Forgot your password?
typodupeerror
Government Security The Military United States News

Chinese Hacking of American Military Networks On the Rise 205

Posted by Soulskill
from the secure-the-international-tubes dept.
Anti-Globalism writes with this excerpt from the Guardian: "China is stealing sensitive information from American computer networks and stepping up its online espionage, according to a US congressional panel. Beijing's investment in rocket technology is also accelerating the militarization of outer space and lifting it into the 'commanding heights' of modern warfare, the advisory group claims. ... A summary of the study, released in advance, alleges that networks and databases used by the US government and American defense contractors are regularly targeted by Chinese hackers. 'China is stealing vast amounts of sensitive information from US computer networks,' says Larry Wortzel, chairman of the commission set up by Congress in 2000 to investigate US-China issues." The full study addresses these issues and others relating to the US-China relationship (PDF).
This discussion has been archived. No new comments can be posted.

Chinese Hacking of American Military Networks On the Rise

Comments Filter:
  • Obligitory... (Score:5, Insightful)

    by religious freak (1005821) on Friday November 21, 2008 @07:24PM (#25852941)
    But how much is the USA ramping up their attacks on China?
    • by Colin Smith (2679) on Friday November 21, 2008 @07:48PM (#25853223)

      They'll escalate it from there.

      From TFA:

      "says Larry Wortzel, chairman of the commission"

      Larry Wortzel was:
      http://www.heritage.org/about/staff/larrywortzel.cfm [heritage.org]

      who are:
      http://www.heritage.org/about/ [heritage.org]

      "Our Mission
      Founded in 1973, The Heritage Foundation is a research and educational institute - a think tank - whose mission is to formulate and promote conservative public policies based on the principles of free enterprise, limited government, individual freedom, traditional American values, and a strong national defense."

      Yah got to have a bogeyman.

    • by billsf (34378)

      Is this some excuse for another cold war?

      If the USA government is poking at China, its more sophisticated and not readily detectable from the civilian nets. Appropriate technology and its proper use is the solution to this 'problem' that is very visible on our nets.

      --

      No, I can't read your signature, but my computer can. Using 'geek' is nicer than 'nerd' in these parts.

           

  • WTF? (Score:5, Insightful)

    by Ritz_Just_Ritz (883997) on Friday November 21, 2008 @07:24PM (#25852943)

    Perhaps I'm just too simple minded, but WHY ON EARTH is ANY of that information even accessible from the interwebz?

    • Re:WTF? (Score:5, Insightful)

      by aliquis (678370) <dospam@gmail.com> on Friday November 21, 2008 @07:31PM (#25853021) Homepage

      My first though to, why is it even accessible if they think it's such a problem? Guess at least the military should know such basic things. (Though I do understand it makes their sharing easier.)

    • Where's The F***? (Score:2, Insightful)

      by Anonymous Coward

      No you're not simple minded. Why indeed is it anywhere near the internet ESPECIALLY with a report telling us WE KNOW THERE"S A PROBLEM!.

    • Get real. (Score:5, Interesting)

      by Colin Smith (2679) on Friday November 21, 2008 @07:38PM (#25853103)

      This is propaganda. It's simply preparing the public for adding China to the Axis of Evil, erecting trade barriers etc.

       

      • Re:Get real. (Score:5, Insightful)

        by moderatorrater (1095745) on Friday November 21, 2008 @07:56PM (#25853315)
        I'd agree with you if this were a few decades ago, but right now we're too dependent on China's production and cheap labor.
        • The reason is that China controls the currency and pretty much fixes it against the dollar. When the euro rises against the dollar, then yuan rises a bit as well. BUT, China is the one with the monster holding of our dollars and increasing at exponential rate. The yuen should be rising against the dollar if it was traded freely. But it is not. BTW, same issue with India.
          • by wisty (1335733) on Saturday November 22, 2008 @12:38AM (#25855373)

            Don't be to hard on them. China holding dollars gave the west cheap finance, which triggered an asset bubble, and encouraged overcapacity building in China (overcapacity and debt are the two main causes of depressions, depending on which economists you ask). Then they didn't pass on the wealth to their grunt workers, so Chinese demand won't be able to cushion the fall. Oh wait, that was pretty hard on them.

            • If I had points, I would mod you up. Great points. But for global trading to work, we need the money to float freely. Otherwise, it allows countries like India and China to determine what happens.
        • I think its much more that were dependant on China buying our Treasury notes, or else we would literally be bankrupt.

      • Re:Get real. (Score:5, Insightful)

        by zappepcs (820751) on Friday November 21, 2008 @08:01PM (#25853381) Journal

        Bang on correct! When do people, especially government types admit that they have a problem and are hemorrhaging data to foreign states? Only when there is an advantage to doing so. In this case, I think you are right, it's part of a ramp up on public information to demonize the Chinese. Specifically who among the Chinese is yet to be determined, but the probably have a short list of targets.

      • by sowth (748135)

        If that is true, then why have I received tons of scans from Chinese IP addresses? When I last looked at my firewall logs, most portscanning crap came from China, so I blocked a bunch of Chinese subnets.

        What about the people injured or murdered by fake epogen and tainted food? Are the Chinese private sector and military out of control, or is this a deliberate effort?

        Either way, this is a good reason for me to have an unfriendly attitude toward China. Maybe this is propaganda, but there must be some trut

        • by jacquesm (154384)

          It could simply be botnet harvesters trying to 'encourage' your machines to join the botnet.

        • Re: (Score:2, Informative)

          by MrNaz (730548) *

          Actually, according to this list [spamhaus.org], the top spammers are from the US but perform their nefarious deeds using Chinese servers.

          In other words, your claim that "The Chinese are EVIL!" because they portscan you is BS.

          I also think that by saying this "this is a good reason for me to have an unfriendly attitude toward China" you qualify for the Dumbest Statement All Week award. Most civilized people have, by now, realized that the "us versus them" attitude between nations is stupid, as no nation's people can be jud

          • Re: (Score:2, Insightful)

            by RocketRabbit (830691)

            You're living in fantasy land if you believe the Chinese aren't spying on us to the best of their ability. Yes, this includes network sweeps and all kinds of other shit that you can see, right in your own logfiles! You can read about it in the paper if you wish.

            I don't think the poster was saying "All people of Chinese heritage including people who are genetically Chinese but were adopted by American parents are evil!" He was saying "The People's Republic of China is spying on us."

            Get a grip, man. Save

        • by LingNoi (1066278)

          What about the people injured or murdered by fake epogen and tainted food? Are the Chinese private sector and military out of control, or is this a deliberate effort?

          This is really old news, the chinese standards where found to be taking bribes and the main guy got sentenced to death. What more do you want? He's dead.

          Now if only people in the US got executed for fucking up like that. I bet if the same thing happened in the US no one would have even got a jail sentence, they'd have just been fined.

          In fact t

      • by WindBourne (631190) on Friday November 21, 2008 @09:24PM (#25854161) Journal
        I have seen this. I used to work in a start-up and saw 2 seperate incidents. In one case, I was hiring for coders. Found a gal who was interesting. She had married a GI and moved to Northern Colorado Springs. Since we could do the work over the line, not an issue. I interviewed her and she was not interested. That is, until I mentioned taht we were doing work for DOD and NSA. Then her attitude changed dramatically. She very much wanted the job. Ok, not a big deal.

        But a year later, we were looking for funding. Found a Tawain born guy from Loveland who use to own the chinese restaurant there. He wanted to invest. But he insisted on getting control of the hardware (which was the important part) if we defaulted. When would company be considered defaulted? When he said so. Told him no way. So, then he wanted to buy hardware and said that he would sell it in mainland china and we could all be worth 30 million or more. The hardware was only 1M. But he explained that mainland was willing to pay 30 for it and might go higher. I was actually shocked since I considered him Tawainese and would not do that. My opinion changed when at a slashdot posting, a tawain native said that the chinese who came there STILL consider themselves chinese, not tawainese. The original guy may not have been a spy. But, he was all too happy to sell tech to them. More interestingly, he indicated that he had been in touch WITH mainland china.

        No, this is absolutely not propaganda. This is VERY real. Chinese ppl are happy to see their country coming up. And I understand that. But chinese gov is STILL in a cold war with us. They are very much spying on the west and buying tech. whenever possible. And yes, it is the west, not just America. That includes countries like Japan, Australia, Canada, France, UK, Israel, etc and even Russia. In fact, I consider your statement far more propaganda, because you have NO IDEA of what you are talking about.
        • Every nation does that. The French government in particular is known for industrial espionage to benefit French companies. Does that mean we have a cold war with France?
        • Re: (Score:3, Funny)

          by LingNoi (1066278)

          My opinion changed when at a slashdot posting, a tawain native said that the chinese who came there STILL consider themselves chinese, not tawainese.

          Are you kidding me? Your evidence is based on a slashdot post?! The biggest hive of Asperger syndrome whining twitter morons on the internet? That's your proof?!

          • by Sfing_ter (99478)

            just for clarity - was that your comment or your sig?

            Can i use if for my sig? AHAHAHAHAHAAHAAHAHHA

            That is possibly the best comment I have ever read.

          • No; the evidence was NOT based on the post. The evidence was how he acted. The post explained his actions better than I could. His actions was wanting to sell China hardware that they were prevented from having (and our prevented from taking out of this country by ITAR). The man could have made 30 million or more selling it to any other country. He was interested ONLY in one. Your's and I am guessing his country.
        • by TheLink (130905)
          "Chinese ppl are happy to see their country coming up"

          And that Taiwanese guy was also "all too happy" to sell something that costs 1 million to the Chinese Government for 30 million.

          30 million dollars. Not 2 million, not 1.5 million.

          Oh yeah, it was because of patriotism or "The Love of China" that he gave them 50% off the original price of 60 million. That must be it eh?

          Given what I know of Chinese people, it's far more likely that the Taiwanese guy was just seeing it as a great business opportunity - a cha
      • by jeko (179919)
        I sure hope so.
      • by symbolset (646467)

        While I'm well educated in the Road to War, I don't think this is it. I think this is merely a military responding to a known threat. They are being attacked by known external entities via seeded USB devices, and that attack is being amplified by ignorance on the part of the rank and file thinking these devices are innocuous or can be made so.

        Opsec has been pretty lax. If you read the USB spec, you will get that any device plugged into it can write to arbitrary memory locations. It's wide open. A devi

    • It's not available. The military has had regulations preventing the placement of confidential information on publicly accessible networks for over 20 years (which is back when I was in the Air Force). I'll leave it to the amazingly brilliant posters of /. to figure out why they might make such statements...

    • by fm6 (162816)

      Really, really sensitive information isn't available that way. I'm told that organizations like the DoD that have separate networks with no physical connection to the Internet for the "burn before reading" stuff.

      But you can't hide all your sensitive data behind that kind of security. Your organization would grind to a halt. Besides, not all data really merits that level of protection. You don't want the bad guys to have it, but it isn't the end of the world if they do.

      Security is always a tradeoff of cost (

      • by tcopeland (32225)

        > I'm told that organizations like the DoD that have
        > separate networks with no physical connection to the Internet

        Yup, it's the SIPRNET [wikipedia.org] as opposed to the NIPRNET.

        From that same Wikipedia article, it looks like the Coast Guard Academy has a SIPRNET node [uscga.edu]... kind of surprising... but the cadets might as well get used to working with classified materials. CMS officer on a ship, there's a job with court martial potential!

        • by fm6 (162816)

          According to the article you link, the Coast Guard Academy is the only service academy with a Spirenet node. I'd be very curious to know why the CG thinks their cadets need access to classified information on this level. After all, the CG is primarily a law enforcement and safety entity these days.

          • by tcopeland (32225)

            > After all, the CG is primarily a law enforcement and safety entity these days.

            Perhaps... but they still carry all the comms gear and COMSEC and whatnot so's they can do joint ops.

  • by Colin Smith (2679) on Friday November 21, 2008 @07:32PM (#25853041)

    America is sending all of it's wealth to China anyway and is happily enslaving future generations to chinese investors.

    "Supreme excellence consists in breaking the enemy's resistance without fighting." Sun Tsu. 2500 years ago so.
     

    • by vux984 (928602)

      America is sending all of it's wealth to China anyway and is happily enslaving future generations to chinese investors.

      Hee hee jokes on them. Its not going to get paid back. And at the end of the day all the stuff they sent us is worth more than all the paper we printed to get it.

