Return-Path: <sentto-279987-1678-999326790-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 31 Aug 2001 23:48:11 -0700 (PDT) Received: (qmail 29519 invoked by uid 510); 1 Sep 2001 06:46:50 -0000 Received: from n11.groups.yahoo.com (216.115.96.61) by 204.181.12.215 with SMTP; 1 Sep 2001 06:46:50 -0000 X-eGroups-Return: sentto-279987-1678-999326790-fc=all.net@returns.onelist.com Received: from [10.1.4.52] by c3.egroups.com with NNFMP; 01 Sep 2001 06:46:30 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2); 1 Sep 2001 06:46:30 -0000 Received: (qmail 61520 invoked from network); 1 Sep 2001 06:46:30 -0000 Received: from unknown (10.1.10.26) by m8.onelist.org with QMQP; 1 Sep 2001 06:46:30 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 1 Sep 2001 06:46:30 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id XAA25300 for iwar@onelist.com; Fri, 31 Aug 2001 23:46:26 -0700 Message-Id: <200109010646.XAA25300@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 31 Aug 2001 23:46:26 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] Is China's Guandong province ground zero for hackers? Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Is China's Guandong province ground zero for hackers? By Robert Vamosi, AnchorDesk, 8/31/2001 http://dailynews.yahoo.com/h/zd/20010830/tc/is_china_s_guandong_province_ground_zero_for_hackers__1.html Last week, while discussing new priorities for the Department of Defense (news - web sites), Secretary of Defense Donald Rumsfeld told the Washington Post that "serious moves to transform the military to meet such emerging threats as computer warfare, terrorism and missile proliferation will not produce new war-fighting capabilities for a number of years." Although paraphrased, it sounds to me like Secretary Rumsfeld just told our enemies that we're years away from defending ourselves against cyberterrorism. Oops. Now is not the time to admit weakness in this area, Mr. Secretary. Quietly, the U.S. government had been hacking away at cyberterrorism. The EP-3E spy plane that crash-landed in China earlier this year was, according to James Bamford in his keynote speech at this year's Black Hat Briefing, working for the National Security Agency. Even the 1999 war in Kosovo featured early information warfare techniques against the Serbian government. A recent report by MSNBC explains the emerging global information warfare threat in greater detail. If the secretary is serious about transforming the U.S. defense department, then let me suggest that it is much more prudent to shore up our computer networks today than to invest in the 20-year-old concept of laser-toting satellites orbiting the earth tomorrow: Our computer networks are already under serious attack. HOSTILE NATIONS, and for that matter, hostile groups, such as Osama bin Laden (news - web sites)'s followers, realize they can't challenge the U.S. military one-on-one. But they can disrupt our utilities, our telecommunications, and our e-commerce. Just last spring, during a period of rolling blackouts in Northern California, someone hacked into the California Independent System Operators system, which regulates the flow of power in the state. The malicious users were stopped before they caused any damage, but the incident shows how vulnerable our ancillary government agencies are to attack. The hack was traced back to the Guangdong province in China. Turns out, this was not an isolated incident. A few weeks ago, I wrote that students at Foshan University in Guangdong, China, may have created the Code Red worm. Shortly after that column appeared, someone at the Defense Department called me with a serious interest in that information. Now, the recent and very nasty Offensive Trojan horse also happens to share a connection to Guangdong. I don't think this is a coincidence. Guangdong is the largest and wealthiest province, and Hainan Island, the site where the American EP-3E plane was held after landing last April, is nearby. According to a report prepared by the security company Vigilinx, Guangdong is also home to hacker groups, such as the Honker Union of China (also known as the Red Guest Alliance) and China Eagle, and to criminal extortionists who have been terrorizing Hong Kong's financial networks for years. Guangdong also happens to be very beautiful, historic, and the focus of major Western investment and tourism. RATHER THAN ASSUME the Chinese government is behind Code Red and Offensive, I think it is more credible that different groups of individuals within Guangdong might be hacking the United States and other nations (like Japan) for their own reasons. Like the cracker activity once seen in Eastern Europe, these exploits may not be a political expression against, but a general frustration with, Western arrogance and influence. The crackers in Guangdong seem to be doing their own thing, and they are definitely pushing the envelope of what is possible in terms of malicious activity on the Internet. Whatever their motives, I suggest we'll hear even more from the crackers in Guangdong. If ego is involved, these crackers probably aren't done flexing their programming muscles or announcing themselves to the world. Now, thanks to comments from the U.S. Defense Secretary, others elsewhere might also be tempted to join in their fun. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Speak up and rate leading IT and computer Web sites Get a $10 AMAZON.COM Gift Certificate http://us.click.yahoo.com/IjDtZD/Gd6CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:40 PDT