What's new

China sets up special base for ‘cyber warriors’

with all hyping up of china this and that.. i highly doubt they even equal to a quarter of the NSA's capabilities

actually you are right...not only NSA,many country use hackers for cyber espionage..but don't know why,in China's case,there are hugh amount of proof against them.don't mind but I read an article written by an australian(probably,can't remember) computer expert few years ago that how he placed a trap to find out the nationality of hacking spree was going on then and how he tracked his id into China,and if my memory serves correctly,somewhere near Shanghai..I'll try to find it and post.
 
.
That guy is telling about the % of possible diverted traffic. Even it is not 15%, But still China diverted the traffic.
To do this you need a lot of skills and most important resources.


And, his claim about BGP a bit right, but upgrading this protocol is tough and replacing BGP just becz of some security concern is not possible. As BGP is EGP, this is not possible to fix all things in short time.

he also mentioned that the diverted traffic was much less than the US. anyways, the whole point is that western propaganda machines overblown the whole story way out of proportion :lol:

anyone remember this?
china backdoor chips

and the truth :lol: :lol:

they cited fake story from reddit and spun it around 10000000000 revolutions..wsj, nyt, reuters, bbc, etc.. lol

China not behind US military chip backdoor

Summary: China was not involved in a backdoor that was allegedly installed in chips used by the US military, according to the researcher who originally made the discovery.
Michael Lee

By Michael Lee | May 30, 2012 -- 05:09 GMT (15:09 AEST)
Follow @mukimu

China was not involved in a backdoor that was allegedly installed in chips used by the US military, according to the researcher who originally made the discovery.

(The door is not obvious image by DaveBleasdale, CC BY 2.0)

Earlier this month, Sergei Skorobogatov, a PhD candidate at the University of Cambridge, released draft papers for his hardware security research. Notably, his most recent work looked at an "American military chip [the Actel/Microsemi ProASIC3] that is highly secure, with sophisticated encryption standard [and] manufactured in China". Upon examination, he found a previously unknown backdoor, which had been inserted by the manufacturer.

"This backdoor has a key, which we were able to extract. If you use this key, you can disable the chip or reprogram it at will, even if locked by the user with their own key. This particular chip is prevalent in many systems, from weapons [and] nuclear power plants to public transport. In other words, this backdoor access could be turned into an advanced Stuxnet weapon to attack potentially millions of systems," Skorobogatov wrote at the time.

After Skorobogatov's work was picked up by Reddit, many jumped to the conclusion that China was behind the backdoor.

"The claims about [the] Chinese being involved, was made up by someone who originally made the post at Reddit," Skorobogatov told ZDNet Australia.

"It is the US manufacturer Actel who inserted the backdoor," Skorobogatov wrote.

"We never said the Chinese have put a backdoor inside Actel's chips and it does not say so in our papers. It is as though people have put two and two together and made four or five or six, depending on what their agenda is. We believe that other chips will have backdoors. And since a US chip has them and [that] you can do lots of things that give you a vast amount of control over the devices, then, is there any reason to suggest other manufacturers have not done the same?"


Errata Security researcher Robert Graham also called initial reports "bogus", saying there was no evidence to suggest that it was the Chinese that were responsible, or even that the backdoor was malicious.
 
.
Chinese hackers outed themselves by logging into their personal Facebook accounts



Mandiant, the U.S. firm contracted to investigate cyberattacks against U.S. corporations, says it was able to track an extensive hacking campaign back to the Chinese military in part by exploiting China’s own Web restrictions.

China’s “Great Firewall” blocks Web access to, among other things, Facebook and Twitter. People in China can get around the firewall, and very Web-savvy Chinese often do, by using something called VPNs, or Virtual Private Networks. But Chinese hackers already have access to what is presumably an extremely sophisticated VPN: the very servers they use for their foreign hacking.

This where the hackers may have gotten themselves into trouble. To be totally safe, a Chinese hacker would log out of the servers used for cyber-espionage (and allegedly sponsored by the Chinese military) before logging into a separate, more low-key VPN that he or she could use to access U.S.-based social media sites such as Facebook and Twitter.

Instead of following that procedure, according to Mandiant, some of the hackers got lazy. “The easiest way for them to log into Facebook and Twitter is directly from their attack infrastructure,” the company’s report explains. “Once noticed, this is an effective way to discover their real identities.” When the hacker uses the “attack” servers to log in to Twitter or Facebook, he or she unintentionally links the espionage servers with specific Facebook and Twitter accounts — in other words, with specific human beings.

Mandiant traced two hackers, who used the handles DOTA and UglyGorilla, all across the Web using data points like this. The investigation also looked at, among other things, a cellphone number that one of the hackers used to register a Google e-mail account (yes, he used two-step verification for extra security) and that provided data on the hacker’s location.

National Journal’s Brian Fung makes a great point. He writes, “It’s no small irony the everyday shortcuts users take, and which subsequently open them up to hackers like DOTA and UglyGorilla, are the same traps that the two hackers fell into.” It really is the Wild West out there.


Chinese hackers outed themselves by logging into their personal Facebook accounts
 
. .
The maker of iPhones, iPads, iPods, and Macintosh computers said it is working with law enforcement officials to hunt down the hackers, who appeared tied to a series of recent cyber attacks on US technology firms. "The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers," Apple said in an email response to an AFP inquiry. The malicious software, or malware, took advantage of a vulnerability in a Java program used as a "plug-in" for Web-browsing programs. A "small number" of computer systems at Apple were infected but they were isolated from the main network, according the Silicon Valley-based company. "There is no evidence that any data left Apple," Apple said. Apple released a Macintosh computer operating system update that disables Java software that hasn't been used for 35 days or longer, as well as a tool for finding and removing the malware. Word of hackers hitting Apple came just days after leading social network Facebook said it was "targeted in a sophisticated attack" last month, but that it found no evidence any user data was compromised. Facebook said Friday that the malware came from an infected website of a mobile developer. "We remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day," it said. It was unclear whether it was the same website blamed for the attack on Apple. Using a previously unseen tactic, the attackers took advantage of a flaw in Java software made by Oracle, which was alerted to the situation and released a patch on February 1, according to Facebook. The hackers appeared to be targeting developers and technology firms based on the website they chose to booby-trap with malicious code. "Facebook was not alone in this attack," the Northern California-based company said. "It is clear that others were attacked and infiltrated recently as well." Early this month Twitter said it was hammered by a cyber attack similar to those that recently hit major Western news outlets, and that the passwords of about 250,000 users were stolen. "This attack was not the work of amateurs, and we do not believe it was an isolated incident," Twitter information security director Bob Lord said in a blog post at the time. Lord said there was an "uptick in large-scale security attacks aimed at US technology and media companies." The New York Times and The Wall Street Journal recently said they had been attacked by suspected Chinese hackers. The brazen cyberattacks on US media and technology firms have revived concerns over Chinese hackers, whom analysts say are likely linked to the secretive Beijing government. China's army controls hundreds if not thousands of expert hackers, according to a report Tuesday by a US Internet security firm that traced a host of cyberattacks to an anonymous building in Shanghai. Mandiant said its hundreds of investigations showed that groups hacking into US newspapers, government agencies, and companies "are based primarily in China and that the Chinese government is aware of them." The report focused on one group, which it called "APT1," for "Advanced Persistent Threat." "We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support," Mandiant said. It said the group was believed to be a branch of the People's Liberation Army and digital signatures from its attacks were traced back to the direct vicinity of a nondescript, 12-story building on the outskirts of Shanghai. China's foreign ministry rejected "groundless accusations" of Chinese involvement in hacking, saying China was itself a major victim, with most overseas cyberattacks against it originating in the United States. In his State of the Union address last week, US President Barack Obama said the potential ability of outsiders to sabotage critical US infrastructure was a major concern. "We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy," he said.

Hackers hit Apple in wake of Facebook attack

It's Not Just You: Chinese Hackers Are Terrible at Making Passwords, Too


When The New York Times and other news outlets reported being the victims of a massive, years-long cyberattack, it set off a rash of concerns about online security and personal Internet hygiene, reinforcing plenty of old, enduring lessons: Choose strong passwords; don’t click on links from strangers (or strange links from people you know); consider using different usernames for different online services.

Many Americans still don’t follow these security suggestions that can help protect them from online snooping and identity theft. But, evidently, neither do some Chinese hackers. In a bit of poetic justice, the identities of two of The Times’ hackers have become public, all because they got sloppy.

According to a report by Mandiant, the company The Times hired to investigate its security breach, one hacker who went by the handle "UglyGorilla" went around the Chinese Internet asking plainly whether China had a cyberarmy. In a lapse of personal security, UglyGorilla signed his name on the malware he wrote, on the domains he registered, and on Web forums.

“UG’s consistent use of the username 'UglyGorilla' across various Web accounts has left a thin but strong thread of attribution through many online communities,” the report read.

Investigators learned to identify hackers when the spies logged onto Facebook and Twitter, which are blocked to the rest of China by what has collaquially become known as the Great Firewall of China:

Like many Chinese hackers, APT1 attackers do not like to be constrained by the strict rules put in place by the Communist Party of China (CPC), which deployed the GFWoC as a censorship measure to restrict access to web sites such as google.com, facebook.com, and twitter.com. Additionally, the nature of the hackers’ work requires them to have control of network infrastructure outside the GFWoC. This creates a situation where the easiest way for them to log into Facebook and Twitter is directly from their attack infrastructure. Once noticed, this is an effective way to discover their real identities.

Another hacker identified by Mandiant went by the name of "DOTA." DOTA also had a tendency to spread his name around, creating Hotmail and Gmail accounts using variations of the same handle. Investigators were able to pinpoint the hacker’s location when, as part of a security check, Google sent DOTA a text message. The message contained a code that DOTA had to plug in on his browser to access his Google services -- a standard identity-protection feature called two-factor authentication. (By the way, if you don’t have two-factor authentication enabled, please do it now.)

DOTA’s big mistake was in telling Google to send the text message to a convenient phone number -- one that told Mandiant both what carrier the hacker was on (China Mobile) and where he was (Shanghai).

“The speed of DOTA’s response also indicates that he had the phone with him at the time,” said the report.

DOTA is also apparently a huge J.K. Rowling fan. In response to security questions like “Who is your favorite teacher?” DOTA’s answer would frequently come up as “Harry” and “Poter” (yes, with one T). Despite his skills at penetrating other people’s systems, DOTA was, it turns out, no wizard at personal or operational security.

It’s no small irony the everyday shortcuts users take and which subsequently open them up to hackers like DOTA and UglyGorilla, are the same traps that the two hackers fell into. Still, there’s another possibility: What if they wanted to be found?

While some countries go to great lengths to hide their attacks, China takes no such precautions, said Yael Shahar, an Israeli cybersecurity expert at the International Institute for Counter-Terrorism.

“They're very careful not to cover their tracks very well,” she told me, adding that it enhanced Chinese self-perceptions of “face” to leave a calling card. “It's a projection of power; it's not that they're trying to hide it.”


http://www.nationaljournal.com/tech...are-terrible-at-making-passwords-too-20130219


:lol: :lol: :lol:
 
.
Seems like a campaign to pass CISPA and SOPA acts. The boogeyman is China.
It's unfortunate our government don't tell the world that the number 1 hacker into China is the United States itself. We need to start calling out the US on its own attacks into China.
 
.
actually you are right...not only NSA,many country use hackers for cyber espionage..but don't know why,in China's case,there are hugh amount of proof against them.don't mind but I read an article written by an australian(probably,can't remember) computer expert few years ago that how he placed a trap to find out the nationality of hacking spree was going on then and how he tracked his id into China,and if my memory serves correctly,somewhere near Shanghai..I'll try to find it and post.

Just another part of the 'China threat' theory and to destroy China's image. Just like all the drug accusations against our Olympians when our swimmer was falsely accused and targeted by the west. She passed all the drug tests. Only China hating Indians like you believe all the crap the west says. Even when we are innocent, Indians will always take the side opposing China.
 
.
Just another part of the 'China threat' theory and to destroy China's image. Just like all the drug accusations against our Olympians when our swimmer was falsely accused and targeted by the west. She passed all the drug tests. Only China hating Indians like you believe all the crap the west says. Even when we are innocent, Indians will always take the side opposing China.

ROFL...whole world is conspiring against China,may be thats what you want to imply..but you forgot that India is victim of wide scale hacking possibly originated form China..I didn't imply anything,everycountry use hacking as a tool,but tell me,how many cases everybody point direct towards a government,waving IPs??on contrary,its you who just want to shut your eyes when proof is massing against China.not only USA or Canada,whole world is pointing finger towards China for using hacking in a massive scale.anyway,keep deluding yourself,as i expect nothing more intelligent from you guys. :disagree:


and another thing,using personal attack shows your desperation..

by the way,I posted a informative thread here http://www.defence.pk/forums/chinese-defence/236195-china-army-unit-linked-hacking-against-us.html see how they tracked Chinese hackers with their mobile number...
 
.
actually you are right...not only NSA,many country use hackers for cyber espionage..but don't know why,in China's case,there are hugh amount of proof against them.don't mind but I read an article written by an australian(probably,can't remember) computer expert few years ago that how he placed a trap to find out the nationality of hacking spree was going on then and how he tracked his id into China,and if my memory serves correctly,somewhere near Shanghai..I'll try to find it and post.

Its not so much that there is no evidence against American cyber espionage and hacking activities but the media in the US doesn't really focus on it and ask hard questions about the national security state in America or corruption and fraude on Wall Street. And instead they focus on problems in other countries like China, Russia, Iran and these days even Europe, but just not in the good ole' US of A.
 
