Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

U.S. Commerce Department Hacked Again

Zonk posted more than 7 years ago | from the uncomfortable-it-people dept.

164

evil agent writes "The Bureau of Industry and Security (BIS), a branch of the Commerce Department, has sustained several successful attacks. Chinese hackers were able to gain access to its computers and install rootkits and other malware." From the article: "This is the second major attack originating in China that's been acknowledged by the federal government since July. Then, the State Department said that Chinese attackers had broken into its systems overseas and in Washington. And last year, Britain's National Infrastructure Security Co-ordination Center (NISCC) claimed that Chinese hackers had attacked more than 300 government agencies and private companies in the U.K."

cancel ×

164 comments

Chinese Hackers? (5, Funny)

IlliniECE (970260) | more than 7 years ago | (#16352517)

Chinese hackers installing root kits? Are you sure they weren't Japanese (aka Sony)?

Re:Chinese Hackers? (0)

Anonymous Coward | more than 7 years ago | (#16352553)

I'd really like to hope this is disinformation to make the Chinese think that they succeeded. If not,w e're a bunch of fuck ups.

Obligatory (0)

Anonymous Coward | more than 7 years ago | (#16352639)

I'll post the obligatory meme:

In China, USA government computers hack you!?

Re:Obligatory (0)

Anonymous Coward | more than 7 years ago | (#16353613)

meme: In China, the Great Firewall protects YOU!

first post bitches (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#16352523)

first post bitches !

I wonder... (0)

Anonymous Coward | more than 7 years ago | (#16352539)

...with so many people there using Red Flag, if this is an unfortunate result of having more literate users...

Meanwhile, at a government workstation... (4, Funny)

CompMD (522020) | more than 7 years ago | (#16352557)

Hm...so this here purple panda bear says he wants to be my buddy and help me out on the intarweb. Sounds good to me! (click) Gosh I wonder why my workstation is so slow, almost as if its sending all its files to ch!@$!$JGOJ!THIS POST 0WNZ0R3D BY CHINESE HAXORS

Re:Meanwhile, at a government workstation... (1)

the_last_rites (837649) | more than 7 years ago | (#16352571)

i like (0/\/\PR0/\/\153D better. 0\/\/|\|Z0r3D just doesnt sound 1337 anymore. So much so that even Myspace and Facebook fanbois are in on that

HELLO! (1)

linefeed0 (550967) | more than 7 years ago | (#16352943)

Welcome to http://www.worm.com [cert.org] !

Hacked by Chinese!

I don't buy it. (1, Insightful)

pair-a-noyd (594371) | more than 7 years ago | (#16352563)

They say they can't clean the systems. Bullshit, they just want to blow more of OUR tax dollars on new toys.

Also, what's the OS? No mention of that in TFA. Why are they using an OS that allows this sort of thing to happen. Shall we take a guess as to the OS?

If they were serious about security they WOULD put a stop to this crap.
It's easy to batten down the hatches.

It makes even less sense in TFA. (3, Insightful)

khasim (1285) | more than 7 years ago | (#16352579)

An August e-mail from acting Undersecretary of Commerce Mark Foulon quoted by the Washington Post said that BIS "had identified several successful attempts to attack unattended BIS workstations during the overnight hours." Last month, reported the Post, Foulon wrote: "It has become clear that Internet access in itself is a vulnerability that we cannot mitigate. We have tried incremental steps and they have proven insufficient."

What the fuck? Aren't they even behind a firewall?

Wouldn't a simple firewall "mitigate" that "vulnerability"?

Re:It makes even less sense in TFA. (2, Insightful)

AuMatar (183847) | more than 7 years ago | (#16352613)

No, it wouldn't. Firewalls themselves can be hacked. An internal network with no access to the internet is more secure than one with. The question is if access to the internet adds enough value to be worth the risk. The answer depends on what you're doing. Military plans- probably not. Joe Blow working for some small buisness- probably yes. In this case, no idea.

and? (1)

khasim (1285) | more than 7 years ago | (#16352661)

An internal network with no access to the internet is more secure than one with.

Since you've opted for pedantic, no, it is not. It is only more "secure" from Internet-based attacks. There is still physical security to be considered.

The most "secure" system is one that has been turned off, encased in cement and dropped into the deepest part of the ocean.

Now, can we possibly get back to a discussion of this specific situation instead of displaying our pedantic generalizations to the world?

Yes, a firewall can be cracked. But because it is a single point of access, it is far easier to monitor/secure than if all the workstations are directly connected to the Internet. Therefore, having a firewall would "mitigate" that "vulnerability".

Re:and? (2, Interesting)

AuMatar (183847) | more than 7 years ago | (#16352679)

Since you've opted for pedantic, no, it is not. It is only more "secure" from Internet-based attacks. There is still physical security to be considered.


Hence more secure, and not "totally secure".

Yes, a firewall can be cracked. But because it is a single point of access, it is far easier to monitor/secure than if all the workstations are directly connected to the Internet. Therefore, having a firewall would "mitigate" that "vulnerability".


Yes, it would mitigate the risk. For many government computers, thats still an unacceptable level of risk. If a buisness/government computer doesn't have good reason for internet access, it shouldn't have it. A better solution is to give those people 2 computers, one on the internet and not the internal network, the other reversed.

You don't understand "security", do you? (2, Insightful)

khasim (1285) | more than 7 years ago | (#16352739)

Hence more secure, and not "totally secure".

By that "logic", a house with a 10' hole next to the open front door is "less" "secure" than the same house with the front door closed and locked.

No, it is not.

Yes, it would mitigate the risk.

Which is what I said that you had previously taken exception to.

For many government computers, thats still an unacceptable level of risk.

And for others it is an acceptable risk. What is it with you and the pedantic generalizations?

If a buisness/government computer doesn't have good reason for internet access, it shouldn't have it.

Again with the pedantic generalization. Do you have ANY evidence that these workstations are not used to access legitimate web-based resources?

A better solution is to give those people 2 computers, one on the internet and not the internal network, the other reversed.

You even get your pedantic generalizations wrong.

Back in the old days, when computers weren't networked, we still had a virus problem that was spread from computer to computer via floppy disks. Having 2 computers available means "sneaker-net" would be easy. Not to mention that it depends upon ALWAYS getting the cables correct.

Why not just put those extra $$DOLLARS$$ into locking down the desktops, setting up the firewall and monitoring the traffic?

It's not like we don't have all those technologies TODAY. Look up "snort" and SELinux for starters.

"secure" does not mean "inaccessible" (1)

Vainglorious Coward (267452) | more than 7 years ago | (#16352789)

Since you've opted for pedantic...The most "secure" system is one that has been turned off, encased in cement and dropped into the deepest part of the ocean

Congratulations on choosing the pedantic option. Commiserations on your failed definition. The system you describe would not be appropriatelyavailable, which is a fundamental quality of a "secure" system

Re:It makes even less sense in TFA. (1)

pipingguy (566974) | more than 7 years ago | (#16353045)

Perhaps it is politically useful to announce that you've been hacked when, in fact, you havent. Or if you *have*, in fact been hacked, it might be useful to "leak" to the press that you've been hacked, but you secretly know that the hacking occurred at a non-vulnerable point. Or, if you haven't been hacked by hackers, it could be hacky if the hackees hacked the hackiest hack node and then made it appear that hackers had [writer's brain explodes, end of post]

Re:It makes even less sense in TFA. (1)

sumdumass (711423) | more than 7 years ago | (#16353423)

Actualy, this is a good point. Knowing that china is one of the ones holding the UN security counsel from making and definate actions on IRAN and thier nuke program. North korea is a concern too and many experts seem to think china can stop NK at any time. This might lead a little leverage over them. Simularly, the tarrif on shoes from china gives the EU some position of power over china too. So politicly, letting them know it might have worked could be a setup to allow threat of force and forgivness to manipular china into our corner. Or, it might be enough to allow another country belive China can and has found plans of attack stratigies and whatnot.

On the chance that chinese hackers actualy did hack the government computers, it might be likley they hacked into a honeypot. Letting people know they got in and we are trying to do something about it lets these hackers know another challenge is comming. We sit back and monitor were the attacks are comming from, block a few IPs logging the route to determine how easy they can change locations, and set the stage for blocking an entire portion of thier network if ever need be.

This would be akin to the movie plots (called a trap) were something of value is publicly known to be at a certain place at a certain time with laxed security so if someone is wanting to steal it, it would likey happen there. Then when a criminal takes them up, they find it isn't the real deal, they just stole a worthless item, allowing the real one to safely pass.

Don't think of it as security thru obscurity rather a security and real time response audit.

Re:It makes even less sense in TFA. (1)

pipingguy (566974) | more than 7 years ago | (#16353523)

International politics is convoluted and mysterious and the post cold war era hasn't really changed much. It's still a game of favours, inside deals, secrecy and private agreements.

If NK tests, you can be sure that something else is happening in the background. We might find out what /really/ happened in 2030.

Re:I don't buy it. (0, Insightful)

Anonymous Coward | more than 7 years ago | (#16352587)

Why are they using an OS that allows this sort of thing to happen. Shall we take a guess as to the OS?

The parent is a troll. All OSes can get infected by rootkits, malware and viruses and they can all get hacked and exploited one way or another. This most likely wasn't a problem with the OS, but a problem with how the OS was set up. The systems cracked were probably being run as root (or Administrator on win32), or possibly had some easily cracked passwords, or even no passwords at all set up for them. This also probably has to do with the users not knowing or being trained properly on basic security.

It's annoying how Slashdot likes to jump to conclusions and blame a certain company for the failures of system admins and users.

Re:I don't buy it. (2, Insightful)

anagama (611277) | more than 7 years ago | (#16352655)

Just out of curriosity -- how many exploits for linux are there in which your machine can be rooted simply by viewing a website? How many such exploits have there been for windows? I honestly don't know the true answer but I'm betting there is a large difference between the frequency of this type of exploit with windows having the "high score" by a large margin. Please correct me if I'm wrong (with actual examples, not opinions).

Re:I don't buy it. (0)

Anonymous Coward | more than 7 years ago | (#16352725)

I wasn't trying to compare Linux and Windows. I was trying to state that all OSes can be rooted if improperly set up, and that the GPP sounded kind of trollish by trying to assume that the infected boxes are Windows. It seems more probable that the system administrators and/or the users had no business using or managing a computer.

Re:I don't buy it. (0)

Anonymous Coward | more than 7 years ago | (#16353089)

It's not linux vs. windows anymore, it's OSX vs. windows. Have you seen the vuls for osx lately? I'm fairly sure that they have NOONE doing any sort of "testing" prior to release. They are suffering from things that were fixed in linux/bsd 10 years ago. Anyone who believes OSX is secure has been watching too many commercials and not enough osvdb.org emails.

Re:I don't buy it. (1)

AaronLawrence (600990) | more than 7 years ago | (#16353971)

I think that, while they have inherited some of the good security practices from *nix, they also seem to be making beginner mistakes in favour of making users lives easy - just like Microsoft did 10 years ago.
Fortunately for them, they can afford to be lax as long as the deployment is small - if they started to get 10-20% of market share, things might be different.

Re:I don't buy it. (2, Funny)

Shadyman (939863) | more than 7 years ago | (#16352653)

You mean you're going to ask the Department, "Does it run Linux"?

