back to article Russia and China bombard Blighty with 188 cyberattacks in 3 months

Britain has been hit by 188 "high-level attacks" in the last three months. Some of these attempts include Russian state-sponsored hackers trying to steal defence and foreign policy secrets, according to the UK's newly appointed National Cyber Security Centre chief Ciaran Martin. Russian and Chinese attacks on defence and …

Silver badge
Coat

And it is still a nightmare to get vendors and managers to take security seriously and fund it properly.

3
0
Silver badge

And it is still a nightmare to get vendors and managers to take security seriously and fund it properly.

The Internet was designed to route around damage so that data could always get to the endpoint. As it expanded, people didn't really think through the implications because (let's be honest) it was just such fun in the early days. And then people didn't want to pay for stuff and some genius had the idea of using advertising as a form of micropayment, followed by cookie tracking and end user espionage.

And then people wonder why it isn't secure.

6
0
Anonymous Coward

Source IP does not mean that's where the attack came from

Have you not heard of compromised proxy machines to launch an attack you clown.

You see the source IP in your logs and say 'See - that's an IP in Russia that is' with no clue as to who is driving that remote machine.

12
4
Bronze badge

Re: Source IP does not mean that's where the attack came from

The article doesn't mention source IP. You can often tell the origins by the language of comments embedded in the attack code, for example.

4
3
Silver badge

Re: Source IP does not mean that's where the attack came from

And Russian packets have snow on their boots

9
0
Bronze badge

You can often tell the origins by the language of comments embedded in the attack code

Gosh, so the real attacker would never think of impersonating the language / localisation of the nation / target they are attempting to frame?

7
0
Silver badge

Re: Source IP does not mean that's where the attack came from

Et moi, je suis Francais. Tu vois? J'ecrive en Francais, donc il faut que je sois Francais.

Except I'm not. See how easy it is?

2
0
Silver badge

Re: Source IP does not mean that's where the attack came from

"You can often tell the origins by the language of comments embedded in the attack code, for example."

And it would never, ever occur to a hacker who is trying to obfuscate their identity, to simply insert comments in a language other than their own?

0
0

I call bullshit. 188 attacks that they NOTICED in a three month period. As for knowing where they originate from, are we living in the movies now? They have some 'hacker' tracing IPs and VPNs around the world until they hit a laptop in Starbucks, Moscow?

10
2
Anonymous Coward

That's weird

It's weird they're mentioning just these two countries.

There are plenty of other countries around the world also originating similar behaviour.

So why mention just these two?

7
2
Anonymous Coward

Sadly, I call "lack of knowledge."

They can find and trace the traffic via command and control messages sent in from their "admins." None of the really good malware is completely automated, yet. There is a need for humans to monitor and control the process and the monitoring and control of the botnet. The people with the ability to see, and correlate, this traffic are the government and other agencies with the ability to see all the traffic; inside, AND at the ingress/egress points. You're lack of knowledge is disturbing. I am not a senior network security person, merely a senior Linux and large data center hosting admin, and I know this. You should read more info, and less opinion-related items.

2
4
Bronze badge

Its just to keep us busy watching those packets coming into your computer when you could be enjoying life.

If they really wanted to do something about it, GCHQ would have built something to secure what they can coming over the networks like China. After all economic activity is important right, you dont want the NHS losing your records to some hacker collective who publishes it on the dark web now do we, or some banks getting hacked?

National Security? Thats a joke, they are the one's carrying it out whilst the innocents get targetted just like in a real war. Hacking celebs and giving the media the tip off's is all just part of the charade, aint that right Beckham?

2
1
Silver badge
FAIL

I can't even figure out the scope of these numbers. What I do know is if it's only 188 in 3 months then Russia and China aren't trying very hard. I could do billions in minutes without even really trying. Again, scope is at question.

Love the idea of GCHQ telling people that we're under attack, we were all wondering when GCHQ were going to notice, stop looking at people's cat pictures, and actually contribute. (Also that GCHQ are the planet's biggest threat to UK corporate IT; we've all seen the slides).

5
1
Thumb Up

re "Sadly, I call "lack of knowledge.""

Why downvote this post? The author made reasonable points, rebutted the previous post and all in a temperate way. Has the intolerance and belligerence of Brexiters infect us here too?

1
3
Silver badge

Bullshit cubed

188 attacks that they SAY they noticed in a three month period. The "intelligence agencies" (aka secret police) often tell us that they have crushed 13,481 terrorist attacks in the past year.

Well, they would, wouldn't they?

1
0
Silver badge

Security snowflakes?

"A Russian official revealed that the country is the target of hundreds and sometimes thousands of cyberattacks every day, some of which are launched from the United States".

http://news.softpedia.com/news/russia-hackers-attacking-putin-s-website-thousands-of-times-a-day-511877.shtml

1
0
Anonymous Coward

Re: re "Sadly, I call "lack of knowledge.""

Why downvote this post?

In your case, the down-vote is for the pointless, inflammatory, and belligerent reference to brexit.

At this rate, we will soon have to revise Godwin's law.

4
0
Silver badge
Devil

Re: Security snowflakes?

"A Russian official revealed that the country is the target of hundreds and sometimes thousands of cyberattacks every day,"

it's almost expected, yeah. 'Spy vs Spy'.

But when you get economic sanctions because of alleged 'hacking', it should be backed up with some REAL evidence. Just sayin'.

0
1
(Written by Reg staff) Gold badge

Re: Re: Security snowflakes?

The U.S. applied economic sanctions against Russia in response to the annexation of Crimea. Hacking has nothing to do with this decision.

0
0
Silver badge
Devil

Re: That's weird

"So why mention just these two?"

it's popular?

0
0
Anonymous Coward

Re: re "Sadly, I call "lack of knowledge.""

Because he/she was rude, smug, and also pretty damn clueless...

... and then said other people had the lack of knowledge.

That's my "why" anyway.

0
0
Anonymous Coward

Re: That's weird

> it's popular

Hmmm, I'd more call it "propaganda", but YMMV. :)

3
0
Silver badge
Facepalm

Ever hheard of a thing called 'espionage'? How about "SIGINT'?

0
0
Silver badge

Why bother hacking - defence, we have none whilst our nuclear subs are getting new window curtains fitted and foreign policy - suck up to those whose country is building our new war planes.

4
0
Silver badge
Coat

The UK arms industry is fairly successful and the number five exporter behind the USA, Russia, Germany and France with China as number six according to the Daily Mail.

https://en.wikipedia.org/wiki/Arms_industry#World.27s_largest_arms_exporters

Industrial espionage is hardly anything new but I agree it must be hard to prove exactly who is behind every hacking attempt (and I am sick and tired by the word cyber for now, and so is my spellchecker).

0
0
Silver badge

Why??

Name one area of military technology in which Russia could learn anything from the UK.

0
0
Anonymous Coward

Acts of war?

If these are truly state sponsored attacks, then surely they should be regarded as acts of aggression or war? Just because the countries in question aren't lobbing bombs at us or directly physically attacking us, doesn't mean there are no consequences to our country's well being or economy.

3
1

Re: Acts of war?

"then surely they should be regarded as acts of aggression or war?"

Don't fall in to their trap my friend. If this is state sponsored there is no need for war. 'The State' is nothing to do with the actual people of Russia or China, just like ours is sadly nothing to do with us. Don't let the pathetic posturing of our 'leaders' lead you to grow hate for millions of innocent people.

7
1

Re: Acts of war?

Let's hope it's not an act of war since you can bet your bottom dollar that we're equally busy trying to squirrel into their networks (if only to find the infamous Trump rumpy-pumpy (mostly pumpy) videos).

3
1
Anonymous Coward

Re: Acts of war?

If these are truly state sponsored attacks, then surely they should be regarded as acts of aggression or war? Just because the countries in question aren't lobbing bombs at us or directly physically attacking us, doesn't mean there are no consequences to our country's well being or economy.

That slope has more grease on it than a monkey in a machine shop.

Even forgetting about the difficulties with attribution and proof, what is the threshold for the consequences to our country's well being or economy? For example, Chinese government may argue that BBC Chinese Service causes harm to China's well-being and economy by spreading news which it would rather have suppressed. Would that constitute an act of war? Or the Russian government may argue that the sanctions imposed by the UK government cause harm to the Russian economy. Would that be an act of war?

There are many good reasons to avoid this verbal inflation and hysteria; only somebody who'd never been on the receiving end of the actual war or even a limited peace-keeping action would seriously equate a booby-trapped powerpoint opened by a moron with an act of war.

4
1
Silver badge

Re: Acts of war?

If you are plotting to kill me, then surely I ought to get my retaliation in first and attack you.

There are many problems with that line of thinking, the greatest of which is the word "if". One does not declare war on the basis of unsubstantiated suspicions - or reports issued by self-serving officials.

Nor, of course, does one declare war on a power that could render the UK uninhabitable within one hour.

1
0
Silver badge

Re: Acts of war?

Intelligence gathering prior to an act of war isn't, in of itself, an act of war as far as I am aware.

If that knowledge was then used to damage a country's infrastructure, for example, then yes, that would be an act of war (if it was initiated by a state actor - but how can you tell? It could just as easily be carried out by a corporation in that country (assuming you could identify the country reliably)).

The problem is that of the language used. 'Attack' infers some kind of damage, whereas what they are actually describing is 'espionage' or perhaps 'infiltration'.

1
0
pdh

Fuller disclosure

It would be interesting if accusations like these also included a line saying: "And in that time, we ourselves have mounted or sponsored X number of attacks against Russia and China, using the same definition of 'attack'."

Even if the number X is zero, it would be interesting to hear the government state that out loud, with a straight face. (And then to hear them explain why they believe zero is the most appropriate value of X.)

5
1
Silver badge

Re: Fuller disclosure

Why would we bother hacking our enemies?

Unless there is a war what good does it do to know the Russian or Chinese military's secrets?

