Chinese Cyber (war)fare (merged thread)

[AdamG]

China set up a specialized online "Blue Army" unit that it claims will protect the People's Liberation Army from outside attacks, prompting fears that the crack team was being used to infiltrate foreign governments' systems.

At a rare briefing, China's defense ministry spokesman, Geng Yansheng, announced that the 30-strong team was formed to improve the military's security, the Beijing News reported Thursday.

When a reporter asked if the Blue Army was set up in order to launch cyber attacks on other countries, Geng said that internet security was an international issue that impacted not only society but also the military field, adding that China was also a victim of cyber attacks and that the country's network security was currently relatively weak.

Read more: http://www.foxnews.com/scitech/2011/...#ixzz1NYQBORDc

See also
http://council.smallwarsjournal.com/...ead.php?t=5775

and
http://council.smallwarsjournal.com/...ead.php?t=2776

[Neil Baumgardner]

In PLA terminology, "Blue Army" units are typically OPFOR units. There are "Blue Army" Armored Brigades, fighter squadrons, etc.

Neil

[AdamG]

SAN FRANCISCO (AP) — Google Inc. is blaming computer hackers in China for a high-tech ruse that broke into the personal Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists.

The breach announced Wednesday marks the second time in 17 months that Google has publicly identified China as the home base for a scheme aimed at hijacking information stored on Google's vast network of computers.

Google traced the origin of the attacks to Jinan, China. That's the home city of a military vocational school whose computers were linked to the assault more than a year ago on Google's computer systems, along with those of more than 20 other U.S. companies.

http://www.nytimes.com/aponline/2011...k.html?_r=1&hp

[AdamG]

Top military contractor Northrop Grumman Corp. may have been hit by a cyber assault, the latest in a string of alarming attacks against military suppliers, a source within the company told FoxNews.com.

Lockheed Martin said its network had been compromised last week, and defense contractor L-3 Communications was targeted recently, as well. Both intrusions involved the use of remote-access security tokens, experts say.

On May 26, Northrop Grumman shut down remote access to its network without warning -- catching even senior managers by surprise and leading to speculation that a similar breach had occurred.

Read more: http://www.foxnews.com/scitech/2011/...#ixzz1OA7QbVf1

[AdamG]

BEIJING (Reuters) - China must boost its cyber-warfare strength to counter a Pentagon push, the country's top military newspaper said on Thursday after weeks of friction over accusations that Beijing may have launched a string of Internet hacking attacks.

The accusations against China have centered on an intrusion into the security networks of Lockheed Martin Corp and other U.S. military contractors, and deceptions intended to gain access to the Google e-mail accounts of U.S. officials and Chinese human rights advocates.

But the official newspaper of the People's Liberation Army said it was Beijing that was vulnerable to attack, in a news report that surveyed the Pentagon's efforts in cyber security.

http://ca.news.yahoo.com/china-milit...105425374.html

From 2009

TORONTO — A vast electronic spying operation has infiltrated computers and has stolen documents from hundreds of government and private offices around the world, including those of the Dalai Lama, Canadian researchers have concluded.
In a report to be issued this weekend, the researchers said that the system was being controlled from computers based almost exclusively in China, but that they could not say conclusively that the Chinese government was involved.

Although the Canadian researchers said that most of the computers behind the spying were in China, they cautioned against concluding that China’s government was involved. The spying could be a nonstate, for-profit operation, for example, or one run by private citizens in China known as “patriotic hackers.”

http://www.nytimes.com/2009/03/29/technology/29spy.html

[AdamG]

There is no cyber warfare taking place between China and the United States, a senior Chinese official said on Wednesday, after weeks of friction over accusations that China may have launched a string of Internet hacking attacks.

The two countries might suffer from cyberattacks, but they were in no way directed by either government, Vice Foreign Minister Cui Tiankai told a small group of foreign reporters ahead of a meeting with U.S. officials in Hawaii this weekend.

Read more: http://www.foxnews.com/scitech/2011/...#ixzz1Q2EpD58B

[AdamG]

Heh.

The Indian government has put Chinese mobile giant Huawei in charge of inspecting imported smartphone equipment for secret spyware. But who's spying on whom?

http://www.fastcompany.com/1763715/i...ght-cyberspies

[AdamG]

This ought to be interesting -

The new desktop tools expand on the Google Diggity and Bing Diggity Web tools that they released in 2010. Additionally, Stach and Liu are expanding their search hacking tools to Chinese search engine Baidu.

"Baidu is the largest search engine used by people in China and it's the best indexer of Chinese websites," Brown said. "So if you're a U.S. government employee that is inclined to find vulnerabilities in China, this should be your tool."

Brown noted that in a sample scan he found thousands of MySQL error messages in Chinese government websites. Those MySQL errors could potentially be indicative of SQL Injection vulnerabilities that might be exploitable.

"So we can hack China back," Brown said.

http://www.esecurityplanet.com/featu...fter-China.htm

[SWJ Blog]

China suspected in cyber attacks on U.S. satellites

Entry Excerpt:



--------
Read the full post and make any comments at the SWJ Blog.
This forum is a feed only and is closed to user comments.

[AdamG]

In the event of hostilities, a marketing apparatus like this can be turned into an instant Agitprop unit.

In China, paid posters are known as the Internet Water Army because they are ready and willing to 'flood' the internet for whoever is willing to pay. The flood can consist of comments, gossip and information (or disinformation) and there seems to be plenty of demand for this army's services.

This is an insidious tide. Positive recommendations can make a huge difference to a product's sales but can equally drive a competitor out of the market. When companies spend millions launching new goods and services, it's easy to understand why they might want to use every tool at their disposal to achieve success.

The loser in all this is the consumer who is conned into making a purchase decision based on false premises. And for the moment, consumers have little legal redress or even ways to spot the practice.

Today, Cheng Chen at the University of Victoria in Canada and a few pals describe how Cheng worked undercover as a paid poster on Chinese websites to understand how the Internet Water Army works. He and his friends then used what he learnt to create software that can spot paid posters automatically.

http://www.technologyreview.com/blog...7357/?p1=blogs

[AdamG]

The New York Times reported Wednesday that the paper has been the subject of a sophisticated attack by Chinese hackers for the last four months, following its reporting on the private wealth of China’s prime minister Wen Jiabao. The story offers a rare and detailed post-mortem of what appears to be the work of a team of well-trained infiltrators who systematically and stealthily gained access to and collected the news outfit’s private information as the paper dug into a subject perceived as highly sensitive by the Chinese government.

One fact, however, will be of particular concern to the world’s largest antivirus firm, Symantec: Out of the 45 different pieces of malware planted on the Times‘ systems over the course of three months, just one of those programs was spotted by the Symantec antivirus software the Times used, according to Mandiant, the data breach response firm hired by the Times. The other 44 were only found in Mandiant’s post-breach investigation months later, according to the Times‘ report.

http://www.forbes.com/sites/andygree...ew-york-times/

SAN FRANCISCO — For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.

http://www.nytimes.com/2013/01/31/te...ers.html?_r=1&

[carl]

AdamG:

Thank you for posting these.

How do you think this thing between Red China and the US will eventually play out?

[Dayuhan]

Is there a "thing" that is "between China and the US"? What thing is it?

[carl]

Don't be coy Dayuhan, it's obvious from the context of the thread.

[AdamG]

A federal weather service employee charged with stealing sensitive infrastructure data from an Army Corps of Engineers database met a Chinese government official in Beijing, according to court documents that reveal the case to be part of an FBI probe of Chinese economic espionage.

Xiafen “Sherry” Chen, an employee of the National Oceanic and Atmospheric Administration (NOAA) office in Ohio, was arrested in October and charged in a federal grand jury indictment with illegally accessing the Army’s National Inventory of Dams (NID).

The NID is a sensitive database containing information on all U.S. dams. U.S. intelligence officials have said the database was compromised by Chinese hackers in 2013 as part of covert efforts by Beijing to gather sensitive information on critical U.S. infrastructure for possible use in a future conflict.

http://freebeacon.com/national-secur...al-in-beijing/

[AdamG]

How utterly embarrassing for the Obama administration.

Hackers working for the Chinese state breached the computer system of the Office of Personnel Management in December, U.S. officials said Thursday, and the agency will notify about 4 million current and former federal employees that their personal data may have been compromised.

The hack was the largest breach of federal employee data in recent years. It was the second major intrusion of the same agency by China in less than a year and the second significant foreign breach into U.S. government networks in recent months.Last year, Russia compromised White House and State Department e-mail systems in a campaign of cyber#espionage.

http://www.washingtonpost.com/world/...44e_story.html

[Invictus_88]

Am I the only one concerned that, looking back in five years' time, we might wish that this is the worst that ever happened?

[davidbfpo]

I have only read the WaPo report, which has very little detail and a good dollop of speculation. So OPM are notifying 4m US citizens / residents of 'potential' problems. Somehow I expect other database losses are just as significant.

This type of reporting IMHO only adds to worry and speculation. I do wonder OPM notification announcement was prompted by the WaPo story.

[AdamG]

WASHINGTON — The inspector general at the Office of Personnel Management, which keeps the records and security clearance information for millions of current and retired federal employees, issued a report in November that essentially described the agency’s computer security system as a Chinese hacker’s dream.

But by the time the report was published, Chinese hackers had already cleaned out tens of thousands of files on sensitive security clearances, and were preparing for a much broader attack that ultimately obtained detailed personal information on at least four million current and former government employees. Even today, the agency is struggling to patch numerous vulnerabilities.

A number of administration officials on Friday painted a picture of a government office struggling to catch up, with the Chinese ahead of them at every step.

http://www.nytimes.com/2015/06/06/us...acks.html?_r=0

[AdamG]

Anyone who is surprised by this has not been paying attention.
http://council.smallwarsjournal.com/...ad.php?t=21600


There's a very specific reason I posted this article in a thread separate from the one I started in 2011.
http://council.smallwarsjournal.com/...ad.php?t=14610