Chinese hackers attacked the office computers of Senator Bill Nelson recently sparking a push at recent hearings for more to be done about cyber intrusions, our friend Josh Rogin reports at Congressional Quarterly.
The enterprising reporter heard a seemingly throw away line in a hearing last week and dove into the story, uncovering a focused push by hackers with IP addresses originating in China to penetrate the Senator’s computer.
In three separate attacks, two in March and one in February, cyberhackers targeted the work stations of Nelsons foreign policy aide, his deputy legislative director, and a former Nelson NASA adviser, Nelsons office said in a statement.
The hackers did not steal any classified information, which is not stored on office computers, the statement said.
A Nelson aide said the attacks were traced to China through Internet Protocol (IP) information, which could have been masked. The Office of Senate Security and the Senate Sergeant at Arms Information Technology Security Branch responded to the attacks, the aide said, by wiping clean malicious code from the affected systems.
Nelson first disclosed the attacks March 19 at an Armed Services Committee hearing that featured testimony by senior military officials with domain over cyberwarfare.
I have had my office computers invaded three times in the last month, and one of them we think is very serious, Nelson said at the hearing.
At another hearing the same day, this time held by the Commerce, Science and Transportation Committee, Nelson said his computer seemed to be talking to a computer in some international arena.
We’ve been writing for months here at DT that the cyber warfare battlefield should be taken more seriously. A lot of our readers feel like this is the Internet equivalent of a North Korean nuke — a glorified firecracker that will sputter to a halt in boost phase over Pyongyang, raining radiation from derelict X-Ray machines all over the three cars driving past the world’s largest Kim Jong Il statue.
But our own Kevin Coleman warns in private conversations with me that the cyber threat is very real and is being taken seriously by more and more government officials — the DoD, intel community, White House and Congress. There’s movement afoot to create a cabinet level cyber warfare Czar which would clearly elevate the issue to the highest levels.
Poo poo it all you want, but as the Nelson cyber attack from Chinese IPs points out, there’s some serious probing going on here. And as you know, once the reactionary sleeping giant of Capitol Hill is awakened to the threat, it’s only a matter of time before resources are thrown at the problem.
– Christian
{ 21 comments… read them below or add one }
I’m far from the most computer savvy person, but just because it says their IP addresses come from China doesn’t mean this is a Chinese attack.
http://anonymizer.nntime.com/
This is a website that lets you mask your IP address. It’s free. Take a look at the big bold letters that say “Start using Change IP Country!” The 6th option down is China.
So that means that absolutely anybody can have an IP address that comes from China. But I’m sure hackers don’t know about that website.
I just want to point out how right you two have been all along. Everything you have blogged about is right on the money. People on the inside applaud your work and efforts!!! People who are not privy to some of the intel and attacks are at a great disadvantage and really need to open their minds and give the benefit of those who work on this 24/7/365. While some think they know it all, others are in denial and others just want to be in the loop as you two seem to be. Either way – THANK YOU and KEEP UP THE GREAT WORK!!! You two are true patriots and deserving of recognition and a medal.
>but as the Nelson cyber attack from Chinese IPs points out,
It points out you don’t even get the absolute basics.
This is supposed to be a blog about “tech” and yet the editors seem to have very little understanding of it. Instead there is an endless shilling for failed programs with shameless use of press releases.
It is certainly possible that these hacks originated in China, since their goverment is highly active in military and industrial espionage. However, as a previous comment accurately states, the Chinese IP address does not prove that the hacks came from China.
Here is what is more disturbing:
1. These appear to have been targeted attacks that succeeded in penetrating all three computers in a single Sentate office.
2. The (unspecified) method of attack may not have been particularly sophisticated.
3. The members and staffs of the U.S. Senate (as well as Representatives and their staffs) are apparently not using adequate intrusion detection and prevention tools.
It seems to me that the Federal government remains chronically and dangerously behind the curve.
Oblat – I hate to break your bubble but I am technical!!! I help grow two of the fastest growing technology companies in the U.S. If you think we are going to publish technical details that assist others to use the same techniques or exploit the same vulnerabilities YOU HAVE LOST YOUR MIND! What are you one of our cyber adversaries?
This is like God writing you blank check to see who is hacking you. I would have seeded those PCs with the most scandalous lies imaginable and then saw where the info pops up. Kind of like dropping dye in a pipe to see where its outflow lies.
Yes Kevin, he’s obviously a communist. What is crystal clear to me, and therefore should be crystal clear to you, is that anyone with the slightest amount of hacking ability can change their IP address. Hell, even I can do it. On my phone. Yet for some reason, you seem to always pile on the bandwagon, and exaggerate the threat. And, as you said, you have a large financial stake in two companies that specialize in tha sort of thing.
If the ChiComms can hit Nelson, who else can they HIT?
IE AIG, Merrill Lynch, the Fed & turn this Wall St Meltdown into a Real SuperMess.
Beef up IT Security or Risk More Intrusions.
Maybe Next time they get Secret data.
Due to our “willingness” to NOT Guard IT Systems
>I hate to break your bubble but I am technical!!!
I was upset to see the new cisco switches we recieved said made in china on them. pissssssssssssses me off.
I heard they have no way to check if chips are real or not. We subcontract production to a competitor who can use that fact to their advantage.
Sgt Oblat
DO NOT PUT WORDS IN MY MOUTH! How dare you even suggest I am in this for the money. I give away more free consulting and reports to help our nation that you make!
I would suggest you get informed and do so now!
I went to china last april and got a fortune cookie that said; “man who go to bed with itchy rear wake up with smelly finger”.
How do they know these things if they aren’t spying on us?
“Do unto others as they have done to you”…maybe we ought to FRY thier network sometime soon. Try and fix that mess Chicom.
Chicoms got caught attempting to hack into the FAA. No other details than this.
My opinion: Red Army is behind this. The Reds have control of their firewalls to get outside of their country. Next, the Chicoms only train the best and brightest this level of education needed for this type of hacking.
Brian, for me it doesn’t matter WHO hacked Capitol Hill… SOMEONE DID.
feeling heat here…
You can’t please all of the people all of the time–in other words “Spam is in the eye of the beholder
- President of The Email Channel
Patron Vectras,
Yes, someone hacked Capitol Hill. Maybe the same person who hacked Sarah Palin’s e-mail account.
Do we need computer security? Of course. Are random hackings a national defense threat? No. And this thread is TOTALLY DISINGENUOUS because Kevin absolutely knows that disguising your IP address is child’s play. Would you trust a mechanic who told you that you were out of headlight fluid? Because that’s exactly what he’s doing.
pop is one way to protect security in systems but it is easy to brake a computer security because people tend to use passwords that are names of places,animals,dates of bith scrambled you should change passwords every few weeks to lesson the chance of hacking and not use a common password that is the proble with our securty in the capital they use password which they don’t have to think hard to remember instead of a password which is not writen and left on desk or in plain view writen downsecurty must come first
pop is one way to protect security in systems but it is easy to brake a computer security because people tend to use passwords that are names of places,animals,dates of bith scrambled you should change passwords every few weeks to lesson the chance of hacking and not use a common password that is the proble with our securty in the capital they use password which they don’t have to think hard to remember instead of a password which is not writen and left on desk or in plain view writen downsecurty must come first
“Vast Spy System Loots Computers in 103 Countries”
http://www.nytimes.com/2009/03/29/technology/29spy.html?scp=1&sq=Major%20cyber%20spy%20network&st=cse
“TORONTO