Tuesday, April 08, 2008
Chinese hackers: No site is safe
Chinese hackers: No site is safe
Story Highlights
Chinese hackers claim to have broken into Pentagon's system
The hackers met with CNN on an island near a Chinese naval hub
Hackers say Beijing secretly pays them at times, something the government denies
Official: "The Chinese government does not do such a thing"
By John Vause
CNN
ZHOUSHAN, China (CNN) -- They operate from a bare apartment on a Chinese island. They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world's most sensitive sites, including the Pentagon.
In fact, they say they are sometimes paid secretly by the Chinese government -- a claim the Beijing government denies.
"No Web site is one hundred percent safe. There are Web sites with high-level security, but there is always a weakness," says Xiao Chen, the leader of this group.
"Xiao Chen" is his online name. Along with his two colleagues, he does not want to reveal his true identity. The three belong to what some Western experts say is a civilian cyber militia in China, launching attacks on government and private Web sites around the world. Watch hackers' clandestine Chinese operation »
If there is a profile of a cyber hacker, these three are straight from central casting -- young and thin, with skin pale from spending too many long nights in front of a computer.
One hacker says he is a former computer operator in the People's Liberation Army; another is a marketing graduate; and Xiao Chen says he is a self-taught programmer.
"First, you must know about the Web site you want to attack. You must know what program it is written with," says Xiao Chen. "There is a saying, 'Know about both yourself and the enemy, and you will be invincible.'"
CNN decided to withhold the address of these hackers' Web site, but Xiao Chen says it has been operating for more than three years, with 10,000 registered users. The site offers tools, articles, news and flash tutorials about hacking.
Private computer experts in the United States from iDefense Security Intelligence, which provides cybersecurity advice to governments and Fortune 500 companies, say the group's site "appears to be an important site in the broader Chinese hacking community."
Arranging a meeting with the hackers took weeks of on-again, off-again e-mail exchanges. When they finally agreed, CNN was told to meet them on the island of Zhoushan, just south of Shanghai and a major port for China's navy.
The apartment has cement floors and almost no furniture. What they do have are three of the latest computers. They are cautious when it comes to naming the Web sites they have hacked.
On camera, Xiao Chen denies knowing anyone who has targetted U.S. government Web sites. But off-camera, in conversations over three days, he claims two of his colleagues -- not the ones with him in the room -- hacked into the Pentagon and downloaded information, although he wouldn't specify what was gleaned. CNN has no way to confirm if his claim is true.
"They would not publicize this," he says of someone who hacks the U.S. Defense Department. "It is very sensitive."
This week, the Pentagon said computer networks in the United States, Germany, Britain and France were hit last year by what they call "multiple intrusions," many of them originating from China.
At a congressional hearing in Washington last week, administration officials testified that the government's cyber initiative has fallen far short of what is required. Most alarming, the officials said, there has never been a full damage assessment of federal agency networks. Watch Pentagon bans Google from bases »
"We are here today because we must do more," said Robert Jamison, a top official in the U.S. Department of Homeland Security. "Defending the federal system in its current configuration is a significant challenge."
U.S. officials have been cautious not to directly accuse the Chinese military or its government of hacking into its network.
But David Sedney, the deputy assistant secretary of defense for East Asia, says, "The way these intrusions are conducted are certainly consistent with what you would need if you were going to actually carry out cyber warfare."
Beijing hit back at that, denying such an allegation and calling on the United States to provide proof. "If they have any evidence, I hope they would provide it. Then, we can cooperate on this issue," Qin Gang, a spokesman for the Chinese Foreign Ministry, said during a regular press briefing this week.
But again off-camera, Xiao Chen says after the alleged Pentagon attack, his colleagues were paid by the Chinese government. CNN has no way to independently confirm if that is true.
His allegations brought strenuous denials from Beijing. "I am telling you honestly, the Chinese government does not do such a thing," Qin said.
But if Xiao Chen is telling the truth, it appears his colleagues launched a freelance attack -- not initiated by Beijing, but paid for after the fact. "These hacker groups in my opinion are not agents of the Chinese state," says James Mulvenon from the Center for Intelligence Research and Analysis, which works with the U.S. intelligence community.
"They are sort of useful idiots for the Beijing regime."
He adds, "These young hackers are tolerated by the regime provided that they do not conduct attacks inside of China."
One of the biggest problems experts say is trying to prove where a cyber attack originates from, and that they say allows hackers like Xiao Chen to operate in a virtual world of deniability.
And across China, there could be thousands just like him, all trying to prove themselves against some of the most secure Web sites in the world.
Story Highlights
Chinese hackers claim to have broken into Pentagon's system
The hackers met with CNN on an island near a Chinese naval hub
Hackers say Beijing secretly pays them at times, something the government denies
Official: "The Chinese government does not do such a thing"
By John Vause
CNN
ZHOUSHAN, China (CNN) -- They operate from a bare apartment on a Chinese island. They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world's most sensitive sites, including the Pentagon.
In fact, they say they are sometimes paid secretly by the Chinese government -- a claim the Beijing government denies.
"No Web site is one hundred percent safe. There are Web sites with high-level security, but there is always a weakness," says Xiao Chen, the leader of this group.
"Xiao Chen" is his online name. Along with his two colleagues, he does not want to reveal his true identity. The three belong to what some Western experts say is a civilian cyber militia in China, launching attacks on government and private Web sites around the world. Watch hackers' clandestine Chinese operation »
If there is a profile of a cyber hacker, these three are straight from central casting -- young and thin, with skin pale from spending too many long nights in front of a computer.
One hacker says he is a former computer operator in the People's Liberation Army; another is a marketing graduate; and Xiao Chen says he is a self-taught programmer.
"First, you must know about the Web site you want to attack. You must know what program it is written with," says Xiao Chen. "There is a saying, 'Know about both yourself and the enemy, and you will be invincible.'"
CNN decided to withhold the address of these hackers' Web site, but Xiao Chen says it has been operating for more than three years, with 10,000 registered users. The site offers tools, articles, news and flash tutorials about hacking.
Private computer experts in the United States from iDefense Security Intelligence, which provides cybersecurity advice to governments and Fortune 500 companies, say the group's site "appears to be an important site in the broader Chinese hacking community."
Arranging a meeting with the hackers took weeks of on-again, off-again e-mail exchanges. When they finally agreed, CNN was told to meet them on the island of Zhoushan, just south of Shanghai and a major port for China's navy.
The apartment has cement floors and almost no furniture. What they do have are three of the latest computers. They are cautious when it comes to naming the Web sites they have hacked.
On camera, Xiao Chen denies knowing anyone who has targetted U.S. government Web sites. But off-camera, in conversations over three days, he claims two of his colleagues -- not the ones with him in the room -- hacked into the Pentagon and downloaded information, although he wouldn't specify what was gleaned. CNN has no way to confirm if his claim is true.
"They would not publicize this," he says of someone who hacks the U.S. Defense Department. "It is very sensitive."
This week, the Pentagon said computer networks in the United States, Germany, Britain and France were hit last year by what they call "multiple intrusions," many of them originating from China.
At a congressional hearing in Washington last week, administration officials testified that the government's cyber initiative has fallen far short of what is required. Most alarming, the officials said, there has never been a full damage assessment of federal agency networks. Watch Pentagon bans Google from bases »
"We are here today because we must do more," said Robert Jamison, a top official in the U.S. Department of Homeland Security. "Defending the federal system in its current configuration is a significant challenge."
U.S. officials have been cautious not to directly accuse the Chinese military or its government of hacking into its network.
But David Sedney, the deputy assistant secretary of defense for East Asia, says, "The way these intrusions are conducted are certainly consistent with what you would need if you were going to actually carry out cyber warfare."
Beijing hit back at that, denying such an allegation and calling on the United States to provide proof. "If they have any evidence, I hope they would provide it. Then, we can cooperate on this issue," Qin Gang, a spokesman for the Chinese Foreign Ministry, said during a regular press briefing this week.
But again off-camera, Xiao Chen says after the alleged Pentagon attack, his colleagues were paid by the Chinese government. CNN has no way to independently confirm if that is true.
His allegations brought strenuous denials from Beijing. "I am telling you honestly, the Chinese government does not do such a thing," Qin said.
But if Xiao Chen is telling the truth, it appears his colleagues launched a freelance attack -- not initiated by Beijing, but paid for after the fact. "These hacker groups in my opinion are not agents of the Chinese state," says James Mulvenon from the Center for Intelligence Research and Analysis, which works with the U.S. intelligence community.
"They are sort of useful idiots for the Beijing regime."
He adds, "These young hackers are tolerated by the regime provided that they do not conduct attacks inside of China."
One of the biggest problems experts say is trying to prove where a cyber attack originates from, and that they say allows hackers like Xiao Chen to operate in a virtual world of deniability.
And across China, there could be thousands just like him, all trying to prove themselves against some of the most secure Web sites in the world.
Labels: Chinese hackers
Friday, September 21, 2007
Chinese military hacked into Pentagon
Chinese military hacked into Pentagon
By Demetri Sevastopulo in Washington
Published: September 3 2007 19:00 | Last updated: September 3 2007 20:53
The Chinese military hacked into a Pentagon computer network in June in the most successful cyber attack on the US defence department, say American officials.
The Pentagon acknowledged shutting down part of a computer system serving the office of Robert Gates, defence secretary, but declined to say who it believed was behind the attack.
ADVERTISEMENT
Current and former officials have told the Financial Times an internal investigation has revealed that the incursion came from the People’s Liberation Army.
