Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

China launching constant attacks on military networks (early drumbeats??)

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread		 This topic is archived.
Home » Discuss » Latest Breaking News Donate to DU
 
Junkdrawer Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 08:37 AM
Original message
China launching constant attacks on military networks (early drumbeats??)
U.S. military computer networks are under constant attack. And the rate of attack is skyrocketing, from 300 in 2003 to more than 75,000 last year. "Our adversaries are able to inflict a substantial amount of harassment and a measurable amount of damage upon DOD communications networks at practically no cost to themselves," says the director of technology for the military group responsible for defending networks.

So who is our adversary? Who is checking constantly for ways to breach Defense systems and learn about classified military plans? Al Qaeda? China, according to an article today on FCW.com. The article quotes former Army chief of staff Jack Keane:
"The Chinese were doing this on a regular basis. That’s a given. They’re very aggressively getting capability. It’s common knowledge in the Pentagon."

One Army officer says a Trojan horse virus was used to breach a system and download information about the capabilities of a future Army command and control system "for eight months before the service detected a security breach."

DOD officials think can contain 90% of the attacks through better procedures but as many as 10% of attacks may get through because of advanced hacking procedures.

http://government.zdnet.com/?p=1665



Hmmm... Rumors of an Iranian bombing / joint Sino-Soviet military exercises and now this in my inbox at work....
Printer Friendly | Permalink |  | Top
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 09:15 AM
Response to Original message
1. There is a very obvious fix for this.
Don't connect to the internet.
Printer Friendly | Permalink |  | Top
 
Junkdrawer Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 09:24 AM
Response to Reply #1
3. I worked on a Canadian healthcare project and their entire healthcare...
infrastructure runs on a network physically separated from the Internet.
Printer Friendly | Permalink |  | Top
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 09:49 AM
Response to Reply #3
5. Yeah. Like "Duh!".
Edited on Thu Aug-25-05 09:51 AM by bemildred
Or use a gateway-firewall and hire someone that actually knows how the damn thing works. There is no reason at all to expose important stuff to the Road-Warrior internet environment, have special surfing machines and put unimportant or bogus crap on them. Tell your employees they will have to surf at home.
Printer Friendly | Permalink |  | Top
 
StrafingMoose Donating Member (742 posts) Send PM | Profile | Ignore Thu Aug-25-05 11:28 AM
Response to Reply #5
20. the USA is looking for new threats...

And one way is too put your DoD network on the internet!
Printer Friendly | Permalink |  | Top
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 11:38 AM
Response to Reply #20
23. Can't have too many boogiemen, too true. nt
Printer Friendly | Permalink |  | Top
 
bpilgrim Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 09:50 AM
Response to Reply #1
6. that never works in the real world
gotta plan for failure =)

peace
Printer Friendly | Permalink |  | Top
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 10:11 AM
Response to Reply #6
12. I can assure you it does.
Edited on Thu Aug-25-05 10:22 AM by bemildred
Having been a network administrator for years.
In fact everybody used to run that way. There are
dozens of relatively simple strategies to allow
secure network access while not placing important
machines and data on the network.

But your are right, that would not instill fear in the
sheep, and good administrators cost money and won't take
any shit from dumb-ass MBAs.
Printer Friendly | Permalink |  | Top
 
bpilgrim Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 10:59 AM
Response to Reply #12
18. if it did you wouldn't hear about all this hacking via the internet
all orgs today need to allow internet access and that makes them vulnerable, no matter who they are.

locks are only for honest folks.

plan for failure

peace
Printer Friendly | Permalink |  | Top
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 11:17 AM
Response to Reply #18
19. Your logic sucks.
Even though people do run private networks (see post #3), you say they cannot.

DoD security policy will not allow the highest security computers to be connected to the internet at all for precisely that reason. These ones that are being pecked away at are the low-security or no-security ones.

I used to know lots of Gov't machines that were hanging out there, and most provided with "security through obscurity" and not much else, though I expect things have been tightened up by now.

It is true that any machine on the network must be considered "vulnerable", as the DoD security policy implies, but if there is nothing of value on it, there is nothing at risk, and there are orders of magnitude of difference in the level of vulnerability between well configured machines and the way most are shipped from the factory. A Un*x machine with no open ports requires a kernel hack to break into, or similar levels of exploit, an modern TCP/IP stacks have been gone over with some care to prevent that sort of thing.

If you need to provide access you can provide machines to provide that access without connecting your private network, "Honey Pots", "DMZs", etc.
Printer Friendly | Permalink |  | Top
 
bpilgrim Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 11:30 AM
Response to Reply #19
21. thank you
I am just pointing to REAL WORLD networks, especially LARGE orgs like the DoD and their complexity dictates that there will be FAILURE no matter how good your security is and it happens all the time.

i recommend clients PLAN for FAILURE and take steps to mitigate the risks and recover quickly once something happens.

