http://www.abc.net.au/news/2013-05-29/reports-chinese-hackers-targeted-us/4719352 Clever little spies - next war will definitely be a cyberwar with first prize going to the best hackers
The US military is pretty compromised. If the US military gets in a fight with the Red Chinese in the Western Pacific Uncle Sam is in for very unpleasant surprises. I hold Obama solely responsible for this debacle.
Bring it. Their exploits exist primarily because we are very stupid... and use windows... and reactive, not pro-active, detection response... and we contract to folks who do not even follow those protocols. But our darkness is well and pro-actively defended. Problem with the Chinese is they (*)(*)(*)(*)ing know Chinese. Problem for the Chinese is that most languages are in English.
Yeah, Obama should be on a PC in the Oval Office, stopping them Chinee hackers with online magic kung foo judo chops! It's what Romney would have done!
The Chinese are exploiting our country's political weakness. FDR wouldn't have stood for such a thing.
America's problems are so overwhelming I think that concern over Obama or Romney pales in comparison.
The biggest problem is exactly what you stated, 'and we contract to folks who do not even follow those protocols'. What it seems, to me, is that it's becoming more of a self inflicted wounds. Most of the networks that are setup are defensive, most of them don't have 'honey pots' setup. They only gather information AFTER everything has been completed, rather than as the events are occurring. For me, if you're in the front lines of security, you would want to lay down the most secure foundation possible. Rather than relying on Windows because it's 'user friendly', I think it's time to start looking into areas that are more tightly secured, like Linux. The US government should look into buying paid, enterprise support from Red Hat or equivalent, while utilizing a comparable, free alternative to it's paid OS. In the case of Red Hat, go with CentOS. It seems like a no-brainer to me, but, then again, I'm in control of my own network.
Who can blame a hungry man for sitting down at a feast and eating freely when there is no one to stop him?
I blame them and would threaten war if I were president, but Obama is a coward and a wimp, so the Chinese will continue stealing with impunity.
Government is the primary client of Red Hat. As you observe... it is the contractors who are the primary link. They are gigantic in and of themselves. You look at Boeing, Lockheed, BAE, Ratheon, and the numbers of windows users they employ... then look at real companies nobody knows that everyone knows, Booze Allen, SAIC, Veridian... and their ventures and projects... The number of windows desktops attached to serious things... private sector needs to do more. This thread is so tagged. lol.
Weeeeel! Our Government is sorta denying that and quite frankly, given the state of government contractors I have witnessed they will be bloody lucky if the wiring looks anything LIKE what they hacked!
Fair enough. Government may be the primary client, but that's not to say that all entities of the government are under that same umbrella. I would imagine Microsoft is still a very viable option, to most entities, public and/or private. If the case is to be made that private contractors are running on government networks, I'd advocate that all private contractors be permitted to only access the network through approved desktops. This will keep everything in a controlled state and will allow security to be a bit tighter. Furthermore, if they need remote access, they can setup Citrix farms, that will allow them to work remotely.
Yes, they are "clever little spies" if they are foreign spies hiding in China and trying to scapegoat the Chinese for the cyber attack. However, if they are really Chinese spies, they are the most foolish and hopeless spies on earth. Xi should sack them for being discovered so easily for their clumsy act. It's unfortunate that China's opening has allowed all sorts of "birds" -- crows, vultures, pigeons, etc -- to enter the country with their "bird flus". If we look at the the past and current hacking activities around the world, there is little chance for the first prize to go to the Chinese hackers. American or other foreign computer whiz kids will have a better chance to win the first prize. Please refer to the following thread. http://www.politicalforum.com/security-defenses/304950-hackers-watch.html
How can we "threaten war" against an enemy that could shut us down by simply not showing up to buy debt at a T-bill auction? Or simply stop shipping to us our day-to-day absolutely essential basic (like food and materials) and technology and medical goods, including the very computers and hard drives they supposedly "hacked"! The USA would be a wreck in a matter of a month or two. They have had us by our cojones for a decade. And why would they need to hack something that they could very well their own back door to? To "threaten war" against China is simply suicide.
Our weakness is we do NOTHING to prepare for war! We spend ungodly amounts of money for flash in the pan gaudy and super-tech boondoggles, while we leave the windows and back doors completely unlocked because who sees the peopl e doing the grunt technical work? Its incredibly time-consuming, impossible to effectively evaluate, so there are very few American contractors ethical enough to resist pocketing tons of money and putting on useless and pointless "Security Theater" in our information fields to justify the easy ongoing money. Just like our "Security theater" with the TSA where far more than $100 Billion has been spent in worthless and annoying efforts.
It's high time for the "Houdini of the Cyberspace" to come to the rescue of Hak Kwai and teach all the "Kungfu Panda rookie hackers" a lesson.
Exactly , tracing an IP means nothing and the spies can be anyone, even Americans . Personally i don't think that the Chinese will have the audacity to hack into security systems of other countries without first spoofing behind some proxies. Also there are millions of Chinese outside China and millions of other nationalities inside China , why to get into a PR nightmare when you can use a tourist in Jakarta to do your job ?
Holy 1993 batman. While there is certainly some Russian (and Israeli) hacking masquerading as Chinese... we know who and what and where we are dealing with in large part.
As she was sleeping, the three bears came home. "Someone's been eating my porridge," growled the Papa bear. "Someone's been eating my porridge," said the Mama bear. "Someone's been eating my porridge and they ate it all up!" cried the Baby bear. The above passage was taken from "The Story of Goldilocks and the Three Bears" at http://www.dltk-teach.com/rhymes/goldilocks_story.htm So who can blame Goldilocks for eating the porridge of the three bears when she could walk right into the house? Compared to the house of the three bears, the Internet fares no better in security. There could never be such thing as foolproof security for the Internet. Hackers, in one way or another, could intrude into a website like Goldilocks. For example, the link below mentions the case of a 12-year-old Malaysian rookie hacker cracking Datasenz's Apps. http://says.com/my/news/malaysian-rookie-hacker-cracked-datasenzs-apps Unless you could catch the burglar sleeping like Goldilocks on your bed, don't point your finger at any suspect you can think of, but to add more locks to enhance its security. If your porridge still disappears mysteriously everyday despite all the locks and security systems you installed in your house, you have no choice but to finish all your porridge before the burglar could lay his hands on it. The Story of the Three Bears http://en.wikipedia.org/wiki/The_Story_of_the_Three_Bears
So stamp your feet and get red in the face like the North Koreans. You can threaten war all you want they know damn well it wouldnt be a serious threat.
A companies security so lax a kid can script out of it is a credit to the kid, and an obscene embarrassment to the company. The government is not that company. Real systems, in large part, are not on the grid.