backtop


Print 18 comment(s) - last by ritualm.. on Feb 7 at 6:41 PM

China sends its brightest hackers against the U.S., while the U.S.'s own talent turns against it, as well

Just days after the U.S. Department of Energy (DOE) sent a letter to employees telling them its servers had been hacked and some personal information was stolen, the U.S. Federal Reserve made a similar announcement.

I. Federal Reserve Gets Pwned by Anonymous

Like the DOE, the central bank of the U.S. said the intrusion was minimal and didn't affect its functions.  But reports indicate the attackers -- Anonymous, a global collective of anti-establishment hackers -- scooped 4,000 records detailing personal information of top bank executives.

A spokesperson for the federal bank told Reuters, "Exposure was fixed shortly after discovery and is no longer an issue. This incident did not affect critical operations of the Federal Reserve system."

News of the hack broke Sunday night when Anonymous leaked 4,000+ bankers' login information, credentials, internet protocol addresses, and contact information.  The data was dumped to page on the Alabama Criminal Justice Information Center entitled "whoops we did it again".  The page has predictably since been removed.

The leak was announced by the Twitter account OpLastResort, an account associated with Anonymous’ anti-government campaign that's seeking vengeance for internet activist Aaron Swartz's death:
Fed Reserve hack
 
The published information included mailing address, business phone, mobile phone, business email, and fax numbers.

II. PLA Hackers Bombard WSJ With More Attacks 

Meanwhile, a second report indicates that hackers from Chinese IPs are still battering The Wall Street Journal in apparent effort to silence stories about corruption in the Chinese government.  The Chinese have appeared to openly and brazenly attacked The New York Times and Bloomberg in the last year in retaliation for stories about corruption in the highest levels of the Chinese government.

China, who admits to having a large "cyber army", claims it only uses the highly skilled unit for "self defense".  It denied allegations made in the recent NYT report on attacks on U.S. media, which claimed that the attack bore the telltale signs of other cyberattacks connected to the People's Liberation Army.

Rupert Murdoch, media mogul owner of News Corp. (NWS) and WSJ took to Twitter on Tuesday to announce that the attacks were continuing.  He wrote:
Ruper Murdoch tweet

It is unclear what kinds of attacks were conducted or whether any intrusions were successful.

III. America Faces a Two-Headed Threat

The attacks announced this week illustrate the two-headed beast facing government cyberdefense forces in the U.S.  On the one side you have domestic hacker groups like Anonymous, which appear to be scooping up poorly secured government records with ease and defacing government websites.  

Domestic hackers are problematic as there's no solid option for "counterattack" other than prosecution, and the government appears ill equipped to defend itself.  To make matters worse, many of the campaigns play to public frustrations about government corruption, and as a result efforts to bring domestic hackers to justice are often met with derision.

Anonymous
The U.S. continues to struggle to court its black hats. [Image Source: Jason Mick/DailyTech]

On the other side of the aisle is the powerful, sophisticated PLA hacking machine, which has steadily and ruthlessly attacked the U.S. in recent years.  As with the domestic threats, the U.S. government appears to be doing a poor job, at best, defending itself.  And its official counterattack group -- U.S. Cyber Command -- is too small to be effective, with a skeleton crew of 500 experts.

In many ways the problems overlap.  While China recruits its best and brightest black hats to attack the U.S., the U.S. is fighting to imprison many of its own best and brightest black hats.  Meanwhile other U.S. black hats actively work to attack the government.  The result is a cyberwarfare scenario that is highly conducive to Chinese success -- and highly dangerous for the U.S. federal government.

The U.S. National Security Agency (NSA), one of the organizations tasked with federal cyber defense, has reached out to black hat hackers at recent hacking conventions.  However, OpLastResort and recent prosecution efforts against Andrew Auernheimer, et al. illustrate the deep ongoing divides between the U.S. and its star hackers.

Sources: Twitter [OpLastResort], Twitter [Rupert Murdoch]



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Ok
By Ammohunt on 2/6/2013 4:29:28 PM , Rating: 2
quote:
While China recruits its best and brightest black hats to attack the U.S., the U.S. is fighting to imprison many of its own best and brightest black hats.


So China employs criminals and we put them in jail. As a nation of laws i am not seeing the issue here. If these blackhats had any concern for western civilization they would put on a white hat and contribute to society in a positive way.




RE: Ok
By MechanicalTechie on 2/6/2013 6:03:11 PM , Rating: 2
Yeeeah right... a nation of Laws?

I guess thats why so many went to jail after the GFC...

Prehaps if the US gov applied the same conditions to liberty and justise to all then they wouldnt have so many problems with domestic blackhats.


RE: Ok
By ritualm on 2/7/2013 12:06:32 AM , Rating: 3
quote:
So China employs criminals and we put them in jail. As a nation of laws i am not seeing the issue here. If these blackhats had any concern for western civilization they would put on a white hat and contribute to society in a positive way.

The flipside being:

China has the best minds working for them, while USA treats them as worse than marijuana smugglers.

Computer/IT security expertise needs to be treasured and sought after, not viewed in black-and-white just because the guys with that experience turn out to be criminals. A nation of laws is at best a subject of hilarious derision, at worst its Achilles' Heel.

By the way, note how all the 'criminals' in the upper echelons of power create all the laws that we must abide to, while they flaunt the same rules and regs at will. Doesn't look like "a nation of laws" anymore, does it.


RE: Ok
By aë$-he+é on 2/7/2013 10:50:25 AM , Rating: 2
Yeah, they really wear those rules and regs like bling on the weekends. Scandalous. It's not like they'd ever FLOUT them.


RE: Ok
By Ammohunt on 2/7/2013 12:05:23 PM , Rating: 2
This is not the movies! black hats with any skill are in it for personal gain, creating chaos and perhaps the thrill of being bad. Asking them to fight for a concept foreign to them such as the greater good as defined by someone else is laughable at best.


RE: Ok
By ritualm on 2/7/2013 6:41:17 PM , Rating: 2
quote:
This is not the movies! black hats with any skill are in it for personal gain, creating chaos and perhaps the thrill of being bad. Asking them to fight for a concept foreign to them such as the greater good as defined by someone else is laughable at best.

Epic fail.

So your solution is to send the brightest and smartest black hatters into the American prison complex and/or export them to China? Your "holier-than-thou" and "law and order" mantras do not work when it comes to IT security.

The US government should offer folks like Aaron Swartz an alternative better than jail time - work for the government for life, in exchange they get total legal immunity for all past, present and future (mis)deeds. Hell, putting them to work for the CIA is a better deal than the "guilty plea bargains" Swartz was offered prior to his suicide!


"Nowadays, security guys break the Mac every single day. Every single day, they come out with a total exploit, your machine can be taken over totally. I dare anybody to do that once a month on the Windows machine." -- Bill Gates














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki