China Wants Cyber Crisis Hotline 58
An anonymous reader writes "China should look at establishing a cyber crisis hotline with the United States, according to a Chinese newspaper seen as a window into official thinking. Discussions about a crisis hotline might seem an obvious first step in improving relations. But if it's a sign the Chinese government is beginning to think about how to coordinate a rapid, unified response to cyber emergencies, then it is an extremely important one."
Why? (Score:4, Insightful)
Why should the US government aid the Chinese surveillance state any more than it already does? If there is hacktivism going on against China then so be it. China would do well freeing its political prisoners, such as the Nobel Prize winner Liu Xiaobo, and then it can ask for cyber help from the US.
Re: (Score:2)
Re: (Score:1)
It gives the USA the illusion of free surveillance on China. Go USA!
FTFY.
Re: (Score:3)
It gives the USA free surveillance on China. Go USA!
A window may be gazed through in both directions. This isn't about China asking for help so much as China asking to be let inside to explore and stake things out - under the pretense of coming inside to play.
Re: (Score:1)
Re:Why? (Score:5, Insightful)
I interpret it more like the cold-war Moscow/Washington "red telephone," the idea being that if bilateral conflict seems at risk of spiraling out of control, there is some mechanism to communicate and hopefully pull back from the brink of mutual harm.
Re: (Score:1)
Re: (Score:3)
Re: (Score:2)
Why? Because we are in the "We're evil and we suck" club now with them. If you haven't noticed, we are in the "bad guys" now.
Re: (Score:1)
Re: (Score:1)
I second that. To hell with mod points.
Re: (Score:1)
Outside of the troll like presentation, he has a point, China would not report its top secret cyber attacks against the states on this call line, and when they happen they'll just point back at the call line and irresponsible Americans who did not call in :)
Good Intelligence Source (Score:1)
And a hotline for when the U.S. is under cyber attack by China would be useful in assessing how successful the attack is going, and how it should be modified.
Of course, it is also possible it could be used for good.
Re: (Score:2)
and that is all they will need to send the troops / bombs in as a cyber attack is a act of war.
Re: (Score:2)
Its also a way to mitigate the US launching SLBMs at China in retaliation for cyber war.
The Chinese will try and talk down the National Command Authority.
Re: (Score:3)
And a hotline for when the U.S. is under cyber attack by China would be useful in assessing how successful the attack is going, and how it should be modified.
Of course, it is also possible it could be used for good.
Like a Hotline to Lord Voldemort for every time Harry Potter suffers one of those headaches.
"Hello, Lord Voldemore speaking. ... What do you mean you can see me in your dreams?!? And people call me sick!"
Re: (Score:3)
Of course, it is also possible it could be used for good.
Suppose someone cyber attacks the U.S. and spoofs that they are China. Good communication might help sort it out.
With all that China has done towards the US... (Score:5, Insightful)
...their government departments(including nominally private organizations like Huawei [businessweek.com]) and any company's assets within China all deserve to be compromised.
Of course, this won't sit well with the China apologists that will (inevitably) modbomb this - just that China gets too many passes than it really deserves.
Re:With all that China has done towards the US... (Score:5, Insightful)
just that China gets too many passes than it really deserves.
Depends what you mean by "deserves". It get passes because it's large, rich, and still growing. It gets them because the US is afraid of pissing it off. It's pretty much the same reason the US has received special consideration from so many other governments in the past. As far as "deserves" (a subjective judgement) can be objectively analyzed, it deserves them because it is sufficiently large and powerful to demand them - which is all that matters when it comes to international politics.
Re: (Score:1)
Re: (Score:1)
I won't disagree on that, but please take some perspective. First, why would I care about what China has done towards the US in particular? Why not consider all other countries? I'll let you count how many other countries China has invaded over the last, say,10 years, and compare it to how many other countries the US have invaded over the last 10 years, under a number of fallacious pretexts and while blatantly lying (e.g. about chemical weapons or WMD). You might also want to have a look at the US embargo o
Re: (Score:3, Insightful)
China uses human psychologic
One-way traffic (Score:2, Insightful)
Re: (Score:3)
All the calls would be coming from the US, and China would just deny them anyway. If a global cyber attack starts affecting Chinese systems, then the PRC government just has to call down to whichever department or military unit is pulling off the attack, and tell them to cool it a bit. This is like a police department setting up a system to investigate robberies by talking with the pawn shop that happens to be the local fence. Not much is going to get done,
Chinese call going to US:
"You stop talking about Wayward Province of Taiwan, now or we filter all traffic!"
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:1)
Double-Cross (Score:2)
Re:Double-Cross (Score:4, Funny)
I'm glad everyone is so skeptical of this. My first thought was, "oh, so then when they hack the crap out of us and we call to say we're having a 'cyber crisis' they can deny it directly..."
Not like identification of attack source is immediately known. After the attack and the information is pieced together what do you do?
"Hey, we were attacked by a bunch of servers in your country yesterday."
"It was not us!
Yeah, that sounds useful. News media is more effective to get our displeasure across.
CorpCo, a company fulfilling contracts to sell missile defence components to Taiwan was under cyber attack on Sunday, attacks originated from Hu Jintao's mobile phone. When asked about the attack Hu said his mobile phone had been stolen a week ago and he was just now getting around to calling the police.
Cyber Crisis Hotline? (Score:3)
"Hello. Cyber Crisis Hotline."
Hi, I need a cyber crisis pronto. More than just the usual ICMP bombing or BGP storm. Something really noticeable with physical damage.
But, I don't want to get into releasing toxic industrial chemicals or the like. That has a bad rep after Bhopal. If you could do a SCADA subversion on a high water dam and release a massive flood that'd be perfect.
"No problem, sir. We have standard rates for major seminatural disasters. That'll be 100 million in gold to our Cayman Islands bank account for a standard target. If the country has nukes or an umbrella treaty with a nuclear power, that'll be 300 million and must be disguised as an IMF loan."
Re: (Score:1)
"You need cybahcruime righ nao? Ok, we attack you long time! You wan unhappy ending? Dat extra! We have special righ nao on discoun razer purinturs. We throw in special remote exproit in PeeSeeErr rogic. Very easy upgruade! You like! We take regula fee: interecturah pruropurty, and you promise not tark abou' proriticar dishidents. Dat good, oh' you nee' soona? Good dear on purinturs! Factory overflowing!, you take deal? We righ on it!"
Re: (Score:2)
insert the usual DATS RACIST caveat, but... excellent job in transliterating the accent. spot-on.
Stop Online Piracy Act (SOPA)? (Score:1)
So the idea is... (Score:2)
Wouldn't the Chinese already know this?... oh wait... the call center would be in India.
Good idea (Score:2)
They'll set up a system to report and track hacking incidents. Until we discover that the Chinese have just given us the phone number of the local laundry.
It was the "no tickee, no washee" that gave it away.
They must have Anonymous in China also (Score:1)
Ok (Score:4, Insightful)
Is "cyberwarfare" even technically or practically POSSIBLE? Or does it depend on the side being attacked being a total moron? I've never quite gotten my head around this : if you isolate the systems that can actually do bad things in the real world from external network access, for the most part the enemy can't do shit to you. As long as you keep those power stations and water pumps and all the other useful infrastructure, both civilian and military, on air gapped internal networks, it's going to be darn hard to sabotage them from across the globe.
Not impossible, I suppose...could fake a phone call. But cold war saboteurs could do the same thing, so nothing has changed there.
Now if you start connecting all your critical systems to the internet, and you don't use firewalls or they have security flaws, and you frequently stick thumbdrives full of possible viruses into your air gapped computers...well...I suppose you get what you deserve, then.
Re: (Score:1)
Air gap means air gap. The majority of all compromised systems since the early early 2000s were behind firewalls, many of them competently configured.
An air gap alone is insufficient (Score:1)
There are many other possible vectors, consider:
Operating system and other software updates imply that the providers are as secure as you need to be
Zero day vulns that might be in pdf or some other file that has been scanned and is thought to be secure
Printers can be vectors for attacks
Disgruntled or careless workers who deliberately or accidentally compromise the air gap
Network hardware sourced from vendors or manufacturers that might have hidden backdoors in hardware/firmware/software
heard of stuxnet? Re:Ok (Score:2)
It was "darned hard", as you say, and the attackers pulled it off.
"Air gap" means far less than it used to.
With every passing year, more and more "things" are dependent upon more and more CPU power.
You don't need to own your targets & control them, just denial of service would be enough. (e.g. suppose there was an exploit that could brick every cell phone made in the last 3 years? Or take power grids offline? Or... you know, it really is a long
Facepalms (Score:2)
Most forms of "cyber" emergency can be solved by not mandating an Ethernet port on your new rocket launcher (let alone 802.11n). I.e. If you want it to be secure, don't plug it into the f*cking internet!
But in all seriousness, I hope they (and the US) do spend breathe-taking amounts of their constituents money on another pointless endeavor; why, you ask? Because then Marines and every colorful variant thereof will have to field tech support calls from people "who think their Facebook has been hacked." I ima
"Keep your friends close... (Score:1)
...and your enemies closer."
Sun-tzu. Chinese general & military strategist (~400 BC)
How the mighty have fallen... (Score:2)
Now we're doing tech support for China users?
Good (Score:2)