Post by jeffolie on Apr 22, 2009 12:58:50 GMT -6
China attacked US
All of the below cyberattacks are attributed to China. They are not mere 'denial of service' bothersome events, they are significant acts of aggression.
The Chinese communist government is America's enemy but the public does not care enough to even stop shopping at WalMart. Americans has a cognitive disconnect in their failure to recognize the economy and military aggression and damage to America. The US government is too afraid that China will stop buying its debt to speak up against China.
========================================================
A Growing Threat in a Digital Age
According to Wikipedia, "asymmetric warfare"
originally referred to war between two or more belligerents whose relative military power differs significantly. Contemporary military thinkers tend to broaden this to include asymmetry of strategy or tactics; today [the phrase] can describe a conflict in which the resources of two belligerents differ in essence and in the struggle, interact and attempt to exploit each other's characteristic weaknesses. Such struggles often involve strategies and tactics of unconventional warfare, the "weaker" combatants attempting to use strategy to offset deficiencies in quantity or quality. Such strategies may not necessarily be militarized.
In a March 5th report, "U.S. Facing Asymmetric, Cyber Warfare," UPI highlighted concerns raised by a senior military official about a growing threat in a digital age.
The head of the U.S. Air Force Space Command said future combat environments are shifting toward asymmetric online battlefields.
Gen. Robert Kehler, commander of Air Force Space Command, said recently that 21st-century warfare is erasing physical boundaries as more threats to security in the United States are coming from cyberattacks, the Air Force reported.
Kehler, discussing the evolving Joint Operating Environment, said distances in warfare are changing. Unmanned aircraft systems, piloted at air force bases in Nevada, are bombing targets in Afghanistan and cyberattacks could come from someone sitting at a computer next door.
"When you come to work, and you log in ... you are entering a war zone, and everyone has to be a defender. We do not have a security forces squadron for cyberspace," Kehler said in a statement.
"Make no mistake about it; the fight is on in cyberspace. The adversary can be down the street or halfway around the world, and you never know. The enemy could be down the street and look like he's halfway around the world."
Naturally, some might view such a warning as alarmist, or as propaganda or part of a concerted Defense Department lobbying effort. However, at least three developments reported on since then (and included below) suggest such concerns are warranted.
1. "Computer Spies Breach Fighter-Jet Project" (Wall Street Journal):
Computer spies have broken into the Pentagon's $300 billion Joint Strike Fighter project -- the Defense Department's costliest weapons program ever -- according to current and former government officials familiar with the attacks.
Similar incidents have also breached the Air Force's air-traffic-control system in recent months, these people say. In the case of the fighter-jet program, the intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft.
The latest intrusions provide new evidence that a battle is heating up between the U.S. and potential adversaries over the data networks that tie the world together. The revelations follow a recent Wall Street Journal report that computers used to control the U.S. electrical-distribution system, as well as other infrastructure, have also been infiltrated by spies abroad.
Attacks like these -- or U.S. awareness of them -- appear to have escalated in the past six months, said one former official briefed on the matter. "There's never been anything like it," this person said, adding that other military and civilian agencies as well as private companies are affected. "It's everything that keeps this country going."
Many details couldn't be learned, including the specific identity of the attackers, and the scope of the damage to the U.S. defense program, either in financial or security terms. In addition, while the spies were able to download sizable amounts of data related to the jet-fighter, they weren't able to access the most sensitive material, which is stored on computers not connected to the Internet.
Former U.S. officials say the attacks appear to have originated in China. However it can be extremely difficult to determine the true origin because it is easy to mask identities online.
A Pentagon report issued last month said that the Chinese military has made "steady progress" in developing online-warfare techniques. China hopes its computer skills can help it compensate for an underdeveloped military, the report said.
The Chinese Embassy said in a statement that China "opposes and forbids all forms of cyber crimes." It called the Pentagon's report "a product of the Cold War mentality" and said the allegations of cyber espionage are "intentionally fabricated to fan up China threat sensations."
The U.S. has no single government or military office responsible for cyber security. The Obama administration is likely to soon propose creating a senior White House computer-security post to coordinate policy and a new military command that would take the lead in protecting key computer networks from intrusions, according to senior officials.
The Bush administration planned to spend about $17 billion over several years on a new online-security initiative and the Obama administration has indicated it could expand on that. Spending on this scale would represent a potential windfall for government agencies and private contractors at a time of falling budgets. While specialists broadly agree that the threat is growing, there is debate about how much to spend in defending against attacks.
The Joint Strike Fighter, also known as the F-35 Lightning II, is the costliest and most technically challenging weapons program the Pentagon has ever attempted. The plane, led by Lockheed Martin Corp., relies on 7.5 million lines of computer code, which the Government Accountability Office said is more than triple the amount used in the current top Air Force fighter.
Six current and former officials familiar with the matter confirmed that the fighter program had been repeatedly broken into. The Air Force has launched an investigation.
Pentagon officials declined to comment directly on the Joint Strike Fighter compromises. Pentagon systems "are probed daily," said Air Force Lt. Col. Eric Butterbaugh, a Pentagon spokesman. "We aggressively monitor our networks for intrusions and have appropriate procedures to address these threats." U.S. counterintelligence chief Joel Brenner, speaking earlier this month to a business audience in Austin, Texas, warned that fighter-jet programs have been compromised.
Foreign allies are helping develop the aircraft, which opens up other avenues of attack for spies online. At least one breach appears to have occurred in Turkey and another country that is a U.S. ally, according to people familiar with the matter.
Joint Strike Fighter test aircraft are already flying, and money to build the jet is included in the Pentagon's budget for this year and next.
Computer systems involved with the program appear to have been infiltrated at least as far back as 2007, according to people familiar with the matter. Evidence of penetrations continued to be discovered at least into 2008. The intruders appear to have been interested in data about the design of the plane, its performance statistics and its electronic systems, former officials said.
The intruders compromised the system responsible for diagnosing a plane's maintenance problems during flight, according to officials familiar with the matter. However, the plane's most vital systems -- such as flight controls and sensors -- are physically isolated from the publicly accessible Internet, they said.
The intruders entered through vulnerabilities in the networks of two or three contractors helping to build the high-tech fighter jet, according to people who have been briefed on the matter. Lockheed Martin is the lead contractor on the program, and Northrop Grumman Corp. and BAE Systems PLC also play major roles in its development.
Lockheed Martin and BAE declined to comment. Northrop referred questions to Lockheed.
The spies inserted technology that encrypts the data as it's being stolen; as a result, investigators can't tell exactly what data has been taken. A former Pentagon official said the military carried out a thorough cleanup.
Fighting online attacks like these is particularly difficult because defense contractors may have uneven network security, but the Pentagon is reliant on them to perform sensitive work. In the past year, the Pentagon has stepped up efforts to work with contractors to improve computer security.
Investigators traced the penetrations back with a "high level of certainty" to known Chinese Internet protocol, or IP, addresses and digital fingerprints that had been used for attacks in the past, said a person briefed on the matter.
As for the intrusion into the Air Force's air-traffic control systems, three current and former officials familiar with the incident said it occurred in recent months. It alarmed U.S. national security officials, particularly at the National Security Agency, because the access the spies gained could have allowed them to interfere with the system, said one former official. The danger is that intruders might find weaknesses that could be exploited to confuse or damage U.S. military craft.
Military officials declined to comment on the incident.
In his speech in Austin, Mr. Brenner, the U.S. counterintelligence chief, issued a veiled warning about threats to air traffic in the context of Chinese infiltration of U.S. networks. He spoke of his concerns about the vulnerability of U.S. air traffic control systems to cyber infiltration, adding "our networks are being mapped." He went on to warn of a potential situation where "a fighter pilot can't trust his radar."
2. "Chinese Spies May Have Put Chips in US Planes" (Times of India):
The Chinese cyber spies have penetrated so deep into the US system — ranging from its secure defence network, banking system, electricity grid to putting spy chips into its defence planes — that it can cause serious damage to the US any time, a top US official on counter-intelligence has said.
“Chinese penetrations of unclassified DoD networks have also been widely reported. Those are more sophisticated, though hardly state of the art,” said National Counterintelligence Executive, Joel Brenner, at the Austin University Texas last week, according to a transcript made available on Wednesday.
Listing out some of the examples of Chinese cyber spy penetration, he said: “We’re also seeing counterfeit routers and chips, and some of those chips have made their way into US military fighter aircraft.. You don’t sneak counterfeit chips into another nation’s aircraft to steal data. When it’s done intentionally, it’s done to degrade systems, or to have the ability to do so at a time of one’s choosing.”
Referring to the Chinese networks penetrating the cyber grids, he said: “Do I worry about those grids, and about air traffic control systems, water supply systems, and so on? You bet I do. America’s networks are being mapped. There has also been experience of both Chinese and criminal network operations in the networks of some of the banks”.
3. "Study Finds Cyber-Spy Ring Based in China" (Financial Times):
A Chinese spying operation has obtained sensitive data from hundreds of government computers in more than 100 countries, according to a new report.
University of Toronto experts found 1,295 infected computers around the world and observed the operation stealing documents and watching and listening to users through webcams and microphones.
The report will spark fresh alarm about the extent of information warfare and, in particular, about Chinese hacking.
The large proportion of "high-value" infections suggested the existence of a targeted spying operation rather than a criminal network.
The researchers could not establish that the Chinese government was behind the hacking effort - dubbed GhostNet - but they noted that the targets were groups of particular interest to -Beijing, including Tibetan independence activists.
Among the 1,295 infected machines, 397 were "either significant to the relation between China and Tibet, Taiwan or India, or were identified as computers at foreign embassies, diplomatic missions, government ministries or international organisations", the report said.
Triggered by a request from the Tibetan government in exile, the 10-month investigation found that several computers in the office of the Dalai Lama had been infiltrated by malware, virus-like software that hijacks a machine and makes it obey commands from the attackers.
The report said circumstantial evidence suggested that the Chinese state had exploited this set of high-profile targets for "military and strategic-intelligence purposes". It said many attacks appeared to come from Hainan island, home of the Chinese military's Lingshui signals intelligence facility.
Dennis Blair, the new US director of national intelligence, on Friday said that cyber-security was a " very high priority ".
He added that organised states, such as China and Russia - and not Muslim terrorist organisations - posed the biggest threat, and said the US needed to be better at identifying where attacks originated.
"China is, I think, winning the sweepstakes for the origin of the most attacks on US organisations. I think it's second, after attacks originating in the United States, but it's up there in terms of foreign countries," he said.
Barack Obama, the president, has ordered a review of cyber-security as US government agencies increasingly fall victim to attacks. In 2007, Chinese military hackers penetrated the Pentagon computer network serving Robert Gates, the US defence secretary. Hackers originating from China last year broke into the White House computer system.
Other countries, including the UK and Germany, have warned about Chinese attacks on their government networks.
Eliza Manningham-Buller, former head of MI5, the British intelligence agency, has said the UK had been the target of Chinese attacks that appeared to be state sponsored.
Many computer security experts have been warning about the potentially dire impact of vast networks of home and office computers under the invisible control of criminal groups.
One of the largest such drone networks, assembled by what is most commonly known as the Conficker virus, has ensnared millions of PCs for purposes as yet unknown.
One of the most interesting things about the Chinese operation, by contrast, is that it is very small. The architects focused on a few machines of special interest, though they clearly could have cast a wider net.
A spokesman for the Chinese consulate in New York described the study as "nonsense" to The New York Times, which reported it at the weekend.
Chinese hackers for years have been considered among the most prolific and talented anywhere.
www.economicroadmap.com/2009/04/a-growing-threat-in-a-digital-age.html
All of the below cyberattacks are attributed to China. They are not mere 'denial of service' bothersome events, they are significant acts of aggression.
The Chinese communist government is America's enemy but the public does not care enough to even stop shopping at WalMart. Americans has a cognitive disconnect in their failure to recognize the economy and military aggression and damage to America. The US government is too afraid that China will stop buying its debt to speak up against China.
========================================================
A Growing Threat in a Digital Age
According to Wikipedia, "asymmetric warfare"
originally referred to war between two or more belligerents whose relative military power differs significantly. Contemporary military thinkers tend to broaden this to include asymmetry of strategy or tactics; today [the phrase] can describe a conflict in which the resources of two belligerents differ in essence and in the struggle, interact and attempt to exploit each other's characteristic weaknesses. Such struggles often involve strategies and tactics of unconventional warfare, the "weaker" combatants attempting to use strategy to offset deficiencies in quantity or quality. Such strategies may not necessarily be militarized.
In a March 5th report, "U.S. Facing Asymmetric, Cyber Warfare," UPI highlighted concerns raised by a senior military official about a growing threat in a digital age.
The head of the U.S. Air Force Space Command said future combat environments are shifting toward asymmetric online battlefields.
Gen. Robert Kehler, commander of Air Force Space Command, said recently that 21st-century warfare is erasing physical boundaries as more threats to security in the United States are coming from cyberattacks, the Air Force reported.
Kehler, discussing the evolving Joint Operating Environment, said distances in warfare are changing. Unmanned aircraft systems, piloted at air force bases in Nevada, are bombing targets in Afghanistan and cyberattacks could come from someone sitting at a computer next door.
"When you come to work, and you log in ... you are entering a war zone, and everyone has to be a defender. We do not have a security forces squadron for cyberspace," Kehler said in a statement.
"Make no mistake about it; the fight is on in cyberspace. The adversary can be down the street or halfway around the world, and you never know. The enemy could be down the street and look like he's halfway around the world."
Naturally, some might view such a warning as alarmist, or as propaganda or part of a concerted Defense Department lobbying effort. However, at least three developments reported on since then (and included below) suggest such concerns are warranted.
1. "Computer Spies Breach Fighter-Jet Project" (Wall Street Journal):
Computer spies have broken into the Pentagon's $300 billion Joint Strike Fighter project -- the Defense Department's costliest weapons program ever -- according to current and former government officials familiar with the attacks.
Similar incidents have also breached the Air Force's air-traffic-control system in recent months, these people say. In the case of the fighter-jet program, the intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft.
The latest intrusions provide new evidence that a battle is heating up between the U.S. and potential adversaries over the data networks that tie the world together. The revelations follow a recent Wall Street Journal report that computers used to control the U.S. electrical-distribution system, as well as other infrastructure, have also been infiltrated by spies abroad.
Attacks like these -- or U.S. awareness of them -- appear to have escalated in the past six months, said one former official briefed on the matter. "There's never been anything like it," this person said, adding that other military and civilian agencies as well as private companies are affected. "It's everything that keeps this country going."
Many details couldn't be learned, including the specific identity of the attackers, and the scope of the damage to the U.S. defense program, either in financial or security terms. In addition, while the spies were able to download sizable amounts of data related to the jet-fighter, they weren't able to access the most sensitive material, which is stored on computers not connected to the Internet.
Former U.S. officials say the attacks appear to have originated in China. However it can be extremely difficult to determine the true origin because it is easy to mask identities online.
A Pentagon report issued last month said that the Chinese military has made "steady progress" in developing online-warfare techniques. China hopes its computer skills can help it compensate for an underdeveloped military, the report said.
The Chinese Embassy said in a statement that China "opposes and forbids all forms of cyber crimes." It called the Pentagon's report "a product of the Cold War mentality" and said the allegations of cyber espionage are "intentionally fabricated to fan up China threat sensations."
