Re: [ISN] Chinese crackers prepare for cyber war

From: InfoSec News (isnat_private)
Date: Wed May 29 2002 - 02:44:06 PDT

  • Next message: InfoSec News: "[ISN] Hearing set on hacked state computers; employee groups complain"

    Forwarded from: rferrellat_private
    > Students may launch attacks on vital western systems
    Sigh.  I'm not in the mood to rehash this in depth, so I'll just make
    a few wry observations and scamper away.
    These folks deface Web pages.  I don't believe that publicly
    accessible Web servers often fall into the "vital" category, but when
    they do the fault lies squarely with the people who set them up that
    way.  There's certainly no need for it.
    > The Institute for Strategic Studies, run by the US Army War College,
    > has released a classified report warning the Defense Department, US
    > diplomats and law enforcement agencies to be on the look out for
    > Chinese student hacking attacks some time this summer.
    If that's some sort of breaking intelligence news, I'm a rabid
    Microsoft supporter. Student mischief of all types skyrockets during
    the summer.  The (rather obscure) US govt computer systems that I
    monitor get probed from Chinese IP addresses numerous times a day as
    it is.  I feel certain this is true across the .gov and .mil spectrum.
    Next they'll be quoting "classified reports" about the possibility of
    unrest in the Middle East.  Stop--I say--stop those presses. (BTW, if
    it's classified, how do you know about it?)
    > The Institute believes that the attacks will try to spread computer
    > viruses and deface sensitive government websites.
    What insight.  You have to admire someone who's willing to go so far
    out on a limb with their keen analysis. My trick knee tells me that
    some of them will attempt to erase logs or plant backdoors, too. I
    guess we have four levels of classification now: Confidential, Secret,
    Top Secret, and Duh.
    > The report, Chinese Information Warfare: A Phantom or Emerging
    > Threat?, claims that the hackers are trying to achieve information
    > dominance as a way of overcoming US military superiority.
    Well, I can certainly see how replacing an index.html page with a text
    document that says "china rox but us sux" in the upper left hand
    corner will have a major negative impact on our ability to wage war.
    > It would not be the first time that China has turned to cyber space
    > to vent its anger.
    Jeez, take a look at a defacement archive sometime, willya?  It'll be
    decades before the Chinese could possibly catch up with kiddies on
    both sides of the Israel-Palestine or India-Pakistan conflicts.  The
    Internet has been a venue for venting since its inception (although
    the practice was honed to a fine art on Usenet and BBS, not the Web).
    > When NATO accidentally bombed the Chinese embassy in Belgrade
    > killing three journalists, Chinese hackers broke into the US
    > Department of Energy's website and replaced its homepage with a note
    > written half in English, half in Chinese.
    Yeah? Well, close your eyes and imagine what would have happened had
    the situations been reversed.  Frankly, I can't blame them for being a
    little irritated, all things considered.
    > It read: "We are Chinese hackers who take no cares about politics.
    > But we cannot stand by seeing our Chinese reporters being killed.
    Their English skills are a lot better than those of most western
    script kiddies.  "NumNuTz 0wnZ J00" is about the best we ever manage.
    > A previous Chinese cyber attack on the White House website knocked
    > it out for four hours.
    For four hours the world was unable to read any of the President's old
    speeches or get information about White House Tee Ball. Our proud
    nation almost ground to a halt that day.
    I know it's difficult, but try, really try, to focus on something that
    actually matters. There are some very real infosec threats out there,
    but Web page defacement just isn't one of them.  Now, rooting a poorly
    secured Web server and using it as a platform to destroy sensitive
    data on boxes behind an improperly configured firewall on the same
    subnet is a different proposition entirely...
    All this emphasis on Web page defacement is like constantly harping on
    the superficial dent someone got in the bumper of his Lexus when he
    drunkenly plowed into a crowd of school children waiting for the bus.
    There's a wee question of relative significance involved, laddybuck.
    OK, so maybe I lied back there at the start. Caveat Lector.
    Robert G. Ferrell
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Wed May 29 2002 - 06:24:44 PDT