And China is at it again...

Forum adverts like this one are shown to any user who is not logged in. Join us by filling out a tiny 3 field form and you will get your own, free, dakka user account which gives a good range of benefits to you:

No adverts like this in the forums anymore.
Times and dates in your local timezone.
Full tracking of what you have read so you can skip to your first unread post, easily see what has changed since you last logged in, and easily see what is new at a glance.
Email notifications for threads you want to watch closely.
Being a part of the oldest wargaming community on the net.

If you are already a member then feel free to login now.

**metallifan**

http://sync.sympatico.ca/news/foreign_hackers_attack_canadian_government/fc1e3d0f

Foreign hackers attack Canadian government

17/02/2011 5:08:13 AM

CBC News
An unprecedented cyberattack on the Canadian government also targeted Defence Research and Development Canada, making it the third key department compromised by hackers, CBC News has learned.

The attack, apparently from China, also gave foreign hackers access to highly classified federal information and also forced the Finance Department and Treasury Board - the federal government's two main economic nerve centres - off the internet.

Defence Research and Development Canada works to assist in the scientific and technological needs of the Canadian Forces. It is a civilian agency of the Department of National Defence.

The cyberattack, first detected in early January, left Canadian counter-espionage agents scrambling to determine how much sensitive government information may have been stolen and by whom.

Highly placed sources tell CBC News the cyberattacks were traced back to computer servers in China.

They caution, however, that there is no way of knowing whether the hackers are Chinese, or some other nationality routing their cybercrimes through China to cover their tracks.

So far, officials in Prime Minister Stephen Harper's government have been all but mum on the extraordinary breach of security.

The government initially issued a terse statement, passing it all off as merely an "attempt to access" federal networks. It has refused to release any further information.

Finance, Treasury Board

The hackers apparently managed to take control of computers in the offices of senior government executives as part of a scheme to steal the key passwords that unlock entire government data systems.

It is unclear whether the attackers were able to compromise other departmental computer networks, including those that contain Canadians' sensitive personal information such as tax and health records.

Michel Juneau-Katsuya, a security analyst and former CSIS intelligence officer, told CBC News on Thursday "all indications point at China" as the origin of the attempted cyber espionage.

He added that any such attack would have some connection to the government in China, which is also known for producing so-called "patriotic hackers" devoted to targeting institutions or governments perceived as threatening to the government at home.

Juneau-Katsuya said he believed Canada is seen by China as "a land of opportunity to get natural resources that they need so, so much."

The Chinese Foreign Ministry denied on Thursday that the Chinese government was responsible for the attack.

Once the attack was detected in early January, Canadian government cybersecurity officials immediately shut down all internet access at the Finance Department and the Treasury Board, in an attempt to stop stolen information from being sent back to the hackers over the net. In an earlier attack, Defence Research and Development had to shutdown access to one of its servers for two months.

The move left thousands of public servants without internet access, although officials in both affected departments report service has slowly been returning to normal since the attack.

While the government is trying to keep the embarrassing security breach under tight wraps, even from its own employees, a number of sources involved in the investigation agreed to speak to CBC News on condition of anonymity.

Canadian techno-gurus

This extraordinary tale of the Canadian government being targeted in cyber warfare actually began in 2009 with an international investigation by a group of Canadian techno-gurus whose findings shook the security world.

The group, called the Information Warfare Monitor, reported that an electronic spy network based mainly in China had hacked into almost 1,300 government computers in 103 countries.

They called the massive and now-infamous cyberspying operation GhostNet.

While many countries immediately moved to strengthen their defences against potential cyberattacks, it wasn't until the fall of 2010 that the Canadian government went on high-alert against potential electronic intruders.

Leading that task was the Communications Security Establishment Canada (CSEC), a little-known branch of National Defence, and the country's only electronic eavesdropping agency.

Sources say the agency went hunting for any signs the federal government networks might have been compromised.

Turns out they had.

At least two departments, Finance and Treasury Board, and the DND agency, had been compromised the same way the China-based hackers behind GhostNet had penetrated more than 100 other governments around the world.

How it was done

In the world of cybercops, it is called "executive spear-phishing."

Here's how it worked:

Sources say hackers using servers in China gained control of a number of Canadian government computers belonging to top federal officials.

The hackers, then posing as the federal executives, sent emails to departmental technical staffers, conning them into providing key passwords unlocking access to government networks.

At the same time, the hackers sent other staff seemingly innocuous memos as attachments.

The moment an attachment was opened by a recipient, a viral program was unleashed on the network.

The program hunts for specific kinds of classified government information, and sends it back to the hackers over the internet.

One source involved in the investigation said spear-phishing is deadly in its simplicity: "There is nothing particularly innovative about it. It's just that it is dreadfully effective."

Effective indeed, especially against a government cybersecurity system that has long been described as a sieve.

