Chinese Army: US hacks us so much, I'm amazed you can read this Two Chinese military websites - including the Defence Ministry - are routinely subjected to thousands of hacking attacks every month, the majority of which can be traced based to the US, Chinese authorities alleged this week. Two-thirds of the 144,000 attacks a month against Chinese military sites last year came from the US, …
Pity that you don't understand how launch systems work.
They're not open to the internet, they're on isolated networks that are inaccessible to other networks. Hence, they can't be hacked unless one is sitting at a terminal on that network.
Out of idle, proximity-of-the-weekend induced curiosity, how do people at said terminal get the message to press the red button (virtual or not)? Somehow, information is gained/accessed/processed/interpreted, and communication must take place. Plenty of weak spots there - that's the idea behind APT.
I'll suggest that there is a great deal of skill on both sides of this game. I had no involvement with our cyber operations, save in the defense side of our networks.
From the Information Assurance side of the house, I can say that the PLA personnel were overall extremely clever and a few spoke fluent American English, understood American culture and used multiple means to attack our networks. Efforts ranged from social engineering, plain phishing, spear phishing and even scattering infected USB drives in a headquarters parking lot.
The latter being the 2008 cyber attack against the US DoD, which was extremely effective. Twice. Interestingly enough, my installation remained uninfected throughout that multi-billion dollar debacle.
But then, our baseline was the directed DoD baseline configuration, we had no pirated software on the network, our patch management was efficient and up to date and our antivirus definitions were pushed out daily to the test systems and the next day for the main production systems. When the undersecretary of defense ordered USB mass storage shut down, NetCom commands refused to "force the issue with their customers", I went to the installation commander, who "owns" all computers on the base, briefed him on the directive and requested his desire.
"Shut the F'ing things off."
I went back to my desk, hit enter and the script was pushed out, shutting down all USB mass storage and an e-mail went out advising all as to what happened and why.
We did exception to policy on a case by case basis, for those whose mission was impacted, with only three exceptions throughout our entire installation.
This post has been deleted by its author
smoking is big in China
Switzerland too, and practically every teenager smokes to "fit in" :(.
The most ironic statement I had in that context was by someone proclaiming that it was their "freedom" to smoke. They got a bit upset when I remarked that a 3m hose length radius around an oxygen bottle wasn't much in the way of freedom, but that's the idea of grabbing them young: they don't think very far ahead. Getting lung cancer at 35 is too far away for them to worry about..
For all the bullshit and the quite unique styles, the US and China have become very similar in recent times. Media orchestration, money > people, absurd delusions of grandeur, massive corruption, and of course, ludicrous amounts of surveillance and propaganda targeting their own citizens. The Chinese have even begun exploring space. They'll be telling us they're a "land of the free" next, as they monitor every communication, run jails as a private industry, and hound journalists that dare speak against the regime. If these two former polar opposites can find so much common ground, perhaps the "one world government" Bush snr was so obsessed with might actually be possible.
I don't know, maybe they'll bypass the whole capitalist/feudalist intentional abuse of the population thing, and go straight to a Star-Trek NG-like advanced society. They look more likely to do that than most other places.... plus they do have the advantage of 1000s of years of culture. Well, we can hope :)
Being a decadent lazy westerner I skipped the article and went straight for the video. From what I understand Chinas' weaponized bear technology is decades more advanced than we thought. Although on the upside once they invade I can smoke at work, so where can I email my user/passwords to hurry this along?
What is the point in this hacking? No seriously? What is it going to aachieve? Its a bit like Anon deficating on some website. What is the damage? Its a bit like kids doing graffiti and then the other bunch paints over and they get all upset and worked up about it.
What kind of a millitary organisation has its main system physically connected to the same same network as their web servers? Why is their system online anyway? For what purpose? Generals can do battle plans from home? No really?
Please let this be not how I imagine it it is... This is just too depressing to think that the millitary are so god damn stupid.
""What is the point in this hacking? ""
To cause disruption to the enemy, to steal information, to cause internal descent, sabotage.
""What is it going to aachieve?""
Any number of aims and goals I am sure the Chinese and US government has. I am sure the Chinese main aim is to steal US military secrets. US aims it probably learn more about the inner workings of the Chinese government, when it spending it cash surplus, friends and foes. An perhaps any secrets the Chinese military has.
What is the damage?
Apparently the US was able to remotely destroy centrifuges using stuxnet in the lab, it unknown what damage they did to Iran nuclear industry, from the outside not very much.
""
What kind of a millitary organisation has its main system physically connected to the same same network as their web servers?""
None, but you do not need an physical connection to hack a computer system. Just needs someone to connect something up to an outside hard drive, pen drive, or possible even fit a new specially adapted motherboard, RAM that you have manage to infiltrate into their supply chain.
""Why is their system online anyway? ""
They not.
"""None one said it was on-line. """
No one said that it needs to be on-line to be hacked. An the US and China are not really talking about the kind of attacks that are appearing as graffiti on websites, even hacking sites and stealing passwords (through given that the bigger the password databases NSA and the like can assemble the more like they are able to build intelligence systems able to guess people passwords more accurately by analysing everything they know about the person), they are talking about the kind of attacks that may take 5 years before paying off, they sits and lurks in their computer systems, spreading silently until they find their target. What they are talking about in public is little more than a distraction to what they are both up to.
An the publicly detected attacks are probably design to divert security industry away from other attack avenues or at the very best design to inform the industry of such attack vectors so they can be fixed, after their usefulness has expired.
It's basically a re-run of the Cold War, but instead of mutually assured nuclear destruction we have mutually assured economic destruction and instead of the two sides being openly hostile towards each other they're actually business partners and largely dependant on each other.
That It's also completely insane is par for the course.
Here's the kicker though, because the consequence of lobbing a nuke were very well understood by all sides to almost certainly result in the end of all life on earth, a whole bunch of systems and safeguards were implemented to ensure that it would be really hard to either accidentally fire one off or for some guy to have a bad day and decide to fuck the planet. Wasn't perfect of course and the fact that we're all still here is completly down to the fact that on the occasions the system failed the guys that were told to press the button didn't.
This time round there's no safeguards, if one guy hacks into the right system and decides wipe it for the lols instead of pwning it for God and Country, it could escalate shockingly quickly to a couple of billion people surprised by the sudden loss of power, communications and water.
Sleep well.
What is the point?
Let's see, the PLA got into systems of those negotiating contracts with PRC based companies, learning the negotiation strategies, desired and how much they were willing to spend.
The PLA got into US companies and stole R&D for new products, not only military products at that.
The PLA got into US DoD networks, fortunately, they couldn't get to classified networks which also were infected by their worms, as those networks are isolated from NIPRnet. But, they harvested all manner of information from NIPRnet. Troop dispositions, troop movements, supply manifests, etc.
And yes, Generals do battle plans from "home" in the US. CENTCOM headquarters isn't in the Persian Gulf or Afghanistan, it's in Florida, with contingents in theater, but the commanding general spend the majority of their time CONUS. That said, plans go on the classified networks, however, there are plenty of unclassified communications about those plans that live on NIPRnet.
Another example, remember the big stink over Oliver North having a fence and security installed at government expense, but that stink when nowhere?
It was because he had a SIPRnet feed to his home, with an encrypted tunnel to other classified networks.
That's why the stink blew away faster than usual.
"...closed monthly meeting of local journalists that excludes member of the foreign press corps."
Can one imply from this statement that all the 'facts' here (144000 US hacks) are meant for the great Chinese unwashed to worry and fret over? Is this just demonising the West for local consumption?
"demonising the West for local consumption" not that the West would dream of doing such a thing on a daily basis to China, Russia, Belarus, Argentina, Iceland, Greece ..... or anywhere else that dares to not toe the line. Do any of the press or TV in the West routinely refer to Obama or Cameron or Merkel as a "strongman" or question how they got elected and fund endless pressure groups from offshore to "find out the truth"?
Darling: So you see, Blackadder, Field Marshal Haig is most anxious to eliminate all these German spies.
Melchett: Filthy Hun weasels fighting their dirty underhand war!
Darling: And, fortunately, one of *our* spies--
Melchett: Splendid fellows, brave heroes, risking life and limb for Blighty!
Someone must be taking Sunday off to get that nice round number.
Here's an experiment. Go to an old-fashioned ISP and get a single static IP address. Put a packer sniffer/wireshark/whatever on it. You'll get a constant stream of port probes. Very likely in the range of hundreds per minute.
Are they attacking you? Yes. Is someone targeting you? No. It's just the constant noise of botnets and like trying to expand.
Now put up a website. You'll get a smaller number of attackers, trying a broad range of attacks. Again it might feel targeted, but it's all just automated.
Now if you are a high profile target, there are undoubtedly some targeted attacks as part of that barrage. But 144K per month is way too high of an estimate.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
