Cyberwar?

[Unkotare]

It seems most likely that North Korea was behind the recent cyberattack on South Korean computer systems. What cyber-retaliation (or physical retaliation) should be pursued if any?

 

[waltky]

Granny says it's dem hackers muckin' with the interweb...

Global internet slows after 'biggest attack in history'
27 March 2013 - The internet around the world has been slowed down in what security experts are describing as the biggest cyber-attack of its kind in history.

A row between a spam-fighting group and hosting firm has sparked retaliation attacks affecting the wider internet. It is having an impact on popular services like Netflix - and experts worry it could escalate to affect banking and email systems. Five national cyber-police-forces are investigating the attacks. Spamhaus, a group based in both London and Geneva, is a non-profit organisation which aims to help email providers filter out spam and other unwanted content. To do this, the group maintains a number of blocklists - a database of servers known to be being used for malicious purposes.

Recently, Spamhaus blocked servers maintained by Cyberbunker, a Dutch web host which states it will host anything with the exception of child pornography or terrorism-related material. Sven Olaf Kamphuis, who claims to be a spokesman for Cyberbunker, said, in a message, that Spamhaus was abusing its position, and should not be allowed to decide "what goes and does not go on the internet". Spamhaus has alleged that Cyberbunker, in cooperation with "criminal gangs" from Eastern Europe and Russia, is behind the attack. Cyberbunker has not responded to the BBC's request for comment.

'Immense job'

Steve Linford, chief executive for Spamhaus, told the BBC the scale of the attack was unprecedented. "We've been under this cyber-attack for well over a week. "But we're up - they haven't been able to knock us down. Our engineers are doing an immense job in keeping it up - this sort of attack would take down pretty much anything else." Mr Linford told the BBC that the attack was being investigated by five different national cyber-police-forces around the world. He claimed he was unable to disclose more details because the forces were concerned that they too may suffer attacks on their own infrastructure.

The attackers have used a tactic known as Distributed Denial of Service (DDoS), which floods the intended target with large amounts of traffic in an attempt to render it unreachable. In this case, Spamhaus's Domain Name System (DNS) servers were targeted - the infrastructure that joins domain names, such as bbc.co.uk, the website's numerical internet protocol address. Mr Linford said the attack's power would be strong enough to take down government internet infrastructure. "If you aimed this at Downing Street they would be down instantly," he said. "They would be completely off the internet." He added: "These attacks are peaking at 300 gb/s (gigabits per second). "Normally when there are attacks against major banks, we're talking about 50 gb/s."

Clogged-up motorway

 

[Circe]

Thanx for this notice to us -- my husband sent it to me earlier today. The Internet has been wonky for DAYS for me. Yahoo just awful and other sites problematic to get to.

There is going to be more and more of this till some severe penalties and/or better protection is worked out.

 

[Antares]

Everything in our power should be used to shut them down.

That fat little pot bellied pig needs to be taken down a peg or two.

 

[waltky]

Incoming!...

‘Bazooka’ attacks slowing Internet: security experts
Fri, Mar 29, 2013 - A “bazooka” cyberattack described as the most powerful ever seen has slowed traffic on the Internet, security experts said on Wednesday, raising fresh concerns over online security.

The attacks targeted Spamhaus, a Geneva-based volunteer group that publishes spam blacklists used by networks to filter out unwanted e-mail, and led to cyberspace congestion that may have affected the Internet overall, according to Matthew Prince of the US security firm CloudFlare. The attacks began last week, according to Spamhaus, after it placed on its blacklist the Dutch-based Web hosting site Cyberbunker, which claimed it was unfairly labeled as a haven for cybercrime and spam. The origin of the attacks has not yet been identified, but a BBC report said Spamhaus alleged that Cyberbunker, in cooperation with “criminal gangs” from Eastern Europe and Russia, was behind the attack. The New York Times quoted Sven Olaf Kamphuis, who claimed to be a spokesman for the attackers, as saying that Cyberbunker was retaliating against Spamhaus for “abusing their influence.”

However, Kamphuis told the Russian news site RT that Cyberbunker was just one of several Web firms involved, protesting what he called Spamhaus’ bullying tactics. “Spamhaus have pissed off a whole lot of people over the past few years by blackmailing ISPs [Internet service providers] and carriers into disconnecting clients without court orders or legal process whatsoever,” he said. “At this moment, we are not even conducting any attacks... it’s now other people attacking them,” he said.

CloudFlare, which was called for assistance by Spamhaus, said the attackers changed tactics after the first layer of protection was implemented last week. “Rather than attacking our customers directly, they started going after the network providers CloudFlare uses for bandwidth,” Prince said. “Once the attackers realized they couldn’t knock CloudFlare itself offline ... they went after our direct peers,” he said. Prince said the so-called distributed denial of service attack (DDoS), which essentially bombards sites with traffic in an effort to disrupt, was “one of the largest ever reported.”

Over the last few days, he added: “We’ve seen congestion across several major Tier 1 [networks], primarily in Europe, where most of the attacks were concentrated, that would have affected hundreds of millions of people even as they surfed sites unrelated to Spamhaus or CloudFlare.” “If the Internet felt a bit more sluggish for you over the last few days in Europe, this may be part of the reason why,” Prince said in a blog post called “The DDoS That Almost Broke the Internet.” Prince said these attacks used tactics different than the “botnets” — these came from so-called “open resolvers” that “are typically running on big servers with fat pipes.” “They are like bazookas and the events of the last week have shown the damage they can cause,” he said. “What’s troubling is that, compared with what is possible, this attack may prove to be relatively modest.”

MORE

See also:

US restricts Chinese technology purchases
Fri, Mar 29, 2013 - AP, WASHINGTON : The US has taken its first real swipe at China following accusations that the Beijing government is behind a widespread and systemic hacking campaign targeting US businesses.

Buried in a spending bill signed by US President Barack Obama on Tuesday is a provision that effectively bars much of the US government from buying information technology made by companies linked to the Chinese government. It is unclear what impact the legislation will have, or whether it will turn out to be a symbolic gesture. The provision only affects certain non-defense government agency budgets between now and Sept. 30, when the fiscal year ends. It also allows for exceptions if an agency head determines that buying the technology is “in the national interest of the United States.”

Still, the rule could upset US allies whose businesses rely on Chinese manufacturers for parts and pave the way for broader, more permanent changes in how the US government buys technology. “This is a change of direction,” said former US Homeland Security Department official Stewart Baker, now with the legal firm Steptoe and Johnson in Washington. “My guess is we’re going to keep going in this direction for a while,” he said. Earlier this month, the US computer security firm Mandiant released details on what it said was an aggressive hacking campaign on US businesses by a Chinese military unit. Since then, US Treasury Secretary Jack Lew has used high-level meetings with Beijing officials to press the matter. Beijing has denied the allegations.

Congressional leaders have promised to push legislation that would make it easier for industry to share threat data with the government. However, those efforts have been bogged down amid concerns that too much of US citizens’ private information could end up in the hands of the federal government. As Congress and privacy advocates debate a way ahead, lawmakers tucked “section 516” into the latest budget resolution, which enables the government to pay for day-to day operations for the rest of the fiscal year. The provision specifically prohibits the US Commerce and Justice departments, NASA and the National Science Foundation from buying an information technology system that is “produced, manufactured or assembled” by any entity that is “owned, operated or subsidized” by the People’s Republic of China.

The agencies can only acquire the technology if, in consulting with the FBI, they determine that there is no risk of “cyberespionage or sabotage associated with the acquisition of the system,” according to the legislation. Last year, Ruppersberger and US House Intelligence Committee Chairman Mike Rogers, a Republican, released a report urging US companies and government agencies to drop any business with Chinese telecommunications companies Huawei Technologies Ltd and ZTE Corp because of the security risks they pose. However, a blanket prohibition on technology linked to the Chinese government may be easier said than done. Information systems are often a complicated assembly of parts manufactured by different companies around the globe. Investigating where each part came from, and if that part is made by a company that could have ties to the Chinese government could be difficult.

http://www.taipeitimes.com/News/world/archives/2013/03/29/2003558301

 

[waltky]

Granny says dem Chinamens been peekin' at her comin' outta the shower with dey's webcams...

Military grooms new officers for war in cyberspace
26 Apr.`13 - The U.S. service academies are ramping up efforts to groom a new breed of cyberspace warriors to confront increasing threats to the nation's military and civilian computer networks that control everything from electrical power grids to the banking system.

Students at the Army, Navy and Air Force academies are taking more courses and participating in elaborate cyberwarfare exercises as the military educates a generation of future commanders in the theory and practice of computer warfare. The academies have been training cadets in cyber for more than a decade. But the effort has taken on new urgency amid warnings that hostile nations or organizations might be capable of crippling attacks on critical networks. James Clapper, director of national intelligence, called cyberattack the top threat to national security when he presented the annual Worldwide Threat Assessment to Congress this month. "Threats are more diverse, interconnected, and viral than at any time in history," his report stated. "Destruction can be invisible, latent, and progressive."

China-based hackers have long been accused of cyber intrusions, and earlier this year the cybersecurity firm Mandiant released a report with new details allegedly linking a secret Chinese military unit to years of cyberattacks against U.S. companies. This year, The New York Times, The Wall Street Journal and The Washington Post all reported breaches in their computer systems and said they suspected Chinese hackers. China denies carrying out cyberattacks. On Tuesday, hackers compromised Associated Press Twitter accounts and sent out a false tweet. AP quickly put out word that the report was false and that its accounts had been hacked. AP's accounts were shut down until the problem was corrected.

Martin Carlisle, standing, a computer science professor at the Air Force Academy and director of the school's Center for Cyberspace Research, instructs cadets in cyber warfare, at the U.S. Air Force Academy, in Colorado Springs, Colo. The U.S. service academies are ramping up efforts to groom a new breed of cyberspace warriors to confront increasing threats to the nation’s military and civilian computer networks that control everything from electrical power grids to the banking system.

Once viewed as an obscure and even nerdy pursuit, cyber is now seen as one of the hottest fields in warfare _ "a great career field in the future," said Ryan Zacher, a junior at the Air Force Academy outside Colorado Springs, Colo., who switched from aeronautical engineering to computer science. Last year the U.S. Naval Academy in Annapolis, Md., began requiring freshmen to take a semester on cybersecurity, and it is adding a second required cyber course for juniors next year. The school offered a major in cyber operations for the first time this year to the freshman class, and 33 midshipmen, or about 3 percent of the freshmen, signed up for it. Another 79 are majoring in computer engineering, information technology or computer science, bringing majors with a computer emphasis to about 10 percent of the class. "There's a great deal of interest, much more than we could possibly, initially, entertain," said the academy's superintendent, Vice Adm. Michael Miller.

Since 2004, the Air Force Academy has offered a degree in computer science-cyberwarfare _ initially called computer science-information assurance _ that requires cadets to take courses in cryptology, information warfare and network security in addition to standard computer science. The academy is retooling a freshman computing course so that more than half its content is about cyberspace, and is looking into adding another cyber course. "All of these cadets know that they are going to be on the front lines defending the nation in cyber," said Martin Carlisle, a computer science professor at the Air Force Academy and director of the school's Center for Cyberspace Research.

MORE

 

[waltky]

Obama ain't gonna put up with dem hackers hackin' into our interweb...

Leaked document shows Obama efforts to expand cyberwarfare preparation
June 7th, 2013 > President Barack Obama has directed senior national security leadership to prepare a list of targets for potential cyberattacks, according to a "Top Secret" document published Friday by the British newspaper The Guardian.

The classified document marks the third time in three days that highly sensitive government information has been leaked to The Guardian. The latest document, called Presidential Policy Directive/PPD-20, is marked "TOP SECRET/NOFORN" which means it is not to be shared with foreign nationals. CNN could not independently verify the directive but it appears in the same format as other government directive documents. "Top Secret" material is highly sensitive but it is not the highest level of classification in the government. The presidential directive orders the federal government to "identify potential targets" for "offensive" cyberoperations - essentially cyberattacks. Under U.S. law, presidential approval is required for all cyberoperations. In the event an attack is ordered, the president would specifically approve that use of force and troops specializing in cyberoperation, a senior Pentagon official told CNN.

The document spells out what has been known in far less detail until now - that the United States is increasingly developing cyberwarfare capability. The leaked directive follows other presidential orders dating back to 1990. It was the growing concern about cyber vulnerabilities and cyberattack that led the Pentagon several years ago to establish the U.S. Cyber Command, a military unit specifically devoted to both using the military to defend against cyberattacks on U.S. targets, and developing the capability to launch cyberattacks on targets. There is also extensive cooperation with industry because of the need to protect civilian infrastructure such as power grids, pipelines and transportation networks. The cyber realm remains one of the most sensitive areas for the U.S. military. "We have developed a full range of capabilities to operate in the cyber-domain," the senior Pentagon official said. "But we are not going to talk about it." He emphasized the "same rules of engagement" apply in cyberattacks as with other targets the U.S. military might strike.

But in cyberattacks, there also is a unique need to assess the possibility of civilian damage because an attack to disable a computer network could have widespread, perhaps unintended, consequences beyond an initial military cybertarget. Details of the capabilities are closely held. The leak, though revealing, will likely not raise the alarm of Americans compared to the previous disclosure in The Guardian of a secret court order to Verizon to turn over its complete phone records for calls within the United States and overseas. Similarly, a top-secret document disclosed to The Guardian and the Washington Post on Thursday suggested the U.S. government was tapping directly into the servers of major U.S. Internet companies including Google and Facebook to intercept e-mails, videos, photos and other data flowing through the United States.

