Another War-on-Terror Blog: "Chinese Hackers" - -

Thursday, March 1, 2012

"Chinese Hackers" - - - And Keep Reading

The headline is attention-getting. Which headlines are supposed to be. So was the article's lead paragraph:

"Chinese hackers took over NASA's Jet Propulsion Lab, Inspector General reveals"
FoxNews.com (March 1, 2012)

"Chinese hackers gained control over NASA's Jet Propulsion Laboratory (JPL) in November, which could have allowed them delete sensitive files, add user accounts to mission-critical systems, upload hacking tools, and more -- all at a central repository of U.S. space technology, according to a report released Wednesday afternoon by the Office of the Inspector General...."

I've posted about 'cyberwar' and how important it is to keep the wrong people from getting at anything from my credit card number, to launch codes for nuclear missiles.

Simple? Not

The headline's accurate. So is the lead paragraph.

But there's more going on than "could have allowed...." I put a slightly longer excerpt from the article at the end of this post.¹

The article links to a nine-page document:

"NASA Cybersecurity: An Examination of the Agency's Information Security"
Testimony before the Subcommittee on Investigations and Oversight,
House Committee on Science, Space, and Technology
U.S. House of Representatives
Statement of Paul K. Martin
Inspector General
National Aeronautics and Space Administration (February 29, 2012)
[archived from oig.nasa.gov/congressional/FINAL_written_statement_for_%20IT_%20hearing_February_26_edit_v2.pdf on March 1, 2012]

It's not particularly turgid prose. Certainly not compared with some government documents I've slogged through: If you're interested in what's going on, I suggest you read it yourself.

The report has good news, and it's got bad news.

First, the bad news: NASA, and a whole lot of other government and private outfits, could do a lot better when it comes to keeping their data secure. This is hardly 'news.'

Now, the good news: The Office of Inspector General (OIG) and other agencies around the world have started tracking down and dealing with folks who aren't nice when it comes to other people's data.

Turns out, there are a lot of folks who haven't been nice. And they don't fall into one simple category of 'bad guys.'

Conclusions, Crazy and Otherwise

There's a summary of events and actions at the end of that NASA cybersecurity report.

I might be able to take data from that report; pour in assumptions, biases, and a generous helping of paranoia: and claim that a secret cabal (that's the best kind) of Romanians, Estonians, and Texans, are plotting to take over the world by hacking into the accounting systems of Minnesota companies.

That would be - crazy talk.

I could also claim that the report proves that China's leaders are plotting to take over America's computer networks.

That would be - not so much crazy talk, as arguing ahead of facts. 'Way ahead of facts.

I'm not at all comfortable at how many hack attacks on American - and other - computer networks 'just happen' to come from servers in China. I'd like to believe that China's current leadership has gotten past the 'good old days' of Mao's cultural revolution, and want to make China a better place for the folks who live there. I'd also like to believe that everybody could just get along.

But this is the real world: and national leaders don't always have the best interests of their citizens in mind; or a sensible view of what their citizens need. And that's another topic.

Very Cautious Optimism

I insist on seeing some good news in that Cybersecurity report.

Government agencies in America and elsewhere are apparently treating crimes which are committed primarily online as - crimes.

After what look like serious investigations - not just knee-jerk accusations and assumptions - action has been taken. Correctly, if that catastrophic drop in spam was the result of two rogue Internet Service Providers getting shut down.

China's leadership may have decided to join the rest of the world, where it comes to treating online crimes as 'real' crimes. Okay - that's on the strength of just one arrest: but that's a start.

Mr. Martin's Cybersecurity Summary, Summarized

Here's what I got, after parsing out Mr. Martin's "NASA Cybersecurity..."summary:

February 2012
- JPL systems hacked
- A Romanian national was indicted in the Central District of California
  - Following convictions in Romania for related criminal activity
- Result: losses of over $500,000 to the Atmospheric Infrared Sounder (AIRS) Program
January 2012
- Unauthorized accesses into numerous systems belonging
  - NASA
  - The Pentagon
  - The Romanian government
  - Commercial entities
- Romanian authorities a 20-year-old Romanian national for this intrusion
- Result: products from a variety of NASA scientific research efforts were inaccessible to the general public for a brief period of time
  - No long-term damage to the underlying programs was reported
November 2011
- JPL IT Security reported suspicious network activity involving Chinese-based IP addresses
- NASA review disclosed that the intruders had compromised the accounts of the most privileged JPL users
  - Giving the intruders access to most of JPL's networks
- The Office of Inspector General (OIG) continues to investigate this matter
November 2011
- Following an earlier international fraud scheme
  - That compromised more than 4 million computers worldwide
    - Including 135 NASA systems
  - Over $15,000,000 in assets from the operation have been seized
    - So far
- Indictments announced
  - By the U.S. Attorney's Office for the Southern District of New York
  - Six Estonians
  - One Russian national
February 2011
- Hacked
  - Two NASA systems
  - A Minnesota-based company's pay and accounting system
- A Texas man pled guilty to wire fraud in Federal court in Minnesota in connection with the crime
- Result: more than 3,000 registered users were denied access to oceanographic data supplied by NASA for several days. Direct remediation costs in this case exceeded $66,000
February 2011
- Distribution of malware that caused NASA data to be compromised
- A British citizen was sentenced in England to 18 months' imprisonment for his role
- Result: about 2,000 NASA e-mail users were infected with this malware as part of a worldwide computer fraud scheme
December 2010
- Following the hacking of seven NASA systems
  - Many containing export-restricted technical data
- A Chinese national was detained
  - By Chinese authorities
  - For violations of Chinese Administrative Law
- This detention
  - Followed
    - An OIG investigation
    - Lengthy international coordination efforts
- Significance: "This case resulted in the first confirmed detention of a Chinese national for hacking activity targeting U.S. Government agencies. Seven NASA systems, many containing export-restricted technical data, were compromised by the Chinese national."
March 2009
- Following unauthorized intrusions into NASA JPL systems
  - Two computer systems used to support
    - NASA's Deep Space Network
    - Several Goddard Space Flight Center systems
- Italian authorities
  - Raided the home of an Italian national suspected of taking part in the intrusions
  - Suspect the individual of being a member of a hacker group responsible for an Internet fraud and hacking schemes
- Result: Good question
  - NASA officials assured us that no critical space operations were ever at risk
Other incidents
- (No date given)
  - 53 NASA systems were affected by the criminal activity sponsored by McColo Inc.
    - None of the systems were mission critical
  - Twenty-one NASA systems compromised as part of criminal activity hosted by rogue ISPs
  - OIG investigations followed
    - Rogue ISPs were identified by NASA OIG and other law enforcement agencies as a major source of
      - Child pornography
      - E-mail spam
      - Stolen credit cards
      - Malicious software
    - Result:
      - Shutdown of rogue Internet Service Providers (ISPs)
        "McColo Inc."
        
        "Triple Fiber Networks,"
      - The U.S. District Court in the Northern District of California ordered McColo Inc. to pay the Federal Government a $1.08 million civil judgment
      - Worldwide reduction in spam of approximately 50 percent shortly after the ISPs were taken offline
- 2009
  - Following theft of
    - Cisco Systems, Inc., proprietary code
    - Numerous intrusions into NASA systems
      - Including Ames Research Center's Super Computing Center
  - A Swedish citizen indicted in 2009
  - Swedish and U.S. authorities agreed to have the subject tried in Sweden
  - The subject
    - Was found guilty
    - A "formal criminal history" was filed by Swedish authorities
  - Result: several instances when the Ames Research Center's Super Computing Center was temporarily shutdown to clean up after the intrusions
    - Losses to NASA were estimated at over $5,000,000

Relate posts:

" 'Digital Sabre-Rattling,' 'Complex Legal and Cultural Issues,' and Heat-Related Deaths"
(July 15, 2011)
"IMF Hacked, Again - or - 'This isn't Cyberwar: It Just Acts Like Cyberwar'?!"
(June 11, 2011)
"China to Google: 'Shut Up Or We'll Hurt You' "
(June 6, 2011)
"Gmail, China, Knee-Jerk Response, and the Information Age"
(June 4, 2011)
"China, Paper on How to Bring Down USA Power Grid: All a Big Misunderstanding?"
(March 20, 2010)

In the news:

"Chinese hackers took over NASA's Jet Propulsion Lab, Inspector General reveals"
(March 1, 2012)

¹Excerpt from the news:

"Chinese hackers took over NASA's Jet Propulsion Lab, Inspector General reveals" Foxnews.com (March 1, 2012) "Chinese hackers gained control over NASA's Jet Propulsion Laboratory (JPL) in November, which could have allowed them delete sensitive files, add user accounts to mission-critical systems, upload hacking tools, and more -- all at a central repository of U.S. space technology, according to a report released Wednesday afternoon by the Office of the Inspector General. "That report revealed scant details of an ongoing investigation into the incident against the Pasadena, Calif., lab, noting only that cyberattacks against the JPL involved Chinese-based Internet Protocol (IP) addresses. "Paul K. Martin, NASA's inspector general, put his conclusions bluntly. " 'The attackers had full functional control over these networks,' he wrote.... "...Beyond a wealth of exploration programs, such as the recent GRAIL mission to study the moon and the upcoming Mars Science Laboratory, JPL manages the Deep Space Network, a network of antenna complex. "Martin released written testimony about the attacks in the report 'NASA Cybersecurity: An Examination of the Agency;s Information Security,' presented to the House Science, Space and Technology Committee investigations panel on Wednesday. It details a host of security lapses and breaches of protocol at the space agency...."

No comments:

Blogroll

Note! Although I believe that these websites and blogs are useful resources for understanding the War on Terror, I do not necessarily agree with their opinions. ¹

American Islamic Congress
American-Islamic Forum for Democracy
Americas Interests.blog an Australian's perspective (on January 29, 2009 the author announced the end of new posts, and explained his reasons for doing so. He is, however, keeping the 21 months of accumulated posts on line, because of "the role that it plays in a larger ecosystem of information" - I recommend AI as an archival resource. )
Blog 4 Human Rights: Human Rights in Georgia (the nation) News, Opinions, Videos and Photos (Why blogroll this? Georgia is about 10% Muslim, very near the Middle East: and human rights is a critical part of the War on Terror.)
CAIR Council on American-Islamic Relations
The Capitol Tribune "A Journal by a Citizen and Servant of the Republic."
The Conservative Hawk An articulate conservative blog: definitely political, opinionated, informed, and intelligent
Defenders Council of Vermont "...our mission is to educate the citizens of Vermont about the nature, reality and threat of radical Islam, deepen Vermonters' understanding of America's heritage, honor the men and women of the armed services and their families, and support the efforts of others to help our armed forces work with local populations in foreign lands."
DefenseLink Blogger's Roundtable provides source material for stories in the blogosphere concerning the Department of Defense (DoD) by bloggers and online journalists.
FactCheck.org "aims to reduce the level of deception and confusion in U.S. politics". It's "a project of the Annenberg Public Policy Center of the University of Pennsylvania". From what I've seen, this non-partisan website must be quite annoying to all sides
Fiqh Council of North America "...a body of qualified Islamic scholars who live in the United States or Canada."
Foreign Policy Watch "Diplomatic strategy, international news, and thoughtful political analysis"
www.free-minds.org Another flavor of True Islam: one more articulate than many
Free Muslims Coalition "American Muslims and Arabs of all backgrounds who feel that religious violence and terrorism have not been fully rejected by the Muslim community in the post 9-11 era."
GlobalSecurity.org "Everyone is entitled to their own opinion, but not their own facts. We try to bring you the facts, to help you form your opinion."
Hudson Institute: Center on Islam, Democracy, and the Future of the Muslim World
IntelCenter "Our focus as a company is on studying terrorist groups and other threat actors and disseminating that information in a timely manner to those who can act on it."
Iraq the Model "New points of view about the future of Iraq."
Islam.com "...an information portal site on the internet that is pure, clean and 'worthy of its name', InshaAllah."
islamispeace.org.uk "...invites you to challenge your ideas of Islam and Muslims."
Islamic Circle of North America "... to seek the pleasure of Allah (SWT) through the struggle of Iqamat-ud-Deen (establishment of the Islamic system of life) as spelled out in the Qur'an and the Sunnah of Prophet Muhammad (pbuh)"
Islamic Republic News Agency Iran's official news agency
Islamic Society of Central Florida (ISCF) "...an organization which strives to serve the greater Central Florida community by catering to the social, religious, and educational needs of its Muslim inhabitants."
Islamic Society of North America "...playing a pivotal role in extending those bridges to include all people of faith within North America...."
(but note another view) )
Islamic World News أخبار العالم الاسلا
Michael J. Totten's Middle East Journal The War on Terror, as observed on the ground
Muir S. Fairchild Research Information Center A research resource for United States Air Force Air University students, "provided as a public service by Muir S. Fairchild Research Information Center and the Maxwell Support Division."
Muslamics Affad Shaikh and "A Writing Collaborative" This American Muslim Affad Shaikh, a very west-coast Muslim Los Angelano
Muslims Against Sharia An organization of Muslims, presumably dedicated "...to educate non-Muslims about the differences between moderate Muslims and Islamists..." - with a curious way of practicing Peace, Love Light, (words in their website's logo).
National Interest, and as a corollary, Primacy "These are indeed my personal pontifications on the vicissitudes of International Affairs." (Be prepared for big words, long sentences: and unexpected insights.)
PM’S World
Radio Free Europe/Radio Liberty "disseminating factual information and ideas"
The Straits Times (Singapore) "...strives to be an authoritative provider of news and views, with special focus on Singapore and the Asian region...."
Urban Conservative "Conservative 2.0 - A New Breed of Conservative
Why Islam? "... articles, books etc on Islam and comparative religion. ... initiated by volunteers from ICNA (Islamic Circle of North America). ..."

¹ Given a recent misunderstanding of the phrase "useful resources," a clarification: I do not limit my reading to resources which support my views, or even to those which appear to be accurate. Reading opinions contrary to what I believed has been very useful at times: sometimes verifying my previous assumptions, sometimes encouraging me to change them.

Even resources which, in my opinion, are simply inaccurate are sometimes useful: these can give valuable insights into why some people or groups believe what they do.

In short, It is my opinion that some of the resources in this blogroll are neither accurate, nor unbiased. I do, however, believe that they are useful in understanding the War on Terror, the many versions of Islam, terrorism, and related topics.

Visit us online:
Spiral Light Candle	• Find a Retailer • Spiral Light Candle Store