Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Chinese Hack New York Times

samzenpus posted about a year and a half ago | from the protect-ya-neck dept.

China 116

Rick Zeman writes "According to a headline article in the New York Times, they admit to being hacked by the Chinese, and covers the efforts of Mandiant to investigate, and then to eradicate their custom Advanced Persistent Threats (APT). This was alleged to be in reaction to an article which details the sleazy business dealings of the family of Wen Jiabao, China's newest Prime Minister. China's Ministry of National Defense said in denial, 'Chinese laws prohibit any action including hacking that damages Internet security.'" Update: 01/31 15:00 GMT by T : The Times used Symanetic's suite of malware protection software; Symantec has issued a statement that could be taken as slightly snippy about its role in (not) preventing the spyware from taking hold.

Sorry! There are no comments related to the filter you selected.

Frosty Piss (-1)

Anonymous Coward | about a year and a half ago | (#42749637)

Bitches

Re:Frosty Piss (-1)

Anonymous Coward | about a year and a half ago | (#42749869)

Chink vs. Jew.

Two go in, Only one comes out.

Re:Frosty Piss (1, Troll)

TheP4st (1164315) | about a year and a half ago | (#42751699)

AC troll vs. Mod Two go in, Only one comes out.

Chinese Laws (0)

Anonymous Coward | about a year and a half ago | (#42749645)

Chinese laws prohibit any action including hacking that damages Internet security

Wait...there are laws in China?

Re:Chinese Laws (1)

MickyTheIdiot (1032226) | about a year and a half ago | (#42749683)

Was the spokesman related to Baghdad Bob?

Re:Chinese Laws (2)

evanism (600676) | about a year and a half ago | (#42749895)

They most certainly do have laws.

They protect the parties members, the corrupt elite and those Chinese who want to confiscate a foreigners businesses.

But, you will find them and the process opaque, haphazard, arbitrary and shockingly harsh... unless of course you are a senior party member, in which case none of this applies to you.

Re:Chinese Laws (5, Funny)

Anonymous Coward | about a year and a half ago | (#42749931)

This sounds a lot like US laws.

Re:Chinese Laws (0)

Anonymous Coward | about a year and a half ago | (#42750315)

Not the same. In the USA if you're in charge of food safety and stuff goes badly wrong you don't get executed.

Re:Chinese Laws (1)

Runaway1956 (1322357) | about a year and a half ago | (#42751629)

An incompetent or negligent food inspector should be executed, though. He/she might have the lives of tens of thousands of people in his hands, but because he's bored, or hung over, or whatever, he doesn't see the slime growing under the conveyor belt, on which lies tons of raw meat. Slowly, ever so slowly, the slime advances, reaching out for that succulent chicken . . .

Re:Chinese Laws (1)

daem0n1x (748565) | about a year and a half ago | (#42751757)

Of course he does, what are all those drones for?

Obligatory Zappa quote (2)

QRDeNameland (873957) | about a year and a half ago | (#42754093)

This sounds a lot like US laws.

“The United States is a nation of laws, badly written and randomly enforced.”

- Frank Zappa

Re:Chinese Laws (0)

Anonymous Coward | about a year and a half ago | (#42755231)

Except hacking in the US is illegal, and in China its not. It used to be totally unregulated until the world put a lot of pressure on them, now if you get caught hacking a local party official is supposed to visit you and give you a stern lecture or something, although my guess is that they offer them a job as a free-lancer. It creates this beautiful storm where investigation and extradition border on impossible.

Re:Chinese Laws (0)

Anonymous Coward | about a year and a half ago | (#42755383)

Except hacking in the US is illegal

Except that it's not.

Re:Chinese Laws (-1)

Anonymous Coward | about a year and a half ago | (#42750493)

Sounds like the US to me.

Oh well..

Re:Chinese Laws (0)

Anonymous Coward | about a year and a half ago | (#42752377)

That was kind of what I was thinking, only from a broader perspective.

I don't see much different there than what happens here.

Poor American, or any country in the world, goes into politics, and a decade or so later poof they are a millionaire.

Wasn't it Lyndon Johnson who summed it up with "if you don't come out of politics rich, your stupid?"

Re:Chinese Laws (0)

Anonymous Coward | about a year and a half ago | (#42753435)

Norwegian politicians do not earn that much. More than the average citizen, but less than many mangagers.

Re:Chinese Laws (0)

Anonymous Coward | about a year and a half ago | (#42752337)

Notice, in the carefully worded statement that he said it was against their laws.

He did not say they didn't do it.

Since they have access... (5, Funny)

tokencode (1952944) | about a year and a half ago | (#42749651)

Since they already have access, the NYTimes can just outsource the writing to China. This will reduce labor costs and save China the trouble of filtering articles they do not like. Think of all the new potential readers....

Great Paywall of NYT (4, Funny)

Pollardito (781263) | about a year and a half ago | (#42749699)

Maybe they were just trying to read the many witticisms of David Brooks and Maureen Dowd?

Re:Great Paywall of NYT (3, Insightful)

dkleinsc (563838) | about a year and a half ago | (#42750009)

Wait, that gives me an idea! We'll confuse our enemies with New York Times columns that are wildly inaccurate or simply have no bearing on reality at all. It's really easy too - all we need to do is hire back Tom Friedman.

Re:Great Paywall of NYT (1)

Anonymous Coward | about a year and a half ago | (#42750031)

He's still there; his column is on Sunday and Wednesday.

He's not the worst of the bunch (I'd probably give that "honor" to Ross Douthat) but he's certainly an embarrassment to the paper.

Re:Great Paywall of NYT (1)

Attila Dimedici (1036002) | about a year and a half ago | (#42751411)

They do not even need to do that, they still have former Enron adviser, Paul Krugman.

Re:Great Paywall of NYT (0)

Anonymous Coward | about a year and a half ago | (#42751885)

They do not even need to do that, they still have former Enron adviser, Paul Krugman.

You mean Nobel Prize winner Paul Krugman? I'm baffled at how many people think employment or consulting with Enron makes everyone a fraud. Or perhaps you just think supply side economics isn't ridiculous, so you feel threatened.

Re:Great Paywall of NYT (0)

Anonymous Coward | about a year and a half ago | (#42755543)

You mean fake nobel prize winner paul charlatan? His nobel is as fucking worthless as the sham peace prize. Get your head out of your ass.

Re:Great Paywall of NYT (2)

Maudib (223520) | about a year and a half ago | (#42752335)

Oh you mean form Reagan adviser Paul Krugman?

Re:Great Paywall of NYT (3, Informative)

Attila Dimedici (1036002) | about a year and a half ago | (#42752929)

Which tells you more about Ronald Reagan's willingness to listen to people who disagreed with him than it does about Krugman's expertise. If you look at what Krugman says about his time working in the Reagan Administration (as an adviser to an adviser) you discover that he claims that even then he thought the answer to problems was more government as opposed to Reagan who thought the cause of most problems was government..

Re:Great Paywall of NYT (2)

dkleinsc (563838) | about a year and a half ago | (#42752659)

Yeah, about that: Paul Krugman on his work for Enron [pkarchive.org] .

He's advised a lot of other people too. Point being that if you think he was bought off (for a measly $37K, which given that he's probably a millionaire is basically chump change), you're probably wrong. He's also explicitly mentioned his work whenever he's written about it.

Re:Great Paywall of NYT (2)

daem0n1x (748565) | about a year and a half ago | (#42751787)

columns that are wildly inaccurate or simply have no bearing on reality at all.

Fox News China Edition?

Re:Great Paywall of NYT (0)

Anonymous Coward | about a year and a half ago | (#42751927)

Wait, that gives me an idea! We'll confuse our enemies with New York Times columns that are wildly inaccurate or simply have no bearing on reality at all. It's really easy too - all we need to do is hire back Tom Friedman.

Brilliant! Then we can put all the real columns and information on Fox News! They'll NEVER think to look for it there!

Re:Great Paywall of NYT (1)

T.E.D. (34228) | about a year and a half ago | (#42750417)

More likely they thought there must be some secret information on their servers that explains why they say the crap they do. They can't possibly really be that stupid.

I don't believe it (0, Troll)

Anonymous Coward | about a year and a half ago | (#42749705)

Communists don't attack each other.

Re:I don't believe it (1)

joebagodonuts (561066) | about a year and a half ago | (#42752007)

The Chinese aren't communists...

Re:I don't believe it (3, Informative)

SuricouRaven (1897204) | about a year and a half ago | (#42752057)

They are officially communist, but unlike the USSR they were able to acknowledge that communism isn't always the best solution to every problem and turn to market solutions when appropriate.

Chinese hack Slashdot? (1)

Anonymous Coward | about a year and a half ago | (#42749709)

Maybe the Chinese hacked Slashdot, that would explain why this story appears here 12 hours after everywhere else?

Re:Chinese hack Slashdot? (1)

GiantMolecularCloud (2825541) | about a year and a half ago | (#42749911)

Maybe the Chinese hacked my tax returns, hmm Uncle Sam? Got nothing to say to that do ya.

Re:Chinese hack Slashdot? (1)

Rick Zeman (15628) | about a year and a half ago | (#42750091)

Maybe the Chinese hacked Slashdot, that would explain why this story appears here 12 hours after everywhere else?

I guess the editors were asleep, or they saved it for morning for maximum visibility. I submitted it last night.

COOKIES UP THE ASS! (-1)

Anonymous Coward | about a year and a half ago | (#42749715)

I bet they did not have to use a site like anonymouse to get around registration just to view a fucking article.

I hate you NYTIMES.

Start spreading the news
I'm leaving today
I want to be a part of it
New York, New York
These vagabond shoes are longing to stray
Right through the very heart of it
New York, New York
I wanna wake up in a city that doesn't sleep
And find I'm king of the hill, top of the heap
These little town blues are melting away
I'll make a brand new start of it in old New York
If I can make it there, I'll make it anywhere
It's up to you, New York, New York
New York, New York, New York
I want to wake up in a city that never sleeps
And find I'm a number one, top of the list
These little town blues are melting away
I'll make a brand new start of it in old New York
If I can make it there, I'll make it anywhere
It's up to you, New York, New York, New York

Re:COOKIES UP THE ASS! (0)

Anonymous Coward | about a year and a half ago | (#42751693)

Sure, you can wake up in New York - sleeping under a bridge, because you're only number 27,498,278. You can be on the top of the list down at the shelter, next time New York has a deep freeze.

Mayor Buttlicker is numero uno, and don't you forget it!

Defined how? (2, Insightful)

sabbede (2678435) | about a year and a half ago | (#42749719)

Okay, shooting people is illegal, but shooting people to protect others from getting shot is not. Compromising internet security is illegal in China, but hacking to "protect" the Chinese people from having their leader's security compromised must be okay, right? Obviously, there is nothing worse than having your leader's integrity challenged, so they are doing everybody a favor by hacking the Times.

Favors? Surely You Jest! (4, Insightful)

eldavojohn (898314) | about a year and a half ago | (#42749835)

Okay, shooting people is illegal, but shooting people to protect others from getting shot is not. Compromising internet security is illegal in China, but hacking to "protect" the Chinese people from having their leader's security compromised must be okay, right?

Lethal force is only okay in very specific scenarios -- usually when lethal force is first presented by the attacker. Could you explain what the New York Times did that warranted the use of hacking? Did the New York Times hack the Chinese government? Did the New York Times even threaten to hack the Chinese government?

Obviously, there is nothing worse than having your leader's integrity challenged, so they are doing everybody a favor by hacking the Times.

Actually, I can think of a good deal many things that are worse than having my leader's integrity challenged. Truth be told, I quite enjoy my leader's integrity being challenged -- especially if there is fact behind it. The Western world enjoys this over-scrutiny of our leaders. Here's a worse scenario than your leader's integrity being challenged: your leader actually is corrupt and nobody's able to investigate it!

The only favor they're doing us by hacking the New York Times is showing the world that they believe their control of the media transcends their national borders. By paying petty lip service to their own laws (which are often subjective and which they feel they are above), the Chinese government is telling the foreign presses that they better fall in step with their mouthpieces or they will be hacked.

It's quite sickening and I find no way at all to view this as acceptable. This is an international attack on our constitutional values -- most notably freedom of speech.

Re:Favors? Surely You Jest! (3, Insightful)

bmo (77928) | about a year and a half ago | (#42749881)

I think you're missing his sarcasm with the word "obviously."

--
BMO

Re:Favors? Surely You Jest! (0)

Anonymous Coward | about a year and a half ago | (#42749885)

I think you're missing his sarcasm with the word "obviously."

-- BMO

But the first sentence implies that he's serious.

Re:Favors? Surely You Jest! (3, Funny)

bmo (77928) | about a year and a half ago | (#42750017)

He's obviously serious. Obviously.

--
BMO

Re:Favors? Surely You Jest! (1)

photonyx (2507666) | about a year and a half ago | (#42753145)

It's painfully, obviously obvious.

