Cyber SA…Global Perspectives

Good Monday Folks;

Much news from Cyber~Land today – and thus, you may enjoy the most recent Global Perspectives of Cyber Situation Awareness (SA)…
Of particular note – information loss in the People’s Republic of China…now a crime bubbling to the service…Kenyan PC’s with Chinese malware and so much more in the China Section below, including missing US CBP & China cooperation posts; Iran’s Cyber Motivations & Actions…and of course, German and French Governments respond to PRISM…

All the cyber SA you might want in one dose!

中國人民共和國 – People’s Republic of China….

Infosecurity – Report: China Uses Taiwan as Test-Bed for US Cyber-Espionage Attacks
http://www.infosecurity-magazine.com/view/33553/report-china-uses-taiwan-as-testbed-for-us-cyberespionage-attacks/

People’s Republic of China: 1,213 arrested for personal information trafficking – People’s Daily Online
“… 468 gangs and arrested 1,213 people for suspected personal information trafficking, according to a statement released Sunday by the Ministry of Public Security.”

http://english.peopledaily.com.cn/90882/8360132.html
Stronger laws urged to protect personal information – People’s Daily Online
http://english.peopledaily.com.cn/90882/8305906.html
People’s Republic of China ‘top source’ of malicious software in Kenyan computers
http://www.nation.co.ke/business/news/China+top+source+of+malicious+software/-/1006/1944356/-/rj5e4/-/index.html
People’s Republic of China New York Times hackers strike again with evolved malware
http://www.v3.co.uk/v3-uk/news/2288076/new-york-times-hackers-strike-again-with-evolved-malware

Censorship, external authentication, and other social media lessons from China’s Great Firewall
http://www.techinasia.com/china-social-media-lessons-from-great-firewall/

China’s Xiaomi sells 100,000 units of new $130 phone in 90 seconds, chalks up 7.45m reservations |
http://thenextweb.com/asia/2013/08/12/chinas-xiaomi-sells-100000-units-of-new-130-phone-in-90-seconds-chalks-up-7-45m-reservations/
Xiaomi Beats Samsung To Top China’s Smartphone Charts | TechCrunch
http://techcrunch.com/2013/08/12/xiaomi-beats-samsung-to-top-chinas-smartphone-charts/

CBP – U.S. Customs and Border Protection / U.S., China Announce Results of First Joint Intellectual Property Operation
http://www.noodls.com/view/E418DA4AF877ADF8970BBEE9B0E38FDDAB89AC35
This original CBP Press relaese was removed from the web here:
http://www.cbp.gov/xp/cgov/newsroom/news_releases/local/07312013_7.xml

Also removed from South China Morning Post:
http://www.scmp.com/news/china/article/1293516/china-us-team-seize-fake-apple-samsung-dr-dre-electronics
U.S., People’s Republic of China team up to seize counterfeit goods in joint operation
http://www.reuters.com/article/2013/07/31/us-china-usa-counterfeit-idUSBRE96U0X120130731

HUAWEI…

Intelligence: People’s Republic of China Dodges Accusations
Chinese telecommunications equipment manufacturer Huawei continues to be dogged by accusations that it is acting as an economic and military espionage agent for the Chinese military.

http://www.strategypage.com/htmw/htintel/articles/20130810.aspx
People’s Republic of China’s Economy Slows but Its Influence Rises
http://blogs.cfr.org/asia/2013/08/12/chinas-economy-slows-but-its-influence-rises/
People’s Republic of China Rising, Huawei Team For Secure Virtualization Solutions – ChinaTechNews
http://www.chinatechnews.com/2013/08/12/19562-chinas-rising-huawei-team-for-secure-virtualization-solutions
People’s Republic of China’s Huawei partners w/Telematics to bolster Unified Communications capabilities in UAE, Qatar –
http://english.mubasher.info/DFM/news/2377832/Huawei-partners-with-Telematics-to-bolster-Unified-Communications-capabilities-in-UAE-Qatar
Serbian Railways Opts for People’s Republoc of China’s Huawei Solutions
http://enterprisechannels.com/ContentDetails.aspx?Moduleid=12159&&ModuleType=Serbian%20Railways%20Opts%20for%20Huawei%20Solutions
People’s Republic of China Blames Cisco for Huawei’s U.S. Woes
http://channelnomics.com/2012/10/12/china-blames-cisco-huaweis-u-s-woes/

It’s Not Just the People’s Republic of China: Indian Hacker Group Spied On Targets In Pakistan, U.S. And Europe – Forbes
http://www.forbes.com/sites/andygreenberg/2013/05/21/its-not-just-china-indian-hacker-group-spied-on-targets-in-pakistan-u-s-and-europe/
Pakistan Intelligence Agency ISI hacks India’s largest telco BSNL Systems by Social Engineering
http://www.thehackerspost.com/2013/08/pakistan-intelligence-agency-hacks-bsnl.html

Escalation Cause: How the Pentagon’s new strategy could trigger war with the People’s Republic of China
“…according to Air-Sea Battle, U.S. forces would launch physical attacks and cyberattacks against the enemy’s “kill-chain” of sensors and weaponry in order to disrupt its command-and-control systems, wreck its launch platforms (including aircraft, ships, and missile sites), and finally defeat the weapons they actually fire. The sooner the kill-chain is broken, the less damage U.S. forces will suffer — and the more damage they will be able to inflict on the enemy.”

http://www.chinausfocus.com/peace-security/escalation-cause-how-the-pentagons-new-strategy-could-trigger-war-with-china/
A Future Without War for the People’s Republic of China & the US |
http://www.chinausfocus.com/foreign-policy/a-future-without-war-for-china-and-the-us/
People’s Republic of China among top five countries on US’ surveillance list – TruthDive
“…the list of NSA’s spying targets, China, Russia, Iran, Pakistan and North Korea are of prime importance for surveillance, Der Spiegal reports.

