Chinese hackers: No site is safe

Chinese hackers: No site is safe

www.cnn.com

ZHOUSHAN, China (CNN) -- They operate from a bare apartment on a Chinese island. They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world's most sensitive sites, including the Pentagon.

The leader of these Chinese hackers says there "is always a weakness" on networks that allows cyber break-ins.
1 of 2

In fact, they say they are sometimes paid secretly by the Chinese government -- a claim the Beijing government denies.

"No Web site is one hundred percent safe. There are Web sites with high-level security, but there is always a weakness," says Xiao Chen, the leader of this group.

(visit the link for the full news article)

they are getting more brazen with this hacking stuff...

www.cnn.com
(visit the link for the full news article)

And they claimed that the U.S. Defense Department was hacked.

I wonder if the Chinese hacker can be charged thru Extradition just like what they did to Gary McKinnon.

lol. Anyone can get into any site they wish... hacking isn't complex in the slightest. It's extremely simple.

Getting away with it is the hard part... though, when you're in a totally different country from your target, it gets much easier.

Am I innocent of it myself? No. Not in the least. I have my history back when I was younger... back when the network was allot more simplified, and the notion of hacking involved simply making contact with a dial up recipient server who was unaware you had their number.


Today, sure, there are firewalls, mirrors, and a whole slew of security measures that do nothing more than keep children out... those who are determined to bypass your security WILL.

Hate to break it to you, but the internet is far from anonymous, or secure.


Luckily for the end user, nobody cares about you enough to try to hack you. Whats the point of going after the individual civilians computer when there are bigger challenges to conquer!


The fact that a few Chinese are capable of doing the same thing the rest of us can can means nothing.


There are far more hacker networks in the States who post a MUCH BIGGER threat to national security, than any small group of Chinese can.


So all in all... the whole "Oh no the Chinese are hacking" crap is simply a way for the media to make us fear the Chinese.... when it's your own people you should REALLY be afraid of.

reply to post by johnsky


Good post.

And true.

www.theregister.co.uk...
This is first time i've heard someone say that the hacking is more serious than the Pentagon wants to say.

A network intrusion at the Pentagon nine months ago resulted in the theft of an "amazing amount of data" that continues to pose a threat to national security, the CIO of the Defense Department said earlier this week.

"This was a very bad day," Dennis Clem, who is also CIO of the Office of the Secretary of Defense, said during a panel discussion at the Information Processing Interagency Conference. "We don't know when they'll use the information they stole, [which was] an amazing amount." The pilfered data included processes and procedures that will be valuable to US enemies, he said, according to an article by Government Executive.

Over the course of two months leading up to the attack, malicious code infiltrated several systems belonging to the Pentagon's network and culminated in an exploit of a known Microsoft Windows vulnerability, Clem said. That allowed attackers to send spoofed emails that appeared to come from Pentagon personnel in Clem's division.

Somehow, the emails managed to steal login credentials for the network, according to this article from Federal Computer Week. Network forensics show the hackers were able to access sensitive information, which they encrypted as they transmitted it back to their sites.

Clem's statements are just a tad more telling than those of US Secretary of Defense Robert Gates when first disclosing the June 2007 breach to reporters. "There will be some administrative disruptions and personal inconveniences," he said at the time. "It will come as no surprise that we aggressively monitor intrusions and have appropriate procedures to address events of this kind."

Clem didn't identify the attackers, but according to some published reports, government investigators believe the the breach originated in China. It took three weeks and $4m to clean up the mess.

www.strategypage.com...
This is the first time i've heard about the Pentagon wanting to go on the attack against hackers.

The Department of Defense believes that China has the most powerful Cyber War capabilities on the planet. That means the Chinese can shut down just about any site they target, and penetrate most as well. Currently, Department of Defense computers are subjected to 70,000 Internet based attacks a day. Nearly all are repulsed, but only a few have to get through to do damage.


The Department of Defense is again asking for the authority to respond to these attacks. Not just with more robust defenses, but with offensive action. China insists that this is already going on, although they don't provide any details. It's believed that Chinese commercial and government networks, which tend to have weaker defenses than those in the West, are getting hammered by criminal hacking gangs.



The Department of Defense has been asking for permission to act more aggressively against these Cyber War attacks, but there is a reluctance to risk legal and diplomatic blowback from such operations. That is not to say that such permission will not be given, just that if it is granted, it will be a secret directive. Such an operation would eventually be revealed, but by then there might be some good news to offset the inevitable criticism.

Why can't they just make a special internet network ONLY for the DoD? Completely PHYSICALLY seperated from the real internet?

That's the only way they'll get past hackers.

Originally posted by C0bzz
Why can't they just make a special internet network ONLY for the DoD? Completely PHYSICALLY seperated from the real internet?

That's the only way they'll get past hackers.

Incompetence.

When the White House Aide in charge of informing Bush himself of internet related information can't seem to get past the idea that the "Internet is not a big truck" it becomes clear why they don't simply separate the internet from the DOD network.

Somehow, the emails managed to steal login credentials for the network, according to this article from Federal Computer Week. Network forensics show the hackers were able to access sensitive information, which they encrypted as they transmitted it back to their sites.

[The above was from a news source.]

It's not "somehow"... if you're acquiring information by e-mailing people, you are in effect social hacking.
This requires the recipient to be fooled into believing that their superiors are actually the ones requesting their sensitive information.

The fact that members of the government are dumb enough not to correlate the sender with their actual superiors just shows the lack of discipline that exists within the US government.

It also tells me that I can call up certain government bodies and easily fool them into doing whatever I like them to. (No, I'm not going to... but it would be funny as hell.)

Social hacking, look it up. It's an exploitation of a persons belief that you are someone other than who you say you are.

Originally posted by johnsky
There are far more hacker networks in the States who post a MUCH BIGGER threat to national security, than any small group of Chinese can.

I think you are very wrong about this. It doesnt matter what nationality people are, the knowledge required to hack is all over the Internet and/or in books you can buy anywhere. Anyone intelligent and dedicated wont have any problems.

I see no reason why American hackers would be better than anyone else.

Originally posted by C0bzz
Why can't they just make a special internet network ONLY for the DoD? Completely PHYSICALLY seperated from the real internet?

That's the only way they'll get past hackers.

You'll get hackers wherever you have systems which can be manipulated

We had them in 1958 and we'll have them in 2058. If people put security ahead of profits things * might* be different

Originally posted by johnsky
lol. Anyone can get into any site they wish... hacking isn't complex in the slightest. It's extremely simple.

Hacking is not what they are doing. They are cracking. In this day and age hacking/cracking isn't exactly "simple" unless you are raised learning multiple computer languages as your second language to english.

At 18, I looked into learned different computer languages, and let me just say...wow. But the fact is that it is like any other language. I can't learn spanish now if I wanted too. When you are young it is alot easier to learn a language or two. Learned a computer language is FAR from easy.

It is possibly simple to somebody who already knows all the computer languages being used, but then like you said, they have to get away with it, which is even more difficult.

You have to have a natural ability to learn languages and such to even get into computer hacking/cracking. My point is that it isn't simple to hack/crack, simply because you have to learn the languages, then know what you are doing with it. Thats the hardest part to learn. Then you have to go undetected in cracking, which is even harder.

just a thought,the fact that the chinese language has over 3000 characters one must learn to master the language may gift those who learn chinese with an inherent ability to learn other langauges such as computer code.

Please excuse my ignorance but it seems like pure propoganda from an outsiders point of view. I'm sure the U.S is just as guilty when it comes to hacking other countries' networks and the like. I mean the NSA, FBI etc will have just as advanced hackers after other Governments secret data? It will just be another cat and mouse game IMO.