Chinese Hackers Gain Access to Pentagon Files

Share: Email Story Twitter Facebook Stumbleupon Add to Any
by Swan | March 8, 2008 at 11:07 am
1576 views | 15 Recommendations | 10 comments

Photos

Chinese Hackers Gain Access to Pentagon Files

Chinese Hackers Gain Access to Pentagon Files

see larger image

uploaded by Swan

OPINION PIECE: 

This is not the first time we've heard of the Chinese and their "expertise" in this area.   The world is aware of their superior education system and what their students are able to produce as a result of this education.

ZHOUSHAN, China (CNN) -- They operate from a bare apartment on a Chinese island. They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world's most sensitive sites, including the Pentagon.

Source: cnn.com

Just because the leader of this little group, Xiao Chen (on-line name) has come forward with this information, doesn't make it any better.  We have no idea just how many of these small hacker groups are being used by the Chinese, as evidenced by this report just last month in Time:
Wanted: computer virus writers. Must be fluent in Mandarin. Or Russian. Or Portuguese.

Hacker "help wanted" ads says McAfee Inc., appear all the time on underground internet channels.

Who places these ads?

Well first of all, given the various languages required, these hackers are used to launch specific attacks at targeted countries by Chinese malicious code designers.  They are involved with such activities as:

Hackers want to craft compelling and grammatically correct Web pages and spam e-mails — which are crucial in fooling people to download viruses or reveal personal information like credit card numbers, according to the report.

By localizing their attacks, hackers can better target software and sites popular in specific countries — such as peer-to-peer network applications in Japan, online gaming sites in China, and banks in Brazil. They can also limit their attacks to countries where law enforcement is more likely to be lax.

Xiao Chen explained that it's not possible to have a 100% safe web site.  While some may have high-level security, there is always a weakness to be found and exploited.

While Chen of course does not want to reveal his true identity, he did reveal that there are only two others in his group.  Experts tend to call such groups, "civilian cyber-militia" as they follow their mandates to launch attacks on (not only) government web sites but private ones too, all over the world.

If you've ever received a suspicious email, telling you to confirm your PayPal or bank account details - and you do exactly that - chances are you could be relieved of a LOT of your money.

These emails should be discarded immediately and NOT even opened, as various code can actually be triggered by opening it.   Be careful and view your email with a careful and alert eye.

If an email looks suspicious, expand the header and examine it carefully - also make sure that the URL you're supposed to click through to is genuine.

David Marcus, Security Research and Communications Manager with McAfee had these comments:

"It speaks to the underlying professionalism and understanding of business that we've seen in the past few years, and that we haven't seen in the past," [...] "They're approaching malware as a business and are looking to build their businesses globally." [...] "It doesn't take a huge investment in time to craft this stuff perfectly,"

Recruitment for virus writers and hackers is usually accomplished in one of two ways:

Hackers wanting to employ virus writers who are able to design effective spam and web sites in local languages;

Hackers wanting to trade malicious programs in different languages.

The trio who claim to have hacked into the Pentagon, consist of a former computer operator in the People's Liberation Army; a marketing graduate and Chen himself is a self-taught programmer.

It doesn't take much to cause mayhem in the world.  Chen had these gems of wisdom to teach us:

"First, you must know about the Web site you want to attack. You must
know what program it is written with," says Xiao Chen. "There is a
saying, 'Know about both yourself and the enemy, and you will be invincible.'"

Thank you Mr. Xiao Chen.

While CNN refuses to divulge their web site - Chen advised that they have been operating for more than three years and have 10,000 registered users.  He also divulged that hackers are able to use tools, articles, news and flash tutorials on hacking from the web site.

Private computer experts in the United States from iDefense Security Intelligence, which provides cybersecurity advice to governments and Fortune 500 companies, say the group's site "appears to be an important site in the broader Chinese hacking community."

Arranging a meeting with the hackers took weeks of on-again, off-again e-mail exchanges. When they finally agreed, CNN was told to meet them on the island of Zhoushan, just south of Shanghai and a major port for
China's navy.

The apartment has cement floors and almost no
furniture. What they do have are three of the latest computers. They are cautious when it comes to naming the Web sites they have hacked.

What's the matter Mr. Chen - don't the Chinese pay you enough to own furniture and somewhere nicer to live?   Figures.

With regard to the Pentagon, Chen claims it wasn't actually he that did the hacking but two of his other "colleagues" - not part of the aforementioned in this report.

He went on to tell how they hacked into the Pentagon and downloaded information - though he wouldn't describe what kind of information.  He also said that he was paid by the Chinese government.

Of course, Beijing has denied everything - what are they supposed to say?  "Uh yes, we paid hackers to infiltrate your Pentagon and now we have some of your top-secret documents?"  Unlikely!

To set the record straight, Chen said that the attack was a freelance operation and nothing to do with Beijing - however he also says that they did pay for it "after the fact."

James Mulvenon from the CIA Research and Analysis division had this to say about them:[q]"These hacker groups in my opinion are not agents of the Chinese state - they are sort of useful idiots for the Beijing regime."

Here are other recent stories - all about hackers:

* Official International Hackers Going After U.S. Networks by Jeanne Meserve - CNN

* China Denies Hacking into Pentagon by Barbara Starr, Brian Todd and Ed Payne - CNN

* China Denies Hacking Pentagon

The Chinese government called allegations that its military hacked the
Pentagon's computer network over the summer "groundless", the state-run
Xinhua news agency reported late Tuesday.

Article removed!

* The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them)

Article Removed!

* Data stolen from 146,000 People on Govt., Website

About 146,000 people using a jobs Web site sponsored by the U.S.
government have had their personal information stolen by hackers who
broke into computers at Monster Worldwide Inc., a government spokesman
said on Thursday.

Article removed!

* Hackers Extract Main Key to iPhone Unlocking, Freedom Closer Than Ever by Gizmodo

After uncovering its communications core's secrets, today hackers have reached a big milestone towards freeing the iPhone from the AT&T network:
they extracted the full content of the radio memory. In other words:
now they have the plans for the fucking Death Star —"the main key to
achieve true unlock." Want to help the iPhone Dev Team but you are no
expert?"

There are hundreds more and I'm sure you can locate them with Google.

Source & Image:
CNN - Chinese Hackers: No Site is Safe by John Vause
Time - Hackers Recruit for Local Language Skill by Jordan Robertson/AP

Image Sources:
Gizmodo


Advertisement
Share: email story | add to any | | facebook | stumbleupon

Most RecentMost Recommended Comments (10)

recommend Sign In or Join to post comments
Amy Judd
Amy Judd
flagged this story as Good Stuff

at 11:42 on March 8th, 2008

Swan, I like this story. It's good stuff. Well written and informative article! It's quite scary actually to know that it only take three people to hack into what should be one of the world's most heavily guarded website.

0
Swan
Swan

at 11:56 on March 8th, 2008

Hello Amy,

Thanks for the comment and flag. :)

You're right, it is scary.  Especially when you realize that this group is not the only one operating in China.  It's alleged that there are literally hundreds of groups operating in China - and though they may be fragmented around the country, that makes for a substantial task force.

To me, China is becoming less and less trustworthy in it's various methods of acquiring secrets, along with the recent victimization, incarceration and beating of it's various citizens - some even in the public eye.

I think "Beware of China" is an appropriate warning to all these days.
     ~ Swan

0
Amy Judd
Amy Judd

at 14:45 on March 8th, 2008

Unfortunately, let's not forget the recent toy scares we've had in the last few months as well.

0
Swan
Swan

at 15:22 on March 8th, 2008

Too true!  There were two that I can distinctly recall immediately - one was a recall on Chinese made toys with lead in them; then a separate incident with children's bibs that also had lead in them!

In the former event, China ever so kindly exported replacement toys to the stores, which guess what?  Uh huh, they had lead in them as well!

What was up with that?  Did they think our government departments wouldn't check the second time around?

Don't even try and tell me that it was an "error."  Because if you try and sell me a bridge, you'll find that I don't buy them either.
      ~ Swan

0
Amy Judd
Amy Judd

at 15:28 on March 8th, 2008

That's right! I forgot about that instance when the replacements also had led in them! Who's to say if it was an error or not, but put it this way, if it was a story posted on here, I would flag it as fishy! :)

0
Swan
Swan

at 15:47 on March 8th, 2008

That last comment was just priceless Amy!  I'm still laughing!
          ~ Swan

0
Jordan Yerman
Jordan Yerman

at 13:53 on March 8th, 2008

Though naturally American hackers would be attacking Chinese government sites as well. Israeli hackers, Canadian, Australian, British... whole lotta hackin' goin' on... It's outsourced because your average high-raning military officer was raised in the era of punchcards and mag tapes, so they're going to where the expertise is: in this case, the private sector. DARPA does it openly, though who knows how many branches of how many governments are doing it not-so-openly.

0
Swan
Swan

at 14:42 on March 8th, 2008

Hello Jordan,

I'm sure that other countries have their fair share of hackers, you're right of course - but I think it comes down to intent.

As far as I know, hackers from the West, aren't trying to build malicious web sites or create inviting emails that entrap innocent individuals, for the purpose of relieving them of their bank accounts en masse, either Stateside or in other countries.

All countries spy on one another - it's the Big Boys' ways of still being allowed to play with their shiny toys and get paid for it; scanners, cameras of every kind imaginable, audio equipment by the ton, fun disguises (Halloween is a blast!) and get benefits to boot!

Just leave us, the people who just want to get on with life, the ones who don't want to play your silly games - alone.
       ~ Swan

 

Drew Bulman
Drew Bulman
flagged this story as Good Stuff

at 17:34 on March 8th, 2008

Thanks for the information!  I'm sitting here at a coffee shop with a friend from Hong Kong, and this definitely piqued his interest. 

0
Swan
Swan

at 10:14 on March 11th, 2008

Hello Yepokay!

I don't know how I missed your comment, but somehow I did.

Thank you both for the flag and the comment - I'm glad your friend enjoyed my report - I hope you did too!

It's fun being the featured reporter on the front page huh?  Congratulations!  ;)
       ~ Swan

in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

closeSign in to NowPublic

Not a member?

JoinIt's free!

is reporting from
Member
NP Rank: