
China-based campaign breached satellite, defense companies: Symantec - dpcodes
https://www.reuters.com/article/us-china-usa-cyber/china-based-campaign-breached-satellite-defense-companies-symantec-idUSKBN1JF2X0
======
stareatgoats
> It said the hackers launched their campaign from three computers on the
> mainland. In theory, those machines could have been compromised by someone
> elsewhere.

In theory? This type of reporting is concerning. Surely these reporters (as
well as Symantec) ought to know that these type of attacks _in theory could
leave a true IP trail_ , but _probably not_.

There might be other signs that this is a Chinese operation, but IP addresses
is not good proof.

~~~
burnTheLogin

      Surely these reporters ought to know
    

[https://www.goodreads.com/quotes/65213-briefly-stated-the-
ge...](https://www.goodreads.com/quotes/65213-briefly-stated-the-gell-mann-
amnesia-effect-is-as-follows-you)

------
pietroglyph
There's always news of China hacking the US... Is China more competent, or do
they report on it less (I'm sure the latter is true to some degree.) Is there
any data on the volume of hacks on the two sides? I understand that Obama and
Xi agreed to show mutual restraint, which would imply some reciprocity from
the US, but to what extent?

~~~
seanmcdirmid
No, they are just bad enough to get caught often enough. The USA does the same
thing probably, but they are much more careful about it.

It doesn’t help that much of China’s economy is state owned, so even someone
doing some espionage for a state owned enterprise would be rightfully called
state sponsored.

~~~
zard784
I sure hope so, China has taken one of the least wise and darker paths these
past centuries.

------
est
Choose your type of "China" hacking:

\- Chinese IP address

\- IP address that links back to something China

\- IP range that belongs to a Chinese cloud provider

\- Chinese hacker group (admittedly most of them are reallocated in south east
asia)

\- botnet located in mainland China

\- Government sponsored action

There are so many articles directly jumping into conclusion of the last type.

~~~
ahmedalsudani
1\. The Chinese government is more than capable of stopping all of the types
you listed.

2\. There is history of the Chinese government using its hackers to attack
projects and companies it dislikes (see Github DDoS for a high-profile recent
example).

3\. The US intelligence community has stated that in many cases, the Chinese
government is behind attacks. I might distrust the US intelligence community,
but this is not something they need to lie about.

4\. When Obama and Xi agreed that the US and China would stop infiltrating
each other's networks, the breaches stopped.

There is one more thing I almost forgot to mention. The point you made is
actually more applicable to Russia. Over the past decade, the Russian
government has taken the approach of allowing hackers on Russian soil to
operate more or less without any legal consequence so long as their attacks do
not target Russian entities. When Putin talks about "patriotic individuals"
being behind the hacks on the DNC, I believe him. That does not mean he (or
the people arouhd him doing his bidding) was not privy to what was going on or
that those patriotic individuals did not receive suggestions on what a good
target and a good strategy might be.

~~~
justicezyx
> 1\. The Chinese government is more than capable of stopping all of the types
> you listed.

I dont think this is technically possible.

Or you are assuming vastly more advanced technologies possessed by Chinese
government.

From what we know from Chinese tech company and track record, I doubt this is
true.

> 2\. ... (see Github DDoS for a high-profile recent example).

Links?

> 3\. The US intelligence community has stated that in many cases, the Chinese
> government is behind attacks. I might distrust the US intelligence
> community, but this is not something they need to lie about.

They have all the benefit to lie about it:

\- Create fear for adversaries. It used to be USSR, now its CCP.

\- Assume the moral high-ground for their own surveillance or espionage
activities, both domestically and internationally.

\- Setup the stage for error-increasing budget for their long-term
survivability.

\- Cover up their incompetency of guarding national secrets (the adversary is
so strong that our defense is not sufficient)

These are just some random possibilities, insiders can give probably much
more.

> 4\. When Obama and Xi agreed that the US and China would stop infiltrating
> each other's networks, the breaches stopped.

Links?

~~~
ahmedalsudani
> I dont think this is technically possible.

> Or you are assuming vastly more advanced technologies possessed by Chinese
> government.

> From what we know from Chinese tech company and track record, I doubt this
> is true.

It is not technically feasible, but legal consequences serve as sufficient
deterrent. Not many people in the US would carry similar activities. It helps
that just about all Chinese corporations are really state enterprises. It
looked like state intervention might eventually disappear while Hu was in
power, but under Xi, the CCP has gotten much more involved. No Chinese
corporation will continue to steal US intellectual property if the party
instructs them not to.

As for technical feasibility, if any country has the capability to detect
those intrusions, it's China. All internet traffic in China passes through a
government filter, and you're only allowed to move encrypted data if you're
small fish and the CCP doesn't feel at all concerned about what you're doing.
So they can monitor internet traffic better than any other state.

The hacks you hear about are not super advanced wizardry. It's mundane script
kiddie stuff but with hundreds if not thousands of people behind it dedicating
their full day to it. Our networks are full of security holes.

> They have all the benefit to lie about it: [...]

I concede those are pretty good reasons, but they would unravel sooner or
later if there were no truth to them. It is true that this creates fear, that
the US is trying to maintain high ground, that this keeps the IC budget
growing. But that does not mean China is not hacking into American businesses.
I assure you that China would have been much more indignant in fighting the
charge if there were no substance to the IC claims.

What I would like you to consider is this: why would China not steal US
secrets? Their economy is modernising, and this is exactly the kind of thing
they need to speed that modernisation. This is not unique to China, by the
way. Every young economy breaks the rules before it joins "The First World".
See China's fight to keep its classification as a developing market, their
currency manipulation, and how China is setting up shop in any place they can
to avoid tariffs, quotas and other import restrictions. Hacking into American
(and Canadian and European) businesses is not a wild suggestion -- what would
be mysterious is China not hacking Western businesses.

> Links?

It's quite easy to find the stuff I mentioned earlier using a search engine.

~~~
steevdave
>It's quite easy to find the stuff I >mentioned earlier using a search >engine

If you make the claims, it's on you to provide the proof, not on us to go out
and search and find or not find it.

~~~
girvo
[https://arstechnica.com/information-
technology/2015/04/ddos-...](https://arstechnica.com/information-
technology/2015/04/ddos-attacks-that-crippled-github-linked-to-great-firewall-
of-china/)

------
xmly
It must be lanxiang technical school again, the China's top secret hacker army

~~~
beatle_sauce
This is their promo:
[https://www.youtube.com/watch?v=YqmbLYWAki4](https://www.youtube.com/watch?v=YqmbLYWAki4)

~~~
xmly
one huge army of top hackers!

------
echevil
I wonder how did this random post with only 14 points and one comment got to
front page

~~~
dang
That's normal and happens all the time!

