[ISN] Alert issued for China's next cyber attack

From: InfoSec News (isnat_private)
Date: Tue May 21 2002 - 02:30:26 PDT

  • Next message: InfoSec News: "RE: [ISN] 13,000 Credit Reports Stolen by Hackers"

    By James Borton 
    May 21, 2002 
    WASHINGTON - Washington's War Situation Rooms are abuzz these days 
    with a score of major flashpoints scattered across the globe, from the 
    Middle East, Afghanistan, Iraq, Iran, Libya, Central Asia and North 
    Korea to Cuba, and has now an issued alert of China's readiness to 
    launch a cyber attack targeting key government computer systems. 
    Alarm bells have not stopped ringing at the Central Intelligence 
    Agency's (CIA) Langley, Virginia, headquarters. The agency has been 
    under an increasing media assault since September 11 for its 
    recognized intelligence failures. It is even more distressing for the 
    multibillion-dollar-funded agency since it is now certain that the 
    White House had been warned as early as last August that Osama bin 
    Laden's al-Qaeda agents were seeking to hijack aircraft. 
    With morale sagging, the ubiquitous and vast CIA appears to be 
    operating on one overloaded circuit-breaker with its patriotic 
    director George Tenet prominently in the crosshairs of terrorists and 
    the US Congress. Incongruous as it seems, another intelligence report 
    or early warning of an attack on the US is not being taken seriously. 
    The insightful findings that China is gearing up for a cyber attack on 
    defense and civilian computer networks in the United States and Taiwan 
    is being dismissed outright as not potentially injurious to any 
    computer networks. 
    The paradox is startling. The Institute for Strategic Studies, run by 
    the US Army War College, released a classified report as an early 
    warning directed to all government policy shapers, the Defense 
    Department, US diplomats and law-enforcement agencies to be vigilant 
    for Chinese student hackers' efforts some time in early summer to 
    spread computer viruses to deface sensitive government Internet sites. 
    This is a disturbingly similar message to that which was issued to 
    intelligence agencies a month before the devastating attacks on the 
    Pentagon and the World Trade Center. 
    "We do use our website for outreach and we are sensitive to its 
    security. But it's important to put the defacing of Web pages in 
    perspective. Admittedly it can be done, even with security measures in 
    place, but it's more akin to vandalism than a security threat," said 
    Dr Steven Metz, director of research and chairman of the Regional 
    Strategy and Planning Department at the Strategic Studies Institute at 
    the US Army War College. 
    It is precisely this kind of denial of any clear and present danger 
    from senior sources at the Pentagon and even the CIA that is causing 
    an increasing firestorm among congressional leaders. This week, 
    Washington's top lawmakers will be pushing for tougher inquiries about 
    last year's breakdown in intelligence communication between the CIA 
    and Federal Bureau of Investigation (FBI). 
    In testimony presented to the US Senate Armed Services Committee last 
    month, Tenet revealed, "I think we have a deep concern that the 
    Chinese are also engaging in activities that continue to be inimical 
    not just to our interests, but that their activity stimulates 
    secondary activities that only complicate the threat we face." 
    Code Red: No longer just a threat
    No one in Washington has forgotten when Chinese anger spilled over 
    from the streets into cyberspace to protest the North Atlantic Treaty 
    Organization's (NATO) bombing three years ago of the Chinese Embassy 
    in Belgrade resulting in the deaths of three Chinese journalists. At 
    that time, most of the major Chinese media organizations, including 
    the People's Daily, CCTV, Xinhua News Agency, Guangming Daily, China 
    Youth Daily, and Beijing Youth Daily, published extensive coverage of 
    the street demonstrations against the bombings on their websites. 
    As a direct result of that international incident, Chinese hackers 
    broke into the US Department of Energy's website and replaced its 
    homepage with a note written half in English, half in Chinese, which 
    read: "We are Chinese hackers who take no cares about politics. But we 
    can not stand by seeing our Chinese reporters being killed. Whatever 
    the purpose is NATO, led by the USA, must take absolute 
    responsibility. You have owed Chinese people a bloody debt which you 
    must pay for. We won't stop attacking until the war stops." 
    Only a year ago, a successful Chinese cyber attack aimed directly at 
    the heart of America's political pulse knocked out the White House's 
    website for almost four hours. A White House spokesman at that time 
    refuted the seriousness of the action, stating that "there was no 
    security breach, and the attack remains under review". Never mind that 
    it was exactly a year ago, almost in a memorial salute to the Belgrade 
    bombing of the Chinese Embassy, that Chinese hackers defaced more than 
    660 sites in the US, according to Michael Cheek from the security firm 
    US technologies of surveillance, encryption, firewalls, and even 
    viruses have been willingly transferred to Chinese partners in the 
    past several years as part of China's budding efforts to enter the New 
    Economy. Rand Corp's James Mulvenon maintains that such US companies 
    as Network Associates (McAfee Anti Virus), and Symantec (Norton Anti 
    Virus) gained entry to China's market by voluntarily providing China's 
    Public Security Bureau with more than 300 computer viral strains. 
    Although senior Chinese Internet network officials maintain even today 
    that a Code Red worm is far too sophisticated for China to have 
    produced, several senior US analysts strongly disagree and confirm 
    that the technology to launch cyber attacks has already been 
    successfully deployed by China. After all, China has already developed 
    a sophisticated surveillance system to monitor activities on the 
    Internet. The system, which is similar to the data-recording "black 
    box" installed in commercial airplanes, will be able to monitor all 
    communications through the Internet. 
    "Was there a failure of intelligence?" asked House Minority Leader 
    Dick Gephardt. "Did the right officials not act on the intelligence in 
    the proper way? These are things we need to find out." That was the 
    question raised this past week on Capitol Hill. These legislators were 
    not addressing these previous Chinese-inflicted cyber attacks, but 
    rather the enormity of the September 11 tragedy. 
    Intelligence agency aims to boost image
    The intelligence community, in an effort to boost US confidence in 
    national security, is maneuvering to cast a wider safety net through 
    the newly refurbished Washington naval complex at the intersection of 
    Cryptologic Court and Intelligence Way. The Threat Monitoring Center, 
    housed in a three-story, red-brick building, is an expansive room with 
    a bank of televisions, numerous workstations with computers and nine 
    clocks. Although there are still plenty of empty offices and cubicles, 
    Tom Ridge, the Homeland Security director, states that the facility 
    will soon be manned by representatives of more than a dozen federal 
    agencies, among them the CIA, the FBI, the departments of Energy, 
    Transportation and State and the National Security Agency, posted to 
    alert Americans of any future terrorist attacks. That warning shot has 
    already been issued and few Americans are listening. A report produced 
    by the Strategic Studies Institute titled "Chinese Information 
    Warfare: A Phantom or Emerging Threat?" demonstrates that China has 
    more than an intense and acute fascination with information warfare 
    (IW). Both the National Security Council and the CIA believe that the 
    potential advances in Chinese IW capabilities have direct implications 
    for US national security. Exhaustive research of Chinese 
    information-warfare literature confirms a goal of information 
    "The Chinese military views cyberwarfare as a way to overcome 
    America's superiority," claims Toshi Yoshihara, a research fellow on 
    security issues with the Institute for Foreign Policy Analysts and 
    doctoral candidate at Fletcher School of Law and Diplomacy. 
    Two years ago, John Serabian, the CIA's information operations manger, 
    revealed in written testimony presented to the Joint Economic 
    Committee that the US was indeed vulnerable to a major cyber attack 
    from China's military inflicting much more injury than just defacing 
    government websites, but creating truly damaging interruptions to the 
    national economy and infrastructure. The "Cyber Terrorism Threat" 
    report does include a carefully worded assessment that the Chinese 
    government or military currently lacks the ability to conduct this 
    intended goal of disrupting Taiwanese computer systems or US military 
    Some close observers of America's intelligence community believe it is 
    precisely this kind of mixed information, laced with naivete and 
    denial, that fits squarely into the demands made by Senator Richard 
    Shelby, the Alabama Republican who serves as vice chairman of the 
    Senate Intelligence Committee, that a leadership shakeup may be 
    required soon at the CIA. 
    Just as America experienced in 1993 at the World Trade Center a 
    shocking preview of what the entire world gravely witnessed a few 
    years later on September 11, 2001, the next Code Red worm may prove to 
    be much more than just a mere nuisance to government websites. 
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue May 21 2002 - 05:02:52 PDT