Foreign States Preparing Cyber Attacks on Infrastructure in Future War

National Security Agency Director Mike Rogers / Getty Images

 

Rogers awaiting new Trump cyber policy

Foreign nations’ cyber intrusions into key infrastructure network are preparation for damaging attacks in a future conflict, the commander of Cyber Command told Congress Tuesday.

Adm. Mike Rogers, the commander who is also director of the National Security Agency, said one of his major concerns is cyber attacks on critical infrastructures used to run the electric grid, financial systems, communications networks, the transportation systems, and others. Continue reading →

FBI Warns of Cyber Threat to Electric Grid

DHS intel report downplayed cyber threat to power grid

Three months after a Department of Homeland Security intelligence report downplayed the threat of a cyber attack against the U.S. electrical grid, DHS and the FBI began a nationwide program warning of the dangers faced by U.S. utilities from damaging cyber attacks like the recent hacking against Ukraine’s power grid.

The nationwide campaign by DHS and the FBI began March 31 and includes 12 briefings and online webinars for electrical power infrastructure companies and others involved in security, with sessions in eight U.S. cities, including a session next week in Washington. Continue reading →

Intel Assessment: Weak Response to Breaches Will Lead to More Cyber Attacks

“Response” is exactly what’s allowing this to happen. It’s the culture of reactionary ‘patch and pray” that continues to be the industry norm instead of proactive defense that is the issue. Reactionary means only reacting, therefore you have to wait for something to happen.

 

Obama administration’s diplomatic, legal response is encouraging more cyber attacks

The United States will continue to suffer increasingly damaging cyber attacks against both government and private sector networks as long as there is no significant response, according to a recent U.S. intelligence community assessment.

Disclosure of the intelligence assessment, an analytical consensus of 16 U.S. spy agencies, comes as the Obama administration is debating how to respond to a major cyber attack against the Office of Personnel Management. Sensitive records on 22.1 million federal workers, including millions cleared for access to secrets, were stolen by hackers linked to China’s government. Continue reading →

Iran Rapidly Building Cyber Warfare Capabilities

Highlighted in teal below is a perfect example of grey terror during the ‘overture’ phase, as described in Soviet defector Viktor Suvorov’s book “Spetsnaz. The Story Behind the Soviet SAS” in chapter 15, Spetsnaz’s First World War.

Here’s a lengthy exerpt:

In Washington, as the President’s helicopter is taking off, several shots are fired at it from sniper’s rifles. The helicopter is only slightly damaged and the crew succeed in bringing it down again safely. No one in the craft is hurt. Responsibility for the attack is claimed by a previously unknown organisation calling itself ‘Revenge for Vietnam’.

There is a terrorist explosion at Vienna airport.

A group of unidentified men attack the territory of the British military base in Cyprus with mortars.

A serious accident takes place on the most important oil pipeline in Alaska. The pumping stations break down and the flow of oil falls to a trickle.

In West Germany there are several unsuccessful attempts on the lives of American generals.

In the North Sea the biggest of the British oil rigs tips over and sinks. The precise reason for this is not established, although experts believe that corrosion of main supports is the culprit.

In the United States an epidemic of some unidentified disease breaks out and spreads rapidly. It seems to affect port areas particularly, such as San Francisco, Boston, Charleston, Seattle, Norfolk and Philadelphia.

There are explosions practically every day in Paris. The main targets are the government districts, communication centres and military headquarters. At the same time terrible forest fires are raging in the South of France.

All these operations — because of course none of these events is an accident — and others like them are known officially in the GRU as the ‘preparatory period’, and unofficially as the ‘overture’. The overture is a series of large and small operations the purpose of which is, before actual military operations begin, to weaken the enemy’s morale, create an atmosphere of general suspicion, fear and uncertainty, and divert the attention of the enemy’s armies and police forces to a huge number of different targets, each of which may be the object of the next attack.

The overture is carried by agents of the secret services of the Soviet satellite countries and by mercenaries recruited by intermediaries. The principal method employed at this stage is ‘grey terror’, that is, a kind of terror which is not conducted in the name of the Soviet Union. The Soviet secret services do not at this stage leave their visiting cards, or leave other people’s cards. The terror is carried out in the name of already existing extremist groups not connected in any way with the Soviet Union, or in the name of fictitious organisations.

The GRU reckons that in this period its operations should be regarded as natural disasters, actions by forces beyond human control, mistakes committed by people, or as terrorist acts by organisations not connected with the Soviet Union.

The terrorist acts carried out in the course of the ‘overture’ require very few people, very few weapons and little equipment. In some cases all that may be needed is one man who has as a weapon nothing more than a screwdriver, a box of matches or a glass ampoule. Some of the operations can have catastrophic consequences. For example, an epidemic of an infectious disease at seven of the most important naval bases in the West could have the effect of halving the combined naval might of the Soviet Union’s enemies.

 

Cyber attacks on banks, casino highlight growing threat

…

“Iranian hackers have been suspected in multiple incidents that inflicted damage on various entities in the private sector, including finance and energy firms,” according to the five-page report, “Pistachios and Saffron: Investigating the Iranian Cyber Threat.”

“Current analysis indicates Iran may intend to use its growing cyber force to attack global critical infrastructure,” the report added.

Once limited to website defacements and other less damaging attacks, Tehran’s hacker forces are now capable of using customized malicious software designed for use against specific victims. Continue reading →