02/12/13

China Cyber Attack -AGAIN

gAtO tHiNk- about 2½ years ago I was reading about the Glass Dragon and Dillion Beresford ( one of my heroes) was just snooping in China, peeking and poking with a translate button. gAtO tried it and you know what – uscyberlabs.com was born. China may of been working in cyberspace for the last few years but here was proof that their infrastructure is just as shitty as ours is. china-computer-hac_1963116c

Like a gAtO I walked on by in the cyber China firewall and beyond, translated by google most of the time and the number of basic open SCADA and other sites WIDE open. What got me really hfffffiisssss gAtO mAD was that our side was doing squat. Here we where doing security like I did before I retired. Come on 6-8 years and you guys still have that same PIX firewall full of holes, outdated patches and some nameless Chinese Telecom that has installed it’s routers into the US infrastructure, come on dude, that’s not right, who approved that purchase order.

Huawei has been dropping great deal all over the world while we been in 2 major wars, China has been making friends in the Tell-com business and at one point directing 15% of all Internet traffic thru China for almost 1 hour. THAT IS BIG boys and girls.

Today China cyber warfare is no longer just talk, we have accepted it as part of life, because it is. In cyberspace there are no geo-political barriers to figure out. “They have no rules and we do”, so who do you think is going to win..ummmm let me think.// I been preaching cyber offensives solutions for a while now and yes I know the legality of it all. check out China Jinan -PLA – 12 Universities – high Tech Zone – one of the high tech China center 4 warfare – open sites…

From and old cyber hippy if you give it away to the protocol then anyone can collect it. Google, Yahoo, hell most department stores take every click, you make and store it, and dice it, and slice it, data farming -BIG DATA- to see how they can make YOU SPEND MORE MONEY on the WEB—Now if we apply the same rules that business is doing and apply it to the bad guy’s then hay we may have a good security solution. We can even apply the same practices that the bad actors use and use it ourselves. By the time you see me in your logs it’s too damm late, I’m-gAtO oUt

 

03/8/12

China cyber capability puts US forces at risk-report | Reuters

US supply chain could be penetrated by China – report Risk of “catastrophic failure” of US networks cited Congress weighing cybersecurity billsBy Jim WolfWASHINGTON, March 8 Reuters – Chinese cyberwarfare would pose a “genuine risk” to the U.S. military in a conflict, for instance over Taiwan or disputes in the South China Sea, according to a report prepared for the U.S. Congress.Operations against computer networks have become fundamental to Beijings military and national development strategies over the past decade, said the 136-page analysis by Northrop Grumman Corp released on Thursday by the U.S.-China Economic and Security Review Commission.

via China cyber capability puts US forces at risk-report | Reuters.

02/18/12

Joint Chiefs Chair: Chinese Hackers ‘Not Necessarily Hostile

This headline from CNN – “Joint Chiefs Chair: Chinese Hacking Not Necessarily a Hostile Act” – reads like it came from the Onion. But don’t jump into your bunker yet – the reasoning behind this apparently blissfully naive statement by General Martin Dempsey is at least slightly plausible:

Gen. Martin Dempsey, the chairman of the Joint Chiefs of Staff, said he “believe(s) someone in China is hacking into our systems and stealing technology and intellectual property, which at this point is a crime.”

But Dempsey said in testimony to the Senate Armed Services Committee that he cannot attribute the Chinese hacking to China’s military, the People’s Liberation Army (PLA).

Asked by Sen. Lindsey Graham, R-South Carolina, that if it could be proven that the PLA was behind a hacking of the defense infrastructure, whether it would it be considered a “hostile act,” Dempsey said such wasn’t necessarily the case.

Now, you can quibble over the semantics in this. A cyberattack on the United States’ defenses might not come from the Chinese government itself – though one has to wonder how much privacy hackers enjoy, given China’s notoriously censor-happy culture. Moreover, even if a private hacker was good enough to evade the Chinese government’s own crop of cybersecurity experts and bypass our security, it’s fairly obvious that the hacker in question would be able to sell his method for a very high price.

via Joint Chiefs Chair: Chinese Hackers ‘Not Necessarily Hostile’ | TheBlaze.com.

02/17/12

Hacked: How China is stealing Americas business secrets

Sen. John Kerry is fed up with Chinas penchant for looting technology from U.S. businesses — up to $400 billion worth of data each year. When will it stop?POSTED ON FEBRUARY 16, 2012, AT 3:52 PMChinese gamers at an internet cafe: Sen. John Kerry D-Mass. says Chinese hackers are illegally stealing business secrets from American firms. Photo: Imaginechina/Corbis SEE ALL 54 PHOTOSChinese Vice President Xi Jinping, slated to be the next leader of the worlds most populous nation, is getting an earful from U.S. officials over Chinas shady business practices. During Xis first official tour of the U.S. this week, Sen. John Kerry D-Mass. accused a Chinese company of bankrupting a U.S. competitor by ransacking its software. And thats just the tip of the iceberg, alleges Kerry, implicating China in “cyber-attacks, access-to-market issues, espionage [and] theft.” And, indeed, a flurry of recent reports indicate that Chinese hackers, backed by the government, are stealing business secrets from the U.S. Here, a guide:

via Hacked: How China is stealing Americas business secrets – The Week.

02/15/12

Cyber-Spies Intercepted Sensitive Files, Emails From Nortel: Report – Security – News & Reviews – eWeek.com

Attackers breached Nortel and had free rein to spy on its internal network and communications from 2000 to 2009, according to an internal report. As usual, China is the prime suspect.

Chinese hackers allegedly breached telecommunications company Nortel in 2000 and these cyber-spies gained access to reams of sensitive technical documents, as well as internal communications and email, for nearly 10 years, according to a report in The Wall Street Journal.

The attackers, suspected of being based in China, breached the network using stolen credentials and installed spying software deep within the company’s networking environment to gain access to all documents and communications, the Journal reported Feb. 14. The breach appears to date as far back as 2000, Brian Shields, the former senior advisor for systems security at Nortel who led the internal investigation, told the paper.

via Cyber-Spies Intercepted Sensitive Files, Emails From Nortel: Report – Security – News & Reviews – eWeek.com.

02/1/12

McConnell, Chertoff and Lynn: Chinas Cyber Thievery Is National Policy—And Must Be Challenged – WSJ.com

By MIKE MCCONNELL, MICHAEL CHERTOFF AND WILLIAM LYNNOnly three months ago, we would have violated U.S. secrecy laws by sharing what we write here—even though, as a former director of national intelligence, secretary of homeland security, and deputy secretary of defense, we have long known it to be true. The Chinese government has a national policy of economic espionage in cyberspace. In fact, the Chinese are the worlds most active and persistent practitioners of cyber espionage today.Evidence of Chinas economically devastating theft of proprietary technologies and other intellectual property from U.S. companies is growing. Only in October 2011 were details declassified in a report to Congress by the Office of the National Counterintelligence Executive. Each of us has been speaking publicly for years about the ability of cyber terrorists to cripple our critical infrastructure, including financial networks and the power grid. Now this report finally reveals what we couldnt say before: The threat of economic cyber espionage looms even more ominously.

via McConnell, Chertoff and Lynn: Chinas Cyber Thievery Is National Policy—And Must Be Challenged – WSJ.com.

01/16/12

PLA “Online Blue Army” gets ready for cyber warfare

Defense Ministry spokesman Geng Yansheng hosts the ministry’s second regular press conference in Beijing, May 25, 2011. [Photo/China Daily, mod.gov.cn]

The People’s Liberation Army (PLA) confirmed in May 2011 that it has established an “Online Blue Army” to improve China’s defense capability and ensure the security of the country’s military network. The announcement drew close attention from military watchers and experts worldwide.

Zhang Shaozhong, a military expert and a professor from PLA National Defense University, told the People’s Daily that China is increasingly dependent on the Internet, but makes no domestic root servers, and various other types of software and Internet hardware are U.S. made. In this sense, China can be described as merely a computer user with a fairly fragile Internet security system. These are circumstances that cry out for the build up of Internet security forces.

Throughout 2010, 480,000 Trojans viruses and 13,782 Zombie viruses were detected, with 221,000 Trojan and 6,531 Zombie remote control clients found to originate in foreign countries.

via PLA “Online Blue Army” gets ready for cyber warfare – Headlines, features, photo and videos from ecns.cn.

10/21/11

China’s Cyber Militia

There’s been an interesting new development in China’s use of cyber space as an element in its intelligence and security operations. The People’s Liberation Army (PLA) is reportedly funding a vast complex of part-time cyber-devotees to supplement and compliment the official structure of cyber interception and invasion.

Equally as interesting is the willingness of the Chinese authorities to allow the publication of this fact. The first official recognition of this program occurred in one chosen hi-tech factory in 2002. According to an official PLA publication, there are now thousands of such units around the country. Obviously the proliferation was considered too great to hide.

via The American Spectator : China’s Cyber Militia.

09/7/11

Chinese researchers finished the “AK47”of cyber warfare

I got this bit of information sent to my web mail for this site..from tiger.autumn@chinamail.com. Thank you Tiger Autumn, this is what the Chinese are doing and for some reason want me to spread the news of their capabilities so here it is hope this helps.uscyberlabs - el gatoMalo

The researchers from Department of Computer Science ,Shanghai Jiaotong University have developped the high performance simulation machine for cyber warfare . It is a highly cost-effective simulation machine with 10 Gigabit throughput. It can shoot more than 14 million per second HTTP requests or more than 14 million per second DNS queries.

This machine has a variety of operation mode, can shoot flood-type network flow to single or multiple targets, It will crackdown the target system crash in the tens of seconds , because the external request is over the ability of targets , cause the target system crashed and have to interrupt the service. Especially for the DNS server in the central of internet it can shoot the flood-type request to crackdown the DNS server crashed, cause the whole network of one target country can’t be accessed .

The simulation machine is simple, easy development and maintenance , updates quickly, especially with a lower price. Compared foreign products which has the the same performance this simulation machine has more cost-effective advantage, it is called “AK47”of cyber warfare by the china researchers . It can be widely equipped for China network operation team , so it will help china network operation team occupy a advantage position in the future of cyber warfare.

Perfect Storm 2012

Product Briefing:

One Multi-Core Embedded CPU

8 GB MEMORY

Two 10Gbps Ethernet SPF+ Socket

Two GbE SPF Socket

For interconnect for system management and Cluster

4Gb Compact Flash Card

For Boot Image and Save data Record

Two SATA-II sockets

1U Box

Performance Indicators:

10 Gbps throughput

14M pps TCP Concurrent Connection

14M pps HTTP GET or POST Concurrent requests

14M pps DNS UDP Concurrent query requests

14M simulation IP address or every IP address with 60000 ports

Support IP v4 and IP v6

Release Date?September , 30 , 2012 in ShangHai , China 

08/22/11

Pentagon Worried About Chinese Hackers – Softpedia

Every year, the annual report on China’s military power that the Pentagon presents before the U.S. Congress is met with criticism by the Asian country, and every year the US say that they are worried by the advancement level the rival power has achieved. That’s the backbone of what has been going on, the meat on the bones is, however, changed every year with various details.

via Pentagon Worried About Chinese Hackers – Softpedia.