Feeds

back to article Chinese Army: US hacks us so much, I'm amazed you can read this

Two Chinese military websites - including the Defence Ministry - are routinely subjected to thousands of hacking attacks every month, the majority of which can be traced based to the US, Chinese authorities alleged this week. Two-thirds of the 144,000 attacks a month against Chinese military sites last year came from the US, the …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge

Crikey

hacked on average from overseas 144,000 times a month

Not just 144,000 hack attempts, but 144,000 successful hacks! Lummy.

1
1

Probably evolutionarily beneficial

A lot better than the US and China lobbing nukes at each other.

Presumably there's quite a lot of skill on both sides going in to this game.

It might spin off some better cybersecurity for the rest of us.

5
0
Anonymous Coward

Re: Probably evolutionarily beneficial

Until some idiot hacks into the launch system. That will result in a nice evolutionary dead-end for all involved.

No thanks, I 'd prefer that neither one of them did it all, evolutionary or not.

0
0
Bronze badge

Re: Probably evolutionarily beneficial

Pity that you don't understand how launch systems work.

They're not open to the internet, they're on isolated networks that are inaccessible to other networks. Hence, they can't be hacked unless one is sitting at a terminal on that network.

0
1
Bronze badge

Re: Probably evolutionarily beneficial

I'll suggest that there is a great deal of skill on both sides of this game. I had no involvement with our cyber operations, save in the defense side of our networks.

From the Information Assurance side of the house, I can say that the PLA personnel were overall extremely clever and a few spoke fluent American English, understood American culture and used multiple means to attack our networks. Efforts ranged from social engineering, plain phishing, spear phishing and even scattering infected USB drives in a headquarters parking lot.

The latter being the 2008 cyber attack against the US DoD, which was extremely effective. Twice. Interestingly enough, my installation remained uninfected throughout that multi-billion dollar debacle.

But then, our baseline was the directed DoD baseline configuration, we had no pirated software on the network, our patch management was efficient and up to date and our antivirus definitions were pushed out daily to the test systems and the next day for the main production systems. When the undersecretary of defense ordered USB mass storage shut down, NetCom commands refused to "force the issue with their customers", I went to the installation commander, who "owns" all computers on the base, briefed him on the directive and requested his desire.

"Shut the F'ing things off."

I went back to my desk, hit enter and the script was pushed out, shutting down all USB mass storage and an e-mail went out advising all as to what happened and why.

We did exception to policy on a case by case basis, for those whose mission was impacted, with only three exceptions throughout our entire installation.

2
0
Anonymous Coward

Re: Probably evolutionarily beneficial

Pity that you don't understand how launch systems work.

They're not open to the internet, they're on isolated networks that are inaccessible to other networks. Hence, they can't be hacked unless one is sitting at a terminal on that network.

Out of idle, proximity-of-the-weekend induced curiosity, how do people at said terminal get the message to press the red button (virtual or not)? Somehow, information is gained/accessed/processed/interpreted, and communication must take place. Plenty of weak spots there - that's the idea behind APT.

0
0
Vic
Silver badge

Re: Probably evolutionarily beneficial

they're on isolated networks that are inaccessible to other networks. Hence, they can't be hacked unless one is sitting at a terminal on that network.

Didn't someone tell me that about the Iranian centrifuges?

Vic.

0
0
Trollface

I look forward to the day when all their base are belong to us.

10
0
Silver badge
Linux

9000?!!!

Unngghh

0
0

This post has been deleted by its author

WTF?

What's with all of the smoking - is it that much more of a thing in China or is that just more of the propagandist nature of the animation?

0
0
Silver badge

No, smoking is big in China. You couldn't smoke in our office, you had to go into the stairwell, where the ashtray was emptied 3 or 4 times an hour - literally there was often a cleaner there waiting for me to ash.

0
0
Silver badge
Go

"What's with all of the smoking - is it that much more of a thing in China"

Yes.

Also: Spitting.

1
0
Silver badge

Re:

Some countries aren't populated by people whinging about smoke all day. They are to busy working to complain.

10
5
Anonymous Coward

smoking is big in China

Switzerland too, and practically every teenager smokes to "fit in" :(.

The most ironic statement I had in that context was by someone proclaiming that it was their "freedom" to smoke. They got a bit upset when I remarked that a 3m hose length radius around an oxygen bottle wasn't much in the way of freedom, but that's the idea of grabbing them young: they don't think very far ahead. Getting lung cancer at 35 is too far away for them to worry about..

0
0

This post has been deleted by a moderator

Re: Time for the military to stop using Windows.

lmao what a tool. once a hacker gets enough skills to meddle in serious hacking (like military targets) without getting nailed its actually easier to hack *nix based systems, they all follow same outdated "security" structures.

1
10
Anonymous Coward

Re: Time for the military to stop using Windows.

Amazing! Eadon, you surpass even your own stupidity. They are running Apache and it ain't on Windows.

4
3

This post has been deleted by a moderator

This post has been deleted by a moderator

Bronze badge

Re: Time for the military to stop using Windows.

Not a chance, the Purchasing Department worked out that it's far cheaper than anything else, and besides no one gets fired for buying Microsoft do they. Just think how much it would cost if they were to let techies decide on which kit is the best, I mean how stupid do you think these guys are.

Any way who uses Linux anyway and Apple is way overpriced.

Sorry I can't remember anymore uninformed reasons to trot out.

3
1

This post has been deleted by its author

Anonymous Coward

Re: Time for the military to stop using Windows.

No-one gets a free lunch and hookers from MS if they use Linux, quick, get Stallman on the case! :)

0
0
Anonymous Coward

Re: Time for the military to stop using Windows.

But still it is necessary to update Apache ("patch" it haha) and actually follow recommended security practices.... it's not like there is a lack of free info on the Web on how to do it.... plus it will never get any of the myriads of Windows viruses or spyware however badly patched it is, so at least a good start and breathing space to get it fixed.

1
1

Re: Time for the military to stop using Windows.

> apt-get install Nuclear_Launch_Codes

Access Denied

>sudo apt-get install Nuclear_Launch_Codes

Reading package lists... Done

Building dependency tree

Reading state information... Done

The following packages were automatically installed and are no longer required:

B17 B29 B36 B52 B70 FB111 B1B

Couldn't find package Nuclear_Launch_Codes

...

google : Nuclear Launch Repository Location

...

vi /etc/apt/sources.li

<boom>

4
0
Bronze badge

Re: Time for the military to stop using Windows.

Blather. Every major compromise wasn't due to the OS, it was due to user stupidity. I know of Solaris systems that were compromised by the PLA.

The last time I checked, Solaris isn't Windows.

2
0
Anonymous Coward

Re: Time for the military to stop using Windows.

lmao what a tool. once a hacker gets enough skills to meddle in serious hacking (like military targets) without getting nailed its actually easier to hack *nix based systems, they all follow same outdated "security" structures.

I see that a lack of knowledge is clearly no impediment for you to comment, which makes you strangely compatible with Eadon despite making opposite statements. Weird.

Can you try commenting directly to Eadon's posts? I want to see if the two of you actually cancel each other out :)

0
0

video

I laughed at how the Americans are portrayed in the video and - oh noes - the secret formula for coke!

4
0
Silver badge
Pint

Re: video

America's problem is we don't have NMA TV to tell us the plain truth. Love NMA TV.

0
0
Vic
Silver badge

Re: video

> oh noes - the secret formula for coke!

Aw, c'mon - that bit was funny :-)

Vic.

0
0

US & China - similar much?

