Paris; and Oakland, Calif. - When suspected Chinese hackers penetrated the Pentagon this summer, reports downplayed the cyberattack. The hackers hit a secure Pentagon system known as NIPRNet – but it only carries unclassified information and general e-mail, Department of Defense officials said.
Yet a central aim of the Chinese hackers may not have been top secrets, but a probe of the Pentagon network structure itself, some analysts argue. The NIPRNet (Non-classified Internet Protocol Router Network) is crucial in the quick deployment of US forces should China attack Taiwan. By crippling a Pentagon Net used to call US forces, China gains crucial hours and minutes in a lightning attack designed to force a Taiwan surrender, experts say.
China's presumed infiltration underscores an ever bolder and more advanced capability by its cybershock troops. Today, of an estimated 120 countries working on cyberwarfare, China, seeking great power status, has emerged as a leader.
"The Chinese are the first to use cyberattacks for political and military goals," says James Mulvenon, an expert on Chin's military and director of the Center for Intelligence and Research in Washington. "Whether it is battlefield preparation or hacking networks connected to the German chancellor, they are the first state actor to jump feet first into 21st-century cyberwarfare technology. This is clearly becoming a more serious and open problem."
China is hardly the only state conducting cyberespionage. "Everybody is hacking everybody," says Johannes Ullrich, an expert with the SANS Technology Institute, pointing to Israeli hacks against the US, and French hacks against European Union partners. But aspects of the Chinese approach worry him. "The part I am most afraid of is … staging probes inside key industries. It's almost like sleeper cells, having ways to [disrupt] systems when you need to if it ever came to war."
In recent weeks, China stands accused not only of the Pentagon attack, but also of daily striking German federal ministries and British government offices, including Parliament. After an investigation in May, officials at Germany's Office of the Protection of the Constitution told Der Speigel that 60 percent of all cyberattacks on German systems come from China. Most originate in the cities of Lanzhou and Beijing, and in Guangdong Province, centers of high-tech military operations.
German Chancellor Angela Merkel publicly raised the issue with Chinese Premier Wen Jiabao in Beijing last month. Mr. Wen did not deny China's activity, but said it should stop. President George Bush, prior to his meeting with Chinese President Hu Jintao in Sydney, Australia, at the APEC summit last week, stated that respect of computer "systems" is "what we expect from people with whom we trade."
The accusations, hard to prove conclusively, still illumine an emerging theater of low-level attacks among nations. This spring, presumed Russian hackers made headlines with a one-off cyberblitz of Estonia, shutting down one of the most wired countries in Europe for a week – blunt payback for removal of a Soviet war memorial.
source: http://www.csmonitor.com/2007/0914/p01s01-woap.html
September 18, 2007
China emerges as leader in cyberwarfare
'Hacker-proof' system? You be the judge
Aerospace giant European Aeronautic Defence and Space has introduced a "hacker-proof" encryption technology that it claims will revolutionize Internet security and bring "cryptography into the 21st century."
The system, called "Ectocryp," was developed for military and business applications by researchers and engineers at EADS' Defence and Security Systems division in Newport, South Wales. The team relied on technology developed by the U.K.'s Government Communications Headquarters, sister agency to the NSA and formerly known as Government Code and Cypher School, of German Enigma fame.
The system owes its success to the "lightning speed with which the 'keys' needed to enter the computer systems can be scrambled and reformatted," reports the Telegraph. "Just when a hacker thinks he or she has broken the code, the code changes." (See related video.) The system is the first "Top Secret, Eyes Only" High Assurance Internet Protocol Encryptor (PDF) device in the U.K., according to the company.
How secure is it? Send your most excellent and sensitive Ectocryped data around the globe, and "all the computer technology in the world cannot break it," EADS sales manager Gordon Duncan boasted to the Telegraph.
Note to hackers of the Peeps Liberation Army: The gauntlet is officially down.
source: http://crave.cnet.com/8301-1_105-9778661-1.html
September 13, 2007
Major computer viruses over the last 25 years:
Elk Cloner, 1982: Regarded as the first virus to hit personal computers worldwide, ''Elk Cloner'' spread through Apple II floppy disks and displayed a poem written by its author, a ninth-grade student who was designing a practical joke.
Brain, 1986: ''Brain'' is the first virus to hit computers running a Microsoft Corp. operating system – DOS. Written by two Pakistani brothers, the virus left the phone number of their computer repair shop.
Morris, 1988: Written by a Cornell University graduate student whose father was then a top government computer-security expert, the virus infected an estimated 6,000 university and military computers connected over the Internet. Although viruses had spread over the Internet before, until ''Morris'' none was widespread.
Melissa, 1999: ''Melissa'' was one of the first to spread over e-mail. When users opened an attachment, the virus sent copies of itself to the first 50 people in the user's address book, covering the globe within hours.
Love bug, 2000: Also spread via e-mail attachment, ''Love Bug'' exploited human nature and tricked recipients into opening it by disguising itself as a love letter.
Code Red, 2001: Exploiting a flaw in Microsoft software, ''Code Red'' was among the first ''network worms'' to spread rapidly because it required only a network connection, not a human opening an attachment. Although the flaw was known, many system operators had yet to install a software patch Microsoft made available a month earlier to fix it.
Blaster, 2003: ''Blaster'' also took advantage of a known flaw in Microsoft software and, along with the 2003 ''SoBig'' outbreak, prompted Microsoft to offer cash rewards to people who help authorities capture and prosecute the virus writers.
Sasser, 2004: ''Sasser'' exploited a Microsoft flaw as well and prompted some computers to continually crash and reboot, apparently the result of bad programming. Although ''Sasser'' is hardly the last malicious software, the ones since then have generally received less attention as networks install better defenses and profit-minded virus writers try to avoid detection and removal of their works.
Brain, 1986: ''Brain'' is the first virus to hit computers running a Microsoft Corp. operating system – DOS. Written by two Pakistani brothers, the virus left the phone number of their computer repair shop.
Morris, 1988: Written by a Cornell University graduate student whose father was then a top government computer-security expert, the virus infected an estimated 6,000 university and military computers connected over the Internet. Although viruses had spread over the Internet before, until ''Morris'' none was widespread.
Melissa, 1999: ''Melissa'' was one of the first to spread over e-mail. When users opened an attachment, the virus sent copies of itself to the first 50 people in the user's address book, covering the globe within hours.
Love bug, 2000: Also spread via e-mail attachment, ''Love Bug'' exploited human nature and tricked recipients into opening it by disguising itself as a love letter.
Code Red, 2001: Exploiting a flaw in Microsoft software, ''Code Red'' was among the first ''network worms'' to spread rapidly because it required only a network connection, not a human opening an attachment. Although the flaw was known, many system operators had yet to install a software patch Microsoft made available a month earlier to fix it.
Blaster, 2003: ''Blaster'' also took advantage of a known flaw in Microsoft software and, along with the 2003 ''SoBig'' outbreak, prompted Microsoft to offer cash rewards to people who help authorities capture and prosecute the virus writers.
Sasser, 2004: ''Sasser'' exploited a Microsoft flaw as well and prompted some computers to continually crash and reboot, apparently the result of bad programming. Although ''Sasser'' is hardly the last malicious software, the ones since then have generally received less attention as networks install better defenses and profit-minded virus writers try to avoid detection and removal of their works.
Subscribe to:
Posts (Atom)
