Beer in the Headlights

I'm an IT guy by trade. I do contract work for the military and am quite familiar with computer security and many of the threats we face.

Recently our systems have gone to a minimum of 15 character passwords. I'm often asked by users as to why and I reply, "Simple answer? Hackers sponsored by the ChiComs."

Here's a frightening statistic for you:

The Pentagon last month acknowledged at a closed House Intelligence committee meeting that its vast computer network is scanned or attacked by outsiders more than 300 million times each day.

That paragraph came from an article about computers in certain Congressmen's offices being hacked. These Congressmen have been outspoken critics of the ChiCom regime.

Predictably the ChiComs deny any such allegations:

China denied accusations by two U.S. lawmakers that it hacked into congressional computers, saying Thursday that as a developing country it wasn't capable of sophisticated cybercrime.

"Is there any evidence? ... Do we have such advanced technology? Even I don't believe it," Foreign Ministry spokesman Qin Gang told a regularly scheduled news conference.

Look, if teenagers can hack into government and corporate systems using Windows-based computers from their families' DSL or cable connections, then the ChiComs more than "capable of spohisticated cybercrime."

Do poor, developing nations really have the means to engage in cyber-censorship? Sure they do. With the help of Cisco Systems, Yahoo, and Google. Fortunately some folks in DC are taking these US-based firms to task for their complicity in oppressing Chinese citizens.

Witnesses at a congressional hearing talked about dissidents in China, Syria and Russia who were imprisoned after posting their political thoughts on the Internet.

Routers, e-mail and other Internet services of U.S. companies helped the foreign governments track down the dissidents in some cases, the witnesses told members of the Senate Judiciary subcommittee on human rights and the law.

Information presented at the hearing included a 2002 PowerPoint presentation reportedly produced by Cisco and the Chinese government. It gave an update on China's Internet security network and its goal to "combat 'Falun Gong' evil religion and other hostiles."

Falun Gong is a spiritual movement banned by the Chinese government as a cult.

Chinese government documents given to The Washington Times by the Global Internet Freedom Consortium and translated into English say, "The implementation and architecture of the second and third level (Golden Shield) network is solely based on Cisco switches, routers and intelligent administration systems."

The ChiComs' computer-related antics don't stop at search engine shenanigans or the Great Firewall of China. Take a gander at this:

U.S. authorities are investigating whether Chinese officials secretly copied the contents of a government laptop computer during a visit to China by Commerce Secretary Carlos M. Gutierrez and used the information to try to hack into Commerce computers, officials and industry experts told The Associated Press.

Surreptitious copying is believed to have occurred when a laptop was left unattended during Gutierrez's trip to Beijing for trade talks in December, people familiar with the incident told the AP. These people spoke on condition of anonymity because the incident was under investigation.

And then there's this little tidbit:

National security agencies are warning businesses and federal officials that laptops and e-mail devices taken to the Beijing Olympics are likely to be penetrated by Chinese agents aiming to steal secrets or plant bugs to infiltrate U.S. computer networks.

Chinese government and industry use electronic espionage to "easily access official and personal computers," says one recent report by the Overseas Security Advisory Council, a federally chartered panel comprising security experts from corporations and the State, Commerce and Treasury departments.

How about some more info on hacking efforts from China?

At the Naval Network Warfare Command here, U.S. cyber defenders track and investigate hundreds of suspicious events each day. But the predominant threat comes from Chinese hackers, who are constantly waging all-out warfare against Defense Department networks, Netwarcom officials said.

Attacks coming from China, probably with government support, far outstrip other attackers in terms of volume, proficiency and sophistication, said a senior Netwarcom official, who spoke to reporters on background Feb 12. The conflict has reached the level of a campaign-style, force-on-force engagement, he said.

The motives of Chinese hackers run the gamut, including technology theft, intelligence gathering, exfiltration, research on DOD operations and the creation of dormant presences in DOD networks for future action, the official said.

Chinese hackers were responsible for an intrusion in November 2006 that disabled the Naval War College’s network, forcing the college to shut down its e-mail and computer systems for several weeks, the official said. Forensic analysis showed that the Chinese were seeking information on war games in development at NWC, the official said.

What have we learned here today, kids? First, the ChiComs are not our friends. Secondly, US technology companies doing business with China need to be scrutinized for their involvement in thwarting free speech and attacking our systems. And last but not least, keep a close eye on your computer and where you go on the interweb.