One senior US official said the Pentagon had pinpointed the exact origins of the attack. Another person familiar with the event said there was a “very high level of confidence...trending towards total certainty” that the PLA was responsible. The defence ministry in Beijing declined to comment on Monday.
Angela Merkel, Germany’s chancellor, raised reports of Chinese infiltration of German government computers with Wen Jiabao, China’s premier, in a visit to Beijing, after which the Chinese foreign ministry said the government opposed and forbade “any criminal acts undermining computer systems, including hacking”.
“We have explicit laws and regulations in this regard,” said Jiang Yu, from the ministry. “Hacking is a global issue and China is frequently a victim.”
George W. Bush, US president, is due to meet Hu Jintao, China’s president, on Thursday in Australia prior to the Apec summit.
The PLA regularly probes US military networks – and the Pentagon is widely assumed to scan Chinese networks – but US officials said the penetration in June raised concerns to a new level because of fears that China had shown it could disrupt systems at critical times.
“The PLA has demonstrated the ability to conduct attacks that disable our system...and the ability in a conflict situation to re-enter and disrupt on a very large scale,” said a former official, who said the PLA had penetrated the networks of US defence companies and think-tanks.
Hackers from numerous locations in China spent several months probing the Pentagon system before overcoming its defences, according to people familiar with the matter.
The Pentagon took down the network for more than a week while the attacks continued, and is to conduct a comprehensive diagnosis. “These are multiple wake-up calls stirring us to levels of more aggressive vigilance,” said Richard Lawless, the Pentagon’s top Asia official at the time of the attacks.
The Pentagon is still investigating how much data was downloaded, but one person with knowledge of the attack said most of the information was probably “unclassified”. He said the event had forced officials to reconsider the kind of information they send over unsecured e-mail systems.
John Hamre, a Clinton-era deputy defence secretary involved with cyber security, said that while he had no knowledge of the June attack, criminal groups sometimes masked cyber attacks to make it appear they came from government computers in a particular country.
The National Security Council said the White House had created a team of experts to consider whether the administration needed to restrict the use of BlackBerries because of concerns about cyber espionage.
Additional reporting by Richard McGregor in Beijing
To contact the reporter email demetri.sevastopulo@ft.com
By Demetri Sevastopulo in Washington
Published: September 3 2007 19:00 | Last updated: September 3 2007 20:53
The Chinese military hacked into a Pentagon computer network in June in the most successful cyber attack on the US defence department, say American officials.
The Pentagon acknowledged shutting down part of a computer system serving the office of Robert Gates, defence secretary, but declined to say who it believed was behind the attack.
ADVERTISEMENT
Current and former officials have told the Financial Times an internal investigation has revealed that the incursion came from the People’s Liberation Army.
One senior US official said the Pentagon had pinpointed the exact origins of the attack. Another person familiar with the event said there was a “very high level of confidence...trending towards total certainty” that the PLA was responsible. The defence ministry in Beijing declined to comment on Monday.
Angela Merkel, Germany’s chancellor, raised reports of Chinese infiltration of German government computers with Wen Jiabao, China’s premier, in a visit to Beijing, after which the Chinese foreign ministry said the government opposed and forbade “any criminal acts undermining computer systems, including hacking”.
“We have explicit laws and regulations in this regard,” said Jiang Yu, from the ministry. “Hacking is a global issue and China is frequently a victim.”
George W. Bush, US president, is due to meet Hu Jintao, China’s president, on Thursday in Australia prior to the Apec summit.
The PLA regularly probes US military networks – and the Pentagon is widely assumed to scan Chinese networks – but US officials said the penetration in June raised concerns to a new level because of fears that China had shown it could disrupt systems at critical times.
“The PLA has demonstrated the ability to conduct attacks that disable our system...and the ability in a conflict situation to re-enter and disrupt on a very large scale,” said a former official, who said the PLA had penetrated the networks of US defence companies and think-tanks.
Hackers from numerous locations in China spent several months probing the Pentagon system before overcoming its defences, according to people familiar with the matter.
The Pentagon took down the network for more than a week while the attacks continued, and is to conduct a comprehensive diagnosis. “These are multiple wake-up calls stirring us to levels of more aggressive vigilance,” said Richard Lawless, the Pentagon’s top Asia official at the time of the attacks.
The Pentagon is still investigating how much data was downloaded, but one person with knowledge of the attack said most of the information was probably “unclassified”. He said the event had forced officials to reconsider the kind of information they send over unsecured e-mail systems.
John Hamre, a Clinton-era deputy defence secretary involved with cyber security, said that while he had no knowledge of the June attack, criminal groups sometimes masked cyber attacks to make it appear they came from government computers in a particular country.
The National Security Council said the White House had created a team of experts to consider whether the administration needed to restrict the use of BlackBerries because of concerns about cyber espionage.
Additional reporting by Richard McGregor in Beijing
To contact the reporter email demetri.sevastopulo@ft.com
Labels: China, Chinese hackers, Chinese military, Pentagon
