Welcome to Gaia! ::

Chinese military hacked into Pentagon
By Demetri Sevastopulo in Washington and Richard McGregor in Beijing

Published: September 3 2007 19:00 | Last updated: September 3 2007 20:53

The Chinese military hacked into a Pentagon computer network in June in the most successful cyber attack on the US defence department, say American ­officials.

The Pentagon acknowledged shutting down part of a computer system serving the office of Robert Gates, defence secretary, but declined to say who it believed was behind the attack.

Current and former officials have told the Financial Times an internal investigation has revealed that the incursion came from the People’s Liberation Army.

One senior US official said the Pentagon had pinpointed the exact origins of the attack. Another person familiar with the event said there was a “very high level of confidence...trending towards total certainty” that the PLA was responsible. The defence ministry in Beijing declined to comment on Monday.

Angela Merkel, Germany’s chancellor, raised reports of Chinese infiltration of German government computers with Wen Jiabao, China’s premier, in a visit to Beijing, after which the Chinese foreign ministry said the government opposed and forbade “any criminal acts undermining computer systems, including hacking”.

“We have explicit laws and regulations in this regard,” said Jiang Yu, from the ministry. “Hacking is a global issue and China is frequently a victim.”

George W. Bush, US president, is due to meet Hu Jintao, China’s president, on Thursday in Australia prior to the Apec summit.

The PLA regularly probes US military networks – and the Pentagon is widely assumed to scan Chinese networks – but US officials said the penetration in June raised concerns to a new level because of fears that China had shown it could disrupt systems at critical times.

“The PLA has demonstrated the ability to conduct attacks that disable our system...and the ability in a conflict situation to re-enter and disrupt on a very large scale,” said a former official, who said the PLA had penetrated the networks of US defence companies and think-tanks.

Hackers from numerous locations in China spent several months probing the Pentagon system before overcoming its defences, according to people familiar with the matter.

The Pentagon took down the network for more than a week while the attacks continued, and is to conduct a comprehensive diagnosis. “These are multiple wake-up calls stirring us to levels of more aggressive vigilance,” said Richard Lawless, the Pentagon’s top Asia official at the time of the attacks.

The Pentagon is still investigating how much data was downloaded, but one person with knowledge of the attack said most of the information was probably “unclassified”. He said the event had forced officials to reconsider the kind of information they send over unsecured e-mail systems.

John Hamre, a Clinton-era deputy defence secretary involved with cyber security, said that while he had no knowledge of the June attack, criminal groups sometimes masked cyber attacks to make it appear they came from government computers in a particular country.

The National Security Council said the White House had created a team of experts to consider whether the administration needed to restrict the use of BlackBerries because of concerns about cyber espionage.

Copyright The Financial Times Limited 2007

As bad as they make this sound, if they were to run all their critical data on a completely closed network, then they could completely avoid these problems.

This is the bleeding pentagon, and if it only took a few hackers that short an amount of time to break in, then they really need to reconsider their security setup.


The real shocker in this whole thing is that they probably used an open-source assessment program, like SATAN, to make this "attack".


For those of you who aren't aware of the above network utility, it's used to test connection security in a network. being that you have to compile the source code yourself, you can easily edit it to go well beyond the 3 hop Time to live value (a value that determines how far the program will probe before shutting down), and build a code module (rather easily, mind you) to install any number of programs, from insanely destructive viruses to keystroke moniters and packet sniffers.

the real b***h of it is that you can even tell it to edit log and registry data with enough tweaking.

Weaponized coding is not a new idea, it's just now coming into it's own.

It's a tough call... a good hacker doesn't get caught.

I don't want to know, which governments already watched me. But the fact that every track leads to China, tells me they must be really dumb to attempt to hack foreign servers and getting caught...

It is possible to spoof IP addresses and MAC (the hard-coded identifier built into every network interface card) address to make an attack look like it came from anywhere, it's just a matter of how far back you feel like leaving tracks.

There's no guarantee that it came from the PLA, or some independant source, for that matter, and it can be almost impossible to track a hacker or group of hackers unless they make a mistake or want to be found.