in response to these incidents, thinking they are deploying things to help them get their security in order. Companies with a reputable brand and golf-playing salespeople, but not particularly great developers...

C'est magnifique, mais ce n'est pas l'Informatique. -- Bosquet [on seeing the IBM 4341]

Working...