Mercury Rising 鳯女

Politics, life, and other things that matter

Mandiant: Anonymous Helped Expose China’s Hacking US Infrastructure

Posted by Phoenix Woman on February 20, 2013

Something the NYT wouldn’t tell you, but Huffington Post will:

Security researchers and government officials have long claimed that China is behind a growing number of cyber attacks against American computer networks, a charge that China has repeatedly denied. But Mandiant’s 73-page report was unusual in its level of detail, going so far as to profile the identities of three hackers who are believed to be working for the Chinese military. Mandiant said it was able to find connections between two of those hackers and China’s People’s Liberation Army by relying on public data first revealed by the hacker group Anonymous.

In February 2011, Anonymous gained access to the website rootkit.com — an online forum where hackers and researchers share information about hacking techniques — and published personal data of more than 40,000 registered users online. The data included email and IP addresses.

The breach was one of dozens by Anonymous over the past two years and gained relatively little media attention. But now, two years later, security researchers say the data was valuable in helping them find links between hackers and the Chinese military.

“We are fortunate to have access to the accounts disclosed from rootkit.com,” the Mandiant report said.

You can read the Mandiant report here.

8 Responses to “Mandiant: Anonymous Helped Expose China’s Hacking US Infrastructure”

  1. Charles II said

    I have blogged a number of times expressing concern about China’s growing aggressiveness and about the US’s obliviousness to how the precedents it is setting through, e.g. Stuxnet and drone warfare are dangerous precedents for the future. China’s response in this case will be to shrug and say, “Right–and Stuxnet?”

    Now, the two cases are not equivalent. The US and Iran have been in a state of cold war for over thirty years. But precedents work this way, creating new outer limits of what is permissible. The Chinese state is not particularly wise, and it is arrogant in its new-found strength. If there’s a danger to the world peace, it lies in how the decline of American power meshes with the rise of Chinese power.

    • Stormcrow said

      The PRC already as good as told us, almost 15 years ago, in print and publicly, that they would do this, just as soon as they had the capability to.

      That document, BTW, has been widely commented upon and widely read. It wasn’t hidden, in any sense of the word.

      So this should surprise nobody. The media is in a dither because “dither” hypes their exposure.

      The people in charge of the “national infrastructure” that is now at elevated risk, OTOH, are in a dither because they’ve been asleep at the switch, collectively, for the last 15 godforsaken years, and now their underpants are around their ankles in public.

      Here’s just the latest example of the sort of idiocy that is SOP these days: two articles at Brian Krebs’ blog: Security Firm Bit9 Hacked, Used to Spread Malware, published just one week ago today. And then this one, later the same day: Bit9 Breach Began in July 2012.

      The first story fills you in on who “Bit9” is, and why this is very ugly news:

      Bit9, a company that provides software and network security services to the U.S. government and at least 30 Fortune 100 firms, has suffered an electronic compromise that cuts to the core of its business: helping clients distinguish known “safe” files from computer viruses and other malicious software.

      Waltham, Massachusetts-based Bit9 is a leading provider of “application whitelisting” services, a security technology that turns the traditional approach to fighting malware on its head.

      The item compromised? Yep, the encryption keys used to digitally sign the whitelisted code. Guess what those got used for? Betcha you’ll get it right on the first guess.

      And it took them 8 months to figure this out and report it???

      The real issue here is not Stuxnet; the PRC would have latched onto something, anything, to help deflect the criticism they knew would come. Valid or not; it didn’t make any difference.

      The story here is criminal negligence, on the part of the senior management of obvious high-value targets, like Bit9.

      • Charles II said

        Stormcrow, if one takes the Qiao Ling article seriously, they declared war on the US years ago.

        War is not the sort of thing that China should undertake lightly. Their government is widely disliked in Asia, and not especially popular in the rest of the developed world. End the special trade relationship with them and suddenly their finances look very shaky. Their supply lines to food and raw materials are long. And the patience of their own population is starting to wear thin.

        I don’t know what they have managed to steal. But I would bet that the cost of it turns out to be a lot higher than the value.

  2. War is not the sort of thing that China should undertake lightly. Their government is widely disliked in Asia, and not especially popular in the rest of the developed world. End the special trade relationship with them and suddenly their finances look very shaky. Their supply lines to food and raw materials are long. And the patience of their own population is starting to wear thin.

    They’re already pissing off the Europeans by moving into sub-Saharan Africa, which Europe has for decades treated as its own private granary, to set up plantations as they lose their own arable land to pollution, development and climate change.

    • Charles II said

      And the Chinese are not necessarily making a good impression on the locals there. While I think Africans generally are glad to have non-Europeans competing for their resources, I hear that Chinese food farms are leading to scarcity for locals.

      But of course it’s a complex story. You can find a positive view here, a nuanced discussion here, and negative views here and here.

      Still, what makes for the success of an imperialist nation is coherence of strategy and the power of money. A fascinating poll on the popularity of various nations says the following:

      Of those who said the Chinese influence in the world is positive, a majority of 51 per cent says it is because of China’s economy, products, and services.

      Another interesting point raised, though not in the poll: Chinese counterfeits of American products have been responsible for a decline in US popularity.

  3. Stormcrow said

    Stormcrow, if one takes the Qiao Ling article seriously, they declared war on the US years ago.

    Charles, one thing that emerges from just about everything I’ve read of modern Chinese strategic thought is that their conception of “war” and “peace” are fundamentally different from ours.

    We see “war” and “peace” as the only two possible states of a binary condition. This is the natural consequence of the Western way of looking at war and peace, with the Westphalian system as its crystallized form.

    Chinese strategic thinking tends to see this as a bounded continuous interval, with “total war” at one end, and and “hegemony” at the other. Nearly all relationships between external sovereign states will reside somewhere in the strict interior of this set. The Chinese have never bought into the Westphalian worldview, since the Wars of Religion that generated the Peace of Westphalia never really touched them. The history of 20’th Century China certainly wouldn’t incline them that way, since it’s included coups, insurgencies, and one of the few genuine 3-sided wars I can think of offhand.

    Here is Sun Tzu on the subject of alliances:

    We cannot enter into alliances until we are acquainted with the designs of our neighbors.

    In other words, even in conditions of relative peacetime the sensible course is to spy the living daylights out of every other sovereign state within your entire strategic compass.

    You spy on your enemies for all the obvious reasons.

    Yo spy on your friends because it’s foolish to take their outward and visible condition for ground truth.

    And we’ve run into this, painfully, from state entities with much better reasons than the PRC has to consider us allies. “Jonathan Pollard” will ring a few bells, I think.

    • A-yep.

    • Charles II said

      I think you miss my point, Stormcrow. We spy on our friends as well as our enemies because we consider that we’re everyone’s friends. Even our enemies, if they could just see it, are our friends. So even when we are bombing people, it’s for their own good. We are able to be everyone’s friends because we are infinitely strong.

      But Qiao Ling and his co-author, as I see it, have defined it backward. China is infinitely weak and so everything that is normally considered means of peaceful rivalry must be turned into a kind of warfare. It is a self-pitying and paranoid vision of the world, and every bit as dangerous as the aggressive bullying the US indulges in.

Sorry, the comment form is closed at this time.

 
%d bloggers like this: