For about 18 minutes in April, a Chinese telecommunications company hijacked 15 percent of the Internet, redirecting U.S. government and military traffic through Chinese servers. The misdirection affected NASA, all four branches of the military, the office of the Secretary of Defense and the U.S. Senate.
We don't yet know what this means — the U.S.-China Economic and Security Review Commission, which released report on the incident today, says it is unclear whether it was intentional or just an accident — but at the very least, it's one more piece of disturbing evidence showing the U.S. is vulnerable to cyberattack.
The hijacking was reported when it first happened, but this is the first acknowledgement that American government sites were affected. Along with the military and organizations like NASA and NOAA, the redirect affected commercial websites like Dell, Yahoo, Microsoft and IBM, according to ABC News, which broke the story this morning.
It's not clear what happened to the data once it was rerouted through China Telecom, which is denying any hijack of Internet traffic. It could have been a pure technical error that "advertised erroneous network traffic routes that instructed U.S. and other foreign Internet traffic to travel through Chinese servers," as the report puts it.
Whether or not this was an innocent mistake, it's clear the capability to reroute huge streams of data could enable malicious activities. Given Chinese entities' Internet history, this is not good news. Remember last January's attack on Google, intended to get human rights activists' e-mail addresses?
From the report: "This level of access could enable surveillance of specific users or sites. It could disrupt a data transaction and prevent a user from establishing a connection with a site. It could even allow a diversion of data to somewhere that the user did not intend."
Government officials are claiming their traffic was encrypted. so they have nothing to fear. But when members of Congress are "100 percent certain" the U.S. will suffer a cyberattack, incidents like this should sound the alarm.
I am not surprised that China did this...intentionally or not, be certain the 'party heads' are looking at it closely. What I am surprised at is that DOD and SecDef were affected, one would think that they would be a bit more secure than to allow this sort "flip of a switch" occurance reroute thier traffic.
I would imagine events like this happen quite often, even if they are not of this magnatiude. All it takes is a little bit of misconfiguration to botch provider's routing tables and route traffic to an unitended autonomous system.
"The present is theirs; the future, for which I really worked, is mine." -- Nikola Tesla
Our entire countries' internet, including government, miltary, financial institutions, power companies, are so much more unsecure than most people realize, it is scary.
There are countries out there such as China and North Korea, that take kids with the right aptitude and assign them to schools that specialize in computer hacking and that is there full time career for the rest of there lives.
The damage they could do to us and others if they choose is devastating. In many cases there is very little we could even do about it but do our best to repair the damage it causes if possible. Think nuclear power stations, wiping out Wall Street computers, or disabling military satelites that control all of the UAVs we have in the air etc...
Check out a book called "Cyber War" by Richard A. Clark.
It is a scary eye opener.
People need to inform themselves and speak about this to
their friends to help bring this issue to the fore front
and make it a higher priority for congress to attempt to tackle.
18 minutes of encrypted government data "almost" no matter the encryption, i would bet that china's new supercomputer wouldn't take too long to crack through brute force.
So basically, there are security holes in the router software to allow them to be reconfigured from a non-trusted (non-owner) source to direct traffic.
Eh, it was bound to happen.
If Russia did this..... Well, there wouldn't be a Russia right now would there.
This is down right scary. If they had 18 min to poke around in our milatry site who knows what kind of information they had in there, encrypted or not I'm sure they could copy, record, store that info for later code crackers to hack through. How does this happen without our govt knowing ? How do we stop this from happening again ? Please comment.
We need to ask Al Gore to invent a more secure Internet :).
Trust me, this "didn't happen without the government knowing."
Think, if China has the capacity to do this, I'm pretty damn sure that WE have the capacity to notice and track exactly what happened.
Also, there are FIVE branches of U.S. Military, not four. That's not a matter of opinion, that's a matter of fact.
And you people honestly think the government is going to provide all the details to Popsci.com??? If National Security is at risk, I highly doubt the government is going to peddle information to some gossip-hungry internet reporter.
I know our government has messed up, and has messed up BIG, but show a little more faith. It's not like they're tapping into your phones or reading your email (though it's a sobering thought to remember that they very well COULD).
Furthermore, the important stuff running through US Military and government lines is MUCH more secure than civilians give it credit for.
I agree with shadowsurfer...
Come on people we aren't talking about home network here, this is the US government. And I'm pretty sure the US government has been poking around Chinese and other countries' servers for a while now without THEM knowing it. Everyone is just finally catching up.
Hmmm....essentially, there are security holes in the router software to allow them to be reconfigured from a non-trusted (non-owner) source to direct traffic. Cheers, Noak from http://ukashbingosites.co.uk/
Hmm, remember that mysterious missle launch? It was the Chinese. Now, they're stealing government and militry information.
Time to fire up the nukes.
The Internet wasn't designed to be a secure messaging format--it was designed as a network that could survive a nuclear attack from the USSR.
As such, it has MANY security vulnerabilities in it's very architecture.
Here's the other problem to consider...
Let's say you were a private company that used the Internet for your business, and let's say you encrypted all of the traffic sent across the Internet with the most advanced encryption algorithms known to man at this point.
Sounds great, right? That means China can't just steal our data and make sense of it--but it also means the U.S. gov't can't intercept and make sense of terrorist communications (or at even alleged terrorists).
I think since an encrypted Internet would make spying on non-gov't entities so difficult for govt's, you'll never see the day when the Internet is "secure".
Currently the US military uses the internet to transfer classified information over their SIPRNET. They rely on cryptography equipment at both ends of the transfer to keep the information secret. An encrypted packet is treated the same as any other packet of information traveling over the net. Even using their supercomputers, the Chinese could not crack the encryption within our lifetime using brute force methods. However, if the Chinese had a US military crypto device and the crypto key for that month they would have access to all the data. But keep in mind, that this is just the information that happens to be flowing over the SIRPNET during those 15 minutes. Most of that information will be just fluff from classified web pages and not contain any secrets.
So really, the Chinese could get their hands on this encrypted data through other means, with less effort and without drawing so much attention to their activities. The real problem here is the threat of sabotage, not espionage. And now that this vulnerability has been identified, it will be fixed.
Unfortunately our government didn’t know and doesn’t have the capacity to do anything about it. Why you as (not because the rent is to dam hi) because we have dumbed down as a nation and pretty much branded anyone that new anything about computers a nerd so people stopped learning. Yea were officially SOL in the USA.
Unfortunately our government didn’t know and doesn’t have the capacity to do anything about it. Why you ask? (not because the rent is to dam hi) Because we have dumbed down as a nation and pretty much branded anyone that new anything about computers a nerd so people stopped learning. Yea were officially SOL in the USA.
Block em all. Block those IPs showing next to red flag.
Bingo- in my experience as a DHS government employee, SIPRNET has been incredibly reliable, as has the government's intranet (as opposed to inTERnet) for keeping information secure. Not to say anything is infallible, as military digital communications are under constant cyberattack, but SIPRNET is still a far cry from being "hackable."
I'm pretty sure the government and military knew about it when it happened. I'm also pretty sure that we have the capacity to handle it next time it happens, IF it happens, though I'm not at liberty to discuss the exact means.
As for "nerdiness," I hate to say it, but I think that's a pretty lame excuse for the decline of computer-age literacy. Just about every girl I've met owns a Macbook, and all the guys I know have gaming laptops. And nearly EVERYBODY I know uses a smartphone, be it iPhone or an Android phone.
It has nothing to do with lack of interest. It has to do with a difficult to obtain education in some cases, and a lack of talent in others. People will stick to what they're good at. Not that many people are computer wizards. The "nerd" population has always been small, and will continue to be. That's part of what makes them the 31337.
Honestly??? WTF is the USA doing?! This is not a game, China is not some friendly nation that wants to help us. If they are hacking our stuff, they are obviously hostile. WHY AREN'T WE COUNTERING??? I simply don't understand how China supposedly has all of these computer geniuses when they haven't even made any significant advances to computing at all. We have microsoft, apple, (microsoft for god's sake! Shut down all the illegal copies of windows in China, that'll send em running.). Why are we incompetent here, we should have no problem with fending off cyber attacks. We already have the most advanced military, but that means absolutely nothing if all of the computer systems are knocked out, which China is already getting a feel for how to do. My god, it just goes on and on, China has already stolen some of our nuclear secrets. When does the ignorance end?!!!!!!!
I think you have us all wondering that as well, ahron11.
Cyberwarfare is a completely new paradigm. We need to put as much resources, money and effort as we did during the cold war, or we will be at the mercy of our enemies.
I wanted to add this:
Isn't it ironic that the very system designed to survive a nuclear attack during the cold war is now *THE* new battlefield of the twenty first century?
"The real problem here is the threat of sabotage, not espionage. And now that this vulnerability has been identified, it will be fixed."
This vulnerability has been identified many times before and has yet to be fixed... because, well, it's basically impossible to fix unless the world decides to disconnect China from the Word Wide Web... which ain't gonna happen.
Here is the most obvious vulnerability to routing a large amount of Internet traffic through Chinese servers:
This particular vulnerability has not been exploited before; however you are right that China (government or corporate) has used other methods in the past to do this and can find other methods to accomplish this in the future. This is the nature of cyber warfare.
BTW this is taken from the article that you linked:
“Most cryptographic protocols include some form of endpoint authentication specifically to prevent MITM attacks.”
“WHY AREN'T WE COUNTERING???”
Do you really think you would you know if US government is actively engaged in cyber espionage/sabotage in China? What country in their right mind would advertise such a thing?
“I simply don't understand how China supposedly has all of these computer geniuses when they haven't even made any significant advances to computing at all.”
According to Wikipedia, the world’s fastest supercomputer is in China. Tianhe-IA (China) operates at 2.507 PFLOPS. The second fastest is the Cray Jaguar (US) operating at 1.759 PFLOPS. I would call that a significant advance.
“We have microsoft, apple, (microsoft for god's sake! Shut down all the illegal copies of windows in China, that'll send em running.).”
Microsoft is not a part of the US government and cannot be controlled as such. And I'm sure Microsoft makes quite a chunk of change in China despite piracy. But even if it would be willing to do this, Microsoft has yet been incapable of distinguishing between legal and illegal copies of windows here in the US. How is it going to accomplish this feat in China?
Nobody has said that China actually did any sort of attack when they routed all of that traffic through their servers--but they could have.
It's like when they "test fire" a missile. It's not an "attack", it's just a show of power.
The MITM attack COULD have taken place under the conditions China created with their "hijacking" though...
The quote you provide from the article is good, the 3rd party endpoint authentication is used to help prevent MITM attacks. However, if the requests for the certification authority can also be intercepted and rerouted to China, then it can be faked as well.
That's the danger with controlling such a LARGE amount of the traffic... if you set up a MITM between 2 parties on one connection--that's an accomplishment.
If you set one up between the two parties, AND between the certificate authority and the parties... then you're cracking security :D
(but it's harder since you have to control more of the network)
((this was China showing that they COULD control a big piece of the network))
I am really worried about the security effects of this ability to still internet lines just like this.
Imagine the potential of this in the hands of terrorists or enemies,
SantaPrem - freebingosite.org
And further more i really thinks that the government should keep a close eye on all those actions.
For Us security it is well important!
SantaP - (*http://freebingosite.org*)
Maybe it's a USA planned war with China?
['Paranoia self destroya'!]
Well, it seems to me that if they stole 15% of the internet by mistake (oopsie) they sure blindly picked a fantastic berry out of the basket, didn't they? Seems to me as well that having the current streams of data from so many strategic locales would allow them to climb back up the stream at some point that we might likely not discover easily, if ever. Combined with a Coast Guard Sector Commander who used his ForceNet system to look at and download from notoriously hazardous online porn sites for months and a Pfc who; with his high rank and privileged user clearance, made copies of maybe a million Read Only military and State Department documents so he could give them to a suspected rapist...(I know there's more than this, there always is), I would like to suggest an ancient device from Earth's past. It was once called a pencil. Humans actually survived and a great many even flourished using such things. Great calculations in physics, highly advanced financial transactions, massive construction projects, even wars and space travel were conducted with their common usage.
Question: Are we actually doing anything new without them?