And it is still a nightmare to get vendors and managers to take security seriously and fund it properly.
Russia and China bombard Blighty with 188 cyberattacks in 3 months
Britain has been hit by 188 "high-level attacks" in the last three months. Some of these attempts include Russian state-sponsored hackers trying to steal defence and foreign policy secrets, according to the UK's newly appointed National Cyber Security Centre chief Ciaran Martin. Russian and Chinese attacks on defence and …
COMMENTS
-
-
Monday 13th February 2017 17:42 GMT Anonymous Coward
And it is still a nightmare to get vendors and managers to take security seriously and fund it properly.
The Internet was designed to route around damage so that data could always get to the endpoint. As it expanded, people didn't really think through the implications because (let's be honest) it was just such fun in the early days. And then people didn't want to pay for stuff and some genius had the idea of using advertising as a form of micropayment, followed by cookie tracking and end user espionage.
And then people wonder why it isn't secure.
-
-
-
-
Tuesday 14th February 2017 15:55 GMT Anonymous Coward
Re: Source IP does not mean that's where the attack came from
"You can often tell the origins by the language of comments embedded in the attack code, for example."
And it would never, ever occur to a hacker who is trying to obfuscate their identity, to simply insert comments in a language other than their own?
-
-
-
-
Monday 13th February 2017 19:02 GMT Anonymous Coward
Sadly, I call "lack of knowledge."
They can find and trace the traffic via command and control messages sent in from their "admins." None of the really good malware is completely automated, yet. There is a need for humans to monitor and control the process and the monitoring and control of the botnet. The people with the ability to see, and correlate, this traffic are the government and other agencies with the ability to see all the traffic; inside, AND at the ingress/egress points. You're lack of knowledge is disturbing. I am not a senior network security person, merely a senior Linux and large data center hosting admin, and I know this. You should read more info, and less opinion-related items.
-
Tuesday 14th February 2017 01:25 GMT tr1ck5t3r
Its just to keep us busy watching those packets coming into your computer when you could be enjoying life.
If they really wanted to do something about it, GCHQ would have built something to secure what they can coming over the networks like China. After all economic activity is important right, you dont want the NHS losing your records to some hacker collective who publishes it on the dark web now do we, or some banks getting hacked?
National Security? Thats a joke, they are the one's carrying it out whilst the innocents get targetted just like in a real war. Hacking celebs and giving the media the tip off's is all just part of the charade, aint that right Beckham?
-
Tuesday 14th February 2017 04:24 GMT streaky
I can't even figure out the scope of these numbers. What I do know is if it's only 188 in 3 months then Russia and China aren't trying very hard. I could do billions in minutes without even really trying. Again, scope is at question.
Love the idea of GCHQ telling people that we're under attack, we were all wondering when GCHQ were going to notice, stop looking at people's cat pictures, and actually contribute. (Also that GCHQ are the planet's biggest threat to UK corporate IT; we've all seen the slides).
-
Tuesday 14th February 2017 12:24 GMT Anonymous Coward
Security snowflakes?
"A Russian official revealed that the country is the target of hundreds and sometimes thousands of cyberattacks every day, some of which are launched from the United States".
http://news.softpedia.com/news/russia-hackers-attacking-putin-s-website-thousands-of-times-a-day-511877.shtml
-
Tuesday 14th February 2017 19:11 GMT bombastic bob
Re: Security snowflakes?
"A Russian official revealed that the country is the target of hundreds and sometimes thousands of cyberattacks every day,"
it's almost expected, yeah. 'Spy vs Spy'.
But when you get economic sanctions because of alleged 'hacking', it should be backed up with some REAL evidence. Just sayin'.
-
-
-
-
-
Tuesday 14th February 2017 00:37 GMT Lars
The UK arms industry is fairly successful and the number five exporter behind the USA, Russia, Germany and France with China as number six according to the Daily Mail.
https://en.wikipedia.org/wiki/Arms_industry#World.27s_largest_arms_exporters
Industrial espionage is hardly anything new but I agree it must be hard to prove exactly who is behind every hacking attempt (and I am sick and tired by the word cyber for now, and so is my spellchecker).
