Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

China Behind 96% of All Cyber-Espionage Data Breaches, Verizon Report Claims

Soulskill posted about a year and a half ago | from the go-big-or-go-home dept.

Security 96

colinneagle writes "Verizon's 2013 Data Breach Investigation Report is out and includes data gathered by its own forensics team and data breach info from 19 partner organizations worldwide. China was involved in 96% of all espionage data-breach incidents, most often targeting manufacturing, professional and transportation industries, the report claims. The assets China targeted within those industries included laptop/desktop, file server, mail server and directory server, in order to steal credentials, internal organization data, trade secrets and system info. A whopping 95% of the attacks started with phishing to get a toehold into their victim's systems. The report states, 'Phishing techniques have become much more sophisticated, often targeting specific individuals (spear phishing) and using tactics that are harder for IT to control. For example, now that people are suspicious of email, phishers are using phone calls and social networking.' It is unknown who the nation-state actors were in the other 4% of breaches, which the report says 'may mean that other threat groups perform their activities with greater stealth and subterfuge. But it could also mean that China is, in fact, the most active source of national and industrial espionage in the world today.'" The report also notes that financially-motivated incidents primarily came from the U.S. and various Eastern European countries.

Sorry! There are no comments related to the filter you selected.

I must admit a begrudging respect for China (5, Funny)

TWiTfan (2887093) | about a year and a half ago | (#43528169)

I kind of envy having a government so willing to go to bat for its native industry that it's willing to go as far as to steal IP for them. In my country, the government is more than happy to sit back and watch all its industries outsource and lay off everyone, and nationalism is regarded as a bad word. China, if nothing else, believes in China.

Re:I must admit a begrudging respect for China (3, Funny)

gl4ss (559668) | about a year and a half ago | (#43528277)

they just have so many people and not so many things to order them to do. but imagine the disappointment when they spend two man years to phish something trivial they then notice they already had since they had been producing the fucking thing for five years!

aaanyhow.. even westerners would be better off bouncing their attacks through china.

Re:I must admit a begrudging respect for China (1)

noh8rz10 (2716597) | about a year and a half ago | (#43528817)

yeah, it's no secret that china is playing hardball and lowball, for what purpose it's not clear. but don't install those huawei switch equipment or use their usb modems!

keep telling yourself that (0)

Anonymous Coward | about a year and a half ago | (#43535671)

but imagine the disappointment when they spend two man years to phish something trivial they then notice they already had since they had been producing the fucking thing for five years!

Re:I must admit a begrudging respect for China (0)

onyxruby (118189) | about a year and a half ago | (#43528475)

Sit back and watch! Who are you kidding, we don't sit back and watch we provide significant tax incentives dammit! Move it, move it, get those jobs out of here!

Re:I must admit a begrudging respect for China (1)

glrotate (300695) | about a year and a half ago | (#43528531)

Chink Chink Chinaman sittin' on a fence,
Trying to make a dollar out of fifteen cents.

Re:I must admit a begrudging respect for China (4, Insightful)

Anonymous Coward | about a year and a half ago | (#43528545)

You're drawing a false distinction between China's government and it's industries. Companies in China essentially *are* part of the government.

Re:I must admit a begrudging respect for China (-1)

Anonymous Coward | about a year and a half ago | (#43529169)

You're drawing a false distinction between China's government and US industries. Companies in US essentially *are* part of the Chinese government.

Also this is not spying, its just extended systems analysis and reporting. Helps to keep tabs on our external operations.

Re:I must admit a begrudging respect for China (0)

Anonymous Coward | about a year and a half ago | (#43531107)

Companies are part of the American government too. You're a fool if you can't see that. Politicians make business friendly decisions because they're the same team.

Re:I must admit a begrudging respect for China (2, Interesting)

AmiMoJo (196126) | about a year and a half ago | (#43528559)

What makes you think the US isn't doing the same? There have been complaints from European companies for decades that the US was spying on them, and it is safe to assume that anything worth stealing that China develops would be a target as well.

There was an article today about how China is well ahead of the US in renewable energy. China is deploying a deep water thermal differential power plant, the largest of its kind. China has faster trains than anything in the US, even if the signalling system isn't so good... You can bet your bottom dollar that the US government is keeping a close eye on these developments.

Re:I must admit a begrudging respect for China (2)

cayenne8 (626475) | about a year and a half ago | (#43528665)

The difference is, in countries like China (and I think #2 is actually Israel, or at least they used to be WAY up there in espionage in the US)...it is state sponsored.

In the US, it is largely left up to the private industry. Any US spying, stays mostly in govt hands, things learned by the US govt isn't given freely to US industries.

The opposite is true in these other countries.

Re:I must admit a begrudging respect for China (0, Troll)

s.petry (762400) | about a year and a half ago | (#43528955)

The difference is, in countries like China (and I think #2 is actually Israel, or at least they used to be WAY up there in espionage in the US)...it is state sponsored.

In the US, it is largely left up to the private industry. Any US spying, stays mostly in govt hands, things learned by the US govt isn't given freely to US industries.

Pure speculation, and not even "good" speculation. The fact is, you know very little about what the US Government does with it's data. The reason for this is that nearly all of the spying we do is classified as State secrets. I'd bet you a dozen donuts that the US does way more spying than China. Maybe not domestically, but our foreign espionage would dwarf China.

The difference is really, that you are told that China is full of bad guys. You are told that the US is full of heroes saving the world from Governments like China, Libya, and Egypt. Be very cautious with what you are told! Your belief's may not match reality very closely.

Re:I must admit a begrudging respect for China (5, Insightful)

gtall (79522) | about a year and a half ago | (#43529267)

Your whole reply was pure speculation, unless the government has been giving you the memos, stop reading Mother Jones. You whole argument is that (1) you don't know what the government is doing, (2) therefore it is lying to you. Brilliant, Einstein.

Re:I must admit a begrudging respect for China (1)

s.petry (762400) | about a year and a half ago | (#43530639)

I never claimed the Government was lying, I said that it's a fact our Government spies on people and we have no facts due to classifications for nearly every aspect of our espionage. Therefor, mister lack of basic English reading and comprehension skills, I did not speculate.

Me pointing out facts without the propaganda you normally get does not make my facts incorrect. It makes you look like an imbecile.

You believethat the US spying is all for the greater good. I make no such assumption. I never assumed it was bad either, and if you did go back and read it again.

I'd never insult Einstein by calling you him. I will however call you a Troll if you fail to read and comprehend a second time.

Mod point fail (0)

Anonymous Coward | about a year and a half ago | (#43532585)

I really wish people with mod points would read the guidelines. It would save me from reporting it.

Mod point fail (1)

s.petry (762400) | about a year and a half ago | (#43532591)

I really wish people with mod points would read the guidelines. It would save me from reporting it.

Re:I must admit a begrudging respect for China (0)

Anonymous Coward | about a year and a half ago | (#43528801)

I'm going to bookmark your post and whenever the US is mentioned in the future, I will copy you and make posts like "What makes you think the EU isn't doing the same?" and add in some speculation about EU economic stagnation and needing to keep an eye on the US.

Wish me luck!

Re:I must admit a begrudging respect for China (0)

Anonymous Coward | about a year and a half ago | (#43528857)

It seems like China discussion threads are the only places where tu quoque arguments get modded up.

Re:I must admit a begrudging respect for China (1)

k6mfw (1182893) | about a year and a half ago | (#43528901)

What makes you think the US isn't doing the same? There have been complaints from European companies for decades that the US was spying on them...

heh, I was talking with someone, Japanese-American, and she remembered way back when the Germans complained, "US takes our first-class scientists, Soviets take our second-class scientists, and we're stuck with third-class scientists!"

Re:I must admit a begrudging respect for China (0)

Anonymous Coward | about a year and a half ago | (#43529155)

The SR71 was designed to do what exactly?

I suppose one nation spying on another at that point in time was different then what happens now?

Re:I must admit a begrudging respect for China (0)

Anonymous Coward | about a year and a half ago | (#43529489)

What makes you think the US isn't doing the same?

Because 96% of espionage breaches originate from China, you dolt.

Re:I must admit a begrudging respect for China (5, Informative)

Solandri (704621) | about a year and a half ago | (#43529911)

The difference is that from what I've seen of Asian corporate culture (I worked there for a couple years), it is not taboo to steal IP from competitors. In fact it's more or less considered normal albeit unspoken. It's not unusual for an employee who refuses to do it to be let go for other unspecified reasons.

You've seen the stories over and over. Like how the Chinese government required Siemens to contract with Chinese companies to manufacture high speed trains, then once the companies had "acquired" enough technical knowledge to do it themselves they dumped Siemens. It makes me facepalm every time I read about some naive Western tech company eager to do business in China bending over backwards to please the Chinese government, like lambs to the slaughter, thinking that a few pieces of paper promising their IP is safe will protect them.

In the late 20th century, this behavior was pretty much localized to the region. But now with the Internet, the behavior can reach around the globe. Those of you who think Western companies are the epitome of evil are in for a rude shock, once you see the no-holds-barred style of capitalism practiced in the East.

Re:I must admit a begrudging respect for China (0)

Anonymous Coward | about a year and a half ago | (#43528613)

Unfortunate, but well said

Re:I must admit a begrudging respect for China (1)

ackthpt (218170) | about a year and a half ago | (#43529079)

I kind of envy having a government so willing to go to bat for its native industry that it's willing to go as far as to steal IP for them. In my country, the government is more than happy to sit back and watch all its industries outsource and lay off everyone, and nationalism is regarded as a bad word. China, if nothing else, believes in China.

China is playing the Long Game, they've been at it for thousands of years. It should be no surprise you hear them say one thing while they vigorously do another, the hacking into Ameirican servers are merely there to throw the US off balance. Ultimately there is an opport

Oh we love, love, love Chairman Mao!
He's our saviour, our martyr, moral compass and soul
We dream about him with each rice bowl!
All the time he took, writing his little red book
How much better he was than that old KMT schnook
Oh, we love, love, love Chairman Mao and howwwww!

unity to learn the weaknesses of western systems to build better defences against attacks.

Re:I must admit a begrudging respect for China (2)

jandrese (485) | about a year and a half ago | (#43529549)

I always think it is weird when people applaud China for playing the long game, when so many of their policies seem focused on making them look explosive in the short term but crippling them in the long term. The One Child policy for instance has created an enormous glut of working age people with few dependents that will become a tremendous burden on the country when they reach retirement age. The One Child policy combined with traditional values is also creating a tremendous imbalance in the genders, with almost 20% more boys than girls born. Societies with enormous gender imbalances like that become unstable as unattached and disaffected males become restless. Historically (this also happens in polygamous cultures) the only solution is to go to war with your neighbors to kill off the excess men. The completely lax environmental regulation is allowing them to attract manufacturing from around the world, but at the cost of enormous medical and cleanup expenses down the road.

Anybody who thinks China is some unstoppable juggernaut based on their recent performance isn't thinking the situation all the way through. The communist party can only ignore these issues for so long before they boil over.

That said, China is and should be a major economic power. With a population that large you should be a major player in all global issues. The problem is that the government seems more interested in declaring themselves the winner in everything that they're not bothering to actually solve the real looming domestic issues.

Re:I must admit a begrudging respect for China (1)

ebno-10db (1459097) | about a year and a half ago | (#43530015)

The One Child policy for instance has created an enormous glut of working age people with few dependents that will become a tremendous burden on the country when they reach retirement age.

When you've got 1.3 billion people in a country the size of the US, overpopulation is a much bigger long term issue than having a high retiree/worker ratio for a while. If your productivity increases enough, a given number of retirees will actually be less of a burden on a smaller but more productive work force than they would be on a larger but less productive workforce. What do you think noodle robots are for?

The One Child policy combined with traditional values is also creating a tremendous imbalance in the genders, with almost 20% more boys than girls born.

That's a different story, though AFAIK the government's problem arises from an inability to stop it rather than any tolerance of it. I also find it revolting. My family values say a daughter is no less valuable than a son.

Re:I must admit a begrudging respect for China (1)

jandrese (485) | about a year and a half ago | (#43538725)

China has a lot of people, but it also has a lot of land area. The population density of China is 365 people per square mile, which puts it nowhere near the top worldwide. Compare this with Italy at 512 people per square mile or Germany at 609 people per square mile or the UK at 650 people per square mile. Neighboring Taiwan is all the way up at 1,849 people per square mile.

Re:I must admit a begrudging respect for China (1)

ebno-10db (1459097) | about a year and a half ago | (#43529939)

unity to learn the weaknesses of western systems to build better defences against attacks

Why bother? Big countries more readily destroy themselves than they can be attacked from the outside. That's how the US won the Cold War. Truman announced a containment strategy and eventually the USSR just imploded. Takes longer but it gets a lot fewer people killed that a hot war.

The US is happily destroying itself with its short-term self-parasitic thinking. Undoubtedly China will find a way to destroy itself from within (as it has many times in the past).

Re:I must admit a begrudging respect for China (0)

Anonymous Coward | about a year and a half ago | (#43529317)

People joke and laugh about Chinese aggression, but please never forget, China is the oldest nation on the planet and arguably the second largest in size (depending on definition).

They have arguably existed in continuous (but evolving) national form since approximately 200 BC -- possibly longer if you consider the Qin takeover a civil war and treat the dynasties as more western city states.

You don't last 2000+ years as a nation without a long term plan.

I don't want to be fearmongering about Asian cultures -- but it is important to pay a potential foe respect where it's due. China knows what they're doing.

Re:I must admit a begrudging respect for China (3, Insightful)

ackthpt (218170) | about a year and a half ago | (#43529567)

People joke and laugh about Chinese aggression, but please never forget, China is the oldest nation on the planet and arguably the second largest in size (depending on definition).

They have arguably existed in continuous (but evolving) national form since approximately 200 BC -- possibly longer if you consider the Qin takeover a civil war and treat the dynasties as more western city states.

You don't last 2000+ years as a nation without a long term plan.

I don't want to be fearmongering about Asian cultures -- but it is important to pay a potential foe respect where it's due. China knows what they're doing.

Also don't forget modern China is mostly populated and run by Han Chinese. Many of the earlier tribes of China were driven out by Han expansion and presently populate Southeast Asia and Japan. In claiming Tibet the government has effectively declared it lebensraum. Tibetans are already a minority in their own land.

Re:I must admit a begrudging respect for China (1)

ebno-10db (1459097) | about a year and a half ago | (#43530147)

Many of the earlier tribes of China were driven out by Han expansion ...

Somewhat like the Americans drove the Indians they didn't kill off onto reservations.

Re:I must admit a begrudging respect for China (1)

Duhavid (677874) | about a year and a half ago | (#43531163)

Yes, just like that.

Re:I must admit a begrudging respect for China (0)

Anonymous Coward | about a year and a half ago | (#43531425)

You're exactly right. So next time when you want to make apologetic statements, perhaps it's wise to think again.

Re:I must admit a begrudging respect for China (4, Insightful)

ebno-10db (1459097) | about a year and a half ago | (#43530123)

You don't last 2000+ years as a nation without a long term plan.

China has fallen apart, and been glued back together, many times in the last 2000+ years. Emperor/Chinese party gets too greedy, peasants revolt, place falls apart for a few centuries, new peasant leader comes along and makes himself emperor (e.g. Mao) and it stays glued together for some time, until the cycle repeats.

I'll buy that they're thinking longer term than the US, but that's also true of a hyperactive three year old. No country thinks 2000 years ahead. BTW Egypt has been around a lot longer and has at least as good of a claim to continuity.

Re:I must admit a begrudging respect for China (2)

cavreader (1903280) | about a year and a half ago | (#43531349)

They have been at it for +2000 years and they still come in 2nd place to a country that has been a going concern for 250 years. China is facing the inevitable consequences of creating a growing economy. Their only advantage in world trade has been their reliance on cheap labor and not quality or innovation. This is why China is borrowing technology from everyone and not giving a damn about things such as patents. They now have to compete with other countries in South East Asia because they also can use lower labor costs to make their exports more affordable. China has also manipulated their currency to make their exports as cheap as possible but currency manipulation has it's limits. On the whole I think China entering the global market place is just fine. Every country has it's own little quirks to massage their economies while trying not to piss off to many countries in the process.

Me Chinese! (0, Funny)

Anonymous Coward | about a year and a half ago | (#43528173)

Me Chinese!
Exploit Socks
Me Put malware
On your box!

Once it gets rolling. (0)

Anonymous Coward | about a year and a half ago | (#43528185)

Once it gets rolling, I am sure plenty of bad guys will use/abuse the situation. China probably does a bit of hacking themselves, but thanks to little to no backlash, it seems like a great idea to, when you are trying to do some wacky stuff, to fake being from china. It could help create a "should we investigate this further or will we find things we really don't want?" situation.

Re:Once it gets rolling. (0)

Anonymous Coward | about a year and a half ago | (#43528411)

Chinese firewall and online identity policy makes their network alternately the most penetrable and most impenetrable depending on which argument is more convenient, I guess.

I only have one question... (0)

Anonymous Coward | about a year and a half ago | (#43528197)

since this is from Verizon: How will they use it to justify raising prices?

Re:I only have one question... (5, Interesting)

plover (150551) | about a year and a half ago | (#43528651)

I realize you were probably asking this in jest, but Verizon Business Security is independent of their cell phone business. What happened is their investigators got pretty darn good at rooting out hackers, both internal and external. Helping customers find external hackers in their networks led them to offering these investigation services to other corporations. I'm pretty sure that their security team is a profitable self-sustaining division these days.

The most important thing to the rest of us is they created a schema for recording incidents, and they publish the data (after anonymizing it.) With the number of investigations they perform, it becomes a statistically significant source of information about breaches, which had been a real black hole of information before.

Most companies are reluctant to announce anything about their breaches. They're always negative publicity, they lead to accusations of wrongdoing or incompetence, and they may reveal other sensitive internal information about the kinds of data they keep. By being anonymized through the DBIR, we all get to learn much more about the threat landscape without being able to blame a specific company for a specific loss.

Re:I only have one question... (0)

Anonymous Coward | about a year and a half ago | (#43530587)

They also publish the data they got from other sources; if I remember correctly they get data from a law enforcement group somewhere outside the U.S. (sorry its been a couple years since I saw the group do a presentation).

This doesn't sound right? (1)

Dancindan84 (1056246) | about a year and a half ago | (#43528235)

What part of Nigeria is China in?

Re:This doesn't sound right? (1)

fustakrakich (1673220) | about a year and a half ago | (#43528469)

Apparently quite a few parts [vanguardngr.com] ... Try some of these fine Cassava chips...

Cyber-espionage is Bad (1)

Sponge Bath (413667) | about a year and a half ago | (#43528255)

But their robots make a fine bowl of noodles!

How about this? (-1)

Anonymous Coward | about a year and a half ago | (#43528303)

http://www.youtube.com/watch?feature=player_embedded&v=FYXmhBNz5D0

or this

http://www.youtube.com/watch?feature=player_embedded&v=PhslVyYRhNQ

or this ("suspect" aka framed kid seen with this backpack ON running the from scene, but blackwater guy leaves without his)

http://www.youtube.com/watch?feature=player_embedded&v=bjocGidSLJw

Slashdot you Zionist controlled piece of shit site. You take that spood fed mass media clap trap and shove it up your pussy as far as your can

the bigger (network) picture (1)

OffTheLip (636691) | about a year and a half ago | (#43528315)

What do all of these network/data breaches say about the overall state of security of connected systems? Regardless of who is behind them, all can't be blamed on mismanagement.

Verizon's own track record? (1)

Mister Liberty (769145) | about a year and a half ago | (#43528343)

Serious question.
Any takers?

90% of all (0)

Anonymous Coward | about a year and a half ago | (#43528345)

statistics are made up on the spot

the other 4 percent (4, Funny)

nimbius (983462) | about a year and a half ago | (#43528347)

was divided among local, state and federal government in their tireless quest to shit all over the middle east and shred the constitution.

Re:the other 4 percent (0)

Anonymous Coward | about a year and a half ago | (#43528535)

That's the dumbest things I have ever heard.
I wouldn't be shredding hemp paper if I were taking a shit, I'd be using it to wipe.

Re:the other 4 percent (1)

Peter Simpson (112887) | about a year and a half ago | (#43528591)

Hey, from my observation, the middle east is quite capable of sh!tting all over itself without our assistance.

And thanks for explaining why my state and local governments can't even come up with the money to fix potholes -- they're spending it all shredding the Constitution and sending the rest to Israel!

--
Good people go to bed earlier.
(really good people take their meds *every* night!)

Re:the other 4 percent (0)

Anonymous Coward | about a year and a half ago | (#43528791)

was divided among local, state and federal government in their tireless quest to shit all over the middle east and shred the constitution.

How could you tell?

It's not like it is difficult. (1)

SCHecklerX (229973) | about a year and a half ago | (#43528361)

How many companies in the US have branches in China? How many of those put any kind of firewalling, other than any-any in the VPNs connecting those branches? Yup.

surprise, surprise (0)

Anonymous Coward | about a year and a half ago | (#43528369)

Just in time to show how much we need CISPA. I wonder if Verizon is paid to say this, or if they do so willingly.
*adjusts tinfoil*

MY BUTT IS ON FYIAH!!! (0)

Anonymous Coward | about a year and a half ago | (#43528425)


 

Just because it's a target attack does not mean (1)

WillAffleckUW (858324) | about a year and a half ago | (#43528481)

Just because they are siphoning up and stealing our tech secrets doesn't mean they don't love us.

Or at least our money.

Can I just say... (0)

Anonymous Coward | about a year and a half ago | (#43528577)

...DUH! The Chinese are too stupid to figure out complicated things for themselves, so they use fishing techniques to get access to the information pertaining to the tasks that they want to accomplish from the people that can figure said tasks out. The entire Chinese government should be gathered up, put on an island, and then bombed out of existence!

Block all of China? (5, Interesting)

Anonymous Coward | about a year and a half ago | (#43528581)

I have a dumb question: If your company does not depend on doing business with China, why not block their entire country within your firewall? My current company has no dealings with China, so I've blocked their national IP address range. My spam/attacks have gone down almost 90% since doing so. I did the same with Russia and most of the former Soviet nations.

Re:Block all of China? (0)

Anonymous Coward | about a year and a half ago | (#43528807)

yup

Re:Block all of China? (1)

ron-l-j (1725874) | about a year and a half ago | (#43529289)

What is china's ip address range?

Re:Block all of China? (0)

Anonymous Coward | about a year and a half ago | (#43533023)

What format would you like that in?

http://www.okean.com/antispam/china.html [okean.com]

There are a number of such lists for Nigeria, China, Eastern Europe, etc. See http://www.parkansky.com/china.htm [parkansky.com] . This idea's been around for a while, and it's been useful. Blocking them at public points like a Great Firewall would be detrimental to freedom, but most individuals and companies don't need packets coming from China or Nigeria or Romania, so the more people who know how to block this traffic from their own systems if they so desire, the better. Sure, a determined hacker will set up a VPN to hide his real point of origin, but very many attacks originate from Chinese IP addresses without an intervening proxy, so it's worthwhile making life (even just a tad) harder for the people who want to make life harder for you.

No (0)

Anonymous Coward | about a year and a half ago | (#43535733)

They make your life harder. You make their life fractionally less rewarding. Big big difference. They're winning. China and the banksters that back it will be the biggest super power according to most analysts by 2015.

Maybe that's better than Paedo middle-east raping 'merica being top dog.

DenyHosts Report (5, Informative)

Sloppy (14984) | about a year and a half ago | (#43528633)

Added the following hosts to /etc/hosts.deny:
 
[chinese address]

[repeat dozens of times per day]

At some point, you realize that the only time you ever communicate with that part of the Net, is when you're receiving an attack of some sort. Before long, "The Great Firewall of China" isn't going to be something installed by the Chinese government; it's something the rest of us will have done.

Hmm... maybe that was the government's devious plan to combat internal dissent and external influences, all along!

Re:DenyHosts Report (1)

game kid (805301) | about a year and a half ago | (#43528889)

Yup, sounds like a remarkably effective and easy plan. Many computers there have Windows "so [they] could be useful" [slashdot.org] , and 5 will get ya 10 that they're not "Genuine" and also unpatched, so China can take control of them and send attacks through them (or just change the logs on the hacked PC to trace back to the compy of the unsuspecting Evil Capitalist Pig who said one too many bad words about their boss-slash-covert domestic spy on social_media_outlet). The CCP has Evidence(tm) to forced-labor the Pig, US businesses will block the foreign address as radioactive ("No Facebook for you!"), and the US gov gets free CISPA-approval ammo.

Now that's US-China diplomacy!

Re:DenyHosts Report (0)

Anonymous Coward | about a year and a half ago | (#43530429)

^ this.

If I had ever illegally gained access to some systems (which I never have done, of course), I most certainly did not route my traffic through one or more machines located in states where diplomatic communication with the US would be difficult if not impossible.

Attention! (0)

Anonymous Coward | about a year and a half ago | (#43528661)

I've just poured hot grits down my pants.

Thank you!

Don't ever mention that Microsoft Windows ... (-1)

Anonymous Coward | about a year and a half ago | (#43528767)

Microsoft Windows was involved in 96% of all espionage data-breach incidents ..

Not TRUE - Report author just couldn't find others (0)

Anonymous Coward | about a year and a half ago | (#43528881)

According to this story - (http://www.esecurityplanet.com/hackers/identity-loss-is-the-leading-data-breach-attack.html) which actually quotes a Verizon person instead of just cutting/pasting from the report - China was just the only Nation-State actor they could find.

Verizon's chief investigator said:", "we're not naive enough to think that China is the only country doing this kind of espionage work, but it is the only country that is showing up in our data.""

I'll be curious to know... (1)

grumpyman (849537) | about a year and a half ago | (#43528903)

How much Cyber-Espionage is going in the other direction....

China may just be a stepping stone for Hackers. (2)

PenguinJeff (1248208) | about a year and a half ago | (#43528969)

While watching ssh brute force on some of my systems I found myself blocking whole subnets based in China. I also discovered some in the US. Long before this one of my machines (old slax bootable CD) at home had been attacked itself and used as a stepping stone for hacker for the few hours it had gone unnoticed, a slow internet has the advantage of when I hacker was on it would get unbearably slow. I rebuilt that machine even looking for MBR trojans. However a sufficiently fast internet might not be bogged down enough for people to notice and hackers can use machines as stepping stones. Couldn't we give China the benefit of doubt and suspect they are hacked? Just a thought.

Maybe, maybe not. (1)

PopeRatzo (965947) | about a year and a half ago | (#43529067)

This story may well be true, but I'm going to have to hear it from someone other than Verizon. They have not proven to be a reliable source of information about anything.

Re:Maybe, maybe not. (0)

Anonymous Coward | about a year and a half ago | (#43530607)

Could you cite the reason you distrust the DBIR? I've met several of the people behind it and they try very hard to make the data as accurate as possible. With that said, every presentation I've seen from them starts with a disclaimer that their data is from a biased set (companies that engage them, typically because they think there has been a security incident).

Re:Maybe, maybe not. (1)

PopeRatzo (965947) | about a year and a half ago | (#43532171)

Could you cite the reason you distrust the DBIR?

Yes. They work for Verizon. As long as their funding comes from Verizon, their first mission will be to serve Verizon. If you think their disclaimer, their admission of bias, is a reason to trust them, you're making a mistake.

Especially about issues regarding security, it's never a good idea to trust people who have an agenda that is not directly tied to anyone's security but theirs.

Once and for all: corporate ways are not our ways. corporate benefit is not our benefit, not even if you happen to work for Verizon. They would sell your security in a heartbeat if there was a dollar in it for them. When the day comes that there is more profit in bad security than good, you can bet they will support bad security.

Re:Maybe, maybe not. (1)

VortexCortex (1117377) | about a year and a half ago | (#43532545)

Could you cite the reason you distrust the DBIR?

Well for me it's the politically motivated weasel words: "China was involved in 96% of all espionage data-breach incidents"
This means even if it was a Repulsive Russian or Clever Canadian hacker using a Chinese box as a relay, and a toolkit that Chinese folk have used before then "China" was "involved". Which is bullshit.

Let me tell you of a story of the town that has the highest drug related arrests in the county: I was pulled over for speeding, and briefly arrested for possession of drugs. I was traveling on a road marked 50mph that suddenly changed to 30mph at the edge of a small town's influence -- not a building in sight, just they have land rights. The posted speed sign was amongst some trees and partially obscured. There was a police officer with a radar gun sitting across the road from it in plain sight. I saw the cop and slowed down in case they were to pull out into traffic (but not below the new speed limit). I missed the posted speed limit sign -- I disputed its existence then got angrier when saw it later, mostly obscured -- A classic small town speed trap.

The officer's report says he saw drug paraphernalia and smelled a strong presence of marijuana, which is bullshit, and it was a pre-written canned report that shouldn't have even been valid -- It said the officer talked to the passengers in my car to ensure they weren't intoxicated: There were NO passengers. It was a copy-paste from some pre-made report! My lawyer demanded the case be dropped due to the fraudulent report. The judge just crossed that part out and had me and the cop initial it, ugh! My Uncle smokes a tobacco pipe and left it in my car -- That was the 'drug' paraphernalia they confiscated and kept. I was eventually released with only a speeding ticket, and the ticket was dropped when I showed up to fight it. That small town has the highest number of "Drug Related Arrests" in the county. Now I have to say YES on employment applications that ask: "Have you ever been arrested for a felony offense" -- Arrested, yes. Convicted? No. Still, that's not what the application asks, now is it? Might as well say: "Have you ever been assumed guilty before you had a chance to prove your innocence", but why the fuck would you ask such a thing? That's the point. It's an honesty thing, I guess. It's weasely words that say one thing but mean another and I walk right out if I get asked such things, after letting them know I don't enjoy ruses. Just ask about convictions, dolts.

Ah, but the HR employees are just doing their job the way they were told to do it, and it wasn't THEM specifically that decided to add the weasely question. Just like this report. The researchers did their job and collected the information the best they can, they didn't have a political motive. However, the data is presented by others up the chain to coach the reader into coming to conclusions that the data does not directly support. This is cause for distrust.

In the same self selecting way that the police saw "pipe = drugs" this report only contains data from alleged "espionage" data-breaches, where the companies feel like divulging the information that won't make them look like completely irresponsible incompetent idiots. "A Chinese IP address! It was a state sponsored hacker who caused the data breach by exploiting the known SQL injection vulnerability that even skiddies can perform via running a pentest suite! Well, OK, maybe not, but let's make sure to point out that Chinese IP address." What of investigations into the actual nationality of the attackers? No mention of that 'eh? So maybe Maybe the report is designed to ask questions that lead folks to think one way when the data means quite another thing altogether, eh?

My IRC server logs show China is also home to the most open proxies (I actively test users for them) -- Guess where most of the folks using the proxies are from? USA. I know because they email me when I punt them offline, and I tell them to use a private proxy that's not fully open. My webserver logs show that China contains the highest percentage of unpatched windows boxes (as determined by browser user agent string) -- At least for my visitors. I can't speak for anyone else's data. It's shit like this coupled with the fact that CISPA was/is making it's way through the system -- a bill aimed at streamlining the process by which corporations share customers' personal information with the government -- OH! This could make it easier for to detect and prevent these "cyber espionage" attacks from China! Pffbfprt. Whatever. You do the math. To me it seems like PART OF THE REPORT is worded such to make it seem like China is evil to people who don't think for themselves.

The report is full of useful and detailed information, but when it comes to profiling they're noticeably aloof, and they specifically call out China then include "MAY" and "COULD" in their allegations and immediately try to draw attention away from the fact they just weaseled out of the allegation...

While we don’t require evidence that will stand up in a court of law, we also don’t guess or simply rely on low-confidence indicators like geolocation of IP addresses. Sometimes attribution is based on arrests and prosecutions, but it often comes down to the use of particular tactics, techniques, and procedures (TTPs) associated with known thread groups. Naturally, available information isn't always clear-cut, ...
...

For the majority (>75%) of breaches in our dataset, the threat actor's country of origin was discoverable, and these were distributed across 40 different nations. From Figure 13, it’s fascinatingly apparent that motive correlates very highly with country of origin. The majority of financially motivated incidents involved actors in either the U.S. or Eastern European countries (e.g., Romania, Bulgaria, and the Russian Federation). 96% of espionage cases were attributed to threat actors in China and the remaining 4% were unknown. This may mean that other threat groups perform their activities associated with known threat groups. Naturally, with greater stealth and subterfuge. But it COULD mean that China is, in fact, the most active source of national and industrial espionage in the world today.

Uh, what the fuck am I reading? It's intentionally misleading, IMO. And the ">75%" is just BS to make it seem like they have somewhat reliable information when they don't actually know where the person operating the attack was located at all, just has to meet some other requirement they came up with, GEOIP + It's a version of metasploit used by a Chinese hacker once! -- Or some other nonsense. What about "Convictions"? Oh, well, they're mentioned as having SOME indication, but that's OF COURSE not the main indication of origin -- Surely the Chinese wouldn't convict a known hacker that's making them all look bad. Bullshit. They actually do. Not that I care either way.

So, why present the data in such a way if not for misdirection? Why use the words "in fact" at all when you're saying "could" -- They're basically saying, "We're only guessing that this is a fact ___". The researchers know what the data says is different than the knee-jerk reaction it produces. Why make a statement like this that's misleading with a cover-your-ass "may" and "could" thrown in with a bunch of very serious sounding guesses, and tons of other useful data to boost credibility? Think, man! You can call the report bullshit and glean useful data from it too. False dichotomies are false. Take all corporate crap with a grain of salt.

Easy solution (1)

spaceman375 (780812) | about a year and a half ago | (#43529089)

iptables -A INPUT -m geoip --src-cc CH -j DROP

Admittedly not at all sufficient, but it really should be a default.

Propaganda (-1)

Anonymous Coward | about a year and a half ago | (#43529111)

USA behind 96% of all false propaganda. If you read an accusation made by the USA, take it with a pinch of salt.

Re: Propaganda (0)

Anonymous Coward | about a year and a half ago | (#43534977)

Errybody wang chung tonight

Russians and Eastern Europeans on vacation? (1, Insightful)

gestalt_n_pepper (991155) | about a year and a half ago | (#43529237)

Sorry. Just a little skeptical here. I don't doubt that China does its share, but I'm guessing that it's pretty easy to make it look like an attack is coming from China even if it originates from Boise, Idaho.