.
ROFL...whole world is conspiring against China,may be thats what you want to imply..but you forgot that India is victim of wide scale hacking possibly originated form China..I didn't imply anything,everycountry use hacking as a tool,but tell me,how many cases everybody point direct towards a government,waving IPs??on contrary,its you who just want to shut your eyes when proof is massing against China.not only USA or Canada,whole world is pointing finger towards China for using hacking in a massive scale.anyway,keep deluding yourself,as i expect nothing more intelligent from you guys. :disagree:


and another thing,using personal attack shows your desperation..

by the way,I posted a informative thread here http://www.defence.pk/forums/chinese-defence/236195-china-army-unit-linked-hacking-against-us.html see how they tracked Chinese hackers with their mobile number...

Biggest hackers into China are America, Japan, India and South Korea.
We don't hack, maybe random netizens do it for fun. We are the biggest victims of hacking.
You are so filled with hate against China.
 
. .
if all of those alleged hacking things were true which says either U.S information security department $uck$ big time, or we are the real 'IT superpower'``:D
No, it simply mean we have not been as diligence in defense as we should have. If anything, the US is still the dominant power in IT skills.

http://www.defence.pk/forums/china-far-east/223260-diaoyu-islands-news-updates-32.html#post3909327

Do you see the above debunking of China's denial of pointing weapons lock radar on the Japanese?

Did any of the Chinese members here dispute it? Can any of the Chinese members here dispute it? No to both.

Why? Because you guys can use EVERYTHING in my post to verify those technical information for yourselves. I proved beyond any reasonable technical doubt that Japan's accusation is more credible than China's denial.

Are any of the Chinese members here work in computer forensic? No? So what make you think that you can dispute Mandiant when you cannot even dispute an anonymous Internet forum poster?
 
.
China says U.S. hacking accusations lack technical proof


(Reuters) - Accusations by a U.S. computer security company that a secretive Chinese military unit is likely behind a series of hacking attacks are scientifically flawed and hence unreliable, China's Defence Ministry said on Wednesday.

The statement came after the White House said overnight that the Obama administration has repeatedly taken up its concerns about cyber-theft at the highest levels of the Chinese government, including with Chinese military officials.

The security company, Mandiant, identified the People's Liberation Army's Shanghai-based Unit 61398 as the most likely driving force behind the hacking. Mandiant said it believed the unit had carried out "sustained" attacks on a wide range of industries.

The Chinese Defence Ministry, which has already denied the charges, went further in a new statement, slamming Mandiant for relying on spurious data.

"The report, in only relying on linking IP address to reach a conclusion the hacking attacks originated from China, lacks technical proof," the ministry said in a statement on its website (??????????).

"Everyone knows that the use of usurped IP addresses to carry out hacking attacks happens on an almost daily basis," it added.

"Second, there is still no internationally clear, unified definition of what consists of a 'hacking attack'. There is no legal evidence behind the report subjectively inducing that the everyday gathering of online (information) is online spying."

As hacking is a cross-border, anonymous and deceptive phenomenon, by its very nature it is hard to work out exactly where hacks originated, the statement said.

Chinese Foreign Ministry spokesman Hong Lei, asked about the U.S. taking up its concerns about hacking with Beijing, said: "China and the U.S. have maintained communication over the relevant issue".

Unit 61398 is located in Shanghai's Pudong district, China's financial and banking hub, and is staffed by perhaps thousands of people proficient in English as well as computer programming and network operations, Mandiant said in its report.

The unit had stolen "hundreds of terabytes of data from at least 141 organizations across a diverse set of industries beginning as early as 2006", it said.

Most of the victims were located in the United States, with smaller numbers in Canada and Britain. The information stolen ranged from details on mergers and acquisitions to the emails of senior employees, the company said.

But the Chinese Defence Ministry said China's own figures show that a "considerable" number of hacking attacks it is subjected to come from the United States.

"But we don't use this as a reason to criticize the United States," the ministry said.

However, the Global Times, a widely read tabloid published by Communist Party mouthpiece the People's Daily, said China should be more active in publicly airing its complaints about hacking attacks, especially as the United States does so.

"Some officials have been punished for internally reporting that government websites have been hacked and secrets leaked, but almost no details have come out," it wrote.

"The Americans really know how to talk this (issue) up. All China can do is concede defeat."

China says U.S. hacking accusations lack technical proof | Reuters


BTW Shanghai's Pudong district has 5 million people either work or live there everyday.
 
.
they always have linked chinese to most of their hacks.
 
.
Oh, so China tried to breach your military network? Guess why you have the CIA in the first place?
 
.
Back
Top Bottom