OSS.Net, Inc. Home Page
Information Operations
Newsletter
Compiled by: Mr. Jeff Harley
Army Forces Strategic Command
G39, Information Operations Division
Table of Contents
ARSTRAT IO Newsletter on
Table of Contents
Vol. 9, no. 10 (7 – 24 April 2009)
1. Fort Sill Allows 7News to View Electronic Warfare Location for First Time
2. Extremist Web Sites Are Using U.S. Hosts
3. Official: Millions Spent Defending Pentagon Computers from Attack
4. Electricity Grid in U.S. Penetrated By Spies
5. Specialized Training Crucial for Skilled Cyberwarriors
6. Apple’s New Weapon
7. End-Point Security Spreads throughout Military
8. Next War Will Begin in Cyberspace, Experts Predict
9. Officials Say Hackers Didn't Steal Critical Data About New Fighter Jet
10. New Military Command to Focus on Cybersecurity
11. Russia’s Nuclear Attack on U.S. may start with Major Banks
12. Pentagon Advisers Urge Creation of High-Level 'Cyber Council' at DOD
13. China Rejects Cyber-Attack Claim
14. The Cold War Moves to Cyberspace
15. Book About The New Battlefield - Cyberspace
16. Hackers: the China Syndrome
17. Pentagon Jams Web, Radio Links of Taliban
18. Snooping Dragon Raises Ante (commentary)
19. Electronic Battlefield
Fort Sill Allows 7News to View Electronic Warfare Location for First Time
From KWSO, April 8,
Fort Sill_Electronic Warfare is the future of the Army's combat strategies, and Fort Sill soldiers are learning how it brings another weapon to their arsenal. Electronic Warfare uses frequencies in the electromagnetic spectrum - such as radio waves, microwaves, and radiation - to defend, attack, and collect information. Fort Sill began training in Electronic Warfare in 2006, and for the first time let 7News take a look inside.
Security is high inside Fort Sill's Electronic Warfare training rooms. 7News is not allowed to reveal the location, and each computer was sanitized so as not to reveal anything confidential. Our videos even were reviewed before the 7News crew left the facility to ensure no classified information was recorded.
There isn't much the post can tell the public about Electronic Warfare, but it's like the intelligence bunkers you may have seen in movies - mostly desks and computers. However, despite the dull décor - it's anything but boring. "It's an exciting field," said Captain Lacey Johnson. "I've learned a lot from the knowledge we've learned in this class. We have increased a lot of our effectiveness."
Electronic Warfare has three parts: Attack, Protect, Support. For example an attack interferes with an enemy's equipment - such as jamming radar, or directing energy to disrupt communications systems. It gets more complicated as care must be taken not to conflict with allies who may transmit on different frequencies. "The electronic warfare officer has to know enough about what's going on with the spectrum, and the frequencies that are being emitted by these different transmitters, to try to ensure that those things don't conflict each other," said LTC Jim Looney. For example, if a number of people use their cell phones at one time, there may be so many signals that the network is overwhelmed.
And, there is electronic protection to ensure enemies don't surge our system (similar to a surge at home which is why you utilize a surge protector for your computer) along with electronic support help with intelligence collection and communication. "It's going to benefit me from being able to see the bigger picture on the staff-side on the battleground," said CW2 Bill Davis. "I think it will also help me understand the working between the different staff members," he said. "The neatest thing for me is it's something different in my career," said Captain Brian Suponcic. "I'm an artillery guy - I've always dealt with FIRES - so this just gives a new way to wage the fight on the battlefield."
Since the battlefield is where real combat occurs, Electronic Warfare officers function there primarily to make it easier for their comrades to coordinate and maneuver. They say they support the ground troops by helping them get their jobs done.
The Navy and Air Force have used these methods for years, but now it is becoming important for the Army as well in the ongoing battle against terrorism. A course specifically designed for Warrant Officers began April 1, and a course for enlisted soldiers begins later this month. The Army says it hopes to train almost 4,000 new Electronic Warfare personnel. There currently are about 350 soldiers who have completed Fort sill's Electronic Warfare course which began in 2006.
Table of Contents
Extremist Web Sites Are Using U.S. Hosts
By Joby Warrick and Candace Rondeaux, Washington Post, April 9, 2009
On March 25, a Taliban Web site claiming to be the voice of the "Islamic Emirate of Afghanistan" boasted of a deadly new attack on coalition forces in that country. Four soldiers were killed in an ambush, the site claimed, and the "mujahideen took the weapons and ammunition as booty."
Most remarkable about the message was how it was delivered. The words were the Taliban's, but they were flashed around the globe by an American-owned firm located in a leafy corner of downtown Houston.
The Texas company, a Web-hosting outfit called ThePlanet, says it simply rented cyberspace to the group and had no clue about its Taliban connections. For more than a year, the militant group used the site to rally its followers and keep a running tally of suicide bombings, rocket attacks and raids against U.S. and allied troops. The cost of the service: roughly $70 a month, payable by credit card.
The Taliban's account was pulled last week when a blogger noticed the connection and called attention to it. But the odd pairing of violently anti-American extremists and U.S. technology companies continues elsewhere and appears to be growing. Intelligence officials and private experts cite dozens of instances in which Islamist militants sought out U.S. Internet firms -- known for their reliable service and easy terms that allow virtual anonymity -- and used them to incite attacks on Americans.
"The relatively cheap expense and high quality of U.S. servers seems to attract jihadists," said Rita Katz, co-founder of the Site Intelligence Group, a private company that monitors the communications of Muslim extremist groups. Even al-Qaeda has sometimes paid American companies to serve as conduits for its hate-filled messages, said Katz, who has tracked such activity since 2003.
Militants' use of U.S. Web hosts has sparked occasional spats between the United States and its allies, as well as endless debates over whether it is better to shut down the Web sites when they're discovered or to let them continue to operate. By allowing them to remain online, intelligence analysts can sometimes discover clues about the leadership and structure of terrorist groups, some analysts say.
"You can learn a lot from the enemy by watching them chat online," said Martin Libicki, a senior policy analyst at the Rand Corporation, a nonprofit research organization. Libicki said the bloggers rarely spill secrets, and most are "probably using this more for public affairs rather than recruitment."
"Public affairs," in many cases, means blatantly anti-Western invective and propaganda.
For instance, the Afghan group that rented Web space from ThePlanet offered daily updates on skirmishes between Taliban fighters and American "invaders" and Afghan "puppet army" troops. The Web site, http:, frequently claimed that the group's forces had killed coalition troops and even destroyed warplanes and tanks -- accounts that bear little resemblance to coalition field reports on those dates.
Another Taliban Web site, http:, continues to operate, using the services of Free Web Town, a user-friendly template service run by Atlanta-based Tulix Systems. The group's site features regular updates about purported attacks on U.S.-led coalition forces and occasional interviews with Taliban leaders and commanders in English and the regional languages of Dari and Pashto.
The site is associated with a Taliban group known as the Tora Bora Front, a hard-line faction operating in the remote mountainous region between northeastern Afghanistan and northwest Pakistan where fighting this year has been especially heavy.
Spokespeople for Tulix and ThePlanet say their policies prohibit the airing of violent or hateful messages by ordinary Americans, and certainly by terrorists. Both companies say they act quickly to shut down any site that breaks the rules.
The user-friendly American services are especially popular with groups like the Tora Bora Front. "It kind of makes it an ideal target for people who want to use it for nefarious reasons because not only is it easy to access and easy to use, it's easy to lie about your identity," said Thomas Burling, Tulix's chief financial officer.
Burling said the company has "routinely" been contacted by various federal agencies tracking the use of the Free Web Town sites, but he declined to go into further detail or identify the agencies.
Under federal eavesdropping laws passed last year, U.S. intelligence officials can legally monitor communications between foreign groups without a warrant, even if the transit lines pass through the United States.
The firms acknowledge that it is not always easy to spot militants' activity. Tulix boasts more than 1 million clients, while ThePlanet is the country's biggest supplier of Web-hosting services, with nearly 16 million accounts. Yvonne Donaldson, spokeswoman for ThePlanet, said the firm cannot afford to monitor every site and instead reacts to complaints, as it did in the case of . "If the complaint is credible, we notify the authorities," she said.
In some cases, the complaints come from governments. Pakistan has been venting to U.S. officials about militants' use of North American Internet services since last fall, when an investigation of the Mumbai terrorist rampage, which involved Pakistanis, revealed that the attackers had communicated using Internet phone calls routed through another server based in Houston.
American and Pakistani officials say the issue has raised tensions within diplomatic and intelligence circles in both countries and has reignited a high-level internal debate over the legality and efficacy of shutting off or restricting access to such services.
A senior Pakistani official said repeated requests to Washington to shut down controversial sites have gone unheeded -- and American authorities' seeming reluctance has become "an irritant." The official, who spoke on the condition of anonymity because he is not cleared to discuss the issue, said Pakistani intelligence experts are convinced that Washington prefers to keep the sites running for intelligence purposes.
"They're very reluctant or very slow to deal with this. We're saying at least if you monitor them, then share with us the information so we can take them out," the official said.
U.S. intelligence officials acknowledge the dispute but note the futility of trying to turn off Web sites completely. Domain names can be easily changed, they say, and sites are so easy to relocate that a new site usually opens within weeks after the old one is shut down.
Or sometimes even sooner. The Taliban's alemarrah1 site, which disappeared from its old location April 3, appeared again on Tuesday under a slightly altered name. In a matter of days, it was sending messages worldwide and routing them once again through ThePlanet's servers, based in the same leafy corner of downtown Houston.
Table of Contents
Official: Millions Spent Defending Pentagon Computers from Attack
By Adam Levine, CNN, 7 Apr 2009
WASHINGTON (CNN) -- The U.S. military has spent at least $100 million defending its computer network from and responding to cyberattacks, according to a top official responsible for network security.
The money was spent over the last six months responding to incidents that affected the Pentagon's networks, according to Brig. Gen. John Davis of the U.S. Strategic Command, which is responsible for military cybersecurity.
The money also went toward training and investment in tools and technologies needed because of infiltrations and viruses, he said.
Davis said he was asked by the head of Strategic Command, Gen. Kevin Chilton, to track the costs in an effort to analyze the price of reacting to incidents that threaten the military's cybersecurity.
