Chinese hackers breach US military defences: Uncle Sam hacks back in counter attack...

Security experts have revealed tantalising details about a group of Chinese hackers who are suspected of launching intelligence gathering attacks against the US government.

The hackers, who are believed to be based in the Chinese province of Guangdong, are thought to have stolen US military secrets, including aviation specifications and flight-planning software.

Alan Paller, director of the SANS Institute, said: "From the Redstone Arsenal, home to the Army Aviation and Missile Command, the attackers grabbed specs for the aviation mission-planning system for Army helicopters, as well as Falconview 3.2, the flight-planning software used by the Army and Air Force."

The team is thought to consist of 20 hackers. Paller claimed the Chinese government was the most likely recipient of the information they intercepted.

He told an event at the Department of Trade and Industry on Tuesday: "Of course it's the government. Governments will pay anything for control of other governments' computers. All governments will pay anything. It's so much better than tapping a phone."

Titan Rain first came to public attention this summer, when the Washington Post reported that websites in China were being used to target computer networks in the Defense Department and other US agencies.

Time later reported that Titan Rain had been counter-hacked by a US security expert called Shawn Carpenter.

The attacks, which are ongoing, were particularly effective on the night of 1 November, 2004, said Paller, who outlined how the hackers first scanned then broke into US government computers.

At 22:23(PST) the Titan Rain hackers exploited vulnerabilities at the US Army Information Systems Engineering Command at Fort Huachuca, Arizona. A few hours later, at 01:19(PST), they exploited the same hole in computers at the Defense Information Systems Agency in Arlington, Virginia.

By 03:25(PST) they had hit the Naval Ocean Systems Center, a Defense Department installation in San Diego, California. Then at 04:46(PST) they struck again - this time at the United States Army Space and Strategic Defense installation in Huntsville, Alabama.

The UK is also under intelligence-gathering cyber attack from the far east, according to the National Infrastructure Security Co-ordination Centre (NISCC). The government body cannot name the countries concerned as this may "ruin diplomatic efforts to halt the attacks", NISCC director Roger Cummings said on Tuesday.

I am on a dial-up with an old computer. Using 95. All has been working great for 7 years. A little slow but good enough for what I use it for.

Free AVG caught a virus a few years ago and put it in jail.

There is nothing on my sys that I can't lose and regret it.

In spite of my limited capabilities I do quite a bit around the world speaking in secured chats mainly dedicated to the presurvation of wild animals in Mid and South Africa. I am not a tree hugger but many of the people I deal with are far far left.

My only problem with the puter is the inability to post pictures of wildlife. I don't have one of those ISB ports. I will get a new puter next year and solve that problem.

Don't get me wrong. I hate AOL. There is no place to complain on their front page about their left leaning stories. It is very similar to the NY Times. I do want out of AOL and will consider something different next year.

Verizon is coming in early next year and I think I will switch to them.

Thanks for the recommendations.

Bill in Hershey, PA

How the undermining of US intelligence continues in cyberspace
Posted by George Ou @ 8:35 am

When my friend emailed me this story on Time Online about Chinese cyberspies, I thought it was just going to be just another story about cyber attacks from China. Even the title of the Time article "The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them)" gave no indication of the alarming ineffectiveness of US cyber intelligence policy. The article chronicled the work of an American Veteran Shawn Carpenter who tracked down and counter-hacked a Chinese cyberespionage ring called "Titan Rain" that hacked everything from Lockheed to NASA to the Army. What's shocking is that the FBI who unofficially worked with Carpenter ended up investigating Carpenter rather than the Titan Rain and dumped all of Carpenter's work.

It turns out that US intelligence agencies must go through a "cumbersome authorization process that can be as tough as sending covert agents into foreign lands" before they can track down any foreign hackers. This also means that they can't officially work with someone like Shawn Carpenter since it's illegal for a US citizen to counter-hack in to a foreign country. The US essentially has to play nice and hope that a foreign government will be cooperative. The reality is that the Titan Rain are so professional and organized that many in the intelligence community suspect the Chinese government of being the sponsors of Titan Rain and this is simply a continuation of the 90s when China routinely stole technology from American companies and National Laboratories. Since the Chinese government is giving zero cooperation in the investigation against Titan Rain and went as far as calling the charges against Titan Rain "totally groundless, irresponsible and unworthy of refute", US intelligence has very little to work with.

Up until Shawn Carpenter successfully counter-hacked Titan Rain, there wasn't even any direct evidence that the attacks were emanating from China in the first place. It was known that massive numbers of cyber attacks were coming from China but no one could be certain if China was just being used as a proxy by some other foreign country who managed hack in to Chinese computers to use them as a launch platform. Carpenter had actually managed to install his own bugging code into one of Titan Rain's primary routers in Guangdong China (near Hong Kong) and could effectively monitor Titan Rain's every move and verified that the hacks were indeed emanating from China. Carpenter fed this intelligence to the FBI for months and was showered with praise until the FBI abruptly stopped communicating with him in March of 2005. Carpenter ended up being the subject of an FBI investigation which eventually ended up filing no charges against him but resulted in his dismissal from his employer Sandia National Laboratories. What's most shocking is that the FBI did not even bother to ask Carpenter for the password to Titan Rain's router or any of the other tools that Carpenter used to infiltrate Titan Rain. If Shawn Carpenter had hacked in to an Al Qaeda network, his work probably would have been discarded the same way.

What the Carpenter case illustrates is a continuation of the gutting of US intelligence that started back in the 70s with Senator Frank Church's Church commission and the 90s with Robert Torricelli leading an effort to "reform" the CIA. In their crusade to investigate the CIA and turn them in to a kinder gentler agency, the Church commission leaked so much classified information that it lead to the deaths of many US informants in foreign countries which dried up all other leads since no one wants to work with a country whose own Senate might betray them. The Torricelli reforms forbade the CIA from recruiting terrorists and criminals as informants yet anyone who knows the spy business knows that effective informants are usually not choir boys. Now that the FBI has let Carpenter's work go to waste, it would seem that 9/11 hasn't really taught us anything and we're still more interested in being politically correct than being safe.

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.