#US defence biz fined for busting #China arms embargo
By Phil Muncaster, 4th July 2012
A top US defence contractor has been fined $75m (£47.8m) for flogging software to China that was a vital component in the country’s first attack helicopter.
United Technologies and its two subsidiaries Pratt & Whitney Canada (PWC) and Hamilton Sundstrand ‘fessed up to more than 500 violations of export restrictions in a federal court at the tail end of last week.
The headline grabber, however, involves the engine control software without which China could not have completed development of its Z-10 attack chopper – a battlefield-ready beast capable of carrying 30mm cannons, anti-tank guided missiles, air-to-air missiles and unguided rockets.
According to US Immigration and Customs Enforcement (ICE), which carried out the investigation, PWC turned a blind eye to the potential military use of the software in hope of securing a lucrative contract for civilian choppers from China - a $2bn deal that never appeared.
PWC had previously sold the Asian nation ten commercial development engines that did not require export licenses. However, the biz then wilfully followed that up with electronic engine control software made by Hamilton Sundstrand and modified it for use in a military helicopter, ICE said.
The export of “defence articles and associated technical data” has been banned by the US since the 1989 Tiananmen Square massacre.
The companies did themselves no favours by failing to disclose the illegal exports for several years and then making numerous false statements to the US State Department.
[…]
US defence biz fined for busting China arms embargo • The Register
#Chinese hackers sink the #Indian #Navy systems: #India left contemplating its naval
02 Jul 2012 15:07 | by Nick Farrell
Chinese hackers have managed to take out the computer system on the Indian Navy’s Eastern Command.
The hackers planted malware on the system, which is based around the city of Visakhaptnam, which sent sensitive data to IP addresses in China.
The Indian Express reported how India’s first nuclear missile submarine, INS Arihant, was running trials at the facility and might have got the bug.
[…]
Chinese hackers sink the Indian Navy systems - India left contemplating its naval | TechEye
More Information
IP addresses not evidence of hacking: expert - China Daily
Chinese hackers penetrate Indian Navy computer system - Zee News
Chinese hackers penetrate Navy’s computer - Deccan Herald
Chinese servers attack top US websites: Targeting security companies, universities and Defence contractors
14 Jun 2012 09:55 | by Nick Farrell
Insecurity experts have detected an ongoing series of attacks targeting SCADA security companies, universities and defence contractors.
The attacks use customised malicious files to entice targeted users into opening them and are using a series of hacked servers as command-and-control points.
Tactics and tools used by the attackers indicates that they may be located in China.
The first target was Digitalbond, a company that provides security services for ICS systems, but the others followed a similar pattent.
The attack begins with a spear phishing email sent to employees of the targeted company and containing a PDF attachment which, if opened, installs a Trojan downloader called spoolsvr.exe.
This connects to a C&C server located at hxxp://hint.happyforever.com and downloads instructions and a payload. Another file is loaded called tanghi.exe that is not widely recognised by anti-malware products and is a remote access tool that gives the attacker a persistent presence on the compromised machine.
AV expert Jaime Blasco of AlienVault said users at Carnegie Mellon University, Purdue University and the University of Rhode Island have been hit.
Chertoff Group, which is a consultancy headed by former secretary of Homeland Security Michael Chertoff, and NJVC, another defense contractor, have been targeted.
Alienvault said the approach was similar to the Shady Rat attacks that were first publicized by McAfee in August, 2011 and are probably the same people.
The attacks are not random and it appears that the targets are being selected carefully.
New Rules Bring a "Credit Rating" For Users of Chinese Social Network
by timothy on Saturday June 02, from the orwell-was-at-least-fiction dept.
An anonymous reader links this article describing a newly installed set of rules affecting the already put-upon Internet users of China, specifically affecting users of social network Sina Weibo:
“Sina Weibo users each will now receive 80 points to begin with, and this can be boosted to a full 100 points by those who provide their official government-issued identification numbers (like Social Security numbers in the U.S.) and link to a cellphone account. Spreading falsehoods will lead to deductions in points, among other penalties. Spreading an untruth to 100 other users will result in a deduction of two points. Spreading it to 100-1,000 other users will result in a deduction of five points, as well as a week’s suspension of the account. Spreading it to more than 1,000 other users will result in a deduction of 10 points, as well as a 15-day suspension of the account.”
The article explains (in truth, not very helpfully) the extent to which users’ freedom to talk freely will be curtailed; the long list of what not to do “includes using ‘nonconforming’ or false images to mislead,” “exaggerating events,” “presenting already [resolved] events as ongoing,” “efforts to incite ethnic tensions and violence and hurt ethnic unity” and “efforts to spread cultist or superstitious thinking; spreading rumors to disrupt social harmony.” (And of course the catch-all: “other activities stipulated by authorities.”)
slashdot: New Rules Bring a “Credit Rating” For Users of Chinese Social Network
#Nitol #DDoS #Botnet Coded in a Hurry, Experts Say
April 20th, 2012, 11:40 GMT · By Eduard Kovacs
Researchers from security firm McAfee have analyzed the denial-of-service (DOS) botnet known as Nitol and found that the Trojan which powers it was written in C++. Since the code is full of bugs, it’s believed that the developer was either in a hurry, or not a very good programmer.
Since the botnet is mostly operating in China, it’s not so popular in other parts of the world, but it’s still interesting to see how it works and how it communicates.
According to the experts, the Trojan copies itself as an exe file in the Program Files folder as a service called Microsoft Windows Uqdatehwh Service.
Once on a system, the malicious element connects to a command and control server and starts sending performance information of the infected computer.
It’s believed that this data is used by the cybercriminals to estimate the power of their botnet and to help them decide what tasks to attribute to the specific bot. Nitol is used for GenericFlood, HTTPFlood, and RawDataFlood distributed DOS attacks.
SoftPedia: Nitol DDoS Botnet Coded in a Hurry, Experts Say
Note: If you wish to know more about DDoS with botnets, see this Blog tutorial (educational purposes/reading only).
#China's #censorship can never defeat the internet
It is interesting to pick one’s way through the obstacles of censorship, but freedom can’t be stopped in the internet age
Ai Weiwei, Monday 16 April 2012 | 阅读中文 | Read this in Chinese
[…]
Censorship is saying: “I’m the one who says the last sentence. Whatever you say, the conclusion is mine.” But the internet is like a tree that is growing. The people will always have the last word – even if someone has a very weak, quiet voice. Such power will collapse because of a whisper.
When I was young I became rebellious. My hair got longer and, right before I was about to cut it, my parents said: “Cut your hair: it’s too long”. So then I thought I would keep it for a while, and it became very long. A whole generation of young people are like that now – different from the values of their parents, who just wanted to survive and make money.
China may seem quite successful in its controls, but it has only raised the water level. It’s like building a dam: it thinks there is more water so it will build it higher. But every drop of water is still in there. It doesn’t understand how to let the pressure out. It builds up a way to maintain control and push the problem to the next generation.
It still hasn’t come to the moment that it will collapse. That makes a lot of other states admire its technology and methods. But in the long run, its leaders must understand it’s not possible for them to control the internet unless they shut it off – and they can’t live with the consequences of that. The internet is uncontrollable. And if the internet is uncontrollable, freedom will win. It’s as simple as that.
Explore the seven-day special series on the Battle for the internet
