China Accused Of Hacking U.S. Systems

The world's most populous nation denied charges of hacking U.S. military computers after a cybersecurity expert suggested Chinese military in southern China were going after U.S. networks.

This current debate is just the latest in an ongoing problem for the U.S. military. Alan Paller, director of the SANS Institute said the attacks have been traced to the Guangdong province and he said the techniques in play suggest precision that only comes from the military.

Paller made allegations on Monday during a conference call discussing other work by the SANS Institute. "These attacks come from someone with intense discipline. No other organization could do this if they were not a military organization."

The problem of these hackings has become tremendous. A number of military computers were hacked a little over a year ago. A group called "Titan Rain" was considered responsible for cracking four military installation systems and managed to make off with several tidbits including the aviation mission-planning software for Army helicopters. These hacks aren't a good sign and they don't stop there either.

A number of defense contractors have also been hacked. Paller said "We know about major penetrations of defense contractors." He went on to say "they are less willing to make it hard for mobile people to get their work done."

The Chinese government has denied these allegations. Foreign ministry spokesman Qin Gang said in his regular briefing that, "The Chinese police will deal with hacking and other activities disturbing social order in accordance with law."

Even if it's not the Chinese military hacking these computers, it points out a major flaw in U.S. cybersecurity efforts. Keep in mind this isn't someone's credit card, this is top-secret military knowledge. This isn't a case of internal spies or anything else. This is a major security problem and right now the U.S. is losing this particular fight. While howitzers and stealth bombers are quite effective at what they do, if a potential enemy knows how they work and the tactics for them, then they can nullify them.

Others have had similar luck getting into military computers too. Earlier in the year, a gentleman from the UK who had gotten into the Dept. of Defense computer networks rooting around for information on UFOs was being charged by the DOD for cyber crime. He found all kinds of things in their on anti-gravity devices and other odd technologies. The more significant thing he noticed happened to be all the people in the computer network who weren't supposed to be. These people were from all over the world. He said DoD lacked real password protection.

This point was reiterated in a new story this week on NPR as they do a series on cybersecurity. One security specialist interviewed said passwords were simple to figure out. This problem is widespread too. When one combines the defense contractors being hacked as well as the defense department being hacked, it doesn't leave our defenses all that intact.

There are ways to improve it. Certainly hackers may make it in but we shouldn't open the door for them. Tie in multiple passwords and biometrics to these systems. At least give these hackers something to work for. If we don't then all the jets and guns won't matter.

by John Stith

John is a staff writer for SecurityProNews covering cyber security.