Re:I don't buy it. (1, Informative)

Anonymous Coward | more than 7 years ago | (#16352687)

Don't assume it's Windows. The government is the largest Sun customer out there, and for the time being they are running Solaris and Linux on the hardware. I can't find a good link to this paper, but if you want to read about rootkits on Solaris that probably 99% of all SA's and huge numbers of Security Officers couldnt detect, search for 'SUN - Bloody Daft Solaris Mechanisms "B.D.S.M. The Solaris 10 Way"'

Re:I don't buy it. (0, Troll)

freedom_india (780002) | more than 7 years ago | (#16352971)

Since when has this administration had any qualms about blowing your money for the wrong reasons?

They scrapped Hubble to pay for a WHOLE MONTH for the crusade in Iraq.

And instead of having computers with Ubuntu/OS X (macMini) this Govt. will continue to use insecure Windows for their systems so that contractors can get more money replace them.

If We run our business the way Govt. runs theirs iam sure we would be in jail.

Its high time we file a FOIA request asking details and then filing a suit in court.

Re:I don't buy it. (0)

Anonymous Coward | more than 7 years ago | (#16353289)

The os they were running was win2k/nt4

I think I read that wrong (1)

ndogg (158021) | more than 7 years ago | (#16352565)

Bureau of Industry and Insecurity? Why would successful Chinese cracks be a surprise to them?

Nothing real will happen (4, Funny)

frinkster (149158) | more than 7 years ago | (#16352569)

The Chinese have been trying for years to lose that pesky Most-Favored-Nation status, and this administration is not going to give in.

Personal or Gov't? (1)

Tablizer (95088) | more than 7 years ago | (#16353175)

I doubt there is any way to be sure, but let's not forget that it could be individuals responsibile instead of the Chinese gov't.

Re:Personal or Gov't? (1)

enharmonix (988983) | more than 7 years ago | (#16353847)

I doubt there is any way to be sure, but let's not forget that it could be individuals responsibile instead of the Chinese gov't.
Unfortunately, that rarely tends to be the case in communist regimes...

How did they get the root password? (0)

Alb_Be (972418) | more than 7 years ago | (#16352583)

They're not using WINDOWS are they?

Re:How did they get the root password? (0)

Anonymous Coward | more than 7 years ago | (#16352637)

ofcourse they are. and dont forgot, BUY AMERICAIN or the communist^H^H^H^H^H^H^H^H^Hterrorist
will win.

How sure? (3, Interesting)

fredistheking (464407) | more than 7 years ago | (#16352611)

How can they be so sure that the attacks originated from China? Sure there may have been Chinese IP addresses involved but the attackers could have been anywhere. The chinese systems could have simply been compromised and used to cover the attackers tracks.

DON'T BE RIDICULOUS (2, Funny)

Anonymous Coward | more than 7 years ago | (#16352877)

ARE YOU CRAZY OR SOMETHING? let's not let obvious facts such as these get in the way of a good xenophobic rant and/or nationalistic orgy

Re:How sure? (1)

sumdumass (711423) | more than 7 years ago | (#16353489)

There are some tell tale signs besides the ip addresses. Technique used, programs inserted (read root kits), codepage of files droped onto the hacked computers are just a few. Watching the actual routing tables and ip packets plus maybe sniffing a router on/in the area to look for other packets destined for those computers. Of course it would really help out if you actualy caught them in the act of doing it.

Then again, a spy working for a friendly nation or even the US could have told us that it was going on and we found that to be true. Or we could have suspected it to be china from any of the above, planted a few pieces of evidence and waited for them to acknowledge knowing of it. We could have also used "HP's bugged email" that phones home and droped the message with a subject line of "plan to nuke china if they object to invasion if iran" and see who opens it or forwards it. That migth explain congressional hearings into HP and all the government interest in HP after thier email bug and entrapment ordeal was publicly known.

Re:How sure? (1)

finity (535067) | more than 7 years ago | (#16353705)

That might also make the whole situation worse. It is important to get all the facts before pointing fingers, and unfortunately, with this kind of thing, it's very difficult to get all the facts.

Re:How sure? (1)

sumdumass (711423) | more than 7 years ago | (#16354547)

I'm not going to pretend our current government or even the last administration got foreign policy right or has it as a strong point. Making things worse to benefit in the short run seems to be an occuring theme of the last 50 or so years. Go figure/.

Re:How sure? (1)

Tim C (15259) | more than 7 years ago | (#16354303)

Technique used, programs inserted (read root kits), codepage of files droped onto the hacked computers are just a few.

None of which can be faked or copied by others, of course.

Watching the actual routing tables and ip packets plus maybe sniffing a router on/in the area to look for other packets destined for those computers.

So the hakc originated in China - it's still a leap of supposition to go from "hackers located in CHina" to "Chinese hackers".

Re:How sure? (1)

sumdumass (711423) | more than 7 years ago | (#16354655)

"Just a few" should let you know there are more ways to figure it out. BTW, I don't think any one tell is going to be used to determine who done it. It would take a few if not more.

Think of it like criminal investigation, lacking a witness, they look at the clues. Sometimes the clues tell them exactly who done it while some other times it tells them where to look for who done it. Then combined with other tools and techniques, the possible suspect could be narrowed down untill you have the most likley person(s). But even this could be wrong, It is just the most likley person that the evidence points to after all things considered.

So the hakc originated in China - it's still a leap of supposition to go from "hackers located in CHina" to "Chinese hackers".
Sure it is. And i bet the majority of people (like me) were not making the distinction between "chinese government sponsored/employed hackers" and hackers in china.

But we do know that China has been employing hackers for quite some time. We have watched them attempt to hack into business computers and others systems. We have intercepted details of thier successes or lack thereof. We have first hand knowledge of thier plans to shut foreign comerce down by attacking the internet and internet enabled applications if ever in a war. We also know that China got quite a bit of information from us back when our spy-plane colided with one of thier jets and was forced to land in china. Some reports described the comunications and computer equiptment was installed in incorect places suggesting they were removed, inspected and god knows what else. This shows us the plane was dismantled for more reasons then flying it home inside a russian plane.

