Why Hasn’t China Cracked Down on Its Rainmen?

Another mainstream media look at the alleged “Titan Rain” cyberwar strategy of the Chinese, where organised, highly disciplined and experienced gangs ferret around in Western computers. This one is from today’s Guardian Unlimited — Smash and grab, the hi-tech way:

Sources involved in tracking down the gang say the Chinese group is just one of a number of organised groups around the world that are involved in a hi-tech crime wave, some working for governments, others highly organised criminal gangs. “We have seen three attacks a day from this group in the past week and there are a lot of other groups out there,” said the source. “You could say that the iceberg is now in view.”

That said, it seems clear that this kind of thing has some government sanction:

Privately, UK civil servants familiar with NISCC’s investigation agree that the attacks on the UK and US are coming from China. This almost certainly means some state sanction or involvement – perhaps even a “shopping list” of requirements. Some of the attacks have been aimed at parts of the UK government dealing with human rights issues – “a very odd target”, according to one UK security source.

The point is that Internet activity is heavily circumscribed in China:

There is another, more compelling reason. “Hacking in China carries the death penalty,” says Professor Neil Barrett, of the Royal Military College at Shrivenham. “You also have to sign on with the police if you want to use the internet. And then there is the Great Firewall of China, which lets very little through – and lets [the Chinese government] know exactly what is happening.” The internet traffic to the UK, and its origin, would all be visible to the Chinese government. Finding the culprits would, in theory, be a simple process.

So why are they still out there, and why can we narrow down their workplace to a single province?

A Directory Of Firewalls

Hardware firewalls are not included in this list. For an excellent comparison of some of these programs see PCPro’s article.

  • Kerio Blurb:  Kerio Personal Firewall (KPF) helps users control how their computers exchange data with other computers on the Internet or local network. Kerio Personal Firewall is a necessity for all desktop computers connected to broadband Internet, using DSL, cable, ISDN, WiFi or satellite modems. Within an organization, Kerio Personal Firewall prevents a single computer from attacks initiated by internal users. Remote workstations and laptops running KPF are protected from Internet born attacks. Price: Free to $45
  • Tiny Personal Firewall Blurb: Tiny Personal Firewall 5.0 (TPF5) represents the next generation security solution which integrates several protection layers for the ultimate safety of the desktop and server computer running Microsoft Windows operating system. Price: $50
  • Agnitum Outpost Blurb:  With hacker attacks, data theft and privacy violations rampant on the Internet you need a comprehensive solution to safeguard your PC. With Outpost Firewall Pro, you get award-winning firewall software that takes care of your online security needs. Price: $40
  • Intego Netbarrier (Mac version also available) Blurb:  NetBarrier 2003 was designed to protect PC users from the perils of the Internet. Its four-level line of defense provides optimal security so that you can use the Internet without leaving yourself vulnerable to its dangers. Price: $50
  • ISS BlackICE PC Protection Blurb:  This BlackICE PC Protection scans all inbound Internet traffic for suspicious activity on home or small business systems. Price: $40
  • Kaspersky Anti-Hacker Blurb:  Kaspersky Anti-Hacker blocks the most common hacker network attacks by continuously filtering incoming and outgoing traffic. The program detects most types of DoS attacks, as well as Ping of Death attacks, Land, Helkern, Lovesan and SMBDie. In addition, Anti-Hacker detects attempted port scans that often precede mass attacks. When an attack occurs a notification is immediately sent to the user. Price: $40
  • TheGreenBow Personal Firewall Blurb:  TheGreenBow Personal Firewall is the first Personal Firewall made in Europe, addressing equally home/private users and professional users and corporations. Price:  E35
  • McAfee Personal Firewall Blurb:  What makes our firewall special? Enhanced Intrusion Detection, a fast Setup Assistant that enables your protection in minutes and Smart Recommendations that take the guesswork out of responding to attacks. Advanced Trojan Detection helps prevent rogue desktop spyware from “phoning home” personal data. And Visual Tracing tracks hacker attacks back to the source, helping you to notify the proper authorities. Price: $40 (annual licence)
  • Norton Personal Firewall Blurb:  Symantec’s Norton? Personal Firewall 2004 keeps hackers out and personal data in. It makes robust firewall protection easy by automatically hiding your PC on the Internet and blocking suspicious connections. Norton Personal Firewall also protects your privacy by preventing confidential information from being sent out without your knowledge. Price: not available
  • TrendMicro PC-cillin Internet Security (comes as part of anti-virus package) Blurb:  Trend Micro PC-cillin Internet Security helps make the detection and removal of viruses more precise and powerful. The enhanced Personal Firewall helps prevent intrusion from hackers and the new breed of Network Viruses. Trend Micro? Damage Cleanup Services can now be triggered as soon as a virus is caught to keep your system functioning properly. Price: $40 per year
  • Sygate Personal Firewall Pro Blurb:  Small-Medium Businesses and Consumers need leading edge protection for their computers and workstations to protect their valuable information and keep unwanted hackers out. Our Award-winning Sygate Personal Firewall Pro includes a comprehensive Intrusion Protection System (IPS) which includes IDS, DoS protection, and Trojan protection which sets this program high above other personal firewall solutions. Price: $40
  • ZoneAlarm Blurb:  Easy-to-use firewall blocks hackers and other unknown threats. Stealth mode automatically makes your PC invisible to anyone on the Internet. Price: free to $50

Let me know of any I’ve missed or any errors.

It’ll Soon Be Firewall Day

This Thursday, in case you didn’t know, Personal Firewall Day. I was pretty excited about the idea too until I realised there were no parades and opportunities to dress up. Still, it’s a great way of trying to persuade people that having a firewall in place on your computer is no longer a luxury, or something that nerdy types do. Everyone needs a firewall. ZoneLabs, who make probably the best (and free) firewall on the market, point out that

— Vast numbers of home and business computers are unprotected while on the Internet. In fact, many consumers upgraded to new computers over the holidays–they need to be quickly protected with the latest patches and security updates, or they’ll be vulnerable right out of the box.
— The FTC reports 9.9 million cases of identity theft in the U.S. last year, making it the fastest growing crime in America, affecting an estimated 500,000 to 700,000 people per year.

The bottom line is that it’s very easy to get infected — within seconds, literally, of connecting to the Internet — and it’s very hard to get uninfected. Future versions of WIndows — including the next XP ‘service pack’, which ships this year — will have a firewall activated by default, so this problem may not be around that long, but it pays to be safe.

Mail: Some Mac Tips

 This from Graham Holliday, a Mac user, on some Mac alternatives to what I’ve been discussing in previous weeks:
Owning a Mac really is the first step for any serious antivirus activist it would seem…. “Mac users face just 50 recognized viruses today, while PC users have 85,000 threats to their security. London-based firm mi2g says: “Mac customers running Mac OS X, an implementation of BSD, benefit from BSD’s proven reputation as being one of the most secure operating systems available.” [MacWorld]
When you mention one of your favourite topics (firewalls), you often mention Zone Alarm. You might also like to mention the free (sharware) for Mac Brickhouse. Macs have an inbuilt firewall, but this makes it easy to set up for normal tech-averse folk.
BTW found Mac RSI software here.
Thanks, Graham. Very helpful.