Belgium and India have joined the growing ranks of countries voicing concerns about cyber attacks originating from China. Earlier this week, officials from both countries said computer networks inside their borders are routinely targeted by hackers trying to ferret information that could benefit the Chinese government. Belgian …
Belgium, man! Belgium!!
As usual, Douglas Adams said it first and best.
Ensuring the Olympics by blackmail
Or are they trying to find compromizing material on the IOC's president's computer ?
A "Great Firewall" can be a double-edged sword.
Screw it, just block the whole subnet. I've never received a packet from .cn that wasn't a complete and utter waste of electrons. If I ever /do/ want to do business with someone in China, I can phone them up or write a letter.
If we blocked the whole lot to avoid the attacks, the only thing we'd miss out on (as "collateral damage" or fallout or side-effect) would be the spam.
Why is this not a no-brainer?
and brazil and korea and...
japan and romania and poland and russia and...
fail2ban is your friend... and if you're still using windows for your servers... umm... HA!
my personal server (which doesn't generate much traffic if any for that matter) gets attempts on being hacked daily. used to be well over 10,000 attempts a day. now it stops at 3-5 (fail2ban is set at 3 attempts). kinda kills the attack when the IP is banned from all access for attempting to break in.
Chris Miller is correct
Does make me wonder why those jolly chinamen [and women, of course] wouldbe poking around belgian interests? I mean, what important information could they gleam?
New recipes for high quality chocolate? [they are turning into a consumer based society after all]
Technical data from Fabrique Nationale so they can make cheap knockoffs of P90s? Perhaps the Type 56 [one of the most successful AK47 knockoffs in second and third world countries] will be replaced with a suspicioucly familiar 'type 90' bullpup SMG sometime in the near future? ;-)
Possibly being bundled with some tasty dark chocolate to entice overseas buyers?
Mine is the long overcoat with the large amounts of firearms underneath...and the 70% cocoa chocolate bar in the breast pocket.
I'm Disappointed, Dan
"So far, the countries have provided little proof that Chinese hacking is any different from cyber operations being conducted by other governments."
Such as ... ? Are you gonna back that up, or what?
It presumes that "other governments" are, then, attempting the same types of attacks as those the Chinese government is being accused of perpetrating. Where is the outrage, or at least a link? Tsk tsk.
Chinese attacks: Brought to you by American anti-virus firms
It's taken seven years, but could this really be the Chinese cyber-war that the American anti-virus industry, and Richard Cluck / um, Richard Clarke, warned us about back in 2001?
Back when the Wall Street Journal exposed the US AV industry as tools of the People's Republic of China?
(ok, one more time: http://www.theregister.co.uk/2001/04/03/chinese_feds_demand_computer_virus/ )
And how very, very interesting that Goodin brings up Cisco. Didn't Cisco participate in the construction of The Great Firewall of China?
At the risk of sounding xenophobic...
I am growingly increasingly reluctant to purchase any equipment manufactured in China, simply because I have seen equipment inexplicably "phone home" to the PRC. I'm not talking about SoHo crap like Linksys or NetGear, I'm talking about high dollar, high end enterprise hardware that costs more than your run of the mill Ferrari.
Even after a thorough investigation by our forensics team, the vendors engineers and several of the senior developers involved, there has yet to be an explanation as to why virgin hardware would immediately be sending unsolicited packets to China.
Needless to say, neither that equipment manufacturer nor ANY of its products will ever be used at any of the businesses, the company I work for, supports.
Re:At the risk of sounding xenophobic...
Name and shame, mofo.
At least it makes necessary for our govs to pay attention to security. Well, some of our govs at least, as you observed:
"According to some reports, hackers who stole a large amount of sensitive information from the US Pentagon last June were based in China. [...] Last month the FBI was report to be investigating the possibility Chinese hackers have installed backdoors in sensitive government networks using counterfeit Cisco routers."
Anyway, I'd bet my shirt that all the poor victim countries are doing exactly the same (not even to mention Echelon).
"Does make me wonder why those jolly chinamen [and women, of course] wouldbe poking around belgian interests?"
Steven, go look at a map and find out where Brussels is located, and the Hague, and all those lovely EU institutions, and NATO headquarters.
Think about it for a moment...
Realisation dawning yet?
You must be mad sir..
The author wants proof why Chinese hacking is any different from any other countries' hacking. Presumably Hack thinks that this story is being picky on the poor old Chinese. Bit of a funny thought that one.
I think it was 1998 that a Dutch hacking convention tried to remove Belguim from the internet, in retaliation for a previous Belgian conventions attack on the Netherlands. My employer had systems in both countries so I spent a week installing patches for everything past my bedtime.
Attacking Belgium doesn't distinguish the Chinese from anyone else, in a way it makes them seem more normal. Even Belgians hate Belgians - the three different language groups never talk to each other there. What sort of a nation is split in three along extra-national boundaries ? We should call the Belgians by their true names - Dutch and French and Germans. At what point do we stop the pretence Begium is a real nation - I mean, if Pluto isn't a planet anymore then Belgium shouldn't have a seat at the UN. Have they even been able to elect a Belgian government yet since the last election ?
Re:At the risk of sounding xenophobic...
sure I have seen that exact same post before, about 6 months ago, thats not to say its not a true story, just stuck in my mind.
@ .gov, Why is a .gov network connected to the damn interweb, surely it should be seperate on its own lines etc.
Chinese bad guys
In my job as a security manager for a Governement agency I actively drop all traffic from China allocated IP ranges (as well as many other networks) Chinese networks are the source of nearly all malicious traffic encountered plus providing hosting services to so much fraudulent and copyright infringing products/services. They will not rewspond to complaints so I simply blackhole them.
The Hague happens to be in Holland....
You think SHAEF is on public backbone?
The Feds found the Chinese backdoors
...when they realised that their own had stopped working.
Cisco provides much of the worlds' infrastructure; if the US wanted a way into potential enemy* networks they'd only have to ask** Cisco to cooperate.
* every other country
Anon because there's a Cisco router in my office...
Maybe the Chinese spent 10 months *looking* for the Belgian Government, along with *everyone else*. Or, they’ve gotten confused by *which* Government; last time I counted I’m paying for 5 of them (well, 6 whilst I was subsidising the old lot in caretaker mode at the same time paying for the “in waiting” lot)
And to answer Danny; the 3 communities get on a lot better than the media portrays. The bollox you read last year was pure politicking by the right-wing Flemish separatists and predictable over-reaction by the far-left. A bit like the Daily Mail claiming all the Scots want to declare independence etc; a little bit of loaded propaganda can go a long way…
Mine's is the one with the bottle of Leffe
European Union and NATO
Suckers! Only a heavily firewalled chinaman with little understanding of western society could possibly think that either of these institutions do anything at all.
It's the ultimate tar pit, the hackers will be bogged down in mountains of meaningless shite for decades. I'd love to see the look on their faces when they hit the EU document stash, all bollocks and then translated into a gazillion languages!
Not just chocolate
Mmmmmm Leffe in an ice frosted glass. At least the Belgians know how to serve beer properly :)
Belgium, Beer and Cyber terrorism
Why Belgium like others have said already ... NATO HQ is in Evere (Part of the Capital Area of Brussels) and guess what? A large number of EU instances are based in ... Brussels... Thats is why...
As to the beer remarks well Leffe is good I suppose but be adventurous and try some Kriek (Black cherry) or Framboise (Raspberry) or Apple-Black cherry beer... Nicely chilled in a cold glass it is heavenly...
Paris because she knows how to handle her booze... or so she thinks
I agree with scott
You shouldn't worry too much about Belgium. there are indeed some Flemish right wing separatist that are making a lot off trouble recently, but most people are getting along quite well (I am a "french" Belgian and my best friend is a "dutch" Belgian).
The issue with Belgium is that it is a central point in Europe were a lot of institutions are (the EU and NATO) and where a lot of international companies have some presence. So many things transit trough Belgium that it is a very good target.
Hey look, uh... something! *runs away*
Chinese hacking is good... maybe
I would say that hackers / security testers are your friends during time of "peace". Better to find the holes now than during time of war. But Cisco / Linksys / Netgear routers sending packets (passwords) to .cn? Ouch! We need to raise our game.
@ Graham " knows his planet " Dawson
Belgium and Holland are nowhere near the same. perhaps you should take a look at an online atlas?
The Haque - Dutch seat of goverment, Seat of the International war tribunal and not its capital ( Amsterdam )
Brussels - Seat of the E.U.
>Tried to remove Belguim from the internet
They'd have to find it first!
(Somewhere near Holland, but "nowhere near the same", I hear)
@A "Great Firewall" can be a double-edged sword
So if we block China that means chinese gold farmers will be removed from World of Warcraft... Lets do it.
Chinese hackers are having a go at India...
A lot of UK data (banks, financials, etc) are off-shored to India...
Is our data really secure being off-shored?
I was in Belgium, I ended up being violently ill after eating gnocci in a Brussels restaurant. Cyber attack these Belgianeeses to peeses I say!!!!
You cannot just simply block the IP's from China and believe they are cut off from your network.
A proficient hacker isn't directly routing from his network to the network he is attacking. He is working through at least one other (more than likely 3 to 4). Basically, setting up a proxy from another network he has already taken control of, or at least enough control he can launch attacks from there. The networks he is directly routing towards your network is likely one you haven't blocked, because it is in the same country you are.
The FBI is investigating counterfeit CISCO routers, however none of them are suspected to have been purchased by the US Governement. Procurement of these IA enabled devices (routers, firewalls, etc) is strictly controlled; and can only be purchased from certain vendors.
I've said it a thousand times on the WoW forums, but I'll repeat it here.
You need to stop the gold buyers to stop the gold sellers. It's not like they can't use a proxy anyway. Remove the buyers, the sellers then do not get enough business, the servers clean up. Fewer key loggers too and fewer cheater.
Mind you this is completely off topic. On topic, who else is involved in this "cyber war" if it's just China, surely the west needs to start working on it too?
Paris because it's f=Friday.
Attacks from China..
Has anyone considered the possibility that maybe, just maybe, people are using proxies or some other routing software (tor) to appear to be coming from china?
If i were a miscreant, i might take advantage of the recent press about attacks from china and make myself appear to be from china to mount an attack.
Suddenly, its just another attack from china.....
Just a thought.
Mines the one with the glasses, fake nose an mustache in the pocket....
>If i were a miscreant...
...I might make myself appear to be from the white house.
Much more entertaining.
>You cannot just simply block the IP's from China and believe they are cut off
>from your network.
Yes, you can, although you would have to block all the gateways coming out of the China network. Which sounds like a big job. And then there'd still be dial-up, Hong Kong, Macau (block or not?) and, most challenging, Taiwan.
While it may be good for WoW I doubt the worlds economy would benefit from such an approach.
>Apple's, Dell's and HP's supply chain is CHINA.
Gosh, not CHINA!
>But maybe it is time for the British to reconsider the mantra “it is all about Economics”.
So you think that maybe a "second great depression" is worthwhile to stop some hackers who may or may not be Chinese dicking about with Belgian computers?
Maybe it's time for the UNITED STATES OF AMERICA to reconsider sourcing all their products from China, since all the companies you listed are actually American.
Why Belgium? Think "RoboCop"!
Remember the Incredible 1987 cyberpunk movie "RoboCop", starring the inestimable Peter Weller? Omni Consumer Products was trying to perform a corporate takeover of Detroit.
Clearly, China is trying a hostile takeover of Belgium.
Re:At the risk of sounding xenophobic
yes , that post is sharp to the point of propaganda, can we have some verifiable facts/names please?
Money not missiles
@Scott - Leffe
I don't know - I have stayed in Belgium but I only spoke French and Dutch - and those communities aren't similar. However you did make a winning point about the beer. Leffe, and a few of the monks dark beers are so tasty that they may hold the country together. That raises another problem though - maybe the Chinese aren't after NATO when they look into Belgian systems. Maybe they are after the recipe to a decent beer.
Joking aside, the single most important organisation in the capitalist world is headquarted in Belgium. It is a place so prestigous that it's employees are banned from ever using the word 'prestige' in internal documentation. That is not NATO, it is SWIFT. It is much more secure than NATO. When you hear of hacking attacks on Belgium, don't think military, think financial. Or beer.
"You can't be a Real Country unless you have a BEER and an airline - it helps if you have some kind of a football team or some nuclear weapons, but at the very least you need a BEER." - Frank Zappa
Re - Chinese attacks: Brought to you by American anti-virus firms
The Chinese have been poking around North American computers for years. I think it was Chinese National Railroad computers that used to be looking at my little and inconsequential system. They probably still do but I haven't bothered to check in years. Banning the IPs of bothersome areas/countries doesn't seem like a bad idea.
@Free Trade versus Security
"Just because their gear is cheap and appears capable does not mean it is in our interest to use it. I want to make the argument that strategic equipment (CPU, RAM, display, networking, software) must come from sources we (democratic countries) trust."
You must be living in cloud cuckoo land if you think democratic countries have an agreement not to spy on each other and not to use underhand tactics on each other.
"Joking aside, the single most important organisation in the capitalist world is headquarted in Belgium. It is a place so prestigous that it's employees are banned from ever using the word 'prestige' in internal documentation. That is not NATO, it is SWIFT. It is much more secure than NATO. When you hear of hacking attacks on Belgium, don't think military, think financial. Or beer."
Or they just do what the US did/does, blackmail SWIFT and other corporations to give them whatever info they want:
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Review Vulture trails claw across Lenovo's touchy N20p Chromebook
- Adobe spies on readers: EVERY DRM page turn leaked to base over SSL
- Analysis The future health of the internet comes down to ONE simple question…