How Chinese Spies Got the N.S.A.’s Hacking Tools, and Used Them for Attacks - We know all nations spy and cyber is no different from conventional war as far as reinventing ideas goes
Chinese intelligence agents (not corporate Huawei) acquired National Security Agency hacking tools and repurposed them in 2016 to attack American allies and private companies in Europe and Asia, a leading cybersecurity firm has discovered. The episode is the latest evidence that the United States has lost control of key parts of its cybersecurity arsenal.
Based on the timing of the attacks and clues in the computer code, researchers with the firm Symantec believe the Chinese did not steal the code but captured it from an N.S.A. attack on their own computers — like a gunslinger who grabs an enemy’s rifle and starts blasting away.
The Chinese action shows how proliferating cyberconflict is creating a digital wild West with few rules or certainties, and how difficult it is for the United States to keep track of the malware it uses to break into foreign networks and attack adversaries’ infrastructure.
The losses have touched off a debate within the intelligence community over whether the United States should continue to develop some of the world’s most high-tech, stealthy cyberweapons if it is unable to keep them under lock and key.
My opinion is that no-one should think backdoors or encryption busting tools are going to stay undetected or unused by one's enemies or allies alike. If you design some weakness into a system it's going to get found out. We have to all accept that the Chinese, USA, Russia, North Koreans, Germans, etc are all spying on each other as well as their allies. There is no safe glass house from which to throw your stones at another nation, especially when it comes to spying. What is unique about cyber warfare and spying is that the playing fields are often levelled in that a small innovative nation can successfully tackle a superpower.
So that said, and knowing the US has been caught spying on their German allies, we are also not sure that the Chinese themselves actually perpetrated the spying. Many nation states employ their own third parties and spying is often about deception, and these cases don't end up in open courts... so who really knows who was caught spying on who.
See www.nytimes.com/2019/05/06/us/…
#spying #cyberwarfare #security
source https://squeet.me/display/962c3e10-465c-d49a-c699-d93920191082
Based on the timing of the attacks and clues in the computer code, researchers with the firm Symantec believe the Chinese did not steal the code but captured it from an N.S.A. attack on their own computers — like a gunslinger who grabs an enemy’s rifle and starts blasting away.
The Chinese action shows how proliferating cyberconflict is creating a digital wild West with few rules or certainties, and how difficult it is for the United States to keep track of the malware it uses to break into foreign networks and attack adversaries’ infrastructure.
The losses have touched off a debate within the intelligence community over whether the United States should continue to develop some of the world’s most high-tech, stealthy cyberweapons if it is unable to keep them under lock and key.
My opinion is that no-one should think backdoors or encryption busting tools are going to stay undetected or unused by one's enemies or allies alike. If you design some weakness into a system it's going to get found out. We have to all accept that the Chinese, USA, Russia, North Koreans, Germans, etc are all spying on each other as well as their allies. There is no safe glass house from which to throw your stones at another nation, especially when it comes to spying. What is unique about cyber warfare and spying is that the playing fields are often levelled in that a small innovative nation can successfully tackle a superpower.
So that said, and knowing the US has been caught spying on their German allies, we are also not sure that the Chinese themselves actually perpetrated the spying. Many nation states employ their own third parties and spying is often about deception, and these cases don't end up in open courts... so who really knows who was caught spying on who.
See www.nytimes.com/2019/05/06/us/…
#spying #cyberwarfare #security
source https://squeet.me/display/962c3e10-465c-d49a-c699-d93920191082
Comments