nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
China 'hacked' South Korea to wreck Star Wars missile shield

Silver badge

Network traffic

The funny thing about network traffic is you can't see it unless you bother. I wonder how many people who read this comment actually capture WAN traffic, let alone LAN, let alone actually analyze it.

If you do, then you might be qualified to comment on the article. Me? - meh - I'm not up to speed on the politics.

3
1
Silver badge
WTF?

Come again?

OK, I'll bite.

Why would you ever allow something like THAAD be connected to the Internet? Surely the military has the ability to network its systems independently of the Internet.

12
3
Silver badge

Re: Come again?

Why would you ever allow something like THAAD be connected to the Internet?

Exactly. Why the hell were these people even able to receive email on this network, or connect an external device to it?

According to Hultquist, key targets were sent spear phishing emails with weaponized attachments, and at least one person slipped up.

Madness.

3
3

Re: Network traffic

I do. On the Pacific North-Left (and along the West Coast Fibers).

President Xi was here a few with some Skirt+Smoke blowing. Some fun:

1. Thirty days before the visit roving hacks from China's backbone dropped off the charts and returned thirty days after.

2. China ordered some 200+ airframes from Boeing (jacking the stock price) that made the front page of the WSJ and Seattle TImes, and was quietly downgraded by 1/3 weeks later, bade C-5 as three pargraphs.

3. Bill Gates declined a meeting on "Cyber Security" (That's just kind of funny.)

4. We're right back to the usual traffic from the usual IPs, state sponsored...As an American SysAdmin sitting off of fiber from Asia, I simply crack up about Russian "hacking" when I'm looking at sevaral hundreds of orders of magnitude (yes, you read that correctly) of packets from China.

5. Russia? A good phishing Op against (l)Users, is a phishing op...not Hacking. And hey, if your target is that stupid, more power to ya' (I'm becoming old and mean and cynical). The fact that it's old US political luddites just makes it more entertaining.

This Industrial shit is getting on my nerves though. It's all fun and bloody games until someone pokes an eye out.

2
5
Anonymous Coward

Re: Come again?

Der. No one said THAAD was hacked (missiles pointing at the sky suddenly whirr and go limp) but that wouldn't stop targeting of the personnel and groups within the South Korean military that are associated with the deployment and possible operation and whom use internet connected networks. It's all intel.

4
0
Silver badge
Boffin

Re: Come again?

I suspect you've put two and two together and made five. You don't need to have root on the THAAD launcher or radars to influence how it's deployed. Hacking the PM's personal email and dropping evidence that they're corrupt, say f'r'instance, might well have the same effect, with no need to even touch a .mil network.

We're all one glorious (w)hole these days...

4
0
Bronze badge
Coat

Re: Come again?

Why would you ever allow something like THAAD be connected to the Internet?

Because, if you don't, the License Manager cannot properly verify that you have purchased the rights for several value-added functions not available in the base-system configuration, such as: Targeting, Initiate Warhead, Fuel Management, PowerPoint Status Reports, Mission Approval, and Inventory Management.

There is also a service fee for every missile servicing a target.

6
0
Anonymous Coward

Re: Come again?

"Because, if you don't, the License Manager cannot properly verify that you have purchased the rights for several value-added functions not available in the base-system configuration, such as: Targeting, Initiate Warhead, Fuel Management, PowerPoint Status Reports, Mission Approval, and Inventory Management."

Are you confusing a missile system with an Oracle product?

0
0
Silver badge

THAADD

So the Chinese hack would be a Terminal High Altitude Area Defense Defense, and if the Koreans blocked it would that be a Terminal High Altitude Area Defense Defense Defense?

7
0
Silver badge

Re: THAADD

Milo Minderbinder called, he wants royalties on your acronyms.

9
0
Silver badge

@Voyna Re: THAADD

Nice Catch-22 reference.

0
0
Silver badge

Re: @Voyna THAADD

What could possibly be more Milo than selling weapons to allied countries which make them more likely to be attacked, thus requiring more weapons and so on?

5
0

Re: @Voyna THAADD

There's got to be a way to get a Snowden (Catch-22 version) reference in here too, but I can't see it.

0
0
Silver badge

Re: @Voyna THAADD

"There's got to be a way to get a Snowden (Catch-22 version) reference in here too, but I can't see it."

Ou sont les Snowdens de la Chine?

0
0
Facepalm

The obvious question is...

Just why would anyone have a defensive anti-missile system connected to the freakin' tubes so it's vulnerable to attack by hackers in the first place?

Note: Had a really hard time choosing an appropriate icon since so many negative ones apply perfectly for such a dimwitted clueless implementation by S. Korea's Muppet-in-charge of this countless-lives-saving defensive shield. [rolling my eyes while shrugging my shoulders with palms up in the air while facepalming while scratching my head while rocking by head back and forth while saying WTF while...]

7
2
Silver badge

Re: The obvious question is...

Obviously it isn't directly connected, presumably China was able to get something running on an internal network that is connected to it. Most likely by social engineering - tricking someone into bringing compromised hardware like a USB stick or phone inside the secure perimeter, sending them email offering naked pics of Kim Karda^H^H^H^H^H Jun Un, that sort of thing.

2
1
Silver badge

Re: The obvious question is...

Who told you they attacked the system itself?

There is most likely plenty of supporting infrastructure to attack. Just take out the network used to send the order to put it on high alert and you are as good as taking out the system itself.

Some of the supporting infra is likely to be a significantly softer target.

8
0
Anonymous Coward

Re: The obvious question is...

It will be air gapped from the internet, so the challenge would have been to bridge the gap. In this instance you don't need long as this is an availability critical system. There are lots of ways to do this. It could be something as simple as a mouse (probably made in China) that is connected to the command system having a little more functionality built into it whereby it receives a signal (RF or audio, you choose) that then switches to having remote control and keyboard functionality. Having the cursor bouncing over the screen and the keyboard spewing junk at the wrong moment might be sufficient, but if you can also view the screen borrowing some of the techniques leaked by Snowden it's clearly game over.

1
1
Silver badge

Re: The obvious question is...

Why do so many apparently intelligent and informed IT people jump to conclusions the piece doesn't merit?

Show me where in the piece it says the weapons systems themselves were hacked (or attacked).

3
0
Bronze badge
FAIL

Re: The obvious question is...

@AC - Exactly - I just have to wonder how much of the US defense hardware is made in China in the first place - did any electrical engineers even look at some of that hardware under a microscope to check for microchip "doping". I have a suspicion they did not. So consequently there would be any number of ways to crack our defense systems. About now, I bet they wished they could go back to the old missile silo systems with its 1950 based hardware.

1
1
Anonymous Coward

action and reactiion

If the hacking reports are true, this would not be a terrible surprise. China is quite justifiably concerned about having THAAD units, and especially their AN/TPY-2 radar installed so close to its borders. This deployment is clearly unnecessary to protect from any nork threat - the only thing they can reliably hit are their own feet. If they fire back, it will be in some sneaky asymmetric way, with the high-tech missile defence toys about as useful as they would have been to USS Cole.

For Chinese, however, THAAD is a clear and immediate threat - it has the potential of at least closely surveying, and at worst neutralizing, a good fraction of their strategic deterrent. They will push back in every way they could. Any politician who wasn't expecting it is an idiot.

10
4
Silver badge

Re: action and reactiion

Same story as the similar Red Herring deployment in Eastern Europe negotiated by Shrub.

It has everything to do with pissing off Russia or China and very little to do with the stated goal. After sh*t like that, for some reason, we pretend that we do not understand why our relationships with them are at all-time low.

12
6
Silver badge

Re: action and reactiion

"Any politician who wasn't expecting it is an idiot."

Well, that's the US House and Senate covered then.

(And the POTUS is keeping himself informed by binge watching M*A*S*H on Netflix.) :/

4
0

Re: Russia

Yep, it's not like taking over parts of Ukraine or possibly the Baltics or helping out Sarin-man Assad or killing off Russian expats in the West have anything to do with our relationship with the P-man.

11
1

Re: action and reactiion

You do realize this happened under Obama's watch...

0
0
Anonymous Coward

Re: Russia

Yep, it's not like taking over parts of Ukraine

It goes both ways.

Do you expect the relationship to be any good after we have sponsored, trained and armed the people who have taken hospitals, theaters and primary schools as hostages for decades?

Do you expect the relationship to be any good after have told them in writing that we will sponsor whoever we like, regardless of that person intention and terrorist status relative to Russia (the letter by C*ntolezza to Putin regarding this has been declassified on the Russian side, dig it and you will find it).

As far as Baltics are concerned, after they joined NATO they shipped every single piece of surplus armament they had to Dudaev and other terrorists/separatists around the Russian borders.

My mother has a framed "service reprimand" on her wall for calling a Lithuanian pilot a cunt. The incident happened after he tried to request low level wind sheer for Hankala airbase (next to Grozny) with an official flight plan from Sofia to Rostov-Na-Don carrying "cucumbers". For some reason the "cucumbers" landed from Lithuania the previous day.

Now, let me ask you a question, how level will be let's say (for sake of arguments) Haiti or the Isle of Man and at how many Sieverts it will tick in a Geiger counter if it shipped weapons for "independence fighters" in let's say Texas (or Wales) and they took a primary school and slaughtered most of the children in it? Now add a theater to it. Now add a hospital. Now add supplying ~ 50 aircraft for a suicide bomber run (what happened on 9/11 was planned there first, just never executed due to lack of pilots). Now add 20+ buses, trolleybuses, etc bombed with the people on them. Now add two passenger aircraft. All of that while getting a shipment per week or more of weapons out of the surplus coffers of at least one Baltic state as well as financial, diplomatic and political cover by US and UK.

I actually admire Russian restraint on the subject. We would have not been anywhere as patient. If the tables were turned, the Baltics would have been glass glowing in the dark.

2
8

Re: action and reactiion

THAAD is not a threat to China's strategic nuclear forces. It doesn't have the range to take out ICBMs launched from China, nor is it meant to attack during the launch phase. It is a defense against Intermediate missiles, nuclear or not, in their terminal phase (the "T" in THAAD).

4
0
Anonymous Coward

Re: action and reactiion

THAAD is not a threat to China's strategic nuclear forces.

You may believe so, and you may even be absolutely right.

However, what is important is that Chinese believe, given their past encounters with the US. A rather good summary is here.

3
0
Silver badge

Makes sense

Attacking the United States' anti missile system would be seen as a far more hostile attack, with a high likelihood of a successful counterattack. The knowledge gained would help them attack the US' system someday, should it be necessary, so even if they don't care about hacking South Korea's system it is useful "practice".

7
0
Silver badge

What kind of numpty ...

... makes things like this available to the Internet at large to begin with? Even via SneakerNet? Have the idiots in charge never heard of security?

2
0
Silver badge
Happy

Re: What kind of numpty ...

Well, South Korean phone companies don't have a tremendous record of issuing security updates. Perhaps it's a cultural thing.

4
0
Silver badge

In an interview with the Wall Street Journal, FireEye's director

So it is a PR exercise for FireEye then. The government isn't listening to them or something.

5
0
Silver badge

Trump's government isn't listening to anyone they don't already agree with...

4
0
Silver badge
Facepalm

Attack of the anti-ballistic cyber BS

Let me see if I correctly understand, the South Korean military have connected their anti-ballistic-missile to the Internet. This isn't the Daily Mail, do you have to repeat the cyber BS on this here technology forum.

2
0

You'd think that by now the idiots in charge of communications for militaries would realize using the internet for ANYTHING remotely critical or secret is tantamount to putting the info on CNN. ROK deserves what it gets for such stupidity. Oh, wait. They were trained by the Pentagon. 'Nuff said.

1
1
Silver badge

Cardboard Tanks

Lots of dirty tricks in warfare going back millennia. See above which was a ruse in WWII.

Makes sense to have a whole artificial missile system to distract Johnny Foreigner's attention (and induce false confidence*) while the real one is properly ring-fenced.

*'Course the Law of Unintended Consequences will screw you every time, say if your cardboard tanks cause the enemy to ramp up production of its own tanks or anti-tank ordnance.

2
0
Silver badge

Re: Cardboard Tanks

"if your cardboard tanks cause the enemy to ramp up production of its own tanks or anti-tank ordnance."

Fortunately shells tend to go straight through cardboard tanks without exploding.

2
0
Anonymous Coward

No, the really obvious question is...

How do they blame the Russians?

2
0
Bronze badge

Maybe if China actually did something to curtail the nuclear ambitions of the North Koreans then South Korea wouldn't need a THAAD. Instead the communist bastards spend their time hacking all and sundry for both military and commercial information. I like their food, well the western made stuff, and their people seem ok but their leaders are a real problem. I wonder how Tail Gunner Joe would have gotten along with them?

1
3
Silver badge

You know that the CIA have software that can make a hack look like it came from a specific country?

Just a thought.

A tin foil hat icon would be brilliant El Reg by the way.

0
2
Anonymous Coward

No thanks

The problem with a tin foil hat it that it makes you easier to track.

2
0
Silver badge

Re: No thanks

"The problem with a tin foil hat it that it makes you easier to track."

You have to bend it into a stealth shape. That minimises the radar profile.

2
0
Silver badge
Thumb Up

"well connected"

Zing!!

1
0

No surprise

China counterattacks against something which endangers its nuclear deterrence capacity... sounds rather logical.

1
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing