cageymaru

Fully [H]
Joined
Apr 10, 2003
Messages
21,487
The Wall Street Journal is reporting that the U.S. Navy and Air Force are the focus of new cyberattacks as the hackers search the computer systems of contractors to find classified advanced military technology. A Chinese hacking group known as Temp.Periscope or Leviathan is using email phishing schemes to break into the computer networks of Navy contractors and subcontractors. Plans to build a supersonic anti-ship missile were stolen in June. Large and small contractors are affected, but the smaller contractors can't afford to secure their systems.

A U.S. cybersecurity firm called FireEye has closely tracked the Leviathan group and says that they are the most prolific Chinese hacking group since they reformed in the middle of 2017. Other Chinese hacking groups have been accused of the Marriott International data breach. China has seemingly abandoned the 2015 accord to refrain from economic espionage and hacking activities.

Though most of the hacking involves the theft of secrets, Navy officials say China also wants to demonstrate it can pose a different kind of threat even if it is unable to engage the U.S. military ship-to-ship or airplane-to-airplane. "They are looking for our weak underbelly," said one defense official. "An asymmetric way to engage the United States without ever having to fire a round."
 
Joined
Mar 18, 2013
Messages
3,842
Lots of China in the "news", glad the bureau of Alternate Facts and Propaganda has the Sycophant Wire doing their patriotic duty as good citizens.
 

ianken

[H]ard|Gawd
Joined
Feb 21, 2006
Messages
1,953
Lots of China in the "news", glad the bureau of Alternate Facts and Propaganda has the Sycophant Wire doing their patriotic duty as good citizens.

Can you cite anything that indicates that this is not happening? That adversaries of the USA would not be doing this? :rolleyes:

This is orthogonal to our own fucked up internal political situation.
 
Joined
Mar 16, 2006
Messages
4,064
mshckd.gif
 

benedict

n00b
Joined
Nov 13, 2018
Messages
37
In other news - USA hackers are targeting Russian military contractors, Russian hackers are targeting Chinese military contractors and all of them are targeting European military contractors.
Slow news day?
 

repoman0

[H]ard|Gawd
Joined
Apr 7, 2006
Messages
1,266
Air gap your damn networks.

I have no idea how they manage to steal anything important. I work in both Secret and TS/SCI level facilities and there is no way anyone hacks into those because they are not exposed to the outside internet anywhere. Contractors are totally screwing up to the point where they should lose access to classified material if actual plans and engineering documents are stored on unclassified systems. Security violations and training are taken very seriously where I work as they should be everywhere.

By the way US government accreditation is a very serious process even for Secret level labs and especially for TS/SCI where the real important stuff is stored.
 

nutzo

Supreme [H]ardness
Joined
Feb 15, 2004
Messages
7,380
I have no idea how they manage to steal anything important. I work in both Secret and TS/SCI level facilities and there is no way anyone hacks into those because they are not exposed to the outside internet anywhere. Contractors are totally screwing up to the point where they should lose access to classified material if actual plans and engineering documents are stored on unclassified systems. Security violations and training are taken very seriously where I work as they should be everywhere.

By the way US government accreditation is a very serious process even for Secret level labs and especially for TS/SCI where the real important stuff is stored.


This.

Anything that important should not be stored on any system that has access to the internet.

Maybe the stolen files where on someone's email server setup in a bathroom somewhere :rolleyes:

I do remember many years ago, when I worked for a company that sold servers to some of the aerospace companies that used to be here in Southern California.

I got a call from one of the IT people at a company because he need to buy a new CPU for the server. I tried explaining that the vendor only sold extra CPU's on the CPU card, and that you would need to buy the entire card if you wanted to upgrade to dual CPU's (this was back the early 486 days). He told me he just needed the CPU because someone had stolen it out of the server. :eek:
This was in a secure area, and they where trying to get the CPU replaced quickly before anyone else found out it had been stolen. (it could have affected their government contracts).
Anyway, we quickly provided them with a replacement CPU.

A couple weeks later, he called again and wanted to buy the CPU and the CPU card. I asked them if they needed to upgrade the server software to support dual CPU's and he told me no, someone had stolen the CPU and the card this time. :nailbiting:

So much for a secure area.
 

