In a move straight out of a spy novel, Chinese hackers used some serious technical trickery to steal information from India's Navy regarding a new nuclear submarine. The Indian Express reports that India's Eastern Naval Command was the target of a Chinese-made computer bug that was able to infiltrate computers that weren't even connected to the internet.

Here's how it worked: The malicious program was initially planted on internet-connected computers in and around India's Naval base and laid dormant until a portable USB drive was plugged in to the machine. Once the flash drive was present, the bug made its home on the tiny device and waited until it is plugged in elsewhere. The virus then searched for keywords — in this case, information on a new nuclear submarine being tested in India — and copied as much as it could.

Indian Naval officers made the mistake of taking thumb drives they had used on a web-connected machine and plugged them in to computers that contained sensitive data on the new sub. India's Navy uses computers with no internet connection to store this important data, but that didn't stop the virus from completing its task.

Once the nefarious program had the information it needed, it again waited until it was plugged in to an internet-connected computer. Once a healthy connection was found, the software immediately relayed the data back to its creators in China. Naval officials aren't detailing exactly how much information was leaked, but as this is India's very first foray into the nuclear-powered submarine arena, any and all data is considered to be top secret.

wow, holy shit, that is amazing how sophisticated bugs have become. Skynet is just around the corner.

Cool program. I would like to understand how the chinese programmers built the lookup table of keywords that traveled with the virus, so as to make it not detectable.

The writer of the article is however a schmuck, and someone who is clueless as to what he wrote:

Once the nefarious program had the information it needed, it again waited until it was plugged in to an internet-connected computer. Once a healthy connection was found, the software immediately relayed the data back to its creators in China

A program cannot be called "nefarious" because the program is not sentient. A program can also not determine it has "the information it needed".. it simply relays what it found as it finds it. If you leave it there longer, it will continue to find matches as long as you keep providing them.

Big FAIL for the Indian Navy if they didn't use code names for their hardware... the Chinks seriously owned them.

Human stupidity at work. That's why the BIOS offers the option of shutting down all USB ports and floppy drives, so no data can be copied.

Axel_Bavaria wrote:

Human stupidity at work. That's why the BIOS offers the option of shutting down all USB ports and floppy drives, so no data can be copied.

The bug was an obvious one to predict. The computer should have a seperate system to connect to the net with no connection between the drives. Shut-down one part of the PC to start up another (more on that later if you want to PM).

Anyway;
shouldn`t such systems be `sealed`? (special laptops with no drives? (or specially developed [Different shape/design USB] heavily-encoded removable drives)?

Now the `seals` are broken. Like some Biblical revelation scenario. India will be pissed.


Getting bizaire now;-
Anyone want to know why I keep my `silent submarine propulsion system` design a secret?

Its always possible that the device found a "honeypot" full of BS that looks valid.

You never know what is going on behind the scenes. There are a lot of brilliant and devious people working in cyber security.

fucking awesome, WW3 motherufkcer

that's some crazy shit. pretty impressive for gooks...used to be, the chink slopes had to pay off members of the Clinton family to get nuclear secrets

This type of shit is SOOO easy to stop. You need only block ALL outgoing traffic to all but a few approved sites.

GB_Gandalf wrote:

This type of shit is SOOO easy to stop. You need only block ALL outgoing traffic to all but a few approved sites.

Can be bypassed with a bit of code.