Jump to content
Washington DC Message Boards

The Chinese Cyber-Invasion - Using American Computer Firms


Guest Black Sun

Recommended Posts

Guest Black Sun

I was reading an article about how Chinese intelligence are infiltrating our networks and my nerves got really shaken. They are hacking into computers that were made in China and exported to the United States. What has our country done.

 

Reinforcing its commitment to foster innovation through local technology companies, Intel Corporation today opened a software innovation and support center in Hangzhou, the capital of East China's Zhejiang Province. The Intel Zhejiang Software Technology Innovation Support Center is expected to become one of the largest software development, testing and validation centers in Asia with one of the region's most advanced high-performance computer centers for visual rendering.

 

The Zhejiang province is a leading hub for software development in China. It is home to approximately 1,000 software companies and produces about 10,000 software engineering graduates from its 36 universities each year. The innovation support center will offer the latest Intel hardware and software technologies, and share worldwide best-known-methods for software optimization, testing and validation to help local software vendors innovate around Intel processor technologies.

 

"We are very glad to see the kick-off of Intel Zhengjiang Software Technology Innovation Center as the fulfillment of last year's memorandum of understanding with Intel," said Yongming Wang, the vice governor of the Zhejiang Province. "The establishment of the Intel Technology Innovation Center will combine resources from technology providers and government and bring advanced knowledge and technologies from a world leader such as Intel to Zhejiang's software companies. "This will enhance the innovation capabilities of local software companies and strengthen the competitive advantage of the ecosystem of the high-tech industry in Zhejiang."

 

"As part of our commitment to grow with China's IT industry, Intel supports world-class innovation across the Chinese software ecosystem." said Paul Otellini, president and CEO of Intel Corporation, at the innovation center's opening ceremony. "The unique technical training and tools offered at this center will help local software companies bring their products to market faster and expand their global business development capabilities. Intel has already worked with one-fourth of the province's leading software companies, including SUPCON and Hundsun, on technology development, marketing programs or strategic venture capital investments."

 

Located in the Hangzhou State Software Base, the innovation support center serves as a one-stop location where software companies have access to the latest Intel processors, tools, engineering consulting and computer networks to further design, validate test and tune their applications. The varieties of Intel services aim to help local companies innovate and create software that delivers a great experience on Intel processor-based computers and do so more quickly. The software companies will also have access to the Intel Software Network, Channel Marketplace and Intel Software College that offer additional training, support and services from participating companies around the world.

 

http://www.intel.com/pressroom/archive/rel...71031corp_b.htm

Link to comment
Share on other sites

  • Replies 66
  • Created
  • Last Reply

Top Posters In This Topic

Guest Black Sun

Intel Breaks Ground on Wafer Fabrication Facility in Dalian

 

Manufacturing Leadership, Cluster Effects to Accelerate Growth for China's IT Industry

DALIAN, China, September 8, 2007 – Intel today broke ground on its first 300mm wafer fabrication facility in Asia. The new factory, named Fab 68, will extend Intel's manufacturing leadership, while helping cultivate engineering talent, accelerate the growth of China's information technology (IT) ecosystem, and bring Intel's culture of environmental leadership to China. The $2.5 billion project is set to begin construction immediately and be operational in 2010. Fab 68 will cover 163,000 square meters of factory space and host a 15,000 square meter clean room.

 

"The scope and scale of our global manufacturing network gives Intel the ability to provide customers with leading-edge, energy-efficient products in high volume," said Craig Barrett, Chairman, Intel Corporation. "Fab 68 will have world-class infrastructure and be an integral part of our global manufacturing network while bringing us closer to our customers and partners in China."

 

"Intel's investment in Fab 68 comes at a time when Dalian's information technology industry is aiming to compete globally and become one of the top three IT clusters in China," said Dalian Mayor Xia Deren. "Fab 68 is not just bringing advanced chipset manufacturing to Dalian, Intel's presence will attract investment from virtually every segment of the IC industry, which in turn will have tremendous effect on the region's economy and industries. It is estimated that many suppliers are planning to follow Intel's lead and establish operations in Dalian. The cluster will help revitalizing the industries in China's Northeast region, and make Dalian rise to be one of the IT hubs in China."

 

Demonstrating its dedication to sustainable growth in Dalian, Fab 68 will be designed and built to minimize impact on the environment. "Intel has a long history of environmental leadership in our products and operations and we are applying the same world-class design and construction standards in Fab 68 that we apply everywhere in the world," said Kirby Jefferson, General Manager of Fab 68. "The design standards for Fab 68 meet Intel's high standards for environmental performance in all areas including water, energy and chemical waste management."

 

With its presence in Dalian, Intel plans initiatives aimed at developing the local talent pool. "Local talent development is a key component to our fab network strategy," said Wee Theng Tan, Vice President of Corporate Affairs Group and President of Intel China. "We're partnering with the Dalian University of Technology and the Dalian Municipal Government to establish the Semiconductor Technology Institute and donating a 200 mm wafer process line for training purposes. In the future, this Semiconductor Technology Institute will foster world-class talent for the IT industry in China and around the globe."

 

Intel investment in Fab 68 sets its total investment in China to close to US$ 4 billion. Intel has established two assembly and test plants in Shanghai and Chengdu, along with R&D centers and labs in Beijing, Shanghai and elsewhere in China.

 

http://www.intel.com/pressroom/archive/rel...70907corp_b.htm

Link to comment
Share on other sites

Guest Black Sun

Intel Corporation today announced plans to build a 300-millimeter (mm) wafer fabrication facility (fab) in the coastal Northeast China city of Dalian in Liaoning Province. The $2.5 billion investment for the factory designated Fab 68 will become Intel's first wafer fab in Asia and adds significant investment to Intel's existing operations in China.

 

"China is our fastest-growing major market and we believe it's critical that we invest in markets that will provide for future growth to better serve our customers," said Intel President and CEO Paul Otellini. "Fab 68 will be our first new wafer fab at a new site in 15 years. Intel has been involved in China for more than 22 years and over that time we’ve invested in excess of $1.3 billion in assembly test facilities and research and development. This new investment will bring our total to just under $4 billion, making Intel one of the largest foreign investors in China."

 

Not since 1992 with the construction of Fab 10 in Ireland has Intel built a fab from the ground up at a brand new site. Construction on Fab 68 is scheduled to begin later this year with production projected to begin in the first half of 2010. Initial production will be dedicated to chipsets to support Intel's core microprocessor business.

 

"This is one of the major cooperative projects between China and the United States in the area of integrated circuits manufacturing in recent years. The project will further strengthen Intel's leadership position in the semiconductor manufacturing in the world. At the same time, the investment in Dalian will have a positive impact to the regional economic development and the development of integrated circuits industry in the old industrial base of northeast China," said Zhang Xiaoqiang, vice chairman of the National Development and Reform Commission. "We welcome Intel and other multinational companies to invest and cooperate with China. We support Intel's initiative to expand and strengthen cooperation with relevant parties in a number of areas, such as talent training, technology standards, improved information technology for rural areas and digital health, to promote the mutual benefit and win-win of Intel and the information industry of China, and to achieve the goal of growing together."

 

Dalian Mayor Xia Deren said, "As an open city on China's coastline, Dalian provides many geographic advantages as well as existing infrastructure and services for foreign investment. We are very excited Intel has chosen Dalian to build a wafer fabrication facility. This investment will not just impact Dalian's social and economic development, but will generate a significant and positive impact on the economic and industrial structure in Northeast China."

 

When completed, Fab 68 will become part of Intel's manufacturing network that includes eight 300mm factories in 2010 with other fabs located in the United States, Ireland and Israel. Manufacturing with 300mm wafers dramatically increases the ability to produce semiconductors at a lower cost compared with more commonly used 200mm (eight-inch) wafers. The bigger wafers lower production cost per chip while diminishing overall use of resources. Using 300mm manufacturing technology consumes 40 percent less energy and water per chip than a 200mm wafer factory.

 

http://www.intel.com/pressroom/archive/rel...0070326corp.htm

Link to comment
Share on other sites

Guest Black Sun

How ignorant am I?

 

Intel Expands Research And Development In China

Asia-Pacific Research & Development Ltd. Established in Shanghai

 

Intel Corporation today announced the establishment of Asia-Pacific Research and Development Ltd. in China (Asia-Pacific R&D Ltd.) based in Shanghai's Zizhu Science Park. The announcement is part of the company's ongoing effort to embrace the growing pool of technical talents in China to enhance local R&D capabilities and to deliver time-to-market, customized platforms and solutions for markets across Asia Pacific and the world.

 

The expansion of Intel R&D activities in Shanghai recognizes the city's growing importance as a regional business and technology center and China's leading role in the development and adoption of advanced computing and communication technologies.

 

"China has one of the world's most compelling combinations of R&D talents and market potential," said Wee Theng Tan, president of Intel China. "As a leading technology market with a growing number of highly trained researchers and technologists, China is creating the kind of dynamic environment that is an impetus to great R&D. Intel is committed to working with the local industry to help bring Chinese innovation into the world."

 

Asia-Pacific R&D Ltd. will focus on product development and platform-level innovations from all Intel product & technology groups, including the Digital Home Group, Digital Enterprise Group, Mobility Group, Channel Platforms Group, Digital Health Group, Software and Solutions Group, and Information Services & Technology Group.

 

"China is evolving from a manufacturing-based economy to a broader, diverse economy and includes innovation through world-class education, and research and development efforts," said Boon Lock Yeo, general manager of Intel Asia-Pacific R&D Ltd. "Asia-Pacific R&D Ltd. is a full-scale facility with advanced product development to deliver innovative products designed for China and the world. We have recruited, and will continue to attract top local and global talents and will continue the collaborative efforts with universities and government to support R&D programs and cultivate future technology talents in China."

 

With continued strong growth expected across the region, Intel is planning for Asia-Pacific R&D Ltd. to employ more than 1,000 employees by the end of 2006. The facilities at Shanghai's Zizhu Science Park can accommodate up to 2,000 employees. The staff includes software and hardware engineers along with employees who deliver and support products, and manage business functions such as marketing, planning, management and business support services.

 

For more than two decades, Intel has invested nearly 1.3 billion dollars to China and cultivated a workforce of over 5,000 talented professionals. R&D has been a huge part of the company's investment since it first established the software labs in China in 1994.

 

http://www.intel.com/pressroom/archive/rel...50915corp_b.htm

Link to comment
Share on other sites

Guest Black Sun

It is bad enough that our government can spy on us. Now we have to worry about another. Imagine a chinese intelligence officer controlling your computer.

 

Intel Establishes $200 Million China Venture Fund

Intel Capital China Technology Fund to Accelerate IT Innovation, Growth of Internet Economy in China

 

Intel Corporation today announced the establishment of a US$200 million venture capital fund to invest in Chinese technology companies developing innovative hardware, software and services.

 

"With the establishment of the Intel Capital China Technology Fund, Intel plans to stimulate local technological innovation and the continued growth of China's IT industry," said Intel President and CEO Paul Otellini. "We will invest in Chinese companies to accelerate technology adoption locally and to foster development of innovative technologies with potential for global distribution."

 

The Intel Capital China Technology Fund will be used to invest in companies that complement Intel's technology initiatives and to further build out the Internet infrastructure in China. The fund will also provide local businesses with capital to help nurture important technologies and products developed in China. Examples of initial focus areas include cellular communications, broadband applications for consumers, and semiconductor design.

 

"The pace of IT innovation is accelerating," said Intel Capital President Arvind Sodhani. "Companies around the world should look beyond China's purchasing power and view the country's innovators as potential suppliers. We look forward to working together with the country's leading technology companies to grow China's IT industry together."

 

Intel Capital, which has investment managers based in Hong Kong, Shanghai and Beijing, made its first strategic investment China in 1998 and since then has invested in close to 50 Chinese companies across nine cities in mainland China and Hong Kong. Eleven of these companies have since gone public or have been acquired, including AsiaInfo Holdings Inc., a telecom software supplier; Chinacast Communications Holding Ltd., a total solution service provider for remote education; Sohu.com, an Internet portal; Techfaith Holdings Ltd., an independent cell phone design house; and UTStarcom Inc., a telecom equipment manufacturer.

 

Notable examples of current Intel Capital investments in China include BCD Semiconductor Manufacturing Ltd., an analog power integrated circuit design and manufacturing company; Comlent Holdings Inc., a radio frequency chip maker; HiSoft Technology International Ltd., a software outsourcing company; Maipu Holdings Ltd., a router and data communications company; and Pollex Mobile Holdings, a cellular phone software applications provider.

 

Intel Capital, Intel's venture investment program, focuses on making minority equity investments to grow the Internet economy in support of Intel's strategic interests. Intel Capital invests in hardware, software and services companies in several market segments, including computing, networking, and wireless communications. Intel Capital has invested more than US$4 billion in approximately 1,000 companies in more than 30 countries since 1991. Since its inception, about 160 portfolio companies have been acquired by other companies and another 150 have gone public on various exchanges around the world. Intel Capital employs investment managers in about 25 countries worldwide. Last year alone, Intel Capital invested more than US$130 million in about 110 deals with approximately 40 percent of its investments made outside the United States. For more information, visit www.intel.com/capital.

Link to comment
Share on other sites

Guest Black Sun

OKI, Intel and Huashu Jointly Develop Next Generation Hybrid STB

 

27 Mar 2008

 

Oki Electric Industry Co. Ltd, Intel K.K. and Huashu Digital TV Co. Ltd have jointly developed a next generation Hybrid set top box (STB) to serve the digital home market segment in China. The digital STB platform design reflects Huashu’s experience as a developer of value-added services in China and is based on OKI’s leading video processing technologies and the Intel CE 2110 media processor. The hybrid platform is designed to let TV viewers enjoy high-definition television broadcasts, video-on-demand and future valued-added services such as 3D graphics.

 

“The convergence of broadcasting and communication will create a new digital home market,” said Keizo Ikeda, president of Media-network Appliance Company at OKI. “OKI believes the Next Generation Hybrid STB will enable subscribers to leverage value-added services and help telecom carriers improve their profitability. From an early stage, OKI has provided IPTV STBs to a major telecom carrier in Japan. With this track record and with our advanced technologies, OKI’s ultimate aim is to contribute to China’s digital development.”

 

The next generation hybrid STB, which can be used for both digital video broadcasting (DVB) and IPTV, supports HDTV decoders including MPEG-2, MPEG-4, and H.264. The platform uses the high-performance Intel CE 2110 media processor which includes a 2D/3D graphic accelerator and supports applications including a Flash player, Java Virtual Machine (JVM) and a browser.

Link to comment
Share on other sites

Guest Black Sun

It appears the World Market now overpowers the U.S. Market.

 

The Disneyland Report > Disney News > Intel K.K. and Walt Disney Japan Strike up the Band with ''Mickey Symphony''

 

Disney News

 

--------------------------------------------------------------------------------

 

Intel K.K. and Walt Disney Japan Strike up the Band with "Mickey Symphony"

Rich and Dynamic Broadband Content Showcases Power of PC and Internet

TOKYO -- Intel K.K. and Walt Disney Internet Group Japan Asia Pacific, a division of The Walt Disney Company Japan announced a new broadband entertainment content service for the Japanese market called "Mickey Symphony."

 

"Mickey Symphony" is the first outcome of Intel and Disney's joint effort to provide consumers with exciting content that showcases the audio and video capabilities of the latest Intel-based PCs and Japan's advanced broadband infrastructure.

 

http://www.disneylandreport.com/disneynews...eysymphony.html

Link to comment
Share on other sites

Guest Black Sun

I guess I am not ready to embrace the truth yet. From what I am reading it seems that programming for multi-core is catching the imagination of programmers more in Japan, China, Russia, and India than in Europe and the United States.'

 

Intel® Threading Building Blocks (TBB) offers a rich and complete approach to expressing parallelism in a C++ program. It is a library that helps you take advantage of multi-core processor performance without having to be a threading expert. Threading Building Blocks is not just a threads-replacement library. It represents a higher-level, task-based parallelism that abstracts platform details and threading mechanism for performance and scalability.

 

Multi-core processors are nearly ubiquitous now. Software developers can program for concurrency in their application to take full advantage of multicore processors. The importance of doing this only increases over time. A program deployed today may be running on quad-core processors or even systems with multiple quad-core processors. That same program, if it is used for 3 years, may eventually run on systems with 8 or 16 core processors or more. Intel Threading Building Blocks helps ensure that applications are can be written for the architectures of tomorrow while targeting the systems of today.

 

Intel believes multi-core to be the key to scaling performance and application capabilities while improving energy efficiency. Recently, Intel demonstrated an 80-core research processor capable of 1 trillion calculations per second while consuming the same amount of power as today’s desktop processors.

 

http://threadingbuildingblocks.org/documentation.php

Link to comment
Share on other sites

The truth is the world is going open source. On the good side technology can advance at a much faster rate and it becomes cheaper to implement.

 

This message board started as an open source project. WashDC.com is our current open source project. It has saved our publication hundreds of thousands of dollars.

 

The bad side is that open source technology can be hacked easier. So, it is not for everyone.

 

From your posts I would surmise that Intel is finding more people willing to learn its architecture at a reasonable rate.

 

Someone told me that Chinese and Japanese women are attracted to men with large thumb muscles. Brains over Bronze.

 

Now, we just have to try to get American kids to think software writing is cool.

 

I am going to teach my kid everything I know. I am sure it will be easy for him to surpass my knowledge base.

 

I also would not underestimate our government's ability in cyberwarfare.

 

I think I just saw a commercial about it for the military.

Link to comment
Share on other sites

Guest human_*

Several people that I know are now lobbyists for china.

 

From what I hear they pay bleeping good to.

 

Also dubai is going to spend 325 or 375 million in the poorest counties in america.

Link to comment
Share on other sites

  • 2 months later...
Guest Jennifer Allen

Rep. Frank Wolf (R-10th) today will introduce a privileged resolution on the House floor calling for greater protection of congressional computer and information systems and will offer the following statement revealing that several computers in his Washington office have been compromised by an outside source:

 

"Madam Speaker, in August 2006, four of the computers in my personal office were compromised by an outside source. This source first hacked into the computer of my foreign policy and human rights staff person, then the computers of my chief of staff, my legislative director, and my judiciary staff person. On these computers was information about all of the casework I have done on behalf of political dissidents and human rights activists around the world. That kind of information, as well as everything else on my office computers - e-mails, memos, correspondence and district casework - was open for outside eyes to see.

 

"I am aware that computers in the offices of several other Members were similarly compromised, as well as a major committee of the House -- the Foreign Affairs Committee. It is logical to assume that critical and sensitive information about U.S. foreign policy and the work of Congress to help people who are suffering around the world was also open to view from these official computers.

 

"In subsequent meetings with House Information Resources and FBI officials, it was revealed that the outside sources responsible for this attack came from within the People's Republic of China. These cyber attacks permitted the source to probe our computers to evaluate our system's defenses, and to view and copy information. My suspicion is that I was targeted by Chinese sources because of my long history of speaking out about China's abysmal human rights record.

 

"My office's computers were cleaned and returned to me by House Information Resources, but ever since this happened, I have been deeply concerned that this institution is not adequately aware of or protected from these types of threats.

 

"I have also learned that this threat exists not only here in the Capitol complex, but also when Members travel overseas. I have been told that, particularly in countries in which access to information is tightly controlled by the government, Members are at risk of having their conversations and information recorded or stolen from their cell phones and Blackberry devices.

 

"As I have shared my office's experience with other Members, it has become clear to me that many Members, committees and other offices of the House do not fully understand the extent of this threat against the security of their offices and how to protect themselves from it.

 

"I have no information to confirm this, but it would seem realistic that the Senate could also be at risk. The committees in both chambers on Government Reform, Intelligence, Judiciary, Armed Services, and Homeland Security should be having hearings on this threat.

 

"That is why I am here today on the House floor. I am speaking out about the threat of cyber attacks from China and other countries on the entire U.S. government, including our military, because of my deep concern about maintaining the security and integrity of our government.

 

"Computer systems control all critical infrastructures, and nearly all of these systems are linked together through the Internet. This means that nearly all infrastructures in the United States are vulnerable to being attacked, hijacked or destroyed by cyber means.

 

"The U.S. government has recognized cyber vulnerabilities and threats to critical infrastructures for over a decade going back to the President's Commission on Critical Infrastructure Protection (PCCIP) in 1997.

 

"However, despite all the activity, reports, funding, and growth in the Department of Homeland Security, little seems to have changed in terms our vulnerability to cyber incidents.

 

"If a major cyber attack or incident were to occur, I have read that many analysts are skeptical that the U.S. government could adequately recover and reconstitute the Internet.

 

"According to a report from the Congressional Research Service, ‘U.S. counterintelligence officials reportedly have stated that about 140 different foreign intelligence organizations regularly attempt to hack into the computer systems of U.S. government agencies and U.S. companies.’

 

"This happens with alarming frequency, according to a recent Business Week article titled, ‘The New E-spionage Threat.’ This article states that U.S. government agencies reported almost 13,000 cyber security incidents in fiscal year 2007 - triple the number from just two years earlier.

 

"Lieutenant General Charles E. Croom, who heads the Pentagon's Joint Task Force for Global Network Operations, said that incursions on the military's networks in 2007 were up 55 percent from the previous year.

 

"The May 31 cover story in the National Journal titled, ‘The Chinese Cyber-Invasion,’ reported that ‘electronic devices used by U.S. Commerce Secretary Carlos Gutierrez and his party during a December 2007 visit to China were invaded using spyware that could steal information.’

 

"Gutierrez was in China with a high-level delegation to discuss trade-related issues such as intellectual property rights, consumer product safety and market access. The Associated Press also reported on this breach. Why did we learn about this in the press instead of from our own government officials? Did our government do anything about this attack?

 

"Our military computer networks are a frequent target of foreign cyber espionage, according to CRS. In order to take advantage of technological innovation, DOD uses Commercial-Off-The-Shelf (COTS) hardware and software in its core administrative functions as well as in the complex combat and weapons systems of all services.

 

"However, DOD officials and other analysts have said that COTS products lack necessary security but that requiring these products to meet military requirements for security would be too costly and difficult for most vendors.

 

"DOD has compensated for these vulnerabilities through additional layers of protective measures; however, despite these measures, DOD systems and computers belonging to DOD contractors remain vulnerable, according to CRS.

 

"On two separate occasions in 2004, for example, it was reported that viruses were found in top-secret computer systems at the Army Space and Missile Defense Command.

