The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

Recognition of this urgent and grave matter is finally receiving recognition by the mainstream media. Chinese microchips have been planted within every facet of U.S. life, from the military to household PC components, as well as everyday appliances such as irons and microwaves.

Further information previously archived on Global Geopolitics can be found within the following previous posts:

The Secret Ways of Chinese Telecom Giant Huawei (2013)

Security backdoor found in China-made US military chip (2012)

 

Click for a larger animated version. (Illustrator: Scott Gelber for Bloomberg Businessweek)

 

The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.

In 2015, Amazon.com Inc. began quietly evaluating a startup called Elemental Technologies, a potential acquisition to help with a major expansion of its streaming video service, known today as Amazon Prime Video. Based in Portland, Ore., Elemental made software for compressing massive video files and formatting them for different devices. Its technology had helped stream the Olympic Games online, communicate with the International Space Station, and funnel drone footage to the Central Intelligence Agency. Elemental’s national security contracts weren’t the main reason for the proposed acquisition, but they fit nicely with Amazon’s government businesses, such as the highly secure cloud that Amazon Web Services (AWS) was building for the CIA. Continue reading →

Airlines Can’t Wing It Anymore Against Hackers

‘We have to get the budget out there to stay ahead of this because otherwise it’s gonna have a major impact’

The Israeli military made (air)waves last week when it announced that it was installing cyber defenses on its F-35 jets. While this may seem like a futuristic concept, it’s actually long overdue from an online security standpoint.

“Bad actors were already doing bad things on the internet before the military caught up with technology,” Richard Blech, founder and CEO of the cybersecurity firm Secure Channels, told the Observer. Continue reading →

A Cyberattack Has Paralyzed a Los Angeles Hospital

Hospitals have little or no safeguards against this threat and it’s sadly just a matter of time before they start manipulating patient dosages at pharmacies or taint hospital food at production plants.

 

 

Doctors have been locked out of patient records for more than a week by hackers who are demanding money to release the data.

A hospital in Los Angeles has been operating without access to email or electronic health records for more than a week, after hackers took over its computer systems and demanded millions of dollars in ransom to return it.

The hackers that broke into the Hollywood Presbyterian Medical Center’s servers are asking for $3.6 million in Bitcoin, a local Fox News affiliate reported. Hospital staff are working with investigators from the Los Angeles Police Department and the FBI to find the intruders’ identities. Continue reading →

The biggest heist of secret US personnel data in cyber history is still ongoing

As was mentioned just the other day, all U.S. intelligence agencies have been compromised in addition to all other government entities that were attacked.

 

The White House has admitted that systems containing deeply personal information, submitted by current, former and prospective federal government employees for security clearances, had been “exfiltrated.” If the breach of the Office of Personnel Management (OPM) was conducted by hackers linked to China, as suspected, access to the Standard Form 86 submitted by an estimated 41 million federal employees provided them with what may be the world’s largest stolen data base of US intelligence and military personnel.

This is a “gold mine” of unencrypted data that leave US intelligence officers, for example, open to blackmail or coerced recruitment.

While officials speak of two hacks, debkafile’s cyber security and intelligence experts report that it was a single breach and is still ongoing. Known to experts as an “Advanced Persistent Threat,” it amounts to slow, continuous penetration by a computer virus, planted in an individual computer of a network which duplicates itself gradually and insidiously. Continue reading →

Cyberwarfare Threat To Nuclear, Banking and Financial System

Indeed, our modern western financial and banking system with its massive dependency on single interface websites, servers and the internet faces serious risks that few analysts have yet to appreciate and evaluate.We previously referred to Russian Prime Minister Medvedev’s allusion to cyber warfare when he stated the Russia’s response to U.S. attempts to have it locked out of the SWIFT system that the Russian response “economically and otherwise – will know no limits.”

Dormant malware, apparently of Russian origin had previously been discovered buried in the software that runs the Nasdaq stock exchange according to Bloomberg.

Given that a military confrontation is not desired by Russia it is likely that cyber-warfare will be part of Russian arsenal in any confrontation with the U.S. and NATO countries. Continue reading →

Inside TAO: Documents Reveal Top NSA Hacking Unit

For more on SCADAs, please see the following previous posts:

Exclusive: Cyberattack leaves natural gas pipelines vulnerable to sabotage

UPDATE 3: U.S. probes cyber attack on water system

Security backdoor found in China-made US military chip

 

The NSA’s TAO hacking unit is considered to be the intelligence agency’s top secret weapon. It maintains its own covert network, infiltrates computers around the world and even intercepts shipping deliveries to plant back doors in electronics ordered by those it is targeting.

In January 2010, numerous homeowners in San Antonio, Texas, stood baffled in front of their closed garage doors. They wanted to drive to work or head off to do their grocery shopping, but their garage door openers had gone dead, leaving them stranded. No matter how many times they pressed the buttons, the doors didn’t budge. The problem primarily affected residents in the western part of the city, around Military Drive and the interstate highway known as Loop 410. Continue reading →

This Is Not a Test: Emergency Broadcast Systems Proved Hackable

As was written in a book ahead of it’s time (1987), “Spetsnaz. The Story Behind the Soviet SAS”, has now come to fruition.

The following is a sample from the book:

I do not know how or when World War Three will start. I do not know exactly how the Soviet high command plans to make use of spetsnaz in that war: the first world war in which spetsnaz will be a major contributor. I do not wish to predict the future. In this chapter I shall describe how spetsnaz will be used at the beginning of that war as I imagine it. It is not my task to describe what will happen. But I can describe what might happen.

The last month of peace, as in other wars, has an almost palpable air of crisis about it. Incidents, accidents, small disasters add to the tension. Two trains collide on a railway bridge in Cologne because the signalling system is out of order. The bridge is seriously damaged and there can be no traffic over it for the next two months.

…

On 12 August, at 0558 local time, a van comes to a halt on the vast empty parking lot in front of a supermarket in Washington. Three men open the doors of the van, roll out the fuselage of a light aircraft and attach its wings. A minute later its motor bursts into life. The plane takes off and disappears into the sky. It has no pilot. It is controlled by radio with the aid of very simple instruments, only slightly more complicated than those used by model aircraft enthusiasts. The plane climbs to about 200 metres and immediately begins to descend in the direction of the White House. A minute later a mighty explosion shakes the capital of the United States. The screaming of sirens on police cars, fire engines and ambulances fills the city.

Three minutes later a second plane sweeps across the centre of the city and there is a second explosion in the place where the White House once stood. The second plane has taken off from a section of highway under construction, and has a quite different control system. Two cars with radio beacons in them have been left earlier in the middle of the city. The beacons have switched on automatically a few seconds before the plane’s take-off. The automatic pilot is guided by the two beacons and starts to descend according to a previously worked-out trajectory. The second plane has been sent off by a second group operating independently of the first one.

It was a simple plan: if the first plane did not destroy the White House the second would. If the first plane did destroy the White House then a few minutes later all the heads of the Washington police would be near where the explosion had taken place. The second plane would kill many of them.

At 0606 all radio and television channels interrupt their normal programmes and report the destruction of the White House and the possible death of the President of the United States.

At 0613 the programme known as Good Morning America is interrupted and the Vice-President of the USA appears. He announces a staggering piece of news: there has been an attempt to seize power in the country on the part of the leaders of the armed forces. The President of the United States has been killed. The Vice-President appeals to everyone in the armed forces to remain where they are and not to carry out any orders from senior officers for the next twenty-four hours, because the orders would be issued by traitors shortly to be removed from their posts and arrested.

Soon afterwards many television channels across the country cease transmitting….

Article:

Several models of Emergency Alert System decoders, used to break into TV and radio broadcasts to announce public safety warnings, have vulnerabilities that would allow hackers to hijack them and deliver fake messages to the public, according to an announcement by a security firm on Monday.

The vulnerabilities included a private root SSH key that was distributed in publicly available firmware images that would have allowed an attacker with SSH access to a device to log in with root privileges and issue fake alerts or disable the system. Continue reading →