SMALL WARS COUNCIL
Go Back   Small Wars Council > Small Wars Participants & Stakeholders > Media, Information & Cyber Warriors

Media, Information & Cyber Warriors Getting the story, dealing with those who do, and operating in the information & cyber domains. Not the news itself, that's here.

Reply
 
Thread Tools Display Modes
Old 11-23-2011   #41
Backwards Observer
Council Member
 
Backwards Observer's Avatar
 
Join Date: Jun 2008
Posts: 500
Default

Chinese hackers infiltrate Department of Homeland Security and FBI, pay off official mouthpieces:

Quote:
No evidence of cyberattack at water pump, DHS says

Federal investigators have found no evidence that a cyberattack was behind a water pump failure this month in Illinois, the government announced Tuesday.

After a "detailed analysis," the Department of Homeland Security and the FBI "have found no evidence of a cyber intrusion," DHS spokesman Chris Ortman said.

Officials confirmed last week that they were looking into the possibility of a cyberattack at a public water district in Illinois, after a blog disclosed the possibility.

"There is no evidence to support claims made in initial reports -- which were based on raw, unconfirmed data and subsequently leaked to the media -- that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant," Ortman said Tuesday. " In addition, DHS and FBI have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported."
No evidence of cyberattack at water pump, DHS says - CNN - Nov 23, 2011.
Backwards Observer is offline   Reply With Quote
Old 11-23-2011   #42
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 2,438
Default 'Nitro' : who hacked US chemical companies, and why?

Quote:
Chinese hackers tried to penetrate the computer systems of 48 chemical and military-related companies in a late summer cyber attack to steal design documents, formulas and manufacturing processes, a security firm reported Tuesday.

The attack ran from late July to mid-September and appeared to be aimed at collecting intellectual property for competitive advantage, reported Symantec, which code-named the attack Nitro, because of the chemical industry targets. Hackers went after 29 chemical companies and 19 other businesses that made advanced materials primarily used in military vehicles.

The attackers were the same Chinese group that targeted human rights organizations from late April to early May and the U.S. auto industry in late May. China and the U.S. have accused each other of industrial espionage for some time. China, which leads the world in the number of people online, is a hotbed for Internet crime, according to experts. The country has often been accused of cyber spying, which the government denies, while claiming to also be a target.
http://www.crn.com/news/security/231...LQg**.ecappj02



Quote:
Symantec said it traced the attacks back to a computer system that was a virtual private server (VPS) located in the United States.

However, the system was owned by a 20-something male located in the Hebei region in China. We internally have given him the pseudonym of Covert Grove based on a literal translation of his name. He attended a vocational school for a short period of time specializing in network security and has limited work experience, most recently maintaining multiple network domains of the vocational school.

Covert Grove claimed to have the U.S.-based VPS for the sole purpose of using the VPS to log into the QQ instant message system, a popular instant messaging system in China. By owning a VPS, he would have a static IP address. He claims this was the sole purpose of the VPS. And by having a static IP address, he could use a feature provided by QQ to restrict login access to particular IP addresses. The VPS cost was RMB200 (US$32) a month.

While possible, with an expense of RMB200 a month for such protection and the usage of a US-based VPS, the scenario seems suspicious. We were unable to recover any evidence the VPS was used by any other authorized or unauthorized users. Further, when prompted regarding hacking skills, Covert Grove immediately provided a contact that would perform ‘hacking for hire’. Whether this contact is merely an alias or a different individual has not been determined.

We are unable to determine if Covert Grove is the sole attacker or if he has a direct or only indirect role. Nor are we able to definitively determine if he is hacking these targets on behalf of another party or multiple parties
.
http://www.zdnet.com/blog/security/n...companies/9754

Quote:
"The question is: Who is 'they?' " writes James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies (CSIS), a Washington think tank, in an e-mail interview. "The Chinese government encourages economic espionage [for illicit acquisition of technology], but that does not mean it directs all economic espionage."
http://www.alaskadispatch.com/articl...mical-industry
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 11-23-2011   #43
Stan
Council Member
 
Stan's Avatar
 
Join Date: Dec 2006
Location: Estonia
Posts: 3,817
Default Wasn't me, didn't do it

China hits back over US claims of online spying

Quote:
China's foreign ministry spokesman Hong Lei dismissed the report in a regular news briefing in Beijing.

"Online attacks are notable for spanning national borders and being anonymous. Identifying the attackers without carrying out a comprehensive investigation and making inferences about the attackers is both unprofessional and irresponsible," he said. "I hope the international community can abandon prejudice and work hard with China to maintain online security."
__________________
If you want to blend in, take the bus
Stan is offline   Reply With Quote
Old 12-01-2011   #44
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 2,438
Default

Quote:
Within a week of the report’s release, DHS bluntly contradicted the memo, saying that it could find no evidence that a hack occurred. In truth, the water pump simply burned out, as pumps are wont to do, and a government-funded intelligence center incorrectly linked the failure to an internet connection from a Russian IP address months earlier.

Now, in an exclusive interview with Threat Level, the contractor behind that Russian IP address says a single phone call could have prevented the string of errors that led to the dramatic false alarm.
http://www.wired.com/threatlevel/201...ystery-solved/
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 12-01-2011   #45
davidbfpo
Council Member
 
davidbfpo's Avatar
 
Join Date: Mar 2006
Location: UK
Posts: 11,501
Default Fusion Center priority No.1 is?

A classic, hence my emphasis and thanks for the link to The Wired article Adam G.

Quote:
Asked if the fusion center is investigating how information that was uncorroborated and was based on false assumptions got into a distributed report, spokeswoman Bond said an investigation of that sort is the responsibility of DHS and the other agencies who compiled the report. The center’s focus, she said, was on how Weiss received a copy of the report that he should never have received.

“We’re very concerned about the leak of controlled information,” Bond said. “Our internal review is looking at how did this information get passed along, confidential or controlled information, get disseminated and put into the hands of users that are not approved to receive that information. That’s number one.”
So we have an industrial malfunction at a water plant that has nothing to do with cyber warfare, an intelligence assessment circulated widely and maybe beyond it's intended recipients - an assessment that is simply wrong and missed some basic research.

A classic on many levels.
__________________
davidbfpo
davidbfpo is offline   Reply With Quote
Old 12-01-2011   #46
bourbon
Council Member
 
bourbon's Avatar
 
Join Date: Jun 2007
Location: Boston, MA
Posts: 902
Default

The initial wave of reports makes reference to the compromise of the remote access software vendor; the consequences of which, if true, would be far greater than a single isolated incident.

This follow up story makes no reference to the compromised software vendor.
__________________
“[S]omething in his tone now reminded her of his explanations of asymmetric warfare, a topic in which he had a keen and abiding interest. She remembered him telling her how terrorism was almost exclusively about branding, but only slightly less so about the psychology of lotteries…” - Zero History, William Gibson
bourbon is offline   Reply With Quote
Old 12-01-2011   #47
selil
i pwnd ur ooda loop
 
selil's Avatar
 
Join Date: Sep 2006
Location: Belly of the beast
Posts: 2,112
Default

It looks to me as if there is a significant and distinct lack of understanding in the world of cyber of how to conduct an investigation. I am continually surprised as I run across "cyber" experts who haven't got clue one of basic police investigative procedure down. The entirety of this incident and several that are not being reported could have been less "flash" and more "bang" if simple specific principles of investigation were followed.

When asked on this and other similar stories to comment by the media I say, "Sorry but we need more details and information before suggesting even an opinion" So, I don't end up on the front page, I don't get invited to all the big parties, but I also don't end up looking like a fool.

THe principles of police procedure are not specific to any domain. The forensic processes are not "special" because it has bits and bytes. The whole thing smacks of the debacle of the polygraph. The fusion center screwed up, the investigators screwed up, heck even DHS with their rebuttal of the facts screwed up. Nobody knows for sure what happened because nobody actually investigated the incident in a full and correct manner.

The entire escapade is simple bull pucky.
__________________
Sam Liles
Selil Blog
Don't forget to duck Secret Squirrel
The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.
selil is offline   Reply With Quote
Old 12-02-2011   #48
Backwards Observer
Council Member
 
Backwards Observer's Avatar
 
Join Date: Jun 2008
Posts: 500
Default la plume de ma tante

Chinese hackers perfect mind-control of US scientific community; evolution, fluoride to blame:

Quote:
Hacked Satellites?: USCC Makes Claims It Can’t Support

[...]

These suspicious incidents may or may not have been caused by hacking. They appear to have involved computers operated by a commercial service provider—not by the US government. No commands were issued to the satellites, nor were any data manipulated or stolen. The satellites involved were nonstrategic, low-resolution environmental monitoring satellites. There is no evidence presented linking these events to the Chinese government; the USCC includes these incidents in their report to Congress on China on the basis of claims by a “marginal figure” in China that China is interested in such pursuits.

This doesn’t mean China is not capable of or interested in the ability to control U.S. satellites. But the evidence presented to Congress by the USCC makes an extremely poor case for it.
Hacked satellites - USCC makes claims it can't support - All Things Nuclear - Dec 1, 2011.

Last edited by Backwards Observer; 12-02-2011 at 05:06 AM. Reason: perception management
Backwards Observer is offline   Reply With Quote
Old 12-02-2011   #49
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 2,438
Default

No sh1t.

Quote:
America's critical infrastructure security response system is broken
Possible cyberattack on SCADA system at small Illinois water plant highlights weakness in U.S. system of "Fusion Centers"
http://www.networkworld.com/news/201...da-253659.html
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 12-02-2011   #50
Fuchs
Council Member
 
Fuchs's Avatar
 
Join Date: May 2008
Posts: 3,189
Default

News in a reputable computer-related news portal in Germany is that the hacker attack was a hoax.

Now could please a mod change the thread title to reflect this?
Fuchs is offline   Reply With Quote
Old 01-06-2012   #51
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 2,438
Default Panetta: Cyber warfare could paralyze U.S.

Quote:
(CBS News) Back in 2010, the Pentagon established cyber command to wage war and defend America's computer systems. It's a top priority for Secretary of Defense Leon Panetta. In an interview for "60 Minutes," CBS Evening News anchor Scott Pelley spoke with Panetta while he was touring the Middle East last month, flying in a command post that's rigged to conduct nuclear war if need be. The Secretary told CBS News cyber war is one of his biggest worries.
http://www.cbsnews.com/8301-18563_16...alyze-country/
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 01-18-2012   #52
Jedburgh
Council Member
 
Join Date: Oct 2005
Posts: 3,098
Default

Harvard National Security Journal, 9 Jan 12: Loving the Cyber Bomb? The Dangers of Threat Inflation in Cybersecurity Policy
Quote:
There has been no shortage of attention devoted to cybersecurity, with a wide range of experts warning of potential doomsday scenarios should the government not act to better secure the Internet. But this is not the first time we have been warned of impending dangers; indeed, there are many parallels between present portrayals of cyberthreats and the portrayal of Iraq prior to 2003, or the perceived bomber gap in the late 1950s.

This article asks for a better justification for the increased resources devoted to cyber threats. It examines the claims made by those calling for increased attention to cybersecurity, and notes the interests of a military-industrial complex in playing up fears of a “cyber Katrina.” Cybersecurity is undoubtedly an important policy issue. But with a dearth of information regarding the true nature of the threat, it is quite difficult to determine whether certain government policies are warranted—or if this merely represents the latest iteration of threat inflation benefitting private and parochial political interests.
Jedburgh is offline   Reply With Quote
Old 02-15-2012   #53
Jedburgh
Council Member
 
Join Date: Oct 2005
Posts: 3,098
Default

Wired, 14 Feb 12: Wired Opinion: Cyberwar Is the New Yellowcake
Quote:
...Washington teems with people who have a vested interest in conflating and inflating threats to our digital security. The watchword, therefore, should be “trust but verify.”....

....Cybersecurity is a big and booming industry. The U.S. government is expected to spend $10.5 billion a year on information security by 2015, and analysts have estimated the worldwide market to be as much as $140 billion a year. The Defense Department has said it is seeking more than $3.2 billion in cybersecurity funding for 2012. Lockheed Martin, Boeing, L-3 Communications, SAIC, and BAE Systems have all launched cybersecurity divisions in recent years. Other traditional defense contractors, such as Northrop Grumman, Raytheon, and ManTech International, have invested in information security products and services. ....
Jedburgh is offline   Reply With Quote
Old 02-21-2012   #54
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 2,438
Default

WSJ podcast -

Quote:
The director of the National Security Agency has warned that the hacking group Anonymous could have the ability within the next year or two to bring about a limited power outage through a cyberattack. Gen. Keith Alexander, the director, provided his assessment in meetings at the White House and in other private sessions, according to people familiar with the gatherings. While he hasn’t publicly expressed his concerns about the potential for Anonymous to disrupt power supplies, he has warned publicly about an emerging ability by cyberattackers to disable or even damage computer networks.
http://blogs.wsj.com/wsjam/2012/02/2...er-power-play/
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 03-08-2012   #55
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 2,438
Default

Quote:
WASHINGTON—China almost certainly would mount a cyberattack on the U.S. in the event of a conflict, and the U.S. has no clear policy to determine how to respond appropriately, a congressional advisory panel is set to warn on Thursday.

In a lengthy report analyzing Chinese cyber-capabilities and the threat facing the U.S., the U.S.-China Economic and Security Review Commission found that the U.S. telecommunications supply chain is particularly vulnerable to cyber-tampering and an attack could result in a "catastrophic failure" of U.S. critical infrastructure.

The report was written for the commission by analysts at defense firm Northrop Grumman Corp.
http://online.wsj.com/article/SB1000...world_newsreel
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 03-08-2012   #56
Bob's World
Council Member
 
Bob's World's Avatar
 
Join Date: Nov 2008
Location: Florida
Posts: 2,706
Default

I have no problem appreciating the cyber vulnerability of the US, across all aspects of our society. We have pursued the benefits of technology while under-investing in the security of those same systems.

What I cannot embrace is why this is somehow a military mission to solve.

Anyone who can make the case for why this is a military mission, please, help make that case.

My concern is that the defense budget will not be made larger to address this wide mission area, but will come at the cost of actual defense capabilities. My other concern is that once DoD stands up and says they have this, that the other aspects of government and many civilian operations that rely on cyber capabilities will continue to under-invest in what is clearly their responsibility to secure.
__________________
Robert C. Jones
Intellectus Supra Scientia
(Understanding is more important than Knowledge)

"The modern COIN mindset is when one arrogantly goes to some foreign land and attempts to make those who live there a lesser version of one's self. The FID mindset is when one humbly goes to some foreign land and seeks first to understand, and then to help in some small way for those who live there to be the best version of their own self." Colonel Robert C. Jones, US Army Special Forces (Retired)
Bob's World is offline   Reply With Quote
Old 03-08-2012   #57
carl
Council Member
 
carl's Avatar
 
Join Date: Nov 2005
Location: Denver on occasion
Posts: 2,460
Default

Quote:
Originally Posted by Bob's World View Post
What I cannot embrace is why this is somehow a military mission to solve.

Anyone who can make the case for why this is a military mission, please, help make that case.

My concern is that the defense budget will not be made larger to address this wide mission area, but will come at the cost of actual defense capabilities. My other concern is that once DoD stands up and says they have this, that the other aspects of government and many civilian operations that rely on cyber capabilities will continue to under-invest in what is clearly their responsibility to secure.
That seems sensible and a wise concern. If there were a conflict with the persistent threat, would it be best for the military to conduct and coordinate cyber counter attacks or the intel types or contractors or a combination?
__________________
"We fight, get beat, rise, and fight again." Gen. Nathanael Greene
carl is offline   Reply With Quote
Old 03-09-2012   #58
Strickland
Council Member
 
Join Date: Oct 2005
Location: Stafford, VA
Posts: 262
Default ignorance

Please excuse my ignorance, but what is the difference between cyber warfare, cyber terrorism, cyber espionage, and cyber crime? When a sovereign state attacked the Iranian nuclear facilities with a computer virus/worm - was this an act or war, terrorism, covert ops? When the Russian, Chinese, or North Korean governments hack into USG websites and databases, is this a criminal act, act of subversion, or act of war?
Strickland is offline   Reply With Quote
Old 03-09-2012   #59
Bob's World
Council Member
 
Bob's World's Avatar
 
Join Date: Nov 2008
Location: Florida
Posts: 2,706
Default

Quote:
Originally Posted by Strickland View Post
Please excuse my ignorance, but what is the difference between cyber warfare, cyber terrorism, cyber espionage, and cyber crime? When a sovereign state attacked the Iranian nuclear facilities with a computer virus/worm - was this an act or war, terrorism, covert ops? When the Russian, Chinese, or North Korean governments hack into USG websites and databases, is this a criminal act, act of subversion, or act of war?
Exactly.

My take on this is that the closer it comes to being an individual conducting the action, regardless of the character of the act, it is a criminal act if outside the law.

The closer it comes to being a state, or a state-like organization with political purpose, the closer it comes to being an act of war.

It is the character of the actor and purpose of the act much more so than the character of the act itself that matters.

If it is determined that an act of war has been perpetrated against the US thorugh the Cyber domain, then we respond just as we would to any act of war in any of the other domains (land, sea, air, space, etc). If it is a criminal act we should treat as we do any other criminal act.

The cyber domain is very democratic, in that criminal individuals can wreck havoc to the same degree as war waging states and organizations. That scares the heck out of states. It should.

But that does not make this of necessity a military function.


For the majority of the military I believe there are two broad missions that must be covered:
1. Be able to maximize the cyber domain to conduct one's core operations and activities.

2. Be able to continue to conduct one's core operations and activities even if the cyber domain is severely degraded or denied.

DOD has it's own cyber vulnerablities to address, and similarly has not fully explored how this domain can be maximized. We need to focus on that first. Let Bank of America, Florida Power and Light, thousands of other important institutions figure out, fund and address their own vulnerabilities. What works to stop acts of crime and vandalism will stop acts of war as well.
__________________
Robert C. Jones
Intellectus Supra Scientia
(Understanding is more important than Knowledge)

"The modern COIN mindset is when one arrogantly goes to some foreign land and attempts to make those who live there a lesser version of one's self. The FID mindset is when one humbly goes to some foreign land and seeks first to understand, and then to help in some small way for those who live there to be the best version of their own self." Colonel Robert C. Jones, US Army Special Forces (Retired)
Bob's World is offline   Reply With Quote
Old 06-05-2012   #60
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 2,438
Default Cyber search engine Shodan exposes industrial control systems to new risks

Quote:
Government and business leaders in the United States and around the world are rushing to build better defenses -- and to prepare for the coming battles in the digital universe. To succeed, they must understand one of the most complex, man-made environments on Earth: cyberspace.
Quote:
Matherly and other Shodan users quickly realized they were revealing an astonishing fact: Uncounted numbers of industrial control computers, the systems that automate such things as water plants and power grids, were linked in, and in some cases they were wide open to exploitation by even moderately talented hackers.
http://www.washingtonpost.com/invest...KCV_story.html
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Russo-Ukraine War 2016 (April-June) davidbfpo Europe 1088 07-01-2016 09:44 PM
The Threat from Swarm Attacks (catch all) davidbfpo Doctrine & TTPs 4 08-07-2012 12:42 PM
USAF Cyber Command (catch all) selil Media, Information & Cyber Warriors 150 03-15-2011 10:50 PM
Attacks in Iraq Down Considerably SWJED Blog Watch 1 01-23-2006 10:33 PM


All times are GMT. The time now is 09:09 PM.


Powered by vBulletin® Version 3.8.9. ©2000 - 2018, Jelsoft Enterprises Ltd.
Registered Users are solely responsible for their messages.
Operated by, and site design © 2005-2009, Small Wars Foundation