 

"China in particular is actively engaged in espionage against the United States. I recently had the opportunity to read the U.S.-China Economic and Security Review Commission's 2007 Classified Report to the Congress, and found the report's conclusions to be very alarming.

 

"The report addresses Chinese activities in the areas of espionage, cyber warfare, and arms proliferation. I strongly urge all Members of the House to read this report, as it gives a clear picture of the threat that China poses to our national security.

 

"In fact, the Pentagon's 2008 annual report to Congress stated that ‘in the past year, numerous computer networks around the world, including those owned by the U.S. government, were subject to intrusions that appear to have originated within the PRC.’

 

"News reports and CRS have divulged that in 2004, an attack code named ‘Titan Rain’ accessed sensitive data files stored on the computer networks of Lockheed Martin, Sandia National Labs, and NASA. This cyber attack went undetected for many months, and the hackers that carried out this attack were believed to be in China.

 

"In 2006, a lengthy cyber attack against the U.S. Naval War College in Rhode Island prompted officials to disconnect the entire campus from the Internet. In 2007, officials temporarily disconnected part of the Pentagon's unclassified network from the Internet in response to a similar attack against the Pentagon.

 

"In fact, according to CRS, ‘DOD officials acknowledge that the Global Information Grid, which is the main network for the U.S. military, experiences more than three million daily scans by unknown potential intruders.’

 

"According to the Business Week article, in 2007, the U.S. government launched a classified operation called ‘Byzantine Foothold’ to combat sophisticated new attacks that were compromising sensitive information at the State Department and at defense contractors such as Boeing, the source of which U.S. officials allege is China.

 

"Business Week's article states that computer attacks have targeted sensitive information on the networks of at least seven federal agencies: the Defense, State, Energy, Commerce, Health and Human Services, Agriculture, and Treasury departments. Defense contractors Boeing, Lockheed Martin, General Electric, Raytheon, and General Dynamics have also been targeted.

 

"Not long ago, few people within the U.S. government or in universities were systematically studying how a massive failure of our infrastructure could seriously disrupt our economy and way of life.

 

"Few understood that we could be vulnerable to damaging attacks launched from overseas using only computers via cyberspace.

 

"The Critical Infrastructure Protection (CIP) Program at George Mason University and James Madison University, which is now six years old, was formed in response to this gap in our knowledge about cyber threats.

 

"At my request, the CIP Program began producing a monthly topical publication on homeland security issues that is required reading in the Pentagon, Homeland Security, DOE and state and local homeland security agencies.

 

"Despite everything we read in the press, our intelligence, law enforcement, national security and diplomatic corps remain hesitant to speak out about this problem. Perhaps they are afraid that talking about this problem will reveal our vulnerability. In fact, I have been urged not to speak out about this threat.

 

"But our adversaries already know we are vulnerable. Pretending that we are not vulnerable is a mistake.

 

"As a nation, we must decide when we are going to start considering this type of activity a threat to our national security, a threat that we must confront and from which we must protect ourselves.

 

"The apparent lack of a sense of national urgency to address this problem only gives those who would wish us harm an extra advantage.

 

‘The Government Accountability Office reported in 2007 that no comprehensive strategy exists yet to coordinate improvements of computer security across the federal government and the private sector.

 

"I strongly believe that the appropriate officials, including those from the Department of Homeland Security and the FBI, should brief all Members of Congress in a closed session regarding threats from China and other countries against the security of House technology, including our computers, Blackberry devices, and phones.

 

"The potential for massive and coordinated cyber attacks against the United States is no longer a futuristic problem. We must prepare ourselves now and develop procedures for responding to this threat.

 

"In recent testimony before the U.S. Senate Armed Services Committee, Director of National Intelligence Mike McConnell expressed concern not only about sources capturing sensitive information, but also about them altering it.

 

"Director McConnell testified that ‘If someone has the ability to enter information in systems, they can destroy data. And the destroyed data could be something like money supply, electric-power distribution, transportation sequencing, and that sort of thing. The federal government is not well-protected and the private sector is not well-protected.’

 

"Members need to know how best to protect themselves, their staff and their official business from these threats. I have experienced this threat first hand, as have others in Congress, and am deeply worried that this institution is not adequately protected.

 

"Congress should take a lead in protecting our government and indeed our country from the threat posed by cyber espionage activities.

 

"James Lewis, the director of the Technology and Public Policy program at the Center for Strategic and International Studies, remarked last year in testimony before the House Committee on Homeland Security that ‘f gangs of foreigners broke into the State or Commerce Departments and carried off dozens of file cabinets, there would be a crisis. When the same thing happens in cyberspace, we shrug it off as another of those annoying computer glitches we must live with.’

 

"The apparent complacency in both the private and public sectors toward this threat is astonishing! We now know about the threat. We must speak out about how to protect ourselves, and formulate a comprehensive strategy with which to respond.

 

"Stephen Spoonamore, CEO of a cyber-security firm called Cybrinth, put the matter succinctly in the National Journal article: ‘By not talking openly about this, they are making a truly dangerous national security problem worse. . . Secrecy in this matter benefits no one. Our nation's intellectual capital, industrial secrets, and economic security are under dailyand withering attack. The oceans that surround us are no protection from sophisticated hackers, working at the speed of light on behalf of nation-states and mafias. We must cease denying the scope, scale, and risks of the issue. I, and a growing number of my peers, believe our nation is in grave and growing danger.’

 

"Mr. Spoonamoore is right. We are making this dangerous national security problem worse by not discussing it openly.

 

"I believe this institution, as my resolution states, should get the facts, and armed with these facts, should take the necessary action to protect the safety and integrity of the House.

 

"In 1789, British Parliament member William Wilberforce, speaking to his colleagues about the slave trade, said ‘having heard all this, you may choose to look the other way, but you can never again say that you do not know.’

 

"We cannot afford to look the other way when foreign sources are threatening to compromise our government institutions, our economy, our very way of life through cyber espionage. We cannot sit by and watch."

Link to comment
Share on other sites

Guest Jennifer Allen

Rep. Frank Wolf (R-10th) today will introduce a privileged resolution on the House floor calling for greater protection of congressional computer and information systems and will offer the following statement revealing that several computers in his Washington office have been compromised by an outside source:

 

"Madam Speaker, in August 2006, four of the computers in my personal office were compromised by an outside source. This source first hacked into the computer of my foreign policy and human rights staff person, then the computers of my chief of staff, my legislative director, and my judiciary staff person. On these computers was information about all of the casework I have done on behalf of political dissidents and human rights activists around the world. That kind of information, as well as everything else on my office computers - e-mails, memos, correspondence and district casework - was open for outside eyes to see.

 

"I am aware that computers in the offices of several other Members were similarly compromised, as well as a major committee of the House -- the Foreign Affairs Committee. It is logical to assume that critical and sensitive information about U.S. foreign policy and the work of Congress to help people who are suffering around the world was also open to view from these official computers.

 

"In subsequent meetings with House Information Resources and FBI officials, it was revealed that the outside sources responsible for this attack came from within the People's Republic of China. These cyber attacks permitted the source to probe our computers to evaluate our system's defenses, and to view and copy information. My suspicion is that I was targeted by Chinese sources because of my long history of speaking out about China's abysmal human rights record.

 

"My office's computers were cleaned and returned to me by House Information Resources, but ever since this happened, I have been deeply concerned that this institution is not adequately aware of or protected from these types of threats.

 

"I have also learned that this threat exists not only here in the Capitol complex, but also when Members travel overseas. I have been told that, particularly in countries in which access to information is tightly controlled by the government, Members are at risk of having their conversations and information recorded or stolen from their cell phones and Blackberry devices.