Re:Russians and Eastern Europeans on vacation? (1)

ebno-10db (1459097) | about a year and a half ago | (#43529603)

And everybody chooses to make it look like their attacks are coming from China? Ok, it's trendy now, but how did it get to be that way? Why not the former Soviet countries or something?

Re:Russians and Eastern Europeans on vacation? (0)

Anonymous Coward | about a year and a half ago | (#43531935)

And everybody chooses to make it look like their attacks are coming from China? Ok, it's trendy now, but how did it get to be that way? Why not the former Soviet countries or something?

For various reasons (why it's smart to route attacks via China). China has a large population and while only a minority of people are on the Internet, there's still a lot of them. Also, being poor, they run old pirated versions of Windows, unpatched of course. Finally, being new to the Internet, users are unsophisticated.

And the government is also involved in the attacks of course. For a damning example of how unsophisticated the Chinese military is, see the recent news about the military attackers using their personal Facebook accounts at the same time from the same IP. I mean, WTF? If you're going to do stupid-arsed things like that, you'd either use two physically different computers connected on different networks or use a military-grade OS that enforced that behaviour (along with policies/checks/balances). I mean, with that level of sophistication, no wonder they're being detected so easily.

Re:Russians and Eastern Europeans on vacation? (1)

VortexCortex (1117377) | about a year and a half ago | (#43532909)

Well, compare our trade deficits and find out for yourself. Hey, if Godwin owed Hitler money, wouldn't he come up with a Law to make him seem evil so he could default on the loan?

Re:Russians and Eastern Europeans on vacation? (1)

The Luck Factor (2905665) | about a year and a half ago | (#43534047)

Because there are a lot more computers in China than everywhere else?

The Almighty... (0)

Anonymous Coward | about a year and a half ago | (#43529443)

Great Firewall of China.

USA reports, we're the victims (0)

Anonymous Coward | about a year and a half ago | (#43529889)

... its own forensics team ... China was involved in 96% of all espionage

Umm. This is a report on the world vs USA. It doesn't say what happened in other countries. Remember 6 months ago, when the USA wanted a bigger cyber-offensive capability? SlashDot has forgotten the willingness of the USA to cyber-attack other countries.

Corporate espionage is nothing new. It's just that Russia never had the technology to use the trade secrets it stole. Modern espionage is a danger because of outsourcing, globalization, and a dependence on easily duplicated intellectual property.

Evolving techniques? (0)

Anonymous Coward | about a year and a half ago | (#43530093)

Phishing techniques have become much more sophisticated, (...) now that people are suspicious of email, phishers are using phone calls and social networking.

Really? Aren't those the same "sophisticated" techniques Kevin Mitnick used?

If it's from Verizon, I do not believe it (1)

Skapare (16644) | about a year and a half ago | (#43530211)

... since even Verizon is involved in the scam operations of TTI National (they own this company that does false billing of fake accounts).

karma kills (1)

noshellswill (598066) | about a year and a half ago | (#43530897)

Tired of paying an American wage? You wanted the feckin-A chi.com slave labor to make a few extra bucks well ... you got 'em! Let's hope a couple cosmopolitan globalists get new *zzwholes ripped.

And... (0)

Anonymous Coward | about a year and a half ago | (#43531365)

And pollution.

Pollution [theatlantic.com]

How about... (0)

Anonymous Coward | about a year and a half ago | (#43531383)

Just blocking access from China to your network?

Re:How about... (1)

VortexCortex (1117377) | about a year and a half ago | (#43532929)

Just blocking access from China to your network?

But then the world's hackers will just use proxies in other countries -- Especially the Chinese ones, who do this anyway...

What? (1)

James Howard Lahm (2837657) | about a year and a half ago | (#43531665)

Now that's just racist! That's like saying 99% of the world's terrorism is perpetrated by radial Islamists! How can you be so bigoted?

Do they get much benefit from it? (1)

satuon (1822492) | about a year and a half ago | (#43533967)

How much percentage points of GDP growth do they have more than if they didn't do this cyber espionage, I'm wondering?

For example, does hacking into a high-tech factory's servers allow them to immediately create a duplicate factory with trained staff that functions just as well?

Sic semper China (0)

Anonymous Coward | about a year and a half ago | (#43534015)

China doesn't respect copyrights or trademarks, so why should they not steal R&D data rather than pay for it themselves?

I must be stupid (1)

The Luck Factor (2905665) | about a year and a half ago | (#43534031)

I must be stupid, because to my understanding, the IP addresses an attack originated from is highly likely not the IP addresses of the attackers. I mean, there are things such as proxies, bots, zombies, etc. The only way to figure out where the attacks really came from is to go upstream at least one level and conduct forensic analysis of those machines. I am almost certain that Verizon didn't do that.

This poses a question (1)

Chrisq (894406) | about a year and a half ago | (#43534111)

What is the Chinese social equivalent of the 30-year old hacker still living in Mom's basement?

didn't you watch TV 40 years ago? (1)

DriveDog (822962) | about a year and a half ago | (#43538053)

Wo Fat is behind this.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?