Groups | Search | Server Info | Login | Register

Groups > aus.comms > #20591

Re: China PLA Unit 61398 pumps the NBN full of hacking packets

From not@telling.you.invalid (Computer Nerd Kev)
Newsgroups aus.computers, aus.comms
Subject Re: China PLA Unit 61398 pumps the NBN full of hacking packets
Date 2020-06-20 02:38 +0000
Organization Aioe.org NNTP Server
Message-ID <rcjsr5$1t33$1@gioia.aioe.org> (permalink)
References <fb568e01c000dc556c58ad7c2f829e6c@remailer.paranoici.org> <rci7hk$8o3$3@dont-email.me>

Cross-posted to 2 groups.

Show all headers | View raw

In aus.computers news18 <news18@woa.com.au> wrote:
> On Fri, 19 Jun 2020 13:21:30 +0200, Anonymous wrote:
> 
>> They must love Rudd for creating the NBN to make their evil deeds
>> easier.
>> Reds under the bed? Not anymore - they are in optic fibre,
>> the Cisco switches, the firewalls ....
> 
> They've been in Cisco switches from the 80's that I know off and they 
> were infesting Telstra then as well. The diff is that many mre peope are 
> easily able to see what they are up to and ScoMo has SFA understanding. 
> what is he trying to cover up. the journo's have missed something.

Not sure if there was more in the OP's post, the remailer they're
using must have been blocked by Aioe, because it's not showing here.

"According to the ASCS, the main way the attackers have compromised
 systems is via a piece of software used to manage web servers called
 Telerik UI.

 This vulnerability -- and the patch to fix it -- has been around
 since 2019. 

 The ASCS also issued an advisory on this very vulnerability in just
 March this year."
https://www.abc.net.au/news/2020-06-20/australian-departments-routinely-audited-for-cyber-readiness/12375050

So if the Australian Cyber Security Centre can be believed, it's not
so much to do with the NBN as specific government department servers
and their insecure software.

As for where the attack came from. China seems probable, but public
information on any "smoking guns" that actually reveal who performs
these attacks never seems to be made public, so one wonders if any
of them can genuinely be attributed to a particular government
hacking programme without reasonable doubt.

It's hard to imagine that state actors couldn't pull off almost any
attack via secret VPN servers located in other countries, so the idea
that you can study the attack itself and conclude where it came from
seems very odd to me. Unless there are spies "on the inside" at
least (the US probably has, but I doubt they'd tell our government
what they find out).

-- 
__          __
#_ < |\| |< _#

Back to aus.comms | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

China PLA Unit 61398 pumps the NBN full of hacking packets Anonymous <nobody@remailer.paranoici.org> - 2020-06-19 13:21 +0200
  Re: China PLA Unit 61398 pumps the NBN full of hacking packets news18 <news18@woa.com.au> - 2020-06-19 11:28 +0000
    Re: China PLA Unit 61398 pumps the NBN full of hacking packets Petzl <petzlx@gmail.com> - 2020-06-20 08:43 +1000
    Re: China PLA Unit 61398 pumps the NBN full of hacking packets not@telling.you.invalid (Computer Nerd Kev) - 2020-06-20 02:38 +0000
  Re: China PLA Unit 61398 pumps the NBN full of hacking packets Jeßus <j@j.net> - 2020-06-21 12:34 +1000
    Re: China PLA Unit 61398 pumps the NBN full of hacking packets Clocky <nopenotgonn@happen.com> - 2020-06-23 09:08 +0800

csiph-web