Are we Cyber-weaklings? For the last 10 years China has gone Cyber attack Crazy. China is the United States’ biggest creditor and our second largest (behind Canada) trade partner. China’s massive human rights violations, however, are a continuing reminder that the Communist-ruled “Middle Kingdom” is far from attaining the reformed status that is often wrongly bestowed upon it by journalists, politicians, and business leaders eager to exploit the China market. Another reminder comes in the form of China’s aggressive espionage and cyber attacks.
Meanwhile China has cyber attacked Military, Civil and private sectors all over the world. And we are not doing anything about it because the got us by the short hair. China has been taking in money from it’s manufacturing and seeding the world with that money. While they attack everyone via cyberspace.
gAtOmAlO sAy's -- i LoVe mOuSeS tO PiEcEs -
Lockheed got cracked and not even a slap on the wrist. Were is the backlash for China? As I was researching China’s hacks in the last 10 years. I was blown away. Below is just an example of some of the attacks. Why? Why? Why? Why does the US do nothing? Why do these heavy military players have such lousy security? Why after Lockheed got hit did we give them a lucrative contract to secure our power grid? These are some of the questions that go around in my head till it hurts. Beside the military they’re going after the political arms of these entity’s. And still no response that makes sense to me.
Countries that China has Attacked
China Cyber Hackers has gone after the U.S, India, Japan, S.Korea, the UK, Gremany, Australia, France, Canada, Lantin America, New Zealand, Netherlands, Belgium, Poland, Russia, Sweden, Nepal, Sri Lanka, Taiwan, Tibet, Pakistan, Bangladesh, Iran, Latvia
China Cyber Offensives
Byzantine Hades, GhostNet, Honker Union, Titan Rain, Operation Aurora, The Dark Visitor, Red Hacker Alliance, Vulcanbot, Lockheed Martin’s F-35 program, State Department’s East Asia Bureau, Offices of Rep. Frank Wolf, Commerce Department, Naval War College, Commerce Secretary Carlos Gutierrez and the 2003 blackout, McCain and Obama presidential campaigns, Office of Sen. Bill Nelson, D-FL, Epsilon’s email address databreach, Operation Shady RAT,
Larry Wu-Tai Chin, Katrina Leung, Peter Lee, Chi Mak, Ko-Suen “Bill” Moo, Shanshan Du, Yu Qin,
According to U.S. investigators, China has stolen terabytes of sensitive data — from usernames and passwords for State Department computers to designs for multi-billion dollar weapons systems. And Chinese hackers show no signs of letting up. “The attacks coming out of China are not only continuing, they are accelerating,” says Alan Paller, director of research at information-security training group SANS Institute in Washington, DC.
|A Wall Street Journal article in 2009 reported:Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven’t sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.”The Chinese have attempted to map our infrastructure, such as the electrical grid,” said a senior intelligence official. “So have the Russians.”The espionage appeared pervasive across the U.S. and doesn’t target a particular company or region, said a former Department of Homeland Security official. “There are intrusions, and they are growing,” the former official said, referring to electrical systems.
“There were a lot last year.”
Attackers using several locations in China have leveraged C&C servers on purchased hosted services in the United States and compromised servers in the Netherlands to wage attacks against global oil, gas, and petrochemical companies, as well as individuals and executives in Kazakhstan, Taiwan, Greece, and the United States to acquire proprietary and highly confidential information. The primary operational technique used by the attackers comprised a variety of hacker tools, including privately developed and customized RAT tools that provided complete remote administration capabilities to the attacker. RATs provide functions similar to Citrix or Microsoft Windows Terminal Services, allowing a remote individual to completely control the affected system.
|Starting in November 2009, coordinated covert and targeted cyberattacks have been conducted against global oil, energy, and petrochemical companies. These attacks have involved social engineering, spear-phishing attacks, exploitation of Microsoft Windows operating systems vulnerabilities, Microsoft Active Directory compromises, and the use of remote administration tools (RATs) in targeting and harvesting sensitive competitive proprietary operations and project-financing information with regard to oil and gas field bids and operations. We have identified the tools, techniques, and network activities used in these continuing attacks-which we have dubbed Night Dragon-as originating primarily in China.Some of China’s Hacks
1) Titan Rain
In 2004, an analyst named Shawn Carpenter at Sandia National Laboratories traced the origins of a massive cyber espionage ring back to a team of government sponsored researchers in Guangdong Province in China. The hackers, code named by the FBI “Titan Rain,” stole massive amounts of information from military labs, NASA, the World Bank, and others. Rather than being rewarded, Carpenter was fired and investigated after revealing his findings to the FBI, because hacking foreign computers is illegal under U.S. law. He later sued and was awarded more than $3 million. The FBI renamed Titan Rain and classified the new name. The group is still assumed to be operating.
2) State Department’s East Asia Bureau
In July 2006, the State Department admitted it had become a victim of cyber hacking after an official in “East Asia” accidentally opened an email he shouldn’t have. The attackers worked their way around the system, breaking into computers at U.S. embassies all over the region and then eventually penetrating systems in Washington as well.
3) Offices of Rep. Frank Wolf
Wolf has been one of the most outspoken lawmakers on Chinese human rights issues, so it was of little surprise when he announced that in August 2006 that his office computers had been compromised and that he suspected the Chinese government. Wolf also reported that similar attacks had compromised the systems of several other congressmen and the office of the House Foreign Affairs Committee.
4) Commerce Department
The Commerce Department’s Bureau of Industry and Security had to throw away all of its computers in October 2006, paralyzing the bureau for more than a month due to targeted attacks originating from China. BIS is where export licenses for technology items to countries like China are issued.
5) Naval War College
In December 2006, the Naval War College in Rhode Island had to take all of its computer systems offline for weeks following a major cyber attack. One professor at the school told his students that the Chinese had brought down the system. The Naval War College is where much military strategy against China is developed.
6) Commerce Secretary Carlos Gutierrez and the 2003 blackout?
A National Journal article revealed that spying software meant to clandestinely steal personal data was found on the devices of then Commerce Secretary Carlos Gutierrez and several other officials following a trade mission to China in December 2007. That same article reported that intelligence officials traced the causes of the massive 2003 northeast blackout back to the PLA, but some analysts question the connection.
7) McCain and Obama presidential campaigns
That’s right, both the campaigns of then Senators Barack Obama and John McCain were completely invaded by cyber spies in August 2008. The Secret Service forced all campaign senior staff to replace their Blackberries and laptops. The hackers were looking for policy data as a way to predict the positions of the future winner. Senior campaign staffers have acknowledged that the Chinese government contacted one campaign and referred to information that could only have been gained from the theft.
8) Office of Sen. Bill Nelson, D-FL
At a March 2009 hearing, Nelson revealed that his office computers had been hacked three separate times and his aide confirmed that the attacks had been traced back to China. The targets of the attacks were Nelson’s foreign-policy aide, his legislative director, and a former NASA advisor.
In March, 2009, researchers inToronto concluded a 10-month investigation that revealed a massive cyber espionage ring they called Ghostnet that had penetrated more than 1,200 systems in 103 countries. The victims were foreign embassies, NGOs, news media institutions, foreign affairs ministries, and international organizations. Almost all Tibet-related organizations had been compromised, including the offices of the Dalai Lama. The attacks used Chinese malware and came from Beijing.
10) Lockheed Martin’s F-35 program
In April, 2009, the Wall Street Journal reported that China was suspected of being behind a major theft of data from Lockheed Martin’s F-35 fighter program, the most advanced airplane ever designed. Multiple infiltrations of the F-35 program apparently went on for years.
My 2© cents – gatoMalo_at_uscyberlabs_dot_com