Category Archives: China Attacks

Joint Chiefs Chair: Chinese Hackers ‘Not Necessarily Hostile

This headline from CNN – “Joint Chiefs Chair: Chinese Hacking Not Necessarily a Hostile Act” – reads like it came from the Onion. But don’t jump into your bunker yet – the reasoning behind this apparently blissfully naive statement by General Martin Dempsey is at least slightly plausible:

Gen. Martin Dempsey, the chairman of the Joint Chiefs of Staff, said he “believe(s) someone in China is hacking into our systems and stealing technology and intellectual property, which at this point is a crime.”

But Dempsey said in testimony to the Senate Armed Services Committee that he cannot attribute the Chinese hacking to China’s military, the People’s Liberation Army (PLA).

Asked by Sen. Lindsey Graham, R-South Carolina, that if it could be proven that the PLA was behind a hacking of the defense infrastructure, whether it would it be considered a “hostile act,” Dempsey said such wasn’t necessarily the case.

Now, you can quibble over the semantics in this. A cyberattack on the United States’ defenses might not come from the Chinese government itself – though one has to wonder how much privacy hackers enjoy, given China’s notoriously censor-happy culture. Moreover, even if a private hacker was good enough to evade the Chinese government’s own crop of cybersecurity experts and bypass our security, it’s fairly obvious that the hacker in question would be able to sell his method for a very high price.

via Joint Chiefs Chair: Chinese Hackers ‘Not Necessarily Hostile’ |


Hacked: How China is stealing Americas business secrets

Sen. John Kerry is fed up with Chinas penchant for looting technology from U.S. businesses — up to $400 billion worth of data each year. When will it stop?POSTED ON FEBRUARY 16, 2012, AT 3:52 PMChinese gamers at an internet cafe: Sen. John Kerry D-Mass. says Chinese hackers are illegally stealing business secrets from American firms. Photo: Imaginechina/Corbis SEE ALL 54 PHOTOSChinese Vice President Xi Jinping, slated to be the next leader of the worlds most populous nation, is getting an earful from U.S. officials over Chinas shady business practices. During Xis first official tour of the U.S. this week, Sen. John Kerry D-Mass. accused a Chinese company of bankrupting a U.S. competitor by ransacking its software. And thats just the tip of the iceberg, alleges Kerry, implicating China in “cyber-attacks, access-to-market issues, espionage [and] theft.” And, indeed, a flurry of recent reports indicate that Chinese hackers, backed by the government, are stealing business secrets from the U.S. Here, a guide:

via Hacked: How China is stealing Americas business secrets – The Week.

Chinese Cyber-Espionage Growing

TAIPEI – A new U.S. intelligence report declares the most active and persistent perpetrator of economic espionage is China.The report, issued by the U.S. Office of the National Counterintelligence Executive ONCIX, draws on the inputs and reporting from more than a dozen U.S. law enforcement and intelligence collection bodies, including the CIA, FBI, DIA and NSA.RELATED TOPICS. Americas-Asia & Pacific RimChina views economic espionage as an “essential tool in achieving national security and economic prosperity,

” the report said.The report – “Foreign Spies Stealing U.S. Economic Secrets in Cyberspace: Report to Congress on Foreign Economic Collection and Industrial Espionage, 2009-2011” –

indicates the U.S. intelligence community judges the use of cyber tools is now a greater threat than more traditional espionage methods.

via Chinese Cyber-Espionage Growing: U.S. Report – Defense News.

China’s Cyber Militia

There’s been an interesting new development in China’s use of cyber space as an element in its intelligence and security operations. The People’s Liberation Army (PLA) is reportedly funding a vast complex of part-time cyber-devotees to supplement and compliment the official structure of cyber interception and invasion.

Equally as interesting is the willingness of the Chinese authorities to allow the publication of this fact. The first official recognition of this program occurred in one chosen hi-tech factory in 2002. According to an official PLA publication, there are now thousands of such units around the country. Obviously the proliferation was considered too great to hide.

via The American Spectator : China’s Cyber Militia.

DailyTech – China Brazenly Brags About Internet Attacks on U.S. in Leaked Video

Despite “smoking gun” U.S. is unlikely to act as it has a long history of tolerating China’s abuse

It seemed like just another Chinese propaganda video, designed to promote the fighting spirit of soldiers in China’s People’s Liberation Army and rouse anti-American sentiments.  The Chinese narrator boldly proclaimed, “America is the first country to propose the concept of a cyberwar, and the first country to implement it in a real war.”

I. Proof of Chinese Government Cyber-Attacks

But, as first noted by TheEpochTimes, the Chinese government unwittingly dropped a bomb shell when it used a clip of what it must have thought was stock footage.

Between 12:57 and 13:05 in the video, the B-roll clip rolled, revealing what is most westerners’ first glimpse at a live Chinese cyber-attack on the U.S.  Videographic proof that recent cyber-attacks were indeed the work of the Chinese government had never been found — until now.

At the start of the clip the reflection of a PLA officer in uniform can be seen.  We’re not sure what the text up top or below says, but if you speak Chinese please let us know…


The officer quickly leaves that screen, using a keyboard shortcut…. 


…and fires up an application whose creator is identified in GUI text as the Electrical Engineering University of China’s People’s Liberation Army.  The GUI panel contains the text “Choose Attack Target” and offers the user a choice of what reportedly are multiple Falun Gong websites (a forbidden Chinese spirtual movement) (feel free to chime in if you can read this…).



The “attack” button is pressed in the lower left-hand corner, and the video fades out, as presumably a distributed denial of service attack (possibly botnet assisted) is carried out.


So there it is — straight from the horse’s mouth, as they say, proof that China is indeed attacking entities in the U.S. online.

The video is available here, beware the rewind capability seems to be messed up, so just skip to around 10 minutes if you want to see the good part.

II. U.S. is Too Afraid to Stand up For Itself

We’re guessing President Barack Obama’s (D) response to this video will fall somewhere between “silence” and  “sweeping it under the rug”.  After all, while the U.S. talked tough of physical retaliation for cyberattacks, it continues to let China bully it online.

China controls a great deal of U.S. debt and rare earth metals — a critical component to high-performance electronic devices.  The U.S. also deeply depends on China for its manufacturing needs, having done away with its own capacity to produce most products decades ago.

Likewise there’s a sort of grim complacency in the corporate world.  Google, Inc. (GOOG) claims to have its source code stolen by Chinese hackers, but has been forced into silence by the Chinese government.  The message is clear — put up with abuse, or get out of the world’s biggest market.

Similarly, antivirus firm McAfee last month aired a report on the world’s largest series of cyber-attacks dubbed “ShadyRAT”, which it said were perpetrated by a nation state.  However, when faced with the overwhelming public assumption that the attacker was China, McAfee equivocated refusing to confirm that the attacks came from China.

What reason would McAfee have for keeping the identity of the attacker in history’s most financially damaging cyberattack a secret?  Well, its parent company, Intel Corp. (INTC) has invested much in research and development and production facilities in China — facilities it doesn’t want to lose by alienating the local government.

The few people and organizations who do speak out are largely ignored.

Recent attacks on American advocacy site, who launched a campaign to free imprisoned Chinese artist Ai Weiwei, led to Secretary of State Hillary Clinton admonishing China.  But at the end of the day no decisive action was taken by the executive branch or Congress.

In short, China is reportedly gaining advanced intelligence on the U.S. military and its technological secrets; is infiltrating U.S. utilities; and stealing hundreds of millions of dollars of corporate secrets, but the U.S. has thus far kept its mouth shut.

For that reason we don’t hold much hope that this “smoking gun” will change much of anything in the way U.S. business and the U.S. government bow down to their Chinese abusers.

via DailyTech – China Brazenly Brags About Internet Attacks on U.S. in Leaked Video.

China Caught With Evidence of Cyberwarfare Against U.S. |

It was supposed to be just another piece of Chinese propaganda. It ended up as a major “oops,” revealing that a Chinese military university is engaged in cyberwarfare against the U.S.

The Epoch Times reports that the film, screened in mid-July, included a screenshot that it calls a “damaging revelation.” Here’s the screenshot:



And here‘s why it’s so damaging, according to the Times:

The screenshots appear as B-roll footage in the documentary for six seconds—between 11:04 and 11:10 minutes—showing custom-built Chinese software apparently launching a cyber-attack against the main website of the Falun Gong spiritual practice, by using a compromised IP address belonging to a United States university.

via China Caught With Evidence of Cyberwarfare Against U.S. |

Cyber attacks again | Korea Herald

Korean businesses, financial institutions and government agencies have been frequently targets of hacking in the past. It is like an epidemic. The latest case involves SK Communications, which runs the Cyworld social networking website and the Nate online portal.

The hackers, whose attacks reportedly originated in China, stole personal information of 35 million clients of Cyworld and Nate last week. The victims are now exposed to the risk of online scams and voice phishing.

SK Communications claims the hackers cannot easily use much of the personal information they have obtained because the passwords and resident registration numbers of the clients encrypted. But if the culprits are capable of hacking such a security-minded Internet portal as Nate, they may easily decode the encrypted information.

Moreover, it is commonly accepted that there is no foolproof method to permanently deny a determined, competent hacker access to computer networks. He will eventually find a way to crack the software defense to get access to the targeted information no matter how technologically sophisticated it may be.

Of course, this is not to say that nothing can be done as a precaution against hacking. Damage can be controlled though it may not be prevented, as evidenced by what SK Communications is planning to do as a remedial measure.

Read More >

China Attacks USA 4 years ago

Four (4) years ago Scientific America wrote an article about “China Cyber Attacks Signal New Battlefield is Online”. In 2011 we have seen a surge in China’s hacking but why did we not prepare for this when we knew about it for so long. In 2007 they hacked the UK, France and the US. In the article it stated, “China’s military goals are to improve its ability to wage information warfare”. See China Cyber Timeline.

The Chinese were ahead of us back in 2007 and we did nothing about our cyber security. We are arresting young people with no criminal records living in the basements of mom and dad for hacking. How many Chinese have we arrested for hacking, what’s our US-China Trade Statistics? US-China -273.1?  I understand in 2007 we were fighting a war to stop Iraq from deploying WMD (Weapons of Mass Destruction). 

We found no WMD in Iraq, but the Chinese were working on offensive cyber weapons to cripple business, communication, power grids and financial services in the USA and this cyber weapon is not classified as a WMD.

Let me get it straight the Chinese have been working in cyberspace since 2007 to learn how to re-route the world’s internet traffic thru it’s borders and steal terra-bytes of data. While we develop a kill switch to cut off the entire Internet by the President. I understand KISS (Keep it Simple Stupid) If someone is attacking you thru cyberspace we simply kill all the connection to the outside world. Quarantine the infected systems and then reboot and the USA is back online, cut of from the rest of the world an isolationist dream. This sounds so much like the cold-war fatalistic dogma.



We can do better than this and everyone can help. If we want to stay on top of cyberspace we need a baseline security standard to be applied to all .gov .edu and all critical C&C (Command & Control) infrastructure. Once the baseline is set we need to adapt and be proactive in our cyber security to be changed quickly to be adaptable to new threats. We need to develop cyber-monitoring capabilities to be able to see cyber attack vector profiles and react quickly. We also need a National disaster recovery plan to ensure recovery in case of an attack. I might ad a cyber forensic team to analyze the attacks and find the bad guys. Last but not least a comprehensive plan to go after the Nation, State, group, corporation or individuals that caused us harm.

Most of this technology exist a lot of it is open-source (free) with a few modifications it can provide a basic infrastructure framework to build on. We need to break the ties to political special interest government contracts to corporation. We need to be adaptable our technology to the changing cyber sphere faster that we have been. We do this by training our future cyber warrior with programs like the Air Force Cyber Patriot Program. There are 10 of thousans if not more of security savvy people here in the good old USA. These people have no real certificate or college degree in Information Security (but who reallybut they know hacking and security. I bet they would volunteer to help America build the tools and infrastructure that’s needed. You have no idea what the open-source community can do, when you get the best geeks in the country to solve a problem.

Once we have everything in place and it works, let’s share the basic model with the world. Let’s prove democracy in cyberspace can work. Let’s show the world we are leaders again. America is still one of the leaders of the free world, let’s work together in cyberspace and help cyber freedom-free speech democracy become real.

us cyber labs

Abraham Lincoln said ”of the people, by the people and for the people” It worked for America why not apply this right to “Cyberspace”.

The Arab Spring this year was history the first cyber revolution. The Libyan people have been freed from tyranny and unjust at the hands of Gaddafi without a conventional army, it has change the world. The people of the Arab States with the use of cyberspace, Twitter, Facebook, Crowd Map, computers, game console’s, cell phones, satellites and other technology made their voices heard. The dreamers that created social networks companies must feel very proud they have changed the world as we know it. Does anyone know how many lives were saved during the first cyber revolution? The destruction of conventional modern war even an internal revolution leaves scars on the country, infrastructure but most important, it leaves a scar on the people and children’s very soul. I know I was one. Our technology, cyberspace, the Internet, the Web saved a generation of children from the cruelty and horrors of war. We American should be proud of the world we help create we saved lives. We also scared the people in power. When a regiene is toppeled by people using nothing more than a cell phones leaders get a little bit worried and maybe the’ll do a better job. 

As I watch the political debate about the Debt Ceiling Bill and the lack of do nothing but toot my own “political” horn. This political game is why the Chinese are almost ahead of us in cyber space and stealing our stuff and manufacturing electronic components with backdoor to the Internet. Wake up American let’s educate our public officials to the freedom of speech on the Internet, lets VOTE. Let’s make sure our Senators and Congressman understand and educate them on Cyber Security (I can supply some links –write me). I’m a veteran and I don’t like wars, but if you’re going to put me in the warzone (Let me borrow this from Ms. Palin) “Don’t Retreat, Instead Reload”. Civilian Militia now live in Cyberspace look at the Jester’s war against Lulzsec the current  Hacktivist cyber war. (Ex-Military “Good Hacker” Identifies LulzSec Leader “Sabu”). This war is live on social networks feeding news organizations around the world. LOL  

Cyberspace belongs to the people. We the people need to keep it free and open, let’s not wait another 4 years to be better at information warfare.

My 2© cents – gatoMalo_at_uscyberlabs_dot_com

via China’s Cyber Attacks Signal New Battlefield Is Online: Scientific American.2007

via US Cyber Labs – Blog.

Cyber War Games: U.S. Versus China



Cyber warfare is one form of espionage that is currently being waged between the U.S. and China. In the event of a full-scale conflict, how would this war be fought, and who would win the war? – David Wise (of big think) an intelligence expert does an excellent job of explaining the 5th Battlefield CyberSpace.  David explains who has an upper hand in this US vs China Cyberspace battle. The United States is well aware of it’s own vulnerable infrastructure our electric grid, our communication networks and aviation grid. We as other governments are a highly industrialized society. China is becoming more and economic power so they in turn are vulnerable. China has been involved in hacking over 33 different companies in the US. The US is doing some of it’s own hacking we we don’t hear about it because were dam good.  (The State department released that CHina’s SCADA system has major security problems).

David does make it clear that we don’t know who these hacker are sometimes a kid playing in his bedroom or a national government in Estonia making belive there in CHina or any other place. It easy to hide in the internet. This makes it difficult to say “Yes” it the Chinese government doing this and that we can’t be sure. David and I agree that dealing with China a communist country is difficult. China is a growing economic power base it need Cyberspace to grow. China is enjoying the money and its need to keep the Internet open to do business, this will also enable it’s people to become free in cyberspace.

This is an excellent Video David Wise is great. –my 2 cents- gatomalo

big_Think Youtube Channel See More >

China-Based Spies Said to Be Behind Hacking of IMF in Investigators’ View

Investigators probing the recent ransacking of International Monetary Fund computers have concluded the attack was carried out by cyber spies connected to China, according to two people close to the investigation.

Computer specialists have spent several weeks piecing together information about the attack, which the IMF disclosed on June 8.

Evidence pointing to China includes an analysis of the attack methods, as well as the electronic trail left by hackers as they removed large quantities of documents from the IMF’s computers. The multistaged attack, which used U.S.-based servers as part of their equipment, ended on May 31, people involved in the investigation said on the condition they not be identified because they aren’t authorized to speak about it.

Their conclusion is likely to be a major test for the new IMF chief,Christine Lagarde, who this month appointed Chinese economist Zhu Min as deputy managing director, giving China a much expanded role in the institution.

“There are some very big questions about the role that China wants to play in the global economic system and what role it can play given some of its behavior,” said C. Fred Bergsten, who heads the Washington-based Peterson Institute for International Economics.

The timing of the attack and China’s lobbying for more influence at the Fund appear to overlap, creating a potentially embarrassing situation for China among the IMF’s 186 other members, including the U.S.

Scope of Attack

IMF officials have said little publicly about the scope of the attack or its origins, citing the on-going nature of the investigation, which involves outside forensics experts and the fund’s own information-technology team.

Yesterday, David Hawley, an IMF spokesman, said the investigation was not yet complete. “We’re continuing to investigate what happened and assess” what was taken, he said.

William Murray, another IMF spokesman, declined to comment on the source of the attack.

Wang Baodong, a spokesman for the Chinese embassy in Washington, said in an e-mail that hacking is “an international issue” affecting dozens of countries and “willfully relating such cases with China is irresponsible.”

People familiar with the incident said that the hackers were able to download a large quantity of documents from dozens of computers on the IMF’s network, which was first infected when an employee downloaded a file containing a piece of sophisticated spying software that quickly spread.

Internal IMF e-mails obtained by Bloomberg News suggest fund officials completed an inventory of those documents by the middle of July, including an “operational impact assessment.” The results have not been made public.

IMF Internal E-Mails

In an internal e-mail sent to staff, Patrick Hinderdael, the IMF’s adviser to the chief information officer, said the attack occurred in at least two phases, and that no activity by the hackers has been detected since the end of May. In the first phase, the attackers grabbed “a general sweep” of recent files then returned for a second wave of downloads, Hinderdael said.

Hackers have learned to use sophisticated methods to hide their identities, including hijacking servers in other countries to launch an attack. Forensics specialists have similarly advanced techniques to cut through the fog. Those include analyzing the code left behind in networks and tracing patterns in multiple attacks that may use the same infrastructure.

Dominique Strauss-Kahn, the head of the IMF, was arrested in New York City on sexual assault charges on May 14 and resigned four days later, setting off an international search for a new director including demands by emerging economies that one of their own lead the fund. Lagarde, the former French finance minister, was appointed to fill the position beginning July 5.

Lagarde’s Cyber Experience

Lagarde has had experience with similar cyber attacks. In March, the French finance ministrysaid its computer network had been hacked and that documents related the French presidency of the G-20 were stolen. The magazine Paris Match quoted a French official saying the information was redirected to servers in China.

Google Inc. (GOOG) has said its computers were attacked by Chinese-based hackers in late 2009, along with the networks of at least 20 other companies. According to diplomatic cables posted by the website WikiLeaks, U.S. defense and intelligence officials have documented the operations of sophisticated cyber spies operating from China over several years.

“As an intelligence professional, I stand back in absolute awe and wonderment at the Chinese espionage effort against the United States of America,” Gen. Michael Hayden, the former CIA director, said at cyber security conference last year. “It is magnificent in its breath, its depth and its efficiency.”

China’s Clout

China, which is driving global economic growth, has been gaining clout in international organizations. In 2008 Justin Lin, a Taiwan-born scholar who defected to China, became the first World Bank chief economist from outside Europe and Lagarde created a new position for Zhu at the IMF, giving China access to a top management post for the first time.

A few months earlier, China obtained the third-largest voting share at the fund after the 187 member countries agreed to better reflect the growing weight of emerging markets in the world’s economy.

China needs to decide whether it will be a cooperative global power or pursue national interests that can be disruptive, Bergsten said.

“The cyber security issue is a very big part of that but it’s only part of a broader mosaic,” he said.

Global Cornerstone

The IMF is a cornerstone institution in the global economic system, managing financial crises around the world. The fund’s computers are likely to contain confidential documents on the fiscal health of many countries.

“The IMF holds some of most valuable data anywhere,” said Josh Shaul, chief technology officer with Application Security, Inc., a cyber security firm based in New York City, NY.

The financial status of countries is critical information for major nation-state investors or holders of sovereign debt, he said.

Hinderdael said in an e-mail to IMF staff that the attack was not related to identity theft or commercial fraud, another indication the intruders weren’t ordinary cyber thieves.

“According to our experts’ assessment, the information contained in our e-mail, document management, human resource, and financial systems has not been compromised,” Hinderdael said in the e-mail.

via China-Based Spies Said to Be Behind Hacking of IMF in Investigators’ View – Bloomberg.