Auditor-General Sheila Fraser, for one, first raised the alarm in 2002 when she warned "there are weaknesses in the system.

"There are access controls that need to be fixed; there are a whole series of minimum security issues that are not being dealt with. There are vulnerabilities. Government needs to fix them."

Three years later, Fraser checked again and found not much had changed.

"It is important that these things be dealt with and be fixed - the government is vulnerable to attacks."

Evidently, it still is.

I love how China has pretty much been caught once more with their hand in the cookie jar, yet there'll be sweet

all as far as repercussions go. What does Dakka think? It's clear that simply calling China out on these attacks is doing nothing. Should a harder stance be taken against the obvious culprit here?

**kronk**

Sure. What punishment do you have in mind?

**Ma55ter_fett**

Eye for an eye?

At least clean out a few servers and leave some knock knock jokes.

**Flashman**

Right thats it, everyone stop buying rice.

**Battle Brother Lucifer**

Nuke 'em. Everyone is equal as atoms and particles

**Khornholio**

Take the West's economic infrastructure back! That'll teach 'em.

**Blacksails**

China needs a time out in the corner. That'll teach them.

**ShumaGorath**

Or we could just do what we've been doing for years. The exact same thing back to them.

**Monster Rain**

Yeah, but we're the good guys.

**Chibi Bodge-Battle**

Course nuffin'll be done
All the west's industry is in China.
We need them to make the countless tons of useless, worthless gakk that keeps the economy ticking over on tick.

Can't risk upsetting the apple cart.

**Bromsy**

Nuke 'em rico. Shoot a nuke down a bug hole, you got a lot of dead bugs.

**Medium of Death**

I for one welcome the actions of our Chinese overlords.

Somewhat related:
Did anybody see 'The Chinese are Coming' on the BBC? It's quite amazing how far their influence is spreading.
http://www.bbc.co.uk/iplayer/episode/b00ykxg9/The_Chinese_Are_Coming_Episode_1/
http://www.bbc.co.uk/iplayer/episode/b00yskn8/The_Chinese_Are_Coming_Episode_2/
You can't stop them... the horror... oh the horror...

**SilverMK2**

Oh no! I hope they didn't steal the secrets of maple syrup production!

**Mr Meatballs**

TO THE SHELTER!
I'll be 25 feet underground if anyone needs me.

**blood reaper**

The Red Dragon Awakens...

**Melissia**

Sarcasm aside, thefact that they've been caught or found out even after the fact says a lot about the lack of quality of hte attacks. A truly skilled thief leaves his targets without such information.

**ShumaGorath**

Awful lot of chinese genocide and or comparing them to bugs or animals in here. Great moderation going on.

**blood reaper**

ShumaGorath wrote:Awful lot of chinese genocide and or comparing them to bugs or animals in here. Great moderation going on.

1+

**Kid_Kyoto**

Melissia wrote:Sarcasm aside, thefact that they've been caught or found out even after the fact says a lot about the lack of quality of hte attacks. A truly skilled thief leaves his targets without such information.

The scuttlebutt I've read is that a lot of these are semi-official groups, autonomous but government-connected which gives them both plausible deniability and a chance for hackers to learn on the job.

We only know what we know, there's a lot of hacking we never hear about.

**Melissia**

Kid_Kyoto wrote:
Melissia wrote:Sarcasm aside, thefact that they've been caught or found out even after the fact says a lot about the lack of quality of hte attacks. A truly skilled thief leaves his targets without such information.

The scuttlebutt I've read is that a lot of these are semi-official groups, autonomous but government-connected which gives them both plausible deniability and a chance for hackers to learn on the job.

We only know what we know, there's a lot of hacking we never hear about.

IE, those are the ones that don't suck.

**daedalus**

Melissia wrote:Sarcasm aside, thefact that they've been caught or found out even after the fact says a lot about the lack of quality of hte attacks. A truly skilled thief leaves his targets without such information.

And a much more skilled thief would leave them with false information. Not defending China, but I assume China's being uncooperative here. How do they know that the attacks weren't engineered to look like they were coming from China? I mean, the first thing I would do if I was attacking a country's governmental infrastructure isn't attack it. It'd be to own an different unsympathetic country and make them seem like they did it.

**dogma**

Melissia wrote:
IE, those are the ones that don't suck.

Its almost impossible to make a completely untraceable cyber attack. You can make it harder to figure out where the attack came from, but not impossible. When all that needs to be determined is nation of origin, instead the specific perpetrator, then it gets significantly easier.

**Mr Meatballs**

there's room for 5 down here!

**VoidAngel**

Ooh,I have a great idea! How about if you DISCONNECT VITAL ASSETS FROM THE FETHING INTARNETZ! How about if you hire people smart enough not to be phished? How about if you put a policy in place that you can only give info to people you actually know, in person if necessary?

