I can't help but wonder what would happen if US Corporations simply blocked all inbound Chinese traffic. Sure it would hurt their business, but imagine what the Chinese people would do in response. It seems like China takes very little seriously until it goes mainstream. This is happening right now with their political system, they are attempting (publicly) to rid themselves of bad apples. I think this applies to the majority of the Internet dependant countries, people are ready to jump out of a window if facebook or Twitter is down. Imagine the revolt after every major US based provider stopped taking their calls, and data. I understand the implications, but I think this may be the only real way to spank them (I know the financial ramifications..)
From my Android phone on T-Mobile. The first nationwide 4G network.
-------- Original message -------- From: Suresh Ramasubramanian <ops.lists@gmail.com> Date: 02/20/2013 5:22 PM (GMT-08:00) To: surfer@mauigateway.com Cc: nanog@nanog.org Subject: Re: NYT covers China cyberthreat Net net - what we have here is, so far, relatively low tech exploits with a huge element of brute force, and the only innovation being in the delivery mechanism - very well crafted spear phishes They don't particularly need to hide in a location where they're literally bulletproof (considering how many crimes have the death penalty in china, said penalty being enforced by a bullet to the head and your family billed for the bullet, if I remember correctly) Now there's a light shone on it all, despite the official denial, you'll simply see this office building shift to an even more anonymous business park halfway across the country (or maybe inside an army base that people just can't wander into and photograph), and the exploits will simply start to cover their traces better. Sure they'll evolve - let them. The point here is that they're going to evolve anyway if we let them operate with impunity from a location where they're bulletproof. --srs On Thursday, February 21, 2013, Scott Weeks wrote:
--- Valdis.Kletnieks@vt.edu <javascript:;> wrote: The scary part is that so many things got hacked by a bunch of people who made the totally noob mistake of launching all their attacks from the same place.... ------------------------------------------------
This all seems to be noobie stuff. There's nothing technically cool to see here. All they do is spear phishing and, once the link is clicked, put in a backdoor that uses commonly available tools. As I suspected earlier it's M$ against M$ only.
The downside is nontechnical folks in positions of power often have sensitive data on their computers, only know M$ and don't have the knowledge to don't click on that "bank" email.
Technically, it was 74 pages of yawn. Don't waste your time unless you're interested in how they found out where the attack was originating from and how they tied it to the .cn gov't.
scott
-- --srs (iPad)