Blame the Chinese!
Fri, 04/24/2009 - 13:46
http://www.nydailynews.com/news/2009/04/22/2009-04-22_international_hack...
Aparently the chinese hackers are at it again, not content with breaking into Lockheed Martin and getting access to the Joint Strike Fighter info, they've aparently start a slow brute-force against NYPD computer systems.
FTA: "Perhaps it is because of the NYPD's reach into the international arena that we are being targeted for computer hacking..."
Why is the NYPD handling international crimes? Given that we don't really have a cogent sense of international laws, aren't police departments limited to investigations that fall into their state/country? But perhaps there should be more international co-operation.
Getting back to computer security for a sec.
What measures does everyone think would be most effective?
1) Do police systems need to be publicly accessible? Should you be able to remote into any subnet that has all the important stuff. Perhaps they should start with "What is the crown jewels?" problem.
2) Geo-location aware connections. I don't really know what's available to do this, but surely if you're trying to connect to the NYPD systems from an IP outside of new-york; you're probably not in the NYPD.
3) Password complexity. How long would it take to crack an 8 character password BFing at 70,000 hits a day? assuming uppercase, lowercase and numbers, that's 1.86 × 10^21 YEARS! that's a pretty long time...
I can see where they are comming from blaming the Chinese, but it was more likely local, and it is somewhat NYPD's fault not securing there systems or seeing this "slow bruteforce" and simply tarpitting the ip or switching the ip/domain name of the service.
There is a good blog in my RSS on all the hackers in China and some interesting banter behind it: http://www.thedarkvisitor.com
--
"Put me here and I am all yours, not for the money and not for the appluase", Melanie Safka