It would be far more valuable to be hacking the Eu ministries that will be negotiating Brexit or the US agencies that will be deciding on the tarrifs to place on the UK

3
0
Silver badge

Re: Fuller disclosure

Unless there is a war what good does it do to know the Russian or Chinese military's secrets?

By the time there's a war on it is a bit late to think "Ooh, we'd better hack their military secrets". As a general rule, a successful cyber-espionage campaign takes a lot of scoping, planning, and execution (plus design, coding and testing if you need new spyware able to infiltrate nation state defences).

0
0
Anonymous Coward

"complete shutdown of our critical national infrastructure."

oh no - a talking head said it again... he needs a visit to CyberSquirrel1 to calm his nerves...

2
0
Silver badge

Re: "complete shutdown of our critical national infrastructure."

That's where we have tricked them - we already have out own system for doing that

2
0
Silver badge

Attribution is (virtually) impossible

IP-Addresses say nothing, code styles can easily be faked or you can just buy exploits on markets, foreign characters in filenames or paths can easily be faked as can dates and times.

We live in a world, where it's likely that the actions of some little kid are seen as a state sponsored attack, no matter how primitive they were. Also we live in a world where false flag operations are nothing uncommon.

If those organizations mentioned in the article would actually care about security, they would provide guidelines for actual security. They would advise against office software, they would advise against complex file formats, particularly proprietary ones. They would warn against closed source software, particularly when there's an auto update mechanism.

6
3

Re: Attribution is (virtually) impossible

"We live in a world, where it's likely that the actions of some little kid are seen as a state sponsored attack"

Or we live in a world where governments will use the actions of some little kid as an excuse to flex the muscles and start measuring each others dicks.

2
2
Anonymous Coward

Soo..

Do these (presumed) state-backed operators need this data in order to fight terrorism and keep us all safe? Because that is (as far as I understand these things) the reason why our own state usually mounts cyberattacks and conduct espionage against its own people)... Is China and Russia just trying to protect us all as well?

Joking aside, I know that the various UK security services are probably less likely to abuse my, yours, and any UK company data that they somehow obtain (meaning using the data outside of their stated purpose of obtaining such data - like building a competing company or product), but the foreign agencies are probably less likely to come knocking on your door in the middle of the night.

So on the whole, I'm not 100% sure who'd I'd rather be cyberattacked by.

1
1
Silver badge

Re: Soo..

"Because that is (as far as I understand these things) the reason why our own state usually mounts cyberattacks and conduct espionage against its own people)..."

I'm afraid that your words show you don't understand these things very well. Your own state emphatically does not spy on you and others "in order to fight terrorism and keep us all safe".

For a start, the threat to British citizens from terrorism is virtually nil. Noise level. You are more likely to be struck by lightning, killed by a bee sting or run over by a police car than killed by terrorism in Britain. (And please don't tell me that's because the police are so efficient).

Moreover, even the tiny threat that does exist could be virtually extinguished if our own precious government(s) would just stop killing foreign people going about their own business in their own countries. It's not a lot to ask, is it?

3
0
Silver badge

Re: Soo..

https://static.guim.co.uk/sys-images/Guardian/Pix/pictures/2011/10/28/Factfile_deaths_large.png

In 2010, apparently 142 people died from Swine Flu in the UK!!?

0
0
Black Helicopters

Been going on for centuries....

...just not using this medium.

Previously spying was done through bribery, corruption, blackmail and just plain physically stealing stuff, it's now much easier to hack into another countries vulnerable systems instead.

Perhaps a massive denial of service attack or a deliberate act of sabotage that could be traced back unquestionably to a foreign power (and I imagine that's very difficult to prove) could be construed as an act of war. Until then it is the ancient art of espionage through another avenue.

4
0
Silver badge

"Some of these attempts include Russian state-sponsored hackers trying to steal defence and foreign policy secrets"

I always wonder at organizations that feel they must make everything available over the internet.

Perhaps "secrets" don't really need to reside on a computer?

BTW: Is "defence" a British spelling?

0
0

Defence vs Defense

@etatdame

"Defence" is the preferred spelling used in most varieties of English except American English which uses "defense".

6
0
Anonymous Coward

Re: Defence vs Defense

preferred spelling used in most varieties of English except American English...

As it is already the second language of the US of A, I wonder if our colonial rebels also mangle Spanish when they spell and write that?

0
0

Re: Defence vs Defense

Very likely ;-)

0
0
Silver badge

Re: Defence vs Defense

"I wonder if our colonial rebels also mangle Spanish when they spell and write that?"

Yes, because like American English isn't English, Mexican is not Spanish ;-p

0
0
Silver badge

Re: Defence vs Defense

It has been suggested that some of them think people in Latin America speak Latin. And there was one prominent US politician who visited Rio de Janeiro and, attempting to emulate John Kennedy in Berlin, told the Brazilians, "I am a carioca (a native of Rio)".

Unfortunately he said it in Spanish.

1
0

It is one thing to have the US hacking Angela Merkel's phone but quite beyond the pale for the Russians and Chines to hack us isn't it?

10
2

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017