When you deal with devil…

Not about Cuba this morning, but about Red China and its People’s Liberation Army:

The Chinese military hacked into a Pentagon computer network in June in the most successful cyber attack on the US defence [sic] department, say American ­officials.

The Pentagon acknowledged shutting down part of a computer system serving the office of Robert Gates, defence secretary, but declined to say who it believed was behind the attack.

Current and former officials have told the Financial Times an internal investigation has revealed that the incursion came from the People’s Liberation Army.

Make your own conclusions.

2 thoughts on “When you deal with devil…”

  1. As an IT professional, color me unimpressed by China’s act. If the systems or service(s) they attacked was down for a week, there’s no way it served any sort of critical function; if it did, they’d have severed the internet connection and left it running, or if internet access was necessary – not a proven thing – imposed some sort of single network entry point to the system that’s heavily monitored with intrusion detection systems.

    Tell you the truth, all these “attacks” on the Pentagon in the past, including this one, have been yawners. Either some ankle-biter defaced a web page – big deal – or someone managed to get traffic-sniffing software on a computer inside the Pentagon. And while that’s nothing to sneeze at, it’s not as big a concern as some would think; email should be done over secure i.e. encrypted protocols, and so should any other sort of sensitive traffic. That way, even if your network is penetrated, all the sniffer gets is encrypted gibberish that they can decrypt if they’re willing to devote the centuries to millennia for cracking it. So someone got into some desktops and saw some unclassified material? I’m incredibly not-worried. The real sensitive stuff’s encrypted all to heck and gone and probably not on an internet-connected system to begin with, so you’d have to conduct system penetration by human engineering (plain english: Trick or convince someone into getting it for you. And that problem’s been known for years now – Walker spy ring, anyone? – and not really an IT issue to begin with. More an HR and security background checking issue).

    Again, not too impressed or worried if they gained access to some folks desktops. Even if those PLA “hackers” tried to “re-enter and disrupt on a very large scale” the system they hacked, that would hardly bring the Pentagon to a screeching halt. Payroll processesing may get delayed, and human resources sorts of stuff may be messed up, but that sort of attack on those sorts of systems would hardly be able to prevent the services from actually conducting warfighting missions. It’s not like a jet can’t launch, or a tank can’t shoot if some mid-level bureacrat’s PC loses it’s network connection.

Comments are closed.