June 12, 2008 at 1:04 pm #2538oneeyedcarmenParticipant
Though I think this is related to the discussion on the ethics of government sposored hacking, I believe it deserved its own thread.
It’s being reported in the LA Times that Chinese hackers have managed to breach more than one Congressman’s machines, as well as those of a Congressional committee on human rights. According to Rep. Frank Wolf (R-VA), “They got everything.”
It’s believed that the Chinese hackers were looking for information on dissidents living in the US, and again according to Congressman Wolf, “following one of the attacks, a car with license plates belonging to Chinese officials went to the home of a Chinese dissident in the Washington suburbs and took photographs of it.”
Thus far, the Chinese government has had nothing to say on the matter, and the FBI has declined to comment.
June 12, 2008 at 2:54 pm #18380RoleReversalParticipant
I’ve read a few differing stories about this incident.
One of the figures I’ve heard quoted is that US systems get scanned or attempted compromises 300million times a day, that’s a lot of background noise to pick through to find the right answer.
Whilst it is entirely possible that all of these (this and recent) attacks are coming from China, if I (UK citizen) wanted to hit the US systems I might just find myself an unpatched XP machine on a Chinese IP for a jumping point. ‘yup, it’s the Chinese again, incident closed?
My question from reading this story that I haven’t found an answer to so far is, is there evidence to suspect the Chinese in this incident of is it merely Wold’s believe due to his aiding of Chinese dissidents?
“following one of the attacks, a car with license plates belonging to Chinese officials went to the home of a Chinese dissident in the Washington suburbs and took photographs of it.”
the full story here[/b][/url]
Of course there is no other way the Chinese officials coud have found out who was living there….
China is becoming a very handy scapegoat at the moment, until there is any evidence one way or another I’d suggest that the attacks are a side-effect of being connected to the internet…
June 12, 2008 at 4:37 pm #18381
June 12, 2008 at 8:43 pm #18382geekyoneParticipant
I wonder if they were a victim of a targeted attack by a Chinese hacker or if they weren’t careful about what email attachments they opened so they ended up with a Trojan that just happened to be reporting back to a Chinese server/IP address.
June 13, 2008 at 7:34 am #18383RoleReversalParticipant
Looks like the media are starting to report real-life rather than FUD for a change
However, computer security experts said that the evidence that the two congressmen provided to back up their claims simply does not prove that the Chinese government, or even Chinese nationals, were involved.
“It’s so very hard to conclude that something came from someplace if all you’re going from is an IP address,” said Marcus Sachs, director of the SANS Internet Storm Center, a volunteer-run effort that tracks emerging computer threats. “Those of us who have done this for a living, we know that you can’t prove that it was a Chinese person on the keyboard if you have a Chinese IP address,” he said. “Without making some of the evidence public … you leave everybody else guessing.”
June 13, 2008 at 8:33 pm #18384Clay BriggsParticipant
True it is impossible to ‘proove’ beyond a doubt… just about anything on the net. 😛 It’s that amazing cloud of anonymity that has confounded and frustrated many attempts at prossecution. Of course, that is chainging slowly. None the less, regardless of whether this specific case is China sanctioned or known; there seems to be a rather epidemic problem with ones that are more obviously known to be. A site I check out once in a while, is: http://www.thedarkvisitor.com/
It has some interesting articles.
June 16, 2008 at 5:22 pm #18385p_dubParticipant
Regardless of the origin of the attack, the relative ease with which this information was obtained is what is scary.
June 16, 2008 at 6:32 pm #18386Clay BriggsParticipant
Quite true. My bosses are FINALLY getting into encryption after the couple VA (Vetrans Ass) issues. We’re still deciding on hardware (seagate) vs software encryption.
June 26, 2008 at 2:34 am #18387
- You must be logged in to reply to this topic.