CNN is running a story on Chinese hackers who openly boast about pwning pentagon and other DoD computers, with financial compensation from the Chinese government. From the article:
They operate from a bare apartment on a Chinese island. They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world’s most sensitive sites, including the Pentagon.
The leader of these Chinese hackers says there “is always a weakness” on networks that allows cyber break-ins. In fact, they say they are sometimes paid secretly by the Chinese government — a claim the Beijing government denies.
“No Web site is one hundred percent safe. There are Web sites with high-level security, but there is always a weakness,” says Xiao Chen, the leader of this group.
I’m glad China’s finally being called out for their state sponsored network attacks by the individuals responsible, but I think the article is giving these guys way too much credit. From what I’ve seen so far with these guys isn’t anything really impressive. A few of them are really clever and highly intelligent guys always trying to find a way to get in and remain undetected, but the majority of them are just spammers. Unfortunately in the DoD, our biggest problem is still uneducated users who are way too eager to open file attachments or click on links that take them to drive-by downloads. When a hacker from any country wants to try and break in to a .mil or .gov network, they just start spamming related e-mail addresses with links to sites that attempt to exploit unpatched versions of Internet Explorer, or send attachments that take advantage of 0-day or newly discovered MS Office vulnerabilities.
The reason why Chinese hackers have it a little easier, than say a hacker in the US, is because they operate with full immunity from the Chinese government. As long as they don’t hack networks residing in the country, they’re free to break in to computers anywhere else. This also makes it difficult for US investigators who get stonewalled when they discover the source to be from China. I think if the US took the same stance, and gave US hackers the same immunity, they would have a field day with China. I actually wonder sometimes how the US government would react to network attacks against China. Would they ignore you, commend you, or prosecute you?
We have a full of range of tools that can mitigate many network attacks, but admins and security managers, who get paid the same as the resident janitor, aren’t always as proactive as they should be. Some simple things like disabling HTML e-mail, implementing better mail filtering, properly configuring and routine monitoring of IDS systems, periodically updated ACLs denying known malicious hosts, and most importantly, widespread use of DoD PKI when using e-mail, are all steps that could greatly lower the risk of being compromised.
Comments 3
That would be interesting to say the least, giving hackers a blank check when it comes to other countries, but I do see a problem with that.
Russia, for example, completely shut down Estonia from any communications and bank transactions all because Russia didn’t like it when they tore down a Soviet statue.
So my thought is this: How would the world react to such a thing? Cause frankly, I like the idea of using my cell phone, internet, and ATM’s.
Posted 10 Mar 2008 at 9:50 pm ¶I tend to agree as would any IT reading that. Most Chi-hackers think its a win if they manage to hack a user account on the NIPR. WHOO peee. ha! Hack the SIPR from outside the domain (meaning not paying someone to betray their country by letting you in the backdoor of the building.) decrypt the (*&^%$) encryption systems used point to point. Then you might have something to brag about. Fact is, there’s nothing of any intrinsic value on the NIPR. Whereas a mediocre hacker in the US could hack the shit out of those chinese hackers own workstations. Now thats brag! Think about it. If the chinese know UNIX, CISCO, and Microsoft systems, then who do you REALLY, REALLY knows these sytems? Whos had access longer. I read in CNN today that the Chinese are adding viruses to electronic products they sell to the US in the hopes that when they are hooked up (IE…USB to computer) they can do their nasty business. OH what a brag that is for the SUPER POWER China….see we hacked little Jimmy’s computer! A 10 year old in Chicago.
In this day and age with the bombardment of info we have availible about hacking and hackers, anybody stupid enough to keep senssitive info (data) on their UN-protected computer deserves to get hacked. Why CNN still makes a big deal out of shows how little the know about GOV systems.
Posted 14 Mar 2008 at 1:51 am ¶Apparently they’re on the prowl this week!
Posted 31 Mar 2008 at 2:46 pm ¶Post a Comment
Feel free to use formatting, such as <strong></strong> for bold text and <blockquote></blockquote> for quoting text.