China’s PLA seeks to bring cyberwarfare units under one roof

Unified command would allow military to create specialised forces as well as give leaders greater control over cyberspies who may be acting on their own, experts say

China’s military chiefs are seeking to unify the country’s cyberwarfare capabilities as they build a modern fighting force that relies less on ground troops.

The plan is part of a broader shift towards a unified military command similar to that of the US to meet President Xi Jinping’s goal of transforming the People’s Liberation Army into a force that can “fight and win modern wars”.

Continue reading

China still trying to hack U.S. firms despite Xi’s vow to refrain, analysts say

Chinese government hackers have attempted in the past few weeks to penetrate the networks of U.S. companies to steal their secrets despite a pledge by China’s president that they would not do so, according to private researchers.

Chinese hackers have targeted at least seven U.S. companies since President Xi Jinping vowed last month in Washington that his country would not conduct cyber-economic espionage — the theft of trade secrets and intellectual property for the benefit of the nation’s industries, according to CrowdStrike, a firm that helps companies track and prevent intrusions.

In the three weeks since Xi left Washington — including the day after he left, on Sept. 26 — hackers linked to the Chinese government have attempted to gain access to tech and pharmaceutical companies’ networks, said Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer, who released a report on the issue Monday. Continue reading

Intel Assessment: Weak Response to Breaches Will Lead to More Cyber Attacks

“Response” is exactly what’s allowing this to happen. It’s the culture of reactionary ‘patch and pray” that continues to be the industry norm instead of proactive defense that is the issue. Reactionary means only reacting, therefore you have to wait for something to happen.

 

Obama administration’s diplomatic, legal response is encouraging more cyber attacks

The United States will continue to suffer increasingly damaging cyber attacks against both government and private sector networks as long as there is no significant response, according to a recent U.S. intelligence community assessment.

Disclosure of the intelligence assessment, an analytical consensus of 16 U.S. spy agencies, comes as the Obama administration is debating how to respond to a major cyber attack against the Office of Personnel Management. Sensitive records on 22.1 million federal workers, including millions cleared for access to secrets, were stolen by hackers linked to China’s government. Continue reading

Iran Rapidly Building Cyber Warfare Capabilities

Highlighted in teal below is a perfect example of grey terror during the ‘overture’ phase, as described in Soviet defector Viktor Suvorov’s book “Spetsnaz. The Story Behind the Soviet SAS” in chapter 15, Spetsnaz’s First World War.

Here’s a lengthy exerpt:

In Washington, as the President’s helicopter is taking off, several shots are fired at it from sniper’s rifles. The helicopter is only slightly damaged and the crew succeed in bringing it down again safely. No one in the craft is hurt. Responsibility for the attack is claimed by a previously unknown organisation calling itself ‘Revenge for Vietnam’.

There is a terrorist explosion at Vienna airport.

A group of unidentified men attack the territory of the British military base in Cyprus with mortars.

A serious accident takes place on the most important oil pipeline in Alaska. The pumping stations break down and the flow of oil falls to a trickle.

In West Germany there are several unsuccessful attempts on the lives of American generals.

In the North Sea the biggest of the British oil rigs tips over and sinks. The precise reason for this is not established, although experts believe that corrosion of main supports is the culprit.

In the United States an epidemic of some unidentified disease breaks out and spreads rapidly. It seems to affect port areas particularly, such as San Francisco, Boston, Charleston, Seattle, Norfolk and Philadelphia.

There are explosions practically every day in Paris. The main targets are the government districts, communication centres and military headquarters. At the same time terrible forest fires are raging in the South of France.

All these operations — because of course none of these events is an accident — and others like them are known officially in the GRU as the ‘preparatory period’, and unofficially as the ‘overture’. The overture is a series of large and small operations the purpose of which is, before actual military operations begin, to weaken the enemy’s morale, create an atmosphere of general suspicion, fear and uncertainty, and divert the attention of the enemy’s armies and police forces to a huge number of different targets, each of which may be the object of the next attack.

The overture is carried by agents of the secret services of the Soviet satellite countries and by mercenaries recruited by intermediaries. The principal method employed at this stage is ‘grey terror’, that is, a kind of terror which is not conducted in the name of the Soviet Union. The Soviet secret services do not at this stage leave their visiting cards, or leave other people’s cards. The terror is carried out in the name of already existing extremist groups not connected in any way with the Soviet Union, or in the name of fictitious organisations.

The GRU reckons that in this period its operations should be regarded as natural disasters, actions by forces beyond human control, mistakes committed by people, or as terrorist acts by organisations not connected with the Soviet Union.

The terrorist acts carried out in the course of the ‘overture’ require very few people, very few weapons and little equipment. In some cases all that may be needed is one man who has as a weapon nothing more than a screwdriver, a box of matches or a glass ampoule. Some of the operations can have catastrophic consequences. For example, an epidemic of an infectious disease at seven of the most important naval bases in the West could have the effect of halving the combined naval might of the Soviet Union’s enemies.