GT98

[H]ard|Gawd
Joined
Aug 29, 2001
Messages
1,266
I have no idea how they manage to steal anything important. I work in both Secret and TS/SCI level facilities and there is no way anyone hacks into those because they are not exposed to the outside internet anywhere. Contractors are totally screwing up to the point where they should lose access to classified material if actual plans and engineering documents are stored on unclassified systems. Security violations and training are taken very seriously where I work as they should be everywhere.

By the way US government accreditation is a very serious process even for Secret level labs and especially for TS/SCI where the real important stuff is stored.

Exactly-I used to work for a cleared contractor in my previous position and your supposed to have yearly inspections by the government to check your security posture and whatnot.

The upside is the USG is taking this very seriously-I've seen things (most likely related to this) that government going to try and make sure this isn't going let this happen again. Lots of changes and improvements coming down that will hopefully plug the holes

The overall problem is that this stuff costs alot of money and its hard to find good/trained people to have this setup properly. Some of the requirements are mind boggling if they implemented (not completely related-but supply chain management is a HUGE one that is going to be a giant PIA)

If you work in the IT field and deal with stupid users, just add on people who have clearances and do stupid things with classified data-which is the primary reason I got out of it-it was keeping me up at night. Now I just make sure government items are locked down using the RMF Process.
 
Joined
Aug 3, 2017
Messages
794
geez, they already loss aircraft plans yearsss ago ( hence why the Chinese have stealth planes) . Now they lose naval plans?

these contractors should be fined Billions and the execs locked up for mishandling classified info.
 

[Spectre]

[H] Admin
Staff member
Joined
Aug 29, 2004
Messages
20,824
I have no idea how they manage to steal anything important. I work in both Secret and TS/SCI level facilities and there is no way anyone hacks into those because they are not exposed to the outside internet anywhere. Contractors are totally screwing up to the point where they should lose access to classified material if actual plans and engineering documents are stored on unclassified systems. Security violations and training are taken very seriously where I work as they should be everywhere.

By the way US government accreditation is a very serious process even for Secret level labs and especially for TS/SCI where the real important stuff is stored.

Social engineering, and not all of those systems are isolated as you think.
 

GT98

[H]ard|Gawd
Joined
Aug 29, 2001
Messages
1,266
Social engineering, and not all of those systems are isolated as you think.

Given the accreditation process for having a TS network and its associated costs...trust me they are. Like I said before, there is a dedicated government agency to enforcing this (which of course is undermanned/under trained to a point-but that is changing hopefully) and companies should be training their employees about social engineering/phishing attempts.

To me, this sounds like people where mishandling the data or had an insider threat.
 

GT98

[H]ard|Gawd
Joined
Aug 29, 2001
Messages
1,266
Bingo. Whoever believes the size of a company is an indicator of the ability to secure its systems is an idiot.

It is-They don't have the same resources as a bigger company aka $$$. I saw this first hand at the company I worked at.

This is just an example-We had equipment that was 30 plus years old for testing parts we made. If it broke, it cost roughly what a good used car goes for to fix it, but to buy a brand new part would cost roughly the cost of a new car. Multiply this by 10-20 or even 300-500 units..well gets very expensive. Our capex budget was shit because they did everything as cheap as possible because we where more or less a boutique type shop that was part of a bigger organization. Our bigger facilities had the same equipment-though they where different companies (we where an amalgamation of different companies through the US bought up by another company)
 
Last edited:

BSmith

[H]ard|Gawd
Joined
Nov 9, 2017
Messages
1,323
It is-They don't have the same resources as a bigger company aka $$$. I saw this first hand at the company I worked at.

That is bullshit. It does not take any more money to secure a network than it does to leave one open. You just have to be smarter about it. I have secured many small networks and have seen Fortune 500 company networks that were wide open to anything and everything.

It is not about the money. It is about the people managing it all.
 

GT98

[H]ard|Gawd
Joined
Aug 29, 2001
Messages
1,266
That is bullshit. It does not take any more money to secure a network than it does to leave one open. You just have to be smarter about it. I have secured many small networks and have seen Fortune 500 company networks that were wide open to anything and everything.

It is not about the money. It is about the people managing it all.

You never obviously worked with a SIPR connection (secure/secret network from the DOD)-its huge money to support a network connection (leasing secure T1 line from the government,etc) the cost is in the 100's of thousand of dollars with manpower costs and what not.

Then finding people or even managers that are competent enough to run it is another issue.

Even on the regular public facing network companies don't want to spend the $$$ on phshing training, securing FOUO emails, etc...because the profit margins can't support it.

There are reasons why companies charge stupid money on for DOD items-because they can't make $$ on making 50 special coffee pots that where last made in the 1980s and the tooling hasn't been used since then.
 

kirbyrj

Fully [H]
Joined
Feb 1, 2005
Messages
30,228
Lots of China in the "news", glad the bureau of Alternate Facts and Propaganda has the Sycophant Wire doing their patriotic duty as good citizens.

That's because the Chinese are not our friends. The sooner we realize this and find alternative sources for goods produced there, the better off we'll be. Cripple their economy before they cripple ours.
 

Dead Parrot

2[H]4U
Joined
Mar 4, 2013
Messages
2,831
"but the smaller contractors can't afford to secure their systems."

Bullshit.

Agreed. Bet most of the smaller contractors didn't even have a properly configured firewall, updated malware detection software, current OS security patches and still had admin level access on workstations for basic users.

Scary how many breech stories mention the victim listing these steps in their remediation documentation.
 

sfsuphysics

[H]F Junkie
Joined
Jan 14, 2007
Messages
15,530
"but the smaller contractors can't afford to secure their systems."

Bullshit.
yeah if that's the case then they should not be given military contracts, period.

I mean seriously how hard is for the US gov't to have a requirement that they actually be able to protect their shit? I mean they make them sign NDAs so they don't talk about it, but also some sort of requirement not to have sensitive data accessable remotely won't exactly cost too much.
 

Dayaks

[H]F Junkie
Joined
Feb 22, 2012
Messages
9,180
Too bad we cant bring back the Iowa class battleships, Mark 7 16in 50 caliber guns and analog targeting computers. Nothing to hack there!

One component of the analog Mark 37 gun fire control system, old but deadly accurate.

View attachment 127553

Iowa class was only accurate to 1/4 mile... but I guess when you have 9x 1 ton projetiles you’ll wipe out everything anyways.

Modern naval warfare a BB would get mauled.

I am an electrical engineer with a controls background and I personally don’t care for how connected people try to make everything.
 

killroy67

[H]ard|Gawd
Joined
Oct 16, 2006
Messages
1,382
Iowa class was only accurate to 1/4 mile... but I guess when you have 9x 1 ton projetiles you’ll wipe out everything anyways.

Modern naval warfare a BB would get mauled.

I am an electrical engineer with a controls background and I personally don’t care for how connected people try to make everything.

I don't know how they would do in today's Navy, but the Iowa's performed very well during the first Gulf War despite all of the anti-battleship critics. As for mauled, yeah sure if they are by themselves and not in a battlegroup with aircraft support from a carrier. That was proven with what happened to HMS Prince of Wales and HMS Repulse. The Iowas were fast battleships and designed to escort the new Essex class carriers, not be on their own. The Iowas were also modernized with the latest in air defenses systems (Phalanx CIWS and Stinger missiles), and also given Tomahawk cruise missiles and anti-ship Harpoon missiles not to mention the 16 inch and 5 inch guns. Include up to 19 inches of the USA version of Krupp cemented armor and Homogeneous armor and you have one forminible ship. Ships today are thin skinned and can't take a hit , where a battleships armored citadel is designed to take massive amounts of punishment. I think people are too quick to discount them in a fight.
 

BSmith

[H]ard|Gawd
Joined
Nov 9, 2017
Messages
1,323
You never obviously worked with a SIPR connection (secure/secret network from the DOD)-its huge money to support a network connection (leasing secure T1 line from the government,etc) the cost is in the 100's of thousand of dollars with manpower costs and what not.

Then finding people or even managers that are competent enough to run it is another issue.

Even on the regular public facing network companies don't want to spend the $$$ on phshing training, securing FOUO emails, etc...because the profit margins can't support it.

There are reasons why companies charge stupid money on for DOD items-because they can't make $$ on making 50 special coffee pots that where last made in the 1980s and the tooling hasn't been used since then.

You jump to some wild conclusions based on some idea of what you think it takes to secure a network.

If you do not know how to secure a small business network, without spending a butt load of cash, that is your short coming. Not mine. Maybe you do know, but chose the most elaborate expample you could to demonstrate why small companies struggle to secure their network. If that were the only option, I would concur with you, but it is not the only option. Hell, most government installations have some of the worst security practices I have ever seen. So much so, I refuse to work them.

This much I kinow about small businesses. It is much, much easier to train them than a large corporation is. I have done both. I like working with small businesses as they tend to be able to turn on a dime and they provide a challenge that you have to solve without a lot of cash on hand. It is quite solvable, but you have to think outside the box. None of my customers have suffered a breech, yet (20+ years, so far). Always have put that "yet" in there because hackers are always working against you and Windows updates do not help matters, some times.

I do spend a lot of my time reading, studying, and watching how networks are broken into and coming up with alternative methods to prevent it. It is quite the challenge.
 
Last edited:

Schtask

Limp Gawd
Joined
Nov 29, 2011
Messages
436
It is-They don't have the same resources as a bigger company aka $$$. I saw this first hand at the company I worked at.

This is just an example-We had equipment that was 30 plus years old for testing parts we made. If it broke, it cost roughly what a good used car goes for to fix it, but to buy a brand new part would cost roughly the cost of a new car. Multiply this by 10-20 or even 300-500 units..well gets very expensive. Our capex budget was shit because they did everything as cheap as possible because we where more or less a boutique type shop that was part of a bigger organization. Our bigger facilities had the same equipment-though they where different companies (we where an amalgamation of different companies through the US bought up by another company)

I agree to a point. Hard to secure laptops and equipment still running Windows ME, XP, NT, etc.. That being said... If a contracting company can't afford to employ SECURE systems / equipment then WHY FFS are they being selected to work in DoD / Gov facilities in the first place.

ALSO.... Doesn't matter what your security posture is if you have serious issues in securing your humans.
 

FlawleZ

[H]ard|Gawd
Joined
Oct 20, 2010
Messages
1,600
You never obviously worked with a SIPR connection (secure/secret network from the DOD)-its huge money to support a network connection (leasing secure T1 line from the government,etc) the cost is in the 100's of thousand of dollars with manpower costs and what not.

Then finding people or even managers that are competent enough to run it is another issue.

Even on the regular public facing network companies don't want to spend the $$$ on phshing training, securing FOUO emails, etc...because the profit margins can't support it.

There are reasons why companies charge stupid money on for DOD items-because they can't make $$ on making 50 special coffee pots that where last made in the 1980s and the tooling hasn't been used since then.
I work as a contractor and I can say in my environment the contractor size and budget has a big fat 0 to do with the level of security the network or device has. Why? Because anything on the government network is government property and therefore subsidized by government money. The contractors are not responsible nor should they ever be on actual government equipment and governemnt network.
 
Joined
Jan 27, 2015
Messages
520
Meh, just release/leak fake documents, it's called counter intelligence, when they figure it out, they can look like morons, and you can tie them directly to the Chinese government, then just oversaturate their backbone once proven till a takes a day to load a webpage.
 
Joined
Jan 27, 2015
Messages
520
Too bad we cant bring back the Iowa class battleships, Mark 7 16in 50 caliber guns and analog targeting computers. Nothing to hack there!

One component of the analog Mark 37 gun fire control system, old but deadly accurate.

View attachment 127553

Even worse USS New Jersey mechanical analog computer and an outdated digital system from the 80's that needs a complete rebuild as it was corrupted and hardly anybody can make heads or tails of the system, due to security level and apparently few being alive that worked on the original project, NASA is apparently in the same shape alot was stored on microfilm that ended up being improperly stored and ended up getting away and degrading to the point it can no longer be viewed....
 

