<<< Date Index >>>     <<< Thread Index >>>

[IP] more on Chinese hackers





-------- Original Message --------
Subject:        RE: [IP] Chinese hackers
Date:   Sat, 26 Nov 2005 17:00:00 -0500
From:   Marc <marcaniballi@xxxxxxxxxxx>
To:     dave@xxxxxxxxxx
CC:     'Robert J. Wilson' <wilsonrj@xxxxxxxxx>



Hi Bob;

Without dusting off my old guides and manuals, I would like to address your
query;

First; I wouldn't be too quick to assume that these "thefts" were of
anything important OR secret: Important sounding (to laymen) and obscure
maybe - But nothing, I suspect, that will cause a shift in the balance of
power. But it sure makes you want to vote for tougher security measures,
doesn't it?

Second; There is no such thing as a fully secure AND useful computer system
- you can have one or the other, not both. Security experts/consultants get
hired to help clients determine where to put the slider on that scale -
closer to secure or useful? As everyone knows, there is no lock made that
cannot be picked. If man made it, man can hack it. So whether these folks
put their systems on the Internet (with good security and DMZ etc) or on a
private leased line network (hugely expensive) they are in effect JUST AS
VULNERABLE. A motivated attacker will find a way in, sooner or later. With
enough research and effort, they may even know exactly where to go and what
to look for. This little "Chinese" episode smacks of republican mindf***
media (IMHO). The way the report reads, these kids found a hole, and (having
already tried to hack many US sites) went a tried the hack on all the sites
they knew.
I think a better question might be; "If this is actually in the media - what
AREN'T we hearing about?" Or; "Who's REALLY the bad boy on the block; some
ugly totalitarian police state regime, or some country outside of America?"
(TIC)

Marc

-----Original Message-----
From: Dave Farber [mailto:dave@xxxxxxxxxx] Sent: Friday, November 25, 2005 9:25 AM
To: ip@xxxxxxxxxxxxxx
Subject: [IP] Chinese hackers



-------- Original Message --------
Subject:        RE: [IP] Chinese hackers
Date:   Fri, 25 Nov 2005 09:21:45 -0500
From:   Robert J. Wilson <wilsonrj@xxxxxxxxx>
To:     dave@xxxxxxxxxx



Can someone explain to me why the people in charge of such important secrets
allow them to be accessed from the Internet in the first place?   One would
have thought that if these things were so important that the last thing that
would be allowed would be a physical connection to a computer accessible
from the Internet.


Bob Wilson

-----Original Message-----
From: Dave Farber [mailto:dave@xxxxxxxxxx]
Sent: Friday, 2005-November-25 08:56
To: ip@xxxxxxxxxxxxxx
Subject: [IP] Chinese hackers




-------- Original Message --------
Subject:        Chinese hackers
Date:   Fri, 25 Nov 2005 04:40:36 -0500 (EST)
From:   Lynn <lynn@xxxxxxxxxxx>
To:     dave@xxxxxxxxxx



http://software.silicon.com/security/0,39024655,39154524,00.htm

Chinese hackers breach US military defences
Uncle Sam hacks back in counter attack...

By Tom Espiner

Published: Thursday 24 November 2005

Security experts have revealed tantalising details about a group of
Chinese hackers who are suspected of launching intelligence gathering
attacks against the US government.

The hackers, who are believed to be based in the Chinese province of
Guangdong, are thought to have stolen US military secrets, including
aviation specifications and flight-planning software.

The US government has coined the term 'Titan Rain' to describe the hackers.

Alan Paller, director of the SANS Institute, said: "From the Redstone
Arsenal, home to the Army Aviation and Missile Command, the attackers
grabbed specs for the aviation mission-planning system for Army
helicopters, as well as Falconview 3.2, the flight-planning software used
by the Army and Air Force."

The team is thought to consist of 20 hackers. Paller claimed the Chinese
government was the most likely recipient of the information they
intercepted.

He told an event at the Department of Trade and Industry on Tuesday: "Of
course it's the government. Governments will pay anything for control of
other governments' computers. All governments will pay anything. It's so
much better than tapping a phone."

Titan Rain first came to public attention this summer, when the Washington
Post reported that websites in China were being used to target computer
networks in the Defense Department and other US agencies.

Time later reported that Titan Rain had been counter-hacked by a US
security expert called Shawn Carpenter.

The attacks, which are ongoing, were particularly effective on the night
of 1 November, 2004, said Paller, who outlined how the hackers first
scanned then broke into US government computers.

At 22:23(PST) the Titan Rain hackers exploited vulnerabilities at the US
Army Information Systems Engineering Command at Fort Huachuca, Arizona. A
few hours later, at 01:19(PST), they exploited the same hole in computers
at the Defense Information Systems Agency in Arlington, Virginia.

By 03:25(PST) they had hit the Naval Ocean Systems Center, a Defense
Department installation in San Diego, California. Then at 04:46(PST) they
struck again - this time at the United States Army Space and Strategic
Defense installation in Huntsville, Alabama.

The UK is also under intelligence-gathering cyber attack from the far
east, according to the National Infrastructure Security Co-ordination
Centre (NISCC). The government body cannot name the countries concerned as
this may "ruin diplomatic efforts to halt the attacks", NISCC director
Roger Cummings said on Tuesday.

Tom Espiner writes for ZDNet UK



-------------------------------------
You are subscribed as wilsonrj@xxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/




-------------------------------------
You are subscribed as marcaniballi@xxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/


-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/