The Times: PLA war-hackers can switch off US navy

Windows for Warships

IIRC, the U.S. Navy's computer systems are based on Windows.

Surely all that the Chinese have to do is to wait until the U.S. Navy upgrades to Windows Vista and someone in the fleet tries to delete a file.

Kent Brockman stylee

The Internet has apparently been taken over – "conquered" if you will – by a master race of Communist Chinese PLA. It's difficult to tell from this vantage point whether they will consume the captive earth men or merely enslave them. One thing is for certain. There is no stopping them; the PLA will soon be here. And I for one welcome our new PLA overlords. I'd like to remind them that as a trusted TV personality, I could be helpful in rounding up others to toil in their underground internet caves

Motive, motive, motive

Let's say - just for the sake of argument - that I was interested in increasing or maintaining the budget for electronic countermeasures in the military. Would I achieve my goal by assuring the people holding the purse strings that we are on top of all threats and that everything in the electronic countermeasures garden is rosy? Or would I be better-off scaring the juice out of 'em with threats of the yellow peril?

As to journo's latching on to the story, mis-categorising it and blowing it out of all proportion: Yes? And?

@Stephen Gray

If you're interested and are looking for the work camps/tunnels try this:

http://www.imdb.com/title/tt0061387/maindetails (Battle Beneath The Earth - 1967)

It's a fine example of xenophobia, paranoia and the art of movie make-up in trying to make Westerners look like our inscrutable Asiatic brothers; pure 60's campness.

Underground Perks

....to toil in their underground internet caves nutured and refreshed with their attendant and supportive damsels legions, naturally, Stephen.

Man cannot live without heavenly succour.

@ Chris Simmons

"Plot Synopsis: This plot synopsis is empty."

Seems pretty cogent to me.

The funniest part is the long description - the first paragraph says there are tunnels under the Pacific, and the second says the USA is being attacked by men from across the Atlantic. Apparently the writer confused the Red Chinese with the Beatles and the Rolling Stones.

@ Morely

Good shout old chap.

Coming Soon: Next Episode; there were 100 tunnels under Stalug Luft 3 (or whichever) not the 3 shown in the "Great Escape"!

Yes, I read the Beeb story as well, before you reply too quickly ;)

SuperNuclearCarrierBattleGroupies Beware!

Its all true you know. It is an increasingly known fact that the lack of carrier battle groups in and around hotspots is nothing to do with operational considerations, but something rather more simple: their ethernet cables don't reach far enough.

Windows for Warships indeed

And amongst El Reg's contributors on the subject, we have one Lewis Page, in February 2007: http://www.theregister.co.uk/2007/02/26/windows_boxes_at_sea/

That particle article covers UK warships but the US has the same basic stuff (in fact in industry-standard fashion BAe may well be subbing it out to the same comapny as does the US systems, so whatever vulns affect the US may well affect the UK fleet too).

So the concept of a "cyber attack" on a warship is not as daft as it may seem, the daft ones are the people who approved the concept of running mission-critical systems on Windows.

If you want to pick a fight with the Navy, do it immediately after Patch Tuesday, while they've not finished rebooting the fleet.

Why bother with cyberwarfare on an aircraft carrier?

A couple of Kilo-class diesels would be able to target these aircraft carrier anyways.

Even though the Canadian media has a field day on the sub purchase that we did from the Brits, I recall that in a wargame, that even these old diesels can take down an aircraft carrier. With the PLAN having homemade submarines that seemingly can stalk US warships and occasionally pop the hatch and say "Hello", that wouldn't be a concern, at least at the chinese coastal waters.

79,000 per year? Is that all?

SELinux tells me I got 4000 "hacks" (login attempts) on my SSH server yesterday. That makes about 140,000 attacks per year, not including the exploit searches on the web server. About half of those seem to come from Chinese owned IPs, so does that mean I'm about as dangerous to them as the Pentagon? I'm impressed...

Half the needs are in place...

I took a tour of a US Navy missile frigate in Boston years ago, and was taken aback when I got down into the command room and saw Windows NT screens glowing in the darkened area. I was assured that these were hardened Windows boxes.

Now all we need is some sort of insecure net access and we're all set...

@Why bother with cyberwarfare on an aircraft carrier

Heck a couple of kilo-ton class nukes will do an even better job.

I think subs might be relatively OK though: bandwidth through ocean is supposed to be quite low. So a great big Windows-targetting VB or VB Script worm would take forever to infiltrate a sub. And... the subs can just hide underwater to avoid attack.

The navy should just switch to OpenBSD and Sendmail from whatever they use now, they should be a lot safer: almost nobody understands Sendmail and almost nobody uses OpenBSD, whereas Linux books abound and Exchange is just point'n'click (huh huh grunt scratch)!

An important question here, though, is: are the Chinese employing assembly language or C programmers to make teeeny tiny little viruses that can move quickly at low bit rates? Maybe they're not even afraid of pointers! Just think of the risk! Citizens of the western world need to know!

Perhaps Bill Gates' proposal - from back in approx 1996 at the dawn of large scale online Windows hackery - to restrict ownership of compilers to responsible, approved, and designated software developers *was* a good idea.

When the war comes, I predict all the programmers will be interned in camps because they will be considered too potentially dangerous to leave unsupervised.

Also, for Daniel Moss: you really want to be using fail2ban, my friend.

Not quite as alarmist as you might think

"'The Pentagon logged more than 79,000 attempted intrusions in 2005 ... The Pentagon uses more than 5 million [networked] computers.'

"That seems to be about 0.01 attempted intrusions per computer per year: an unbelievably low figure. If it's actually true, the US military can relax."

I wish. While I do not know the exact number of total attempted intrusions, I do know from a certain government-dwelling relative that the cyberattacks we are faced with are a serious problem, and before you ask, no, she's not part of the Department of Misinformation. The media, El Reg included, apparently, has not been given, nor is it giving, the full story.

Internet access..

Most carriers provide internet access to their crew. Although these networks are separated from command and control systems, people are not. All you need is an usb flash drive (or an ipod that needs charging) to carry an infection from one of the public access computers to the control system of a ship. We know from the latest tests that some of the systems are orinary laptops or military grade pc-s and servers. Last time I checked the us navy was using solaris on it's older hardware but chances are big that since then they upgraded their systems.

My biggest suprise was seeing windows nt 4.0 on an american made intensive care life support system. Finding out that some Indian tech guy replaced a safety switch connector with a jumper was just plain too much.

Puns ahoy!

"When the war comes, I predict all the programmers will be interned in camps because they will be considered too potentially dangerous to leave unsupervised."

Would the area that these camps covered then be a security patch?

I'll get me coat...

@Sergei Andropov

These current attacks a threat? Yes, of course they're a threat. Spammers, script kiddies, and phishers are a threat to everyone on the 'net, not just to the USA military. And these days many of them are based in China. But the Yella Peril they ain't.

Richard

The China Cyber Army

There are a least 8 China Hacker Groups. we call them as HuBei Jun(Jun for military troop)

ShangHai Jun, Beijing/TienJing Jun, GuoDong Jun, FuJian Jun, SiChuan Jun, JianSu Jun, SiAnn Jun.

Through incidents handling and investigation with law enforcements,

we found some evidences to prove the china hackers (targeted attack/ spearing phishing)

were come from government (military,intelligent dept and public security).

We have inspect the tools, from the begining trojaned e-mail, backdoor, and realy tools in the way stations.

At first, using Microsoft word (*.doc) file with exploit, to drop backdoors or download spyware from other way stations.

And the backdoor connect back to way station, when hacker came from China (fixed IP or ADSL) to remote controlling victims.

What they want is to collect the contact list files (outlook, MSN ...) to build a huge database about relationships for future use,

from the contact list, hackers can send a 'well-make' trojaned mail to the others in the contact list, then victims

will trust the e-mail's subject and fake e-mail source, open it and been compromised. And, periodically jump back to collect the lastest

documents in all file types. Even steal your mail account to have a copy of your mail boxes.

From the official document shows, the cyber operation was directly sponsored or supported by General Staff Department Sec. Four. And the evidences shows they:

(1) Organized: have principle, formal check-in/out time,

in our domain name (used by backdoor) observations, they start to work at 0700 GMT+8 Round 1, 1150 Lunch, 1400 Round 2, 1730 Take a break,

then, depends on group, have night team, to hack foreign countries.

(2) the Tools. not common seen in public Internet .

some hacker groups using the same military produced/purchased hacking tools.

(3) the source IP we sniffer from incident handling, can be directly mapping to military regions of China.

the story is on going everyday!

Cylon attacks notwithstanding........

Anyone else think the whole networked military situation was predicted with the second coming of the Cylons and their infiltration of the humans computer systems that had been so universal that one successful attack brought it to its knees?

Okay, on a serious note now, I remember a college visit to a main police station in Northallerton (Yorkshire) where the staff there were in pushing the fact that the countries computer systems were all non-networked incompatible systems which would prevent a single hacker knocking out the whole lot in one go, although necessitated the employment of staff to transfer details manually between forces. This was back in 1988/89.

I've also heard rumours the British Army in some ways welcomes attacks on its defence firewall, just to prove it can withstand the attacks successfully!