Undercover Researchers Expose Chinese Internet Water Army

[Dayuhan]

Quote:

Originally Posted by carl

Something Mr. Thomas said in his article got me to thinking. He said a particular Red Chinese target is the company that supplies most of the nat gas and petroleum pipeline remote control software in North American. Now, we ran all kinds of complicated pipeline systems just fine for decades before computers came along. So I have two questions for those of you who know a lot about such things.

First, would the pipeline infrastructure of the 1950s be vulnerable to a cyber attack from Red China or anywhere else? I am guessing it would not be.

Second, do you think we might someday go back to such manual system with land line communications in order to be more secure from lethal cyber attack? I know I am probably getting something wrong but the general thrust of the question is about whether older tech might be better in the long run.

The Chinese are in the process of building an enormous pipeline network spanning vast distances and extremely hostile terrain. Why would you assume that their interest in pipeline controls is aimed at disrupting US pipelines? Wouldn't Occam's razor suggest that their own control technology is not that good, they know it, and they think stealing upgrades is easier and cheaper than buying or developing them?

Sending American industry back to the dark ages in an effort to insulate it from hypothetical cyber attacks seems a bit over the top to me. These systems may have run "just fine" in the 50s to a casual observer, but I suspect that if you talked to those in the industry they would tell you that the way they do things now is far more effective and far more efficient, and not just in using fewer workers. The technology developed for a reason.

[carl]

Quote:

Originally Posted by Dayuhan

The Chinese are in the process of building an enormous pipeline network spanning vast distances and extremely hostile terrain. Why would you assume that their interest in pipeline controls is aimed at disrupting US pipelines? Wouldn't Occam's razor suggest that their own control technology is not that good, they know it, and they think stealing upgrades is easier and cheaper than buying or developing them?

Sending American industry back to the dark ages in an effort to insulate it from hypothetical cyber attacks seems a bit over the top to me. These systems may have run "just fine" in the 50s to a casual observer, but I suspect that if you talked to those in the industry they would tell you that the way they do things now is far more effective and far more efficient, and not just in using fewer workers. The technology developed for a reason.

Why am I not surprised at the tone this reply?

[Dayuhan]

Quote:

Originally Posted by carl

Why am I not surprised at the tone this reply?

If you don't like the tone, address the substance.

[carl]

No, I am not talented enough to refute "Why would you...", "Wouldn't..."and "I suspect...".

[Dayuhan]

Do you believe that Chinese interest in pipeline controls is aimed at disrupting American pipelines, rather that simple industrial espionage aimed at improving Chinese pipeline control capacity? If so, why?

Do you think that today's pipeline infrastructure, or electrical distribution infrastructure, or financial infrastructure, or any of the other critical industries that are theoretically vulnerable to cyber attack could function with any vestige of effectiveness on the monumentally obsolete technology that would be immune to such attack? If so, why?

Do you think we should disable critical industries and render them uncompetitive out of fear that the Chinese will disrupt them? How is that different from cutting off our head so the Chinese can't punch us in the nose?

[Dayuhan]

And re this:

Look at the Mandiant report's map of Chinese cyber intrusions (at least those tied to Unit 61398): Russia is untouched. "That's a huge area. . . . I really would wonder why they're after South Africa, the U.A.E. and Singapore but not Russia.

Does that mean that the Chinese are leaving Russia alone, or that Mandant had no data on actions targeting Russia, or that the Chinese have a completely different unit targeting Russia? I certainly wouldn't assume on that basis alone that the Chinese are not targeting the Russians.

[carl]

Yes. Because.

Yes. Because.

Yes. Because.

And, finally...

Yes. Yes. Maybe and oh.

[Dayuhan]

Not very convincing, but not unexpected either.

[AdamG]

Awesome.

Quote:

A US military contractor was allegedly hacked by those associated with the Chinese military. The company reportedly ignored signs of security breaches, allowing hackers to access military technology and classified documents for three years.

QinetiQ North America was attacked by a Shanghai-based hacker group from 2007 to 2010, Bloomberg reported on Thursday. The hacking collective has been coined the “Comment Crew” by security experts.

The company is known for its contributions to national security – including software used by US forces in Afghanistan and the Middle East.

http://rt.com/usa/us-military-chinese-hackers-792/

[carl]

Looks like they are upping the ante inside the beltway. Here is an NYT story reporting that the US gov is directly accusing the Red Chinese military of being behind all the attacks. An interesting aspect of the story is that in addition to stealing things, they figure the Red Army is conducting what might be called pre-strike reconnaissance.

http://www.nytimes.com/2013/05/07/wo..._20130507&_r=0

It would be interesting to see the emails flying back and forth amongst the anointed in DC. It is surprising to me that they are being so direct about this. I wonder if the threat is so great that normal DC timidity is being suppressed.

[AdamG]

Quote:

Chinese hackers who breached Google’s servers several years ago gained access to a sensitive database with years’ worth of information about U.S. surveillance targets, according to current and former government officials.

The breach appears to have been aimed at unearthing the identities of Chinese intelligence operatives in the United States who may have been under surveillance by American law enforcement agencies.

It’s unclear how much the hackers were able to discover. But former U.S. officials familiar with the breach said the Chinese stood to gain valuable intelligence. The database included information about court orders authorizing surveillance — orders that could have signaled active espionage investigations into Chinese agents who maintained e-mail accounts through Google’s Gmail service.

http://www.washingtonpost.com/world/...767_print.html