back to article Cow-counting app abused by China 'to spy on US states'

Beijing's spies compromised government computer networks in six US states by exploiting, among other flaws, a vulnerability in a cattle-counting system, according to Mandiant. Meanwhile, Proofpoint reckons a China-aligned miscreant is targeting European governments. Both firms warned this week that Middle-Kingdom-backed snoops …

  1. First Light Silver badge

    Private resale of stolen data

    That must be a real cash cow for them . . .

    1. ShadowSystems

      Re: Private resale of stolen data

      Who ever herd of a flaw in a cow app being used to milk away all sorts of PII? That's udderly despicable!

      I'll get my coat & hoof it on out now...

    2. sanmigueelbeer

      Re: Private resale of stolen data

      What an udder load of cow dung.

    3. GruntyMcPugh Silver badge

      Re: Private resale of stolen data

      I think those data thieves deserve a pat on the back,....

  2. Anonymous Coward
    Anonymous Coward

    With Russia going rogue

    I think China is about to spring a huge trap on the West.

    1. Anonymous Coward
      Anonymous Coward

      Re: With Russia going rogue

      They've adapted Covid-19 to a bovine version?

    2. Doctor Syntax Silver badge

      Re: With Russia going rogue

      Russia/Putin has gone rogue a few times in the past. It's worth thinking about what's different this time - the push-back must have come as a surprise to him. I wonder if one factor* has been that everyone has become thoroughly pissed off with the intrusions from the Russian outfits that they have become less tolerant. Another may be that Covid has prompted Western governments and industry to look more closely at their supply chains. It may well be that the West will start wondering about how to spring some sort of surprise on China.

      * There will have been others, one being that invading Ukraine is particularly egregious.

  3. Mike 137 Silver badge

    highly sophisticated attack ;-)

    Looking up the CVE record, I find that the attack was possible due to 'CWE-798: Use of Hard-coded Credentials'.

    When will they learn?

    1. Doctor Syntax Silver badge

      Re: highly sophisticated attack ;-)

      What? You mean hard-coded credentials can't be kept secret?

    2. Nick Ryan Silver badge

      Re: highly sophisticated attack ;-)

      Probably the same moment that they learn that SQL injection attacks can be quickly and simply prevented through using parameterised queries and that these have been available for a few decades...

  4. jvf

    Holy cow, Batman!

  5. StephenH

    Cow counting app was the second attempt

    The first version used a sheep counting app but the computer kept going to sleep.

  6. Roger Kynaston Silver badge

    Not chinese?

    It is the revenge of the lactose intolerant.

  7. spireite Silver badge

    Find in old code

    Legacy issue because of a code fresian

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like