"We are finding ourselves in an ever-increasing, sophisticated environment where our networks at [the Department of Defense] are increasingly in a contested environment," Davis said.
He spoke by phone from the USStratcom Cyberspace Symposium, a two-day event in Omaha, Nebraska, for defense officials, as well as technology industry members.
Davis would not give specific examples of cyberattacks, but he said the military's technology team deals with a wide variety of incidents every day.
"It ranges in scope from the less serious -- the bored teenager -- all the way up to nation-state capabilities," Davis said.
"We do know that there are nation states that are investing in capabilities to operate in cyberspace. We have to expect that," he said. "We have to be able to defend our networks."
Davis would not name specific countries, but one country the United States is concerned about is China, according to the Pentagon's 2009 report to Congress on that country's military.
China "has established information warfare units to develop viruses to attack enemy computer systems and networks, and tactics and measures to protect friendly computer systems and networks," according to a 2009 report called the Military Power of the People's Republic of China.
In 2008, computer systems around the world, including the U.S. government's, were the target of intrusion that seemed to have originated in China, the report said.
"Although these intrusions focused on exfiltrating information, the accesses and skills required for these intrusions are similar to those necessary to conduct computer network attacks," the report said.
The money spent on reacting to incidents could be better spent to have the intelligence capabilities so the system could be better defended, Davis said.
"Rather than spending money reacting, it would be wiser to build capabilities in a proactive manner to protect systems in the first place," he said. "It would be wiser to spend it up front to keep less sophisticated threats off our radar so we can focus on real attacks."
Davis said the military needs to realize that the Internet is not just a service but a critical part of the Defense Department's operations that needs to be reliably secure.
"We rely on our networks for war fighting functions. To have a loss of trust would be traumatic," Davis said.
The military has had some self-inflicted problems from basic security problems, like viruses on personal drives and "phishing" incidents, that hampered its security, Davis said. Last year, external drives were banned from being used on the military network.
As part of his Monday announcement about changes to the Pentagon budgets, Defense Secretary Robert Gates highlighted the need to increase the number of personnel involved in cybersecurity.
Gates announced that the Department of Defense would triple the number of "cyber-experts" to 250 over the next two years.
But that's not enough, said Davis.
"It's got to be more," he said. "But it is a sign of progress."
Table of Contents
Electricity Grid in U.S. Penetrated By Spies
By Siobhan Gorman, Associated Press, Wall Street Journal, 8 April 2009
WASHINGTON -- Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.
The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven't sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.
"The Chinese have attempted to map our infrastructure, such as the electrical grid," said a senior intelligence official. "So have the Russians."
The espionage appeared pervasive across the U.S. and doesn't target a particular company or region, said a former Department of Homeland Security official. "There are intrusions, and they are growing," the former official said, referring to electrical systems. "There were a lot last year."
Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet.
Authorities investigating the intrusions have found software tools left behind that could be used to destroy infrastructure components, the senior intelligence official said. He added, "If we go to war with them, they will try to turn them on."
Officials said water, sewage and other infrastructure systems also were at risk.
"Over the past several years, we have seen cyberattacks against critical infrastructures abroad, and many of our own infrastructures are as vulnerable as their foreign counterparts," Director of National Intelligence Dennis Blair recently told lawmakers. "A number of nations, including Russia and China, can disrupt elements of the U.S. information infrastructure."
Officials cautioned that the motivation of the cyberspies wasn't well understood, and they don't see an immediate danger. China, for example, has little incentive to disrupt the U.S. economy because it relies on American consumers and holds U.S. government debt.
But protecting the electrical grid and other infrastructure is a key part of the Obama administration's cybersecurity review, which is to be completed next week. Under the Bush administration, Congress approved $17 billion in secret funds to protect government networks, according to people familiar with the budget. The Obama administration is weighing whether to expand the program to address vulnerabilities in private computer networks, which would cost billions of dollars more. A senior Pentagon official said Tuesday the Pentagon has spent $100 million in the past six months repairing cyber damage.
WSJ's Intelligence Reporter Siobhan Gorman says that Intelligence officials have found cyber spies lurking in the U.S. electrical infrastructure.
Overseas examples show the potential havoc. In 2000, a disgruntled employee rigged a computerized control system at a water-treatment plant in Australia, releasing more than 200,000 gallons of sewage into parks, rivers and the grounds of a Hyatt hotel.
Last year, a senior Central Intelligence Agency official, Tom Donahue, told a meeting of utility company representatives in New Orleans that a cyberattack had taken out power equipment in multiple regions outside the U.S. The outage was followed with extortion demands, he said.
The U.S. electrical grid comprises three separate electric networks, covering the East, the West and Texas. Each includes many thousands of miles of transmission lines, power plants and substations. The flow of power is controlled by local utilities or regional transmission organizations. The growing reliance of utilities on Internet-based communication has increased the vulnerability of control systems to spies and hackers, according to government reports.
The sophistication of the U.S. intrusions -- which extend beyond electric to other key infrastructure systems -- suggests that China and Russia are mainly responsible, according to intelligence officials and cybersecurity specialists. While terrorist groups could develop the ability to penetrate U.S. infrastructure, they don't appear to have yet mounted attacks, these officials say.
It is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace. U.S. officials said investigators have followed electronic trails of stolen data to China and Russia.
Russian and Chinese officials have denied any wrongdoing. "These are pure speculations," said Yevgeniy Khorishko, a spokesman at the Russian Embassy. "Russia has nothing to do with the cyberattacks on the U.S. infrastructure, or on any infrastructure in any other country in the world."
A spokesman for the Chinese Embassy in Washington, Wang Baodong, said the Chinese government "resolutely oppose[s] any crime, including hacking, that destroys the Internet or computer network" and has laws barring the practice. China was ready to cooperate with other countries to counter such attacks, he said, and added that "some people overseas with Cold War mentality are indulged in fabricating the sheer lies of the so-called cyberspies in China."
Utilities are reluctant to speak about the dangers. "Much of what we've done, we can't talk about," said Ray Dotter, a spokesman at PJM Interconnection LLC, which coordinates the movement of wholesale electricity in 13 states and the District of Columbia. He said the organization has beefed up its security, in conformance with federal standards.
In January 2008, the Federal Energy Regulatory Commission approved new protection measures that required improvements in the security of computer servers and better plans for handling attacks.
Last week, Senate Democrats introduced a proposal that would require all critical infrastructure companies to meet new cybersecurity standards and grant the president emergency powers over control of the grid systems and other infrastructure.
Specialists at the U.S. Cyber Consequences Unit, a nonprofit research institute, said attack programs search for openings in a network, much as a thief tests locks on doors. Once inside, these programs and their human controllers can acquire the same access and powers as a systems administrator.
NERC Letter
The North American Electric Reliability Corporation on Tuesday warned its members that not all of them appear to be adhering to cybersecuirty requirements.
The White House review of cybersecurity programs is studying ways to shield the electrical grid from such attacks, said James Lewis, who directed a study for the Center for Strategic and International Studies and has met with White House reviewers.
The reliability of the grid is ultimately the responsibility of the North American Electric Reliability Corp., an independent standards-setting organization overseen by the Federal Energy Regulatory Commission.
The NERC set standards last year requiring companies to designate "critical cyber assets." Companies, for example, must check the backgrounds of employees and install firewalls to separate administrative networks from those that control electricity flow. The group will begin auditing compliance in July.
Table of Contents
Specialized Training Crucial for Skilled Cyberwarriors
By John C. Rogers, Signal Magazine, April 15, 2009
The U.S. Air Force has expanded its area of responsibility to include the cyberspace domain, but the realm may need additional personnel with specialized training before it can become fully operational. Before the Air Force is ready to operate in a contested cyberspace environment, the service branch needs to regulate the development of its cyberwarriors in order to defeat cyberterrorists.
According to a 2008 report compiled by the U.S. Air Force Scientific Advisory Board, the service branch is considering developing a specific career field devoted to cyberspace, including a new kind of officer—a cyberspace warfare officer. Current career fields, including combat systems and communication and information, would be restructured to fulfill the needs within the new concentration.
Many combat systems and communication and information officers lack the specialized training needed to perform cyber tasks because these officers are not required to have computer-related degrees. To ensure that the cyberspace warfare officers have the necessary training, the field should offer at least two specialties: a cyberspace warfare operator and an electronic warfare officer.
The specialties may require substantial investments to develop, but they would allow the Air Force to mandate education and training requirements to ensure that fully qualified cyberofficers are produced. For example, electronic warfare officers should have a computer/electrical engineering or computer programming degree, and they must receive specialized training to develop the necessary skills to establish and control the cyber domain. Cyberspace warfare operators should have a computer engineering or computer science degree, and they should be trained to conduct successful offensive and defensive military cyberoperations.
Establishing a new career field and its ensuing education and training requirements could take years to accomplish. Potential candidates may be hard to recruit as well, as the number of computer science majors continues to decline. The Air Force should expand the undergraduate programs offered at the Air Force Institute of Technology to include courses similar to the advanced engineering course (ACE) cyber security boot camp, available at Rome Air Force Research Laboratory. This also may help increase the number of potential candidates.
The ACE program provides training in technology-driven tactical cyberoffense, threat-driven operational cyberdefense and policy-driven strategic effects based on a commander’s intent. Programs such as this could serve as models to help develop and define the requirements and core courses needed to create an undergraduate cybercurriculum. To provide realistic cyberspace training, including current military objectives and rules of engagement, simulators such as the BLACK DEMON and Bulwark Defender could be introduced as well.
The Air Force needs to develop a realistic career path that can and will attract and retain qualified cyberwarriors. Advancement opportunities within the cyberspace warfare career track should be available at all chain-of-command levels, and active-duty service commitments should be offered at each career progression. During active-duty officers’ deployment periods, workers from the U.S. Defense Department should be available to provide assistance. The service branch also should offer incentives and competitive compensation to retain its personnel.
The Air Force must better prepare its future officers to ensure the United States’ dominance in cyberspace. It must develop a process that defines the requirements for cyberwarrior officers and outlines a suitable career path. Educating and training qualified cyberofficers is an investment in the Air Force’s future in cyberspace dominance.
Table of Contents
Apple’s New Weapon
By Benjamin Sutherland, NEWSWEEK, from the magazine issue dated Apr 27, 2009
Tying the hands of a person who is speaking, the Arab proverb goes, is akin to "tying his tongue." Western soldiers in Iraq know how important gestures can be when communicating with locals. To close, open and close a fist means "light," but just opening a fist means "bomb." One soldier recently home from Iraq once tried to order an Iraqi man to lie down. To get his point across, the soldier had to demonstrate by stretching out in the dirt. Translation software could help, but what's the best way to make it available in the field?
The U.S. military in the past would give a soldier an electronic handheld device, made at great expense specially for the battlefield, with the latest software. But translation is only one of many software applications soldiers now need. The future of "networked warfare" requires each soldier to be linked electronically to other troops as well as to weapons systems and intelligence sources. Making sense of the reams of data from satellites, drones and ground sensors cries out for a handheld device that is both versatile and easy to use. With their intuitive interfaces, Apple devices—the iPod Touch and, to a lesser extent, the iPhone—are becoming the handhelds of choice.
Using a commercial product for such a crucial military role is a break from the past. Compared with devices built to military specifications, iPods are cheap. Apple, after all, has already done the research and manufacturing without taxpayer money. The iPod Touch retails for under $230, whereas a device made specifically for the military can cost far more. (The iPhone offers more functionality than the iPod Touch, but at $600 or $700 each, is much more expensive.) Typically sheathed in protective casing, iPods have proved rugged enough for military life. And according to an Army official in Baghdad, the devices have yet to be successfully hacked. (The Pentagon won't say how many Apple devices are deployed, and Apple Computer declined to be interviewed for this article.)
The iPod also fulfills the U.S. military's need to equip soldiers with a single device that can perform many different tasks. Apple's online App Store offers more than 25,000 (and counting) applications for the iPhone and iPod Touch, which shares the iPhone's touchscreen. As the elegantly simple iPods—often controlled with a single thumb—acquire more functionality, soldiers can shed other gadgets. An iPod "may be all that they need," says Lt. Col. Jim Ross, director of the Army's intelligence, electronic warfare and sensors operations in Fort Monmouth, New Jersey.
The iPod isn't the only multifunction handheld on the market, but among soldiers it's the most popular. Since most recruits have used one—and many already own one—it's that much easier to train them to prepare and upload new content. Users can add phrases to language software, annotate maps and link text or voice recordings to photos ("Have you seen this man?"). Apple devices make it easy to shoot, store and play video. Consider the impact of showing villagers a video message of a relaxed and respected local leader encouraging them to help root out insurgents.
Since sharing data is particularly important in counterinsurgency operations, the Pentagon is funding technology that makes it easier for the soldier on the ground to acquire information and quickly add it to databases. Next Wave Systems in Indiana, is expected to release iPhone software that would enable a soldier to snap a picture of a street sign and, in a few moments, receive intelligence uploaded by other soldiers (the information would be linked by the words on the street sign). This could include information about local water quality or the name and photograph of a local insurgent sympathizer. The U.S. Marine Corps is funding an application for Apple devices that would allow soldiers to upload photographs of detained suspects, along with written reports, into a biometric database. The software could match faces, making it easier to track suspects after they're released.
Apple gadgets are proving to be surprisingly versatile. Software developers and the U.S. Department of Defense are developing military software for iPods that enables soldiers to display aerial video from drones and have teleconferences with intelligence agents halfway across the globe. Snipers in Iraq and Afghanistan now use a "ballistics calculator" called BulletFlight, made by the Florida firm Knight's Armament for the iPod Touch and iPhone. Army researchers are developing applications to turn an iPod into a remote control for a bomb-disposal robot (tilting the iPod steers the robot). In Sudan, American military observers are using iPods to learn the appropriate etiquette for interacting with tribal leaders.
Translation is another important area. A new program, Vcommunicator, is now being issued to soldiers in Iraq and Afghanistan. It produces spoken and written translations of Arabic, Kurdish and two Afghan languages. It also shows animated graphics of accompanying gestures and body language, and displays pictures of garments, weapons and other objects. Procurement officials are making a "tremendous push" to develop and field militarily useful Apple devices, says Ernie Bright, operations manager of Vcom3D, the Florida firm that developed the software. The iPod has already transformed the way we listen to music. Now it's taking on war.
Table of Contents
End-Point Security Spreads throughout Military
By Mike Gawlas, Signal Magazine, April 15, 2009
The U.S. Defense Department’s networks now are safer and more secure as the result of an upgrade that Defense Information Systems Agency (DISA) officials say promises superb end-point security. The department’s client-server Host-Based Security System (HBSS) attaches a management agent to each host—server, desktop or laptop—for end-point security across its enterprise. Local administrators manage the system, which is configured to block known bad traffic using an intrusion prevention approach and a host-level firewall.
The HBSS provides a framework that enables Defense Department components to integrate existing security products and eliminate redundant management processes. The system’s functions and capabilities comprise a centrally managed host-based enclave-level Tier 3 information assurance/computer network defense tool that includes an intrusion detection system. In addition, the HBSS features a robust white-list capability that allows use or execution of only authorized software and hardware, including peer-to-peer software, applications, USB devices and thumb drives. Other attributes of the system include automated support for information operations conditions baselining, robust buffer overflow protection and rogue system detection as well as the ability to detect and report unauthorized computer systems on the network.
Development of the HBSS can be traced to 2003 with the formation and chartering of the Defense Department’s Enterprise-wide Information Assurance and Computer Network Defense Solutions Steering Group (ESSG). The purpose and mission of the group are to integrate, synchronize and rapidly field enterprisewide computer network defense solutions to support operational requirements. The ESSG is co-chaired by the U.S. Strategic Command (STRATCOM) and the Joint Task Force–Global Network Operations (JTF-GNO). Subordinate to STRATCOM, the JTF-GNO is responsible for conducting operations and defending the Defense Department’s Global Information Grid.
Because the ESSG highlighted comprehensive host-based security as a priority for the department, the group began gathering detailed requirements in the summer of 2005. In March 2006, the department awarded a contract to BAE Systems plc and McAfee Incorporated for an automated host-based security system solution. The goal was to provide network administrators and security personnel with mechanisms to prevent, detect, track, report and remediate malicious computer-related activities and incidents across all Defense Department networks and information systems. Piloting began at 22 sites a few months later, followed by testing, certification, accreditation and source code reviews. Separate contracts were put into place to acquire additional capability modules.
The deployment and installation of the HBSS became mandatory across the nonsecure Internet protocol router network (NIPRNET) in October 2007 through a JTF-GNO communications tasking order. This order required all Tier-3 enclave-level NIPRNET networks to have the HBSS installed by June 2008.
In February 2009, the JTF-GNO issued an additional order requiring immediate acceleration of HBSS deployment and installation on the secret Internet protocol router network (SIPRNET). DISA, working in concert with Defense Department agencies, the military services and the combatant commands, identified the required resources to meet implementation goals for the aggressive timeline. Agency planning also factored in additional teams to perform worldwide installations and in-person training classes as well as to create virtual training for system administrators.
The pilot phase of the HBSS life cycle captured valuable lessons, including that HBSS installation and deployment success most often occurred in organizations with strong network defense workflow processes, a full understanding of the local network infrastructure, and strong and enduring leadership support. As a result of the work, leaders and operators at all levels who are responsible for defending their portion of the network are becoming more aware that admitting one malicious information packet into the network can cause mission-impacting damage, DISA officials relate. Educating network users and deploying HBSS end-point security capabilities can mitigate the probability of a user’s activities endangering the network environment or putting other Defense Department networks at risk, they agree.
The HBSS is just a single tool in the Defense Department’s information assurance and computer network defense portfolio and is not a network security silver bullet, DISA officials emphasize. Multiple practices and toolsets achieve the required layers of defense. Leaders and resource managers should understand that the HBSS is not an autonomous system and requires dedicated, trained and conscientious administrators. However, once HBSS hardware and software are properly installed in a network enclave, configuration management becomes relatively straightforward, they state. As new modules become available, they can be added seamlessly to complement existing network and information system defense capabilities.
Additional information about the HBSS is available through DISA’s Information Assurance/ NetOps Program Executive Office and at the Information Assurance Support Environment Web site as well as through the Defense Knowledge Online portal.
Table of Contents
Next War Will Begin in Cyberspace, Experts Predict
By C. Todd Lopez, Army News Service, Feb 27, 2009
WASHINGTON (Army News Service, Feb. 27, 2009) -- Networks that were once separated will soon be melded together, requiring a combined effort to defend the information flow, Defense cyberspace experts said Thursday.
"Network-centric warfare means it is all connected today," said retired Air Force Lt. Gen. Harry Raduege Jr., now chairman of the Deloitte Center for Network Innovation and director of Deloitte & Touche LLP.
"No longer are we looking individually at military departments and agencies going it alone," Raduege said. "It has to be an integrated, coordinated effort across the Department of Defense and the intelligence community."
Raduege spoke during a panel discussion before an audience of Soldiers, foreign military officers and members of the defense industry Feb. 26, at the Association of the United States Army's Institute of Land Warfare Winter Symposium and Exposition in Fort Lauderdale, Fla.
Discussion by panel members focused on cyberspace, information warfare, and electronic warfare. Lt. Gen. Keith Alexander, director of the National Security Agency, moderated the panel.
"Network convergence: that is one of the most important things that is going to happen to us as an Army, as a military community, and as a nation," Alexander said. "When we talk about network convergence, if you think about what is happening on the global network, the change is significant -- order of magnitude changes every three or four years."
The general said the Army must work to train warriors to fight in the cyber environment.
"What we need from the Army is we train Soldiers how to operate in a network environment, how to do the collection, how to do the attack, how to do the defense, so they can operate in an FCS (Future Combat Systems) environment while their adversaries are doing the same things," he said.
The next war will begin in cyberspace, Alexander said.
"If you think about it, phase zero of the next war, I think, is going to be in this domain," he said. "Phase zero will be in cyberspace first. And that is where we have to win. We cannot afford to lose that."
Alexander also said Soldiers need to be aware that the enemy is watching them, even if they think they aren't worth looking at.
"What you say ... what you type, others can get. And there are other ways that the enemy can come at you. You need to think about cyberspace as a form of warfare that can be used against you, to collect on you, to target you, to blow up devices around you, and to initiate those devices," Alexander said. "You are vulnerable -- don't think they are not interested in you. There are 1.3 billion Chinese. They are interested in what we do and say, and when we are in the field, the adversary is very interested."
