RE: Alert issued for China's next cyber attack

[InfoSec News <isn () c4i org>]

Forwarded from: "Ian Fraser M (EPA)" <Ian.M.Fraser () ericsson com au>

http://atimes.com/media/DE21Ce01.html

By James Borton 
May 21, 2002 

WASHINGTON - Washington's War Situation Rooms are abuzz these days  
with a score of major flashpoints scattered across the globe, from the 
Middle East, Afghanistan, Iraq, Iran, Libya, Central Asia and North 
Korea to Cuba, and has now an issued alert of China's readiness to 
launch a cyber attack targeting key government computer systems. 

> > Certainly the situation rooms are busy assessing all kinds of
> > intelligence. However, those that deal with the protection of
> > life and limb warrant a somewhat higher priority than someone
> > drawing moustaches on posters. 

Alarm bells have not stopped ringing at the Central Intelligence 
Agency's (CIA) Langley, Virginia, headquarters. The agency has been 
under an increasing media assault since September 11 for its 
recognized intelligence failures. It is even more distressing for the 
multibillion-dollar-funded agency since it is now certain that the 
White House had been warned as early as last August that Osama bin 
Laden's al-Qaeda agents were seeking to hijack aircraft. 

> > Media assault? wow scary stuff. Intelligence failures? since when
> > has intelligence gathering and analysis been an exact science? 
> > Fact is the public rarely get to hear about success in this area,
> > nor should they.

With morale sagging, the ubiquitous and vast CIA appears to be 
operating on one overloaded circuit-breaker with its patriotic 
director George Tenet prominently in the crosshairs of terrorists and 
the US Congress. Incongruous as it seems, another intelligence report 
or early warning of an attack on the US is not being taken seriously. 
The insightful findings that China is gearing up for a cyber attack on 
defense and civilian computer networks in the United States and Taiwan 
is being dismissed outright as not potentially injurious to any 
computer networks. 

> > Morale sagging? I doubt it. More likely getting really frustrated
> > by amateur sleuths, and unimportant politicians and journalists
> > trying to emulate "Chicken Licken" crying "the sky is falling"
> > and jumping at their own shadow.

The paradox is startling. The Institute for Strategic Studies, run by 
the US Army War College, released a classified report as an early 
warning directed to all government policy shapers, the Defense 
Department, US diplomats and law-enforcement agencies to be vigilant 
for Chinese student hackers' efforts some time in early summer to 
spread computer viruses to deface sensitive government Internet sites. 
This is a disturbingly similar message to that which was issued to 
intelligence agencies a month before the devastating attacks on the 
Pentagon and the World Trade Center. 

> > paradox? There is no paradox here at all these things are on totally
> > different levels.

"We do use our website for outreach and we are sensitive to its 
security. But it's important to put the defacing of Web pages in 
perspective. Admittedly it can be done, even with security measures in 
place, but it's more akin to vandalism than a security threat," said 
Dr Steven Metz, director of research and chairman of the Regional 
Strategy and Planning Department at the Strategic Studies Institute at 
the US Army War College. 

> > Thank you Dr Metz. What a pity the person you were talking to wasn't
> > listening!.

It is precisely this kind of denial of any clear and present danger 
from senior sources at the Pentagon and even the CIA that is causing 
an increasing firestorm among congressional leaders. This week, 
Washington's top lawmakers will be pushing for tougher inquiries about 
last year's breakdown in intelligence communication between the CIA 
and Federal Bureau of Investigation (FBI). 

> > Oh come on. Someone's been reading to many Tom Clancy novels. Clear and
> > Present Danger? If this is what's bothering "congressional leaders"
> > (and I doubt it) then they obviously have way to much free time on
> > there hands.

In testimony presented to the US Senate Armed Services Committee last 
month, Tenet revealed, "I think we have a deep concern that the 
Chinese are also engaging in activities that continue to be inimical 
not just to our interests, but that their activity stimulates 
secondary activities that only complicate the threat we face." 

> > Somehow I think this statement has been taken way out of context.
> > Sure the Chinese together with the British, Australians, and just
> > about every other nation on the planet are going to pursue activities
> > which are in their own best interests and at times contrary to those
> > of the US. This is called free trade.

Code Red: No longer just a threat

No one in Washington has forgotten when Chinese anger spilled over 
from the streets into cyberspace to protest the North Atlantic Treaty 
Organization's (NATO) bombing three years ago of the Chinese Embassy 
in Belgrade resulting in the deaths of three Chinese journalists. At 
that time, most of the major Chinese media organizations, including 
the People's Daily, CCTV, Xinhua News Agency, Guangming Daily, China 
Youth Daily, and Beijing Youth Daily, published extensive coverage of 
the street demonstrations against the bombings on their websites. 

> > What anger in the streets? I had a colleague in Beijing during this
> > time. This was a media beat up. Sure there was a small orchestrated
> > demonstration for the benefit of the international media. But largely
> > the whole event went unnoticed.

As a direct result of that international incident, Chinese hackers 
broke into the US Department of Energy's website and replaced its 
homepage with a note written half in English, half in Chinese, which 
read: "We are Chinese hackers who take no cares about politics. But we 
can not stand by seeing our Chinese reporters being killed. Whatever 
the purpose is NATO, led by the USA, must take absolute 
responsibility. You have owed Chinese people a bloody debt which you 
must pay for. We won't stop attacking until the war stops." 

> > This sort of thing happens every day when some disaffected malcontent
> > with technical savvy wants to publicly voice a protest. Much more
> > effective than standing outside a corporate headquarters with a placard.

Only a year ago, a successful Chinese cyber attack aimed directly at 
the heart of America's political pulse knocked out the White House's 
website for almost four hours. A White House spokesman at that time 
refuted the seriousness of the action, stating that "there was no 
security breach, and the attack remains under review". Never mind that 
it was exactly a year ago, almost in a memorial salute to the Belgrade 
bombing of the Chinese Embassy, that Chinese hackers defaced more than 
660 sites in the US, according to Michael Cheek from the security firm 
iDefense. 

> > So what was different this day to any other day? Listen to the
> > white house spokesman. 

US technologies of surveillance, encryption, firewalls, and even 
viruses have been willingly transferred to Chinese partners in the 
past several years as part of China's budding efforts to enter the New 
Economy. Rand Corp's James Mulvenon maintains that such US companies 
as Network Associates (McAfee Anti Virus), and Symantec (Norton Anti 
Virus) gained entry to China's market by voluntarily providing China's 
Public Security Bureau with more than 300 computer viral strains. 

> > What sort of xenophobic clap trap is this? Of course this happens - it's
> > as much in US interests for such transfers to take place as it is Chinese.

Although senior Chinese Internet network officials maintain even today 
that a Code Red worm is far too sophisticated for China to have 
produced, several senior US analysts strongly disagree and confirm 
that the technology to launch cyber attacks has already been 
successfully deployed by China. After all, China has already developed 
a sophisticated surveillance system to monitor activities on the 
Internet. The system, which is similar to the data-recording "black 
box" installed in commercial airplanes, will be able to monitor all 
communications through the Internet. 

> > Nothing new here. Most nations routinely scan all communication
> > entering, leaving or passing through their borders.

"Was there a failure of intelligence?" asked House Minority Leader 
Dick Gephardt. "Did the right officials not act on the intelligence in 
the proper way? These are things we need to find out." That was the 
question raised this past week on Capitol Hill. These legislators were 
not addressing these previous Chinese-inflicted cyber attacks, but 
rather the enormity of the September 11 tragedy. 

> > No Dick there wasn't any failure - tell you what lets evacuate San
> > Francisco because there is more substantial "evidence" that it will
> > suffer a major earthquake sometime in the future.

Intelligence agency aims to boost image

The intelligence community, in an effort to boost US confidence in 
national security, is maneuvering to cast a wider safety net through 
the newly refurbished Washington naval complex at the intersection of 
Cryptologic Court and Intelligence Way. The Threat Monitoring Center, 
housed in a three-story, red-brick building, is an expansive room with 
a bank of televisions, numerous workstations with computers and nine 
clocks. Although there are still plenty of empty offices and cubicles, 
Tom Ridge, the Homeland Security director, states that the facility 
will soon be manned by representatives of more than a dozen federal 
agencies, among them the CIA, the FBI, the departments of Energy, 
Transportation and State and the National Security Agency, posted to 
alert Americans of any future terrorist attacks. That warning shot has 
already been issued and few Americans are listening. A report produced 
by the Strategic Studies Institute titled "Chinese Information 
Warfare: A Phantom or Emerging Threat?" demonstrates that China has 
more than an intense and acute fascination with information warfare 
(IW). Both the National Security Council and the CIA believe that the 
potential advances in Chinese IW capabilities have direct implications 
for US national security. Exhaustive research of Chinese 
information-warfare literature confirms a goal of information 
dominance. 

> > This is called a placebo, so that professionals can get back to their
> > jobs without the constant distractions of meddling politicians and
> > media. 

"The Chinese military views cyberwarfare as a way to overcome 
America's superiority," claims Toshi Yoshihara, a research fellow on 
security issues with the Institute for Foreign Policy Analysts and 
doctoral candidate at Fletcher School of Law and Diplomacy. 

> > You think? probably need a good swift kick if they didn't. It's
> > part of their job descriptions.

Two years ago, John Serabian, the CIA's information operations manger, 
revealed in written testimony presented to the Joint Economic 
Committee that the US was indeed vulnerable to a major cyber attack 
from China's military inflicting much more injury than just defacing 
government websites, but creating truly damaging interruptions to the 
national economy and infrastructure. The "Cyber Terrorism Threat" 
report does include a carefully worded assessment that the Chinese 
government or military currently lacks the ability to conduct this 
intended goal of disrupting Taiwanese computer systems or US military 
logistics. 

> > So the US is vulnerable and the Chinese lack the ability, and both
> > nations work to correct the anomaly? sounds like business as usual
> > to me.

Some close observers of America's intelligence community believe it is 
precisely this kind of mixed information, laced with naivete and 
denial, that fits squarely into the demands made by Senator Richard 
Shelby, the Alabama Republican who serves as vice chairman of the 
Senate Intelligence Committee, that a leadership shakeup may be 
required soon at the CIA. 

> > Normal sabre rattling. Who cares?

Just as America experienced in 1993 at the World Trade Center a 
shocking preview of what the entire world gravely witnessed a few 
years later on September 11, 2001, the next Code Red worm may prove to 
be much more than just a mere nuisance to government websites. 

> > Wow even Neil Armstrong would be impressed with that "giant
> > leap" 




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.