Return-Path: <sentto-279987-1679-999349253-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Sat, 01 Sep 2001 06:02:07 -0700 (PDT) Received: (qmail 6767 invoked by uid 510); 1 Sep 2001 13:01:12 -0000 Received: from n23.groups.yahoo.com (216.115.96.73) by 204.181.12.215 with SMTP; 1 Sep 2001 13:01:12 -0000 X-eGroups-Return: sentto-279987-1679-999349253-fc=all.net@returns.onelist.com Received: from [10.1.4.52] by ck.egroups.com with NNFMP; 01 Sep 2001 13:00:53 -0000 X-Sender: brian@pc-radio.com X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2); 1 Sep 2001 13:00:52 -0000 Received: (qmail 78078 invoked from network); 1 Sep 2001 13:00:52 -0000 Received: from unknown (10.1.10.26) by m8.onelist.org with QMQP; 1 Sep 2001 13:00:52 -0000 Received: from unknown (HELO chmls06.mediaone.net) (24.147.1.144) by mta1 with SMTP; 1 Sep 2001 13:00:51 -0000 Received: from 79p8e.pc-radio.com (unknown1.ne.mediaone.net [24.218.89.7]) by chmls06.mediaone.net (8.11.1/8.11.1) with ESMTP id f81D0rm22997 for <iwar@onelist.com>; Sat, 1 Sep 2001 09:00:53 -0400 (EDT) Message-Id: <5.1.0.14.2.20010901085534.03683c80@mail-dnh.mv.net> X-Nil: To: iwar@onelist.com (Information Warfare Mailing List) In-Reply-To: <200109010646.XAA25300@big.all.net> From: Brian McWilliams <brian@pc-radio.com> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Sat, 01 Sep 2001 09:00:44 -0400 Reply-To: iwar@yahoogroups.com Subject: Re: [iwar] Is China's Guandong province ground zero for hackers? Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Vamosis's article is interesting speculation, but in the case of Code Red, there's evidence China *wasn't* ground zero: http://www.newsbytes.com/news/01/169636.html China and Korea are renowned for having lots of easily compromised systems with non-existent system administrators. What's to say some kid from Fargo isn't using Guangdong as his launch pad? Brian At 02:46 AM 9/1/01, Fred Cohen wrote: >Is China's Guandong province ground zero for hackers? > >By Robert Vamosi, AnchorDesk, 8/31/2001 >http://dailynews.yahoo.com/h/zd/20010830/tc/is_china_s_guandong_province_ground_zero_for_hackers__1.html > >Last week, while discussing new priorities for the Department of Defense >(news - web sites), Secretary of Defense Donald Rumsfeld told the >Washington Post that "serious moves to transform the military to meet >such emerging threats as computer warfare, terrorism and missile >proliferation will not produce new war-fighting capabilities for a >number of years." Although paraphrased, it sounds to me like Secretary >Rumsfeld just told our enemies that we're years away from defending >ourselves against cyberterrorism. Oops. Now is not the time to admit >weakness in this area, Mr. Secretary. > >Quietly, the U.S. government had been hacking away at cyberterrorism. >The EP-3E spy plane that crash-landed in China earlier this year was, >according to James Bamford in his keynote speech at this year's Black >Hat Briefing, working for the National Security Agency. Even the 1999 >war in Kosovo featured early information warfare techniques against the >Serbian government. A recent report by MSNBC explains the emerging >global information warfare threat in greater detail. If the secretary >is serious about transforming the U.S. defense department, then let me >suggest that it is much more prudent to shore up our computer networks >today than to invest in the 20-year-old concept of laser-toting >satellites orbiting the earth tomorrow: Our computer networks are >already under serious attack. > >HOSTILE NATIONS, and for that matter, hostile groups, such as Osama bin >Laden (news - web sites)'s followers, realize they can't challenge the >U.S. military one-on-one. But they can disrupt our utilities, our >telecommunications, and our e-commerce. Just last spring, during a >period of rolling blackouts in Northern California, someone hacked into >the California Independent System Operators system, which regulates the >flow of power in the state. The malicious users were stopped before >they caused any damage, but the incident shows how vulnerable our >ancillary government agencies are to attack. The hack was traced back >to the Guangdong province in China. Turns out, this was not an isolated >incident. > >A few weeks ago, I wrote that students at Foshan University in >Guangdong, China, may have created the Code Red worm. Shortly after >that column appeared, someone at the Defense Department called me with a >serious interest in that information. Now, the recent and very nasty >Offensive Trojan horse also happens to share a connection to Guangdong. >I don't think this is a coincidence. > >Guangdong is the largest and wealthiest province, and Hainan Island, the >site where the American EP-3E plane was held after landing last April, >is nearby. According to a report prepared by the security company >Vigilinx, Guangdong is also home to hacker groups, such as the Honker >Union of China (also known as the Red Guest Alliance) and China Eagle, >and to criminal extortionists who have been terrorizing Hong Kong's >financial networks for years. Guangdong also happens to be very >beautiful, historic, and the focus of major Western investment and >tourism. > >RATHER THAN ASSUME the Chinese government is behind Code Red and >Offensive, I think it is more credible that different groups of >individuals within Guangdong might be hacking the United States and >other nations (like Japan) for their own reasons. Like the cracker >activity once seen in Eastern Europe, these exploits may not be a >political expression against, but a general frustration with, Western >arrogance and influence. The crackers in Guangdong seem to be doing >their own thing, and they are definitely pushing the envelope of what is >possible in terms of malicious activity on the Internet. > >Whatever their motives, I suggest we'll hear even more from the crackers >in Guangdong. If ego is involved, these crackers probably aren't done >flexing their programming muscles or announcing themselves to the world. >Now, thanks to comments from the U.S. Defense Secretary, others >elsewhere might also be tempted to join in their fun. > > > >------------------ >http://all.net/ > >Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ ------------------------ Yahoo! Groups Sponsor ---------------------~--> Secure your servers with 128-bit SSL encryption! Grab your copy of VeriSign's FREE Guide: "Securing Your Web Site for Business." Get it Now! http://us.click.yahoo.com/n7RbFC/zhwCAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:40 PDT