Sponsor Message:
Military Aviation & Space Forum
My Starred Topics | Profile | New Topic | Forum Index | Help | Search 
Chinese Cyber Hacking Going To New Level?  
User currently offlineconnies4ever From Canada, joined Feb 2006, 4066 posts, RR: 13
Posted (2 years 10 months 3 weeks 6 days 4 hours ago) and read 4358 times:

Hmmm....seems like someone has been snooping at a pretty major league level:

http://www.aviationweek.com/aw/gener...0Contractor%20Data&channel=defense

Whatever 'solution' is arrived at will no doubt be expensive and time-consuming. And in the meantime, the adversary, and I think one can only conclude that it's China, is reaping the benefit of US R&D for a pittance. I know my firm has been 'probed' this year on aat least a couple of occasions and our IT people, despite investing a lot of time and effort, seem powerless to stop it. Unless of course we disconnect from the Internet 100% and build our own backbone.


Nostalgia isn't what it used to be.
12 replies: All unread, jump to last
 
User currently onlineBurkhard From Germany, joined Nov 2006, 4383 posts, RR: 2
Reply 1, posted (2 years 10 months 3 weeks 5 days 8 hours ago) and read 4110 times:

Everbody who puts sensible information onto a computer that is coupled to the internet in any way knows that this information is available to every secret service.
The internet protocol by itself is unsafe. Any safety only can be applied at the application layer - and there it is cosmetics.


User currently onlineBurkhard From Germany, joined Nov 2006, 4383 posts, RR: 2
Reply 2, posted (2 years 10 months 3 weeks 5 days 8 hours ago) and read 4109 times:

Quoting connies4ever (Thread starter):
Unless of course we disconnect from the Internet 100% and build our own backbone.

You should build your own network, and only attach those computers to the internet that are there to transport data, Still all internet meetings, video conferences, email and document exchange, take place in FULL public.


User currently onlinewingman From Seychelles, joined May 1999, 2199 posts, RR: 5
Reply 3, posted (2 years 10 months 3 weeks 5 days 5 hours ago) and read 4030 times:

People have this idiotic new name for rented server farms they call "The Cloud". Might as well call it "The China" cause that's where your shit is going when it goes to The Cloud. Or maybe The Cloud refers to what's going on with your judgement when you decide to send your shit to The Cloud.

Today's Forecast: Cloudy, with a 100% chance of your shit going to China.


User currently offlineBennett123 From United Kingdom, joined Aug 2004, 7412 posts, RR: 3
Reply 4, posted (2 years 10 months 3 weeks 5 days 4 hours ago) and read 4027 times:

Burkhard

I think you mean sensitive information.


User currently onlineFlighty From United States of America, joined Apr 2007, 8394 posts, RR: 3
Reply 5, posted (2 years 10 months 3 weeks 5 days 3 hours ago) and read 3997 times:

Quoting Burkhard (Reply 2):
You should build your own network, and only attach those computers to the internet that are there to transport data, Still all internet meetings, video conferences, email and document exchange, take place in FULL public.

I also bring up the issue of HUMINT. You need to background check / nationalize your staff. That means for example, no Chinese H1-B engineers. If you really care about espionage with respect to China. And another thing. Passwords are usually as close as the company tech support line. Passport regimes are no good if it is trivially easy to reset them and snoop the temporary password using email, or heaven forbid, the telephone.


User currently offlinemham001 From United States of America, joined Feb 2005, 3557 posts, RR: 3
Reply 6, posted (2 years 10 months 3 weeks 4 days 3 hours ago) and read 3819 times:

Disconnecting from the internet guarantees nothing. Remember the Iranian nuclear program was not connected and was infiltrated with Stuxnet.

User currently offlineFoxTwo From , joined Dec 1969, posts, RR:
Reply 7, posted (2 years 10 months 3 weeks 4 days 2 hours ago) and read 3790 times:

Quoting mham001 (Reply 6):
nected and was infiltrated with Stuxnet.

Please educate me  


User currently offlineconnies4ever From Canada, joined Feb 2006, 4066 posts, RR: 13
Reply 8, posted (2 years 10 months 3 weeks 4 days 1 hour ago) and read 3754 times:

Quoting mham001 (Reply 6):
Disconnecting from the internet guarantees nothing. Remember the Iranian nuclear program was not connected and was infiltrated with Stuxnet.
Quoting mham001 (Reply 6):
Please educate me

About Stuxnet ? Or about the infiltration ?

Re Stuxnet:

http://www.pcworld.com/businesscente..._attack_irans_nuclear_program.html

http://www.computerworld.com/s/artic.../Is_Stuxnet_the_best_malware_ever_

http://www.wired.com/threatlevel/201...etectives-deciphered-stuxnet/all/1

Re the infiltration:

I'd say there are 3 possibilities:
- direct insertion into the local network via a USB port or similar. This would require an on-site agent.
- pre-loading of the malware at the plant where the PLCs were manufactured. Probably requires the collusion of the manufacturer.
- direct insertion of the malware from a distance, using some type of RF carrier. Maybe a little farfetched.

I'm sure there'll be lots of other opinions.



Nostalgia isn't what it used to be.
User currently offlinemham001 From United States of America, joined Feb 2005, 3557 posts, RR: 3
Reply 9, posted (2 years 10 months 3 weeks 3 days 17 hours ago) and read 3656 times:

[quote=connies4ever,reply=8]I'd say there are 3 possibilities:
- direct insertion into the local network via a USB port or similar. This would require an on-site agent.


The 'on-site agent' would not know. He would have been infected on another machine, probably at home. He could have picked it up a number of ways but it was speculated that a certain hardware manufacturer in Taiwan was targeted with a break-in and the malware was somehow spread through a driver update.

I have often wondered what we are doing to them that nobody knows about. Very interesting stuff.

[Edited 2011-09-01 18:52:43]

User currently offlineconnies4ever From Canada, joined Feb 2006, 4066 posts, RR: 13
Reply 10, posted (2 years 10 months 3 weeks 3 days 16 hours ago) and read 3646 times:

Quoting mham001 (Reply 9):
The 'on-site agent' would not know. He would have been infected on another machine, probably at home. He could have picked it up a number of ways but it was speculated that a certain hardware manufacturer in Taiwan was targeted with a break-in and the malware was somehow spread through a driver update.

Hadn't thought about doing it through the supply chain. That's a very effective method, conceptually.   



Nostalgia isn't what it used to be.
User currently offlinewillzzz88 From United States of America, joined May 2011, 150 posts, RR: 0
Reply 11, posted (2 years 10 months 3 weeks 3 days 15 hours ago) and read 3632 times:

It was a certificate forgery at one of the Taiwanese OEM manufacturers (their legit. gizmo USB whatever product sold worldwide).

It was soon revoked when Symantec Security Response and other IT Security firms were alerted of it per standard procedure.

Very ingenious of the US/Israel/Whoever else was doing it.

And I'm pretty sure it was Israel because if you haven't read this:
http://www.nytimes.com/2011/01/16/wo...east/16stuxnet.html?pagewanted=all

Then you haven't kept up with the Times /w the NYTimes.

The US/Israelis make a point with probably the collusion of the German (Siemens) PLC manufacturer possibly involved in order to electronically kill Iran's nuclear program.

The Chinese break-in's so far are low-tech script-kiddies that I see probing which is extremely retarded since any competent IDS/IPS hardware sensor/software/firmware can detect it unless they forge it with a existing protocol and slip in UN-detected.

Also it's pretty retarded that anything transmitted over the internet unless using UN-crackable encryption() is pretty much open for wholesale filtering/capture/etc by your local authorities in country X.

You just need to ask your local IT security firm that actually has a clue (aka someone who's up to date on ACTUAL TECHNICAL/ENGINEERING points and not bull-shit security I have no technical clue of WTF I'm doing like the recent Anonymous break-in's)...

Also a Israeli commander in the desert recently boasted about it per media reports:
http://www.physorg.com/news/2011-01-israel-stuxnet-iran.html

http://www.economist.com/blogs/babba..._worm?sort=recommend#sort-comments

http://www.telegraph.co.uk/news/worl...uxnet-as-one-of-its-successes.html

http://www.richardsilverstein.com/ti...yrian-nuclear-reactor-and-stuxnet/

So Israel admits Stuxnet /w US + possible Germany help...

All you have to do is to use Google News... News spread fast these days on the internet...


User currently offlinewvsuperhornet From United States of America, joined Aug 2007, 516 posts, RR: 0
Reply 12, posted (2 years 10 months 3 weeks 3 days 12 hours ago) and read 3595 times:

Quoting connies4ever (Thread starter):
Whatever 'solution' is arrived at will no doubt be expensive and time-consuming. And in the meantime, the adversary, and I think one can only conclude that it's China, is reaping the benefit of US R&D for a pittance. I know my firm has been 'probed' this year on aat least a couple of occasions and our IT people, despite investing a lot of time and effort, seem powerless to stop it. Unless of course we disconnect from the Internet 100% and build our own backbone.

Its our governments fault for putting all of our secrets on the internet anyway. Everything from the Fighter programs and any military programs should not be stored on any type of server its much easier to secure a paper trail. This shouldn't be a shock to anyone if their dumb enough to put it out there then the other side should be smart enough to steal it, its simple logic.


Top Of Page
Forum Index

Reply To This Topic Chinese Cyber Hacking Going To New Level?
Username:
No username? Sign up now!
Password: 


Forgot Password? Be reminded.
Remember me on this computer (uses cookies)
  • Military aviation related posts only!
  • Not military related? Use the other forums
  • No adverts of any kind. This includes web pages.
  • No hostile language or criticizing of others.
  • Do not post copyright protected material.
  • Use relevant and describing topics.
  • Check if your post already been discussed.
  • Check your spelling!
  • DETAILED RULES
Add Images Add SmiliesPosting Help

Please check your spelling (press "Check Spelling" above)


Similar topics:More similar topics...
Is NG Going To Work With Boeing On KC-X? posted Wed Jul 14 2010 18:32:29 by KC135TopBoom
AW Still Going To Bid VH-71 In VXX... posted Fri May 14 2010 19:00:21 by AirRyan
P38 White Lightning Not Going To Fly Atlantic. posted Thu Aug 28 2008 05:25:26 by Ferrypilot
Usaf Going To Release Findings In B-2 Crash Today posted Thu Jun 5 2008 04:55:04 by Jgarrido
What Airport Around CLD Would A C-17 Be Going To? posted Tue Oct 23 2007 16:00:28 by DL767captain
Anyone Going To RAF Leuchars Airshow? posted Thu May 18 2006 11:29:41 by Ba757gla
Beluga Going To Ankara To Ferry A400M Parts posted Fri Mar 31 2006 15:58:37 by TK787
Anyone Going To Travis Ksuu Airshow This Weekend? posted Thu Oct 13 2005 07:13:42 by Pilottj
Anybody Going To The Airlift Rodeo? posted Tue Jun 14 2005 21:26:02 by SATL382G
Any Tanker Folks Going To ATA In Dallas? posted Sun Oct 24 2004 06:08:01 by Kc330

Sponsor Message:
Printer friendly format