Follow Slashdot stories on Twitter


Forgot your password?
China Government Security The Military Your Rights Online

China's 5-Year Cyberwar Met With Western Silence 185

jfruhlinger writes "McAfee yesterday outlined what it calls Operation Shady RAT, a five-year campaign of cyberespionage launched by a national government against international organizations and private corporations. That government was almost certainly China's, so the question becomes: why are the Western nations silent about it? One fact revealed by the raids is that, predictions of cyberpunk novels nonwithstanding, private companies are still quite weak in the face of national governments — and it's those national governments that must act against such intrusions."
This discussion has been archived. No new comments can be posted.

China's 5-Year Cyberwar Met With Western Silence

Comments Filter:
  • by vajrabum ( 688509 ) on Friday August 05, 2011 @11:04AM (#36996908)
    They're like fire extinguisher salesman who rave about the dangers of fire. They sell FUD. There's I'm sure some truth to this, but let's not accept whole the idea that what's good for McAfee is good for the nation.
    • by Pieroxy ( 222434 )

      Well... Nobody knows who's behind this. The Chinese government might be our best bet, but I don't expect all western countries to shout at them over a wild suspicion.

      • The list of suspects that could pull this kind of operations is pretty small: US, Russia, China and maybe Israel and of those China and Russia are the most credible. But I don't expect anyone to make a fuss even if it was known. At that level, that's all hush-hush diplomacy.

        • Are we sure it was all done by just one organization?
          • Well, from my understanding of "Operation Shady RAT", they found out which organizations/gov'ts were targeted by taking over/siezing one of the info-collection and zombie-controlling computers. Much of the speculation that it was China is based on the fact that the hackings targeted the US, Taiwan, Vietnam, South Korea, etc...

            For all we know, it could be North Korea or the US doing it. The fact that the controlling computer indicates only those targets could be a frame in case they get caught. I wouldn't be

    • I can't speak for McAfee's research. However, I can speak with professional authority that their products have caused me more problems then they solved. Now we can talk about the pitfalls of any AV solution, but McAfee rolls out by far the biggest steaming pile of shit to grace my workstations and servers. Screw them, and screw anyone else that peddles their shit on to me.

      • by mlts ( 1038732 ) *

        It depends on their product. I've used McAfee on AIX, Linux, and Solaris for a long while, and it has been very well behaved.

        The reason I've had to put it on these platforms is not that the Solaris cluster running the Oracle transactions is going to get nailed by a virus, but to make the bean counters happy. A lot of business contracts have stipulations requiring machines to have antivirus software on them, and checking this box off can mean a successful deal or a no go.

        As for McAfee on Windows, the lates

      • 1. Locks on doors cause more problems for users than they solve, if they are not implemented well. But you need locks on some doors, or everything on the other side is gone in 60 seconds.

        2. Today it's McAfee. Tomorrow Symantec. Trend Micro. Sophos. They all are awful to someone. Why on earth do you stick with them? Oh, because there are no clearly better alternatives? Actually, I feel your pain, I used to do that also. There is no solution. This stuff is complex and will never be excellent.

    • While we're bashing, did anybody else find the itworld story horribly written? Check out this paragraph:

      The chief executive of the International Cyber Security Protection Alliance (ICSPA) - sort of a law-enforcement version of NATO charged with helping member countries track and fight online attacks - said the McAfee report makes the threat of cyberwarfare irrefutable, apparently to those few people computer-savvy enough to spell "Internet" correctly without knowing that connecting "Internet" and "security

    • So, I'm just wondering, wouldn't adverse encounters with advanced persistent threats be systemically highly classified to protect any notional countermeasures or responses? And, then, wouldn't any intentional public disclosures be, therefore, very highly sanitized, and focused to achieve some specific aim, such as policy or budget justification, perhaps even some subtle diplomatic effect? I wouldn't dream of speculating that governments are always ingenious, but, reality can be complex, and when events are
  • Big = Safe! (Score:5, Insightful)

    by TaoPhoenix ( 980487 ) <> on Friday August 05, 2011 @11:06AM (#36996928) Journal

    LulzSec / Variants copy some email addresses - GET TEH TERRORISTS!!!

    China wages a 5 year espionage capaign against multiple targets:


    • Ok, first, since when did the "we speculate that the Chinese government might have been involved" become "its almost definitely the Chinese"? Yeah, sure, it's likely China, but do we really have any evidence at this point? Hell, for all we know it could be our own governments (that'd certainly explain the silence).

      And secondly, if it is the Chinese, chances are the US government has its own program that they've been pursuing for quite some time, and calling out China for its actions would, if they call us

      • by Yvanhoe ( 564877 )
        I am still looking for any evidence that it is even likely China. Some attacks come from hosts in China, is that all we have about it ? China != Chinese government. While it is a plausible theory, I would like to see if any evidence gives it any merit.
      • I'll leave it to my tech betters to do the chops on things like Chinese ip addresses vs proxies vs Chinese Govt involvement. To get the kids from Lulzsec we called four countries worth of law officials and picked up the ... likely ... middleman.

        If the Chinese Government spent *five years* attacking targets, I think we'd notice - now reporting it is something else again, and there are Onion Layers of partially correct news here, but to play the "no evidence" card is a little thin - after McAfee put themselve

  • Honest, boss, I wasn't on it was a one-armed Chinese man with an eye-patch!

    Denial ain't just a river in Egypt, gang.

  • by imperious_rex ( 845595 ) on Friday August 05, 2011 @11:10AM (#36996972)
    Because, financially, China has the West (especially the US) by the balls and everybody knows it. "If you're unhappy about our alleged cyberespionage, then you'll be even more unhappy when we buy fewer bonds or make fewer investments in your country."
    • by TimeOut42 ( 314783 ) on Friday August 05, 2011 @11:26AM (#36997178) Homepage

      No, sheesh, the West's combine economic output drawfs China's. They are, without a doubt, large, but they are not the largest economy in the world; they have the third largest, even then they aren't close. By most standards the US or EU GDP is nearly 3 times as high as China's. If China were to move forward and start paying their workers better they would move even further back. They can only sustain their growth as it is now by repressing their population and keeping them isolated. In this age that possibility is quickly eroding.

      Quit watching the news and do some real research.

    • Or, it's just possible that we've known about this all along, and security concerns prevent us from discussing it openly.

      In this case, the security concerns might be preventing the Chinese (or whomever) from knowing just how much we know. Think of Coventry in cyberspace....

    • by Nidi62 ( 1525137 )

      Because, financially, China has the West (especially the US) by the balls and everybody knows it. "If you're unhappy about our alleged cyberespionage, then you'll be even more unhappy when we buy fewer bonds or make fewer investments in your country."

      You don't kill your cows because the people stop buying milk. If they did that, and somehow managed to make our economy collapse (or at least fall further into recession) they would land a major blow to their own economy as well. Where do you thing the burgeoning middle class in China is coming from? It is being funded by us, through our buying of Chinese manufactured goods. China does not have another market as large as the US. They are hoping to eventually have a large enough internal consumer base f

      • by gtall ( 79522 )

        Not only that, China buys U.S. Treasuries to prop up the dollar. If the dollar drops, then the U.S. cannot afford as many Chinese goods. Also, they've pegged their currency to the dollar. They then have to distort their own economy by driving down their own currency if the dollar drops and suddenly the newly minted rich Chinese have one less reason to respect a corrupt and dysfunctional political system.

      • by Jaysyn ( 203771 )

        This report is stating that some of China's growth is in fact fake. Interesting read. []

        • by swb ( 14022 )

          The way a lot of modern construction is done in the west, there's lots of reasons to not build cities no one lives in yet, but I wonder if there's any percentage in building "spare" cities like this for some undefined future use.

          The living and commercial spaces are priced high enough that the space is nearly empty, but a few people/entities are given cut-rate access to keep it minimally occupied to keep key systems working (water? power?) and maintained.

          At some point in the future (10 years? 20?) when the c

    • by Ogive17 ( 691899 )
      No they don't. What China has are a bunch of "promises" that they'll get money in the future. If China tries to bring down the US, the US will default on everything to China and really screw up both economies.
      • I agree with your premise that China would hurt itself as much as it hurts us if they try to screw with their T-bond holdings. A default would be extreme. If the Chinese wanted to "teach us a lesson" they could dump a bunch of treasuries on the market. This would cause bond prices to go down, interest rates to go up, and if they dumped enough bonds, the dollar would also drop. In order for them to really make a painful impact, they would need to sell a lot of bonds into a market that's already depressed by

    • by BZ ( 40346 )

      I think you have the tail and the dog confused here on the bond-buying issue. China buying fewer US bonds is something the US has been asking for for years. It's also known as allowing the yuan to appreciate against the dollar.

      This would be a very good thing for the US economy in general, I suspect.

    • Because, financially, China has the West (especially the US) by the balls and everybody knows it.

      How exactly do you figure that? Sure China sells a lot of merchandise in the US but that means they are exactly as dependent on the US as the US is on them. In fact if anything China is more dependent on the US because it's not like there are a lot of other markets the size of the US market. The old maxim goes that if you own the bank $1000 and can't pay, you have a problem. If you owe the bank $1 million and can't pay, the bank has a problem. Same thing applies here except the number is roughly $1 tri

  • National governments send in non-technical spokespeople from their security agencies to talk to company IT departments, giving general ominous warnings along with cryptic and non-specific hints ... essentially the same things you would see on the evening news. Then the IT people go back to their desks and see that in the elapsed hour a new batch of tickets has arrived about failed servers, a meeting invite to discss the state of an overdue project and a voicemail from a manager suggesting a better shade of
  • by wintercolby ( 1117427 ) <winter.colby@[ ] ['gma' in gap]> on Friday August 05, 2011 @11:14AM (#36997038)
    Come on now. IF the West has been secretly attacked, why would it/we launch a PUBLIC attack in retaliation. I'd be inclined to believe that there are constant "cyber attacks" in both directions. I'd say you'd be a fool not to believe that there is retaliation of some sort, after stuxnet.
    • by Nidi62 ( 1525137 ) on Friday August 05, 2011 @11:23AM (#36997146)
      Retaliation doesn't even have to be in the form of a cyber attack. You can have the embassy in Beijing send over a note saying basically "hey, we know you're doing this, you need to stop." It can take the form of a little extra military aid to Taiwan, or encouraging some companies to switch to Taiwanese suppliers for the next contract. Maybe we just have a few extra ships stop by Taiwan for liberty, or have a large exercise in the area. Maybe a few extra flights right outside Chinese territory. Remember, in the international arena, you don't always respond tit for tat, or even immediately. Retaliation can come weeks or months later, and it can be in a form dissimilar from the original injury. So, just because we aren't talking publicly, doesn't mean we aren't responding, and they don't know we are responding.
    • As long as the West thinks they have the upper hand in cyber skills, it's kind of like the cat letting the mouse run around in the kitchen: study his moves - learn from what he's showing you he can do, and why kill him? He's not really eating that much, yet. Presumably, as long as the losses are trivial, policy will continue to be to study the attacks and develop counters, rather than crying foul and threatening open retaliation.

      And, if the mice have a few of generations of children, that's hundreds of ta

    • Yeah. No offense to the Slashdot community, but a lot of the thinking and philosophies of government intelligence (i.e. NOT having things open and freely disseminated) might seem a little bit foreign. Just because we don't have 20 links posted already to what the West doing about this, doesn't mean they aren't doing something about it.
  • so if someone in the US where to hack china what will happen?
    Or is the west saying it's a free for all?

    • so if someone in the US where to hack china what will happen?

      I suppose that depends were in china they hack. Their probably not going to hack Chinese government wear there going to notice. That was harder to right than it is for you all to reed.

  • No chance. (Score:3, Insightful)

    by marto ( 110299 ) on Friday August 05, 2011 @11:18AM (#36997088)
    Nobody will start a fight with China, at least while they manufacture Apple products, how would the west cope without iPads etc?
  • Really, who would cry foul when we are doing the exact same thing? Sure, our companies may be upset, but there is little chance any Federal agencies will lend real support when we are actively pursuing intelligence and assisting with cyber-attacks. Does anyone really believe that the Israelis managed the sophisticated Stuxnet attack on the Iranian uranium enrichment centrifuges all by themselves? The cold war is not dead, it just went cyber, and the list of hostiles grew exponentially.
    • But those are the bad guys. You're supposed to root for the government that is in your location. It's very important that the people be distracted by the idea that some foreign actor may do them some harm so that they do not realize that it is in fact their own state that is not only failing to act in the interest of the majority of citizens, but openly acting against them (cutting SS and Medicare in order to solve the fabricated debt crisis, for a recent example).

    • by gtall ( 79522 )

      Yes, but without proof you are just talking out of your ass. Stop it.

  • Chinese students (Score:3, Interesting)

    by Anonymous Coward on Friday August 05, 2011 @11:30AM (#36997224)

    I used to work at a fairly large mid-western university and my experience was the Chinese government was sponsoring kids who came to the US to learn how to hack. I was responsible for network security for the engineering and CS building's network and saw many attempts at hacking by Chinese students within the network and directed outward to the Internet. No one in the university was interested in taking action against these students when incontrovertible evidence was collected and offered. Faculty were defending the hackers and administration largely supported faculty so there were no sanctions. I don't know if these students were directed to this behavior but there was certainly a culture which was pervasive among these Chinese students that you did not see among other groups of international students from places like India, Pakistan, Nepal, the Mideast, the former Soviet republics and/or eastern Europe.

  • by MarkvW ( 1037596 ) on Friday August 05, 2011 @11:36AM (#36997290)

    We have information crimes punishable by 16 years in prison. And now we're having information "wars."

    The Internet is the Wild West. If you don't like it, create a physically secure regimented network and don't let unregistered bad people onto it. Stop with the "war" rhetoric.

    Think for half a second. Who would want a cyberwar and who would benefit from one? Now ask yourself: Who would end up doing the dying when the cyberwar turned ugly?

    This is just a variant of the nonsense that the RIAA is trying to pull. People with money want to capitalize and control the internet, and violence, and the threat of violence (the killing and imprisoning kind) are the traditional means of imposing control.

    Don't buy into the bullshit. "Information war" can become just another synonym for the restriction of free speech.

    • by Nidi62 ( 1525137 )

      war: hostility or contention; conflict; contest: a war of

      I don't know, sounds like "war" pretty accurately describes what's going on right now. A war does not have to include violence or death. And the RIAA is not trying to kill you.

      • by MarkvW ( 1037596 )

        "War" is a bad word choice because it lacks precision in this context. The current situation can be escalated. What word would you use to describe that escalation?

        War is pretty much at the top of the conflict pyramid. I'd want to use a word that leaves room for the conflict to get much worse.

        Talking violently is the necessary precursor to any group acting violently. Why not avoid the rhetoric of violence?

  • OK, Western governments (and corporations) know damn well China is conducting cyber-attacks. Suppose Secretary of State Clinton goes to the Chinese and makes a formal accusation, what do they do? Deny it, of course, complain about how the West is oppressing them, threaten to do various nasty things.

    OK, suppose she brings irrefutable proof that the attacks originate from China? Well, they deny some more and complain some more, but maybe they get pinned down. Now they blame some "rogue elements", execute

  • by petes_PoV ( 912422 ) on Friday August 05, 2011 @11:44AM (#36997392)

    Let's not for a second think that this is a one-way street. If one nation is at it, you can bet that pretty much everyone else is, too (just like torture). That it's done under the radar and with no public acknowledgement just tells us that it falls under the category of black-ops, rather than ordinary warfare.

    And unlike ordinary warfare, where it's pretty obvious who's shooting at you, in cyberwar I doubt that it's possible to tell who are your friends, or even if the concept of allies actually exists. It's not about ideology it's about sticking the boot in to anyone who appears to be getting the upper hand.

    • And unlike ordinary warfare, where it's pretty obvious who's shooting at you, in cyberwar I doubt that it's possible to tell who are your friends, or even if the concept of allies actually exists. It's not about ideology it's about sticking the boot in to anyone who appears to be getting the upper hand.

      If you've read the newspaper over the last 30 years, there's no doubt our allies are definitely doing the same thing to us.
      Of our allies, Israel typically gets the most press for their repeated spying/hacking/espionage attempts and successes.

      Every year, Congress gets a report titled "Foreign Economic Collection and Industrial Espionage Reports" []
      This obviously doesn't include thefts from the government, but it'll give you an idea of what's happening.

    • Your theory presumes that they have something we'd want to steal.

  • by Empiric ( 675968 ) on Friday August 05, 2011 @11:47AM (#36997422)

    I found it rather astonishing while watching CNN a week or so back to hear them reporting that the DoD was indicating the U.S. had been subject to a large-scale hacking attack by a sovereign state, but -they weren't releasing which one it was-.

    I couldn't help thinking about this stance as it would be applied to, say, Pearl Harbor. "Yes, the United States is under attack. No, you as an American citizen and taxpayer aren't entitled to know who is attacking you, from your own defense agencies. We're prioritizing the interests of Said Foreign Power, including any right-to-know you may feel you have, ahead of our citizenry."

    This is an incredible stance to take, and the fact it was a "cyber-attack" seems be pretty irrelevant to the basic questions regarding representative government this raises. Yet, CNN doesn't even blink an eye flatly reporting this without noting any objection.

    Strange Days.

    • by 3dr ( 169908 )

      I wonder if it was Eastasia, or if those longtime friends of Eurasia betrayed us...

    • Why should that be astonishing since the media in America is essentially controlled by one or two corporations today (technically 5, but since they collude so much it really comes to to primarily GE and Murdoch or Clear Channel).
  • Without these hostile actions, we'd never harden our defenses. We'd never worry about XSS or SQL injections.

    I was shocked the first time I looked at the http logs of a "real site" It just amazed me. So now, even if I am going throw-away work on a hobby site, I am sure to guard against these attacks. And everything is better.

    Better to know the hackers are out there, rather than assume they don't exist. It makes the threat credible and real and that leads to improvements.

  • In addition to blocking unwanted open ports to the world, have just about all of China's IPs in my ipfilter, denying them access to anything but HTTP (they might want to read my blogs...right?). Also the other countries called out by [] are likewise blocked. Yeah, that's about 10K IP blocks in the filter, but it seems to run just fine, and I end up with only sporadic and apparently random (or maybe succe

  • The answer is quite simple: It's because China is a huge market, and Western companies want to be there much more than they mind being attacked.

    I can give you a perfect example of this. I have a buddy who is an engineer with a major auto manufacturer. A few years ago, he was telling me how the Chinese car companies are blatantly ripping off the designs of other companies. He even said that GM found that Cherry Motors was doing such a good job of it that their parts were identical to and interchangeable

  • Hacker call-to-arms (Score:3, Interesting)

    by w1nt3rmute ( 2165804 ) on Friday August 05, 2011 @01:17PM (#36998296)
    It sounds to me like this is an opportunity for US hackers to give the Fox News Twitter account a rest and do something for their country... I don't know about the rest of you, but at least 2/3'rds of the hack attempts we see on our servers come from IPs originating in China. It's like every restaurant has a box in the kitchen scanning for exploits. Maybe it's state-sponsored and maybe it's not, but China is a haven for hackers that seem to focus specifically on theft of classified technological and military information and intellectual property. This is a fact and it's been common knowledge long before this particular news story broke. It's also common knowledge that China influences economic and foreign policy in this country. It's been that way going back 20+ years to the days of Most-Favored Nation (MFN) status and it's worse now that China is the #1 investor in US Treasuries. I suspect that makes it pretty hard for the US Government to mount any kind of meaningful retaliation against the Chinese. But clandestine hacking groups are under no such restrictions. Maybe US-based members of hacking groups such as Anonymous and others should stop slipping porn vids onto YouTube and DDoS'ing Australia for a few months and focus on tracking and sabotaging hackers in China in retaliation. Kind of like a modern-day cyber militia defending the virtual homestead. Call it Project AybabtUS.
  • HUMPH (Score:5, Insightful)

    by McGiraf ( 196030 ) on Friday August 05, 2011 @01:28PM (#36998442)

    "private companies are still quite weak in the face of national governments" [Citation needed]

FORTRAN is the language of Powerful Computers. -- Steven Feiner