

Hacking incidents and the rise of the new Chinese bogeyman - mh_
http://www.aljazeera.com/indepth/opinion/2013/02/201322510446268971.html

======
hakaaaaak
So... here's the thing. "Cyberwarfare" is primarily data theft/information
control but can also involve real danger like control of electrical grids,
water supplies, and centrifuges for highly radioactive materials, to mention a
few. Sure, information warfare has been going on a long time, and, sure, each
major country does it.

But, when the world economy is teetering/has teetered and it's not clear how
things will pan out, that is when wars start.

Now add to that that introduction of new disruptive technology is soon after
used in war, and you have a problem that can't be whitewashed with a post like
this.

Think about aviation. When I hear aviation, I think of the Wright Brothers-
but what's next? Commercial flight? No, I think of bi-planes, the Red Baron,
the use of aviation in the military, and war. The time period between the
flight by the Wright Brothers in December 17, 1903 to the start of World War I
on July 28, 1914 was 11 years. 11 years! Aviation didn't spawn world war, but
you have to know that it contributed its part.

Think about the race for the bomb. And, what did we do when we finally had the
technology? We dropped two of them.

It's sad to say, but the use of internet technology by the military is
inevitable. The U.S. isn't trying to start a fight by identifying that China
has state-sponsored attacks on American businesses. The fact is that even
though we still somewhat live in a Cold war era (it never really ended) and to
large extent, _no one_ wants to see another bomb go off, the fact is, this
shit is real. There is a power struggle on Earth and we've been a part of it
since we were born. The internet binds us all together and helps us
communicate our thoughts, fears, etc. and I want no part of a world war. But
this "new war" has been in-progress for some time now and people have learned
its ways and are using them. These little events like publically identifying
centrifuges going down or that China is truly state-sponsoring attacks might
not be Normandy or Gettysberg, but saying these are non-events is no better
than hiding your head under the covers.

~~~
GauntletWizard
Electronic warfare, signal jamming, hacking, phreaking, and crypto are not new
to anyone in the military, and most certainly not the intelligence community.
The Allies won WWII on the strength of their signals intelligence.

There's the potential for the "bad guys" to do more here, using automated
agents provocateur, but that's really nothing new - We had Japanese internment
camps because of fears of that, and we certainly don't want that again.
Imagine what would happen if we booted every windows machine off the internet
for a day... Maybe we should relive those internment camps, after all :)

~~~
hakaaaaak
The difference is that in the 1990s, we went from having mostly isolated
networks to mostly open networks using standard protocols. We also have
introduced an incredible surface of attack via email, site browsing, USB
sticks, etc. And provided GPS locations of ourselves. It is not the same. We
are a time bomb.

------
DanielBMarkham
This commentator is playing fast and loose with the facts. Statements like
"...To date, the largest documented offensive cyber operations in the world
were conducted by the USA..." revolve around what you mean by the word
"documented", as neither side has admitted anything. This article is full of
that kind of thing. Prevarication "everybody has a cyber espionage unit" and
more.

More troubling is the substitution of the narrative for the analysis. Look,
I'm a firm believer that something like the military-industrial complex has
been long-running in the states, but don't get your causality mixed up.

Put differently, even paranoid people have enemies. Even states engaged in
fear-mongering have things to fear. The two are not mutually exclusive, and
simply because it might be hip to start using the phrase "military digital
complex" doesn't mean that there aren't real threats. We begin to substitute
slogans for analysis. That's bad.

I have been expecting more apologia for the Chinese on HN, but probably
because of the technical nature of those who post here, they haven't got a lot
of traction. Good. From what I can see, the Chinese are most likely engaged in
serious and ongoing state-sponsored attacks against many western targets. I
understand that the details of these attacks are going to leak out slowly over
the next several years, and that's fine with me.

I really wish the spirit of what this author saying was true -- that this is
all just ginned up. I really do.

But it's not.

~~~
smutticus
What got me was this line.

> What is surprising is the unfaltering belief that since attacks come from IP
> addresses in the same geographic region as a PLA unit, ipso facto, the
> attacks are state sponsored and need some sort of government response.

Mandiant and the US government aren't using IP address details to determine
this is the Chinese. In fact, they're explicitly not depending on IP addresses
to link these attacks to Unit 61398. Mandiant specifically refers to
'indicators' which can range can be IP addresses but can also be source code
comments, coding styles, reused usernames, reused passwords, reused encryption
certificates, reused domain names, etc. In short, the evidence linking Unit
61398 to these activities is the same kind of patterned evidence that is used
to pin multiple crimes on serial killers. It paints a compelling modus
operandi that cannot be easily dismissed as multiple independent actors. It is
one group doing this and that group is most likely Unit 61398.

~~~
DanielBMarkham
Yep. Seems like the author "remembers" some information, then conveniently
"forgets" other information. He leaves it open for the rest of us to
straighten it all out.

One of the other commenters took me to task (quite politely) for not arguing
the facts. There is a good reason for that.

We don't want to get into a situation where one side posts all the knowledge
it has about the attacks, only to see the other side adapt. Let's not use the
free press as a means to shoot ourselves in the ass.

So a lot of articles and a lot of details like this will go unanswered, and
that's fine with me. I've watched my server logs, I've seen enough details
here and there to know the score. I don't need a public debate with all the
witnesses present and cross-examination and so forth. Maybe if this evolves
into a shooting war, but not right now.

------
peripetylabs
There are two schools of thought in regards to China -- that of a resurgent
dragon, the other of a "benign China." Even after the Mandiant report, the
latter aren't convinced. They won't change their minds until they are targeted
(almost a certainty) -- I'm fine with that.

