PDA

View Full Version : Reports Of Cyberattacks That Likely Originated In China


Richard
08-03-2011, 08:58
One thing about those ChiCom MFers...they're a tenacious lot.

And so it goes...

Richard :munchin

Reports Of Cberattacks That Likely Originated In China
WaPo, 4 Aug 2011

From government agencies to international organizations and firms, a variety of entities have been victims of cyberattacks that analysts say originated in China.

Leading computer security firm McAfee has traced the hacking of more than 70 corporations and organizations over many months. Among the organizations involved was the International Olympic Committee.

The United Nations was another target of the cyberattacks discovered by McAfee.

The report also identified a U.S. Energy Department lab as another cyberattack victim. McAfee dubbed the intrusions "Operation Shady RAT," with the acronym standing for "remote access tool."

The Associated Press's New York and Hong Kong offices were also among the targets. Unsuspecting reporters working on China issues clicked on infected links in e-mail, the experts said.

Some of the intrusions — such as one into the World Anti-Doping Agency in Montreal — are continuing, McAfee's vice president of threat research said.

Google's accusation that its e-mail accounts were hacked from China landed like a bombshell because it cast light on a problem few companies will discuss: the threat from China-based cyberattacks.

http://www.washingtonpost.com/business/economy/reports-of-cyberattacks-that-likely-originated-in-china/2011/08/03/gIQAwtjorI_gallery.html#photo=1

Dusty
08-03-2011, 09:39
http://www.bloomberg.com/news/2011-08-03/china-s-zhou-to-monitor-u-s-debt-as-xinhua-sees-bomb-yet-to-be-defused.html

The People's Bank of China Governor Zhou Xiaochuan Andrew China, the largest foreign investor in U.S. government securities, joined Russia in criticizing American policy makers for failing to ensure borrowing is reined in after a stopgap deal to raise the nation’s debt limit.

People’s Bank of China Governor Zhou Xiaochuan said China’s central bank will monitor U.S. efforts to tackle its debt, and state-run Xinhua News Agency blasted what it called the “madcap” brinksmanship of American lawmakers. Russian Prime Minister Vladimir Putin said two days ago that the U.S. is in a way “leeching on the world economy.”

The comments reflect concern that the U.S. may lose its AAA sovereign rating after President Barack Obama and Congress put off decisions on spending cuts and tax increases to assure enactment of a boost in borrowing authority. China and Russia, holding a total $1.28 trillion of Treasuries, have lost nothing so far in the wake of a rally in the securities this year.

“It’s probably frustration more than anything else for China,” said Brian Jackson, a senior strategist at Royal Bank of Canada in Hong Kong. While the nation has concerns, “they realize there’s not a lot of options for them out there and so they need to keep buying Treasuries.”

China held $1.16 trillion of Treasuries as of May, U.S. Treasury Department data show. The nation has accumulated the holdings as a by-product of holding down the value of its currency, a policy U.S. officials have said gives China an unfair advantage in trade.

Treasuries Gain
Expressions of concern about the fiscal health of the U.S. and the impasse among lawmakers have failed to dent global demand for the securities, with yields on 10-year notes declining to the lowest levels since November. Two-year yields fell to a record low in Tokyo trading today.

Investors in Treasuries earned 3.12 percent in the three months ending July 31, based on Bank of America Merrill Lynch data. That means a $10 million holding earned $312,000 in the period.

China’s central bank welcomes this week’s legislation that raised the U.S. debt limit, preventing a default, and will “closely observe” the implementation, Zhou said in a statement on the central bank’s website today. Xinhua said the move “failed to defuse Washington’s debt bomb for good,” in a commentary dated yesterday.

Standard & Poor’s indicated last week that anything less than $4 trillion in deficit cuts would jeopardize its AAA rating for the U.S. The measure enacted by Obama yesterday threatens automatic spending cuts to enforce $2.4 trillion in spending reductions over the next 10 years.

‘First Step’
Obama said yesterday the debt measure was a “first step” on a path that must also include increasing revenue. The $14.3 trillion debt ceiling will be raised by at least $2.1 trillion.

“They are living beyond their means and transferring part of the problems onto the world economy,” Putin told a youth camp at Lake Seliger outside Moscow Aug. 1. “In a way, they are leeching on the world economy.”

Moody’s Investors Service and Fitch Ratings say their AAA credit ratings for the U.S. may be downgraded if lawmakers fail to enact deficit-reduction measures and the economy weakens. China’s Dagong Global Credit Rating Co. today cut its grade for the U.S. to A from A+ with a negative outlook.

“China hopes the U.S. administration and the Congress would take responsible policy measures to handle its debt issue,” Zhou said. He highlighted the global role of U.S. Treasuries, saying that any “large fluctuations and uncertainties” in the market for the securities would undermine financial stability and hinder the world economic recovery.

‘Madcap Farce’
The Xinhua commentary said that the higher debt ceiling and plans to reduce spending were not enough to make any sizable dent in the nation’s fiscal burden. It referred to a “madcap farce of brinksmanship” before the agreement was reached.

A previous Xinhua commentary on clashes between Republicans and Democrats said that “the ugliest part of the saga is that the well-being of many other countries is also in the impact zone when the donkey and the elephant fight,” referring to the symbols often used for the Democratic and Republican parties.

Obama signed the debt-limit compromise yesterday. The measure raises the ceiling until 2013.

In his statement, Zhou also commented on China’s foreign- exchange reserves, which are the world’s largest at more than $3 trillion.

The Asian nation will continue to “seek diversification in the management of reserve assets, strengthen risk management, and minimize the negative impacts of the fluctuations in the international financial market on the Chinese economy,” Zhou said. China will also take “effective measures to maintain relatively rapid growth to safeguard economic and financial stability,” he added.

Richard
08-03-2011, 09:54
Yep - they're also experts at propaganda - maybe some reporter should ask them why the Chinese people do not trust their banking system and prefer western banks. ;)

Richard :munchin

BOfH
08-03-2011, 11:04
Yawn...they have been doing this for some time now, I know several people in the industry who block all of China's allocated IP space at their firewall/border router, which helps deal with attacks originating from their IP space. Given the fact that they can and do monitor all traffic originating within the country, the Chinese government is just as complicit, whether they are directly sponsoring the college kids doing the deed, or passively letting some script kiddie thrill hack the State Dept. You want to play big brother, then you get all the responsibility that goes with it.

On that note: China is notorious for blocking VoIP, and my previous employer, enamored with the cost savings that VoIP brought to the table when communicating with a branch office in China, went all out to make it work. For some time, I played whack-a-mole with China's Great Firewall, proxy'ing the VoIP traffic via a personal server over different ports, staying one step ahead, until I got tired of the "it doesn't work anymore" calls at crazy hours. The next step was considering a VPN between the two offices, given that China doesn't block VPN traffic outright(they can't or American businesses wouldn't be able to function there, and there goes their economy), this was a viable option. A quick call to the BXA confirmed that I could send(export) a VPN capable firewall with strong encryption to China for business use, the remaining question was, would the Chinese allow it? A call to the Chinese consulate resulted in a form requesting our VPN encryption keys(for the uninitiated, these are the family jewels of secure communication), and that was the end of that idea. So much for the cost of doing business in China...

And now that I am way OT, Ill end here :munchin

BOfH
08-04-2011, 10:32
http://www.networkworld.com/news/2011/080311-mcafee-hackers-compromised-72-organizations.html

kgoerz
08-04-2011, 15:31
I just hope we are Fuc&#ng with them in the same way. They are very overrated in my book. I hope most of our work go's into starting an uprising over there.
They released footage from The Top Gun Movie. To try and trick the world that it was footage of their new Fighter Jet. I mean COME ON!

tonyz
08-04-2011, 15:41
They are very overrated in my book. They released footage from The Top Gun Movie. To try and trick the world that it was footage of their new Fighter Jet. I mean COME ON!

Tom Cluse numba 10 !

BOfH
08-04-2011, 15:44
Perception is 9/10 of reality, combine with modern sheeple, sprinkle liberally with liberal MSM, shake with a good crisis until evenly coated; and there you have it, the last %10.

badshot
08-04-2011, 22:25
I know several people in the industry who block all of China's allocated IP space at their firewall/border router, which helps deal with attacks originating from their IP space.
passively letting some script kiddie thrill hack the State Dept. You want to play big brother, then you get all the responsibility that goes with it.


Add another to the list (Netherlands too) who blocks/drops countries...Er um that also includes 10.x.x.x 192.168.x.x etc. cause they like spoofing those too.
Lets not forget good IPS signatures. Most of the time just to save bandwidth and firewall cpu cycles.

Certain OS's and configurations as well as programmers/languages make this more of an issue by the way. The later is generally a result of the language protecting the programmer from the OS or forcing them to build stuff in a modular fashion, resulting in the buffers, stacks, and/or heaps being exploited.
Included here is the sheep syndrome...lets all use the same stuff!

Then there is the popular piggyback method from users home computers into the protected ones.

Makes you wonder what idiot is responsible for the firewalls at Uncle Sam or enforcing guidelines in relation to VPN and other such tunneling from home. Hardware keys are useless if you've caught an STD (or CTD?), use the same IP, to name only a couple.

Its just been happening since the 90's guys...did I say idiots!

China thanks you for the new Stealth Technology they have...

K, I'll go have a beer now.

BOfH
08-04-2011, 23:19
Add another to the list (Netherlands too) who blocks/drops countries...Er um that also includes 10.x.x.x 192.168.x.x etc. cause they like spoofing those too.
Lets not forget good IPS signatures. Most of the time just to save bandwidth and firewall cpu cycles.


Ditto. To nitpick, a static packet filtering router at the border is faster/more efficient for the task than a firewall/IPS as most routers implement layer 3 in hardware(ASIC) whereas firewalls and IDS/IPS appliances implement it in software.


Certain OS's and configurations as well as programmers/languages make this more of an issue by the way. The later is generally a result of the language protecting the programmer from the OS or forcing them to build stuff in a modular fashion, resulting in the buffers, stacks, and/or heaps being exploited.
Included here is the sheep syndrome...lets all use the same stuff!


Sadly, politics and philosophy made it into the "infallible" computer. The (primary) two lines of thinking were, a) the programmer is responsible for writing good code(which is true), hence why implement any bounds checking or "idiot-proof" functions. or b) people are sheep, will write bad code, so while we will tell everyone not to rely on safe/catch-all functionality, we will silently improve it to the point that they can mitigate %95 of the threats to it(Microsofts Request filter in .NET is an execellent example of this).


Then there is the popular piggyback method from users home computers into the protected ones.

Makes you wonder what idiot is responsible for the firewalls at Uncle Sam or enforcing guidelines in relation to VPN and other such tunneling from home. Hardware keys are useless if you've caught an STD (or CTD?), use the same IP, to name only a couple.

Its just been happening since the 90's guys...did I say idiots!

China thanks you for the new Stealth Technology they have...

K, I'll go have a beer now.

Securing remote access = securing the human, a.k.a layer 8. Just remember that outside the world of NOR/NAND gates...1+1=3....

badshot
08-05-2011, 00:06
To nitpick

Yes...? Ahh, but what's in those little square thingly's ... Elk Steaks!? Cheese Burgers!

The beer was great by the way.

I prefer to comment generally on such subjects for obvious reasons.

BOfH
08-05-2011, 08:31
Yes...? Ahh, but what's in those little square thingly's ... Elk Steaks!? Cheese Burgers!


Depends, some have some serious beef :p


The beer was great by the way.


I usually stick with scotch as beer is known to assist OpFor in the "Battle of the Bulge", I wonder how it got that rap? :D


I prefer to comment generally on such subjects for obvious reasons.

This is what happens when you do this **** all day, every day. You think everyone around you talks the same language; And my wife thinks I'm crazy for wanting a career change. Maybe I'll go into construction...:munchin