White House announces sanctions against countries waging cyberattacks

I bet an imaginary nickle that the US does just as much, if not many times more, cyber attacks as any other nation.

Washington hypocrisy at its finest, most likely.

Originally posted by roadgravel
I am proposing the big company hacks are not that new. Of course, they escalate if results are had and nothing is done to reduce them. Very few people were aware of this years back. It was not the average news item.

But along your lines, China will go with more and more if they can.

In my reply to you,when I write that I'm well aware of the history, I'm agreeing with you on the history.

So they punish countries instead of individuals responsible? So if I really wanted to screw with some country, like sweden all I have to do is do "cyber attacks" from there? Or does this only apply to china?

[Edit to add] And who are they punishing for the cyber attacks that come from US? Like anon? Do they punish themselves??? Confuzled

The US will punish whoever that want to punish. Who is the backing party can always be twisted.

We can always trust the facts from the intelligence community, correct.

The is good news, if we wage sanactions against contries waging cyber attack we win twice,

We put Wal-mart out of buisness and we get ride of that cheap Chinnese made crap that is being sold there and the Chinness will loose profit from the US.

Lets DO it.

reply to post by roadgravel


You realize that the end game is sanctions / restrictions imposed on the internet use of the American public, right?

reply to post by NickDC202

That well may be part of the desired end result. I don't think it is the main point. The US knows that cyber warfare will be a major battle field in the near future. The high dependency on the internet make for bigger damage from afar.

reply to post by roadgravel


It is baffling that you don't see it as the main point. Trust me when I share I'm not one of those people who thinks everything is an inside job. Aaron Schwarz is dead, he led the opposition to SOPA. Now the strategy is make sure people believe that without government control, their financial security, identity and the U.S. infrastructure is vulnerable to being compromised. We both know the mouth breathers will fall for this drivel hook, line and sinker and internet regulation will be reality. It's as simple as a fabricated public relations campaign.

reply to post by NickDC202


I'm sure the government would like to control what goes over the internet as much as possible. But the conflicts between countries via cyber space is real. The MIC has ramped up money and personnel. It's a two fold thing at least. No doubt they will use the issue on as many fronts as they can.

This is not me saying that the day will not come when cyber conflict has our government killing the net with the national security as a reason. But that also would cripple big business.

reply to post by MDDoxs



White House announces online espionage response policy

HAH then this group is screwed
N. S. A
LOL

ohh its just for foreign country , dang!


"If the Chinese government flew planes into our airspace, our planes would escort them away. If it happened two, three or four times, the president would be on the phone and there would be threats of retaliation,” he adds

what he forgot to mention is "unless they have all our cheap chinese made goods on them"

i love all the talk about chinese, what about all the israeli hackers, hell we caught them 16 times in less than 10 years on espionage and nothing happened, lol all we did was "send them back" only pollard recieved any punishment in the last time they were caught heh. i highly doubt we would put sanctions on israel lol yet many rumors they can shut down irans nuke plants with stux. so if they have same capabilities how do we really know its the chinese and not them just sitting in a hotel in china?

I was wondering how long it would take before The American Propaganda Machine hammered away at China, given they're chest-deep in the regions of Africa that the U.S. would like to invade.

Not long. And the method is brilliant.

I realize this is a conspiracy board - but guys - this is the real deal.

Did any of you actually read the Mandiant report? I did - it's required reading because I'm a Federal Government employee working in the field of IT / Information Assurance / Cyber security.

Mandiant has, with a doubt, accurately traced these attacks back to China.
In the security world, we refer to "things" like this as "APT" - or "Advanced Persistent Threats". In the report, Mandiant refers to the Chinese unit "61398" as "APT1". Their data is well founded, and definitely points to the Chinese Government (specifically the PLA - Peoples Liberation Army) as the culprits.

I see that a lot of you are making jokes about this - but make no mistake - this is cyber warfare on an unprecedented scale. Unit 61398 (at a minimum) has 1000+ systems they use as purely attack machines.
That means that on top of the daily use computers these "cyber warriors" have, they have an ADDITIONAL 1000+ machines they use as attack machines.

Mandiant refers to these machines as their attack "infrastructure". Of these, over 3000+ fully qualified domain names have been assigned to the machines in this infrastructure. That is staggering gentleman.

Unit 61398 writes custom backdoors, rootkits and exploits. They are designing sophisticated trojan horses and malware in house. One such example is a backdoor they use that communicates from a victim machine back to it's C2 (C2 = Comand and Control) machine via a webserver. The webserver issues commands to the victim via hidden fields in the HTML page it serves up. This is unlike any other backdoor ever seen before in the wild.

Unit 61398 targets Government, and certain specific fields in the private sector (intentionally) to steal sensitive and propietary data. Then they use what they have stolen as advantage in the real world defense sector (like stealing data on the F-22 Raptor or Joint Strike Fighter and it's associated technologies) or business sector to give them a leg up on competitors (like us).

Of what we know so far, they have stolen something like 40 TERABYTES of data.

The thing you have to take into account is - these hackers need resources. They need computer systems, connectivity, food, housing, etc etc. Who pays for all this? The Chinese Government does. And they are completely denying it.

Right now - at least the defense sector - is still just trying to play catch up to secure our systems. We are not in attack mode. This is what makes this report so crucial. The United States is scrambling to defend itself from the onslaught of Government sponsored hackers (like Unit 61398), hacktivists (like Anonymous), and other script kiddies who want to make a name at the Governments expense.

It's scary stuff guys, and it's hurting our economy and our way of life more than you realize.

This will not work at all and is foolish.

China is one of the biggest supplies of electrical parts and components, not to mention they have about 90% of the worlds reserve of a highly important metal that is used to make electrical items. I forget the name of this metal but they have almost all the mines for it, and if they hold out on it, whoever is on the wrong end of that will be screwed big time.

This is a bit hypocritical considering that the U.S itself is currently waging cyber warfare against Iran and who god knows how many other countries we don't know of.

From a national security POV i can understand why they want to sanction countries that wage cyber war against them but there is an old saying that says "People who live in glass houses should not throw stones". If you can dish it then you should be able to take it.

reply to post by Lostmymarbles


I think you're referring to neodymium. China is the largest miner of the "rare-earth", though to my understanding it's not all too rare.

Brazil just found a huge chunk of it.

I wonder if this will apply to Israel as well. I know many cyberattacks against US government systems originate in China, but what you do not hear are how many originate from Israel. Of course I cannot prove that the Israeli government is behind these attacks, as it could simply be some well-funded and equipped group of hackers independent of the government...but you would be surprised how much supposed "allies" attempt to spy on one another.

Originally posted by zeeon
Right now - at least the defense sector - is still just trying to play catch up to secure our systems. We are not in attack mode. This is what makes this report so crucial. The United States is scrambling to defend itself from the onslaught of Government sponsored hackers (like Unit 61398), hacktivists (like Anonymous), and other script kiddies who want to make a name at the Governments expense.

It's scary stuff guys, and it's hurting our economy and our way of life more than you realize.

I sense that you are being very sincere in your post, and if all is as you state I understand how serious of an issue this is for you. In an older post regarding the defacement of the US Sentencing site with the game Asteroids almost immediately after it had been recovered from a previous defacement, I raised my thoughts and concerns regarding how quickly and seemingly easily the site was defaced again. Our government budgets a fairly significant amount of money in the name of cyber-security, and no insult to you personally, but one would expect the experts they employ to be one step ahead of (I assume) some guys with minimal financial resources to keep them going, mainly inspired to keep going by an ideal, (based on some things I've read some of those ideals are shared by all Americans who believe in the Constitution) probably using home built computers sitting drinking energy drinks and going over lines and lines of code and information to find a way to claim the attention of those they know have the ability and resources to make those ideals see reality again.

This raises the question, are these "hacktavists" technically superior to those our government hires to secure their system, or are they just more driven by their ideals, than the average tech worker who earns a good living and goes home at night is? I do know years ago there was at least one female hacker I knew of who was caught and due to her technical skills she served out her sentence working for the military and continued on after her time was served so it could go either way.

Regarding the last line that I quoted from your post regarding how much it was hurting our way of life and economy, In another earlier thread regarding Anonymous here there was reference to a news article Successful hacker attack could cripple U.S. infrastructure, experts say as the article went on about all the horrible things that could happen I came across a quote that was so incredibly ironic that I almost couldn't believe they printed it

What worries Dmitri Alperovitch, co-founder of the computer security company CrowdStrike, is a coordinated attack against banks that modifies, rather than destroys, financial data, making it impossible to reconcile transactions. “You could wreak absolute havoc on the world’s financial system for years,” he said. “It would be impossible to roll that back.”

A coordinated attack against banks?? The damage he describes has already been done....by the FED, World Banks and other large banks. Anything that a coordinated attack against banks could do would pale by far in comparison to what the Corrupt Banking systems have done, and cost us

I realize in your field and frame of focus, concerns regarding securing the government networks and infrastructure against cyber attacks from foreign countries that have already hit these systems as you attempt to secure them is scary stuff. And I understand that. Looking at all these issues through my eyes, I see some things a bit differently, I am right there with you regarding the serious nature of the cyber attacks from china. That needs to be blocked.

Quoting so the rest will fit : On the other side of the coin, some of the issues Anonymous acts upon, such as the asteroids issue, relate to serious issues that could effect us "little people aka US Citizens" Unlike Corporations and Large Banking groups who pass millions through their lobbyists to get what they want They like many of us don't have that kind of cash rolling around doing nothing, they instead used the skills and tools at their disposal.and I for one have to admit that what I have seen over the past couple of years is more than astonishing it's simply outrageously unacceptable. If caught and prosecuted these people will face hefty prison terms and very serious fines, and before you allow yourself to hit that knee-jerk reaction that they are criminals or whatever and deserve what they get, Why are they subject to harsh sentencing, when our major banking outlets stripped the entire world of trillions of dollars or more, demolished the global economy, while stuffing their pockets with what they took from us, yet we our taxpayers, the people who work hard to hold on to what they have and take care of their families took the hit as our government bailed these banks and corporations out. Where are the charges of fraud, the charges against them for stealing such incredible amounts of money from us, where are the prison terms.....that we the "little people" would face were we to do the same thing?

So does this mean that our government is going to tax chinese imports now? Nice way to tax the American people isn't it. China isn't going to lose a cent, we the people are. Does our government think nobody will see through this?

reply to post by Pixiefyre


Hi there, sorry for the late response! Been a busy week so far. Thanks for the well thought out reply. I'll try my best to answer it.

First, about the security paradigm; I've already explained this at length, on this post here that goes into details on how we do what we do (secure systems) and why there are always going to be vulnerabilities and inherent risks associated with those systems.

About the banks - well I'd have to agree with you. It's not fair. I certainly support "Ending the Fed" and cleaning house so to speak with these corrupt banksters. To answer your question succintly - robbing people when they give you permission is legal. Even if it is tantamount to robbery. Robbing and stealing anything (including information, which is what Anonymous mainly does) without permission is illegal.

Seems to me that the laws need to be re-written to address this. But, right now - that's how it is. Unfortunately for Anonymous, you and me.

On the part about that security expert you quoted and all the "damage" hackers could do to the banks - that's a bunch of hogwash. As if banking institutions don't have ledgers, constant live on-site and offsite backup data of all transactions - of course they do. It'd cause a minor interruption at most. I'd guarantee you that banks have dual, triple and even quadruple redundant fail-over systems in place in case of such an attack.

I hope that answers your questions! If not, let me know and I'd be happy to clarify.