Mar 06
Times Enemynews, security insecure news, Israel, news, US DoD
Meanwhile, in the United States, the Department of Defense is loosening the security in regards to social networks … glorious!
Soldier’s Facebook post about raid gets him jail
by Shira Rubin – Mar. 3, 2010 03:15 PM
Associated Press
JERUSALEM — Israel’s military has “unfriended” one of its own — after a combat soldier potentially updated Israel’s enemies on Facebook.
The military said Wednesday that a planned raid on a West Bank village was called off after the soldier disclosed its details online. The military said the soldier posted the time and location of the raid on his Facebook page, saying that troops were planning on “cleaning up” the village.
Fellow soldiers reported the leak to military authorities, who canceled the raid, fearing that the information may have reached hostile groups and put troops at risk.
The soldier was court-martialed and sentenced to 10 days in prison. He was also removed from his battalion and combat postings.
A military statement added that it is cracking down on soldiers’ use of social networking Web sites and has launched a campaign warning of the dangers of sharing military information online.
“Uploading classified information to social networks or any Web site exposes the information to anyone who wishes to view it, including foreign and hostile intelligence services,” the military statement read. “Hostile intelligence agents scan the Internet with an eye toward collecting information on the IDF (Israel Defense Forces), which may undermine operational success and imperil IDF forces.”
The military said that soldiers were prohibited from publishing classified information, including photographs containing military data.
In posters placed on military bases, a mock Facebook page shows the images of Iranian President Mahmoud Ahmadinejad, Syrian President Bashar Assad and Hezbollah leader Sheik Hassan Nasrallah. Below their pictures — and Facebook “friend requests” — reads the slogan: “You think that everyone is your friend?”
Mar 05
Times EnemyChina, news, security China, economics, insecure news, news, politics, Taiwan, Tibet
China rhetoric raises threat concerns
By Bill Gertz
Friday, March 5, 2010
Recent statements by Chinese military officials are raising concerns among U.S. analysts that the communist government in Beijing is shifting its oft-stated “peaceful rise” policy toward an aggressive, anti-U.S. posture.
The most recent sign appeared with the publication of a government-approved book by Senior Col. Liu Mingfu that urges China to “sprint” toward becoming the world’s most powerful state.
“Although this book is one of many by a senior colonel, it certainly challenges the thesis of many U.S. China-watchers that the People’s Liberation Army’s rapid military growth is not designed to challenge the United States as a global power or the U.S. military,” said Larry M. Wortzel, a China affairs specialist who until recently was co-chairman of the congressional U.S.-China Economic and Security Review Commission.
A Reuters report on Col. Liu’s book, “The China Dream,” appeared Tuesday in the Communist Party newspaper People’s Daily. It quoted the book as stating China and the United States are in “competition to be the leading country, a conflict over who rises and falls to dominate the world.”
Mr. Wortzel said the statements in the book contradict those of former President Jiang Zemin and other Chinese leaders who said China’s rise to prominence in the 21st century would be peaceful. They also carry political weight because the book was published by the Chinese military.
The book was released after calls by other Chinese military officials to punish the United States for policies toward Taiwan, U.S. criticism of China’s lack of Internet freedom and U.S. support for the exiled Tibetan leader Dalai Lama.
One official, Maj. Gen. Luo Yuan, called for using economic warfare against the U.S. over arms sales to Taiwan and urged selling off some of China’s $750 billion in holdings of U.S. debt securities.
China’s military also recently cut off military exchanges with the Pentagon after the announcement of a $6.4 billion sale of helicopters and missiles to Taiwan.
Asked about Col. Liu’s book, State Department spokesman P.J. Crowley said it would be wrong for China to view itself as a U.S. competitor. For the 21st century, U.S.-China relations are the most important ties in the world and “it is a mistake to see the relationship in zero-sum terms,” Mr. Crowley said.
Some U.S. officials in the past dismissed similar alarming statements from the Chinese military as not reflecting official views.
However, Chinese leaders have not disavowed Gen. Luo’s remarks or those of others, such as Maj. Gen. Zhu Chenghu, who in 2005 said China would use nuclear weapons against the United States in response to any firing of conventionally armed long-range cruise missiles against Chinese cities. The statement contradicted Beijing’s declared policy of not using nuclear weapons first in a conflict.
Gen. Zhu reportedly was criticized and demoted but surfaced in print Feb. 10, calling for increased defense spending and boosting military deployments in response to the Taiwan arms sale.
China on Thursday announced that it would increase defense spending this year by 7.5 percent, a smaller increase than in previous years, in an apparent effort to limit criticism of its double-digit annual spending increases for more than a decade.
The recent military statements also counter insistence by many U.S. officials that China’s strategic intentions toward the United States are masked by the lack of “transparency” in the communist system.
U.S. intelligence analysts, in analyses and estimates, also have dismissed or played down evidence of Chinese military deception to hide its true goals. They instead have said in classified reports that the use of strategic deception to hide China’s military buildup is similar to masking efforts of Western powers.
Critics of those analysts’ “benign China” outlook say such views resulted in missing major strategic and military developments by China for more than a decade, such as new missiles, submarines and other advanced military hardware, some that were built in complete secrecy.
The recent Chinese military statements have renewed the long-running debate in U.S. policy and intelligence circles about China’s long-term military intentions and whether they pose threats to U.S. interests.
Mr. Crowley said the U.S. is a global power and “will remain so for the indefinite future,” while China is a rising global power moving to gradually integrate into the global system.
Both countries “have a shared responsibility to cooperate where we can to solve critical international challenges, and manage areas where our national interests may collide,” he said.
Michael Pillsbury, a Pentagon policy official in the Reagan administration, said Chinese military authors have reignited a “nasty debate” in Washington on China.
Mr. Pillsbury, author of two books on Chinese military views of the future, said some U.S. China hands tried to trivialize the nationalistic views because senior Chinese officials do not make such statements at official meetings with U.S. counterparts.
“China’s foreign minister once told the U.S. secretary of state that China has no intention of ever pushing the U.S. out of Asia,” he said. Yet, “the Chinese military itself seems to function with considerable autonomy and no real civilian oversight, so it is plausible that these Chinese military hawks are not mere mavericks or fringe elements at all. Rather, their publications may be indicators of future Chinese programs that are veiled today,” he said.
For example, reports of China’s development of a high-tech ballistic-missile design to attack aircraft carriers first surfaced 15 years ago but were dismissed by many analysts as implausible. U.S. naval intelligence sources, however, expect China to conduct a flight test soon of the new missile that increases the threat to U.S. warships in the western Pacific.
Adm. Robert Willard, the new commander of the U.S. Pacific Command, added fuel to the debate last fall by highlighting intelligence shortfalls on Beijing’s arms buildup. He told reporters that for more than a decade China “exceeded most of our intelligence estimates of their military capability.”
Earlier this year, Adm. Willard questioned Chinese assertions about a peaceful rise, saying they are “difficult to reconcile with new military capabilities that appear designed to challenge U.S. freedom of action in the region and, if necessary, enforce China’s influence over its neighbors.” He told the House Armed Services Committee Jan. 13 that the Chinese military buildup was “aggressive.”
For years, senior U.S. civilian and military officials, including Defense Secretary Robert M. Gates, have stated in public that they do not consider China a “threat” or an “enemy.”
Yet military statements like those of Col. Liu are making it difficult to continue those claims.
“I don’t think anyone who reads Col. Liu’s work can honestly deny that it reflects a consensus mindset in the Chinese military and political leadership,” said John Tkacik, a former State Department China hand.
“There’s no question that Col. Liu and other very influential and like-minded strategists … are psychologically preparing the People’s Liberation Army for confrontation with the United States.”
Richard Fisher, a China military analyst with the International Assessment and Strategy Center, said Col. Liu’s book has helped the debate by “piercing the Beijing-Washington propaganda continuum of China’s ‘benign intent.’”
Chinese Embassy spokesman Wang Baodong did not address the Chinese military statements but said Chinese leaders have said repeatedly that China seeks peaceful development. “China pursues a national defense policy of [a] defensive nature, will not engage … in any arms race, and will never seek hegemony,” he said.
Mar 05
Times Enemynews, security DEA, insecure news, news
Brutal DEA agent murder reminder of agency priority
Budget still put on back burner
By Jerry Seper
Friday, March 5, 2010
Twenty-five years ago today, the brutally beaten body of U.S. Drug Enforcement Administration Agent Enrique S. “Kiki” Camarena was discovered wrapped in plastic bags and dumped along a road near a ranch 60 miles southwest of Guadalajara, Mexico – a death that continues to echo even now throughout the agency.
The veteran agent, along with his pilot, Capt. Alfredo Zavala Avelar, had been viciously tortured by the bosses of a Mexican drug cartel fearful that he had uncovered a multimillion-dollar smuggling operation tied to top officers in the Mexican army, along with Mexican police and government officials.
Over a 30-hour period, Camarena’s skull, jaw, nose, cheekbones and windpipe had been crushed. His ribs were broken; a hole was drilled into his head with a screwdriver. The agent had been injected with drugs to ensure he remained conscious during his torture.
The brutality of the torture shocked even the most hard-core of DEA agents. While the agency acknowledged this week that no single event has had a more significant impact on DEA than the Camarena abduction and slaying, what might have been a wake-up call in Washington – not only to the rising threat of “narco-states” but also to the DEA’s role in combating it – fell mostly on deaf ears.
Camarena’s “vicious kidnapping, torture and murder 25 years ago remains a burning reminder of the dangers and high stakes involved in drug law enforcement,” acting DEA Administrator Michelle M. Leonhart said. “Special Agent Camarena’s murder endures as a turning point in the fight against drug traffickers and the brutal violence they use to oppress others.”
Yet 25 years later, the DEA has since seen only modest budget increases – along with one major reduction – and has been subjected to prolonged hiring freezes by both Democratic and Republican administrations. Much of the available funding has been diverted in recent years to combat terrorism, which has caused rancor among many of the agency’s supervisory and rank-and-file agents.
The agents said funding shortages and hiring freezes not only threatened efforts to reduce rapidly increasing violent drug crime, but also hampered efforts to combat terrorism worldwide. Many, in interviews this week with The Washington Times, noted that the illicit profit from global drug trafficking is a key source of revenue for terrorist organizations, adding that half of the State Department’s list of foreign terrorist organizations have drug ties.
While the DEA maintains 227 field offices and 86 foreign offices in 62 countries, the agency has fewer than 5,600 agents.
Even now, talks are under way in El Paso, Texas, between U.S. and Mexican government officials in an effort to coordinate drug-fighting efforts. The DEA, the FBI and the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) all have agents in Mexico, but their activities are limited – mostly to sharing intelligence.
Mexican Ambassador Arturo Sarukhan on Wednesday reaffirmed that country’s position, saying Mexico does not “intend to weaken, violate or modify the laws that regulate the presence of foreign agents, in this case Americans, on Mexican territory.” He noted that Mexican law forbids the use of weapons by foreign agents on Mexican soil.
James H. Kuykendall, the agent in charge of the Guadalajara DEA field office at the time of the Camarena killing, said the agency immediately got additional funding and more agents after the death and the Mexican government began to help “clamp down” on drug smugglers, but he said efforts to disrupt and dismantle the problem “didn’t last.”
He said the Mexican government acted because it was “embarrassed” when the Camarena investigation established a link between the drug gangs and the Mexican military, police and government. That link was clearly confirmed after DEA agents discovered an audiotape of the torture session, according to government records.
Mr. Kuykendall, now retired and living in Laredo, Texas, said he can look across the Rio Grande from his home and see the drug violence that has since overtaken Mexico. He described corruption south of the border as the root cause of the rising violence.
He also challenged the resolve of the United States to fully confront the drug problem, asking whether the U.S. government – and the public, for that matter – “cares enough” to adequately fund efforts at combating the rise in drug crime.
“Apparently not,” said Mr. Kuykendall, who initiated the Camarena investigation when the agent’s wife, Mika, called to say her husband was missing. “Agent Camarena was a good man and a good friend.”
Drug-related violence on the U.S.-Mexico border has surged over the past several years, the result of intense competition between two warring drug cartels. More than 8,000 people, including about 800 Mexican police officers and soldiers, have been killed in the resulting war, which has spread into the United States.
U.S. Immigration and Customs Enforcement (ICE) recently reported “an unprecedented surge” of border violence, and the Justice Department has reported that Mexican drug cartels represent the “largest threat to both citizens and law enforcement agencies in this country and now have gang members in nearly 200 U.S. cities.”
Abducted in Guadalajara by five Jalisco State police officers, Camarena was still bound and gagged, his eyes taped shut, when his body was found.
Due to be reassigned less than a month after his body was discovered, he had infiltrated a number of drug gangs, confiscated thousands of pounds of cocaine and marijuana, and seized millions of dollars in illicit drug profits. He had become the worst nightmare for drug smugglers throughout Mexico, particularly those in Guadalajara, then the center of that country’s drug-trafficking empire.
DEA investigators, after discovering the audiotape, determined that Camarena had been beaten with a cattle prod, a tire iron and a broomstick. On the tape, according to those who have heard it, the agent is heard moaning in pain and pleading with his captors, “Don’t hurt my family.”
An autopsy report showed that Mr. Zavala Avelar, who flew small planes to help Camarena scout out marijuana fields, had been buried alive.
The kidnapping and slaying led to the most comprehensive homicide investigation ever undertaken by DEA, which ultimately uncovered corruption and complicity by numerous Mexican officials. Operation Leyenda, translated as Operation Lawman, was established in May 1985 to investigate the abduction. DEA was ultimately successful in securing indictments of several people connected to the slaying.
The investigation, according to the DEA, was long and complex, made more difficult by the fact that the crime was committed on foreign soil and involved major drug traffickers and corrupt Mexican government officials.
The 37-year-old agent, a former U.S. Marine who grew up in a dirt-floored house in Mexico and later moved with his family to the U.S. to pick fruit, was kidnapped on Feb. 7, 1985, as he left the DEA office in Guadalajara to meet his wife for lunch. He had locked his badge and his service revolver in his desk drawer.
According to a reconstruction of the kidnapping by DEA investigators based on witness statements and physical evidence, Camarena was crossing the street en route to his pickup when he was surrounded and grabbed by the Jalisco State police officers, who shoved him into a van and sped away.
The kidnapping occurred in broad daylight within a block of the U.S. Consulate in Guadalajara. Mr. Zavala Avelar was kidnapped the same day in a separate incident. Both were taken to a ranch owned by the drug smugglers, where they were sadistically beaten and tortured.
Immediately after the agent was kidnapped, John Gavin, the U.S. ambassador to Mexico, demanded that Mexican authorities do whatever was necessary to find the agent and return him safely. When Mexican authorities showed little interest in pursuing the case, Operation Camarena was ordered all along the U.S.-Mexico border – every vehicle entering this country was searched. As a result, a border crossing that usually took five minutes took five hours.
The initial suspect in the kidnapping was Rafael Caro Quintero, then 32 and the owner of a marijuana ranch that employed hundreds of workers and had operated with apparent immunity for years. Three months before the kidnapping, the ranch had been raided by Mexican authorities on Camarena’s insistence. The raid resulted in the seizure of $160 million of marijuana already baled and readied for shipment to the U.S.
The U.S. government sought an arrest warrant for Caro Quintero, but he and several of his lieutenants were allowed to leave Guadalajara for Costa Rica on the drug czar’s private jet after giving First Comandante Jorge Armando Pavon Reyes a check for 60 million pesos – equivalent to about $265,000 in 1985 U.S. currency and twice that much today.
On his way to Costa Rica, Caro Quintero – then known as the “drug lord of drug lords” – picked up his teenage girlfriend, Sara Cristina Cosio Martinez. The DEA later tracked a call she made to her parents in Mexico City back to a mansion in Costa Rica, where Caro Quintero was arrested by Costa Rican police and returned to Mexico.
A second suspect, Ernesto Fonseca Carrillo, then 60, was arrested in Puerto Vallarta, along with 23 suspected members of the Guadalajara drug cartel – 14 of whom were Mexican police officers.
Caro Quintero and Fonseca Carrillo received 40-year sentences, which they are still serving in Mexico.
Camarena’s death has since sparked what is called the annual Red Ribbon Week, in which millions of parents and children wear red ribbons during a week in October to support DEA’s efforts to reduce demand for drugs through prevention and education programs. Participants pledge to lead drug-free lives to honor the sacrifices made by the agent and others.
Students, teachers, law enforcement officials, drug-prevention specialists and community leaders will take part in the first “Marching for Kiki’s Red Ribbon” to commemorate the 25th anniversary of his death on Saturday in San Diego.
Camarena is survived by his wife, Mika, and three children, Enrique, then 11, Daniel, then 6, and Erick, then 4. He was given a hero’s burial at Arlington National Cemetery.
Mar 03
Times Enemynews, security DHS, insecure news, news
Tracing attack source key to cybersecurity strategy, Chertoff says
Former DHS chief talks of difficulties in creating a national deterrence plan
By Jaikumar Vijayan
March 3, 2010 06:53 PM ET
Computerworld – SAN FRANCISCO — The difficult task of identifying the true sources of cyber attacks remains one of the biggest challenges in the development of a national cybersecurity strategy, former Department of Homeland Security Secretary Michael Chertoff told Computerworld in an interview at the RSA Security conference here today.
Chertoff, who is participating in a panel discussion at the conference, said there is a growing need for the U.S to create a strong, formal strategy for responding to cyberattacks against American interests.
Such a strategy would need to clearly articulate possible U.S. responses to attacks, which could include diplomatic and other tools.
Chertoff noted that by comparison, physical attacks are relatively easy to track down and respond to. “In the Cold War we could attribute an attack. It was clear where it came from and we could respond,” he said.
Finding the source of cyber attacks, though, is far more complicated, he said. While investigators could find the physical systems from which an attack is launched, the owner of the systems could have nothing to do with the criminal activity.
Similarly, he said, it is very difficult for investigators to determine whether attacks are state-sponsored or are being carried out by individuals on their own.
Chertoff said that defense officials still have to determine specific potential responses to cyberattacks, which could include disconnecting attackers from the internet, using diplomatic tools or military action. “We haven’t really laid down the rules of the road yet,” he said. “It’s challenging.”
Chertoff’s comments come amid growing calls for the U.S. to develop a clearly spelled out formal strategy for dealing with threats in cyberspace.
Recent attacks against Google and other companies from within China, along with dozens of similar attacks against numerous federal agencies in recent years have increased the call for developing a strong strategy.
For example, in a white paper published last month by the Cyber Secure Institute, General Eugene Habiger, a former commander of U.S. Strategic Command for nuclear and deterrence forces, said: “For deterrence to work, the threat of retaliation must be credible enough to alter the cost benefit analysis of our cyberadversaries.
Habiger acknowledged in the white paper that effective cyber attacks can be launched “just as easily from a Starbucks in our own nation’s capital as a cave in Pakistan,” making retaliation extremely difficult.
“Modestly sophisticated cyberattacks leave almost no trace, no return address,” he said. “It becomes extremely to effectively retaliate when you cannot say with certainty who attacked you,” he said.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at Twitter@jaivijayan, send e-mail to jvijayan@computerworld.com or subscribe to Jaikumar’s RSS feed Vijayan RSS.
I guess they need to start somewhere, but this is not news.
Mar 01
Times EnemyChina, security China, insecure news, the atlantic
When will China emerge as a military threat to the U.S.? In most respects the answer is: not anytime soon—China doesn’t even contemplate a time it might challenge America directly. But one significant threat already exists: cyberwar. Attacks—not just from China but from Russia and elsewhere—on America’s electronic networks cost millions of dollars and could in the extreme cause the collapse of financial life, the halt of most manufacturing systems, and the evaporation of all the data and knowledge stored on the Internet.
Cyber Warriors
by James Fallows
Early in my time in China, I learned a useful lesson for daily life. In the summer of 2006, I saw a contingent of light-green-shirted People’s Liberation Army soldiers marching in formation down a sidewalk on Fuxing Lu in Shanghai, near the U.S. and Iranian consulates. They looked so crisp under the leafy plane trees of the city’s old colonial district that I pulled out a camera to take a picture of them—and, after pushing the button, had to spend the next 60 seconds running at full tilt away from the group’s leader, who pursued me yelling in English “Stop! No photo! Must stop!” Fortunately he gave up after scaring me off.
The practical lesson was to not point a camera toward uniformed groups of soldiers or police. The broader hint I took was to be more careful when asking about or discussing military matters than when asking about most other aspects of modern China’s development. I did keep asking people in China—carefully—about the potential military and strategic implications of their country’s growing strength. Ever since the collapse of the Soviet Union and consequent disappearance of the U.S. military’s one superpower rival, Western defense strategists have speculated about China’s emergence as the next great military threat. (In 2005, this magazine published Robert Kaplan’s cover story “How We Would Fight China,” about such a possibility. Many of the international-affairs experts I interviewed in China were familiar with that story. I often had to explain that “would” did not mean “will” in the article’s headline.)
The cynical view of warnings about a mounting Chinese threat is that they are largely Pentagon budget-building ploys: if the U.S. military is “only” going to fight insurgents and terrorists in the future, it doesn’t really need the next generation of expensive fighter planes or attack submarines. Powerful evidence for this view—apart from familiarity with Pentagon budget debates over the years—is that many of the neoconservative thinkers who since 9/11 have concentrated on threats from Iraq, Afghanistan, and Iran were before that time writing worriedly about China. The most powerful counterargument is that China’s rise is so consequential and unprecedented in scale that it would be naive not to expect military ramifications. My instincts lie with the skeptical camp: as I’ve often written through the past three years, China has many more problems than most Americans can imagine, and its power is much less impressive up close. But on my return to America, I asked a variety of military, governmental, business, and academic officials about how the situation looks from their perspective. In most ways, their judgment was reassuringly soothing; unfortunately, it left me with a new problem to worry about.
Without meaning to sound flip, I think the strictly military aspects of U.S.-China relations appear to be something Americans can rest easy about for a long time to come. Hypercautious warnings to the contrary keep cropping up, especially in the annual reports on China’s strategic power produced since 2000 by the Pentagon each spring and by the U.S.-China Economic and Security Review Commission each fall. Yet when examined in detail, even these show the limits of the Chinese threat. To summarize:
- In overall spending, the United States puts between five and 10 times as much money into the military per year as China does, depending on different estimates of China’s budget. Spending does not equal effectiveness, but it suggests the difference in scale.
- In sophistication of equipment, Chinese forces are only now beginning to be brought up to speed. For instance, just one-quarter of its naval surface fleet is considered “modern” in electronics, engines, and weaponry.
- In certain categories of weaponry, the Chinese don’t even compete. For instance, the U.S. Navy has 11 nuclear-powered aircraft-carrier battle groups. The Chinese navy is only now moving toward construction of its very first carrier.
- In the unglamorous but crucial components of military effectiveness—logistics, training, readiness, evolving doctrine—the difference between Chinese and American standards is not a gap but a chasm. After a natural disaster anywhere in the world, the American military’s vast airlift and sealift capacity often brings rescue supplies. The Chinese military took days to reach survivors after the devastating Sichuan earthquake in May of 2008, because it has so few helicopters and emergency vehicles.
- For better and worse, in modern times, American forces are continually in combat somewhere in the world. This has its drawbacks, but it means that U.S. leaders, tactics, and doctrine are constantly refined by the realities of warfare. In contrast, vanishingly few members of the People’s Liberation Army have any combat experience whatsoever. The PLA’s last major engagement was during its border war with Vietnam in February and March of 1979, when somewhere between 7,000 of its soldiers (Chinese estimate) and 25,000 (foreign estimates) were killed within four weeks.
Beyond all this is a difference of military culture rarely included in American discussions of the Chinese threat—and surprising to those unfamiliar with the way China’s Communist government chose to fund its army. The post-Vietnam American military has been fanatically devoted to creating a “warrior” culture of military professionalism. The great struggle of the modern PLA has been containing the crony-capitalist culture that comes from its unashamed history of involvement in business. Especially under Deng Xiaoping, the Chinese military owned and operated factories, hotels and office buildings, shipping and trucking companies, and other businesses both legitimate and shady. In the late 1990s President Jiang Zemin led a major effort to peel the PLA’s military functions away from its business dealings, but by all accounts, corruption remains a major challenge in the Chinese military, rather than the episodic problem it is for most Western forces. One example: at a small airport in the center of the country, an airport manager told me about his regular schedule of hong bao deliveries—“red envelopes,” or discreet cash payoffs—to local air-force officers, to ensure airline passage through the sector of airspace they controlled. (Most U.S. airspace is controlled by the Federal Aviation Administration; nearly all of China’s, by the military.) A larger example is the widespread assumption that military officials control the vast Chinese traffic in pirated movie DVDs.
The Chinese military’s main and unconcealed ambition is to someday be strong enough to take Taiwan by force if it had to. But the details of the balance of power between mainland and Taiwanese forces, across the Straits of Taiwan, have been minutely scrutinized by all parties for decades, and shifts will not happen by surprise. The annual reports from the Pentagon and the Security Review Commission lay out other possible scenarios for conflict, but in my experience it is rare to hear U.S. military or diplomatic officials talk about war with China as a plausible threat. “My view is that the political leadership is principally focused on creating new jobs inside the country,” I was told by retired Admiral Mike McConnell, a former head of the National Security Agency and the director of national intelligence under George W. Bush. Another former U.S. official put it this way: “We tend to think of everything about China as being multiplied by 1.3 billion. The Chinese leadership has to think of everything as being divided by 1.3 billion”—jobs, houses, land. Russell Leigh Moses, who has lived in China for years and lectures at programs to train Chinese officials, notes that the Chinese military, like its counterparts everywhere, is “determined not to be neglected.” But “so many problems occupy the military itself—including learning how to play the political game—that there is no consensus to take on the U.S.”
Yes, circumstances could change, and someday there could be a consensus to “take on the U.S.” But the more you hear about the details, the harder it is to worry seriously about that now. So why should we worry? After conducting this round of interviews, I now lose sleep over something I’d generally ignored: the possibility of a “cyberwar” that could involve attacks from China—but, alarmingly, could also be launched by any number of other states and organizations.
The cyber threat is the idea that organizations or individuals may be spying on, tampering with, or preparing to inflict damage on America’s electronic networks. Google’s recent announcement of widespread spying “originating from China” brought attention to a problem many experts say is sure to grow. China has hundreds of millions of Internet users, mostly young. In any culture, this would mean a large hacker population; in China, where tight control and near chaos often coexist, it means an Internet with plenty of potential outlaws and with carefully directed government efforts, too. In a report for the U.S.-China Economic and Security Review Commission late last year, Northrop Grumman prepared a time line of electronic intrusions and disruptions coming from sites inside China since 1999. In most cases it was impossible to tell whether the activity was amateur or government-planned, the report said. But whatever their source, the disruptions were a problem. And in some instances, the “depth of resources” and the “extremely focused targeting of defense engineering data, US military operational information, and China-related policy information” suggested an effort that would be “difficult at best without some type of state-sponsorship.”
The authorities I spoke with pooh-poohed as urban myth the idea that an electronic assault was behind the power failures that rippled from the Midwest to the East Coast in August of 2003. By all accounts, this was a cascading series of mechanical and human errors. But after asking corporate and government officials what worried them, I learned several unsettling things I hadn’t known before.
First, nearly everyone in the business believes that we are living in, yes, a pre-9/11 era when it comes to the security and resilience of electronic information systems. Something very big—bigger than the Google-China case—is likely to go wrong, they said, and once it does, everyone will ask how we could have been so complacent for so long. Electronic-commerce systems are already in a constant war against online fraud. “The real skill to running a successful restaurant has relatively little to do with producing delicious food and a lot to do with cost and revenue management,” an official of an Internet commerce company told me, asking not to be named. “Similarly, the real business behind PayPal, Google Checkout, and other such Internet payment systems is fraud and risk management,” since the surge of attempted electronic theft is comparable to the surge of spam through e-mail networks.
At a dinner in Washington late last year, I listened to two dozen cyber-security experts compare tales of near-miss disasters. The consensus was that only a large-scale public breakdown would attract political attention to the problem, and that such a breakdown would occur. “Cyber crime is not conducted by some 15-year-old kids experimenting with viruses,” Eugene Spafford, a computer scientist at Purdue, who is one of the world’s leading cyber-security figures (and was at the dinner), told me later via e-mail.
It is well-funded and pursued by mature individuals and groups of professionals with deep financial and technical resources, often with local government (or other countries’) toleration if not support. It is already responsible for billions of dollars a year in losses, and it is growing and becoming more capable. We have largely ignored it, and building our military capabilities is not responding to that threat.
With financial, medical, legal, intellectual, logistic, and every other sort of information increasingly living in “the cloud,” the consequences of collapse or disruption are unpleasant to contemplate. A forthcoming novel, Directive 51, by John Barnes, does indeed contemplate them, much as in the 1950s Nevil Shute imagined the world after nuclear war in On the Beach. Barnes’s view of the collapse of financial life (after all, our “assets” consist mostly of notations in banks’ computer systems), the halt of most manufacturing systems, the evaporation of the technical knowledge that now exists mainly in the cloud, and other consequences is so alarming that the book could draw attention in a way no official report can.
Next, the authorities stressed that Chinese organizations and individuals were a serious source of electronic threats—but far from the only one, or perhaps even the main one. You could take this as good news about U.S.-China relations, but it was usually meant as bad news about the problem as a whole. “The Chinese would be in the top three, maybe the top two, leading problems in cyberspace,” James Lewis, a former diplomat who worked on security and intelligence issues and is now at the Center for Strategic and International Studies, in Washington, told me. “They’re not close to being the primary problem, and there is debate about whether they’re even number two.” Number one in his analysis is Russia, through a combination of state, organized-criminal, and unorganized-individual activity. Number two is Israel—and there are more on the list. “The French are notorious for looking for economic advantage through their intelligence system,” I was told by Ed Giorgio, who has served as the chief code maker and chief code breaker for the National Security Agency. “The Israelis are notorious for looking for political advantage. We have seen Brazil emerge as a source of financial crime, to join Russia, which is guilty of all of the above.” Interestingly, no one suggested that international terrorist groups—as opposed to governments, corporations, or “normal” criminals—are making significant use of electronic networks to inflict damage on Western targets, although some groups rely on the Internet for recruitment, organization, and propagandizing.
This led to another, more surprising theme: that the main damage done to date through cyberwar has involved not theft of military secrets nor acts of electronic sabotage but rather business-versus-business spying. Some military secrets have indeed leaked out, the most consequential probably being those that would help the Chinese navy develop a modern submarine fleet. And many people said that if the United States someday ended up at war against China—or Russia, or some other country—then each side would certainly use electronic tools to attack the other’s military and perhaps its civilian infrastructure. But short of outright war, the main losses have come through economic espionage. “You could think of it as taking a shortcut on the ‘D’ of R&D,” research and development, one former government official said. “When you create a new product, a competitor can cherry-pick the good parts and introduce a competitive product much more rapidly than he could otherwise.” Another technology expert, who serves on government advisory boards, told me, when referring to the steady loss of technological advantage, “We should not forget that it was China where ‘death by a thousand cuts’ originated.” I heard of instances of Western corporate officials who arrived for negotiations in China and realized too late that their briefing books and internal numbers were already known by the other side. (In the same vein: I asked security officials whether the laptops and BlackBerry I had used while living in China would have been bugged in some way while I was there. The answers were variations on “Of course,” with the “you idiot” left unsaid.)
The final theme was that even though these cyber concerns are not confined to China, the Chinese aspects do deserve consideration on their own, because China’s scale, speed of growth, and complex relationship with the United States make it a unique case. Hackers in Russia or Israel might be more skillful one by one, but with its huge population China simply has more of them. The French might be more aggressive in searching for corporate secrets, but their military need not simultaneously consider how to stop the Seventh Fleet. According to Mike McConnell, everything about China’s military planning changed after its leaders saw the results of U.S. precision weapons in the first Gulf War. “They were shocked,” he told me. “They had no idea warfare had progressed to that point, and they went on a crash course to take away our advantage.” This meant both building their own information systems—thus China’s aspiration to create a Beidou (the Chinese name for the Big Dipper) system of satellites comparable to America’s GPS—and being prepared in time of war to “attack what they see as our soft underbelly, our military’s dependence on networking,” as McConnell put it, noting the vast emerging PLA literature on defending and attacking data networks.
Ed Giorgio, formerly of the NSA, has prepared charts showing the points of “asymmetric advantage” China might have over the long run in such competition. Point nine on his 12-point chart: “They know us much better than we know them (virtually every one of their combatants reads English and virtually none of ours read Mandarin. This, in itself, will surely precipitate a massive intelligence failure).” But James Lewis, of CSIS, pointed out an “asymmetric handicap”: “For all the effort the Chinese put into cyber competition, external efforts”—against a potential foe like the United States—“are second priority. The primary priority is domestic control and regime survival. The external part is a side benefit.” For many other reasons, the China-cyber question will, like the China-finance and China-environment and China-human-rights questions, demand special attention and work.
The implications of electronic insecurity will be with us in the long run, among the other enduring headaches of the modern age. The “solution” to them is like the solution to coping with China’s rise: something that will unfold over the years and require constant attention, adjustments, and innovations. “Cyber security is a process, not a patch,” Eugene Spafford said. “We must continue to invest in it—and for the long term as well as the ‘quick fix,’ because otherwise we will always be applying fixes too late.”
No doubt because I’ve been so preoccupied for so long with the implications of China’s growth, I thought I heard a familiar note in the recommendations that many of the cyber-security experts offered. The similarity lies in their emphasis on openness, transparency, and international contact as the basis of a successful policy.
In overall U.S. dealings with China, it matters tremendously that so many Chinese organizations are led or influenced by people who have spent time in America or with Americans. Today’s financial, academic, and business elite in China is deeply familiar with the United States, many of its members having studied or worked here. They may disagree on points of policy—for instance, about trade legislation—but they operate within a similar set of concepts and facts. This is less true of China’s political leaders, and much less true of its military—with a consequently much greater risk of serious misunderstanding and error. The tensest moment in modern China’s security relationship with the outside world came in January of 2007, when its missile command shot one of its own weather satellites out of the sky, presumably to show the world that it had developed anti-satellite weaponry. The detonation filled satellite orbits with dangerous debris; worse, it seemed to signal an unprovoked new step in militarizing space. By all accounts, President Hu Jintao okayed this before it occurred; but no one in China’s foreign ministry appeared to have advance word, and for days diplomats sat silent in the face of worldwide protests. The PLA had not foreseen the international uproar it would provoke—or just didn’t care.
Precisely in hopes of building familiarity like that in the business world, the U.S. Navy has since the 1980s taken the lead in military-to-military exchanges with the PLA. “I think both sides are trying to figure out what kind of a military-to-military relationship is feasible and proper,” David Finkelstein, of the Center for Naval Analyses, in suburban Washington, D.C., told me. “We have two militaries that, in some circumstances, see each other as possible adversaries. At the same time, at the level of grand strategy, the two nations are trying to accommodate each other. There is a major chasm, but both sides are working hard to bridge it.” Such exposure obviously doesn’t eliminate the real differences of national interest between the two countries, but I believe it makes outright conflict less likely.
A similar high-road logic seems to lie behind recommendations for cyber security in general, and for dealing with the Chinese cyber threat in particular. The NSA, which McConnell directed and where Giorgio worked, is renowned for its secrecy. But both men, along with others, now argue that to defend information networks, the U.S. should talk openly about risks and insecurities—and engage the Chinese government and military in an effort to contain the problem.
As a matter of domestic U.S. politics, McConnell argues that we now suffer from a conspiracy of secrecy about the scale of cyber risks. No credit-card company wants to admit how often or how easily it is cheated. No bank or investment house wants to admit how close it has come to being electronically robbed. As a result, the changes in law, regulation, concept, or habit that could make online life safer don’t get discussed. Sooner or later, the cyber equivalent of 9/11 will occur—and, if the real 9/11 is a model, we will understandably, but destructively, overreact.
While trying to build bridges to the military, McConnell and others recommend that the U.S. work with China on international efforts to secure data networks, comparable to the Chinese role in dealing with the world financial crisis. “You could have the model of the International Civil Aviation Organization,” James Lewis said, “a body that can reduce risks for everyone by imposing common standards. It’s moving from the Wild West to the rule of law.” Why would the Chinese government want to join such an effort? McConnell’s answer was that an ever-richer China will soon have as clear a stake in secure data networks as it did in safe air travel.
We’re naturally skeptical of abstractions like “cooperation” or “greater openness” as the solutions to tough-guy, real-world problems. But in making the best of a world that will inevitably be changed by increasing Chinese power and increasing electronic threats from many directions, those principles may offer the right, realistic place to start.
Feb 27
Times EnemyChina, news, security China, insecure news, news, politics
Mike McConnell on how to win the cyber-war we’re losing
By Mike McConnell
Sunday, February 28, 2010
The United States is fighting a cyber-war today, and we are losing. It’s that simple. As the most wired nation on Earth, we offer the most targets of significance, yet our cyber-defenses are woefully lacking.
The problem is not one of resources; even in our current fiscal straits, we can afford to upgrade our defenses. The problem is that we lack a cohesive strategy to meet this challenge.
The stakes are enormous. To the extent that the sprawling U.S. economy inhabits a common physical space, it is in our communications networks. If an enemy disrupted our financial and accounting transactions, our equities and bond markets or our retail commerce — or created confusion about the legitimacy of those transactions — chaos would result. Our power grids, air and ground transportation, telecommunications, and water-filtration systems are in jeopardy as well.
These battles are not hypothetical. Google’s networks were hacked in an attack that began in December and that the company said emanated from China. And recently the security firm NetWitness reported that more than 2,500 companies worldwide were compromised in a sophisticated attack launched in 2008 and aimed at proprietary corporate data. Indeed, the recent Cyber Shock Wave simulation revealed what those of us involved in national security policy have long feared: For all our war games and strategy documents focused on traditional warfare, we have yet to address the most basic questions about cyber-conflicts.
What is the right strategy for this most modern of wars? Look to history. During the Cold War, when the United States faced an existential threat from the Soviet Union, we relied on deterrence to protect ourselves from nuclear attack. Later, as the East-West stalemate ended and nuclear weapons proliferated, some argued that preemption made more sense in an age of global terrorism.
The cyber-war mirrors the nuclear challenge in terms of the potential economic and psychological effects. So, should our strategy be deterrence or preemption? The answer: both. Depending on the nature of the threat, we can deploy aspects of either approach to defend America in cyberspace.
During the Cold War, deterrence was based on a few key elements: attribution (understanding who attacked us), location (knowing where a strike came from), response (being able to respond, even if attacked first) and transparency (the enemy’s knowledge of our capability and intent to counter with massive force).
Against the Soviets, we dealt with the attribution and location challenges by developing human intelligence behind the Iron Curtain and by fielding early-warning radar systems, reconnaissance satellites and undersea listening posts to monitor threats. We invested heavily in our response capabilities with intercontinental ballistic missiles, submarines and long-range bombers, as well as command-and-control systems and specialized staffs to run them. The resources available were commensurate with the challenge at hand — as must be the case in cyberspace.
Just as important was the softer side of our national security strategy: the policies, treaties and diplomatic efforts that underpinned containment and deterrence. Our alliances, such as NATO, made clear that a strike on one would be a strike on all and would be met with massive retaliation. This unambiguous intent, together with our ability to monitor and respond, provided a credible nuclear deterrent that served us well.
How do we apply deterrence in the cyber-age? For one, we must clearly express our intent. Secretary of State Hillary Rodham Clinton offered a succinct statement to that effect last month in Washington, in a speech on Internet freedom. “Countries or individuals that engage in cyber-attacks should face consequences and international condemnation,” she said. “In an Internet-connected world, an attack on one nation’s networks can be an attack on all.”
That was a promising move, but it means little unless we back it up with practical policies and international legal agreements to define norms and identify consequences for destructive behavior in cyberspace. We began examining these issues through the Comprehensive National Cybersecurity Initiative, launched during the George W. Bush administration, but more work is needed on outlining how, when and where we would respond to an attack. For now, we have a response mechanism in name only.
The United States must also translate our intent into capabilities. We need to develop an early-warning system to monitor cyberspace, identify intrusions and locate the source of attacks with a trail of evidence that can support diplomatic, military and legal options — and we must be able to do this in milliseconds. More specifically, we need to reengineer the Internet to make attribution, geolocation, intelligence analysis and impact assessment — who did it, from where, why and what was the result — more manageable. The technologies are already available from public and private sources and can be further developed if we have the will to build them into our systems and to work with our allies and trading partners so they will do the same.
Of course, deterrence can be effective when the enemy is a state with an easily identifiable government and location. It is less successful against criminal groups or extremists who cannot be readily traced, let alone deterred through sanctions or military action.
There are many organizations (including al-Qaeda) that are not motivated by greed, as with criminal organizations, or a desire for geopolitical advantage, as with many states. Rather, their worldview seeks to destroy the systems of global commerce, trade and travel that are undergirded by our cyber-infrastructure. So deterrence is not enough; preemptive strategies might be required before such adversaries launch a devastating cyber-attack.
We preempt such groups by degrading, interdicting and eliminating their leadership and capabilities to mount cyber-attacks, and by creating a more resilient cyberspace that can absorb attacks and quickly recover. To this end, we must hammer out a consensus on how to best harness the capabilities of the National Security Agency, which I had the privilege to lead from 1992 to 1996. The NSA is the only agency in the United States with the legal authority, oversight and budget dedicated to breaking the codes and understanding the capabilities and intentions of potential enemies. The challenge is to shape an effective partnership with the private sector so information can move quickly back and forth from public to private — and classified to unclassified — to protect the nation’s critical infrastructure.
We must give key private-sector leaders (from the transportation, utility and financial arenas) access to information on emerging threats so they can take countermeasures. For this to work, the private sector needs to be able to share network information — on a controlled basis — without inviting lawsuits from shareholders and others.
Obviously, such measures must be contemplated very carefully. But the reality is that while the lion’s share of cybersecurity expertise lies in the federal government, more than 90 percent of the physical infrastructure of the Web is owned by private industry. Neither side on its own can mount the cyber-defense we need; some collaboration is inevitable. Recent reports of a possible partnership between Google and the government point to the kind of joint efforts — and shared challenges — that we are likely to see in the future.
No doubt, such arrangements will muddy the waters between the traditional roles of the government and the private sector. We must define the parameters of such interactions, but we should not dismiss them. Cyberspace knows no borders, and our defensive efforts must be similarly seamless.
Ultimately, to build the right strategy to defend cyberspace, we need the equivalent of President Dwight D. Eisenhower’s Project Solarium. That 1953 initiative brought together teams of experts with opposing views to develop alternative strategies on how to wage the Cold War. The teams presented their views to the president, and Eisenhower chose his preferred approach — deterrence. We now need a dialogue among business, civil society and government on the challenges we face in cyberspace — spanning international law, privacy and civil liberties, security, and the architecture of the Internet. The results should shape our cybersecurity strategy.
We prevailed in the Cold War through strong leadership, clear policies, solid alliances and close integration of our diplomatic, economic and military efforts. We backed all this up with robust investments — security never comes cheap. It worked, because we had to make it work.
Let’s do the same with cybersecurity. The time to start was yesterday.
Mike McConnell was the director of the National Security Agency in the Clinton administration and the director of national intelligence during President George W. Bush’s second term. A retired Navy vice admiral, he is executive vice president of Booz Allen Hamilton, which consults on cybersecurity for the private and public sector.
Feb 26
Times Enemynews, security insecure news, news, Pentagon, US DoD
This is a mistake. The people who truly oversee the gates should have fought harder to not only keep the ban, but to block more sites. The decision-makers simply do not understand what is going on and are trying to be people-pleasers. Security should trump this type of access. If you need the access, request it, go to a less secure network, go to a public network even, but do not drop the security standards across the board!
Pentagon Will Allow Troops Broad Access to Social-Media Sites
February 27, 2010, 12:02 AM EST
By Tony Capaccio
Feb. 27 (Bloomberg) — The Pentagon reversed a directive that has blocked access from U.S. military computers to about 10 social-networking sites, such as YouTube and MySpace.
Troops will have unrestricted access to these and other sites, such as Facebook and Twitter, if security precautions are applied and ethical guidelines are followed, Deputy Defense Secretary William Lynn said yesterday in announcing the new policy.
The military’s unclassified Internet gateway “shall be configured to provide access to Internet-based capabilities,” he said in a nine-page policy memo.
“Official uses of Internet-based capabilities are permitted,” Lynn said. Postings should include a disclaimer “when personal opinions are expressed.”
Lynn’s directive applies to all military computers used by troops ranging from the squad level in combat zone to a base in the U.S.
The previous restrictions were designed to ensure the security of military computers and preserve the use of bandwidth.
The May 2007 directive was reversed because “we’ve become smarter,” Pentagon Deputy Chief Information Officer David Wennergren told reporters. “We realized that the right thing to do was work with the companies to make sure they were doing good security practices and to work with our employees to make sure they were practicing good security hygiene.”
Precautions
Commanders “shall continue to defend against malicious activity affecting Defense networks and take immediate actions as required to safeguard missions, such as temporarily limiting access to the Internet to preserve operations security or address bandwidth constraints,” Lynn said.
Commanders also should continue to deny access to sites engaging in pornography, hate-crimes or gambling, Lynn said in the policy memo.
Admiral James Stavridis, the supreme allied commander of NATO, is one of the scores of military officers and officials who have an account with Facebook or other social networks.
The Pentagon’s Web site lists all major military users of privately held, Palo Alto, California-based Facebook Inc.
–Editors: Don Frederick, Robin Meszoly
-0- Feb/27/2010 05:00 GMT
To contact the reporters on this story: Tony Capaccio in Washington at acapaccio@bloomberg.net
To contact the editor responsible for this story: Jim Kirk in Washington at jkirk12@bloomberg.net.
Feb 26
Times EnemyChina, news, security China, insecure news, news
China Attacks on Google May Have Hit 100 Companies, ISEC Says
February 26, 2010, 10:04 PM EST
By Brian Womack and Katrina Nicholas
Feb. 27 (Bloomberg) — The Chinese cyber attacks that Google Inc. reported last month may have targeted more than 100 companies, a larger number than previously thought, according to security research firm ISEC Partners Inc.
ISEC said it discovered the additional targets while working with victims of the attack, which originated in China. Google initially alerted 30 companies to the problem, San Francisco-based ISEC said.
Google disclosed last month that it suffered “a highly sophisticated” cyber attack on its corporate infrastructure and threatened to withdraw from China. The Mountain View, California-based company said Gmail e-mail accounts of Chinese human-rights activists were targeted by the hackers.
Chief Executive Officer Eric Schmidt said Jan. 21 that Google had begun talks with the Chinese government and would be “making some changes” to its operations in China. The company was still following Chinese laws and censoring its search results locally, he said.
“Although none of the attacks or technique used in this series of attacks are particularly novel, the skill set, patience and tenacity of the attackers is much greater than most enterprises are equipped to deal with,” ISEC said in its report.
Jill Hazelbaker, a Google spokeswoman, didn’t immediately respond to a message seeking comment.
An exit from China would cost Google $600 million in annual sales, with would-be advertising clients instead spending at rival Baidu Inc., JPMorgan Chase & Co. said in January. As concerns ease the Chinese government will shut the company’s operations, advertisers are returning and Google’s China business is hiring again, media buyers said earlier this month.
China, whose authorities censor media through state ownership of all newspapers, television and radio stations, may have 840 million Internet users, or 61 percent of the population, by 2013, according to EMarketer Inc. in New York. The country had 384 million users at the end of last year, according to government data.
Google climbed 37 cents to $526.80 in Nasdaq Stock Market trading Friday. The shares have fallen 15 percent this year, after gaining 93 percent in 2009.
–Editors: Stephen West, Peter Vercoe
Katrina Nicholas in Singapore at +65-6311-2468 or knicholas2@bloomberg.net
To contact the reporter on this story: Brian Womack in San Francisco at bwomack1@bloomberg.net
To contact the editor responsible for this story: Nick Turner at nturner7@bloomberg.net
Feb 26
Times EnemyChina, news, security China, news
China passes National Defense Mobilization Law to safeguard security
English.news.cn 2010-02-26 15:24:08
BEIJING, Feb. 26 (Xinhua) — China’s top legislature passed the National Defense Mobilization Law on Friday after three readings, setting down rules on how and when the military should be mobilized in times of war or emergency.
The Law was approved at the National People’s Congress (NPC) Standing Committee’s three-day bimonthly session which ended Friday. President Hu Jintao signed a decree to publish the Law, which will take effect on July 1.
The 72-provision law sets out principles and organizational mechanisms for national defense mobilization, personnel and strategic material storage, and the prevention and relief of war-related disasters.
According to the Law, the NPC Standing Committee will declare national or regional mobilization in line with the Constitution and laws “if state sovereignty, unification, territorial integrity or security is threatened.”
The president will issue a mobilization order based on the decision of the NPC Standing Committee, the Law stipulates.
The mobilization work will be jointly led by the State Council and the Central Military Committee of the Communist Party of China (CPC), according to the Law.
The country should ensure storage of military articles including facilities, materials and special production devices designed for military use according to the demand of military orders and equipment in wartime, it said.
Male citizens aged between 18 and 60 and females aged between 18 and 55 should provide service for national defense, including giving support to military operations during wartime, engaging in prevention against war-related disasters as well as related relief tasks, and helping to maintain social order, it stipulates.
Drafting of the Law started in September 2000.
Editor: Lin Zhi
Feb 26
Times EnemyChina, news, security China, insecure news, news
I suppose it is only fair to post some opinions from the “other” side as well…
Commentary: China cyber attacks against Google pure fabrication
English.news.cn 2010-02-24 00:23:06
BEIJING, Feb. 23 (Xinhua) — The New York Times, the Wall Street Journal, Financial Times and some other newspapers have published articles indicating that cyber attacks targeting Google and several other U.S. companies were from China. Such allegations are arbitrary and biased.
These articles take as evidence that hackers’ IP addresses could be traced back to two schools in China. However, it is common sense that hackers can attack by hijacking computers from anywhere in the world. This fact also explains why hackers are hard to be tracked down.
Computers in China are easy to be hijacked by hackers as internet security technology and services are still underdeveloped in China. The majority of Chinese internet users also lack security awareness and adequate protection measures.
The hackers’ IP addresses could by no means vindicate the newspapers’ allegations that the attacks were carried out by Chinese citizens or from within China.
Certain newspapers went even further by indicating that the Chinese government and the military might have supported those cyber attacks.
The New York Times says the Lanxiang vocational school in eastern Shandong province, one of the schools from which the cyber attacks were said to originate, has military support. Another school, the Shanghai Jiaotong University, “has received financing from a high-level government science and technology project.”
The New York Times went to great lengths to mention that “graduates of the (Lanxiang) school’s computer science department are recruited by the local military garrison each year.”
The paper, however, did not care to tell its readers that a school in China does not need to have any special relationship with the military to have its graduates in uniform. It is also true in the United States, where the New York Times is based.
China’s attitude toward cyber attacks has been unequivocal and has adopted laws against such crimes, as China is one of the countries that bear the brunt of cyber attacks. It is way far-fetched to say that cyber attacks — even if they were to originate from China or were to be carried out by Chinese citizens — would have the support of the Chinese government.
The U.S. government, on the other hand, takes a dubious attitude toward cyber attacks.
According to media reports, the U.S. Homeland Security and Defense departments have both openly recruited hackers.
People with a “blackhat perspective” and know how to “do threat modelling” are the best choices, said Philip Reitinger, Department of Homeland Security deputy undersecretary, at an information security conference last October.
Cyber crimes could cause immense losses for individuals, enterprises and nation-states. Effective supervision and closer international cooperation are ways to boost cyber security. Finger pointing is not.
Editor: Mu Xuequan
Related Story:
Feb 24
Times EnemyChina, news, security China, insecure news, news
Another China vs USA which does not bode well for my team…
We Would Lose Cyberwar says former DNI Mike McConnell
This was written by Michael Cheek on Wednesday, February 24, 2010, 11:33.
Cyberwar is increasingly entering into the mindset of policy makers. Earlier this month, DNI Dennis Blair outlined the cyber threat in his Annual Threat Assessment of the US Intelligence Community, saying that “The United States confronts a dangerous combination of known and unknown vulnerabilities, strong and rapidly expanding adversary capabilities, and a lack of comprehensive threat awareness.”
In a hearing on Tuesday before the Senate Commerce, Science and Transportation Committee, former DNI Mike McConnell, of Booz Allen, told legislators that “If the nation went to war today, in a cyberwar, we would lose. We’re the most vulnerable. We’re the most connected. We have the most to lose.”
McConnell also said that the US is unlikely to really secure cyberspace until a major cyber disaster occurs. “We will not mitigate this risk. We will talk about it, we will wave our hands, we’ll have a bill, but we will not mitigate this risk,” he said.
Mary Ann Davidson, CSO of Oracle Corporation, said “We need to change our collective mindset so that elements of critical cyber infrastructure are designed, developed and delivered to be secure. We do that in part by changing the educational system so that we have a cadre of people who know that critical cyber infrastructure will be attacked – and they build accordingly and defensively.”
“Too much is at stake for us to pretend that today’s outdated cybersecurity policies are up to the task of protecting our nation and economic infrastructure,” said Senator Rockefeller. “We have to do better and that means it will take a level of coordination and sophistication to outmatch our adversaries and minimize this enormous threat. It is that simple. We cannot wait for a crisis to occur, the consequences would be far too grave.”
Feb 24
Times EnemyChina, news, security China, insecure news, news
China denies cyber attacks on Google originated in two of country’s schools
By Aileen McCabe, Canwest News Service
February 24, 2010 7:54 AM
The Chinese government came out swinging Tuesday against allegations the cyber attacks that led Google to threaten to pull out of the world’s most populous nation originated in one of China’s top universities and at a little-known vocational school with suspected links to the military.
“Reports that these [attacks] came from Chinese schools are groundless, and accusations of Chinese government involvement are irresponsible and out of ulterior motives,” a Foreign Affairs spokesman told reporters.
Qin Gang said China has laws against hacking that are strictly enforced.
His words came as reports leaked out that Google is preparing to resume talks about its future with Beijing, which were interrupted for the Lunar New Year holiday.
Since Google announced in January that hackers it believed were based in China breached its defences, the company has been trying to determine whether it is possible to stop complying with Chinese Internet censorship rules and still continue to operate its popular Google.cn search engine in the country.
The California-based Internet giant’s attempts to deal with the hacking controversy quietly were hijacked on the weekend when the New York Times published new “evidence” further implicating China.
Citing “people involved in the investigation” of the online attacks against Google and about 30 U.S. companies, the Times said Shanghai’s Jiaotong University and the Lanxiang Vocational School in Shandong province appeared to be involved.
London’s Financial Times followed with more revelations this week, claiming a Chinese programmer in his 30s wrote at least part of the script that was used to target a hole in Microsoft’s Internet Explorer.
It claimed U.S. analysts have identified him as a freelance security consultant who posted his work on a “hacking forum.”
Both schools identified by the Times have denied any knowledge of, or connection to, the sophisticated hackers.
Jiaotong, which is one of China’s elite universities, has a strong computer science department and proudly boasts of professors who have worked with the People’s Liberation Army.
Lanxiang, on the other hand, is little-known, even in China, and claims its students are nowhere near advanced enough to carry out anything close to the kind of attack that Google suffered.
“The reports are too boring, simply unfounded and politically orientated,” Li Zixiang, Communist party chief at Lanxiang School told the official Chinese news agency, Xinhua.
The Times claimed that Lanxiang’s dean and chief professor have both worked on “technology matters” for the PLA.
© Copyright (c) National Post
Feb 15
Times EnemyChina, security China, insecure news
China leads the world in hacked computers, McAfee study says
By Ellen Nakashima
Washington Post Staff Writer
Monday, February 15, 2010
More private computers were commandeered by hackers for malicious purposes in China in the last quarter of 2009 than in any other country, including the United States, according to a new study by an Internet security company.
These “zombie” computers are often grouped into “botnets,” or armies of infected computers that can be used to send spam e-mail or attack Web sites, according to McAfee, a Silicon Valley security firm. The company, which said it collects information about Internet-based threats that target more than 100 million computers in 120 countries, said that in the last three months of 2009, about 1,095,000 computers in China and 1,057,000 in the United States were infected.
Those numbers are in addition to 10 million or so previously infected computers in each country, McAfee said.
The prevalence of botnets is a sign of how vulnerable computer networks are to infiltration, a subject of increasing international debate as companies and governments seek to defend their computer systems from intruders.
Last month, Google announced that its networks had been penetrated by attacks originating in China. The Chinese government denied any involvement, saying that hacking in is against the law. There was no indication that the attack involved botnets, experts said.
In a Jan. 21 speech about Internet freedom, Secretary of State Hillary Rodham Clinton advanced the notion of cyberspace as a “global networked commons” and urged the creation of “norms of behavior” among states. Echoing a key principle behind NATO, she said: “An attack on one nation’s networks can be an attack on all.”
She declared that “countries or individuals that engage in cyberattacks should face consequences and international condemnation.”
Some experts have said that Clinton’s call for accountability and norms is complicated by the fact that the United States has so many infected computers. “The government could crack down on botnets, but doing so would raise the cost of software or Internet access and would be controversial,” Jack Goldsmith, a professor at Harvard Law School, wrote in a recent opinion piece in The Washington Post. “So it has not acted, and the number of dangerous botnet attacks from America grows.”
Indeed, Stewart A. Baker, a cyber expert and former assistant secretary for policy at the Department of Homeland Security, said he would like to see a few leading nations develop “effective national norms aimed at eliminating zombie computers.” Companies could be encouraged or required to comply, he said.
One Internet service provider has begun a voluntary service to notify customers when their computers have been infected by bots, viruses and other online threats. Philadelphia-based Comcast, which has 15 million non-commercial customers, began the program last fall. Such initiatives, some experts said, could start to clear out the “noise” in the networks and could help in identifying higher-order threats that could compromise critical computer systems.
One reason computers in China are so vulnerable to botnets may be that software piracy is common and computer users often have not updated the patches on their machines, said George Kurtz, McAfee’s worldwide chief technology officer.
In fact, the number of zombie computers in a country says more about the vulnerability of the computers than about who infected them, Baker said. A nation that might want to use botnets as part of an attack probably would want to have its own computers bot-free and commandeer computers in other countries, he said.
China has steadfastly denied that it supports or engages in hacking and that it penetrates U.S. firms’ computers to steal technology and trade secrets to help state companies — whether by bots or any other tool.
Such “remarks are groundless,” Peng Bo, an official with the Internet bureau under the Information Office, said in remarks to the New China News Agency. “In fact, China is the country worst hit by worldwide hackers.”
Experts say that the United States, which is highly networked and dependent on the Internet for commerce and the running of industry, is the most vulnerable of all countries to cyberattack.
At the same time, the United States is considered the most worrisome potential aggressor, according to McAfee, which in a separate recent survey of 600 technology and security executives of firms around the world found that 36 percent feared the United States and 33 percent feared China as potentially attacking their industries. Russia ran a distant third, at 12 percent.
The result “might simply be a reflection of the raw capabilities and frankly the raw size of U.S. intelligence agencies,” retired Gen. Michael V. Hayden, former director of the CIA and of the National Security Agency, said in the report, which was produced in conjunction with the Center for Strategic and International Studies. The United States also has been engaged in a protracted debate about how to organize its attack and defense capabilities, which may have created an “echo chamber” for concerns about such abilities, the report noted.
That report, issued last month, also found that 59 percent of the executives surveyed said they believed that representatives of foreign governments had already been involved in denial-of-service attacks (the disabling of a Web site by bombarding it with requests for access) and network intrusions to control or steal data from “critical infrastructure” industries in their countries.
Feb 13
Times EnemyChina, security China, insecure news
Cyberattacks from China threaten world’s businesses
Few firms admit they are targets
By Joe McDonald • Associated Press • February 13, 2010
BEIJING — Google’s accusation that its e-mail accounts were hacked from China landed like a bombshell because it cast light on a problem that few companies will discuss: the pervasive threat from China-based cyberattacks.
The hacking that angered Google Inc. and hit dozens of other businesses adds to growing concern that China is a center for a global explosion of Internet crimes, part of a rash of attacks aimed at a wide array of targets, from a British military contractor to banks and chemical companies to a California software maker.
The government denies it is involved. Speaking recently in Paris, China’s foreign minister, Yang Jiechi, said China itself “is the victim of pirate attacks” and the international community must fight the phenomenon together.
But experts say the highly skilled attacks suggest the Chinese military, which is a leader in cyberwarfare research, or other government agencies might be breaking into computers to steal technology and trade secrets to help state companies.
“Chinese hacking activity is significant in quantity and quality,” said Sami Saydjari, president of the consulting firm Cyber Defense Agency and a former U.S. National Security Agency official.
Officials in the United States, Germany and Britain say hackers linked to China’s military have broken into government and defense systems. But attacks on commercial systems receive less attention because victims rarely come forward, possibly for fear it might erode trust in their businesses.
Google was the exception when it announced Jan. 12 that attacks hit it and at least 20 other companies. Google says it has “conclusive evidence” the attacks came from China but declined to say whether the government was involved.
Google cited the attacks and attempts to snoop on dissidents in announcing that it would stop censoring results on its China-based search engine and leave the country if the government does not loosen restrictions.
Only two other companies have disclosed they were targets in that attack — software maker Adobe Systems Inc. and Rackspace Inc., a Web hosting service.
Mikko Hypponen, chief research officer at Finnish security software maker F-Secure Corp., said his company has detected about two dozen attacks originating from China each month since 2005.
“There must be much more that go completely undetected,” he said.
Hypponen said a large British military contractor with which his company worked discovered last year that information had leaked for 18 months from one of its computers to an Internet address in the Chinese territory of Hong Kong. He said similar attacks on military contractors were found in Germany, the Netherlands, Sweden and Finland.
Saydjari said other researchers have told him of dozens of U.S. companies that have been attacked from China but said he could not disclose their names or other details.
A key source of the skills required might be China’s military. China’s army supports hacker hobby clubs with as many as 100,000 members to develop a pool of possible recruits, according to Saydjari.
“China has a strategic goal of becoming the world-dominant economic power within this century. Certainly one way to do that faster is to steal industrial secrets,” he said.
There are no estimates of losses attributable to hacking traced to China, but antivirus supplier McAfee Inc. says intellectual property worth an estimated $1 trillion was stolen worldwide through the Internet in 2008.
Separately, a Los Angeles law firm says it was hit Jan. 11 by an attack that appeared to originate in China after it filed a lawsuit for CyberSitter LLC, a software maker that accuses the Chinese government of stealing its code for use in a Web-filtering system.
The firm Gipson Hoffman & Pancione said e-mails sent to its lawyers contained malicious software designed to extract information from their computers.
Security firm Mandiant Corp. has dubbed such attacks — which allow repeated thefts over months or years — an “advanced persistent threat” and says each one it has studied over the past five years involved theft of information related to U.S.-China corporate acquisitions, negotiations or military acquisitions.
“The scale, operation and logistics of conducting these attacks — against the government, commercial and private sectors — indicates that they’re state-sponsored,” the company said in a report in January.
But even if an attack is traced to China, experts need to examine the computer used to be sure it was not hijacked by an attacker elsewhere. Consultants say security for many Chinese computers is so poor that they are vulnerable to being taken over and used to hide the source of attacks from elsewhere.
In the Google case, confirming the source would require China’s cooperation, and Beijing has yet to respond to Secretary of State Hillary Rodham Clinton’s appeal for an investigation.
“The ‘smoking gun’ proof is very hard to put together,” said Graham Cluley, a researcher for Sophos, a British security software company.
China’s Industry Ministry said in a statement that any suggestion that the government is involved in any Internet attack “is groundless and aims to discredit China.”
But China is no stranger to government-directed industrial espionage on a vast scale. Intelligence experts say that since the 1970s, Beijing has carried on a quiet campaign to acquire foreign technology and other secrets by using Chinese businesspeople, students and scientists who travel abroad as part-time spies.
China, with the world’s largest population of Web users at more than 384 million, also has a history of hacking. In 1999, Web surfers defaced U.S. government sites after the mistaken U.S. bombing of Beijing’s embassy in Belgrade, Serbia, killed three Chinese. Nationalists have attacked Web sites in Japan and Taiwan, the self-ruled island claimed by China.
More recent cases have shifted from vandalism to theft of government or trade secrets.
Last March, a Canadian group, the Information Warfare Monitor, said it found a China-based ring stole sensitive information from thousands of computers worldwide. Targets included the communications network of The Associated Press. The government did not respond to the report’s details but said it opposes computer crime and criticized the researchers for suggesting otherwise.
China has also ordered vendors that sell computer security technology to government agencies to reveal how it works under rules that take effect May 1. Foreign companies operating there worry that might compromise systems used by banks and others to protect customer information and trade secrets.
Feb 13
Times EnemyChina, security China, insecure news
Worries grow about America’s cyber security
Feb 13, 2010 (The Kansas City Star – McClatchy-Tribune Information Services via COMTEX)
– The deputy secretary of defense says “the cyber threat” is the one thing that keeps him up at night.
The director of national intelligence says such attacks pose a severe menace to the “fragile system behind the country’s information infrastructure.” The president says, “America’s economic prosperity in the 21st century will depend on cyber security.” This is not some hypothetical danger, they point out, but a war that has been joined already. No less a digital dominator than Google has felt the need to enlist the National Security Agency to help it ward off Chinese hackers.
And yet our networked sky has not fallen.
No electronic mischief has sunk Wall Street’s computers. No Internet sabotage has stilled our power plants. No illicit flip-switching in Beijing has released torrents from our dams.
“There’s a little more Hollywood in some of these dire scenarios than reality,” said John Pike, the chief defense analyst at GlobalSecurity.org.
“That said,” he continued, “I like to hope that someone is looking at air traffic control and other things that get scary when someone starts messing around with the controls.” Indeed, the professionals who puzzle over and prioritize the hazards to national security don’t dismiss the potential of cyber warfare.
They also agree that keeping terrorists out of motherboards will require diligence from government and industry, that it will demand more money from taxpayers and consumers.
What remains less clear, or at least in debate, is whether worries about cyber terror resonate more like Chicken Little or Paul Revere.
“This is a lot of hype,” said Owen Cote, the associate director of the security studies program at the Massachusetts Institute of Technology.
He sees competing agencies trying to outdo each other in their alarms amid competition to seize control of the responsibility, and the funding, of America’s cyber defenses.
At the same time, many warn that a nearly invisible cyber arms race already is under way. It’s a war with many fronts. Rival governments are trying to outsmart and outmuscle each other’s network defenses. Criminals have employed hacking as a way to steal and extort. Terrorist groups use the Internet to plan and organize, and spy agencies use it to monitor and quash those Web-based maneuvers.
“Global digital warfare is expected to intensify in the near future,” said a report from the Jamestown Foundation, a national security think tank.
That report played out a growing virtual arms war between the United States and China over which country could develop the power to keep hackers at bay from its networks while building the tools to foul the other’s electronic webs in some future conflict.
China, said the Jamestown analysis, “is devoting unprecedented resources to strengthening its already formidable cyber warfare prowess.” It cites two reasons.
First, a simple desire to keep pace with what Beijing perceives as Washington’s push to dominate cyber battlefields of the near future.
Second, China has problems of its own. Besides what it sees as anti-Chinese propaganda from the West — information that it has been roundly criticized for censoring — some 40,000-plus Web sites in the country were crashed in 2009 and 18 million of its computers were rendered useless by viruses.
“The Internet,” said a top official in Beijing,” has become a major vehicle through which anti-China forces are perpetrating their work of infiltration and sabotage.” American officials speak in the same strong terms. One estimate suggests hackers attempt to penetrate Defense Department computers 300 million times a day. A single hack into a NASA computer cost $1.5 million. Losses to American banks through the penetration of their computers are estimated in the billions of dollars.
The Pentagon has added more than $100 million for cyber security in its next budget, and a turf war has broken out between the Defense Department and the NSA over who ultimately will oversee the country’s electronic defenses.
“Cyber defenders right now have to spend more and work harder than the attackers do,” Dennis Blair, the director of national intelligence, told a congressional committee recently. “And our efforts, frankly, are not strong enough to … deal with that reality.” In the report it prepares every four years on defense priorities, the Pentagon concluded that U.S. government and corporate “networks are infiltrated daily by a myriad of sources … ranging from small groups of individuals to some of the largest countries in the world.” Deputy Defense Secretary William Lynn said late last year, “The consequences for our military, and indeed for our whole national security, could be dire.” The United States almost certainly is designing its own cyber weapons. A recent survey of 600 information technology executives from 14 countries ranked the United States just ahead of China as the country with the greatest ability to launch cyber attacks.
Analysts say they assume that there are regular debates whether to knock down violent Islamist Web sites or to instead watch them to gain intelligence about an elusive foe.
“You always have the question of when do you use the capability,” said Clifford Neuman, the director of the University of Southern California Center for Computer Systems Security. “The answer is never simple.” Others even equate the escalating stakes to those at play between the United States and the Soviet Union in the early years of the Cold War. Surely, mounting cases hint heavily at damaging electronic subterfuge with geopolitical overtones.
The Web site of the Russian newspaper Novaya Gazeta came back to life this month after what its editor described as a “well-organized and powerful” attack. The paper is a bold critic of the Moscow government.
Search giant Google began talking last month about pulling out of China — the surrender of a gargantuan market over angry accusations that Beijing pilfered software code and snooped on the Gmail accounts of dissidents.
A few months before, that same Chinese government cracked down on a hacking academy that advertised “guaranteed successful attack tools.” The school had 12,000 subscribers, and 170,000 people took its online courses before the November shutdown.
Attacks on computer networks of South Korean government agencies and the Pentagon last summer were widely, but inconclusively, blamed on North Korea.
The year before, corporate and government Web sites in the former Soviet republic of Georgia were traced to Moscow.
The year before that, Estonian networks were hit in a similarly suspicious way.
Those incidents have given rise to fearful scenarios: –Assaults on cell phone networks would do more than frustrate text-mad teenagers. Increasingly more commerce communication is going mobile, and it’s easy to picture a not-too-distant future when the Internet is delivered as much by wireless smartphone or iPad as any other means.
–Power grids already go brown and even black from their own internal weaknesses. Certainly a successful attack on a heavily populated area could create a great hardship and even trigger civil unrest.
The difficulty would be in infiltrating systems with deliberate redundancies and with built-in mechanisms intended — although hardly foolproof — to minimize the chances of outages rippling across the map.
–About 7,000 planes are in the air over the United States at any given time. Imagine if the air traffic controllers who keep them from colliding or touching down on the same runways suddenly lost contact.
But the Federal Aviation Administration has designed backup systems, and some analysts say the very absence of a successful terrorist hack on such an obvious target may speak to the agency’s defenses.
–Except perhaps for day laborers and a few others who take a day’s pay in cash, all our financial assets are really just a series of ones and zeros in computer banks. What better way to send America into crisis than clever software that tosses our accounts into chaos? Experts say it’s already happening — that banks are regularly hacked and write off their losses as the cost of doing business.
The head of Britain’s top investigative agency recently warned companies negotiating in China to assume that hacking likely has revealed their bottom lines to the folks on the other side of the bargaining table. That very perception could undercut China’s trade with the West.
Antivirus maker McAfee Inc. has estimated that in 2008 companies lost at least $1 trillion worldwide in intellectual property to hackers.
“A group of hackers turning the United States into a Third World economy? That’s nonsense. But we’re already paying for this,” said James Lewis, a security researcher at the Center for Strategic and International Studies. “The question is how you get people to take more precautions. No one’s saying there’s a silver bullet out there to stop this.” Indeed, it’s generally assumed that everyone will have to pay more — either as a consequence of hacks or the sustained efforts to ward them off.
“This is a total system problem. You can’t trust all of the hardware. You can’t trust the software. You can’t trust the communications. And you can’t always trust the people working for you,” said Peter Neumann, the principal scientist at the digitally oriented think tank SRI International. “If there’s one weak link, that’s all it takes. A few weak links can completely undo you.” Cote, the MIT defense analyst, concedes that hackers can do real damage.
Still, he finds it hard to imagine the sort of attack that could bring a superpower to its knees.
Consider the U.S. military’s Secret Internet Protocol Router Network, or SIPRNet. It’s like the Internet, but you can’t get there from here. It’s a physically separate system with strict rules that prohibit so much as a memory stick going from one of its computers to a private laptop. Experts call that “putting air” between networks.
“A tried and true axiom of American politics is that if you have a collective problem,” Cote said, “you have to scare people into taking action.” To reach Scott Canon, call 816-234-4754 or send e-mail to scanon@kcstar.com.
Feb 11
Times EnemyChina, security China, insecure news, politics
China Risks Backlash With Iran Sanction Refusal
Thursday, February 11, 2010
BEIJING — China’s refusal to sign on to new sanctions against Iran risks prompting a backlash affecting its increasingly complex interests abroad, experts say.
Recent remarks by President Barack Obama citing China’s opposition, and unusually tough talk from Russia — long a sanctions skeptic — has spotlighted Beijing’s refusal to back such steps as a way of pressuring Iran over its nuclear program.
Nikolai Patrushev, the chief of Russia’s Security Council, said Tuesday that Iran’s recent actions “have raised doubts among other nations, and these doubts are quite well-founded.” His comments appeared to indicate that Russia is increasingly warming up to the U.S. sanctions push.
The U.S. and France said Iran’s announcement that it would enrich uranium to 20 percent left no choice but to push harder for a fourth set of U.N. Security Council sanctions to punish Iran’s nuclear defiance. Iran said Tuesday it had started enrichment under U.N. supervision.
However, China — which relies on Iran for energy supplies — maintains that now isn’t the right time to discuss such measures and that the door to negotiations with Tehran remains open. As a permanent member of the Security Council, along with the U.S., Russia, Britain and France, China is in a position to veto any new measures.
The opposition is part of an increasingly assertive — even aggressive — Chinese diplomacy that is drawing growing concern from Washington and in Europe.
Among steps taken, Beijing this month threatened to withhold cooperation on international issues of concern to the U.S. in retaliation over Washington’s approval of a $6.4 billion arms sale to Taiwan, the self-governing island that China considers a part of its territory.
Western analysts warn, however, that such a stance risks denting China’s international reputation, damaging relations with the European Union, and triggering muscular reprisals from Washington, for whom the Middle East is a foreign policy linchpin.
Among possible responses, Washington could decide to sell Taiwan even more weaponry, such as fighter aircraft that the island has requested, wrote Ralph Ralph Cossa, president of the Pacific Forum CSIS think tank, in a a recent foreign policy brief
Meanwhile, Washington could dial back its willingness to ensure Chinese interests in Iraqi oil contracts and Afghan copper mining if Beijing is seen as obstructing U.S. efforts on the crucial Middle Eastern diplomatic landscape, said Georgia Tech expert John Garver.
“How can Beijing expect the U.S. to respect China’s interests, when Beijing violates U.S. vital interests?” Garver said.
World powers fear the Iranian nuclear program might be a cover for building atomic weapons. Iran says the program is peaceful and aims to generate power for its growing population.
Conflict over Iran would almost certainly send world oil prices soaring, inflicting pain on China’s economy at a time when the government is spending hundreds of billions of dollars to stimulate growth. If the U.S. and others were to deploy sanctions on their own, Chinese companies that deal with Iran could find themselves barred from business in other nations.
China depends on oil- and gas-rich Iran for 11 percent of its energy needs and last year became Tehran’s biggest trading partner, according to Iranian figures. Trade volume reached at least $36.5 billion, the Iran-China Chamber of Commerce reported, with Iran mainly importing consumer goods and machinery from China and exporting oil, gas, and petrochemicals.
Chinese companies also have major investments in Iranian energy extraction and the construction of roads, bridges and power plants.
Beijing’s main concern over sanctions is that they will go too far, ultimately harming those economic ties, said Yin Gang, an expert on Iran at the Chinese Academy of Social Sciences.
“China has economic and trade relations with Iran, so it’s natural that China would not want to see regional security and its own national interests affected due to excessive sanctions,” Yin said.
In addition, Beijing believes past measures to punish Iran have been largely ineffective, said retired diplomat Hua Liming.
“China and the international community have all seen that the sanctions have not changed Iran’s decision to carry on the nuclear program,” Hua said.
“On the contrary, sanctions will take the already complex and tense situation in the Middle East to a more dangerous stage, which is something China does not wish to see,” he said.
Feb 10
Times Enemysecurity insecure news
Hacker ‘Mudge’ gets DARPA job
February 10, 2010 4:00 AM PST
by Elinor Mill
Peiter Zatko–a respected hacker known as “Mudge”–has been tapped to be a program manager at DARPA, where he will be in charge of funding research designed to help give the U.S. government tools needed to protect against cyberattacks, CNET has learned.
Zatko will become a program manager in mid-March within the Strategic Technologies Office at DARPA (Defense Advanced Research Projects Agency), which is the research and development office for the Department of Defense. His focus will be cybersecurity, he said in an interview with CNET on Tuesday.
One of his main goals will be to fund researchers at hacker spaces, start-ups, and boutiques who are most likely to develop technologies that can leapfrog what comes out of large corporations. “I want revolutionary changes. I don’t want evolutionary ones,” he said.
He’s also hoping that giving a big push to research and development will do more to advance the progress of cybersecurity than public policy decisions have been able to do over the past few decades.
“Not much has changed” with regard to strengthening the U.S. cybersecurity position, he said. “As a society, we have a larger dependence on being wired in, yet the government only focuses on particular areas.”
The connectedness of commercial, government, and military networks makes the situation even more dire, he said. “I’m going to argue that they’re all pretty much intertwined now and we’ve seen how vulnerable some of those sectors are now. That’s unacceptable,” Zatko said. “I aim to fix that.”
The current state of technology isn’t working adequately, for the government or commercial companies, he said. For instance, the current defense mechanisms need to change so they can block attacks, instead of responding to them, he added.
“I don’t want people to be putting out virus signatures after a virus has come out,” he said. “I want an active defense. I want to be at the sharp pointy end of the stick.”
Zatko cut his security chops as a teen-age hacker in the 1980s and managed to stay one step ahead of the law. He ran the L0pht hacker space during the 1990s, where he invented anti-sniffing technology that became the first remote promiscuous system detector used by the Defense Department. He also pioneered work on buffer overflows, which are a basis for many computer network attacks.
“L0pht turned the industry on its head,” he said. “You didn’t have security response teams at major organizations like Microsoft or Intel until we came along.”
He started the corporate information security group at BBN Technologies in the 1990s, was chief executive at L0pht Heavy Industries when the hacker space decided to incorporate, and founded security consultancy @Stake, which was later acquired by Symantec. Since 2004, he’s been back at BBN, working as division scientist and technical director for the company’s National Intelligence Research and Applications department.
Zatko has also done his fair share of work for the government. He was appointed to the Information Assurance sub-committee out of the Executive Office of the President, named as a subcommittee member to the Partnership for Critical Infrastructure Protection and testified several times before Congressional committees. The main hacker character in the book Breakpoint by former U.S. cybersecurity guru Richard Clarke is believed to be based on him.
He’s not the only self-described hacker to embrace public service. Jeff Moss, founder of the Black Hat and Defcon conferences, joined the Homeland Security Advisory Council last summer.
One of the reasons Zatko decided to take the job is that the new DARPA director, Regina Dugan, is entrepreneurial and is looking to engage more with academics, following years of DARPA being closed to nongovernmental researchers for national security reasons, he said. “Now they are running more programs out of DARPA that are not classified beyond what they need to be, so it will enable more people to have visibility into them,” he added.
Another lure of the job was the budget he will have. Zatko said he doesn’t know exactly how much of the $3.5 billion a year DARPA spends to fund research he will oversee but said it’s likely to be a “good chunk.”
From his many years doing penetration testing and working to break security systems, he understands what it takes to try to defend networks and how to come up with innovative solutions to break through barriers and get around obstructions.
“I’ve got a track record of doing novel things on both the offense and defense side,” he said. “In the commercial world I wasn’t able to take those to fruition because often the market drivers and the money drivers were at odds. You don’t want to put yourself out of business. But now, I want to put myself out of business.”
Feb 10
Times EnemyChina, security China, insecure news, ISN
‘Aurora’ Attacks Still Under Way, Investigators Closing In On Malware Creators
Researchers find ‘markers’ associated with authors of Aurora malware used in attacks against Google, others
Feb 10, 2010 | 02:27 PM
By Kelly Jackson Higgins
DarkReading
The targeted attacks that hit Google, Adobe, and other U.S. organizations are still ongoing and have affected many more companies than the original 20 to 30 or so reported by Google and others.
Security experts who have worked on forensics investigations and cleanup of the victim organizations from the attacks that originated out of China say they are also getting closer to identifying the author or authors of the malware used to breach Google and others.
“The attack called Operation Aurora is larger than just [the attacks acknowledged at the] 30 companies. That attack is still in operation and is much larger,” says Greg Hoglund, founder and CEO of HBGary, which today published a report on Operation Aurora that recaps where things stand with the investigation.
He and other forensics firms say they have no direct evidence implicating the Chinese government in the Aurora attacks, but that doesn’t mean other investigators or officials have it and just aren’t sharing it publicly, Hoglund says. HBGary has found trails left behind in the Aurora code by its creators that are “very specific to the developer who compiled the malware,” Hoglund says, and it has Chinese language ties.
HBGary has identified registry keys, IP addresses, suspicious runtime behavior, and other data about the Aurora malware and its origins using the firm’s latest analysis tool, he says.
Hoglund says HBGary was able to identify “markers” specific to the way the Aurora developer wrote the malware. But he says his firm did not include this in its new report. “This is not in the report because we don’t want him to know what we know about his coding,” he says. “[It] is algorithmic in nature.”
The Aurora “knock-off” malware based on the publicly released Aurora IE exploit and Metasploit’s Aurora exploit wouldn’t carry these markers, he says, so investigators would be able to identify whether it was from the same attacker or attackers that hit Google, Adobe, and others.
“We’re really just getting started in tracing him,” Hoglund says.
Kevin Mandia, CEO of forensics firm Mandiant, also says his firm’s investigators are getting close to exposing the creators of the Operation Aurora malware. “We feel like we know a couple of them in their coding — we recognize their trademarks … down to the person.”
Mandiant, which has been in the business of investigating these targeted, persistent attacks — also known as advanced persistent threats (APTs) — has seen the handiwork of these groups of attackers before. “The groups behind these [Aurora] attacks have hacked hundreds of companies” in previous targeted attacks, Mandia says. “At one time we saw over 200 victim [organizations hit by targeted attacks],” he says.
He says attacks that steal intellectual property typically funnel the goods via IP addresses based in China. But Mandia says he doesn’t know if the Chinese government is involved in the recent attacks or other APT attacks, though some trends with these attacks raise questions. “We see patterns that just make us curious. If you’re doing merger and acquisition work in China, you’re targeted,” Mandia says. “We’ve seen when we respond to client sites [that were attacked] a lot of legal counsel, external counsel, and C-level executives [targeted] in M&A with China.”
Meanwhile, HBGary today released a free tool for downloading that scans and removes the Aurora malware from Windows machines. Hoglund calls it an “inoculation shot.”
Still, Hoglund and other security experts note that the attackers didn’t use only the Internet Explorer 6 exploit. One source with knowledge of the attacks says the attackers aren’t using just phishing emails to deliver their exploits, either. “I know they are not” relying on just the IE exploit via email, the source says.
About 80 percent of APT attacks use custom malware, Mandia says. “We recently took over 1,800 programs we’ve collected since 2008 that are all part of APT … and ran it through AV, and only 24 percent of the malware triggered antivirus,” he says. “Over a year ago, none of it was triggering AV.”
Mandia says that while some Aurora and other APT victims continue to be hammered by attackers sending new malware variants to the already-infected machines, these types of targeted attacks aren’t letting up. “There’s just another patch of victims somewhere else now,” Mandia says.
“Aurora is a wake-up call,” says Peter Schlampp, vice president of marketing and product management for forensics firm Solera Networks. “Companies are waking up to the fact that they’ve under-invested in the area of security around surveillance and monitoring and forensics to get to the bottom of what happened.”
Feb 08
Times Enemysecurity China, insecure news, politics
China Flag Patch
The poor souls at Black Hawk Safety Net had to be in the Chinese radar at a time when China needs to act tough. I say “act,” because that is pretty much what China is doing. Again, anyone who has been keeping an eye on China’s forays into cyberwarfare activities can easily spot this pathetic tough-guy stance China seems to be taking. From my perspective this is politics, smoke and mirrors.
Fast Company mentions if this one site has such a huge audience that there must be other sites like it still in operation. As ironic as it may seem, some quick Google searches will sift some of these out.
If you are bored, it is sometimes fun to read DNS records and the likes … 3800cc.com.
China is going to continue to act like the little kid who knows they were caught doing something wrong but is hoping they can fake it long enough for people believe their innocence. Which is to say, publicly, China will be in forced denial, an all too common tactic used in international relations.
A question which has been bouncing around my head is why is the media so surprised by this whole Google-China deal? This level of ignorance reminds me of nearly a decade ago when the American public was surprised by the terrorist attacks of September 11th.
Feb 04
Times EnemyChina, news, security China, insecure news, news, Taiwan
Google Asks Spy Agency for Help With Inquiry Into Cyberattacks
By JOHN MARKOFF
Published: February 4, 2010
SAN FRANCISCO — Google has turned to the National Security Agency for technical assistance to learn more about the computer network attackers who breached the company’s cybersecurity defenses last year, a person with direct knowledge of the agreement said Thursday.
The collaboration between Google, the world’s largest search engine company, and the federal agency in charge of global electronic surveillance raises both civil liberties issues and new questions about how much Google knew about the electronic thefts it experienced when it stated last month that it might end its business operations in China, where it said the attacks originated. The agreement was first reported on Wednesday evening by The Washington Post.
By turning to the N.S.A., which has no statutory authority to investigate domestic criminal acts, instead of the Department of Homeland Security, which does have such authority, Google is clearly seeking to avoid having its search engine, e-mail and other Web services regulated as part of the nation’s “critical infrastructure.”
The United States government has become increasingly concerned about the computer risks confronting energy and water distribution systems and financial and communications networks. Systems designated as critical infrastructure are increasingly being held to tighter regulatory standards.
On Jan. 12, Google announced a “new approach to China,” stating that the attacks were “highly sophisticated” and came from China. At the time, it gave few details about the attacks other than to say that a theft of its intellectual property had occurred and that a primary goal of the attackers had been to gain access to the Gmail accounts of Chinese human rights activists.
In reaching out to the N.S.A., which has extensive abilities to monitor global Internet traffic, the company may have been hoping to gain more certainty about the identity of the attackers. A number of computer security consultants who worked with other companies that experienced attacks similar to those of Google have stated that the surveillance system was controlled from a series of compromised server computers based in Taiwan. It is not clear how Google determined that the attacks originated in China.
A Google spokeswoman said the company was declining to comment on the case beyond what it published last month. An N.S.A. spokeswoman said, “N.S.A. is not able to comment on specific relationships we may or may not have with U.S. companies,” but added, the agency worked with “a broad range of commercial partners” to ensure security of information systems.
The agency’s responsibility to secure the government’s computer networks almost certainly was another reason Google turned to it, said a former federal computer security specialist.
“This is the other side of N.S.A. — this is the security service that does defensive measures,” said the specialist, James A. Lewis, a director at the Center for Strategic and International Studies. “It’s not unusual for people to go to N.S.A. and say ‘please take a look at my code.’ ”
The agreement will not permit the agency to have access to information belonging to Google users, but it still reopens long-standing questions about the role of the agency.
“Google and N.S.A. are entering into a secret agreement that could impact the privacy of millions of users of Google’s products and services around the world,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center, a Washington-based policy group. On Thursday, the organization filed a lawsuit against the N.S.A., calling for the release of information about the agency’s role as it was set out in National Security Presidential Directive 54/Homeland Security Presidential Directive 23 , a classified 2008 order issued by President George W. Bush dealing with cybersecurity and surveillance.
Concerns about the nation’s cybersecurity have greatly increased in the past two years. On Tuesday, Dennis C. Blair, the director of national intelligence, began his annual threat testimony before Congress by saying that the threat of a crippling attack on telecommunications and other computer networks was growing, as an increasingly sophisticated group of enemies had “severely threatened” the sometimes fragile systems behind the country’s information infrastructure.
“Malicious cyberactivity is occurring on an unprecedented scale with extraordinary sophistication,” he told the committee.
The relationship that the N.S.A. has struck with Google is known as a cooperative research and development agreement, according to a person briefed on the relationship. These were created as part of the Federal Technology Transfer Act of 1986 and are essentially a written agreement between a private company and a government agency to work together on a specific project. They are intended to help accelerate the commercialization of government-developed technology.
In addition to the N.S.A., Google has been working with the F.B.I. on the attack inquiry, but the bureau has so far declined to comment publicly or to share information about the intrusions with Congress.
Jan 31
Times EnemyChina, security China, insecure news
China bugs and burgles Britain
A restricted report by the security service MI5 describes how China has attacked UK companies in a concerted hacking campaign
David Leppard
From The Sunday Times January 31, 2010
THE security service MI5 has accused China of bugging and burgling UK business executives and setting up “honeytraps” in a bid to blackmail them into betraying sensitive commercial secrets.
A leaked MI5 document says that undercover intelligence officers from the People’s Liberation Army and the Ministry of Public Security have also approached UK businessmen at trade fairs and exhibitions with the offer of “gifts” and “lavish hospitality”.
The gifts — cameras and memory sticks — have been found to contain electronic Trojan bugs which provide the Chinese with remote access to users’ computers.
MI5 says the Chinese government “represents one of the most significant espionage threats to the UK” because of its use of these methods, as well as widespread electronic hacking.
Written by MI5’s Centre for the Protection of National Infrastructure, the 14-page “restricted” report describes how China has attacked UK defence, energy, communications and manufacturing companies in a concerted hacking campaign.
It claims China has also gone much further, targeting the computer networks and email accounts of public relations companies and international law firms. “Any UK company might be at risk if it holds information which would benefit the Chinese,” the report says.
The explicit nature of the MI5 warning is likely to strain diplomatic ties between London and Beijing. Relations between the two countries were damaged last month after China’s decision to execute a mentally ill British man for alleged drug trafficking.
Earlier this month the United States demanded that China investigate a sophisticated hacking attack on Google and a further 30 American companies from Chinese soil.
China has occasionally attempted sexual entrapment to target senior British political figures. Two years ago an aide to Gordon Brown had his BlackBerry phone stolen after being picked up by a Chinese woman who had approached him in a Shanghai hotel disco.
The report says the practice has now extended to commercial espionage. It says Chinese agents are trying to cultivate “long-term relationships” with the employees of key British companies: “An undercover intelligence officer may try to develop a friendship or business relationship, often using lavish hospitality and flattery.
“Chinese intelligence services have also been known to exploit vulnerabilities such as sexual relationships and illegal activities to pressurise individuals to co-operate with them.”
The warning to British businessmen adds: “Hotel rooms in major Chinese cities, such as Beijing and Shanghai, which are frequented by foreigners, are likely to be bugged … hotel rooms have been searched while the occupants are out of the room.”
It warns that British executives are being targeted in China and in other countries. “During conferences or visits to Chinese companies you may be given gifts such as USB devices or cameras. There have been cases where these ‘gifts’ have contained Trojan devices and other types of malware.”
China has repeatedly denied spying on Britain and the West. Its London embassy did not comment.
In 2007 Jonathan Evans, the director-general of MI5, had written privately to 300 chief executives of banks and other businesses warning them that their IT systems were under attack from “Chinese state organisations”.
There have been unconfirmed reports that China has tried to hack into computers belonging to the Foreign Office, nine other Whitehall departments and parliament.
Last year a report by Whitehall’s joint intelligence committee said China may be capable of shutting down critical services such as power, food and water supplies. But the latest document is the most comprehensive and explicit warning to be issued by the UK authorities on the new threat. Entitled The Threat from Chinese Espionage, it was circulated to hundreds of City and business leaders last year.
The growing threat from China has led Evans to complain that his agency is being forced to divert manpower and resources away from the fight against Al-Qaeda. His lobbying helped to prompt the Cabinet Office to set up the Office of Cyber Security, which will be launched in March.
Jan 29
Times Enemysecurity insecure news, power plants
A Daily Tech article reports Power Plants Report Increase of Foreign-Based Attacks.
The article is below:
Power Plants Report Increase of Foreign-Based Attacks
Michael Barkoviak – January 29, 2010 6:20 AM
Cyber attacks against power plants and other vital infrastructure may be higher than previously believed
A new study [PDF] that interviewed power plant operators and other “critical infrastructure” indicates more than 50 percent of all U.S. power plants have had to deal with an increase in cyber attacks.
Security company McAfee funded the research, speaking with 600 IT managers and executives from 14 different nations.
Around 54 percent of those interviewed said some type of network “stealthy infiltration” took place, with the same number of executives noting they faced massive denial-of-service attacks on their networks at one point in time.
The threat of cyber attacks scare most computer users to be worried about potential data and bank theft — but security experts and government analysts note cyber attacks could be a national security issue as well.
Brazil had several high-profile blackouts in late 2009, which allegedly are tied to cyber attacks against the country’s IT infrastructure. Brazilian officials denied cyber terrorism caused the outages, but it’s a major issue now that the 2016 Summer Olympic Games will be held in Rio de Janeiro.
The threat of cyber attacks are even more serious now with China, North Korea, and Russia either hiring hackers directly to launch attacks, or are funneling money to hacker groups.
These types of issues will be handled by Howard Schmidt, President Barack Obama’s hand-picked cyber czar, who will worth with security experts in an effort to keep the country safe from state-sponsored attacks.
The FBI and Secret Service also are attempting to combat cyber terrorism, especially if the attack appears to be coordinated by a foreign government.
Jan 28
Times Enemysecurity insecure news, nmap, open source, port scanning
Did I mention there was an update? Bug fixes are good, but a little annoying at times. Check out the changelog since 5.20.
To download nmap check out the same bat url.
Jan 27
Times Enemysecurity insecure news, politics, wire tapping
It is in the news today that four men entered a U.S. Federal Building with the intent to wire-tap a Democratic Senator’s telephones. I listened to the story on the radio, read several articles online, and each time the same thought has gone through my mind … proper planning prevents piss poor performance. The odd thing in this story is that one of the people involved should know better.
Here are the stories from the Wall Street Journal and The New York Times:
Wall Street Journal: Senator’s Phones Allegedly Targeted
Federal officials accused four men, including a conservative activist, of posing as telephone repairmen to tamper with phones at the New Orleans offices of Democratic Sen. Mary Landrieu.
The four men, who also included the son of an acting U.S. attorney, were arrested Monday in the Hale Boggs Federal Building in downtown New Orleans and charged with entering a federal building under false pretenses with the intent of committing a felony, according to the U.S. attorney’s office for the Eastern District of Louisiana.
One of the suspects, James O’Keefe, a 25-year-old filmmaker and conservative activist last year said his undercover videos at field offices of advocacy group Association of Community Organizations for Reform Now, or Acorn documented corruption.
The Federal Bureau of Investigation said Mr. O’Keefe, who had traveled to New Orleans and delivered a speech Thursday, admitted to helping plan and coordinate the scheme.
The other men arrested were identified as Joseph Basel, 24, Stan Dai, 24, and Robert Flanagan, 24, of New Orleans. Mr. Flanagan is the son of William J. Flanagan, the interim U.S. attorney for the Western District of Louisiana. The suspects are scheduled to appear in federal court in New Orleans on Feb. 12.
Each of the men was released Tuesday on $10,000 bond. Mr. Flanagan’s attorney, J. Garrison Jordan, said his client exercised “poor judgment.” “I don’t think he intended to commit a crime. I think he just got caught up in this stunt,” Mr. Jordan said. “They are all in their young 20s, highly educated, never been in trouble with the law before. It’s out of character for my client.”
Attorney Edward Castaing, who represented Messrs. O’Keefe, Basel and Dai at the bond hearing, declined to comment on the charges. “We will investigate the allegations,” he said.
Late Monday morning, according to an FBI affidavit, Messrs. Flanagan and Basel, dressed in blue work shirts, fluorescent green vests and construction hard hats, entered Sen. Landrieu’s offices and told a staffer they had come to fix the phone lines. By then, Mr. O’Keefe already had arrived at the offices, according to the FBI.
After Mr. Basel examined a phone in the office, he asked for access to the phone closet to work further, the FBI said. The men were sent to a federal General Services Administration office elsewhere in the building, where they were asked to produce identification. They said they left it in their vehicle, according to the affidavit.
They were arrested shortly thereafter by federal marshals. The U.S. attorney’s office didn’t say why the men allegedly sought to tamper with the phone lines. Authorities didn’t specify Mr. Dai’s alleged role but said he also helped conceive and execute the plan.
“This is a very unusual situation and somewhat unsettling for me and my staff,” “I am as interested as everyone else about their motives and purpose, which I hope will become clear as the investigation moves forward,” Ms. Landrieu said in a statement.
Mr. Jordan said Mr. Flanagan works at the nonprofit advocacy group Pelican Institute in New Orleans. Last Thursday, the Pelican Institute hosted an event with Mr. O’Keefe as the featured speaker. His topic was Exposing Truth: Undercover Video, New Media and Creativity, according to the Pelican Institute’s Web site. The organization didn’t return calls seeking comment.In Mr. O’Keefe’s videos at Acorn offices, he and a partner, Hannah Giles, posed as a pimp and a prostitute, respectively, and secretly recorded receiving financial advice from Acorn workers about starting a brothel. Acorn spokesman Kevin Whalen said Mr. O’Keefe’s arrest provided “further evidence of his disregard for the law in pursuit of his extremist agenda.”
Write to Corey Dade at corey.dade@wsj.com
The New York Times: 4 Arrested in Phone Tampering at Landrieu Office
Published: January 26, 2010
NEW ORLEANS — Federal officials charged four men on Tuesday with plotting to tamper with the telephone system in the New Orleans office of Senator Mary Landrieu, Democrat of Louisiana. One of the men was a conservative activist who gained fame last year by secretly recording members of the community group Acorn giving him advice on how to set up a brothel.
All four of the men arrested Monday in New Orleans, each in his mid-20s, were charged with entering federal property under false pretenses with the intent of committing a felony, according to the United States Attorney’s Office for the Eastern District of Louisiana. They appeared in court on Tuesday, and a preliminary hearing was scheduled for Feb. 12.
If convicted, the four would face sentences ranging from a fine to 10 years in prison.
The political activist was James O’Keefe, 25, who has gained renown in conservative circles by poking fun at the left through pranks and undercover video. In the Acorn videos, Mr. O’Keefe and an associate, Hannah Giles, posing as a pimp and a prostitute, secretly filmed themselves seeking and receiving financial advice for a brothel from Acorn workers.
The film damaged Acorn’s reputation, and prompted a move by Congress to cut off some of its federal money. The group has sued Mr. O’Keefe and Ms. Giles, saying the secret recordings were illegal, and late Tuesday, Acorn’s chief executive, Bertha Lewis, said the arrest was further evidence of Mr. O’Keefe’s “disregard for the law in pursuit of his extremist agenda.”
The other men arrested were Joseph Basel, 24; Robert Flanagan, 24; and Stan Dai, 24, federal officials said. Mr. Flanagan is the son of William Flanagan, the interim United States attorney for the Western District of Louisiana.
It was not clear precisely what the men were trying to do in Ms. Landrieu’s office, or what kind of information they were trying to gather. But an affidavit signed by Steven Rayes, a special agent for the F.B.I., detailed parts of the operation, which began about 11 a.m. on Monday. Mr. Basel and Mr. Flanagan entered the building dressed in “blue denim pants, blue work shirts, light green fluorescent vests, tool belts, and construction-style hard hats.”
They said they were there to do repair work on the telephone system, and later claimed they had left their identification in their car.
Mr. O’Keefe was already inside the building and told a person at the office that he was waiting for someone to arrive, according to the complaint. It said he was “holding a cellular phone so as to record” video images of Mr. Basel and Mr. Flanagan.
Mr. Basel picked up the handset of the main telephone at the reception desk and both he and Mr. Flanagan tried — or pretended to try — to call it with their cellphones. Saying that they could not complete the calls, they asked to be directed to the telephone closet, so they could work on the building’s telephone system.
Shortly afterward, they were arrested by United States marshals.
The affidavit did not accuse the men of trying to tap the phones, or describe in detail what they did to the equipment.
“There is no wiretap allegation,” said J. Garrison Jordan, the lawyer who represented Mr. Flanagan at a bond hearing, where the men were all released on $10,000 bonds. He declined to give specifics, saying he had not had much time to talk with Mr. Flanagan.
“In general terms,” Mr. Jordan said, “I think it was a bad stunt that they pulled, and they exercised very poor judgment.”
Eddie Castaing, a lawyer representing the three others, also said he had had little time to talk with his clients and knew little more than what was in the complaint. Mr. Basel is from Minnesota, and Mr. Dai from Virginia.
“The truth shall set me free,” Mr. O’Keefe told reporters as he left jail.
Reached by telephone, his father, James O’Keefe Jr., of Westwood, N.J., said he did not know the facts of the case.
“He is an outstanding young man doing investigative journalism,” Mr. O’Keefe said of his son. “He studies a different form of journalism, and he pushes the limits a bit. What they were up to, I have no idea.”
Mr. O’Keefe had been in New Orleans last Thursday to give a speech for the Pelican Institute for Public Policy, a libertarian research organization. The topic of the speech was “Exposing Truth: Undercover Video, New Media and Creativity.”
Mr. Jordan said he understood that Mr. Flanagan worked for the Pelican Institute. He has written several articles critical of Ms. Landrieu for the online newsletter of the Pelican Institute. E-mail messages and phone calls to Pelican Institute staff members were not returned.
Ms. Landrieu issued a statement saying that the situation was “somewhat unsettling” for her and that she looked forward to learning the men’s motives.
Mr. O’Keefe’s Acorn videos won credit from several quarters for drawing attention to long-held conservative suspicions about the group, and conservatives praised him as catching many news organizations asleep on a major story. “I thought the set of capers regarding Acorn was a kind of ‘60 Minutes’ undercover-exposé — going where ‘60 Minutes’ fears to tread,” said Scott W. Johnson, a co-founder of the conservative Power Line blog, which frequently carried posts lauding Mr. O’Keefe and Ms. Giles.
Speaking of Mr. O’Keefe’s arrest, Mr. Johnson said, “It sounds like it was another kind of journalism project, maybe a misguided one — I’m open minded — but there’s so little information it’s impossible to say anything intelligent about it.”
In September, Richard W. Rahn, a senior fellow at the Cato Institute, wrote a column in The Washington Times hailing Mr. O’Keefe and Ms. Giles as technologically savvy, “smart amateurs” who “with courage and good judgment are becoming effective investigative journalists.”
Mr. Rahn said Tuesday that he did not have enough information on Mr. O’Keefe’s arrest to offer a different assessment.
Jim Rutenberg contributed reporting from New York.
A version of this article appeared in print on January 27, 2010, on page A12 of the New York edition.
Older Entries
RSS