Sign in / up

back to article China's Volt Typhoon spies broke into emergency network of 'large' US city

The Chinese government's Volt Typhoon spy team has apparently already compromised a large US city's emergency services network and has been spotted snooping around America's telecommunications' providers as well. According to a report on Tuesday by industrial cybersecurity biz Dragos, the crew has been conducting …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    No White Hats Anywhere?

    Quote: "....just as much as Uncle Sam's NSA and CIA is probably all over Chinese networks...."

    ....not to mention hacking Angela Merkel's phone.....and who knows what other "allied" targets.

    Pot......Kettle.......

    6 6 Reply
    1. HuBo Silver badge
      Reply Icon
      Pirate

      Re: No White Hats Anywhere?

      Our sustained freedom largely depends on the edge that we maintain over our adversaries, in both techops and psyops. Here's to hoping that Fortinet and Ivanti (and BOFHs everywhere) up their game to the required level to prevent successful powerdowns of our infrastructure by those who seek to spread authoritatian state control beyond their borders and into our backyards!

      Angela Merkel's choice of farewell song expressed this very nicely (IMHO), joining Emma Goldman through Nina Hagen's "Du hast den Farbfilm vergessen", that our "pursuit of happiness", however frivolous it may seem, is the cornerstone of our humanity (much preferable to a face "grey as Pravda paper"). This freedom is very much worth fighting for (and protecting against the likes of Volt Typhoon!)!

      0 2 Reply
      1. Grinning Bandicoot
        Reply Icon

        Re: No White Hats Anywhere?

        Two believers route step for all to whatever destination chosen by the leader. The Scots and the Welsh taught the English the value of one making ones own destiny. It was the English and the Japanese that took the US from "Gentlemen do not read each other's mail" to the enthusiastic reading, viewing and writing of communications as taught to those Anglophiles of the Northeast US. But if such practices are so new what was that bit about the spear and the letter in Commentarii de Bello Gallico or why was Caleb with Rahab.

        0 0 Reply
    2. DS999 Silver badge
      Reply Icon

      Re: No White Hats Anywhere?

      Regardless of the extent to which the NSA/CIA/GCHQ/etc. have penetrated China's infrastructure we should still be alarmed at the evidence that China is penetrating critical systems, and insist better security precautions are taken.

      I'm sure when China discovers the CIA running around their critical networks they are equally upset, they just don't telling the press about it so their public is unaware. If China and the US ever did have some sort of direct conflict (which I think is exceedingly unlikely, if there's any conflict it would be by proxy over Taiwan) I imagine the citizens of both countries would find they've been in the dark about the extent to which each has penetrated the infrastructure of the other. Literally in the dark, because the power would be out in large swathes of both countries.

      1 0 Reply
  2. sitta_europea Silver badge

    I seem to remember that when I was a kid, we had water, and gas, and electricity, and road fuel, and ... no Internet.

    Critical infrastructure has no need whatever to be on the Internet.

    It would be very much better if it weren't.

    If I ran the show it would be illegal.

    2 0 Reply
  3. Anonymous Coward
    Anonymous Coward

    I love the naiive comments about critical stuff not being on the net.

    If you know what they are doing, they aren't; but that doesn't stop there being attack vectors if you really know what you are doing. Besides physically reaching the device (e.g. by compromising the device being used to do firmware or configuration changes); communications are much of the point of installing any kind of instrumentation. Comms does not have to be internet.

    Possibly the worst example I've seen was an embedded provider with a 'proprietary' wifi module claiming that that solution was secure (hah!) There are also other examples of hardware manufacturers recently being mandated for deletion.

    There's a huge case for using pre-silicon control paradigms for such systems and/or keeping sites manned 24/7; shifting the problem onto vetting of staff and supply chain for long-obsolete hardware. However, there's this minor thing you may have heard of called the cost of living crisis. Hiring the staff to bump up the numbers and coverage would not be insignificant.

    Not saying we shouldn't do it, it is a valid strategy. Trying to stay evergreen in silicon is basically impossible, especially where high uptime is a requirement.

    0 2 Reply
    1. Lee D Silver badge
      Reply Icon

      There's a big difference between taking everything back to manual labour, and just running a secure, isolated network that's not connected to the Internet.

      There's absolutely nothing stopping people designing secure isolated networks, where every device is approved before it's allowed on, where they can connect over leased lines to other sites directly, and where any kind of rogue traffic wouldn't be able to get out even if it could get in.

      All it takes is common sense, money, and not routing to the global, public Internet.

      2 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        There is no such thing as an isolated device, short of turning the power off permanently.

        At some level you have to interface with those devices to alter configuration and/or firmware, which, sooner or later means coming along with a laptop and an RS232 lead or an appropriate USB stick.

        Stuxnet purportedly got into the PLCs of the supposedly isolated Iranian centrifuges by the latter route. Controls can be applied but the cost of doing so is prohibitive and certainly not immune. 1930's electromechanical industrial controls last vastly longer and are simply not subject, by definition, to these attack vectors that every single device rolling off the shelf today, is.

        You don't need a 2GHz ARM-derived CPU to do the job of a few clocks and trip switches. The supply chain would like you to think you do.

        Where's the supply chain mostly based out of? Yep, you guessed it. One of those states we have problems with cyber security with.

        0 0 Reply
        1. Grinning Bandicoot
          Reply Icon

          Ladder logic is very easy to trouble shoot . A few jumpers, a pad of paper, and some writing implement being all hardware

          0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like