IP addresses are NOT logged in this forum so there's no point asking. Please note that this forum is full of homophobes, racists, lunatics, schizophrenics & absolute nut jobs with a smattering of geniuses, Chinese chauvinists, Moderate Muslims and last but not least a couple of "know-it-alls" constantly sprouting their dubious wisdom. If you believe that content generated by unsavory characters might cause you offense PLEASE LEAVE NOW! Sammyboy Admin and Staff are not responsible for your hurt feelings should you choose to read any of the content here. The OTHER forum is HERE so please stop asking.
Some security products used by Jiangsu's public security arms have been controlled by devices with foreign internet protocol addresses. Photo: Reuters
A major supplier of surveillance cameras to mainland police confirmed on the weekend that vulnerabilities in its networks exposed clients to cyberattacks from overseas.
The confirmation came after public security officials in Jiangsu issued urgent security alerts to its departments.
Hikvision, based in Hangzhou, confirmed on its microblog that some of its products were at risk of attack from abroad, backing up a statement by the Jiangsu Provincial Public Security Bureau on Friday.
Listed on the Shenzhen Stock Exchange, Hikvision is the biggest supplier of surveillance products and services on the mainland by market value.
The National Business Daily reported in December that the company was preparing to list in Hong Kong to raise HK$354 million.
Hikvision has contracts with mainland public security agencies as well as international conferences such as November's Asia-Pacific Economic Cooperation meeting in Beijing and the Boao Forum in Hainan .
A copy of an announcement labelled "urgent" by the Jiangsu provincial public security bureau circulated widely online on Friday, instructing all departments to scrutinise any Hikvision products they were using.
The notice came after the provincial Internet Emergency Coordination Centre detected "severe security risks" in the products, claiming that some of them "had already been controlled by [devices with] foreign internet protocol addresses".
Multiple sources from the bureau confirmed to online news outlet Thepaper.cn on Friday that the document circulating online was authentic.
Hikvision issued a "clarification" early on Saturday confirming that the internet security watchdog had detected online attacks against their products.
Clients had exposed themselves to the attacks because they had used weak passwords or failed to reset default passwords, it said.
The company said that in theory, any devices linked to the internet were at risk of hacking attacks.
"Once hackers break the password, they can introduce a computer virus to the device and turn it into a source of infection."
The company said yesterday it would send technicians to help police in Jiangsu inspect all of its products and make any updates that were necessary.
Founded in 2001, Hikvision has branches and subsidiaries in 35 Chinese cities including Hong Kong, and more than a dozen countries including the US and Britain, its website says.
The Project Honey Train model railway gets set up. Photo: AFP
Somewhere on Earth, a computer hacker types a malicious command and hits enter. Half a world away, an urban commuter train speeds out of control, derails and crashes into a building.
Happily the kind of scenario that makes for Hollywood blockbusters and keeps public security officials awake at night would, in this case, only damage a model train set at a German information technology fair.
Internet security experts have set up 'Project Honey Train' with an online railway control system as bait, hoping to "get inside the heads of cybercriminals" - but without the real-life casualties.
"The goal is to provide an environment where we can study how people may try to attack public infrastructure projects where they could put public safety at risk," said Chester Wisniewski, of British security company Sophos.
"I suspect this is a pretty good copy of some of the worst of public security that we see in real life ... systems that were designed in a simpler time when people weren't trying to attack them, which is what makes them vulnerable."
Their miniature rail system at the CeBIT IT business fair in Hanover is built on a scale of 1:87 and set in a fictitious German city, with street names chosen from the board game Monopoly.
To an online attacker it's all meant to look real, with original software components and inbuilt flaws which are advertised in known hackers' chat rooms.
Online users have long been exposed to risks from ID theft, "phishing" and scams by mafia groups, to mass data collection by social media giants and snooping by secret services.
But some fear we haven't seen the worst of it yet, in an age when urban transport systems, chemical plants and power stations are considered potentially vulnerable to digital sabotage.
"I'm surprised that not more has happened already," said Christoph Meinel, head of German IT university the Hasso Plattner Institute.
"It's urgent to do something. Some say 'Don't worry, it won't happen', but once someone has done it successfully, you can quickly expect to see copycats."
A real-life example is the computer worm Stuxnet, which was used to clandestinely attack Iran's nuclear programme in 2010 by ordering centrifuges to speed up and spin out of control until they ripped apart.
In his 2012 novel Blackout, Mark Elsberg describes how hackers attack European power grids, sparking the collapse of transport, communication and food distribution and even triggering a nuclear meltdown.
Marco di Filippo, of Sophos, said he considers the book's premise "very valid".
"The greatest vulnerability is that automation now speaks TCP/IP and has ended up online, unprotected," he said, referring to the communication standard Transmission Control Protocol/Internet Protocol.
"This includes everything, be it power grids, power stations, wind farms, dams but also traffic management systems."
China’s Communist Party oversees a vast censorship system, dubbed the Great Firewall, that aggressively blocks sites or snuffs out internet and TV content on sensitive topics. Photo: Reuters
The Chinese activist group GreatFire, which operates websites that circumvent the country’s censorship, said its online service has come under attack in an effort to shut it down.
“We are under attack and we need help,” the group said in a blog post on Thursday, claiming it has been hit by a barrage of automated requests known as a distributed denial of service (DDoS) attack.
“This tactic is used to bring down Web pages by flooding them with lots of requests - at the time of writing they number 2.6 billion requests per hour. Websites are not equipped to handle that kind of volume so they usually ‘break’ and go offline.”
GreatFire allows residents of China to circumvent the so-called “Great Firewall” that censors much content from the West, by providing “mirror” websites of those which are blocked by censors.
The blog said the attack appears to be in retaliation for a Wall Street Journal article this week which explained methods to access censored websites.
“This attack affects all of our mirror websites,” the blog said.
“While we have talked openly about our method of using collateral freedom to unblock websites and mobile apps that have been blocked by the Chinese authorities, the WSJ story clearly stated how the strategy works and how it is being used successfully to deliver uncensored content into China. Blocked websites that we have liberated in China include Boxun, Deutsche Welle and Google.”
GreatFire said the increased data requests could lead to costs of up to US$30,000 per day. It was seeking contributions to upgrade its servers to stave off the attacks and asking supporters to contact the hosting service, Amazon, to waive the extra costs.
“We’ve upgraded to faster servers and used other techniques to manage the load and it’s working for now but we fear that the attack may be intensified at any time.”
The news coincided with the apparent blocking of Reuters news websites in China, the latest Western news organisation to face the issue.
Reuters said its sites in both English and Chinese were inaccessible in China on Friday, joining those of Bloomberg News, The New York Times and the Wall Street Journal.
China’s Communist Party oversees a vast censorship system, dubbed the Great Firewall, that aggressively blocks sites or snuffs out internet and TV content and commentary on topics considered sensitive, such as Beijing’s human rights record and criticisms of the government.
Popular social network sites such as Facebook and Twitter are inaccessible in the country, as is YouTube.
China's second-biggest state-owned news agency went down for an hour Wednesday night due to a hacking attack. Photo: Reuters
One of China’s biggest news agencies was hacked for over an hour on Wednesday night in what may have been a clumsy attempt to extort money from the state-owned media outlet, local media on the Chinese mainland reported on Thursday.
Chinanews.cn, the official website of China’s No. 2 state-owned news agency after Xinhua, went down at around 11pm but had brought some of its services back online by midnight, the Beijing Times reported on its official microblog.
As of late Thursday afternoon, no one had come forward to claim responsibility for the attack and the agency's online services were still disrupted with formatting problems still plaguing its home page and sub-channels.
This is just the latest incident highlighting how companies and organisations in mainland China and Hong Kong are ill-prepared to deal with cyber security risks.
However, some of the cases are less opaque in a country famous for its lack of transparency.
Ctrip, China’s biggest online travel agent, faced a 12-hour breakdown in service on May 28 that the company initially blamed on hackers, but later changed tack and described as the result of an error by one of its members of staff.
Chinanews.cn offered no further information about the incident. Most mainland media also did not report it.
“We are trying our best to get back to being fully operational,” an editor at the news agency told the South China Morning Post.
“We have nothing to release at this moment about the hacking attack,” added the man, who declined to give his name.
According to a screenshot offered by the Beijing Times, those responsible for the attack left a one-sentence message on the agency’s home page giving the number of a bank account at the Industrial and Commercial Bank of China.
It vowed to right the wrong only after an unspecified amount of money had been remitted to the account.
By way of a calling card, the attacker left their ID number on Tencent QQ, an instant messaging service that is hugely popular in China.
Hacking has become more of a concern in recent years after a slew of high-profile cases such as North Korea’s suspected hacking of Sony Pictures in December, which led to the dismissal of some of its top executives, and an attack on eBay early last year that resulted in the theft of the personal information of over 145 million of its users.
The number of detected cyber attacks worldwide rose 48 per cent on-year in 2014, according to a recent PricewaterhouseCoopers report. It is expected to keep rising at a similar rate this year. Over 100,000 attacks currently take place every day, PwC said.
A recent poll of over 1,400 public and private companies worldwide by insurance firm Aon found that cyber risks emerged as a "major concern" for the first time, according to its Global Risk Management Survey.
A foreign entity or government was believed to be behind the cyber intrusion, according to a US law enforcement source. Photo: AFP
Hackers breached the computers of the US government agency that collects personnel information for federal workers in a massive cyber attack that compromised the data of about 4 million current and former employees, US officials said on Thursday.
A US law enforcement source told Reuters a foreign entity or government was believed to be behind the cyber intrusion against the Office of Personnel Management (OPM), and media reports said authorities suspected it originated in China.
The Federal Bureau of Investigation said it had launched a probe and would hold the culprits accountable.
OPM detected new malicious activity affecting its information systems in April and the Department of Homeland Security said it concluded at the beginning of May that the agency’s data had been compromised.
The breach affected OPM’s IT systems and its data stored at the Department of the Interior’s data centre, which is a shared service centre for federal agencies, a DHS official said on condition of anonymity. The official would not comment on whether other agencies’ data had been affected.
OPM had previously been the victim of another cyberattack, as have various federal government computer systems at the State Department, the US Postal Service and the White House.
“The FBI is working with our interagency partners to investigate this matter,” the bureau said in a statement. “We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace.”
A law-enforcement official, speaking on condition of anonmity, said the cyber attack was believed to have been launched from outside the United States, but would neither confirm nor deny that it had originated in China.
The US government has long raised concerns about cyber spying and theft emanating from China and has urged Beijing to do more to curb the problem. China has denied US accusations.
There was no immediate comment from the White House on the latest cyber attack.
Since the intrusion, OPM said it had implemented additional security precautions for its networks. It said it would notify the 4 million people affected and offer credit monitoring and identity theft services to the people affected.
“The last few months have seen a series of massive data breaches that have affected millions of Americans,” US Rep. Adam Schiff, the ranking Democrat on the House Permanent Select Committee on Intelligence, said in a statement.
But he called the latest intrusion “among the most shocking because Americans may expect that federal computer networks are maintained with state of the art defences.”
“It’s clear that a substantial improvement in our cyber databases and defences is perilously overdue,” Schiff added.
Leaked NSA slides: Chinese hackers have been wreaking havoc on corporate America
By Yoni Heisler on Jul 31, 2015 at 10:15 PM
NBC News this week obtained leaked slides from a February 2014 NSA presentation which highlight in specific detail the extent to which China has successfully hacked U.S. corporations and individuals.
As indicated by the map above, each red dot represents a unique “successful Chinese attempt to steal corporate and military secrets and data about America’s critical infrastructure, particularly the electrical power and telecommunications and internet backbone.” All told, there were nearly 700 successful hacking attempts on U.S. targets over the last five years.
Not surprisingly, the clusters of red congregate mostly in California and in the DC and Maryland area. Interestingly, North Dakota is the only state that wasnt’ (successfully) targeted by any attacks.
As for the type of information the aforementioned hacking incidents yielded, the report indicates that Chinese hackers were able to make off with data as varied as pharmaceutical products to details surrounding both U.S. military and civilian air traffic control systems.
The report further adds that the map above was originally prepared as part of a larger briefing by the NSA Threat Operations Center. During said briefing, officials reportedly indicated that China has a particular interest in keeping tabs on Google and “defense contractors like Lockheed Martin, and in air traffic control systems.”