Pentagon blames China

satcom

New Member
China hacked into Pentagon computer network

Hi, I just found this story


www.ft.com/cms/s/0/9dba9ba2-5a3b-11dc-9bcd-0000779fd2ac.html

By Demetri Sevastopulo in Washington and Richard McGregor in Beijing

Published: September 3 2007 19:00 | Last updated: September 3 2007 20:53

The Chinese military hacked into a Pentagon computer network in June in the most successful cyber attack on the US defence department, say American ­officials.

The Pentagon acknowledged shutting down part of a computer system serving the office of Robert Gates, defence secretary, but declined to say who it believed was behind the attack.

Current and former officials have told the Financial Times an internal investigation has revealed that the incursion came from the People’s Liberation Army.

One senior US official said the Pentagon had pinpointed the exact origins of the attack. Another person familiar with the event said there was a “very high level of confidence...trending towards total certainty” that the PLA was responsible. The defence ministry in Beijing declined to comment on Monday.

Angela Merkel, Germany’s chancellor, raised reports of Chinese infiltration of German government computers with Wen Jiabao, China’s premier, in a visit to Beijing, after which the Chinese foreign ministry said the government opposed and forbade “any criminal acts undermining computer systems, including hacking”.

“We have explicit laws and regulations in this regard,” said Jiang Yu, from the ministry. “Hacking is a global issue and China is frequently a victim.”

George W. Bush, US president, is due to meet Hu Jintao, China’s president, on Thursday in Australia prior to the Apec summit.

The PLA regularly probes US military networks – and the Pentagon is widely assumed to scan Chinese networks – but US officials said the penetration in June raised concerns to a new level because of fears that China had shown it could disrupt systems at critical times.

“The PLA has demonstrated the ability to conduct attacks that disable our system...and the ability in a conflict situation to re-enter and disrupt on a very large scale,” said a former official, who said the PLA had penetrated the networks of US defence companies and think-tanks.

Hackers from numerous locations in China spent several months probing the Pentagon system before overcoming its defences, according to people familiar with the matter.

The Pentagon took down the network for more than a week while the attacks continued, and is to conduct a comprehensive diagnosis. “These are multiple wake-up calls stirring us to levels of more aggressive vigilance,” said Richard Lawless, the Pentagon’s top Asia official at the time of the attacks.

The Pentagon is still investigating how much data was downloaded, but one person with knowledge of the attack said most of the information was probably “unclassified”. He said the event had forced officials to reconsider the kind of information they send over unsecured e-mail systems.

John Hamre, a Clinton-era deputy defence secretary involved with cyber security, said that while he had no knowledge of the June attack, criminal groups sometimes masked cyber attacks to make it appear they came from government computers in a particular country.

The National Security Council said the White House had created a team of experts to consider whether the administration needed to restrict the use of BlackBerries because of concerns about cyber espionage
 
Last edited:

XaNDeR

New Member
If you live in China, don't even think of using the Internet to read up on Tiananmen Square or surf for porn. But if you want to take a shot at hacking into American military computer systems, there may be a place for you in the Chinese military. Reports are spreading that US government sources are confirming their beliefs that the Chinese military has "hacked" into Pentagon computer systems, including one that serves the office of Defense Secretary Robert Gates.

The story first appeared at the Financial Times, where an unidentified source is quoted as saying that there was a "very high level of confidence... trending towards total certainty" that the attacks were the responsibility of the People's Liberation Army. Although it doesn't appear that sensitive data was compromised, the report is troubling because it shows China can strike at even high-level military systems and even knock some offline (some Pentagon computers were off-network for a week after the attack).

Of course, the article rightly notes that the US itself is engaged in an international game of probing military networks around the globe, so this could be a tit-for-tat attempt at hacking. With secure networks now providing battlefield intelligence, live feeds from drone aircraft, and communications channels for much of the military, network warfare and defense are becoming increasingly crucial.

The threats don't always come from governments, either. Entire nations can have web services disrupted by criminals utilizing vast botnets to choke off access to government agencies or web sites. In fact, this appears to have happened to Estonia earlier this year when a massive DDoS attack kept several state sites down for multiple days. Suspicion in the Estonia attack focused quickly on Russia, with some NATO officials worried enough about the situation to journey to Estonia in order to "observe" the attack firsthand.

But botnet attacks, by their very nature, can be almost impossible to trace back to the controller. In the case of Estonia, the country's prime minister eventually blamed the matter on "criminal activity" rather than official Russian government involvement. Could the Chinese attack turn out to have a similar origin?

To be sure, just because you can trace something to China doesn't mean that the Chinese government or military is involved. In fact, a new report from Sophos released today says that 49 percent of malware sites in August of this year were hosted somewhere in China.

Whatever the cause, such events do encourage organizations to take much closer looks at their computer and network security practices. The Pentagon has already announced that it will conduct a comprehensive audit of its systems in order to tighten them up further.

We have contacted the Defense Department's media office for further comment.

http://arstechnica.com/news.ars/pos...ry-accused-of-hacking-pentagon-computers.html

Xander, when quoting an article, please make it clear from the outset that's what you're doing, & acknowledge the source. In this case, only the last sentence gives any indication, unless one follows the link. We have to consider copyright issues. I appreciate that you're not plagiarising, & by providing the link you do provide the source information, but it should really be made clear in the body of the post.

PJI
 
Last edited by a moderator:

Seacraft

New Member
The threats don't always come from governments, either. Entire nations can have web services disrupted by criminals utilizing vast botnets to choke off access to government agencies or web sites. In fact, this appears to have happened to Estonia earlier this year when a massive DDoS attack kept several state sites down for multiple days. Suspicion in the Estonia attack focused quickly on Russia, with some NATO officials worried enough about the situation to journey to Estonia in order to "observe" the attack firsthand.

But botnet attacks, by their very nature, can be almost impossible to trace back to the controller.
I've seen lots of attempts against public K-12 education networks (and corporate networks) originating in China and I don't think the PLA is looking to find out what the Elementary school is offering for lunch that week. Though it would certainly be a good way to mask an intrusion or probes by hiding true attempts within "traffic" from a botnet "attack" - just as much as it would be an effective tool to establish botnets for the sole purpose of carrying out attacks against digital targets in a network-warfare campaign or the information-warfare campaign piece of a larger campaign.

This is something I'm sure we will see a lot more on in the future as the technologies and reliance on these technologies advance.

If as a civilian you want to remain a defender against network warfare attempts, run a more hardened and secure system. This will reduce the likelihood of YOUR computer being used against you or your government in an information / bot attack.
 

PrOeLiTeZ

New Member
Why when something happens it alwayhs blames China for everything, dont the US military every shut up. Anyway hacking into US military network doesnt seem to suprising news for me, the amount of computer specilized people is to many to count in China and especially moreso concentrated in Hong Kong were some of China top computer experts originated from before being employed. It is rare for Hong Kong people to be in the military force or even impossible but pockets of Hong Kong origin people work in China's military defence network.
 

Chino

Defense Professional
Verified Defense Pro
If you live in China, don't even think of using the Internet to read up on Tiananmen Square or surf for porn. http://arstechnica.com/news.ars/post/20070903-chinese-military-accused-of-hacking-pentagon-computers.html
I am Singaporean and I live in Shanghai, China. I am now typing on a China internet line. I have just accessed this link about Tiananmen: http://www.worldpress.org/Asia/1867.cfm

Here is some excerpt from that article to prove that I really did accessed it:

"People's Liberation Army combat troops in full battle gear, armed with automatic weapons and riding in tanks, rolled into the square, guns blazing. They were ordered by the government to clear the square of protesters, mostly students who had staged a sit-in there for well over two months. Hundreds died in the pandemonium. The exact death toll is not known...Time passes."

It is true that many Tiananmen sites are blocked, but they can never block it completely. But why is controlling information a bad thing when a lot of the people in China are low in intelligence and maturity and can be easily incited to violence for all the wrong reasons? Example a couple years ago there were massive anti-jap demonstrations with destruction of property all incited by messages spread on internet and SMS. The war ended 60 years ago.

And I can also access lots of porno sites, and I think I don't need to post anything to prove that.

This is over-exaggerated western propaganda BS. And if US military sites are being hacked into, well, they just have to try and make them less hackable. Because if not the Chinese military, somebody else will hack anyway because they can.

Once I read in Newsweek an article that said that summer, China was in such a power crisis that Shanghai suffers a major blackout every week crippling commerce etc. I was in Shanghai all that summer and this was the biggest lie ever.

China is not perfect, has a lot of faults and suffer from a multitude of problems a developing country this size would. But you have to learn to sift the BS from the facts. And western journalist are as prone to sensationalism as anyone.
 

Gripenator

Banned Member
Why when something happens it alwayhs blames China for everything, dont the US military every shut up. Anyway hacking into US military network doesnt seem to suprising news for me, the amount of computer specilized people is to many to count in China and especially moreso concentrated in Hong Kong were some of China top computer experts originated from before being employed. It is rare for Hong Kong people to be in the military force or even impossible but pockets of Hong Kong origin people work in China's military defence network.
It's no secret that every nation with a decent broadband connection to the internet indulges in espionage over the internet-however, China or the PRC, engages in it more than most:


No coincidence there, sources also tell me that that kind of Trojan attack AND the info taken indicates that it was the PLA behind the attack. It is also interesting to note that

"when Angela Merkel, Germany’s chancellor, raised reports of Chinese infiltration of German government computers with Wen Jiabao, China’s premier, the Chinese foreign ministry said the government opposed and forbade “any criminal acts undermining computer systems, including hacking”.

This is vital as the Chinese actually are admitting PLA guilt-contrast this with the usual ferocious denunciations and denial of any wrong doing a la. Pentagon Hacking Case in June.

Sorry I can't tell you more at this point but I can answer the reasons why:

1. Steal/Copy technology to close the 'high tech' gap between the PRC and the West ie. high tech applications such as lasers, electronics esp. radar and sonar

2. Plain and simple eco and political espionage-assess Germany's intentions in recent negotiations, strategic moves etc.

Should you wish to read up more on China's EW capabilities, look up the 2007 (updated every year) Pentagon Report on China's Military Power and the PLA's own Remin Guangfa/PLA Daily and note the focus on "Assassin's Mace" weapons and the similarities become very common.
 

metro

New Member
This comes from the SSI-Army War College Report October 2005. The quote o China is actually in a report on a S. American country who's leader speaks "his mind" (Chavez) when it comes to the US. China's new Chief of Staff (PLA)and I believe Intel Chief (too) Lieut. Gen. Zhang Qinsheng is not only young (unusual) but he comes from a, Information Based Warfare, background. He replaced Xiong Guangkai, who threatened to "nuke" our West Coast Cities, if the US interfered with China/Taiwan "affairs" ( www.geostrategy-direct.com, August 1, 2007, Rising star in China's military).


Here's the quote:

To give the mind as much room as possible to contemplate the
sophistication and complexity—and the totality—of contemporary
conflict, two Chinese colonels, Liang and Xiangsui, have provided a
scenario that is instructive and sobering:

-If the attacking side secretly musters large amounts of capital without the
enemy nation being aware of this, and launches a sneak attack against its
financial markets, then after causing a financial crisis, buries a computer
virus and hacker detachment in the opponent’s computer system in
advance, while at the same time carrying out a network attack against the
enemy so that the civilian electricity network, traffic dispatching network,
financial transaction network, telephone communications network, and
mass media network are completely paralyzed, this will cause the enemy
nation to fall into social panic, street riots, and a political crisis. There is
finally the forceful bearing down by the army, and military means are
utilized in gradual stages until the enemy is forced to sign a dishonorable
peace treaty.
:rolleyes:
Sobering indeed!
http://www.strategicstudiesinstitute.army.mil/pdffiles/PUB628.pdf
(Page 21).

The DoD should pass an e-mail around on a server (something like):

"A long term, international study has determined that Chinas defense plans/capabilities--Studied w/o China's knowledge-- for the Olympic games, are unfortunately very distressing as China seems less prepared for threats than most 3rd world countries we have recently worked with. We believe top Iraqi Security Forces are superior to those in China.

Simulations and probes have been conducted and to put it politely the results are, "extremely disappointing." We need to consider the very real threats posed to our athletes, fans, and those of other nations (mostly of 1st world). They face a very real threat to their lives, kidnappings (for money and/or killings for use as propaganda), wide-spread theft and extortion (the Chinese Military, police, and individuals) have been participating in these activities.

In fact, some elements of the Chinese military have been directly identified as the leading elements involved in this problem.

This causes the obvious questions as to who is controlling China and their defense? Does this go to the top or even worse are rouge elements of China's Security Services acting independently and trying to undermine China's leadership. In this light, it would be negligent for us not to provide the full truth in our following recommendation, in that our citizens will be at risk.

After an in depth investigation, we must conclude (unanimously) that the USA highly considers keeping our athletes and fans at home during the Chinese Olympics. This would in no way be a "Boycott," and we need to make that clear to the world! The reality is that China is no where close to understanding or taking on the threat that will materialize.

The simplest tactic to prevent and/or avoid a tragic event for Americans, and thus exposing the Chinese as impotent in security to the world, is to keep ourselves out of the Olympic games. Our allies, some of which already feel the same way after directly being involved in the "Testing," must be told in detail about this threat, in private discussions.

Again, as a mater of Chinese security, we must not give any indication of our knowledge, regarding not only the external threats to China but the more worrisome, severe internal threats."

Something like this should be put in TOP SECRET areas. Let them read what they're "not supposed to." Leave them with something to think about (JMHO);) .
 
Last edited:

Ozzy Blizzard

New Member
Then just watch the purges begin... just hope they have a sence of humor when they figure out the yanks are sitting there laughing at them.

What's the NSA doing about all of this anyway?????? I hope they have a few tricks up their sleeve, especially with all those funds.
 

merocaine

New Member
Whats more palatable to the Pentagon (and more pressworthy)

The PLA's Net warfare unit infultrating the offices of the Sec of Defence!

or

A talented 14 year old from shanghai doing the same, for a laugh.

truly the reds are under the beds.


this is just leading up to 2000

1986—As described in Clifford Stoll’s 1990 book, The Cuckoo's Egg, German hackers broke 400 military network computers in 1986. These attacks included Army computers at Fort Stewart, Georgia; Navy Coastal Systems Computers at Panama City, Florida; and Air Force computers at the Systems Command Space Division in El Segundo, California.

1988—The Internet Worm virtually crippled the Internet, bringing down thousands of computers. Kevin Mitnick began a decade of cyber-terrorism by breaking into systems owned by DEC and MCI.

1990—Dutch hackers began a 3-year attack on DOD systems, resulting in the penetration of 34 systems.

1994—Hackers from Great Britain attacked systems of the Air Force Research Laboratory, Rome Research Site; Wright Patterson Air Force Base; and the National Aeronautics and Space Administration Goddard Space Flight Center. The attack against the Rome Research Site systems alone is estimated to have cost the government $500,000.

1994—Hackers from Great Britain, Finland, and Canada attacked 24 servers that supported the U.S. Naval Academy.

1995—A hacker from Argentina broke into computers of NASA, the Naval Research Laboratory, and Los Alamos National Laboratory.

1996—Hackers vandalized the Central Intelligence Agency and Department of Justice home pages.

1996—The General Accounting Office released its report, “Information Security: computer Attacks at Department of Defense Pose Increasing Risks.” The report stated that attacks on government computers were a serious and growing threat. The Defense Information Systems Agency (DISA) estimated that 250,000 attacks were launched against DOD systems in 1995. DISA also estimated that external attacks were successful 65 percent of the time, and only 1 out of every 150 attacks was actually detected and reported by system operators.

1997—Both the Air Force and NASA home pages were vandalized, and there were unconfirmed reports that State Department computers were hacked.

1998—Teenage hackers broke into 11 Pentagon systems in what was called the “most organized and systematic attack” to date. The exercise, Eligible Receiver, found vulnerabilities in a large number of DOD systems.

http://www.mitre.org/news/digest/archives/2000/defense_red_team.html

If it really is the PLA, then as ever there way behind the times, hacking the DOD is so pase, and not perticularly hard.

http://news.com.com/2100-1023-230527.html?legacy=cnet

http://news.com.com/2100-1001-209285.html

http://www.nettime.org/Lists-Archives/nettime-l-9702/msg00078.html

(this one's my fav)
 

Seacraft

New Member
My experience looking through firewalls that I was responsible for showed significant activity coming from China but I think it was like mentioned above, Botnets. I'm pretty confident that a public school district in the US is not exactly on the PLA's Digital Daggers hit list for potential targets, other than to perhaps co-opt a network AS a Botnet (one of many) to be used in a DDOS type attack...

That said, I would not be surprised if the PLA was attempting intrusions into US DOD systems and I would be truly shocked if they did not have a digital attacks high on their Frag order should something brew up. At the same time, I'm not all warm and fuzzy on the US DOD systems having top notch computer security- - I sure hope they do.

As for those that always rush to state that China is getting picked on yet again, start looking around the Internet asking tech people that are intimately familiar with their firewalls how much negative traffic comes from China against corporate and public networks and you will see a lot of heads shaking.

It is happening. How much of that is just poor security, how much is the underworld, how much is the PLA and how much of that is preparation to co-opt networks in the event of an altercation is anyone's guess - but it is happening, it will happen, and though I pray we don't ever need to be in a (or another) shooting war, it may be used as a component in a combined offensive should that ever happen.
 

Waylander

Defense Professional
Verified Defense Pro
Ok, right now my location is Shanghai directly next to the stadium.
I just tried to get onto Tiananmen sites as well as Taiwan sites.
You are right they are blocked.

But you get plenty of stuff when you don't search in english but in german.

Don't ask what you get when you enter porn into google...

BTW, Wiki seems also to be blocked.
 

Seacraft

New Member
The Great Firewall of China (this is technically incorrect but "The Great Content Filter of China" doesn't have the same ring)

Look into The Onion Router - just don't get caught :nutkick
 

merocaine

New Member
As for those that always rush to state that China is getting picked on yet again, start looking around the Internet asking tech people that are intimately familiar with their firewalls how much negative traffic comes from China against corporate and public networks and you will see a lot of heads shaking.

It is happening. How much of that is just poor security, how much is the underworld, how much is the PLA and how much of that is preparation to co-opt networks in the event of an altercation is anyone's guess - but it is happening, it will happen, and though I pray we don't ever need to be in a (or another) shooting war, it may be used as a component in a combined offensive should that ever happen.
Wow some are really ready to jump off the deepend arent they!
Odds are this is the work of a bunch of kids. Thats not to say the PLA arent twiddling there thumbs, but folks this was just a bunch of unencripted emails, most lightly Mrs gates shopping list.
I would hope the PLA has a bit more talent than that.

Anyway if your software is'ent water tight those nerdy kids are getting in....


http://www.theinquirer.net/?article=42145

Please note scare mongers

"In fact Ryder also seemed to be playing down that attack too. He now claimed that the only thing hit in the attack was an "unclassified" mail network in Gates' office which was taken down.

So in otherwords, a PC had a virus on it, possibly sent from a Chinese botnet and the DoD's mail service was taken down while a virus check was conducted on the network"

interesting perspective

http://www.techworld.com/security/blogs/index.cfm?entryid=597&blogid=1
 

Seacraft

New Member
Onion router?
The Onion Router /a/k/a TOR


It is a secure proxy system that bounces you through enough several various encrypted networks that its near impossible to determine where the traffic originated, giving the initiator exceptional privacy. The downside is that it can be pretty slow. Some firewalls can inspect the type of traffic packets and reject it making it not work. Other firewalls may block all traffic other than commonly used ports in which case you tweak the TOR client to use commonly allowed TPC ports like SMTP/SSL/POP/ and even http port 80. Ask any high school kid, they've read about it and have probably used it.

Info on Wikipedia

Info on Network World

I'd post links but I do not have the required amount of minimum posts

There are others but I cannot tell what you can't access because it is filtered out.
 

Waylander

Defense Professional
Verified Defense Pro
Okay..... ;)

Thanks for that.

Everytime I get such a reply I know I am far away from understanding my computer. :D
 

crobato

New Member
There has been attacks on web forums too particularly on defense. The ACIG forum, for example, has been the victim of one such attack. Others include the Keymags AFM forum and the Chinese Defense Forum. Any administrator of a defense forum, including this one, should be alert and ready for this possibility.
 

Chino

Defense Professional
Verified Defense Pro
Access to Wiki in China is now easier than before. Now they just block selected certain topics instead of blocking the whole site.

...

Journalists writing about China are only human and it shouldn't be surprising when sometimes spice is added.

So you have to use your own judgement. The jornos certainly do. Most of them writing about China don't live here to know enough and I suspect some may not even have visited.

There is vested interests in painting a bleak picture of China, especially as the next global security threat. Let's be honest about it.

For Newsweek or TIME it may sell more magazines if it prints articles reassuring people that China has worse energy problems than the USA. Or that China's economic success is all a farce and predict massive revolt from unemployed kazillions very soon. 3 years after these articles, the revolt hasn't materialise nor did the energy problem cripple China as predicted. But hey, it sure did make me buy a copy of the magazine!!

If such exaggerations are constantly presented as God's honest truth, it kinda makes the case for China having an information censorship when it faces such determined and massive propaganda attacks from the west.

There are, of course, a lot of truths mixed in with the lies printed in TIME etc. No smoke without fire. Just hope they spare us from sensationalism and over exaggeration.

For the Pentagon, I guess they must get funding easier if they say their computer networks are being attacked by a big menacing PLA. If they say they need funding to defend against 15 yr old American kids, someone may lose their jobs. Some must even be relieved that PLA finally made a hacking attempt. Now they can play the blame game.

Scaring people is always the best way to control people and take their money. Religions do it. Scientists do it. Medical experts do it. Military experts and politicians certainly aren't any different.
 
Last edited:

Waylander

Defense Professional
Verified Defense Pro
I am not able to enter any part of Wiki...

And for sure it makes sense for a regime to use censorship.
As well as it makes sense to do other nasty things... ;)

If the western press is so full of propaganda don't you think the chinese people are intelligent enough to see through this?
BTW, talking about propaganda is interesting when one looks at the media output here.
 

Chino

Defense Professional
Verified Defense Pro
I am not able to enter any part of Wiki...

And for sure it makes sense for a regime to use censorship.
As well as it makes sense to do other nasty things... ;)

If the western press is so full of propaganda don't you think the chinese people are intelligent enough to see through this?
BTW, talking about propaganda is interesting when one looks at the media output here.
Maybe I should avoid a China vs the free-world debate. It's not even my country.

I am just stating a often forgotten fact that the "free-world" media lies frequently, too.

Case in point, the Newsweek "koran in toilet" fake story, for example.

And intelligence has nothing to do with what people believe or not, in whichever country. Millions believed that koran story as you did, I'm sure. I believed it, too. As well as the one about Iraqi WMD. And now we're supposed to support a military strike on Iran - woohoo.

I don't look at the media output here. Nor did I say one word in support of China's media. I don't read it or believe it.
 
Top