Category: computersecuritynews

Needless to say a flaw in an older version of Exim (4.92.1) had a serious problem or flaw that became CVE-2019-15846:

I like to point out some problems that come up that are interesting… This Software is needed in Mail servers and is not obviously known to most people. But if a company does have it now needs to be upgraded.

Notice there were many releases of this software before someone found the vulnerability , here is the CVE information from Bugtraq:

Description- Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.

Bugtraq has an interesting explanation :

"Zerons" and Qualys discovered that a buffer overflow triggerable in the
TLS negotiation code of the Exim mail transport agent could result in the
execution of arbitrary code with root privileges.

So it seems that hackers found the flaw and it was patched quickly… But the administrators still need to install and update. So as usual here is the weak point – administrators which are already stressed have to do some off-hours updates sooner than later.

Contact Us to discuss

Chinese Hackers Eye US Cancer Research:

https://www.technewsworld.com/story/86211.html

This is another outrageous attack on our companies and institutions as Chinese APT  hacker groups appear to be linked to stealing information from Cancer research

Here is a news story about espionage by Chinese paid doctors. NBCnews story about 3 scientists removed from  MD Anderson Cancer Center

FireEyE  published a report on how the Chinese

Focused attacks in healthcare to steal medical research

FireEye was the company that documented and released the Unit 61398 (China military attacking World targets since 2004) report about the APT1 group.

Since 2006 Mandiant (today a FireEye company)  has observed APT1 compromise 141 companies in 20 major industries.

So it is obvious to all people who keep up on these things, that China has stolen or can have access to many companies as many times as they want:

“Once APT1 has established access, they periodically revisit the victim’s network over several months or years and steal broad categories of intellectual property, including technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, and emails and contact lists from victim organizations’ leadership.”

So I want to ask now why would the Chinese even want to embark on this type of method to interact with the world?  Do they think they will make friends over the long term?  Are they interested in making friends? Or are they obsessed with history? The history of the Boxers rebellion and the general weakness of the Qing dynasty until the dynasty came to an end in 1911.  The weakness of the Qing dynasty and teh early days of the republic caused all kinds of things to happen which the western governments took full advantage of.

So this stealing and taking is just payback? Yes in part. It is also a fulfillment of Confucius philosophy and his understanding of Tian (or heaven), specifically the fact that only the Chinese can be close to heaven.  It does not even have to be pure Confucius thought as long as the interpretation has been accepted by most people.  Including one of the 3 great Confucian  philosophers (Xunzi) that rejects that humans are innately good.

So if the Chinese thinking is completely different than yours that is because their books are written with different philosophies.

It actually does not matter the exact thinking the Chinese have, as we will not understand it anyway.  We should not try to find nuance in Confucian philosophy, all we need to do is understand that thinking is different and we have to modify our strategic thinking.

Look at the PLA  hierarchy:

and where the unit 61398 is in the hierarchy.

The main thing I see in this diagram is a dictator and his government structure. everything else is just a confirmation of his rule. Can an underling find a few words in Confucianism to say we can do XYZ? I am sure it can be found.

We have to ‘try’ to deny the freewheeling rip-off artists so that we can keep our IP(Intellectual Property) as long as possible.

Today it is health care information, tomorrow it will be whatever is the latest technology or service to be stolen. The Chinese do not have a judiciary equal with the Chinese Communist Party(CCP). The CCP is always going to run everything in China. There are no checks and balances, there is only full power by the person on top. This to me is the definition of dictatorship.

So if we have a complaint with them, there is no court that will adjudicate with them in a position of power, unless we have power as well (military or Cyber).

So what we need is our own Cyber power, defensive and offensive. That is my suggestion to fight back against China.

As it is we do nothing as you can plainly see in the news stories.

Contact me to discuss

First thing I think of (being of a certain age) when someone asks why: Why ask why? Answer: Try Bud Dry!(Silly old Budweiser commercial)

So why do we need to ask why? Because it would be good to know why we are consistently being attacked by this region of the world.  It is always good to know your opponent.

In this case _we are the people_ with computers, financial information, Intellectual property, health information, and really anything that can make money (Credit Cards, information that can be used against competitors).

So money is one motivator, but hackers have other motivations, just like Anonymous like Jeremy Hammond hacktivist received a 10 year sentence. As noted in this NYpost story.

“Some breaches in Hammond’s life had been a challenge. He’d search the code on websites he wanted to target, combing through the symbols and letters of computing languages for security flaws to exploit. He’d create user accounts on the sites, and then test for ways in. It could take months of trying, and sometimes he gave up.”

“He considered hacking a means of social justice, and he did it in secret while pursuing civil disobedience and protest in public, as well.”

So hacking can be a social justice act or even a kind of civil disobedience.

Now what if you had a state apparatus with the massive resources?

