Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

China Has Penetrated Key U.S. Databases: SANS Director
SC Magazine ^ | January 18, 2008 | By Jack Rogers

Posted on 01/18/2008 4:41:50 PM PST by JACKRUSSELL

An aggressive, non-stop campaign by China to penetrate key government and industry databases in the United States already has succeeded and the United States urgently needs to monitor all internet traffic to critical government and private-sector networks “to find the enemy within,” SANS Institute Director of Research Alan Paller told SCMagazineUS.com.

“They are already in and we have to find them,” Paller said.

Paller said that empirical evidence analyzed by researchers leaves little doubt that the Chinese government has mounted a non-stop, well-financed attack to breach key national security and industry databases, adding that it is likely that this effort is making use of personnel provided by China's People's Liberation Army.

The “smoking guns” pointing to a government-directed effort are keystroke logs of the attacks, which have been devoid of errors usually found in amateur hack attacks, the use of spear phishing to gain entry into computer networks, and the massively repetitive nature of the assault, the SANS research director said.

“This is not amateur hacking. They are going back to the same places 100 times a day, every day. This kind of an effort requires a massive amount of money and resources,” Paller told SCMagazineUS.com.

Paller said that monitoring all internet traffic – including email – to government and private-sector networks is necessary in order to pinpoint breaches and, ultimately, to prevent cyberspies from extracting critical data. The traffic must be carefully analyzed to detect “micro-patterns” that reveal breaches, he said.

“We have to find the needle in the haystack,” he said.

SANS earlier this week placed espionage from China and other nations near the top of its annual list of cybersecurity menaces, reporting that targeted spear phishing is the weapon of choice used in the assault on U.S. databases and those of its allies.

“They are using spear phishing because it is so effective, and it is the least difficult technique [of gaining entry]” Paller said. “They can target anyone within an organization who has a computer. Once they get in, they can go everywhere.”

In November, President Bush requested $154 million in funding for what is expected to be a seven-year, multibillion-dollar program to track cyberthreats on government and private networks. The proposed countermeasures include the reduction of access points between government computers and the internet from a current level of 2,000 to 50, and the assignment of up to 2,000 DHS and NSA security experts to full-time monitoring of critical infrastructure networks to prevent unauthorized instrusion.

Key members of Congressional oversight committees have complained that they have not been fully briefed on the proposal and they have raised concerns about the potential infringement on privacy.

According to SANS' research director, the monitoring envisioned by the government's cybersecurity plan can be implemented without trampling on privacy rights as long as procedures are in place to ensure that it is the traffic itself, rather than the contents of email messages, that is being monitored.

“Monitoring email traffic is not the same thing as reading everyone's email,” Paller said.

The scope of the cybersecurity problem was underlined this week in a profile of U.S. Director of National Intelligence (DNI) Mike McConnell published this week in the New Yorker magazine.

The New Yorker article reported that the Defense Department currently is detecting about three million unauthorized probes on its computer networks every day, while the State Department fends off two million probes daily.

These probes often turn into full-scale attacks, the magazine reported, such as the assault last year on the Pentagon that required 1,500 computers to be taken offline. American allies also have been targeted: In May, the German government blamed the Chinese military after it discovered a spyware program had been planted inside government computers in several key ministries. Chinese officials called the accusation “preposterous.”

McConnell has made information security a top priority for the myriad intelligence agencies he oversees, including the NSA, CIA and the Pentagon's intelligence arm.

The DNI said that Chinese computer attacks have intensified in recent months, while hacking activity emanating from Russia has remained at Cold War levels. Ed Giorgio, a security consultant who worked at the NSA under McConnell, told the New Yorker that China now has 40,000 hackers collecting intelligence off U.S. information systems and those of U.S. allies.

As intense as the assault on U.S. intelligence networks appears to be, cyberespionage directed by foreign governments against U.S. companies is an even bigger problem, McConnell said. “The real question is what to do about industry. Ninety-five percent of this is a private-sector problem,” he told the New Yorker.

The SANS Institute's annual listing of top 10 cyber menaces reported that China and other nations last year had engineered “massive penetration” of U.S. federal agencies and defense contractors, stealing terabytes of data. The institue said that these attacks are expected to intensify this year.