 

"As I have shared my office's experience with other Members, it has become clear to me that many Members, committees and other offices of the House do not fully understand the extent of this threat against the security of their offices and how to protect themselves from it.

 

"I have no information to confirm this, but it would seem realistic that the Senate could also be at risk. The committees in both chambers on Government Reform, Intelligence, Judiciary, Armed Services, and Homeland Security should be having hearings on this threat.

 

"That is why I am here today on the House floor. I am speaking out about the threat of cyber attacks from China and other countries on the entire U.S. government, including our military, because of my deep concern about maintaining the security and integrity of our government.

 

"Computer systems control all critical infrastructures, and nearly all of these systems are linked together through the Internet. This means that nearly all infrastructures in the United States are vulnerable to being attacked, hijacked or destroyed by cyber means.

 

"The U.S. government has recognized cyber vulnerabilities and threats to critical infrastructures for over a decade going back to the President's Commission on Critical Infrastructure Protection (PCCIP) in 1997.

 

"However, despite all the activity, reports, funding, and growth in the Department of Homeland Security, little seems to have changed in terms our vulnerability to cyber incidents.

 

"If a major cyber attack or incident were to occur, I have read that many analysts are skeptical that the U.S. government could adequately recover and reconstitute the Internet.

 

"According to a report from the Congressional Research Service, ‘U.S. counterintelligence officials reportedly have stated that about 140 different foreign intelligence organizations regularly attempt to hack into the computer systems of U.S. government agencies and U.S. companies.’

 

"This happens with alarming frequency, according to a recent Business Week article titled, ‘The New E-spionage Threat.’ This article states that U.S. government agencies reported almost 13,000 cyber security incidents in fiscal year 2007 - triple the number from just two years earlier.

 

"Lieutenant General Charles E. Croom, who heads the Pentagon's Joint Task Force for Global Network Operations, said that incursions on the military's networks in 2007 were up 55 percent from the previous year.

 

"The May 31 cover story in the National Journal titled, ‘The Chinese Cyber-Invasion,’ reported that ‘electronic devices used by U.S. Commerce Secretary Carlos Gutierrez and his party during a December 2007 visit to China were invaded using spyware that could steal information.’

 

"Gutierrez was in China with a high-level delegation to discuss trade-related issues such as intellectual property rights, consumer product safety and market access. The Associated Press also reported on this breach. Why did we learn about this in the press instead of from our own government officials? Did our government do anything about this attack?

 

"Our military computer networks are a frequent target of foreign cyber espionage, according to CRS. In order to take advantage of technological innovation, DOD uses Commercial-Off-The-Shelf (COTS) hardware and software in its core administrative functions as well as in the complex combat and weapons systems of all services.

 

"However, DOD officials and other analysts have said that COTS products lack necessary security but that requiring these products to meet military requirements for security would be too costly and difficult for most vendors.

 

"DOD has compensated for these vulnerabilities through additional layers of protective measures; however, despite these measures, DOD systems and computers belonging to DOD contractors remain vulnerable, according to CRS.

 

"On two separate occasions in 2004, for example, it was reported that viruses were found in top-secret computer systems at the Army Space and Missile Defense Command.

 

"China in particular is actively engaged in espionage against the United States. I recently had the opportunity to read the U.S.-China Economic and Security Review Commission's 2007 Classified Report to the Congress, and found the report's conclusions to be very alarming.

 

"The report addresses Chinese activities in the areas of espionage, cyber warfare, and arms proliferation. I strongly urge all Members of the House to read this report, as it gives a clear picture of the threat that China poses to our national security.

 

"In fact, the Pentagon's 2008 annual report to Congress stated that ‘in the past year, numerous computer networks around the world, including those owned by the U.S. government, were subject to intrusions that appear to have originated within the PRC.’

 

"News reports and CRS have divulged that in 2004, an attack code named ‘Titan Rain’ accessed sensitive data files stored on the computer networks of Lockheed Martin, Sandia National Labs, and NASA. This cyber attack went undetected for many months, and the hackers that carried out this attack were believed to be in China.

 

"In 2006, a lengthy cyber attack against the U.S. Naval War College in Rhode Island prompted officials to disconnect the entire campus from the Internet. In 2007, officials temporarily disconnected part of the Pentagon's unclassified network from the Internet in response to a similar attack against the Pentagon.

 

"In fact, according to CRS, ‘DOD officials acknowledge that the Global Information Grid, which is the main network for the U.S. military, experiences more than three million daily scans by unknown potential intruders.’

 

"According to the Business Week article, in 2007, the U.S. government launched a classified operation called ‘Byzantine Foothold’ to combat sophisticated new attacks that were compromising sensitive information at the State Department and at defense contractors such as Boeing, the source of which U.S. officials allege is China.

 

"Business Week's article states that computer attacks have targeted sensitive information on the networks of at least seven federal agencies: the Defense, State, Energy, Commerce, Health and Human Services, Agriculture, and Treasury departments. Defense contractors Boeing, Lockheed Martin, General Electric, Raytheon, and General Dynamics have also been targeted.

 

"Not long ago, few people within the U.S. government or in universities were systematically studying how a massive failure of our infrastructure could seriously disrupt our economy and way of life.

 

"Few understood that we could be vulnerable to damaging attacks launched from overseas using only computers via cyberspace.

 

"The Critical Infrastructure Protection (CIP) Program at George Mason University and James Madison University, which is now six years old, was formed in response to this gap in our knowledge about cyber threats.

 

"At my request, the CIP Program began producing a monthly topical publication on homeland security issues that is required reading in the Pentagon, Homeland Security, DOE and state and local homeland security agencies.

 

"Despite everything we read in the press, our intelligence, law enforcement, national security and diplomatic corps remain hesitant to speak out about this problem. Perhaps they are afraid that talking about this problem will reveal our vulnerability. In fact, I have been urged not to speak out about this threat.

 

"But our adversaries already know we are vulnerable. Pretending that we are not vulnerable is a mistake.

 

"As a nation, we must decide when we are going to start considering this type of activity a threat to our national security, a threat that we must confront and from which we must protect ourselves.

 

"The apparent lack of a sense of national urgency to address this problem only gives those who would wish us harm an extra advantage.

 

‘The Government Accountability Office reported in 2007 that no comprehensive strategy exists yet to coordinate improvements of computer security across the federal government and the private sector.

 

"I strongly believe that the appropriate officials, including those from the Department of Homeland Security and the FBI, should brief all Members of Congress in a closed session regarding threats from China and other countries against the security of House technology, including our computers, Blackberry devices, and phones.

 

"The potential for massive and coordinated cyber attacks against the United States is no longer a futuristic problem. We must prepare ourselves now and develop procedures for responding to this threat.

 

"In recent testimony before the U.S. Senate Armed Services Committee, Director of National Intelligence Mike McConnell expressed concern not only about sources capturing sensitive information, but also about them altering it.

 

"Director McConnell testified that ‘If someone has the ability to enter information in systems, they can destroy data. And the destroyed data could be something like money supply, electric-power distribution, transportation sequencing, and that sort of thing. The federal government is not well-protected and the private sector is not well-protected.’

 

"Members need to know how best to protect themselves, their staff and their official business from these threats. I have experienced this threat first hand, as have others in Congress, and am deeply worried that this institution is not adequately protected.

 

"Congress should take a lead in protecting our government and indeed our country from the threat posed by cyber espionage activities.

 

"James Lewis, the director of the Technology and Public Policy program at the Center for Strategic and International Studies, remarked last year in testimony before the House Committee on Homeland Security that ‘f gangs of foreigners broke into the State or Commerce Departments and carried off dozens of file cabinets, there would be a crisis. When the same thing happens in cyberspace, we shrug it off as another of those annoying computer glitches we must live with.’

 

"The apparent complacency in both the private and public sectors toward this threat is astonishing! We now know about the threat. We must speak out about how to protect ourselves, and formulate a comprehensive strategy with which to respond.

 

"Stephen Spoonamore, CEO of a cyber-security firm called Cybrinth, put the matter succinctly in the National Journal article: ‘By not talking openly about this, they are making a truly dangerous national security problem worse. . . Secrecy in this matter benefits no one. Our nation's intellectual capital, industrial secrets, and economic security are under dailyand withering attack. The oceans that surround us are no protection from sophisticated hackers, working at the speed of light on behalf of nation-states and mafias. We must cease denying the scope, scale, and risks of the issue. I, and a growing number of my peers, believe our nation is in grave and growing danger.’

 

"Mr. Spoonamoore is right. We are making this dangerous national security problem worse by not discussing it openly.

 

"I believe this institution, as my resolution states, should get the facts, and armed with these facts, should take the necessary action to protect the safety and integrity of the House.

 

"In 1789, British Parliament member William Wilberforce, speaking to his colleagues about the slave trade, said ‘having heard all this, you may choose to look the other way, but you can never again say that you do not know.’

 

"We cannot afford to look the other way when foreign sources are threatening to compromise our government institutions, our economy, our very way of life through cyber espionage. We cannot sit by and watch."

Link to comment
Share on other sites

Guest 101010

Cyber Wars have escalated from web site defacing and shutting down sites with massive amounts of junk traffic (DDOS attacks), to elaborate espionage efforts against American military networks. The attackers are believed to be Chinese, and some American military commanders are calling for a more active defense (namely, a counterattack) to deal with the matter.

Link to comment
Share on other sites

Guest Patriot Games

If Chinese hackers hack into the network servers controlling a power plant in West Virginia is that a State of West Virginia problem? No.

Is it the power plant's problem? Yes.

Are they staffed to handle it? No.

 

In our new world not all enemies show up in tanks or hanging from parachutes. If the 'battlefield' is a computer network and its a foreign invasion of that computer network then we have to be able to respond appropriately.

Link to comment
Share on other sites

Guest Jody R. Westby

In June 2007, Pentagon computer networks were allegedly hacked by the Chinese military in what has been called “the most successful cyber attack on the U.S. defense department,” shutting down parts of the Pentagon’s systems for more than a week. Chinese hackers have also been blamed for attacks that compromised German government systems and cyber espionage incidents against the United Kingdom’s (UK) government systems. The Director-General of the UK’s counter-intelligence and security agency, MI5, recently posted a confidential letter to 300 CEOs and security officers on the website of the Centre for the Protection of National Infrastructure, warning them that their infrastructure was being targeted by “Chinese state organizations” and that the attacks were designed to defeat security best practices.

 

Cyber threats do not emanate solely from nation states, however. Government officials have repeatedly warned that terrorists or other rogue actors have the capability to attack critical infrastructure and cause catastrophic consequences. Analysis of the use of the Internet and information and communication technologies (ICTs) by terrorists confirms their interest in and ability to use these technologies for asymmetric attacks. For example, after September 11, the U.S. Federal Bureau of Investigation (FBI) discovered that online users, whose activity was routed through switches in Saudi Arabia, Pakistan, and Indonesia, were exploring the digital systems of emergency telephone, electrical generation and transmission, water storage and distribution, nuclear power plants, and gas facilities.20 Computers seized in Pakistan in July 2005 contained material from “casings” of key financial institutions located in New York, Washington, D.C., and Newark, New Jersey, prompting Homeland Security alerts to these organizations and locales

Link to comment
Share on other sites

I think our government can handle the situation

 

The U.S. Department of Homeland Security (DHS) announced today that it is taking steps to enhance its Homeland Security Information Network (HSIN). Known as HSIN Next Generation (NextGen), the enhancement will provide a secure and trusted national platform for Sensitive But Unclassified (SBU) information sharing and collaboration between federal, state, local, tribal, territorial, private sector, and international partners.

 

HSIN Next Generation will update the current HSIN technology to better enable Homeland Security to meet the requirements of a trusted and secure environment, combined with enhanced capabilities in many areas.

 

HSIN NextGen will provide DHS, our partners, and stakeholders information management capabilities and services including a portal, search, collaboration, enterprise content management, and Service Oriented Architecture-based information integration and analysis functions to facilitate their collaboration and information sharing needs for SBU data.

 

Task order award took place on May 23, 2008, through the Enterprise Acquisition Gateway for Leading Edge Solutions (EAGLE) Indefinite Delivery Indefinite Quantity (IDIQ) contract to General Dynamics One Source, LLC of Fairfax, VA, to develop, operate, maintain, and enhance the HSIN NextGen information sharing and collaboration portal.

 

The initial award is for $18 million and the total potential five year value, if all options are exercised, is $62 million.

Link to comment
Share on other sites

Guest human_*

BlackSun is still making a very good point.

 

Be Very careful of the business relationships that you create abroad.

For it may not be the actual relationship that's being created.

Link to comment
Share on other sites

Chinese National Sentenced for Economic Espionage

 

Xiaodong Sheldon Meng, 44, a software engineer born in China and currently a resident of Cupertino, Calif., was sentenced today to a term of 24 months by the Honorable Jeremy Fogel, U.S. District Court Judge in San Jose and was also ordered to serve a three-year term of supervised release following his prison term; pay a fine of $10,000, and forfeit computer equipment seized in the case.

 

The sentence, the first handed down for a violation of the Economic Espionage Act of 1996 (18 USC Section 1831), was announced by Patrick Rowan, Acting Assistant Attorney General for National Security; Joseph P. Russoniello, U.S. Attorney for the Northern District of California; Arthur Cummings, Executive Assistant Director for the FBI’s National Security Branch; and Julie L. Myers, Department of Homeland Security Assistant Secretary for U.S. Immigration and Customs Enforcement (ICE).

 

On August 1, 2007, Meng pleaded guilty to two national security violations: one count of violating the Economic Espionage Act and one count of violating the Arms Export Control Act and the International Traffic in Arms Regulations. Meng’s conviction was the first involving military source code under the Arms Export Control Act and marked the second case in which there was a conviction under the Economic Espionage Act for misappropriating a trade secret with the intent to benefit a foreign government.

 

According to court records, Meng committed economic espionage by misappropriating a trade secret, known as "Mantis 1.5.5," from his former employer, Quantum3D Inc., with the intent to benefit a foreign government, specifically the People’s Republic of China (PRC) Navy Research Center in Beijing. He did so by using the Mantis 1.5.5 trade secret as part of a demonstration project in attempting to sell products of his new employer, Orad, Hi-Tec Systems Ltd., which was a direct competitor of Quantum3D. The trade secret at issue, known as "Mantis," is a Quantum3D product used to simulate real world motion for military training and other purposes.

 

In addition, Meng violated the Arms Export Control Act by knowingly and willfully exporting to the PRC a defense article on the United States Munitions List (defense article viXsen) without authorization from the United States. The product viXsen is a Quantum3D visual simulation software program used for training military fighter pilots who use night visual sensor equipment, including thermal imaging.

 

According to court documents, the investigation established that Meng had, in fact, misappropriated two defense articles (specifically nVSensor, in addition to viXsen described above), at least six source code products which were also trade secrets, and more than one hundred materials and utilities belonging to his former employer, Quantum3D. Many of these misappropriated Quantum3D products were intended primarily for military purposes. For example, nVSensor is a Quantum3D product used to provide night vision simulation and is exclusively used in military applications for precision training and simulation applications.

 

The investigation also established that defendant Meng was assisting in developing two separate military proposals for two separate Air Forces in Southeast Asia involving visual simulation equipment and source code. Copies of two F-16 Full Mission Simulator proposals involving two different countries were found on Meng’s laptop.

 

"Today’s case demonstrates the importance of safeguarding sensitive U.S. military technology as well as trade secrets. It should also serve as a warning to others who would compromise our national security for profit," said Patrick Rowan, Acting Assistant Attorney General for National Security.

 

Mr. Rowan commended the teamwork of several agencies that worked on the case for nearly four years, including the U.S. Attorney’s Office Computer Hacking and Intellectual Property (CHIP) Unit in the Northern District of California; the National Security Division and Criminal Division at the U.S. Department of Justice; the FBI, and ICE, as well Customs & Border Protection. The Department of State and the Department of Defense also provided assistance on the case. The U.S. Attorney’s Offices in the Northern District of Alabama, District of Minnesota, and Middle District of Florida also joined the plea agreement as some conduct in the case occurred in those jurisdictions.

 

Joseph P. Russoniello, U.S. Attorney for the Northern District of California, stated, "In this case, a Silicon Valley trade secret was used in a demonstration project in Beijing with the intent to benefit the PRC Naval Research Center. Source code for military visual simulation programs to train military fighter pilots and restricted defense articles were also willfully exported outside the United States. We will continue to enforce the criminal laws against those who violate export restrictions and misappropriate our trade secrets. Many of the systems we protect are designed to safeguard our men and women in harm’s way and compromising them significantly adds to the perils that they face in defending us. It is imperative that we vigilantly protect the intellectual property developed in the Silicon Valley and elsewhere in the country so as to maintain as our nation’s military defense advantages, and to deter acts of aggression against vital American interests."

 

"ICE is committed to shutting down those who are willing to put America’s national security on sale for a profit," said Julie L. Myers, Department of Homeland Security Assistant Secretary for ICE. "The export of U.S. military products and sensitive technology is controlled for good reason – in the wrong hands, these items could be used to harm America or its allies. Enforcing U.S. export laws is one of ICE’s top priorities, and we will continue to work with our partners in law enforcement and industry to ensure that those who put our country at risk are brought to justice."

 

FBI Executive Assistant Director for the National Security Branch, Arthur Cummings stated, "Protecting our nation’s most sensitive trade secrets and critical technology is at the core of the FBI mission. The FBI is committed to safeguard our country’s economic well-being and national security."

 

Quantum3D, Inc., based in San Jose, California, has cooperated fully in the government’s investigation. Quantum3D produces hardware and software components for simulation systems for commercial and military customers. Some of the products include high-end visual simulation systems, and interactive, open-architecture visual computing solutions, image generators, and embedded graphics subsystems.

 

Defendant Meng was ordered to surrender for this prison term on August 18, 2008. He has been out of custody after a $500,000 bond, secured by cash and real property, was posted at the beginning of the case.

 

The prosecution is being handled by Assistant U.S. Attorney Mark L. Krotoski, presently on assignment at the Computer Crime and Intellectual Property Section, with the assistance of Paralegal Lauri Gomez. Thomas P. Reilly, a Trial Attorney in the National Security Division’s Counterespionage Section, also assisted on the case. The case was investigated by a team of agents from the FBI and ICE.

 

Prior Economic Espionage Prosecutions: The five cases charging violations of Section 1831 under the Economic Espionage Act (EEA) to date include:

 

The first EEA Section 1831 indictment was returned on May 8, 2001, in the Northern District of Ohio in United States v. Okamoto and Serizawa. One defendant pleaded guilty to false statements and the other remains a fugitive. See: http://www.usdoj.gov/criminal/cybercrime/O...izawaIndict.htm.

 

The second EEA Section 1831 indictment was filed on December 4, 2002, by the Northern District of California CHIP Unit in United States v. Fei Ye and Ming Zhong, CR 02-20145-JW. The first EEA convictions, involving defendants Ye and Zhong, were obtained on December 14, 2006. Sentencing in this case is pending. See: http://www.usdoj.gov/criminal/cybercrime/yeIndict.htm, and

 

http://www.usdoj.gov/usao/can/press/2006/2...plea.press.html

 

The Meng case was the third indictment under Section 1831 of the EEA, when charges were filed on December 13, 2006. It was also the first case to be sentenced under the EEA and the second case resulting in an EEA conviction. See: http://www.usdoj.gov/criminal/cybercrime/mengCharge.htm ; and http://www.usdoj.gov/criminal/cybercrime/mengPlea.htm)

 

The fourth indictment under Section 1831 of the EEA was filed on Sept. 26, 2007, by the Northern District of California CHIP Unit in United States v. Lan Lee and Yuefei Ge, CR 06-00424-JW. For more information, please view the following: http://www.usdoj.gov/criminal/cybercrime/liIndict.htm

 

The fifth indictment under EEA Section 1831 was filed on February 6, 2008, by the Central District of California in United States v. Dongfan "Greg" Chung, No. SA CR 08-00024. For more information, please view the following: http://www.usdoj.gov/opa/pr/2008/February/08_nsd_106.html

Link to comment
Share on other sites

Guest Chinease_Fios

I have Verizon Fios. I just received a replacement router that was custom made in China for Verizon. It wants to auto search via Verizon search, if the requested site is unavailable! I can see where the manufacturer has the power to use our bandwidth for their use! These devices are very scary. Can you say automated censorship?

 

Has Verizon sold up the river for pennies on the dollar? We are so screwed.

Link to comment
Share on other sites

  • 9 months later...

A mystery electronic spy network apparently based in China has infiltrated hundreds of computers around the world and stolen files and documents, Canadian researchers have revealed.

 

The network, dubbed GhostNet, appears to target embassies, media groups, NGOs, international organisations, government foreign ministries and the offices of the Dalai Lama, leader of the Tibetan exile movement. The researchers, based at Toronto University's Munk Centre for International Studies, said their discovery had profound implications.

 

"This report serves as a wake-up call... these are major disruptive capabilities that the professional information security community, as well as policymakers, need to come to terms with rapidly," said researchers Ron Deibert and Rafal Rohozinski.

 

After 10 months of study, the researchers concluded that GhostNet had invaded 1,295 computers in 103 countries, but it appeared to be most focused on countries in south Asia and south-east Asia, as well as the Dalai Lama's offices in India, Brussels, London and New York. The network continues to infiltrate dozens of new computers each week.

 

Such a pattern, and the fact that the network seemed to be controlled from computers inside China, could suggest that GhostNet was set up or linked to Chinese government espionage agencies. However, the researchers were clear that they had not been able to identify who was behind the network, and said it could be run by private citizens in China or a different country altogether. A Chinese government spokesmen has denied any official involvement.

 

GhostNet can invade a computer over the internet and penetrate and steal secret files. It can also turn on the cameras and microphones of an infected computer, effectively creating a bug that can monitor what is going inside the room where the computer is.

Link to comment
Share on other sites

  • 2 weeks later...
Guest Jim Garamone

Defending the Defense Department’s global information grid from attacks cost the U.S. military more than $100 million over the past six months, U.S. Strategic Command officials said yesterday.

Air Force Gen. Kevin P. Chilton, Stratcom commander, and Army Brig. Gen. John Davis, deputy commander of Joint Task Force Global Network Operations, spoke from a cyber security conference in Omaha, Neb.

 

Chilton said Stratcom – charged with overseeing cyber operations – needs to treat computer network operations just as commanders treat operations on the land, in the air or on the sea. Defense Department networks are attacked thousands of times a day, he said. The attacks run the gamut from “bored teenagers to the nation state with criminal elements sandwiched in there.”

 

The motives of those attacking the networks go from just plain vandalism to theft of money or information to espionage. Protecting the networks is a huge challenge for the command, Chilton said.

 

“Pay me now or pay me later,” Davis said in assessing how to handle the threat. “In the last six months, we spent more than $100 million reacting to things on our networks after the fact. It would be nice to spend that money proactively to put things in place so we’d be more active and proactive in posture rather than cleaning up after the fact.”

 

Davis’ command is responsible for defensive and offensive operations in cyberspace. The expenses were in manpower, time, contractors, tools, technology and procedures, he said.

 

Training is needed for personnel to launch both defensive and offensive operations, Chilton said. “We need to train all our folks and we need high-end skill training,” he said.

 

Stratcom operates the Defense Department’s global information grid, Chilton noted. “We also have the responsibility to plan for and when directed to conduct offensive operations,” he said. “As in all domains, a good defense relies on a good offense.”

 

As in land, sea and air domains, the United States wants to retain freedom of action in the cyber domain, Chilton said. “We need to have the tools, skills and expertise in a time of conflict so we can maintain our freedom of action,” he said.

 

Chilton said Defense Department personnel need to change the way they think about cyberspace. “It’s not just a convenience. It’s a dependency that we have,” he said. “We need to change the way we conduct ourselves in cyberspace and hold our military folks to the same high standards that we hold our air, land and sea operators to.”

 

A prohibition on using so-called “thumb-drives” and other portable data storage devices on Defense Department computers will remain in effect, Davis said. “I don’t think anybody realizes how much better shape we’d be in if we just did the basics right,” he said. “People need to just apply the basic rules and procedures that have been put in place to protect ourselves.”

 

While this won’t stop the more sophisticated threats, “it sure will get rid of the thousands of things that clutter the environment,” Davis said.

Link to comment
Share on other sites

  • 2 weeks later...

University of Toronto's CitizenLab discovered and revealed a spy-ring (apparently of Chinese origin) that was gathering intelligence from sensitive government, military and NGO computers in over 100 countries. CitizenLab's researchers managed to gain access to the control server for these spy-trojans, and got an unprecedented look at the extent to which these machines were compromised (for example, they saw the spymasters activating the cameras on compromised machines and watching meetings and other sensitive communications).

Link to comment
Share on other sites

Guest Munk Centre

Cyber espionage is an issue whose time has come. In this second report from the Information Warfare Monitor, we lay out the fndings of a 10-month investigation of alleged Chinese cyber spying against Tibetan institutions.

 

The investigation, consisting of feldwork, technical scouting, and laboratory analysis, discovered a lot more.

 

The investigation ultimately uncovered a network of over 1,295 infected hosts in 103 countries. Up to 30% of the infected hosts are considered high-value targets and include computers located at ministries of foreign affairs, embassies, international organizations, news media, and NGOs. The Tibetan computer systems we manually investigated, and from which our investigations began, were conclusively compromised by multiple infections that gave attackers unprecedented access to potentially sensitive information.

 

But the study clearly raises more questions than it answers.

 

From the evidence at hand, it is not clear whether the attacker(s) really knew what they had penetrated, or if the information was ever exploited for commercial or intelligence value.

 

Some may conclude that what we lay out here points defnitively to China as the culprit. Certainly Chinese cyber-espionage is a major global concern. Chinese authorities have made it clear that they consider cyberspace a strategic domain, one which helps redress the military imbalance between China and the rest of the world (particularly the United States). They have correctly identifed cyberspace as the strategic fulcrum upon which U.S. military and economic dominance depends.

 

But attributing all Chinese malware to deliberate or targeted intelligence gathering operations by the Chinese state is wrong and misleading. Numbers can tell a different story. China is presently the world’s largest Internet population. The sheer number of young digital natives online can more than account for the increase in Chinese malware. With more creative people using computers, it’s expected that China (and Chinese individuals) will account for a larger proportion of cybercrime.

 

Likewise, the threshold for engaging in cyber espionage is falling. Cybercrime kits are now available online, and their use is clearly on the rise, in some cases by organized crime and other private actors. Socially engineered malware is the most common and potent; it introduces Trojans onto a system, and then exploits social contacts and fles to propagate infections further.

 

Furthermore, the Internet was never built with security in mind. As institutions ranging from governments through to businesses and individuals depend on 24-hour Internet connectivity, the opportunities for exploiting these systems increases.

 

This report serves as a wake-up call. At the very least, a large percentage of high-value targets compromised by this network demonstrate the relative ease with which a technically unsophisticated approach can quickly be harnessed to create a very effective spynet…These are major disruptive capabilities that the professional information security community, as well as policymakers, need to come to terms with rapidly.These are major disruptive capabilities that the professional information security community, as well as policymakers, need to come to terms with rapidly.

Link to comment
Share on other sites

Guest Munk Centre

Trojan horse programmes and other associated malware are often cited as vectors for conducting sophisticated computer-based espionage. Allegations of cyber espionage (computer network exploitation) are increasingly common, but there are few case studies in the unclassifed realm that expose the inner workings of such networks.

 

This study reveals the existence and operational reach of a malware-based cyber espionage network that we call GhostNet

 

Between June 2008 and March 2009 the Information Warfare Monitor conducted an extensive and exhaustive two-phase investigation focused on allegations of Chinese cyber espionage against the Tibetan community.

 

We conducted feld-based investigations in India, Europe and North America. In India we worked directly with affected Tibetan organizations, including the Private Offce of the Dalai Lama, the Tibetan Government-in-Exile, and several Tibetan NGOs. In Europe and North America we worked with Tibetan missions in London, Brussels, and New York. The feldwork generated extensive data that allowed us to examine Tibetan information security practices, as well as capture real-time evidence of malware that had penetrated Tibetan computer systems.

 

During the second phase of our investigation, the data was analyzed, and led to the discovery of insecure, web-based interfaces to four control servers. These interfaces allow attacker(s) to send instructions to, and receive data from, compromised computers. Our research team successfully scouted these servers, revealing a wide-ranging network of compromised computers. This extensive network consists of at least 1,295 infected computers in 103 countries.

 

Signifcantly, close to 30% of the infected computers can be considered high-value and include the ministries of foreign affairs of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan; embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan; the ASEAN (Association of Southeast Asian Nations) Secretariat, SAARC (South Asian Association for Regional Cooperation), and the Asian Development Bank; news organizations; and an unclassifed computer located at NATO headquarters.

 

The GhostNet system directs infected computers to download a Trojan known as gh0st RAT that allows attackers to gain complete, real-time control. These instances of gh0st RAT are consistently controlled from commercial Internet access accounts located on the island of Hainan, People’s Republic of China.

 

Our investigation reveals that GhostNet is capable of taking full control of infected computers, including searching and downloading specifc fles, and covertly operating attached devices, including microphones and web cameras.

 

The vector for spreading the GhostNet infection leverages social means. Contextually relevant emails are sent to specifc targets with attached documents that are packed with exploit code and Trojan horse programmes designed to take advantage of vulnerabilities in software installed on the target’s computer.

 

Once compromised, fles located on infected computers may be mined for contact information, and used to spread malware through e-mail and document attachments that appear to come from legitimate sources, and contain legitimate documents and messages. It is therefore possible that the large percentage of high value targets identifed in our analysis of the GhostNet are coincidental, spread by contact between individuals who previously communicated through e-mail.

 

Nonetheless the existence of the GhostNet network is a signifcant fact in and of itself. At the very least, it demonstrates the ease by which computer-based malware can be used to build a robust, low-cost intelligence capability and infect a network of potentially high-value targets.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...