Re:How sure? (1)

FhnuZoag (875558) | more than 7 years ago | (#16354307)

Maybe I've been watching TV too much, but surely an obvious alternative is that another nation/private body did the hack, and dropped evidence to implicate China? Given that the government has been hacked once, all kinds of places would be on alert that security is weak, and would give it a go themselves. Plenty of motive and opportunity in place. What China has to gain from this hacking pales relative to what a competitor would have to gain from the increase of mistrust between two trading allies.

Re:How sure? (1)

whathappenedtomonday (581634) | more than 7 years ago | (#16353595)

How can they be so sure that the attacks originated from China?

They wouldn't say this if it wasn't true - just like they wouldn't put their systems online unless they are secure...

Be Nice (1)

tonyr1988 (962108) | more than 7 years ago | (#16352643)

Come on...don't be mean to the folks over at the Commerce Department. They were just in the process of transferring some money from a Chinese-Nigerian bank account to help out a buddy. Lay off of 'em.

Ipv6 (2, Funny)

growse (928427) | more than 7 years ago | (#16352647)

Don't forget kids, all these problems will be solved when the US govt goes to ipv6. Since no-one else will be using it, it will confound and confuse anyone trying to hack in!

Its not about who did it (4, Insightful)

in2mind (988476) | more than 7 years ago | (#16352669)

Its not about whether the chinese or japanese did it. Its about whether the commerce dept knows enough to protect itself or not.

Re:Its not about who did it (1)

ScentCone (795499) | more than 7 years ago | (#16352779)

Its not about whether the chinese or japanese did it. Its about whether the commerce dept knows enough to protect itself or not.

It's not really an either/or thing. Yes, that bureau at Commerce needs to get its act together, of course. But it's actually very helpful to understand which spots around the world seem to be the largest sources of invasive nastiness, especially as it relates to economic/industry targets. Totally unscientific: of the many machines and networks I see administratively, the number that seem to be getting extra special Chinese h@x0r attention these days has gone way, way up. And it's getting a lot more sophisticated than it used to be.

I've banned China's netblocks outright (2, Insightful)

Sycraft-fu (314770) | more than 7 years ago | (#16353081)

Well ok I should be more clear, I've banned the blocks allocated to an ISP which I'm told is the Chinese state ISP. The reason is that I get no legit traffic, tons and tons of hack attempts, and they just ignore abuse e-mails, including those translated to Chinese.

That's the real answer to this problem. If particular ISPs refuse to behave, just start banning them. I mean sure, all ISPs will have people who act bad, but if you contact them and get no response and if the bad/good ratio is vastly (or completely) slanted to bad just ban them. Eventually they'll have access to little enough of the Internet that they'll really have no choice but to reform, or it won't matter because for all intents and purposes they won't be a part anyhow.

It's really not asking too much for ISPs to respond to abuse complaints. I remember one time I found my net connection off. Called the ISP, apparently I had a computer spewing worm traffic. Questioned my roommates and the system was located (unpatched Win 2000 will do that). Got it cleaned, they let me back on. That's how it should work. You get an e-mail saying there's abuse, you check you logs, if there is you shut off access. We have to do it at work from time to time. Usually an infected laptop but sometimes someone being malicious.

For ISPs/companies that won't, fuck it, ban them.

Re:I've banned China's netblocks outright (1)

sumdumass (711423) | more than 7 years ago | (#16353593)

I lost an account because of a chinese ip addressed hack attempt once. Well kind of.

It was at a small law firm with 4 workstations, A windows server, and a linux file server. The network would slow way down at times. Finaly I installed SNORT and saw someone was able to bypass the Dlink router used to distribute the cable internet and act like a firewall, take control of the microsoft server wich just did email and had a blackberry type program that could page, forward email to a cell phone and send automated appointment warnings.

I think the dlink needed a firmware upgrade or needed replace with one that could be upgraded. It was an old one and I couldn't get permision to spend money on it. I thought they got in on the three internet facing ports forwarded from the windows server but someone ended up placing the linux server and the windows server in a DMZ type situation. After the second or third time of changing everything to were only specific ports were forwarded and investigating slow network performance issues to find it switched back, I was told they were buying new Dells and Dell was going to set everything up. I wouldn't be needed anymore.

About a month or so later, A guy was refered to me to rebuild a linux server that all the sudden wouldn't boot. After agreeing to help him, he started talking about some asshole who he weasled a job from because he was only opening ports for some windows box the network would slow down so he would put it in a DMZ zone and every thing was ok. He said they called him first because he was closer and called the other guy afterwards. He said the other guy just couldn't do anything right.

Well, when he delivered the box, I noticed it loked familier, sure enough it was the one from the law firm, and all the trash talking this guy just did was about me. The server was down because the /tmp partition was full with snort logs after cron failed to run. I ran the logs over to a friend who suggested installing it and he says the situation went like this. Several chinese assigned ip adresses tryed to get access to the router, after about an hour or so, the router was opened exposing the two servers, the addresses increased several fold and eventualy access to both servers were evident. Then the number of IP addresses would drop to a couple and steady access was logged to both servers over a period of a month or so. I explain to this kid what was going on and before I remebered to tell him who i was, he imeadietly started blaming it on the old IT guy (me)

I was asked to replace this new guy. Actualy, I think I was expected to work along side him, he was related to one of the partners. Of course i refused and added that I felt he was slandering my good name for the reasoning. I also stated that if that didn't stop, I would take action against them and him. I still have all the evidence of what had happened and managed to record this asshat blaming it all on me.

The Army Got Smart (0)

MacDaffy (28231) | more than 7 years ago | (#16352673)

They got sick of this crap years ago and installed an Apple server [3-rivers.com] . No hacks since.

Re:The Army Got Smart (0)

Anonymous Coward | more than 7 years ago | (#16352707)

Too bad that no longer applies to current Macs running OSX and Apache.

