Sponsor Message:
Non Aviation Forum
My Starred Topics | Profile | New Topic | Forum Index | Help | Search 
Report Indicates Chinese Military Is Hacking USA  
User currently offlineAA7295 From Australia, joined Aug 2007, 621 posts, RR: 0
Posted (1 year 6 months 1 week 5 days 7 hours ago) and read 1767 times:

Just read this report.

Funny it hasn't been posted here.

http://www.smh.com.au/it-pro/securit...ing-operations-20130220-2eqj4.html

Interesting that these claims of Chinese government involvement in hacking Western governments and their corporations is becoming clearer and clearer.

Is it really that hard to prevent hacks?

24 replies: All unread, jump to last
 
User currently offlineSSTeve From United States of America, joined Dec 2011, 702 posts, RR: 1
Reply 1, posted (1 year 6 months 1 week 5 days 7 hours ago) and read 1755 times:

The diplomats of the world are going to have to come up with what constitutes a "cyberattack" versus what constitutes just another new form of electronic surveillance. Yeah, reading what should be private is perhaps an "attack" but then again ... that's what intelligence agencies do. Absent some international accord about where the line is crossed into aggression from surveillance, it's not like we shouldn't expect that this happens quite a lot.

User currently offlinetugger From United States of America, joined Apr 2006, 5523 posts, RR: 8
Reply 2, posted (1 year 6 months 1 week 5 days 7 hours ago) and read 1755 times:

Quoting AA7295 (Thread starter):
Is it really that hard to prevent hacks?

Yes, it is incredibly hard. And most hacks are done via "social engineering", where an someone/an employee opens an email or goes to a targeted site where malware is downloaded and installed. At that point the attackers are in.

Tugg



I don’t know that I am unafraid to be myself, but it is hard to be somebody else. -W. Shatner
User currently offlineDreadnought From United States of America, joined Feb 2008, 8838 posts, RR: 24
Reply 3, posted (1 year 6 months 1 week 5 days 7 hours ago) and read 1752 times:

Quoting AA7295 (Thread starter):
Is it really that hard to prevent hacks?

Yes. Any computer or device connected to the internet can be hacked.

Quoting AA7295 (Thread starter):
Interesting that these claims of Chinese government involvement in hacking Western governments and their corporations is becoming clearer and clearer.

It's been widely known for over a decade. Unfortunately it is exceedingly difficult to prove.



Veni Vidi Castratavi Illegitimos
User currently offlineGatorman96 From United States of America, joined Dec 2005, 873 posts, RR: 0
Reply 4, posted (1 year 6 months 1 week 5 days 7 hours ago) and read 1740 times:

No surprise at all. The DoD is engaged in cyber warfare with "insert country here."

I will be concerned when hardware at our power stations, water treatment plants, etc start being affected/shutdown.



Cha brro
User currently offlineRussianJet From Belgium, joined Jul 2007, 7702 posts, RR: 21
Reply 5, posted (1 year 6 months 1 week 5 days 7 hours ago) and read 1733 times:
Support Airliners.net - become a First Class Member!

Don't mean to be rude, but really it should come as no surprise. It's ultimately just a form of spying. Spying has been going on since forever.

Having said that, as Gatorman says, we need to be particularly alive to the chance of major infrastructural havoc being wreaked by such attacks.



✈ Every strike of the hammer is a blow against the enemy. ✈
User currently offlineDeltaMD90 From United States of America, joined Apr 2008, 7893 posts, RR: 52
Reply 6, posted (1 year 6 months 1 week 5 days 7 hours ago) and read 1730 times:

Quoting AA7295 (Thread starter):
Funny it hasn't been posted here.

This has been known for years. I don't have any proof, so take it as a grain of salt, but I've heard multiple times that they've hacked and stolen the blueprints for the F-22 and F-35. They have the numbers, military wise, but they've lacked in military technology, but I can see them building some pretty crazy stuff coming up... have you seen a picture of their new stealth fighter? It's huge! And it's supposedly better than our F-22 and F-35... who knows

Espionage and copyrights aside, I think the overall sharing of information speeds up technology. Aren't some drugs patented, ones that could save lives but are patented so the price gets jacked up? Seems wrong to me, but I could be off the mark, and I am going off topic...

But to sum up, this has been going on for years, and China isn't the only one doing it. They just seem to be pretty good at it (or bad at it because they keep getting caught, who knows)



Ironically I have never flown a Delta MD-90 :)
User currently onlineBMI727 From United States of America, joined Feb 2009, 15735 posts, RR: 27
Reply 7, posted (1 year 6 months 1 week 5 days 6 hours ago) and read 1701 times:

Quoting AA7295 (Thread starter):
Is it really that hard to prevent hacks?

Yeah.

