Retired PLA rear admiral Zhang Zhaozong, who inspired UglyGorilla.
In case you missed it, the cybersecurity firm Mandiant just released a bombshell report (pdf) on how nearly 150 sophisticated hacking attempts against American corporations and government agencies over the past decade almost certainly originated from a single Shanghai office building controlled by People's Liberation Army (PLA). The hacking group, dubbed APT1 in the report, launches its attacks from roughly the same address in the city's Pudong New Area as the one used by the PLA's Unit 61398, a probable cyberwar division. But the excellent New York Times exclusive on Mandiant's findings omits some colorful details about the hackers themselves. One of them, for instance, is apparently a Harry Potter fan. Here are profiles of the three Chinese hackers Mandiant outed in its report.
Jack Wang, a.k.a. Wang Dong, a.k.a. UglyGorilla
A profile photo used by UglyGorilla
Back in 2004, the cyberwarfare expert Zhang Zhaozhong was participating in an online Q&A hosted by the website China Military Online. A retired PLA rear admiral, professor at China's National Defense University, and strong advocate of the "informationization" of military units, Zhang had written several works on military tech strategy, including "Network Warfare" and "Winning the Information War." One question for Zhang came from a site user with the handle "Greenfield," who brought up the United States' cyberwar capabilities. "Does China have a similar force?" he asked. "Does China have cyber troops?"
Greenfield would soon become one of those troops, according to Mandiant. When he registered for the China Military site, he gave his real name as "Jack Wang" and the email address email@example.com—details that would later be associated with the hacker known as UglyGorilla. That October, UglyGorilla registered the hacker zone HugeSoft.org, a name that, as Bloomberg has reported, "combines two common descriptors of a gorilla, along with sub-domains like 'tree' and 'man.'"
In 2007, UglyGorilla authored the first known sample of a widely used family of Chinese malware and brazenly left his signature in the code: "v1.0 No Doubt to Hack You, Writed by UglyGorilla, 06/29/2007."
DOTA, a.k.a. Rodney, a.k.a. Raith
DOTA may have taken his or her name from the video game "Defense of the Ancients," commonly abbreviated DotA. The name shows up in dozens of email accounts that DOTA created for social engineering and phishing attacks, according to Mandiant. It appears Mandiant was able to hack some of these accounts, allowing them to get DOTA's phone number (a mobile phone in Shanghai) and the username of DOTA's (blank) US-based Facebook account, where DOTA registered as female. Mandiant published a screen-grab of one of DOTA's Gmail accounts:
DOTA appears to speak fluent English and may be a fan of American and British pop culture. The answers to security questions associated with his or her internet accounts—such as, "Who is your favorite teacher?" or "Who is your best childhood friend?"—are often some variation of "Harry" and "Poter."
Mandiant linked some of DOTA's other passwords to a pattern that seems to be associated with Unit 61398, the PLA's cyberwar division.
Mei Qiang, a.k.a. SuperHard
Similar to UglyGorilla, Mei Qiang signs much of his work by embedding his name into the code. His malware is often signed "SuperHard" and his Microsoft hacking tools are altered from "Microsoft corp." to "superhard corp."
SuperHard primarily works on tools used by other Chinese hackers; he's probably employed in APT1's research and development arm, according to Mandiant. He has also volunteered to write Trojan software for money. Mandiant researchers gained access to some of the hacker's internet accounts. They believe he (or she; it's hard to know) used the email address firstname.lastname@example.org, which, based on Chinese habit, suggests that the user is named Mei Quiang and born in 1982. They also traced SuperHard to Shanghai's Pudong New Area—information that should give US security experts plenty of leads, assuming the hacker hasn't been fired yet.
Alameda County Sheriff Gregory Ahern wants to buy a surveillance drone, or, as he prefers to call it, a "small Unmanned Aerial System." At a meeting before the county's Board of Supervisors last week, he claimed that he'd only use the drone for felony cases, not to spy on people or monitor political activists. But a few minutes later he'd seemed to change his mind, adding: "I don't want to lock myself into just felonies."
Catcalls and hisses erupted from a crowd of some 100 anti-drone activists. One man later called the proposal "an assault on my community."
Around the country, a small but growing number of localities are considering the use of domestic drones—aircraft that are smaller, lighter, and cheaper (though not much less controversial) than what the military uses in Afghanistan. Police departments could outfit drones with infrared sensors that see through walls, with facial recognition software, or with technology that intercepts calls and emails. Yet the the federal government doesn't do much to regulate how drones can use such technologies to collect information on private citizens.
California would ban the sale of all semiautomatic rifles that accept removable magazines, slap a hefty tax on ammo, and require every gun owner to take a yearly safety course under a new package of firearms laws that would give the Golden State the nation's strongest gun controls.
These and many other proposed firearms laws were announced late last week by leading state Democrats and the mayors of San Francisco and Los Angeles. Many of the laws are expected to pass, in part because the Democratic Party in California now controls the governor's mansion and a supermajority in the Legislature.
"As it is with many issues, California is out front on firearms regulations," said Mark Hedlund, a spokesman for California Senate President Pro Tem Darrell Steinberg. "We don't represent the NRA. We don't think that the NRA represents the majority of Californians, by a long shot."
Ban the possession of ammunition magazines that hold more than 10 rounds
Prevent the future sale, purchase, manufacture, importation, or transfer of any firearms that can accept detachable magazines
Close the "bullet button" loophole by banning tools that allow the quick changing of gun magazines
Regulate ammunition sales like the state regulates gun sales. Ammunition dealers would need to be licensed and anyone buying from them would need to obtain a permit and complete a background check.
Create a 5 cent tax on each bullet purchased, for the purpose of funding crime prevention
Prevent felons and other adults barred from gun ownership from living in a house that contains any guns
Prohibit the loaning or sale of a firearm between people who know each other personally
Take steps to phase out legal possession of assault weapons that were purchased before California outlawed their sale
Require all firearms owners to take an hours-long gun safety course every year, similar to what the state now requires for obtaining a concealed-weapon permit
Require gun owners to purchase insurance to cover damage they may inflict
Require CalPERS and CalSTRS, two of the nation's largest pension funds, to divest from companies that make, sell, or market firearms or ammunition
California has already enacted some of the nation's strictest gun control laws, partly due to its experience with a Sandy Hook-style massacre: In 1989, a mentally unstable ex-con opened fire with an AK-47-style assault rifle on an elementary school playground in Stockton, killing five schoolchildren and wounding 28 others. The shooting contributed to the passage that year of California's assault weapons ban.
Somewhat uniquely, California's state constitution doesn't guarantee the right to bear arms. The Golden State gives its cities the option of refusing to issue concealed-carry permits and doesn't recognize permits issued by other states. It requires the reporting of all handgun sales, and it cross-checks the data against the names of convicted criminals and violent mental patients. And unlike most states, it requires background checks for firearms purchases between private parties, closing a loophole that accounts for 80 percent of gun acquisitions made with intent to carry out a crime.
Since the passage of California's strict gun rules, the incidence of mass shootings has plummeted. "California used to be the mass-shooting capital of the country, but instead of throwing up their hands, they addressed the problem head-on and are reaping the benefits," says Julie Piotrowski, a spokeswoman for the Violence Policy Center, a pro-gun-control group. "Their success will most certainly inspire action in other states and at the federal level."
If enacted, the new laws might do for guns what California's pollution and fuel economy rules did for the nation's automobiles. In 2011 alone, Californians bought 600,000 firearms; only Texas sports more registered weapons. "The gun industry has a love/hate relationship with California," Hedlund says. "They hate our gun regulations because they are among the toughest in the country, but they love our marketplace."
Not to mention how the state essentially does their marketing. No matter what, the weapons industry can rest assured that there will be no shortage of guns in Clint Eastwood flicks.
On the evening of February 23, 2010, Rodney Koon was pulled over for doing 83 in a 55 zone outside Traverse City, Michigan. The deputy who stopped Koon noticed that the inside of his Toyota RAV4 smelled funny, and the middle-aged carpenter admitted that he'd taken a few hits of marijuana six hours earlier.
As a pipe-carrying medical-marijuana user (for a hernia and rheumatoid arthritis), Koon thought that the law was on his side. The cop thought otherwise and took him in for a blood test, which revealed traces of THC, or tetrahydrocannabinol, pot's psychoactive ingredient. Koon was charged with violating the state's "zero tolerance" drugged-driving law. He's still fighting the charges; if convicted, he faces a suspended license and, since he has a previous DUI, up to a year in prison.
The National Rifle Association is worried that Kansas might try to discourage gun ownership. So it is throwing its weight behind a bill that would prevent the state from spending money lobbying against "any legal consumer product"—a category that includes, among other things, tobacco and junk food.
Although State Bill 45, debated yesterday by a state Senate committee, focuses on lobbying efforts at the state and local level, a broad interpretation of the language could prevent Kansas from spending anything on programs that discourage the use of harmful products. The bill could "scuttle public health campaigns and other proven public health programs," the Topeka Capital-Journalreported yesterday, citing testimony from a Democratic senator and a representative from the American Cancer Society.