Re:The Army Got Smart (2, Informative)

rabbit994 (686936) | more than 7 years ago | (#16352729)

Nice job linking to extremely old article. Before you go spouting off facts, you could check netcraft.

http://uptime.netcraft.com/up/graph?site=goarmy.co m [netcraft.com]

http://uptime.netcraft.com/up/graph?site=www.us.ar my.mil [netcraft.com]

Been running on Solaris for years. I'm sure your buddy Steve is happy your still drinking the kool-aid.

Re:The Army Got Smart (1)

Danga (307709) | more than 7 years ago | (#16353183)

Does it suprise you he posted something like that when his handle is Macdaffy and he has a link to the website (and probably his business or where he works) called coffeemac.com.

Mac fanboys are the worst of all the fanboys IMO, they will always bring up how "superior" Mac's are no matter what, even if bringing it up is not relevant such as this case. The one area Mac's truly are superior at is graphic/video editing/authoring, other than that you can get much more functionality at a much lower price with an ordinary PC running Windows and/or Linux. Mac's are only "cool" to people who have them, the rest of us just sit back and laugh at the people getting ripped off by Apple (although Apple is getting better about prices) when all they need is a machine that can render some webpages and do some word processing.

Oh and before some Mac fanboy replies saying OSX is sooo secure and they never get malware I hope they realize that someone running Linux can get just as much security and even a Windows box is relatively easy to keep secure and malware free. Another reason Mac's are "more secure" is because almost nobody cares to target them (or Linux) since attacking Windows machines yields better results just by the sheer volume of users (although bad security on the users end helps the attackers too).

Re:The Army Got Smart (1, Funny)

MacDaffy (28231) | more than 7 years ago | (#16353245)

First of all, I was working at Apple when the Army made its change to Webstar. Since I retired from the company in 2001, a) EXCUUUUSE MEEE for being a little behind on current news and b) I got your "fanboy" swinging right here. I'm part of the original equipment, bitch, and whether you like it or not, Macs have NEVER been as susceptible to hacking as PC's are. I adopted the Mac platform in December of 1987 and from that day to this one I have not spent ONE CENT on measures to keep me safe from viruses, malware, spyware, trojans, bots, or any of the crap the average PC user has to guard against. I plug my Mac directly into my cable modem and I don't worry about it. If you use Windows, you shouldn't do that. Ever. If you say otherwise, you expose yourself as a wet-behind-the-ears, I've-got-a-pantload ID10T.

The point is that the Army made the change. The point is that they're not using Windows any more.

That "fanboy" term is a bitter acknowledgement that we're busy surfing wherever we please while you're either de-fleaing your system or begging for drivers and software that you don't get to have. Wallow in it. Revel in it. You are coolness personified.

I'll go back to my utopia now.

Re:The Army Got Smart (-1, Troll)

Anonymous Coward | more than 7 years ago | (#16353365)

Only Mac addicts see not being able to run software as a good thing.

Re:The Army Got Smart (1)

QuietLagoon (813062) | more than 7 years ago | (#16354295)

Looks like Windows 2003 servers [netcraft.com] at the Department of Commerce.

Re:The Army Got Smart (1)

jt2377 (933506) | more than 7 years ago | (#16353073)

http://news.com.com/Korean+Apple+online+store+hack ed/2100-7349_3-6067955.html [com.com] yeah, whatever. Mac fans: gotta protect the Apple magic. the korean store hacked news dated back May, 2006!!!!!! Dell have been running ASP on Windows since NT4 and it is now on ASP.net. Did anyone ever heard Dell's site got hacked? None!

Re:The Army Got Smart (1)

NineNine (235196) | more than 7 years ago | (#16353115)

Uuum... who cares? It's a web server. Unless you're Amazon.com or Google.com, a web server isn't a praticularly important piece of anybody's infrastructure.

Re:The Army Got Smart (1)

jt2377 (933506) | more than 7 years ago | (#16353441)

The defacement--which took the form of a dozen lines of code posted to the Apple.co.kr home page--was documented on Zone-h.org. The hacker forum said Dinam had attacked a Mac OS X server running Apache. - yeah, Mac is sooooooooooooooooooooo secure! Mac Fan: Gotta protect the magical Apple!

Re:The Army Got Smart (0)

Anonymous Coward | more than 7 years ago | (#16353999)

Don't you mean gay?
Yay captain yay!

fight back (2, Interesting)

ExploiT1001 (1010727) | more than 7 years ago | (#16352731)

If they say it's most likely state sponsored hack attacks, why not fight back with state sponsored hack attacks, i doubt government agencies have people hacking away at china, and if they do, they arent doing it very well...why not supply the hacker community with what to attack and offer incentives for any help?

Re:fight back (2, Insightful)

Ignis Flatus (689403) | more than 7 years ago | (#16352913)

If you really want to fight back, then the best thing to do is actually let them think they're getting in. Leave a few insecure holes here and there and plant some misinformation. If you're clever enough, then you can even use that misinformation to gain an advantage against them.

Re:fight back (0)

Anonymous Coward | more than 7 years ago | (#16354585)

Do you really think we're not fighting back? You don't think that there are groups within the government that exist soley for the purpose of engaging in information warfare, including offense as well as defense? It's not like the Chinese government, of all organizations, is going to release a public statement about how they just got pwnt again from some U.S. IP address. Furthermore, just because there isn't a news article about them doesn't mean they're not there. I'm sure there are incentives for folks to help out with such groups - in the form of a salary and health benefits. Get in the game. Pick a 3 letter agency and send in your resume.

Another fake news? (4, Interesting)

zitintheass (1005533) | more than 7 years ago | (#16352755)

There is no source cited etc. no example shown, no logs etc. only that "new york post" said that. If true, is that department admiting idiocy? Even simple rule on the router that restricts whole **ina IP block to only certaing data resources could do the job. Keeping us scary they want. Fear agenda again?

another sample of distraction fud .. (1)

rs232 (849320) | more than 7 years ago | (#16354169)

"There is no source cited etc", zitintheass

I don't know if we've read the same text. The article clearly quotes at least two named sources in the Commerce department. It never mentions Windows or Linux. Yet we have the above and other commments coming out with: It's a fake news item, it must be Linux that got hacked, it wasn't Windows etc. We also have such posts getting modded up as 'interesting', more mod trolling.

"An August e-mail from acting Undersecretary of Commerce Mark Foulon quoted by the Washington Post said .."

Has Foulon ever denied sending the e-mails. Do you have a citation.

"Through established security procedures, BIS discovered a targeted effort to gain access to BIS user accounts," said Commerce Department spokesman Richard Mills [washingtonpost.com] . "We have no evidence that BIS data has been lost or compromised."

Has Mills ever denied saying this. Do you have a citation.

was Re:Another fake news?

I'm curious. (1)

fuego451 (958976) | more than 7 years ago | (#16352879)

A bit off topic but I wonder how many of you /.ers get port scans from China based computers on a regular basis, as I do. The scans are alway for port 88, presumably looking for kerberos keys, and always from computers behind the same IP servers in Beijing. I've never sent the IP a complaint, even though they list an abuse email address, because I'm sure nothing would be done.

Re:I'm curious. (1)

CompMD (522020) | more than 7 years ago | (#16352929)

I constantly get scanned and have break-in attempts on port 22. However I beefed up my security and don't get as many people trying. I sort of miss those "the following host has been blocked" emails my IDS would give me.

Re:I'm curious. (1)

Teppic_52 (982950) | more than 7 years ago | (#16353427)

90% of my port 22 brute force attempts are from Chinese IPs too, I thought they might be just trying to tunnel through to read the BBC news website, but that iptables TARPIT patch is too cool to not use.

oops (1)

fuego451 (958976) | more than 7 years ago | (#16352969)

I said IP when I ment ISP. Also, my router ignores these requests but logs the pertinent information, of course.

Re:I'm curious. (0)

Anonymous Coward | more than 7 years ago | (#16353137)

um... How can I tell?

I don't believe this because.. (1)

c0d3r (156687) | more than 7 years ago | (#16353017)

There is no reason for these databases to be physically connected to the outside world, or even allow physical installation of untrusted software or hardware. Its probably just a sand box instance that they allowed them to pierce for intelligence reasons, with a nice feed of propaganda. If it is accessable in this manner, they deserve the intrusion.

Why not use most secure operating system? (1)

zymano (581466) | more than 7 years ago | (#16353049)

openbsd ?

This whole thing is fishy.

Re:Why not use most secure operating system? (1)

commodoresloat (172735) | more than 7 years ago | (#16353219)

This whole thing is fishy.
A reference to the mascot perhaps?

The Bureau of Industry and Security (0)

Anonymous Coward | more than 7 years ago | (#16353215)

Originally they wanted to named it simply The Bureau of Security, but then they considered the acronym and decided to put "Industry" there in the middle.

Why the Chinese will win (1)

Tablizer (95088) | more than 7 years ago | (#16353221)

Their population is more than 3-times that of the US's. In an all-out hacker war, the nation with the biggest population would most likely win.
     

Re:Why the Chinese will win (1)

Darkman, Walkin Dude (707389) | more than 7 years ago | (#16353893)

Their population is more than 3-times that of the US's. In an all-out hacker war, the nation with the biggest population would most likely win.

In a world where a lone hacker can compromise tens of thousands of machines and turn them into a bot net, I beg to differ.

I, For One, Welcome Our New, Chinese Overlords (0)

Anonymous Coward | more than 7 years ago | (#16353239)



I, For One, Welcome Our New, Chinese Overlords. How does one say, Owned, in Red Chinese?

In Soviet Russa (1)

c0d3r (156687) | more than 7 years ago | (#16353311)

Soviet Russia Joke someone please.

That's more true than you think (3, Insightful)

Travoltus (110240) | more than 7 years ago | (#16353773)

In the US, globalist free trade advocates would rather trade with people that are attacking us, than take the necessary steps to sanction them and defend our country from them.

They start throwing out off topic words like "protectionism" and "nativism", which when you ask them what it all means, alarmingly resembles "concern for national security" and "patriotism".

Ah, patriotism, that evil word. The notion that, just as caring for your family is more important than caring for someone else's, so is taking care of your country first.

Globalism. Another word for "screw national sovereignty, screw your own citizens, let's transfer all our wealth elsewhere". See: the national deficit and the national debt.

Re:That's more true than you think (1)

Darkman, Walkin Dude (707389) | more than 7 years ago | (#16353945)

Globalism. Another word for "screw national sovereignty, screw your own citizens, let's transfer all our wealth elsewhere". See: the national deficit and the national debt.

Okay so, lets take a hypothetical situation. Lets say the US government applies a new law to state that all foreign workers must receive US-equivalent wages and benefits. The net result is that it makes no sense for companies to offshore anymore, except in cases where specific resources can't be found locally and it costs too much to transport them.

However, now you have companies moving to Europe and Australia, where these new laws don't apply, and reselling their goods for cheaper in America than American companies can make them. So what's a benevolent government to do? Apply tariffs to these goods, or simply ban their sale entirely? So then, these companies go elsewhere, and they do. Meanwhile, US companies can't sell their goods abroad, because they cost too much. Thus, non-US companies have a massive competitive advantage.

It doesn't take a genius to see that this situation would utterly ruin the US economy. Ban all imports and have effectively no exports, while the rest of the world surges ahead? You may as well accept globalism and work within it. Its a fact thats not going to go away until the third world catches up fully with the first world. That process is accelerating largely due to globalism, happily.

On the other hand, don't be too concerned about China. Globalism is a double edged sword. They have one single advantage, and that is cheap labour. If and when they get too uppity or expensive, corporations will shift to places like the Philipines and Cambodia.

Re:That's more true than you think (4, Insightful)

Travoltus (110240) | more than 7 years ago | (#16354089)

1) If we continue to accept globalism, the US economy is ruined anyway. The global race for the bottom must eventually hit the rocks, because there is only so far wages can drop before the unrelenting cost of living becomes unbearable.

2) US companies already can't sell their goods abroad - or, more specifically, we're running a global trade deficit large enough to have its own gravitational field. Exactly what do we have to lose here?

3) US laws that tariff all goods made in sweatshop / undemocratic nations don't have that effect. If that law is put in place consistently, you can't undercut US companies in the US - not if you're Chinese, not if you're German, or British. Your rebuttal makes no sense - if Nike and its sweatshop operations moves to Singapore, they still have to deal with the tariff. If a Chinese Nike tries to undercut them, they too have to deal with the tariff. And if China decides not to buy any US goods... so what? We're in a deficit with them already! I propose that you don't even come into the US market unless you are an ethical player. Who's then going to undercut ethical companies in the US?

Oh, wait, offshoring to Europe won't hurt us as much because a) they also offshore heavily to us; and b) they have excellent worker protections and they're democratic.

4) Free trade with sweatshop nations / undemocratic regimes is going to ruin us any way. They're owning all our debt and they can also embargo us. (Oh yes, I know you think that despotic foreign nations can't embargo us. The 1970s and the oil embargo was all a lie. Sillyme.) Furthermore, we're transferring gobs of wealth to these monsters, impoverishing America and giving the world's most powerful enemies of freedom our cutting edge industrial capacity to boot. Germany should have sold us cheap shoes made of Jew labor, they would have won World War II with the help of the "surrender to globalism" agenda: there is nothing in your rhetoric that would provide for stopping them.

5) Free trade with nations that are attacking the United States will also lead to our annihilation. They can strike with impugnity, and others will follow.

Your theory is that fighting globalism leads to ruin. The facts say that giving into globalism leads to ruin anyway. I say die fighting; you say die in supplication.

Re:That's more true than you think (2, Insightful)

Darkman, Walkin Dude (707389) | more than 7 years ago | (#16354409)

The global race for the bottom must eventually hit the rocks, because there is only so far wages can drop before the unrelenting cost of living becomes unbearable.

No, the mark that globalism leaves behind it is higher wages for the previously third world countries. Its already extant in India. So instead of lowering wages in first world countries, its increasing wages in poorer countries. Might take a while, but it gets there.

US companies already can't sell their goods abroad - or, more specifically, we're running a global trade deficit large enough to have its own gravitational field. Exactly what do we have to lose here?

About 25% of the economy of my own country, Ireland, is composed of American multinationals, like Dell, Microsoft, Medtronic, Boston Scientific and so on, exporting to the half billion citizens of the EU. I'd say you have quite a lot to lose. I know we do.

Your rebuttal makes no sense - if Nike and its sweatshop operations moves to Singapore, they still have to deal with the tariff.

Thats because you are seeing the US as the sole export destination. There are many other places to earn just as much money. What I am saying is that if these tariffs were in place, people would just not bother to even do business with the US. No profit in it.

Free trade with sweatshop nations / undemocratic regimes is going to ruin us any way.

Politically its not a great idea to outsource everything, naturally. However you need to realise that a strong economy leads to the growth of a middle class, which is the downfall of dictators everywhere. You'll note that not many countries are dealing with places in Africa, where the cash won't go to the workers, but to the fuhrer du jour.

They're owning all our debt

Have you ever heard the saying, if you owe the bank a thousand dollars, its your problem, but if you owe the bank a hundred million, that's the banks problem? After a certain point, ownership of debt becomes an interdependant realtionship; they need to see the US economy succeed, or they will never get their money back. And the more money they lend, the more dependant they are.

5) Free trade with nations that are attacking the United States will also lead to our annihilation. They can strike with impugnity, and others will follow.

No, you won't be annihilated. Maybe equalised. Although I do believe that these nations should be slapped hard on the wrists for their activities; I'm no fan of the Chinese government, thats for sure.

I say die fighting; you say die in supplication.

Oh grow up. The world may be what we make it, but we have to live in it too. You want my advice, open a software house in Bangalore.

more than cheap labor (3, Insightful)

zogger (617870) | more than 7 years ago | (#16354257)

For the past several years china has been using their surplus cash to buy up resources around the planet, long term heavy deals in you-name-it, oil, natgas, various minerals and metals, etc. Manufacturing takes labor and energy and raw resources combined with an infrastructure that can combine those three things into manufactured goods then you need a shipping industry to move stuff in and out. You might be able to shift just the labor part in theory easily, but without the actual factory built and without the raw stock to feed it, it just sits there. To use an IT term, china has the whole stack. while everyplace else has been concerned with next quarter's profits, they have been working towards the next generation's profits. And they used a ton of free western resources and investments to accomploish this.

They got to be seriously laughing about it over there, how naieve and shortsighted the west has been to purposely kill off wealth producing for some relatively short term gains. That's what we have been primarily exporting to them, the ability to keep producing wealth.

Re:more than cheap labor (1)

Darkman, Walkin Dude (707389) | more than 7 years ago | (#16354457)

To use an IT term, china has the whole stack.

How long did it take for China's economy to turn around? Five years? Six at the outside? Thats exactly how long it would take to move the lot somewhere else. Probably even less, since the ships don't have to be rebuilt. When their wages begin to rise, watch and see what happens. Even now. they need to artificially keep their currency low in order to remain competitive.

while everyplace else has been concerned with next quarter's profits, they have been working towards the next generation's profits.

Err, is this meant to be a comment on Chinese business sense, or the culture and educated middle class that chairman mao successfully wiped out?

They got to be seriously laughing about it over there, how naieve and shortsighted the west has been to purposely kill off wealth producing for some relatively short term gains.

Yes, I bet they are laughing through the fog of toxic smoke that the west's industrial requirements produce. Other than that, your comment makes no sense. They try, and fail, to reproduce advanced technology, even when they stole the entire blueprints from the original. Yes, they make shoes and cars cheaply, but its a far, far cry from that to being technologically equal to the west. They have the grunt work, the cheap labour. They don't have a great deal more.

Microsoft should be charged (1)

toby (759) | more than 7 years ago | (#16353273)

Another WINDOWS story, but no mention in headline. If you want this to stop, go after the enabling technology. Take them to court, lock them up, or at least change to a secure alternative.

Re:Microsoft should be charged (1)

TrancePhreak (576593) | more than 7 years ago | (#16353351)

I think you're off target. Take the person responsible for the machine and put them at fault. Any machine can be comprimised if you don't put proper security measures in place.

ASP sites easier to root than ... (0)

Anonymous Coward | more than 7 years ago | (#16353375)

... an actual ass.

What OS? Looks like Linux (-1, Troll)

xswl0931 (562013) | more than 7 years ago | (#16353447)

I see several posters immediately thinking that they were running Windows. Well, according to Netcraft, at least their website is using Linux. That doesn't mean the hacked server wasn't using Windows, but there's also a good chance it was running Linux. I think this goes to show that it doesn't matter what OS you use if you don't secure it.

looks like BIS workstations .. (3, Informative)

rs232 (849320) | more than 7 years ago | (#16354085)

"doesn't mean the hacked server wasn't using Windows, but there's also a good chance it was running Linux", xswl0931

It's not a server but hundreds of workstations. What OS do you think they are running on the desktop.

"Hundreds of computers must be replaced to cleanse the agency of malicious code, including rootkits and spyware."

"had identified several successful attempts to attack unattended BIS workstations during the overnight hours."

"The official also confirmed that BIS has limited Internet access to stand-alone workstations that are not connected to the bureau's internal network."

http://www.bis.doc.gov/ [doc.gov] was running Microsoft-IIS on Windows 2000 [netcraft.com] when last queried at 7-Oct-2006 02:01:33 GMT

was Re:What OS? Looks like Linux

Re:looks like BIS workstations .. (1)

wes33 (698200) | more than 7 years ago | (#16354277)

Mod parent up! The original was little more than a troll. The idea that the commerce department has 100s of linux workstations is, while a beautiful dream, just a dream.

This is why.... (1)

NubKnacker (787274) | more than 7 years ago | (#16353579)

...we don't use computers for commerce in third world countries.

Honeypots? (1)

CodeBuster (516420) | more than 7 years ago | (#16353605)

Perhaps some not too obvious honeypots should be left lying around next time so that we can get a better look at their attack methods when they come back and they will be back. Then we can catch them with their red hands stuck in the fortune cookie jar.

The trouble is... (0)

Anonymous Coward | more than 7 years ago | (#16353829)

...that the people working for these agencies aren't the brightest. They're the people, well, let's put it this way... you know the people in your computer science classes who struggled a lot in class but scraped by? Well, that's who you've got working for these agencies. What that means is that not only can they not do it, they have no ability to judge what needs to be done, so they can't even hire consultants to do it.

Plus, you know this was a Windows exploit. But they won't use a Unix variant because *nix is like the giant black monolith in the movie "2001" to these people.

I think the problem is not the technology, it's the people.

Re:Honeypots? (0)

Anonymous Coward | more than 7 years ago | (#16354011)

Slightly off-topic but..
I'm not quite as experienced as most of the users on /. are but just the other day I was wondering....

As of this moment, how to set up a honeypot/net is beyond me. I understand the general idea, yet I have not seen any detailed how-to's on the subject. So, I was asking, why isn't there any "click and run" software and or a distro (with all the tools needed) to set up a honeypot/net. I know the tools needed are out there but I think it would be cool if there was a distro and/or software for windows that you could simply install, answer some questions and go.

The distro could have one iso/cd for gateway/firewall and one for workstation. I am by no means experienced/leet enough to know all the ins and outs of setting one up and understand what's going on exactly. However, I would find it enjoyable to help the white hats along.

So What (1)

tacocat (527354) | more than 7 years ago | (#16353995)

With China being the point of growth on this ball of dirt, no one is going to dare piss them off. Even Microsoft has decided to let them steal software in China but in the USA you're doing 10-20 in the Pound You in the Ass Federal Prison.

I would not be surprised if the response from our government is to send the Chinese government a list of the root passwords to all our computers with a note attached, "So sorry for the inconvenience."

root kits = windoze! (1)

ro1 (988039) | more than 7 years ago | (#16354097)

But..are they running Linux? If they got crap installed...guess not.. Another reason our gov. Sucks.

Thanks Ted! (2, Funny)

bblboy54 (926265) | more than 7 years ago | (#16354159)

Apparently the the head of commerce [youtube.com] has found a way to unclog the tubes. Now when chineese haxors put their message into the internet it won't be delayed.

WTF? (0, Troll)

misey (996068) | more than 7 years ago | (#16354265)

Do they have Chinese hackers? I thought they all moved here and started a Chinese restaurant. I used to hang out with a group of asians and I'm not joking when I say this: The Korean's parents were both dry cleaners. The Chinamen's parents ran a Chinese Restaurant. The Vietnamese's parents ran a nail salon. The Indian's parents were both doctors. I am not making this up.

Fire the Admins (0)

Anonymous Coward | more than 7 years ago | (#16354397)

The administrators are clearly utterly inept at their jobs, and should not have it, network administration really is not that hard, nor is locking out your users from doing stupid things like installing software.

Child Sex Slaves in the Soft War (1)

Doc Ruby (173196) | more than 7 years ago | (#16354399)

In our ongoing "Soft War" with China, Jack Abramoff and Dennis Hastert are a double agents [dailykos.com] .

It's like a James Bond story, if Bond were a child molester posing as a religious gangster.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...