Sources in Washington have indicated that the cyber attack last June which targeted the office of US Defence Secretary Robert Gates was conducted by the Chinese military. According to a report in the London Financial Times, "senior US officials" and "persons familiar with the event" have briefed that there is a “very high level …
Is this the same level of certainty
as the WMDs in Iraq?
Great track record...
I think they should start investing their money in better computer systems....instead of attaching lasers to the front of jumbo jets
Possibly the US military will consider using these password thingies that the rest of us (non US military tend to use) ?
very high level of confidence...trending towards total certainty
Would these be the same intelligence experts who swore blind that Iraq was crawling with WMD's? I would not trust them to tell me the time of day.
On the other hand I'd be very surprised if China or the Palestinians were not doing everything in their power to keep tabs on the US. It's not like their networks are hard to hack (see Gary McKinnon).
Sorry, misread PLA as PLO, my mistake. Really must wake up before posting :~
I wonder where the Chinese got the idea for this from?
Maybe they were just looking for proof of the existence of UFOs...
IPODs or Freedom?
Surely it is time to stop dealing with the Chinese, they want rid of the West and we want rid of them so why the kid glove responses to this act of war? Did America learn nothing with Hitler? Obviously not, .... after all America is late into every war but there is no-one to hold the fort for them now, it is kill or be killed. And the clock is ticking.
Don't worry Fred, I'm sure there's plenty of yanks who think the PLA are in bed with the PLO, just like they thought Saddam was in bed with Bin Laden (a ridiculous theory that Prez Bush and the absurd VP Cheney were happy to push).
After all, if you're not with them, you're against them...
IPODs or Freedom you speak like a neocon redkneck desperate for some kind of war to start to prove your manhood. Why don't you go back to pulling legs of spiders or something equally within your capability.
A better way...
instead of trying to find any old excuse to jump into a war, for example WMD or perhaps even a "very high level of confidence...trending towards total certainty" it may be better if the whole North American continent was disconnected; it would even help them with their online gambling grievances. It would certainly stop the spam I have to deal with coming from DoD IP addresses.
Re: IPODs or Freedom?
I couldn't agree more, these kind of breaches deserve an appropriate level of response.
Therefore: The next person who phishes my MySpace, expect to see a B52 over your house in the very near future. It is kill or be killed. The clock is ticking.
@ IPODs or Freedom?
Lets nuke the Chinese!! Kept the Japs quiet last time didnt it?
And while were at it lets nuke the Russians - we know what theyre up too now.
And the middle east - heck bomb them too.
French - theyre gone.
The welsh - they need seeing off.
Canadians they need sorting.
That guy next door to me - he has radio 3 on too loud after 9pm - hes gone (but can we keep his wife, she cute)
Personally - I'd like you to take youre them, us and ticking clock and shove it up your rs'
I'll get my coat
So the US military have a chink in their armour..................?
My coat's on:- I'm already leaving...
What are the odds?
Wouldn't be surprised either way...
CIA balls'd up Iraq intelligence, then again I don't trust China's government either.
P.S. I would see China's horrendous human rights abuses as reason enough to think twice about trading with them - regardless of whether they actually hacked anything or not.
According to Human Rights Watch, China is a world leader - in executions.
They could just take all the really *critical* systems offline where the internet is concerned, and/or place them on a dedicated network. Then there really wouldn't be much of a problem...
Unless (GASP!) that's that they've already done and this is just a ploy for funds?? Only a total idiot would place critical systems online, and anyone who's seen wargames will tell you why. It ain't rocket science.
When I worked on (UK gov) sensitive systems, it was a basic requirement that you had two networks - a blue network for classified material and a red one with Internet connectivity - with an air gap between them. E-mails discussing "where shall we have lunch?" went on the red network and the ones that read "we attack at dawn" went on the blue network.
This was all a few years ago, but I would hope that modern US military systems observe a similar distinction. Perhaps Lewis can tell us if this is still the case (or is the information classified)?
Over-react much? A simple hack is an "act of war"? Lets go to war with a nuclear power 'cos they "shut down Robert Gates's unclassified email"?
Please tell me you're posting anonymously 'cos you're trolling for kicks. I would have assumed that no-one could be this stupid, until I started suspecting that Webster Phreaky is actually serious.
"We'll need a whole bunch of expensive stuff"
I love that tagline!!!!
It'll be some 14 year old in his bedroom in Texas...
It's just that he's quite good at covering his tracks. The NSA think's he's in China. Nice one kid
If a system isn't connected to the net AT ALL, it is a lot harder to hack...
Any excuse to rattle the sabre...
I bet its just some incompetent user clicking on an email link or attachment downloading a Trojan...
User then covers his neck to avoid ridicule...
"That's a Chinese IP, Put out a press release we are under attack!"
Military Intelligence is an oximoron!
I'm working on the next generation of secure military switches and what do I get from the military contractors - "It doesn't allow me to do XYZ that my £20 switch from Acme does!"
Just a thought....
Em? Methinks that someone in US High Command has been playing to much CnC Generals. "The chinese have hackers in this great game I'm playing that really looks like real life. I mean they got a US General who specializes in lasers too".
Misspelling of "specializes" for the benefit of any high command officials that read this....
Re: Military Intelligence is an oximoron!
Brings to mind the Megadeth lyrics:
"The Military Intelligence, two words combined that can't make sense.."
I love that quote!
/grabs air guitar and throws a Dm shape..
Die Hard 4.0....
....ring any bells? This whole scenario seems just as ridiculous as that film (which whilst fairly entertaining to watch at the lowest level, was utterly braindead action trash, devoid of any connection with reality).
What is it with America? Really.....life is NOT an action movie. Society will not melt down because a bunch of computers get hacked, it really won't and if it really will, and it's possible to launch such a completely devestating attack using *only* computer based systems, then frankly governments and Utilities companies really need to sort it out...
Oh and Duncan, I like it - although why only "specializes" and not "lazer"? Which also makes me wonder why the Americans dont spell Chinese, Chineze...
Quantum Leaping........ no Cowboy Builders, by Executive Order.
Don't you just love the understatement in the Financial Times ..."– and the Pentagon is widely assumed to scan Chinese networks –".
The problem, although it is really a safeguard in CyberSpace, is that it is Intelligence which rules the roost and a big bullying stick to wield in a Shock and Awe campaign just doesn't exist. In fact, all such monies are wasted, which must sort of toll the death-knell bells for all those warmonger outfits with only archaic hardware to sell to a Digital World ......which must have a military industrial complex somewhat concerned, to say the least.
But hey, that's Progress and it's about time the neanderthal mind was laid to Rest in Peace.
And boy, is it gonna be a Bonanza for the Virtual Virtuozzo Messengers with all that pentagram money to play with.
Oops, sorry that should have been Pentagon. An easy mistake to make. Dig deep and you find all sorts of tales spinning in the background radiation enriching the environment or opening closets ....... http://www.paranoiamagazine.com/skeleton.html ....... and the Game hasn't really even started yet.
The Sub-Prime fiasco is only the warm-up?
Because it's an acronym. And it's Chineez.
hopefully no lazer as even the US military wouldn't really redeifine
stumulated as zumulated (or would they)
Mil networks versus critical national infrastructure networks
Classified military networks are not connected to the Public Internet. The US military have a global intranet - the Global Information Grid, GIG - that is where the important information flows, how a UAV flying over A'stan is piloted by a bloke sat in an air-conditioned room located just outside Las Vegas and how US Divisional HQ for Iraq II was located in Florida (can't let generals get their uniforms dusty).
The big cyberwar threat is not to military networks; rather, it is to information systems that manage aspects of critical national infrastructure: power, telecoms, water, other utilities. If the US DoD is *serious* about providing a warning to the Administration it should be saying "this is evidence of latent capability: more funds need to be allocated to the Department of Homeland Defense in order to beef up the cyber defenses of these infrastructures"
The current pleading is, frankly, arrant nonsense.
