Feeds

back to article First the NYT, now the Wall Street Journal: But are hacking attacks from China new?

The Wall Street Journal is the latest media titan after the New York Times to admit it was raided by Chinese hackers. The WSJ confessed on Thursday a day after the NYT similarly blamed intruders linked to China's military for a persistent four-month assault against its computer systems. The attack against the NYT used a …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

A golden opportunity

Now would be the perfect time to whack the Chinese military hard.

0
4

Re: A golden opportunity

Off you go then, let me know how you get on...

4
0
Facepalm

Re: A golden opportunity

I think the perfect time to whack the Chinese military hard is "never" or, maybe, "1945". "Now" is definitely the incorrect answer.

4
0
404
Bronze badge

Re: A golden opportunity

Korean War actually. When it was looking bad for the North Koreans, the Chinese jumped in with over a million men. Gen, MacArthur wanted to use atomic bombs to stop the influx, but Pres, Truman sacked MacArthur instead - they never did get along, one a peacock and the other a haberdasher.

That;s the short version anyway - China is waaaay scarier today when you consider what usually follows a generational uneven male-to-female birth rate.

1
0
Anonymous Coward

Re: A golden opportunity

China is waaaay scarier today when you consider what usually follows a generational uneven male-to-female birth rate

Yup - you state what I have been mentioning for years. China is in an excellent position to become an active aggressor if it wants to, which is IMHO rather worrying..

0
1
FAIL

Makes you wonder

How badly companies like Intel, who have whole campuses in China connected into their networks, have been infiltrated.

1
0
Silver badge

Re: A golden opportunity

>China is in an excellent position to become an active aggressor

Chinese culture by default tends to think long term though so they are still far less scary than say a nuclear armed Pakistan. Big difference between aggression and suicide. Any country with anything to lose (China has a whole lot to lose now) is less scary. With some Muslim countries though I can understand why the concept of heaven is so inviting considering what their daily reality is.

1
0

This post has been deleted by its author

Silver badge
Trollface

Re: A golden opportunity

>the Chinese jumped in with over a million men.

Yep that is when the Army First Cav showed it true colors and got rolled in the process if I remember right.

1
0
Silver badge

Re: A golden opportunity

But at the same time, any country with an excess of something (in this case, human capital) would do well to find ways to trim the fat, whether it be in inhospitable mines or as cannon fodder.

0
0
Linux

Re: A golden opportunity

If you think the economy is bad now, just wait until we "whack the Chinese military hard"

1
0
Silver badge
Stop

Re: A golden opportunity

"Yup - you state what I have been mentioning for years. China is in an excellent position to become an active aggressor if it wants to, which is IMHO rather worrying."

Militarily?!

No, it's not. The composition of Chinese military forces is defensive in nature, and not capable of projecting force. Simply put: Thoughts of large-scale Chinese military aggression are unfounded. It will be at least a decade before they've properly integrated and new offensive elements, they lack a real 'blue water' navy and any long-range air-power. And there's not a lot of point in having a lot of people in uniform unless you can transport them all rapidly. Us accusing the Chinese as being military aggressive is like Rome telling the Phoenicians that they're vicious aggressors.

Economically, that's a different kettle of fish of course. China is playing a long game, and although not as outwardly aggressive or militaristic as us (Let's not forget which nations actively have boots-on-the-ground on foreign soil here: It's the US/UK FAR more than China/Russia), they are major players. China doesn't need weapons to become a superpower or maintain its status as such. Not for as long as we're all so eager to buy our stuff cheaply from there. Ultimately a (vaguely) communist nation is whipping our ass at capitalism, and using it against us.

2
0
Silver badge
Meh

Re: A golden opportunity

"Now would be the perfect time to whack the Chinese military hard."

Maybe that's the view that you're supposed to have. Interesting to note that in addition to the NYT coverage, I've seen a couple of editorials on US based tech sites demanding that the US government take a more agressive stance and attack the cyberfoes (electronically, of course). All at a time when the Pentagon is trying to increase severalfold the number of tech warfare specialists.

We're being led to believe by the press coverage that the US is being hacked, and that it is not doing any hacking in either defensive or agressive capacties. After Stuxnet that seems most unlikely. But this rather ill informed public debate can't be doing any harm as the Pentagon, DHS and other agencies negotiate future budgets.

0
0
Silver badge
Pint

A twist on existing phenomenon (der-der-durdur-da!)

Government departments hacking newspapers looking for information, you say?

Well it's an interesting way of doing things, but I think we still prefer to do it the other way 'round in these parts.

0
0
FAIL

Own opinion of the patterns laid in this article

Aurora and RSA I believe had links with the TDSS (TDL) rootkit? Which ironically, Russian-based Kaspersky were the first AV company to make a tool to 'fix'

Night Dragon sounds similar to stuxnet style according to a whitepaper by Mcafee?

Whilst TitanRain, ShadyRAT sound like they go hand in hand? -- Like bugware would or Kryptik (which even sounds like a little russian gimmic?)

The chinese might use honeypots in order to identify threats to their networks (Provided they have sufficient HIPS and IDS solutions) --- I guess the great firewall of china was built for this purpose, perimeter control? --- Oh wait, it was to censure the population?

Next will the Arabic nations be to blame? Since I've noticed a trend of turkish / arabic groups on Zone-H.org?

AV is only as good as the heuristics it uses, its not a fully comprehensive security package!

Either way, It'll all seem to go in circles? :-/

0
0
Silver badge
Thumb Up

Slightly OT

but does anyone else get a warm glow at the thought of Rupert Murdoch being hacked ?

4
0
Silver badge
Pint

Re: Slightly OT

"but does anyone else get a warm glow at the thought of Rupert Murdoch being hacked ?"

Only if it involves a machete.

4
0
Bronze badge
Childcatcher

Defense in Depth

Vendors in this camp include those who advocate white-listing as an alternative to antivirus.

I have yet to encounter a convincing argument that AV should be replaced. Augmented, yes, but not replaced. I have had to monitor too many logs to put my trust in any one layer of defense. The biggest challenge to information security measures will always be the intended users of a given system. I do not have any stats handy, but my experience has been that despite all logic to the contrary, odds are pretty good that your standard user will happily press the big red button labelled DO NOT PRESS.

0
0
Silver badge

Re: Defense in Depth

If not the big red button then whatever is placed under a sign saying, "Wet Paint. Do no touch."

0
0
Silver badge

Re: Defense in Depth

Don't savvy IT guys set those buttons up as Schmuck Bait these days? The ones who press the button don't get the trusted positions and so on?

0
0
Stop

Re: Defense in Depth

During the last two years or so, any obvious malware I've spotted - stuff pointed to by links in phishing emails and such - had an average detection rate of 25% or so on VirusTotal. Which means that if one is stupid enough to click on such links, odds are that he/she will end up with an infected machine despite running one of those resource hogs they call antivirus software these days.

On the other hand, Cisco has just pointed out that advertising on mainstream sites has now become the main vector of infection.

It follows that the single most effective countermeasure these days, is to use an ad blocker. Doing so will deprive online publications of ad revenue and has publishers scream bloody murder - but the publishers should direct their rage to the advertising industry rather than the users and purveyors of ad blockers.

STOP, 'cuz thats what the little icon in the status bar of my browser looks like.

2
0
Boffin

Re: Defense in Depth

Safe Browsing

Diagnostic page for articles.latimes.com

What is the current listing status for articles.latimes.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 4 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 4288 pages we tested on the site over the past 90 days, 336 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-02-04, and the last time suspicious content was found on this site was on 2013-02-03.

Malicious software is hosted on 3 domain(s), including ads.zitaholdings.com/, openx.org/, d1.rumbaypelo.com/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including openx.org/.

This site was hosted on 7 network(s) including AS36408 (PANTHER), AS31133 (MF), AS6854 (SYNTERRA).

http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http://articles.latimes.com/2013/feb/01/science/la-sci-living-crystals-20130202

1
0
Anonymous Coward

but does anyone else get a warm glow at the thought of Rupert Murdoch being hacked ?

Hmm, backdoors, hmmm..

1
0
Silver badge
WTF?

China

China is a proud and noble culture and all but I still don't understand why they venerate Mao at all (yes it seems to be more than just kissing ass to the party). Their may never be another human that kills more Chinese than Mao did (could be as high as 100 million total).