Both newspapers wrote the program was done with the cooperation of nine companies, most of whom adamantly denied any knowledge of the secretive program. The Obama administration, including the president, insisted the program was legal, limited solely to hunting down information related to seeking out terrorists overseas, and was not seeking data on Americans. On Thursday, the director of national intelligence called the leaks "reprehensible" and said the situation "threatens potentially long-lasting and irreversible harm" to efforts to defend the country. The Washington Post described the source who provided the documents on the Internet surveillance program as "a career intelligence officer" who sought to "expose what he believes to be a gross intrusion on privacy."

Source

 

[waltky]

History's First Known Cyber-War...

Silent War
10 June`13 > Michael Joseph Gross’s “Enter the Cyber-dragon,” as he examines the slow cyber-war that the American government—and a loose network of private hackers—is waging against China.

On the hidden battlefields of history’s first known cyber-war, the casualties are piling up. In the U.S., many banks have been hit, and the telecommunications industry seriously damaged, likely in retaliation for several major attacks on Iran. Washington and Tehran are ramping up their cyber-arsenals, built on a black-market digital arms bazaar, enmeshing such high-tech giants as Microsoft, Google, and Apple. With the help of highly placed government and private-sector sources, Michael Joseph Gross describes the outbreak of the conflict, its escalation, and its startling paradox: that America’s bid to stop nuclear proliferation may have unleashed a greater threat.

I. Battlespace

Their eyeballs felt it first. A wall of 104-degree air hit the cyber-security analysts as they descended from the jets that had fetched them, on a few hours’ notice, from Europe and the United States. They were in Dhahran, in eastern Saudi Arabia, a small, isolated city that is the headquarters of the world’s largest oil company, Saudi aramco. The group included representatives of Oracle, IBM, CrowdStrike, Red Hat, McAfee, Microsoft, and several smaller private firms—a SWAT dream team for the virtual realm. They came to investigate a computer-network attack that had occurred on August 15, 2012, on the eve of a Muslim holy day called Lailat al Qadr, “the Night of Power.” Technically the attack was crude, but its geopolitical implications would soon become alarming.

SILICON VOLLEYS - There’s no shooting—just clicking. The cyber-conflict between the United States (and its allies) and Iran (and its allies) is changing the definition of warfare.

The data on three-quarters of the machines on the main computer network of Saudi aramco had been destroyed. Hackers who identified themselves as Islamic and called themselves the Cutting Sword of Justice executed a full wipe of the hard drives of 30,000 aramco personal computers. For good measure, as a kind of calling card, the hackers lit up the screen of each machine they wiped with a single image, of an American flag on fire.

A few technical details of the attack eventually emerged into the press. Aboard the U.S.S. Intrepid, in New York Harbor, Defense Secretary Leon Panetta told a group of C.E.O.’s that the aramco hack was “probably the most destructive attack that the private sector has seen to date.” Technical experts conceded the attack’s effectiveness but scorned its primitive technique. “It wrote over memory five, six times,” one hacker told me. “O.K., it works, but it’s not sophisticated.” Even so, many current and former government officials took account of the brute force on display and shuddered to think what might have happened if the target had been different: the Port of Los Angeles, say, or the Social Security Administration, or O’Hare International Airport. Holy shit, one former national-security official recalls thinking—pick any network you want, and they could do this to it. Just wipe it clean.

More The Changing and Terrifying Nature of the New Cyber-Warfare | Vanity Fair

 

[waltky]

Cyber-operations hidden in 'black budget'...

'Black budget' details a war in cyberspace
September 2, 2013 WASHINGTON — U.S. intelligence services carried out 231 offensive cyber-operations in 2011, the leading edge of a clandestine campaign that embraces the Internet as a theater of spying, sabotage and war, according to top-secret documents obtained by The Washington Post.

That disclosure, in a classified intelligence budget provided by NSA leaker Edward Snowden, provides new evidence that the Obama administration's growing ranks of cyberwarriors infiltrate and disrupt foreign computer networks. Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed "covert implants," sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers into the millions.

