Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MUST READ Chinese hackers breach white house computer systems[RISKS] Risks Digest 25.45

From: David Farber <dave () farber net>
Date: Tue, 18 Nov 2008 09:50:42 -0500


Begin forwarded message:

From: Gene Spafford <spaf () cerias purdue edu>
Date: November 18, 2008 9:25:49 AM EST
To: dave () farber net
Cc: "ip" <ip () v2 listbox com>
Subject: Re: [IP] Re: Chinese hackers breach white house computer systems[RISKS] Risks Digest 25.45 


From: "Marc Aniballi | Personal" <marcaniballi () gmail com>
So here we are again - why are the Chinese "supposedly" hacking the White House? I can't see ANY reasonably valuable upside for them.
This shows a remarkable lack of imagination and understanding of the value of espionage.
Getting access to memos, plans, budgets, and observing real-time responses of personnel at EOP is incredibly valuable for any organization performing espionage. Even getting an "inside" phone directory can be valuable because it discloses information that may not be in any published org chart. The info obtained can be used to validate information from other sources. It can be used in targeting humint activities. It can be used to test reactions. It can be used to amplify or establish other access. There are many uses for information collected in such a fashion.
What is the benefit to the US government to CLAIM that they are being attacked by China . . . hmmm. Anyone looking for a bigger budget?
Again, this shows a certain lack of awareness of the complexities of the problem -- and a little too much cynicism about the motives of the people involved. The state of information security practice is awful, even for high-value targets such as the EOP. It isn't a matter of money.
As to how this could be tied to a set of actors, well, there are lots of methods including history, origin, real-time tracing, other intel (including humint and masint), patterns of other intrusions, and more. The big picture is seldom 100% accurate because the other side tries to hide it and almost always denies it. Certainly, anyone can claim that their systems have been hacked and used as stepping stones. But if that is true for a large operation, then the operators of the stepping stone systems are really incompetent. (Imagine if the hacked White House computers were used to conduct intensive, on- going breakins and intel downloads by this third party against, say, the UK, and the UK accused the US of doing it...and we had to admit our most sensitive systems were being used by someone else in such a manner. Credible?) Without knowing more details -- which are undoubtedly classified -- we cannot know how confident a particular attribution might be. But in general, the parties doing this kind of thing (analysis and attribution) are pretty darned good.
Wherever the entry originated, the issue is still one of a cyber security posture that allows outsiders to gain access to high-value, sensitive systems in the US. This has been on-going for years -- many accounts in the press.
And the problems are getting worse. Some of us have been trying to make that point for years.... 






-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: