The Chinese had better donate lots of YEN to the gop, RNC. Then this will be glossed over. They should know by now that money is the only thing that motivates this government. All the millionaires in the gop need lots of cash in order to do their jobs.

This is a given. And even before the cyber world, China has appropriated ideas, technology, and the written word. The level of penetration into secure sites is astounding. And evidently the North Koreans are in the same league. Meanwhile, back at the ranch, Trump has the nation spinning in circles as he manages the daily news cycles by creating one announcement and one crisis after another.

revived by the Orange Peril himself

by stealing US tech secrets? The CCP wants all the data on all of our most mission-critical weapons programs. The CCP navy just deployed "rail guns," though it remains to be seen whether they work. We're not talking about "Chinese," but rather the CCP.

do SOMETHING with all that taxpayer money. The military budget increases practically on a yearly basis, in order for the US to have "the best trained military in the world" Buying obsolete planes and weapons can only waste so much. Outside contracts for friends of the gop are a steady source of "donations". Look how well Halliburton and all the subsidiaries did under the Cheney administration. Ol' Dickless did well for himself, too.

Stop being an asshole dt.

Should the contractors be stopped from using contractors?

How many more do we need?

and get parts to maintain the current equipment.

All of which the military buys from suppliers, contractors. It's difficult to keep designs secret when so many are involved.

fascist usa is afraid of china now, let me see if I give a shit, nope, I don't

China is appropriating the South China Sea, by building military bases on little atolls. Their expansion is affecting fishing, mineral rights in the area.

https://en.wikipedia.org/wiki/Territorial_disputes_in_the_South_China_Sea

... on my home computers. It would tell me who is pinging my computer, hoping to get a response (See Gibson Research [link:https://www.grc.com/x/ne.dll?bh0bkyd2| ).

The software would list which ISP's were pinging me; using a trace route program I found that on any given evening, 75% of the pings originated in China.

As I recall, that contractor mentioned above, did NOT have the proper security software running on their system/network, no firewall was operating.

think of a power company, they will normally have a Supervisory Control and Data Acquisition (SCADA) network for running the power generating equipment. Then they will have a separate administrative/business network for supporting functions like personnel management, payroll, logistics, etc. While the admin network will connect to the internet, the ops network should be isolated.

The military is mostly on three networks. The primary command and control network goes up to SECRET. There are TOP SECRET networks, usually accredited for compartmented intelligence or Special Access Programs. Their largest network is unclassified and connects to the internet.

Most defense contractors are building stuff. They don't exercise command and control or conduct operations. That a compilation could be classified doesn't mean that an original or derivative classifier has evaluated it and applied classification. That also is an inherently governmental function and contractors can't just classify information. The terms of each contract specify what clearance and accesses are required. Contractors can't just decide to have clearances, classified work spaces or classified networks. It has to be authorized and accredited by a government sponsor.

If a compilation of unclassified information would be classified, it need to be documented in the program's security classification guide. Sometimes there are bonehead cross domain violations - for example someone connecting a classified computer to the internet to download software updates. The far bigger problem is people putting classified information onto an unclassified computer.

adequate safeguards built in. Are there firewalls, does it require strong passwords, if someone is coming in from an unknown IP, is there two-factor authentication? Does the email disable embedded URLs? Are patches and OS updates current, especially anti-virus signatures.

But the second thing is all about people making it a priority and reducing human error. Most of the time, those come from users as opposed to the IT staff.

As an outlier, The Clinton campaign hack included two human errors. The anomaly was that one of those mistakes was from IT. John Podesta received an email saying he needed to change his password. He asked IT if it was legitimate and the tech said it was. JP clicked on the link provided and changed his password. It was really a spearphishing email and the link took him to a fake site where thought he was changing his password. When is input his current password, the hackers had it, immediately logged into his real account and copied everything.

Human Error #1: IT misspoke - a mistake, not a lie, that it was legitimate. #2 was that JP just clicked on the included link rather than either putting it in manually or following the email application.

Other common user mistakes include uploading (or typing) information not authorized on the system (e.g. any classified on an UNCLASSIFIED system, TOP SECRET on a SECRET system, US only info on a coalition system). People plug in a USB devices or load disks without first scanning them. Users open attachments (that have fro unknown senders. It's also a poor practice to send stuff to people that just don't need it. Are users trained to safeguard classified or sensitive unclassified information & does the organization's culture reinforce following the rules?

Not everything is bad news. I'm kind of nerdy and a year ago I was watching C-Span where Commander of the US Cyber Command was speaking to a cybersecurity conference. He said something like the most progress he had seen was that (finally), senior leaders wouldn't spend the first half of meetings arguing that cybersecurity was the IT guys problem. A culture that accepts cybersecurity as somebody else's job invites failure.

That's some of the the bigger stuff but doesn't come close to covering everything.

''Spies for Hire: The Secret World of Intelligence Outsourcing''

book came out about 10 years ago, apparently nothing has changed for the better since then.
=

As much as they can. When they can't steal it, they've been buying it.
Calling for a moratorium is the only good thing the treasonous idiot-in-chief has done.

"Treasury is crafting rules that would block firms with at least 25% Chinese ownership from buying companies involved in ‘industrially significant technology’"

https://www.wsj.com/articles/trump-plans-new-curbs-on-chinese-investment-tech-exports-to-china-1529883988