Re: NYT covers China cyberthreat

[Warren Bailey <wbailey () satelliteintelligencegroup com>]

I can't help but wonder what would happen if US Corporations simply blocked all inbound Chinese traffic. Sure it would 
hurt their business, but imagine what the Chinese people would do in response. It seems like China takes very little 
seriously until it goes mainstream. This is happening right now with their political system, they are attempting 
(publicly) to rid themselves of bad apples. I think this applies to the majority of the Internet dependant countries, 
people are ready to jump out of a window if facebook or Twitter is down. Imagine the revolt after every major US based 
provider stopped taking their calls, and data. I understand the implications, but I think this may be the only real way 
to spank them (I know the financial ramifications..)


> From my Android phone on T-Mobile. The first nationwide 4G network.



-------- Original message --------
From: Suresh Ramasubramanian <ops.lists () gmail com>
Date: 02/20/2013 5:22 PM (GMT-08:00)
To: surfer () mauigateway com
Cc: nanog () nanog org
Subject: Re: NYT covers China cyberthreat


Net net - what we have here is, so far, relatively low tech exploits with a
huge element of brute force, and the only innovation being in the delivery
mechanism - very well crafted spear phishes

They don't particularly need to hide in a location where they're literally
bulletproof (considering how many crimes have the death penalty in china,
said penalty being enforced by a bullet to the head and your family billed
for the bullet, if I remember correctly)

Now there's a light shone on it all, despite the official denial, you'll
simply see this office building shift to an even more anonymous business
park halfway across the country (or maybe inside an army base that people
just can't wander into and photograph), and the exploits will simply start
to cover their traces better.

Sure they'll evolve - let them.  The point here is that they're going to
evolve anyway if we let them operate with impunity from a location where
they're bulletproof.

--srs

On Thursday, February 21, 2013, Scott Weeks wrote:

> --- Valdis.Kletnieks () vt edu <javascript:;> wrote:
> The scary part is that so many things got hacked by a bunch of people
> who made the totally noob mistake of launching all their attacks from
> the same place....
> ------------------------------------------------
>
>
> This all seems to be noobie stuff.  There's nothing technically cool
> to see here.  All they do is spear phishing and, once the link is
> clicked, put in a backdoor that uses commonly available tools.  As
> I suspected earlier it's M$ against M$ only.
>
> The downside is nontechnical folks in positions of power often have
> sensitive data on their computers, only know M$ and don't have the
> knowledge to don't click on that "bank" email.
>
> Technically, it was 74 pages of yawn.  Don't waste your time unless
> you're interested in how they found out where the attack was
> originating from and how they tied it to the .cn gov't.
>
> scott

--
--srs (iPad)