Re:Favors? Surely You Jest! (2)

drinkypoo (153816) | about a year and a half ago | (#42750037)

It's quite sickening and I find no way at all to view this as acceptable. This is an international attack on our constitutional values -- most notably freedom of speech.

The capitalist dogs' attack on our noble way of life is what is unacceptable. Their slanderous lies constitute an international attack on our cultural values — and they must not be tolerated! Signed, the Chinese government.

Re:Favors? Surely You Jest! (1)

Farmer Tim (530755) | about a year and a half ago | (#42750319)

Could you explain what the New York Times did that warranted the use of hacking?

Hired hack writers?

Re:Favors? Surely You Jest! (1)

c (8461) | about a year and a half ago | (#42751077)

It's quite sickening and I find no way at all to view this as acceptable. This is an international attack on our constitutional values -- most notably freedom of speech.

Given some of the history of the New York Times (the Pentagon Papers, Wikileaks), I have this funny feeling that they aren't just dealing with foreign governments hacking their systems.

Re:Defined how? (0)

Anonymous Coward | about a year and a half ago | (#42755283)

Compromising internet security is illegal in China, but hacking to "protect" the Chinese people from having their leader's security compromised must be okay, right?

Except that hacking in china is only illegal if the computer you attacked is in china, otherwise its this 3rd type of legal action that we don't have a concept for (as opposed to criminal or civil), which is essentially like an administrative action by a local party official. My guess is that they offer you a way to make money while properly directing your output.

That said, while your post was tongue in cheek, it starts with an incorrect premise.

Surprise, surprise (0)

Anonymous Coward | about a year and a half ago | (#42749775)

Another ungrammatical lead sentence in the summary. Slashdot: news for nerds, stuff that matters, and daily word puzzle.

The gay boy's bum (-1)

Anonymous Coward | about a year and a half ago | (#42749793)

The gay boy's bum
The gay boy's bum
You can stick in your dick
or a finger or a thumb
So we all love the gay boy's bum

The gay boy's bum
The gay boy's bum
You can pull out early
and cover him in cum
So we all love the gay boy's bum

Must be bullshit (-1, Troll)

oodaloop (1229816) | about a year and a half ago | (#42749799)

Everyone knows the hacking threat is made up by the US government, as I am continually reminded every time I try to talk about it.

Re:Must be bullshit (4, Informative)

DaMattster (977781) | about a year and a half ago | (#42749905)

Everyone knows the hacking threat is made up by the US government, as I am continually reminded every time I try to talk about it.

No, it's not bullshit. I don't know how you draw that conclusion. I look at my family business' firewall logs and see lots of intrusion attempts coming from Chinese IP addresses. It got so bad that I moved the company's website to a VPS and moved our mail server to a cloud-based solution. Now, we just block all foreign IP addresses at the firewall by default.

Re:Must be bullshit (3, Interesting)

sohmc (595388) | about a year and a half ago | (#42750025)

I'm glad to hear I'm not the only person to do this. I block the entire country of China. Their hacking attempts outnumbered legit requests by a factor of 50 to 1.

Why doesn't the great firewall of China work the other way around?

Re:Must be bullshit (4, Informative)

andy1307 (656570) | about a year and a half ago | (#42751029)

I block the entire country of China.

If you read the article, you'll notice that they used hacked machines at US universities as a jumping off point.

Re:Must be bullshit (0)

Anonymous Coward | about a year and a half ago | (#42751487)

And how did they hack into those machines? Magic? Maybe from China?

Re:Must be bullshit (0)

Anonymous Coward | about a year and a half ago | (#42751983)

How did they know it was China doing the hacking then? A friend read the article and said something about it being in the virus signature. Is it impossible to copy things over the Internet these days and use them from different countries? Attribution is almost impossible to get right on something like the internet.

Re:Must be bullshit (1)

rjr162 (69736) | about a year and a half ago | (#42754307)

No kidding.. I took down the firewall on my router (comcast connection) to test some VPN stuff.. instead of doing a port forward etc.

I was doing this from the in-laws house to my house, and within just a couple minutes I saw attempts from china on the SSH and IPsec/L2TP ports (linux box's firewall was set so you couldn't access the L2TP outside of an IPsec tunnel).

Even after turning the firewall back on, they must have somehow (automated?) realized there was a machine they could access but not log into yet.. and port scanned, because my auth.log was showing SSH attempts on the alternate port my router was forward to SSH... (I disabled password login, just use a 512 bit ECDES key, but the fact they somehow found the alternate port which was in the 16xx range in under an hour was interesting, and so was the fact it wasn't a constant stream of failed log ins.. there'd be 10 to 20 attempts over the course of a couple minutes, then a 30 minute or so gap.. rinse and repeat)

WOOOOSSSHH (1)

Zero__Kelvin (151819) | about a year and a half ago | (#42750327)

"No, it's not bullshit. I don't know how you draw that conclusion."

I cannot imagine how you drew the conclusion that he drew that conclusion.

Re:Must be bullshit (0)

Anonymous Coward | about a year and a half ago | (#42750407)

Everyone knows the hacking threat is made up by the US government, as I am continually reminded every time I try to talk about it.

No, it's not bullshit. I don't know how you draw that conclusion. I look at my family business' firewall logs and see lots of intrusion attempts coming from Chinese IP addresses. It got so bad that I moved the company's website to a VPS and moved our mail server to a cloud-based solution. Now, we just block all foreign IP addresses at the firewall by default.

The US government is spoofing the IPs to make it look like the attacks are coming from China, but in reality it's US hacking., Doh.

Re:Must be bullshit (0)

Anonymous Coward | about a year and a half ago | (#42750485)

And yet another example of the Chinese Internet War in progress, folks! Yes, the Chinese have millions who surf and leave anti-US posts where ever they can.

These ones are not even sublime.

Re:Must be bullshit (0)

Anonymous Coward | about a year and a half ago | (#42751823)

Everyone knows the hacking threat is made up by the US government, as I am continually reminded every time I try to talk about it.

No, it's not bullshit. I don't know how you draw that conclusion. I look at my family business' firewall logs and see lots of intrusion attempts coming from Chinese IP addresses. It got so bad that I moved the company's website to a VPS and moved our mail server to a cloud-based solution. Now, we just block all foreign IP addresses at the firewall by default.

And like the typical idiot admin you assume that the IP you see hitting your firewall is the actual source. It's standard practice to bounce any attacks aimed at US, etc. targets off a compromised system sitting in China, Russia, or some other country which was not likely to cooperate with a foreign investigation. While blocking may indeed cut down on log spam, those are just random headless scans. Any dedicated intrusion attempt is going to hit you with a "slow" scan over the course of many weeks, and use a variety of relays especially ones coming from address space you are not likely going to be able to afford to block en mass.

NYT is overreacting (0)

Anonymous Coward | about a year and a half ago | (#42749829)

They Chinese. They play joke.

Re:NYT is overreacting (0)

Anonymous Coward | about a year and a half ago | (#42750763)

NYT not overreacting.

They putt pee-pee in the Times' not greater than 16oz. Coke.

Go Chicoms! (0)

Anonymous Coward | about a year and a half ago | (#42749953)

Chicoms versus the New York Times?

I'm rooting for the Chicoms.

hacked? Try infiltrated (1)

pastafazou (648001) | about a year and a half ago | (#42749955)

It's been the Commie Times for a while now...

Re:hacked? Try infiltrated (0)

Anonymous Coward | about a year and a half ago | (#42750675)

It's been the Commie Times for a while now...

Since China has been a totalitarian capitalist state for the last three decades, I think that pretty much rules out any Chinese influence.

Oh Behave! (1)

CuteSteveJobs (1343851) | about a year and a half ago | (#42749965)

'Governor Jiabao. I should have expected to find you holding General Mingfu's leash. Do you realize the more your hackers attack our free (well mostly free) press, the more we will think you're are carrying on like a pack of spoiled brats unfit to replace America as the world's superpower?' http://www.businessinsider.com/chinese-general-ominously-warns-australia-not-to-side-with-the-us-tiger-2013-1 [businessinsider.com]

"By the Chinese" (0)

Anonymous Coward | about a year and a half ago | (#42750231)

Does this mean by ALL of the Chinese? ALL 1,5 billion of them hacked into the NYT site? Does this summary mean that every time the chinese government is hacking into foreign sites we have to blame all the chinese citizens for this?

the weak link(s) (3, Insightful)

DrProton (79239) | about a year and a half ago | (#42750251)

The article makes no mention of the operating system of the compromised computers. This would be like an article on safety faults in automobiles that did not mention the make and model. Can't we have better security reporting from the grey lady? There is mention of a "domain controller" that was compromised to obtain password hashes and that a rainbow table must have been used to crack passwords. Is there anyone who does not think that it was windows computers that were compromised? I can't help wondering if M$ and the NYT have some sort of agreement about how they report on computer security.

Re:the weak link(s) (0)

Anonymous Coward | about a year and a half ago | (#42751541)

No, this is like a safety defect on tires that doesn't mention if the car has power locks.

The operating system wasn't reported because that is information that isn't important to the vast, vast majority. They also didn't list the manufacturers of their firewalls, brands of routers, or email services used either. Computers are commodities. All operating systems have vulnerabilities. And no one cares anymore, they all work until the rare situations where they don't.

It's not that the New York Times has an agreement with Microsoft, it's that they have an agreement with the world not to list every trivial fact in every single article that only an incredibly small percentage of their readers would be the slightest bit interested in. If it were an article in a magazine dedicated to computer security, then, yes, it would be a glaring omission. But it's a newspaper for general consumption, leaving out trivial details is necessary to keep the articles of a readable length, and to keep them readable in general. It might not be a trivial detail to you, but it is to nearly everybody else. More people would be interested in what brand the suit in the picture is, but they left that information out as well because it is trivial as well. No one, at all, anywhere would change their operating system choice based on this article if they had listed which one it was. It is of zero relevance.

Personally, I think the compromised domain controllers ran Linux, specifically, your favorite distribution. And I have the same amount of evidence as you, which is exactly zero.

Re:the weak link(s) (4, Informative)

Anonymous Coward | about a year and a half ago | (#42752075)

The article makes no mention of the operating system of the compromised computers. This would be like an article on safety faults in automobiles that did not mention the make and model. Can't we have better security reporting from the grey lady? There is mention of a "domain controller" that was compromised to obtain password hashes and that a rainbow table must have been used to crack passwords. Is there anyone who does not think that it was windows computers that were compromised? I can't help wondering if M$ and the NYT have some sort of agreement about how they report on computer security.

The articles make it pretty clear that the vulnerabilities that were exploited was (A) social engineering and (B) excessive user privileges, not an OS or application flaw. It was nothing but a targeted email worm. This kind of thing could have easily been prevented on Windows with proper policies, and would have happened just as easily on a similarly (mis-)configured Mac or Linux machine.

In other words, the weak link is what they always were: the users.

Re:the weak link(s) (0)

Anonymous Coward | about a year and a half ago | (#42755963)

Mod parent up. Mod GP as flamebait.

Time for import tariffs (2)

Squidlips (1206004) | about a year and a half ago | (#42750377)

Why do we keep putting up with this crap and not fighting back? Let's add a stiff import tariff on Chinese junk which would increase revenues and add jobs to this country.

Re:Time for import tariffs (1)

ak3ldama (554026) | about a year and a half ago | (#42750547)

The delusionals tell everyone we want a free market. Oh by the way we need to pass that new farm bill!

Re:Time for import tariffs (1)

benjfowler (239527) | about a year and a half ago | (#42750953)

We don't see that. Our elites are as low and worthless as junkies, because they are hopelessly, terminally addicted to cheap labour.

Re:Time for import tariffs (1)

Skiron (735617) | about a year and a half ago | (#42751109)

Who uses Chinese Junks? I thought you guys used canoes like in the film "The 'squeal like a pig' Deliverance"

Re:Time for import tariffs (1)

AmiMoJo (196126) | about a year and a half ago | (#42752827)

The US started the cyber cold-war, this is retaliation against YOUR attacks.

Re:Time for import tariffs (0)

Anonymous Coward | about a year and a half ago | (#42753369)

This would hurt us as well. There are American companies who import from China in order to sell their goods/services. How would these companies compete with foreign companies that are still getting parts from China w/o paying the stiff import tariffs you suggest?

I see China as a Frankenstein. We created this monster that is now perceived as a threat here. If we went back to the China of 89, that country would hardly pose a threat to us at all. But even after the tiananmen square massacre, we did not mind trading with them. They were desperately trying to get access to our markets and we simply allowed them to do it. At that point, we could have forced them to move toward democracy... we could probably have forced them to deliver us North Korea on a silver platter. But we didn't. We lost our opportunity.

Re:Time for import tariffs (1)

desdinova 216 (2000908) | about a year and a half ago | (#42753975)

because Walmart doesn't want it.

that's not actually a denial (1)

sribe (304414) | about a year and a half ago | (#42750469)

After all, removing information damaging to the prime minister improves "internet security", not damages it ;-)

So That's why! (1)

Anonymous Coward | about a year and a half ago | (#42750487)

So that's why all the NY Times Editorials read like commie propaganda!

Meet the new boss (0)

Anonymous Coward | about a year and a half ago | (#42750539)

So the up and coming super power works just like the current one? A shocker, I tell you...

This is called fascism or corporatocracy. Spin the revolving door, baby!

it was windows (1)

DrProton (79239) | about a year and a half ago | (#42750561)

The BBC is reporting [bbc.co.uk] that it was windows computers that were compromised. They quote Graham Cluley, a tech consultant at Sophos. All compromised computers were "thrown out and replaced." All passwords were changed. Another article [bbc.co.uk] reports that the hackers would begin working at 0800 Beijing time..

Re:it was windows (0)

Mike Frett (2811077) | about a year and a half ago | (#42750813)

Replaced again with Windows computers I assume. How smart...

Re:it was windows (2, Informative)

Anonymous Coward | about a year and a half ago | (#42751841)

The linked articles say no such thing. You need to read more critically. The BBC quoted a guy from Sophos, who wasn't involved in any way, making some general statements about Windows machines. It doesn't say anything about what OS was compromised in this attack.

From your link : "Graham Cluley, senior technology consultant at security company Sophos, which often helps companies cope with intrusions by hackers, "

Note that he's not directly related to this story in any way. They wanted a quote from a "computer security expert", they did not find someone with direct knowledge of or who was involved with this particular situation.

From your link :"Mr Cluley speculated..."

Which is another way of saying "a completely imaginary, but somewhat plausible scenario I just made up is..."

It could have been Linux boxes compromised. It could have been BSD, A/S 400, SCO Unixware or BeOS for all the information in the articles about it. Or, yes, Windows, in fact, it's most likely it was. But we don't know, and there isn't any information in these articles to tell.

Thin skins (1)

benjfowler (239527) | about a year and a half ago | (#42750945)

Aren't these Communists delicate little flowers? Amazingly thin skinned, even though they block anything even vaguely political from mainland China.

I think they are a bunch of stupid Third World pussies, with stupid Third World attitudes. No wonder they're Pakistan's only friend in the world. It takes a dirty, illiterate loser to know one.

Snippy Symantec? (1)

Anonymous Coward | about a year and a half ago | (#42750947)

The Times used Symanetic's suite of malware protection software; Symantec has issued a statement that could be taken as slightly snippy about its role in (not) preventing the spyware from taking hold.

Can't say as I blame them. A friend at Symantec who's been involved in the NYT relationship was saying that they've spent over a year trying to get NYT's IT dept to update to SEP v12 to no avail, despite repeated warnings that v12 would catch malware exactly like this. Given that they turned the intrusion into a big story for their employer instead of getting fired, I'd say NYT's IT department spun it pretty well. Given that it's coming at the expense of Symantec, I'd say they're being quite polite.

Steve Bennett (1)

Frankie70 (803801) | about a year and a half ago | (#42751187)

Steve Bennett - is that you? Don't spread rumours anonymously.

Gotta love Symentec's comment (3, Interesting)

sasparillascott (1267058) | about a year and a half ago | (#42751165)

Symentec, who's software didn't identify but one of the 45 pieces of malware installed, tried to imply it was the NY Times fault, saying the anti-virus isn't enough (although once such stuff is installed the antivirus should be able to find and eliminate it...that's what they sell it for, right?) - I wonder if Symentec's software can identify all or even most of the malware now, yet? The average user is just so far out in the woods, its obvious most of the anti-malware software (even the biggies like Symentec) are not remotely successful at catching or preventing such attacks (since they obviously won't just be used by the Chinese govt hackers forever).

Re:Gotta love Symentec's comment (0)

Anonymous Coward | about a year and a half ago | (#42755917)

You've got to remember that this was custom malware written by the attackers, not known malware that there's signatures out there for. If you understood how anti-malware software works, and how to evade it as an attacker, it's not at all surprising or unusual.

Memories (0)

Anonymous Coward | about a year and a half ago | (#42752223)

Hacked by chinese

Detected 1 out of 45 malicious items? (2)

StormyWeather (543593) | about a year and a half ago | (#42752227)

Dang, Symantec has really been improving their products lately. That's much better than I've gotten out of them.

Re:Detected 1 out of 45 malicious items? (1)

OhHellWithIt (756826) | about a year and a half ago | (#42752421)

Perhaps they should try AppGuard [blueridge.com] , which stops zero-day attacks. (Shill disclaimer: I used to work for the company that produces AppGuard.)

Re:Detected 1 out of 45 malicious items? (0)

Anonymous Coward | about a year and a half ago | (#42755385)

The amusing part is that symantec got owned in the aurora events, and if you've ever dealt with this set of attackers you'll know there is no 'we kicked them out' because they get back in the next day, and the next one and the next one and the next one, etc. (This is the 'P' in APT). Point is, they don't leave and symantec is going to be a HVT because of so many companies that use them; I'm not even going to mention the amusing part where the entire reverse engineering capability of symantec for malware analysis is done in Asia.

The most amusing part is that there's a non-zero chance that its the symantec software that infected their networks in the first place. The claims I find most dubious are the ones where their security consultants say that they didnt do XYZ or didnt access ABC and 'we kicked them out'. I work in this industry and spent a couple years working on cases involving this exact set of attackers; while they arent the mystical hackers described in the times piece years ago, they're good enough that they've been in our .mil/.gov green and yellow networks for upwards of a decade, often going undetected for years and then implausible to totally stop when you bat the bee hive.

If you go google up all the MS Office 0day that was found in the wild in 2006-2007, there was a long string of them. That's what happened when I started kicking ass , they unleashed a huge wave of 0day on us.

glorious chinese (1)

hraponssi (1939850) | about a year and a half ago | (#42752491)

so did they try sending themselves some PDF documents about the chinese leaders business dealings, under the email alias of some of the chinese prime ministers friends..? loaded with a few customized malware of their own, or not. after all you just sent it to yourself, right?

followup (1)

slashmydots (2189826) | about a year and a half ago | (#42753211)

The Times detailed its assertions in a long article posted to the front of its Website Jan. 30. The attacks apparently began in early September, as the probe into Wen’s family approached its conclusion. While the hackers could have “wrecked havoc on our systems,” according to Times CIO Marc Frons, they focused on infiltrating dozens of employee computers.

Unfortunately, they wreaked havoc on their grammar and spelling.

Great NYT Article! (4, Informative)

Midnight_Falcon (2432802) | about a year and a half ago | (#42753573)

Amidst all the discussion of the paywall and how long it took slashdot to post this, I think the real point here has been missed:
The New York Times wrote a GREAT article disclosing in full, with technical detail, how they were compromised.

Kudos to them for this in-depth transparency.

The article described in detail how targeted malware attacks were brought against NYT employees. Those were launched from compromised university computers within the US. From there, the custom malware allowed them to hack a Windows AD Domain Controller, and obtain the NTLM hashes. They ran the NTLM hashes against a rainbow table and got 56 user passwords that they used for VPN access.

From there, they were tracked by a security consulting company using an intrusion detection system. They employed a great strategy of not knee-jerk kicking the hackers out, but of watching their moves and determining the scope of compromise. They used forensics hard drive analysis to recover logs and figure out exactly what data was being accessed.

Sounds like what I would do if I was called in for incident response. Except, NONE of my clients would ever allow a story of this detail to be published!!!

Hats off to the NYT for this level of transparency.

Re:Great NYT Article! (0)

Anonymous Coward | about a year and a half ago | (#42755035)

Not even slow news day with possible WW3 breaking out @ Israel and Syria.
Ah, but perhaps the point is to distract from the serious news.

Can we get off these pointless speculations, given that it's common knowledge that EVERYBODY HACKS.
But kudos to Mandiant AND the authorities in China in asserting that a US University was a zombie relay, but somehow concluded without a shadow of a doubt that the relay originated and ends definitively in China.
I didn't know Chinese authorities grant such generous access to their networks to outside investigators. And to think the NYT had published its share of criticisms of the Great Firewall etc. I certainly hope a hearty apologies on the front/home page is in order to the Chinese authorities from the NYT editorial staff, for all their past FUD and bullshit about this most transparent of governance that puts the likes of America to shame.

And note to the NYT propaganda sorry I mean editorial staff: you guys haven't intentionally left out any other files accessed by these slimy Chinks have you? Your gay kiddie porn stash? Nothing?

With Thomas Friedman at the Tiimes, why spy? (0)

Anonymous Coward | about a year and a half ago | (#42754737)

With Thomas Friedman alway writing how wonderful China the Chinese government is, I'm shocked to learn they didn't just call him up to get the information. Maybe one department didn't get the memo from the other.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?