T Nation

Chinese Hack Pentagon


#1

Report: Chinese Military Hacked Into Pentagon Computer System
Monday, September 03, 2007

A Pentagon computer network was taken down for more than a week after the Chinese military hacked into it in June, the Financial Times reported Monday.

A computer system serving the office of U.S. Defense Secretary Robert Gates is believed to be the victim of the cyber attack. While the Pentagon would not say who may have orchestrated the plot, a senior official told the Financial Times that the People�??s Liberation Army may have been the culprit.

It is not clear how much data was downloaded from the system, but a person with knowledge of the attack told the Financial Times that most of the information was probably �??unclassified.�??

President George W. Bush is expected to meet with Chinese president Hu Jintao this week before the Apec summit in Australia."

I thought the Chinese were now our friends. Guess the old hardliners are still reluctant to see things our way...

We need to put a few more McDonald's in Beijing...bring 'em around.


#2

insert joke about asian nerds playing WoW all day here


#3

I am surprised they were caught.

We do the same thing all the time.

All is fair...


#4

I know the NSA uses encryption based on quantum mechanics, as does the CIA. I'm surprised the Chinese were able to get in at the Pentagon --- must have old defenses.


#5

Huh? Didnt the Chines Prime Minister promise last week to Merkel when she was in Beijing that they would stop hacking into german government computers?

They cant be to smart if they keep getting caught..


#6

You could use quantum mechanics, fill your fiber conduits with concrete, and put tiny tin foil hats on every computer all you want, it won't change the fact that the attacked machine's OS is vulnerable. I'll remind you that Microsoft has given out their source code to the Chinese, which opens many windows (pun not intended) for finding exploits.

So, "old defenses" has got nothing to do with it. If it's hooked up to the web, it's potentially breakable. And it's fair to assume that Gates' crew google things out once in a while. We are not talking about classified computers here. Chances are it's regular IP here; not some fancy protocol.

It's not much of a story really. America has been messing with the Chinese systems for years. Also, how do we know that it's the first time the Chinese get into your systems?


#7

Encryption is usually done during communications; sometimes for storage.

If you can manage to hack into a network, you might be able to intercept those communications before they get encrypted, or compromise the storage so that you get an unencrypted copy automatically during transactions.

When you cannot attack the encryption, you attack to process. It is enormously difficult to secure every step of the process and to have it used transparently by the users.

Most likely, it's one of the less secured networks that got compromised.

And maybe you "know" that they use quantum encryption, but I'm pretty sure that for most needs, they use good old non-quantum methods; maybe with internally developed algorithms, but even there I'd bet that RSA and AES are more than enough for 99% of their needs.

What I'd like to know, is how they can be sure it's from China. Maybe its from a Russian source using compromised Chinese computers. Hell, it could be the NSA itself testing the Pentagon and bouncing their "attacks" through Chinese proxies.


#8

One would hope they are not quite stupid enough to run their publicly-facing firewalls under a non-hardened installation of Windows...


#9

A class I teach, using a book written by a bunch of dweebs at the University of Chicago, discusses using prime numbers for encryption, how that's getting more difficult to do, and advanced users (guess who) have begun using QP instead.

The emphasis is on the primes and it is math class, so the details of how this is done are not in there.


#10

I don't know, I'm not enamored with the language used here. What exactly is serving the office of in terms of importance. Was the secretary, the one that answers the phone, scanning porn sites or something stupid on a personal PC?

If the computer was something special, perhaps we can find a story that indicates something a bit more concrete.

Hell, the language given is pretty damned loose. Until I read something with a bit more meat to it I'd have to wonder if it was just a publicity ploy to harden American attitudes towards the Chinese or to create a bargaining chip.

I also love how raw speculation is tossed out. Heck, maybe it was Santa Claus. Is this speculation based only on an IP address? Does the PLA have a hacking headquarters with a known static IP address or something?

Hopefully these shortcomings are just the result of a reporter that is clueless about these issues. Details please!


#11

If its just regular IP then a hacker from Sweden could of hacked Chinese computer and then U.S. Pentagon computer,you think??

Or better yet, a hacker from U.S. hack computer from Sweden then hacks Chinese computer then U.S. Pentagon computer....chain-linking? Nonsense of course...or is it?? Hmmm....


#12

They will promise the world but only a fool will believe them.


#13

The main problem with quantum encryption is that it requires special equipment for all parties involved, while standard encryption can be done on any regular computer. The more you spread it's use in a large bureaucracy, the more chance you have of someone, somewhere doing it wrong and leaking critical information by not following the proper safety protocols.

Last time I checked, QE was used only for key exchange, not entire messages. So if you can manage to acquire a key, you're good to go. Personally, I wouldn't even bother, there's a lot more chance that any number of highly classified documents can be found unencrypted on employee laptops, in temporary files or by checking the swap file.

Some of the most successful hackers get their information using "social hacking" where they phone humans and pass themselves off as tech support, IT security, etc. While QE is in itself perfectly secure, the surrounding process and especially the people using it, are not.

Do they touch on elliptic curve cryptography? AFAIK, it's currently the strongest non-quantum system we have, allowing much shorter key lengths to be used.


#14

Computer in the DefSec office with non-classified data and connected to the net?

I wouldn't discount the idea this was bait and the Chinese were trapped on this prior to the economic summit.


#15

True.


#16

My students are primarily interested in how they could use this info to created bank cards (finding PINS and check-digits) and rob ATMs. Really...

I'm interested in encryption. What's a good read?


#17

Crypto is not going to be of much use here.

A hidden card reader with a dissimulated camera to read the PIN will work much better. It's already being done by people who can't even spell the word "encryption."

I hope your students look good in orange jumpsuits, because they apparently won't be among the smart criminals who get away with it...

Applied Cryptography by Bruce Schneier is a pretty good starting text.


#18

That's what I'd like to know. How to they confirm the originating source is in China?

Maybe the attacking IP is in China, but without access to that computer, there's no way to know whether it's being controlled by a local user, or by a remote attacker who could be anywhere in the world.

Did they find a lootkit, a vilus or a tlojan and that gave it away?


#19

Depends on what you're looking for. The topic is quite vast. Anyway, my personal favorite is Bruce Schneier's Applied Cryptography.


#20

I just moved recently, so I can't find the book, but the title Applied Cryptography does ring a bell. It's a thick enough book that it will keep you off here for a while... woohoo!