 

Cyber attacks on banks, casino highlight growing threat

“Iranian hackers have been suspected in multiple incidents that inflicted damage on various entities in the private sector, including finance and energy firms,” according to the five-page report, “Pistachios and Saffron: Investigating the Iranian Cyber Threat.”

“Current analysis indicates Iran may intend to use its growing cyber force to attack global critical infrastructure,” the report added.

Once limited to website defacements and other less damaging attacks, Tehran’s hacker forces are now capable of using customized malicious software designed for use against specific victims. Continue reading

NSA veteran chief fears crippling cyber-attack on Western energy infrastructure

The West is losing the worldwide fight against jihadist terrorism and faces mounting risks of a systemic cyber-assault by extremely capable enemies, the former chief of the National Security Agency has warned.

“The greatest risk is a catastrophic attack on the energy infrastructure. We are not prepared for that,” said General Keith Alexander, who has led the US battle against cyber-threats for much of the last decade.

Continue reading

Cyber attackers leaving warning ‘messages’: NSA chief

There’s been concern for quite some time now that Russia has already infected U.S. critical infrastructure with viruses but are yet to be activated and unleashed until there’s a need or the time is right.

 

Attackers hacking into American computer networks appear to be leaving “cyber fingerprints” to send a message that critical systems are vulnerable, the top US cyber-warrior said Thursday.

Admiral Michael Rogers, director of the National Security Agency and head of the Pentagon’s US Cyber Command, made the comments to a US Senate panel as he warned about the growing sophistication of cyber threats. Continue reading

The U.S. government thinks China could take down the power grid

Washington (CNN) — China and “probably one or two other” countries have the capacity to shut down the nation’s power grid and other critical infrastructure through a cyber attack, the head of the National Security Agency told a Congressional panel Thursday.

Admiral Michael Rogers, who also serves the dual role as head of U.S. Cyber Command, said the United States has detected malware from China and elsewhere on U.S. computers systems that affect the daily lives of every American.

“It enables you to shut down very segmented, very tailored parts of our infrastructure that forestall the ability to provide that service to us as citizens,” Rogers said in testimony before the House Intelligence Committee. Continue reading

U.S. Electrical, Financial Networks Mapped for Future Cyber Attacks

Check out the SCADA tags to see more information on how systems can be compromised and diverted or shut down.

 

Critical U.S. infrastructures are being penetrated by foreign states in preparation for devastating future cyber attacks designed to cripple electrical power, communications and financial networks, the commander of the U.S. Cyber Command told Congress on Thursday.

Adm. Mike Rogers, Cybercom chief and director of the National Security Agency, said foreign states have broken into the networks that control industrial systems for a range of what the U.S. government considers 16 critical infrastructures, ranging from electrical power, water, telecommunications and financial systems.

“We have seen instances where we’re observing intrusions into industrial control systems,” Rogers told the House Permanent Select Committee on Intelligence. Continue reading

9/11 Commission Warns US Unprepared For A Possible ‘Cyber-Pearl Harbor’

A decade after releasing its report on U.S. unpreparedness ahead of the Sept. 11, 2001 attacks, the 9/11 Commission has released a new assessment on the growing threat of cyber-terrorism.

“One lesson of the 9/11 story is that, as a nation, Americans did not awaken to the gravity of the terrorist threat until it was too late,” the commission wrote in a new report on the 10th anniversary of the original, which revealed the intelligence failures that led to the hijacking of four planes by Osama bin Laden’s al Qaeda terrorist organization. Continue reading

Syria Facing U.S. Cyber Attacks in Upcoming Strikes

Operation will be testing lab for cyber war capabilities

U.S. military forces are expected to roll out new cyber warfare capabilities during the anticipated military strike on Syria for its use of a deadly nerve agent, according to military sources.

Targets of cyber attacks likely will include electronic command and control systems used by the Syrian military forces, air defense computers, and other military communications networks. Continue reading

Chinese military unit said to resume cyber spying

The clandestine army unit, known as Unit 61398, “went quiet for a while — they changed the nature of their activities, they removed some of the tools that they had been using inside of different companies,” said Richard Bejtlich of Mandiant, which specializes in defending companies from cyber attacks and purging malware from computer networks that have been breached. Continue reading

Securing Command — Strategic commander worried about cyber attacks on nuclear command and control

At times, news like this makes one wonder if it’s a strong case of déjà vu that was probably never fully admitted.

U.S. strategic nuclear weapons and the command systems that control them are vulnerable to cyber attacks although most are hardened against many types of electronic attacks, the commander of the U.S. Strategic Command said on Tuesday.

Air Force Gen. C. Robert Kehler said during a hearing of the Senate Armed Services Committee that nuclear weapons and the communications used to control them are older and thus less vulnerable to disruption by computer network attacks.

“However, we are very concerned with the potential of a cyber related attack on our nuclear command and control and on the weapons systems themselves,” Kehler said. “We do evaluate that.” Continue reading

Cyber Jihad

Iran steps up cyber attacks on U.S. financial institutions

Iran is continuing aggressive cyber attacks against U.S. financial institutions and officials say the U.S. government has failed to take steps to halt the electronic strikes. Continue reading