The Truth About Chinese Hackers

Moderator: savanb

The Truth About Chinese Hackers

Postby long_way » Tue Jul 15, 2008 2:07 pm

The Truth About Chinese Hackers

(Taken from "Crypto-Gram " - Bruce Schneier's personal newsletter http://www.schneier.com/crypto-gram.html )

The popular media conception is that there is a coordinated attempt by
the Chinese government to hack into U.S. computers -- military,
government corporate -- and steal secrets. The truth is a lot more
complicated.

There certainly is a lot of hacking coming out of China. Any company
that does security monitoring sees it all the time.

These hacker groups seem not to be working for the Chinese government.
They don't seem to be coordinated by the Chinese military. They're
basically young, male, patriotic Chinese citizens, trying to demonstrate
that they're just as good as everyone else. As well as the American
networks the media likes to talk about, their targets also include
pro-Tibet, pro-Taiwan, Falun Gong and pro-Uyghur sites.

The hackers are in this for two reasons: fame and glory, and an attempt
to make a living. The fame and glory comes from their nationalistic
goals. Some of these hackers are heroes in China. They're upholding the
country's honor against both anti-Chinese forces like the pro-Tibet
movement and larger forces like the United States.

And the money comes from several sources. The groups sell owned
computers, malware services, and data they steal on the black market.
They sell hacker tools and videos to others wanting to play. They even
sell T-shirts, hats and other merchandise on their Web sites.

This is not to say that the Chinese military ignores the hacker groups
within their country. Certainly the Chinese government knows the leaders
of the hacker movement and chooses to look the other way. They probably
buy stolen intelligence from these hackers. They probably recruit for
their own organizations from this self-selecting pool of experienced
hacking experts. They certainly learn from the hackers.

And some of the hackers are good. Over the years, they have become more
sophisticated in both tools and techniques. They're stealthy. They do
good network reconnaissance. My guess is what the Pentagon thinks is the
problem is only a small percentage of the actual problem.

And they discover their own vulnerabilities. Earlier this year, one
security company noticed a unique attack against a pro-Tibet
organization. That same attack was also used two weeks earlier against a
large multinational defense contractor.

They also hoard vulnerabilities. During the 1999 conflict over the
two-states theory conflict, in a heated exchange with a group of
Taiwanese hackers, one Chinese group threatened to unleash multiple
stockpiled worms at once. There was no reason to disbelieve this threat.

If anything, the fact that these groups aren't being run by the Chinese
government makes the problem worse. Without central political
coordination, they're likely to take more risks, do more stupid things
and generally ignore the political fallout of their actions.

In this regard, they're more like a non-state actor.

So while I'm perfectly happy that the U.S. government is using the
threat of Chinese hacking as an impetus to get their own cybersecurity
in order, and I hope they succeed, I also hope that the U.S. government
recognizes that these groups are not acting under the direction of the
Chinese military and doesn't treat their actions as officially approved
by the Chinese government.


This essay originally appeared on the Discovery Channel website:
http://dsc.discovery.com/technology/my- ... china.html
or http://tinyurl.com/5lv3ac
long_way
 
Posts: 737
Joined: Fri Feb 09, 2007 8:56 am

Return to Web Sites

Who is online

Users browsing this forum: No registered users and 1 guest

cron