Subject: [IP] more on Chinese hackers
-------- Original Message -------- Subject: RE: [IP] Chinese hackers Date: Fri, 25 Nov 2005 21:19:05 -0500 From: Bob Frankston <Bob2email@example.com> To: firstname.lastname@example.org, email@example.com CC: 'Robert J. Wilson' <firstname.lastname@example.org>
"From the Internet" is an interesting phrase since the Internet is not a place. The alternative would be to have an infrastructure that is completely disconnected from the rest of the world and that might even be more problematic. For that matter one doesn't need a "physical" connection to be exposed.
Admittedly we are still in a learning phrase and it is wise to be cautious and use protocols that default to rejecting requests and assure that all traffic is encrypted.
But that for that to really work it should be the norm for the marketplace -- trying to create a special regimen for the military is increasingly problematic as we see Moore's law improvements outside the military. Instead we find ourselves working at cross-purposes with encryption discouraged in the civilian marketplace and thus it remains too awkward to use by normal users or trained experts.
It is better to have these learning experiences than live in a naïve cocoon never developing defenses. The term "learning experience" isn't just a euphemism.
-----Original Message----- From: Dave Farber [mailto:email@example.com] Sent: Friday, November 25, 2005 09:25 To: firstname.lastname@example.org Subject: [IP] Chinese hackers
-------- Original Message -------- Subject: RE: [IP] Chinese hackers Date: Fri, 25 Nov 2005 09:21:45 -0500 From: Robert J. Wilson <email@example.com> To: firstname.lastname@example.org
Can someone explain to me why the people in charge of such important secrets allow them to be accessed from the Internet in the first place? One would have thought that if these things were so important that the last thing that would be allowed would be a physical connection to a computer accessible from the Internet.
-----Original Message----- From: Dave Farber [mailto:email@example.com] Sent: Friday, 2005-November-25 08:56 To: firstname.lastname@example.org Subject: [IP] Chinese hackers
Chinese hackers breach US military defences Uncle Sam hacks back in counter attack...
By Tom Espiner
Published: Thursday 24 November 2005
Security experts have revealed tantalising details about a group of Chinese hackers who are suspected of launching intelligence gathering attacks against the US government.
The hackers, who are believed to be based in the Chinese province of Guangdong, are thought to have stolen US military secrets, including aviation specifications and flight-planning software.
The US government has coined the term 'Titan Rain' to describe the hackers.
Alan Paller, director of the SANS Institute, said: "From the Redstone Arsenal, home to the Army Aviation and Missile Command, the attackers grabbed specs for the aviation mission-planning system for Army helicopters, as well as Falconview 3.2, the flight-planning software used by the Army and Air Force."
The team is thought to consist of 20 hackers. Paller claimed the Chinese government was the most likely recipient of the information they intercepted.
He told an event at the Department of Trade and Industry on Tuesday: "Of course it's the government. Governments will pay anything for control of other governments' computers. All governments will pay anything. It's so much better than tapping a phone."
Titan Rain first came to public attention this summer, when the Washington Post reported that websites in China were being used to target computer networks in the Defense Department and other US agencies.
Time later reported that Titan Rain had been counter-hacked by a US security expert called Shawn Carpenter.
The attacks, which are ongoing, were particularly effective on the night of 1 November, 2004, said Paller, who outlined how the hackers first scanned then broke into US government computers.
At 22:23(PST) the Titan Rain hackers exploited vulnerabilities at the US Army Information Systems Engineering Command at Fort Huachuca, Arizona. A few hours later, at 01:19(PST), they exploited the same hole in computers at the Defense Information Systems Agency in Arlington, Virginia.
By 03:25(PST) they had hit the Naval Ocean Systems Center, a Defense Department installation in San Diego, California. Then at 04:46(PST) they struck again - this time at the United States Army Space and Strategic Defense installation in Huntsville, Alabama.
The UK is also under intelligence-gathering cyber attack from the far east, according to the National Infrastructure Security Co-ordination Centre (NISCC). The government body cannot name the countries concerned as this may "ruin diplomatic efforts to halt the attacks", NISCC director Roger Cummings said on Tuesday.
Tom Espiner writes for ZDNet UK
------------------------------------- You are subscribed as email@example.com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/
Powered by eList eXpress LLC