How about if you arbitrarily and randomly place a 1000% tax on some Chinese imports until the shenanigans stop? How about if we laser down their satellites until the shenaningans stop? Blame it on sun spots - they're all the rage right now. Say our death ray got hacked and it was used to kill their satellites by angry American hackers? Soorryz! Thet iz the suxxorz, Chinaz! R badz!

**Ketara**

This is a developing problem. I'm currently writing my dissertation on Cyber-warfare.

1997:- New York-US:- A juvenile accesses components of a phone system operated by Nynex. Several commands are sent that disrupt the local airport communications and Fire Services.
1998:- USA:- Two teenage hackers access US DoD computers.
2001:- Queensland Australia:- Individual uses internet access and short wave radio to take control of SCADA systems and releases 1,000,000 tonnes of sewage into clean water.
2002-2005:- US:- Unknown data downloaded a total of 20 terabytes of data from DoD computers.
2003:-US, Washington:- American Plan formulated but never enacted to use computers to attack and destroy Iraqi finance.
2004:- Louisiana US:- A man creates a nasty little email that when opened, turns your computer into a zombie and makes it dial 911 continuously.
2007:- Latvia:- Russian state sponsored Hackers bring down government websites and lines using DOS attacks after Latvian governments makes decisions against the wishes of the Russian Government.
2008: US:- Hackers successfully disable a power station with nothing more than the internet.
2008:- Georgia:- DOS attacks are launched against all government websites and prominent bloggers whilst conflict with Russia ongoing, making it impossible for Georgian opinions facts to be heard globally. Russia strongly suspected.
2009:- US/S. Korea:- DDOS attacks on US agency websites, S.Korean goverment sites, and lines between the two governments. N. Korea strong suspect (believed to be testing the communications ability between the two nations in outbreak of war, and their capability to disable it)
2011:- Iran:- Potent new Stuxnet computer worm, an unparalleled piece of computer code, causes Iranian nuclear centrifuges to overheat and break, setting back Iranian Nuclear weapons project by an estimated five years. Israel strongly suspected.

I could add more.

The point is that cyber-warfare has been designated the fifth domain of warfare for a reason. China, Russia, and N. Korea are all spending vast sums of money as we speak sponsoring their own 'cyber commands' as have existed in the US for a couple of years now, and as have just been established in the UK as of July 2010. I didn't include any Chinese examples in my lsit above, but there have been plenty. Cyber-warfare, as can be seen above, has the capacity to damage nations economically as well as physically, and is a new form of Information Warfare.

All in all, thoroughly interesting stuff.

**ShumaGorath**

Awful lot of not knowing whats involved with a king phish cyber attack or really any other form of hacking in here. Lotta reactionary random poorly thought out and unwise advocation of reprisal as well.

Great moderation going on.

**VoidAngel**

Bullpucky. You'd rather wait for absolute certainty - by which time it is too late. "Well, I won't know for sure if the thug holding the gun on me wants to kill me, until he pulls the trigger..."

OK, you wait and find out. I'm throat punching him now.

**Ketara**

ShumaGorath wrote:Awful lot of not knowing whats involved with a king phish cyber attack or really any other form of hacking in here. Lotta reactionary random poorly thought out and unwise advocation of reprisal as well.

Great moderation going on.

The ethics with regards to responding to a cyber-warfare attack at the moment Shuma, are actually a matter of great debate in the appropriate academic circles. Reactionary the views might be, but not necessarily invalid. Unwise? That's definitely debatable.

**Monster Rain**

ShumaGorath wrote:Awful lot of not knowing whats involved with a king phish cyber attack or really any other form of hacking in here. Lotta reactionary random poorly thought out and unwise advocation of reprisal as well.

Great moderation going on.

Spamming too.

Automatically Appended Next Post:

Melissia wrote:
Kid_Kyoto wrote:
Melissia wrote:Sarcasm aside, thefact that they've been caught or found out even after the fact says a lot about the lack of quality of hte attacks. A truly skilled thief leaves his targets without such information.

The scuttlebutt I've read is that a lot of these are semi-official groups, autonomous but government-connected which gives them both plausible deniability and a chance for hackers to learn on the job.

We only know what we know, there's a lot of hacking we never hear about.
IE, those are the ones that don't suck.

Or some of them get caught on purpose to let everyone know that they're mukkin' about in our computers.

**reds8n**

ShumaGorath wrote:Awful lot of chinese genocide

None of which are remotely serious

and or comparing them to bugs or animals in here. Great moderation going on.

The quote from "Starship Trooper" you mean ? Not really relevant either.

Awful lot of not knowing whats involved

Yes, we've all noticed your posts but, bless, you do your best and you are trying.

I'm sure everyone will be much better informed and reassured once you've informed them why they're wrong.