Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

China's Cyber-Militia

Posted by kdawson on Sat May 31, 2008 03:31 PM
from the less-power-to-you dept.
Security Government News Politics
D. J. Keenan notes that the cover story of the current issue of National Journal reports in depth on China's cyber-aggression against US targets in the government, military, and business. We have discussed China's actions on numerous occasions over the years. The news in this report is the suggestion that Chinese cyber-attackers may have been involved in major power outages in the US. "Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of US companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to US government officials and computer-security experts..."
+ -
story

Related Stories

[+] Chinese "Cyber-Attack" US Department of Commerce 161 comments
Kranfer writes "The register has an article about how the Chinese have recently launched an attack against the US Department of Commerce. From the article: '...attacks originating from computer crackers largely located in China's Guangdong province are aimed at extracting sensitive information from targets such as the Commerce Department's technology export office. Security consultants and US government officials reckon the assaults have at least the tacit support of the Chinese government...' This is not the first time Chinese hackers have attempted to gain access to US Government systems."
[+] Politics: Chinese Hack Attacks on DoD Networks Coordinated 295 comments
An anonymous reader writes " The Naval Network Warfare Command says that Chinese hackers are relentlessly targeting Defense Department networks with cyber attacks. The 'volume, proficiency and sophistication' of the attacks supports the theory that the attacks are government supported. The motives of the attacks emanating from China include technology theft, intelligence gathering, exfiltration, research on DOD operations and the creation of dormant presences in DOD network for future action. Onlookers warn that current US defenses against these attacks are 'dysfunctional', and that more aggressive measures should be taken to ensure government network safety."
[+] Technology: China Taking on U.S. in Cyber Arms Race 262 comments
Pabugs writes with a CNN story about an uncomfortable development in world politics and information technology. According to General Robert Elder, an Air Force military man setting up a 'cyber command' in Louisiana's Barksdale Air Force Base, the nation of China is already in the process of developing their own 'cyber warfare' techniques. While Elder described the bulk of China's operations as focusing on espionage, they and others around the world have more serious goals in mind. "The Defense Department said in its annual report on China's military power last month that China regarded computer network operations -- attacks, defense and exploitation -- as critical to achieving "electromagnetic dominance" early in a conflict. China's People's Liberation Army has established information warfare units to develop viruses to attack enemy computer systems and networks, the Pentagon said. China also was investing in electronic countermeasures and defenses against electronic attack, including infrared decoys, angle reflectors and false-target generators, it said."
Firehose:China's Cyber-Militia by D. J. Keenan (524557)
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

China's Cyber-Militia 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Microsoft? Windows? (Score:3, Insightful)

    by westbake (1275576) on Saturday May 31 2008, @03:33PM (#23611779) Homepage

    "A computer virus" is as close as this article came to the reason power companies are so wide open to any aggressor.

  • Huh!? (Score:5, Insightful)

    by fluch (126140) on Saturday May 31 2008, @03:42PM (#23611855) Homepage
    Are vital parts of power plants connected to The Internet? Why?

    • Re:Huh!? (Score:5, Insightful)

      by ChowRiit (939581) on Saturday May 31 2008, @03:47PM (#23611885)
      You beat me to it - hell, my old SCHOOL didn't have their servers that contained student records connected to the internet, and this was back 5+ years ago when people were less well educated on these things.

      That ANY major infrastructure would be connected to the internet is shocking, and I'd really like to believe that people aren't that stupid...

      • Re:of course (Score:5, Insightful)

        by fluch (126140) on Saturday May 31 2008, @03:53PM (#23611941) Homepage
        The computers which control the plant should be physically separated from the computers which are needed/wanted for connection with the internet. Otherwise you are begging for disasters.

        • The computers which control the plant should be physically separated from the computers which are needed/wanted for connection with the internet. Otherwise you are begging for disasters.

          It's more like the trees which grow next to the powerlines should be kept trimmed.
          Otherwise you are begging for disasters.

          Did Hackers Cause the 2003 Northeast Blackout? Umm, No
          http://blog.wired.com/27bstroke6/2008/05/did-hackers-cau.html [wired.com]

          So China would have to have planted the race condition in a [General Electric] product used around the world, then, using the most devious malware ever devised, arranged for trees to grow up into exactly the right power lines at precisely the right time to trigger the cascade.

      • Re: (Score:3, Insightful)

        by Stradivarius (7490)
        What's the alternative to COTS? Custom-building every piece of hardware and writing every piece of code from the firmware, to the operating system, and applications in-house?

        There's a lot of reason to believe that doing so would result in less secure software. The software would have less people trying to break it, thus less opportunity to find and fix the inevitable bugs. There's something to be said for the trial-by-fire that is a public release of software. And in many cases it probably wouldn't get the

  • I hope this guy isn't getting paid (Score:5, Funny)

    by ShieldW0lf (601553) on Saturday May 31 2008, @03:44PM (#23611865) Journal
    Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of U.S. companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts.

    Wow, has professional writing ever gone downhill. Ever heard of a period?

  • Some quotes from the article (Score:5, Interesting)

    by D. J. Keenan (524557) on Saturday May 31 2008, @03:45PM (#23611875) Homepage
    [I am the submitter.]
    It is a long article, but worth reading. The suspicion of Chinese involvement in two major U.S. power outages is extremely worrying. Following are quotes on related aspects.

    The Central Intelligence Agency's chief cyber-security officer, Tom Donahue, said that hackers had breached the computer systems of utility companies outside the United States and that they had even demanded ransom.

    ... many of the systems that [U.S.] utility operators use were designed by others. Intelligence officials now worry that software developed overseas poses another layer of risk because malicious codes or backdoors can be embedded in the software at its creation. U.S. officials have singled out software manufacturers in emerging markets such as, not surprisingly, China.

    "Numerous computer networks around the world, including those owned by the U.S. government, were subject to intrusions [in 2007] that appear to have originated within" the People's Republic of China. ... the [Chinese] Army is "building capabilities for information warfare" for possible use in "pre-emptive attacks."

    • Re: (Score:3, Informative)

      by ColdWetDog (752185) *
      How about another view [wired.com] on this.

      If you don't want to go there, the short version is that the data for hacking into the power systems is pretty darn weak.

      Since we can't beat up Iran anymore, we have to have somebody to hate.

  • Just wait (Score:5, Funny)

    by LM741N (258038) on Saturday May 31 2008, @03:48PM (#23611903)
    From now on every instance of government stupidity and incompetence will be blamed on Chinese Hackers. Well, maybe the 13 year old hacker in his parent's basement is finally safe.

  • "hacked by chinese" (Score:4, Funny)

    by bsDaemon (87307) on Saturday May 31 2008, @03:51PM (#23611923) Homepage
    It would be sweet revenge if they suddenly started seeing their government websites reporting "hacked by Tibet"

  • What kind of un-patched Windows crap... (Score:4, Insightful)

    by istartedi (132515) on Saturday May 31 2008, @04:05PM (#23612059) Journal

    What kind of un-patched Windows crap is running the power grid?

    Of course the attackers are guilty; but that doesn't excuse foolish security practices. Nevermind bad security on the end-point, or in the software. It seems like the power company, with all its rights-of-way, shouldn't even have to route over the public network. Routing over a private network would provide physical security. Breaking into that requires putting your actual body at the point of attack. Since the power company came before the Internet, I would have thought they had a private network of some kind in place already, or close cooperation with telcos. I guess not.

  • Did Red China really hire the hackers? (Score:4, Insightful)

    by justinlee37 (993373) on Saturday May 31 2008, @04:14PM (#23612115)

    Computer hackers in China, including those working on behalf of the Chinese government and military

    Can they prove that? This sounds like regular old corporate espionage -- nothing unusual or even foreign there. Is xenophobia starting to take hold, or are those statements substantiated? No time to RTFA.

  • What really happened .. (Score:3, Informative)

    by rs232 (849320) on Saturday May 31 2008, @04:55PM (#23612371)
    "a leading trade group, said that U.S. intelligence officials have told him that the PLA in 2003 gained access to a network that controlled electric power systems serving the northeastern United States"

    No, what really happened was the grid was overloaded and the SQL virus was playing havoc with connectivity, then a tree fell over and tripped out a line, which spread in a domino effect all the way to Canada. A similar virus tripped out the control system in a Nuclear power plant.

    http://www.nationaljournal.com/njmagazine/cs_20080531_6948.php [nationaljournal.com]

    "During the hour before the Aug. 14 blackout, engineers in the control center of an Ohio utility struggled to figure out why transmission lines were failing and complained that a computer failure was making it difficult to determine what was going on, transcripts of telephone communications released Wednesday show"

    http://www.wired.com/science/discoveries/news/2003/09/60285 [wired.com]

    "Software failure cited in August blackout investigation .. A malfunctioning alarm system may have played a big role in the outage Dan Verton Nov 20 2003"

    http://www.nrc.gov/reading-rm/doc-collections/gen-comm/info-notices/2003/in200314.pdf [nrc.gov]

    http://www.computerworld.com/securitytopics/security/recovery/story/0,10801,87400,00.html [computerworld.com]

  • Thank you China (Score:4, Insightful)

    by CopaceticOpus (965603) on Saturday May 31 2008, @06:49PM (#23613071)
    This is fantastic news, and I can't thank China enough for these attacks. The fact is, vulnerabilities in our systems exist whether they are under attack or not. These attacks should serve as a wake up call and lead to security being taken much more seriously. Can you imagine if these weaknesses were left open and were exploited by terrorists, or by some country we find ourselves at war with in the future?

  • Scaremongering (Score:5, Insightful)

    by jandersen (462034) on Sunday June 01 2008, @03:24AM (#23615273)
    The submitter writes as if these things were solid facts written in stone, whereas the fact is that nobody really knows. Sadly, building on what "intelligence" comes out of CIA just isn't feasible, as the arguments for the war in Iraq amply demonstrate. SO, the power outages "may have been caused by hackers" or something; or they may have been caused by something else. We rely heavily on advanced technology, which is a bit like balancing on a knifes edge - it is bound to go wrong from time to time, sometimes massively so, especially when stiff competition makes funding for maintenance less abundant.

    Apart from that, it isn't exactly difficult to break in to this kind of system - in the past we have seen hackers walk all over the place where they aren't supposed to have been. If script kiddies can do it, is isn't surprising if higly trained miltary personnel can do it too.

    But I sincerely doubt that they would leave lots of traces and clues lying around for the more paranoid factions on slashdot to play with. Script-kiddies, yes, but if you are professional, whether criminal or some foreign government, you don't just blunder stupidly in and trigger alarms, or leave your droppings all over the place.

    I can see how this kind of nonsense is politically useful. Hasn't the American public caught on to this yet?

    • Re: (Score:3, Insightful)

      by jeiler (1106393)
      The US not only hacks into governments that don't "align with our interest," but in all probability with governments that do. Remember, we've had folks kicked out of Israel (and, IIRC, England) for espionage within the last two decades--and these are two of our staunchest allies.

    • When will we retailate? As soon as... (Score:5, Insightful)

      by AmazingRuss (555076) on Saturday May 31 2008, @04:32PM (#23612215)
      ...China gets rid of their nuclear weapons.

      Till then, they get to do as they please, same as any nuclear-armed country.

    • Re:wake up people (Score:4, Insightful)

      by Jah-Wren Ryel (80510) on Saturday May 31 2008, @05:36PM (#23612603)

      When are we going to consider it an act of war and bomb them back to the stone age
      Congratulations. You are doing exactly what the publishers of the article wanted you to do - go apeshit over innuendo. The article had zero proof, but lots and lots of speculation about China causing power outages. You know what speculation is, right? Its just bullshit they want to trick you into believing without actually outright lying.

      • Re:Washington is full of pussies (Score:4, Insightful)

        by meringuoid (568297) on Sunday June 01 2008, @04:41AM (#23615529)
        Neither government is stupid enough to ever fight each other. In today's modern global economy, the entire world's economy would go to shit if the US and China went to war.

        Funnily enough, that's what everyone in Europe was saying in 1913.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.