I find that the best way to deal with the issue, but thats just my opinion.

:hi:

peace
Printer Friendly | Permalink |  | Top
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 11:37 AM
Response to Reply #21
22. I'll allow that's true.
Although the issue is not "how good your security is" but rather that "your security is going to suck regardless".
:hi:
Printer Friendly | Permalink |  | Top
 
MildyRules Donating Member (739 posts) Send PM | Profile | Ignore Thu Aug-25-05 10:05 AM
Response to Reply #1
9. Well we kinda have to
We use it for all kinds of stuff, just like everyone else.
Printer Friendly | Permalink |  | Top
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 10:11 AM
Response to Reply #9
13. See post #12. nt
Printer Friendly | Permalink |  | Top
 
MildyRules Donating Member (739 posts) Send PM | Profile | Ignore Thu Aug-25-05 12:15 PM
Response to Reply #13
30. We still need access to the REST of the network
and the network needs access to many DoD sites.

NIPRNet is just one small part; the DoD uses SIPRNet and JWICS to carry all of the classified data.

T
Printer Friendly | Permalink |  | Top
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 12:45 PM
Response to Reply #30
31. All I am saying is that if you have important stuff,
you should not make it available on badly configured
machines connected to the internet; and if you want
bulletproof security there is nothing like being physically
disconnected. You can't hack into a machine that is not
connected.
Printer Friendly | Permalink |  | Top
 
MildyRules Donating Member (739 posts) Send PM | Profile | Ignore Thu Aug-25-05 02:19 PM
Response to Reply #31
32. Agree
And the ones with the classified data are NOT hooked up to the Internet.
Printer Friendly | Permalink |  | Top
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 03:00 PM
Response to Reply #32
33. Right.
But the article says:

"Who is checking constantly for ways to breach Defense systems and learn about classified military plans?"
Printer Friendly | Permalink |  | Top
 
malachi Donating Member (653 posts) Send PM | Profile | Ignore Thu Aug-25-05 09:21 AM
Response to Original message
2. A friend that works in network security at Lockheed Martin says that this
kind of crap from the Chinese in nothing new. Happens routinely. Attacking the network systems in the US and disabling it is the one sure way to create chaos. No one can match us head to head militarily, defeat will come to the US through the internet. Everything in this country is dependent on IT for survival.
Printer Friendly | Permalink |  | Top
 
converted_democrat Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 09:47 AM
Response to Reply #2
4. Perhaps this is not new, but
I assure you that China and Russia carrying out joint war exercises is new. We are headed to World War III and it's us against the world. They have both made it clear that they will not stand back and just let us attack Iran. NONE of this is good news.
Printer Friendly | Permalink |  | Top
 
sasha031 Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 09:54 AM
Response to Reply #4
8. Ditto that
I agree Converted, I am afraid of #III,... wasn't it a couple of weeks ago a Chinese general said they were going to nuke our cities, he claimed the next time we would not be dealing with a small country but the big guys.It does not look good, and these nuts running this country never learn.
Printer Friendly | Permalink |  | Top
 
converted_democrat Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 11:58 AM
Response to Reply #8
26. Welcome to DU sasha031!!!!
:hi: -- Yes you are correct, he did threaten to nuke us. Scary stuff, huh?
Printer Friendly | Permalink |  | Top
 
cliss Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 12:02 PM
Response to Reply #8
29. Yes, that seems to be the case.
Interesting that while China sells us junk, it's feeling around for the jugular artery, so it can cut it. Looking for vulnerabilities.

This certainly reinforces my stance which is, "China is not our friend. They are our adversary". People look at me funny when I say that. They think of all the goodies down at the Crate & Barrel...bathrobes, embroidered slippers...linen pillow. All made in China.

They just don't see the danger, like I do.
---------------------------
"The nuts running this country never learn". That's a great quote. If we were in the Middle Ages right now with Bush and Cheney as King Bush and Prince Cheney guarding the palace, we would be dead meat.

They would be busy in the basement, burying the gold and silver for themselves, while the rest of us are there, frantically trying to defend ourselves from the hordes that are attacking us. We would be defeated.

PS Welcome to the DU, sasha 031,by the way. nice post.
Printer Friendly | Permalink |  | Top
 
Junkdrawer Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 10:08 AM
Response to Reply #4
10. That was my point...I get to work this morning and...
"China launching constant attacks on military networks | ZDNet Announcements"...is the first message in my inbox.

In 2002, it wasn't until after Labor Day that the big War Drums started beating. Before that, it was a steady stream of crap like this.
Printer Friendly | Permalink |  | Top
 
bpilgrim Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 09:52 AM
Response to Reply #2
7. we do the same thing
we all depend on IT nowadays, us more than most, though

peace
Printer Friendly | Permalink |  | Top
 
moggie Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 10:09 AM
Response to Original message
11. It's not necessarily targeted at the military
The Internet is a hostile place for all networks, and the attacks come from all over, China included. Just ask anyone who has responsibility for the firewall(s) at any sizeable company or university. Our firewall log makes depressing reading, and we've certainly had attacks from China, though we're not in the US and not associated with the government or military.

You can't, of course, read too much into the apparent source of an attack. A lot of portscans and the like come from infected PCs these days, so if you're being probed by a Chinese host, that doesn't necessarily mean that "the Chinese" are consciously attacking you. And it's always been the case that the bad guys compromise machines around the world and use those as a jumping-off point for further attacks. But the US military likes easily identifiable enemies, and if they're part of the evil empire du jour, so much the better.
Printer Friendly | Permalink |  | Top
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 10:14 AM
Response to Reply #11
14. Yes. I used to run bare on DSL with a portwatcher.
I'd get scans and hits constantly, and it wasn't the Chinese government that was doing it.
Printer Friendly | Permalink |  | Top
 
Seabiscuit Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 12:00 PM
Response to Reply #11
27. My computer was attacked by South Korea yesterday.
Edited on Thu Aug-25-05 12:00 PM by Seabiscuit
Is this what the Pentagon would label "friendly fire"?
Printer Friendly | Permalink |  | Top
 
Dover Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 10:21 AM
Response to Original message
15. It doesn't take any intelligence to exploit an opponent's weakest link.
Edited on Thu Aug-25-05 10:23 AM by Dover
Computers and our military's dependence on fuel are our two main weaknesses.

We also are vulnerable due to our rapidly declining ranks of soldier manpower. And it's not like this administration is diplomaticly gifted either...bully tactics only go so far before the previously mentioned vulnerabilities are exploited and the weaknesses exposed.
Printer Friendly | Permalink |  | Top
 
deacon2 Donating Member (396 posts) Send PM | Profile | Ignore Thu Aug-25-05 10:34 AM
Response to Original message
16. This goes well with the joint Sino-Russian exercise
The Chinese and Russians have been stunting our network for years. They're just getting better at it now. The real news is the joint exercise and the message it contains. The "leak" of the Chinese general's remarks about nuking our cities is another. Thank God we have John Bolton to calm down things down at the U.N., or we'd really have to fear this resumption of the march toward nuclear annihilation. Golly, I think I'll make some popcorn and rewatch Stanley Kramer's 1959 classic, "On the Beach."

What? Me worry?
Printer Friendly | Permalink |  | Top
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 10:52 AM
Response to Reply #16
17. Dr Strangelove would be good too.
Printer Friendly | Permalink |  | Top
 
VegasWolf Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 11:41 AM
Response to Original message
24. Err, everybody raise their hands that think we aren't doing exactly
the same thing to China.
Printer Friendly | Permalink |  | Top
 
are_we_united_yet Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 11:48 AM
Response to Original message
25. Perhaps
Edited on Thu Aug-25-05 11:49 AM by are_we_united_yet
we can acquire some very talented, "cost effective"=(outsourced) Software Engineers to counter these assaults threating our National Security.

Now...let's see...hmmm... waaaayerrrrr can I go for an abundance of talented Software Engineers that are "cost effective"? Hmmmm...?

:eyes:
Printer Friendly | Permalink |  | Top
 
OKthatsIT Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 12:01 PM
Response to Original message
28. Its been a corporate problem for years, chinese trojans
...and the stupid issue has always been bad security maintenance.

Such as...putting all your security locks around high level projects while leaving some back alley door, open, such as a corporate library...where passwords are easily broken into.

A lot of these problems wouldn't happen at all if they would examine their 'access places' thoroughly and admend 'updates'.
Printer Friendly | Permalink |  | Top
 
pretzel4gore Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-25-05 07:05 PM
Response to Original message
34. remember the 'falcon and the snowman'?
they used to order pizza's with the top secret computers which were hidden in blast proof underground vaults etc; chris royce, ie the 'falcon' (and who finished his prison sentence in '03 i believe) got a job with 'trw' or whatever its name was, mainly because his dad was a top level gov agency insider (royce found out a bunch of crap about the US interference in Australian government affairs and especially the Oz labour movement, he despised the casual cruelty and dishonesty which was the reality of US gov policies...royce held the frank burns type idealists (that seemed to be the only ones taking all the cold war stuff seriously) in contempt and marvelled at the way even top secrets documents were used as napkins by the people in the trw computer room (they propped the blast doors open so the marijuana smoke could escape!)
falcon and the snowman was a true story, but 'we' were so far ahead of the 'enemy' even the homer simpson style of security couldn't affect anything, but today?....with bush in the wh house, there must be incredible numbers of chris royces out there!
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view this author's profile Click to add this author to your buddy list Click to add this author to your Ignore list Thu Apr 25th 2024, 08:42 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Latest Breaking News Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC