Forgot your password?
typodupeerror
China Security IT

Governments, IOC and UN Hit By Massive Cyber Attack 122

Posted by CmdrTaco
from the because-mcafee-says-so dept.
fysdt writes "IT security firm McAfee claims to have uncovered one of the largest ever series of cyber attacks. It lists 72 different organisations that were targeted over five years, including the International Olympic Committee, the UN and security firms. McAfee will not say who it thinks is responsible, but there is speculation that China may be behind the attacks. Beijing has always denied any state involvement in cyber-attacks, calling such accusations 'groundless.'"
This discussion has been archived. No new comments can be posted.

Governments, IOC and UN Hit By Massive Cyber Attack

Comments Filter:
  • OK, so China says the accusations are groundless. Obvious question: why were the accusations made? Is it just because of China's reputation, or is there a real reason to think that China is involved?
    • by nospam007 (722110) *

      Not to mention that 'attacks' that endure for several years are usually called 'war'.

    • Yeah, if we started presenting evidence and not conjecture, maybe we'd be doing a better job of convincing the world, if not China, that China is up to nefarious deeds. Also, what reason does China have to attack the olympics? They just got an olympic event a couple years back? I don't see any reason to hold a grudge there.

      • Re:"Groundless" (Score:4, Insightful)

        by Nidi62 (1525137) on Wednesday August 03, 2011 @10:02AM (#36972014)

        Also, what reason does China have to attack the olympics?

        Well, there were all of the accusations of the Chinese gymnastics team horribly under-age(10, 11 years old). We know the soviets cheated in the Olympics (lots of steroids), and if the Chinese were cheating in gymnastics, odds are they were probably cheating in other sports as well. It's possible that they would hack into the IOC to see if there were any allegations or investigations being circulated/planned for, so that they could prepare for them (changing evidence and all that).

        • by Anonymous Coward

          The Chinese women cheated very recently in swimming using steroids as well in the 1990s.

        • by timeOday (582209)

          We know the soviets cheated in the Olympics (lots of steroids), and if the Chinese were cheating in gymnastics, odds are they were probably cheating in other sports as well.

          Darn commie cheaters! [wikipedia.org]

          Marion Lois Jones (born October 12, 1975), also known as Marion Jones-Thompson, is a former world champion track and field athlete, and a former professional basketball player for Tulsa Shock in the WNBA. She won five medals at the 2000 Summer Olympics in Sydney, Australia but has since forfeited all medals and pr

          • by Nidi62 (1525137)
            I said "Chinese" and "Soviets", as in a systematic problem with cheating. With the Soviets, cheating was shown to be both widespread and sanctioned(if not outright encouraged) by the highest levels of their athletic governing bodies. You mention one person, acting individually. There is a big difference.
      • by Stargoat (658863) *

        You've never spent any time with northern Han, have you? There are some seriously paranoid, screwloose individuals there. With the amount of effort they spent on the Olympics, they would feel required to monitor Olympic Committee activity for years to come.

        • by FhnuZoag (875558)
          Man, the Time to Racism on these China related articles...
          • by Stargoat (658863) *

            What exactly is racist about cultural understanding?

            It is stupidly PC (or even post-modernist) to ignore the way that culture drives decisions. Of course some people do things different than others for difference reasons. And cultural diversity extends beyond food. In fact, it extends to (gasp) culture.

            And seeing as how I have an entire family who are from that region, perhaps you'd like to reconsider your statement. Unless I'm self-hating. Oh, that must be it. Please excuse me while I head out to cut

            • by FhnuZoag (875558)
              Han is a race. It's not a culture, but a genetic lineage. If you were to even refer to 'chinese' or whatever you could cover your arse by saying you are just referring to culture, but complaining about northern Han on a majority western forum is equivalent to talking about northern black americans and just as dumb.
              • by FhnuZoag (875558)
                Also, I am a 'northern Han' emigree, and whenever I go back there the people I meet are the friendliest, most open, and most level-headed people, despite the horrible chinese government, so seriously, fuck you and your 'cultural understanding'.
                • by Stargoat (658863) *

                  Northern Han emigree? Let's see. Chauvinism? Check. An inability to accept even indirect cultural criticism? Check. A willingness to whine about racism? Check. An inability to articulate a contrary thought without reducing it to violence or swearing? Check.

                  FhnuZoag, you are a caricature of the Ugly Chinaman. Look in the mirror. You are what Bo Yang was warning of. [amazon.com]

                  • by FhnuZoag (875558)
                    It's not chauvism to point out you shouldn't judge people on their race. It's not "cultural criticism" to insult someone on the basis of their racial background when you know *absolutely nothing* about the environment they are brought up in. I said I'm north Han, and so the assumptions immediately start to flow. At no point did I enquire or comment on your race or background. At no point did I even say China was superior in any way. Look outside your racial lens and judge people as individuals please. And
              • by Assmasher (456699)

                You're confusing ethnicity and race. In the western world, which is how you describe this forum, Han Chinese are considered an ethnic group.

          • by inviolet (797804)

            Man, the Time to Racism on these China related articles...

            Sorry, no, you don't get any virtue points for pointing at a useful cultural observation and shrieking "racism!!!1!".

            I realize the other routes to virtue are a lot more work. We apologize for the inconvenience. Perhaps you'd find veganism to be adequately easy.

            • by FhnuZoag (875558)
              Labelling literally hundreds of millions of people by their genetic ethnic type, espousing a negative stereotype of 'paranoid, screwloose' from vague anecdotal armwaving and generalising to the entire group, and inserting it non-sequitir into a discussion that has absolutely no mention of ethnic Han in the north isn't an "useful cultural observation". It's racism by definition.
              • Racism by definition is "Believing that one race is superior to all others". Stereotypes are not racism as they can be negative or positive, they are generalizations made about a group based on encounters with a few. I don't think the English are inferior because they have bad teeth, or Irish because they have fiery tempers and drink allot, or the Italians for being plumbers and jumping on mushrooms.
                • by FhnuZoag (875558)
                  Racism, n:

                  The belief that all members of each race possess characteristics or abilities specific to that race, esp. so as to distinguish it as inferior or superior to another race or races

                  Prejudice, discrimination, or antagonism directed against someone of a different race based on such a belief

    • by Nidi62 (1525137)

      OK, so China says the accusations are groundless. Obvious question: why were the accusations made? Is it just because of China's reputation, or is there a real reason to think that China is involved?

      The accusations probably arise from a few things. First, how many time have you heard about the Chinese government, or Chinese firms, getting hacked? Not too many. Second, China is one of the few countries that has uniformed hacker units in their military. They also have hacking divisions in their state security and intelligence apparatus. Third, most professors and students of CS are basically kept on call by the government; almost a hacker National Guard.

      • by JBMcB (73720)

        How about this - the attacks are traced to China, or at least, they endpoint at their firewall. China monitors all internet traffic coming into and going out of their country. Their ISPs retain logs of all internet traffic as well. Governments ask for China's help tracking down an attack - China says "didn't come from here."

        So what are we to believe? Either China's government is covering up the attacks, they are behind them, or they are incompetent at running a network.

        • by FhnuZoag (875558)
          Well, there's a lot of Chinese computers infected with spyware, etc, and general status of cybersecurity is very poor - just look at the numbers using IE6. Even using high end estimates, we're looking at 1 'internet policeman' per 10,000 Chinese users. Despite the fame of the great firewall system, it's mostly run on automatic - it would be implausible for the Chinese to monitor and log and datamine individual activity. Proportionately to internet user population, the NSA alone employ a much larger number
    • by vlm (69642)

      Maybe its just ignorance... China is really freaking big. Saying "its china" is about as pointlessly vague as saying "it was done by young males". In both cases theres about a billion suspects.

      Also all the PCs in China are unpatched, owned zombies. Don't waste time claiming they based it on IP addrs.

    • by Stargoat (658863) *

      Most other attacks are accompanied by Internet chatter. A business should not be surprised if it is hit by lulzsec or another social group attack. Typically, there are warning signs, and large businesses pay a good deal of money to be forewarned about such attacks. But a wide attack like this.... If there was no warning, chances are it was the Chinese.

      Perhaps people need to start realizing what an authoritarian, reclusive, and paranoid regime can do to the world. After all, look at the damage the US has

    • by tukang (1209392)
      I suspect China because the Google incident showed that they're actively engaged in such activities.
    • I would assume they're pointing the finger at China because the attacks originated from there.

      That said, if I were to do something shady, I'd proxy through China so the authorities will just say "damn dirty Chinese!" instead of looking for me on the other side of the planet.

    • They have a trained troop for doing this. They admit it. The crackers in China have a death penalty against them, UNLESS it is directed at the west and they sell the information to the Chinese gov. (think of how the brits used pirates against the french and Spanish). That in the intel world have put out honeypots, seen the attacks from Chinese IPs and seen the false information from it show up in Chinese reports later on.

      But other than that, no real reason to believe that China is the one who would want m
    • Re:"Groundless" (Score:5, Insightful)

      by Xest (935314) on Wednesday August 03, 2011 @11:11AM (#36973014)

      I wonder the same but from a different perspective.

      Time and time again security firms like Sophos and McAfee make these grand claims - "MASSIVE STATE ATTACK ON US DOD" or whatever, yet do they ever release any evidence?

      Of the ones I've bothered to read TFA for so far they seem to be little more than claims, we never see any evidence, just speculation or arbitrary bullshit like they follow a "profile" - the profile probably being nothing more than the attacks were carried out on the internet or something stupid like that.

      If anything it seems to be more a case of security firms loving the fact that all they have to do is come up with some sensationalist wankfest and all of a sudden their firm is advertised right across every section of the media across the globe.

      I'm getting tired of it. Security firms- either publish all your relevant data to prove your claims, or shut the fuck up. Otherwise I'll just assume the best your firm can do is conjure up marketing stories, because you certainly can't produce trustworthy virus scanners.

    • by couchslug (175151)

      A new Cold War could make money for many people. Follow the money.

      I welcome "cyber attacks" because they can coerce immune responses and punish bad security practices.

      It's unfortunate for overall internet health that the slowest zebras are "infected by parasites" instead of "killed outright".

    • You can show them actual proof of someone in china sitting behind a desk and hacking into a system, and they wouuld still deny it, saying all sorts of claims of fraud or whatever. Bottom line is the US as a whole is not recognized as a governing body in china as it might be for the rest of the world. I am not bashing americans, but i do think sometimes they think too highly of themselves, and expect others to just bow down each time they claim something.

      Sort of like the big bully of the school yard who tend

  • but there is speculation that China may be behind the attacks

    OMG ya think? Who else has the ability to put something this massive together?

    • by josephtd (817237)

      OMG ya think? Who else has the ability to put something this massive together?

      Just off the top of my head.... The US, Russia, the UK, Israel, Germany Not saying they aren't behind it, just that they aren't the only game in town.

      • We have pretty good relations with the UK so I assume we would know about something this big. Israel maybe but they have been at the spy game for a while and I think they're slick enough to get in and out without making it obvious. Russia is in the cybercrime business but shouldn't be ruled out. Don't really know anything about stae sponsored hacking in the US or Germany for that matter but I'm sure all of the above are engaged in state sponsored hacking but China (if it is them) appears to be the most blat
    • by Baloroth (2370816)

      Who else has the ability to put something this massive together?

      Judging from Stuxnet, I'd say the US and Israel at least. The Russians, almost certainly. Or hell, considering that they stole mostly industrial information (according to TFA), just about any company. Actually, its probably an underground cracking organization that contracts out to companies to get the information. Maybe funded by China, but it's most likely government independent. Governments rarely operate on that kind of scale illegally, especially against commercial targets. Too much risk of backlash sh

    • by cyfer2000 (548592)
      The news of the world [newsoftheworld.co.uk] and the News Corp [newscorp.com]?
    • by Alex Belits (437) *

      OMG ya think? Who else has the ability to put something this massive together?

      Me?

    • OMG ya think? Who else has the ability to put something this massive together?

      Absolutely. China is the only country with more than half a dozen bored and disaffected teenagers.

  • by rbrausse (1319883) on Wednesday August 03, 2011 @09:55AM (#36971950)

    as the old saying claims.

    today it's more like "No one ever got fired for blaming China" - it may be possible (even likely to some extent), but those rumours and speculations are IMO mostly based on political bias/reasons.

    • by synapse7 (1075571)
      From the article it sounds like pure speculation with Russia tossed in for good measure. What I want to know is, were these McAfee clients, else how did they discover these intrusions in so many different networks.
    • by couchslug (175151)

      The Chinese and US both have huge governments who can and do exploit each other as "threats" so they can excuse the expenditure of even more money. Follow the money.

      Never mind that the US has no rational military interest in Asia, we must FEAR the EVIL CHICOMS and spend sweet billions to defend our useless client states (so they can save on military budgets and spend the diff on economic competition WITH THE US).

  • Quick, arrest a bunch of English teenagers and everything will be just fine!

  • Let's "suppose" this IS China's hacking handy work. This is happening in conjunction with a whole host of other subtle acts that would lead one to think China is engaging in the most contemporary war this planet's ever seen (AND IT'S WORKING!!!) Really, why invade a country on foot and turn things into a blood bath when you can slowly choke everyone out (i.e., virtual occupation!) using subtle and not so subtle tactics of financial squeezes, cheap labor practices with horrendous humanitarian violations th
    • by Culture20 (968837)

      Really, why invade a country on foot and turn things into a blood bath when you can slowly choke everyone out (i.e., virtual occupation!)

      If you think Chinese Second Life Flying Penises (SLFP) can beat out American SLFP, you've got another think coming.

    • China isn't engaging in an undeclared war. War is when you use enforce your political policy through violence.

      China, more than any other nation, knows how to play the long game. They've been very carefully avoiding violence, instead making long-term strategic maneuvers. They don't need war; in fact, they're playing by our own rules: they're using (and perhaps abusing, but that's not "war") the free market to compete us right into the ground.

      • by kundi (2036962)
        I guess we could entertain "what is the intent behind the "non-violent" acts"? Ohhhhhh, I know... maybe they're just routing around for info that will lead them to a few hints on what they should get the United States for it's 236th birthday! I bet they're coming to the conclusion that they'll be sending every US citizen Rosetta Stone Chinese!
        • The intent is to make China the world's number 1 superpower without starting a war.

          I just object to diluting the term 'war' when what they're doing is something considerably more subtle.

          • by kundi (2036962)
            Point taken, when you made your first point. And actually, you are making a really important distinction b/c as it isn't technically war at all! Yet, we sure don't seem to be giving it near the attention it should be demanding! However, the attention that is does seemingly deserve goes a lot farther back than noticing it 3 or 5 years ago. It has a lot, if not everything, to do with our crumbling infrastructure and severely waning education system in the last 20 (?) years. The subtly of them just playing
  • major security company with international government and defense contracts has recently detected an enormous cyber attack!
    the attacks is from China, because the chinese manufacture our televisions and appliances and therefore are most identifiable in the minds
    of american senators congressmen and those who sign perpetual service contracts and license agreements.

    action is to be immediately taken in the form of Visa, Mastercard, American Express, Purchase Order, or your local security company
    sales team
    • by genner (694963)

      major security company with international government and defense contracts has recently detected an enormous cyber attack! the attacks is from China, because the chinese manufacture our televisions and appliances and therefore are most identifiable in the minds of american senators congressmen and those who sign perpetual service contracts and license agreements. action is to be immediately taken in the form of Visa, Mastercard, American Express, Purchase Order, or your local security company sales team immediately! for only then can you rest assured the evil attacks of cyber will abate. additional: malfunctions in your television, home computer, blender, and dishwasher should immediately and unquestionably be attributed to this latest cyber attack.

      All those things are made in....gasp........China!,

  • by cosm (1072588) <thecosm3@EEEgmail.com minus threevowels> on Wednesday August 03, 2011 @10:11AM (#36972128)
    Assume it is China. Why is it that when transnational attacks occur on a scale this large against our nations infrastructure, financial sectors, and defense systems the politicians shrug it off or turn a blind eye, but when citizen schmoe downloads some files or leaks some dox the entire system goes full assault on their asses with ICE raids, take down notices, special committees on intellectual property, etc. etc.

    If they were concerned about national security, they would denounce the culprit (they know what country they're coming from), and work on hardening security. But it is not about national security. It is about corporate security and defending the status quo. That is why the US seeks to extradite file sharers, hell, link sharers, from other countries, but when massive ddos attacks are directed at us by governments that we trade with, nothing is generally done.

    Oh, and this entire rant uses the word cyber once; in this sentence.
    • by Registered Coward v2 (447531) on Wednesday August 03, 2011 @10:34AM (#36972474)

      Assume it is China. Why is it that when transnational attacks occur on a scale this large against our nations infrastructure, financial sectors, and defense systems the politicians shrug it off or turn a blind eye, but when citizen schmoe downloads some files or leaks some dox the entire system goes full assault on their asses with ICE raids, take down notices, special committees on intellectual property, etc. etc.

      Simple - Citizen Schmoe doesn't control minerals, oil, access to SLOCs, etc that you need - so you play the diplomacy game since both sides don't really want to alienate the other; they just want an upper hand. OTOH, you have nothing to lose by smacking Citizen Schmoe to deter others so they don't drain resources while you play the diplomacy game.

      Remember - today's enemy may be tomorrow's friend, because countries have permanent interests, not permanent friends or enemies.

      If they were concerned about national security, they would denounce the culprit (they know what country they're coming from), and work on hardening security. But it is not about national security. It is about corporate security and defending the status quo. That is why the US seeks to extradite file sharers, hell, link sharers, from other countries, but when massive ddos attacks are directed at us by governments that we trade with, nothing is generally done.

      Denouncing does nothing but cause a public fight. Instead, you harden your networks and work behind the scenes to let them know you are pissed off. In addition, watching what they do gains insights into hat the are doing and want; as well as the opportunity to plant information as well. Or, why not let them give you to add selected payloads as part of the info they d/l to make it easier to tap their systems? Plus, if they think their current tools are effective they may not try to develop better ones. If you let your enemy think they are smarter than they are and you are dumber than you really are you can win a lot of battles or make a whole lot of money.

      • by cosm (1072588)
        I just don't believe our government is competent enough to undertake the actions in your last paragraph.
        • by sl3xd (111641)

          There are more than enough competent federal employees. Don't make the mistake of assuming the lunacy of the generals also applies to the troops in the trenches.

    • by bgt421 (1006945)

      If they were concerned about national security, they would denounce the culprit (they know what country they're coming from), and work on hardening security.

      In most cases, we can't tell where traffic comes from. Between botnets, Tor, and other proxies, the best we can do is say "it looks like the attacks are coming from IP addresses from Karblockistan." Attack attribution is difficult, if not impossible. Hypothetically, I can attack your network and make it look like it came from anywhere in the world. If I want to be extra convincing, I'll use Chinese language tools so that you suspect the Chinese. An attack from Chinese IP's doesn't mean the PRC had anything

    • by sp3d2orbit (81173)

      If politicians are all about "corporate security" and a large number of "corporations" got attacked then wouldn't the politicians be making a big stink?

      Never assign to malice what can be attributed to stupidity.

    • a light bulb turns on. the smell of fresh air. thank you. succinct
  • It was 'Al Quaida'....obviously!

    • The /bin/nedal rootkit binary gave it away. AQ thought, by misspelling the name nobody would notice but Ha!...security through obscurity just never works!

  • Do they think China wanted to change the results of the Olympics or something?
  • by Mysticeti (69304) on Wednesday August 03, 2011 @10:32AM (#36972420)

    I get several emails a day alerting me to the fact that yet another IP address has been banned for brute force attacking a server I have on the internet. For a while I tried to track down where these attacks were coming from and I was amazed at both the diversity of countries of origin and also the sheer number coming from China.

    Now just because the attack is coming from an IP address in China doesn't mean all that much. It would be a stretch to conclude the attacks are state sponsored. But I find it odd that for a country with such authoritarian control over 'net usage somebody somewhere in their government isn't either aware of this. I tend to think that if they're not supporting they're at least sanctioning the attacks.

    I fully admit that this is anecdotal at best and would love to hear from others who have servers on the 'net that have kept more detailed records.

    • Like everyone else who has ever run any sort of public facing sever in the last 10 years, I also get a disproportionate number of scripted brute force attacks that come from China. From what I understand, it's almost considered a hobby over there. Mr. Joe Citizen works for big-state-sponsored-foreign-run-computer-company, and at the end of the day before he leaves he sets his desktop computer to nmap and brute force as many addresses as possible all night. What they do when they finally get one, well...I'm
    • by mlts (1038732) *

      An attack coming from an IP address in China doesn't mean much to me -- It gets blocked and life goes on.

      It could be a botnet client, or it could even be someone who compromised a machine just to make things look like it was an overt Chinese attack. If Elbonia hackers were probing a target, why not use Latveria's machines so the probes appear to be coming from there?

      Regardless where the attack comes from, unlike most theaters of wars where the best defense is a good offense, the best defense on this front

  • To tell you shit after it doesn't matter and wont do anything about it anyway

  • by retroworks (652802) on Wednesday August 03, 2011 @10:56AM (#36972832) Homepage Journal
    I read the NYT version of the article. I seems like we need more vocabulary to define "attack" vs. "tresspass" vs. "spying" vs. "wikileaking". The UN should by all rights be FOIA (Freedom of Information Act) accessible, providing this information to everyone. For five years, someone peeked through agency files. I wouldn't expect anything I sent to the UN to remain a secret.
    • I read the NYT version of the article. I seems like we need more vocabulary to define "attack" vs. "tresspass" vs. "spying" vs. "wikileaking". The UN should by all rights be FOIA (Freedom of Information Act) accessible, providing this information to everyone. For five years, someone peeked through agency files. I wouldn't expect anything I sent to the UN to remain a secret.

      From what I read in both articles, I wasn't able to gain an understanding as to what actually happened. The word "attack" in the online context is meaningless. Too many people try to apply physical world characteristics and descriptors to the internet when many of these carry over terms aren't appropriate. The vocabulary issue also demonstrates that many of those in power really don't understand the problem.

  • if you're going to wipe something off the internet, take out something that's just bad for the whole internet as it is: SORBS. Please obliterate them once and for all.

  • This is part of China's asymmetric warfare strategy laid out in this document over ten years ago:

    Unrestricted Warfare
    by Qiao Liang and Wang Xiangsui

    http://cryptome.org/cuw01.htm [cryptome.org]

    Read through the document. China is at war with the US because the Chinese Politburo knows that the only way they can hold on to power in the long run is to crush all viable alternative economic systems. The accumulation of US debt, the hacking of US and Western systems, and the ongoing Charm Offensive are all designed to put the US

    • by FhnuZoag (875558)
      That's not a secret strategy document, that's a popularly published book on military strategy by a couple of mid-ranking PLA officers. An odd choice for a secret masterplan.
      • by sp3d2orbit (81173)

        I never said it was secret. This brings me to a second point. China actively pays individuals to post on forums like this:

        http://articles.cnn.com/2010-03-26/tech/china.astroturf_1_bloggers-china-government?_s=PM:TECH [cnn.com]

        Looking through your posts clearly shows you are a pro-Chinese anti-American poster with comments such as:

        "No, it's because the US is a democracy, and many Americans are
        fucking stupid"
        "Maybe we can get the Chinese to put this thing up"
        "So, uh, murder is okay now because the US government exists"

        • by FhnuZoag (875558)
          Um, the third statement is in defense of the US government re: people saying that wikileaks has no responsibility with respect to endangering people's lives because OMG the US military sometimes gets people killed in Afghanistan. The second statement is pointing out the irony of the US cutting critical NASA projects whilst simultaneously cutting collaboration with China in the space, noting that the latter exacerbates the damage of the former. The first statement is a counter to people blaming US politician
  • Anybody care to wager how McAfee knows about intrusions into so many different networks? Anonymous/lulzsec provide proof of hacks, how do we know this isn't a hoax.
  • Every time I hear about the 'nefarious' and 'dangerous' cyberattacks coming from China, it always turns out that they involve sending emails probably saying 'look at nude photo - http://www.youtube.com.cn/video.exe'. If the Chinese are so dangerous, why can't they make something more technically challenging like Stuxnet? They might have the quantity, but their methods show something about the quality of their hackers - it's Chinese quality.
  • What it comes down to is who held the last smoking gun, China got caught once or twice, didn't defend itself too well, and now everybody can just assume it's them. IMHO it probably is, they seem to have their IT down better than the rest of the world including the US, I mean they censored like 1/3 of the world's population from the internet and are seemingly keeping on top of their filters.

    What China has to realize though is how long standing public image is, and how much it will mess with them in the futu

"Your mother was a hamster, and your father smelt of elderberrys!" -- Monty Python and the Holy Grail

Working...