Forgot your password?
typodupeerror
Security Government News Politics

China's Cyber-Militia 196

Posted by kdawson
from the less-power-to-you dept.
D. J. Keenan notes that the cover story of the current issue of National Journal reports in depth on China's cyber-aggression against US targets in the government, military, and business. We have discussed China's actions on numerous occasions over the years. The news in this report is the suggestion that Chinese cyber-attackers may have been involved in major power outages in the US. "Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of US companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to US government officials and computer-security experts..."
This discussion has been archived. No new comments can be posted.

China's Cyber-Militia

Comments Filter:
  • by westbake (1275576) on Saturday May 31, 2008 @02:33PM (#23611779) Homepage

    "A computer virus" is as close as this article came to the reason power companies are so wide open to any aggressor.

  • Now I know the truth- it was the Chinese cyber-militia!
  • Huh!? (Score:5, Insightful)

    by fluch (126140) on Saturday May 31, 2008 @02:42PM (#23611855)
    Are vital parts of power plants connected to The Internet? Why?
    • Re:Huh!? (Score:5, Insightful)

      by ChowRiit (939581) on Saturday May 31, 2008 @02:47PM (#23611885)
      You beat me to it - hell, my old SCHOOL didn't have their servers that contained student records connected to the internet, and this was back 5+ years ago when people were less well educated on these things.

      That ANY major infrastructure would be connected to the internet is shocking, and I'd really like to believe that people aren't that stupid...
      • by maxume (22995)
        I'm sure they've got those servers online by now. People have learned a lot about how to monetize the value providers in the last 5 years.

        Snarking a bit more, Google has a HUGE amount of infrastructure connected to the internet. It's almost as if their business depends on it. That isn't the kind of infrastructure you are talking about, but it is still a mildly amusing counterpoint.
        • by solitas (916005)
          My doctor has to send all his stuff to Medicare either by mail or fax or a phone modem direct to their number, using their app on his winbox (I've had to set it up for him every time he's gotten a new machine). THEY still don't connect directly to the internet...

          You should be able to verify this with your doctor.

          Hospitals and agencies may try to jazz the system, but Medicare doesn't have to suffer electronic break-ins.

      • by Niten (201835)

        To be fair, your school probably didn't have to worry about remote management or distributed load-balancing issues, problems which are well suited to control systems operating over a computer network. Proactive security would dictate that this should all be conducted over a private, dedicated line; cost effectiveness says that it should be done over the Internet. Guess which imperative is more likely to win the hearts and minds of shareholders?

        I agree, they should know better. I'd bet most of them do k

    • by r00t (33219)
      People need to communicate. There is no place to
      draw a line, cutting off more-vital parts from the
      less-vital parts.

      There mechanical protection systems, so you won't
      be making meltdowns over the net.

      • Re:of course (Score:5, Insightful)

        by fluch (126140) on Saturday May 31, 2008 @02:53PM (#23611941)
        The computers which control the plant should be physically separated from the computers which are needed/wanted for connection with the internet. Otherwise you are begging for disasters.
        • Re: (Score:3, Funny)

          by TubeSteak (669689)

          The computers which control the plant should be physically separated from the computers which are needed/wanted for connection with the internet. Otherwise you are begging for disasters.

          It's more like the trees which grow next to the powerlines should be kept trimmed.
          Otherwise you are begging for disasters.

          Did Hackers Cause the 2003 Northeast Blackout? Umm, No
          http://blog.wired.com/27bstroke6/2008/05/did-hackers-cau.html [wired.com]

          So China would have to have planted the race condition in a [General Electric] product used around the world, then, using the most devious malware ever devised, arranged for trees to grow up into exactly the right power lines at precisely the right time to trigger the cascade.

      • by ChowRiit (939581)
        I'm not entirely sure what you're saying, your grammar is appalling, but I think you're trying to say the need for communication means all systems should be networked.