      I'm only half joking. Seriously... Maybe I'm being too cynical, but I think if this debt spiral continues... when it collapses under its own wate, the US is going to undergo an internal 'revolution', declare that it has no intentio

  • It's not one way (Score:5, Insightful)

    by Caedes.Leighton (1186201) on Friday November 21, 2008 @07:38PM (#25853101)
    US hacks China, China hacks US, where is the news in that? It's like watching two kids fight and both of them saying "He started it!" when in fact, they're both annoying little bastards.
    • by moderatorrater (1095745) on Friday November 21, 2008 @07:59PM (#25853361)
      The news is that they're fighting and that the fighting's escalating. The two kids on the playground are more like Godzilla and Mothra - if they fight, there's going to be lots of explosions and buildings falling over. Plus, there's going to be some terrible dub work and the Japanese are going to somehow be involved. Also, we're going to find out about new powers that Godzilla has that he didn't have in the last movie. And then Steven Spielberg will do a remake that'll flop.

      That got out of hand fast. Anyway, just because "they're both annoying little bastards" doesn't mean you shouldn't keep an eye on them. Especially if you live in Tokyo.
  • by istartedi (132515) on Friday November 21, 2008 @07:46PM (#25853205) Journal

    One of the largest non-nuclear explosions ever came as a result of US technology that was stolen by the Russians. Except, the CIA knew it was happening and instead of stopping it they decided to plant faulty chip designs. Once the USSR knew the tech was unreliable, they were stuck with one helluva an auditing problem, beyond their capability.

    How much do you want to bet that somewhere on a "vulnerable" network, there are some designs that are just... a little... bit... off.

  • Boo! (Score:5, Insightful)

    by ISoldat53 (977164) on Friday November 21, 2008 @07:58PM (#25853343)
    Every age needs bogey man.
  • Old School Security (Score:3, Interesting)

    by Plekto (1018050) on Friday November 21, 2008 @08:19PM (#25853549)

    Perhaps this seems a bit extreme, but exactly WHY are these military computers even connected to the Internet? If it's really secret information, shouldn't they have their own network or just not put these things online?

    • Re: (Score:2, Funny)

      by Ant P. (974313)

      That is old-school security - the admins probably still think it's called ARPAnet.

  • by krou (1027572) on Friday November 21, 2008 @08:32PM (#25853721)

    Beijing's investment in rocket technology is also accelerating the militarisation of outer space

    Funny, I thought it was the US [commondreams.org] stance [eetimes.com] of space dominance [defensetech.org] that was accelerating militarisation of space.

  • Why don't we just take measures to sanction China? Oh wait, we let our economy fail to the point that China owns us. Somehow all this business-favoring government has managed to allow everything to get outsourced and allowed everyone to source everything from China.

    China's internet link needs to be severed or otherwise blocked from passing through U.S. routers. US influence should also persuade similar actions in other nations as well. This sort of behavior should not be tolerated. CUT CHINA OFF. The

  • by billsf (34378) <billsf&cuba,calyx,nl> on Friday November 21, 2008 @09:23PM (#25854151) Homepage Journal

    The pdf may be of interest to those studying relationships with China, but very little mention of any "cyber war" except part of chapter two that stresses its 'non-classified' information. The biggest hole in US computer security is Windows and how people use it. It is very common for 'users' of Windows not to set passwords, which just makes it even easier easier to penetrate the whole network. Hopefully, no Windows machine can even access classified information in the first place.

    Unix isn't perfect either and again, its the human aspect that is the biggest risk. Anyone caught using an account with access to 'sensitive' or 'classified' without an adequate password should be warned, explained what a good password is and fired if they can't comply. It would seem that there is high compliance and regular audits anywhere 'classified' information can be accessed. Chapter 2 of the pdf only mentions 'unclassified' material, never mind all 'classified' material is created from 'unclassified' resources. Truly classified data should never be accessible from The Internet in any way, in the first place. Any information placed on, or close to The Internet should be considered 'public' on a worldwide basis.

    Generally speaking, China uses the simplest, known techniques, to penetrate servers. Any admin can tell you how many dictionary attacks come from China. It is impossible to determine which ones are just 'script kiddies' or students and which are serious organized efforts. There is a very small rate of success from this method. Today it seems that these (Unix) machines are simply used to spread the simple scripts on a wider scale. Simply moving off port 22 (even to port 23) will stop 99% of the problem. Statistical programs that temporarily deny access to a certain IP address can be very effective as most scans never return, even if the access is denied for as little as five minutes. To combat the hardcore attempts where the attack returns, simply increase the 'access denied' time and ultimately blacklist the IP address and the whole net if necessary. (It is very rare it ever goes that far.)

    In conclusion: Don't put classified information in the reach of The Internet. Never use any Microsoft product to view 'classified' or 'sensitive' information unless it can be assured there will never be any Internet connections of any sort. It is highly unlikely any government secrets leak out unless that was the intention, such as a "trial balloon". At this time, this is a non-problem that can be stopped. If absolutely nothing is done, it could escalate in much the way spam did. The official report appears to draw the same conclusion, however that is buried in a pile of irrelevant and off-topic material.

    BillSF

                           

  • zeros (Score:4, Informative)

    by cpankonien (964575) on Friday November 21, 2008 @09:31PM (#25854207) Homepage
    the DoD network will continue to be vulnerable as long as they insist on using windows. lest you think i'm a peacenik or something, i was a boom operator in the USAF for 20 years. i retired in 1997, and joined the local LUG. Alot of the members were NCO sysadmins from the base, who related that "all the officers coming out of the zoo (USAF Academy) only knew windows, and policy did not allow for anything else". So, being good NCOs, they snuck linux in the back door and had it running all over the place, as proxy servers, firewalls, etc. their officers didn't know about it, but as long as nobody complained and it made them look good, they were happy. then when they found out, and had it removed. problems increased dramatically soon thereafter. fuckin' zeros...they don't listen! MSgt, USAF (Ret.)
    • Really? There are LOADS of Linux and other *nix running at McChord. Of course email and SharePoint run on exchange. But as a Boom Operator, surely you know that much of the maintenance management applications as well as ARMS (you know, the application that tracks your flying hours) runs with Oracle on Unix minis. Right. And there are many many many more non-Windows applications I can think of. But of course as I said, email and SharePoint are on Windows (obviously).
  • by victim (30647) on Friday November 21, 2008 @09:34PM (#25854239)

    The DoD takes everything personally, and for good reason, but I have a steady stream of chinese hackers attempting to break into the router in my tool shed that reports battery voltage and temperature at a cabin that is inaccessible for 6 months of the year.

    I really should put a webcam in there so they can see what they have achieved if they ever do manage to get in.

    (22.1F, batteries 25.3V, 600 watt hours of energy stored today.)

  • by dotmax (642602) on Saturday November 22, 2008 @12:12AM (#25855233)
    And you guys claim to read Schneiier?? Consider this: if the Chinese are spying on our tech, we can stick it to them rather badly by lettng them find pointless dead end projects upon which to waste their treasure. everything is an opportunity... .max
  • Mostly.
    Because most admins are home watching reruns of 'Lost'.
  • ...as soon as you realize that nobody who actually knows what's really going on is allowed to post about it on Slashdot.
  • by Ex-MislTech (557759) on Saturday November 22, 2008 @11:11AM (#25857645)

    It is not too hard to hack a network if you got
    counterfeit hardware inside the network giving
    you a backdoor in.

    http://www.infoworld.com/article/08/05/12/FBI-worried-as-DoD-sold-counterfeit-Cisco-gear_1.html [infoworld.com]

    So once they got in, they learned what they needed
    to know to stay in, and put other methods in place
    to stay in.

    They are going to have to rebuild their network one segment
    at a time from the ground up.

    They need several things with one of them being segment
    monitoring IDS system that can detect the outbound traffic.

    Something that can track all outbound traffic against
    a white-list of acceptable IPs, think a reverse peer guardian
    that tracks what IP's are reached and snds alarms if they
    are not on the list.

    In any event they will have a monumental task of clearing
    all the backdoors in the system, and should consider going
    totally to a secure hardware+software encrypted VPN that
    does not even travel over the public internet.

    There is enough dark fiber out there to do it for the classified
    material they transmit.

    Also if most of your military traffic goes over the old
    global crossing network, don't allow the public sale of
    that network to a foreign nation with an oppposing ideology.

    Namely China !

    http://www.hereinreality.com/likashing.html [hereinreality.com]

    When you do stupid things, bad things happen.

"The value of marriage is not that adults produce children, but that children produce adults." -- Peter De Vries

Working...