The U.S. has no single government or military office responsible for cyber security. The Obama administration is likely to soon propose creating a senior White House computer-security post to coordinate policy and a new military command that would take the lead in protecting key computer networks from intrusions, according to senior officials.
The Bush administration planned to spend about $17 billion over several years on a new online-security initiative and the Obama administration has indicated it could expand on that. Spending on this scale would represent a potential windfall for government agencies and private contractors at a time of falling budgets. While specialists broadly agree that the threat is growing, there is debate about how much to spend in defending against attacks.
The Joint Strike Fighter, also known as the F-35 Lightning II, is the costliest and most technically challenging weapons program the Pentagon has ever attempted. The plane, led by Lockheed Martin Corp., relies on 7.5 million lines of computer code, which the Government Accountability Office said is more than triple the amount used in the current top Air Force fighter.
Six current and former officials familiar with the matter confirmed that the fighter program had been repeatedly broken into. The Air Force has launched an investigation.
Pentagon officials declined to comment directly on the Joint Strike Fighter compromises. Pentagon systems "are probed daily," said Air Force Lt. Col. Eric Butterbaugh, a Pentagon spokesman. "We aggressively monitor our networks for intrusions and have appropriate procedures to address these threats." U.S. counterintelligence chief Joel Brenner, speaking earlier this month to a business audience in Austin, Texas, warned that fighter-jet programs have been compromised.
Foreign allies are helping develop the aircraft, which opens up other avenues of attack for spies online. At least one breach appears to have occurred in Turkey and another country that is a U.S. ally, according to people familiar with the matter.
Joint Strike Fighter test aircraft are already flying, and money to build the jet is included in the Pentagon's budget for this year and next.
Computer systems involved with the program appear to have been infiltrated at least as far back as 2007, according to people familiar with the matter. Evidence of penetrations continued to be discovered at least into 2008. The intruders appear to have been interested in data about the design of the plane, its performance statistics and its electronic systems, former officials said.
The intruders compromised the system responsible for diagnosing a plane's maintenance problems during flight, according to officials familiar with the matter. However, the plane's most vital systems -- such as flight controls and sensors -- are physically isolated from the publicly accessible Internet, they said.
The intruders entered through vulnerabilities in the networks of two or three contractors helping to build the high-tech fighter jet, according to people who have been briefed on the matter. Lockheed Martin is the lead contractor on the program, and Northrop Grumman Corp. and BAE Systems PLC also play major roles in its development.
Lockheed Martin and BAE declined to comment. Northrop referred questions to Lockheed.
The spies inserted technology that encrypts the data as it's being stolen; as a result, investigators can't tell exactly what data has been taken. A former Pentagon official said the military carried out a thorough cleanup.
Fighting online attacks like these is particularly difficult because defense contractors may have uneven network security, but the Pentagon is reliant on them to perform sensitive work. In the past year, the Pentagon has stepped up efforts to work with contractors to improve computer security.
Investigators traced the penetrations back with a "high level of certainty" to known Chinese Internet protocol, or IP, addresses and digital fingerprints that had been used for attacks in the past, said a person briefed on the matter.
As for the intrusion into the Air Force's air-traffic control systems, three current and former officials familiar with the incident said it occurred in recent months. It alarmed U.S. national security officials, particularly at the National Security Agency, because the access the spies gained could have allowed them to interfere with the system, said one former official. The danger is that intruders might find weaknesses that could be exploited to confuse or damage U.S. military craft.
Military officials declined to comment on the incident.
In his speech in Austin, Mr. Brenner, the U.S. counterintelligence chief, issued a veiled warning about threats to air traffic in the context of Chinese infiltration of U.S. networks. He spoke of his concerns about the vulnerability of U.S. air traffic control systems to cyber infiltration, adding "our networks are being mapped." He went on to warn of a potential situation where "a fighter pilot can't trust his radar."
2. "Chinese Spies May Have Put Chips in US Planes" (Times of India):
The Chinese cyber spies have penetrated so deep into the US system — ranging from its secure defence network, banking system, electricity grid to putting spy chips into its defence planes — that it can cause serious damage to the US any time, a top US official on counter-intelligence has said.
“Chinese penetrations of unclassified DoD networks have also been widely reported. Those are more sophisticated, though hardly state of the art,” said National Counterintelligence Executive, Joel Brenner, at the Austin University Texas last week, according to a transcript made available on Wednesday.
Listing out some of the examples of Chinese cyber spy penetration, he said: “We’re also seeing counterfeit routers and chips, and some of those chips have made their way into US military fighter aircraft.. You don’t sneak counterfeit chips into another nation’s aircraft to steal data. When it’s done intentionally, it’s done to degrade systems, or to have the ability to do so at a time of one’s choosing.”
Referring to the Chinese networks penetrating the cyber grids, he said: “Do I worry about those grids, and about air traffic control systems, water supply systems, and so on? You bet I do. America’s networks are being mapped. There has also been experience of both Chinese and criminal network operations in the networks of some of the banks”.
3. "Study Finds Cyber-Spy Ring Based in China" (Financial Times):
A Chinese spying operation has obtained sensitive data from hundreds of government computers in more than 100 countries, according to a new report.
University of Toronto experts found 1,295 infected computers around the world and observed the operation stealing documents and watching and listening to users through webcams and microphones.
The report will spark fresh alarm about the extent of information warfare and, in particular, about Chinese hacking.
The large proportion of "high-value" infections suggested the existence of a targeted spying operation rather than a criminal network.
The researchers could not establish that the Chinese government was behind the hacking effort - dubbed GhostNet - but they noted that the targets were groups of particular interest to -Beijing, including Tibetan independence activists.
Among the 1,295 infected machines, 397 were "either significant to the relation between China and Tibet, Taiwan or India, or were identified as computers at foreign embassies, diplomatic missions, government ministries or international organisations", the report said.
Triggered by a request from the Tibetan government in exile, the 10-month investigation found that several computers in the office of the Dalai Lama had been infiltrated by malware, virus-like software that hijacks a machine and makes it obey commands from the attackers.
The report said circumstantial evidence suggested that the Chinese state had exploited this set of high-profile targets for "military and strategic-intelligence purposes". It said many attacks appeared to come from Hainan island, home of the Chinese military's Lingshui signals intelligence facility.
Dennis Blair, the new US director of national intelligence, on Friday said that cyber-security was a " very high priority ".
He added that organised states, such as China and Russia - and not Muslim terrorist organisations - posed the biggest threat, and said the US needed to be better at identifying where attacks originated.
"China is, I think, winning the sweepstakes for the origin of the most attacks on US organisations. I think it's second, after attacks originating in the United States, but it's up there in terms of foreign countries," he said.
Barack Obama, the president, has ordered a review of cyber-security as US government agencies increasingly fall victim to attacks. In 2007, Chinese military hackers penetrated the Pentagon computer network serving Robert Gates, the US defence secretary. Hackers originating from China last year broke into the White House computer system.
Other countries, including the UK and Germany, have warned about Chinese attacks on their government networks.
Eliza Manningham-Buller, former head of MI5, the British intelligence agency, has said the UK had been the target of Chinese attacks that appeared to be state sponsored.
Many computer security experts have been warning about the potentially dire impact of vast networks of home and office computers under the invisible control of criminal groups.
One of the largest such drone networks, assembled by what is most commonly known as the Conficker virus, has ensnared millions of PCs for purposes as yet unknown.
One of the most interesting things about the Chinese operation, by contrast, is that it is very small. The architects focused on a few machines of special interest, though they clearly could have cast a wider net.
A spokesman for the Chinese consulate in New York described the study as "nonsense" to The New York Times, which reported it at the weekend.
Chinese hackers for years have been considered among the most prolific and talented anywhere.
www.economicroadmap.com/2009/04/a-growing-threat-in-a-digital-age.html