        Why does communication need to be on the same network as the critical systems? Surely critical systems should be kept off ANY system connected to the internet. Hell, even communications should probably be done over a private network/system that isn't integrated with the main internet...
      • Actually, it's quite easy to draw lines.
        Things line Demilitarized network zones, staging servers and protocol filters can do an excellent job of deciding what information goes in what direction.
        Actually bothering to design and implement them is, unfortunately, beyond the interest (and knowledge) of your average factory operator.
        (Yes, I have worked for one)

        They will happily say:
        80% of MD's in the US use a MS SBS server.
        I say:
        80% of MD's in the US don't know the difference between a modem, a router and a fire
    • by rfreedman (987798)
      Yeah, but what I find equally amazing is that the U.S. military commonly uses MS Windows and both commercial and Open Source software. Just google 'U.S. Military COTS Software' - COTS means 'Common Off The Shelf' - yeah, the gub'ment has an acronym for everything :-)
      • Re: (Score:3, Insightful)

        by Stradivarius (7490)
        What's the alternative to COTS? Custom-building every piece of hardware and writing every piece of code from the firmware, to the operating system, and applications in-house?

        There's a lot of reason to believe that doing so would result in less secure software. The software would have less people trying to break it, thus less opportunity to find and fix the inevitable bugs. There's something to be said for the trial-by-fire that is a public release of software. And in many cases it probably wouldn't get the
      • I wanted to have Firefox installed and use it instead of Internet Explorer 6 (yes, 6), but it is against regulations to have it installed these days.

        Clearly military security is reactive, as opposed to proactive -- sad, but true.
      • Re: (Score:3, Informative)

        by _xeno_ (155264)

        I've always heard it as "Commercial Off The Shelf" - and Google seems to agree with me. (Yes, even Linux use would generally be commercial, because it usually comes with support contracts from someone.)

        But anyway, part of the reason for using COTS products in general is that people bitch about "government waste" and things like "$500 hammers" - so in response, the government and the DOD started a mandate to use more COTS products.

        The idea is to save money by not reinventing the wheel where it isn't need

    • by grizdog (1224414)
      The article was so vague that it may not be that vital power systems are on the internet - I hope we get some comments from people who know about such things, especially people who work in power company IT departments.

      I remember years ago I was consultant for the NSA, and on one occasion I entered a computer room at the Friendship Annex ("why is that red light flashing?" "Because you're in here"). I saw the low security machine that I would use to communicate with my contracting officers, and right next

    • by blhack (921171)
      They aren't.

      However, the computers that hook into the SCADA systems are.

      Although, I would love to see the manual for operating a power plant start like ths:

      "Open a web browser (internet explorer is recommended(read:required due to some fucking activex crap on the page)) and navigate to http://10.8.0.15441/ [8.0.15441] you will be promted to log in. The default password is "Admin" with no username. Please change this as soon as possible".
  • by ShieldW0lf (601553) on Saturday May 31, 2008 @02:44PM (#23611865) Journal
    Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of U.S. companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts.

    Wow, has professional writing ever gone downhill. Ever heard of a period?
  • by D. J. Keenan (524557) on Saturday May 31, 2008 @02:45PM (#23611875) Homepage
    [I am the submitter.]
    It is a long article, but worth reading. The suspicion of Chinese involvement in two major U.S. power outages is extremely worrying. Following are quotes on related aspects.

    The Central Intelligence Agency's chief cyber-security officer, Tom Donahue, said that hackers had breached the computer systems of utility companies outside the United States and that they had even demanded ransom.

    ... many of the systems that [U.S.] utility operators use were designed by others. Intelligence officials now worry that software developed overseas poses another layer of risk because malicious codes or backdoors can be embedded in the software at its creation. U.S. officials have singled out software manufacturers in emerging markets such as, not surprisingly, China.

    "Numerous computer networks around the world, including those owned by the U.S. government, were subject to intrusions [in 2007] that appear to have originated within" the People's Republic of China. ... the [Chinese] Army is "building capabilities for information warfare" for possible use in "pre-emptive attacks."
    • Re: (Score:3, Informative)

      by ColdWetDog (752185) *
      How about another view [wired.com] on this.

      If you don't want to go there, the short version is that the data for hacking into the power systems is pretty darn weak.

      Since we can't beat up Iran anymore, we have to have somebody to hate.

    • Re: (Score:3, Interesting)

      by Herschel Cohen (568)
      I have a theory, since it is obvious we will never win the "War Against Terror" we need an alternative to keep ourselves busy and afraid with another big, bad enemy of the scale of the Soviet Union. Then we all give up our rights without a grumble. Happy Days are here again, as we fight another Cold War (we understand those) or is it WWIV (ok, make it six).

      The content is too breathless. The words fed us smell like the b.s. we had before on lesser security issues. This all makes me dubious. I find it har
  • China isn't the only country hacking US interests so whats the big deal here? I'm pretty sure we have just as many hackers hacking into not only Chinese systems, but probably every country out there that doesn't align with our interests.

    This just seems like more propaganda.
    • Re: (Score:3, Insightful)

      by jeiler (1106393)
      The US not only hacks into governments that don't "align with our interest," but in all probability with governments that do. Remember, we've had folks kicked out of Israel (and, IIRC, England) for espionage within the last two decades--and these are two of our staunchest allies.
      • by bsDaemon (87307)
        Yes, and Israel constantly spies on the US as well. Just because someone is your "ally" doesn't mean that they always will be, and I suspect that all countries keep tabs on as many others as they possibly can.

        In the generic sense, there is "nothing wrong with" this, but whatever can get people to realize that outsourcing and free trade, especially with commies like China is bad for us, then I'm cool with attention being brought.

        It's only an issue if they start making stuff up. I'm not cool with being lied
        • by jeiler (1106393)
          Espionage (even mutual espionage) has nothing to do with free trade, outsourcing, or socio-political philosophies. We spy on our trading partners, and we spy on countries we've never sent a single dollar or job to--the only difference, actually, is that it is easier to spy on nations that you have an established economic presence in.
          • by bsDaemon (87307)
            They have to do with each other in that anything that makes the public leery of the Chinese is going to increase pressure to divest from them.
    • China isn't the only country hacking US interests so whats the big deal here? I'm pretty sure we have just as many hackers hacking into not only Chinese systems, but probably every country out there that doesn't align with our interests.

      Yes, but China is known to A) do more hacking than other nations (perhaps because it has more people in general) and B) to do better hacking/cyber crimes than a lot of other nations. Most other nations (example: Nigeria) have people who commit cybercrimes and fraud, but th

  • Why must either the chinese government or the organization involved continuously act so amorally in the pursuit of profit (monetary or otherwise) despite the terrible impact it has on others and ignore any 'outsiders' outcry against their actions.

    oh...wait...familiar that.....sounds like a good chunk of humanity.

    Not saying its not wrong, just putting a perspective stick in the spokes.
    • by mi (197448)

      Why must either the Chinese government or the organization involved continuously act so amorally in the pursuit of profit (monetary or otherwise) despite the terrible impact it has on others and ignore any 'outsiders' outcry against their actions.

      This is not the worst thing done in preparation for a (possible) war.

  • Just wait (Score:5, Funny)

    by LM741N (258038) on Saturday May 31, 2008 @02:48PM (#23611903)
    From now on every instance of government stupidity and incompetence will be blamed on Chinese Hackers. Well, maybe the 13 year old hacker in his parent's basement is finally safe.
  • by bsDaemon (87307) on Saturday May 31, 2008 @02:51PM (#23611923)
    It would be sweet revenge if they suddenly started seeing their government websites reporting "hacked by Tibet"
  • We are at war... (Score:2, Insightful)

    by Anonymous Coward
    When will we finally admit that the Chinese government declared war on us some 20 years ago? Now we are seeing the fruits of the action. Our infrastructure is more vulnerable to the Chinese than to Al Queda, they have been stealing key nuclear and missile technologies, we can't make portions of OUR key IT infrastructure, without Chinese products...the list goes on.

    If you go to any US port, you will find that almost every single shipping container in almost every US port is loaded and moved with a container
  • by istartedi (132515) on Saturday May 31, 2008 @03:05PM (#23612059) Journal

    What kind of un-patched Windows crap is running the power grid?

    Of course the attackers are guilty; but that doesn't excuse foolish security practices. Nevermind bad security on the end-point, or in the software. It seems like the power company, with all its rights-of-way, shouldn't even have to route over the public network. Routing over a private network would provide physical security. Breaking into that requires putting your actual body at the point of attack. Since the power company came before the Internet, I would have thought they had a private network of some kind in place already, or close cooperation with telcos. I guess not.

    • What kind of un-patched Windows crap is running the power grid?
      Windows is the only hackable OS / network? You're making an assumption that might not be true.
      • by istartedi (132515)

        With a name like "Frosty Piss" you should have no trouble recognizing a good Karma-whoring when you see it.

    • by Detritus (11846)
      It's a question of money. How many corporations still operate private networks? Not many. It's so much cheaper to piggyback on the Internet.

      If you are operating a system under configuration control, you can't just apply patches to Windows without a process to test and approve them. Testing can be very expensive, and third-party software vendors may only provide support for their software in configurations that have been tested in their own lab.

    • by joe 155 (937621)
      I agree completely, whilst china may be backing some already good hackers who will be even better with more powerful resources there is no excuse for this happening at all. That is to say the actual blame should lie primarily with the electricity companies. They could have prevented this, they should have, and it was entirely predictable that someone would want to take the power grid offline; terrorists, bored hackers, foreign governments, etc. Companies who have had their servers hacked probably deserve a
  • Or.... (Score:2, Insightful)

    by thermian (1267986)
    China is just doing exactly what the US, Russia, England, and every other nation is doing, and has done for hundreds of years, which is stealing each others secrets...

    And the recent power outages are due to badly maintained and or out of date hardware thats not very fault tolerant.

    I might have my cynical head on though.
    • I can't imagine england is morally capable of this kind of thing, though you may wish to single out France here.
      • Re: (Score:3, Insightful)

        by thermian (1267986)
        I can't imagine england is morally capable of this kind of thing

        You may find it instructive to research how England got its first tea plants from China. That is possibly one of the finest feats of industrial espionage in history.

        Also, check out the antics of the East India company, and ponder what happened to all that money and power, think it evaporated away and england is all cuddles and sweetness now?

         
  • by justinlee37 (993373) on Saturday May 31, 2008 @03:14PM (#23612115)

    Computer hackers in China, including those working on behalf of the Chinese government and military

    Can they prove that? This sounds like regular old corporate espionage -- nothing unusual or even foreign there. Is xenophobia starting to take hold, or are those statements substantiated? No time to RTFA.

    • Leaving the question of whether or not they can prove that on the table (I don't know if they can either, and those who do know probably aren't going to talk about that publicly), I'll go to the corporate espionage angle.

      I don't know if you're familiar with how business works in a communist country, or have ever lived in one to see it up close, but I worked for a foreign-owned consulting company in a communist country in East Asia, and a great deal of the companies there are government corporations, in whol
      • In short, to say it's regular old corporate espionage when you're talking about a communist country is pretty much the same as saying "those working on behalf of the government and military" because most of the corporations are in fact owned by the government or military.

        Wow, that is an excellent point. Those damn commies.

      • Just to touch on the power outage issue, that's not the sort of thing corporate spies do.

        You must have forgotten about Enron already. Granted, they had some unique motivations (energy in cali was deregulated so they could turn off the power to create artificial price spikes), but I could probably stretch my imagination and name a few foreign companies that would benefit from power shortages in the U.S. ... like Japanese automobile manufacturers!

    • Re: (Score:1, Insightful)

      by Anonymous Coward
      It's xenophobia.

      If China continues to grow at its current rate - economically, technology, and in terms of its military abilities (militarily? is that a word?), it'll eat the USA and Europe for breakfast in a generation or two at most.

      Brace yourself for a US-led war against China in the mid-term future. This is really just the foundations - the FUD that is supposed to ingrain the "evil Chinese are our enemies" thinking in the general population.
    • Is xenophobia starting to take hold...?
      You must be new here.
  • at least the US governement learned from Billy or is that the Caine example is till around! or the Vietnamese Canon boat attack on US ships or the WTC attack 911 so the next to blame is not terrorists but China who is the next scapegoat - framed or not! who trusts the US??
  • What are we going to do to China? Sanctions? Trade Tariffs? Probably just a "stern speech"

    Even if it is Chinese Government sponsored hackers, the american people still want their cheap goods.
    Just like most americans we care more about the price of gas, than what type of government is in Iraq.
    We want fresh fruit picked by illegal immigrants who have no healthcare.
    We want cheap power, but as long as the nuclear power plant is built in someone elses backyard.

  • "gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts [shaneharris.net] in Florida and the Northeast"

    Solution is, don't put your SCADA units on the Internet. And even if this were true the more likely explanation is that they didn't have enough spare capacity.
  • by rs232 (849320) on Saturday May 31, 2008 @03:55PM (#23612371)
    "a leading trade group, said that U.S. intelligence officials have told him that the PLA in 2003 gained access to a network that controlled electric power systems serving the northeastern United States"

    No, what really happened was the grid was overloaded and the SQL virus was playing havoc with connectivity, then a tree fell over and tripped out a line, which spread in a domino effect all the way to Canada. A similar virus tripped out the control system in a Nuclear power plant.

    http://www.nationaljournal.com/njmagazine/cs_20080531_6948.php [nationaljournal.com]

    "During the hour before the Aug. 14 blackout, engineers in the control center of an Ohio utility struggled to figure out why transmission lines were failing and complained that a computer failure was making it difficult to determine what was going on, transcripts of telephone communications released Wednesday show"

    http://www.wired.com/science/discoveries/news/2003/09/60285 [wired.com]

    "Software failure cited in August blackout investigation .. A malfunctioning alarm system may have played a big role in the outage Dan Verton Nov 20 2003"

    http://www.nrc.gov/reading-rm/doc-collections/gen-comm/info-notices/2003/in200314.pdf [nrc.gov]

    http://www.computerworld.com/securitytopics/security/recovery/story/0,10801,87400,00.html [computerworld.com]
  • It sounds like China is saying that they are involved in our power grid going down when they did not do anything. It's our poor grid setup that took it down.
  • Thank you China (Score:4, Insightful)

    by CopaceticOpus (965603) on Saturday May 31, 2008 @05:49PM (#23613071)
    This is fantastic news, and I can't thank China enough for these attacks. The fact is, vulnerabilities in our systems exist whether they are under attack or not. These attacks should serve as a wake up call and lead to security being taken much more seriously. Can you imagine if these weaknesses were left open and were exploited by terrorists, or by some country we find ourselves at war with in the future?
  • good old propaganda (Score:3, Interesting)

    by Gearoid_Murphy (976819) on Saturday May 31, 2008 @06:02PM (#23613173)
    I've often scoffed at the seemingly obtuse propaganda used by communist nations in their media, to be fair, usa has plenty propaganda too, but this is just laughable, if you read about the North East blackout [wikipedia.org], you'll see that a bug in a Unix based system was primarily responsible for the failure of the electricity infrastructure to react when it should have.
    Now, if I was a Chinese spy, I'd infiltrate General Electric, install a bug in the operating software responsible for the control of the energy distribution network, wait till those dumb ol americans had got complacent and then, for no strategic advantage whatsoever, cripple their energy distribution network, and then laugh my black communist heart out.
    • by steelfood (895457)
      Frightening thing is, people will actually believe this crap.

      Well, the USA needs an enemy, now that "terrorists" have replaced "drugs" instead of the USSR.
      • Well, it's a FACT that they attack India on a regular basis. What makes you think we're so special? You live in fantasy land if you think they haven't been probing our infrastructure for vulnerabilities that they can exploit should the need arise. To me, what's frightening is that people will just think this is a bunch of racist bullshit. China takes cyber-warfare very seriously. Unfortunately, we're only just starting to.
  • Am I alone in thinking that the good old US of A is looking for someone to have their next scrap with in case Al Quaeda peters out early?

    For about 40 years now all kinds of utility companies have wiped their collective backsides with the idea that any kind of information processing system that has any kind of actuator needs to be thoroughly secured. After all, when was the last time you casually strolled into a waterworks or a power plant? All those things are locked down, if not guarded.

    Has it come to

  • Scaremongering (Score:5, Insightful)

    by jandersen (462034) on Sunday June 01, 2008 @02:24AM (#23615273)
    The submitter writes as if these things were solid facts written in stone, whereas the fact is that nobody really knows. Sadly, building on what "intelligence" comes out of CIA just isn't feasible, as the arguments for the war in Iraq amply demonstrate. SO, the power outages "may have been caused by hackers" or something; or they may have been caused by something else. We rely heavily on advanced technology, which is a bit like balancing on a knifes edge - it is bound to go wrong from time to time, sometimes massively so, especially when stiff competition makes funding for maintenance less abundant.

    Apart from that, it isn't exactly difficult to break in to this kind of system - in the past we have seen hackers walk all over the place where they aren't supposed to have been. If script kiddies can do it, is isn't surprising if higly trained miltary personnel can do it too.

    But I sincerely doubt that they would leave lots of traces and clues lying around for the more paranoid factions on slashdot to play with. Script-kiddies, yes, but if you are professional, whether criminal or some foreign government, you don't just blunder stupidly in and trigger alarms, or leave your droppings all over the place.

    I can see how this kind of nonsense is politically useful. Hasn't the American public caught on to this yet?
  • Oh wait...

The trouble with opportunity is that it always comes disguised as hard work. -- Herbert V. Prochnow

Working...