Hacker News new | comments | show | ask | jobs | submit login
Hacking incidents and the rise of the new Chinese bogeyman (aljazeera.com)
25 points by mh_ 1696 days ago | hide | past | web | 12 comments | favorite

So... here's the thing. "Cyberwarfare" is primarily data theft/information control but can also involve real danger like control of electrical grids, water supplies, and centrifuges for highly radioactive materials, to mention a few. Sure, information warfare has been going on a long time, and, sure, each major country does it.

But, when the world economy is teetering/has teetered and it's not clear how things will pan out, that is when wars start.

Now add to that that introduction of new disruptive technology is soon after used in war, and you have a problem that can't be whitewashed with a post like this.

Think about aviation. When I hear aviation, I think of the Wright Brothers- but what's next? Commercial flight? No, I think of bi-planes, the Red Baron, the use of aviation in the military, and war. The time period between the flight by the Wright Brothers in December 17, 1903 to the start of World War I on July 28, 1914 was 11 years. 11 years! Aviation didn't spawn world war, but you have to know that it contributed its part.

Think about the race for the bomb. And, what did we do when we finally had the technology? We dropped two of them.

It's sad to say, but the use of internet technology by the military is inevitable. The U.S. isn't trying to start a fight by identifying that China has state-sponsored attacks on American businesses. The fact is that even though we still somewhat live in a Cold war era (it never really ended) and to large extent, no one wants to see another bomb go off, the fact is, this shit is real. There is a power struggle on Earth and we've been a part of it since we were born. The internet binds us all together and helps us communicate our thoughts, fears, etc. and I want no part of a world war. But this "new war" has been in-progress for some time now and people have learned its ways and are using them. These little events like publically identifying centrifuges going down or that China is truly state-sponsoring attacks might not be Normandy or Gettysberg, but saying these are non-events is no better than hiding your head under the covers.

Electronic warfare, signal jamming, hacking, phreaking, and crypto are not new to anyone in the military, and most certainly not the intelligence community. The Allies won WWII on the strength of their signals intelligence.

There's the potential for the "bad guys" to do more here, using automated agents provocateur, but that's really nothing new - We had Japanese internment camps because of fears of that, and we certainly don't want that again. Imagine what would happen if we booted every windows machine off the internet for a day... Maybe we should relive those internment camps, after all :)

The difference is that in the 1990s, we went from having mostly isolated networks to mostly open networks using standard protocols. We also have introduced an incredible surface of attack via email, site browsing, USB sticks, etc. And provided GPS locations of ourselves. It is not the same. We are a time bomb.

This commentator is playing fast and loose with the facts. Statements like "...To date, the largest documented offensive cyber operations in the world were conducted by the USA..." revolve around what you mean by the word "documented", as neither side has admitted anything. This article is full of that kind of thing. Prevarication "everybody has a cyber espionage unit" and more.

More troubling is the substitution of the narrative for the analysis. Look, I'm a firm believer that something like the military-industrial complex has been long-running in the states, but don't get your causality mixed up.

Put differently, even paranoid people have enemies. Even states engaged in fear-mongering have things to fear. The two are not mutually exclusive, and simply because it might be hip to start using the phrase "military digital complex" doesn't mean that there aren't real threats. We begin to substitute slogans for analysis. That's bad.

I have been expecting more apologia for the Chinese on HN, but probably because of the technical nature of those who post here, they haven't got a lot of traction. Good. From what I can see, the Chinese are most likely engaged in serious and ongoing state-sponsored attacks against many western targets. I understand that the details of these attacks are going to leak out slowly over the next several years, and that's fine with me.

I really wish the spirit of what this author saying was true -- that this is all just ginned up. I really do.

But it's not.

What got me was this line.

> What is surprising is the unfaltering belief that since attacks come from IP addresses in the same geographic region as a PLA unit, ipso facto, the attacks are state sponsored and need some sort of government response.

Mandiant and the US government aren't using IP address details to determine this is the Chinese. In fact, they're explicitly not depending on IP addresses to link these attacks to Unit 61398. Mandiant specifically refers to 'indicators' which can range can be IP addresses but can also be source code comments, coding styles, reused usernames, reused passwords, reused encryption certificates, reused domain names, etc. In short, the evidence linking Unit 61398 to these activities is the same kind of patterned evidence that is used to pin multiple crimes on serial killers. It paints a compelling modus operandi that cannot be easily dismissed as multiple independent actors. It is one group doing this and that group is most likely Unit 61398.

Yep. Seems like the author "remembers" some information, then conveniently "forgets" other information. He leaves it open for the rest of us to straighten it all out.

One of the other commenters took me to task (quite politely) for not arguing the facts. There is a good reason for that.

We don't want to get into a situation where one side posts all the knowledge it has about the attacks, only to see the other side adapt. Let's not use the free press as a means to shoot ourselves in the ass.

So a lot of articles and a lot of details like this will go unanswered, and that's fine with me. I've watched my server logs, I've seen enough details here and there to know the score. I don't need a public debate with all the witnesses present and cross-examination and so forth. Maybe if this evolves into a shooting war, but not right now.

> "documented"

you can open the document linked from the article and scroll to section 10.7. There are the details of the cases. It is a mix of industrial espionage by actual CIA agents and the hacking. Example:

Case:Federal German Ministry of Economic Affairs

Who: CIA

When: 1997

What: Information concerning high-tech products held by the Federal Ministry for Economic Affairs

How: Use of an agent

Aim: Obtaining information

Consequences: Agent unmasked and expelled from the country



Who: NSA

When: 1993

What: Videoconference between José Ignacio López and VW boss Ferdinand Piëch

How: Videoconference recorded and forwarded to General Motors (GM)

Aim: Protection of commercial secrets held by GM in America, secrets which López wished to pass on to VW (price lists, secret plans for a new car plant and a new small car)

Consequences: López's cover is blown, in 1998 criminal proceedings are halted in return for payment of fines.

No consequences in respect of NSA

> But it's not.

I agree with your conclusion. If you have anything of value, be paranoid. The Chinese (or anybody else, really) will try to get their hands on it.

While your post was a joy to read, if you focused only on the facts it would be much shorter...

The author conveniently leaves out the huge, gaping difference between Western military hacking units and Chinese military hacking units: their targets.

Western military hacking targets are other governments and militaries. The objectives are military.

Chinese military hacking targets are companies. Intellectual property is stolen, and handed off to state run companies. The objectives are economic. Which makes sense when you consider that the Chinese leadership realizes that they have to keep the engine going to placate the masses, or risk facing another revolution.

Did you read the full article? I'm pretty sure it included incidents documented by the EU where US hacking was aimed at economic benefit.

I'm not sure what you find "fast and loose" with that fact. Stuxnet was claimed by politicians from USA/Israel.

And Instagram "generating billions in income"

There are two schools of thought in regards to China -- that of a resurgent dragon, the other of a "benign China." Even after the Mandiant report, the latter aren't convinced. They won't change their minds until they are targeted (almost a certainty) -- I'm fine with that.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact