FBI Warns Industry of Chinese Cyber Campaign 106
daten writes The FBI on Wednesday issued a private warning to industry that a group of highly skilled Chinese government hackers was in the midst of a long-running campaign to steal valuable data from U.S. companies and government agencies. "These state-sponsored hackers are exceedingly stealthy and agile by comparison with the People's Liberation Army Unit 61398 ... whose activity was publicly disclosed and attributed by security researchers in February 2013," said the FBI in its alert, which referred to a Chinese military hacker unit exposed in a widely publicized report by the security firm Mandiant.
It's time to start a trade war. (Score:2, Insightful)
Free trade doesn't work if both sides are not playing the same game.
Re:It's time to start a trade war. (Score:4, Insightful)
Re:It's time to start a trade war. (Score:5, Insightful)
These aren't rogue groups. They operate with the full support of the Chinese government.
I agree with hacking back but the only value you'd gain is if you handed the data over to corporations, and that's a big bad can of worms to open.
No casualties? The median lifetime earnings of a USA worker is $1.5m. For ever $1.5m in economic damage, you've effectively killed one person.
Re: (Score:2)
Ancient history and therefore irrelevant. Execute today and plan for tomorrow.
Re: (Score:1)
These aren't rogue groups. They operate with the full support of the Chinese government.
Source?
Re: It's time to start a trade war. (Score:1)
That makes about as much sense as saying if you amass $150m, its like having 100kids...
Re: (Score:1)
I'm not sure slamming each others companies with ddos attacks would be good.
But it would be appropriate if someone could infect their forced "firewall"
software to ddos their own internal surveillance structure to smoldering bits.
Re: It's time to start a trade war. (Score:3, Insightful)
no it's not a real war. Copying a Word document is completely unequal to dropping a bomb on a village or shooting somebody in the head.
Shame on you for equating the two - stop being a sociopath.
Re: (Score:2)
no it's not a real war. Copying a Word document is completely unequal to dropping a bomb on a village or shooting somebody in the head.
Shame on you for equating the two - stop being a sociopath.
True. The pen is mightier than the sword.
Clinton says (Score:2, Offtopic)
The pen is mightier than the sword.
- Edward Bulwer-Lytton
The penis, mightier than the sword.
- Bill Clinton
Re: (Score:1)
The penis mightier, then the sword ....
-Anonymous Coward
Re: (Score:2)
Re: (Score:2)
My gradnfather fought in a real war. From what he told me, it was nothing like this.
Some great uncles of mine were on the beach at Normandy. One of them got a blueprint copied directly from his entire left leg. He survived, but only because a quick thinking medic was able to replace it with a pin-up from the landing craft. He still gets compliments on that leg.
Re: (Score:1)
It would be devastating for the US economy in the short term...
Not if they build it up first, before going to war. But, you know how fanciful that dream is. Everything is done by reaction [youtube.com], and usually a bad one.
Re: (Score:2, Insightful)
Free trade doesn't work if both sides are not playing the same game.
Right, the US would never consider spying on Chinese companies and government branches. /sarcasm
I like to believe that you are just trolling, but based on the inane world view frequently voiced by 'muricans online it is very hard to tell.
Re: (Score:2, Informative)
NSA Has Undercover Operatives in Foreign Companies [schneier.com]
The latest Intercept article on the Snowden documents talks about the NSA's undercover operatives working in foreign companies. There are no specifics, although the countries China, Germany, and South Korea are mentioned.
Re: (Score:3)
Just a quick note: insulting people with differing opinions (no matter how right you may think you are) doesn't actually help you make your case, although it may increase your innate sense of superiority. In addition, those "'muricans" who might otherwise agree with you may just write you off as another bigoted foreign asshole who lumps everyone in a given country together.
Re: (Score:2)
And at no point did I attempt to change t
Re: (Score:1)
As opposed, for instance, to another "murican" asshole with their world view centred in North America.
The view from the outside, guys, is that the US does many things to other countries that it would never tolerate having done to itself.
Unfortunately, the more moderate citizens of the US (I've met quite a few), don't seem to get heard outside of the US.
Cyber attacks are an extension of espionage - been happening for thousands of years, nearly everyone does it, probably never going to stop, so let's not go d
Re:It's time to start a trade war. (Score:4, Insightful)
We're not playing the same game?
Just how deep in the sand do you have your head buried?
http://www.dailymail.co.uk/new... [dailymail.co.uk]
What China is doing is a drop in the bucket compared to what the USA is doing.
Re: (Score:1)
Which is exactly what the US did, when it was a new nation and needed to catch up.
Re: It's time to start a trade war. (Score:5, Informative)
lol, you modded me down and then replied anon? You truly are a coward aren't you?
http://www.reuters.com/article... [reuters.com]
Even cowards can use Google.
We are steeling trade secrets and giving them to corporations friendly to the US government. We're doing exactly the same thing China is doing, just on a much much larger scale.
Re: (Score:3)
This is what they flat out admit:
In short, the officials say, while the N.S.A. cannot spy on Airbus and give the results to Boeing, it is free to spy on European or Asian trade negotiators and use the results to help American trade officials — and, by extension, the American industries and workers they are trying to bolster.
http://www.nytimes.com/2014/05... [nytimes.com] ...and that's what they admit...
China admits nothing and we have no proof that the hackers have anything to do with the Chinese government.
Re: (Score:3)
The US admits to being actively engaged in economic warfare against other countries with rabid psychopathic claims of it being somehow legal and complains, whines and then ruthlessly attacks other countries when they do far less, like threatening to stop using the World $US Bank and cease propping up the US economy. This stupidity is going to get a lot worse being prodded along by the US military industrial complex, screaming for more money now, a lot of other allied countries are going to start getting ca
Re: (Score:3)
Yea, CIA admitted, before 911, that their main task was commercial espionage. So now they are threatened that Chinese might be faster?
(yes, there are documented cases, e.g. german windmill technology in production being patented in USA)
Re: (Score:2)
Re: (Score:3)
Anybody with a brain knows this has been going on for years.
You are a WIT, my friend. Have you considered stand-up comedy? Good thing you posted anonymously, because that kind of blazing display of wordsmithery is likely to make you some enemies.
TAO (Score:4, Interesting)
TAO is also a Chinese word that means "the Way".
Re: (Score:2)
In my day.... (Score:3, Funny)
The group’s sophistication is demonstrated less in how it gains access to targets’ computers and more in how it moves “laterally’’ once inside the system, disguising its behavior to look normal so it goes undetected, said Peter B. LaMontagne, Novetta Solutions chief executive officer.
In my day, spies had to get into the building, gain access to the blueprint file cabinet drawers, photograph them - on film no less and getting the exposure right, and then make their way out without getting caught.
It was ALL social engineering back then - OLD school.
You whipper snappers sitting behind your keyboards eating Cheetoes or Lo Mein (whatever the case may be) and drinking Wired Bull, or whatever those caffeine drinks are called, are just a bunch of lazy good for nothings!
We had to WALK and GET INTO a building and even TALK to people!
Pffft!
I'd like to see some Chinese spy walk into a high tech firm and go un-noticed!
H1-bs? Oh, shit! Yeah, ....Um.....never mind.
Captcha "crackpot" - Ahahahahahahahahaha!
What's the difference? (Score:3)
I presume the company I work for is a target, but it's no less a target from any other government.
This isn't news I can use. There's no behavior change that is a rational response to this. It's not like we didn't already know there are several governments trying to get access to all out stuff.
Re: (Score:2)
It's important to keep up the fear factor. People are more compliant.
Re: (Score:3)
Re: (Score:2)
The first thing I thought of when I saw this was: "Incredibly tricky, these orientals". Cliches I grew up with! Great!
Time to put out the honeypots. All the gory details on lukewarm fusion, and AS YET UNPATENTED. It just needs to look very plausible, 'cos they're very tricky.
China, home to government sponsored thieves? (Score:5, Insightful)
This is important news. If China is stepping up it's state sponsored spying and digital theft, I want to know about it. It might be useful background info to know so that when the president decides to park a cruse missile on a building in China, you know some of the history that lead to this decision.
Re: (Score:2)
>This is important news.
I'm not criticizing the reporting. I'm criticizing the FBI for putting out blatantly manipulative, fear mongering press releases.
> If China is stepping up it's state sponsored spying and digital theft
They are. So is everyone else. That isn't new news.
>If you have no use for it
If they told us something we could take action on, like a way to distinguish these 'new' bad actors from anyone else, that would be news I could use.
>clearly you aren't a nerd
Yes clearly. I'll hand m
if they hacked Slashdot (Score:2)
they'd have the world's largest stock of bad tech puns, as well as all the troll stock they'd need to stultify the entire military machine. just think! -- unable to launch total world war because they can't decide on which desktop and which distro to send into the field!
Re: (Score:2)
No, not us... (Score:1)
Re: (Score:2)
Re: (Score:2)
Cultures are different. East is East, West is West.
Yes, but rational behavior transcends culture, does it not? What possible rational reason could an adult have for denying that which is patently obvious to anyone who cares to look?
Re: (Score:2)
Probably a feeling that such activities bring shame upon their people. Nothing like the USA [slashdot.org].
Re: (Score:1)
Have you heard the US government say: "Yes, we spy on the whole internet including American civilians, including government leaders of friendly nations. Yes, we know it's against our own laws. Yes, we also engage in economic espionage."? I guess I missed that statement from Obama. Of course any government would deny any uncovered secret operation.
Also, have you thought about the scenario, that the Chinese government is actually NOT involved in this? Have you considered that all these reports from all these
War? (Score:2)
Irony (Score:3, Insightful)
Yeah, how dare they trespass on the FBI's domain like that!
That's ok since... (Score:5, Insightful)
Since the US does not need any warrant to hack in a remote computer (out of US), why Chinese should not hack into US server without warrant or warning??
It's legal isn't it ?
Re: (Score:1)
That's one of the best reasons to curtail the spying and hacking as sponsored by the state. How can we tell the Chinese to cut it out if we do the same to them? The difference between our spying that isn't driven by corporate intellectual property theft and theirs that often is driven by that kind of theft is lost in the noise when you actually want to claim the moral high ground in trade talks. One guilty party will not have much luck shaming another.
Unit 61398 (Score:1)
we need a new NSA (Score:2)
The USA should have an agency (maybe call it the NSA+) that's tasked with helping companies shore up cyber defenses... Maybe even doing code reviews and penetration testing of common software to look for vulnerabilities. Instead we have an NSA that exploits vulnerabilities and creates new backdoors into software and networks with no real oversight or accountability
Re: (Score:2)
The USA should have an agency (maybe call it the NSA+) that's tasked with helping companies shore up cyber defenses... Maybe even doing code reviews and penetration testing of common software to look for vulnerabilities. Instead we have an NSA that exploits vulnerabilities and creates new backdoors into software and networks with no real oversight or accountability
While they merrily install backdoors in the systems of every business they, "help."
China just following "The Art of War" (Score:5, Interesting)
Sun Tzu said "I would rather have one good spy than 10,000 soldiers."
Sabu switched employers? (Score:2)
Wow, now that's news. Did the Chinese give him a signing bonus too?
A Way Out (Score:3)
Re: (Score:2)
Consider the size of US debts to China. Consider that we could seize and keep Chinese assets for the crime of cyber espionage. Or as an alternative we could try a hack that destroys the economic system of China. Maybe China needs a formal warning that we make make them howl, gnash their teeth and cast them into darkness for eternity.
IMHO wrecking the Chinese economy would have significant negative impact on our own.
Re: (Score:2)
More to fear from the FBI than the chinese (Score:1)
FBI Doesn't plant evidence (Score:3)
The chinese might break into your secure email server, but they won't plant child porn on it in an attempt to incriminate you. The FBI, on the other hand..
Citation needed. Most FBI & Justice types I've met would not do that kind of thing. People who are into law enforcement have political agendas, yes, but there's a big red line between acting on a political agenda and outright felony criminal behavior.
Sure, the FBI will sometimes publicly support things which hurt as a society because it makes it easier for them to do their jobs (e.g. fighting encryption), and they do a lot of entrapment of people who go along with whatever crime they set up (in most d
FBI planted child porn (Score:1)
http://arstechnica.com/tech-policy/2013/09/fbi-admits-what-we-all-suspected-it-compromised-freedom-hostings-tor-servers/
The FBI had compromised this guy's servers for months, and then viola, there's child porn on there. The fact that the dudes you know from the business seem like right ol' chaps is no reflection on the nature of the FBI or its sordid, filthy history.
You realize the FBI is constantly arming and training wannabe terrorists to the brink of action, right? ht [occupywallst.org]
Re: (Score:2)
and they do a lot of entrapment of people who go along with whatever crime they set up (in most domestic terrorism cases you hear about the FBI is the one selling the arms to the "terrorists").
But at the end of the day, they're generally law enforcement guys interested in arresting people who violate the law, not in pretending innocent people have violated the law.
There is quite a bit of contradiction in those lines, and the former of them is the very reason the grandparent finds the FBI more threatening.
Re: (Score:2)
and they do a lot of entrapment of people who go along with whatever crime they set up (in most domestic terrorism cases you hear about the FBI is the one selling the arms to the "terrorists").
But at the end of the day, they're generally law enforcement guys interested in arresting people who violate the law, not in pretending innocent people have violated the law.
There is quite a bit of contradiction in those lines, and the former of them is the very reason the grandparent finds the FBI more threatening.
Not at all. They entrap people, yes, but they only arrest people who actually commit the crime. Sometimes it's a pretty terrible thing to do, sometimes it isn't, but either way, it's arresting people who committed the crime.
Re: (Score:1)
Bullshit (Score:2)
I'm more concerned about NSA (Score:1)
I'm more concerned about NSA/FBI and police hacking than I am Chinese hackers.
Jokes on them! (Score:2)
I work for a Chinese company. So should I just think of these hackers as automatic cloud storage?
FBI no encryption will really help this (Score:1)
No more hacking, nothing to hide, everything is free, no more locks on any sort of data, what an epic success!
Things everyone can do (Score:1)
In your firewall:
1. Whitelist destination IPs for destination port 53, workflow denials adding IPs that have reverse DNS entries. (e.g. don't allow access to fly-by night DNS servers)
2. Whitelist source IPs for destination port 53. (E.g. do not allow alternate DNS servers to be used inside your org)
Have your org's DNS servers point to OpenDNS or GoogleDNS -- they do a good job of filtering out the rifraf
Windows users need only worry .. (Score:1)
Nothing to read here, moving on
Darwin (Score:1)
I'm getting confused here. (Score:1)
Encryption bad;
http://yro-beta.slashdot.org/story/14/10/16/1915216/fbi-director-continues-his-campaign-against-encryption
Hackers Bad;
Ripping off data as per this story.
Does not encryption foil hackers? Then it's good unless it stops the FBI, then it's bad.
This good/Bad thing about who gets to steal your data is pretty confusing.
Chinese bad, FBI good?