China has been pounding on the Military firewall routers every few months for years now.
if they want to prevent their systems from being compromised they need to move to a core OS that can be burnt on a prom or eprom but not something that can be flashed with software. It is well within their ability to roll out an OS as a hardware upgrade. Dependant software can be white listed and trip wired by the secured core. ( I was actually disappointed when apple didn't adopt a similar configuration when they switched to intel processors ) I guess there is just to much money to be made in the anti-virus software market.
As for being concerned about China attacking the network, I believe they are simply driving the US to spend more than they can afford on upgrading, just like the US did to Soviet Union with Star Wars.
Now if you'll excuse me I'm going to try to install the second life client on my new bootleg copy of Windows for Warships ... :p
"very high level of confidence...trending towards total certainty" = "We guess"
Traced to PLO?
Yeah right. As the article states, it isn't in the interest of the PLO to show their hand. If a system was taken off line, it was either that Chinese MilHats made a mistake (port scanner set too aggresively and causing DOS, buffer overflow exploit against wrong version exe crashing machine, etc), or (more likely) that some kid happened to zombie a machine in an unclassified .mil.ca network and used that as a proxy to do some playing around in the Pentagon.
War Games 2? :-)
The Russia House? The China House?
Govhats? Redstarhats? Milhats? Spookhats?
"Uhm, ermm,... The Sorting Hat?"
I'll get my hat and my coat.
Purple Hearts aGoGo? The Military Shame Blame Game .... bootlickin' copy
"Classified military networks are not connected to the Public Internet."
Is that the problem, Dave? Two quite separate networks working in a real world environment with both disabled and unable to talk to each other and just doing their thing, y'all. With one plotting and playing war games costing real American lives too and all controlled by couch potatoes sat in an air-conditioned room located just outside Las Vegas. All American heroes?
And after a hard day's work, a night hooking on the town snorting a line and toasting absent friends. Oh what a lovely war for some but don't be shouting IT from the rooftops or there'll be hell to pay and heads to roll.
Since when has "trending" been a word?
Sounds like another example of US officials using words that sound important but either don't exist or are out of context.
And don't argue with me, you all know they do it ..
I guess I should expect this, considering it's the Register and all, but seriously...
1. The DoD maintains seperate networks for seperate purposes. NIPRnet, SIPRnet and JWICS are all physically seperate networks, operating at different levels of classifications. SIPRnet and JWICS are totally isolate, and don't talk to each other.
2. amanfromMars: all DoD personnel undergo random drug testing. Most people get popped for a test twice a year or so. Failure = dishonorable discharge, do not pass go, do not collect $200.
3. The military (Air Force in particular) have a tendency to mix electronic warfare with this whole "cyber" warfare thing; the two are extremely different, where one is concerned with defeating RADAR systems and radio links, and the other more in the world y'all understand. Both are referred to as network warfare, as they involve the destruction or disruption of autonomous agents communicating in a complex scheme. Network warfare is also applied to power systems, lines of communication (roads, railroads etc for you non-mil types) and other interconnected systems. Yes, the brass confuse the hell out of the matter. Meh...what can you do?
4. Dave: agreed, and there is much spending in just the manner you posted on. The DHS is a new, massive department though, and are necessarily incompetent.
5. Finally the intelligence thing: the intelligence community never asserted many of the things stated above, but by the same measure they didn't actively counter the memes as they spread. As always, the reality is very muddy, and the intel people tend not to convey ambiguity very well. Which is very important, as military types are very black/white, yes/no, go/no-go etc.
@Stuart Van Onselen
Just because someone posts anonymously, it doesn't mean they're trolling (although in this case, I think they are).
Sometimes it's because they know that their opinion is controversial and that they are likely to get some pretty unpleasant and vicious abuse instead of constructive counter-argument. To resort to abuse is an admission that you either can't or won't counter their argument. Neither option is helpful to the debate.
N.B. If you think somebody is trolling, DO NOT FEED THEM! They thrive on getting attention, regardless of whether it's positive or negative.
"And after a hard day's work, a night hooking on the town snorting a line and toasting absent friends"
American friendly fire?
Where did I leave that napalm?
.....they should have secured some of their systems and changed system accounts away from default passwords...... As discussed here some weeks ago.
....And in related news, analysis of the header (which can't always be taken at face value, I appreciate...) of a spam email I received recently, punting the ever popular penis pills suggests that someone at Yuma on a DoD site really needs to brush up their security. It's reassuring that the US military appear to be just as bad at spreading spam as everyone else.
It doesn't much matter
if it's true or not. And the air gap is irrelevant. If the Israelis have it (and they have pretty much everything save the launch codes, which they don't care about as they's got their own), then the Russian have it, which means the Chinese have it, or soon will. And if it's important, then the Israelis have it. At least when the Mob on the Hill finally decamp to their hideouts in Paraguy and places, we'll be able to shop around for the best deal on their bank account numbers to get the loot back. Or maybe it'll just be simpler to print up some more, preferably of the Treasury variety.
And to think. The Chinese actually discovered the *east* coast of America about 70 years before Columbus. Their Emperor was so impressed he let the fleet rot (remind you of anyone?). How different things might have been if they'd stayed.
We might have had Ninja Mutant Turtles, Bruce Lee movies and takeaway dinners about 300 years earlier. Instead we have The End of History (on a permanent basis).
How about the reality
why anonymous ?
Sometimes our employers (or associates) wouldn't appreciate our comments
to mr anon (the one who went Sigh... @ 17:47 GMT)
Separate network : Thats the separate network that is unusable because if the powerpoint presentations being whizzed about between important people. Or is that the network that couldn't be used in Bosnia because it had to be kept clear (at all times) for the less than daily top brass video conference ?
Such systems are seldom used for their true purpose they become the personal property (and status symbol) of the senior management, whether it is private industry, goverment or military
DoD personnel undergo drug testing,
Still dosn't stop them though does it, (better to use coke/crack or acid than weed as it clears the body quicker), don't forget to keep your hair short ! US service people using stimulants (to do what is asked of them) it would never happen.
Radar / radio comms intercept / traffic analysis / spoofing, always fell into Sig Int and ECM. This cyber warfare only turned up when they wanted more miney so they didn't actually have to attend any warzones in person (Oh yean and to scare the US public that the bad guys where on the publics doorstep)
The poor buggers out on the front line are having a bad enough time, without the shrinking violets back at home talking up another threat, to avoid facing some real shit.
Brent : the system probably went off line because they where listening to a Sony protected CD
for the intelligence community, the only product thay have is fear, to the public or the politicians it dosn't matter as long as they justify their own existance.
If any deeply critical utility puts their control systems on the internet, (even via VPN tunnels) then they should be closed down on general principle If you are that critical then you can afford private circuits.
How about the reality: spelling?
Re: to separate network
Bandwidth hogs are still fairly common, though it's less "important people" then it is idiots sending gigantic emails around. Most network abuse is due to people not understanding the concept of limited bandwidth, rather then general conceit as you seem to imply. Bandwidth has improved dramatically over the last few years, thankfully.
Your implication that networks are used as status trophies is just being angry. SIPRnet and JWICS are just very large intranets, and as such, are used for web publishing and email, much like any other intranet. SIPRnet has many many many users and JWICS, though operating at a high classification, has a large userbase as well. Believe me, as the near polar opposite of "senior management" I experience no mission-ending delay on the network, either here or CONUS. Your attempt to make this an emotional appeal against those Evil, Dark Overlords is sad, really.
Re: Drug Testing
Yes, of *course* people use drugs in the military. And those idiots rarely last long. My whole point was that drug testing is frequent, unpredictable and nearly irrefutable. Dishonorable discharges or a dismissal of a commission is a permanent scar on one's life, and it's a huge risk to take. Your assertion that people in the DoD take drugs to comply with the unreasonable demands of the same Dark Overlords that take all our bandwidth in video chat is, again, a needless emotional appeal.
Re: Cyber Warfare
Again, emotional appeal. You say much about the evil, nefarious schemes of massively powerful corporations or individuals...great fun, I must admit, but ignorance is a better explanation. In government, things rarely start from a point of malice. They generally start because of fear and ignorance. In this case, Cyber attack entered vogue a number of years ago as an emerging threat against systems in the gov't. Remember, old warfighters (generals and admirals) aren't as tech-savvy as us, and so will naturally relate the concept to warfighting methods they *do* understand, and the result is that they think of cyber warfare as similar to network warfare.
Network warfare, for those unaware, is the idea that complex enemies fight in systems, which can be abstracted into nodes which affect the status of a system. In network warfare, the idea is to destroy or neutralize the points in an abstract network that will best disable the enemy's ability to fight. Taking out a bridge on a major highway (thus interrupting an enemy's transportation system) or destroying an early warning RADAR (thus blinding the enemy's intelligence network) is a perfect example of this.
The problem with this approach from cyber warfare's standpoint is that it leads people to think of cyberspace as a traditional battlespace, and to draw metaphors appropriately. This, combined with the deep arcana of modern information systems leads to, well, what we have now.
Re: Sony protected CD
Re: intelligence community
You sound genuinely embittered here. On the one hand, it's not surprising considering how secretive such a business is. On the other hand, it's kinda sad. Intelligence is, by its very nature, educated guesswork. Many times they get it right. Sometimes, they fail spectacularly. That is to be expected. And this is something you probably realize, but choose to ignore; when has logic and rationality stopped a good strong hate? After all, the truthiness behind Big Evil DoD is the intellectually easier route to take. The idea that it is simply a massive, unwieldy organization whose nature and mission make weirdness like this inevitable isn't very sexy, after all. Better to go with aliens and oppression.
I would also recommend running a post through a spell checker before you post.
Is it me...
...or did amanfromMars just make some sense in that post?
Either they've upgraded the bot posting program or he's come off the drugs!
@A better way...
No, just disconnect the Pentagon. It amazes me that a target like the pentagon is connected al the time to the Internet. Why not hang a sign out announcing "Here we are, come f**k with our network!"
Email's important, but have they never heard of UUCP? Even Exchange can use UUCP, no? If they don't use Exchange they should: whenever the Sec of Defense or Prez needs to 'lose' an email message, they can blame it's loss quite plausibly on Exchange.
But, more likely, the Pentagon and Executive share a squirrel(ly)mail server with the CIA!
Well when an unemployed, technically illiterate person, the likes of Gary McKinnon hacks into your networks and your response is to get the arse with him rather than get the arse with yourselves for being such muppets then you'd have to be a moron to think that you didn't have a wide open door to the Chineese military.
Their biggest problem isn't technical, my bet is they first need to get rid of the morons and then change their attitudes.
Not wishing to
Firstly nothing I typed was supposed to be a personal attack, despite addressing points made.
As somebody who has already spent 30 years of his life living through a previous war on terror, and being way too close to several car & van bombs to ever take walking safely down the street for granted. I do understand the intent of security agencys and also the dreadful things that they encounter, and also the choices (& trade offs) they must make to keep people alive.
But right now theres so much shouting wolf going on, people are not going to listen when it is real.
Thats a big worry to me, and it should be to everybody else.
Surely you are supposed to tell a somebody when they're is going wrong.
The practice of keeping networks free for most of the day (for a scheduled 30 minute video conference) was from 3 friends who where stationed in Bosnia. Similar issues are still reported by the one who is still currently serving (in Afganistan ATM.)
Too many friends who have not survived their combat tours (both UK & US forces) some due to what turned out to be misleading intellegence reports (two of these cases the information was known to be known to be incorrect before the operation started). Nothing to do with misdirection or protecting sources, just intel staff not wishing to own up to a mistake in the first place.
The funny thing is I object to that (do you ?), especially as the culprits where 'promoted out of harms way'
Any large organisation is like an living organism, it becomes self serving, to the detriment of other organisms around it (when nessicary for it's own continued good health). This may not be intentional but it happens (sorry folks)
However such lessons from the past have been forgotten (again). The reasons given for invading Afginstan and Iraq is one example. I was called cynical & wrong at the time. Lies and fabrication is what it turned out to be.
I'm not blaming the armed forces for this mess BTW
Drugs : from those I knew who operated multi day missions within Iraq, (pre Dersert Storm invasion) refused stimulants. Official or unofficial it still occured and don't simply say 17 years have passed.
Yes there is a potential of some form of information war, unhappily from previous hacks much of the US goverment agencys (I will have the decency to leave out the 'real military' out of this) could learn the some of the lessons that even home users have learned.
Yeah I liked the Sony comment myself thanks ;)
I don't want sexy theorys, I don't need them at all thank you. The real world generates enough wierdness for me. However I do keep a very careful eye out for the self serving variety, as thats the one that causes the political problems in work.
BTW I didn't pick on anybodys spelling (or made up words in this thread), currently I'm working with 2 broken fingers and a fingertip that would prefer to leave the rest of the finger so please don't get petty about my left handed typing. It's the best I can manage for a while.
However this will not cause anybodys demise (I hope).
not exactly true
"all DoD personnel undergo random drug testing. Most people get popped for a test twice a year or so. Failure = dishonorable discharge, do not pass go, do not collect $200."
It depends on quite a few things. For example what drug shows up in your urinalysis, if you gave a statement (confession) before the results were back indicating you had drugs in your system, the current drug policy atmosphere where you are stationed, and yes unfortunately it depends on who you are.
I have seen many people simply get sent to a rehab program when they "piss hot" showing cocaine or marijuana in their system. A few had been doing extacy and got pulled for a urinalysis and subsequently dishonorably discharged.
It's not as easy to get kicked out as it may have been in the past. I myself had somewhat of an experience with this. It's regarding how I found this website to begin with. ;)
http://ww2.pstripes.osd.mil/01/jul01/ed072701g.html <-- by this time i had been relieved of some rank heh
I continued to serve my country until 2003 and received an Honorable discharge.
of course there are trolls here
When I see at least two people have answered amanfromars "criticisms?" considering he is just a script/dada engine/AI and although he's gotten better he's still a little out there we have just too many gullible folks reading this for there not to be a ton of trolls. There is blood in the water what do you expect.Anybody who wants
to know about the time honored tradition of trolling can look the word up at wikipedia they have a nice long article about it there.
No I am who I say I am I don't care what you think.
Oh No, Not James Bond Again....
This type of report always reminds me of the latter day James Bond (or more likely, Austin Powers) movie - Dr. Evil in his secret liar surrounded by hordes of Russian, Albanian or Chinese lackeys (depending on the vintage) dreaming up schemes to bring down the free world with some death ray (in this case 'death code').
We must not take this seriously. Even if the reports are true its amateurishness of the highest order to carry sensitive information on unsecured systems connected to the public Internet. You leave a door open on a crowded street then someone is going to try to come in, its just the way people are. If we allow these people to play their 'cyberwarfare' games then we're going to suffer collateral damage like Mr. McKinnon who - if his Law Lords appeal fails -- is going to be thrown to a legal system that I wouldn't go near with a ten foot pole (and I'm an American.....). Don't pander to the scaremongers, we're professionals.
- Does Apple's iOS 7 make you physically SICK? Try swallowing version 7.1
- Fee fie Firefox: Mozilla's lawyers probe Dell over browser install charge
- Pics Indestructible Death Stars blow up planets with glowing KILL RAY
- Hands on Satisfy my scroll: El Reg gets claws on Windows 8.1 spring update
- Video Snowden: You can't trust SPOOKS with your DATA