SecurityMaverick.com

A logical alternative theory of who targeted Iran:

In 2008, China decided to assist the IAEA inspectors after it learned that Iran was in possession of blueprints to shape uranium metal into warheads, according to this article in The Telegraph. That same article discloses that Chinese designs for centerfuges were discovered in Iran, supplied via Pakistan’s AQ Khan.

On April 13, 2010, Beijing reiterated its opposition to Iran’s goal to develop nuclear weapons capabilities while stating that sanctions against Iran would be counter-productive. In other words, the PRC wanted to support its third largest supplier of oil (after Saudi Arabia and Angola) while at the same time seeking ways to get Iran to stop its uranium fuel enrichment program. What better way to accomplish that goal than by covertly creating a virus that will sabotage Natanz’ centerfuges in a way that simulates mechanical failure while overtly supporting the Iranian government by opposing sanctions pushed by the U.S. It’s both simple and elegant.

Bottom line: we’ll never know unless someone comes forward.

Popularity: 46% [?]

The New York Times ran a story on how China is under constant security attacks and how vulnerable their infrastructure may be:

Despite China’s robust technological abilities, its cyber defenses are almost certainly more porous than those of the United States, American experts say. To cite one glaring example, even Chinese government computers are frequently equipped with pirated software from Microsoft, they say. That means many users miss out on security upgrades, available to paying users, that fix security breaches exploited by hackers. (emphasis mine)

100% WRONG: Paul Cooke from Microsoft states on the Windows Security Blog:

There seems to be a myth that Microsoft limits security updates to genuine Windows users.

Let me be clear: all security updates go to all users.

Not only do all security updates go to all users’ systems, but non-genuine Windows systems are able to install service packs, update rollups, and important reliability and application compatibility updates. In addition, the users of non-genuine Windows systems can also upgrade a lot of the other software on their computer.

Given my experiences in South Korea/Asia, this porousness is more likely due to a lack of policy, a lack of enforcement of existing policy and a non-priority given to information security than to pirated Windows software. Non-uniform policies and application of security resources as well as little respect and lack of eduction by those under the infosec policies are also primary factors. Most infosec professionals in the US experience something akin to the following at one point or another:

Deep inside a Chinese military engineering institute in September 2008, a researcher took a break from his duties and decided — against official policy — to check his private e-mail messages. Among the new arrivals was an electronic holiday greeting card that purported to be from a state defense office.

The researcher clicked on the card to open it. Within minutes, secretly implanted computer code enabled an unnamed foreign intelligence agency to tap into the databases of the institute in the city of Luoyang in central China and spirit away top-secret information on Chinese submarines.

It’s just not a unique Chinese situation.

Popularity: 30% [?]

According to the NY Daily News:

The Chinese government tapped sixty mothers to form a “Mom jury” tasked with surfing the Web for porn sites that are deemed indecent for young Internet users

In a nod to the Cold War, Mother China is the new Mother Russia.

Popularity: 13% [?]

According to the Wall Street Journal.

Officials at the National Security Agency have been working with Google Inc. to investigate the cyber attacks that Google announced publicly last month, according to people familiar with the investigation.

A Google spokeswoman declined to comment. NSA didn’t immediately respond to requests for comment.

Popularity: 12% [?]

The January 25, 2010 issue of Newsweek had the following quote that supports the thesis that the Google/China attack is not an isolated attack but a refection of a mindset as I mentioned in my bloginfosec essay.

At the same time, China has been busily developing the world’s most elaborate apparatus devoted to cyber-spying and cyberattacks. Chinese hacking has ramped up over the past few years, directed not only at human-rights organizations, but, importantly, at foreign businesses and governments. Many, if not most, such attacks originate from China; former National Security Agency director William Studeman has called them the “biggest single problem” facing the U.S. national-security establishment. (link here)

I’ve seen hacking attempts from China since mid-2001 so this really isn’t anything new. What’s important to understand is that it’s State sponsored and considered acceptable in Chinese culture. If you’re conducting business in China you’re information security criteria should most likely be more strict than in the US.

[PS - Sign-up for my newsletter, punk!]

Popularity: 11% [?]