“In 2008, despite intense scrutiny, these nation-state attacks will expand,” SANS warned. “More targets and increased sophistication will mean many successes for attackers. Economic espionage will be increasingly common as nation-states use cybertheft of data to gain economic advantage in multinational deals.”

SANS said the “attack of choice” by foreign cyberwarriors is a form of targeted spear phishing using attachments and well-researched social engineering methods to make the victim believe that an attachment comes from a trusted source. SANS also said overseas hackers are making use of newly discovered Microsoft Office vulnerabilities and hiding their techniques to circumvent virus checking.

McAfee's Avert Labs, in its McAfee Virtual Criminology Report, predicted that the rise in international cyber spying will pose the number one security threat in 2008.


TOPICS: Front Page News; News/Current Events
KEYWORDS: abledanger; bushfault; bushlegacy; chicoms; china; clintonlegacy; communism; cybersecurity; espionage; internet; lenovo; loral; securitybreach; traitor; yearoftherat
Navigation: use the links below to view more comments.
first 1-2021-4041-6061-72 next last

1 posted on 01/18/2008 4:41:52 PM PST by JACKRUSSELL
[ Post Reply | Private Reply | View Replies]

To: Duchess47; jahp; LilAngel; metmom; EggsAckley; Battle Axe; SweetCaroline; Grizzled Bear; ...
WARNING MADE IN CHINA

”Made in China” Ping.

(Please FReepmail me if you would like to be on or off of the list.)
2 posted on 01/18/2008 4:42:08 PM PST by JACKRUSSELL
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL

With “friends” like these....


3 posted on 01/18/2008 4:44:19 PM PST by cripplecreek (Only one consistent conservative in this race and his name is Hunter.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL

China...most favored nation. Right.


4 posted on 01/18/2008 4:46:00 PM PST by Prokopton
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL

Does this make it clear that we cannot again have a Clinton in the White House. We wonder if all those who went out of their way to see that the Chinese connection was not investigated will ever be known.


5 posted on 01/18/2008 4:46:48 PM PST by AmericanVictory (Should we be more like them, or they like us?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL

Someone should create an alternative, or alternatives, to the internet. That sensitive information is so open to the world is madness.


6 posted on 01/18/2008 4:48:51 PM PST by decimon
[ Post Reply | Private Reply | To 1 | View Replies]

To: AmericanVictory
Does this make it clear that we cannot again have a Clinton in the White House.

Do we have a Clinton in the white house now? Sure seems that way.
7 posted on 01/18/2008 4:51:45 PM PST by cripplecreek (Only one consistent conservative in this race and his name is Hunter.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Paul Ross; Jeff Head

PING


8 posted on 01/18/2008 5:13:47 PM PST by B4Ranch (( "Freedom is not free, but don't worry the U.S. Marine Corps will pay most of your share." ))
[ Post Reply | Private Reply | To 1 | View Replies]

To: cripplecreek
Things will get alot easier for the chinese when Hillary and bill occupy the Whitehouse once more. GET OUT AND VOTE
9 posted on 01/18/2008 5:18:50 PM PST by ronnie raygun (Id rather be hunting with dick than driving with ted)
[ Post Reply | Private Reply | To 3 | View Replies]

To: AmericanVictory
Bush is in charge now, the Repubs pushed for MFN status for China, Clinton signed.

Repubs and Dems both love commies for trade and business, so you can’t blame Clinton for everything. Bush has appeared weak to the Chinese since the spy plane hostage incident.

10 posted on 01/18/2008 5:20:19 PM PST by BGHater ('A Nation's best defense is an educated citizenry'-Thomas Jefferson)
[ Post Reply | Private Reply | To 5 | View Replies]

To: cripplecreek
You can’t seriously compare Bush’s ‘favors’ to the ChiComs to the Clintons’, can you? Bush didn’t enable them to drop a nuke on our west coast.
11 posted on 01/18/2008 5:21:54 PM PST by Ghost of Philip Marlowe (If Hillary is elected, her legacy will be telling the American people: Better put some ice on that.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Prokopton

Good thing Thompson voted for that.


12 posted on 01/18/2008 5:22:04 PM PST by CJ Wolf
[ Post Reply | Private Reply | To 4 | View Replies]

To: JACKRUSSELL
Where is the Captain Obvious image?

What should anyone expect when big chunks of software development and testing are done in China... not to mention innumerable "fresh off the boat" Chinese developers here in this country on work visas?

13 posted on 01/18/2008 5:28:18 PM PST by fso301
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ghost of Philip Marlowe

What is Bush doing about the fact that the Chinese are selling the weapons that are killing our soldiers? What about the endless string of poison being sent to us in a whole range of products? What about the fact that the Chinese are continuing to spy on us and will continue to do so for the foreseeable future? Recently the DOD claimed they had no way of tracking who makes much of our sensitive equipment.

There’s a good reason using the Clintons as a scare tactic simply doesn’t work any more.


14 posted on 01/18/2008 5:37:06 PM PST by cripplecreek (Only one consistent conservative in this race and his name is Hunter.)
[ Post Reply | Private Reply | To 11 | View Replies]

To: fso301

Don’t forget the students of all our technical universities, doing research for our scientists, paid for by government grants. Shoot, they don’t have to hack, their second cousin is doing the research!


15 posted on 01/18/2008 6:23:20 PM PST by huldah1776 ( Worthy is the Lamb)
[ Post Reply | Private Reply | To 13 | View Replies]

To: JACKRUSSELL
Someone in authority on our side should read Sun Tzu’s “The Art of War” (ISBN0 19 501476 6) and consider the art of fighting without fighting and how a successful general may win without fighting.

Sun Tzu believed that the army was the instrument which gave the coup de grace to an enemy that was made vulnerable prior the hostilities. Secret agents separated the enemy’s allies from him and conducted a variety of clandestine subversive activities that set him up for the operation.

Note especially the chapter on “Employment of Secret Agents”

16 posted on 01/18/2008 6:23:42 PM PST by Citizen Tom Paine (Swift as the wind; Calmly majestic as a forest; Steady as the mountains.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL

Is this related to the goods sold to the Chinese by billclinton?


17 posted on 01/18/2008 6:24:26 PM PST by bannie ("Beware!!! clintons CHEAT!")
[ Post Reply | Private Reply | To 1 | View Replies]

To: huldah1776
I think anyone with a website having a login on it undestands the relentlessness of the attacks from Chinese and Russian IP addresses.

Can't say I see nearly as much from India which is why if I had to outsource, India would be far higher on my list of places to outsource to than China or Russia.

18 posted on 01/18/2008 6:33:45 PM PST by fso301
[ Post Reply | Private Reply | To 15 | View Replies]

To: JACKRUSSELL; backhoe; Cindy; ShadowAce; HAL9000; Incorrigible; Database; kcvl; bd476; neverdem; ...

U.S. Won’t Cede Control of Net Computers
http://www.freerepublic.com/focus/f-news/1434569/posts

FBI tries to fight zombie hordes
http://www.freerepublic.com/focus/f-news/1850579/posts

US diplomats alerted over Chinese computers (LENOVO)
American diplomats have been instructed not to keep classified material on 16,000 newly purchased computers because the manufacturer is partly-owned by the Chinese government.
http://www.freerepublic.com/focus/f-news/1635442/posts

US group wants China ‘spy’ probe (State Dept orders Lenovo Laptops)
http://www.freerepublic.com/focus/f-news/1604617/posts

Statement by the President - He’s loosening export controls on super computers! (1999 - CLINTON)
http://www.freerepublic.com/forum/a377ba1de06a1.htm


19 posted on 01/18/2008 6:55:57 PM PST by The Spirit Of Allegiance (Public Employees: Honor Your Oaths! Defend the Constitution from Enemies--Foreign and Domestic!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JACKRUSSELL

Up until about a year ago it was the Russians who were the main problem. As a webadmin I can testify that the Chinese hackers are now the biggest threat, at least on the commercial sites that I manage.

The attack attempts have been flooding my logs with 10000+ attempts/day.

We recently banned all Chinese IP addrs at the firewall. We get less than 0.1% sales from China and most of those are stolen credit cards anyway. (We banned Russia years ago for the same reason.)


20 posted on 01/18/2008 6:56:30 PM PST by Gideon7
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-6061-72 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson