Great Firewall of China
January 19, 2006 5:07 AM   Subscribe

Good thing they were on the ball. Otherwise the English graduate thesis could have been at risk.
posted by srboisvert at 5:20 AM on January 19, 2006

From TFA:
"Fortunately, the attack, which took place earlier in 2005, was thwarted by parliament's sophisticated internet security system; no sensitive data is thought to have been lost." [my emphasis]

Surely a truely sophistication system would know if data were lost.

Still, it seems to be an improvement on the usual UK governmental IT outsourcing incompetance.
posted by Shave at 6:04 AM on January 19, 2006

almost certainly operating in the world's next superpower, China.

Yeah, I'd like to see you become the world's next superpower without pulling some shenanigans.
posted by StickyCarpet at 6:05 AM on January 19, 2006

There are rumors floating around that China is attacking computer systems all over the world, getting bugs in place for espionage purposes. (economic espionage as well as military intelligence.)

Our government's machines are incredibly poorly protected; the readers of this site are probably a lot more secure and better-protected than many government networks.

From what I've been able to gather, there are a few super, super high security installations in this country, a few more that are quite solid, and then a vast array of completely insecure garbage. The problem is that there is often transitive trust set up... high security agency A trusts not-quite-so-high-security agency B, which trusts mostly-insecure agency C. So the hackers get into C, and eventually are able to explore all the way into A, by exploiting trust relationships.

I don't think it's a question of "whether" they are attacking us this way. Rather, it's "how much have they gotten and how deeply have they penetrated our command and control structures?"

I can't answer that question, but considering the complete incompetence of this administration in most areas, I'm almost sure they will stonewall on even asking it themselves, out of fear of looking bad. Which, of course, is 1000% the wrong way to do it.
posted by Malor at 6:14 AM on January 19, 2006

from the Guardian article:
Meanwhile, the Sans Institute has raised the idea that the Titan Rain attacks might even have a military origin. In the two-and-a-half years of investigation, the hackers never made a mistake.

Never a mistake? Isn't that more like proof it isn't military? Large scale work with no mistakes seems more like the results of someone with extreme skill, hard focus, and serious patience. Maybe China just has a better military than anyone else. (uh huh, like the Soviets did, right?)

None the less, there is plenty to suggest the operation is with sanction of the Chinese government. Maybe we should stop buying their cheap crap for awhile, see how well they do.
posted by Goofyy at 6:24 AM on January 19, 2006

but considering the complete incompetence of this administration in most areas,

The lack of skill at the top != lack of skill at the bottom.

BUT

Any time you have a large organization, incompetence is able to thrive and survive VS a 1-2 man group that lives/dies on its skillset. So your oberservation about trust and A/B/C would happen no matter who was in charge.

Not that 'it would happen with others' should be accepted as an excuse.
posted by rough ashlar at 6:34 AM on January 19, 2006

I can't really see the Chinese attacking the Parliament for political advantage. The best Chinese hackers are all involved in industrial espionage and extortion--that's where the money is. Also, the method of this attack was extremely sloppy even if the execution was "sophisticated." Emails to random people? The military mind set would not want such a broad target set. That'd guarantee discovery sooner or later. This attack wasn't "audacious" it was a prayer. These were people with nothing to lose and everything to gain. The fact that each email was handwritten suggests a good level of planning, but not at a level requiring state infrastructure. These guys were likely just greedy criminals who figured it was worth a shot to see if the front door was unlocked; it certainly doesn't read like a military operation. Then again the Chinese are Godless Communists so there's not much you can put past them.
posted by nixerman at 6:40 AM on January 19, 2006

Thank the good lord the US doesn't do bad things (Eschelon etc) to other countries, friend or foe.
posted by Postroad at 6:40 AM on January 19, 2006

"no sensitive data is thought to have been lost"
I don't think the government would readily admit to this; hence "thought".
nixerman - according to the article each email was individually tailored - thus these were not random people but specifically chosen for the data they may / maynot have had.
posted by adamvasco at 6:49 AM on January 19, 2006

Emails to random people?

I didn't see anything in the article that suggested the people were random. In fact, it made it sound quite the opposite.

A lowly secretary might be the perfect target, if they work on the same network as a high-ranking official.

This is totally unsurprising, and a great reminder that computer security isn't about fifteen year old "hax0rs", or annoying viruses. It's a matter of national security.
posted by I Love Tacos at 7:04 AM on January 19, 2006

I was under the impression that SIPRNet was pretty much impossible to hack so I would guess that the majority of attacks were against lesser defended sites/networks. That would mean none of the information was classified that highly.

As far as the attacks on the British parliament - MPs (like most politicians) are stupid and wouldn't have a clue about IT security so it's probably best if we just don't let them have access to anything more technical than maybe a stapler or perhaps a hole-punch.
posted by longbaugh at 7:07 AM on January 19, 2006

nixerman, to some westerners all Chinese people are agents of their government, its a least a believable racist lie that sells articles over at the guardian. "OMG the IP traces to China and its not a nigeria scam? It must be the government's doing."

Why China would piss over their trading partners is beyond me and the simpler explanation that its industrial hackers (which also come in many other ethnicities like Russians, but we don't hear about Moscow coveting UK technology) goes against the anti-China line many countries are obligated to tow. Its good PR for them when manufacturing jobs go overseas they can say "Look, that's the bogeyman, they're bad, we had nothing to do with this seriously!"
posted by skallas at 7:27 AM on January 19, 2006

The emails were targeted and customized, yes, but I suspect they were random in the sense that no specific set of information was being targeted. That's why this doesn't read like a military operation. The objective was very broad, and it doesn't seem to be anything more than "get secret information, get rich." These people were more than likely civilian criminals; military criminals don't worry about money, they just worry about being caught. The article is just anti-Chinese fearmongering.
posted by nixerman at 7:34 AM on January 19, 2006

China isn't exactly our friend in this great wide world. They're not necessarily our enemy either. However, their military is at least a generation behind our own in technology, and the People's Army would like to catch up. If hackers can sneak in, get information to assist in this, and get out, all the better.
posted by Atreides at 7:44 AM on January 19, 2006

skallas, you also have to remember the Great Firewall of China. They're perfectly capable of detecting malicious traffic, stopping it, and prosecuting the offenders.

Now, they might be DOING this, but I sure haven't heard about it.

Given their surveillance society, and the fact that they don't seem to be doing much to stop it, it's not at all unreasonable to assume that the government is complicit in the skullduggery.

Maybe they're just negligent, but when they're putting that much effort into policing bloody WEB SITES, I'd frankly expect them to be doing very heavy traffic analysis as well.
posted by Malor at 8:33 AM on January 19, 2006

Thank the good lord the US doesn't do bad things (Eschelon etc) to other countries, friend or foe.

You're talking about England. Your sentence should read "Thank the good lord the US does bad things (Eschelon etc) for other countries."
posted by srboisvert at 8:55 AM on January 19, 2006

Didn't William Gibson predict this somewhere in the eighties? Of course, he said our first/last info war would be with the Russians, but that was still in the Cold War days.

As for the Chinese being years behind the US militarily, I think that might be a bit oldthink in this case. They have access to the same computers and networks that we do, and no compunction about using them anyway they see fit. I think, in this case, less existing infrastructure means easier initial implementation anf faster results.
posted by doctor_negative at 9:26 AM on January 19, 2006