The documents provided by Snowden and interviews with former U.S. officials describe a campaign of computer intrusions that is far broader and more aggressive than previously understood. The Obama administration treats all such cyber-operations as clandestine and declines to acknowledge them. The scope and scale of offensive operations represent an evolution in policy, which in the past sought to preserve an international norm against acts of aggression in cyberspace, in part because U.S. economic and military power depend so heavily on computers. "The policy debate has moved so that offensive options are more prominent now," said former deputy defense secretary William J. Lynn III, who has not seen the budget document and was speaking generally. "I think there's more of a case made now that offensive cyberoptions can be an important element in deterring certain adversaries."

Of the 231 offensive operations conducted in 2011, the budget said, nearly three-quarters were against top-priority targets, which former officials say includes adversaries such as Iran, Russia, China and North Korea and activities such as nuclear proliferation. The document provided few other details about the operations. Stuxnet, a computer worm reportedly developed by the United States and Israel that destroyed Iranian nuclear centrifuges in attacks in 2009 and 2010, is often cited as the most dramatic use of a cyberweapon. Experts said no other known cyberattacks carried out by the United States match the physical damage inflicted in that case. U.S. agencies define offensive cyber-operations as activities intended "to manipulate, disrupt, deny, degrade, or destroy information resident in computers or computer networks, or the computers and networks themselves," according to a presidential directive issued in October 2012.

Most offensive operations have immediate effects only on data or the proper functioning of an adversary's machine: slowing its network connection, filling its screen with static or scrambling the results of basic calculations. Any of those could have powerful effects if they caused an adversary to botch the timing of an attack, lose control of a computer or miscalculate locations. U.S. intelligence services are making routine use around the world of government-built malware that differs little in function from the "advanced persistent threats" that U.S. officials attribute to China. The principal difference, U.S. officials told The Post, is that China steals U.S. corporate secrets for financial gain. "The Department of Defense does engage" in computer network exploitation, according to an emailed statement from an NSA spokesman, whose agency is part of the Defense Department. "The department does ***not*** engage in economic espionage in any domain, including cyber."

MORE

 

[waltky]

On-the-job-training offered to service members...

Wanted: Cyberwarriors, no experience or knowledge necessary
March 29, 2014 ~ To meet manning requirements for cyber warfare that will skyrocket in the coming years, the Pentagon will focus on recruiting and training people already in uniform, even those without any cyber background or knowledge, defense officials said Friday.

“Our nation’s reliance on cyberspace outpaces our cybersecurity,” Secretary of Defense Chuck Hagel said Friday at Fort Meade, Md., during the retirement ceremony for Gen. Keith Alexander, the outgoing commander of U.S. Cyber Command. The Defense Department currently has about 1,800 people in its Cyber Mission Force. That number is scheduled to jump to 6,000 by the end of 2016, according to DOD. There are currently 17 teams engaged in cyber operations, and the Pentagon wants to field 133 of those teams by the end of fiscal 2016, Alexander said in written testimony to a House Armed Services subcommittee earlier this month.

To meet these ambitious goals, DOD wants to recruit people who are already in the military to fill these new positions. “We spent a lot of time in the last two years in particular figuring out what that [recruiting] model would be. Initially sometimes people will think about recruiting highly skilled people from the outside, and that is one option … But quite honestly, the way we’re going to be most successful is using people within the force [including those with no cyber background] and giving them the training,” a senior defense official told reporters Friday.

The official, speaking on condition of anonymity because he was not authorized to speak on the record, noted that many cyber experts in Silicon Valley would have to give up jobs that pay hundreds of thousands of dollars a year to come work for CYBERCOM. The official said DOD has already had success in building its cyberforce from the inside. “There’s no question that you can train people up to be elite cyber operators. And we now — driven by the services — have processes in place in the department where they will identify people who have the right mix of aptitude, fire in the belly, and desire to kind of reinvent themselves, and put them through a training pipeline that ends up resulting in us having highly trained operators … We’ve already seen, you know, hundreds of cases in which there were people who didn’t know anything about cyber at all [but] we’ve reinvented them and reformed them into something where they’re part of the elite force,” according to the official.

Hagel cited the case of Petty Officer 1st Class Chase Hardison as an example of this phenomenon. Four years ago, Hardison was a machinist’s mate serving on the USS Theodore Roosevelt aircraft carrier. But after talking with his wife about his future career path, Hardison signed up for a cyber course in Pensacola, Fla., and he’s now an ‘Interactive Operator’ at CYBERCOM, Hagel told the audience at the retirement ceremony. “[Hardison] was a machinist, which is not one of the most highly skilled people in the workforce. But [he] had the aptitude and, more importantly, he had the desire to reinvent himself, and he’s now one of the most elite cyber operators within CYBERCOM,” the anonymous official told reporters while previewing Hagel’s speech.

Hagel emphasized the financial benefits that cyber training can bring for servicemembers after they leave the military, and said it should be used as an inducement to get more troops into the cyber ranks. “[Harrison] knows he’ll have great options and opportunities when he’s ready to leave the Navy,” Hagel said. “To continue recruiting and retaining talent ... we must build rewarding, long-term cyber career paths. Our military must enable our [people] to reinvent themselves for life in and beyond their service.” Hagel said building the cyber force will remain one of DOD’s top priorities going forward.

Wanted: Cyberwarriors, no experience or knowledge necessary - News - Stripes

See also:

Pentagon to triple cyber staff to thwart attacks
Mar 28,`14: The Pentagon plans to more than triple its cybersecurity staff in the next few years to defend against Internet attacks that threaten national security, Defense Secretary Chuck Hagel said Friday.

Hagel's comments at the National Security Agency headquarters in suburban Washington come as he prepares to vist China next week, where officials are likely to challenge him amid reports of aggressive U.S. cyber spying. "The Department of Defense is on its way to building a modern cyberforce," Hagel said in a speech at the retirement of Gen. Keith Alexander as head of the U.S. Cyber Command and NSA. "This force is enhancing our ability to deter aggression in cyberspace, deny adversaries their objectives, and defend the nation from cyberattacks that threaten our national security."

The Pentagon has been recruiting outside talent for the work as well as encouraging people already in the military to train for the jobs. By 2016, the Pentagon should have 6,000 cyber professionals, Hagel said. That compares to some 1,800 by the end of this year. "Our nation's reliance on cyberspace outpaces our cybersecurity," Hagel said. "Our nation confronts the proliferation of destructive malware and a new reality of steady, ongoing and aggressive efforts to probe, access or disrupt public and private networks, and the industrial control systems that manage our water, and our energy and our food supplies."

He said government and private businesses have a far better grasp of cyber threats than they did a few years ago, thanks in part to Alexander's work as the first commander of Cyber Command. Vice Adm. Mike Rogers, head of the Navy's Cyber Command, is awaiting Senate confirmation for a fourth star to allow him to succeed Alexander at Cyber Command. No confirmation is needed for his appointment as head of the NSA, but officials said Friday that Rogers will not step into either job until the Senate approves him as head of Cyber Command.

Noting President Barack Obama's announcement Thursday on reforms to the government programs that have swept up data on Americans' phone calls, Hagel said: "We will continue to engage in a more open dialogue with the American public." Obama asked Congress on Thursday to end quickly the government's bulk collection of phone records under reforms he hopes will address privacy concerns while preserving the government's ability to fight terrorism. The U.S. accuses China's army and China-based hackers of launching attacks on American industrial and military targets, often to steal secrets or intellectual property. China says it faces a major threat from hackers, and the country's military is believed to be among the biggest targets of the NSA and U.S. Cyber Command. Pending Rogers' confirmation, the current deputies of Cyber Command and the NSA, Lt. Gen. John Davis and Richard Ledgett, respectively, will be in charge.

AP Newswire | Stars and Stripes

 

[waltky]

Uncle Ferd says one day we gonna wake up inna Stone Age with no `lectricity...

Chinese general: Potential cyberwar damage ‘beyond our imagination’
May 31, 2014 ~ A Chinese general called for a ban on the weaponization of cyberspace, but said Saturday at the Shangri-La Dialogue in Singapore that such a ban wouldn’t likely be followed.

The comments from Maj. Gen. Yao Yunzhu, director of the Center for China-America Defense Relations, come following the U.S. Justice Department indictment of five Chinese Army officials for allegedly hacking several U.S. corporate networks. “Human beings by nature would like to apply military operations in any newly found space where human activities become important,” Yao told a room of defense officials and analysts in Singapore, where delegates from about 40 nations have gathered for the weekend. “Damage caused by cyberwar might exceed our imagination. Maybe such urgency can help us to build a consensus on the banning of war in cyberspace altogether, but personally, I’m not optimistic about it.”

In 2013, an Obama administration report accused China of cyberattacks on government networks and defense contractor computers, moves that could potentially outline U.S. “military capabilities that could be exploited during a crisis.” Chinese officials dismissed the accusations as groundless in each case. Part of the problem on agreeing to curbs in cyberattacks lies in the lack of overall bilateral trust between many nations, but most notably the U.S. and China, according to several officials gathered at the annual summit. For example, the United States has repeatedly called on China to be more transparent about its defense spending. When Yao said China’s spending has been 1.3 percent of its gross domestic product, murmurs of disagreement filled the room.

China’s defense spending is believed to be distantly second in the world to the United States, but the totals and details remain murky. The People’s Liberation Army’s extensive holdings in state-owned enterprise further blur the lines between the government’s economic and military goals, officials said. Case in point, the Justice Department cyberespionage indictment alleges that private Chinese firms hired out a Chinese Army cyberattack unit, which had been infecting U.S. corporate databases with viruses since 2006. The U.S. military created the U.S. Cyber Command in 2009 under the U.S. Strategic Command to unify its cyberspace operations.

Chinese general calls potential cyberwar damage ?beyond our imagination? - News - Stripes

 

[waltky]

DoD launches aggressive cyberwar against IS...

Pentagon starts aggressive cyberwar against IS
26 Feb.`16 WASHINGTON (AP) — Not long after Defense Secretary Ash Carter prodded his cyber commanders to be more aggressive in the fight against Islamic State, the U.S. ramped up its offensive cyberattacks on the militant group.

According to several U.S. officials, the attacks are targeting the group's abilities to use social media and the Internet to recruit fighters and inspire followers, U.S. officials told The Associated Press. U.S. officials confirmed that operations launched out of Fort Meade, Maryland, where the U.S. Cyber Command is based, have focused on disrupting the group's online activities. The officials said the effort is getting underway as operators try a range of attacks to see what works and what doesn't. They declined to discuss details, other than to say that the attacks include efforts to prevent the group from distributing propaganda, videos or other types of recruiting and messaging on social media sites such as Twitter, and across the Internet in general.

Other attacks could include attempts to stop insurgents from conducting financial or logistical transactions online. The surge of computer-based military operations by U.S. Cyber Command began shortly after Carter met with commanders at Fort Meade last month. Several U.S. officials spoke about the cyber campaign on condition of anonymity because they were not authorized to discuss it publicly. Much of the effort is classified. Carter mentioned the operations briefly Thursday, telling a House Appropriations subcommittee only that Cyber Command is beginning to conduct operations against the Islamic State group. He declined to say more in a public setting.

The more aggressive attacks come after months of pressure from Carter, who has been frustrated with the belief that the Pentagon — and particularly Cyber Command — was losing the war in the cyber domain. Late last year Carter told cyber commanders they had 30 days to bring him options for how the military could use its cyberwarfare capabilities against the group's deadly insurgency across Iraq and Syria, and spreading to Libya and Afghanistan. Officials said he told commanders that beefing up cyberwarfare against the Islamic State group was a test for them, and that they should have both the capability and the will to wage the online war.

MORE

 

[waltky]

Cyber gonna help re-take Mosul...

Carter's 'Cyberbombs' Part of Plan to Retake Mosul
Feb 29, 2016 | U.S. cyber attacks and more frontline assistance from U.S. troops in non-combat roles than was used in Ramadi will be part of the Iraqi offensive to retake Mosul, Joint Chiefs Chairman Gen. Joseph Dunford said Monday.

Although the battle plan was in its formative stages, "the operations against Mosul have already started," Dunford said at a Pentagon news conference with Defense Secretary Ashton Carter. "In other words, you know, we're isolating Mosul even as we speak," Dunford said, and "it is not something that will happen in the deep, deep future." Dunford said that Iraqi Security Forces (ISF) and their U.S. advisors had moved to a staging area near Makhmour, about 60 miles southeast of Mosul, and U.S. cyber attacks were beginning to disrupt the communications of ISIS commanders in Mosul and their ability to control the militants defending Iraq's second largest city.

Mosul was five times the size of Ramadi in southern Anbar province, which was retaken by the ISF with the backing of U.S. airstrikes, Dunford said, and an offensive to recapture a city of Mosul's size will inevitably require more involvement by U.S. for logistics, supply and bridging operations. Dunford said the U.S. was likely to "do more in Mosul than Ramadi just because of the order of magnitude of the operation up there in Mosul would indicate to me that we would have more U.S. support in Mosul than we did in Ramadi." The ISF has already presented its plan for retaking Mosul to Army Lt. Gen. Sean MacFarland, commander of Combined Joint Task Force-Operation Inherent Resolve and the lead U.S. commander in the region for the campaign against ISIS, Dunford said.

Carter said that U.S. cyber attacks on the Islamic State of Iraq and Syria (ISIS) would be a major part of the operation to disrupt the group's "command and control, to cause them to lose confidence in their networks, to overload their network so that they can't function, and do all of these things that will interrupt their ability to command and control forces there, control the population and the economy." "So this is something that's new in this war," Carter said. In an interview with National Public Radio that aired Sunday, Carter said the cyber attacks were "strikes using cyber essentially as a weapon of war -- just as we drop bombs, there are cyber bombs" that can shut down communications.

At the Pentagon Monday, Carter said "The methods we're using are new" without giving specifics. "Some of them will be surprising" when they eventually become known, Carter said. In the use of cyber against ISIS, "what we're trying to do and I think what the Secretary was getting at is we're trying to make life difficult for (ISIS), and we're trying to stay step ahead of them," Dunford said. "So we're trying to force them to make changes. We're trying to make them -- disrupt their communications, and then we can anticipate some of the adaptations they're going to make and be a step ahead of them, and that's -- that's what we're trying to do," Dunford said.

MORE

See also:

Partner Forces Closing in on Raqqa and Mosul: Carter
Feb 26, 2016 | U.S. airstrikes and gains on the ground by Syrian rebels and Iraqi Security Forces have made major progress in isolating Islamic State strongholds in Iraq and Syria, the top U.S. civilian and uniformed defense officials said Thursday.

Defense Secretary Ashton Carter pointed to the recent offensive by the mostly Kurdish Syrian Democratic Forces backed by the U.S. with airstrikes and U.S. Special Forces in advisory roles on the ground to take back the northeastern Syrian town of Shaddadi. The fall of Shaddadi would "sever the last major northern artery between Raqqa and Mosul," both power centers of the Islamic State of Iraq and Syria (ISIS), Carter said.

Raqqa is the self-proclaimed capital of the "caliphate" in northeastern Syria, and Mosul 200 miles to the east is the largest city controlled by ISIS in Iraq. "This is just the most recent example of how we're effectively enabling and partnering with local forces to help deal ISIL a lasting defeat," Carter added, using another acronym for ISIS.

Joint Chiefs Chairman Gen. Joseph Dunford said Syrian Democratic Forces were "going down now to isolate" Raqqa after the success around Shaddadi. "Four months ago, we did not have momentum" in Iraq and Syria against ISIS, Dunford said. "Today, I can tell you with authority we do have momentum. There's a lot of work left to be done, but the enemy is under great pressure. My assessment is the trajectory is in the right direction," he said.

MORE

 

[waltky]

Granny says, "Dat's right - send in the Nat'l. Guard...

US National Guard may join cyber offence against Islamic State - Carter
6 Mar 2016 - U.S. Defence Secretary Ash Carter said the National Guard's cyber squadrons will play an increasingly important role in assessing the vulnerabilities of U.S. industrial infrastructure and could be asked to join the fight against Islamic State.

U.S. Defence Secretary Ash Carter said the National Guard's cyber squadrons will play an increasingly important role in assessing the vulnerabilities of U.S. industrial infrastructure and could be asked to join the fight against Islamic State. The National Guard - a reserve military force that resides in the states but can be mobilized for national needs - is a key part of the military's larger effort to set up over 120 cyber squadrons to respond to cyber attacks and prevent them. One such unit, the 262nd squadron, is a 101-person team that includes employees of Microsoft Corp and Alphabet Inc's Google. The unit is "famous throughout the country" for several high profile vulnerability assessments, Carter said at the Joint Base Lewis-McChord in Tacoma, Washington late on Friday.

He told reporters the squadron was not currently engaging in offensive cyber missions but could be in the future. "Units like this can also participate in offensive cyber operations of the kind that I have stressed we are conducting, and actually accelerating, in Iraq and Syria, to secure the prompt defeat of ISIL, which we need to do and will do," Carter said. "We're looking for ways to accelerate that, and cyber's one of them."

The 262nd squadron's work includes a study last year on the control system used by Snohomish County Public Utility District in Washington state, which helped the utility strengthen its security, and a 2010 case in which the U.S. Air Force briefly lost contact with 50 Minuteman III intercontinental ballistic missiles. The 2010 assessment cost about US$20,000, much less than the US$150,000 that a private sector company would likely charge, said Lieutenant Colonel Kenneth Borchers, deputy commander of the 252nd Cyber Operations Group, which oversees the 262nd squadron.

Borchers said the squadron is the only National Guard group that currently assesses industrial control systems, but it is now looking to train others. It is also studying the security of big weapons programs, such as the B-52 bomber. Using National Guard units for such work made sense because it allowed the military to benefit from private sector cyber experts, Carter said. "It brings in the high-tech sector in a very direct way to the mission of protecting the country," he told reporters. "And we're absolutely going to do more of it."

US National Guard may join cyber offence against Islamic State - Carter