Category Archives: China Cyber Warfare

03/27/12

Huawei Spying on Customer

Huawei - Mitt Romney's Bain Capital sold out 3Com to the Chinese

gAtO wRoTe - about the Chinese company Huawei (Shenzhen, China-based company) a long time ago with it’s ties to Rick Perry the governor of Texas and ex-Presidential bid and Mitt Romney’s company Bain Capital that sold out 3Com and sold our national secrets to them. Now it finally falls on Australia to take the first step WHEN electoral fortunes are fading a good “reds under the beds” story can boost political stocks, but the row about Chinese telecommunications equipment supplier Huawei being barred from supplying equipment to the National Broadband Network puts a new twist on an old tactic. Generally it’s the Right that beats the red peril drum. Here in Australia it’s a Labor government claiming the NBN is too vital a piece of national infrastructure to be put at risk by buying equipment from China.

Huawei, which is second only to Sweden’s Ericsson in telecom equipment sales, was blocked on Monday from bidding on a $36 billion Australian national broadband contract. Security firm Symantec (SYMC, Fortune 500) ended in November because of Symantec’s concerns that its relationship with Huawei would prevent it from getting a sensitive U.S. government security contract.

Will this be the tipping point were we America stands up and see’s pass the profits and starts with looking at our nations cyber security survival. We hear that DHS and NSA and everyone is pushing for dollars $$ to fix our infrastructure but when will we start to stop the Chinese from stealing our intellectual capital that has made America great. Politicians need to take a look at what is the real problem like Rick Perry allowing dozens of Chinese companies to set up shop in Texas and claiming that they have such a great employment record at the cost of our national security.

gAtO is sad that we see the veterans of our great country without a job when we could be investing in Cyber Security training our young veterans in this field. Veterans have vital experience but as gAtO has found out personally the VA has a problem with allowing our veterans to get an education in this vital field of Internet Security. I like China don’t get me wrong and some of the accusation about China I suspect is nothing more that a scare tactic to get funding for political pet project. But if we start to training our veterans and anyone who wants this training we will not lose the cyber war- gAtO oUt 

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
01/4/12

China U.S. Cyber War Coming

China U.S. Cyber War Coming

gAtO sAy -the lack of trust between Washington and Beijing looks only likely to grow. Stuxnet was the first real Cyber Weapon that has been deployed by a nation/state actors and if you think that China does not see the threat, we all need to wake up. Just a few months ago the U.S made public (announced to the world) that their SCADA software (Sunway) has a number of security holes. They could of mentioned it quietly and confidential. This was a slap in the face to the Chinese, at the height of Lulz-Anonymous hackings.

gAtOmAlO - China U.S. Cyber War

Now if you were China and you know that America and/or Isreal created Stuxnet, and now they have the son of Stuxnet “the DuQu virus”(2nd generation)  and we told them that their SCADA is full of holes wouldn’t you start to beat your chess and bang the drums of cyber warfare, screaming saying every one is hacking China too.(True the U.S alone is conducting cyber testing of weapons every day)

Let look at this Cyber Warfare thingy.

Offense and defense in cyber war have distinct characteristics, and they change frequently. Offensive technologies include computer viruses, DDoS (type), EMP bombs, microwave bombs, and computer and microchip backdoors.  For defense, there are network scanners, network wiretapping devices, password breaking devices, electromagnetic detectors and firewalls, and anti-virus software. IMHO -Let me throw these few things out-

https://chinacyberwarfare.wordpress.com/

**__“China also need us as a consumer of their exports, as we are the biggest single market in the world.” — This statement is not really true anymore__**

This is were Americans are dead wrong, it used to be that way but as other countries like the BRIC countries have been growing they themselves have produced what “Mr Henry Ford” did create a middle class that can buy it’s own goods and service. As your people come out of the plow and into a smartphone working at the Apple I-Pad factory they learn, more and more. The Chinese are getting tried of being the cheap labor market and the corruption of the communist party to embrace capitalism is changing their minds quickly.

The sad facts are that while we (America) have been at war for the last 10 years China has been building business relations with every country it can. Money talks and they have made some solid moves. Take the biggest IPO this coming year “FACEBOOK” China has band Facebook from China but they are making a big deal in buying Facebook stocks with Glodman S. The US is looking into this and trying to stall it but, when they buy a let’s say 10% share then they will make Facebook available to the Chinese and WAMO add 50-100 million onto Facebook and that stock will be golden.

As to the all the hacking that China has done last year alone we cannot do a thing, not because we can’t but the relationship that we have with China is economics and they got us by the short hair there.

I compiled this bit of info that may open eyes— United States-China Economic and Security Review Commission

https://chinacyberwarfare.wordpress.com/2011/09/14/united-states-china-economic-and-security-review-commission-2/

We threw China a message a while back by exposing the weak links in their SCADA systems:

https://chinacyberwarfare.wordpress.com/2011/07/24/critical-infrastructure-vulnerable-to-holes-in-chinese-scada-software-threatpost/

And let’s not forget one of my Hero of 2011 Dillon Beresford – he took on CHina and found out that they were wide open. I followed and verified some of his findings and found even more open doors. You see the culture in China is all about saving face. You may of done bad work but when your boss disgraces you, you move and fix the problem, at least you think you fixed it, the pool of educated security people in CHina is low that they can’t,  so their defenses are down today.

https://chinacyberwarfare.wordpress.com/2011/07/30/glass-dragon-chinas-cyber-offense-obscures-woeful-defense-threatpost-2/

- China and the US will be at war in 2012 just how bad it’s going to get— will see.  That’s my 2 cents

gAtO tHiNk – China and Russia will use Iran as a proxy to get what they want and in so doing it they will train and arm Iranian with the needed infusion of technology and education. They do have oil and especially China needs it to make sure of it’s growing economy.

Let me add N. Korea to this mix because of the close ties with China. In N.Korea the new leader the son of the father will have to show the world where he stands as a show of power. Better yet if Obama get’s N. Korea to open up a bit it would be a political move that could help him in the elections this year. Kin Jr. could open N. Korea to the world and make it better for it’s people or they could take the hard line with China support. The could be another proxy for China or Russia.

Both Iran and N. Korea claim of a new super cyber army recently and that was a message to the world, cyber warfare will come – ready or not… gAtO oUt -

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
09/7/11

Chinese researchers finished the “AK47”of cyber warfare

I got this bit of information sent to my web mail for this site..from tiger.autumn@chinamail.com. Thank you Tiger Autumn, this is what the Chinese are doing and for some reason want me to spread the news of their capabilities so here it is hope this helps.uscyberlabs - el gatoMalo

The researchers from Department of Computer Science ,Shanghai Jiaotong University have developped the high performance simulation machine for cyber warfare . It is a highly cost-effective simulation machine with 10 Gigabit throughput. It can shoot more than 14 million per second HTTP requests or more than 14 million per second DNS queries.

This machine has a variety of operation mode, can shoot flood-type network flow to single or multiple targets, It will crackdown the target system crash in the tens of seconds , because the external request is over the ability of targets , cause the target system crashed and have to interrupt the service. Especially for the DNS server in the central of internet it can shoot the flood-type request to crackdown the DNS server crashed, cause the whole network of one target country can’t be accessed .

The simulation machine is simple, easy development and maintenance , updates quickly, especially with a lower price. Compared foreign products which has the the same performance this simulation machine has more cost-effective advantage, it is called “AK47”of cyber warfare by the china researchers . It can be widely equipped for China network operation team , so it will help china network operation team occupy a advantage position in the future of cyber warfare.

Perfect Storm 2012

Product Briefing:

One Multi-Core Embedded CPU

8 GB MEMORY

Two 10Gbps Ethernet SPF+ Socket

Two GbE SPF Socket

For interconnect for system management and Cluster

4Gb Compact Flash Card

For Boot Image and Save data Record

Two SATA-II sockets

1U Box

Performance Indicators:

10 Gbps throughput

14M pps TCP Concurrent Connection

14M pps HTTP GET or POST Concurrent requests

14M pps DNS UDP Concurrent query requests

14M simulation IP address or every IP address with 60000 ports

Support IP v4 and IP v6

Release Date?September , 30 , 2012 in ShangHai , China 

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
08/10/11

Politico’s Playing The Fiddle While Cyber America Burns Down

China Prepares for Cyber Warfare- The Ministry of National Defense (MND) looks like the main leaders of China’s cyber warfare C&C. “The Executive Yuan has made tremendous efforts in beefing up government units’ ability to counter cyber-attacks,” said Wang Te-pen (???), a major general at the MND’s Communications and Information Security Department told at a regular briefing yesterday in Taipei.” Under the supervision of the Executive Yuan, Wang said the MND also fortified its anti-online infiltration capacity.

Of course this tough guy attitude from China comes after McAfee opened the “Shady Rat Attack” report. As they say everyone was attacked except China. I know their needs to be a MAC address and a TCP/IP and geo-location but as I track China for my Timeline it’s clear the Chinese did it. As I wrote previously we knew China was doing this 4 years ago and now it becomes real why now. We could have prevented trillion of dollars in Intellectual property alone if we would have done something 4 years ago. Would of, Should off, Could off and the list goes on as our cyber national security goes down in flames because our representatives don’t have to courage to lead and stop following.

From the Chinese point of view they saw our political infighting and with all the T-Bills they have and a -273% trade deficit with America. Why wouldn’t China be bold right now and take what they want. Our leaders are stuck in this infighting it’s like “Nero playing the fiddle while Rome burned down”. We have the power Net-Citizens to change all this. Get the twitter accounts and Facebook connections out and VOTE. Let’s become leaders of the free world again. Let’s make the hard choice because cyberspace is here to stay we can’t let the threats outweigh the freedoms.

Read More ..>

 

http://www.chinapost.com.tw/taiwan/local/taipei/2011/08/05/312335/MND-closely.htm

 

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
08/5/11

APT Attackers Used Chinese-Authored Hacker Tool To Hide Their Tracks

Separate APT research efforts detail ongoing ‘Operation Shady RAT’ cyberespionage attacks.

BLACK HAT USA 2011 — Las Vegas — The advanced persistent threat (APT) attackers behind the newly revealed Operation Shady RAT also deployed a tool called HTran that helps disguise their location.

Joe Stewart, director of malware research for Dell SecureWorks’ counter threat unit research team, has been studying some 60 different families of malware used by APT attackers in their cyberespionage attacks. He recently discovered a pattern in which many of these attackers use HTran, written 10 years ago by a Chinese hacker, to hide their whereabouts. Stewart, who published research on the tool’s use today in APT malware, says the Operation Shady RAT attackers are among those who use the tool for camouflaging purposes.

Read More..> http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/231300171/apt-attackers-used-chinese-authored-hacker-tool-to-hide-their-tracks.html

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
08/4/11

We Fumble the Largest Cyberattack?

It’s looking like the world’s biggest cyberattack, and also like it’s been transpiring under our noses. That’s according to a report released today by security firm McAfee detailing the company’s investigation of massive intrusions into over 70 international companies, including governments and non-profit organizations, which occurred within the last five years.

Forget hacktivist groups like LulzSec and Anonymous—rank amateurs by comparison, implies the McAfee report.

“Lately, with the rash of revelations about attacks on organizations such as RSA, Lockheed Martin, Sony, PBS, and others, I have been asked by surprised reporters and customers whether the rate of intrusions is increasing and if it is a new phenomenon,” writes the report’s author, McAfee vice president of threat research Dmitri Alperovitch, who finds the question “ironic because these types of exploitations have occurred relentlessly for at least a half decade” and calls information leaked over the past six months the “result of relatively unsophisticated and opportunistic exploitations for the sake of notoriety by loosely organized political hacktivist groups such as Anonymous and Lulzsec.”

By comparison, says Alperovitch, the attacks McAfee’s been investigating “are much more insidious and occur largely without public disclosures.” Ergo McAfee’s frightening security dump this morning.

“With the goal of raising the level of public awareness today we are publishing the most comprehensive analysis ever revealed of victim profiles from a five year targeted operation by one specific actor?—?Operation Shady RAT, as I have named it at McAfee (RAT is a common acronym in the industry which stands for Remote Access Tool),” says Alpervotich in the report.

The perp? Unnamed, though China comes to mind with all the stories in recent months alleging the country’s been involved in clandestine, state-sponsored cyber-warfare (that last term’s debatable, of course). In any event, Alperovitch says the guilty party is singular, as in “one specific operation conducted by a single actor/group,” and while he’s careful not to jump to conclusions, he suggests “a state actor behind the intrusions.”

How do we know any of this? Alperovitch says McAfee “gained access to one specific Command & Control server used by the intruders,” and began gathering log-based evidence in mid-2006 (though noting the attacks could have begun earlier). The attacks were conducted using spear-phishing techniques (targeted deployment of malware), after which hackers used the resultant security holes to escalate privileges and seize “petabytes” of data.

While Alperovitch says he doesn’t want to identify specific victims (from the total 72), he does outline general infrastructure compromised, including government agencies in the U.S., Canada, South Korea, Vietnam, Taiwan, the United Nations and India, as well as various industries ranging from construction outfits and electronics firms to defense contractors, real estate agencies and “international sports.”

“I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact,” said Alperovitch. “In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know.”
Read more: http://techland.time.com/2011/08/03/did-we-fumble-the-worlds-largest-cyberattack/#ixzz1U4JyEokR

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
07/16/11

China Hack Timeline -2011 | USCyberLabs.Com

USCyberLabs -CHina Cyber Timeline 1994 -2011 ….—

2011

uscyberlabs
  • January 14- U.S. warns on China cyber, anti-satellite capability -“Advances by China’s military in cyber and anti-satellite warfare technology could challenge the ability of U.S. forces to operate in the Pacific, U.S. Defense Secretary Robert Gates said on Friday during a visit to Japan.
  • February 4- China Attacks British Government Computers – William Hague told a security conference in Munich that the FO repelled the attack last month from “a hostile state intelligence agency”. Although the foreign secretary did not name the country behind the attacks, intelligence sources familiar with the incidents made it clear he was referring to China. The sources did not want to be identified because of the sensitive nature of the issue.
  • February 17- Journalists Under Online Attack, in China and Beyond – In March, Andrew Jacobs, a correspondent working for The New York Times in Beijing, peered for the first time into the obscure corners of his Yahoo e-mail account settings. Under the “mail forwarding” tab was an e-mail address he had never seen before. That other e-mail address had been receiving copies of all of his incoming e-mails for months. His account had been hacked.
  • March 10- Spy chief: China’s cyber abilities worry U.S.-WASHINGTON — China’s growing capabilities in cyber-warfare and intelligence gathering are a “formidable concern” to the United States, the top U.S. intelligence official told a Senate panel Thursday.
  • April 5- Spying on Computer Spies Traces Data Theft to China – The Toronto spy hunters not only learned what kinds of material had been stolen, but were able to see some of the documents, including classified assessments about security in several Indian states, and confidential embassy documents about India’s relationships in West Africa, Russia and the Middle East. The intruders breached the systems of independent analysts, taking reports on several Indian missile systems. They also obtained a year’s worth of the Dalai Lama’s personal e-mail messages.
  • April 19- Rio, BHP, Fortescue Hit by China Computer Hackers, ABC Reports – Rio Tinto Group faced cyber attacks from China at about the time of the arrest of four executives in the country, while BHP Billiton Ltd. and Fortescue Metals Group Ltd. have also been hit, Australian Broadcasting Corp. reported.
  • April 29- Glass Dragon: China’s Cyber Offensive Obscures Woeful Defense. Kaspersky Labs’ Threat Post reports thatChina’s online defenses have failed to keep pace with its widely hyped offensive capabilities: For the last 18 months, Dillon Beresford, a security researcher with testing firm NSS Labs and divorced father of one, has spent up to seven hours a day of his spare time crawling the networks of China’s state and provincial governments, as well as stealthier networks belonging to the PLA and the country’s top universities. Armed with free tools like Metasploit and Netcat, as well as Google Translate, he’s pulled back the curtains on the state of cyber security in China. What he’s discovered may come as a surprise to many U.S. policymakers and Pentagon officials.
  • March 19- EMC –RSA - In an open letter, RSA executive chairman Art Coviello revealed that the information was stolen via an APT (advanced persistent threat) attack. “While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, [it] could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack,” he wrote.
  • May 7- China’s Spying Seeks Secrets US Info - China is ramping up espionage efforts in the United States. One key component of their strategy is to recruit U.S. citizens to join clandestine defense organizations and pass along information to Chinese handlers. From the Associated Press: He had been a seemingly all-American, clean-cut guy: No criminal record. Engaged to be married. A job teaching English overseas. In letters to the judge, loved ones described the 29-year-old Midwesterner as honest and caring—a good citizen. His fiancée called him “Mr. Patriot.”
  • May 25- China Confirms Existence of Elite Cyber-Warfare Outfit the ‘Blue Army’ China set up a specialized online “Blue Army” unit that it claims will protect the People’s Liberation Army from outside attacks, prompting fears that the crack team was being used to infiltrate foreign governments’ systems.
  • May 30- China’s cyber squad is for defense – Blue Army -At a rare briefing, China’s defense ministry spokesman, Geng Yansheng, announced that the 30-strong team was formed to improve the military’s security, the Beijing News reported Thursday.
  • May 5- Lockheed Martin – the largest provider of IT services to the U.S. government and military, suffered a network intrusion stemming from data stolen pertaining to RSA. It seems that the cyber-thieves managed to compromise the algorithm used by RSA to generate security keys. RSA will have to replace the SecurID tokens of more than 40 million customers around the world, including some of the world’s biggest companies.
  • May 19- Norwegian Military – The attack happened when 100 senior military personnel received an email in Norwegian with an attachment. The attached file was in reality a Trojan designed to steal information. At least one person opened the attachment, but the attack was a failure and no data was lost.
  • May- Citigroup – revealed that information for more than 360,000 U.S. credit card accounts had been compromised by a website hack. The worst thing about this attack is the fact that the data thieves did not even have to hack a server,
  • June 22- China Restricts Popular Report-a-Bribe Websites – Chen’s website — http://www.ibribery.com — drew 200,000 unique visitors in two weeks. Its anonymous posts wrote about bribing everybody: officials who demanded luxury cars and villas to police officers who needed inducements not to issue traffic tickets. Some ousted doctors receiving cash under the table to ensure safe surgical procedures. Mainstream media spread word about the site, amplifying the outrage among netizens.
  • June- IMF – said it had been targeted by a sophisticated cyber-attack for months, even though the organization has made no public statement about the motivation behind it. The nature of the information stored by the institution would seem to indicate that this was a targeted attack
  • June – European Space Agency – hacked into and a lot of information was stolen and made public. This data included user names, FTP accounts and even FTP login details stored… in plain text files!
Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit