[Clips] Hacker attacks in US linked to Chinese military: researchers

2005-12-13 Thread R. A. Hettinga

--- begin forwarded text


 Delivered-To: [EMAIL PROTECTED]
 Date: Mon, 12 Dec 2005 19:39:51 -0500
 To: Philodox Clips List [EMAIL PROTECTED]
 From: R. A. Hettinga [EMAIL PROTECTED]
 Subject: [Clips] Hacker attacks in US linked to Chinese military: researchers
 Reply-To: [EMAIL PROTECTED]
 Sender: [EMAIL PROTECTED]

 http://www.breitbart.com/news/2005/12/12/051212224756.jwmkvntb.html

 BREITBART.COM -

 Hacker attacks in US linked to Chinese military: researchers


 Dec 12 5:56 PM US/Eastern


 A systematic effort by hackers to penetrate US government and industry
 computer networks stems most likely from the Chinese military, the head of
 a leading security institute said. The attacks have been traced to the
 Chinese province of Guangdong, and the techniques used make it appear
 unlikely to come from any other source than the military, said Alan Paller,
 the director of the SANS Institute, an education and research organization
 focusing on cybersecurity.


  These attacks come from someone with intense discipline. No other
 organization could do this if they were not a military organization,
 Paller said in a conference call to announced a new cybersecurity education
 program.

  In the attacks, Paller said, the perpetrators were in and out with no
 keystroke errors and left no fingerprints, and created a backdoor in less
 than 30 minutes. How can this be done by anyone other than a military
 organization?

  Paller said that despite what appears to be a systematic effort to target
 government agencies and defense contractors, defenses have remained weak in
 many areas.

  We know about major penetrations of defense contractors, he said.

  Security among private-sector Pentagon contractors may not be as robust,
 said Paller, because they are less willing to make it hard for mobile
 people to get their work done.

  Paller said the US government strategy appears to be to downplay the
 attacks, which has not helped the situation.

  We have a problem that our computer networks have been terribly and
 deeply penetrated throughout the United States ... and we've been keeping
 it secret, he said.

  The people who benefit from keeping it secret are the attackers.

  Although Paller said the hackers probably have not obtained classified
 documents from the Pentagon, which uses a more secure network, it is
 possible they stole extremely sensitive information.

  He said it has been documented that US military flight planning software
 from its Redstone Arsenal was stolen.

  Pentagon officials confirmed earlier this year that US Defense Department
 websites are probed hundreds of times a day by hackers, but maintained that
 no classified site is known to have been penetrated by hackers.

  The US military has code-named the recent hacker effort Titan Rain and
 has made some strides in counter-hacking to identify the attackers, Paller
 said. This was first reported by Time magazine.

  Paller said a series of attacks on British computer networks reported
 earlier this year may have similar goals, but seems to use different
 techniques.

  In the United States, he said there are some areas of improvement such as
 the case of the Air Force, which has been insisting on better security from
 its IT vendors. But he argued that the fundamental error is that America's
 security strategy relies on writing reports rather than hardening systems.


 --
 -
 R. A. Hettinga mailto: [EMAIL PROTECTED]
 The Internet Bearer Underwriting Corporation http://www.ibuc.com/
 44 Farquhar Street, Boston, MA 02131 USA
 ... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 ___
 Clips mailing list
 [EMAIL PROTECTED]
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-
R. A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation http://www.ibuc.com/
44 Farquhar Street, Boston, MA 02131 USA
... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: [Clips] Hacker attacks in US linked to Chinese military: researchers

2005-12-13 Thread Alexander Klimov
On Mon, 12 Dec 2005, R. A. Hettinga wrote:
 --- begin forwarded text
  [...]
   These attacks come from someone with intense discipline. No other
  organization could do this if they were not a military organization,
  Paller said in a conference call to announced a new cybersecurity education
  program.

   In the attacks, Paller said, the perpetrators were in and out with no
  keystroke errors and left no fingerprints, and created a backdoor in less
  than 30 minutes. How can this be done by anyone other than a military
  organization?

Sounds really convincing :-) Of course, only a military can type for
30 minutes without a single keystroke error. (I would rather guess
that this was a script.) Left no fingerprints is even more revealing :-)

-- 
Regards,
ASK

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]