From jdyson@treachery.net Wed Apr 25 16:35:02 2001 From: "Jay D. Dyson" X-Sender: jdyson@crypto To: Jericho Date: Wed, 25 Apr 2001 15:00:10 -0700 (PDT) Subject: Blah. -----BEGIN PGP SIGNED MESSAGE----- Don't forward this. Thought you'd find it interesting. Looks like NASIRC's fallen for the hype, too. Sheesh. - ---------- Forwarded message ---------- Date: Wed, 25 Apr 2001 15:56:28 -0400 (EDT) From: NASIRC Reply-To: System Administrators To: System Administrators Subject: (N/A N/A) China Warns Of Hack Attack Planned For May 1 - 7 [NASIRC B-01-64] - -----BEGIN PGP SIGNED MESSAGE----- ====================================================================== NASA Incident Response Center ====================================================================== This bulletin reports a recently announced security vulnerability. It may contain a workaround or software patch. Bulletins should be considered urgent as vulnerability information is likely to be widely known by the time a patch is issued or other solutions are developed. An HTML version of this bulletin can be found on the NASIRC Web Site, see http://www-nasirc.nasa.gov/nasa/whats_new.html NASIRC BULLETIN B-01-64 15:53 April 25, 2001 Priority: Medium Vendor: N/A Platform: N/A China Warns Of Hack Attack Planned For May 1 - 7 DECRIPTION NASIRC has received several news articles stating that China will launch an hack attack during the first week of May. While China and the United States attempt to peacefully resolve their diplomatic standoff over the mid-air collision between a U.S. Navy surveillance plane and a Chinese fighter jet, crackers from both countries have began to wage their own private wars on the Internet. WASHINGTON TIMES NEWS ARTICLE AS PUBLISHED Washington Times April 23, 2001 Pg. 1 China Warns Of Coming Hack Attack Retaliatory assault on U.S. computers planned for May SAN FRANCISCO (Agence France-Presse) - Computer-savvy citizens of both China and the United States have begun their own war on the Internet as relations between the two powers continue to deteriorate. American hackers are urging each other to break into Web sites hosted in China, and they say that U.S. hackers have already penetrated hundreds of Chinese Web sites. Chinese hackers are vowing to retaliate with a weeklong attack on U.S.-based Web sites and computer networks, starting May 1. Security experts warn that these attacks could affect government systems and that outside of government all Web site owners and network administrators should ensure their networks are well-protected. "These guys don't care who you are. They are just interested in how many sites they can hit. Basically, they are just out there collecting scalps," said "Taltos," a security consultant and hacker from Hungary who has been closely following the underground online discussions on the Chinese-U.S. hack attacks. Messages posted on some of the underground Internet chat rooms indicate that U.S. hackers plan to continue the blitz they have dubbed the "ChinaKiller." And on the Chinese side, "Many people here are frustrated with America. We want to tell you what we think is wrong, but our government is too polite. So we will say it on everyone's Internet," wrote Jia En Zhu, a 22-year-old hacker who lives in Zhongguancun, a Beijing suburb, in one of the many messages posted on the Internet. The Chinese hack attack is planned for May 1 to 7, peaking on May 4, a Chinese holiday commemorating a demonstration, which occurred in Tiananmen Square 82 years ago, Mr. Zhu said. China's people have had access to the Internet only since 1997, but the country's computer programmers and Web surfers have been quick to use it for political points. The Internet has been a channel for attacks, apparently by Chinese hackers, on U.S. government sites in response to the May 1999 bombing of the Chinese Embassy in Belgrade and for releasing viruses that destroyed data on Taiwanese university servers. Taltos said he wouldn't be surprised to see some new and nasty computer viruses making the rounds of the Internet during the first week of May. He said: "If this cyberwar goes forward as planned, many Internet users will be caught in the cross fire." LINKS TO RELATED INFO http://www.wired.com/news/politics/0,1283,43134,00.html http://www.wired.com/news/politics/0,1283,42982,00.html CREDIT Washingtom Times WiredNews BULLETIN AUTHOR: Jacob Whiting ====================================================================== For issues concerning computer security incidents, please contact your Center IT Security manager. DO NOT REDISTRIBUTE BEYOND THE NASA and NASA CONTRACTUAL SUPPORT COMMUNITIES UNLESS NASA GRANTS EXPRESS PERMISSION TO REDISTRIBUTE. The NASA and NASA contractual support communities include individuals within the NASA community or operating in support of a NASA contract, grant, inter-agency agreement, or international aerospace agreement. Questions regarding this Bulletin or requests for permission to redistribute should be directed to NASIRC using one of the methods listed below: Telephone: 1-800-7-NASIRC (1-800-762-7472) FAX: 1-301-286-7483 International: +1-301-286-7777 STU III: 1-301-286-6909 Internet E-Mail: nasirc@nasirc.nasa.gov Off-Hours Support: 1) Call 1-800-NEXGRAM (1-800-639-4726) 2) An operator will answer your call 24x7 and ask for the name or cell phone number you are trying to reach 3) The group code name is "NASIRC" and the PIN # is 762-747-2000 4) You may leave a detailed message or simply a phone number for NASIRC to contact you WWW: http://www-nasirc.nasa.gov/ FTP: ftp-nasirc.nasa.gov, login "anonymous" -or- ftp://ftp-nasirc.nasa.gov/ Anyone requiring assistance or wishing to report a security incident but not operating in support of NASA may contact the Forum of Incident Response and Security Teams (FIRST), an international organization of incident response teams, to determine the appropriate team. A list of FIRST member organizations and their constituencies may be obtained at http://www.first.org/team-info/. - -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: http://www-nasirc.nasa.gov/Nasirc_PGP_key.html iQEVAwUBOucrtDw6kgV61e7JAQEuRwf/ZY1IAUpRgMlEtj5xhOvzr0RRXxIXY7P8 8FWeZqIW8RLCu1YztEd14v42liZAyvSUJ0EImrPq/scb3AcN64YyDWCMpKbwjXny DpJIkHc5hhRbHMzjBulo3pXOm/lUl4Xf4+efXxM55bmdzc5xzWgY4BNsryid0Qsz S18VXa28eagId/Xh0qhfpU0ppBYcdx0zyQoHMbGDltVx4Vj53GjQdjQ6vkE2MshK u0wgSOef6IIGmYlRNrnEokbUJrfOhVjW/DK5K6QDpsjI8W+gqPj651IZ7WD213rp RpTQJtN1HhfzvwrvgGnnDIlgDzKdTCQlAYuklAiP+6N/fAaB53FrnQ== =lYdY - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: See http://www.treachery.net/~jdyson/ for current keys. iQCVAwUBOuc3gNCClfiU/BIVAQEpHwQAlEcQL+XVN3bzCoeMxPkO8WARLVJ/SuNp WelX19L7Dk5gXhmOW0E2JDZIDxSZuzRWEUuaG/B3CX9J7RyUoR70mLHZJiE1Qu/p GWGsqMlWLSEki9QpJGZpI2aQM5Ng6i2EaptCspwCoLNttEJITyxvGkUvL6a6EVvr VsiGXnX9dec= =AHot -----END PGP SIGNATURE-----