Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

China's 5-Year Cyberwar Met With Western Silence

Soulskill posted more than 3 years ago | from the we're-just-napping dept.

China 185

jfruhlinger writes "McAfee yesterday outlined what it calls Operation Shady RAT, a five-year campaign of cyberespionage launched by a national government against international organizations and private corporations. That government was almost certainly China's, so the question becomes: why are the Western nations silent about it? One fact revealed by the raids is that, predictions of cyberpunk novels nonwithstanding, private companies are still quite weak in the face of national governments — and it's those national governments that must act against such intrusions."

cancel ×

185 comments

Sorry! There are no comments related to the filter you selected.

Not so much that they are weak (1)

Anonymous Coward | more than 3 years ago | (#36996882)

It's just not in their interest to fight.

Re:Not so much that they are weak (1, Insightful)

Anonymous Coward | more than 3 years ago | (#36996912)

Because no one cares. Nothing of value was lost and no one gives a crap.

Ohh a cyberwar. What the hell is that? Phishing emails and selling wow gold? And of course all the security companies are trying to sell it as the new cold war to ramp up profits. Until it actually affects us then no one will care.

Re:Not so much that they are weak (2)

gnick (1211984) | more than 3 years ago | (#36997058)

Nothing of value was lost and no one gives a crap.

Right. Not yet, but it will be. And just because there are few published reports or incidents of the "West" retaliating doesn't mean there isn't massive preparation underway. If there isn't, it's due to incompetence. Waiting to show your hand is just a smart play in the game.

Or am I just paranoid and the "rival"/"co-dependent" governments are just looking for a way to stay friendly and exchange daisies?

Re:Not so much that they are weak (4, Insightful)

gmack (197796) | more than 3 years ago | (#36997324)

Or it's due to the fact that China could bankrupt the US by simply refusing to buy any more treasury bonds.

Re:Not so much that they are weak (2, Insightful)

gnick (1211984) | more than 3 years ago | (#36997428)

I think that's an economic version of Mutually Assured Destruction. Of course, both sides are trying to get out of that cycle and China is prevailing, but right now China would never go to economic war with the US because there is no winner, only multiple losers. Cyber warfare, however, just gives one side an edge over the other with little repercussions. Sometimes I feel like, here on /., anytime rivalry between the US and China comes up somebody just knee-jerks and feels the insatiable need to bring up the debt regardless of how irrelevant to the discussion.

Re:Not so much that they are weak (2)

Dragon Bait (997809) | more than 3 years ago | (#36997556)

Sometimes I feel like, here on /., anytime rivalry between the US and China comes up somebody just knee-jerks and feels the insatiable need to bring up the debt regardless of how irrelevant to the discussion.

Except if you're looking for motives to tip-toe around China, the U.S. debt is a big one.

Re:Not so much that they are weak (0)

Anonymous Coward | more than 3 years ago | (#36997832)

If they refuse to buy more I'm sure someone else will. Or we could just default on the ones they are holding. Either way, there's an 'M' in MAD for a reason. We're not powerless here.

Re:Not so much that they are weak (1)

rtfa-troll (1340807) | more than 3 years ago | (#36997346)

Because no one cares. Nothing of value was lost and no one gives a crap.

Maybe. Nobody knows; but Chinese companies have been winning lots of surprising contracts recently. And Chinese people have been dying because their government thought they could build signalling systems just because they had a few new blueprints. Quite a bit may have been lost by some people. On the other hand, maybe the Chinese deserve a bit of development. It's not like they go around killing that many foreigners since Tibet. Even in India they have been pretty restrained (relatively speaking).

Ohh a cyberwar. What the hell is that?

Not really relevant to the current case which seems to be Cyber-Espionage or maybe at most Cyber-cold-war. You'll know a cyber warfare when parts of power plants near you start exploding and your nearby dam opens it's flood gates with no warning. Cyber warfare should be clearly defined as people dying in large numbers and/or huge amounts of property damage. I'm not sure there's such a thing as a pure "cyber war" however because I would guess that in most cases conventional forces will get involved pretty quickly. However it's possible (e.g. due to outside constraints and/or limited goals).

Re:Not so much that they are weak (2)

CharlyFoxtrot (1607527) | more than 3 years ago | (#36996918)

I don't think so. In my experience big corporation have really crappy security and a lot of disgruntled and/or underpaid employees practically begging for someone to offer them cash to screw over the man. So they're poorly equipped to counter any kind of real threat.

Maybe I've just been working in the wrong places :-/

Re:Not so much that they are weak (1)

rickb928 (945187) | more than 3 years ago | (#36997336)

You've been working in the wrong places. While the impact on employee functions is not a good indicsator of corporate security effectiveness, where I work we struggle against many restrictions and much software intended to prevent us from sending sensitive data, even accidentally or via malware etc. Data is inspected repeatedly, I can see, and ultimately anything encrypted in a way they cannot decode is rejected or held pending business justification. Social sites are blocked, including a slew of comment sites (not /. yet), and virus scanning is conducted multiple times a day by different methods.

The most likely vectors for data loss here are workers with sufficient rights ( a small subset of the total) jacking a USB drive or using a CD/DVD, and swapping data to that, taking their notebook to another location and avoiding the corporate network, tethering their machine to a smartphone/etc., ane maybe pulling the hard drive and mounting it elsewhere. Since we use PGP to encrypt the drives, that poses some problems.

I'm not sure how you defeat all of those methods. Some users do have legitimate needs for removable media. Going off-network is pretty much impossible for mobile users at the airport, and I VPN into corporate whenever I'm out of office. Pulling the hard drive is the equivalent of stealing the machine, except a user has their PGP key or passcode.

Here, at least, they take security seriously, and follow through,and we are not small, nor the largest.

Re:Not so much that they are weak (1)

CharlyFoxtrot (1607527) | more than 3 years ago | (#36997470)

You've been working in the wrong places.

Hah, well at least I'm still moderately gruntled :-)

With Apologies to Bill Hicks (0)

Anonymous Coward | more than 3 years ago | (#36997006)

It's just not in their interest to fight.

Yes. They are businessmen, not soldiers. They don't want to fight it out. They have other ways to be part of the carnage. They want to be like the international bankers. Whenever there is a conflict in the world, you finance both sides. No matter who loses, you win! Then you start liking war since you don't see the mangled dead bodies and widows and destruction. You see the dollar signs! Cha-ching! Woohoo! Let's go invade sovereign nations for no good reason, uh for the flag, for God, for applie pie, whatever excuse you need, c'mon let's GO.

The saying is true. We will finally have world peace once the last lawyer is strangled with the entrails of the last banker. The very worst bankers of all are the ones who can print currency. Oh sorry you thought that was the government doing that? Hah-hah! That was co-opted a long time ago. Now it's a private corporation and guess what, you don't own shares in it.

Now it's cyber-this and cyber-that. The practice is the same. "Cyber" war just means less "collateral damage". Maybe somebody's favorite web site won't load up. That's better than someone's relatives not coming home. Long as the money flows those things won't matter either way, not to the profiteers. Yay for technology.

Anyone else dream of a world that isn't full of corrupt, self-centered, self-serving, fevered ego bastards who fuck it up for everyone else with their insatiable appetites for money and power and all the useful idiots who are brainwashed into going along with them? The fevered egos leading the charge are a tiny minority. The useful idiots are a large majority. It's really hard to find people who don't fit into one of those, or are not aspiring to be one of those.

It's Not 1870 (1)

geoffrobinson (109879) | more than 3 years ago | (#36997244)

Given the interdependency of everyone, I fail to see the international cabal of bankers rooting for war. Anyone you want to identify?

Re:It's Not 1870 (0)

Anonymous Coward | more than 3 years ago | (#36997332)

[posting anon] sure - bankers in established nations would love to see discord in south africa to keep prices of minerals mined and prices low. Oh - you meant war between "civilized" countries, huh?

Re:Not so much that they are weak (1)

jandersen (462034) | more than 3 years ago | (#36997040)

It's just not in their interest to fight.

And the difference is?

To turn this story on its head: I think it is quite encouraging to know that the almighty mega-corporations are not quite as strong as we all thought - the reason being that whereas a business, and especially a big one, is only accoutable to its investors, a government is accountable to its people. This is true even in countries without Western-style democracy; ultimately the power of the state does derive from the people. It is sad how often that is forgotten, not least by politicians and big business.

Re:Not so much that they are weak (3, Insightful)

bberens (965711) | more than 3 years ago | (#36997092)

I have a different view. Megacorps view this stuff the same way they view the rampant theft at retail stores. It's a cost of doing business and it's passed on to competitors. It's only worth fighting to the extend that they can get a competitive advantage over their competitors to improve their margins. Given that the effort required to have a meaningful affect on the "hackers" is quite large and the return on that investment is quite small, it doesn't happen and the cost is just passed on to customers.

Re:Not so much that they are weak (1)

TheRaven64 (641858) | more than 3 years ago | (#36997268)

It's a cost of doing business and it's passed on to competitors

If you could work out how to do that, you'd be rich...

Re:Not so much that they are weak (1)

NFN_NLN (633283) | more than 3 years ago | (#36997274)

I have a different view. Megacorps view this stuff the same way they view the rampant theft at retail stores. It's a cost of doing business and it's passed on to competitors.

You can pass losses on to competitors!? In that case, Walmart should open it's door, fire the staff and put up a sign saying "PLEASE DEPOSIT CORRECT PAYMENT INTO BOWL BEFORE LEAVING". This would cut down on labor costs and really stick it to Target when they pass any losses on.

Re:Not so much that they are weak (1)

Fractal Dice (696349) | more than 3 years ago | (#36997798)

I think there's another potential actor to consider: large scale organized crime. Investment houses routinely profit off of talking up and down stocks in ethically questionable ways. Small scale organized crime may manipulate a company with a few threats to employees or infrastructure. What if the two combine and the threat of copying/corrupting key corporate databases become a vulnerable spot by which megacorps can be manipulated by criminals safely sitting in a sanctuary country but using the same general tactics as a shakedown of a corner store?

Re:Not so much that they are weak (1)

josephtd (817237) | more than 3 years ago | (#36997452)

Ah, but what CAN they do? Tightening of security is an obvious step, but if any of these private entities did anything in retaliation, our own government would be out to prosecute them. Pretty sad. US society, hell all Western societies, are really meant to pull all but the super elite down to a common lowest level. Wasn't always this way, but we must think of the children.

Re:Not so much that they are weak (-1)

Anonymous Coward | more than 3 years ago | (#36997442)

yeah, that's what i said when i weighed 125lbs and the 200lb guy asked for my milk money. why should i fight when there's free water at the water fountains and the 200lb guy would whoop my ass. it's just wasn't in my interest to fight. now i weigh 220lbs. i'll fight.

weakness makes fighting not in your best interest.

Not just weak to national governments (1)

spudthepotatofreak (649917) | more than 3 years ago | (#36996900)

Given the recent anonymous/lulzsec/anti-sec hacking/ddos campaigns, I think it's become pretty obvious that it doesn't take a lot of man-power or resources to cause chaos. If companies and governments can't defend against a small group of teenage hackers they certainly don't have any chance of stopping a government with an army of hackers.

