Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Measuring China's Cyberwar Threat

timothy posted more than 2 years ago | from the let's-trade-more-and-war-less dept.

China 79

An anonymous reader writes with this excerpt from Network World: "A lengthy report prepared for the U.S. government about China's high-tech buildup to prepare for cyberwar includes speculation about how a potential conflict with the U.S. would unfold — and how it might only take a few freelance Chinese civilian hackers working on behalf of China's People's Liberation Army to sow deadly disruptions in the U.S. military logistics supply chain. As told, if there's a conflict between the U.S. and China related to Taiwan, "Chinese offensive network operations targeting the U.S. logistics chain need not focus exclusively on U.S. assets, infrastructure or territory to create circumstances that could impede U.S. combat effectiveness," write the report's authors, Bryan Krekel, Patton Adams and George Bakos, all of whom are information security analysts with Northrop Grumman. The report, "Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage," focuses primarily on facts about China's cyberwar planning but also speculates on what might happen in any cyberwar."

cancel ×

79 comments

Sorry! There are no comments related to the filter you selected.

Cyber war threat level (1, Funny)

Dyinobal (1427207) | more than 2 years ago | (#39312075)

The current cyber war threat level is Macguffin green. Not to be confused with nonexistant blue and retarded red.

Re:Cyber war threat level (0)

Anonymous Coward | more than 2 years ago | (#39312129)

Bring it on. We have "Anonymous"!

I believe "Anonymous" works for China (1)

Taco Cowboy (5327) | more than 2 years ago | (#39316723)

Bring it on. We have "Anonymous"!

Or Russia

Or Cuba

Or Venezuela

Or the Taliban

Re:Cyber war threat level (1)

jroysdon (201893) | more than 2 years ago | (#39315637)

The color thing has been dropped by DHS [dhs.gov] :
The National Terrorism Advisory System, or NTAS, replaces the color-coded Homeland Security Advisory System (HSAS).

The ISC [sans.edu] is a little slow on the uptake, but isn't government.

For those of us who've lived thorugh it. (2, Informative)

Anonymous Coward | more than 2 years ago | (#39312087)

Because the Chinese government has sponsored research on "attack-induced cascading power failures" related to the U.S. power grid, ...

For those of who have lived through power shut downs for days and weeks on end because of snow and hurricanes, BFD. Ooooo, I won't be able to surf the internet or watch TV or pop my microwave popcorn. Oh noes!

And for the folks that really need the power, like hospitals, they have on site generation equipment that will last as long as they can get the diesel or the natural gas flows. AND some are even putting solar on their roofs - made in China, btw.

Re:For those of us who've lived thorugh it. (1)

JimCanuck (2474366) | more than 2 years ago | (#39313503)

Too many fair weather people. Snow related power outages which are common here, which tend to happen in the middle of winter, to which typically your furnace stops working because a lack of electricity even if its NG. Doesn't phase people, you know its there and you must live with it.

Some people just need to Harden the f**k up and accept life for what it is. But that would involve personal responsibility, which means, its unlikely to happen.

Wanna cyber? (5, Insightful)

Anonymous Coward | more than 2 years ago | (#39312121)

In computers and network security, every time someone uses 'cyber' in a serious, unironic manner, they lose credibility.

TFA uses it 9 times.

Re:Wanna cyber? (1)

poity (465672) | more than 2 years ago | (#39312413)

Do the words "geek" and "cracker" make you blush as well?

Re:Wanna cyber? (1)

ubrgeek (679399) | more than 2 years ago | (#39314093)

> "cracker" make you blush as well?

Only when it precedes and succeeds the word "ass."

Re:Wanna cyber? (1)

Concerned Onlooker (473481) | more than 2 years ago | (#39313159)

I agree. It's nice to key in on a buzz word for judgement. It precludes having to examine and think about what is actually being said.

Re:Wanna cyber? (1)

Taco Cowboy (5327) | more than 2 years ago | (#39316763)

It's nice to key in on a buzz word for judgement.

Whenever a defence contractor goes to Capital Hill and uses words like "Cyber", "China", "Threat", "Hacker", "Attack", "War" --- you know fair well that they are after one thing

Oh, no, they don't care if America's infrastructure collapse because of the Chinese hackers

All they care is money

Oh yea, $$$$, aka moolah, greenbacks

That's the thing they are after

The more fear they spread, the more they can smear "China" the more the congresscritters are willing to shell out gazillion $$$ in the name of "protecting America"

Re:Wanna cyber? (0)

Anonymous Coward | more than 2 years ago | (#39313341)

Speaking of buzzwords. I love the way Occupy has become such a mainstream buzzword as well. Occupying the blah blah blah is hilarious. :)

Ahh yes (5, Insightful)

Anonymous Coward | more than 2 years ago | (#39312137)

Our newest 'threat' we need to throw money at to 'combat'.

Instead of ohhhh... i dont know... not connecting important shit to the internet...

What's it gonna be called.. Thats the big question. 'War on Cyber' Doesnt sound catchy enough.

Re:Ahh yes (3, Insightful)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#39312463)

The morbid entertainment value is at least doubled by the fact that the article is about the hypothetical 'chinaman haxxor!!!!!' threat to the American military supply chain, rather than the much less hypothetical 'a mixture of ill-advised outsourcing and blatant regulatory capture has gone a fair portion of the way toward ensuring that the phrase 'military supply chain' refers to the route by which public money makes its way into the coffers of contractors, rather than any mechanism actually designed to improve or maintain American military capability.

With friends like Duke Cunningham and KBR, we don't need enemies...

They missed one key tid bit... (4, Insightful)

bogaboga (793279) | more than 2 years ago | (#39312173)

The report, "Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage," focuses primarily on facts about China's cyberwar planning but also speculates on what might happen in any cyberwar."

This is what I would add:

All speculation is geared toward ensuring that the report's authors
or their agents are beneficiaries in any efforts the US government would take to "mitigate" any China factor(s).

Re:They missed one key tid bit... (0)

Anonymous Coward | more than 2 years ago | (#39312501)

Why are you Americans allways so scared of a 'Bogey man' - Do you have to have one to prove how brave you are?

Re:They missed one key tid bit... (1)

Johann Lau (1040920) | more than 2 years ago | (#39313353)

It's more hilarious than that. Who has the best capability, and the worst track record of attacking and subverting? Why, it's Team America (fuck noes).

Re:They missed one key tid bit... (1, Interesting)

TheLink (130905) | more than 2 years ago | (#39312777)

It's all Bogeyman BS.
1) USA has thousands of nukes including ICBMs
2) China has about two hundred nukes including ICBMs.
3) NONE of that cyberwar hacking is going to stop the nuclear missiles.
4) China will come out worse in a nuclear war against the USA (unless the rest of the world nuke the USA too)
5) Neither side appear to have suicidal leaders, and most of the leaders are enjoying their lifestyles at the top.
6) The USA owes China trillions of US dollars.

So why would China start a war on a country with way more nukes? Since it's public knowledge that China has nukes, guess what USA would do if China really starts a war with the USA? And what would China gain?

China may hack to get secrets but you don't take down massive numbers of servers when you do that. So if the USA has evidence of any real cyber attack from China they'll just tell China to "STOP IT NOW OR ELSE".

This cyberwar scenario might be applicable if China was trying to avenge an attack from the USA. China has fewer nukes than the USA, and the USA has more defenses against nukes, so to try to increase the effectiveness of its fewer nukes in revenge strikes China may have to DoS stuff. China would still lose the resulting war, but at least the USA would be more hurt - and maybe some pissed-off US citizens might kill the crazy US leaders who "pressed the button" (if they ever come out of hiding).

See the number of nukes China has: http://en.wikipedia.org/wiki/List_of_states_with_nuclear_weapons#Statistics [wikipedia.org]

From what I observe, the Chinese leaders at the top are likely to be well aware of these realities. I can't say the same about the US "Sarah Palin" leaders.

Re:They missed one key tid bit... (0)

Anonymous Coward | more than 2 years ago | (#39312967)

It's not China starting a war with the US we have to worry about...

Re:They missed one key tid bit... (1)

gtall (79522) | more than 2 years ago | (#39314251)

Hmmm...so you think the U.S. is going to threaten nuclear war while the PLA is victory dancing in Taipei? Well, I think that pretty much sums up your ability think about geopolitics. Thanks for playing, go back to your games now, bye-bye...

Re:They missed one key tid bit... (0)

Anonymous Coward | more than 2 years ago | (#39317513)

If China has a good track record with Hong Kong and Macau, then Taiwan might eventually be convinced to join willingly (but most Taiwanese are probably waiting for China to change till China doesn't care about unification anymore).

Meanwhile both sides will continue to do the political shows and sabre rattlings, while actually aiming for business as usual. Take Foxconn as an example. Foxconn has been operating in both China and Taiwan for decades, and has grown to a massive scale. From conventional political theory that shouldn't be happening... But in practice, Taiwan and China make lots of money, China has millions of workers gainfully employed by Taiwanese companies (and so less likely to revolt).

Think about that tonight while you hide under your blanket from the Bogeyman.

Military using the public Internet?!? (2, Insightful)

Anonymous Coward | more than 2 years ago | (#39312197)

Does the "cyber war" threat mention the public Internet at all? If so, then that's totally stupid!

The military has no business *relying* on the public Internet for anything!

The power grid has no business *relying* on the public Internet for anything!

Telephone companies has no business *relying* on the public Internet for anything!

If hackers using the plain Internet have any way in to any U.S. military communications system, then people need to be fired!

The Internet is NOT a secure communications network, and the government should not try to present this insecurity as a "national security" issue. The idea of turning the Internet in to a secure communications network is like trying to impose federal banking laws in the commerce system of "World Of Warcraft". The FBI and NSA are trying to justify deep surveillance, user tracking, and censorship on the Internet. It's a power grab for what should be a public network, with private communications (like most physical mail parcels).

Re:Military using the public Internet?!? (5, Informative)

daveschroeder (516195) | more than 2 years ago | (#39312227)

There are many different tasks and functions for which the military and government agencies use the public/commodity internet. There are also various levels of private [wikipedia.org] networks [wikipedia.org] for more sensitive requirements.

None of that, however stops the NSA from operating under the assumption that its networks are compromised [democracyarsenal.org] .

Brookings just put out a great paper on a related topic, Cybersecurity and U.S.-China Relations [brookings.edu] (PDF). It's worth a read.

Re:Military using the public Internet?!? (4, Interesting)

Daniel Dvorkin (106857) | more than 2 years ago | (#39312375)

One the things TFA mentions is how many of the targets wouldn't actually be military, but rather civilian contractors which the military needs to run day-to-day operations. This isn't a computer security problem, it's a cultural problem. The contracting / privatization craze has hit the military in a big way. I know this will sound like old-soldier grumbling, but when I was in (late 80s to mid 90s) we didn't have this problem, much. We had plenty of civilian contractors around, sure, but combat-critical logistics and maintenance functions were handled by people in uniform. Now we have a situation where units engaged in active combat can't function unless civilians who are not under oath and are not trained for the situation (and who are often paid much, much more than soldiers used to be to perform the same jobs; the "privatization saves money" argument is complete bullshit) decide to show up for work that day. The military needs to be able to handle its own operations in a war zone, and right now, it can't do that.

Re:Military using the public Internet?!? (0)

Anonymous Coward | more than 2 years ago | (#39335495)

One the things TFA mentions is how many of the targets wouldn't actually be military, but rather civilian contractors which the military needs to run day-to-day operations. This isn't a computer security problem, it's a cultural problem. The contracting / privatization craze has hit the military in a big way. I know this will sound like old-soldier grumbling, but when I was in (late 80s to mid 90s) we didn't have this problem, much. We had plenty of civilian contractors around, sure, but combat-critical logistics and maintenance functions were handled by people in uniform. Now we have a situation where units engaged in active combat can't function unless civilians who are not under oath and are not trained for the situation (and who are often paid much, much more than soldiers used to be to perform the same jobs; the "privatization saves money" argument is complete bullshit) decide to show up for work that day. The military needs to be able to handle its own operations in a war zone, and right now, it can't do that.

Bingo....the civilian contractors that comprise a massive portion of that mission critical supply chain are the weak link in this scenario.

We will get caught with our pants down. (0)

Anonymous Coward | more than 2 years ago | (#39312207)

As usual. No news here folks, we do not have time to worry about China as long as there are music pirates to deal with.

Occupying the (1)

girlintraining (1395911) | more than 2 years ago | (#39312209)

Occupying the...

Pitching tents in front of websites and smoking crack.com is no way to go through life, son.

Boobs (0)

Anonymous Coward | more than 2 years ago | (#39312239)

Threat Level Midnight.

How much damage can be done sustainably? (3, Interesting)

satuon (1822492) | more than 2 years ago | (#39312241)

I'm sceptical of how much damage 'cyberwar' can really do sustainably. I suspect it would be a bit like Pearl Harbor - you make enormous damage the first day with a surprise attack, but it goes downhill from there.

I mean, I'm sure that the first day a lot of computers will go offline, and even factories will stop, etc. But what happens after a month when those computers have their OS reinstalled - with Linux or a commercial UNIX, or even, zOS if need be, and the data you've deleted has been restored from backup CDs, and everywhere there are billboards on the road proclaiming that whomever isn't updating their computer is giving Hitler a drive. Would it be as easy to go on inflicting damage then?

Re:How much damage can be done sustainably? (4, Interesting)

girlintraining (1395911) | more than 2 years ago | (#39312309)

But what happens after a month when those computers have their OS reinstalled - with Linux or a commercial UNIX, or even, zOS if need be, and the data you've deleted has been restored from backup CDs

Most businesses don't have disaster recovery plans. And those that do, like mine, haven't given much thought to the timetable on a full restore of all IT resources from nothingness. The one I'm working for right now has a 4 year plan for rolling out Windows 7 that started last month. In other words, they started the rollout late, and they'll be deploying outdated tech well past the point when the next version comes out. This just loading the operating system... consider all the other IT resources that would need to be rebuilt.

On to data backup and restore functionality: All the backups are stored on NAS devices that are always connected. There is no offline backup. They don't use tapes, optical media, or any of that jazz. And most of those backups are located on-site, adding insult to injury. It's taking them 4 years to roll out an operating system remotely, the process is largely manual, riddled with errors, and each system requires, on average, 3 hours of support resources to complete the upgrade.

Without getting into details, this is a Fortune 100 company, and because of the nature of its business is required by law to have stringent backup policies as well as data protection. The state of the art encryption and data protections can all be catastrophically bypassed by design using a 4 digit PIN. the 4 digit pin... is the last 4 digits of the user's SSN. The first and last name, as well as geolocation information, is in active directory, which even the 'guest' account can access. Every person who works support, from phone to desktop, network to deployment, as local admin rights to every workstation in the company. Do the math. Then cry.

This... is typical for most large businesses.

Re:How much damage can be done sustainably? (4, Informative)

Sarten-X (1102295) | more than 2 years ago | (#39312825)

Oh, how true that is.

I've described my current employer's systems as a very large "what's wrong with this picture?" puzzle. This past week I found out that our remote offices aren't even logging on to our domain controller (located in the main office), because DNS requests weren't routed properly. Rather, the users there logged into their workstations with local accounts, then used RDP to access a workstation in the main office where they did all the actual work. For speed, they'd occasionally email themselves a file to be modified in a local copy of Office.

Effectively, this means that our confidential corporate data was being stored on machines with no password protection, despite the corporate password policy.

Never assume that being a big company implies any kind of decent security or sane practices. The disconnect between the ones who know and the ones who manage is just too great.

Re:How much damage can be done sustainably? (1)

Phrogman (80473) | more than 2 years ago | (#39315167)

This is the natural result for any large company where they allow the sales and marketing department (for instance) to control the pace of business. S&M (deliberate abbreviation) people are far more focused on their personal sales success than they are on security. I saw similar problems at one large company I worked at and they were very security conscious. Laptops were a particular problem because they could be removed from the building. We gave a freshly configured brand new laptop to a sales guy and within a day or so he phoned for support while on the road because he decided to install a new OS on the laptop and it didn't work with all our settings (he also wiped out all the preconfigured software we had installed for him - our stuff, the stuff he couldn't download etc).
With regards to backups, we installed a good system - and we tested it a few times - which came in handy when the email system went down. We had the boss down in IT screaming until we got it back up and running. He was yelling that it was costing us $10k a minute that it was down by his calculation.
Of course the reason it went down was that our new VP for IT had insisted we had to move to Exchange server from a functional Linux system. The end cost by the time we had made all the other changes was something on the order of $300k+. Exchange crashed I believe because we overloaded its ability to store email messages - and some of our personnel who had been there for *years* had never, ever, deleted any email (including spam). Active Directory I think, didn't like that.
The main reason for the massive change: the PHBs wanted to be able to easily schedule meetings that would show up in everyone's inbox :P
We did our backups right though I think: 2 expensive tape drives working in tandem, daily backups, 2 weeks worth of tapes on site, with another 2 months stored offsite in a highly secure archive facility etc.

Re:How much damage can be done sustainably? (0)

Anonymous Coward | more than 2 years ago | (#39375479)

Fuck, man. I work in a data center and I don't have admin rights to my local workstation.

Re:How much damage can be done sustainably? (1)

ScentCone (795499) | more than 2 years ago | (#39313267)

But what happens after a month when those computers have their OS reinstalled

Many, possibly most businesses would be permanently ruined by going with revenue and being unable to make payroll for a month. A month might as well be a hundred years. It would be catastrophic, economically.

Comp Sci III to the Rescue (1)

thaiceman (2564009) | more than 2 years ago | (#39312277)

Don't worry we have Computer Science III, Proxy's, & not one but two firewalls.... were fucked,,,,

Cut the nonsense. (1)

John Hasler (414242) | more than 2 years ago | (#39312307)

If there is ever a real war between the USA and China there will certainly be attempts (some successful) at remote computer sabotage but there is going to be no "cyberwar" (though something may happen that will be so labeled).

Re:Cut the nonsense. (0)

Anonymous Coward | more than 2 years ago | (#39313989)

If there is ever a real war between the USA and China there will certainly be attempts (some successful) at remote computer sabotage but there is going to be no "cyberwar" (though something may happen that will be so labeled).

Sorry, people aren't believing our terrorist scares much any more. We need this new "cyber war" threat to keep our fellow americans employed.

That kind of talent's in the USA too... apk (2, Interesting)

Anonymous Coward | more than 2 years ago | (#39312311)

Trust me, BOTH sides have "the talent" on all levels: But, why? It's like a street-fight really - BOTH SIDES TAKE A HELL OF A BEATING, & for what??

Some stupid rich man's steering nations into wars/conflicts (face it, we KNOW that's how real wars start up too, the wealthy/war profiteer "wanting more")).

* Almost makes me sad... the media "hyping it" doesn't help either because it gets folks gander up (regular folks that don't know any better, or have never met a person from 'the other side' personally, & get led/stirred up like 'sheeple' are wont to do).

APK

P.S.=> Personally, I know a pack of very talented Chinese guys in computing (from academia in fact & work), & they're JUST GUYS, pretty much, just like any others... They don't really want shit because they're too smart to even START that kind of mess - same on 'our side' too! Normal folks that get used/abused by "the people @ the top/1%-ers". Pretty sad... apk

Re:That kind of talent's in the USA too... apk (1)

Johann Lau (1040920) | more than 2 years ago | (#39313511)

Ah, the voice of reason.

Thanks but... apk (0)

Anonymous Coward | more than 2 years ago | (#39315795)

It's only speaking from BAD experience (grew up & live in a rough area). In the end? Nobody wins, not really (you win, you worry about cops/jail or lawsuits etc. - you lose, you go to hospital or morgue, then it escalates to even more between families etc./et al)

Seen it. It's terrifying "sleep with 1 eye open" crap. Just LOTS of misery over usually stupid crap usually (or money, or women, etc. - t).

In fact, I'd wager We've all seen it or been there/done that. NOT worth it, not really (90% of the time that is).

Sure - Sometimes you fight to prevent a fight, but that's on a personal level.

However, this is about 2 very powerful nations that would only end up wiping one another out and taking us all for the ride (be it cyberwar, or real war) right into a casket or ruin, & would probably escalate into the "REAL THING" eventually (war).

How dumb and illogical.

Above all else, it can end up with a lot of folks dead and losing ones we love. Not worth it. It's just not. I am sure you all understand.

APK

P.S.=> I hope, in a way, you don't (because some of you were fortunate enough to have never been exposed to such madness & lunacy), but... well, there you are... apk

cyberattacks on the military supply chain (2)

dgharmon (2564621) | more than 2 years ago | (#39312347)

Just who in their right mind connects such systems to the Internet !

Re:cyberattacks on the military supply chain (2)

Shavano (2541114) | more than 2 years ago | (#39312395)

Everybody. Using the internet is now so essential to getting any business done that every military supplier uses it. Suppose you are selling tanks to the military. How do you order components? How do you get paid and how do you pay your suppliers and your employees?

Re:cyberattacks on the military supply chain (1)

dgharmon (2564621) | more than 2 years ago | (#39312693)

"Everybody. Using the internet is now so essential to getting any business done that every military supplier uses it. Suppose you are selling tanks to the military. How do you order components? How do you get paid and how do you pay your suppliers and your employees?

Even so, how about using an encrypted VPN connection and only allowing people access on a need-to-know basic ...

Re:cyberattacks on the military supply chain (0)

Anonymous Coward | more than 2 years ago | (#39313867)

And I'm sure that's the answer to everything...

Re:cyberattacks on the military supply chain (1)

Phrogman (80473) | more than 2 years ago | (#39315191)

For the average user out there on the internet, their computer is kinda like an interactive TV. They wouldn't understand how to use an encrypted VPN, and if it delayed them or caused any problems, their first move would be to figure out how to bypass it. Most people don't actually *want* to learn how to use a computer, they just want it to work as well as their toaster does - and without reading a manual.

Oh, please ... (4, Interesting)

cdrguru (88047) | more than 2 years ago | (#39312355)

Has anyone in the US Military stopped to notice what critical supplies are manufactured solely in China today? I do not mean just armaments, but stuff that the US military would be utterly unable to move without. Stuff like light bulbs. Fuel filters. Glass containers.
Simple little things that the last US manufacturer closed down for either recently or as far back as 1980.

Do we still make toilet paper in the US? I suspect there may only be one factory that does and it will probably close down soon. It is much cheaper to have it made over there and shipped here.

We cannot possibly win a conflict with China - they would cut off our supply of manufactured items and the military would just grind to a halt.

Sure, they could probably shut down a couple of factories making classified munitions, but who cares? They figured out that troops don't fight without toilet paper in WW I and trust me, it hasn't gotten any better. They cut off our supply of toilet paper and the US population would storm Washington and demand an end to the conflict immediately. I am not kidding here.

Re:Oh, please ... (4, Informative)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#39312555)

This is somewhat orthogonal to your overall point; but the US actually does a substantial percentage of pulp and paper production domestically. We've got plenty of land suitable for growing paper-grade timber, plenty of riverfront space for siting mills, and the economics of shipping low end lumber and mundane paper products long distances aren't all that thrilling compared to the relatively modest premium you pay for domestic employees.

Re:Oh, please ... (4, Insightful)

Sarten-X (1102295) | more than 2 years ago | (#39312885)

On the other hand, China knows the US's reliance on its products, and knows that there is sufficient sentiment in America to restart such closed businesses. If China ever does shut down shipping, American factories will start back up quickly. We have the equipment and the people, both just waiting for a market to support them. I doubt very much that America would lose a war with China. We'll certainly be beaten back and spend the first several years hurting, but the logistics of China actually "winning" are a very tough obstacle. Both nations have the natural resources to continue fighting through the foreseeable future.

It's partly for that reason that I see a war as highly unlikely, despite the saber-rattling on both sides. Both nations are economically attached tighter than ever before, and they both must recognize it, despite the political irritation.

Re:Oh, please ... (0)

Anonymous Coward | more than 2 years ago | (#39313079)

what critical supplies are manufactured solely in China today?

Towards the end of the cold war, there were replacement parts needed by the Canadian military that were only available from the Soviet Union. There were some instruments still in use which still used vacuum tubes, and the only remaining source of those particular tubes was the USSR.

Re:Oh, please ... (3, Interesting)

JimCanuck (2474366) | more than 2 years ago | (#39313559)

And Canada and the US sold hundreds of millions of bushels of grain to the USSR during the 1950's to 1980's, including the "height" of it with the Cuban Missile Crisis etc.

Don't let political posturing fool you, some decisions, such as helping your enemy feed its people is a better olive branch then any peace treaty or alliance.

Re:Oh, please ... (2)

gtall (79522) | more than 2 years ago | (#39314287)

"Has anyone in the US Military stopped to notice what critical supplies are manufactured solely in China today?" Yup, all branches as a matter of fact. Also as a matter of fact, there's not squat they can do about it. It was made worse (paradoxically) by Reagan and subsequent "conservatives" who blathered on about a strong America and how that meant the U.S. Government, including DoD, needed to contract out as much as possible. I guess the Chinese noticed too.

Anything can get owned (2)

ka9dgx (72702) | more than 2 years ago | (#39312373)

Anything internet connected can get owned... even stuff that isn't connected can get killed via service equipment (which is what the whole Stuxnet thing was about).

When you run everything with ambient authority, you're never going to be safe. EVERYTHING uses ambient authority, because it's what we're all used to, as far as computers go. Here's the difference:

In the real world, we operate with ambient deny... you car key doesn't open all cars of that model, it only has the capability to open your car. When you delegate it, your valet can't open all that model of car either.

The situation with computer security now is like having each car owner contractually promise not to open any other car than their own, rather than unique keys. The first hand off to a valet who didn't sign the promise does the whole system in. It also fails if they get confused and return the wrong car.

Until the model of computer security is brought in line with reality, things will continue to be fscked, Chinese or no Chinese.

Just read TFA (4, Informative)

vikingpower (768921) | more than 2 years ago | (#39312379)

"may" employed about 100 times ( order of magnitude, I lost count ). "would" exactly 59 times, in 109 pages of text ( not counting the appendix and refs/bibliography part).

Cylon kill switch (2)

k6mfw (1182893) | more than 2 years ago | (#39312393)

When watching the pilot episode of remake Battlestar Gallactica few years ago, and how Cylons were able to defeat all battlestars and fighters by shutting down all their systems with "virus software" installed in the background (was done over many years by cylon spies). Since all Colonial spacecraft and systems were networked together, this virus effected all their systems. I was thinking if we went to war with China, this is ***exactly*** what will happen. OK, we can argue China will or not want to get into a shooting war with US. Most likely US will continue to decline.

In the TV series, the Gallactica survived because ship commander Adama was an old guy from the old school who never upgraded his systems to modern networked systems. All their computers were standalone systems, much like PDP-11s. Fighters were the old models with much more analog control sytems and looks like they still used Mocom-70 for 2-way radios.

Pass a law, carve off a piece of the GDP (1)

Anonymous Coward | more than 2 years ago | (#39312411)

The CIA and military intelligence made the Russians into an existential threat right up to their collapse.

Meanwhile, anyone who read the 2 books by the Russian General who defected (he used the name of a famous Russian General from Tsarist times, sorry I don't have time to find this in my bookshelves or on Amazon, tho I did try) or read the accounts of people who visited the USSR for any extended tour (Heinlein wrote one the trip he and his wife took) or had friends visit for even short periods (my mother spent a couple of weeks there in the 70s and again in the 80s) realized that Russia was largely facade. They stopped publishing demographic statistics in the 60s because they had a 3rd-world neonatal death rate, rapidly falling longevity for even people in Moscow. Stories from Russians about the hospitals even in the 90s are hard to believe, but true.

The USofA has no serious enemy, so the various institutions and industries that depend on an enemy are trying hard to create on. Iran might be scary enough. Chinese hackers are even better because nobody knows what it means, what might be vulnerable.

It would be a lot cheaper to create genuine patriotism among our own hackers to motivate them to continue to test our own systems for flaws and to reward them for it. But creating patriotism would require wholesale changes in our very corrupt government and thus in the entire Oligarchy, so can't ever happen.

Re:Pass a law, carve off a piece of the GDP (3, Interesting)

Securityemo (1407943) | more than 2 years ago | (#39313605)

Viktor Suvorov, "Inside the Soviet Army"? The laugh-or-cry gallows humour in that book is absolutely brilliant. You really feel with the author. It reminded me about Solsjenitsyns unsentimental yet gripping descriptions of the gulags.

Re:Pass a law, carve off a piece of the GDP (2)

gtall (79522) | more than 2 years ago | (#39314299)

Yup, that's right. Except for the fact that the Soviets had nuclear, chemical, and biological weapons with little safeguards, there was nothing all to worry about. Go peacefully amidst the noise and haste...

Re:Pass a law, carve off a piece of the GDP (1)

Phrogman (80473) | more than 2 years ago | (#39315243)

I think the recent "cyberwarfare" scare is due to the corporate realization that with this sort of scare:
a) they can sell massive numbers of computer systems and peripherals with their attendant support contracts
b) they can provide massive numbers of contracted support personnel.
c) there actually is a real threat, but they can play it up considerably to their own profit
d) Expect Haliburton to get into computer security :P
e the last thing on the minds of any of the corporate players is the actual security of the USA and its Allies. The military guys are no doubt motivated and aware of the threats involved, but I doubt the corporate guys can see beyond the sales potential and their own wallets.

As for nuclear retaliation, is the US really likely to go nuclear if *someone* out there started a serious effort to disrupt the US powergrid etc? Any such effort would be conducted outside the US, with suitable Maskirovka etc, and the people involved would be gone as soon as they could. Even if you are *sure* the enemy is China, can you see a US President ordering the nukes into the air without a clear trail that leads directly to the enemy leaders? By that time whatever military objective China wanted - Taiwan and the south china sea resources - will be in their hands. The US could be in a complete shambles economically (worse than now I mean), and in no real position to respond.
I think the threat is credible, I just don't think that China will act on it unless really forced to by the US and Taiwan. If that happens then I think they will respond, and moreover I suspect they will win.

impeding combat effectiveness (3, Interesting)

10am-bedtime (11106) | more than 2 years ago | (#39312489)

Another (highly upstream) impediment to combat effectiveness is a change of attitude away from combat-based resolution. O, to have hackers so skilled, from any nation, that yang may cede to yin, at least for a few years, in our lifetimes...

(end lament)

Our our weapons are made in China!!! (0)

Anonymous Coward | more than 2 years ago | (#39312559)

As told, if there's a conflict between the U.S. and China related to Taiwan, "Chinese offensive network operations targeting the U.S. logistics chain need not focus exclusively on U.S. assets, infrastructure or territory to create circumstances that could impede U.S. combat effectiveness" write the report's authors

Yeah, the Defense Contractor industry has just realized the off-shoring and building almost everything for our weapons systems in foreign countries makes it IMPOSSIBLE for the United States to procure weapons in the event of open war???!!!???

Maybe we should consider building our shit with our own shit inside our own shithouse!

why are critical systems on the net to begin with? (5, Insightful)

joneil (677771) | more than 2 years ago | (#39312645)

Mod me double plus idiot if you will, but in our small company, our "critical computer" - the one hat has files I don't want to loose (yes, i do back ups), and the one I don't ever want hacked, it is NEVER connected to the internet. No wifi, no bluetooth, no cable, nada, zilcho. I even have independent power supply aside from plugging it into the wall.

  Anything I need to introduce into the computer id done by a freshly formatted USB, and double checked and scanned first on a different machine running linux. When not in use, I physically turn it off and disconnect the power supply, and if the hackers can get into a machine with no power, well, I;ll just go back to pen and ink at that point. :)

        Now seriously, I know you cannot turn off a computer that is running a nuke plant or a NORAD radar system, but why are so many critical systems connected to the internet? Or have online access of any kind? Back in the good old days of BBSes when I was a sysop and upgrading form a 9600 baud modem to a 28,800 like like a miracle (you know, this was back way when dinosaurs still roamed the earth, or so my kids see it as such :) ), the quickest way sometimes to block a hacker attack as to physically disconnect the phone line from the modem.

        Again, mod me super simplistic idiot, but if I were operations manager for a nuke plant, and a major cyber attack was underway, to prevent a meltdown, wouldn't you be tempted to just take a pair of wire cutters and snip the physical connection to the internet?

Re:why are critical systems on the net to begin wi (0)

Anonymous Coward | more than 2 years ago | (#39314293)

Mod me double plus idiot if you will

Apparently you got +5 insightful. Reverse psychology seems to work quite well.

Re:why are critical systems on the net to begin wi (0)

gtall (79522) | more than 2 years ago | (#39314309)

"but why are so many critical systems connected to the internet?" because reimplementing a totally private network complete with security just to run your modern physical plant is horrendously expensive and finding the people to build it and run it is hard?

If there's a conflict (2)

nurb432 (527695) | more than 2 years ago | (#39312677)

If the US and China butt heads too much, all China has to do is cut off supply of all our shiny objects, bankrupting many large US companies and destroying what is left of our economy.

They can also demand payment for what we owe them..

Re:If there's a conflict (2)

ShanghaiBill (739463) | more than 2 years ago | (#39313401)

Iall China has to do is cut off supply of all our shiny objects

So we lose some shiny objects, and they lose millions of jobs. Who will suffer more from that?

They can also demand payment for what we owe them..

Do you understand how bonds work? They have a maturity date. Until that date arrives, you cannot "demand payment". The best they can do is try to sell them on the open market, and if they are dumping them in large amounts, they would not get a very good price.

Re:If there's a conflict (1)

nurb432 (527695) | more than 2 years ago | (#39313497)

Yes i know how bonds work. Do you know how war works? They can demand anything they want and threaten war if they don't get it. "contractual agreements" don't mean squat when you are staring down the wrong side of a barrel.

Also, if they cut us off from our shiny objects, they wont lose millions of jobs. They will just sell to other countries and subsidize the jobs ( they are a socialist nation remember )

Re:If there's a conflict (1)

Anonymous Coward | more than 2 years ago | (#39313653)

they are a socialist nation

No, they are no. China is a Capitalist country! Mao has been dead for decades now, please get on with the times. Having a red flag doesn't makes them Socialists, you know.

Re:If there's a conflict (3, Interesting)

Anonymous Coward | more than 2 years ago | (#39313695)

All of this talk about China winning any kind of conflict is hocus pocus. What China could do is cause a severe amount of damage to cyber infrastructure and repel any occupational force on the mainland. What they could not do is reach beyond their own border militarly, aquire enough energy to wage war, or find access to friendly markets once the war started. China may be a big economy but without the support of the world European and Japanese powers they would have an awful hard time keeping a stable economy. Additionally large swaths of the interior of China are in fact recent acquisitions(occupations) with populations just itching for a chance to strike back at the ethnic Han Chinese. The US arming the muslims and tibetans could create hell for China at home. Compare this to the strategic position of the US with its unabated control of all oceanic routes, being surrounded by mostly friendly nations, having a solid energy supply, and no significant domestic threats leads me to think the long term strategic implications for Chinese aggression are abysmal. Cyber war could be shut down quickly with the destroying of communications networks in china with EM weapons if need be.

Re:If there's a conflict (0)

Anonymous Coward | more than 2 years ago | (#39314615)

and bonds are just a "promise" of future payments. i doubt one would continue their repayments to a country when they are at war with that country. and you have to note that usa is the world's largest grain exporter (china is the largest grain producer, but still does not have enough to feed itself and would face lower food production due to severe clean water shortages in the future), i would rather not have soap or toilet paper and still have food, instead of the other way

Measuring China's Cyberwar Threat (0)

Anonymous Coward | more than 2 years ago | (#39312735)

How about measuring America's unpayable national debt instead.
Unless of course this can serve as a distraction to addressing America's real root problems.

like y2k, hype the threat and consult the solution (0)

Anonymous Coward | more than 2 years ago | (#39312789)

There are certain stories of "dark threats" which are heavily propagated by those who sell a solution or expertise on countering the threat. I doubt the US Military could disrupt itself in the manner suggested with a big budget and six months to arrange it (government being government). The idea that its all so uniform to be zapped by an outsider with "a few freelance Chinese civilian hackers" is pure B Movie; you really have to suspend common sense to enjoy the plot.

Hmm how would it go? Just like . . . . (0)

Anonymous Coward | more than 2 years ago | (#39312841)

. . . . this. What?? The Chinese are CYBER ATTACKING??!! *unplug* problem solved. DUH!

ROFL (0)

Anonymous Coward | more than 2 years ago | (#39313151)

This article is hilarious. Worries about the supply chain? That is just hilarious. DARPA and the other military research organizations have been working for decades on means and methods for completely stable and everything-proof supply chain and independent generation technology. There would be no shutting down the militaries actions for more than 10 minutes, if they got lucky. These assholes don't know any of this for sure, and even worse most of this shit is fully of "may" and "maybe" and other such unsure words. Hell, most of the equipment is only tangentially connected to the web if it all, and has unbelievable physical security measures built in to prevent anything short of an EMP downing it.

The real power of bullshit like this is going after US citizens, especially protesters. Last year I was involved in a boycott of Koch Industries, nothing but a legal fucking boycott. 3 months after it started, the FBI came to my door and took all my shit because Koch Industries gave them a list of IP addresses with mine on it saying I had attacked them. All it took was the accusation. Nothing else was on the warrant, just a list of IP addresses, no log files, no verification, nothing.but when you can shut up protesters with something far more malicious than a SLAPP suit, then you have won on another level, against freedom.

(only reason posting AC is because my account was hacked and password changed by a douche I argued with before).

Give it a rest, neocon-spewing swineherds..... (2)

sgt_doom (655561) | more than 2 years ago | (#39313215)

Northrop Grumman, majority owned, via a number of shell companies, offshore finance centers and holding companies, by the Bush family and James Baker. And who gives a fig about China, where they offshored all the jobs, all the technology and all the investment, not to mention what's not obvious to all (but should be by this time) a considerable amount of US foreign aid (and World Bank aid) to finance the building of those PLA-owned, factories and production facilities and labs for the benefit of their elites and the multinationals who profits from them. What utter BS and nonsensical bullcrap. sgt_doom has spoken......

Re:Give it a rest, neocon-spewing swineherds..... (1)

gtall (79522) | more than 2 years ago | (#39314323)

"Northrop Grumman, majority owned, via a number of shell companies, offshore finance centers and holding companies, by the Bush family and James Baker." Wow, I didn't know that. Do you have references or is it fun talking out of your ass. Hey, maybe I can do it too...

"Obama isn't really an American", "The Jews run all the major media systems if not the entire world", "the U.S. government has been using alien technology for years"...

This is fun, there's just no end to what I can pull out of my ass too.

Re:Give it a rest, neocon-spewing swineherds..... (0)

Anonymous Coward | more than 2 years ago | (#39319569)

Yeah, I do have a link, especially for you trollbot, it's very, very sharp and made of metal, and I'll introduce to you in the dark alley of your choice.

sgt_doom

Stuxnet - They had the chance to make a treaty (0)

Anonymous Coward | more than 2 years ago | (#39314627)

They could of decided that attacking critical infrastructure with viruses was verbotten. Like the US/Soviet Nuclear treaties and weaponizing space treaties. Chemical weapons treaties. There have been rules of war every since there was war.

But nope. The governments let stuxnet go unpunished and no treaty was written. So I am calling BS. If it was a big deal, there would be a treaty. But there was not treaty, so it is not a big deal. This is propaganda. Probably to prop up budgets. No it IS to prop up budgets. We all know this.

So there is a war on. The Pentagons shut down your internet and blame it on the Chinese and Russians. I don't think the Pentagons and their Full Spectrum Dominance are going to really cry too much if the internet is shut down no matter who does it.

And if riots break out, well then the Marshall Law Card gets played. The Whole World Domination Gantt chart is stalled at the 'Shutdown the Internet' and 'Then The People Riot' node.

I think Aircraft Carriers off the Chinese shore are pretty much the ultimate cyberwar deterrent. Tomahawks? What Tomahawks?

War is war. Once China makes the first attack, cyber war or regular war, it's game on.

Loss of Life. Infrastructure Damage. Yep. That's an aggressive move.

And all you server operators out there. Really, are your server logs showing a great bit spike in massively evil and clever attacks? I will bet you answer is no, and that in fact server attacks, spam and general malicious stuff is down. I'll even bet that after 10 or 30 years of being running businesses, computers and internet that you actually know what you are doing and don't really need the outside help.

Don't know about you, China has been attacking my servers every day since the beginning of time. Yawn.

How likely is it that China could shut down all the power in North America at once. It is probably impossible for even the Pentagons to do that to their own country. At worst a few areas blacked out for a few days. Big Whoop. Like a snowstorm or a tornado or a flood, except without the billions of dollars of property damage.

And so what if it all got shut down. It would be like a snow day, and we all get to stay home and drink beer and eat the ice cream before it went bad.

No beepers, no phones, no email, no bitch clients. Sounds pretty good, don't it.

Seriously, there is no way the whole continent gets an unscheduled day off from work. No way. A day off? C'mon. The pointy headed bosses would explode.

And the MSM unable to shove propaganda at us for 2 or 3 days? Google and Zuckerberg unable to spy? OMG! OMG! OMG!

That's the control freaks absolute worst nightmare.

Formula to for Threat Determination (1)

Sir Foxx (755504) | more than 2 years ago | (#39320675)

Pretty sure you can determine China's Cyberwar Threat level by determining the ratio of Shrute Bucks to Stanley Nickels and multiply by 3.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>