back to article The Obama-era cyber détente with China was nice, wasn't it? Yeah well it's obviously over now

Infosec pros might have already noticed some familiar IP address ranges in their system logs – China has returned to the cyber-attack arena. That's the conclusion of threat intel outfit CrowdStrike, which released its midyear threat report this week (downloadable here with free registration). The firm's Falcon OverWatch team …

  1. Anonymous Coward
    Anonymous Coward

    Reall?

    From the article:

    >Alperovitch said that the 2015 Obama-era non-hacking pact had led to a decline in hostile activity, at least at the state level.

    And yet they got data for F-35 in 2017: http://fortune.com/2017/10/14/hacked-f-35-data/

    Just how naive can people be?

  2. Ledswinger Silver badge

    Re: Reall?

    And yet they got data for F-35 in 2017:

    Who said they hacked it? Surely we should all want China to copy the mad, complex, expensive, impracticable F35? We can move towards a situation where the militaries' demand for unaffordable "state of the art" toys makes big nation versus big nation wars unfeasible.

    On current progress, in three decades the US will have the F42 with a programme cost of seventy trillion dollars, and as a result USAF will have one, and USN the other. Impoverished European air forces will be holding together a handful of aged F35s and Typhoons with sellotape and string.

    We have to hope Russia and China will likewise have out-teched their own pockets.

  3. Big John Silver badge

    Re: Reall?

    > "Just how naive can people be?"

    Well, Democrat Senator Dianne Feinstein employed a Chinese spy as a chauffeur for 20 years, up until a short time ago.

  4. John Gamble

    Re: Reall?

    "Well, Democrat Senator Dianne Feinstein employed a Chinese spy as a chauffeur for 20 years, up until a short time ago."

    ...or possibly not.

  5. This post has been deleted by its author

  6. veti Silver badge

    Re: Reall?

    They hacked data for the F-15 in 2007. Source. All they took in 2016 was some manufacturing data, to supplement the much more valuable (but still non-classified, according to the DOD) design materials they already had.

  7. Anonymous Coward
    Anonymous Coward

    Re: Reall?

    >All they took in 2016 was some manufacturing data,

    Sure. As they still plan to sell tons of these fighters for eye watering sums, they simply will have to say this. Compromised fighters do not sell like hotcakes.

  8. Chairman of the Bored Silver badge

    You keep using that word.

    I do not think it means what you think it means.

    $word =~ s/inconceivable/drop-off/g

    For me and my logs, 2016 fits a long-running pattern. A monotonic increase in Chinese(x) activity. Mostly idiotic port scans and occasionally something that makes me sit up straight and think

    (x) yeah, I know attribution is tough in a spoofed or multi-hop environment, yadda yadda

  9. Rich 2

    China

    So remind me again, why do we (primarily Europe and the US) keep throwing money at a state that has an appalling human rights record, routinely locks up anyone who it doesn't like, has an appalling environmental record, is hostile to anything outside of itself, and has no recognisable morals at all; has, basically, an abhorant government that has its eye on world domination and enslavement?

    Then again, we think nothing of fucking-up the planet either!

  10. hplasm Silver badge
    Coat

    Re: China

    But enough about the US...

  11. Chronos Silver badge

    Re: China

    @hplasm: Spooky. That's exactly, word for word, what I was thinking when reading that comment.

  12. Anonymous Coward
    Anonymous Coward

    Re: China

    If you want your cheep tracking devices, errrr phones, you'll shut up.

  13. sprograms

    Re: China

    Absurd. It is that sort of late-night political "humor" which allowed the perpetuation of the corporate sabotage of the US technology manufacturing sector, including the assembly business, to continue, allowing domestic corporate tech profits to sky-rocket at the cost of trade imbalance, employment reduction, and technology transfer (imposed openly or taken by theft) for so many years.

    If you really equate the US to China, you wish to live under a totalitarian government, with your credit rating determined by your Facebook comments, a government with a leader-for-life, active Death Vans scooting from town to town, and re-education camps for religious minorities. But it's all a joke, right?

  14. Version 1.0 Silver badge

    Re: China

    But enough about the US..." and the Conservative Party.

  15. Chronos Silver badge

    Re: China

    But it's all a joke, right?

    No, it's the lesser of two evils. Just because the West's excesses aren't as visible as China's doesn't make them any less evil. Satirising these excesses are probably the only recourse we have at this point - until, that is, people like you come along and try to stop us with silly hyperbole. For example:

    and re-education camps for religious minorities

    Sounds like Gitmo to me.

    Now that's reductio ad absurdum done properly.

  16. JohnFen Silver badge

    Re: China

    Because we (the US, anyway) as a nation prioritize making a profit over literally every other consideration.

  17. DavCrav Silver badge

    Re: China

    "Just because the West's excesses aren't as visible as China's doesn't make them any less evil."

    They really are less evil. China has a million people in re-education camps and has a proper 1984-style good citizen ranking. Seriously you guys, sort yourselves out. I don't see any of you rushing to move to China, which kind of suggests that deep down you know it's actually a whole lot worse.

  18. Anonymous Coward
    Anonymous Coward

    Re: China

    They are the lowest cost bidder...

  19. JohnFen Silver badge

    Re: China

    "They really are less evil."

    Indeed, which is exactly what Chronos' comment that you're replying to said: "it's the lesser of two evils". So you're agreeing with him.

  20. Big John Silver badge

    Re: China

    > "So you're agreeing with him."

    Name one national government that isn't evil. Chronos's comment was meant to put down the US, period.

  21. veti Silver badge

    Re: China

    China has a million people in re-education camps

    The US has over 2 million. Plus twice that number on parole.

    You don't see me rushing to move to the USA either.

  22. Chronos Silver badge

    Re: China

    Name one national government that isn't evil. Chronos's comment was meant to put down the US, period.

    No! It was meant to put down blind faith in western "democracy," i.e. the pre-selected choices we get to elect the usual bunch of corrupt incompetents every single time, as the epitome of human advancement in government. You completely missed the point when I switched from "The US" to "The West." While we're lobbing rocks at China, we're not sorting our own shit out. "Better than them" == "dryer than the sea" and is no cause for celebration or declaring the job done.

    This little island and Europe are currently deadlocked in a battle to see which bunch of corrupt incompetents gets what slice of the pie to waste - and waste it they will, whoever wins. Granted, they won't have big limos and massive security retinues - oh, wait...

    So no, I'm not chucking rocks at the US. I'm chucking rocks at the people who meekly accept this system that only delivers misery time and again, myself included as my sole contribution to protesting this situation is to refuse to take part aside from making snide comments on El Reg. At least you folks have write-ins on your ballots, for all the good they do...

  23. MacroRodent Silver badge

    Re: China

    》name one national governement that isn't evil

    Easy: just about any of the smaller western European countries. Part of the problem is scale. In small countries it is easier for citizens to hold the leadership accountable. I fear democracy just does not work above a certain size.

  24. Cuddles Silver badge

    Re: China

    "I don't see any of you rushing to move to China, which kind of suggests that deep down you know it's actually a whole lot worse."

    You don't see us rushing to move to the US either. The thing about the world is that there's quite a lot of it, and China and the USA aren't the only countries in it. "Country A does bad things" does not mean the same as "I love Country B and would do anything in my power to go and live there as soon as possible", especially for someone who actually lives in Country C and has no reason to move to either of the other two. That said, I know several people who either have, or are planning to, move to Countries D, E and F, at least in part because Country C does itself have issues becoming more similar to A and B than many are comfortable with.

  25. Anonymous Coward
    Anonymous Coward

    Re: China

    "a government with a leader-for-life"

    give trumpy a chance he's working on it!!.

    wasn't he reported as saying we'll have to try that.

    and was very keen on getting people to praise him like his mate from N.Korea getting a lot of respect from citizens!!!

  26. vtcodger Silver badge

    Re: China

    It's my impression -- perhaps incorrect -- that the Chinese have a high opinion of profits as well.

  27. Anonymous Coward
    Anonymous Coward

    Re: China

    > Easy: just about any of the smaller western European countries

    Interesting thought. Seems Switzerland hits the sweet spot perfectly.

  28. GnuTzu Bronze badge
    Headmaster

    "a state that... has no recognisable morals at all"

    Do nations really have morals? {Insert ugly political debate here.} I'm just too cynical to believe that any power structure would not strive to maintain power of some kind or another or gain more.

    Yet, I did have to back up on that statement to make sure I understood who or what you were saying had "no morals at all."

  29. Anonymous Coward
    Anonymous Coward

    "Do nations really have morals?"

    Some do until they get a right wing bunch of twats, then they like to kill off the poor and disabled....rings a bell Mrs Maybot

  30. Anonymous Coward
    Anonymous Coward

    The lower labour costs and less restrictive policies that protect people and the environment make it cheaper to manufacture the stuff that we buy from them.

    Those same states have built their economies and now compete with us for the planet's limited remaining resources, and some have a military capability that cannot be ignored, and we funded!

  31. veti Silver badge

    Of course they're competing for resources. What else *could* happen?

    And better for them to have a military that you (indirectly) support, than to have one that doesn't need you to support it.

  32. Chris G Silver badge

    I would love to see the figures for who is hacking what in China , Russia etc.

    I notice a lot of spurious stuff comes from i.o. Now who has a cyber base in Diego Garcia?

    I think there are a lot of pots complaining about kettles.

  33. Mahhn

    okaly dokaly

    "China has returned to the cyber-attack arena"

    Think all that back door'ed hardware was engineered and made in the last year? Iol nope.

  34. Anonymous Coward
    Anonymous Coward

    Please....

    There was never a detente. Ever.

  35. bombastic bob Silver badge
    Devil

    Re: Please....

    it also proves that bending over and apologizing to the world is NOT a good strategy. [better to negotiate from a position of STRENGTH]

    If China were 100% "our friend" they wouldn't be reacting this way. Their goals were obvious, they've been called out on them, and they stopped pretending to be our friends, so much.

    It's time to get lights out factories up and running 'back home', in lieu of paying a 'bunch of warm bodies' slave wages to do things manually in China. Pick & place and automated processing competes with China, easily. Seen it. And labor in places like Mexico is a bit more 'affordable' these days, all things considered.

    China spent quite a bit of time trying to lock down the supply chains such that you HAVE to go to them, more or less, for pretty much EVERYTHING. I spent some time looking for possible components for a personal project, and saw a bunch of things marked as 'tarriff included' on the pricing (in this case, surface mount resistors). A lot of manufacturers use discrete parts that are made in China. But I bet an automated factory in the USA could do the same thing, once it's up and running. The reason the China factories are so popular is they're basically "down the road" from the assembly houses and board shops. So China has everything 'in one place' more or less which cheapens the overall supply line.

    When things are built in lights out factories NOT in China, it becomes more reasonable to use domestic makers of discrete components, too. With automated processes, you don't need "a pile of warm bodies" to get things done any more.

    It wouldn't take a whole lot of time to shift things over, I bet. A year or two perhaps, and lights out factories would be building discrete components in the USA and Mexico and Canada, and EU too.

  36. Jack of Shadows Silver badge

    Re: Please....

    Even less of a difference once transportation/distribution costs are factored into the complete supply chain opportunity costs. I'm still trying to figure out what "lights out factories" are. What-evah. There's a lot of much more friendly places to place one's sources than the PRC anyway. Already relocation targets are being looked at since, obviously, our corporate masters are scheming for a way to that next bonus.

  37. JohnFen Silver badge

    Re: Please....

    "A year or two perhaps, and lights out factories would be building discrete components in the USA and Mexico and Canada, and EU too."

    I think you are seriously underestimating the time and cost of doing this. As a goal in ten years? Sure. In two? Not a chance.

  38. Anonymous Coward
    Anonymous Coward

    Re: Please....

    "It wouldn't take a whole lot of time to shift things over, I bet. A year or two perhaps, and lights out factories would be building discrete components in the USA and Mexico and Canada, and EU too."

    Yeah trumpys really brought the manufacturing of his trashy crap home, lol, even "MAGA" hats aren't made in the USA..really bright voting for that twat!!!

  39. Anonymous Coward
    Anonymous Coward

    Re: Please....

    > it also proves that bending over and apologizing to the world is NOT a good strategy.

    You would have thought people had learned after Chamberlain but no - you clocked up plenty of down votes.

    So for those who insist on repeating the ugly parts of history:

    Winston Churchill — 'You were given the choice between war and dishonour. You chose dishonour, and you will have war.' - To Neville Chamberlain'

  40. heyrick Silver badge

    "Primarily they're focused on stealing intellectual property... in order to counteract in part the trade tariffs we're putting into place on them."

    That's an interesting comment to make given that the West has been busy handing over IP for years since it's cheaper to get stuff made there (and pretend to care about the workers).

    Maybe the rise isn't to do with IP but simply because China doesn't consider America and friends to be their friends any more.

    As for server logs - undesirable attempts from China are pretty regular. Always have been. Now would somebody care to explain the rise in the same sort of portscan nonsense from Israel? Are we expected to be too stupid to realise both sides are at it?

  41. Anonymous Coward
    Anonymous Coward

    "As for server logs - undesirable attempts from China are pretty regular. Always have been. Now would somebody care to explain the rise in the same sort of portscan nonsense from Israel? Are we expected to be too stupid to realise both sides are at it?"

    If anybody trusts the source ip as being the true source of a hack they are fucking idiots...(and I know..don't ask I wont tell!)

    First thing a competent hacker does is bounce off other targets, the number of badly configured servers running compramisable software is insane...

    An IP from a particular country pretty much proves nothing about the true source...

  42. JCitizen
    Coffee/keyboard

    True.. but...

    At about 2003, when I first started logging this kind of thing; the PRC was so arrogant that they didn't bother doing fancy server bouncing like you describe. The sources of the attacks made sense too - usually military bases or industrial parks. After people woke up, they shifted the IP addresses to "Universities", then when that got public attention, they built a mysterious communication building that could only be described as a major "CIA" type communications center where the attacks were coming from. This didn't fool anybody, so they finally simply copied the same technique criminals use just as you describe. l have no doubt the PRC is still doing just what they've always been doing, and probably worse - but you are right, the original source is hard to determine ( but not impossible either). We are doing it to them and our friends too, so it is a bit disingenuous to cry loudly about it, but that doesn't mean we have to lie down and forget it either.

  43. Andromeda451

    PRC anyone?

    Anyone believing that our friends in China ever took a break under Mr. Obama has been smoking illegal substances way too long. The Chinese NEVER stopped their attacks. The difference was it was politically expedient to ignore their efforts. I visited China in 2012 and upon returning to my hotel room found that my luggage and laptop had been discretely searched, too bad the PLA didn't properly train their peeps for the "tells" I placed.

  44. bombastic bob Silver badge
    Meh

    Re: PRC anyone?

    what OS on the laptop? also you might want to see if the BIOS was re-flashed (or similar)

  45. Gene Cash Silver badge

    Block 'em

    A rising tide of portscans has made me block all the .ru & .cn IP blocks... and I STILL get a dozen daily attacks on my little home network.

  46. Anonymous Coward
    Anonymous Coward

    Re: Block 'em

    "A rising tide of portscans has made me block all the .ru & .cn IP blocks... and I STILL get a dozen daily attacks on my little home network."

    you would have to also block huge ranges of IP's held by a lot of web/server hosting companies, not to mention the ip blocks of ISP's that are handed out to users (insecure routers/IOT devices)

  47. JCitizen
    Mushroom

    Re: Block 'em

    There was a time when I was tempted to block the entire range at APINIC, RIPE NCC, and Wasilla Alaska;; but a guy would probably spend all his time configuring exceptions to that now days.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018