Re:Not just weak to national governments (2, Funny)

LastGunslinger (1976776) | more than 3 years ago | (#36997168)

"Companies and governments can't defend" - Companies, perhaps. Governments, not so much. http://xkcd.com/932/ [xkcd.com]

Re:Not just weak to national governments (0)

Anonymous Coward | more than 3 years ago | (#36997322)

Yea, it doesn't take much to cause a little chaos, although the actual impact of anon/lulzsec beyond the media frenzy was somewhere between minimal and nonexistent. But that's not at all what we're talking about here, China doesn't want to DDoS and they're not trying to gain followers on their twitter feed to grow their epeen. They want to steal important information, including trade secrets and classified government documents. That's a whole different ballgame, and requires entirely different skills, tactics and timelines than the bullshit anon/lulzsec pulled.

Easy: follow the money... (0)

Anonymous Coward | more than 3 years ago | (#36996904)

Just who exactly bought the majority of the U.S. national debt? Likewise for some European countries.

Re:Easy: follow the money... (2)

thePowerOfGrayskull (905905) | more than 3 years ago | (#36996968)

Eh? The majority of the US debt (~68%) is owned by he US. Next troll please.

Re:Easy: follow the money... (4, Informative)

TimeOut42 (314783) | more than 3 years ago | (#36997094)

Same misconception that people had in the 70's and 80's about Japan buying up America. Do some research before your spout off stats feed to you by the media.

US and Individuals own: 42.2%
Social Security Trust Fund: 17.9%
All other foreign nations: 11.6%
China: 7.5%
US Civil Service Retirement Fund: 6.4%
UK: 3.4%
US Military Retirement Fund: 2.1%
Oil Exporters:1.6%
Brazil(?): 1.3%

So, that means 68.6% if our debt is held by ourselves.
http://seekingalpha.com/article/246958-guess-who-owns-the-most-u-s-debt-not-china [seekingalpha.com]

Re:Easy: follow the money... (1)

TheRaven64 (641858) | more than 3 years ago | (#36997308)

UK: 3.4%

This just confuses me. We have a massive debt of our own, why are we lending money to the USA? We owed the USA a lot after World War II, and that was only paid back in the '90s as I recall, so this is recent borrowing. Unless we each lend each other money using some kind of crazy accounting trick.

Re:Easy: follow the money... (0)

Anonymous Coward | more than 3 years ago | (#36997484)

Debt is a commodity. The UK government owns some of it (mostly indirectly), but the majority is owned by UK financial institutions and they loan the US money to make money (of course).

Re:Easy: follow the money... (1)

Biff Stu (654099) | more than 3 years ago | (#36997534)

The link in previous post doesn't have a lot of specifics, but I suspect that the UK debt is largely held by individual investors and banks. Also, whatever the UK has for a central bank probably needs to sit on some large and liquid dollar investments in order to help regulate the monetary supply and keep the currency stable.

Re:Easy: follow the money... (1)

Stormy Dragon (800799) | more than 3 years ago | (#36997548)

By "UK", I assume they mean "bond investors in the UK", not "the UK government".

McAfee Has A History... (4, Insightful)

vajrabum (688509) | more than 3 years ago | (#36996908)

They're like fire extinguisher salesman who rave about the dangers of fire. They sell FUD. There's I'm sure some truth to this, but let's not accept whole the idea that what's good for McAfee is good for the nation.

Re:McAfee Has A History... (1)

Pieroxy (222434) | more than 3 years ago | (#36996942)

Well... Nobody knows who's behind this. The Chinese government might be our best bet, but I don't expect all western countries to shout at them over a wild suspicion.

Re:McAfee Has A History... (1)

CharlyFoxtrot (1607527) | more than 3 years ago | (#36997044)

The list of suspects that could pull this kind of operations is pretty small: US, Russia, China and maybe Israel and of those China and Russia are the most credible. But I don't expect anyone to make a fuss even if it was known. At that level, that's all hush-hush diplomacy.

Re:McAfee Has A History... (0)

Anonymous Coward | more than 3 years ago | (#36997770)

Nobody? I'm reasonably certain that our defense and intelligence services have a better idea than you or McAfee.

Re:McAfee Has A History... (1)

DigiShaman (671371) | more than 3 years ago | (#36997036)

I can't speak for McAfee's research. However, I can speak with professional authority that their products have caused me more problems then they solved. Now we can talk about the pitfalls of any AV solution, but McAfee rolls out by far the biggest steaming pile of shit to grace my workstations and servers. Screw them, and screw anyone else that peddles their shit on to me.

Re:McAfee Has A History... (1)

mlts (1038732) | more than 3 years ago | (#36997348)

It depends on their product. I've used McAfee on AIX, Linux, and Solaris for a long while, and it has been very well behaved.

The reason I've had to put it on these platforms is not that the Solaris cluster running the Oracle transactions is going to get nailed by a virus, but to make the bean counters happy. A lot of business contracts have stipulations requiring machines to have antivirus software on them, and checking this box off can mean a successful deal or a no go.

As for McAfee on Windows, the latest iterations seem to be a lot better than the past, even on backlevel hardware. I rather use Forefront (hell, most businesses license it in their large bundles) because Microsoft's AV is decent and easy to manage/pull reports on.

Re:McAfee Has A History... (1)

rickb928 (945187) | more than 3 years ago | (#36997402)

1. Locks on doors cause more problems for users than they solve, if they are not implemented well. But you need locks on some doors, or everything on the other side is gone in 60 seconds.

