Skip to content or view screen version

China capable of launching cyber attack on UK

GFCAX | 30.03.2009 14:25 | World

Intelligence chiefs have cautioned Gordon Brown about the possibility of China launching a cyber attack on Britain’s telecom system.

 http://www.thaindian.com/newsportal/feature/china-capable-of-launching-cyber-attack-on-uk_100172702.html

British Telecom’s new communications network has been installed by Chinese telecom giant ‘Huawei’, which is allegedly funded by Beijing and has links to the People’s Liberation Army.

In case of a war like situation, China could use BT to halt critical services such as power, food and water supplies, Times Online quotes intelligence officials, as saying.

In January, the Chairman of the Joint Intelligence Committee, Alex Allan, briefed a ministerial committee led by Home Secretary Jacqui Smith about the threat from China, Whitehall sources have claimed.

The ministerial committee on national security was told that Huawei components that form key parts of BT’s new 10 billion pound network might already contain malicious elements waiting to be activated by China.

Experts seconded intelligence chiefs’ warnings.

Tracking Ghostnet Report
 http://www.networkworld.com/news/2009/032909-deep-computer-spying-network-touched-103.html?hpg1=bn

Snooping Dragon Report: A case of malware-based electronic surveillance of a
political organisation by the agents of a nation state.
 http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-746.pdf

The Six Worst Internet Routing Attacks
 http://www.csoonline.com/article/476684/The_Six_Worst_Internet_Routing_Attacks

Revealed: The Internet's Biggest Security Hole
 http://blog.wired.com/27bstroke6/2008/08/revealed-the-in.html

This is from October 2008.
 http://www.foxnews.com/story/0,2933,435681,00.html
"The World Bank Group's computer network — one of the largest repositories of sensitive data about the economies of every nation — has been raided repeatedly by outsiders for more than a year, FOX News has learned. It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution's highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank's network for nearly a month in June and July. In total, at least six major intrusions — two of them using the same group of IP addresses originating from China — have been detected at the World Bank since the summer of 2007, with the most recent breach occurring just last month.

As a clearinghouse for financial data from both governments and companies, the bank's computers could provide intruders with both a financial and intelligence gold mine — from inside information on bids and contracts to the minutes of confidential board meetings. In a frantic midnight e-mail to colleagues, the bank's senior technology manager referred to the situation as an "unprecedented crisis." In fact, it may be the worst security breach ever at a global financial institution. And it has left bank officials scrambling to try to understand the nature of the year-long cyber-assault, while also trying to keep the news from leaking to the public."

In November 2008, there was a Cyber-Hacking incident at the IMF that was scuppered and later a scandel at Satyam Computer Services Ltd that supplies/maintains IMF/WHO/World Bank software.
 http://www.foxnews.com/story/0,2933,452348,00.html

GFCAX

Comments

Hide the following 7 comments

Hmmm?

30.03.2009 14:46

45 mins till BSOD anyone?

Alistair Campbell


And whats the moral of that story Gordon?

30.03.2009 14:50

Do unto others as you would have them do unto you.

stop spying on us!

geek


Yellow peril

30.03.2009 14:53

Unless I've missed something this hysterical hype is about a single botnet that MAY be controlled by someone in China. It probably is, big deal. Thousands of US and UK controlled botnets have infected Chinese computers without China whipping up hysteria.

Danny
- Homepage: http://www.theregister.co.uk/2009/03/30/china_ghostnet/comments/


Danny you're missing something really vital

30.03.2009 23:41

You're equating individual hacked Chinese windows desktop computers doing - for the most part nothing very important with an entire nation's comms system containing thousands & thousands of custom chips any one of which could be running embedded in it's firmware, code that is riddled with secret backdoors. The client - BT will probably not have access to the code contained therein and the chips will have probably been burned in such a way as to prevent the reverse engineering of the contained code. This is NOT hysterical, it's a bit like having the locks to your house fitted by someone who may be the local crackhead. If you don't fully understand the technology then it's best not to make ignorant comments.

sid


Politically/commercially useful hysterical hype

31.03.2009 01:30

Dear Sid,

I don't fully understand all the technology. Nobody does so please don't call me ignorant even if you know I'm not as informed as you are. Given that partial confession I think you are mistaking two different recent 'China Crisis/Yellow Peril' stories on the tech pages and you seem to be missing the political implications. I think you are referring to this one:  http://www.theregister.co.uk/2009/03/30/huawei_threat/
Which is a story about the threat from 'back-doors' in Chinese hardware. That story you are referring to is basically about the vunerabilities that are inherent from implementing technology from 'hostile nations'. Duh!

I understand the dangers to the British state of adopting Chinese technology. The growing belligerence of Chinese posters is very reminiscent of the attitudes of US citizens in the 50's. I hope you understand that the US and UK have so far a great technological advantage over the Chinese. The Chinese may be going to the moon but they aren't there yet and they aren't ging to be first. And why shouldn't they go to the moon- did Armstrongs flag mean the US own the moon? Nah. The Chinese tech is more reliant on the US tech than vice versa so far, and so more vunerable to attack. This story is media hype designed to increase military-tech expenditure subsidies.

Do you accept that the 'Great Firewall of China' was mostly built by US and Scottish capitalist techs? Cisco etc. If so, it is hard to envisage any great cyber threat from China in the next 20 years that isn't a greater threat to the Chinese. This really is an arms race, like the nuclear race between the US and the USSR but it is equally imbalanced so far. Despite claims from both countries, the USSR was always outgunned by the USA but the British and US public were always being told we were lagging. The USA military always claimed to weaker to justify increased 'defence' spending but they knew they were in control.

Here is my take on your article. The Gh0st botnet is the first to be identified as linked to China. Big deal! The BBC just bought a botnet for a dubious tech article, which would have undoubtedly included Chinese PCs. You don't think our government does this regularly? DARPA invented the net. Any partiotic/racist Chinese citizen could be controlling this botnet without knowledge of their government. Without evidence we don't assume all the many UK botnets are controlled by the UK government.

Now, this is one botnet that has been linked to China, and it may be a set-up but is likely to be true. The reason I say that is that the botnet is tiny in comparison to the hundreds of thousands of computers that hackers control. The best estimate is that globally one out of four PCs are 'owned' by someone elses C&C.

Do I think we should outsource our tech production to China? No. That is only done by cheapo corporate cowboys. In the 1970's though the term 'Made In China' translated as 'This is Cheap Crap' and now it just means this is unethical. Same with the Japanese goods until they learned Quality Analyis.

Do I think the Chinese are more likely to hack us than the US? The US own us already so moot point. All important US commercial tech is submitted to the NSA for 'approval' ( backdoors). I helped develop part of the Great Firewall of China and so have a CV that you probably don't want to call 'ignorant' (no offence taken, nor intended).

On a wider point, with all the stories of cyber-war and cyber-espionage out there on mainstream media, please remember there are cyber-pacifists too. Just like there are carpenter pacifists. Please ask if I've not explained my interpretation clearly enough.
Few posters here are ignorant, but even fewer are omisicient.

best wishes,
dan

PS I don't know how to build a deadlock for my own front door. I do know how to defend it by other means though,

Danny


The threat is real

31.03.2009 12:48

Dubbed GhostNet, the operation is notable. Not only can it phish for information, it has remote access capabilities that can quickly and easily turn any computer into a giant listening device.

These devices have built in GSM listening technology that can be activated by mobile phone and you can then use your mobile phone to listen to conversations that are taken place near these plug/socket devices.
 http://www.spytechnology.co.uk/transmitter-receiver-products-audio.html?gclid=CNe_9beVzZkCFRBhnAodklsBuA
I wouldn't be surprised if most UK government buildings and Corporations now have such devices to spy on employees.

China [ In ] Vasion - One of the many chinese websites promoting surveillance equipment
 http://www.chinavasion.com/index.php/cName/surveillance-equipment/

1999 - How NSA access was built into Windows
 http://www.heise.de/tp/r4/artikel/5/5263/1.html

FBI Says Military Had Counterfeit Cisco Routers
 http://it.slashdot.org/it/08/05/09/164201.shtml

Information Warfare Monitor
 http://www.infowar-monitor.net/

FBI criminal investigation: Cisco routers
 http://www.donkeyonawaffle.org/OMB%20briefing%202008%2001%2011%20a.ppt#257,1,FBI Criminal Investigation: Cisco Routers
 http://www.networkworld.com/community/node/27858

ZDNet hacking news
 http://www.zdnet.co.uk/search/index.htm?c=&q=hacking&submit.x=26&submit.y=6

China Crisis


Hiya CC

31.03.2009 16:30

Stick to that name please, life is complicated enough.

>Dubbed GhostNet, the operation is notable. Not only can it phish for information, it has remote access capabilities that can quickly and easily turn any computer into a giant listening device.

None of those things are notable, they are all old hat. Script-kiddy stuff, low-tech, out-of-date

>These devices have built in GSM listening technology that can be activated by mobile phone and you can then use your mobile phone to listen to conversations that are taken place near these plug/socket devices.

Bots and trojans are devices with built in GSM? Is that an anology or don't you understand what GSM is?

Danny