-
-
Monday 13th February 2017 16:19 GMT Anonymous Coward
Acts of war?
If these are truly state sponsored attacks, then surely they should be regarded as acts of aggression or war? Just because the countries in question aren't lobbing bombs at us or directly physically attacking us, doesn't mean there are no consequences to our country's well being or economy.
-
Monday 13th February 2017 16:25 GMT GingerOne
Re: Acts of war?
"then surely they should be regarded as acts of aggression or war?"
Don't fall in to their trap my friend. If this is state sponsored there is no need for war. 'The State' is nothing to do with the actual people of Russia or China, just like ours is sadly nothing to do with us. Don't let the pathetic posturing of our 'leaders' lead you to grow hate for millions of innocent people.
-
Monday 13th February 2017 18:03 GMT Anonymous Coward
Re: Acts of war?
If these are truly state sponsored attacks, then surely they should be regarded as acts of aggression or war? Just because the countries in question aren't lobbing bombs at us or directly physically attacking us, doesn't mean there are no consequences to our country's well being or economy.
That slope has more grease on it than a monkey in a machine shop.
Even forgetting about the difficulties with attribution and proof, what is the threshold for the consequences to our country's well being or economy? For example, Chinese government may argue that BBC Chinese Service causes harm to China's well-being and economy by spreading news which it would rather have suppressed. Would that constitute an act of war? Or the Russian government may argue that the sanctions imposed by the UK government cause harm to the Russian economy. Would that be an act of war?
There are many good reasons to avoid this verbal inflation and hysteria; only somebody who'd never been on the receiving end of the actual war or even a limited peace-keeping action would seriously equate a booby-trapped powerpoint opened by a moron with an act of war.
-
Tuesday 14th February 2017 12:27 GMT Anonymous Coward
Re: Acts of war?
If you are plotting to kill me, then surely I ought to get my retaliation in first and attack you.
There are many problems with that line of thinking, the greatest of which is the word "if". One does not declare war on the basis of unsubstantiated suspicions - or reports issued by self-serving officials.
Nor, of course, does one declare war on a power that could render the UK uninhabitable within one hour.
-
Wednesday 15th February 2017 12:07 GMT Sir Runcible Spoon
Re: Acts of war?
Intelligence gathering prior to an act of war isn't, in of itself, an act of war as far as I am aware.
If that knowledge was then used to damage a country's infrastructure, for example, then yes, that would be an act of war (if it was initiated by a state actor - but how can you tell? It could just as easily be carried out by a corporation in that country (assuming you could identify the country reliably)).
The problem is that of the language used. 'Attack' infers some kind of damage, whereas what they are actually describing is 'espionage' or perhaps 'infiltration'.
-
-
-
Monday 13th February 2017 16:24 GMT pdh
Fuller disclosure
It would be interesting if accusations like these also included a line saying: "And in that time, we ourselves have mounted or sponsored X number of attacks against Russia and China, using the same definition of 'attack'."
Even if the number X is zero, it would be interesting to hear the government state that out loud, with a straight face. (And then to hear them explain why they believe zero is the most appropriate value of X.)
-
Monday 13th February 2017 19:30 GMT Yet Another Anonymous coward
Re: Fuller disclosure
Why would we bother hacking our enemies?
Unless there is a war what good does it do to know the Russian or Chinese military's secrets?
It would be far more valuable to be hacking the Eu ministries that will be negotiating Brexit or the US agencies that will be deciding on the tarrifs to place on the UK
-
Monday 13th February 2017 19:53 GMT Anonymous Coward
Re: Fuller disclosure
Unless there is a war what good does it do to know the Russian or Chinese military's secrets?
By the time there's a war on it is a bit late to think "Ooh, we'd better hack their military secrets". As a general rule, a successful cyber-espionage campaign takes a lot of scoping, planning, and execution (plus design, coding and testing if you need new spyware able to infiltrate nation state defences).
-
-
-
Monday 13th February 2017 16:46 GMT Christian Berger
Attribution is (virtually) impossible
IP-Addresses say nothing, code styles can easily be faked or you can just buy exploits on markets, foreign characters in filenames or paths can easily be faked as can dates and times.
We live in a world, where it's likely that the actions of some little kid are seen as a state sponsored attack, no matter how primitive they were. Also we live in a world where false flag operations are nothing uncommon.
If those organizations mentioned in the article would actually care about security, they would provide guidelines for actual security. They would advise against office software, they would advise against complex file formats, particularly proprietary ones. They would warn against closed source software, particularly when there's an auto update mechanism.
-
Monday 13th February 2017 16:49 GMT GingerOne
Re: Attribution is (virtually) impossible
"We live in a world, where it's likely that the actions of some little kid are seen as a state sponsored attack"
Or we live in a world where governments will use the actions of some little kid as an excuse to flex the muscles and start measuring each others dicks.
-
-
Monday 13th February 2017 16:51 GMT Anonymous Coward
Soo..
Do these (presumed) state-backed operators need this data in order to fight terrorism and keep us all safe? Because that is (as far as I understand these things) the reason why our own state usually mounts cyberattacks and conduct espionage against its own people)... Is China and Russia just trying to protect us all as well?
Joking aside, I know that the various UK security services are probably less likely to abuse my, yours, and any UK company data that they somehow obtain (meaning using the data outside of their stated purpose of obtaining such data - like building a competing company or product), but the foreign agencies are probably less likely to come knocking on your door in the middle of the night.
So on the whole, I'm not 100% sure who'd I'd rather be cyberattacked by.
-
Tuesday 14th February 2017 12:35 GMT Anonymous Coward
Re: Soo..
"Because that is (as far as I understand these things) the reason why our own state usually mounts cyberattacks and conduct espionage against its own people)..."
I'm afraid that your words show you don't understand these things very well. Your own state emphatically does not spy on you and others "in order to fight terrorism and keep us all safe".
For a start, the threat to British citizens from terrorism is virtually nil. Noise level. You are more likely to be struck by lightning, killed by a bee sting or run over by a police car than killed by terrorism in Britain. (And please don't tell me that's because the police are so efficient).
Moreover, even the tiny threat that does exist could be virtually extinguished if our own precious government(s) would just stop killing foreign people going about their own business in their own countries. It's not a lot to ask, is it?
-
-
Monday 13th February 2017 17:07 GMT Ironclad
Been going on for centuries....
...just not using this medium.
Previously spying was done through bribery, corruption, blackmail and just plain physically stealing stuff, it's now much easier to hack into another countries vulnerable systems instead.
Perhaps a massive denial of service attack or a deliberate act of sabotage that could be traced back unquestionably to a foreign power (and I imagine that's very difficult to prove) could be construed as an act of war. Until then it is the ancient art of espionage through another avenue.
-
Monday 13th February 2017 17:08 GMT Anonymous Coward
"Some of these attempts include Russian state-sponsored hackers trying to steal defence and foreign policy secrets"
I always wonder at organizations that feel they must make everything available over the internet.
Perhaps "secrets" don't really need to reside on a computer?
BTW: Is "defence" a British spelling?
-
-
-
Tuesday 14th February 2017 12:40 GMT Anonymous Coward
Re: Defence vs Defense
It has been suggested that some of them think people in Latin America speak Latin. And there was one prominent US politician who visited Rio de Janeiro and, attempting to emulate John Kennedy in Berlin, told the Brazilians, "I am a carioca (a native of Rio)".
Unfortunately he said it in Spanish.
-
-
-
-
Monday 13th February 2017 19:19 GMT Anonymous Coward
All sane folks in the US do NOT condone spying on everyone and everything without obtaining some kind of approval, so as to remain within the law and the "laws" of human decency. Ed Snowden pointed a light into that hole and we can see what we felt was going on; nothing good. Your government, and mine, like to use these "cyber attacks" and pair them with "Russia/Chinese state threat actors" unless it's convenient to deny it, *cough* tRump *cough*. This is how your data and mine are slurped up and examined, all without any oversight or due process. Idiots who claim "well, if you have nothing to hide, surely you don't mind big bro taking a peek?" while not also offering their own bank passwords for examination by me are part of the problem. Keyboard Wankers, is my name for those fucknuts.
