New Data Suggests Increase in Aggressive Hacking by China.

[Trik'Stari]

ArsTechnica has done a pretty good job with the following story. Reporting that recent data from incident response companies is showing that China has aggressively increased it's state-sponsored hacking programs. Not only have the attacks become more frequent, they've also apparently become more destructive, stealthier, and more resistant to responses by the entities being hacked.

 

Quote

Remember the good old days, when the US and China were supposedly working out new norms for the cybers, and China was going to stop all that hacking of US companies to steal intellectual property? It turns out the Chinese were just upping their hacking game, improving their operational security and penetration skills—learning from the methods of their Russian counterparts.

 

Quote

Based on data from incident response companies gathered by the security software vendor Carbon Black, China is now the leading source of cyber-attacks. Of 113 investigations conducted by Carbon Black's incident response partners in the third quarter of 2018, nearly half—47 in total—came from China or Russia.

 

"What was notable was that we saw a resurgence of Chinese attacks, where they actually surpassed Russian activity," said Carbon Black's chief cybersecurity officer, Tom Kellermann. "And I think that's in direct line with the increasing tension with the South China Sea coupled with the trade war. Essentially, the Chinese have taken the gloves off."

 

Quote

"The Verizon data-breach report, which we all appreciate as being probably the best report out on data breaches, always failed to explain why [dwell time] was over 130 days," Kellermann told Ars. That Verizon report "talked about the vector and some of the weaknesses in security but never described why that dwell time was so expansive. This report is specifically trying to drive out how are they getting in, how are they staying in, how are they moving laterally, how are they changing, and are they becoming more punitive."

 

And, in fact, attackers on the whole do appear to be turning more "punitive"—engaging in more destructive behavior either as part of a deliberate sabotage campaign or to counter the efforts by victims of intrusions to respond to them. But as far as the Chinese attackers go, it's clear that they have also significantly upped their game, improving their stealth and tactics in a way that has allowed them to dig deeper into targets and stay longer than before.

Quote

The trend suggests, Kellermann said, that the days of "the straight burglary" of data are now gone, and sophisticated attackers are turning toward the tactics of a home invasion. Kellermann compared most companies' tactics in dealing with intrusions to responding to an intruder by "standing at the top of the steps and shouting 'I've got a gun and the police know you're here' and assuming that would scare them away." The problem with that approach, he noted, was that it assumes that there is only one intruder, that the threat is enough to intimidate them to leave, and that the intruder(s) "would not get punitive enough to come upstairs and set the house on fire."

Source: https://arstechnica.com/information-technology/2018/11/new-data-shows-china-has-taken-the-gloves-off-in-hacking-attacks-on-us/

 

Personally, I do not like seeing this. This kind of escalation makes me think worse things could be coming, but maybe I'm just a worrier. Then again, even on a website who's commentor base I would describe as "heavily left leaning" are biting back at the few commentors who just want to blame the current POTUS. Saying things like "this is nothing new, the Chinese government has been doing this for decades and has always had plans for global domination". So I feel like this kinda transcends politics. At least "local" politics.

 

A great question worth asking:

 

At what point do we consider cyber crimes or cyber warfare to be equal to actual physical crimes or an actual attack by a "hostile nation"? At what point would a military response (whether physical or digital) be considered warranted?

 

Please keep this civil, as it's an interesting topic. Also please read the entire article, as there is a heckin F-ton of information I did not include in this post, because it would be a fairly big wall of text.

 

[asus killer]

Russia must laugh their asses off with all this news about China spying/hacking on US 

[captain_to_fire]

47 minutes ago, Trik'Stari said:

At what point would a military response (whether physical or digital) be considered warranted?

Attribution of a cyberattack is hard imo especially to a nation (unless it’s North Korea sponsored Lazarus Group) because it’s easy to conceal your attack with a proxy or a VPN. Even before the internet, nations especially the developed ones are in each other’s necks and spying on each other all in the name of intelligence. 

 

By no means am I an expert in foreign policy but I think it would turn to a mostly to sanctions if the perpetrator successfully infiltrated and destabilized a critical infrastructure like power grids, military tactics and even healthcare records.  But then you have the likes of US admitting that they launched a DDoS attack to cripple North Korea’s hacking capabilities.

[Trik'Stari]

1 minute ago, captain_to_fire said:

Attribution of a cyberattack is hard imo especially to a nation (unless it’s North Korea sponsored Lazarus Group) because it’s easy to conceal your attack with a proxy or a VPN. Even before the internet, nations especially the developed ones are in each other’s necks and spying on each other all in the name of intelligence. 

 

By no means am I an expert in foreign policy but I think it would turn to a mostly to sanctions if the perpetrator successfully infiltrated and destabilized a critical infrastructure like power grids, military tactics and even healthcare records.  But then you have the likes of US admitting that they launched a DDoS attack to cripple North Korea’s hacking capabilities.

What about economic sabotage? It's basically well known fact that China respects no intellectual property laws of any other nation.

[captain_to_fire]

1 minute ago, Trik'Stari said:

What about economic sabotage? It's basically well known fact that China respects no intellectual property laws of any other nation.

That’s true. Not sure about economic sabotage but it’s a fact that China is a huge trading partner despite (just look at Apple outsourcing manufacturing to Foxconn) and it’s possible they’re using it as leverage in the game of geopolitical one-upmanship and I wouldn’t be surprised if China has allegedly sponsored cyberattacks. I mean just look at the state sponsored attacks to Southeast Asian countries allegedly coming from China. [here][here]

[DaRk0]

Honestly I'm not surprised with all the tensions in the air between not only US and China, but between Western and Eastern powers.

 

I believe we will se a lot of news like this in the future. Some true and some just propaganda against certain countries.

 

World is becoming multipolar and West doesn't like it. There are power that can challenge West now either by hacking like Chinese are doing or by decimating Western sponsored proxy forces like Russia and Iran are doing in Syria.

[thorhammerz]

This is new(s)?

 

The Chinese military and government (depending on the era) have been doing this type of thing on-and-off (but usually on) for the better part of the past few decades, stealing IP through hacking (or other good ol' espionage tactics).

 

They (the Chinese) have simply become the bogeyman-de-jour, along with the attention that comes with the position .

[Amazonsucks]

7 hours ago, thorhammerz said:

This is new(s)?

 

The Chinese military and government (depending on the era) have been doing this type of thing on-and-off (but usually on) for the better part of the past few decades, stealing IP through hacking (or other good ol' espionage tactics).

 

They (the Chinese) have simply become the bogeyman-de-jour, along with the attention that comes with the position .

I know right? Except theyre not a fake bogeyman like Russia. They are a real existential threat to the west.

 

Look at the shitty stealth fighter they tried to make after they hacked Lockheed Martin.

 

Considering that in addition to hacking and stealing IP, they have concentration camps, imprison and murder people over their religion then sell their organs, build military bases on artificial islands, and all the other hostile stuff they do, the west should have a full embargo on them just like they do on N. Korea. They are even more of a threat. The Russia hysteria is hilarious too. Russia is not a real threat compared to China.

 

They even recruit in foreign countries through fronts called Confucius Institute and Chinese Student Scholar Associations(CSSA). They own several politicians in western countries who actively assist in their espionage. The Chinese have also been selling their great firewall tech to oppressive regimes. Next will be the social credit system tech.

 

I have been doing everything i personally can to stop this shit for the last 12 years.

[Trik'Stari]

8 minutes ago, Amazonsucks said:

I know right? Look at the shitty stealth fighter they tried to make after they hacked Lockheed Martin.

 

Considering that in addition to hacking and stealing IP, they have concentration camps, imprison and murder people over their religion then sell their organs, build military bases on artificial islands, and all the other hostile stuff they do, the west should have a full embargo on them just like they do on N. Korea. They are even more of a threat. The Russia hysteria is hilarious too. Russia is not a real threat compared to China.

 

They even recruit in foreign countries through fronts called Confucius Institute and Chinese Student Scholar Associations(CSSA).

 

I have been doing everything i personally can to stop this shit for the last 12 years.

Those things are all over the US, in major cities. I've heard conservative radio hosts talking about them as early as 2011.

 

Of course the leftists would just say that we're racist.

[Amazonsucks]

1 minute ago, Trik'Stari said:

Those things are all over the US, in major cities. I've heard conservative radio hosts talking about them as early as 2011.

 

Of course the leftists would just say that we're racist.

They could say that but a lot of prominent Chinese who have escaped from China risk their lives to talk about it. They risk their lives even when they are in a foreign country, far from China.

 

I dont think they can call actual Chinese nationals who escape, then fight against China "racists", though they did call Candace Owens a white supremacist

 

 

[Mihle]

Why the hell do people here seem to think that left people would just say this is false or whatever? Or call it racist? That's so disolutional to both believe that and think most left people believe it.

 

It has literally nothing to do being left or center or right but only have to do how blindly you somehow like China.

 

Literally no one I know think China is overall great and think it's fake that they hack people and copy IP. Lots seem to don't care thqr much but they are on all parts of the political spectrum.

 

(You can not be racist against a country but that doesn't matter)

[Trixanity]

Would be interesting if multiple parties got tired of this to the point where they simply decided to cut the cables to China. Of course China could circumvent this in multiple ways but it's still a clear message sent.

[Amazonsucks]

6 minutes ago, Trixanity said:

Would be interesting if multiple parties got tired of this to the point where they simply decided to cut the cables to China. Of course China could circumvent this in multiple ways but it's still a clear message sent.

China has massive influence campaigns in the west and lots of people in key government positions on their payroll to ensure that doesnt happen.

[Linus_torvalds]

So US can spy on people and china can't? Fuck both of you!

[TacoSenpai]

On 11/4/2018 at 6:46 AM, captain_to_fire said:

 

By no means am I an expert in foreign policy but I think it would turn to a mostly to sanctions if the perpetrator successfully infiltrated and destabilized a critical infrastructure like power grids, military tactics and even healthcare records.  But then you have the likes of US admitting that they launched a DDoS attack to cripple North Korea’s hacking capabilities.

It could actually get much more serious and escalate much quicker.  Imagine taking down just a portion of the electrical grid to impact the west coast or say the north east with cities like New York or Boston.  It would be chaos even if it were down for say 5 minutes (likely longer) you would have numerous accidents, lives lost, crashed aircraft list goes on.  Needless to say it would probably start a full out war.  Of course that figures into the calculus of it all at least if its state sponsored.   

[Trik'Stari]

46 minutes ago, LordOTaco said:

It could actually get much more serious and escalate much quicker.  Imagine taking down just a portion of the electrical grid to impact the west coast or say the north east with cities like New York or Boston.  It would be chaos even if it were down for say 5 minutes (likely longer) you would have numerous accidents, lives lost, crashed aircraft list goes on.  Needless to say it would probably start a full out war.  Of course that figures into the calculus of it all at least if its state sponsored.   

I'm not sure which is more terrifying. That scenario, or if they were able to take down the grid long-term.

 

It would be complete fucking chaos. God only knows what they would do next.

 

Although this is all hypothetical. China's entire economy is dependent upon us as much as we are dependent upon them. This kind of thing is why I think the global market as a whole is something we have become too dependent upon as a species. We need to shore up our economies for internal trading for stability and global trading as something less necessary.

 

What happens when South America or Africa become the new China and we start getting all our goods from them? What will China do then?

[Tristerin]

The company I work for had a meeting last week in regards to increased hacking, foreign nationals, etc (not just standard training) because our datacenters were attacked (titanium aerospace engine industry) they want to make our engines bigly like.