Timothy L. Thomas, senior analyst, United States Army Foreign Military Studies Office at Fort Leavenworth, Kan., spoke about the advances the Chinese have made in cyber and information warfare.
"How good are these guys? They really and truly do look at us and really and truly do understand us," he said. "If you get to Beijing or Shanghai, take a visit to a Peoples Liberation Army military bookstore. You will be stunned at the number of Army, Navy, Air Force, Marine and Coast Guard manuals that have been translated into Chinese and are available for sale."
Thomas said the Chinese have applied strategies to their use of cyberspace that are very different than what Americans are familiar with.
"Here's a thought most Americans won't be familiar with: how do you use a packet of electrons as a stratagem? And what is a stratagem? It is an attempt to deceive someone, to deceive their perception," he said.
Thomas said the Chinese may apply a strategy like "kill with a borrowed sword," to their use of cyber warfare. Such an attack may involve running packets of information through one nation to attack another. They may also combine '"make noise in the east, attack in the west" with another stratagem "exhaust the enemy at the gate, attack him at your ease."
"You might have an onslaught of scans on the Pentagon, when really the focus was Silicon Valley," Thomas said. "They are really adept at using packets of electrons in ways that we might not think."
Thomas said there are two important things about Chinese thought processes that should keep Americans up at night.
"One well-known Chinese strategist wrote that borders and resources no longer matter," he said. "What matters is financial flows. The more China buys up our debt, the more influence they may have in this arena -- we need to keep a close eye out here."
The second thing, he said, is that the Chinese view strategy differently than Americans view strategy. Where Americans may summarize strategy as "ends, ways and means," he said the Chinese look at things differently.
"They look at the world ... or a battlefield situation in a comprehensive way," he said. "What they do is assess the objective factors they see. This might be our science and technology level, this might be how much of our budget we spend on defense, this might be where our forces are located. These are objective factors. Then, subjectively, they look at how do you manipulate these things. This is to them the essence of strategy."
Raduege said that the threat from cyberspace is real, and that there are already real-world examples that can be looked at for study. Such attacks, he said, include the Russian cyber attack prior to invasion of Chechnya in 2002 and cyber attacks against Estonia in 2007.
"That is when cyber attacks were used but without physical aggression," Raduege said. "And Kyrgyzstan -- just earlier this year -- a directed denial of service attack shutting down two out of four of their ISPs for 10 days or so, where they lost 80 percent of their Internet capability to the west.
Table of Contents
Officials Say Hackers Didn't Steal Critical Data About New Fighter Jet
By Ann Scott Tyson and Dana Hedgpeth, Washington Post, April 22, 2009
The Pentagon and Lockheed Martin, the lead defense contractor for the new F-35 Joint Strike Fighter, suggested yesterday that cyber-attacks had not caused any serious security breaches in the Pentagon's most expensive weapons program.
Still, defense and corporate officials said attacks on the Pentagon as well as the F-35 program are constant, and former defense officials familiar with the program said some of the F-35's less sensitive systems have been infiltrated by cyber-intruders.
"We know we are probed on this every day. We have very aggressive defensive systems. The more sensitive the information, the greater the safeguards are," said Pentagon spokesman Bryan Whitman. He said he was not aware of any sensitive F-35 technology having been compromised by a cyber-attack.
The comments came in response to a Wall Street Journal story Monday reporting that cyber-attackers copied and siphoned off data related to design and electronics systems, "potentially making it easier to defend against the craft."
The F-35 is the Pentagon's most expensive, complex and ambitious aircraft program. According to program estimates, the total investment required in the F-35 exceeds $1 trillion -- more than $300 billion to buy 2,456 aircraft and $760 billion to keep them flying beyond their expected life cycle.
The program has been troubled by cost overruns and delays. Some analysts said cyber-attacks could further delay delivery of the first aircraft.
In a conference call with Wall Street analysts to discuss the company's first-quarter earnings, Lockheed Martin Chief Financial Officer Bruce L. Tanner said, "To our knowledge there's never been any classified information breach." He went on to say, "Like the government, these attacks on our systems are continuous, and we do have stringent measures in place to both detect and stop these attacks."
Troy J. Lahr, a defense industry analyst at Stifel Nicolaus, said the news of any security breach would probably "shake up people in Congress" and lead to a push for more money to fund cybersecurity.
Jim McAleese, who has worked as a consultant to Lockheed and other major defense companies, said it appears that the information the attackers got would not allow crucial insights into the aircraft's software codes, radar or electronic warfare systems.
He said it appears that the spies got information on operations and maintenance of the aircraft, which he described as "materials that have very few details to make the aircraft vulnerable."
"They'll have very little information other than how you maintain the aircraft," he said. "They'd know, for example, at what number of hours do the engines get checked, or the procedures for maintaining the stealth coding," but "they wouldn't have information about key parts," he said.
Former defense officials confirmed that more than a year ago cyber-attackers had penetrated the F-35's logistics system.
"It was not sensitive -- not an area that was very critical," one official said. "Everyone went on an alert status, and most of the programs left vulnerable were fairly minor," he said, adding that the critical areas of the program are kept on an off-line computer system. President Obama is reviewing recommendations from a comprehensive interagency assessment of the government's cybersecurity efforts, seeking to ensure that public- and private-sector efforts are properly funded and coordinated and that the White House is organized to attack the problem.
A recent Pentagon report on China's military power noted that cyber-attacks on the United States had been traced back to the communist nation.
Table of Contents
New Military Command to Focus on Cybersecurity
By Siobhan Gorman and Yochi J. Dreazen, Wall Street Journal, 22 April 2009
WASHINGTON -- The Obama administration plans to create a new military command to coordinate the defense of Pentagon computer networks and improve U.S. offensive capabilities in cyberwarfare, according to current and former officials familiar with the plans.
The initiative will reshape the military's efforts to protect its networks from attacks by hackers, especially those from countries such as China and Russia. The new command will be unveiled within the next few weeks, Pentagon officials said.
The move comes amid growing evidence that sophisticated cyberspies are attacking the U.S. electric grid and key defense programs. A page-one story in The Wall Street Journal on Tuesday reported that hackers breached the Pentagon's biggest weapons program, the $300 billion Joint Strike Fighter, and stole data. Lawmakers on the House Oversight and Government Reform Committee wrote to the defense secretary Tuesday requesting a briefing on the matter.
Lockheed Martin Corp., the project's lead contractor, said in a statement Tuesday that it believed the article "was incorrect in its representation of successful cyber attacks" on the F-35 program. "To our knowledge, there has never been any classified information breach," the statement said. The Journal story didn't say the stolen information was classified.
Barack Obama, when he was a candidate for the White House, pledged to elevate cybersecurity as a national-security issue, equating it in significance with nuclear and biological weapons. A White House team reviewing cybersecurity policy has completed its recommendations, including the creation of a top White House cyberpolicy official. Details of that and other proposals are still under debate. A final decision from the president is expected soon.
A draft of the White House review steps gingerly around the question of how to improve computer security in the private sector, especially key infrastructure such as telecommunications and the electricity grid. The document stresses the importance of working with the private sector and civil-liberties groups to craft a solution, but doesn't call for a specific government role, according to a person familiar with the draft.
Defense Secretary Robert Gates plans to announce the creation of a new military "cyber command" after the rollout of the White House review, according to military officials familiar with the plan.
The Pentagon has several command organizations structured according to both geography and operational responsibility. Central Command, for example, oversees the wars in Iraq and Afghanistan, while the Special Operations Command is responsible for operations involving elite operatives such as Navy Seals.
The cyber command is likely to be led by a military official of four-star rank, according to officials familiar with the proposal. It would, at least initially, be part of the Pentagon's Strategic Command, which is currently responsible for computer-network security and other missions.
Pentagon officials said the front-runner to lead the new command is National Security Agency Director Keith Alexander, a three-star Army general. In a rare public appearance Tuesday at a cybersecurity conference in San Francisco, Gen. Alexander called for a "team" approach to cybersecurity that would give the NSA lead responsibility for protecting military and intelligence networks while the Department of Homeland Security worked to protect other government networks. His spokeswoman said he had no additional comment.
Former President George W. Bush's top intelligence adviser, Mike McConnell, first proposed the creation of a unified cyber command last fall. The military's cybersecurity efforts are currently divided between entities like the NSA and the Defense Information Systems Agency, which is responsible for ensuring secure and reliable communications for the military. The Air Force also runs a significant cybersecurity effort.
Advocates believe the new command will be able to avoid duplication and better leverage the technical expertise of the agencies and the military services' cyberwarriors.
Cyber defense is the Department of Homeland Security's responsibility, so the command would be charged with assisting that department's defense efforts. The relationship would be similar to the way Northern Command supports Homeland Security with rescue capabilities in natural disasters. The NSA, where much of the government's cybersecurity expertise is housed, established a similar relationship with Homeland Security through a cybersecurity initiative that the Bush administration began in its final year.
NSA's increasingly muscular role in domestic cybersecurity has raised alarms among some officials and on Capitol Hill. Rod Beckstrom, former chief of the National Cyber Security Center, which is charged with coordinating cybersecurity activities across the U.S. government, resigned last month after warning that the growing reliance on the NSA was a "bad strategy" that posed "threats to our democratic processes."
Gen. Alexander countered in his speech Tuesday that the NSA did "not want to run cybersecurity for the U.S. government."
Table of Contents
Russia’s Nuclear Attack on U.S. may start with Major Banks
By Sergei Malinin, Pravda, 17 April 2009
While US scientists put forward the new doctrine of the Minimum Nuclear Deterrence (targeting missiles against Russia’s 12 key enterprises), Bigness.ru decided to draw a map of a limited strike that could paralyze the US economy. It turns out that the United States is much more vulnerable than Russia at this point. An attack against only five targets in the USA will throw the US economy back into the Stone Age.
US scientists put forward an idea to focus targets on 12 key objects of the Russian economy: enterprises of Gazprom, Rosneft, Rusal, Nornikel, Surgutneftegaz, Evraz and Severstal. The suggestion became an absolutely new approach to the deterrence doctrine. The USA currently has the Mutual Assured Demolition Doctrine, which stipulates an attack of some 200 targets on Russia’s territory.
According to various estimates, Russia’s doctrine stipulates attacks against about 100 targets on the territory of the United States. The destruction of those targets will cause critical damage to the USA.
There is no need to destroy the whole planet in order to paralyze a country and push it back into the Stone Age. The IMF can serve a very good example at this point: the organization pushed several countries into the economic abyss without the use of military force.
Leonid Ivashov, the vice president of the Academy for Geopolitical Sciences, believes that Russia would first need to attack USA’s largest banks. A successful attack would paralyze the entire dollar-dependent economy. “This is the number one goal in case of war. We would need to destroy large banks in London as well,” the Colonel-General said.
Inga Foksha, an analyst with IK Aton, did not hesitate to name five targets, the destruction of which would jeopardize the USA’s existence.
The first strike should be made against the offices of the Federal Deposit Insurance Corporation in Washington, Dallas and Chicago. “This company handles depositors’ funds. If it disappears, and if banks have no guarantees, the people will panic and will rush to cash their deposits,” Foksha said.
A company of the real sector of economy with diversified business, General Electric, for example, can become an object of the second strike. The death of the company that stands on the crossroad of several economic sectors will paralyze the activities of thousands of adjacent companies, and millions of people will lose their jobs.
The third nuclear strike will be made against Freddie Mac and Dannie Mae. “These two agencies currently devour a great amount of state funds,” Inga Foksha said.
The US Treasury and the Federal Reserve System would also make important targets to strike, the analyst believes.
We can see today that the Americans are following a different path now. It is not likely that the USA will strike a massive nuclear blow,” Leonid Ivashov said.
Economist Yevgeny Nadorshin believes that any of such subjects are insane. “The difference between the moment when they paralyze the nation’s economy and the moment when it comes to our lives, is measured in hours. No matter what kind of targets they might choose, a nuclear blow will not pass unnoticed. I am against this concept, I believe that it is nonsense,” the expert told Bigness.ru
Table of Contents
Pentagon Advisers Urge Creation of High-Level 'Cyber Council' at DOD
By Sebastian Sprenger, Inside Defense, 20 April 2009
April 20, 2009 -- Defense Secretary Robert Gates should create a "Net-Centric/Cyber Council" to guide the Defense Department's steps toward interoperable and secure military data networks, according to a new report from the Defense Science Board.
The science board task force that issued the report believes DOD is insufficiently organized, trained and equipped to deal with sophisticated attacks against its vital networks. Panelists reached "an overall conclusion that, without an integrated net-centric/cyberspace plan, threats from cyber-intelligent adversaries represent a clear and present danger" to national security, the report states.
The concept of network-centric warfare envisions information flowing quickly and securely among U.S. forces, thereby increasing situational awareness for commanders and providing the basis for improved decision-making on the battlefield.
According to DSB panelists, DOD officials thus far have been unable to provide U.S. forces the benefits of "assured net-centric interoperability," which the group considers crucial for successful operations in the age of cyber warfare.
The biggest impediment, the report states, is a lack of governance at senior Pentagon levels. To that end, the group's proposed "Net-Centric/Cyber Council" should act as a high-level hub for sorting out issues related to network architecture, software development standards, information assurance and the testing and certification of new capabilities, the report states.
The council should include senior leaders from the services, the Office of the Secretary of Defense, the Joint Staff and relevant defense agencies, including the National Security Agency. In addition, the commanders of U.S. Strategic, Joint Forces and Northern commands also should be members.
Co-chaired by the deputy defense secretary and the vice chairman of the Joint Chiefs of Staff, the council would report to an executive committee consisting of the defense and homeland security secretaries and the director of national intelligence, the report states.
The council should issue concrete taskings to organizations across the defense establishment. For example, a Network Systems Architecture Group should be established at the Defense Information Systems Agency to "define the defense network enterprise and to develop . . . the supporting cost, budget and Program Objective Memorandum data," the report states.
DISA officials also should establish a team of senior officials versed in management, technology and engineering to address the development of a common "service-oriented architecture" throughout DOD.
The term service-oriented architecture, or SOA, describes sets of independent application modules, often Web-based, capable of exchanging data. Developing software under SOA guidelines means reusing and adapting code for different applications, while maintaining certain characteristics across all modules for improved performance and maintenance.
Council members should direct STRATCOM officials to build an "information assessment capability," beginning with the examination of "a few select systems" for assurance risks and "battle-mode requirements," the report states.
Panelists expand on this recommendation later in the document, calling for the creation of teams charged with determining which methods of attack "top-tier cyber adversaries" could employ against certain systems.
"Several mission-critical systems that have been recently penetrated should be included within this study," panelists wrote.
Finally, "Net-Centric/Cyber Council" members should work toward improved interoperability between the homeland defense and homeland security mission areas in DOD and the U.S. government, the report states.
"Early in its operation, the [DSB] task force surveyed progress toward DOD interoperability with the intelligence community and noted excellent progress in their partnership," panelists wrote. "This was not the case for the relationship between DOD and DHS," the panelists wrote.
Table of Contents
China Rejects Cyber-Attack Claim
From United Press International, April 23, 2009
BEIJING, April 23 (UPI) -- China faces computer hacking problems of its own and should not be accused of hacking into other countries' computers, a foreign ministry spokeswoman said.
"We have reiterated many times our policies of firmly opposing and severely cracking down on all crimes that damage the Internet, including hacking," Jiang Yu said a news conference.
Jiang commented in response to questions about U.S. plans for a new military command focused on protecting computer networks from cyber warfare, Xinhua, China's state-run news agency reported. Some U.S. computer experts have alleged recent attacks on Internet systems may have originated in China.
Jiang said China faces its own problems, with statistics showing that eight out of 10 computers in China with Internet access have been attacked by hackers.
China has the largest number of Internet users in the world, Jiang said, adding that nearly 300 million Chinese accessed the Internet last year.
Table of Contents
The Cold War Moves to Cyberspace
By Charles Cooper, WIBW, Apr 22, 2009
Somewhere deep in Washington's national security apparatus, more than a few old-timers surely pine for the clarity of the Cold War. Black versus white, American versus Russian, spy versus spy - the good old days.
Now, however, they face more ephemeral threats from shadowy foes that prefer to cloak their identities.
"There's a cyber war going on," said Ed Giorgio, who spent nearly 30 years with the National Security Agency before starting an IT security consultancy in 2007. The problem, he says, is that identifying an online adversary isn't as easy as pinpointing an enemy tank formation.
"Adversaries are just as likely to be nationalists as they are likely to be countries," said Giorgio, echoing a theme that cyber security experts say is likely to shape the Pentagon's approach to building Internet defenses in an increasingly networked world.
The extent of the problem was hinted at earlier in the day by Defense Secretary Robert Gates. In an upcoming 60 Minutes interview, Gates told CBS News anchor Katie Couric that the United States is "under cyber-attack virtually all the time, every day" and that his department will more than quadruple the number of experts to battle cyber attacks. (Read more)
Gates' comments came only hours after the Wall Street Journal reported that cyber spies had breached the DOD's Joint Strike Fighter project and also had penetrated the Air Force's air-traffic-control system. The Journal did not have details on the identities of the intruders but many industry experts are pointing fingers at China.
If true, that should not surprise anyone, says security analyst Richard Stiennon. In fact, he says, cyber probes from China have become more frequent since a U.S. Navy EP-3 was forced down by a Chinese fighter plane over the South China sea in 2001.
That incident led to a brief diplomatic row as well as a surge in of cyber attacks against U.S. Web sites. What's more, only a couple of years earlier, Chinese hackers attacked private and government Web sites in the U.S. in retaliation after NATO accidentally struck the Chinese embassy in Belgrade during the Kosovo crisis.
But finding out who orchestrated the attacks remains a mystery.
"I talked to IT administrators who said that if you were running Microsoft IIS, (server software for the Internet) then you were getting hacked," Stiennon said. "That was the beginning of the Chinese attacks....but it had plausible deniability. That's the beautiful thing about attributing the source of the attacks."
Dmitri Alperovitch, who specializes in threat research at the software security firm, McAfee, offers a more blunt assessment of what's happening on the ground. He says the U.S. is "in the midst of a cyber Cold War" and that the roster of potential foes could lengthen as more countries acquire more sophisticated knowledge about how to conduct cyber warfare.
He said that Russia defines cyber war as a force multiplier while China views cyber war as a way to get control of an enemy without the need for engaging on a physical field of battle. "It's straight out of Sun Tzu," he said.
That's the rub. Even in cases where a hack attack seems clearly linked to a government sponsor, experts say it's still hard to conclude the identity beyond a shadow of a doubt. In March 2007, Estonian Web sites got knocked out after the regime decided to move a Soviet statue from one park to another. Last August, when Russian tanks rolled across the border, Georgia's government ministries also got overwhelmed by a coordinated cyber attack.
U.S. and NATO officials don't seem to have any confusion about who was behind the attacks. In fact, NATO has since created a cyber defense center in Tallinn, Estonia. But in the absence of a smoking gun, this remains an unanswered question. Indeed, defenders of Russia attribute the brief cyber war to nationalists acting independently.
Same goes for the Chinese, who are assumed to be behind the recent "GhostNet" attacks involving targets in the Tibetan community.
"Even if an attack comes from Beijing, it doesn't mean that it comes from the Chinese government," said Ed Skoudis, the founder of the security consultancy, InGuardians. "You can't jump to that automatic conclusion."
The only clear conclusion is that this sort of activity is likely to become increasingly common. That's why Secretary Gates and his team are about to wade through lots of resumes in the coming weeks and months.
Table of Contents
Book About The New Battlefield - Cyberspace
By PR Newswire, Apr. 23, 2009
DAYTON, Ohio, April 23 /PRNewswire-USNewswire/ -- Susan Brenner doesn't fret about the lone hacker creating a little havoc.
In the post-9/11 world, she worries about nontraditional warfare waged by terrorists using computers as weapons. Brenner, who's conducted cybercrimes training for the U.S. Secret Service and spoken at numerous national and international conferences, predicts cyberspace will become the new battlefield in her newly published book, Cyberthreats: The Emerging Fault Lines of the Nation State (Oxford University Press).
"At some point, we'll see terrorists begin to use cybercrime for their own purposes," said Brenner, NCR professor of law and technology at the University of Dayton and an internationally renowned, prolific scholar in the emerging field. The American Bar Association has invited her to address "Is Your Data Secure? Responding to the Next-Generation Computer Crimes" at its April 29-May 1 section annual conference in Atlanta.
"With cyberthreats, it is difficult for the attacked to know the identity of the attacker or to determine the nature of the attack -- whether war or crime or terrorism. If we don't know who is attacking, how do we counterattack? If we don't know whether the attack is a crime or an act of war, we don't know whether to use the police or the military," she said, noting that the enemy is often invisible and that geography becomes irrelevant.
Pointing to her laptop sitting on her office desk, she added, "That laptop sitting there is a border. It can be exploited." Brenner doesn't go as far as to liken cyberwarfare to Pearl Harbor, but believes the threat is pervasive and a cause for genuine concern. "It wouldn't be hard," she said, "to destabilize smaller countries."
Sound far-fetched? This week, Defense Secretary Robert Gates told CBS News that the United States is "under cyber-attack virtually all the time, every day" and that the Defense Department plans to more than quadruple the number of cyber experts it employs to ward off such attacks.
Brenner cites a 2007 two-week digital attack on the country of Estonia, initially believed to originate in Russia, as evidence of the kind of attacks that can shut down government sites and financial institutions and knock out electricity. She believes the U.S. needs to develop a new approach for dealing with cyberthreats and protecting cyberspace.
Her suggestions for a new model?
* Integrate the efforts of the military and law enforcement by collecting and sharing timely information about actual or suspected attacks. Two organizations -- U.S. Secret Service's Electronic Crimes Task Forces and the FBI's InfraGard program -- already do this, she noted, but more needs to be done to create greater cooperation.
* Involve civilians in the effort. Encourage whistleblowing by citizens to alleviate the underreporting of cybercrime. Encourage victims to report cyberattacks by offering them assurance the information would not be used to initiate criminal proceedings against the perpetrator unless they agreed.
* Create a new federal agency, Cyber Security Agency, to respond to cyberthreats.
The time for greater action is now, in part because the cost of cybercrime is skyrocketing.
"In 2004, the Federal Bureau of Investigation estimated that cybercrime cost U.S. citizens about $400 billion, and in July 2007 FBI Director Robert Mueller said he believes only about one-third of cybercrime in the U.S. is actually reported to the FBI," Brenner said. "I have heard cybercrime estimates are much, much higher than the figure cited for 2004. ...It will continue to increase until governments begin to create realistic disincentives for cybercriminals."
The "cyber-vandals" are not at the gate, and "we are not the Roman Empire in the early fifth century A.D.," but Brenner is sounding the alarm with her book. "I may be wrong, but I suspect the challenges emerging in this area are analogous to pre-shocks that signal an impending earthquake," she said.
Table of Contents
Hackers: the China Syndrome
By Mara Hvistendahl, Popular Science, 04.23.2009
For years, the U.S. intelligence community worried that China’s government was attacking our cyber-infrastructure. Now one man has discovered it’s worse: It’s hundreds of thousands of everyday civilians. And they’ve only just begun.
At 8 a.m. on May 4, 2001, anyone trying to access the White House Web site got an error message. By noon, was down entirely, the victim of a so-called distributed denial-of-service (DDoS) attack. Somewhere in the world, hackers were pinging White House servers with thousands of page requests per second, clogging the site. Also attacked were sites for the U.S. Navy and various other federal departments.
A series of defacements left little doubt about where the attack originated. "Beat down Imperialism of American [sic]! Attack anti-Chinese arrogance!" read the Interior Department's National Business Center site. "CHINA HACK!" proclaimed the Department of Labor home page. "I AM CHINESE," declared a U.S. Navy page. By then, hackers from Saudi Arabia, Argentina and India had joined in. The military escalated its Infocon threat level from normal to alpha, indicating risk of crippling cyber-attack. Over the next few weeks, the White House site went down twice more. By the time the offensive was over, Chinese hackers had felled 1,000 American sites.
The cyber-conflict grew out of real-world tensions. A month earlier, a U.S. EP-3 reconnaissance aircraft flying off the southern coast of China had collided with a Chinese F-8 fighter jet. The American pilot landed safely, but the Chinese pilot was killed. China's hackers lashed out. It wasn't the first foreign attack on American sites, but it was the biggest -- "the First World Hacker War," as the New York Times dubbed it.
The Chinese attacks were poorly coordinated, and it's tempting to dismiss them as harmless online vandalism. But subsequent attacks have become more serious. In the past two years, Chinese hackers have intercepted critical NASA files, breached the computer system in a sensitive Commerce Department bureau, and launched assaults on the Save Darfur Coalition, pro-Tibet groups and CNN. And those are just the attacks that have been publicly acknowledged. Were these initiated by the Chinese government? Who is doing this?
Early clues came through the boasts of a single Chinese hacker. On May 20, 2003, a man named Peng Yinan, then known only by the moniker coolswallow, logged into a public Shanghai Jiaotong University student forum and described how he formed a group at the university's Information Security Engineering School that coordinated with other hackers to bring down in 2001. "Javaphile was established by coolswallow (that's me)" and a partner, he wrote in Chinese. "At first we weren't a hacker organization. After the 2001 China-U.S. plane collision incident, Chinese hackers declared an anti-American Battle . . . and coolswallow joined in the DDoS White House attacks." Later, he bragged, his group defaced other sites it considered anti-Chinese, including that of the Taiwanese Internet company Lite-On.
Peng left two e-mail addresses, his chat information and the screen names of four other hackers. He soon expanded his online profile with a blog, photos, and papers describing his hacking openly. But his boasts went unnoticed until 2005, when a linguist in Kansas typed the right words into Google, found Peng, and pulled back the curtain on a growing danger.
GHOSTS IN THE MACHINE
In its report to Congress last year, the U.S.-China Economic and Security Review Commission called Chinese cyber-espionage a major threat to U.S. technology. "China is aggressively pursuing cyber warfare capabilities that may provide it with an asymmetric advantage against the United States," the commission warned. As everything from health-care services to credit-card records to classified military information moves into a networked age, the risk that our digital systems could be crippled by outside attackers -- or worse, pillaged for sensitive information -- is very real. The commission report cited vulnerable American targets such as the electric grid and the municipal-waste, air-traffic-control, banking and Social Security systems. Before leaving office in January, President Bush authorized the creation of a National Cyber Security Center under the Department of Homeland Security, and in February, President Obama's budget proposal called for giving the department $355 million to secure private- and public-sector cyber-infrastructure.
But there's reason to believe that a damaging attack won't originate in some dedicated Chinese government bureau. In previous testimony before the commission, James C. Mulvenon, director of the defense think tank the Center for Intelligence Research and Analysis, said he was more immediately concerned with independent, civilian-led "patriotic hacking."
James Andrew Lewis, a senior fellow at the Center for Strategic and International Studies (CSIS), which helped develop cybersecurity policy recommendations for the Obama administration, shares that concern. "The U.S. government had a number of serious computer incidents in 2007, most of which were attributed to China," he says. "The focus in Washington is on what appear to be state-sponsored activities. That, of course, is only a part of what's going on in China."
From China, where I've lived for four years, this assessment looks spot-on. Hackers are pervasive, their imprint inescapable. There are hacker magazines, hacker clubs and hacker online serials. A 2005 Shanghai Academy of Social Sciences survey equates hackers and rock stars, with nearly 43 percent of elementary-school students saying they "adore" China's hackers. One third say they want to be one. This culture thrives on a viral, Internet-driven nationalism. The post-Tiananmen generation has known little hardship, so rather than pushing for democracy, many young people define themselves in opposition to the West. China's Internet patriots, who call themselves "red hackers," may not be acting on direct behalf of their government, but the effect is much the same.
STUMBLING ONTO THE DANGER
In 2004, Scott Henderson, a trim 46-year-old with sandy brown hair, had just retired from decades as a language expert for the U.S. Army to work for a private intelligence contractor in Fort Leavenworth, Kansas. With a command of Mandarin, not to mention a Taiwanese wife, Henderson's knowledge of China makes him valuable in the intelligence community. His mandate at the new job was open-source intelligence, which meant using only information from publicly available sources, mimicking the capabilities of the average civilian. Although he had little experience in the subject, he was assigned a report on Chinese hackers.
Sitting down at a desk overlooking the Fort Leavenworth military base, Henderson started, like any novice, with Google. Using Mandarin characters, he typed heike -- literally, "black guest" -- pulling up the characters for "hacker." Probably, he thought, he'd find articles rehashing weak Western reports. But when he hit "return," his browser displayed a slew of unfamiliar sites: , , . There were hundreds, maybe thousands. He quickly realized that each was the online headquarters of a Chinese hacker organization, with detailed logs of hacks, contact information for hackers, and forums where users discussed targets. Chinese hackers, it turns out, take credit on their own sites for attacks, leaving a long trail of documentation. They are so attention-driven that when they post images of their successes to online trophy rooms, they tag them with e-mail addresses, URLs, even cellphone numbers. Within three minutes, Henderson had more information than he knew what to do with.
He spent the next few months trying to make sense of the data. To map connections among hacker sites, he laid a large sheet of paper out on the floor of his office and started sketching the network by hand. The diagram quickly extended off the page. Then it extended off several taped-together pages. After a co-worker suggested the computer program i2 Analyst's Notebook, an investigative tool that allowed him to craft a more sophisticated model, Henderson, following links from site to site, connected 250 hacker pages. Monitoring a cross-section of sites over several days to estimate the number of people logged in at any given time, he came up with 380,000 hackers.
There were localized clubs, whose members saw one another regularly. There were fleeting groups, whose sites appeared and disappeared in a matter of weeks. There were kid hackers, femme-fatale hackers and hacker wannabes (although most hackers are simply computer-savvy 20-somethings -- what Henderson calls "normal guys"). One group penned a theme song. Henderson recognized early on that such publicity ploys were not the work of the state. "If this was some secret government-run organization," he says, "it was the most horribly run secret government organization in the universe."
Instead, Chinese hackers work in small, competing crews, he found. During moments of crisis, like the 2001 EP-3 collision, the groups band together into coalitions called "Chinese emergency conference centers." The Red Hacker Alliance, often described in the Western press as a monolithic group, is in fact a loose association allowing disparate cells to coordinate their efforts.
But the largest unifying characteristic is nationalism. In a 2005 Hong Kong Sunday Morning Post article, a man identified as "the Godfather of hackers" explains, "Unlike our Western [hacker] counterparts, most of whom are individualists or anarchists, Chinese hackers tend to get more involved with politics because most of them are young, passionate, and patriotic." Nationalism is hip, and hackers -- who spearhead nationalist campaigns with just a laptop and an Internet connection -- are figures to revere.
Henderson says he's found nothing to show a direct connection between the central government and civilian hacker groups. But he emphasizes that the relationship between citizen and state is fluid in China, and that the Chinese government tends not to prosecute hackers unless they attack within China. To Henderson, that lack of supervision is tacit approval, and it constitutes a de facto partnership between civilian hackers and the Chinese government.
Jack Linchuan Qiu, a communications professor at the Chinese University of Hong Kong who spent the 2001 hacker war logged into mainland forums, agrees. "Chinese hackerism is not the American 'hacktivism' that wants social change," he says. "It's actually very close to the state. The Chinese distinction between the private and public domains is very small." Chinese entrepreneurs returning from working in Silicon Valley, Qiu says, sometimes comply with government requests to provide filtering technology to China's Internet police. Homegrown hackers might just as easily be recruited to write viruses or software for the People's Liberation Army.
Ultimately, hackers with loose government connections may be more frightening than state-sponsored cyberwarfare. According to Lewis, "The government at a minimum tolerates them. Sometimes it encourages them. And sometimes it tasks them and controls them." In the end, he says, "it's easy for the government to turn on and hard to turn off."
"These rogue groups are missing oversight," Henderson says. "When a situation is approaching critical mass" -- if, for instance, these hackers decide to abandon simple vandalism and start gunning for Social Security numbers or classified information -- "who's the guy who pulls back and says, 'No, we don't go any further'?"
A HACKER IS BORN
Shanghai Jiaotong University, one of the best in China, sits on the southern edge of Shanghai, surrounded by the R&D labs of multinational corporations. On the day I visit, students are sprawled on a verdant lawn, chatting and studying. Just behind them is the Information Security Engineering School, a futuristic mélange of maroon and gray.
Peng Yinan formed Javaphile here in September 2000. Peng originally saw the group as a way to explore physics and programming. But the following spring, patriotic fury at the EP-3 collision turned the group to hacking. A scholarship student, Peng was dark and intense, with long bangs hanging over his eyes and a fondness for horror films, Buddhist texts, and blogging about food. A former roommate of Peng's tells me his anti-American sentiments were common. "Everybody was very nationalistic," he says. "It's not like he was exceptional."
In 2002, Peng and two other hackers broke into the Web site of Lite-On and replaced the Taiwanese firm's home page with an image of a white face with hollowed-out eyes, along with the message "[F-ck] Taiwan's pro-independence!!!" In December 2003, the ghost face reemerged on the U.S. Navy Chartroom site, an internal Navy page. "[F-ck] ," read the defacement, which was signed by coolswallow and four others.
Soon after, Javaphile disintegrated. But Peng continued to take online casualties, defining his role as electronic patriot more and more broadly. After the U.S. invasion of Iraq in 2003, Peng, objecting to American imperialism, plastered the Washington, D.C. -- area Fox News site with "Allah Bless Iraq!!! Don't throw bombs, throw Bush."
CHASING PENG
In 2006 Henderson published a book about his search for Chinese hackers, The Dark Visitor, and in November 2007 he posted a profile of Javaphile to his blog, . He didn't yet know coolswallow's real name, so he used the hacker's screen handle, which was easy to deduce from Javaphile forum posts. Hackers regularly read Henderson's blog; once, one e-mailed to complain that government censors had blocked the site. So when traffic spiked a few weeks after the Javaphile post, Henderson checked to see where it was coming from.
He traced the traffic to a Jiaotong University forum, where a user named ericool had linked to Henderson's site. "There's a passage about Javaphile and coolswallow," ericool wrote. "He uses my blog." Henderson soon pulled up posts connecting ericool to a Jiaotong University group called Pneuma, along with a post from 2002 that ericool had signed "CoolSwallow of Javaphile." They were the same person.
Clicking through the discussion schedule on Pneuma's Web site, (devoted to "cherishing the motherland when gazing at the world"), Henderson learned that a "senior hacker" named Peng Yinan had delivered Pneuma's second-anniversary lecture, "Hacker in a Nutshell." The poster for the event was appended with a quote from Hamlet: "I could be bounded in a nutshell and count myself a king of infinite space."
One PowerPoint slide from the lecture underlines the importance of simple, openly available techniques, noting that in 2006 the Chicago Tribune obtained contact information for 2,600 CIA agents using a commercial online service and suggesting that hackers "use illegal methods in weak sites to obtain information on personnel from safe sites." Chinese coverage of the event showed Peng lecturing easily from behind an open laptop. Henderson now had definitive evidence connecting coolswallow and ericool to Peng's name, allowing him to reconstruct the hacker's biography. What most intrigued him, however, was a phrase in small type at the bottom of the Pneuma flyer describing Peng as a consultant for the Shanghai Municipal Bureau of Public Security.
Henderson promptly posted his findings on his blog, with a copy of the presentation, an introduction to Pneuma, and Peng Yinan's photo. It was impossible to deduce the exact nature of Peng's new job. Based on the flyer, he was working for the Shanghai government, not for the national intelligence service. But such an arrangement supported Henderson's assessment of China's informal government-hacker relationship, providing evidence that after hackers cut their teeth on nationalist campaigns, the government might hire them to take on freelance work.
Five hours after the post went up, a user calling himself Pneuma Collegium posted a comment: "Your use of the logo and the photo of Pneuma Collegium is . . . an infringement of Pneuma Collegium's copyright." When Henderson saw that the poster's IP address belonged to , his blood boiled. Henderson removed the logo and the PowerPoint presentation but kept the photo up, citing U.S. law on fair use of images. His aim, he told me later, was to keep the image of Peng publicly available. "When the FBI gets their hands on you," he said, as if still in conversation with the hacker, "I want them to match this picture to your face -- and take you to jail."
WHEN WILL WE CATCH ON?
The problem, of course, is that it's practically impossible for the FBI to catch or prosecute hackers operating abroad. "The international legal framework doesn't exist," says the CSIS's Lewis. And extraditing a hacker to the U.S. simply doesn't happen, given our current relationship with China. Learning to defend ourselves seems to be the only option.
In the meantime, Chinese hackers are becoming harder to monitor. Increasingly, they coordinate through private text-messaging rather than on blogs or Web sites, leaving no public record of their activities. In late 2007, after finding the Javaphile profile on Henderson's blog, Peng logged into the Jiaotong University forum and typed, "Looks like I should quit the historical stage." A few weeks later, he stopped posting on public forums altogether. He graduated the next month.
Last summer, I e-mailed Peng at nine e-mail addresses collected from his blog, academic papers, hacks and the Pneuma site. Eventually I received a reply from a Pneuma member called janeadios. "Peng Yinan is no longer involved with Internet security," it read. But traces of him remained. Earlier that year, in March, he was one of three graduates invited back by the Information Security Engineering School to deliver a career talk to students.
Rather than quit hacking, Henderson speculates, Peng retreated from view. In the months leading up to the Beijing Olympics, the Chinese government tightened its control on information. Peng may have been contracted to monitor the Web. In any case, his disappearance from the virtual realm means the loss of valuable indicators of future attacks.
In February, President Obama launched a 60-day investigation into cybersecurity, pledging to improve U.S. Internet defense. Acting on the review commission's findings, however, will require a coordinated, interdepartmental effort. First on the list should be reading Henderson's painstakingly detailed reports. And Peng's disappearance suggests that time is running out. If we can't handle the information Chinese hackers are leaving now, scarier still is what could happen when it disappears.
Table of Contents
Pentagon Jams Web, Radio Links of Taliban
By Yochi J. Dreazen and Siobhan Gorman, Wall Street Journal, 18 April 2009
WASHINGTON -- The Obama administration is starting a broad effort in Pakistan and Afghanistan to prevent the Taliban from using radio stations and Web sites to intimidate civilians and plan attacks, according to senior U.S. officials.
As part of the classified effort, American military and intelligence personnel are working to jam the unlicensed radio stations in Pakistan's lawless regions on the Afghanistan border that Taliban fighters use to broadcast threats and decrees.
U.S. personnel are also trying to block the Pakistani chat rooms and Web sites that are part of the country's burgeoning extremist underground. The Web sites frequently contain videos of attacks and inflammatory religious material that attempts to justify acts of violence.
The push takes the administration deeper into "psychological operations," which attempt to influence how people see the U.S., its allies and its enemies. Officials involved with the new program argue that psychological operations are a necessary part of reversing the deterioration of stability in both Afghanistan and Pakistan.
The Taliban and other armed groups have carried out a wave of attacks in the two countries. U.S. officials believe the Taliban enjoy an advantage by being able to freely communicate threats and decrees.
In Pakistan, Taliban leaders use unlicensed FM stations to recite the names of local Pakistani government officials, police officers and other figures who have been marked for death by the group. Hundreds of people named in the broadcasts have later been killed, according to U.S. and Pakistani officials.
"The Taliban aren't just winning the information war -- we're not even putting up that much of a fight," said a senior U.S. official in Afghanistan. "We need to make it harder for them to keep telling the population that they're in control and can strike at any time."
The new efforts were described by an array of U.S. officials, several with firsthand knowledge of the technologies and tactics used to block the radio stations and Web sites. The Pentagon, the Joint Chiefs of Staff and the Central Intelligence Agency declined to comment.
Psychological operations have long been a part of war, famously in World War II when "Tokyo Rose" broadcast English-language propaganda to Allied troops. More recently, some militaries have used high-tech methods. During the December-January war in Gaza, Israeli forces sent cellphone text messages to alert Palestinian civilians to impending strikes and encourage them to turn against the militant group Hamas.
The Obama administration's recently released strategy for Afghanistan and Pakistan calls for sending 4,000 U.S. military trainers to Afghanistan and sharply expanding economic aid to Pakistan. The U.S. may also provide radio-jamming equipment to the Pakistani government, according to officials familiar with the plans.
The new push reflects the influence of Gen. David Petraeus, who runs the military's Central Command and has long been a major proponent of using psychological operations to reduce popular support for armed Islamist groups.
Another supporter, Richard Holbrooke, the administration's special envoy for Pakistan and Afghanistan, publicly alluded to the new program late last month. He told reporters there were 150 illegal FM radio stations in Pakistan's Swat Valley, which allowed militants to go "around every night broadcasting the names of people they're going to behead or they've beheaded."
Mr. Holbrooke likened the Taliban radio stations to Rwanda's Radio Mille Collines, a virulently sectarian broadcaster widely believed to have helped fuel the Rwandan genocide. The U.S. considered jamming the station in the 1990s, but ultimately chose not to.
"Nothing has been done so far" about impeding the Taliban communications, Mr. Holbrooke said. "We have identified the information issue ... as a major, major gap to be filled."
Psychological operations can be controversial. In Iraq, the Pentagon at one point ran a program that paid Iraqi journalists to run articles and opinion pieces supportive of U.S. war aims and the Iraqi central government. Critics called it government-funded propaganda, while the Bush administration defended the effort.
Henry A. Crumpton, a former State Department counterterrorism chief who led the CIA's Afghanistan campaign in 2001 and 2002, warned against relying too heavily on high-tech solutions such as disrupting militant radio broadcasts. "Those can be very effective, but they're -- underscore -- short-term tactics," he said.
Still, many military officials believe that stabilizing Afghanistan and Pakistan requires gradually diminishing the Taliban's public standing while simultaneously building popular support for more moderate local political and religious institutions allied with the U.S.
"It's not an issue of trying to persuade your average Pakistani farmer to love the U.S.," a U.S. official said. "The idea, frankly, is to muddy the water a bit."
As part of this push, the U.S. has started U.S.-funded radio stations in many rural parts of Afghanistan. In one example, Army Special Forces teams in eastern Paktia, a restive Afghan province that abuts the Pakistani frontier, put on air a radio station late last year called "the Voice of Chamkani," referring to the village where the U.S. base is located, and distributed hundreds of radio receivers.
According to an account in the current issue of "Special Warfare Magazine," an Army publication on special operations, the U.S.-run radio station has worked to build support for the Afghan national government by highlighting local development projects that were approved by Kabul.
Table of Contents
Snooping Dragon Raises Ante (commentary)
By Kerri Houston Toloczko, Washington Times, April 24, 2009
The report released in late March from Canadian security analysts describing cyberhacking by the Chinese government and this week's news of China's incursion into the U.S. electrical grid came as no surprise to China watchers or the members of my household.
Since I was appointed in 2006 as a commissioner to the U.S. China Commission, my family has said hello to China every day when we turn on our computers. Just as soon as our friend-who-shall-remain-nameless (and counterhacking expert) clears our computers of Chinese keystrokes, they reappear.
Although the People's Republic of China is welcome to read my Christmas card list and my son's homework assignments, it is pathetically ironic that it is likely perusing my writings on China already available in the public domain under the freedoms assured by our constitutionally protected speech. Unlike China, we do not have 30,000 Internet police trolling the Web for offensive words like "freedom" or "liberty."
China has long believed that because our weapon capabilities are so advanced, it should challenge us on the cyberintelligence and information-warfare battlefield. As far back as 1996, a Chinese military official noted in the Liberation Army Daily newspaper: "Thanks to modern technology, such as the development of information carriers and the Internet, many can now take part in fighting without even having to step out the door." Indeed, if this analyst is right, China will not need to fire so much as a shot to do serious harm to America's security interests.
The Chinese have been remarkably successful in cyberwarfare, compromising computers used by the offices of the Dalai Lama, NATO, global financial institutions, 103 government ministries and embassies around the world - and, of course, my laptop.
China's military budget has experienced double-digit growth for 10 years, and its plan to steal proprietary information to assist its meteoric growth is organized and strategic. In the 1980s, China's government adopted Project 863, a plan designed to steal emerging technologies from other countries and financially reward any Chinese entrepreneur who turned them into viable products or systems.
Stolen stuff comes cheap, and it appears the Chinese have decided that spending time and millions - or even billions - of dollars on research and development would be wasteful when they can obtain critical assets and information for far less through hacking and theft.
Many stolen products and technologies come from our public sector but often have "dual use" military-modernization functionalities. In 2007, a naturalized American born in China was caught at Chicago's O'Hare International Airport with a one-way ticket to Beijing and $600 million worth of proprietary information from Motorola Inc. useful to military communications and tactical combat technology.
The coordinated industrial and military espionage against the United States and successful hacks into Pentagon computers have aided China not just in growing its conventional and nuclear capacity, but also its advances in space weaponry.
It is hard to argue, as the Chinese do, that this buildup is benign. Indeed, the Chinese are reported to already have technology that could disable our satellite communication networks and Navy battle groups using cyberattacks.
To a great extent, American dollars have enabled the Chinese to carry out their cybersnooping. China's current account surplus with us is approaching $400 billion, and we ended 2008 with a $266 billion trade deficit with China.
At the same time, our ability to source materials used by our military continues to dry up as U.S. manufacturers go out of business, in large part due to our decidedly lopsided trade with China, which results from its cheating on a number of economic fronts.
We don't know when we might have to defend ourselves in an action involving a country in which China has an energy or political interest. Skirmishes can pop up anywhere at any time, such as Colombia's dust-up with Ecuador earlier this year. As we lined up with our friend Colombia, Ecuador had Venezuela on its team, a country that China relies on greatly as an energy source. Our friend Taiwan is locked in a seemingly endless and precarious dance of pseudo-separation from the mainland, and China's energy buddy Iran constantly aims its saber-rattling at Israel.
As China hacks our computers, Congress hacks our military budget. Congress also turns a deaf ear to missile defense and defensive space technology.
While the government is busy "stimulating" the inspection of urban canals and buying new chairs for bureaucrats, it should also use tax dollars to enhance our military and cybersecurity. We must ensure that domestic manufacturers have adequate capacity to supply our military as well as adequately fund computer technologies and personnel required to counter any aggression that threatens us at home or abroad.
Table of Contents
Electronic Battlefield
By Ian Elliot, Kingston Whig Standard, 24 April 2009
Military war games usually pit red against blue in the field, but a high-tech exercise underway at Royal Military College this week has black hatters sparring with green berets in the battlefield of cyberspace.
The college is participating in the ninth annual Cyber Defense Exercise, a training event for future military IT specialists.
A team of RMC post-grad students and support specialists are operating a simulated computer network in an unnamed European country, which is under sustained cyber-attack by real-life computer hackers from the National Security Agency, the super-secretive American intelligence and crypto agency.
With vast domestic surveillance and electronic eavesdropping powers, the NSA is perhaps the only U. S. agency legally allowed to attack somebody else's computer network, and they are doing their best to do that.
Just ask Maj. Gary Wolfman. The signals officer was acting as duty officer yesterday morning in the fifth-floor computer lab where the simulation was taking place and said the team of American spooks was throwing everything it had at the small Canadian team.
The NSA, playing the red enemy against the blue military teams, was moving from network to network, using rolling IP addresses to cover its tracks and throwing its entire malicious electronic toolkit at the small Canadian network.
"What haven't they done to us?" Wolfman asked rhetorically, his eyes rarely leaving a computer screen displaying evidence of attacks and probing by the American spies.
"They broke in and defaced our web page yesterday, we've caught them trying to download our databases, they did some social engineering by breaking the passwords of cadets at other schools and sending us e-mails pretending to be them and asking us to take down our firewall because they couldn't get into the site -- they've been keeping us busy."
The RMC team observed the exercise last year and joined this year for the first time.
It is only a simulation, but it is the sort of exercise with which troops can expect to be dealing for real as what the military calls the electronic battlespace becomes as important as the physical one.
It is already a reality. Estonia's computer network was taken down last year, and when hostilities between Georgia and Russia broke out over the natural gas pipeline running through Georgia, both nations' computer networks came under sustained and repeated attack.
The signals school at CFB Kingston established a million-dollar electronic battlefield simulator for its students last year.
Eight other teams across North America, ranging from the U. S. army, naval and air force academies to the U. S. Coast Guard and merchant marine academies are fielding teams in the same exercise, each with the same task -- to assume the network of an imaginary country, somewhat neglected and long unpatched, and keep it running while fending off the best efforts of the NSA hackers to compromise it.
The exercise gives students a controlled environment in which to view an attack, improve their analysis and response skills and allows them to see the potential consequences of weak network security.
"They are going in to assist a country whose national network has not been kept up, has not been patched all that well, and their job is to defend the network," explained Dan Knight, the professor overseeing the exercise.
"The threats come from outside, and also from the computers themselves, which have been previously compromised -- with a lot of the boxes, we know the bad guys are already in them."
Referees from the NSA are at RMC to evaluate how the Canadian students do. It is a competitive exercise based on factors like how long the network is kept up and functional, although a trophy emblazoned with garish gold eagles honoring the winner is shared only among the three U. S. military academies.
The exercise runs 24 hours a day, and the computer lab is littered with the sort of fuel you see when IT types pull all-nighters -- coffee cups, soft drink cans and bags of snack food are scattered among the machines.
At his monitor, Wolfman observes there are tactical similarities between the electronic battlefield and the modern asymmetric warfare Canadians are facing in places such as Afghanistan.
In cyberspace, you don't know exactly who is attacking you -- they could be military, civilian or non-state actors such as terrorist groups -- and you don't know when or how they will launch their next attack. The battlespace is also scattered with non-combatants who have a legitimate reason to be there but whose actions could be mistaken for malicious intent.
Unlike a classic two-sided conflict, the war doesn't end with one side showing a white flag and turning over their swords in a ceremony of surrender.
"You're never going to be able to say you won, like you were able to say in a battle during the Second World War after you pounded the other guy into the ground," said Wolfman with a smile.
"This is just like any other fourth-generation warfare -- the best you'll be able to say is that you did OK today when you take your boots off at night, but tomorrow is another day."
Table of Contents
-----------------------
The articles and information appearing herein are intended for educational and non-commercial purposes to promote discussion of research in the public interest. The views, opinions, and/or findings and recommendations contained in this summary are those of the original authors and should not be construed as an official position, policy, or decision of the United States Government, U.S. Department of the Army, or U.S. Army Strategic Command.
ARSTRAT IO Newsletter on
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related searches
- school home page elementary
- xfinity home page install
- xfinity home page internet explorer
- fwisd home page for students
- xfinity home page or homepage
- xfinity home page and toolbar
- xfinity home page install for windows 10
- xfinity comcast home page website
- xfinity home page official windows 10
- comcast home page official site
- make xfinity my home page windows 10
- comcast xfinity home page email