The government is not able to dig through my backpack without my allowing it, so why should my data be any different? It ISN'T!!1!
-
-
Monday 13th February 2017 19:38 GMT amanfromMars 1
Your duty ...... as a member, freedom loving individual and grand master in the human race
Does anyone calling for war deserve a bullet ..... in order to discourage others from similarly failing catastrophically and falling foul of madness and mayhem?
Keeping things so simple easily prevents destructive confusion and stupid conflicts?
-
-
Wednesday 15th February 2017 19:13 GMT amanfromMars 1
Re: Your duty ...... as a member, freedom loving individual and grand master in the human race
What if a whole country calls for a war? ... Sir Runcible Spoon
It is always only leading warmongers and the intellectually bankrupt that make such a call, Sir Runcible Spoon. Whole countries only pay the cost and carry the price for them. Both thus proven prime idiots easily led by crazed words.
-
-
-
Tuesday 14th February 2017 09:12 GMT 22ten
State sponsored or bedroom warrior?
You have to admire the paranoia of these people that hacking must be state sponsored when the people who have been caught so far have been largely bedroom warriors... But I guess it's problematic to justify spending millions of taxpayers money otherwise!
-
Tuesday 14th February 2017 11:55 GMT amanfromMars 1
Re: State sponsored or bedroom warrior?
... But I guess it's problematic to justify spending millions of taxpayers money otherwise! ....22ten
Howdy, 22ten,
Did I not hear correctly that £2billion was the cost so far for the setting up of the UKGBNI National Cyber Security Centre. White elephants and unicorns are not as cheap as chips, you know.
I quite like the idea of State sponsored bedroom warriors though :-) …… although only if one is not expected and contracted to follow a fools’ agenda, for that is problematical and unacceptable to all with the necessary mindset to excel at …. well, CyberIntelAIgent Security and Virtual Protection of Critical Assets and Strategic Goals is a Prime Class of any National/International/Internetional Security Infrastructure which be of quite natural and supernatural interest to others, given what monumental damage and catastrophic disruption can be so easily wrought with expertise in ITs Advanced Imaginative Fields.
-
-
Tuesday 14th February 2017 10:22 GMT tiggity
"Some of these attempts include Russian state-sponsored hackers trying to steal defence and foreign policy secrets"
Good luck to hackers seeking to find any coherent Foreign policy information given the headless chicken approach from gov on Brexit so far, best they will get is: Foreign policy means Foreign policy
As for defence save themselves the effort, just look around for the most ludicrously over priced but not really fit for purpose kit you can find - that will be MOD wishlist based on recent purchase history
-
Tuesday 14th February 2017 13:31 GMT Anonymous Coward
I actually found some (real) defence foreign policy documents online, (not UK docs but allied nations),
took me two weeks of emailing to get the attention of the relevant nation and get them moved. I think in the end I probably just phoned them up, it was a while ago.
My accidental kali/metasploit hacking tool of choice then was a simple Google search. . .for some technical docs - not what I got. I doubt things have improved pen.wise in some countries, other than Google search being more partial, bubbly & flaky. I'd probably use yandex.ru today.
Now, back to my cheap Solar and away from the old exciting neversec cybersquirrel stuff
-
-
-
Wednesday 15th February 2017 13:28 GMT Anonymous Coward
Re: Missing man in the middle?
Yes, recently, any open-source fact posited on forums, that mentioned a certain horseless folk-wagon and their associated worldwide breathing/dementia linked "allegations" - was speedily rebutted online (almost as though they had subcontracted the B.N.D. multi-typewriter-warrior trolls to do this), allegedly etc
What is it called when Corporations and "the State" become interchangeably interlinked, not much concerned with the actual population, old word, begins with "f". . .nope, escapes me?
-
-
Monday 20th February 2017 14:26 GMT mhenriday
it's no doubt rude of me to point this out,
but the article claims that of 188 «high-level» attacks suffered by Blighty in the last three months some came from Russia and China, respectively. It does not claim that «Russia and China bombard Blighty with 188 cyberattacks in 3 months», as in the headline....
Henri