The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them

An exclusive look at how the hackers called TITAN RAIN are stealing U.S. secrets
By NATHAN THORNBURGH
SUBSCRIBE TO TIMEPRINTE-MAILMORE BY AUTHOR
Posted Sunday, Aug. 28, 2005
It was another routine night for Shawn Carpenter. After a long day analyzing computer-network security for Sandia National Laboratories, where much of the U.S. nuclear arsenal is designed, Carpenter, 36, retreated to his ranch house in the hills overlooking Albuquerque, N.M., for a quick dinner and an early bedtime. He set his alarm for 2 a.m. Waking in the dark, he took a thermos of coffee and a pack of Nicorette gum to the cluster of computer terminals in his home office. As he had almost every night for the previous four months, he worked at his secret volunteer job until dawn, not as Shawn Carpenter, mid-level analyst, but as Spiderman--the apt nickname his military-intelligence handlers gave him--tirelessly pursuing a group of suspected Chinese cyberspies all over the world. Inside the machines, on a mission he believed the U.S. government supported, he clung unseen to the walls of their chat rooms and servers, secretly recording every move the snoopers made, passing the information to the Army and later to the FBI.

The hackers he was stalking, part of a cyberespionage ring that federal investigators code-named Titan Rain, first caught Carpenter's eye a year earlier when he helped investigate a network break-in at Lockheed Martin in September 2003. A strikingly similar attack hit Sandia several months later, but it wasn't until Carpenter compared notes with a counterpart in Army cyberintelligence that he suspected the scope of the threat. Methodical and voracious, these hackers wanted all the files they could find, and they were getting them by penetrating secure computer networks at the country's most sensitive military bases, defense contractors and aerospace companies.

Carpenter had never seen hackers work so quickly, with such a sense of purpose. They would commandeer a hidden section of a hard drive, zip up as many files as possible and immediately transmit the data to way stations in South Korea, Hong Kong or Taiwan before sending them to mainland China. They always made a silent escape, wiping their electronic fingerprints clean and leaving behind an almost undetectable beacon allowing them to re-enter the machine at will. An entire attack took 10 to 30 minutes. "Most hackers, if they actually get into a government network, get excited and make mistakes," says Carpenter. "Not these guys. They never hit a wrong key."

Goaded by curiosity and a sense that he could help the U.S. defend itself against a new breed of enemy, Carpenter gave chase to the attackers. He hopped just as stealthily from computer to computer across the globe, chasing the spies as they hijacked a web of far-flung computers. Eventually he followed the trail to its apparent end, in the southern Chinese province of Guangdong. He found that the attacks emanated from just three Chinese routers that acted as the first connection point from a local network to the Internet.
more
http://www.time.com/time/magazine/article/0,9171,1098961,00.html

Along with India?

This is the most frikkin' corrupt, stupid, keystone cop administration that could ever be imagined. The republicans are so damned immature! All they can think about is POLITICS. They don't give one damn about our security, our future, our environment, our jobs, our legal system....only in terms of POLITICS do they do any damned thing!

And POLITICS is the ONLY thing they have down to a science. :argh:

God! Please give us our country back!!

:kick::kick:

According to accounts from within the Secret Able Danger program, DoD shut the project down several months after the Bush Administration took power in 2001. There is now a report that the Defense Intelligence Agency was using the project's data-mining technology to investigate other national security threats in addition to al-Qaeda cells inside the U.S.. The program may have revealed details of suspected espionage that got too close to the White House, leading to the termination of the program.

Laura Rozen, who has been closely tracking the Able Danger story, says in her War and Piece.com. blog on Aug. 27:

This New York Post report on Able Danger is the most revealing so far. I had heard as well that Able Danger was shut down after it submitted papers for its budget review that included a huge China analysis that had the Pentagon review general scratching his head. But I had not heard about the Condoleezza Rice stuff, which would go a long way to explaining why Able Danger may have been shut down:

"The private contractors working for the counter-terrorism unit Able Danger lost their jobs in May 2000. The firings following a series of analyses that Pentagon lawyers feared were dangerously close to violating laws banning the military from spying on Americans, sources said.

"The Pentagon canceled its contract with the private firm shortly after the analysts — who were working on identifying al Qaeda operatives — produced a particularly controversial chart on proliferation of sensitive technology to China, the sources said.

"Lt. Col. Anthony Shaffer, the veteran Army officer who was the Defense Intelligence Agency liaison to Able Danger, told The Post China "had something to do" with the decision to restructure Able Danger.

"Sources said the private contractors, using sophisticated computer software that sifts through massive amounts of raw data to establish patterns, came up with a chart of Chinese strategic and business connections in the U.S.

"The program wrongly tagged Rice, who at the time was an adviser to then-candidate George W. Bush, and former Defense Secretary William Perry by linking their associations at Stanford, along with their contacts with Chinese leaders, sources said.

"The program also spat out scores of names of other former government officials."

So Able Danger's data mining results seemed more all over the board, a kind of tinfoil hat producing adventure better left to freepsters and google?

While Rozen dismisses any possibility that Condi was actually involved in any wrongdoing with the Chinese, the subject of PRC espionage to obtain US dual use technologies has caused great concerns at the Pentagon.

The notion that AD was shut down for spying on Condi's suspected involvement with Chinese espionage doesn't make a lot of sense to me, either. Not because I trust Condi, but because the events referred to happened years earlier. Are these reports implying that the AD project had a capability to search backwards through databanks, or that the program really got started years in the mid 1990s?

Here's an article that goes into it - I'm not vouching for this, but it gives some idea what the issue was.


http://www.newsmax.com/archives/articles/2001/1/23/203153.shtml

The Chinese Army Spy and Condoleezza Rice
Charles R. Smith
Wednesday, Jan. 24, 2001

Condoleezza Rice, national security adviser to President Bush, has recently granted an interview to virtually every reporter but me. Perhaps it is because I keep asking her questions about the Chinese spy in her past.
Rice has impeccable credentials. She worked for the elder George Bush in the White House, handling Russian issues. She is a distinguished fellow at the Hoover Institution and former provost of Stanford University. Rice is very close to former Clinton Secretary of Defense William Perry. Rice worked with Perry and the Clinton administration during her term at Stanford. The Clinton White House once mentioned her as being on the short list for secretary of state.

Yet it is her years at Stanford working with Perry that have rendered Rice silent. While working at Stanford, she became involved in the most successful Chinese army penetration of the Clinton Defense Department. She will not answer questions about her relationship with Chinese spy Hua Di.

SNIP

At initial glance, the notion that Able Danger was shut down for probing Condi's suspected involvement with Chinese intelligence in the mid-1990s doesn't make a lot of sense to me. The events involving Condi and the Chinese military's acquisition of fiber optics network happened years before the AD program was said to have started. All of this is coming out from sources that are spinning, er, to the right of comfort zone for me. But, if there is anything to this story, it raises several possibilities, all of which may reveal aspects of Angel Danger that were not previously understood:

Was the AD project used to look backward at events that occurred years earlier?

Did the program really got started years before has been admitted publicly, as early as the mid-1990s?

Did the DIA seriously suspect that high officials in the Bush and Clinton Administrations were involved in Chinese espionage?

Or, was AD being used as part of a unauthorized DoD operation to investigate a wide variety of contacts by prominent American figures with foreign powers?

Is all this being raised now as a way of threatening the Democrats not to push too hard to reveal what Able Danger learned about the 9/11 hijackers before it was shut down by Bush in 2001? The stuff about China seems to be a veiled threat against former Clinton Administration officials who might be embarrassed if the public were to now see what military intelligence has learned about how China used dual use technologies shared during the 1990s.

All or any of these, if true, raise a lot of interesting questions that need to be followed-up.

The same people stealing elections are selling out secrets to China, or allowing them to be stolen and everything else. Could it get any worse, is the other shoe dropping?