Do you have adblock enabled?
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Mother Jones)   Just how screwed are we from Chinese cyberwarfare? Well, here it is Explai______***CARRIER LOST***   (motherjones.com) divider line 62
    More: Interesting, Chinese, opinion leaders, cyberwarfare, military secret, Wen Jiabao, chinese premier  
•       •       •

2604 clicks; posted to Politics » on 21 Feb 2013 at 2:59 PM (2 years ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



62 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread

First | « | 1 | 2 | » | Last | Show all
 
2013-02-21 01:24:18 PM  
Interesting that the largest 2 initiators of cyber-warfare attacks are China and Best Korea...  and when I say "interesting," I mean YOU DON'T SAY?
 
2013-02-21 01:28:20 PM  
Hey look at this virus.   viruslink.exe
-Jim

*That's* how they're getting in?  They actually download those phish emails and ask the hackers for verification?

I'll bet those "FWD: FWD: YOU WON'T BELIEVE HOW STUPID OBAMA IS!  LOL!!!1!" and their recipients are also part of that problem.
 
2013-02-21 02:57:25 PM  
I think we need to look to the Japanese for the answers on this one.

media.animevice.com

Of course, in that Universe, America is portrayed under two factions - one is a fascistic empire encompassing Canada and parts of South America, the other is a vassal state of the resurrected Soviet Union.

/Are you kidding me? Section 9 literally invented dirty tricks in information warfare.
 
2013-02-21 03:05:11 PM  

Makh: Hey look at this virus.   viruslink.exe
-Jim

*That's* how they're getting in?  They actually download those phish emails and ask the hackers for verification?

I'll bet those "FWD: FWD: YOU WON'T BELIEVE HOW STUPID OBAMA IS!  LOL!!!1!" and their recipients are also part of that problem.


Yes.
And yes.

Well they're getting a little more complex than that. They'll get an email address that is similar to someone in the company and send a mail like "Hey Makh this is UnlikeIy over in IT. (note that my L's are actually capital i) I had a message from Drew show up talking about you, I think it's something you ought to see. I don't want to be a doomy gloomy type but... Anyway I'm not even sure it's any of my business. If you want to see it, drop me a note and I'll send it over, though."
And then when they finally get someone to nibble, they reply "okay, yeah. You decide what to do with it. The password on the file is MaKh" (attachment Makh.doc) and then when you open it macros in the .doc screw with your machine.

But it's essentially the same.
 
2013-02-21 03:06:01 PM  

BronyMedic: Of course, in that Universe, America is portrayed under two factions - one is a fascistic empire encompassing Canada and parts of South America, the other is a vassal state of the resurrected Soviet Union.


Three factions, there's a small portion of the West and Northeast that is antonymous from the Empire and the Russo-American alliance.
 
2013-02-21 03:06:02 PM  
Another one that has been happening, the attacker will put autorun software on a flash stick and then just leave the flash stick in the parking lot at the target company. Sooner or later, someone picks it up and slots it...
 
2013-02-21 03:07:55 PM  

PonceAlyosha: Three factions, there's a small portion of the West and Northeast that is antonymous from the Empire and the Russo-American alliance.


Thanks for correcting me on that. I thought I was a big fan of the series, but I guess not. :(

Still though, GITS and the Anime versions of it are probably one of the deepest, most interesting things ever to make it to TV and entertainment media.
 
2013-02-21 03:09:58 PM  
All this pant-pissing paranoia takes me back to the good ol' Y2K scare.
(I'm building a bomb-shelter just for the retros lulz - honest!)
 
2013-02-21 03:10:42 PM  
the amazing thing to me is that anyone thinks this is news. I remember getting training when we opened our first center in china about how their government was trying to steal my companies IP and undercut us 4 years ago. of course, since we made a bunch of short term money still opening that office, we went ahead and did it anyway because by the time they get off the ground those execs will no doubt be retired to the caymans.
 
2013-02-21 03:11:59 PM  

unlikely: Another one that has been happening, the attacker will put autorun software on a flash stick and then just leave the flash stick in the parking lot at the target company. Sooner or later, someone picks it up and slots it...


Oh man that's so sad it's funny, please tell me you made that up.
 
2013-02-21 03:14:03 PM  

oldfarthenry: All this pant-pissing paranoia takes me back to the good ol' Y2K scare.
(I'm building a bomb-shelter just for the retros lulz - honest!)


The problem is that as humans become more interconnected and dependent on advanced information systems susceptible to attack and manipulation, and as the interface between man and machine becomes more blurred (we're already in the age of crude cybernetics), information warfare becomes far, far more devastating than it once was.

Humanity is going to reach a point of technological evolution where electronic warfare is going to be just as devastating to first world nations as if a nuclear bomb went off in one of it's cities - especially when those machines become a part of humanity rather than a tool humans use. Think about where we are now: We're implanting artificial organs which can be diagnostically accessed and their functions changed wirelessly. We're using chips which grant sight and hearing. Things like Google Glass are bringing augmented reality to be a realistic and affordable modality.
 
2013-02-21 03:15:04 PM  

neversubmit: Oh man that's so sad it's funny, please tell me you made that up


No, he's not. It's postulated that it's the way that Stuxnet infected the computers and industrial process controllers at Iran's nuclear facilities, and it's a common tactic for Information Warfare.
 
2013-02-21 03:18:14 PM  

BronyMedic: PonceAlyosha: Three factions, there's a small portion of the West and Northeast that is antonymous from the Empire and the Russo-American alliance.

Thanks for correcting me on that. I thought I was a big fan of the series, but I guess not. :(

Still though, GITS and the Anime versions of it are probably one of the deepest, most interesting things ever to make it to TV and entertainment media.


I am rewatching it right now, hence my ability to correct you off handedly. It's amazing how it seems much more modern now, almost a decade after it came out then it was back in the early years of the millennium.
 
2013-02-21 03:19:03 PM  
Ugh.  Can we please just start sharing this shiat with each other already.  Competition was great for the industrial revolution, the information revolution not so much.  We don't need to lie, cheat, steal and blow each other up anymore.  Just farking stop already.  We can feed the world twice over if we'd stop acting like chimpanzees (and not the awesome bonobo kind).
 
2013-02-21 03:19:07 PM  

neversubmit: Oh man that's so sad it's funny, please tell me you made that up.


they started talking about that a few years ago in the mandatory IT safety training i have to take every year, so its a pretty common fear
 
2013-02-21 03:19:34 PM  
This is a little silly:

www.motherjones.com
 
2013-02-21 03:20:36 PM  
Any analysis of the vectors? I'm guessing they weren't brute-forcing their way into (e.g.) the VA Benefits DB. If I had to guess, I'd suppose it was social engineering (like the phishing e-mail above) or people monkeying with computer settings.

If China is able to break through our STIGs, that's a much bigger problem than password "Guest".

// that is just babytown frolic
 
2013-02-21 03:21:45 PM  

Dr Dreidel: If China is able to break through our STIGs, that's a much bigger problem than password "Guest".


That's what we get for contracting ISIS to do cyber security.
 
2013-02-21 03:22:17 PM  

Tamater: This is a little silly:

[www.motherjones.com image 623x420]


Right, I want to know how many "Library of Congress" it was equal to.
 
2013-02-21 03:22:32 PM  
The New York Times  http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-ti ed-to-hacking-against-us.html?pagewanted=all&_r=0" target="_blank">vetted the story and concluded that a growing body of evidence "leaves little doubt" that these attacks are originating from a secret Chinese army base.

So bomb the damn thing already.
 
2013-02-21 03:23:38 PM  

PonceAlyosha: I am rewatching it right now, hence my ability to correct you off handedly. It's amazing how it seems much more modern now, almost a decade after it came out then it was back in the early years of the millennium.


I watched Solid State Society the other night, and I never realized that the Puppetmaster was actually the collective consciousness of all of [SPOILER REDACTED] which gained sentience on the net.

dehehn: Ugh.  Can we please just start sharing this shiat with each other already.  Competition was great for the industrial revolution, the information revolution not so much.  We don't need to lie, cheat, steal and blow each other up anymore.  Just farking stop already.  We can feed the world twice over if we'd stop acting like chimpanzees (and not the awesome bonobo kind).


What you're describing, namely a single, universal global society, is something that humanity would never be able to accomplish at our current state of social and biological evolution. Even in fiction, one of the common themes uniting literary and movie universes which have this type of society is the occurance of a neigh-apocalyptic event, such as a meteor strike on earth, global war, pandemic, or alien invasion/attack which forced humanity to unite for survival.
 
2013-02-21 03:24:23 PM  

BronyMedic: I think we need to look to the Japanese for the answers on this one.

[media.animevice.com image 300x219]

Of course, in that Universe, America is portrayed under two factions - one is a fascistic empire encompassing Canada and parts of South America, the other is a vassal state of the resurrected Soviet Union.

/Are you kidding me? Section 9 literally invented dirty tricks in information warfare.



i doubt cartoons are the answer kid
 
2013-02-21 03:32:14 PM  

tbhouston: i doubt cartoons are the answer kid


I think you need to see an orthopedist, your funny bone might be broke.
 
2013-02-21 03:32:19 PM  
I think the GITS comments are interesting in that the anime is fairly precient in that it shows a possible outcome of exponentially expanding worlds of virtual data and how we as physical beings move through it.

Aside from that, this article is fear-mongering. True, we need to be wary of attacks. However, based on TFA, we as a nation know who, where, and why. That's an incredible transparency of attack that can be used to the advantage of the affected, presuming the attacked get wise to the method of entry and take steps to lower to rate of attack.
 
2013-02-21 03:49:07 PM  

unlikely: Makh: Hey look at this virus.   viruslink.exe
-Jim

*That's* how they're getting in?  They actually download those phish emails and ask the hackers for verification?

I'll bet those "FWD: FWD: YOU WON'T BELIEVE HOW STUPID OBAMA IS!  LOL!!!1!" and their recipients are also part of that problem.

Yes.
And yes.

Well they're getting a little more complex than that. They'll get an email address that is similar to someone in the company and send a mail like "Hey Makh this is UnlikeIy over in IT. (note that my L's are actually capital i) I had a message from Drew show up talking about you, I think it's something you ought to see. I don't want to be a doomy gloomy type but... Anyway I'm not even sure it's any of my business. If you want to see it, drop me a note and I'll send it over, though."
And then when they finally get someone to nibble, they reply "okay, yeah. You decide what to do with it. The password on the file is MaKh" (attachment Makh.doc) and then when you open it macros in the .doc screw with your machine.

But it's essentially the same.


The thing is: I refuse to believe that that is all China is capable of. I do believe that America is more capable of engaging in legitimate "cyberwarfare," but I don't believe for a second that China doesn't have similar abilities to the United States.
 
2013-02-21 03:54:37 PM  

ShawnDoc: Tamater: This is a little silly:

[www.motherjones.com image 623x420]

Right, I want to know how many "Library of Congress" it was equal to.


Weirdo. I wanted to know how many 8" floppies it was.
 
2013-02-21 03:56:43 PM  

efgeise: The thing is: I refuse to believe that that is all China is capable of. I do believe that America is more capable of engaging in legitimate "cyberwarfare," but I don't believe for a second that China doesn't have similar abilities to the United States.


No. But this is a very effective method.
 
2013-02-21 04:03:58 PM  

Makh: Hey look at this virus.   viruslink.exe
-Jim

*That's* how they're getting in?  They actually download those phish emails and ask the hackers for verification?

I'll bet those "FWD: FWD: YOU WON'T BELIEVE HOW STUPID OBAMA IS!  LOL!!!1!" and their recipients are also part of that problem.


That video was great, I think I have epillepsy now though
 
2013-02-21 04:05:32 PM  

unlikely: efgeise: The thing is: I refuse to believe that that is all China is capable of. I do believe that America is more capable of engaging in legitimate "cyberwarfare," but I don't believe for a second that China doesn't have similar abilities to the United States.

No. But this is a very effective method.


I guess that makes sense. Why do all the crazy cyberwarfare when "FWD:FWD:FWD OBAMA IS A SOCIALIST" is just as effective?
 
2013-02-21 04:12:03 PM  
What good is an aircraft carrier if the Chinese rule the internets?
 
2013-02-21 04:12:44 PM  

Dr Dreidel: Any analysis of the vectors? I'm guessing they weren't brute-forcing their way into (e.g.) the VA Benefits DB. If I had to guess, I'd suppose it was social engineering (like the phishing e-mail above) or people monkeying with computer settings.


they told us a story about how a security leak occured at our company. the hackers (who were in china) used FB to find out that a specific VP had a kid who played in a soccer league. They then found the schedule, picked a game that was happening during work hours and sent an email from a spoofed address that looked like it came from the city that ran the league claiming his child had been injured in the game and telling him to follow the link to get information on where the kid was being taken for treatment. When he clicked on it, it uploaded a worm into the system.

they also highlighted a more brute one where hackers sent a far simpler link to about 300 people. Only one person clicked on it, but it took weeks to completely clear the systems.
 
2013-02-21 04:20:05 PM  
A few years back, China rerouted U.S. .gov and .mil web traffic through their country. You would think this would be breaking news and cause a cybersecurity panic. You'd think that.
 
2013-02-21 04:22:32 PM  
Would there be an effective way to intentionally give the Chinese intentionally bad info/data? I'm reminded of the supposed 1982 Siberian pipeline sabotage. The Soviets also had a reputation of stealing Western technology, so the CIA (supposedly) worked with the maker of control system software to blow up the refinery once the Soviets had installed the stolen component.

I'm sure after one or two incidents like that, the Chinese would be a lot less enthusiastic about stealing other people's technology.
 
2013-02-21 04:30:49 PM  
It several other methods as well.

Currently spearphishing is very popular and very prevalent.  Once a crude list has been made, you stop targeting the organization as a whole.  You send send in well formatted messages to individuals that look like travel plans, budget document and other normal business stuff.  Bonus if your phishing attempts allow you to do this with an internal account.

But is all pretty much bullshiat anyway.  Companies will says they can are and biatch and moan, but will continue to treat security as a pain in the ass until a breach costs them personally real money.  Its seems the thought is that it is easier and cheaper to hide that you have been breached (excluding very public services) than to implement proper security.
 
2013-02-21 04:32:54 PM  

Zeno-25: Would there be an effective way to intentionally give the Chinese intentionally bad info/data? I'm reminded of the supposed 1982 Siberian pipeline sabotage. The Soviets also had a reputation of stealing Western technology, so the CIA (supposedly) worked with the maker of control system software to blow up the refinery once the Soviets had installed the stolen component.

I'm sure after one or two incidents like that, the Chinese would be a lot less enthusiastic about stealing other people's technology.


But the problem is more diffuse.  In the 80s, the best you could get out was maybe a few lines of code and some microfiche snap shots of pen and paper drawings.  Now a good hacker can connect to your Smart Plant database and download the farking 3D model of the plants, complete with piping diagrams, wiring loops and process controls.
 
2013-02-21 04:38:01 PM  
Something I have yet to see addressed, why is the us' apparent response to just beef up security and pretend nothing bad is happening?
 
2013-02-21 04:48:59 PM  

Dr. Goldshnoz: Something I have yet to see addressed, why is the us' apparent response to just beef up security and pretend nothing bad is happening?


I've worked for government agencies before where when the directive came from above to crack down on security it meant keep making exceptions for the folks making over pay scale 75, but crack down on everyone else.

/Yes, that's really how they do things.
 
2013-02-21 04:53:18 PM  

zarberg: Dr. Goldshnoz: Something I have yet to see addressed, why is the us' apparent response to just beef up security and pretend nothing bad is happening?

I've worked for government agencies before where when the directive came from above to crack down on security it meant keep making exceptions for the folks making over pay scale 75, but crack down on everyone else.

/Yes, that's really how they do things.


Sounds about right for the corporate world as well.  Betty who has extremely limited right to the pay database for her clerical duties should need to jump through hoops for 'security' to enter the pay data for 5 folks.  But Mr. Smith, CFO, who has access to literally every financial records needs to have his password restrictions eased up because its hard to remember long words and also take his phone off the security policy because putting a PIN to unlock the phone is hard.
 
2013-02-21 04:54:39 PM  
I really do wish Anonymous would aim their LOICs at China for a while. Be funny as hell to watch them lose their sh*t.
 
2013-02-21 04:56:24 PM  

neversubmit: unlikely: Another one that has been happening, the attacker will put autorun software on a flash stick and then just leave the flash stick in the parking lot at the target company. Sooner or later, someone picks it up and slots it...

Oh man that's so sad it's funny, please tell me you made that up.



Not at all. We've had to disable all ports and media on our companies computer.
 
2013-02-21 05:12:39 PM  

BronyMedic: tbhouston: i doubt cartoons are the answer kid

I think you need to see an orthopedist, your funny bone might be broke.


Iduno, he sure made ME laugh.

I saw gits in theatrical release, own manga and think highly of it, but its not the only prescient future cloak and dagger story out there. Matrix fans were worse though.
 
2013-02-21 06:03:37 PM  
This is why I only run my computers with Windows 95 and sp 2 installed. Hack through that ching chong biatches.
 
2013-02-21 06:13:05 PM  
The ironic(?) part is that we taught them how to do this.

Thanks, Harvard, MIT, and Stanford for accepting any commie with a wad of hard US dollahs.

(Went to MIT: registration was done alphabetically, and G-d help you if you we're in the "C," "W," or "Z," line).
 
2013-02-21 06:37:05 PM  
iPads full of data seems to be a really weird metric.
 
2013-02-21 06:44:24 PM  
and the NSA is... ?
 
2013-02-21 06:57:10 PM  
I just saw the "chart" of cyber intrusions.. which is perfectly like a chart of how many cockroaches you saw during the day in the kitchen. I'm just a little sure this is hypocritical as the one obvious solution - a national initiative to improve software security for every body (SELinux being not enough at all imho) but that would, of course, make the already in place cyber extraction in progress more difficult. It might look like a rock and a hard place to them, but the truth is you get what you serve when security is considered - you either consider it everyone's right to be secure in their own data (something the market will never do on it's own, making too much money from advertising (mostly) or you have holes. We have holes.
 
2013-02-21 07:24:37 PM  
images3.wikia.nocookie.net

"Laptop in hand"

"I can cripple their facilities"

"Batteries charged"

"Uplink cables ready"

"There's always a way in"

"No system is safe"
 
2013-02-21 07:37:40 PM  

Tamater: This is a little silly:

[www.motherjones.com image 623x420]


That's not the only thing. As I just posted over at MoJo:

"Has anyone questioned the authenticity of the Mandiant video above? I mean, the story says "Ooh! The Chinese are totally hacking us" and then suddenly we have a video where we are watching them do it, step by step?
In other words, because we've already hacked them right back?
Either the video is fake or this is just scare-mongering nonsense. We know they're doing it because we're doing it to them."

Wasn't Mandiant themselves the victim of a massive attack at the hands of Anonymous? Add to that the spurious video and the absolutely asinine way they measure data (the number of iPads worth of data stolen? Farking really?), I'm really not sure I give a shiat about this story at all. It's more like someone's poor viral marketing plan for a summer blockbuster, or just selling the brickheaded dipshiats at the Pentagon and NSA on some more useless software and consulting fees.
 
2013-02-21 08:45:53 PM  
This came out about a year ago, but it's worth a read, if you haven't already done so.

Richard Clarke on Who Was Behind the Stuxnet Attack
America's longtime counterterrorism czar warns that the cyberwars have already begun-and that we might be losing

http://www.smithsonianmag.com/history-archaeology/Richard-Clarke-on- Wh o-Was-Behind-the-Stuxnet-Attack.html?c=y&story=fullstory
 
2013-02-21 09:04:16 PM  
Oh good grief, we're doing the same thing to them, it just doesn't get in the news.
 
Displayed 50 of 62 comments

First | « | 1 | 2 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
Advertisement
On Twitter





In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report