2. Today it's McAfee. Tomorrow Symantec. Trend Micro. Sophos. They all are awful to someone. Why on earth do you stick with them? Oh, because there are no clearly better alternatives? Actually, I feel your pain, I used to do that also. There is no solution. This stuff is complex and will never be excellent.

Re:McAfee Has A History... (1)

timeOday (582209) | more than 3 years ago | (#36997164)

While we're bashing, did anybody else find the itworld story horribly written? Check out this paragraph:

The chief executive of the International Cyber Security Protection Alliance (ICSPA) - sort of a law-enforcement version of NATO charged with helping member countries track and fight online attacks - said the McAfee report makes the threat of cyberwarfare irrefutable, apparently to those few people computer-savvy enough to spell "Internet" correctly without knowing that connecting "Internet" and "security" makes a cliched oxymoron more popular and more accurate even than pairing "military" and "intelligence."

Huh? It's like he set out to say something and got lost halfway through.

Big = Safe! (4, Insightful)

TaoPhoenix (980487) | more than 3 years ago | (#36996928)

LulzSec / Variants copy some email addresses - GET TEH TERRORISTS!!!

China wages a 5 year espionage capaign against multiple targets:

((Crickets))

Re:Big = Safe! (2)

Baloroth (2370816) | more than 3 years ago | (#36997464)

Ok, first, since when did the "we speculate that the Chinese government might have been involved" become "its almost definitely the Chinese"? Yeah, sure, it's likely China, but do we really have any evidence at this point? Hell, for all we know it could be our own governments (that'd certainly explain the silence).

And secondly, if it is the Chinese, chances are the US government has its own program that they've been pursuing for quite some time, and calling out China for its actions would, if they call us out in return, simply make us look like hypocrites. For those who think we don't have a cyberwarfare program in secret, look no further than Stuxnet. It was so well created, it was almost by sheer luck that it was even noticed at all (beyond simply as a generic malware). Sure, the Israelis were likely behind it in part, but I'd wager a fair amount of money the US was heavily involved. Could be our cyber warfare program is just good enough that no one has even noticed it. Well, that and it hacks Chinese companies, who are hardly going to report it to Western news services.

Oh, and since when did it become the national governments job to defend against cyber warfare threats? Isn't that kind of dangerous, in the "the government now controls the Internet" sort of way? I, for one, do not want the government taking up that job. That way leads to a closed-gate Internet with government regulation at every level. Freedom that is not.

Re:Big = Safe! (1)

Yvanhoe (564877) | more than 3 years ago | (#36997578)

I am still looking for any evidence that it is even likely China. Some attacks come from hosts in China, is that all we have about it ? China != Chinese government. While it is a plausible theory, I would like to see if any evidence gives it any merit.

Re:Big = Safe! (0)

Anonymous Coward | more than 3 years ago | (#36997614)

No, generally speaking China == Chinese Government. They have a hand in everything by design. That's central planning.

Re:it's likely China (1)

TaoPhoenix (980487) | more than 3 years ago | (#36997720)

I'll leave it to my tech betters to do the chops on things like Chinese ip addresses vs proxies vs Chinese Govt involvement. To get the kids from Lulzsec we called four countries worth of law officials and picked up the ... likely ... middleman.

If the Chinese Government spent *five years* attacking targets, I think we'd notice - now reporting it is something else again, and there are Onion Layers of partially correct news here, but to play the "no evidence" card is a little thin - after McAfee put themselves on the line saying it was. If that was a total lie don't you think McAfee would be pulverized for it?

Cyber-War? what cyber-war? (0)

Anonymous Coward | more than 3 years ago | (#36996934)

Nothing to see here, move along, go back to eating cheetos and watching your soap-operas...
is that a camera you are pointing my way? step here please, turn that off, you are charged
with obstructing justice...

See, it wasn't me! (1)

Karl Cocknozzle (514413) | more than 3 years ago | (#36996964)

Honest, boss, I wasn't on goat.sx it was a one-armed Chinese man with an eye-patch!

Denial ain't just a river in Egypt, gang.

I would think the answer is obvious... (3, Insightful)

imperious_rex (845595) | more than 3 years ago | (#36996972)

Because, financially, China has the West (especially the US) by the balls and everybody knows it. "If you're unhappy about our alleged cyberespionage, then you'll be even more unhappy when we buy fewer bonds or make fewer investments in your country."

Re:I would think the answer is obvious... (4, Informative)

TimeOut42 (314783) | more than 3 years ago | (#36997178)

No, sheesh, the West's combine economic output drawfs China's. They are, without a doubt, large, but they are not the largest economy in the world; they have the third largest, even then they aren't close. By most standards the US or EU GDP is nearly 3 times as high as China's. If China were to move forward and start paying their workers better they would move even further back. They can only sustain their growth as it is now by repressing their population and keeping them isolated. In this age that possibility is quickly eroding.

Quit watching the news and do some real research.

I don't think "GDP" covers it (1)

ratboy666 (104074) | more than 3 years ago | (#36997836)

For a nice visual, try

http://www.mint.com/blog/trends/china-vs-united-states-a-visual-comparison/ [mint.com]

As you can see, China is bigger with manufacturing, US is bigger with services; China doesn't have the debt, or the excesses in the stock market. China has cash, and gold reserves. China doesn't have external debt. China exports more than it imports.

About the ONLY metric that China falls behind in is GDP -- which, from the other indicators is simply being propped up by... China.

(Oh, and the US has more energy reserves).

Have fun with the easy graphics. The GP was right -- China pretty much owns the US.

Re:I would think the answer is obvious... (1)

misexistentialist (1537887) | more than 3 years ago | (#36997880)

Separate the two and the West's GDP would probably fall by 2/3. China's would fall too, but they are used to low wages and a lot worse. The West has more to lose.

Re:I would think the answer is obvious... (1)

CrimsonAvenger (580665) | more than 3 years ago | (#36997204)

Or, it's just possible that we've known about this all along, and security concerns prevent us from discussing it openly.

In this case, the security concerns might be preventing the Chinese (or whomever) from knowing just how much we know. Think of Coventry in cyberspace....

Re:I would think the answer is obvious... (1)

Nidi62 (1525137) | more than 3 years ago | (#36997228)

Because, financially, China has the West (especially the US) by the balls and everybody knows it. "If you're unhappy about our alleged cyberespionage, then you'll be even more unhappy when we buy fewer bonds or make fewer investments in your country."

You don't kill your cows because the people stop buying milk. If they did that, and somehow managed to make our economy collapse (or at least fall further into recession) they would land a major blow to their own economy as well. Where do you thing the burgeoning middle class in China is coming from? It is being funded by us, through our buying of Chinese manufactured goods. China does not have another market as large as the US. They are hoping to eventually have a large enough internal consumer base for their own goods but, while it is still growing, we are funding it. If we stop buying, they stop growing and they stop making. They are so reliant on us right now for their growth that, if they try and kill us, we will drag them down with us.

Re:I would think the answer is obvious... (1)

Anonymous Coward | more than 3 years ago | (#36997234)

But we want China to buy fewer bonds. China buying bonds is what keeps their currency artificially low and therefore makes their exports cheaper than they otherwise would've been. The US government has been after China to change that policy for years.

Incidently that would also raise the living standards of the Chinese by increasing the value of their money, but Chinese corporations oppose it, because it helps them sell more and make more profit. In other words governments everywhere in the world serve the interests of the wealthy and the powerful.

Re:I would think the answer is obvious... (1)

Ogive17 (691899) | more than 3 years ago | (#36997438)

No they don't. What China has are a bunch of "promises" that they'll get money in the future. If China tries to bring down the US, the US will default on everything to China and really screw up both economies.

Re:I would think the answer is obvious... (1)

Biff Stu (654099) | more than 3 years ago | (#36997662)

I agree with your premise that China would hurt itself as much as it hurts us if they try to screw with their T-bond holdings. A default would be extreme. If the Chinese wanted to "teach us a lesson" they could dump a bunch of treasuries on the market. This would cause bond prices to go down, interest rates to go up, and if they dumped enough bonds, the dollar would also drop. In order for them to really make a painful impact, they would need to sell a lot of bonds into a market that's already depressed by previous sales, causing them to loose a lot of money. Furthermore, they wouldn't benefit from the higher interest rates since they wouldn't be holding near as many T-bonds. Finally, their economy is driven by cheap exports. If the dollar tanks, their economy goes down the tubes.

The only scenario where we come close to a default is armed conflict. In that case, we would probably pay interest into an escrow account in order to provide leverage for eventual peace negotiations and secure our credit rating.

Re:I would think the answer is obvious... (1)

tokul (682258) | more than 3 years ago | (#36997846)

Because, financially, China has the West (especially the US) by the balls

Works both ways. US has China by the balls too. If dollar has zero value, then Chinese have lots of zeros.

Re:I would think the answer is obvious... (1)

BZ (40346) | more than 3 years ago | (#36997876)

I think you have the tail and the dog confused here on the bond-buying issue. China buying fewer US bonds is something the US has been asking for for years. It's also known as allowing the yuan to appreciate against the dollar.

This would be a very good thing for the US economy in general, I suspect.

Why are western nations silent? (0)

2names (531755) | more than 3 years ago | (#36996998)

I'll tell you why: they are all wholly-owned subsidiaries of China.

Re:Why are western nations silent? (1)

LastGunslinger (1976776) | more than 3 years ago | (#36997216)

If the US defaulted on it's debt, who stands to lose more, China or the US? China's put their eggs in one basket. They're not the ones with the power. Besides, the overwhelming amount of US debt is owned by, wait for it, the US. It's China that controls much of the foreign-owned debt.

Re:Why are western nations silent? (1)

gbjbaanb (229885) | more than 3 years ago | (#36997278)

I take it you really mean, the vast majority of US government debt is owned by US-based banks. Its pretty hard to owe yourself money :)

Still, China owns enough ot make everyone worried, and yes they're foreign (to the US) so they would own most of the foreign-owned debt.

FYI, China owns a vast load of Euro debt too, they just have so much of our money they don't know what to do with it.

Re:Why are western nations silent? (2)

AHuxley (892839) | more than 3 years ago | (#36997286)

Reading http://www.vanityfair.com/culture/features/2011/09/operation-shady-rat-201109 [vanityfair.com]
"After identifying the command-and-control server, located in a Western country" ....
Mb the average Western spook wanted to keep it flowing to see who collected or what was been collected in a part of the world where telcos where 'friendly'.
Nothing like a "Room 641A" in a "Western country" for ducting off a telcos bulk data in real time, no questions, legal teams, contacts, requests, meetings...
Also think of national self interest and the joy of having a huge flow of interesting international data ending in a local telco/isp- and getting the first look.

Governments are acting, just ineffectively. (1)

Fractal Dice (696349) | more than 3 years ago | (#36997028)

National governments send in non-technical spokespeople from their security agencies to talk to company IT departments, giving general ominous warnings along with cryptic and non-specific hints ... essentially the same things you would see on the evening news. Then the IT people go back to their desks and see that in the elapsed hour a new batch of tickets has arrived about failed servers, a meeting invite to discss the state of an overdue project and a voicemail from a manager suggesting a better shade of orange for the spreadsheets to be coded in.

Why would retaliation be public (4, Interesting)

wintercolby (1117427) | more than 3 years ago | (#36997038)

Come on now. IF the West has been secretly attacked, why would it/we launch a PUBLIC attack in retaliation. I'd be inclined to believe that there are constant "cyber attacks" in both directions. I'd say you'd be a fool not to believe that there is retaliation of some sort, after stuxnet.

Different forms of retaliation (3, Insightful)

Nidi62 (1525137) | more than 3 years ago | (#36997146)

Retaliation doesn't even have to be in the form of a cyber attack. You can have the embassy in Beijing send over a note saying basically "hey, we know you're doing this, you need to stop." It can take the form of a little extra military aid to Taiwan, or encouraging some companies to switch to Taiwanese suppliers for the next contract. Maybe we just have a few extra ships stop by Taiwan for liberty, or have a large exercise in the area. Maybe a few extra flights right outside Chinese territory. Remember, in the international arena, you don't always respond tit for tat, or even immediately. Retaliation can come weeks or months later, and it can be in a form dissimilar from the original injury. So, just because we aren't talking publicly, doesn't mean we aren't responding, and they don't know we are responding.

Re:Different forms of retaliation (0)

Anonymous Coward | more than 3 years ago | (#36997284)

Even so, why NOW of all times? This has allegedly been going on for five years. Many big-name companies have been hacked, no doubt including Sony. Why hide it and now suddenly decide to announce it?

Are they prepping us for some big announcement or trying to get any particular legislation passed? Reminds me of the timely news of Bin Laden's death, just a couple of days before the Patriot Act extension was to be signed. Tinfoil hat, therefore all arguments are irrelevant..

Re:Different forms of retaliation (1)

Nidi62 (1525137) | more than 3 years ago | (#36997426)

Even so, why NOW of all times? This has allegedly been going on for five years. Many big-name companies have been hacked, no doubt including Sony. Why hide it and now suddenly decide to announce it?

Are they prepping us for some big announcement or trying to get any particular legislation passed? Reminds me of the timely news of Bin Laden's death, just a couple of days before the Patriot Act extension was to be signed. Tinfoil hat, therefore all arguments are irrelevant..

The government has made no such announcement. McAfee has. But I would assume that the government has known and keeps track of any systematic attack. Just like any counterespionage case, once you detect something, if it's not a vitally pressing issue that could cause major damage, you let it go. You watch it, track it, see if it leads you anywhere; either back to the source, or possibly alert you of other clandestine operations. If an operation has been compromised, the last thing you want to do is let the opposition know you've compromised it.

Re:Why would retaliation be public (0)

Anonymous Coward | more than 3 years ago | (#36997276)

Look at how military aircraft on a daily basis enters foreign airspace. Submarines do the same thing. It's a way for both sites to keep on their toes and generals have formal or informal agreements to do these things, without telling the grunts about it.
Of course they same applies to military cyber warfare. There will be daily "attacks" to keep the troops on both sides alert and ready for real action.

Re:Why would retaliation be public (1)

JoeMerchant (803320) | more than 3 years ago | (#36997306)

As long as the West thinks they have the upper hand in cyber skills, it's kind of like the cat letting the mouse run around in the kitchen: study his moves - learn from what he's showing you he can do, and why kill him? He's not really eating that much, yet. Presumably, as long as the losses are trivial, policy will continue to be to study the attacks and develop counters, rather than crying foul and threatening open retaliation.

And, if the mice have a few of generations of children, that's hundreds of tasty snacks in the future...

Re:Why would retaliation be public (2)

swan5566 (1771176) | more than 3 years ago | (#36997310)

Yeah. No offense to the Slashdot community, but a lot of the thinking and philosophies of government intelligence (i.e. NOT having things open and freely disseminated) might seem a little bit foreign. Just because we don't have 20 links posted already to what the West doing about this, doesn't mean they aren't doing something about it.

Re:Why would retaliation be public (0)

Anonymous Coward | more than 3 years ago | (#36997418)

When the West is attacked by China, everyone yells out. When China is attacked by the West it's propaganda and lies.

so if someone in the US where to hack china what w (1)

Joe_Dragon (2206452) | more than 3 years ago | (#36997046)

so if someone in the US where to hack china what will happen?
Or is the west saying it's a free for all?

Re:so if someone in the US where to hack china wha (1)

Culture20 (968837) | more than 3 years ago | (#36997226)

so if someone in the US where to hack china what will happen?

I suppose that depends were in china they hack. Their probably not going to hack Chinese government wear there going to notice. That was harder to right than it is for you all to reed.

Why are the Western nations silent about it? (0)

Anonymous Coward | more than 3 years ago | (#36997068)

Because their Chinese bankers are the only ones left to fund the handouts necessary for preventing the local populace from building an excessive number of guillotines.

Debt (0)

Anonymous Coward | more than 3 years ago | (#36997082)

China is the largest holder of U.S. public debt http://en.wikipedia.org/wiki/United_States_public_debt and we don't want to publicly shame them, so we keep quiet and fight them in private. It harms our interests, but gives us something to do in the form of developing hardened software and infrastructure (which China can then steal later).

No chance. (3, Insightful)

marto (110299) | more than 3 years ago | (#36997088)

Nobody will start a fight with China, at least while they manufacture Apple products, how would the west cope without iPads etc?

I could set my watch by it. (0)

Anonymous Coward | more than 3 years ago | (#36997118)

As if by clockwork the daily anti-china propoganda piece shows up.

Re:I could set my watch by it. (1)

couchslug (175151) | more than 3 years ago | (#36997186)

Has Rupert Murdoch bought Slashdot?

Inquiring minds want to know!

Big Deal (0)

Anonymous Coward | more than 3 years ago | (#36997166)

Maybe western nations are silent about it because it isn't actually important yet.

I mean let's face it, until command and control systems start getting fucked up, who cares?

It's not like robots that walk and talk (or fly and launch hellfire missles), are being hijacked and turned into political assassins. We aren't getting hit with power outages and downed water treatment facilities. (the 2003 american northeast blackout was aging hardware malfunctions)

The Toyota recall, due to weird accelerations still stinks to me, but that's the only thing that has yet raised warning bells in my mind.

Everything else it just so much paper. Until someone hacks a communications satellite, and brings it down on my head, or launches a nuke, it's not a *PROBABLY* serious problem.

That's not saying things won't change. And given the inherent stupidity of mobs of people, it very well may change for the worse.

Let's hope it doesn't.

Hypocrisy, maybe? (2)

OwenTheContrarian (2163170) | more than 3 years ago | (#36997196)

Really, who would cry foul when we are doing the exact same thing? Sure, our companies may be upset, but there is little chance any Federal agencies will lend real support when we are actively pursuing intelligence and assisting with cyber-attacks. Does anyone really believe that the Israelis managed the sophisticated Stuxnet attack on the Iranian uranium enrichment centrifuges all by themselves? The cold war is not dead, it just went cyber, and the list of hostiles grew exponentially.

Re:Hypocrisy, maybe? (1)

royallthefourth (1564389) | more than 3 years ago | (#36997334)

But those are the bad guys. You're supposed to root for the government that is in your location. It's very important that the people be distracted by the idea that some foreign actor may do them some harm so that they do not realize that it is in fact their own state that is not only failing to act in the interest of the majority of citizens, but openly acting against them (cutting SS and Medicare in order to solve the fabricated debt crisis, for a recent example).

Chinese hackers? (1)

moozh84 (919301) | more than 3 years ago | (#36997206)

In Command and Conquer: Generals, you just nuke them. They'll be sitting in a field with a laptop.

Chinese students (3, Interesting)

Anonymous Coward | more than 3 years ago | (#36997224)

I used to work at a fairly large mid-western university and my experience was the Chinese government was sponsoring kids who came to the US to learn how to hack. I was responsible for network security for the engineering and CS building's network and saw many attempts at hacking by Chinese students within the network and directed outward to the Internet. No one in the university was interested in taking action against these students when incontrovertible evidence was collected and offered. Faculty were defending the hackers and administration largely supported faculty so there were no sanctions. I don't know if these students were directed to this behavior but there was certainly a culture which was pervasive among these Chinese students that you did not see among other groups of international students from places like India, Pakistan, Nepal, the Mideast, the former Soviet republics and/or eastern Europe.

Stop calling it war. (3, Insightful)

MarkvW (1037596) | more than 3 years ago | (#36997290)

We have information crimes punishable by 16 years in prison. And now we're having information "wars."

The Internet is the Wild West. If you don't like it, create a physically secure regimented network and don't let unregistered bad people onto it. Stop with the "war" rhetoric.

Think for half a second. Who would want a cyberwar and who would benefit from one? Now ask yourself: Who would end up doing the dying when the cyberwar turned ugly?

This is just a variant of the nonsense that the RIAA is trying to pull. People with money want to capitalize and control the internet, and violence, and the threat of violence (the killing and imprisoning kind) are the traditional means of imposing control.

Don't buy into the bullshit. "Information war" can become just another synonym for the restriction of free speech.

Re:Stop calling it war. (1)

Nidi62 (1525137) | more than 3 years ago | (#36997490)

war: 4.active hostility or contention; conflict; contest: a war of words.-dictionary.com

I don't know, sounds like "war" pretty accurately describes what's going on right now. A war does not have to include violence or death. And the RIAA is not trying to kill you.

What's to be gained from exposing them? (1)

russotto (537200) | more than 3 years ago | (#36997340)

OK, Western governments (and corporations) know damn well China is conducting cyber-attacks. Suppose Secretary of State Clinton goes to the Chinese and makes a formal accusation, what do they do? Deny it, of course, complain about how the West is oppressing them, threaten to do various nasty things.

OK, suppose she brings irrefutable proof that the attacks originate from China? Well, they deny some more and complain some more, but maybe they get pinned down. Now they blame some "rogue elements", execute a few random people they wanted to execute anyway, and continue doing what they've been doing.

Suppose she brings and demonstrates proof it originates within a certain department of the Chinese Government itself? Again, same reaction: denial, rhetorical counterattacks, and maybe execution of a few scapegoats.

To who's benefit is any of this? They aren't going to stop. Nobody is going to think any better of the United States or worse of China if the accusation is made. It's just a waste of diplomatic effort.

BTW, I'm pretty sure that despite was implied in the rest of the article, Google is still not censoring search results in China.

Why the silence? To conceal their own activites (3, Insightful)

petes_PoV (912422) | more than 3 years ago | (#36997392)

Let's not for a second think that this is a one-way street. If one nation is at it, you can bet that pretty much everyone else is, too (just like torture). That it's done under the radar and with no public acknowledgement just tells us that it falls under the category of black-ops, rather than ordinary warfare.

And unlike ordinary warfare, where it's pretty obvious who's shooting at you, in cyberwar I doubt that it's possible to tell who are your friends, or even if the concept of allies actually exists. It's not about ideology it's about sticking the boot in to anyone who appears to be getting the upper hand.

Re:Why the silence? To conceal their own activites (1)

TubeSteak (669689) | more than 3 years ago | (#36997668)

And unlike ordinary warfare, where it's pretty obvious who's shooting at you, in cyberwar I doubt that it's possible to tell who are your friends, or even if the concept of allies actually exists. It's not about ideology it's about sticking the boot in to anyone who appears to be getting the upper hand.

If you've read the newspaper over the last 30 years, there's no doubt our allies are definitely doing the same thing to us.
Of our allies, Israel typically gets the most press for their repeated spying/hacking/espionage attempts and successes.

Every year, Congress gets a report titled "Foreign Economic Collection and Industrial Espionage Reports" [ncix.gov]
This obviously doesn't include thefts from the government, but it'll give you an idea of what's happening.

"...almost certainly China's..." according to what (1)

Randy Jian (1016059) | more than 3 years ago | (#36997398)

The only source that suggests this is McAfee, and even they called it "speculations...maybe". Symantec even proposed that "There has been some discussion of this being a government-sponsored attack. However, the finger can’t be pointed at any particular government. Not only are the victims located in various places around the globe, so too are the servers involved in these attacks" There's too strong an unsupported accusation here.

mod 0P (-1, Redundant)

Anonymous Coward | more than 3 years ago | (#36997400)

future. Th3 hand

Let's try an analogy... (2)

Empiric (675968) | more than 3 years ago | (#36997422)

I found it rather astonishing while watching CNN a week or so back to hear them reporting that the DoD was indicating the U.S. had been subject to a large-scale hacking attack by a sovereign state, but -they weren't releasing which one it was-.

I couldn't help thinking about this stance as it would be applied to, say, Pearl Harbor. "Yes, the United States is under attack. No, you as an American citizen and taxpayer aren't entitled to know who is attacking you, from your own defense agencies. We're prioritizing the interests of Said Foreign Power, including any right-to-know you may feel you have, ahead of our citizenry."

This is an incredible stance to take, and the fact it was a "cyber-attack" seems be pretty irrelevant to the basic questions regarding representative government this raises. Yet, CNN doesn't even blink an eye flatly reporting this without noting any objection.

Strange Days.

Re:Let's try an analogy... (1)

3dr (169908) | more than 3 years ago | (#36997870)

I wonder if it was Eastasia, or if those longtime friends of Eurasia betrayed us...

This is a good thing (1)

scorp1us (235526) | more than 3 years ago | (#36997424)

Without these hostile actions, we'd never harden our defenses. We'd never worry about XSS or SQL injections.

I was shocked the first time I looked at the http logs of a "real site" It just amazed me. So now, even if I am going throw-away work on a hobby site, I am sure to guard against these attacks. And everything is better.

Better to know the hackers are out there, rather than assume they don't exist. It makes the threat credible and real and that leads to improvements.

The west doesn't have to do anything (0)

Anonymous Coward | more than 3 years ago | (#36997630)

The West doesn't need to respond. The Chinese political system is built on a failed premise and will collapse eventually. The only thing that will come out of a US / China shouting match is the incentive the Chinese leadership needs to stay in power.

China is a basecamp (1)

Anonymous Coward | more than 3 years ago | (#36997678)

If you were to think of where is the best place to stage an attack from, it would probably be China. That doesn't mean that you are Chinese.

Ignore China (1)

jekewa (751500) | more than 3 years ago | (#36997696)

In addition to blocking unwanted open ports to the world, have just about all of China's IPs in my ipfilter, denying them access to anything but HTTP (they might want to read my blogs...right?). Also the other countries called out by http://www.countryipblocks.net/malicious-internet-traffic/malicious-internet-activity-the-top-10-countries/ [countryipblocks.net] are likewise blocked. Yeah, that's about 10K IP blocks in the filter, but it seems to run just fine, and I end up with only sporadic and apparently random (or maybe successful) failures in my auth files.

Not that I want anyone to see this as any kind of challenge...I'm sure someone is spending more time to access and zombie my machines than I'm spending to try to cut them off!

Quick, let's build a firewall (0)

Anonymous Coward | more than 3 years ago | (#36997806)

around the country to stop hackers getting in

I can tell you why (1)

ISurfTooMuch (1010305) | more than 3 years ago | (#36997826)

The answer is quite simple: It's because China is a huge market, and Western companies want to be there much more than they mind being attacked.

I can give you a perfect example of this. I have a buddy who is an engineer with a major auto manufacturer. A few years ago, he was telling me how the Chinese car companies are blatantly ripping off the designs of other companies. He even said that GM found that Cherry Motors was doing such a good job of it that their parts were identical to and interchangeable with Chevy parts. Still, the big car manufacturers were lining up to enter into partnerships with their Chinese counterparts. I asked him why they would do this, knowing full well that their designs would be ripped off. He said that, yes, they knew this would happen, but the Chinese market was so big that they felt they could still make money there, and besides, the Chinese companies were going to rip off their designs whether they were partners or not, so they might as well form partnerships and at least make some money.

And whom will guard the guards? (0)

Anonymous Coward | more than 3 years ago | (#36997844)

The people will.

Government must protect private companies? (0)

Anonymous Coward | more than 3 years ago | (#36997890)

"One fact revealed by the raids is that, predictions of cyberpunk novels nonwithstanding, private companies are still quite weak in the face of national governments — and it's those national governments that must act against such intrusions"

Maybe I'm reading this wrong... but is the summary seriously suggesting that the government must take responsibility for network security for private companies?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?