Details Emerge On the 2006 Hacking of Congress 77
The National Journal just published an article with details about the hacking of Congress in 2006, possibly by agents in China, though the attack's origin is uncertain. The article notes the difficult work of the House Information Systems Security Office, which must set security policies and then try to enforce them on a population of the equivalent of C-level executives. The few members who have called attention to the issue of Congressional cyber-security have been advised to shut up about it, by whom the reporter did not discover. "Armed with this information about how the virus worked, the security officers scanned the House network again. This time, they found more machines that seemed to match the profile — they, too, were infected. Investigators found at least one infected computer in a member's district office, indicating that the virus had traveled through the House network and may have breached machines far away from Washington. Eventually, the security office determined that eight members' offices were affected; in most of the offices, the virus had invaded only one machine, but in some offices, it hit multiple computers. It also struck seven committee offices, including Commerce; Transportation and Infrastructure; Homeland Security; and Ways and Means; plus the Commission on China, which monitors human rights and laws in China."
Comment removed (Score:5, Insightful)
Re: (Score:1, Funny)
Only a paranoid totalitarian state would waste time penetrating Congress. There's not much there that isn't accessible via the news. Anyone who had half a brain would target the Executive branch, where there is data that is not publically accessible.
Silly commies.
Or maybe they just did it for the lulz?
Re:It had to be the Chinese (Score:4, Funny)
Or maybe they just did it for the RuRz?
There, fixed that for you.
Re: (Score:1)
RoR is japaneese for LOL
Re: (Score:1)
Re: (Score:1)
Maybe they just want to add a host to their botnet, and have no clue who owns the computer? With all these automated worms spreading about that seems more likely than some nefarious Chinese hacker gang.
Re:It had to be the Chinese (Score:5, Interesting)
Only a paranoid totalitarian state would waste time penetrating Congress. There's not much there that isn't accessible via the news. Anyone who had half a brain would target the Executive branch, where there is data that is not publically accessible.
Silly commies.
Or maybe they are hoping finding this will divert attention from the real stealth virus in the Pentagon.
Comment removed (Score:5, Funny)
Re:It had to be the Chinese (Score:4, Insightful)
Anybody could have hacked Congress for any number of reasons. Why did Mitnick hack the phone system? Why does anybody attempt to gain unauthorized access to systems they're not supposed to be messing with?
Many years ago, when I was a youngster, people were doing it just to prove they could.
Re:It had to be the Chinese (Score:5, Informative)
Negotiations over trade policy, for one thing, were compromised. What makes you say there's not much there? Congressional committees monitor all the executive agencies, and keep tons of confidential info.
You would have to be a total idiot to believe that (Score:5, Insightful)
It is a disaster to America and most likely to the west to have this information get out. Sadly, NSA has been usurp by DHS who is LOADED with total idiots.
Re: (Score:2)
Re:You would have to be a total idiot to believe t (Score:5, Insightful)
Yes, Windows is the surest sign of an easy compromise. Even this virus was designed for Windows. Nearly all the virus on goods coming from China are for Windows. It will remain that way as long as Windows is easy to crack and dominant. The fact that a number of EU countries, Russia, and China are switching their govs to Linux (and some mac) should have generated LOADS of virus for these systems IF it were easy. Do you see them? NOPE. Get past your silly prejudice and bias and look at the facts. Virus are written for easy targets that yield information.
Re: (Score:2)
If you have too much secrecy it make embezzlement far too easy, and then the criminal can still scream that they are a wronged patriot because the evidence is hard to get to. No matter what you think about selling US weapons to Iran to get funds to supply central american terrorists, we still have a couple of guys (North and Poindexter) stealing from the state for home airconditioning, cars etc.
It's very likely that such a dumb scheme could never have happened wit
Re: (Score:3, Insightful)
Congress overseas ALL
I really think we need to cut back on this outsourcing craze. I am not convinced foreign politicians are any more efficient than their American counterparts.
Oh, "oversees"? nevermind.
Re:You would have to be a total idiot to believe t (Score:1, Informative)
You need to reread the Constitution. Congress does not oversea everything, and that is not their job. They are responsible for legislating (creating laws & regulations, including defining budgets). That's it. The Constitution is quite clear that the role of the Executive branch is to execute those laws (and spend only the money allocated by Congress).
Together, both branches settle their differences in the Judicial branch (i.e. the courts).
This is the beauty of the US Constitution - the founders know tha
Re: (Score:2, Insightful)
And yet, our elected officials have found many ways to massively -- if not completely -- corrupt the government.
Congress overseas (Score:2)
Congress overseas ALL of what is going on.
Sending Congress overseas could SAVE AMERICA.
The US hacked itself? (Score:1)
Only a paranoid totalitarian state would waste time penetrating Congress
So you're saying the US hacked itself?
Re: (Score:2)
Re: (Score:3)
Re:It had to be the Chinese (Score:4, Interesting)
Only a paranoid totalitarian state would waste time penetrating Congress. There's not much there that isn't accessible via the news. Anyone who had half a brain would target the Executive branch, where there is data that is not publically accessible.
How about some of your own, homegrown extremists and quasi-terrorists? Or for that matter, other members of Congress? No other country in the world houses so many groups of people with extreme agendas as the US, sadly: ultra-rightwing Christians, anti-abortionists, this-or-that rights campaigners, neo-nazis etc. There is no need to go abroad to likely braindeads who would hack into Congress.
It seems more likely to me that people who do this are after finding personal information on the PCs of members of Congress, something that could be used for extortion.
Re: (Score:1)
Re: (Score:1)
the PLA more or less had access to everything through the mid 1990's - and more than likely still do today since we owe them so much money. why even hack? other than to make headlines to divert attention? what we need is more paranoia!
Re: (Score:2)
Actually there is private information such as diplomatic stances and personal discussions on international matters between congressmen and the president that the other countries involved would like to know. You can get a leg up in negotiations if you know what the other side is willing to concede, what they aren't, etc. It can also help if you know what actions they might be planning (e.g. discussing possible arms sales to Taiwan), who is sympathetic to you on an important issue and what they know about y
Re: (Score:2)
if something is "good" in a second-hand store, that means it's of high enough quality that it survived the first owner intact, right? That's not nationalism, that's natural selection.
Re:Made in China = poor quality (Score:4, Insightful)
Right now, thanks in large part to Congress, there are more reasons than quality. Doing a small project at home, I found a need for a jig saw. A trip to one of the local pawn shops netted me a nearly new Skil jigsaw that currently retails for about $90 USD. My cost? $30 USD. I cleaned the dust off, looks new. If you have the time, great source of other tools too. Quality merchandise lasts long enough to end up in Pawn shops. Found complete set of deep set impact wrench sockets - $14 USD. Can't beat that.
If Congress keeps up what they have been doing, it will soon be one of the few places I can afford to shop.
If someone had told congressmen... (Score:2, Funny)
But what's a horny old-guy to do...
Proofs? (Score:2, Interesting)
Why not the Italian Mafia, the Muslim Jihad or whatever else?
Sounds more like FUD than real investigation!
Re: (Score:2, Informative)
Re: (Score:1, Informative)
OK, wait, reality check. Here's an experiment: take any two random countries, and then check whether country A is engaged in an "active espionage campaign" against country B at the moment.
Unless it's, I don't know, Kiribati and Iceland, chances are that the answer will pretty much always be "yes".
Of COURSE China is spying on the USA, and has been for ages. Of COURSE the USA is spying on China, too, and have been for ages. And the same goes for Germany, France, the UK, Australia, Brazil, Russia, Japan, India
Re: (Score:2)
The summary does link to an article.
Re: (Score:2)
Sadly, so few posters here understand this issue.
Re: (Score:1)
in Italy the criminals do not operate undercover/ground anymore...
The virus is DENIAL (Score:3, Insightful)
Re: (Score:1)
Although it is possible to piece together unclassified information to get classified information, the intruder would have to
Re: (Score:3, Funny)
Congress can be completely free of network attacks if they disconnect from the Internet, and reality....
Half way there!
Why was this modded down? (Score:3, Insightful)
Worse, we are not just sending our goods over there and having them come back loaded with virus, we continue to do so even KNOWING this. You
Re: (Score:1, Interesting)
Re: (Score:2)
The number 1 spy in America IS Chinese. They are VERY active. Nearly all of the spies that we have caught over the last 20 years, have been Chinese that are working in DOD or intel jobs who then send back data to mainland. The same is true in Canada, Australia, EU, and I suspect, Russia. Any place that has more advanced military secrets is being actively infiltrated.
Worse, we are not just sending our goods over there and having them come back loaded with virus, we continue to do so even KNOWING this. You ma
Re: (Score:2, Informative)
And #2 is Israel [commondreams.org]. It's time to cut off all aid to them.
They seem to think we're their enemy, so I cannot fathom why we keep giving them billions of dollars every year.
Re: (Score:1)
If they are our friend, then please explain why they keep getting caught spying on us? That's not something friends normally do to each other.
And I'm not paranoid in the least - Israel has admitted to their spying. [bbc.co.uk]
And yet it continues [reuters.com] happening, year [wikipedia.org] after year [rense.com].
We shouldn't be rewarding bad behavior with aid. Rewarding bad behavior only encourages it. Israel needs to be punished for its crimes against the US by losing its aid. The time has long since passed.
Re: (Score:2)
Jonathan Pollard.
Whats having a population of 10 million got to do with anything? The Israelis spy on the US. Its a well-known fact. Get over it.
OUCH, you are right (Score:2)
Why?... (Score:2, Interesting)
Why mention that it was possibly by agents in China when, immediately afterwards, you admit their origin is unknown? They could be agents from Russia. Or Iran. Or Canada. If you don't know, that means they could be from anywhere. Sure, it's fun to paint China as the badguy and gawd knows it's en vogue right now but, if it's unknown who was behind the attack, leave it at that.
Re: (Score:3, Insightful)
Re: (Score:2)
It's known where the attack originated from. No one wants to reveal *how* they know that, so it's left ambiguous.
I would think it's fairly obvious how they find where attack originated. You find the attacking IP (or the IP to which information is being sent), since as long as there is traffic it is not possible to hide it, and any given IP belongs in a geographical region (which happened to be China).
What wouldn't be obvious is whether this is, e.g. work of Russian hackers who had access to compromised machines in China. If they knew that, then there would be no doubt as to the perpetrators (I suppose we could go back
24.. (Score:1)
It doesn't surprise me (Score:5, Informative)
We've had to deal with a number of government agencies where I work. It's not surprising they get hacked. The Defense Security Service, for instance, tried to force us to "get a .com address if you want to interact with our online tools, because .edu addresses are insecure". After laughing to their face it took three weeks to convince them they had no clue what they were talking about. They also asked me to contact them any time we saw "anomalous" traffic on our network. I offered to forward them a copy of the 90% of our packets that are anomalous, but they weren't amused. As another example, the State Department is basing export restriction management on broken Active X that requires users to be Administrators to use. :/ The list goes on.
I was going to go check something on their site, and discovered that it's now running a self signed cert. *sigh* Check out the mission of DSS, and the irony is... scary: http://en.wikipedia.org/wiki/Defense_Security_Service [wikipedia.org]
DSS is tasked with facilitating personnel security investigations, supervising industrial security, and performing security education and awareness training.
Doomed I tell you, doomed.
Re:It doesn't surprise me (Score:5, Funny)
I once sent DSS a resume containing nothing but "penispenispenis" in all of the sections, and got a reply that I should come down and take their employment test.
Thank goodness for an illiterate Congress! (Score:3, Funny)
Imagine the potential for disaster if our elected officials were tech savvy enough to actual use technologies such as "e-mail" and the "world wide web" and that "http" thing!
It has to be "X" ... (Score:2, Troll)
sometimes people like you scare you (Score:1)
"The public security services in China can turn your telephone on and activate its microphone when you think it's off."
Now if only they can emit a tone outside of human hearing and record the echoes to be centrally processed in one massive computer displaying real time video of anyone anywhere in astounding detail.
Actually, I think this is probably too much power for anybody to have. Let's blow it up.
We are at war with Eastasia ... (Score:1, Informative)
we have always been at war with Eastasia.
Bin Laden is not the enemy we are looking for (*).
* - see http://www.whitehouse.gov/news/releases/2002/03/20020313-8.html
Parties unknown (Score:1)
Only with deeper experience do we start to appreciate that China is an easy target and that it's in a lot of other people's interest to reinforce views of China as the world's cyberboogeyman. The Chinese d
Why china? (Score:2)
What did china have to do with anything? There was nothing pointing to them. But hey guilty until proven innocent right? Why not point at non-spy civilian hackers? Congress is a fun target. Or how about one of the hundreds of other countries? What about Israel? Pointing fingers with no proof like this is embarassing /.
Re: (Score:2)
For the PR and covering up of their own incompetency, the best strategy is always to stick bad things to the biggest public enemy. Israel? Their people run this country; who's dare to accuse their own bosses. Russia, nobody remember them much any more. China, of course, everybody hates it. Other countries, who care.
Re: (Score:2)
We could blame India... i'm sure at this point they have the tech savvy and numbers to pull it off :P
Foreign contracts (Score:1)
Real nice.... (Score:1)
Homeland security was amongst one of the departments within the government to have been compromised...
Are you kidding....of all people to not get caught by the virus or trojan or even hacking, I would think they were the ones to not get hit (along with the NSA).
The geniuses that work in those places would be the first to say
"HEY YOU SHOULD NOT DO THAT....OPEN THE EMAIL ATTACHMENT I MEAN."