Quoting SSTeve (Reply 1):
The diplomats of the world are going to have to come up with what constitutes a "cyberattack" versus what constitutes just another new form of electronic surveillance.

It won't be the US leading the way, as we are generally the other cyber-superpower along with China. Stuxnet, which is widely believed to be a US and Israeli collaboration, significantly set back the Iranian nuclear program.

Quoting DeltaMD90 (Reply 6):
I've heard multiple times that they've hacked and stolen the blueprints for the F-22 and F-35.

I thought the F-35 hack was pretty well publicized.

Quoting Gatorman96 (Reply 4):
I will be concerned when hardware at our power stations, water treatment plants, etc start being affected/shutdown.

It can be done, I'm sure. Stuxnet was specifically targeted at certain types of hardware and software known to be used by the Iranians. It just floated around the internet harmlessly on tons of computers.



Why do Aerospace Engineering students have to turn things in on time?
User currently offlineTheCommodore From Australia, joined Dec 2007, 2849 posts, RR: 8
Reply 8, posted (1 year 6 months 1 week 5 days 5 hours ago) and read 1698 times:

Quoting RussianJet (Reply 5):
Don't mean to be rude, but really it should come as no surprise.

Your not being rude, and your right about it "should come as no surprise" !

The ironic thing is though, western Governments are probably doing the same thing back.....

But I guess that's alright of course  

[Edited 2013-02-19 18:40:10]


Flown 905,468 kms or 2.356 times to the moon, 1296 hrs, Longest flight 10,524 kms
User currently offlineGatorman96 From United States of America, joined Dec 2005, 873 posts, RR: 0
Reply 9, posted (1 year 6 months 1 week 5 days 4 hours ago) and read 1657 times:

Quoting BMI727 (Reply 7):
It can be done, I'm sure. Stuxnet was specifically targeted at certain types of hardware and software known to be used by the Iranians. It just floated around the internet harmlessly on tons of computers.

It absolutely has and will be done again in the future. I will be concerned when it happens in the US. Until then, Unit 61398 can enjoy reading CEO's Gmail accounts.

Quoting TheCommodore (Reply 8):
The ironic thing is though, western Governments are probably doing the same thing back.....

Not sure I see the irony...Iran is highly involved in cyber warfare, so is that fat guy that lives next door to you in his mom's basement trying to steal your bank information. Every single person with an internet enabled device has been affected by some type of cyber attack varying in degree....



Cha brro
User currently offlineseb146 From United States of America, joined Nov 1999, 11591 posts, RR: 15
Reply 10, posted (1 year 6 months 1 week 5 days 4 hours ago) and read 1655 times:

Hundreds of billions of dollars being spent on war ships, guns, jets. I think the US military is behind the times. Cyber attacks are the future of war. Americans want body counts but that is not what the future is.


Life in the wall is a drag.
User currently offlineNASCARAirforce From United States of America, joined Feb 2005, 3178 posts, RR: 4
Reply 11, posted (1 year 6 months 1 week 5 days 3 hours ago) and read 1596 times:

Why would we need to hack anything?

We have HAARP.


User currently offlineFlighty From United States of America, joined Apr 2007, 8491 posts, RR: 2
Reply 12, posted (1 year 6 months 1 week 5 days 2 hours ago) and read 1564 times:

Quoting tugger (Reply 2):
Yes, it is incredibly hard. And most hacks are done via "social engineering", where an someone/an employee opens an email or goes to a targeted site where malware is downloaded and installed. At that point the attackers are in.

While I agree with this, the Chinese method is a variation on this.

Of course, they do remote hacking. The phone part is tricky. I don't think they are big into that.

The other main strategy is, cultivate human assets inside major companies. People born in China. These persons have usernames and passwords. They are part of the company. Then, they slip out with flash drives, gigabytes of data etc. I am sorry to cast suspicion on Chinese born workers in general, and I wish it weren't necessary. But, that is where I would focus.

Naturally, any computers and/or data foreign visitors actually bring into China is considered their state property, and they can and will scan it.

This crap has been going on for 40 years. It's nothing new at all. People just have to shift their perspective. China is doing everything possible, at all levels, in all social groups, to collaborate to steal all data. They'd be stupid not to. Final point, they are not stupid.


User currently offlinekiwirob From New Zealand, joined Jun 2005, 7299 posts, RR: 5
Reply 13, posted (1 year 6 months 1 week 5 days 1 hour ago) and read 1530 times:

Quoting seb146 (Reply 15):
why does NK still have the ability to launch rockets?

They are probably doing it the old fashioned way with a slide rule, pen and paper, like the kit you guys used to put a man on the moon.


User currently offlinewingman From Seychelles, joined May 1999, 2243 posts, RR: 5
Reply 14, posted (1 year 6 months 1 week 4 days 15 hours ago) and read 1451 times:

Two comments: I agree with anyone that says we do this better than anyone else. We have an entire government agency in operation exclusively for this purpose, the NSA. Add the CIA, the FBI, and the NFL and our national organizations devoted to eavesdropping, hacking, and electronic warfare are second to none. I'm pretty sure every time we trace a hack back to the Chinese government we probably send them a nasty little virus in response.

But I certainly wouldn't show them my full hand. We should wait on that until they invade Taiwan or The Philippines. You always get the best results when the other side doesn't even know what you're up to. Essential reading includes Blind Man's Bluff, one of the great stories of electronic spying, conducted by US nuclear submarines that tapped directly into Soviet naval telephone cables undersea for something like 10 years. We knew every move Crazy Ivan made before their colonels did.


User currently offlineoldeuropean From Germany, joined May 2005, 2090 posts, RR: 4
Reply 15, posted (1 year 6 months 1 week 3 days 18 hours ago) and read 1356 times:

Quoting AA7295 (Thread starter):
Report Indicates Chinese Military Is Hacking USA

So what? The US is hacking the rest of the world, including their allies, for decades.
 



Wer nichts weiss muss alles glauben
User currently offlinerfields5421 From United States of America, joined Jul 2007, 7607 posts, RR: 32
Reply 16, posted (1 year 6 months 1 week 3 days 17 hours ago) and read 1330 times:

Quoting seb146 (Reply 10):

There is plenty of money and expertise in the US military and other intelligence agencies focused on obtaining information, and trying to prevent compromise of classified information.

Unfortunately the only way to stop hacks is to physically and electronically isolate the data from the Internet.

And stop everyone with access to such information from using any non-secure computer, smart phone or other non-secure communication device.


User currently onlineBMI727 From United States of America, joined Feb 2009, 15735 posts, RR: 27
Reply 17, posted (1 year 6 months 1 week 3 days 16 hours ago) and read 1315 times:

Quoting rfields5421 (Reply 16):
Unfortunately the only way to stop hacks is to physically and electronically isolate the data from the Internet.

And that's a lot more difficult than unplugging the modem. The Stuxnet infection got into the Iranian nuclear system via a flash drive I think.

The bottom line is that someone will slip up.



Why do Aerospace Engineering students have to turn things in on time?
User currently offlineDeltaMD90 From United States of America, joined Apr 2008, 7893 posts, RR: 52
Reply 18, posted (1 year 6 months 1 week 3 days 16 hours ago) and read 1297 times:

Quoting rfields5421 (Reply 16):

It's very possible on smaller networks that are tightly regulated. Have a few computers with absolutely NO contact with the outside world and somehow disable portable media (taking USB drives or whatever out) and have some stringent security physically present, it's very possible to keep that information secure. I've never actually had access to something like this, but I know there are a lot of schools in the Navy where there are very secure rooms kinda like this.

Problem is that is expensive and communication is greatly hindered. I'm sure some of our greatest secrets are kept that way, but you can't keep everything isolated like that.


On a separate note, why can't we just use 256 bit (I think) encryption like the Wikileaks file that no one knows what's in it? I assume the answer is "they do, but they key to open it is what gets stolen" but IDK



Ironically I have never flown a Delta MD-90 :)
User currently offlinerfields5421 From United States of America, joined Jul 2007, 7607 posts, RR: 32
Reply 19, posted (1 year 6 months 1 week 3 days 14 hours ago) and read 1272 times:

Quoting BMI727 (Reply 17):
And that's a lot more difficult than unplugging the modem.

Hence the physical separation requirement - which means no media to record information allowed in or out.

Quoting DeltaMD90 (Reply 18):
but you can't keep everything isolated like that.

You cannot.


I saw a DARPA document back about 1989 discussing why allowing the Internet to be opened to the whole civilian world was a bad idea.

Among the problems were that not ever user would be positively identified, that it would be easy to pretend to be someone else, and that once a system was connected to this international net - there would be no way to keep the system from being hacked at some point.

The document actually predicted cyber attacks, but the most important threat was that the people using secure systems would become complacent. That keeping systems separated would fail because of the human tendency to want to communicate.

It was not classified because it was a talking points for fighting the move by Senator Gore to open up the civilian side of the network. There was great concern that the gateways to MILNET were already subject to compromise, and the situation would only get worse.


User currently offlineFlighty From United States of America, joined Apr 2007, 8491 posts, RR: 2
Reply 20, posted (1 year 6 months 1 week 3 days 13 hours ago) and read 1252 times:

Quoting DeltaMD90 (Reply 18):
somehow disable portable media (taking USB drives or whatever out)

That does exist. It can be disabled and often is at secure sites (even corporate)

Quoting rfields5421 (Reply 19):
The document actually predicted cyber attacks, but the most important threat was that the people using secure systems would become complacent. That keeping systems separated would fail because of the human tendency to want to communicate.

Yes. Human engineering is alive and well.

Medical field -- huge liability for security. Yet, every MD has to be able to get in. The reality is, MDs don't really keep their passwords very well. If you call Help Desk and act intimidating, you can get any medical records from any hospital. And, so it goes. Most days in the military or at banks are boring days. People forget passwords all the time. Especially senior people.

And especially when *$% passwords expire every 60 days and can't be repeated. Then it becomes a pure HUMINT target. Encryption falls to zero. There is no corporation or federal office I've worked for whose security measures were really better than sounding proper on the telephone.

[Edited 2013-02-21 11:15:47]

User currently offlineRevelation From United States of America, joined Feb 2005, 12458 posts, RR: 25
Reply 21, posted (1 year 6 months 1 week 3 days 12 hours ago) and read 1232 times:

Yes, espionage has existed for as long as we've had governments, if not longer.

I think the key point of this article is about how China's military is conducting espionage on commercial, non-military entities for the gain of its own commercial sector.

I haven't heard of the US government going this far. I certainly have heard of the US government sharing information about military and intelligence technology with corporations, but I haven't heard of them doing so for other technologies, outside of times of all-out war when learning, for instance, how the Axis was producing synthetic fuel would be shared with US corporations.

Commercial entities certainly spy on their competition. They will quite happily analyze their competitor's products and try to use whatever they learn to the greatest extent possible. That's different, than, for instance, the German government tearing down a Japanese car and then telling MB/VW/BMW/etc what they've learned.

As for the difficulty of security, you don't have to go very much further than the head of the CIA's affair being discovered via email tapping to see how even very intelligent people do very stupid things.

Good security is possible but quite expensive. You really need to have a lot of defenses, and your own 'tiger team' actively probing the defenses as well as the employees. This is expensive and can make some Perfect security is impossible. All it takes is one mistake by one human and it's all over.



Inspiration, move me brightly!
User currently offlineTheCommodore From Australia, joined Dec 2007, 2849 posts, RR: 8
Reply 22, posted (1 year 6 months 1 week 2 days 10 hours ago) and read 1153 times:

Quoting Revelation (Reply 21):
I haven't heard of the US government going this far.

With all due respect, that is not surprising is it ?

I mean, do you really think the US Government would make this public...... Ummmmmmm NO WAY !



Flown 905,468 kms or 2.356 times to the moon, 1296 hrs, Longest flight 10,524 kms
User currently offlineMaverick623 From United States of America, joined Nov 2006, 5601 posts, RR: 6
Reply 23, posted (1 year 6 months 1 week 1 day 23 hours ago) and read 1097 times:

Quoting AA7295 (Thread starter):
Is it really that hard to prevent hacks?

You cannot prevent a hack. If someone wants access bad enough, they will get it.

Quoting Flighty (Reply 20):

That does exist. It can be disabled and often is at secure sites (even corporate)

Regardless, if the physical port exits, it can be exploited.

The easiest way to hack a secure system is not by brute force, but by social engineering (the newfangaled term for a confidence trick, or con-job). There's a ton of stuff out there that shows just how easy it is to make someone slip up.



"PHX is Phoenix, PDX is the other city" -777Way
User currently offlinePu From Sweden, joined Dec 2011, 697 posts, RR: 13
Reply 24, posted (1 year 6 months 2 days 5 hours ago) and read 960 times:

Who benefitted from the false reports, taken as fact for a decade or more, that the US suffered a "missile gap" behind the USSR?

....the same interests remain at work today.





Pu


Top Of Page
Forum Index

This topic is archived and can not be replied to any more.

Printer friendly format

Similar topics:More similar topics...
Chinese Military Hacked Into Pentagon. posted Tue Sep 4 2007 00:35:02 by FXramper
Is The USA Being Unfair In Iran Talks? posted Thu Jun 1 2006 20:06:39 by Dc10s4ever
Chinese Military Build Up...we Missed It? posted Thu Jun 9 2005 18:05:37 by JamesAg96
Do You Feel Your Military Is Overpaid Or Underpaid posted Mon Jun 17 2002 23:16:49 by Galaxy5
Is China Overtaking USA As Major Superpower? posted Thu Aug 30 2012 13:17:00 by Gonzalo
Mother Says Chinese Parenting Style Is Best posted Tue Jan 11 2011 15:17:19 by Aaron747
Just How Stupid Is The Military? posted Mon Dec 6 2010 20:29:34 by Ken777
Chinese Tourist Visa (USA Citizen) posted Sat May 23 2009 20:19:31 by Goboeing
Louisiana Is Overall Worst State In USA; Worthless posted Mon Nov 12 2007 17:40:44 by ConcordeBoy
San Frans Asinine Anti-military Streak Is Back posted Fri Jun 8 2007 01:00:40 by MDorBust