Hacker News article from 2015

There are some very interesting points in this article:

• Specialized military forces to fight the network — The unit designed to carry out defensive and offensive network attacks.
• Groups of experts from civil society organizations — The unit has number of specialists from civilian organizations – including the Ministry of State Security (its like China’s CIA), and the Ministry of Public Security (its like FBI) – who are authorized to conduct military leadership network operations.
• External entities — The unit sounds a lot like hacking-for-hire mercenaries and contains non-government entities (state-sponsored hackers) that can be organized and mobilized for network warfare operations.

“It means that the Chinese have discarded their fig leaf of quasi-plausible deniability,” McReynolds said. “As recently as 2013, official PLA [People’s Liberation Army] publications have issued blanket denials such as, ‘The Chinese military has never supported any hacker attack or hacking activities.’ They can’t make that claim anymore.“

The hackernews article got the information from “The Science of Military Strategy”(SMS) 2013 PLA document.

So the strategy of the Chinese is bare for all to see – they have hundreds or thousands of people in cyber warfare units.

The SMS authors also focus heavily on the central role of peacetime “network reconnaissance”—that is, the technical penetration and monitoring of an adversary’s networks—in developing the PLA’s ability to engage in wartime network operations. As the SMS puts it, since the technical principles underlying successful penetrations of an adversary’s systems are essentially the same whether the objective is reconnaissance or active disruption, at the appropriate moment “one need only press a button” to switch from reconnaissance to attack.

So now we have a stated goal of Chinese Cyber warfare units to run constant surveillance and prepare for eventual war or otherwise goals that will steal or destroy information.

This SMS ‘plan’ is in line with what China thinks of itself as New English Review article by Brandon Weichert mentions:  The concept of Tianxia the “All under the heavan”. boils down to

The choice made by all peoples to have only one political system that is the top of the world. they believe that just like in the Warring States Period the weaker competitor will give way to the more ideological and correct with the Chinese belief that the Chinese emperors possessed the mandate of heaven concept, all of the world had to pay tribute to the emperor as a symbol of his supremacy. Thus, going back to antiquity, the borders of China were fungible; always waiting for China to gain the strength needed to push to those farthest edges of the world map and bring barbarianism and chaos to civilized order.

In the narrative, China is the growing power and the US is in decline (status quo) , so the Chinese political and ideological purpose of reconnaissance  of the networks of the world. Until the systems are ready to be attacked in  the time of conflict (whenever it actually occurs).  The key with analyzing Chinese actions is to look at them from the eyes of an Asian viewpoint – not Western history examples( like Thucydides trap).

So the reason China is doing everything it can to steal our stuff is to  become a bigger power than us so that they can order us around. And because it was always meant to be that way. All old Chinese competitors were assimilated and folded into the Chinese ‘heaven umbrella’.

Remember  the mongols(Kublai Khan)? They actually conquered the Chinese 1279. But it ended in 1368:

“The Chinese always resented the foreigners and in the end revolted and drove them out. A Chinese orphan Hongwu, a peasant soldier who gave up banditry to become a Buddhist monk, led the revolt and founded the Ming dynasty in 1368.”

After that the results of the Mongol invasion has almost completely disappeared inside today’s China.

but the Mongols were always foreigners in Chinese eyes.”

Have you also noticed that all the previous kingdoms in the warring states period are all forgotten (except maybe in some movies).

there is a definite arrogance to the Chinese. As if the new upstart (USA) which only started in 1776 is such a young country and really does not belong in the top spot.  I.e. it is the impudent upstart which needs to be brought a peg or two down. And any method will do (stealing is ok).

If you think about it the “all under Heaven”  is a great motivator for young hackers in China trying to hack and steal all our IP (Intellectual Property).

Another point: The CCP (Chinese Communist Party) has complete control over major aspects of the country. There is no rule of law in China, only rule of CCP.  I.e. if CCP wants to take your property then it does.   As Drake Long discusses in his post  on the power and control of China. The CCP of which the general secretary runs the party and the President (Xi  Jinping) runs China, and Xi Jinping has complete control over China.

“China has no rule of law” says Drake.

Whatever the true Party leader says goes.

“Those observing the anti-corruption campaign could liken it to whack-a-mole: there is little changing of bureaucratic rules, instead it is a targeted campaign against high-profile politicians. This illustrates the absurdity of it all. China’s corruption is systemic, owing to the lack of legal constraints and judicial independence in its government.”

There is no accountability, all that has happened with Xi’s anti-corruption campaign is he has solidified his dictatorship.  So what happens in a dictatorship? There are mostly yes men (no women).  Everyone  else gets ‘dealt’ with.

What happens to foreign companies?

With little rule of law, they will be gobbled up inside China: “Now we are beginning to see the fruits of that relationship, which is an increasingly worrisome one. With little rule of law, foreign companies will see more of their partners unexpectedly gobbled up by Xi’s Communist Party.”

You can see where this is heading, since there is no rule of law inside China, each minister/bureaucrat can do anything they want as long as it is under the aegis of Xi’s goals. This means stealing money and information is a go. In fact it is a state-sponsored activity.

We better learn to prepare ourselves and our companies to defend against the cyberwar already being fought on the Internet.