NYT covers China cyberthreat

An amazing percentage of "private" lines are pseudowires, and neither you nor your telco salesdroid can know or tell; even the "real" circuits are routed through DACS, ATM switches, and the like. This is what link encryptors are all about; use them. (Way back when, we had a policy of using link encryptors on all overseas circuits -- there was a high enough probability of underwater fiber cuts, perhaps by fishing trawlers or "fishing trawlers", that our circuits mighty suddenly end up on a satellite link. And we were only worrying about commercial-grade security.)

    --Steve Bellovin, https://www.cs.columbia.edu/~smb

This strongly suggests that it's not their A-team, for whatever value of
"their" you prefer. (My favorite mistake was some of them updating their
Facebook pages when their work took them outside the Great Firewall.) They
just don't show much in the way of good operational security.

Aside: A few years ago, a non-US friend of mine mentioned a conversation
he'd had with a cyber guy from his own country's military. According to
this guy, about 130 countries had active military cyberwarfare units. I
don't suppose that the likes of Ruritania has one, but I think it's a safe
assumption that more or less every first and second world country, and not
a few third world ones are in the list.

The claim here is not not that China is engaging in cyberespionage. That
would go under the heading of "I'm shocked, shocked to find that there's
spying going on here." Rather, the issue that's being raised is the target:
commercial firms, rather than the usual military and government secrets.
That is what the US is saying goes beyond the usual rules of the game. In
fact, the US has blamed not just China but also Russia, France, and Israel
(see http://www.israelnationalnews.com/News/News.aspx/165108 -- and note
that that's an Israeli news site) for such activities. France was notorious
for that in the 1990s; there were many press reports of bugged first class
seats on Air France, for example.

The term for what's going on is "cyberexploitation", as opposed to "cyberwar".
The US has never come out against it in principle, though it never likes it
when aimed at the US. (Every other nation feels the same way about its
companies and networks, of course.) For a good analysis of the legal aspects,
see http://www.lawfareblog.com/2011/08/what-is-the-government’s-strategy-for-the-cyber-exploitation-threat/

    --Steve Bellovin, https://www.cs.columbia.edu/~smb

Very true. The objection is more that the exploits are aimed at civilian
rather than (or, more accurately, as well as) military / government /
beltway targets.

Which makes the alleged chinese strategy rather more like financing jehadis
to suicide bomb and shoot up hotels and train stations, rather than any
sort of disciplined warfare or espionage.

--srs (htc one x)

When you really look at human behavior the thing that remains the same is core motives. The competition makes sense in that it is human nature to aggresse for resources. We are challenged in the "fact" that we 'want' to belong among the other five. This will never change but………….

What is really a travesty here is that most of us have been saying "hey this is critical" and can now shift to "I told you so"… in that if you did what we said to do 1 … 5 …. 10 … years ago .. you would have "mitigated" this risk..

Basically, genetically we have not changed, so what behavior would suggest that (even with the introduction of faster calculators).. why would we change? Just means we would do X faster …….

This is my first comment to the list.. please flame me privately to save the list :slight_smile: *** or publicly who think I should really be spanked!!! ***


The only spanking that has been going on nanog lately is Jay using his
email to keep us up to date on current news. I am going to call it a
night, and look for a SCUD fired from Florida in the morning. :wink:

Nanog setting their list server up to mandate that envelope from matches
header from should take care of this .. I see the envelope being whatever,
nobody@server.example.com type stuff more often than not, in all these
forwarded articles that are supposed to be coming from Jay's account.


Mandiant apparently feels the same way: http://www.forbes.com/sites/andygreenberg/2013/02/21/the-shanghai-army-unit-that-hacked-115-u-s-targets-likely-wasnt-even-chinas-a-team/

    --Steve Bellovin, https://www.cs.columbia.edu/~smb

He!, we share the internet with america. If you guys decide to build
and use a internet kill switch, just nuke your part of the internet.
People outside USA are happy with the internet, and we need it :smiley:

just don't use code 666 on the keypad :smiley:

I know theres a lot of it, and If suddenly tomorrow a enormeous solar
flare kill every electronic in the america continent, we will have
problems here in europe. I just want to make sure you guys know that
we want our part of the internet to continue, even if you guys decide
to pull the plug.