Facebook admits a breach and China gets exposed as the number one Cyber-Threat… again


Over the past year or two we have watched as companies like Microsoft, Crytek, Ubisoft and others push their business model into the cloud. At the same time we have watched as the number of cyber-attacks and data breaches increase. These attacks have also increased in sophistication and in some cases have not been detected until after the breach has been made and data lost. Still companies try to make the claim that their services, out of all of the others, are secure. Simply put (as we have always said) there is no such thing as a secure service, operating system, network or anything else. If it is connected or even powered on it is in danger.

We have talked at length about why these attacks are increasing and why they are successful so we will not go into too much detail on that here except to remind you that the majority of data breaches are because the target company did not take the proper steps to prevent them. These problems include everything from not updating outdated firmware, operating systems and hardware to using default passwords for edge devices (even on critical infrastructure devices). This is not to say that ALL data breaches are the result of carelessness; there are very sophisticated attacks that happen every day to the services that we rely on.  

These attacks and breaches have a number of sources that range from the ever present Anonymous collective to criminal rings and on to foreign governments conducting cyber warfare on various nations. The US has its own cyber warfare program and has been implicated in a couple of attacks on Iran (including Stuxnet). We know that President Obama loves technology as we saw by his refusal to give up his Blackberry after he was elected. He has also singed more than a few executive orders to broaden the scope of US cyber warfare capabilities. These have covered both offensive and defense measures and unfortunately they have almost all had a negative impact on the general populations right to privacy and also net neutrality.

The most recent order pretty much put the Cyber Intelligence Sharing and Protection Act into practice without congressional oversight or allowing any chance that the voting public would get to weigh in on it. Coincidentally we are now hearing that the majority of cyber-attacks made on the US and Large US corporations are coming from China. As with everything timing is critical to conveying a message.  We told you that we would see CISPA, SOPA, PIPA and worse starting this year. Most of these bills were put on the shelf until after the election so that the incumbent senators and representatives could keep their jobs in the capitol. Politics aside we are seeing some very concerning trends in the laws that govern our internet.

Why now and Why China?

Of course the question is, why is this big news now and why put China out there like this? We have always known that China is a common source of cyber-attacks around the world. This is not news and even outing a particular unit inside China is not a big deal. Going back a couple of years Google used china as the scape goat when they wanted to exit China. Even going back farther than Google it has been known in the security community that China and to a lesser extend Russia it a big source of these types of attacks. The difference is that while the Russian hackers have moved to a “for-profit” model the attacks from China still appear to be more about information gathering for political and economic gain. In fact in the released report it mentions that this particular group has been in operation since at least 2006. Of course this is the first time that anyone has been able to local the actual building that the operations appear to be running from (or at least the building that a particular IP range is coming from). Although tracking someone or something through a proxy network is not the easiest task (if the person that setup the proxy is good enough) we are still surprised that it has taken 7 years to track this group down. In reality some of the information surrounding this release of information does not add up, but then again we would not be surprised to find out that the public report does not contain all of the data.

This puts China in the hot seat as the Internet Boogeyman as there is a ton of evidence of their activities over the last 6-8 years. We know of other sources out there including other countries that have sophisticated cyber-warfare programs, but the evidence that we have for these is not as lengthy or and detailed. Those other reports also potentially expose some of our own operations which make using them a non-option.  The other boogeyman that we have seen used in the past is no longer an option simply because they have a new image as a Robin Hood like hero. The public is not likely to become scared of Anonymous or get behind a bill that uses them as a threat. Could you see the US population getting behind a bill that used Anonymous as its central threat? I know I cannot, they have almost a cult following after their ops to protest copyright, SOPA, CISPA, PIPA, and even their ongoing war against child pornography. This once again leaves China as the best poster child for this latest effort at pushing new cyber laws.

As for the why now, well that one we have already told you. There are a myriad of laws that the copyright industry would like to pass. The fact that many of these laws require a greater presence by law enforcement (or require ISPs to be their own police) is an added bonus to the US government at this time. They get something and the copyright lobby gets something. The general public loses a little more privacy and finds their personal information open to transfer to anyone all in the name of “national security”. It is not a situation that needs to happen, but it is one that a large number of people in positions of power want to happen and if they want it bad enough they will find a way to get these new laws in place (unless there is an overwhelming response from the general public). It is no coincidence that this information was released now, just as it is no coincidence that Facebook publicly admitted they had a breach.  The timing here is too close for this to be anything more than laying the groundwork for things to come.

The truly sad part about all of this is that this is only the beginning of what we expect to see this year. As we have said this year is going to get ugly as the now re-elected officials get comfortable and the copyright and entertainment industry gears up for a fresh assault. On top of all of this, MPAA boss Chris Dodd is now allowed to directly interact with his old friends on the hill. Buckle up it is going to be a bumpy ride for personal privacy and internet rights…

What do you think about all of this? Tell us in our Forum

No comments

Leave your comment

In reply to Some User