According to the report, the US is especially interested in gathering intelligence related to the countries’ foreign policy, international trade and economic stability along with topics related to new technology and energy security which score low level priority.”

http://truthdive.com/2013/08/11/Pak-China-among-top-five-countries-on-US-surveillance-list.html
H-6K bombers used by PLA capable of reaching Hawaii: Kanwa Defense Review
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130812000082&cid=1101
The untold truth behind the US rebalancing policy…WantChinaTimes.com
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130811000079&cid=1703

People’s Republic of China investigates France’s Sanofi for alleged bribery: Xinhua
http://www.reuters.com/article/2013/08/10/us-sanofi-china-idUSBRE97902L20130810

ISLAMIC REPUBLIC OF IRAN ~ Cyber

Iran’s cyber warfare could hit public more than military: report
http://www.washingtontimes.com/news/2013/jul/29/irans-cyber-warfare-could-hit-public-more-military/
Iran’s Covert Cyber War
http://blog.heritage.org/2013/08/07/irans-covert-cyber-war/

INTERNATIONAL HACKING>>>

Inside the Tor exploit | ZDNet
http://www.zdnet.com/inside-the-tor-exploit-7000018997/
Hackers put a bull’s-eye on small business | PCWorld
http://www.pcworld.com/article/2046300/hackers-put-a-bulls-eye-on-small-business.html
Reported data breached records in US from 2005 to present exceed 500 million | ZDNet
http://www.zdnet.com/reported-data-breached-records-in-us-from-2005-to-present-exceed-500-million-7000018991/
Meet Darknet, the hidden, anonymous underbelly of the searchable Web | PCWorld
http://www.pcworld.com/article/2046227/meet-darknet-the-hidden-anonymous-underbelly-of-the-searchable-web.html

The Classifieds
“Are American spies the next victims of the Internet age?”

http://www.foreignpolicy.com/articles/2013/08/09/the_classifieds_open_source_intelligence_prieto?page=full
Deutsche Telekom and United Internet launch ‘made in Germany’ email in response to PRISM | ZDNet
http://www.zdnet.com/deutsche-telekom-and-united-internet-launch-made-in-germany-email-in-response-to-prism-7000019266/
Spy or Die – Can corporate suicide stop the NSA?
http://www.foreignpolicy.com/articles/2013/08/09/spy_or_die_nsa_lavabit_silent_circle?page=full

HACKSURFER
http://hacksurfer.com/
Fort Disco: The new brute-force botnet | ZDNet
http://www.zdnet.com/fort-disco-the-new-brute-force-botnet-7000019126/#%21
The Danger of Mixing Cyberespionage With Cyberwarfare
http://insights.wired.com/profiles/blogs/the-danger-of-mixing-cyberespionage-with-cyberwarfare#axzz2bmMnUKxL

France has its own PRISM system: Report | ZDNet
As the US and the UK admit that they are intercepting data for intelligence purposes, an investigative report has revealed that the French government is doing the same.

http://www.zdnet.com/france-has-its-own-prism-system-report-7000017694/

Enjoy!

Semper Fi,

謝謝
紅龍

Cyber-Mania & Situation Awareness in the Binary Worlds…

Good Friday Afternoon Folks;

In today’s issue of the latest cyber news we have quite a bit in the way of Cyber-Mania & Situation Awareness in the Binary Worlds…

Pay particular attention to the immediate section below and the latest items of interest from the People’s Republic of Cyber Espionage…er, sorry, China…
There are a couple of interesting items regarding cuber attacks and a cuber timeline from NATO…yeah OTAN…go figure!
And yes the F-B-I is looking for Hacker love…be sure to use a condom … or those executable files ail ruin your weekend…:-)

People’s Republic of China allows spies to plunder companies
http://www.news.com.au/business/chinese-inaction-over-industrial-spies/story-e6frfm1i-1226693898798
Slight shift seen in official Chinese attitude on cybersecurity
http://www.fiercegovernmentit.com/story/slight-shift-seen-official-chinese-attitude-cybersecurity/2013-08-07
People’s Republic ofChina firmly pursues peaceful development: defense minister
http://english.qstheory.cn/news/201308/t20130801_255078.htm
How America Is Fighting Back Against Chinese Hackers |
http://gizmodo.com/how-america-is-fighting-back-against-chinese-hackers-754599685
President Xi inspects Chinese Academy of Sciences in Beijing _ Qiushi Journal
http://english.qstheory.cn/news/201307/t20130718_250255.htm
People’s Republic of China’s Huawei Looks to Build Up Enterprise-Network Business
http://online.wsj.com/article/SB10001424127887323977304578654840024408084.html

NATO History of Cyber Attacks – A Timeline
http://www.nato.int/docu/review/2013/Cyber/timeline/EN/
Fitting cyber attacks to jus ad bellum — Consequence-based approachPart III
http://resources.infosecinstitute.com/fitting-cyber-attacks-to-jus-ad-bellum-consequence-based-approachpart-iii/?
Cyberattacks devastated my business!
http://money.cnn.com/gallery/smallbusiness/2013/05/28/cybercrime
NSA behind cyber attacks the took down ‘Dark Web’ used by online pedophiles
http://bbb-news.com/blog/2013/08/09/eric-eoin-marques-nsa-behind-cyber-attacks-the-took-down-dark-web-used-by-online-pedophiles/
Defendant in Romanian Cyber Crime Ring Convicted of Wire Fraud and Identification Document Fraud Conspiracies
http://www.fbi.gov/newyork/press-releases/2013/defendant-in-romanian-cyber-crime-ring-convicted-of-wire-fraud-and-identification-document-fraud-conspiracies?

Are Black Hats and White Hats Really Grey Hats?
http://www.digitalcommunities.com/articles/Are-Black-Hats-and-White-Hats-Really-Grey-Hats.html

FBI director calls on private sector to help with cyber threat
I’ll be sure to send him a .pdf with an executable file in it – oh wait the Minneapolis Cyber Field Office already received it….Nyarch!
http://arstechnica.com/tech-policy/2013/08/fbi-director-calls-on-private-sector-to-help-with-cyber-threat/
CIA, FBI and NSA Leaders Ask for Help Fighting Cyberattacks
http://mashable.com/2013/08/08/cia-fbi-nsa-cyberattacks/?
The Government Wants to Create Cybersecurity Insurance
http://gizmodo.com/the-government-wants-to-create-cybersecurity-insurance-1046375980
IPv6 is latest tool for stealing credit card numbers and passwords
http://www.v3.co.uk/v3-uk/news/2286734/ipv6-is-latest-tool-for-stealing-credit-card-numbers-and-passwords

Semper Fi,

謝謝
紅龍

8/8…八/八 Cyber Situation Awareness…People’s Republic of Hacking…

Good day Folks;

Today is usually considered an auspicious day in the People’s Republic of China…八八…8/8 ~ the number 8 being lucky, auspicious while the eight day of the eighth month doubles your good fortune…unfortunately for a couple of our favorite state owned enterprises (SOE), Huawei and Sinovel are in today’s issue of Chinese Cyber SA as they have been linked to economic cyber espionage … naughty, naughty…

People’s Republic of China’s Sinovel charged with cyber espionage in US…|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130808000097&cid=1206
Chinese inaction gives technology thieves a shield…FACT: People’s Republic of China supports commercial economic cyber espionage
http://www.seattlepi.com/business/technology/article/Chinese-inaction-gives-technology-thieves-a-shield-4716698.php
Breaking Down the China Chopper Web Shell – Part I – 推酷
http://www.tuicool.com/articles/zURZnm
Report: Joint U.S.-China Aviation Ventures Are More Prone to Cyber Intrusions than U.S. Firms
Hey – infosec boyz @ Boeing in Seattle – you paying attention to this….!?

http://www.nextgov.com/cybersecurity/2013/08/report-joint-us-china-aviation-ventures-are-more-prone-cyber-intrusions-us-firms/68225/?oref=ng-skybox
People’s Republic of China has a massive Windows XP problem
How do you say ‘cyber target rich environment’? Outdated OS in China….

http://www.computerworld.com/s/article/9241429/China_has_a_massive_Windows_XP_problem
NSA spy server in Chongqing could be used to bury Bo Xilai: Duowei
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130808000136&cid=1101

People’s Republic of China’s Huawei: We’re not a security threat, we’re just a pawn | Digital Trends
http://www.digitaltrends.com/mobile/huawei-were-not-a-security-threat-were-just-a-pawn/
People’s Republic of China’s Huawei Seeks Foothold in Enterprise Market
http://blogs.wsj.com/digits/2013/08/08/huawei-seeks-foothold-in-enterprise-market/
People’s Republic of China’s Huawei unveils SDN programmable switch, taking aim at Cisco | PCWorld
http://www.pcworld.com/article/2046185/chinas-huawei-unveils-sdn-programmable-switch-taking-aim-at-cisco.html#tk.rss_all
Taiwan’s animators ridicule People’s Republic of China over cozy SOE relationships…ZTE & Huawei
http://appleinsider.com/articles/13/08/08/taiwans-animators-ridicule-china-over-pr-smear-campaign-against-apple-inc

Rumor: Apple planning development center in Taiwan for future iPhones…Bye-Bye People’s Republic of China…
http://appleinsider.com/articles/13/08/08/rumor-apple-planning-development-center-in-taiwan-for-future-iphones

Time to break the hegemony of western discourse – People’s Daily Online
From News of the Communist Party of China…
http://english.cpc.people.com.cn/206972/206977/8353120.html
Reflections on “The China Threat”
http://www.strategicstudiesinstitute.army.mil/index.cfm/articles/Reflections-on-The-China-Threat/2013/08/01
Where There is Smoke, There is Fire: South Asian Cyber Espionage Heats Up
http://www.threatconnect.com/news/where-there-is-smoke-there-is-fire-south-asian-cyber-espionage-heats-up/

DNS Servers of 3 Dutch Hosting Firms Hijacked, Thousands of Sites Serve Malware
http://news.softpedia.com/news/DNS-Servers-of-3-Dutch-Hosting-Firms-Hijacked-Thousands-of-Sites-Serve-Malware-373308.shtml

Special Ops Mined Social Media for Data to Advance Mission
http://www.nextgov.com/defense/whats-brewin/2013/08/special-ops-mined-social-media-data-advance-mission/68216/

U.S. Cybersecurity Policy: Problems and Principles
http://heartland.org/sites/default/files/08-01-13_titch_policy_brief_cybersecurity.pdf

Enjoy!

Semper Fi,

謝謝

紅龍

Cyber & Information Security Situation Awareness (SA)

Good Monday Morning Folks;

Many cyber situational stories to entertain and tantalize you with this morning!
Pay particular attention to the growing militarism within the People’s Republic of China…in their Naval, Ground and yes, Cyber Forces…
You’ll note also some cybernia news out of the Soviet-bloc…
And lastly, but certainly not least – the American Bar Assoc has a new handbook about cyber…yikes – when lawyer and cyber get mixed together…well you get the picture…

Enjoy today’s cyber news!

PLA (中國人民解放軍) urged to reform, upgrade to fight hi-tech wars in future
http://www.scmp.com/news/china/article/1294071/pla-urged-upgrade-fight-hi-tech-wars-and-tackle-corruption

FIGHT ON UNTIL U.S. IMPERIALISM IS WILLING TO GIVE UP – Mao Tse T’ung 1953解放军报专题
http://english.pladaily.com.cn/special/mao/txt/m5.htm
Long march and unending victories
http://eng.mod.gov.cn/Opinion/2013-08/02/content_4460598.htm

Chinese Hacking Team Caught Taking Over Decoy Water Plant | MIT Technology Review
http://www.technologyreview.com/news/517786/chinese-hacking-team-caught-taking-over-decoy-water-plant/

People’s Republic of China’s Beijing hacking combine exposed
http://www.usatoday.com/story/cybertruth/2013/08/02/beijing-hacking-combine-exposed/2611307/

Why Hating the People’s Republic of China Is Futile
http://www.forbes.com/sites/kenrapoza/2013/08/01/why-hating-china-is-futile/

Beijing launches platform to debunk online rumors
http://www.wantchinatimes.com/news-print-cnt.aspx?MainCatID=11&cid=1103&id=20130803000006

People’s Republic of China will become the world’s largest space power: US professor
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130805000106&cid=1101

Choosing Sides: Who’s Partnered with Who in People’s Republic of China’s Internet War?
http://www.techinasia.com/choosing-sides-in-china-internet-wars/

Chinese telecoms giant Huawei has hit back at allegations by a former CIA chief that the company spies for Beijing, labeling them “defamatory” and “baseless”.
http://www.securityweek.com/huawei-lashes-out-ex-cia-chief-over-spying-claims
People’s Republic of China’s Most Irrelevant Search Engines to Merge? Chinese Government Search Engines|
http://www.techinasia.com/chinas-irrelevant-search-engines-merge-government-takes-swing-search/
If governments ban China-based Lenovo, should companies?
U.S., several other countries have banned computers from Lenovo after finding backdoors in hardware in firmware, report says

http://www.csoonline.com/article/737586/if-governments-ban-china-based-lenovo-should-companies-
False People’s Republic of China’s Lenovo Security Report Only Strengthens World’s Top PC Maker
http://www.computerworld.com/s/article/9241326/False_Lenovo_Security_Report_Only_Strengthens_World_39_s_Top_PC_Maker?

People’s Republic of China stresses its defensive military policy
http://eng.mod.gov.cn/DefenseNews/2013-08/02/content_4460650.htm
Digital Dao: Aviation companies twice as likely to be hacked if they do business in China
Ask me about my Boeing China Aviation Research and their denial – er, response….

http://jeffreycarr.blogspot.com/2013/07/aviation-companies-twice-as-likely-to.html

Meet the NSA’s New Data Centers: Russia, People’s Republic of China, and Venezuela
http://blog.foreignpolicy.com/posts/2013/07/31/meet_the_nsas_new_data_centers_russia_china_venezuela

Attackers turning to legit cloud services firms to plant malware
http://www.computerworld.com/s/article/9241324/Attackers_turning_to_legit_cloud_services_firms_to_plant_malware?

Understanding the Global Risk of Cybercrime
http://www.scl.org/site.aspx?i=ed32886
New ‘Hacked shells as a service’ empowers cybercriminals with access to high page rank-ed Web sites
http://blog.webroot.com/2013/08/02/new-hacked-shells-as-a-service-empowers-cybercriminals-with-access-to-high-page-rank-ed-web-sites/

The Soviet-Era Strategy That Explains What Russia Is Doing With Snowden
Whataboutistm: a rhetorical defense that alleges hypocrisy from the accuser. And it’s going to make it a lot harder to criticize Moscow on human rights.

http://www.theatlantic.com/international/archive/2013/08/whataboutism-the-soviet-era-strategy-that-partly-explains-why-russia-took-snowden/278314/
Russian Cyber Criminals selling hacked websites access in Underground stores
http://thehackernews.com/2013/08/russian-hackers-underground-hacking-websites.html

FBI Has Been Developing Cyber Hacking Tools for Over a Decade to Attack Criminals
http://www.hngn.com/articles/9332/20130804/fbi-developing-cyber-hacking-tools-over-decade-attack-criminals.htm
Disposable Spy Computers Are Disturbingly Easy and Cheap to Make
http://gizmodo.com/disposable-spy-computers-are-disturbingly-easy-and-chea-1014343556
Latvia Refuses To Extradite The Creator Of Gozi Trojan
The country’s Foreign Minister says the 67-year prison term facing hacker Deniss Calovskis is too severe
http://www.techweekeurope.co.uk/news/latvia-refuses-to-extradite-the-creator-of-gozi-trojan-123725?
ABA Cybersecurity Handbook
http://www.lawfareblog.com/2013/08/aba-cybersecurity-handbook/

Semper Fi,

謝謝
紅龍

New threats: Unknown Cyber Threats & APT according to InfoSec Researchers in the Peoples’s Republic of China 新型威胁:未知威胁与APT 中華人民共和國

 New threats: Unknown Cyber Threats & APT according to InfoSec Researchers in the Peoples’s Republic of China 新型威胁:未知威胁与APT 中華人民共和國

 http://www.vulnhunt.com/nextgen/apt/

Good day folks;

Here’s an article about how information security researchers within the People’s Republic of China, 中華人民共和國 define ‘Unknown Cyber Threats & the innocuous Western term “APT”.

Enjoy!

Semper Fi,

謝謝您

紅龍

 

安全威胁近些年来发生巨大的变化,黑客攻击从传统带有恶作剧与技术炫耀性质逐步转变为利益化、商业化。为了突破传统的安全防御方法,一种名为APT的攻击迅速发展起来。APT是advanced persistent threat的缩写,译为高级持续性威胁。它是指近年来,专业且有组织的黑客(甚至可能有国家背景支持),针对重要目标和系统发起的一种攻击手段。

APT的主要特征:

 持续性: 攻击者为了重要的目标长时间持续攻击直到攻破为止。攻击成功用上一年到三年,攻击成功后持续潜伏五年到十年的案例都有。这种持续性攻击下,让攻击完全处于动态发展之中,而当前我们的防护体系都是强调静态对抗能力很少有防护者有动态对抗能力,因此防护者或许能挡住一时的攻击,但随时间的发展,系统不断有新的漏洞被发现,防御体系也会存在一定的空窗期:比如设备升级、应用需要的兼容性测试环境等等,最终导致系统的失守。

终端性: 攻击者虽然针对的是重要的资产目标,但是入手点却是终端为主。再重要的目标,也是由终端的人来访问的。而人在一个大型组织里,是难以保证所有人的安全能力与安全意识都处于一个很高水准之上的。而做好每个人的终端防护比服务器端防护要困难很多。通过SQL注射攻击了WEB服务器,一般也是希望利用他攻击使用这些WEB服务器的终端用户作为跳板渗透进内网。

广谱信息收集性: 攻击者会花上很长的时间和资源,依靠互联网搜集,主动扫描,甚至真实物理访问方式,收集被攻击目标的信息,主要包括:组织架构,人际关系,常用软件,常用防御策略与产品,内部网络部署等信息。

针对性: 攻击者会针对收集到的常用软件,常用防御策略与产品,内部网络部署等信息,搭建专门的环境,用于寻找有针对性安全漏洞,测试特定的木马是否能饶过检测。

未知性: 攻击者依据找到的针对性安全漏洞,特别是0DAY,根据应用本身构造专门的触发攻击的代码。并编写符合自己攻击目标,但能饶过现有防护者检测体系的特种木马。这些0DAY漏洞和特种木马,都是防护者或防护体系所不知道的。

渗透性社工: 攻击者为了让被攻击者目标更容易信任,往往会先从被攻击者目标容易信任的对象着手,比如攻击一个被攻击者目标的电脑小白好友或家人,或者被攻击者目标使用的内部论坛,通过他们的身份再对组织内的被攻击者目标发起0DAY攻击,成功率会高很多。再利用组织内的已被攻击成功的身份再去渗透攻击他的上级,逐步拿到对核心资产有访问权限的目标。

隐蔽合法性: 攻击者访问到重要资产后,往往通过控制的客户端,分布使用合法加密的数据通道,将信息窃取出来,以饶过我们的审计和异常检测的防护。

长期潜伏与控制: 攻击者长期控制重要目标获取的利益更大。一般都会长期潜伏下来,控制和窃取重要目标。当然也不排除在关键时候破坏型爆发。

从以上特性来看,可以获得如下结论

APT攻击的成本很高(专业的团队,长期的信息收集,挖掘0DAY和利用,特马,环境测试,渗透性社工与潜伏,多种检测对抗),因此只适合专业的网络犯罪团伙或有组织和国家支持的特种攻击团队

因此APT攻击是针对有重要价值资产或重要战略意义的目标,一般军工、能源、金融、军事、政府、重要高科技企业等最容易遭受APT攻击。

虽然普通网民不会遭受APT攻击的眷顾,但是如果你是APT攻击目标组织的一名普通员工甚至只是与APT攻击目标组织的一名普通员工是好友或亲戚关系,你依然可能成为APT攻击的中间跳板,当然作为普通个人,APT攻击本身不会窃走你个人什么东西(你本身就是重要人物如组织中的高级管理人员或个人主机里保存有重要资料的除外)。

不要以为你重要的信息资产只在内网甚至物理隔离就能不遭受APT攻击,因为即使物理阻止了网络层流,也阻止不了逻辑上的信息流。RSA被APT攻击利用FLASH 0DAY偷走了在内网严密保护的SECURID令牌种子,震网利用7个0DAY和摆渡成功渗透进了伊朗核设施级的物理隔离网络。

 New threats: unknown threats and APT

Security threats change dramatically in recent years, with a mischievous hacker attacks from the traditional sports and technology gradually changed the nature of the interests and commercialization. In order to break through the traditional method of security and defense, called APT attacks developed rapidly. APT is the advanced persistent threat acronym, translated advanced persistent threats. It refers to recent years, professional and organized hackers (and may even have national context support), an important goal and system for initiating a means of attack.

APT main features:

 

Sustainability: an important target for attackers continued to attack until a long break so far. A successful attack to spend one to three years, a successful attack lurking five to ten years after the last case has. This persistent attack, the attacker completely dynamically evolving, and the current emphasis of our protection system are rarely static protective ability against those who have the dynamic ability to fight, so those who may be able to block the protective moment of attack, but with the time of development, the system constantly new vulnerabilities are discovered, there will still be some defense system window period: for example, equipment upgrades, application compatibility testing environment and so require, eventually leading to the fall of the system.

Terminal resistance: Although the attacker is an important asset for a goal, but starting point is the main terminal. Further important objective, but also by people to access the terminal. And people in a large organization, it is difficult to ensure the safety of all ability and safety awareness are at a very high level above. And do everyone’s terminal protective than the server-side protection to be much more difficult. SQL injection attacks via the WEB server, are generally hoping to use him against the use of these WEB server as a springboard to penetrate into the end-user within the network.

Broad spectrum of information collection: the attacker will take a long time and resources, relying on the Internet to collect, active scanning, and even real physical access, to collect information about the target to be attacked, including: organizational structure, interpersonal relationships, commonly used software, common defense strategy and products, internal network deployment and other information.

Targeted: The attacker will be collected from the commonly used software for commonly used defense strategy and products, internal network deployment and other information, to build a dedicated environment for finding security vulnerabilities targeted to test whether a particular Trojan bypass detection.

Unknown sex: the attacker targeted basis to find security vulnerabilities, especially 0DAY, depending on the application itself is constructed of specialized trigger an attack code. And prepared in line with their targets, but it can bypass the existing system of special protection by detecting Trojans. These 0DAY loopholes and special Trojans, are protective or protective system does not know.

Permeability social workers: the attacker to allow an attacker to target more likely to trust, they tend to start with the easy confidence by attackers target object to proceed, such as attacking a target computer to be attacked by white friends or family, or the attacker targets Using the internal forum, through their identity and then the organization launched by attackers target 0DAY attack, the success rate would be much higher. Re-use within the organization’s identity has been successful attack penetration attacks his superiors to go step by step to get to the core assets have access goals.

Covert Legitimacy: the attacker access to critical assets, often through the control of the client, using the legitimate distribution of encrypted data channel, the information to steal out to bypass our audit and anomaly detection protection.

Long-term potential and control: an attacker to obtain long-term control of the interests of more important goals. Usually long-simmering down, control and steal important goals. Of course, does not rule out sabotage outbreak at a critical time.

From the point of view the above characteristics, the following conclusions can be obtained

APT attack is costly (professional team, long-term information gathering, mining and utilization 0DAY, Tema, environmental testing, permeability and latent social workers, a variety of detection confrontation) is intended only for professional or organized cybercrime gangs and national support team special attack

Therefore APT attacks are of great value for the asset or strategically important objectives, general military, energy, finance, military, government, and other key high-tech enterprise most vulnerable to APT attacks.

While ordinary users will not suffer APT attacks attention, but if you are APT attacks target tissue or even just an ordinary employee organization with APT attack targets a general staff are friends or relatives, you are still likely to be in the middle of APT attack springboard, of course, as an ordinary person, APT attack itself will not steal your personal anything (such as your own is an important figure in the senior management of the organization or individual host inside except the preservation of important data).

Do not think you important information assets are physically isolated from the internal network can not even suffer APT attacks because even if the physical network layer prevents flow logically can stop the flow of information. RSA APT attacks use FLASH 0DAY was stolen including network closely guarded SECURID token seed, Stuxnet and ferry use 7 0DAY successful penetration into the Iranian nuclear facility-level physical isolation network.

http://www.vulnhunt.com/nextgen/apt/

Cyber Situational Awareness (SA)…People’s Republic of Hacking, Cybercrime and so much more….

Good day Folks;

Today’s post about Cyber Situational Awareness (SA)…includes the People’s Republic of Hacking, Cybercrime and so much more….please particular attention to China’s Number One State Owned Enterprise (SOE), Huawei…they cannot seem to get out of their own way when comes to cyber espionage and claims of compromise…
Another story of note is the post about a Chinese Professor teaching Offensive Security…discovered this interesting gem from a French website in Ghana…go figure…
Finally – way at the bottom is a post about BLACKHAT 2013…if you dare read that far…

Enjoy!

People’s Republic of China’s Huawei Strikes Back at Ex-CIA Head
http://blogs.wsj.com/chinarealtime/2013/08/01/huawei-strikes-back-at-ex-cia-head/?mod=WSJBlog
In-Depth: People’s Republic of China’s Huawei Strikes Back at Ex-CIA Head
http://blogs.wsj.com/digits/2013/08/01/huawei-strikes-back-at-ex-cia-head-2/
People’s Republic of Chain’s Huawei hunting Australian ICT companies
http://www.itwire.com/it-policy-news/govenrment-tech-policy/60958-huawei-hunting-australian-ict-companies
The Real U.S.-People’s Republic of Chinese Cyber Problem | The National Interest
http://nationalinterest.org/commentary/the-real-us-chinese-cyber-problem-8796

Offensive Cyber Security taught by Chinese Professor….
Taught by a Chinese professor – learn Offensive Cyber Security from the Master….Prof. Xiuwen Liu (homepage: http://www.cs.fsu.edu/~liux/)

http://www.cs.fsu.edu/~redwood/OffensiveSecurity/
Why Chinese Companies Should Take the Rest of the World Seriously
http://www.techinasia.com/sina-weibos-failure-chinese-companies-rest-world/?
People’s Republic of China – Hong Kong Technical Hub Number 1
http://www.techinasia.com/hong-kong-chinas-number-tech-hub-infographic/

Mail from the (Velvet) Cybercrime Underground — Krebs on Security
http://krebsonsecurity.com/2013/07/mail-from-the-velvet-cybercrime-underground/
A 30 Year-Old Hacker Just Cursed At The Most Powerful Man In Global Surveillance
http://www.businessinsider.com/keith-alexander-gets-heckled-at-black-hat-2013-7
5 scariest cybersecurity threats @ BlackHat DEFCON…
http://www.cbsnews.com/8301-205_162-57596263/5-scariest-cybersecurity-threats-at-black-hat-defcon/
NSA XKeyscore Tool ‘Could Crack VPNs And Expose The Anonymous’
http://www.techweekeurope.co.uk/news/nsa-xkeyscore-vpn-cracking-123499?
NSA chief: Snooping is crucial to fighting terrorism
http://www.cnn.com/2013/07/31/tech/web/nsa-alexander-black-hat/index.html
Ex-USAF Chief Scientist Likens U.S. Cybersecurity Challenge to Whac-A-Mole: Scientific American |
http://www.scientificamerican.com/article.cfm?id=usaf-cybersecurity-drones-qa-maybury

Britain ‘Not Winning War on Cyber Crime’ MPs Warn
http://www.ibtimes.co.uk/articles/495541/20130730/britain-winning-cyber-crime-war-home-affairs.htm
UK report: Banks let e-criminals pinch gobs of money underneath the law’s nose |
http://nakedsecurity.sophos.com/2013/07/30/uk-report-banks-let-e-criminals-pinch-gobs-of-money-underneath-the-laws-nose/?

Ghana Government develops cyber security policy |
http://www.modernghana.com/news/478715/1/government-develops-cyber-security-policy.html

Syrian Electronic Army Hacks Major Communications Websites
http://www.fireeye.com/blog/technical/cyber-exploits/2013/07/syrian-electronic-army-hacks-major-communications-websites.html?
Cyber Jihadists, State Department Now In Full-Blown Twitter War
http://thecable.foreignpolicy.com/posts/2013/07/29/jihadis_ape_state_department#.UfgW1Rss8CI.twitter

2013 BLACKHAT Presentations….
https://www.blackhat.com/us-13/archives.html#Healey

Semper Fi;

謝謝
紅龍

Chinese Cyber Military Situational Awareness & other fun stories from ‘Cybernia”

Good day Folks;

Some very peculiar chatter from within the People’s Republic of China today lends itself to this edition of Chinese Cyber Military Situational Awareness & other fun stories from ‘Cybernia”…
Make note of the Huawei stories as well the PLA’s 86th birthday…while China’s President Xi Jinping tell’s the army in China how to behave…

People’s Republic of China’s Hackers, bloggers & professors team up to tap into blocked microblog content
http://www.globaltimes.cn/content/799621.shtml
Asian Spying Said to Focus on U.S. Radiation-Hardened Electronics
http://www.nationaljournal.com/global-security-newswire/asian-spying-said-to-focus-on-u-s-radiation-hardened-electronics-20130725
Move over Huawei, there’s a new People’s Republic of China bogeyman in town and it’s called Lenovo
http://qz.com/109356/move-over-huawei-theres-a-new-bogeyman-in-town-and-its-called-lenovo/
Intelligence Agencies Ban People’s Republic of China’s Lenovo
http://www.ibtimes.com/lenovo-banned-international-intelligence-agencies-deem-computers-vulnerable-hacking-1363611?ft=j979o
People’s Republic of China’s Huawei announces successful completion of Boracay-Palawan submarine cable system
China’s OP Middle Kingdom now completes Phase V in the Philippines…

http://www.telegeography.com/products/commsupdate/articles/2013/07/30/huawei-announces-successful-completion-of-boracay-palawan-submarine-cable-system/?
French Scholar Challenges Western Preoccupation With Chinese ‘Threat’
People’s Republic of China’s OP Middle Kingdom now completes Phase VI in France…Manadrin Chinese classes no longer optional at university….

http://www.ibtimes.com/china-not-threat-nature-qa-dr-lionel-vairon-1363679?ft=a73y7

People’s Republic of China’s Economic Strategy Series…观察者网-中国关怀 全球视野
Detailed Operational Panning Documents for Operation Middle Kingdom…

http://www.guancha.cn/strategy-book/

People’s Republic of China’s Xi: Troops must strictly follow CPC leadership – Xinhua |
PLA Troops must demonstrate IDEOLOGICAL PURITY…

http://news.xinhuanet.com/english/china/2013-07/29/c_132584552.htm
China’s Ambassador Cui Tiankai Celebrating the 86th Anniversary of the Founding of the PLA |
Soldiers of People’s Republic of China’s female special forces unit – Xinhua |

http://news.xinhuanet.com/english/photo/2013-07/30/c_132585113.htm

How much does it cost to buy one thousand Russian/Eastern European based malware-infected hosts
http://blog.webroot.com/2013/07/29/how-much-does-it-cost-to-buy-one-thousand-russianeastern-european-based-malware-infected-hosts/

Iran’s Next Cabinet: Technocratic and Security-Focused
http://www.washingtoninstitute.org/policy-analysis/view/irans-next-cabinet-technocratic-and-security-focused

Navy awards contract to Boeing to prepare EA-18G Growler electronic warfare jet to accept Next-Generation Jammer
How long before BOEING admits they were targeted and hacked again by the People’s Republic of China….?

http://www.avionics-intelligence.com/articles/2013/07/ai-boeing-ngj.html

Battle line: Cyberspace –
http://dawn.com/news/1032735/battle-line-cyberspace/?view=print

When Would Cyber War Lead to Real War?
http://www.defenseone.com/technology/2013/07/when-would-cyber-war-lead-real-war/67580/#.

Enjoy!

謝謝
紅龍

People’s Republic of Cyber Conflict & Operation Middle Kingdom….

Good Monday Morning Friends;

Much cyber conflict news related to the People’s Republic of China’s HUAWEI over the weekend.
Take particular note of both India and the United Kingdom’s leadership being pawned by HUAWEI…
Also worth mentioning is that the former head of the US Central Intelligence Agency knows and is now revealing that the People’s Republic of China’s Huawei so pies for the People’s Republic of China…oh dear no! Really…<>

Enjoy –

How Mao Tse T’ung created the People’s Republic of China’s capitalist revolution [Straits Times]
http://wanderingchina.org/2013/07/27/how-mao-created-chinas-capitalist-revolution-straits-times-risingchina-reform-mao/

Ex-CIA chief accuses People’s Republic of China’s Huawei of industrial espionage – Telegraph
http://www.telegraph.co.uk/technology/news/10191154/Ex-CIA-chief-accuses-Huawei-of-industrial-espionage.html
Why is the former head of the NSA convinced Huawei is a threat to US communication networks? | Digital Trends
http://www.digitaltrends.com/mobile/huawei-threat-to-the-us/
People’s Republic of China’s Huawei in charge of UK TalkTalk’s net filtering
Operation Middle Kingdom…Chinese colonization of United Kingdom near complete as Phase V is accomplished…
http://www.computerworlduk.com/news/security/3460990/huawei-in-charge-of-talktalks-net-filtering/
People’s Republic of China’s Huawei says it ‘shares the same cyber security goals’ as the UK government
Operation Middle Kingdom…Chinese colonization of United Kingdom near complete as Phase V is accomplished…

http://www.pcadvisor.co.uk/news/security/3459981/huawei-says-it-shares-the-same-cyber-security-goals-as-the-uk-government/
People’s Republic of China’s Huawei gets closer to its users by P@WNing India…
Operation Middle Kingdom…Chinese colonization of India near complete as Phase V is accomplished…

http://www.thehindu.com/sci-tech/technology/huawei-gets-closer-to-its-users/article4960652.ece
People’s Republic of China’s Huawei lashes out at spying allegations from former CIA head
http://gigaom.com/2013/07/19/huawei-lashes-out-at-spying-allegations-from-former-cia-head/
People’s Republic of China’s Huawei revenue grows |
http://www.itweb.co.za/index.php?option=com_content&view=article&id=65959:Huawei-revenue-grows&catid=118
Australians ‘should not fear Chinese investment’, especially People’s Republic of Huawei, says Bob Carr
http://www.scmp.com/news/hong-kong/article/1291670/australians-should-not-fear-chinese-investment-says-foreign-minister

Spy agencies ban People’s Republic of China’s Lenovo PCs on security concerns
Recall friends that Lenovo has DIRECT ties to the Chinese Academy of Sciences and the People’s Liberation Army….
http://www.afr.com/p/technology/spy_agencies_ban_lenovo_pcs_on_security_HVgcKTHp4bIA4ulCPqC7SL
Intelligence services fear People’s Republic of China’s Lenovo products due to back-doors
http://www.neowin.net/news/intelligence-services-fear-lenovo-products-due-to-back-doors
Rare Glimpse into a Real-Life Command-and-Control Server | “Dragon Eye – Mini”
http://www.crowdstrike.com/blog/rare-glimpse-real-life-command-and-control-server/index.html

Record malware growth in People’s Republic of China…
http://www.net-security.org/malware_news.php?id=2546

How America’s Top Tech Companies Created the Surveillance State
http://www.nationaljournal.com/magazine/how-america-s-top-tech-companies-created-the-surveillance-state-20130725

Security Vendors: Do No Harm, Heal Thyself — Krebs on Security
Symantec quietly releasedsecurity updates to fix serious vulnerabilities in itsSymantec Web Gateway, a popular line of security appliances designed to help “protect organizations against multiple types of Web-borne malware.”
http://krebsonsecurity.com/2013/07/security-vendors-do-no-harm-heal-thyself/

CreepyDOL…Cheap Monitoring Highlights Dangers Of Internet Of Things — Dark Reading
http://www.darkreading.com/monitoring/cheap-monitoring-highlights-dangers-of-i/240159061

U.K. Ministry of Defence hit by cyberattack, data stolen | ZDNet
http://www.zdnet.com/u-k-ministry-of-defence-hit-by-cyberattack-data-stolen-7000017831/
People’s Republic of China’s Huawei slammed for locking GCHQ personnel out of security cell
http://www.v3.co.uk/v3-uk/news/2283330/huawei-slammed-for-locking-gchq-personnel-out-of-security-cell?

China’s UK censorwall will also block “terrorist content,” “violence,” “circumvention tools,” “forums”
http://boingboing.net/2013/07/26/uk-censorwall-will-also-block.html

Russian hackers got 160 million bank card numbers, but that wasn’t worst part
Federal prosecutors say they’ve blown open the largest hacking ring in US history, indicting four Russians and a Ukrainian. The biggest worry: One of them hacked into NASDAQ.

http://www.csmonitor.com/USA/Justice/2013/0725/Russian-hackers-got-160-million-bank-card-numbers-but-that-wasn-t-worst-part

Semper Fi,

謝謝
紅龍

People’s Republic of China & Operation Middle Kingdom…oh yes, Huawei and the colonization of Africa & India….

Good day my curious friends…much in the cyber news to amuse and entrain, but never alarm you…

Pay particular attention the articles below related to Huawei and their colonization of India via BSNL and Ethiopia via massive telco rollouts. People’s Republic of China & Operation Middle Kingdom…oh yes, Huawei and the colonization of Africa & India….always remember that a significant amount of cyber threat news and alerts will be released on Friday, saturdays and Sundays…when no one is paying attention…

Enjoy –

People’s Republic of Hacking, er…China is stealing intellectual property to boost its economic development…
Don’t let Snowden overshadow the real cyber threat

http://www.ft.com/intl/cms/s/0/d18f1e6a-ef97-11e2-a237-00144feabdc0.html

UK’s Cameron recommended porn filter controlled by People’s Republic of China’s Huawei
http://www.computing.co.uk/ctg/news/2285074/camerons-recommended-porn-filter-controlled-by-huawei

Baidu’s guide to the eight biggest Internet scams in People’s Republic of China
http://www.danwei.com/baidus-guide-to-the-eight-biggest-internet-scams-in-china/

Chinese can be pressured into accepting global cybersecurity norms
http://www.fiercegovernmentit.com/story/lewis-chinese-can-be-pressured-accepting-global-cybersecurity-norms/2013-07-24
Chinese hacker who once targeted the US switches sides to help defend Western companies… |
http://www.abc.net.au/news/2013-07-22/chinese-hacker-switches-from-attack-to-defence/4836572
Chinese hacker to help defend Western companies
http://au.news.yahoo.com/latest/a/-/article/18104751/chinese-hacker-who-once-targeted-the-us-switches-sides-to-help-defend-western-companies/
The Decline of China’s Internet Cafes
http://thediplomat.com/china-power/the-decline-of-chinas-internet-cafes/?
The great firewall of China gets metaphorical
The Chinese government’s increasingly sophisticated approach to censorship demands a new interpretation

http://www.guardian.co.uk/technology/2013/jul/14/china-great-firewall-put-out
Hengqin New Area Aims to Skirt Great Firewall – China Digital Times (CDT)
http://chinadigitaltimes.net/2013/07/hengqin-new-area-aims-to-skirt-great-firewall/?

BSNL to switch to People’s Republic of China’s Huawei’s next generation networks
China’s colonization of India is now complete as Operation Middle Kingdom continues…

http://www.thehindu.com/business/Industry/bsnl-to-switch-to-huaweis-next-generation-networks/article4953441.ece
Huawei Hits 100th 100G Deployment Milestone, Paving an Information Super Highway for the Next Decade
http://www.webwire.com/ViewPressRel.asp?aId=177824
Ethiopia signs $700 mn mobile network deal with People’s Republic of China’s Huawei
Operation Middle Kingdom continues in Africa as People’s Republic of China colonizes with their business development instead of weapon systems…US AFRICOM puzzled by lack of success…

http://nazret.com/blog/index.php/2013/07/25/ethiopia-signs-700-mn-mobile-network-deal-with-china-s-huawei

Find Out Why Apple’s Revenues in China Dropped 43% in Q2
http://www.techinasia.com/apple-china-revenues-drop-q2-2013/
Insight: How Samsung is beating Apple in the People’s Republic of China
http://www.reuters.com/article/2013/07/26/us-samsung-apple-china-insight-idUSBRE96P05F20130726
Apple Developer site hack: doubts cast on Turkish hacker’s claims
Guardian investigation raises questions over claims by Turkish researcher that he hacked into Apple’s Developer portal

http://www.guardian.co.uk/technology/2013/jul/26/apple-developer-site-hack

Japanese Minister Proposes More Active Military Presence in Region
http://www.nytimes.com/2013/07/27/world/asia/japanese-minister-proposes-more-active-military-presence-in-region.html?&pagewanted=all

$300 million Russian cyber crime ring broken by US feds
http://www.scmagazineuk.com/300-million-russian-cyber-crime-ring-broken-by-us-feds/article/304680/
Five Charged in Massive Financial Hacking Case | TIME.com
http://techland.time.com/2013/07/26/five-charged-in-massive-financial-hacking-case/

US Marines Focused at Tactical Edge of Cyber, Commander Says…
http://www.defense.gov/news/newsarticle.aspx?id=120246
USAF pleads with airmen to think about business of cyber…http://www.defense.gov/news/newsarticle.aspx?id=120222

A historical overview of the cyberattack landscape
http://www.net-security.org/secworld.php?id=15284
US Military: Forget cold war — Here comes cyber war
http://www.digitaljournal.com/article/355119
“What Is That Box?” — When The NSA Shows Up At Your Internet Company
http://www.buzzfeed.com/justinesharrock/what-is-that-box-when-the-nsa-shows-up-at-your-internet-comp

Hacked in 276 Seconds – Timely Intelligence Improves Ability to Thwart Cyber Attacks: Survey |
http://www.securityweek.com/hacked-276-seconds-timely-intelligence-improves-ability-thwart-cyber-attacks-survey

KPMG red-faced after being found w/data leak Reverse assessment reveals KPMGs publicly accessible data |
http://www.scmagazineuk.com/exclusive-reverse-assessment-reveals-kpmgs-publicly-accessible-data/article/304295/

Semper Fi,

謝謝
紅龍

HITCON 2013 Concludes…”No, these are not the Chinese Cyberspies You are looking for, move along, move along…”! Red Dragon Returns from Taiwan…

Good Monday Morning from Taipei, Taiwan, Republic of China…

Much in the news to share – take particular note of the growing distrust in the People’s Republic of China’s State Owned Enterprise (SOE) HUAWEI. The United Kingdom is starting to wonder why Huawei’s own employees are reviewing their own telecommunications and networking kit…”No, these are not he Chinese Cyberspies You are looking for, move along, move along…”!

Winning Without Fighting: The Chinese Psychological Warfare Challenge
http://www.heritage.org/research/reports/2013/07/winning-without-fighting-the-chinese-psychological-warfare-challenge

German anxieties over the People’s Republic of China’s rise | Germany | DW.DE | 20.07.2013
http://www.dw.de/german-anxieties-over-chinas-rise/a-16963665?

UK discovers People’s Republic of China’s Huawei UK staff auditing Huawei kit: Govt orders probe •
http://www.theregister.co.uk/2013/07/19/huawei_cybersecurity_centre/

Huawei’s Chinese connection continues to be source of suspicion
http://www.net-security.org/secworld.php?id=15254
People’s Republic of China’s Huawei Tells Accusers ‘Put Up, or Shut Up’ Following Fresh Spying Allegations
http://www.ibtimes.co.uk/articles/492427/20130719/huawei-lashes-out-spying-allegations-cia-uk.htm
Ex-CIA chief Hayden claims People’s Republic of China’s Huawei spies for Chinese state
http://www.scmp.com/news/china/article/1286054/it-goes-without-saying-huawei-spies-china-says-ex-cia-chief
Former CIA boss says aware of evidence Huawei spying for thePeople’s Republic of China
http://www.reuters.com/article/2013/07/19/us-huawei-security-idUSBRE96I06I20130719
Huawei accused of spying for the People’s Republic of China by former CIA boss
http://www.slashgear.com/huawei-accused-of-spying-for-china-by-former-cia-boss-18291022/?
Anatomy of another Android hole – Chinese researchers claim new code verification bypass
http://nakedsecurity.sophos.com/2013/07/17/anatomy-of-another-android-hole-chinese-researchers-claim-new-code-verification-bypass/?

People’s Republic of China’s Huawei denies spying for Chinese government
http://www.digitalspy.co.uk/tech/news/a499762/huawei-denies-spying-for-chinese-government.html?rss
People’s Republic of China’s Huawei says CIA chief’s spy claims were ‘politically inspired and racist corporate defamation’
http://www.computing.co.uk/ctg/news/2283637/huawei-says-cia-chief-s-spy-claims-were-politically-inspired-and-racist-corporate-defamation
People’s Republic of China’s Huawei fends off more spying claims and faces UK security review
http://www.fiercewireless.com/europe/story/huawei-fends-more-spying-claims-and-faces-uk-security-review/2013-07-19?

PRISM Causes China’s Public Campaign Against American Companies
Growing Chinese Animosity Following PRISM Revelations Could Threaten Tech Firms’ Prospects In World’s No. 2 Economy

http://www.ibtimes.com/growing-chinese-animosity-following-prism-revelations-could-threaten-tech-firms-prospects-worlds-no

Good Practices Guide on Non-Nuclear Critical Energy Infrastructure Protection (NNCEIP) from Terrorist Attacks Focusing on Threats Emanating from Cyberspace
http://www.osce.org/atu/103500

US Military to Deploy Units Devoted to Cyber Operations
http://www.acqmagazine.com/military-to-deploy-units-devoted-to-cyber-operations/

Enjoy!

Semper Fi,

謝謝
紅龍