cageymaru

Fully [H]
Joined
Apr 10, 2003
Messages
22,062
The Wall Street Journal is reporting that the U.S. Navy and Air Force are the focus of new cyberattacks as the hackers search the computer systems of contractors to find classified advanced military technology. A Chinese hacking group known as Temp.Periscope or Leviathan is using email phishing schemes to break into the computer networks of Navy contractors and subcontractors. Plans to build a supersonic anti-ship missile were stolen in June. Large and small contractors are affected, but the smaller contractors can't afford to secure their systems.

A U.S. cybersecurity firm called FireEye has closely tracked the Leviathan group and says that they are the most prolific Chinese hacking group since they reformed in the middle of 2017. Other Chinese hacking groups have been accused of the Marriott International data breach. China has seemingly abandoned the 2015 accord to refrain from economic espionage and hacking activities.

Though most of the hacking involves the theft of secrets, Navy officials say China also wants to demonstrate it can pose a different kind of threat even if it is unable to engage the U.S. military ship-to-ship or airplane-to-airplane. "They are looking for our weak underbelly," said one defense official. "An asymmetric way to engage the United States without ever having to fire a round."
 
Lots of China in the "news", glad the bureau of Alternate Facts and Propaganda has the Sycophant Wire doing their patriotic duty as good citizens.
 
Lots of China in the "news", glad the bureau of Alternate Facts and Propaganda has the Sycophant Wire doing their patriotic duty as good citizens.

Can you cite anything that indicates that this is not happening? That adversaries of the USA would not be doing this? :rolleyes:

This is orthogonal to our own fucked up internal political situation.
 
mshckd.gif
 
In other news - USA hackers are targeting Russian military contractors, Russian hackers are targeting Chinese military contractors and all of them are targeting European military contractors.
Slow news day?
 
Air gap your damn networks.

I have no idea how they manage to steal anything important. I work in both Secret and TS/SCI level facilities and there is no way anyone hacks into those because they are not exposed to the outside internet anywhere. Contractors are totally screwing up to the point where they should lose access to classified material if actual plans and engineering documents are stored on unclassified systems. Security violations and training are taken very seriously where I work as they should be everywhere.

By the way US government accreditation is a very serious process even for Secret level labs and especially for TS/SCI where the real important stuff is stored.
 
I have no idea how they manage to steal anything important. I work in both Secret and TS/SCI level facilities and there is no way anyone hacks into those because they are not exposed to the outside internet anywhere. Contractors are totally screwing up to the point where they should lose access to classified material if actual plans and engineering documents are stored on unclassified systems. Security violations and training are taken very seriously where I work as they should be everywhere.

By the way US government accreditation is a very serious process even for Secret level labs and especially for TS/SCI where the real important stuff is stored.


This.

Anything that important should not be stored on any system that has access to the internet.

Maybe the stolen files where on someone's email server setup in a bathroom somewhere :rolleyes:

I do remember many years ago, when I worked for a company that sold servers to some of the aerospace companies that used to be here in Southern California.

I got a call from one of the IT people at a company because he need to buy a new CPU for the server. I tried explaining that the vendor only sold extra CPU's on the CPU card, and that you would need to buy the entire card if you wanted to upgrade to dual CPU's (this was back the early 486 days). He told me he just needed the CPU because someone had stolen it out of the server. :eek:
This was in a secure area, and they where trying to get the CPU replaced quickly before anyone else found out it had been stolen. (it could have affected their government contracts).
Anyway, we quickly provided them with a replacement CPU.

A couple weeks later, he called again and wanted to buy the CPU and the CPU card. I asked them if they needed to upgrade the server software to support dual CPU's and he told me no, someone had stolen the CPU and the card this time. :nailbiting:

So much for a secure area.
 
I have no idea how they manage to steal anything important. I work in both Secret and TS/SCI level facilities and there is no way anyone hacks into those because they are not exposed to the outside internet anywhere. Contractors are totally screwing up to the point where they should lose access to classified material if actual plans and engineering documents are stored on unclassified systems. Security violations and training are taken very seriously where I work as they should be everywhere.

By the way US government accreditation is a very serious process even for Secret level labs and especially for TS/SCI where the real important stuff is stored.

Exactly-I used to work for a cleared contractor in my previous position and your supposed to have yearly inspections by the government to check your security posture and whatnot.

The upside is the USG is taking this very seriously-I've seen things (most likely related to this) that government going to try and make sure this isn't going let this happen again. Lots of changes and improvements coming down that will hopefully plug the holes

The overall problem is that this stuff costs alot of money and its hard to find good/trained people to have this setup properly. Some of the requirements are mind boggling if they implemented (not completely related-but supply chain management is a HUGE one that is going to be a giant PIA)

If you work in the IT field and deal with stupid users, just add on people who have clearances and do stupid things with classified data-which is the primary reason I got out of it-it was keeping me up at night. Now I just make sure government items are locked down using the RMF Process.
 
geez, they already loss aircraft plans yearsss ago ( hence why the Chinese have stealth planes) . Now they lose naval plans?

these contractors should be fined Billions and the execs locked up for mishandling classified info.
 
I have no idea how they manage to steal anything important. I work in both Secret and TS/SCI level facilities and there is no way anyone hacks into those because they are not exposed to the outside internet anywhere. Contractors are totally screwing up to the point where they should lose access to classified material if actual plans and engineering documents are stored on unclassified systems. Security violations and training are taken very seriously where I work as they should be everywhere.

By the way US government accreditation is a very serious process even for Secret level labs and especially for TS/SCI where the real important stuff is stored.

Social engineering, and not all of those systems are isolated as you think.
 
Social engineering, and not all of those systems are isolated as you think.

Given the accreditation process for having a TS network and its associated costs...trust me they are. Like I said before, there is a dedicated government agency to enforcing this (which of course is undermanned/under trained to a point-but that is changing hopefully) and companies should be training their employees about social engineering/phishing attempts.

To me, this sounds like people where mishandling the data or had an insider threat.
 
Bingo. Whoever believes the size of a company is an indicator of the ability to secure its systems is an idiot.

It is-They don't have the same resources as a bigger company aka $$$. I saw this first hand at the company I worked at.

This is just an example-We had equipment that was 30 plus years old for testing parts we made. If it broke, it cost roughly what a good used car goes for to fix it, but to buy a brand new part would cost roughly the cost of a new car. Multiply this by 10-20 or even 300-500 units..well gets very expensive. Our capex budget was shit because they did everything as cheap as possible because we where more or less a boutique type shop that was part of a bigger organization. Our bigger facilities had the same equipment-though they where different companies (we where an amalgamation of different companies through the US bought up by another company)
 
Last edited:
It is-They don't have the same resources as a bigger company aka $$$. I saw this first hand at the company I worked at.

That is bullshit. It does not take any more money to secure a network than it does to leave one open. You just have to be smarter about it. I have secured many small networks and have seen Fortune 500 company networks that were wide open to anything and everything.

It is not about the money. It is about the people managing it all.
 
That is bullshit. It does not take any more money to secure a network than it does to leave one open. You just have to be smarter about it. I have secured many small networks and have seen Fortune 500 company networks that were wide open to anything and everything.

It is not about the money. It is about the people managing it all.

You never obviously worked with a SIPR connection (secure/secret network from the DOD)-its huge money to support a network connection (leasing secure T1 line from the government,etc) the cost is in the 100's of thousand of dollars with manpower costs and what not.

Then finding people or even managers that are competent enough to run it is another issue.

Even on the regular public facing network companies don't want to spend the $$$ on phshing training, securing FOUO emails, etc...because the profit margins can't support it.

There are reasons why companies charge stupid money on for DOD items-because they can't make $$ on making 50 special coffee pots that where last made in the 1980s and the tooling hasn't been used since then.
 
Lots of China in the "news", glad the bureau of Alternate Facts and Propaganda has the Sycophant Wire doing their patriotic duty as good citizens.

That's because the Chinese are not our friends. The sooner we realize this and find alternative sources for goods produced there, the better off we'll be. Cripple their economy before they cripple ours.
 
"but the smaller contractors can't afford to secure their systems."

Bullshit.

Agreed. Bet most of the smaller contractors didn't even have a properly configured firewall, updated malware detection software, current OS security patches and still had admin level access on workstations for basic users.

Scary how many breech stories mention the victim listing these steps in their remediation documentation.
 
"but the smaller contractors can't afford to secure their systems."

Bullshit.
yeah if that's the case then they should not be given military contracts, period.

I mean seriously how hard is for the US gov't to have a requirement that they actually be able to protect their shit? I mean they make them sign NDAs so they don't talk about it, but also some sort of requirement not to have sensitive data accessable remotely won't exactly cost too much.
 
Too bad we cant bring back the Iowa class battleships, Mark 7 16in 50 caliber guns and analog targeting computers. Nothing to hack there!

One component of the analog Mark 37 gun fire control system, old but deadly accurate.

View attachment 127553

Iowa class was only accurate to 1/4 mile... but I guess when you have 9x 1 ton projetiles you’ll wipe out everything anyways.

Modern naval warfare a BB would get mauled.

I am an electrical engineer with a controls background and I personally don’t care for how connected people try to make everything.
 
Iowa class was only accurate to 1/4 mile... but I guess when you have 9x 1 ton projetiles you’ll wipe out everything anyways.

Modern naval warfare a BB would get mauled.

I am an electrical engineer with a controls background and I personally don’t care for how connected people try to make everything.

I don't know how they would do in today's Navy, but the Iowa's performed very well during the first Gulf War despite all of the anti-battleship critics. As for mauled, yeah sure if they are by themselves and not in a battlegroup with aircraft support from a carrier. That was proven with what happened to HMS Prince of Wales and HMS Repulse. The Iowas were fast battleships and designed to escort the new Essex class carriers, not be on their own. The Iowas were also modernized with the latest in air defenses systems (Phalanx CIWS and Stinger missiles), and also given Tomahawk cruise missiles and anti-ship Harpoon missiles not to mention the 16 inch and 5 inch guns. Include up to 19 inches of the USA version of Krupp cemented armor and Homogeneous armor and you have one forminible ship. Ships today are thin skinned and can't take a hit , where a battleships armored citadel is designed to take massive amounts of punishment. I think people are too quick to discount them in a fight.
 
You never obviously worked with a SIPR connection (secure/secret network from the DOD)-its huge money to support a network connection (leasing secure T1 line from the government,etc) the cost is in the 100's of thousand of dollars with manpower costs and what not.

Then finding people or even managers that are competent enough to run it is another issue.

Even on the regular public facing network companies don't want to spend the $$$ on phshing training, securing FOUO emails, etc...because the profit margins can't support it.

There are reasons why companies charge stupid money on for DOD items-because they can't make $$ on making 50 special coffee pots that where last made in the 1980s and the tooling hasn't been used since then.

You jump to some wild conclusions based on some idea of what you think it takes to secure a network.

If you do not know how to secure a small business network, without spending a butt load of cash, that is your short coming. Not mine. Maybe you do know, but chose the most elaborate expample you could to demonstrate why small companies struggle to secure their network. If that were the only option, I would concur with you, but it is not the only option. Hell, most government installations have some of the worst security practices I have ever seen. So much so, I refuse to work them.

This much I kinow about small businesses. It is much, much easier to train them than a large corporation is. I have done both. I like working with small businesses as they tend to be able to turn on a dime and they provide a challenge that you have to solve without a lot of cash on hand. It is quite solvable, but you have to think outside the box. None of my customers have suffered a breech, yet (20+ years, so far). Always have put that "yet" in there because hackers are always working against you and Windows updates do not help matters, some times.

I do spend a lot of my time reading, studying, and watching how networks are broken into and coming up with alternative methods to prevent it. It is quite the challenge.
 
Last edited:
It is-They don't have the same resources as a bigger company aka $$$. I saw this first hand at the company I worked at.

This is just an example-We had equipment that was 30 plus years old for testing parts we made. If it broke, it cost roughly what a good used car goes for to fix it, but to buy a brand new part would cost roughly the cost of a new car. Multiply this by 10-20 or even 300-500 units..well gets very expensive. Our capex budget was shit because they did everything as cheap as possible because we where more or less a boutique type shop that was part of a bigger organization. Our bigger facilities had the same equipment-though they where different companies (we where an amalgamation of different companies through the US bought up by another company)

I agree to a point. Hard to secure laptops and equipment still running Windows ME, XP, NT, etc.. That being said... If a contracting company can't afford to employ SECURE systems / equipment then WHY FFS are they being selected to work in DoD / Gov facilities in the first place.

ALSO.... Doesn't matter what your security posture is if you have serious issues in securing your humans.
 
You never obviously worked with a SIPR connection (secure/secret network from the DOD)-its huge money to support a network connection (leasing secure T1 line from the government,etc) the cost is in the 100's of thousand of dollars with manpower costs and what not.

Then finding people or even managers that are competent enough to run it is another issue.

Even on the regular public facing network companies don't want to spend the $$$ on phshing training, securing FOUO emails, etc...because the profit margins can't support it.

There are reasons why companies charge stupid money on for DOD items-because they can't make $$ on making 50 special coffee pots that where last made in the 1980s and the tooling hasn't been used since then.
I work as a contractor and I can say in my environment the contractor size and budget has a big fat 0 to do with the level of security the network or device has. Why? Because anything on the government network is government property and therefore subsidized by government money. The contractors are not responsible nor should they ever be on actual government equipment and governemnt network.
 
Meh, just release/leak fake documents, it's called counter intelligence, when they figure it out, they can look like morons, and you can tie them directly to the Chinese government, then just oversaturate their backbone once proven till a takes a day to load a webpage.
 
Too bad we cant bring back the Iowa class battleships, Mark 7 16in 50 caliber guns and analog targeting computers. Nothing to hack there!

One component of the analog Mark 37 gun fire control system, old but deadly accurate.

View attachment 127553

Even worse USS New Jersey mechanical analog computer and an outdated digital system from the 80's that needs a complete rebuild as it was corrupted and hardly anybody can make heads or tails of the system, due to security level and apparently few being alive that worked on the original project, NASA is apparently in the same shape alot was stored on microfilm that ended up being improperly stored and ended up getting away and degrading to the point it can no longer be viewed....
 
I work as a contractor and I can say in my environment the contractor size and budget has a big fat 0 to do with the level of security the network or device has. Why? Because anything on the government network is government property and therefore subsidized by government money. The contractors are not responsible nor should they ever be on actual government equipment and governemnt network.

Seriously? I did this for a living as an FSO/ISSM. The contractor is on the hook for setting up classified networks/computers to process data that the goverement provides to them to make equipment for them.

For example-you have a piece of test equipment running an OS that is attached to a classifed network (for easier patching/updating of it and other systems)-that comes all out of pocket of the contractor-which may or may not have that baked into the cost of the contract. Most likely not, because the company is trying to max its profit margin.

You may need a SIPR connection to talk to two different locations-you have to pay the goverement for the T1 connection that is monitored by them to connect those two sites together. The goverement doesn't subsitize that cost at all...I belong to a mailing group and when this question comes up on it, the general consensis that its a black hole you throw money into and if you really don't need to, don't do it.
 
Seriously? I did this for a living as an FSO/ISSM. The contractor is on the hook for setting up classified networks/computers to process data that the goverement provides to them to make equipment for them.

For example-you have a piece of test equipment running an OS that is attached to a classifed network (for easier patching/updating of it and other systems)-that comes all out of pocket of the contractor-which may or may not have that baked into the cost of the contract. Most likely not, because the company is trying to max its profit margin.

You may need a SIPR connection to talk to two different locations-you have to pay the goverement for the T1 connection that is monitored by them to connect those two sites together. The goverement doesn't subsitize that cost at all...I belong to a mailing group and when this question comes up on it, the general consensis that its a black hole you throw money into and if you really don't need to, don't do it.
I work on the medical IT side and absolutely every device and piece of hardware or software is purchased or owned by the government. If it's not a government furnished asset, it's not able to connect to the government network. This is all on just the NIPR network.

I believe since the environment I work in is medical and therefore contains PII/PHI, the standards are much higher.
 
hmmm ... Chinese group called Leviathan

Leviathan: biblical symbol for Satan ("he is a king over all the children of pride.")
 
Can you cite anything that indicates that this is not happening? That adversaries of the USA would not be doing this? :rolleyes:

This is orthogonal to our own fucked up internal political situation.

I take him about as seriously as I take the KKK.

The PRC has a history of stealing anything they can for the US such as from aerospace companies. Stealing is embedded in Chinese culture.
 
I work on the medical IT side and absolutely every device and piece of hardware or software is purchased or owned by the government. If it's not a government furnished asset, it's not able to connect to the government network. This is all on just the NIPR network.

I believe since the environment I work in is medical and therefore contains PII/PHI, the standards are much higher.

No, sounds like your working as as CSS (contractor service support) support directly for the DOD. I'm currently doing the same thing for the Navy.

However, the thing is your missing is that there are cleared contractors that have access to classifed data that is completely unrelated to that. My old position was working for one of those companies. We had classified LANs setup to support classifed contracts we had. This is where you can start having problems with some companies-and thus the subject of the article. There is a branch of the goverement called the Defence Security Service that is supposed to be the watchdog for these companies and help companies protect this information. There are alot of on going changes with them, because of this threat. This was one of the reasons I left my old positon-what they wanted to do and going by what my company was capaible of doing-I decided the headache wasn't worth it. The changes are for the better, but given the state of most of the DOD related companies that aren't the major players like General Dynamics, Lockheed-Martin and so on, the smaller mom and pop operations are going to have siginificant headwinds they are going to run into without some help from the goverement in the form of some extra $$$.
 
Back
Top