0
0
Anonymous Coward

FALSE FLACK

"Covert military, espionage, or sabatoge operations designed to deceive in such a way that the operations appear as though they are being carried out by other entities may be described as being carried out by 'false flack'. Operations carried during peace-time by civilian organisation, as well as covert government agencies, may by extension be called 'false flack' operations if they seek to hide the real organisation behind an operation."

0
0
Silver badge
Mushroom

Re: FALSE FLACK

false flack as opposed to friendly flack I guess (which I think of when I hear that the idea during ww2 to put up random flack to stop the V2s was a bad idea as it would ended up causing more collateral damage than the inaccurate v2s did).

0
0
Bronze badge

Re: FALSE FLACK

Yup. All 32 Civilians killed in Honalulu were killed by "friendly" fire on 12/7/41.

0
0
Silver badge
Facepalm

Re: FALSE FLACK

I believe the term you are looking for is "False Flag" as in, "operating under the flag of a country not your own"

0
0
Silver badge
Facepalm

FALSE FLACK???!!!

"Covert military, espionage, or sabatoge operations designed to deceive in such a way that the operations appear as though they are being carried out by other entities may be described as being carried out by 'false flack'. "

False FLAG.

/facepalm.

0
0
Anonymous Coward

Re: FALSE FLACK???!!!

" I'm shocked, shocked to find that punning is going on at el reg!"

Flack and Flag? Flack and Hack? What about Flack and Roberta?

It could have been a hat trick.

0
0
Bronze badge
Thumb Up

Just out of Curiosity ...

"If this is a surprise, where have you been for a decade? Mars?"

Hey, I've been on Mars way less than a decade and even I knew that.

P.S. Say hi to mom. Days are OK, nights a little chilly. Latest vacation pix ...

http://mars.jpl.nasa.gov/msl/multimedia/images/

0
0
Linux

Spies creeping in over the internet?

"The NYT electronic break-in was a catalyst for a debate about the effectiveness of antivirus software. There are broadly three camps to this discussion: Defenders of the continuing usefulness of the technology argue that it's necessary but insufficient. You need antivirus, and not just on the desktop, along with intrusion prevention, monitoring and other layers of protection".

What we need is for the integrated innovators to come up with a design for a 'computer` that doesn't execute code when the end-user clicks on a URL or opens an email attachment ...

0
0
Childcatcher

At the China war comments

I noticed a topic of people talking about China being scary today.

You are correct. But here is how the war would go.

China big a heck. U.S. big as heck. The U.S has the tech/war weapons to pull it off. But somewhere along the line I feel atomic weapons would be used. And thats the scary part.

0
0
Silver badge
Stop

Re: At the China war comments

"But here is how the war would go...."

NEVER start a land war in Asia.

(It's bigger than you think)

0
0
Thumb Up

"...China big a heck. U.S. big as heck. The U.S has the tech/war weapons to pull it off. But somewhere along the line I feel atomic weapons would be used. And thats the scary part..."

Thank you for that in-depth analysis, AJP.

2
0
Anonymous Coward

No, Chinese hack attacks are not new.

After you get hacked, you'll get hacked again an hour later.

0
0
Bronze badge
Alert

So, have your resident IT bods been double checking the Register firewalls?

0
0
Anonymous Coward

First seen by me in 2006

So back in the olden days when I worked for a email security company I was shown a spreadsheet. This spreadsheet contained a list of companies who had been targeted with a number of different trojans (which we were stopping). So far all a bit normal. However, alongside the list of companies and the trojans we also had a list of the IPs being used to relay the malware.... This made things a little bit more interesting as we started to see patterns linking the IPs being used (yes I know that they were all open relays and compromised machines but they were the SAME open relays and compromised machines over and over again) and the target companies.

Cut a long story short we fiddled around a bit and came up with a list of companies we were pretty sure were being attacked by the same group of people. Obviously I can't name names but given the variety of targets including defence, governments, paint manufacturers (owned by chemical companies), and also media & certain charities it was pretty bleeding obvious who the bad guys were.

Its not a question of "have you been owned?" but more "How long did it take you to find out you had been owned????"

0
0
This topic is closed for new posts.