China hacking computer systems

You know, back in the day, I was raised on the Soviets starting WWIII. Don't know how true any of that was, but China isn't even the same I don't think.

China has become an economic power house because of us. Ruining us does not do them much good. They could dump our debt and nuke us financially.

A while back the military put out a report that all their chips came from China. They were afraid they could put dormant code into them and activate it at some time in the future... they were worried they could completely immobilize us.

They hack into our financial networks, our energy networks, our military networks... But again... if the U.S. falls (economically), so does the rest of the world... and nobody buys their crap.

Im more worried about our own government destroying us than I am the Chinese.

Nope on both accounts, because there's nothing I, or anyone, can do about it.  Safeguards like firewalls and stuff like that stop the 95% out there that are just messing around.  If it is a Gov't and they have some truly talented hackers, you're not going to stop them, so there's no point in trying or worrying.  Take your electronic security as serious as you ever have, but beyond that there's little value in changing anything.

And they're swiftly also becoming a technology powerhouse... also because of us.

When are we going to STOP GIVING them the keys to the country?

I work at a leading edge tech company, we have been and continue to be the target of these attacks.

Some are clumsy and some are very well executed.  One prolonged attack was not found by us but was brought to our attention by a US security agency responsible for catching and monitor this type of activity. (US Govt. Agency had our back!)

It's very real, the targets are apparently high tech companies and the goal in our case was intellectual property.

I doubt as individuals we are particularly interesting to foreign Governments or companies that have the ability to sponsor this level of hacking, but as individuals that work for US companies we are indeed interesting.

Normal rules apply, up to date protection software is a must, vigilance when online/working with your emails etc. 

I've been wondering this for awhile, but I don't see why all these big companies are trying so hard to get into China. To me it seems fairly obvious they demand your proprietary knowledge, help set up a government run competitor and then eventually you get pushed out by competition of your own doing.

I think I am more concerned what our government will do to try to prevent the attacks.  IE: The great american firewall. 

It is pretty clear they are more interested in intellectual property and perhaps the ability to control/access critical systems.  Probably not much different than the 80's when our ships mirrored Russian ships and we both tried to get as close as possible without the other noticing. 

I'm in IT and with deep knowledge around IT security...

Am I concerned?  Yes.  But they've been doing this for years.
Will it change any of MY behaviors?  No.

The tool they use is email.  Why?  While websites can be blocked and Trojans and worms can be filtered, you have to let most legitimite email on in.  Most companies and organizations concentrate on "border security", their firewalls, content filters, and hygiene.  But legit-looking email has to be let on through in order to conduct business.  It's very difficult to prevent at the border.  ey can spoof the return address to make it look legit, but good stewards of SPF Records can stop that.  But the problem with SPF's is that EVRYONE has to do it and keep up with it.  The easier way is to hack a known partner/friend, infect their machine and let them email your target for you.

So what's the answer?  SOCIAL ENGINEERING!  EDUCATION AND AWARENESS!

My Corporate Communications Department is sick and tired of my requests to get things published and to get more mandatory training classes forced on people.  And I actually have a very weak Info Security Dept. in the company I work at, so I don't get much support and teeth behind my efforts.  But the fact of the matter is, people need to realize...

1. When you get a strange email from an unknown source or the name doesn't quite match the return address showing, don't open it.  Alert InfoSec and ask them about it.  If you do open an email and it contains web links (URLs), NEVER click on them unless you're 100% proof-positive that you know it's legit.
2. Know what phishing emails look like:  FedEx notices, bank notices, emails to verify something that shouldn't need verifying.  Anything that asks you to "click here to..."  If you have ANY question, contact InfoSec.
3. The Help Desk will never call you and ask you to verify your password.  The "Desktop Support Group" won't send a tech to your desk without your requesting it to "verify or update" anything.
4. Regardless of whether your company filters web sites or not, never visit risky, dangerous sites (especially p0rn) either on the company network or if you take that laptop home.
5. Don't have family and friends email you at your work address.  They're the ones most often with the infected machines.
6. If you find a USB flash drive "thumb drive" lying on the floor or in the parking lot, turn it in to InfoSec.  NEVER plug it in to see what's on it.  (With all the movie-hype around 'hackers' breaking in over the Internet, sometimes it's the simplest ways that work the best.)
7. If you deal with sensitive company or PII (personally identifiable information) data, keep it encrypted and stored on a secure company server.  Don't email it.  Treat your work computer as a company-owned device and not only accept that the company could inspect it and look at everything on it, ENCOURAGE it to protect YOU!
8. When using a company laptop, NEVER log on to a free, unsecured, public wi-fi hot-spot.  You think that it's Starbuck's wi-fi, when in fact it's someone broadcasting to ensnare you to connect through their malicious machine.  If you travel, ESPECIALLY TO CHINA, simply don't connect to the Internet at all.  Period.  Anywhere, anytime.  Assume ALL are unsafe.  Some companies like PWC and Deloitte have policies in place such as this.
9. Know your physical security measures at work and don't treat them lightly.  That person "shadowing" you, "Excuse me!  Please hold that door." after you badged in and you think you're being nice for them because their arms are full.  Well you just let someone in the building.  If the network group doesn't have all of the unused ports shut down, they can simply find an empty cube, sit down, plug in, and go to work.  Are you going to question it?  Maybe a new employee that you just haven't met yet?  (Again, with all the movie-hype around 'hackers' breaking in over the Internet, sometimes it's the simplest ways that work the best.)
10. Take the training offered.  Learn how to operate in the digital age.

Information Security operates under the simple assumption that the company has been, will be, and currently is being hacked and breeched.  One of the most important parts is vigilence and "choke points' of information transfer so that the data can be inspected in transit.  The malicious code may have gotten in, but as soon as they try to get data out, the faster it can be spotted and locked down, that's where they want to be.

I've seen it on both sides.  Companies that were able to instantly spot the activity and either shut it down or plant honey-pots or reverse-track the criminals.  And I've worked for a company that was actively being breeched (thank you Albert Gonzalez - go ahead and Google him) over 4 months, undetected, in which over 4 million credit/debit cards were stolen (including PINs).

I'm sorry but hot european women want me everyday, I'd be a fool not to view their emails.

The US military is actively, and secretively on the offensive attack.  We and Israel worked together to create Stuxnet as an offensive weapon against Iranian nuclear facilities... with great success I might add.  They're not sitting back simply putting up walls against the Chinese (see my earlier post).  Walls don't help when they get in through the email front door.  They firing back.

The current liklihood isn't to do infrastructure or military damage.  It's pretty much all industrial espionage to steal US corporate innovative secrets and designs.  The US is still very innovative in new everything and for 60 years the rest of the world has pretty successfully kept up by stealing that information.  Economic war to maintain the trade imbalance.

The term "The great american firewall" was a gross generalization.  In the article I read, information will be provided to our carriers to help identify signatures of the attacks.  I can only assume this will be either used to prevent/stop an active attack or identify and report the attack(I would expect the latter is most likely).  I see it as another hook our government will have into our providers and that is the component I do not like.

Albert's story is a sad one.   An extremely intelligent person that was left to his own devices and ended up using his abilities for "evil".  

Disclaimer:  I am Chinese

What I don't understand it, why do people keep wanting to invest in China?  Why are the Western countries giving China so much tolerant? I get the vast population thing and low labor cost.  Yes, if you make $1 on each person in china you will make 1.3 billion.

But deal with China seem to cause more headaches.  The constant vigilance of raw material quality, trying to guard your own technology so that people don't steal them, the inconsistent regulations, the corruption... don't they all add up to the cost?

I am no business person.  I am all for improving Chinese people's living but just don't like to see the influx of money creating snobby and unreasonable Chinese people that I see so often. 

IMHO, Most Americans are very short-sighted.  Short-term cash gains.  Quaterly statements.  Go into debt to live high now and worry about your future later...  Many people/institutions/funds invest in China thinking inside of 24 or even 12 months.  We're just not a culture that plans for the long-haul.  Take one look at our government, laws and policies and that's all the proof you need.

IBM sold their PC division to a Chinese company. Where was the uproar?

I had a visit from gentleman at CERT (now US-CERT, part of DHS) when I was working for the government. Someone had hacked accounts on the supercomputers I had responsibility for. This has been going on for years.

I now run a tech company. We put up a new server two weeks ago. 2943 attempts to break in yesterday alone. Sometimes it's fun to look up where they are coming from. They resolve to seven addresses. Two were in the US, probably just kids based on the fact they tried a handful of times and quit.

 The rest resolved to three domains in China, and this one, which I found entertaining:

netname:        JINR-NET
descr:          Joint Institute for Nuclear Research
descr:          Fundamental Experimental Physical Research
descr:          Dubna, RUSSIA, 141980

A real place, just North of Moscow.  I know, I have been there.  Interesting few weeks, I was an Ex British Military engineer teaching American Satellite technology to ex soviet comms engineers in the Dubna Nuclear research facility.  Was very interesting to be taken on tours of their facility. 

Interesting fact about that place, there is a 34 meter satellite dish (pretty large) from the cold war days that was part of a direct comms link to the good old US of A in case of imminent Nuclear war.  was one of a few links that were direct leader to leader "in case of emergency" links.

BT is so educational! Real live 'moose and squirrel'

I would bet dollars to donuts someone hacked them and is using one of their machines to do these port scan/brute force ssh attacks. 

When we flew up to Portland, ME and started poking around, at first we guessed it was the Ukrainian mafia that had cracked us.  Nope.  Mr. Gonzalez was very good about zombie-botting machines all around the world.  Multiple countries, corporations, universities, etc.  All zombie-infected and ready to do his bidding (from within the FBI field office in Miami, I might add!!!!)

I live and work in China.   I am a laowai. (old outsider)   Tomorrow is my one-year anniversary in this position.

My company has been operating in China for over 40 years.  Our company folklore is:  "Nixon came over on the first plane, and our CEO came over on the second."

We make a healthy profit in China.  Labor is cheap here, there are plenty of skilled workers, and we compete in an area that requires significant technological innovation.  We have an excellent reputation for quality and reliability, and unfortunately, for high cost.

And yet, we survive and thrive.   Many, many companies attempt to come to China and sell their products.  Many times, they bring the designs and implementations from their home market and just drop them into the China market and think they're done.   Companies that operate this way in China last maybe, maybe 5 years.  Very few people in China can truly afford western products.  In that time, their products will be copied and manufactured at much lower cost and quality, and the Chinese will buy the copies because they can afford them.  

Companies that are successful in China operate through joint ventures.  All of the automotive companies operate this way.  BMW builds their 3-series and 5-series vehicles in-country through a JV partner.  Their flagship models are still built in Germany, because the people that can afford them don't care about the cost.   JV partners get a little peek at the technology and they can go implement some of it in their domestic models.   They don't do a blatant rip-off because they don't want to make their JV partner mad. Everyone goes home happy, and everyone makes a pile of money.

In the end, companies come to China to have access to a market of 1.3B people, with a middle-class that's growing at an alarming rate... and they've got money to spend.   Yes, there are plenty of headaches when dealing with China.  However, when you create solid partnerships, you can manage it quite well.