GT98

[H]ard|Gawd
Joined
Aug 29, 2001
Messages
1,266
I work as a contractor and I can say in my environment the contractor size and budget has a big fat 0 to do with the level of security the network or device has. Why? Because anything on the government network is government property and therefore subsidized by government money. The contractors are not responsible nor should they ever be on actual government equipment and governemnt network.

Seriously? I did this for a living as an FSO/ISSM. The contractor is on the hook for setting up classified networks/computers to process data that the goverement provides to them to make equipment for them.

For example-you have a piece of test equipment running an OS that is attached to a classifed network (for easier patching/updating of it and other systems)-that comes all out of pocket of the contractor-which may or may not have that baked into the cost of the contract. Most likely not, because the company is trying to max its profit margin.

You may need a SIPR connection to talk to two different locations-you have to pay the goverement for the T1 connection that is monitored by them to connect those two sites together. The goverement doesn't subsitize that cost at all...I belong to a mailing group and when this question comes up on it, the general consensis that its a black hole you throw money into and if you really don't need to, don't do it.
 

FlawleZ

[H]ard|Gawd
Joined
Oct 20, 2010
Messages
1,600
Seriously? I did this for a living as an FSO/ISSM. The contractor is on the hook for setting up classified networks/computers to process data that the goverement provides to them to make equipment for them.

For example-you have a piece of test equipment running an OS that is attached to a classifed network (for easier patching/updating of it and other systems)-that comes all out of pocket of the contractor-which may or may not have that baked into the cost of the contract. Most likely not, because the company is trying to max its profit margin.

You may need a SIPR connection to talk to two different locations-you have to pay the goverement for the T1 connection that is monitored by them to connect those two sites together. The goverement doesn't subsitize that cost at all...I belong to a mailing group and when this question comes up on it, the general consensis that its a black hole you throw money into and if you really don't need to, don't do it.
I work on the medical IT side and absolutely every device and piece of hardware or software is purchased or owned by the government. If it's not a government furnished asset, it's not able to connect to the government network. This is all on just the NIPR network.

I believe since the environment I work in is medical and therefore contains PII/PHI, the standards are much higher.
 

HAL_404

[H]ard|Gawd
Joined
Dec 16, 2018
Messages
1,240
hmmm ... Chinese group called Leviathan

Leviathan: biblical symbol for Satan ("he is a king over all the children of pride.")
 

Flogger23m

[H]F Junkie
Joined
Jun 19, 2009
Messages
13,110
Can you cite anything that indicates that this is not happening? That adversaries of the USA would not be doing this? :rolleyes:

This is orthogonal to our own fucked up internal political situation.

I take him about as seriously as I take the KKK.

The PRC has a history of stealing anything they can for the US such as from aerospace companies. Stealing is embedded in Chinese culture.
 

GT98

[H]ard|Gawd
Joined
Aug 29, 2001
Messages
1,266
I work on the medical IT side and absolutely every device and piece of hardware or software is purchased or owned by the government. If it's not a government furnished asset, it's not able to connect to the government network. This is all on just the NIPR network.

I believe since the environment I work in is medical and therefore contains PII/PHI, the standards are much higher.

No, sounds like your working as as CSS (contractor service support) support directly for the DOD. I'm currently doing the same thing for the Navy.

However, the thing is your missing is that there are cleared contractors that have access to classifed data that is completely unrelated to that. My old position was working for one of those companies. We had classified LANs setup to support classifed contracts we had. This is where you can start having problems with some companies-and thus the subject of the article. There is a branch of the goverement called the Defence Security Service that is supposed to be the watchdog for these companies and help companies protect this information. There are alot of on going changes with them, because of this threat. This was one of the reasons I left my old positon-what they wanted to do and going by what my company was capaible of doing-I decided the headache wasn't worth it. The changes are for the better, but given the state of most of the DOD related companies that aren't the major players like General Dynamics, Lockheed-Martin and so on, the smaller mom and pop operations are going to have siginificant headwinds they are going to run into without some help from the goverement in the form of some extra $$$.
 
Top