For all the bullshit and the quite unique styles, the US and China have become very similar in recent times. Media orchestration, money > people, absurd delusions of grandeur, massive corruption, and of course, ludicrous amounts of surveillance and propaganda targeting their own citizens. The Chinese have even begun exploring space. They'll be telling us they're a "land of the free" next, as they monitor every communication, run jails as a private industry, and hound journalists that dare speak against the regime. If these two former polar opposites can find so much common ground, perhaps the "one world government" Bush snr was so obsessed with might actually be possible.

20
0
Anonymous Coward

Re: US & China - similar much?

I don't know, maybe they'll bypass the whole capitalist/feudalist intentional abuse of the population thing, and go straight to a Star-Trek NG-like advanced society. They look more likely to do that than most other places.... plus they do have the advantage of 1000s of years of culture. Well, we can hope :)

2
0
Bronze badge

Re: US & China - similar much?

Star Trek NG was a post scarcity society. So, getting there is extremely unlikely, due to sparse and inefficiently distributed resources of today.

0
0
Silver badge
Coffee/keyboard

now why is this?

Could it be that if a Chinese person tries to hack into a Chinese military (or other) site they'd be picked up, and be dead before reaching the cemetary/mass grave/compost heap?

2
0
Silver badge
Devil

Re: now why is this?

" and be dead before reaching the cemetary/mass grave/compost heap?"

And those would be the lucky ones! :-D

1
0
Windows

Very disturbing

Being a decadent lazy westerner I skipped the article and went straight for the video. From what I understand Chinas' weaponized bear technology is decades more advanced than we thought. Although on the upside once they invade I can smoke at work, so where can I email my user/passwords to hurry this along?

5
0
Holmes

They are both as bad as each other.

3
0
FAIL

But Really...

What is the point in this hacking? No seriously? What is it going to aachieve? Its a bit like Anon deficating on some website. What is the damage? Its a bit like kids doing graffiti and then the other bunch paints over and they get all upset and worked up about it.

What kind of a millitary organisation has its main system physically connected to the same same network as their web servers? Why is their system online anyway? For what purpose? Generals can do battle plans from home? No really?

Please let this be not how I imagine it it is... This is just too depressing to think that the millitary are so god damn stupid.

0
1

Re: But Really...

""What is the point in this hacking? ""

To cause disruption to the enemy, to steal information, to cause internal descent, sabotage.

""What is it going to aachieve?""

Any number of aims and goals I am sure the Chinese and US government has. I am sure the Chinese main aim is to steal US military secrets. US aims it probably learn more about the inner workings of the Chinese government, when it spending it cash surplus, friends and foes. An perhaps any secrets the Chinese military has.

What is the damage?

Apparently the US was able to remotely destroy centrifuges using stuxnet in the lab, it unknown what damage they did to Iran nuclear industry, from the outside not very much.

""

What kind of a millitary organisation has its main system physically connected to the same same network as their web servers?""

None, but you do not need an physical connection to hack a computer system. Just needs someone to connect something up to an outside hard drive, pen drive, or possible even fit a new specially adapted motherboard, RAM that you have manage to infiltrate into their supply chain.

""Why is their system online anyway? ""

They not.

"""None one said it was on-line. """

No one said that it needs to be on-line to be hacked. An the US and China are not really talking about the kind of attacks that are appearing as graffiti on websites, even hacking sites and stealing passwords (through given that the bigger the password databases NSA and the like can assemble the more like they are able to build intelligence systems able to guess people passwords more accurately by analysing everything they know about the person), they are talking about the kind of attacks that may take 5 years before paying off, they sits and lurks in their computer systems, spreading silently until they find their target. What they are talking about in public is little more than a distraction to what they are both up to.

An the publicly detected attacks are probably design to divert security industry away from other attack avenues or at the very best design to inform the industry of such attack vectors so they can be fixed, after their usefulness has expired.

2
0
Bronze badge
Mushroom

Re: But Really...

It's basically a re-run of the Cold War, but instead of mutually assured nuclear destruction we have mutually assured economic destruction and instead of the two sides being openly hostile towards each other they're actually business partners and largely dependant on each other.

That It's also completely insane is par for the course.

Here's the kicker though, because the consequence of lobbing a nuke were very well understood by all sides to almost certainly result in the end of all life on earth, a whole bunch of systems and safeguards were implemented to ensure that it would be really hard to either accidentally fire one off or for some guy to have a bad day and decide to fuck the planet. Wasn't perfect of course and the fact that we're all still here is completly down to the fact that on the occasions the system failed the guys that were told to press the button didn't.

This time round there's no safeguards, if one guy hacks into the right system and decides wipe it for the lols instead of pwning it for God and Country, it could escalate shockingly quickly to a couple of billion people surprised by the sudden loss of power, communications and water.

Sleep well.

0
0
Anonymous Coward

Re: But Really...

"To cause disruption to the enemy, to steal information, to cause internal descent, sabotage."

installing a lift?

2
0
Bronze badge

Re: But Really...

What is the point?

Let's see, the PLA got into systems of those negotiating contracts with PRC based companies, learning the negotiation strategies, desired and how much they were willing to spend.

The PLA got into US companies and stole R&D for new products, not only military products at that.

The PLA got into US DoD networks, fortunately, they couldn't get to classified networks which also were infected by their worms, as those networks are isolated from NIPRnet. But, they harvested all manner of information from NIPRnet. Troop dispositions, troop movements, supply manifests, etc.

And yes, Generals do battle plans from "home" in the US. CENTCOM headquarters isn't in the Persian Gulf or Afghanistan, it's in Florida, with contingents in theater, but the commanding general spend the majority of their time CONUS. That said, plans go on the classified networks, however, there are plenty of unclassified communications about those plans that live on NIPRnet.

Another example, remember the big stink over Oliver North having a fence and security installed at government expense, but that stink when nowhere?

It was because he had a SIPRnet feed to his home, with an encrypted tunnel to other classified networks.

That's why the stink blew away faster than usual.

0
0
Gold badge

Re: But Really...

"To cause disruption to the enemy, to steal information, to cause internal descent, sabotage."

installing a lift?

Yup. It's called the Schindler attack. It works on many levels.

1
0
Black Helicopters

Propaganda for internal consumption?

"...closed monthly meeting of local journalists that excludes member of the foreign press corps."

Can one imply from this statement that all the 'facts' here (144000 US hacks) are meant for the great Chinese unwashed to worry and fret over? Is this just demonising the West for local consumption?

0
0
Anonymous Coward

Re: Propaganda for internal consumption?

"demonising the West for local consumption" not that the West would dream of doing such a thing on a daily basis to China, Russia, Belarus, Argentina, Iceland, Greece ..... or anywhere else that dares to not toe the line. Do any of the press or TV in the West routinely refer to Obama or Cameron or Merkel as a "strongman" or question how they got elected and fund endless pressure groups from offshore to "find out the truth"?

1
0
Bronze badge

This is why.

This why the US does not want to use any Chinese telco kit. It's not xenophobia, it's good ole fashion paranoia. Would you want telco kit from a country you are hacking/attacking ?

0
0
Silver badge
Go

The more things change...

Rattle those sabres a bit louder, lads. We're having trouble hearing it down here at the back.

1
0
Silver badge

Got to love that video animation! It's like someone crossed Fox news election coverage with the truth. We need more of that over here!

0
0
Black Helicopters

There's a term for that

A non-doctrinal term used in the US Army applies: Getting Jiggy With It.

0
0
Silver badge
Headmaster

Hardly surprising...

PRC hacking US - cyberterrorism.

US hacking PRC - Fighting for democracy & freedom.

As predictable as a Hollywood sequel.

Personally, I love democracy & freedom - or at least the thought of it - but it'll never happen: the establishment would never permit it.

0
0

Page:

This topic is closed for new posts.