The Dark Visitor

So it turns out that the changes CNNIC has made to restrict registration of .cn TLD domains to business license holder has had at least a temporary impact on spam tactics.  Doesn’t seem to have made any difference in the volume but spammers are now moving away from purchasing new inexpensive .cn domains for spamming.  Here is the link to the Sophos Labs blog that contains this revealing graph:

Hacker school enrollment advertisements seen all over the streets of Wuhan

In the last few days, there have been several articles covering China’s domestic hackers and their schools.   In the past, this type of recruiting activity was confined to the online world and kept out of view of the general public.  Now it is popping up all over the street.

Internet user questions if Academy’s purpose is to stop hacking or train hackers

An internet user, going by the name “Levi”,  posted a rant on the IPTV website complaining about the enrollment and advertising practices of the Yinhe Info and Tech Academy.  The rant generated thousands of views in just one day.

Levi’s Rant

Continue Reading »

CCTV excerpt from Defense Review Week interview with network specialists Major General Hu Xiaofeng (Deputy Director for the National Defense University Department of Information Warfare and Training Command) and Professor Meng Xiangqing (National Defense University Institute for Strategic Studies):

Program introduction:  Hackers suddenly break into the US Atlantic Fleet’s command system, they instantaneously take control of the US fleet and fighter aircraft, turning missiles fired moments ago 180 degrees back at itself.  The entire country is thrown into chaos.  Is this description of a US military cyber warfare exercise truly capable of producing such formidable power?

Washington D.C., traffic lights completely fail, cars moving in opposite directions inside the tunnels collide, the stock market collapses, communications are cut off, all television stations are broadcasting the same thing – fragments of the US president’s televised speech patched together to produce a terrorist’s “hacker manifesto”.   This is a scene from the movie “Die Hard 4,” in which several hackers repeatedly turn the United States upside down.  Could this type of scenario actually happen in real life?

Well then, what is cyber warfare really? How does it enhance combat capability? In high-profile speeches, the US and South Korea announced the establishment of cyber warfare command centers, what is being hidden behind them?  Will this cause an arms race in the cyber domain or become the new contest between nations for strategic control?   Why does the United States equate the threat from cyberspace to nuclear, chemical and biological weapons?  Is future cyber warfare a weak defense and strong offense, or a strong defense and weak offense?   How should we respond?

This month, “Defense New Review” has invited top-level network specialists, Major General Hu Xiaofeng and Professor Meng Xiangqing to decipher it for you.

Host:  Cyber warfare takes place in virtual space but I feel that it seems to strike at the enemy’s morale.  Can these types of virtual encounters cause casualties to the enemy’s effective strength?

MG Hu Xiaofeng:  As an example, I take control of your high-speed railroad network and after I seize control of your system, I send you a message.  Will you agree to my blackmail or not?  If you agree, then there isn’t a problem.  If you don’t agree, then I crash two of your trains together.  Is it your decision to let people die?  I’ll give you another example.  For instance, I launch a missile and you call it back on itself.  It is all possible.

Host:  Are these types of things all covered under the scope of cyber warfare?

Prof Meng Xingqing:  Yes, however the goal is not to destroy the enemy’s effective strength, or to say I’ve destroyed this number of enemy troops or specific military targets.  It’s not like that, the goal is to achieve a strategic objective.  What is the stragetic objective?  It is what Professor Hu just mentioned, you have to meet my political conditions or your government will be toppled, or you promise to meet some of my political conditions.  In this type of conflict, killing a certain number of people is a secondary consideration.  In general, there are only a few major differences in the considerations between cyber and traditional warfare.   One is in tangible space and the other intangible space.  One is in virtual space and the other on the battlefield.  Overall, it is bloodless.

Host: Then is it possible that with cyber wafare we won’t have to rely on traditional methods of warfare, can we attain military victory purely through the means of cyber warfare, is that possible?

MG Hu Xiaofeng: … …

Prof Meng Xingqing: … …

End excerpt from broadcast.

I woud really like to have the rest of this if any one runs across it.  The transcript just ends right there, bastards.

According to Yangtze River News, the author of the virus “Panda Burning Incense,” is due to be released from prison at year’s end and plans on working in computer security.  Li Jun, also known as the “Virus King,” designed the “Panda Burning Incense” virus that wreaked havoc across the Chinese internet from December of 2006 to January of 2007.  The virus infected between 300-500,000 computers daily; with at least 10 million infected in total.  The virus earned Li between 3-5,000 yuan each day and the highest day’s income was 10,000 yuan.

After his arrest and trial, Li was sentenced to four years in prison of which he has currently served 2 1/2.   Li’s sentence has been reduced and he thinks he will be released at the end of the year.  His three accomplices have already been released.

When he gets out, Li plans to go to Shenzhen and look for a job with a large computer security company and pay back his parents.

What could go wrong?

The poster in the background above reads, “recruiting hackers” and was  meant to be humorous in order to attract the top IT applicants at the 2009 Spring Jobs Fair.  There were more than 300 companies offering 4,000 positions.

The same graphic also accompanied a different article but this was an interview with Chinese Air Force Colonel Dai speaking on cyber warfare research (the link is a Google English xlation, I’m working on another article right now).

Make of that what you will.

DEFCON 17 is right around the corner. Let me know (email jumper@) if you are interested in coming to a meet-up. Last year around 15-20 people met up and we had a great time socializing and talking shop.

-jumper

UPDATE: Well, this update didn’t take long.  According to Stanza:  Uhhhh nope! The site is back as of today. Yesterdays news buddy! Chop Chop! Hiiiii-ya!

UPDATE#2:  As usual, our readers are better informed than I am.  More great comments on the status of Milw0rm in the comments section from Steve C and dblackshell.

Chinese hackers love the Milw0rm portal, so I follow it every now and then.  Found out today that the site has been closed down by the owner Str0ke:

Str0ke does not explain whether this is simply due to a lack of time, to an increasing number of exploits or perhaps to both. It also remains unclear whether the page and its current database will remain available or whether it will soon be taken off line. It is possible that other members of the community will come forward to support str0ke or offer to take over the portal’s operation.

Originally, milw0rm was a worldwide group of hackers whose members communicated via IRC. The group became known internationally after it hacked into the Indian Bhabha Atomic Research Centre (BARC) in June 1998 and downloaded emails and classified documents about nuclear tests. The members’ true identities reportedly still remain unknown to the investigating authorities. Speculations that milw0rm was closed due to pressure from the FBI have so far not been substantiated.

Nations develop defense capabilities and weapon systems based on threat perception.  While it is  extremely difficult to predict future war, it is something each country must take seriously.  You don’t spend all of your military budget on coastal defense if estimates show it is more likely you will engage in land warfare.  If military decision-makers predict that future combat will center around non-contact war, using drones, cyber attacks and space-based weaponry, you focus your energy and resources on those areas.

China has openly announced that they are moving toward an “informationized” force and it is one of their top priorities.  While we do not have to agree with their rational, it is imperative that we understand it.

The following article from tech.qq.com outlines many of those reasons.  It is a rather long piece so this will be a gist of the major points mentioned:

Unmasking the true intentions behind the repeated US “Chinese hacker threat” hype

The US media has always portrayed the Chinese hacker as omnipotent, capable of easily breaking through the White House and Pentagon network security systems to steal classified information.  On 23 June,  after US Secretary of Defense Gates announced the creation of a Cyber Warfare Operations Center, the true intentions behind the constant US “Chinese hacker threat” hype became immediately obvious to the outside world.   In fact, there are even more unknown plans underneath this, exaggerating the “Chinese hackers threat” is only one plot in a series of ploys by the  US to strengthen its network capabilities.  In truth, the establishment of the Cyber Warfare Operations Center is not the  first US attempt to expand its network capabilities.   Even before the worldwide  popularity of the internet, the US had already created a “cyber army” and carried out the practice of “cyber war.”   (US) Experts stated, they wanted the same unrivaled domination in “freedom of movement”  as the US military enjoyed on the land, sea, air and space.  The US would reject any restriction in the cyber domain in order to ensure their dominant position.

Continue Reading »

H/T: Mark

Received an interesting e-mail from one of our readers named Mark who suggested I take a look at an article dealing with Chinese fears of US hackers and the possible threat to its cyber sovereignty:

In that context, the article I came across in the English-language China Daily was an eye-opener. The title was “China at the mercy of global hackers.”

Early in the article, a Chinese academic expert on cyber warfare said: “In a worst-case scenario, a security breach could result in the breakdown of the energy supply and collapse of the financial system, not to mention a collapse of the national defense capability.… The capability to defend China’s information and cybersecurity is extremely weak, and many of its online applications remain vulnerable to assault.”

While placing the US flag in front of the house today, I thought of all that it meant and those who sacrificed so much to defend it.   Soldiers were giving out poppies in front of the PX and my little one got a stuffed “Buddy Poppy.”  A little dog covered with red poppies, it really touched me.

We cherish too, the Poppy red
That grows on fields where valor led,
It seems to signal to the skies
That blood of heroes never dies.