Green Dam Youth Escort
November 28, 2012 6:16 PM Subscribe
"During his civil lawsuit against the People's Republic of China, Brian Milburn says he never once saw one of the country's lawyers. He read no court documents from China's attorneys because they filed none. The voluminous case record at the U.S. District courthouse in Santa Ana contains a single communication from China: a curt letter to the U.S. State Department, urging that the suit be dismissed. That doesn't mean Milburn's adversary had no contact with him." [China Mafia-Style Hack Attack Drives California Firm to Brink]
Commercial hacker hunters -- who refer to the team as the Comment group, for the hidden program code they use known as “comments” -- tie it to a multitude of victims that include the the president of the European Union Council, major defense contractors and even Barack Obama’s 2008 presidential campaign. The group has been linked to the People’s Liberation Army, China’s military, according to leaked classified cables.
posted by srboisvert at 6:30 PM on November 28, 2012 [2 favorites]
posted by srboisvert at 6:30 PM on November 28, 2012 [2 favorites]
Yeah, it's a shame the article wasn't written for a more technical audience. An interesting story, though.
posted by XMLicious at 6:45 PM on November 28, 2012
posted by XMLicious at 6:45 PM on November 28, 2012
From a slightly older article:
posted by 23 at 6:48 PM on November 28, 2012
The collective’s tactic, hacking computers using hidden HTML code known as comments, earned it another name in private security circles: the Comment Group.So is this only clueless reporters, or are they doing something sneaky with conditional comments?
posted by 23 at 6:48 PM on November 28, 2012
Apparently the group is also known as "Byzantine Candor".
Byzantine Candor is not completely free as a band name because it's already a song, unfortunately.
posted by 23 at 6:57 PM on November 28, 2012 [1 favorite]
Byzantine Candor is not completely free as a band name because it's already a song, unfortunately.
posted by 23 at 6:57 PM on November 28, 2012 [1 favorite]
An interesting aspect to this article that is unmentioned is how consistently bad the security advice was. If you can't lock your tiny operation down after 3 years of attack you are consistently hiring the wrong people and doing the wrong things.
posted by srboisvert at 8:34 PM on November 28, 2012 [1 favorite]
posted by srboisvert at 8:34 PM on November 28, 2012 [1 favorite]
in no way is a SonicWall like an old carburetor engine, i bet he hadn't patched it in months or years. proper network security is hard, running windows behind off-the-shelf firewalls just doesn't cut it.
posted by Mach5 at 8:50 PM on November 28, 2012
posted by Mach5 at 8:50 PM on November 28, 2012
jhalderm.com appears to have collapsed under the weight of the Internet Hack Attack.
Or is it just me?
posted by Mezentian at 9:31 PM on November 28, 2012
Or is it just me?
posted by Mezentian at 9:31 PM on November 28, 2012
this is me, trying to hold on to a suspension of disbelief.
the security sector is staffed by 70% charlatans and at best 30% honest to god knowledgeable security geeks.
and as far as my experience from working in the enterprise sector, well. I have a hard time believing in the facts stated in the article.
"the comment group" hacking via "comments" ... it's like last nights ep of CSI where they were demonizing 3d-printers. use the correct jargon, if you really have to, or generalise it into components. no-one was hacked by "comments" they might however have found sql-injection vectors or some other flaw in the code that leads to the possibility of payloads.
bollocks.
posted by xcasex at 1:58 AM on November 29, 2012
the security sector is staffed by 70% charlatans and at best 30% honest to god knowledgeable security geeks.
and as far as my experience from working in the enterprise sector, well. I have a hard time believing in the facts stated in the article.
"the comment group" hacking via "comments" ... it's like last nights ep of CSI where they were demonizing 3d-printers. use the correct jargon, if you really have to, or generalise it into components. no-one was hacked by "comments" they might however have found sql-injection vectors or some other flaw in the code that leads to the possibility of payloads.
bollocks.
posted by xcasex at 1:58 AM on November 29, 2012
Here's a more technically detailed investigation from a few years ago:
posted by Sleddog_Afterburn at 9:29 AM on November 29, 2012
posted by Sleddog_Afterburn at 9:29 AM on November 29, 2012
Is William Gibson just in charge of reality now?
posted by Sangermaine at 1:11 PM on November 29, 2012 [1 favorite]
posted by Sangermaine at 1:11 PM on November 29, 2012 [1 favorite]
He didn't even attempt to shut down the servers and sanitize the network, however long it takes? Even after finding out that the attacks cost him 50% of sales?
Instead, he pored over the files.
posted by hat_eater at 2:22 PM on November 29, 2012
Instead, he pored over the files.
posted by hat_eater at 2:22 PM on November 29, 2012
« Older “Lots of people think we’re crazy. But that’s what... | Rock gods at the Library of Congress Newer »
This thread has been archived and is closed to new comments
posted by Horace Rumpole at 6:21 PM on November 28, 2012 [2 favorites]