Security

Understanding what motivates Chinese hackers

Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.
With the number of Chinese citizens reaching 20% of the world's population, they're going to have an impact in any endeavor they take on. Consider the Internet -- China has more users than any country in the world, nearly twice the number as the United States (courtesy of internetworldstats.com).

Another area where the Chinese are exerting influence is the ability to manipulate the Internet. As proof, consider the NSA-originated competition TopCoder Open:

TopCoder Open is a world-wide programming and designing tournament open to all TopCoder members 18 and older who meet the eligibility criteria. There are six competition tracks: Algorithm, Design, Development, Marathon, Mod Dash, and Studio Design.

In past years, the Chinese have crushed the opponents, some say by sheer number of entries, but I doubt that's the only reason. In 2009, China had 20 finalists: the United States had two. Last year, 2012, China fielded two finalists, the United States -- none.

Where's this going?

Anyone the least bit interested in "things cyber" understands why the relationship between China and the United States is tense, so no sense wasting electrons venturing down that media-saturated path. I prefer to take some advice from a very astute gentleman I knew, my grandfather, never forgetting his gentle reminder, "Things always go better when you know, really know, the other person's story."

To that end, I hooked up with Professor Nir Kshetri from the University of North Carolina. He's been helping me understand something overlooked by mainstream media -- cultural differences.

I first became familiar with Nir's work through his book, Cybercrime and Cybersecurity in the Global South. I learned rather quickly I needed help comprehending the complex cultural implications. With a deadline bearing down on me, I shamelessly barged into Nir’s life.

Note: Before we take a look at what I learned, I thought I had better address the controversy surrounding the term hacker. Nir and other experts use hacker throughout their papers. So, to keep things simple, let's continue using hacker, associating the term hacker with highly skilled individuals who break into computer systems and networks.

Definition of Internet

Right from the start there is a dramatic difference of opinion regarding what the Internet and its governance mean to China and the United States. The Chinese government according to Nir:

[E]mphasizes the importance of creating and promoting a healthy and harmonious internet environment. It is important to elaborate this point. A healthy cyberspace is ‘porn-free,' ‘crime-free,' and ‘harmonious,' meaning it does not threaten to destabilize the state's social and political order.

How does that compare to your version of the Internet?

Information security versus cybersecurity

This next difference is complicated, I'm not sure if I get it, even with Nir's help. But, I thought I'd toss it out, and see where it lands. China and its allies have a different view of cyberspace governance than the United States and its allies. China is more concerned about "information security" and the United States prefers to focus on "cybersecurity." Nir offers an explanation:

They (China) like to control information that is likely to provoke what they call the three "evils" (terrorism, extremism, separatism). They also consider it important to prevent other nations from using their technologies to disrupt economic, social, and political stability.

All I know is if two powerful countries are looking at something like cyberspace governance that differently, it's time to talk.

Strong government

It may not be what you or I are used to, but Nir points out the Chinese are tolerant of a strong state government; especially the "post-Tiananmen generation," having experienced little or no hardship during their lives. Nir adds:

[T]he state has adapted a body of complex scholarship to bolster its legitimacy through invoking a deep sense of ‘Chineseness' among citizens. China's strong nationalism is arguably related to ethnicity and race rather than universalistic ideals (e.g., democracy, rule of law, free marketplace) and institutions. Opposition to the West has become a defining value.

Another divergent viewpoint is, in this case, what constitutes a national government.

Chinese hackers and nationalism

Most hackers are of the "post-Tiananmen generation," and have a high degree of patriotism. I remember reading on more than one occasion where Chinese hackers have left messages stating they were willing to devote their skills, even their lives to China. Nir agrees:

When Chinese hackers see the honor of their motherland is compromised, they consider it important to take necessary actions to restore China's honor, glory, and integrity. They also consider it their responsibility to fight what they see as imperialism in cyberspace.

Whether you agree or not, Chinese hackers see no wrong in what they are doing; they're being patriotic.

Chinese hackers are rock stars

Most people view hackers in a negative context. That is not the case in China. As Nir points out, Chinese hackers are revered in a fashion similar to rock stars:

[S]tartling is the fact that some young Chinese tend to treat hackers like rock stars, and a significant proportion of students identify them as positive role models, wishing to emulate them. According to a 2005 Shanghai Academy of Social Sciences survey 43 percent of elementary school students said they "adore" China's hackers, and one third said they would like to be one.

It would be interesting to see the results a similar survey taken in the United States.

Making headway against cybercrime

From what I've read, there appears to be a huge chasm between what the United States thinks, and China thinks about their eliminating cybercrime within China, and cracking down on global hacking. According to Nir, here's what the Chinese think:

Chinese officials argue they should be praised, not criticized, for taking measures to control cybercrimes at home and collaborate internationally.

Nir cited a few examples of why they feel that way. In 2009, China added computer crimes to its Criminal Law. The penalty for hacking is a seven-year prison sentence. Next, Nir referred to a China.org.cn article that mentioned:

[T]he country's police have destroyed more than 80 criminal gangs involved in computer hacking, the online theft of data, and running botnets to spread malicious software.

One similarity at least

People have mentioned, with more than a little sarcasm that my home state of Minnesota is the only state to have been governed by an "All-Star" professional wrestler. That is true, and I'm thankful for one special piece of wisdom passed on by Mr. Jesse Ventura: "If you want to know what's going on, follow the money."

If China and the United States have one thing in common about the Internet, it is "the quest for money." Nir told me about two examples where the Chinese government has decided not to enforce certain regulations as they would create a financial burden.

The Green Dam Youth Escort program had several flaws, but the one that appeared to put a stop to loading the Web-filtering software on every computer made in China was the added cost. Another example is the regulation requiring bloggers to register using their real names. Sina Weibo, the popular Chinese version of Twitter, did not abide by the regulation: stating the company would lose customers and untold revenue. As of mid-2012, Sina Weibo has over 360 million registered users.

Final thoughts

China is a big, rapidly growing, and complex country that is flexing its newly-found muscles. The operative word to me is complex. I'll leave you with one final example of that complexity. Chinese allegations against the United States only come from top-level government officials. United States allegations against the Chinese come from the government officials, tech-media types, and private sector security professionals. Nir explains:

China's strong state and weak civil society means criticism, by China's private sector and security analysts, of foreign-originated cyber-attacks is practically nonexistent: probably because of the strict censorship by the Chinese government.

I’ll end by reiterating my grandfather’s wisdom, “Things go better when you know the other person’s story.”

About

Information is my field...Writing is my passion...Coupling the two is my mission.

38 comments
Phil689
Phil689

China has over TWICE the number of internet users as US; surely you can add...

robindustygraves
robindustygraves

I have been going back and forth to HONGcouver, since 1978. In 1990- 1992 I tried to locate Chinese sources to manufacture an idea that I prototyped over 6 years. I had meetings with people, who had factories in China, who were Chinese, and who flew back and forth from HongCouver on a regular basis. Nothing went anywhere, but after I left, returning to Ontarrible, I found my idea being manufactured in China, with 6 different versions - one version in particular, most hilariously, made a huge advertising distinction, as the only one that, once activated, turned off all touch-sensitive current. At the meetings with Chinese over 2 years, there was one obviously powerful guy who grilled me on how my device worked, and who kept asking if it was possible to turn OFF the touch sensor current, once the device was activated - I pointed out that the touch sensor was powered by a typical 2032 button battery, commonly used as the CMOS clock battery in computers ( 2032 - 2.0 centimeters wide, 32 mm thick , nominal voltage, 3.0 Volts ). The current used as a touch sensor went through a resistor, to the BASE of a transistor, so the current used was in the 10,000 ths of an amp! ... - there really was no danger of electrocuting anyone, but, yes, once activated, the current could go through another transistor that turns "off"... He was obviously planning his marketing scheme, for "HIS" new invention, as he was asking me questions! I am composing an entire section called "Vancouver Thieves", since you would have to experience it to believe it... My Bank card was "compromised" 6 times in a year... All my WASP ( White Anglo-Saxon, Protestant ) Canadian born, English speaking friends ( all 6 of us ), are anally retentive about leaving ANYTHING in their cars that is visible - even a package of cigarettes on the seat is an 'invitation' to have the window smashed. Bags, jackets, whatever, - forget it, you might as well take a hammer and smash the windows yourself.... ALL my banks closed mysteriously for 3 or 4 days - including the Automated Tellers. My friend, who was born there, said later that HIS bank was closed for a few weeks. A Chinese manager, got the head position, and, over a few years, fired all the 'Canadians", replacing them, one-by-one, with people from CHINA.... Finally, the R.C.M.P., shut down the entire bank, since BILLIONS in illegal Chinese currency was being laundered through the bank! At the same time, reports in the Vancouver SUN newspaper told stories of the CASINOs in the area being watched closely, since untold MILLIONS of dollars were exchanging hands - Chinese men would come in with briefcases stuffed with millions of dollars, and buy "CHIPS" -- ie, laundering money... The casinos, delighted to have that kind of revenue, complained that " the transactions were completely legal"... um, well,... sort of... I saw the most unbelievable things in Vancouver, a city that Statistics Canada OFFICIALLY announced, had "Chinese" as the dominant population --- I did not need Stats Can to figure that one out! At one of my banks, Toronto-Dominion, that has the longest "open" hours of any bank in Canada - 8 A.m. to 8 P.M, with a good 5 to 10 tellers at any given moment inside, I wanted to use the ATM (Automated Teller Machine) in the outer lobby. Much to my surprise, there were 6 people in line. That never happens. 2 people were in the line behind me, as I waited, watching a short, older Chinese man, open, one by one, a large stack of envelopes. He would open the envelope, take out a check, put it in a deposit envelope, punch in a bunch of numbers, and for AMOUNT, put in $20,000.00 . Then he would open another envelope, and continue on the stack of envelopes. I waited ten minutes or more, and finally he glanced over his shoulder, and realized that there was a long lineup, and grabbed the stack of un-opened envelopes, and left... I would guess he had Hundreds of Thousands of dollars in the pile left, and he had been there a long time before that... Where, besides Las Vegas, would you see someone depositing hundreds of thousands of dollars into an ATM? Get used to it, this is HONGcouver, and strange, is the norm...! I just read an article where the huge Asian manufacturer, LG, was bragging about sending people around the world, on a sort of permanent vacation, to the tune of hundreds of millions a year -- just to look for ... " ideas ". That is a smart, investment -type of policy. The other side of the coin, is that there are roving bands of "idea" purveyors, and the competition to keep those ideas coming in, is a dog-eat-dog adventure. Once it was realized that I am an inventor, and constantly coming up with "IDEA"s, my normal Canadian life, as anyone would reasonably expect, was over..! The complete, 5-year plan to take over a Canadian Bank, deliberately to launder Billions of illegal Chinese currency, shows the long-term, planning, and dedication, and mentality, that a certain faction of the Chinese "immigrants" have. I saw stuff that you simply would not believe, and you would have to catch it on VIDEO before anyone would believe.... Security is a HUGE issue in HongCouver, and the Alarm and Security companies are scrambling to keep up -- for every security feature you can "BUY" ( get this.... made in CHINA !) there is an unbelievable method / ploy/ hack/ or mechanism, to defeat it. Get an alarm system that uses a Cell-Phone, built in, to call you if there is a problem. ... well... It is MADE IN CHINA, and your Cell Phone is MADE IN CHINA, and the Cellular Network ITSELF has equipment MADE IN CHINA, and .... on technical websites such as this, was an article, where, against the SPECIFIC advice of Canada's R.C.M.P. and C.S.I.S. police, and against the F.B.I. and C.I.A. in the U.S., large telephone switching computers in North America were being "UPGRADED" with main frame switching computers -- MADE IN ASIA...! Oh, but it gets better, the computers contain Terabytes of code that no one has looked at! The R.C.M.P. warned that there "COULD BE" a back -door somewhere in the software- well I guess... I have a keychain photo frame, which was a popular 'gift' idea a few years ago. They were everywhere, - and, sure enough, all the anti-virus companies put out a warning - AFTER a year or so, that all the software used on the photo frames could be traced back to one ASIAN company that hid a trojan in the software, that allows ASIAN hackers to take over the user's computers. I still have the original installation disk with the trojan "back-door"... The fact that millions of U.S. and Canadian 'gift-buyers' installed the "back-door" on millions of computers, seems a point that most people are oblivious to! ... I have been fascinated with locks and mechanical devices, since I was 6. I consider myself a reasonably good amateur locksmith. BUT... I am a rank amateur compared to the professional Break and Enter ( B&E) thieves from China. I swear these guys have a SCHOOL - what to you want to be, an electronic alarm hacker, a mechanical lock hacker, a computer software hacker, a telecommunications distribution hacker, a.... whatever, because these guys have knowledge and equipment and skills that would astound you... The room I kept my computer and electronics in was constantly broken into... I had WIRED internet alarms, wireless GSM Cellphone alarms, local alarms, video cameras, and custom made locks and safely devices. In what must be the funniest thing in the entire collection of security and alarm stories -- they not only defeated all of the above, shortly before I left, BUT, they edited the video surveillance footage, stole some of the locks and alarms, and now are MANUFACTURING my hand-made door lock in CHINA- complete with all the flaws! I was not able to properly finish all the design and machining, so they COPIED the un-finished prototypes, and YOU can go online and buy them! (but don't, they all have known flaws, that I can easily point out!!! )... examples: kidbots.com/WEBADD/VANCOUVER_THIEVES/VANCOUVER_THIEVES.html So why didn't my WIRED internet ( CABLE ) work? Ever see a white, unmarked VAN, parked on the side of the road, with a guy with a ladder climbing up a pole to do maintenance on Bell Phone, Cable, Optical, or Hydro. 19 out of 20 workers that I saw, ( and I was counting), were Chinese. Does anyone stop, and ask to see their ID? nope. So why didn't my GSM Cell phone alarm work? I hang out in a very technical crowd, and at the Abbottsford Flea Market, (near Vancouver) someone bought an $800 cell phone jammer ( MADE IN CHINA ) that could take out a 4 Kilometer section of the city. And that is just a cheap one, if you fork out big bucks, you can knock out half a city, easily. Money talks. So, how did they defeat my hand made lock and key , with a hand-made electronic double lock? Easy. I lived in what was known as a "VANCOUVER SPECIAL". A floor plan that was built by the thousands, just modifying the exterior, flipping the floor plans, adding little roof modifications, but, basically, the identical unit, mass produced. Many people people upgrade the windows, and doors, etc. with more weather tight, energy efficient designs, so there is a HUGE supply of "USED" doors and windows, that are all IDENTICAL. You can buy an entire aluminum framed window unit, cut the glass on your intended B&E target, get inside, steal, modify, do whatever, and clean up the glass, and put in IDENTICAL sliding windows. PRESTO. No sign of forced entry! Whoopee. Unfortunately, the main electrical panel for the house is in the garage at the back, so the power was turned off. The telephone was dead. The cable was dead. The Cellular network was dead. Quickly, quietly, efficiently, with such skill as is almost unimaginable. Although it seems like something out of a movie, things ARE reported occasionally in the press- like the CHINESE passenger coming into HongCouver International Airport, wearing an entire head mask and torso of an old man. The guy was about 24, but the entire molded head and upper torso, was of an 80-year old. I was in a Coffee shop, in Vancouver, and this old guy came in, walking bent over, slowly, but,-- he dropped his wallet, and I realized he was practicing his act, since he had to speak to the clerk, and he had to quickly maneuver to get his money! His voice and lightning fast recovery were those of a 20 year old! HongCouver is more like a circus than any city I know in Canada! I have hundreds of stories, many come from Alarm and Security personel, and unfortunately, I can't write about them yet, since the bizarre, incredible feats of B&E and technical wizardry are still a valid THREAT, and it would be irresponsible to publish them until they are widely known and solutions found to circumvent them... Here is one, that is typical, and should wake up a few people who are "SMUG" or "arrogant" in their "internet" firewalls and security systems... A friend in Vancouver was having problems with his telephone - specifically the CALL DISPLAY was intermittent, so, as a retail outlet in electronics, this was a VERY important feature. Also, his monitored alarm security system was through the telephone, typical "BC TEL" wiring. After months of the telephone company running checks on the equipment from "their end", and finding nothing, he hired a company to do a TRACE on the wiring. They found HIS wiring going into the large, double door garage of a private home, in a nearby suburb! Checking it out, there were huge, thick, black cables, from the telephone poles in the back alley, going into the "private" typical, suburb, 'single-family" home's garage....! This is a typical "man in the middle" type of security problem... ( to all the internet security guys reading this -- Do you know where YOUR internet cables are going to and coming from? -- it doesn't matter WHAT kind of firewalls and security you have, if all your internet is supplied through a telecommunications TAP...) Another tid-bit... Since ALL the electronics and computers going into the stores like WAL MART, or BEST BUY or the SOURCE ( Radio SHACK), or whatever, come into Canada through Vancouver Harbour, and, since Vancouver is, in fact, HONGcouver, I thought when I went there, I would find massive, Chinese run, Computer-Electronic SuperStores, like one might find in Toronto... Nope. In fact, a clerk at a large Nation-Wide outlet told me that any stock and supplies they needed were shipped... from Toronto! So Computers and electronics are unloaded from ships, in Vancouver harbour, shipped 4,000 miles to Toronto, and then shipped BACK to the store outlets in Vancouver!... ( During a meeting with the famed Irwin Mervish of Toronto's Honest Ed's, he told me that 80% of all goods sold in Canada, were within a 250 mile radius of his warehouses!) What I did find, were Tiny little store fronts, with cluttered collections of used and new parts and computers. However, - don't judge a book by its cover. In one store that I got to know, the 24 year old Chinese immigrant, who could barely speak English, showed me a large wooden crate, that he just got on his last trip to Hong Kong. A 240 volt, computer controlled (Chinese only display panel) LASER / Infra-Red SMT (Surface Mount Technology ) work station, from hell. He could take any chip from any electronic device made, and replace it. That includes cell phones, iPads, Laptops, whatever- now that's the kind of equipment, in the "Corporate" world that I knew, you had to book a reservation, 6 months in advance, and write a justification report, explaining "why" "YOU" needed it, and file all the paper work associated with the expenditures involved. IFF you were lucky, you might, possibly, gain access to such a device... Or, you could just be a 24 year old hacker in HongCouver... In the business world in Vancouver are hundreds of software companies, that deal with China. One friend told me that they just finished a project, over a year's time. The first and second 'payment' for the software came in as expected, but upon completion, the Chinese Corporation said " If you want your money, simply come to China, and go through the legal system, here..." - a system based on bribery, and everyone knows the outcome! I mentioned this to a software developer here in Ottawa, (the capital city of Canada) a short time ago, and his description of dealing with China was, to me, funny... "We are well aware of the 'business' practices in China. We estimate the total cost, and include THAT in the first payment schedule. Then, if we actually get paid on completion, it is just a bonus!"... Another friend who makes a transmission product that saves wear and tear on heavy equipment, like bulldozers, cranes, and earth movers, told me of his adventure in China - He shipped a pallette load of his product to China, but after 6 months, on the construction site, he got a call that something was wrong. He flew over to China, and traced the route HIS product took. In the harbour where the containers were unloaded, he found FAKE identical bottles of "HIS" product, mixed half-and-half with crap, for sale. Further up the river, at another major port, were more FAKE bottles, again, mixed a further half-and-half with crap. Finally, at the construction site, were his 'Genuine" bottles of product, diluted so badly with wretched chemicals, that they were actually damaging the equipment! There are a LOT more stories, all over North America, on dealing with "Chinese" businesses, -- but, as with the case of the BANKs in Vancouver, there is almost NO NEWS AT ALL - the CORPORATIONS involved do NOT want a whisper of the corruption and scandal loose to the public since it would tarnish not only their reputation, but seriously affect investments, stock markets, and prestige... The IRON FIST of "Silence" maintained by the Banks verges on corruption, since I have seen many cases where the "victims" of banking fraud are treated like criminals, while the Banking administration sticks their nose in the air, and classifies everything as "An internal Security Matter", the details of which, cannot be released to the public." (( Translation, we screwed up, royally, and are doing everything possible to cover our asses. You, the 'little guy' not only get screwed over by the crooks, but by US, the rich Corporate Executive as well... )) Sometime, I will write a bit on my page "VANCOUVER THIEVES", which at the moment is just a holding page... At one time it would have been "racist" to flaunt the word "CHINESE" like I am about to, but, after you have been subjected to the "new and Improved" HongCouver, the way I have, there is no apology needed, nor given... All I can say is "BEWARE". Polite, philosophical conversations, over "tea", are totally out of place here. The general "CONCEPT" that emerges here, is not just Chinese "hackers", but Chinese hackers working, along with, beside, and in conjunction with, a virtual ARMY of people who are wheeling, dealing, manipulating, harvesting, and snooping, information from around the world, -- and a great deal of that would be in the Canada/U.S. corridor... The "DISCUSSION" and the statistics, in the article above, are just a tiny inkling of the massive WAVE that is just starting to appear... So the question "what do Chinese hackers want?", well, in the case of the millions of novelty photo frame gadgets, "THEY GOT" millions of computers infected with software, that quietly sat there for over a year before anyone noticed... They 'owned' the computers. Then you read, in technical websites, such as this, that there was a massive DoS (Denial of Service) attack, where hackers, controlling hundreds of thousands of computers, crashed a major web server, like Adobe, Yahoo, Juniper Networks, Symantec, Northrop Grumman, Dow Chemical or whomever - well, duh, -- anyone paying attention would not be the least bit surprised at that "news"... I have a file on my computer, that is updated almost daily, from technical web sites and news articles, on computers that have been hacked. Microsoft, Twitter, Tumbler, Facebook, Adobe, Yahoo, Symantec, etc., and then you start to see more subtle and vague reports of Banks, Government departments, NASA, etc., that have been compromised. Knowledge is power, and now INFORMATION is power. In a global economy, knowing what your "competition" is doing, is an invaluable tool. CONTROLLING your "competition" is even more powerful! AND, I have not even "started" to get into the field of telecommunications -- ever thought about your Cell Phone? Every time you move, it transmits to the Tower " I am HERE", and the digital information is broadcast through the system. While there was a public outcry and protest against the U.S. government's proposal to insert R.F.I.D. tags ( Radio Frequency I D entification) capsules into every person in the U.S., every single country in the world has individuals tripping over themselves to buy the latest, greatest, "Smart Phone". I read technical information on Nokia, Samsung, Motorola, BlackBerry, etc. and they all make specific models for specific markets around the world. Deepest Africa, remote India, all of South America, etc... Thus, while rejecting the principle of RFID tags (Big brother is watching ), everyone is carrying around a Radio Beacon, that broadcasts their EXACT location, their phonebook lists, their emails, and their actual VOICE conversations, 24/7 into the vast "CELL" system. You can envision a large world map in C.I.A., M.I.6, C.S.I.S, Chinese Headquarters, etc. with millions of tiny little dots moving around. Each one is a cell phone. Simply gesture over a dot, enlarge, and follow the past year's worth of activity.. See something unusual?.. zoom in, and play back the Voice data packet of the conversation- 8 months ago, and run through the address and contact list... Hmmmm.... let's look into that... a business deal? Quarterly financial results? Stock market purchases? Let's follow the tiny blip on the map, of the guy he is talking to, ... this could get interesting! You can install Software on any phone, available anywhere, - ostensibly to protect your "kids" - that shows the Cell phone location, 24/7, of your "KID". And records all voice, and data, and is accessible from any computer in the world... Today's computers, with Peta-Byte storage, and super fast speeds, can easily track every cell phone in the world... Ever had your ( made in CHINA) cell phone ring, but there is no caller, and there is no listed "incoming" call? Or, your ( made in CHINA) smartphone shows a "NEW TEXT MESSAGE", but when you go to look, there is no record of any message?.. I know VERY knowledgeable technicians who have gotten rid of all cell phones. Technology is a double-edged sword. Convenience, yes, but at what price? ... So, ... Chinese hackers, What do they want? -- " IT ALL ". And it appears, that they are getting it.

TRgscratch
TRgscratch

that the Chinese think it's patriotic to break into computers to which have not been granted access and steal information to which they have not been given permission ? and that the over-arching rationalization is to "keep the Internet clean"?

HypnoToad72
HypnoToad72

such as "does-microsofts-sharing-of-source-code-with-china-and-russia-pose-a-security-risk", but MANY articles can be found. These hackers did not start out with nothing; they were shown the door and how to unlock it. Then catch up to more recent articles saying how these same companies now want government to get involved (the taxpayer-funded subsidy to these corporate entities is bad enough in a "free market", now they want to go the other way in bypassing the very "free market" they tell workers to deal with.)

Pronounce
Pronounce

[b] ... or U.S. if you will. [/b] That is we, the US, have our own monetary interests in controlling the Internet. Like a magician we point to the Chinese while trying to obscure our own controlling tactics. I've spent most of my IT career working in the Public sector and I've found that every bureaucratic institution wants to control its piece of the pie (be it money or people). And these US bureaucracies, in theory, are suppose to have the same goal: "Serve the public's needs to the highest possible standard." If you look at the Internet as a worldwide institution and each government as the manager of their bureaucracy then all parties are being as self-centered as I've always seen humans to be. For us, who have no power, the Internet is a great place to live and thrive as a worldwide community. Now drop a few drops of power hungry people on our Internet pond and the oil film from their actions quickly forms an oil slick of contamination. If the people who have no power could remove the people who hunger for power from the Internet it would be a much more harmonious place. (But I'm a realist and know that the "sheople" will be preyed upon by the wolves.) [b] Culture is Culture is Culture:[/b] As noted in this article Chinese are highly communal, and don't value individual rights over group wants. This is opposed to our highly individualistic culture that esteems individuals and strives to protect the under represented from the majority. China has had a ruling class for millennia. This is the structure that is their culture and that all Chinese protect. (btw: It takes a minimum of three generations to make a cultural shift, and if you push too hard against a culture you'll get cultural push back that will cause a reactionary return to the "good ol' days".) In spite of this nature when people travel to foreign lands they adapt. I have found that when Chinese are in our North American culture they adapt to some degree and form cultural enclaves to some degree. This is true for North Americans who live and work in China, or really any other culture to any other culture from the distance past to now. [b] Don't Worry, Be Happy[/b] The bottom line is that if all the organizations, agencies, religions, power brokers, and governments would release their people to do as they like then the Internet culture would follow the same pattern as culture normally does and sort itself out.

cd613
cd613

what great hacker would be giving out their ideas on a open forum? the best you have look for, they dont come 2 u

greg
greg

I've battled the Chinese/Spammers for many years in all my forum websites. I had tracked them to that building in Beijing 2 years before the US govt announced it. The volume of IP addresses that these Spammers have access to and knowing the restrictive policies of the Chinese government can lead to only one conclusion. The same conclusion that the US announced, that these are government sponsored and supported. My thesis is that it is a well-planned and funded program of disruption and who knows what other objectives. I'm sure they are bringing in a good amount of $$$ with many of these activities, probably enough to self-fund. If I had time to assemble data on this my estimate would probably come in at about 70-80% of the current email and online Spam is originating from this Internet army in Beijing. It can't be reported and shut down either, because China owns all the ISP's and DNS servers where this is originating. Who do you report them to??? When I irritate this group to a certain point they launch DDoS attacks against my web hosting companies and that is when I'm able to see the scope of the cutouts this group has available around the world. While I'm sure cultural differences play a significant role in things, I am fairly certain that most of the Internet problems being traced back to China are government sponsored and backed which plays right into the article that these hackers/spammers are uber patriotic. This is exactly the issue with N. Korea that is now coming to light. They appear to have invested in an "Internet army" that was most likely behind the disruptions recently to the S Korean banking system. It will be interesting to watch as this activity increases.

r0b3rth1ll
r0b3rth1ll

Ok, so lets make this an opportunity to create a new "ITIL", procedures and "SOP"'s that are used to define the IT security terms between the USA and China. To get us on the same page...kind of. For the good of both Country. (_o_) lol Go USA

JCitizen
JCitizen

It is not that I don't think I understand the Chinese people (which I could be deceiving myself), it is more my disappointment in our own government's response to the criminal mischief going on over here in the US as a direct result of criminal hacking(cracking). What chance does a single US citizen entrepreneur have against a giant coordinated bureaucratic effort by the PRC to rob us of our intellectual property? Out of pure frustration, we can only yell about the Chinese, because we get little attention from our own government to mitigate the problem. I love the Chinese people, and in fact I haven't met any folks from any part of the world that I didn't like - but the point is, that our frustrations boil over, and damage our relations with the PRC. I'm sure cultural differences affect the People's Republic officials response to our individual criticisms - they probably take a quizzical look at it and wonder why our own government doesn't just simply control it like they do with their own people. They may feel we deserve a bad rap for no support from our own bureaucracy. I hammer my representatives on this situation, but many law makers seem to be clueless on Information Technology, and in fact on innovation itself. So our politicians take reactionary positions, instead of just working to get more support for our innovators here in the US. We do waste valuable time and money going the wrong direction on the subject, and for that, I suppose I can't blame the Chinese leaders for their apoplexy over the issue.

menehune22
menehune22

My wife and I traveled to China, prior to the 2008 Olympics. We were struck by the amount of control the govt. has in the daily lives of most Chinese. This obviously carries over to their diligence in keeping their version of the Internet 'clean'. Your Professor Nir Kshetri was careful to not indict the govt.-sponsored hacking emanating from Shanghai. The Mandiant report was able to document fairly well, the amount of intelligence being gleaned from non-chinese companies world-wide. I believe that most Chinese could care less about 'hacking'. They worry more about where/when there next meal takes place.

JCitizen
JCitizen

After what happened to Brian Krebs the other day I'd watch your back! I know I do!! v/ (edited) You're not the only person with a fantastic story - I feel some of my clients should write a book - the public would never believe it, but it would make a good Hollywood action thriller - nobody could make up this sh*t! X-(

Michael Kassner
Michael Kassner

As I said in the article, this issue is super complicated. The Chinese culture is vastly different than western countries and what may seem odd to you is not to them. And each country has their own mandate as to what is right.

Michael Kassner
Michael Kassner

I absolutely love your oil and water analogy. it fits perfect.

JCitizen
JCitizen

is the USA getting butt cracked - then I see your point - but there is no LOL in it. At some point this is going to boil over, and it ain't gonna be pretty! X-(

femtobeam
femtobeam

Great comment Jay! The selective micro targeting of individuals by the Chinese Government was underway already and was spectacularly discovered after they attacked the Dalai Lama's computers. After Conficker was tracked to China by the Canadian team, it became apparent that the core servers of the Internet were involved. Now, as you say, people are helpless and can do little to protect themselves. The US Government has little success in protecting their systems either. Damage control does not work very well when massive numbers of Veterans records "go missing" and "blueprints" of classified documents disappear from the data bases of the sub-contractors. The Government now is calling a spade a spade and the new Cyber Command is underway... looking for all those dispassionate gamers. The sheer numbers and resources of the Chinese Government is forcing the US to act, now that Mandiant has definitively proven the point; "the attacks are originating from Chinese Military bases". We knew something like this would happen during the 80's when the American electronics industry was traded for cigarettes. Needless to say, that deal was fair to no-one. They Cyber wars would be fought using equipment made in China. They can just dismantle it. Back doors and IR cameras were found everywhere in HD set top boxes from China. There are/were plenty of YouTube videos of tear downs. We are using China's networks now with all the Huawei equipment and billions of chips in endpoints. Aren't we behind the Chinese Firewall already? The Manhattan Project that it will take to get back the lost edge will have little chance of getting funded, and by the time there is consensus that there is a problem, the brainwashing will have been massively distributed. If we are lucky, it will just be a game, but I doubt it. Not when it gets up front and personal to so many.

Michael Kassner
Michael Kassner

I always learn from your insight. I'm finding that the US is not so innocent as we would like to believe. I'm reading a brand new Forbes report that has the US deeply involved in the same type of activity.

Michael Kassner
Michael Kassner

Nir and I talked about that, but we felt it was covered sufficiently. So using Nir's cue, I elected to write about cultural differences, and how they influenced hackers from China. That must have been quite a trip.

TRgscratch
TRgscratch

what I think is "right" or "odd" vs what they think is "right" or "odd". It's training their programmers to act in a way that they certainly know is illegal in the jurisdiction in which they choose to operate.

cd613
cd613

bill gates once said its not corporate he fears but the guy in a garage that could make the next microsoft... in an open society such as america creativity is what we offer no where in any other place does creativity so flourish thats why we are number one in tech - we clone ourselves through our tech extend ourselves through it study rocky movies to understand america i dont fear a gov chinese tech but an american guy in a garage w/ next google

greg
greg

Thanks Michael, good information on the slideshow. I really use the spammers/hackers when talking about China interchangeably because they both track back to the same location so most likely it is the same group behind both.

Michael Kassner
Michael Kassner

You mentioned: "[T]hat Mandiant has definitively proven the point; "the attacks are originating from Chinese Military bases." Every report from authoritative sources used the word "alleged." I am working with some attorneys versed in international law, and the only way alleged can be removed is if positive physical forensic evidence is dutifully obtained.

HAL 9000
HAL 9000

The CIA for example is what exactly? It's Illegal when they do things that break foreign rules like the USA Laws but it's OK when the US does the same thing to foreign countries? Seems more than slightly strange to me that thought pattern. ;) Col

JCitizen
JCitizen

His/her IP will be completely stolen by PRC industrial espionage agents, and they might find him/her in a ditch from an "accident"! If he/she never makes complaint in court, or other authority, maybe survival will be successful for this sorry entrepreneur! The government over there sees nothing wrong with making innovators slaves to the system. Just study what happened to the geniuses in Stalin's Russian to learn where the PRC got this habit.

Michael Kassner
Michael Kassner

I suspect you are right, and that will never be a statistic we will ever see.

HAL 9000
HAL 9000

China has a option of Mass Attack and the US is More Targeted in it's Approach to Attacking the Enemy. ;) Don't let figures fool you Michael that 10% figure means absolutely nothing when you look at [b]Successful Penetrations[/b] which is what the Governments actually want. I remember a Virus attacking Cyclotrons that was used to slow down a certain countries Nuclear Ambitions. Very hard to track down and years latter it was announced what had happened but at the time no one had any idea of why these things where failing so often. Successful Penetrations into Companies and Government don't get noticed as that is the way that they work best longest. Col

Michael Kassner
Michael Kassner

I get what you mean. I read that the United States was in second place, but the reporter failed to mention that second place was 10 percent and first was over 40 percent.

JCitizen
JCitizen

All this was off the radar back then, so I feel that my reports were accurate. They were so arrogant they weren't even trying to hide. Now you got to admit, that the PLA was NOT going to allow cracking within their perimeter networks even back then; and as far as spoofing goes, I doubt that in the 2005 to 2007 time frame, much of that was going on in this scenario; maybe bank fraud and other motivated crimes, but not this area of surveillance. Now later I must admit that by 2008, bot-nets had become a problem even in the PRC, so it may not be as surprising to see all kinds of redirects to who knows what by then. But here is my logic - why would my reports show a preponderance of attacks from one sector of the world economy from ANY source, let alone Chinese universities? That doesn't make sense, unless you believe in weird conspiracy theories about defaming China - and at that time no one except me was in that agenda class. I was already squawking about it back then, and people thought I was crazy; but now it is paramount in the news. I doubt that this is a HUGE public mistake. I just don't buy that, after what I've seen, and what my clients have been through. Bear in mind that I don't blame China for even the majority of who was behind most of the successful penetrating attacks I've seen from these victims; but they were not helping from the sheer volume of problems that flooded the web. Although I think that many of the criminal gangs doing some of these attacks were actually based in the US; I don't doubt some of them were paid for by the PRC, and augmented with their vast computing power, and armies of crackers. I wouldn't put it past them to directly earn money in this criminal enterprise, but also contract with other world criminal groups interested in IP theft and surveillance "missions". From many of the problems I see, I also point the finger at Sony and the likelihood that the Yakuza mob in Japan were cooperating in these criminal enterprises. I'm only now beginning to wonder If CyberLink is involved in this class of crime, as they definitely enjoy a special power over many consumers machines through the DRM scheme that MPAA has foisted on the world in the interests of Hollywood and other "well intentioned" sources.

Michael Kassner
Michael Kassner

If so, that is circumstantial, isn't it? As anyone could spoof that address, if I understand correctly.

JCitizen
JCitizen

Maybe this one will make it through - All I know is that my IDS has been under attack by PRC IP addresses since 2007. At first they were back woods military bases, that I actually could find on Google maps. Then they got smarter and came from universities inside China. Lately they come from US universities. Since I never got them from that source before and the previous sources disappeared I have to logically conclude that the original problem is with the PRC. Sorry - but first time shame them, second time still shame on them, third time, we already got the pattern and we ain't stupid. So you will never convince me where it "ain't" coming from! >:(

Michael Kassner
Michael Kassner

How they were able to verify it? I'd like to use that information, but I suspect it's super-top secret

JCitizen
JCitizen

I read on DOD Buzz that they are verified as being from that building shown in the news; these are not bot-net redirects - it is in fact from that PLA military complex.

Editor's Picks