Posted on 01/18/2008 4:41:50 PM PST by JACKRUSSELL
An aggressive, non-stop campaign by China to penetrate key government and industry databases in the United States already has succeeded and the United States urgently needs to monitor all internet traffic to critical government and private-sector networks “to find the enemy within,” SANS Institute Director of Research Alan Paller told SCMagazineUS.com.
“They are already in and we have to find them,” Paller said.
Paller said that empirical evidence analyzed by researchers leaves little doubt that the Chinese government has mounted a non-stop, well-financed attack to breach key national security and industry databases, adding that it is likely that this effort is making use of personnel provided by China's People's Liberation Army.
The “smoking guns” pointing to a government-directed effort are keystroke logs of the attacks, which have been devoid of errors usually found in amateur hack attacks, the use of spear phishing to gain entry into computer networks, and the massively repetitive nature of the assault, the SANS research director said.
“This is not amateur hacking. They are going back to the same places 100 times a day, every day. This kind of an effort requires a massive amount of money and resources,” Paller told SCMagazineUS.com.
Paller said that monitoring all internet traffic – including email – to government and private-sector networks is necessary in order to pinpoint breaches and, ultimately, to prevent cyberspies from extracting critical data. The traffic must be carefully analyzed to detect “micro-patterns” that reveal breaches, he said.
“We have to find the needle in the haystack,” he said.
SANS earlier this week placed espionage from China and other nations near the top of its annual list of cybersecurity menaces, reporting that targeted spear phishing is the weapon of choice used in the assault on U.S. databases and those of its allies.
“They are using spear phishing because it is so effective, and it is the least difficult technique [of gaining entry]” Paller said. “They can target anyone within an organization who has a computer. Once they get in, they can go everywhere.”
In November, President Bush requested $154 million in funding for what is expected to be a seven-year, multibillion-dollar program to track cyberthreats on government and private networks. The proposed countermeasures include the reduction of access points between government computers and the internet from a current level of 2,000 to 50, and the assignment of up to 2,000 DHS and NSA security experts to full-time monitoring of critical infrastructure networks to prevent unauthorized instrusion.
Key members of Congressional oversight committees have complained that they have not been fully briefed on the proposal and they have raised concerns about the potential infringement on privacy.
According to SANS' research director, the monitoring envisioned by the government's cybersecurity plan can be implemented without trampling on privacy rights as long as procedures are in place to ensure that it is the traffic itself, rather than the contents of email messages, that is being monitored.
“Monitoring email traffic is not the same thing as reading everyone's email,” Paller said.
The scope of the cybersecurity problem was underlined this week in a profile of U.S. Director of National Intelligence (DNI) Mike McConnell published this week in the New Yorker magazine.
The New Yorker article reported that the Defense Department currently is detecting about three million unauthorized probes on its computer networks every day, while the State Department fends off two million probes daily.
These probes often turn into full-scale attacks, the magazine reported, such as the assault last year on the Pentagon that required 1,500 computers to be taken offline. American allies also have been targeted: In May, the German government blamed the Chinese military after it discovered a spyware program had been planted inside government computers in several key ministries. Chinese officials called the accusation “preposterous.”
McConnell has made information security a top priority for the myriad intelligence agencies he oversees, including the NSA, CIA and the Pentagon's intelligence arm.
The DNI said that Chinese computer attacks have intensified in recent months, while hacking activity emanating from Russia has remained at Cold War levels. Ed Giorgio, a security consultant who worked at the NSA under McConnell, told the New Yorker that China now has 40,000 hackers collecting intelligence off U.S. information systems and those of U.S. allies.
As intense as the assault on U.S. intelligence networks appears to be, cyberespionage directed by foreign governments against U.S. companies is an even bigger problem, McConnell said. “The real question is what to do about industry. Ninety-five percent of this is a private-sector problem,” he told the New Yorker.
The SANS Institute's annual listing of top 10 cyber menaces reported that China and other nations last year had engineered “massive penetration” of U.S. federal agencies and defense contractors, stealing terabytes of data. The institue said that these attacks are expected to intensify this year.
“In 2008, despite intense scrutiny, these nation-state attacks will expand,” SANS warned. “More targets and increased sophistication will mean many successes for attackers. Economic espionage will be increasingly common as nation-states use cybertheft of data to gain economic advantage in multinational deals.”
SANS said the “attack of choice” by foreign cyberwarriors is a form of targeted spear phishing using attachments and well-researched social engineering methods to make the victim believe that an attachment comes from a trusted source. SANS also said overseas hackers are making use of newly discovered Microsoft Office vulnerabilities and hiding their techniques to circumvent virus checking.
McAfee's Avert Labs, in its McAfee Virtual Criminology Report, predicted that the rise in international cyber spying will pose the number one security threat in 2008.
~~memories~~
(1990) John McCain said on the floor of the Senate: “Mr. President, I am anxious to construct a new relationship with our old adversary (Vietnam)”. He, who was in a Vietnamese prison camps for five and a half years, was pushing hard for normalized relations with Hanoi long before anyone else was.
Between when Clinton said that he would not normalize relations with Vietnam until there was a full accounting of POWs/MIAs and the time he lifted the Trade Embargo only two Americans had been accounted for in Vietnam.
Lifting the embargo opened the door for the multi-billion dollar corporation, Lippo Group with American business partners, such as Stephens Investment of Little Rock, AR to conduct business in Vietnam. Mr A. Vernon Weaver, at that time the Vice-President for Operations in the Pacific Rim of Stephens Investment and a member of the Board of Visitors at the U.S. Naval Academy was instrumental in arranging an upgrade of the position of Commandant of the U.S. Naval Academy from two stars to four stars.
Former U.S. Navy officers, Senators John Kerry and John McCain supported this reorganization.
http://www.usvetdsp.com/billbell.htm
An indication of just how deep and subtle Red Chinese roots run in U.S. business and government affairs deals with McCain and Kerry. Both McCain and Kerry fought long and hard to provide the political cover Clinton needed when he made the controversial decision to normalize relations with Vietnam. McCain’s wife, Cindy, is the daughter of James Hensley, who is the second largest Anheuser-Busch distributor in the United States. McCain is an officer in Hensley & Co. and Cindy is a vice president. The McCain family owns several million dollars in Anheuser-Busch stock.
As a part of an aggressive campaign to enhance its international standing in the beer market, Anheuser-Busch has had signned contracts and invested hundreds of millions building brewery operations in China and Vietnam. I can’t link any of those contracts involve Lippo. Some docs retrieved from the net revealed that Riady’s Lippo is the holder of a license for Sea World in Indonesia and that Anheuser-Busch owns all the Sea World themeparks in the United States as well as some overseas.
Is there a connection between Anheuser-Busch and Lippo?
http://www.usvetdsp.com/billbell.htm
SeaWorld/Lippo Connection:
Old URL: http://www.lippo.co.id/Main.htm
Internet Cache: http://web.archive.org/web/19980530014836/http://www.lippo.co.id/Main.htm
Net cache shows Lippo holds/held the license on Sea World in Indonesia.
“Today I am lifting the trade embargo against Vietnam because I am absolutely convinced it offers us the best way to resolve the fate of those who remain missing and about whom we are not sure.” Two things happened between November 1992 and February 1994 which bear on this issue. One was that Senators John Kerry and John McCain lobbied the president to drop the embargo. The second thing was that in September 1993 the head of the Lippo Group, Mochtar Riady, led a trade mission of Asian bankers on a trip to Vietnam to (in his words) “size up business opportunities there.” Lippo helps, among other things, to finance trade deals. It therefore stood to benefit enormously from expanded trade between Vietnam and the United States;
Old URL: http://www.empower.org/html/policy/misc/roadmap3.htm
See Internet Cache:
http://web.archive.org/web/20000816001233/http://www.empower.org/html/policy/misc/roadmap3.htm
After all, if they want our top secrets, they just need to ask...
Bump.
Interesting stuff...
Cyber.
Warfare.
or
Electronic.
Blitzkrieg.
Think of The Art of War or Oriental philosophy in general -- lie about your intentions, soft-pedal your strengths, and attack in a way that you've won the war without having to risk open battle.
America's military and economic strength is predicated on its 'wiredness'.
If they disable our C-and-C (by denying us the ability to *communicate*) they can just waltz in and *take* Taiwan.
And put an end to the impression of American invulnerability.
Couple that with judiciously chosen sabotage and/or suicide attacks (say of key personnel at our Clintonized national labs), and the hollowing out of our infrastructure (we *import* apples from China!!? What happened to the state of Washington), and China sees itself as invincible -- they have us on manufacturing, technology, population, and (for Taiwan) short supply lines.
IF this happens, I hope President Thompson has the balls to summarily execute a couple dozen CEOs for treason.
(Please note that the 'common sense' punishment for those CEOs, the bill of attainder, is explicitly unconstitutional -- which is why all the Dems were pushing for 'censure plus' for Bill Clinton. Lying scum.)
Cheers!
We have it. It's called the SIPR Net. However, that doesn't prevent idiots from putting sensitive information on Internet-connected systems.
That one actually made sense. The export controls were pegged at a processing power that was formerly only attainable by huge supercomputers. At the time they were loosened, that power was available on a desktop. The static restriction meant our computer industry soon wouldn't be able to export anything, and foreign competitors would have filled the need. Only a few years after this people were able to make supercomputers using Sony's PlayStation 2 game console.
The House vote was 259-173 in favor.
146 Republicans and 112 Democrats took the floor to plead FOR MFN, including the speaker.
The Senate voted 60-38 for.
But, yet, you pick out FRed. What did your guy do? Sit on his thumbs?
Many people, including you, don’t realize what the effects of being left out of China’s trade would have meant.
The problem IS NOT that China has MFN status. It’s the Trade Agreement is bad!
Now, who negotiated that?
Notice, if you will, that FRed has been calling for FAIR & FREE Trade, saying, all along, that the agreement’s are skewed, and need to be re-negotiated.
I agree 1000%! Let the shiite fly now, rather than later when they are even more able and equipped to counter.
You nailed it...God, Family, Country!
Yes, you are right. If people would just do some research, they’d find film, still pictures, and several books to prove it.
The blacklists can be found here:
http://blackholes.us/zones/countries/cn.txt and http://blackholes.us/zones/countries/ru.txt
Uncle Sam should switch to EQUIPMENT not made in China.
Ooops, there isn't any.
American hardware is made in China, American software is made in India, defense contractors in U.S. are foreign owned. Foreign brain is doing research in U.S. and Americans are busy running service economy (i.e."do you want fries with it, sir?")
Twenty years ago, American goverment learned from the French that Soviets use illegaly obtained American equipment on ther pipelines. The clandestine operation was set up, to pepper up the commercial equipment and let Ruskies buy it. As a result, one of the pipelines blew up, and the explosion mimicked nuclear attack
Methinks the history can and will repeat itself - U.S. goverment may already be in possession of "American" equipment peppered up by Chicoms or other hostile parties. Actually, there are reports of Chicoms already penetrating NORAD computers. The catch - computers are not connected to the Internet. Chicoms used powerlines and tampered equipment.
thanks!
Are these blocked at the router level or the software level on each system?
My network and .htaccess thanks you! Here comes the great flushing sound~!
ALL
Jeeesh you people worry too much about all of this.
The man in charge of our DOD defense computers, Chaing Xu Sui, say’s they are safe from Chinese hacker attempts.
What more do you want?
The man in charge of our DOD defense computers, Chaing Xu Sui, say’s they are safe from Chinese hacker attempts.
What more do you want?
A nice tasty rat to nibble on as I cut and paste all those "deny from"'s? :-)
The second list will require vodka, in honor of nashi protivnik.
I know, people are tired of hearing complaints but maybe if some of us began posting our firewall logs, it would give people cause to rethink the position. These people are not playing games, and they are good at what they do. Ask my neighbor, who just had her debit card cleaned out yesterday, among the more trivial examples.
So they want to just go in and rummage through anything American citizens do on the Internet, just in case we're terrorists.
What liberty?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.