Sleeper Code, Spying and Hacking

  • Facebook | China proves to be an aggressive foe in cyberspace <span class=”“> – Annotated
    Another problem is China’s ability to leave behind malicious sleeper code that can one day be activated to alter or destroy information. In April, then-National Counterintelligence Executive Joel F. Brenner reported that the Chinese had penetrated “certain of our electricity grids” with malicious code and that “our networks are being mapped”

    • Richard did not write “All computer manufactures install sleeper code for their national governments.”

       

      The practice can be done on an ad hoc basis, to a particular piece of equipment. The sleeper code can be added to CPU’s, ROM or other programmable chips in the system by CIA programmers before the equipment is sold on to the target country.

    • For example, the Iranians could buy a server computer for running a network at a nuclear research center from an unscrupulous French vendor. But the CIA get’s wind of the sale and with the help of French intelligence they install a specially programmed ROM chip into the motherboard. No matter what operating system or virus protection system the network administrators use on that server, they cannot find the bug, or get rid of it. It lays dormant until such time as it is activated, either by counting the calender to a predetermined date, or through a wake-up hack into the network. Then the code goes to work and destroys the data.

       

      This type of thing has been done already by the US and other countries.

    • The downside to this? Someday you’re going to want to sell me software. And, knowing how you all feel about me, I’m going to avoid Chinese software like the Swine Flu. While I’m at it, can I really be sure that a couple of ultra nationalists haven’t inserted sleeper code into the firmware of the laptop they made?
    • emergence of electronic and cyberwar-fighting capabilities is the most important military development in decades”
    • General Keith Alexander, now the commander of the US Cyber Command from his NSA post at Fort Meade, Maryland, during his confirmation hearings. The question he was asked was: 

      Does DOD have a definition for what constitutes use of force in cyberspace, and will that definition be the same for U.S. activities in cyberspace and those of other nations?

    • The Institute for International Education claims that foreign students and their families contribute about $13 billion annually to the U.S. economy.
    • A number of commenters suggested that the terrorism/security arguments are irrelevant. I wish it were so. Just four months ago, two Egyptian students attending the University of South Florida were caught with pipe bombs near a Navy installation in South Carolina. O
  •  

    • WASHINGTON — Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.

       

      The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven’t sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.

    • The NERC set standards last year requiring companies to designate “critical cyber assets.” Companies, for example, must check the backgrounds of employees and install firewalls to separate administrative networks from those that control electricity flow. The group will begin auditing compliance in July.
    • The senators’ letter suggests Huawei’s agenda is to spy on the U.S. government. I suppose it’s possible some people may see opportunities here, but to me this still smacks of Cold War era commie paranoia. And I suppose no member of the U.S. intelligence community has ever approached Cisco, HP or Motorola about bugging a PC, basestation or router in Beijing.
  •  

    • Hackers seeking source code from Google, Adobe and dozens of other high-profile companies used unprecedented tactics that combined encryption, stealth programming and an unknown hole in Internet Explorer, according to new details released by the anti-virus firm McAfee.

      “We have never ever, outside of the defense industry, seen commercial industrial companies come under that level of sophisticated attack,” says Dmitri Alperovitch, vice president of threat research for McAfee. “It’s totally changing the threat model.”

    • The source of the espionage appears to be China, according to a former official, though the origin of any attacks could be masked. Chinese officials deny any involvement and say U.S. suspicion is the result of a “Cold War mentality.” 

      Similar attacks have become more frequent in recent months, underscoring the increasingly heated battles taking place in cyberspace. Earlier this month, the Wall Street Journal reported that Russian and Chinese spies gained access to the U.S. electrical grid, inserting software that could disrupt the system.

    • So far, the Chinese government has denied any involvement with GhostNet. Ministry of Foreign Affairs spokeswoman Jiang Yu released a statement refuting any claims that the government had anything to do with the attacks, citing Chinese laws which expressly forbid “all Internet crime, including hacking.”
    • The Chinese are renowned for their patient and persistent espionage methods, and for their technological reverse-engineering capabilities. They also are noted for taking an extremely long view of their political and military needs and of the intelligence required to meet them. Because of this, the Chinese pose the greatest intelligence threat to U.S. technology.
    • The aggressiveness of Chinese penetration is well documented in multiple espionage cases including those of Larry Wu-Tai Chin, Katrina Leung, Gwo-Bao Min, Chi Mak, and Peter Lee.[2][3] In addition to traditional espionage, the PRC uses civilian companies to partner with American businesses in order to exploit advanced technology and economic data.[4] Additionally, the PRC utilizes cyber-espionage to penetrate the computer networks of U.S. businesses and government agencies. This is evidenced by a recent Chinese cyber-attack on Google’s computer systems in December 2009.[5] PRC intelligence operations in the United States have become so pervasive, U.S. law enforcement officials have identified China as the most active foreign power involved in illegal acquisition of American technology.[6]
    • The New York Times recently published a story that Britain’s spy agency, MI5, warned British business people doing business in China about spying attempts that made used of cyber hacking and attempted to ensnare people through blackmail “over sexual relationships and other improprieties.”
    • The vast majority of them are here innocently working or studying. Counterespionage experts say the trouble often starts when they are contacted by Chinese government officials or one of the more than 3,000 Chinese “front companies” the FBI alleges have been set up in the US specifically to acquire military or industrial technologies illegally. Sometimes they are wooed with cash, but often the motivation is nationalism.
    • The government is currently prosecuting about a dozen cases against individuals alleged to have sent technology — sometimes designs, sometimes software, sometimes high-tech equipment — to China illegally. FBI officials say at least three more cases will likely go ahead in the coming months. Over the past five years, the total number of such charges has grown by around 15% annually, according to some FBI agents.

Posted from Diigo. The rest of my favorite links are here.

Advertisements

About Steve Parker

Youth Football Coach Keller, Texas, Web Developer, Wordpress Consultant, and an Internet Marketing / SEO / PPC Consultant.
This entry was posted in Websites and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s