From: http://www.nytimes.com/2013/05/07/world/asia/us-accuses-chinas-military-in-cyberattacks.html?pagewanted=2&_r=1&nl=todaysheadlines&emc=edit_th_20130507&
Quote
WASHINGTON — The Obama administration on Monday explicitly accused China's military of mounting attacks on American government computer systems and defense contractors, saying one motive could be to map "military capabilities that could be exploited during a crisis."
While some recent estimates have more than 90 percent of cyberespionage in the United States originating in China, the accusations relayed in the Pentagon's annual report to Congress on Chinese military capabilities were remarkable in their directness. Until now the administration avoided directly accusing both the Chinese government and the People's Liberation Army of using cyberweapons against the United States in a deliberate, government-developed strategy to steal intellectual property and gain strategic advantage.
"In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military," the nearly 100-page report said.
The report, released Monday, described China's primary goal as stealing industrial technology, but said many intrusions also seemed aimed at obtaining insights into American policy makers' thinking. It warned that the same information-gathering could easily be used for "building a picture of U.S. network defense networks, logistics, and related military capabilities that could be exploited during a crisis."
It was unclear why the administration chose the Pentagon report to make assertions that it has long declined to make at the White House. A White House official declined to say at what level the report was cleared. A senior defense official said "this was a thoroughly coordinated report," but did not elaborate.
On Tuesday, a spokeswoman for the Chinese Ministry of Foreign Affairs, Hua Chunying, criticized the report.
''China has repeatedly said that we resolutely oppose all forms of hacker attacks,'' she said. ''We're willing to carry out an even-tempered and constructive dialogue with the U.S. on the issue of Internet security. But we are firmly opposed to any groundless accusations and speculations, since they will only damage the cooperation efforts and atmosphere between the two sides to strengthen dialogue and cooperation.''
Missing from the Pentagon report was any acknowledgment of the similar abilities being developed in the United States, where billions of dollars are spent each year on cyberdefense and constructing increasingly sophisticated cyberweapons. Recently the director of the National Security Agency, Gen. Keith Alexander, who is also commander of the military's fast-growing Cyber Command, told Congress that he was creating more than a dozen offensive cyberunits, designed to mount attacks, when necessary, at foreign computer networks.
When the United States mounted its cyberattacks on Iran's nuclear facilities early in President Obama's first term, Mr. Obama expressed concern to aides that China and other states might use the American operations to justify their own intrusions.
But the Pentagon report describes something far more sophisticated: A China that has now leapt into the first ranks of offensive cybertechnologies. It is investing in electronic warfare capabilities in an effort to blind American satellites and other space assets, and hopes to use electronic and traditional weapons systems to gradually push the United States military presence into the mid-Pacific nearly 2,000 miles from China's coast.
The report argues that China's first aircraft carrier, the Liaoning, commissioned last September, is the first of several carriers the country plans to deploy over the next 15 years. It said the carrier would not reach "operational effectiveness" for three or four years, but is already set to operate in the East and South China Seas, the site of China's territorial disputes with several neighbors, including Japan, Indonesia, the Philippines and Vietnam. The report notes a new carrier base under construction in Yuchi.
The report also detailed China's progress in developing its stealth aircraft, first tested in January 2011.
Three months ago the Obama administration would not officially confirm reports in The New York Times, based in large part on a detailed study by the computer security firm Mandiant, that identified P.L.A. Unit 61398 near Shanghai as the likely source of many of the biggest thefts of data from American companies and some government institutions.
Until Monday, the strongest critique of China came from Thomas E. Donilon, the president's national security adviser, who said in a speech at the Asia Society in March that American companies were increasingly concerned about "cyberintrusions emanating from China on an unprecedented scale," and that "the international community cannot tolerate such activity from any country." He stopped short of blaming the Chinese government for the espionage.
But government officials said the overall issue of cyberintrusions would move to the center of the United States-China relationship, and it was raised on recent trips to Beijing by Treasury Secretary Jacob J. Lew and the chairman of the Joint Chiefs of Staff, Gen. Martin E. Dempsey.
To bolster its case, the report argues that cyberweapons have become integral to Chinese military strategy. It cites two major public works of military doctrine, "Science of Strategy" and "Science of Campaigns," saying they identify "information warfare (I.W.) as integral to achieving information superiority and an effective means for countering a stronger foe." But it notes that neither document "identifies the specific criteria for employing a computer network attack against an adversary," though they "advocate developing capabilities to compete in this medium."
It is a critique the Chinese could easily level at the United States, where the Pentagon has declined to describe the conditions under which it would use offensive cyberweapons. The Iran operation was considered a covert action, run by intelligence agencies, though many techniques used to manipulate Iran's computer controllers would be common to a military program.
The Pentagon report also explicitly states that China's investments in the United States aim to bolster its own military technology. "China continues to leverage foreign investments, commercial joint ventures, academic exchanges, the experience of repatriated Chinese students and researchers, and state-sponsored industrial and technical espionage to increase the level of technologies and expertise available to support military research, development and acquisition."
But the report does not address how the Obama administration should deal with that problem in an economically interconnected world where the United States encourages those investments, and its own in China, to create jobs and deepen the relationship between the world's No. 1 and No. 2 economies. Some experts have argued that the threat from China has been exaggerated. They point out that the Chinese government — unlike, say, Iran or North Korea — has such deep investments in the United States that it cannot afford to mount a crippling cyberstrike on the country.
The report estimates that China's defense budget is $135 billion to $215 billion, a large range attributable in part to the opaqueness of Chinese budgeting. While the figure is huge in Asia, the top estimate would still be less than a third of what the United States spends every year.
Some of the report's most interesting elements examine the debate inside China over whether this is a moment for the country to bide its time, focusing on internal challenges, or to directly challenge the United States and other powers in the Pacific.
But it said that "proponents of a more active and assertive Chinese role on the world stage" — a group whose members it did not name — "have suggested that China would be better served by a firm stance in the face of U.S. or other regional pressure."
Aren't these attacks pretty much an act of war? Oh well, probably a good time to gut the Pentagon's budget in favor of transferring wealth to old folks.
Anyway, let's just write off the debt to China and call it even.
Shocking.
The US must mobilize its strategic reserve of nerds.
We need to increase funding and recruiting for America's cyber defense.
Nobody really cares.
And where do you think 90% of cyberespionage against Chinese sites originates? :hmm:
Quote from: Brazen on May 07, 2013, 10:37:44 AM
And where do you think 90% of cyberespionage against Chinese sites originates? :hmm:
Taiwan?
Quote from: Kleves on May 07, 2013, 08:51:37 AM
Aren't these attacks pretty much an act of war?
Decades of cold war precendent says no.
Quote from: Phillip V on May 07, 2013, 10:33:21 AM
We need to increase funding and recruiting for America's cyber defense.
The problem is an unwillingness to mandate industry to maintain government-grade cyberdefence.
There's a lot of money in being an "ethical hacker" these days.
Quote from: Brazen on May 07, 2013, 10:39:28 AM
The problem is an unwillingness to mandate industry to maintain government-grade cyberdefence.
Yup. That doesn't increase shareholder value.
QuoteThere's a lot of money in being an "ethical hacker" these days.
Not here in the private sector. Too many suits in Legal say it's a no-no.
Quote from: CountDeMoney on May 07, 2013, 11:08:11 AM
Quote from: Brazen on May 07, 2013, 10:39:28 AM
There's a lot of money in being an "ethical hacker" these days.
Not here in the private sector. Too many suits in Legal say it's a no-no.
Nearly every successful cyber specialist has been bought up by Big Defence anyhow.
I always ensure I squeeze, "So are you working on cyber weapons too?" into all my interviews :lol:
Quote from: Brazen on May 07, 2013, 10:39:28 AM
There's a lot of money in being an "ethical hacker" these days.
http://www.guardian.co.uk/technology/2013/mar/18/us-hacker-andrew-auernheimer-at-t
QuoteAndrew Auernheimer, the online activist convicted of federal crimes for obtaining email addresses of iPad users from AT&T's website, was sentenced to nearly three and a half years in prison on Monday
At a district court in Newark, New Jersey, Auernheimer, 27, was also ordered to pay over $73,000 in damages to AT&T and to serve three years supervised probation after his release.
In November, he was found guilty of one count of identify fraud and one of conspiracy to access a computer without authorisation.
Three years ago, Auernheimer, whose online name is "weev", found a security breach in AT&T's website, allowing him and his company, Goatse Security, to access thousands of email addresses of iPad users. He gave them to a Gawker journalist in what he said was an effort to expose the company's security flaws.
Gawker posted redacted material online, writing that the material "exposed the most exclusive email list on the planet", including the addresses of Michael Bloomberg, the New York mayor, and then-White House chief of staff Rahm Emanuel. An FBI investigation followed.
Auernheimer's prosecution, under the Computer Fraud and Abuse Act, was being closely watched by critics of the US government's harsh line on hackers.
His sentence on Monday comes after a massive outcry following the suicide of free information activist Aaron Swartz in January. Swartz's was facing multiple charges and a prosecution that his supporters said was excessive.
Last week, federal prosecutors charged Matthew Keys, the deputy social media editor for Reuters, with helping the hacker group Anonymous attack the website of his former employer.
Keys and Swartz were also charged under the Computer Fraud and Abuse Ac, which many have said is too broad. Critics of the prosecutions say they are being bought by over-zealous prosecutors using outdated and flawed statutes. One lawmaker has tabled an amendment to the CFAA called "Aaron's law" aimed at stopping such prosecutions.
A lawyer for the Electronic Frontier Foundation, a digital rights group, described Auernheimer's sentence as "excessive" and said they would support his appeal.
Hanni Fakhouri, a staff attorney with the EFF, said: "It's excessive to say the least. The prosecution was excessive because he did not hack into anything. He obtained information from a public information website. It would be like me going into the Guardian website and copying information and emailing it to someone else."
Fakhouri said the law was misinterpreted and said: "We hope on appeal to get the sentence thrown out.
"We don't believe authorised access was exceeded. By virtue of the fact that the information was publicly available and they were not breaking into anything, there wasn't anything to indicate he did not have authorised access."
In an interview with the Guardian in January, Auernheimer said: "When you publish something, you don't have the right to whine and moan and cry: 'He's breaking and entering. That's what AT&T and the federal government are claiming. It's a dishonest and seditious claim."
He said the idea that what he did amounted to a felony was "ludicrous".
In a pre-sentence memo, Auernheimer's lawyers said he should only receive six months probation because AT&T's security was to lax that no special skill was needed to collect ipad customer's email addresses. It also highlighted comments made by one AT&T investigator who said that he "circumvented no security".
US attorney Paul Fishman described Auenheimer's reasoning that he was trying to expose security flaws in AT&T's website as a "fiction." Fishman said in a statement: "Andrew Auernheimer knew he was breaking the law when he and his partner hacked into AT&T's servers and stole personal information from unsuspecting iPad users.
"When it became clear that he was in trouble, he concocted the fiction that he was trying to make the internet more secure, and that all he did was walk in through an unlocked door. The jury didn't buy it, and neither did the court in imposing sentence upon him today."
David Velazquex, the FBI acting special agent in charge of the investigation, said Auernheimer's "self-serving cyber attack" was carried out to promote his business. He said his conviction and sentence signified the "continued and growing efforts of the US attorney's office and the FBI in investigating and prosecuting computer hacking and intellectual property crimes."
Auernheimer's co-defendant, Daniel Spitler, 27, of San Francisco, California, previously pleaded guilty to the same charges and is awaiting sentencing.
Quote from: The Minsky Moment on May 07, 2013, 10:38:59 AM
Quote from: Kleves on May 07, 2013, 08:51:37 AM
Aren't these attacks pretty much an act of war?
Decades of cold war precendent says no.
Yep. Scanning, logging, bugging and stealing are not acts of war... however, if they actually *attack* a network, that would be considered an act of war. So long as they are just fooling around, it's just considered espionage as opposed to a deliberate attack.
Quote from: Malthus on May 07, 2013, 09:13:20 AM
The US must mobilize its strategic reserve of nerds.
They're trying - see CYBERCOM. Problem - most people with those skills aren't interested in being subject to the UCMJ. News at 11.
Quote from: Syt on May 07, 2013, 11:20:26 AM
Quote from: Brazen on May 07, 2013, 10:39:28 AM
There's a lot of money in being an "ethical hacker" these days.
http://www.guardian.co.uk/technology/2013/mar/18/us-hacker-andrew-auernheimer-at-t
Don't fuck with powerful people.
Quote from: garbon on May 07, 2013, 03:25:21 PM
Quote from: Syt on May 07, 2013, 11:20:26 AM
Quote from: Brazen on May 07, 2013, 10:39:28 AM
There's a lot of money in being an "ethical hacker" these days.
http://www.guardian.co.uk/technology/2013/mar/18/us-hacker-andrew-auernheimer-at-t
Don't fuck with powerful people.
That too. :menace:
Ank! What up!
Quote from: Berkut on May 07, 2013, 03:49:23 PM
Ank! What up!
Oh, popped in for a bit. I had forgotten how long it had been since I last scrawled on these walls. I hope all of you are well.
Quote from: Brazen on May 07, 2013, 10:37:44 AM
And where do you think 90% of cyberespionage against Chinese sites originates? :hmm:
Yep. Don't see the difference between espionage really and I'd expect the US are just as active.
Hello Ank :)
Quote from: Syt on May 07, 2013, 11:20:26 AM
Goatse Security
I'd hate to do SEO for this kid.
Quote from: Brazen on May 07, 2013, 10:37:44 AM
And where do you think 90% of cyberespionage against Chinese sites originates? :hmm:
I have no idea. Do you know?
Quote from: Brazen on May 07, 2013, 10:37:44 AM
And where do you think 90% of cyberespionage against Chinese sites originates? :hmm:
That must make it all OK then.
QuoteChina labels US the 'real hacking empire' after Pentagon report
By Cream of Sum Yung Gai, Reuters
BEIJING -- China on Wednesday accused the United States of sowing discord between it and its neighbors after the Pentagon said Beijing is using espionage to fuel its military modernization, branding Washington the "real hacking empire."
The latest salvo came a day after China's foreign ministry dismissed as groundless a Pentagon report that accused China for the first time of trying to break into U.S. defense computer networks.
The Pentagon also cited progress in Beijing's effort to develop advanced-technology stealth aircraft and to build an aircraft carrier fleet to project power further offshore.
The People's Liberation Army Daily called the report a "gross interference in China's internal affairs."
"Promoting the 'China military threat theory' can sow discord between China and other countries, especially its relationship with its neighboring countries, to contain China and profit from it," the newspaper said in a commentary that was carried on China's Defense Ministry website.
The United States is "trumpeting China's military threat to promote its domestic interests groups and arms dealers," the newspaper said, adding that it expects "U.S. arms manufacturers are gearing up to start counting their money."
The remarks in the newspaper underscore the escalating mistrust between China and the United States over hacking, now a top point of contention between Washington and Beijing.
A U.S. computer security company, Mandiant, said in February a secretive Chinese military unit was likely behind a series of hacking attacks that targeted the United States and stole data from more than 100 companies.
That set off a war of words between Washington and Beijing.
China has said repeatedly that it does not condone hacking and is the victim of hacking attacks -- most of which it says come from the United States.
"As we all know, the United States is the real 'hacking empire' and has an extensive espionage network," the People's Daily, a newspaper regarded as a mouthpiece of the Chinese Communist Party, said in a commentary.
"In recent years, the United States has continued to strengthen its network tools for political subversion against other countries," the article said.
"Cyber weapons are more frightening than nuclear weapons," the People's Daily said. "To establish military hegemony on the Internet by repeatedly smearing other countries is a dangerous and wrong path to take and will ultimately end up in shooting themselves in the foot."
I saw what you did. :lol:
US hackers are believed to have stolen schematics for the Type 99 Water Buffalo.
Quote from: Ed Anger on May 08, 2013, 02:17:47 PM
I saw what you did. :lol:
Just doing my part for Asian/Pacific Heritage Month.
There's a difference between probing and mapping a network and actually *stealing* proprietary information from said network.
Also, it's deeply amusing that China is playing the 'internal affairs' card again - when their network activity is geared to non-Chinese companies in China, non-Chinese public and private networks, and DoD / DoD Contractor sites.
I guess just having some female spies bang FBI counter-intel guys and stealing their laptops just isn't cutting it these days. :lmfao:
I wrote a Letter to Pentagon once.
Quote from: The Brain on May 08, 2013, 09:10:30 PM
I wrote a Letter to Pentagon once.
What did you say.
Quote from: Phillip V on May 08, 2013, 09:13:28 PM
Quote from: The Brain on May 08, 2013, 09:10:30 PM
I wrote a Letter to Pentagon once.
What did you say.
Told them about the time I got lucky with the twins next door.
I didn't know sheep could have twins.
Quote from: Kleves on May 08, 2013, 11:26:15 PM
I didn't know sheep could have twins.
He must have lived next door to Dolly. :D
Quote from: Kleves on May 08, 2013, 11:26:15 PM
I didn't know sheep could have twins.
Two is the most common litter size for sheep.
Quote from: Maximus on May 09, 2013, 02:08:41 PM
Two is the most common litter size for sheep.
(https://languish.org/forums/proxy.php?request=http%3A%2F%2Fwww.portlandmercury.com%2Fbinary%2Ff075%2F1297207367-the_more_you_know2.jpg&hash=4db19722c19e4b1490b648e022f598f8aa892413)
Quote from: Maximus on May 09, 2013, 02:08:41 PM
Quote from: Kleves on May 08, 2013, 11:26:15 PM
I didn't know sheep could have twins.
Two is the most common litter size for sheep.
No wonder Brain is always going on about the twins.
Shockingly, the Chinese are back to their old tricks:
QuoteWASHINGTON — Three months after hackers working for a cyberunit of China's People's Liberation Army went silent amid evidence that they had stolen data from scores of American companies and government agencies, they appear to have resumed their attacks using different techniques, according to computer industry security experts and American officials.
The Obama administration had bet that "naming and shaming" the groups, first in industry reports and then in the Pentagon's own detailed survey of Chinese military capabilities, might prompt China's new leadership to crack down on the military's highly organized team of hackers — or at least urge them to become more subtle.
But Unit 61398, whose well-guarded 12-story white headquarters on the edges of Shanghai became the symbol of Chinese cyberpower, is back in business, according to American officials and security companies.
It is not clear precisely who has been affected by the latest attacks. Mandiant, a private security company that helps companies and government agencies defend themselves from hackers, said the attacks had resumed but would not identify the targets, citing agreements with its clients. But it did say the victims were many of the same ones the unit had attacked before.
The hackers were behind scores of thefts of intellectual property and government documents over the past five years, according to a report by Mandiant in February that was confirmed by American officials. They have stolen product blueprints, manufacturing plans, clinical trial results, pricing documents, negotiation strategies and other proprietary information from more than 100 of Mandiant's clients, predominantly in the United States.
According to security experts, the cyberunit was responsible for a 2009 attack on the Coca-Cola Company that coincided with its failed attempt to acquire the China Huiyuan Juice Group. In 2011, it attacked RSA, a maker of data security products used by American government agencies and defense contractors, and used the information it collected from that attack to break into the computer systems of Lockheed Martin, the aerospace contractor.
More recently, security experts said, the group took aim at companies with access to the nation's power grid. Last September, it broke into the Canadian arm of Telvent, now Schneider Electric, which keeps detailed blueprints on more than half the oil and gas pipelines in North America.
Representatives of Coca-Cola and Schneider Electric did not return requests for comment on Sunday. A Lockheed Martin spokesman said the company declined to comment.
In interviews, Obama administration officials said they were not surprised by the resumption of the hacking activity. One senior official said Friday that "this is something we are going to have to come back at time and again with the Chinese leadership," who, he said, "have to be convinced there is a real cost to this kind of activity."
Mandiant said that the Chinese hackers had stopped their attacks after they were exposed in February and removed their spying tools from the organizations they had infiltrated. But over the past two months, they have gradually begun attacking the same victims from new servers and have reinserted many of the tools that enable them to seek out data without detection. They are now operating at 60 percent to 70 percent of the level they were working at before, according to a study by Mandiant requested by The New York Times.
The Times hired Mandiant to investigate an attack that originated in China on its news operations last fall. Mandiant is not currently working for The New York Times Company.
Mandiant's findings match those of Crowdstrike, another security company that has also been tracking the group. Adam Meyers, director of intelligence at Crowdstrike, said that apart from a few minor changes in tactics, it was "business as usual" for the Chinese hackers.
The subject of Chinese attacks is expected to be a central issue in an upcoming visit to China by President Obama's national security adviser, Thomas Donilon, who has said that dealing with China's actions in cyberspace is now moving to the center of the complex security and economic relationship between the two countries.
But hopes for progress on the issue are limited. When the Pentagon released its report this month officially identifying the Chinese military as the source of years of attacks, the Chinese Foreign Ministry denied the accusation, and People's Daily, which reflects the views of the Communist Party, called the United States "the real 'hacking empire,' " saying it "has continued to strengthen its network tools for political subversion against other countries." Other Chinese organizations and scholars cited American and Israeli cyberattacks on Iran's nuclear facilities as evidence of American hypocrisy.
At the White House, Caitlin Hayden, the spokeswoman for the National Security Council, said Sunday that "what we have been seeking from China is for it to investigate our concerns and to start a dialogue with us on cyberissues." She noted that China "agreed last month to start a new working group," and that the administration hoped to win "longer-term changes in China's behavior, including by working together to establish norms against the theft of trade secrets and confidential business information."
In a report to be issued Wednesday, a private task force led by Mr. Obama's former director of national intelligence, Dennis C. Blair, and his former ambassador to China, Jon M. Huntsman Jr., lays out a series of proposed executive actions and Congressional legislation intended to raise the stakes for China.
"Jawboning alone won't work," Mr. Blair said Saturday. "Something has to change China's calculus."
The exposure of Unit 61398's actions, which have long been well known to American intelligence agencies, did not accomplish that task.
One day after Mandiant and the United States government revealed the P.L.A. unit as the culprit behind hundreds of attacks on agencies and companies, the unit began a haphazard cleanup operation, Mandiant said.
Attack tools were unplugged from victims' systems. Command and control servers went silent. And of the 3,000 technical indicators Mandiant identified in its initial report, only a sliver kept operating. Some of the unit's most visible operatives, hackers with names like "DOTA," "SuperHard" and "UglyGorilla," disappeared, as cybersleuths scoured the Internet for clues to their real identities.
In the case of UglyGorilla, Web sleuths found digital evidence that linked him to a Chinese national named Wang Dong [ :lol:], who kept a blog about his experience as a P.L.A. hacker from 2006 to 2009, in which he lamented his low pay, long hours and instant ramen meals.
But in the weeks that followed, the group picked up where it had left off. From its Shanghai headquarters, the unit's hackers set up new beachheads from compromised computers all over the world, many of them small Internet service providers and mom-and-pop shops whose owners do not realize that by failing to rigorously apply software patches for known threats, they are enabling state-sponsored espionage.
"They dialed it back for a little while, though other groups that also wear uniforms didn't even bother to do that," Kevin Mandia, the chief executive of Mandiant, said in an interview on Friday. "I think you have to view this as the new normal."
The hackers now use the same malicious software they used to break into the same organizations in the past, only with minor modifications to the code.
While American officials and corporate executives say they are trying to persuade President Xi Jinping's government that a pattern of theft by the P.L.A. will damage China's growth prospects — and the willingness of companies to invest in China — their longer-term concern is that China may be trying to establish a new set of rules for Internet commerce, with more censorship and fewer penalties for the theft of intellectual property.
Eric Schmidt, the chairman of Google, said Friday that while there was evidence that inside China many citizens are using the Web to pressure the government to clean up industrial hazards or to complain about corruption, "so far there is no positive data on China's dealings with the rest of the world" on cyberissues.
Google largely pulled out of China after repeated attacks on its systems in 2009 and 2010, and now has its Chinese operations in Hong Kong. But it remains, Mr. Schmidt said, a constant target for Chinese cyberattackers.
Everybody have fun tonight, everybody Wang Dong tonight.
QuoteHow to hack a nation's infrastructure
By Mark Ward
Technology correspondent, BBC News
I'm watching a live video feed of people visiting a cafe in London.
It's a small, busy place and is doing a good trade in tea, coffee and cakes. That woman has dropped some money. A child is running around. Later, another customer thinks they have got the wrong change.
Nothing too gripping, you might think, except that the feed should be private, seen only by the cafe's managers. Somebody forgot to click a box so now anyone who knows where to look can watch.
That CCTV feed is just one of many inadvertently put online. Finding them has got much easier thanks to search engines such as Shodan that scour the web for them. It catalogues hundreds every day.
"Shodan makes it easier to perform attacks that were historically difficult due to the rarity of the systems involved," Alastair O'Neill from the Insecurety computer security research collective told the BBC. "Shodan lowers the cost of enumerating a network and looking for specific targets."
It is not just CCTV that has been inadvertently exposed to public scrutiny. Search engines are revealing public interfaces to huge numbers of domestic, business and industrial systems.
Mr O'Neill and other researchers have found public control interfaces for heating systems, geo-thermal energy plants, building control systems and manufacturing plants.
Remote work
The most worrying examples are web-facing controls for "critical infrastructure" - water treatment systems, power plants and traffic control systems.
Many industrial systems are networked because they are in remote locations
"There's a tremendous amount of stuff out there right now," said Kyle Wilhoit, a threat researcher from Trend Micro who specialises in seeking out those exposed systems and helping them improve their defences.
Mr Wilhoit said such control systems, which often go by the name of Scada (supervisory control and data acquisition), get put online for many different reasons. Often, he said, the elements of such critical systems were in far-flung places and it was much cheaper to keep an eye on them via the internet than to send an engineer out.
It's not just finding these systems that is a danger. Security experts are finding lots of holes in the software they run that, in the hands of a skilled attacker, can be exploited to grant unauthorised access.
"For attackers, the potential pay-off for compromising these systems is very high," said Mr Wilhoit.
...
Rest of item here:
http://www.bbc.co.uk/news/technology-22524274 (http://www.bbc.co.uk/news/technology-22524274)
Wow, IP-based video from off-the-shelf security products can be intercepted or impeded without proper compliance-enforced encryption standards. You'd think I used to be paid for dealing with that shit or something.
Op-Ed from Huntsman (and some admiral) and IP theft:
Quote
At a time when the U.S. economy is struggling to provide jobs, the hemorrhage of intellectual property (IP) — our most important international competitive advantage — is a national crisis. Nearly every U.S. business sector — advanced materials, electronics, pharmaceuticals and biotech, chemicals, aerospace, heavy equipment, autos, home products, software and defense systems — has experienced massive theft and illegal reproduction.
The individual stories are infuriating. In one recent instance, a foreign company counterfeited a high-tech product it had been purchasing from a U.S. manufacturer. The customer then became the U.S. company's largest competitor, devastating its sales and causing its share price to plummet 90 percent within six months.
The scale is staggering. The Commission on the Theft of American Intellectual Property, which we co-chaired, estimates that the total revenue loss to U.S. companies is comparable to the total value of U.S. exports to all of Asia. U.S. software manufacturers — a sector in which this country leads the world — lose tens of billions of dollars in revenue annually from counterfeiting just in China, where the problem is most rampant. The U.S. International Trade Commission estimated in 2011 that if IP protection in China improved substantially, U.S. businesses could add 2.1 million jobs.
We agree with Gen. Keith Alexander, the head of U.S. Cyber Command, that the ongoing theft of U.S. intellectual property is "the greatest transfer of wealth in history."
Equally as important as the current situation is the potential for future damage. Our intellectual property is what provides the new ideas that will keep the U.S. economy vital and productive over the long term. If less innovative foreign companies can reap the profits of U.S. research and development and innovation, we will lose our competitive edge and eventually experience a decrease in incentives to innovate altogether.
Our concerns go beyond economic factors. An investigation by the Senate Armed Services Committee last May found "approximately 1,800 cases of suspect counterfeit electronic parts" in U.S. military equipment and weapons systems, with as many as 1 million individual counterfeit parts now embedded in our military aircraft. Even the security-conscious Defense Department has lost the capacity to verify the integrity of its supply chains.
So far, our national response to this crisis has been weak and disjointed. Our commission was advised by some experts who said the U.S. should simply wait until lesser-developed economies mature and then find it important to protect their own intellectual property. Others counsel against antagonizing countries such as China, whose buying power is strong but where IP protection is especially poor.
Many companies simply internalize the threats of IP theft by going on the defensive; in the process, they pay ever-greater sums for improved cybersecurity precautions without any real increases in security. The Obama administration has made some progress in raising this issue with foreign governments, but more needs to be done.
For nearly a year, the nonpartisan, independent commission we co-chaired has sought to document the causes, scale and national impact of international IP theft and to recommend robust policy solutions for the administration and Congress. Our report — which will be published Wednesday at IPCommission.org — includes practical measures, both carrots and sticks, to change the cost-benefit calculus for foreign companies and their governments that illegally acquire U.S. intellectual property. The United States must make the theft of U.S. intellectual property both risky and costly for thieves.
We recommend immediately: denying products that contain stolen intellectual property access to the U.S. market; restricting use of the U.S. financial system to foreign companies that repeatedly steal intellectual property; and adding the correct, legal handling of intellectual property to the criteria for both investment in the United States under Committee for Foreign Investment in the United States (CFIUS) approval and for foreign companies that are listed on U.S. stock exchanges. All of these recommendations will require strengthening the capacity of the U.S. government in these areas.
In addition to these measures, which use the power of the U.S. market, we recommend reinforcing the capacity-building programs underway that strengthen the legal frameworks and practices for IP rights overseas. As these countries develop, their companies will want protection for their ideas. But the United States cannot afford to wait the many years this will take. We must help speed the process, and only when we make IP theft very costly for thieves can U.S. companies begin to realize a fair playing field.
Never gonna happen. The private sector just doesn't care.
I am always wary of these anecdotal stories. The Chinese legal system actually does protect patents and trade secrets. (copyright not so much :(). Companies have gotten into trouble sometimes because they haven't protected their rights properly in their contracts, or because they didn't take the proper steps in China, or because they just willingly gave up access to their IP and tech to their Chinese partner to get the contract. To be sure there are cases were companies get ripped off, but view of the world from the op-ed column does not make careful distinctions.
:bleeding:
Story: http://usnews.nbcnews.com/_news/2013/05/28/18556787-chinese-hackers-steal-us-weapons-systems-designs-report-says?lite&ocid=msnhp&pos=3 (http://usnews.nbcnews.com/_news/2013/05/28/18556787-chinese-hackers-steal-us-weapons-systems-designs-report-says?lite&ocid=msnhp&pos=3)
QuoteChinese hackers have gained access to designs of more than two dozen major U.S. weapons systems, a U.S. report said on Monday, as Australian media said Chinese hackers had stolen the blueprints for Australia's new spy headquarters.
Citing a report prepared for the Defense Department by the Defense Science Board, the Washington Post said the compromised U.S. designs included those for combat aircraft and ships, as well as missile defenses vital for Europe, Asia and the Gulf.
Among the weapons listed in the report were the advanced Patriot missile system, the Navy's Aegis ballistic missile defense systems, the F/A-18 fighter jet, the V-22 Osprey, the Black Hawk helicopter and the F-35 Joint Strike Fighter.
The report did not specify the extent or time of the cyber-thefts or indicate if they involved computer networks of the U.S. government, contractors or subcontractors.
But the espionage would give China knowledge that could be exploited in a conflict, such as the ability to knock out communications and corrupting data, the Post said. It also could speed China's development of its defense technology.
In a report to Congress this month, the Pentagon said China was using espionage to modernize its military and its hacking was a serious concern. It said the U.S. government had been the target of hacking that appeared to be "attributable directly to the Chinese government and military."
China dismissed the report as groundless.
China also dismissed as without foundation a February report by the U.S. computer security company Mandiant, which said a secretive Chinese military unit was probably behind a series of hacking attacks targeting the United States that had stolen data from 100 companies.
In Australia, a news report said hackers linked to China stole the floor plans of a A$630 million headquarters for the Australia Security Intelligence Organization, the country's domestic spy agency.
The attack through the computers of a construction contractor exposed not only building layouts, but also the location of communication and computer networks, it said.
Chinese Foreign Ministry spokesman Hong Lei, asked about the Australian report, said China disapproved of hacking.
"China pays high attention to the cyber security issue and is firmly opposed to all forms of hacker attacks," Hong said at a daily briefing.
"Since it is very difficult to find out the origin of hacker attacks, it is very difficult to find out who carried out such attacks," Hong said. "I don't know what the evidence is for media to make such kinds of reports."
Repeating China's position that every country was susceptible to cyber attacks, Hong said nations should make joint efforts towards a secure and open Internet.
Australia security analyst Des Ball told the ABC that such information about the yet to be completed spy headquarters made it vulnerable to cyber attacks.
"You can start constructing your own wiring diagrams, where the linkages are through telephone connections, through wi-fi connections, which rooms are likely to be the ones that are used for sensitive conversations, how to surreptitiously put devices into the walls of those rooms," said Ball.
The building is designed to be part of an electronic intelligence gathering network that includes the United States and Britain. Its construction has been plagued by delays and cost over-runs with some builders blaming late design changes on cyber attacks.
The ABC report said the Chinese hacking was part of a wave of cyber attacks against business and military targets in the close U.S. ally.
It said the hackers also stole confidential information from the Department of Foreign Affairs and Trade, which houses the overseas spy agency, the Australian Secret Intelligence Service, and had targeted companies, including steel-manufacturer Bluescope Steel, and military and civilian communications manufacturer Codan Ltd.
The influential Greens party said the hacking was a "security blunder of epic proportions" and called for an inquiry, but the government did not confirm the breach.
Prime Minister Julia Gillard said the reports were "inaccurate", but declined to say how.
Despite being one of Beijing's major trade partners, Australia is seen by China as the southern fulcrum of a U.S. military pivot to the Asia-Pacific. In 2011, it agreed to host thousands of U.S. Marines in near-permanent rotation.
Chinese telecommunications giant Huawei was last year barred from bidding for construction contracts on a new Australian high-speed broadband network amid fears of cyber espionage.
The Reserve Bank of Australia said in March that it had been targeted by cyber attacks, but no data had been lost or systems compromised amid reports the hackers had tried to access intelligence negotiations among a Group of 20 wealthy nations.
It's not just gold farming anymore.
Quote from: CountDeMoney on May 28, 2013, 11:08:50 AM
It's not just gold farming anymore.
Sure it is. They'll take the designs (well, maybe not the AEGIS or the F-35) and sell them to the Russians or the Iranians and make a quick buck.
In any event, nobody cares.
But wait, there's more:
QuoteThe U.S. secretly traced a massive cyberespionage operation against the 2008 presidential campaigns of Barack Obama and John McCain to hacking units backed by the People's Republic of China, prompting high level warnings to Chinese officials to stop such activities, U.S. intelligence officials tell NBC News.
The disclosure on the eve of a two-day summit between the U.S. and Chinese presidents highlights what has become a persistent source of tension between the two global powers: Beijing's aggressive, orchestrated campaign to pierce America's national security armor at any weak point – in this case the computers and laptops of top campaign aides and advisers who received high-level briefings.
The goal of the campaign intrusion, according to the officials: to export massive amounts of internal data from both campaigns—including internal position papers and private emails of key advisers in both camps.
"Based on everything I know, this was a case of political cyberespionage by the Chinese government against the two American political parties," said Dennis Blair, who served as President Obama's director of national intelligence in 2009 and 2010. "They were looking for positions on China, surprises that might be rolled out by campaigns against China."
The intrusion into the campaigns' computer networks and subsequent efforts to penetrate them were highly sophisticated and continued for months after they were first detected by the FBI in the summer of 2008, according to the officials and an Obama campaign security consultant hired to thwart them. The intrusions and some details of what was targeted have been previously reported, but not publicly attributed to government-backed Chinese hackers.
Obama publicly referred to the attacks -- in general terms -- at a May 29, 2009, White House event announcing a new cybersecurity policy. "Hackers gained access to emails and a range of campaign files, from policy position papers to travel plans," he said then.
But neither the president nor his top aides publicly spoke about the identity of the hackers, or the depth and gravity of the attack.
Officials and former campaign officials now acknowledge to NBC News that the security breach was far more serious than has been publicly known, involving the potential compromise of a large number of internal files. And, in one case, it included the apparent theft of private correspondence from McCain to the president of Taiwan.
Cyberattacks by the Chinese are expected to be at the top of the president's agenda this weekend. U.S. officials say that such intrusions – many of them traced to a unit of the People's Republic of China in Shanghai – have gotten even more brazen since the 2008 campaign.
"There's been successful exfiltration of data from government agencies (by the Chinese) up and down Pennsylvania Avenue," said Shawn Henry, who headed up the FBI's probe of the 2008 attacks as the bureau's chief of cyberinvestigations. He is now president of Crowdstrike, a computer security firm.
David Plouffe, Obama campaign manager, vividly recalls getting a phone call from Josh Bolton, then President George W. Bush's chief of staff, in the middle of August 2008 alerting him to the intrusion and that the FBI was investigating the attack. "He said we have reason to believe that your campaign system has been penetrated by a foreign entity," Plouffe said in an interview.
Within days, the campaign dispatched a computer security team from Kroll Advisory Solutions to Chicago to cleanse the campaign's infected computers — including the laptops of senior staffers.
In retrospect, the attack seems simple. It was delivered by a "phishing" email – outlining the "agenda" for an upcoming meeting — that circulated among top staffers and contained a zip file attachment with "malware," a hidden malicious virus.
But it was no ordinary virus, said Alan Brill, the senior managing director of Kroll Solutions. The malware was "as sophisticated as anything we had seen" and was part of what he called "an infection chain" that replicated itself throughout the Obama campaign's computer system. It also was designed to stay buried in the computers for months, if not years, he said.
He and his consultants were unable to determine precisely what had been compromised, but Brill says the bombardment of viruses by the attackers continued for months. "It was like a firefight," Brill said. "This was starting every day knowing that you didn't know what they were going to throw at you."
Trevor Potter, who served as general counsel to the McCain campaign, said he got a similar warning about the cyberintrusion during a briefing from U.S. law enforcement officials at campaign headquarters.. "They told us, 'You've been compromised, your computers are under the control of someone else. You need to get off network'," said Potter.
In one incident that caused concern among U.S. intelligence officials, the Chinese hackers appeared to have gotten access to private correspondence between McCain, then the GOP presidential candidate, and Ma Ying-jeou, the newly elected president of Taiwan. On July 25, 2008, McCain had signed a personal letter — drafted on campaign computers — pledging his support for the U.S. –Taiwanese relationship and Ma's efforts to modernize the country's military. A copy of the letter has been obtained by NBC News.
But before the letter had even been delivered, a top McCain foreign policy adviser got a phone call from a senior Chinese diplomat in Washington complaining about the correspondence. "He was putting me on notice that they knew this was going on," said Randall Schriver, a former State Department official who was serving as a top McCain adviser on Asian policy. "It certainly struck me as odd that they would be so well-informed."
A spokesman for the Chinese Embassy said officials were unavailable for comment because they were busy preparing for this weekend's summit between President Obama and Chinese President Xi Jinping in California. But in recent weeks, Chinese officials have denied any role in cyberattacks against the U.S. government and private enterprise. "China opposes all forms of cyberattacks," Zheng Zeguang, assistant Chinese foreign minister, said in a press briefing in Beijing last week.
When the summit does take place this weekend, hacking by the Chinese is expected to be at the top of the president's agenda.
U.S. officials say that Chinese intrusions have escalated in the years since, involving repeated attacks on U.S. government agencies, political campaigns, corporations, law firms, and defense contractors — including the theft of national security secrets and hundreds of billions of dollars in intellectual property.
A recent report from a U.S. commission chaired by former Intelligence Director Blair and former U.S. Ambassador to China Jon Huntsman Jr., estimated that the theft of intellectual property – mostly from China – was costing the U.S. $300 billion a year.
"It's stealing of information and there should be outrage," said Henry, the former FBI executive assistant director.
Previous warnings to the Chinese about cyberattacks have been brushed off. The 2008 attacks, for example, prompted U.S. intelligence officials to sternly warn the Chinese that they had "crossed the line," says one former senior U.S. official who was directly involved in the investigation.
"We told them we knew what they were up to – and that this had gone too far," said the former official. Chinese officials listened politely and denied they had anything to do with the attacks on the campaign, the former official said.
But see, they're not a threat, because they're getting all economical and slowly reforming all democratic like and stuff.
Quote from: Kleves on June 06, 2013, 08:57:42 PM
But wait, there's more:
Looks like more espionage, not sabotage.
Fortunately, Obama raised the hacking issue with Xi Jinping, so I am sure the hacking will stop. Because diplomacy. Oh, wait:
QuoteAmerica's research universities, among the most open and robust centers of information exchange in the world, are increasingly coming under cyberattack, most of it thought to be from China, with millions of hacking attempts weekly. Campuses are being forced to tighten security, constrict their culture of openness and try to determine what has been stolen.
University officials concede that some of the hacking attempts have succeeded. But they have declined to reveal specifics, other than those involving the theft of personal data like Social Security numbers. They acknowledge that they often do not learn of break-ins until much later, if ever, and that even after discovering the breaches they may not be able to tell what was taken.
Universities and their professors are awarded thousands of patents each year, some with vast potential value, in fields as disparate as prescription drugs, computer chips, fuel cells, aircraft and medical devices.
"The attacks are increasing exponentially, and so is the sophistication, and I think it's outpaced our ability to respond," said Rodney J. Petersen, who heads the cybersecurity program at Educause, a nonprofit alliance of schools and technology companies. "So everyone's investing a lot more resources in detecting this, so we learn of even more incidents we wouldn't have known about before."
Tracy B. Mitrano, the director of information technology policy at Cornell University, said that detection was "probably our greatest area of concern, that the hackers' ability to detect vulnerabilities and penetrate them without being detected has increased sharply."
Like many of her counterparts, she said that while the largest number of attacks appeared to have originated in China, hackers have become adept at bouncing their work around the world. Officials do not know whether the hackers are private or governmental. A request for comment from the Chinese Embassy in Washington was not immediately answered.
Analysts can track where communications come from — a region, a service provider, sometimes even a user's specific Internet address. But hackers often route their penetration attempts through multiple computers, even multiple countries, and the targeted organizations rarely go to the effort and expense — often fruitless — of trying to trace the origins. American government officials, security experts and university and corporate officials nonetheless say that China is clearly the leading source of efforts to steal information, but attributing individual attacks to specific people, groups or places is rare.
The increased threat of hacking has forced many universities to rethink the basic structure of their computer networks and their open style, though officials say they are resisting the temptation to create a fortress with high digital walls.
"A university environment is very different from a corporation or a government agency, because of the kind of openness and free flow of information you're trying to promote," said David J. Shaw, the chief information security officer at Purdue University. "The researchers want to collaborate with others, inside and outside the university, and to share their discoveries."
Some universities no longer allow their professors to take laptops to certain countries, and that should be a standard practice, said James A. Lewis, a senior fellow at the Center for Strategic and International Studies, a policy group in Washington. "There are some countries, including China, where the minute you connect to a network, everything will be copied, or something will be planted on your computer in hopes that you'll take that computer back home and connect to your home network, and then they're in there," he said. "Academics aren't used to thinking that way."
Bill Mellon of the University of Wisconsin said that when he set out to overhaul computer security recently, he was stunned by the sheer volume of hacking attempts.
"We get 90,000 to 100,000 attempts per day, from China alone, to penetrate our system," said Mr. Mellon, the associate dean for research policy. "There are also a lot from Russia, and recently a lot from Vietnam, but it's primarily China."
Other universities report a similar number of attacks and say the figure is doubling every few years. What worries them most is the growing sophistication of the assault.
For corporations, cyberattacks have become a major concern, as they find evidence of persistent hacking by well-organized groups around the world — often suspected of being state-sponsored — that are looking to steal information that has commercial, political or national security value. The New York Times disclosed in January that hackers with possible links to the Chinese military had penetrated its computer systems, apparently looking for the sources of material embarrassing to China's leaders.
This kind of industrial espionage has become a sticking point in United States-China relations, with the Obama administration complaining of organized cybertheft of trade secrets, and Chinese officials pointing to revelations of American spying.
Like major corporations, universities develop intellectual property that can turn into valuable products like prescription drugs or computer chips. But university systems are harder to secure, with thousands of students and staff members logging in with their own computers.
Mr. Shaw, of Purdue, said that he and many of his counterparts had accepted that the external shells of their systems must remain somewhat porous. The most sensitive data can be housed in the equivalent of smaller vaults that are harder to access and harder to move within, use data encryption, and sometimes are not even connected to the larger campus network, particularly when the work involves dangerous pathogens or research that could turn into weapons systems.
"It's sort of the opposite of the corporate structure," which is often tougher to enter but easier to navigate, said Paul Rivers, manager of system and network security at the University of California, Berkeley. "We treat the overall Berkeley network as just as hostile as the Internet outside."
Berkeley's cybersecurity budget, already in the millions of dollars, has doubled since last year, responding to what Larry Conrad, the associate vice chancellor and chief information officer, said were "millions of attempted break-ins every single week."
Mr. Shaw, who arrived at Purdue last year, said, "I've had no resistance to any increased investment in security that I've advocated so far." Mr. Mellon, at Wisconsin, said his university was spending more than $1 million to upgrade computer security in just one program, which works with infectious diseases.
Along with increased spending has come an array of policy changes, often after consultation with the F.B.I. Every research university contacted said it was in frequent contact with the bureau, which has programs specifically to advise universities on safeguarding data. The F.B.I. did not respond to requests to discuss those efforts.
Not all of the potential threats are digital. In April, a researcher from China who was working at the University of Wisconsin's medical school was arrested and charged with trying to steal a cancer-fighting compound and related data.
Last year, Mr. Mellon said, Wisconsin began telling faculty members not to take their laptops and cellphones abroad, for fear of hacking. Most universities have not gone that far, but many say they have become more vigilant about urging professors to follow federal rules that prohibit taking some kinds of sensitive data out of the country, or have imposed their own restrictions, tighter than the government's. Still others require that employees returning from abroad have their computers scrubbed by professionals.
That kind of precaution has been standard for some corporations and government agencies for a few years, but it is newer to academia.
Information officers say they have also learned the hard way that when a software publisher like Oracle or Microsoft announces that it has discovered a security vulnerability and has developed a "patch" to correct it, systems need to apply the patch right away. As soon as such a hole is disclosed, hacker groups begin designing programs to take advantage of it, hoping to release new attacks before people and organizations get around to installing the patch.
"The time between when a vulnerability is announced and when we see attempts to exploit it has become extremely small," said Mr. Conrad, of Berkeley. "It's days. Sometimes hours."