The nature of U.S. government data targeted for “exfiltration” by Chinese hackers suggests they're working on behalf of the Chinese government, not cybercriminals, said a report commissioned by the U.S.-China Economic and Security Review Commission. Researched and written by Northrop Grumman, the report said Chinese military strategists have “come to view information dominance as the precursor for overall success in a conflict.” The strategy drives the People’s Liberation Army to develop “more comprehensive computer network exploitation techniques” that can be used to create “blind spots.” Those are parts of a system that can be exploited at “predetermined times or as the tactical situation warranted.” Such attacks will be “widely employed in the earliest phases of a conflict, and possibly preemptively against an enemy’s information systems.” The PLA is reaching out to commercial industry, academic and “possibly select elements of China’s hacker community” to staff its cyber-intrusion missions, the report said. It cited “limited cases of apparent collaboration between more elite individual hackers and the [government’s] civilian security services.” China is using “disciplined, standardized operations, sophisticated techniques, access to high-end software development resources, a deep knowledge of the targeted networks and an ability to sustain activities inside targeted networks, sometimes over a period of months,” the report said. Analysis of intrusions suggests that Chinese black-hat hackers involved in illegal activities are being tapped to develop customized tools for zero-day exploits. “The depth of resources necessary to sustain the scope” of intrusions is beyond the ability of “virtually all organized cybercriminal enterprises and is difficult at best without some type of state-sponsorship.” Data historically targeted have “no inherent monetary value to cybercriminals,” such as credit card numbers, the report said. If stolen data are being brokered through a third party to interested countries, regardless of who is doing the hacking, the activity can be considered state-sponsored, it said. Targeted data to date could help a country’s defense industry, space program, some high technology industries, “foreign policymakers interested in U.S. leadership thinking on key China issues,” and foreign military planners looking for U.S. weaknesses that could be exploited in a crisis, the report said. China would probably use its abilities to attack certain nodes on the military’s nonclassified NIPRNET and unclassified Defense Department and civilian contractor networks in the U.S. and allied Asia-Pacific countries, with the intent of delaying U.S. deployments and harming effectiveness of troops already deployed. The only difference between exploitation of a network and attack is the intent of the hacker, the report said. If China is responsible for just some of the current exploitation efforts, it may already have a “mature and operationally proficient” capability in computer network operations.
CBP has issued the following CSMS messages regarding 10+2:
The Census Bureau has posted to its Web site the October 2009 issue of its Automated Export System Newsletter. Highlights include:
U.S. Customs and Border Protection has issued a final rule, effective October 13, 2009, amending its regulations to specify the proper CBP official who is authorized to receive a final administrative appeal for a failing grade on the customs broker license examination.
CBP has posted a notice on the Animal and Plant Health Inspection Service's announcement regarding an increase to their fees charged for certain agricultural quarantine and inspection (AQI) services. These rate changes will become effective November 1, 2009. (See ITT's Online Archives or 10/01/09 news, 09100105, for BP summary of APHIS delaying the AQI user fee increase until November 1st.) (Notice, dated 10/06/09, available at http://www.cbp.gov/xp/cgov/travel/pleasure_boats/user_fee/2010_fee_increase.xml)
U.S. Customs and Border Protection has updated and expanded its frequently asked questions document on its interim final rule that amended 19 CFR effective January 26, 2009, to require Security Filing (SF) information from importers and additional information from carriers (10+2) for vessel (maritime) cargo before it is brought into the U.S.
Multiple businesses, trade associations, and business organizations have sent a letter to leadership at the House Ways and Means and Senate Finance Committees asking them to make the immediate renewal of the Generalized System of Preferences a priority.
The Pipeline and Hazardous Materials Safety Administration and the Federal Aviation Administration are alerting shippers and carriers to the importance of transporting lithium batteries safely. PHMSA and FAA are concerned that many persons who ship lithium batteries do not recognize the hazards posed by these batteries during transportation. (D/N PHMSA-2009-0310; Notice No. 09-05, FR Pub 10/07/09, available at http://edocket.access.gpo.gov/2009/pdf/E9-24184.pdf)
The Securities and Exchange Commission has announced that Nature's Sunshine Products Inc. (NSP) and two of its principals will pay civil penalties to settle allegations that NSP's Brazilian subsidiary made illegal cash payments to Brazilian customs officials in violation of the Foreign Corrupt Practices Act (FCPA).