recentpopularlog in

jerryking : cyber_warfare   107

« earlier  
How China’s formidable cyber capabilities sparked a tech cold war
July 22, 2019 | | Financial Times | Geoff Dyer.

Chinese Spies: From Chairman Mao to Xi Jinping, by Roger Faligot, translated by Natasha Lehrer, Hurst, RRP£30, 568 pages.... the mercantilist mindset of the US administration and partly in the insecurities of a section of Washington’s foreign policy establishment, prompting the search for new demons to slay. But it is also an inevitable reaction to the aggressive intelligence and surveillance capabilities that China has installed.
Roger Faligot’s history of spying in the Chinese Communist party highlights the turbocharged growth in the nation’s intelligence services......Spying has been baked into the fabric of the Chinese Communist party since its earliest days......Faligot’s subject is the Chinese Communist party and its efforts to develop what he describes as the largest intelligence service in the world. He places particular emphasis on the state security ministry, known as the Guoanbu, the biggest of the non-military spying agencies......The central figure was Zhou Enlai, China’s premier from 1949 to 1976. Zhou’s early career is known more for the diplomatic skills he demonstrated during the second world war but he also developed a taste for clandestine activities as a young man in his twenties in Paris.
......Returning to China in 1928 after a spell at the GRU spy school in the Lenin Hills outside Moscow, Zhou established a series of intelligence networks which, Faligot writes, have a “direct link” with “today’s service”......Two themes, in particular, come through. First, right from the outset, China’s spy agencies latched on to the internet — both as a powerful weapon and as a tool for greater social control....As well as overseas intrusion, the intelligence agencies have been “given a mission to organise a vast system of control of the Chinese population”. Many of the new techniques were first developed in Xinjiang and Tibet, including the compulsory registration of internet users, which has been used to root out cyber-dissidents. ....The second theme is the way that these capabilities have now been harnessed by one all-powerful leader............Xi has conducted a sweeping anti-corruption drive whose biggest scalp was Zhou Yongkang, who in 2015 became the first ever former member of the politburo standing committee to be convicted of serious crimes and sentenced to life in prison. Arresting Zhou allowed Xi to take out a political rival. But it also allowed him to orchestrate a putsch of the security services, which Zhou had been in charge of in the previous administration. During his period as China’s effective spy chief, Zhou had set up what Faligot calls a “parallel diplomacy service” and had also been snooping on all the other senior Chinese leaders. The purge of “the old Zhou Yongkang system,” Faligot concludes, allowed Xi “to retake control of the CCP, the PLA and the secret services.”
books  book_reviews  China  Chinese_Communist_Party  Cold_War  cyberattacks  cyber_warfare  GRU  Guoanbu  new_tech_Cold_War  security_&_intelligence  Tibet  turbocharge  U.S.-China_relations  Xi_Jinping 
july 2019 by jerryking
Russian General Pitches ‘Information’ Operations as a Form of War - The New York Times
By Andrew E. Kramer
March 2, 2019

MOSCOW — The chief of Russia’s armed forces endorsed on Saturday the kind of tactics used by his country to intervene abroad, repeating a philosophy of so-called hybrid war that has earned him notoriety in the West, especially among American officials who have accused Russia of election meddling in 2016.
cyber_warfare  information_warfare  Russia  security_&_intelligence 
march 2019 by jerryking
Japan gears up for mega hack of its own citizens
February 5, 2019 | Financial Times | by Leo Lewis.

Yoshitaka Sakurada, Japan’s 68-year-old minister for cyber security, stands ready to press the button next week on an unprecedented hack of 200m internet enabled devices across Japan — a genuinely imaginative, epically-scaled and highly controversial government cyber attack on homes and businesses designed as an empirical test of the nation’s vulnerability. A new law, fraught with public contention over constitutionally-guaranteed privacy, was passed last May and has just come into effect to give the government the right to perform the hack and make this experiment possible. The scope for government over-reach, say critics, cannot be overstated. Webcams, routers and other devices will be targeted in the attacks, which will primarily establish what proportion have no password protection at all, or one that can be easily guessed. At best, say cyber security experts at FireEye, the experiment could rip through corporate Japan’s complacency and elevate security planning from the IT department to the C-suite.

The experiment, which will run for five years and is being administered through the Ministry of Internal Affairs and Communications, is intended to focus on devices that fall into the broadly-defined category of “internet of things” (IoT) — anything from a yoga mat that informs a smartphone of your contortions, to remotely controlled factory robots. And while cyber experts say IoT security may not be the very top priority in the fight against cyber crime and cyber warfare, they see good reasons why Japan has chosen to make its stand here.....warnings that the rise of IoT will create a vast new front of vulnerability unless the security of, for example, a web-enabled yoga mat is taken as seriously by both manufacturers and users as the security of a banking website. The big cyber security consultancies, along with various governments, have historically relied on a range of gauges to calculate the scale of the problem. The Japanese government’s own National Institute of Information and Communications Technology (NICT) uses scans of the dark web to estimate that, of the cyber attacks it detected in 2017, 54 per cent targeted IoT devices.
C-suite  cyberattacks  cyber_security  cyber_warfare  dark_web  experimentation  hacks  Industrial_Internet  Japan  overreach  preparation  privacy  readiness  testing  vulnerabilities  white_hats 
february 2019 by jerryking
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies - Bloomberg
October 4, 2018, 5:00 AM EDTILLUSTRATOR: SCOTT GELBER FOR BLOOMBERG BUSINESSWEEK
By and October 4, 2018, 5:00 AM EDT

In 2015, Amazon.com Inc. began quietly evaluating a startup called Elemental Technologies, a potential acquisition to help with a major expansion of its streaming video service, known today as Amazon Prime Video. Based in Portland, Ore., Elemental made software for compressing massive video files and formatting them for different devices. Its technology had helped stream the Olympic Games online, communicate with the International Space Station, and funnel drone footage to the Central Intelligence Agency. Elemental’s national security contracts weren’t the main reason for the proposed acquisition, but they fit nicely with Amazon’s government businesses, such as the highly secure cloud that Amazon Web Services (AWS) was building for the CIA......investigators determined that the chips allowed the attackers to create a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China.

This attack was something graver than the software-based incidents the world has grown accustomed to seeing. Hardware hacks are more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get.......Over the decades, the security of the supply chain became an article of faith despite repeated warnings by Western officials. A belief formed that China was unlikely to jeopardize its position as workshop to the world by letting its spies meddle in its factories. That left the decision about where to build commercial systems resting largely on where capacity was greatest and cheapest. “You end up with a classic Satan’s bargain,” one former U.S. official says. “You can have less supply than you want and guarantee it’s secure, or you can have the supply you need, but there will be risk. Every organization has accepted the second proposition.”
China  cyber_security  cyber_warfare  hacks  semiconductors  security_&_intelligence  supply_chains  infiltration 
january 2019 by jerryking
Computer vision: how Israel’s secret soldiers drive its tech success
November 20, 2018 | Financial Times | Mehul Srivastava in Tel Aviv.
.... those experiences that have helped such a tiny country become a leader in one of the most promising frontiers in the technology world: computer vision. Despite the unwieldy name it is an area that has come of age in the past few years, covering applications across dozens of industries that have one thing in common: the need for computers to figure out what their cameras are seeing, and for those computers to tell them what to do next.........Computer vision has become the connecting thread between some of Israel’s most valuable and promising tech companies. And unlike Israel’s traditional strengths— cyber security and mapping — computer vision slides into a broad range of different civilian industries, spawning companies in agriculture, medicine, sports, self-driving cars, the diamond industry and even shopping. 

In Israel, this lucrative field has benefited from a large pool of engineers and entrepreneurs trained for that very task in an elite, little-known group in the military — Unit 9900 — where they fine-tuned computer algorithms to digest millions of surveillance photos and sift out actionable intelligence. .........The full name for Unit 9900 — the Terrain Analysis, Accurate Mapping, Visual Collection and Interpretation Agency — hints at how it has created a critical mass of engineers indispensable for the future of this industry. The secretive unit has only recently allowed limited discussion of its work. But with an estimated 25,000 graduates, it has created a deep pool of talent that the tech sector has snapped up. 

Soldiers in Unit 9900 are assigned to strip out nuggets of intelligence from the images provided by Israel’s drones and satellites — from surveilling the crowded, chaotic streets of the Gaza Strip to the unending swaths of desert in Syria and the Sinai. 

With so much data to pour over, Unit 9900 came up with solutions, including recruiting Israelis on the autistic spectrum for their analytical and visual skills. In recent years, says Shir Agassi, who served in Unit 9900 for more than seven years, it learned to automate much of the process, teaching algorithms to spot nuances, slight variations in landscapes and how their targets moved and behaved.....“We had to take all these photos, all this film, all this geospatial evidence and break it down: how do you know what you’re seeing, what’s behind it, how will it impact your intelligence decisions?” .....“You’re asking yourself — if you were the enemy, where would you hide? Where are the tall buildings, where’s the element of surprise? Can you drive there, what will be the impact of weather on all this analysis?”

Computer vision was essential to this task....Teaching computers to look for variations allowed the unit to quickly scan thousands of kilometres of background to find actionable intelligence. “You have to find ways not just to make yourself more efficient, but also to find things that the regular eye can’t,” she says. “You need computer vision to answer these questions.”.....The development of massive databases — from close-ups of farm insects to medical scans to traffic data — has given Israeli companies a valuable headstart over rivals. And in an industry where every new image teaches the algorithm something useful, that has made catching up difficult.......“Computer vision is absolutely the thread that ties us to other Israeli companies,” he says. “I need people with the same unique DNA — smart PhDs in mathematics, neural network analysis — to tell a player in the NBA how to improve his jump shot.”
Israel  cyber_security  hackers  cyber_warfare  dual-use  Israeli  security_&_intelligence  IDF  computer_vision  machine_learning  Unit_9900  start_ups  gene_pool  imagery  algorithms  actionable_information  geospatial  mapping  internal_systems  PhDs  drones  satellites  surveillance  autism 
november 2018 by jerryking
Why is America so bad at information wars?
JULY 18, 2018 | Financial Times | Gillian Tett.

In his new book Messing With the Enemy, Clint Watts, a former FBI agent, describes this exchange as the first “international-terrorist-versus-counter-terrorist Twitter battle”......One way to make sense of today’s extraordinary cyber battles with the Russians is to look at how jihadi groups developed such campaigns years earlier — not least because this oft-ignored parallel shows how the US government has done a poor job fighting its enemies in cyberspace. “America sucks at information warfare,” Watts laments. “Absolutely sucks.”.....US officials attempted to fight back against Isis’s social media campaigns. Watts reveals that in 2013 while at the FBI — and later as a security consultant — he engaged in a long Twitter duel with American-born terrorist Omar Hammami. Other US intelligence groups tried to develop psychological-operations campaigns to fight the extremists. Some of the experimental techniques used to profile social media users were later deployed in the ad-tech industry by companies such as Cambridge Analytica.

However, the US military was simply too bureaucratic, slow moving and rule-laden to match its enemies. And the country that seemed to learn the most from the social media extremists was Russia: Watts describes how he inadvertently witnessed Russian-backed groups populating American social media from the autumn of 2015 onwards, copying some of the tactics of the Islamists....Watts’s proposed remedy is just as startling: he believes that US government agencies are now so ill-equipped to fight in these type of social media wars that it is time for non-government groups to take the lead instead.....many leading figures in Silicon Valley furtively express similar views. Indeed, some appear to be quietly funding civilian “volunteers” to do exactly what Watts suggests: namely, hunt for ways to counter Russian attacks by infiltrating enemy cyber groups.

Who knows whether this type of grass-roots action will work, or how widespread it might be — everything is deeply murky in the arena of cyberspace and information wars.
Gillian_Tett  information_warfare  U.S.  security_&_intelligence  Twitter  al-Shabab  books  cyber_warfare  Russians  hackers  Russia  disinformation  persuasion  trolls  politics  delegitimization  destabilization  deception  infiltration 
july 2018 by jerryking
Quantum Computing Will Reshape Digital Battlefield, Says Former NSA Director Hayden - CIO Journal. - WSJ
Jun 27, 2018 | WSJ | By Jennifer Strong.

In the ongoing battle between law enforcement and Apple Inc. over whether the company should assist the government in cracking into iPhones, Mr. Hayden says it “surprised a lot of folks that people like me generally side with Apple” and its CEO Tim Cook.

Do you believe there’s a deterrence failure when it comes to cyber threats?

Yes, and it’s been really interesting watching this debate take shape. I’m hearing folks who think we should be more aggressive using our offensive cyber power for defensive purposes. Now that’s not been national policy. We have not tried to dissuade other countries from attacking us digitally by attacking them digitally.

What are your current thoughts on quantum encryption or quantum codebreaking?

When machine guns arrived it clearly favored the defense. When tanks arrived? That favored the offense. One of the tragedies of military history is that you’ve got people making decisions who have not realized that the geometry of the battlefield has changed because of new weapons. And so you have the horrendous casualties in World War I and then you’ve got the French prepared to fight World War I again and German armor skirts the Maginot Line. Now I don’t know whether quantum computing will inherently favor the offense or inherently favor the defense, when it comes to encryption, security, espionage and so on, but I do know it’s going to affect something.

What other emerging technologies are you watching?

Henry Kissinger wrote an article about this recently in which he warned against our infatuation with data and artificial intelligence. We can’t let data crowd out wisdom. And so when I talk to people in the intelligence community who are going all out for big data and AI and algorithms I say, “you really do need somebody in there somewhere who understands Lebanese history, or the history of Islam.”
Michael_Hayden  codebreaking  security_&_intelligence  quantum_computing  NSA  Apple  cyber_security  encryption  cyber_warfare  Henry_Kissinger  wisdom  national_strategies  offensive_tactics  defensive_tactics 
june 2018 by jerryking
How Vladimir Putin mastered the cyber disinformation war
February 18, 2018 | FT | by Andrei Soldatov.

outsourcing cyber disinformation campaigns has become a tactic used by Russia to create plausible deniability and lower the costs and risks of controversial overseas operations. Today, Kremlin-backed cyber campaigns have an unorthodox chain of command. It is one in which non-state actors — primarily businessmen with personal ties to important figures in the Kremlin — call the shots, not, as in western cyber operations, the electronic and signals intelligence gathering wings of the army and government agencies.
Vladimir_Putin  Robert_Mueller  indictments  Russia  disinformation  persuasion  trolls  politics  delegitimization  destabilization  deception  cyber_warfare  information_warfare  Kremlin 
february 2018 by jerryking
Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core
NOV. 12, 2017 | The New York Times | By SCOTT SHANE, NICOLE PERLROTH and DAVID E. SANGER.

“These leaks have been incredibly damaging to our intelligence and cyber capabilities,” said Leon E. Panetta, the former defense secretary and director of the Central Intelligence Agency. “The fundamental purpose of intelligence is to be able to effectively penetrate our adversaries in order to gather vital intelligence. By its very nature, that only works if secrecy is maintained and our codes are protected.”
adversaries  data_breaches  hacking  vulnerabilities  counterintelligence  counterespionage  moles  malware  ransomware  Fedex  Mondelez  Edward_Snowden  security_&_intelligence  Russia  Leon_Panetta  NSA  cyber_security  cyber_warfare  cyberweapons  tools  David_Sanger  SecDef  CIA 
november 2017 by jerryking
Pentagon Turns to High-Speed Traders to Fortify Markets Against Cyberattack
Oct. 15, 2017 7| WSJ | By Alexander Osipovich.

"What it would be like if a malicious actor wanted to cause havoc on U.S. financial markets?".....Dozens of high-speed traders and others from Wall Street are helping the Pentagon study how hackers could unleash chaos in the U.S. financial system. The Department of Defense’s research arm, DARPA, over the past year and a half has consulted executives at high-frequency trading firms and quantitative hedge funds, and people from exchanges and other financial companies, participants in the discussions said. Officials described the effort, the Financial Markets Vulnerabilities Project, as an early-stage pilot project aimed at identifying market vulnerabilities.

Among the potential scenarios: Hackers could cripple a widely used payroll system; they could inject false information into stock-data feeds, sending trading algorithms out of whack; or they could flood the stock market with fake sell orders and trigger a market crash......Among potential targets that could appeal to hackers given their broad reach are credit-card companies, payment processors and payroll companies such as ADP, which handles the paychecks for one in six U.S. workers, participants said.....The goal of Darpa’s project is to develop a simulation of U.S. markets, which could be used to test scenarios, Such software would need to model complex, interrelated markets—not just stocks but also markets such as futures—as well as the behavior of automated trading systems operating within them....Many quantitative trading firms already do something similar.......
In 2009, military experts took part in a two-day war game exploring a “global financial war” involving China and Russia, according to “Currency Wars: The Making of the Next Global Crisis,” a 2011 book by James Rickards. ....“Our charge at Darpa is to think far out,” he said. “It’s not ‘What is the attack today?’ but ‘What are the vectors of attack 20 years from now?’”
Pentagon  financial_markets  financial_system  vulnerabilities  DARPA  traders  hedge_funds  Wall_Street  hackers  books  rogue_actors  scenario-planning  cyber_security  cyber_warfare  cyberattacks  high-frequency_trading  pilot_programs  contagions 
october 2017 by jerryking
3 Books That Help Make Sense of Cyberwar
MAY 24, 2017 | The New York Times | By CONCEPCIÓN DE LEÓN.

DARK TERRITORY (2016)
The Secret History of Cyber War
By Fred Kaplan

CYBER WAR (2010)
The Next Threat to National Security and What to Do About It
By Richard A. Clarke and Robert K. Knake
290 pp.
338 pp.

NEUROMANCER (1984)
By William Gibson
304 pp.
cyber_warfare  fiction  books  nonfiction  Fred_Kaplan  security_&_intelligence  William_Gibson  Richard_Clarke  hackers 
may 2017 by jerryking
Trump, Putin, and the New Cold War - The New Yorker
ANNALS OF DIPLOMACY
MARCH 6, 2017 ISSUE
TRUMP, PUTIN, AND THE NEW COLD WAR
What lay behind Russia’s interference in the 2016 election—and what lies ahead?
By Evan Osnos, David Remnick, and Joshua Yaffa
Vladimir_Putin  Cold_War  Donald_Trump  cyber_warfare  KGB 
march 2017 by jerryking
Putin Sees a Happy New Year - The New York Times
By MICHAEL KHODARKOVSKYDEC. 26, 2016

Today, Mr. Putin focuses the shrinking resources of a beleaguered Russian economy on the twin agendas of restoring Russia’s position among the world’s powers and undermining Western institutions. For him it is a zero sum game. Moscow can easily deploy thousands of hackers and trolls to achieve maximum disruption while Western democracies awaken too slowly to the dangers. And the dangers are grave. From state-sponsored mass doping in sports to corrosive business practices, from silencing political dissent at home to supporting brutal regimes abroad, Russia’s policies are rooted in deceit, graft and violence — a combination that presents an existential challenge to democracies.....This is not routine cyber intelligence, which many nations practice. Russia’s cyber activity seeks to confuse, destabilize and ultimately bring to power foreign governments pliant to Russia’s aims. That is an attack on the values and institutions of democratic societies, and, if successful, it achieves the same result as a military invasion to install a new government.
Russia  Vladimir_Putin  cyber_warfare  disinformation  destabilization  security_&_intelligence  propaganda  deception  zero-sum_games  offensive_tactics 
december 2016 by jerryking
Putin Is Waging Information Warfare. Here’s How to Fight Back. - The New York Times
By MARK GALEOTTIDEC. 14, 2016

the United States and its allies should pursue a strategy of deterrence by denial. Mr. Putin shouldn’t fear retaliation for his information warfare — he should fear that he will fail.

There are several ways to go about this. First, United States institutions need better cybersecurity defenses. Political parties and major newspapers are now targets just as much as the power grid and the Pentagon are. The government has to help provide security when it can — but people have a duty to be more vigilant and recognize that their cybersecurity is about protecting the country, not just their own email accounts. ....Finally, Mr. Putin’s own vanity could be turned into a weapon against him. Every time he overreaches, the American government should point it out. Every time he fails, we need to say so loudly and clearly. We should tell jokes about him. He can rewrite the record in Russia, but the West does not have to contribute to his mythmaking — and we should stop building him up by portraying him as a virtual supervillain.
cyberattacks  Vladimir_Putin  cyber_security  cyber_warfare  retaliation  security_&_intelligence  punitive  phishing  deterrence  economic_warfare  blacklists  retribution  disinformation  campaigns  destabilization  Russia  information_warfare  delegitimization  deception  overreach  power_grid 
december 2016 by jerryking
What Can the Next President Do About Russia? - WSJ
By ROBERT D. KAPLAN
Updated Oct. 16, 2016

Of the two great autocratic powers in Eurasia, Russia is emerging as a greater short-term threat than China. The Chinese hope to gradually dominate the waters off the Asian mainland without getting into a shooting war with the U.S. Yet while Beijing’s aggression is cool, Moscow’s is hot....Russia’s economic situation is much worse than China’s, and so the incentive of its leaders to dial up nationalism is that much greater. But the larger factor, one that Western elites have trouble understanding, cannot be quantified: A deeply embedded sense of historical insecurity makes Russian aggression crude, brazen, bloodthirsty and risk-prone. ....How does the U.S. build leverage on the ground, from the Baltic Sea to the Syrian desert, that puts America in a position where negotiations with Russia can make a strategic difference?....

For without the proper geopolitical context, the secretary of state is a missionary, not a diplomat. ...In the cyber domain the U.S. has not sufficiently drawn red lines. What kind of Russian hacking will result in either a proportionate, or even disproportionate, punitive response? The Obama administration seems to be proceeding ad hoc, as it has done with Russia policy in general. The next administration, along with projecting military force throughout the Russian near abroad, will have to project force in cyberspace, too.
Russia  Vladimir_Putin  Robert_Kaplan  threats  deterrence  nationalism  Baltics  NATO  U.S.foreign_policy  leverage  geopolitics  log_rolling  diplomacy  realism  balance_of_power  realpolitik  cyber_warfare  autocracies  insecurity  hacking  maritime  punitive  retribution  retaliation  South_China_Sea  ad_hoc  red_lines  China  autocrats 
october 2016 by jerryking
For Putin, Disinformation Is Power - The New York Times
AUG. 5, 2016 | The New York Times | By ARKADY OSTROVSKY.

Vladimir V. Putin told Larry King on CNN that his previous job as a K.G.B. officer had been like that of a journalist. “They have the same purpose of gathering information, synthesizing it and presenting it for the consumption of decision makers,”...During the Cold War, the Kremlin interfered in American politics for decades. The K.G.B.’s so-called active measures — subversion, media manipulations, forgery and the financing of some “peace” organizations — lay at the heart of Soviet intelligence.
disinformation  Vladimir_Putin  history  anti-Americanism  subversion  Donald_Trump  security_&_intelligence  Kremlin  WikiLeaks  propaganda  cyber_warfare  Cold_War  triumphalism  narratives  Dmitri_Medvedev  KGB  information_warfare  destabilization  deception 
august 2016 by jerryking
U.S. Cyber Command Chief on What Threats to Fear the Most - WSJ
June 19, 2016 | WSJ |

But the types of threats that we worry most about today that are new are adversaries taking full control of our networks, losing control of our networks, having a hacker appear to be a trusted user......MS. BLUMENSTEIN: Extraordinary investments are required now for cybersecurity. But looked at another way, there’s an extraordinary cost to getting it wrong.

I was talking to one of the CFOs out there who said, “Can you ask, what is the estimated loss?” Is there a total number? Or do you just know specific incidences?

On the military side, you can imagine the difficulty that would cause a commander, if he didn’t trust his own network or his data.
adversaries  cyber_security  cyber_warfare  threats  North_Korea  ISIS  network_risk  capabilities  Russia  China  Sony  data  Pentagon  U.S._Cyber_Command  cyberattacks 
june 2016 by jerryking
Software as Weaponry in a Computer-Connected World - The New York Times
JUNE 7, 2016 | NYT | By NICOLE PERLROTH.

On average, there are 15 to 50 defects per 1,000 lines of code in delivered software, according to Steve McConnell, the author of “Code Complete.” Today, most of the applications we rely on — Google Chrome, Microsoft, Firefox and Android — contain millions of lines of code. And the complexity of technology is increasing, and with it the potential for defects.

The motivation to find exploitable defects in widely used code has never been higher. Governments big and small are stockpiling vulnerabilities and exploits in hardware, software, applications, algorithms and even security defenses like firewalls and antivirus software.

They are using these holes to monitor their perceived enemies, and many governments are storing them for a rainy day, when they might just have to drop a payload that disrupts or degrades an adversary’s transportation, energy or financial system.

They are willing to pay anyone who can find and exploit these weaknesses top dollar to hand them over, and never speak a word to the companies whose programmers inadvertently wrote them into software in the first place.
adversaries  software  hackers  books  coding  vulnerabilities  exploits  software_bugs  bounties  black_markets  arms_race  cyber_warfare  cyber_security  Stuxnet  espionage  Iran  security_&_intelligence  malware  cyberweapons  weaponry  stockpiles  financial_system 
june 2016 by jerryking
U.S. Directs Cyberweapons at ISIS for First Time - The New York Times
APRIL 24, 2016 | NYT | By DAVID E. SANGER.

The United States has opened a new line of combat against the Islamic State, directing the military’s six-year-old Cyber Command for the first time to mount computer-network attacks that are now being used alongside more traditional weapons....The NSA, which specializes in electronic surveillance, has for years listened intensely to the militants of the Islamic State, and those reports are often part of the president’s daily intelligence briefing. But the N.S.A.’s military counterpart, Cyber Command, was focused largely on Russia, China, Iran and North Korea — where cyberattacks on the United States most frequently originate — and had run virtually no operations against what has become the most dangerous terrorist organization in the world...The goal of the new campaign is to disrupt the ability of the Islamic State to spread its message, attract new adherents, circulate orders from commanders and carry out day-to-day functions, like paying its fighters....The N.S.A. has spent years penetrating foreign networks — the Chinese military, Russian submarine communications, Internet traffic and other targets — placing thousands of “implants” in those networks to allow it to listen in.

But those implants can be used to manipulate data or to shut a network down. That frequently leads to a battle between the N.S.A. civilians — who know that to make use of an implant is to blow its cover — and the military operators who want to strike back. N.S.A. officials complained that once the implants were used to attack, the Islamic State militants would stop the use of a communications channel and perhaps start one that was harder to find, penetrate or de-encrypt.
ISIS  cyber_warfare  NSA  security_&_intelligence  terrorism  cyberweapons  exploits  hackers  software_bugs  vulnerabilities  Pentagon  U.S._Cyber_Command  campaigns  David_Sanger 
april 2016 by jerryking
Hacker Killed by Drone Was Islamic State’s ‘Secret Weapon’ - WSJ
By MARGARET COKER in London, DANNY YADRON in San Francisco and DAMIAN PALETTA in Washington
Aug. 27, 2015
ISIS  targeted_assassinations  drones  cyber_warfare  security_&_intelligence 
august 2015 by jerryking
U.S. Fears Data Stolen by Chinese Hacker Could Identify Spies - The New York Times
By MARK MAZZETTI and DAVID E. SANGER JULY 24, 2015

the hackers — who government officials are now reluctant to say publicly were working for the Chinese government — could still use the vast trove of information to identify American spies by a process of elimination. By combining the stolen data with information they have gathered over time, they said, the hackers can use “big data analytics” to draw conclusions about the identities of operatives....The C.I.A. and other agencies typically post their spies in American embassies, where the officers pose as diplomats working on political affairs, agricultural policy or other issues. The American Embassy in Beijing has long housed one of the largest C.I.A. stations in the world, with intelligence officers gathering information on China’s political maneuvering, economic development and military modernization.

Several current and former officials said that even if the identities of the agency officers were not in the personnel office’s database, Chinese intelligence operatives could run searches through the database on everyone granted visas to work at American diplomatic outposts in China. If any of the names are not found in the stolen files, those individuals could be suspected as spies by a process of elimination.
Chinese  data_breaches  China  hacks  CIA  espionage  security_&_intelligence  cyber_warfare  cyber_security  massive_data_sets  David_Sanger 
july 2015 by jerryking
Unit 8200: Israel’s cyber spy agency - FT.com
July 10, 2015 | FT| by John Reed.

Unit 8200, or shmone matayim as it’s called in Hebrew, is the equivalent of America’s National Security Agency and the largest single military unit in the Israel Defence Forces....Unit 8200. In few other countries does the military establishment mingle so closely with academia and business, to all three sectors’ profit. Last year, Israel’s export of cyber security products — designed to protect companies, banks and governments from the growing “dark web” of hackers, fraudsters and snoopers — topped $6bn, exceeding Israeli exports of military hardware for the first time. Today Israel, with just eight million people, captures about 10 per cent of the global cyber security market, which is growing rapidly after high-profile hacks that in some cases — such as at Target, and Sony last year — have cost CEOs their jobs....In an open letter in September 2014, published by Israel’s Yedioth Ahronoth newspaper and broadcast on Channel 10, a group of 43 serving and former 8200 reservists revealed what they said were coercive spying tactics being used on innocent Palestinians, including the collection of embarrassing sexual, financial or other information....But what does 8200 actually do? Israel, as Netanyahu never tires of saying, lives in a “bad neighbourhood” in the Middle East, surrounded by several countries it classifies as enemy states. This requires world-class hacking and artificial intelligence tools as warfare moves from conventional battlefields — land, sea and air — to include cyber terrain.
artificial_intelligence  cyber_security  cyber_warfare  dark_web  hackers  IDF  Israel  Israeli  security_&_intelligence  spycraft  Stuxnet  Unit_8200 
july 2015 by jerryking
Portents of World Cyberwar - WSJ
By L. GORDON CROVITZ
July 12, 2015

A new novel, “Ghost Fleet,” warns Americans about advances in cyberwarfare that could leave the U.S. as unprepared as Britain was against the U-boats. The title refers to mothballed warships and planes the U.S. recommissions because their pre-Internet technologies haven’t been hacked. (Disclosure: The publisher is Houghton Mifflin Harcourt, on whose board I serve.)

Authors Peter Singer and August Cole are think-tank policy wonks inspired by Tom Clancy’s 1986 “Red Storm Rising.” Clancy’s descriptions of emerging technology, including still-secret stealth aircraft, were so accurate that he was accused of using classified material. The authors of “Ghost Fleet” call their genre “useful fiction.”
cyber_warfare  China  China_rising  fiction  L._Gordon_Crovtiz  U.S._Navy  books  security_&_intelligence  Asia_Pacific  Tom_Clancy  unprepared  stealth 
july 2015 by jerryking
Holman Jenkins: Sony Lesson: Don’t Get Hacked - WSJ
By HOLMAN W. JENKINS, JR.
Dec. 19, 2014

What we want to know, the FBI is unlikely to find out: What exactly North Korea’s role was and how it may have stimulated others to act on its behalf. North Korean hackers stand on the shoulders of giants—Russian content thieves, Chinese business-secret spies, the politically minded hacktivsts who’ve been strafing Sony for a decade. Hacking is a swarm effort. Participants often don’t even know each other’s real names and nationalities. Don’t be surprised if hacker networks are also full of U.S. agents working for various government departments. Arrests might not have been made in the PlayStation case if a key participant hadn’t been an FBI informant....How Sony’s data security, given this history, could have been so third-rate is a mystery for a future business-school case study....
Holman_Jenkins  lessons_learned  hackers  cyber_security  North_Korea  cyber_warfare  Sony  vulnerabilities  blackmail  cyberattacks 
december 2014 by jerryking
North Korea: How Can the U.S. Respond to Sony Hack Attack? - WSJ
Dec. 20, 2014 | WSJ | By JONATHAN CHENG And JEYUP S. KWAAK.

SEOUL—U.S. President Barack Obama ’s warning on Friday of punitive action against North Korea following the cyberattack on Sony Pictures Entertainment raises a sticky question: what can the world’s leading military and economic power do to an isolated country that has successfully resisted decades worth of attempts to rein in its hostility?...However, engaging in any kind of cyber tit-for-tat with North Korea could undermine trust in the security of online banking and shopping services,
North_Korea  cyber_security  cyber_warfare  Sony  retaliation  sanctions  blacklists  economic_warfare  money_laundering  hackers  punitive  retribution  undermining_of_trust  cyberattacks 
december 2014 by jerryking
Cyber-warfare: Turning worm
Dec 13th 2014 || The Economist |

Timekeeper
Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon. By Kim Zetter. Crown; 433 pages; $25 and £20
computer_viruses  cyber_warfare  Stuxnet  security_&_intelligence  books  malware  software  coding  exploits 
december 2014 by jerryking
Holman Jenkins: Sony vs. North Korea - WSJ
By HOLMAN W. JENKINS, JR.
Dec. 9, 2014

In the cyberwar that’s coming, firewalls and antivirus software won’t be sufficient. Companies need business models that are robust against cyberattack. Sony’s isn’t, quite apart from the usual complaints now pouring forth from employees about poor workaday data security. (Excel files containing salary data apparently weren’t even password-protected.)
North_Korea  Sony  cyber_security  data_breaches  cyber_warfare  cyberattacks 
december 2014 by jerryking
China Hacking Is Deep and Diverse, Experts Say - WSJ
May 29, 2014 | WSJ | By DANNY YADRON in San Francisco, JAMES T. AREDDY in Shanghai and PAUL MOZUR in Beijing CONNECT
China  hackers  cyber_warfare  cyberattacks  cyber_security 
august 2014 by jerryking
China's Spy Agency Has Broad Reach - WSJ
By JAMES T. AREDDY in Shanghai, PAUL MOZUR in Beijing and DANNY YADRON in San Francisco CONNECT
July 7, 2014
China  security_&_intelligence  sigint  PLA  surveillance  3PLA  cyber_warfare 
august 2014 by jerryking
China's Spy Agency Has Broad Reach - WSJ
By JAMES T. AREDDY in Shanghai, PAUL MOZUR in Beijing and DANNY YADRON in San Francisco CONNECT
July 7, 2014
security_&_intelligence  China  cyber_warfare  PLA  espionage  sigint 
july 2014 by jerryking
‘The Director,’ by David Ignatius, a Novel About the C.I.A.
June 3, 2014 | NYTimes.com |By MICHIKO KAKUTANI.

Mr. Ignatius writes that “The Director” is “ultimately about American intelligence in the age of WikiLeaks, and whether it can adapt to a more open digital world and still do the hard work of espionage.” And the novel does provide a harrowing sense of the vulnerability of governments and ordinary people alike to cybercrime, surveillance and digital warfare in this day when almost anything and everything can be stolen or destroyed with some malicious pieces of code and a couple clicks of a mouse.....giving an intimate sense of American intelligence operations in a post-Sept. 11 world, and puts them in historical perspective with operations from the World War II and Cold War eras. He also provides a detailed, energetically researched account of how hackers inside and outside the government operate: how malware and back doors and worms actually work, how easily security and privacy shields can be breached, how relatively defenseless many financial networks are.
back_doors  books  book_reviews  CIA  cyber_security  cyber_warfare  David_Ignatius  espionage  exploits  fiction  hackers  hard_work  malware  security_&_intelligence  software_bugs  vulnerabilities  WikiLeaks 
june 2014 by jerryking
Fareed Zakaria: China’s cyberespionage presents a 21st-century challenge -
May 22, 2014 | The Washington Post | By Fareed Zakaria.
...Vladimir Putin might be a 19th-century statesman, using old-fashioned muscle to get his way, but it has become clear that Chinese President Xi Jinping goes one step further, comfortably embracing both 19th- and 21st-century tactics....it’s also worth studying Xi’s speech in Shanghai, given the same day the deal was struck. The meeting was a gathering of an obscure Asian regional group, one that includes Turkey, Iran and Russia but not the United States. His message was that Asians should take care of their own security. ...

...Cyberattacks are part of a new, messy, chaotic world, fueled by globalization and the information revolution. In a wired, networked world, it is much harder to shut down activity that blurs the lines between governments and private citizens, national and international realms, theft and warfare. And it certainly will not be possible to do so using traditional mechanisms of national security. Notice that Washington is using a legal mechanism (which will be ineffective and largely symbolic) for what is really a national security issue.

The Sino-Russian gas deal reminds us that traditional geopolitics is alive and well. Washington knows how to work its way in that world with its own alliances and initiatives. But cyberespionage represents a new frontier, and no one really has the ideas, tools or strategies to properly address this challenge.
Fareed_Zakaria  challenges  cyber_security  cyber_warfare  espionage  Vladimir_Putin  Russia  China  geopolitics  security_&_intelligence  natural_gas  21st._century  industrial_espionage  petro-politics  realpolitik  Asia  Xi_Jinping  statesmen  cyberattacks  cyberespionage 
may 2014 by jerryking
How CSEC became an electronic spying giant - The Globe and Mail
Nov. 30 2013 | The Globe and Mail | COLIN FREEZE.

Next year, the analysts, hackers and linguists who form the heart of Communications Security Establishment Canada are expected to move from their crumbling old campus in Ottawa to a gleaming new, $1-billion headquarters....Today, CSEC (pronounced like “seasick” ever since “Canada” was appended to the CSE brand) has evolved into a different machine: a deeply complex, deep-pocketed spying juggernaut that has seen its budget balloon to almost half a billion dollars and its ranks rise to more than 2,100 staff....You don’t have to understand the technology of modern spying to grasp the motivations behind it.

“When our Prime Minister goes abroad, no matter where he goes, what would be a boon for him to know?” said John Adams, chief of CSEC from 2005 through early 2012. “Do you think that they aren’t doing this to us?”...Electronic spying is expensive. Keeping hackers out of Canadian government computer systems, running some of the world’s fastest supercomputers and storing data in bulk costs money. Mr. Adams even made a point of hiring top mathematicians, with salaries exceeding his own, so CSEC could better crack encryption....CSEC also has a hungry clientele strewn across the federal bureaucracy. An internal document obtained by The Globe names a few of the customers: “CSEC provides intelligence reporting to over 1,000 clients across government, including the Privy Council Office, DND, Foreign Affairs and International Trade, Treasury Board Secretariat, CSIS and the RCMP.”
PCO  DND  CSIS  RCMP  Treasury_Board  Colin_Freeze  CSE  sigint  security_&_intelligence  cyber_warfare  cyber_security  Five_Eyes  Edward_Snowden  oversight  encryption  mathematics  GoC  intelligence_analysts 
december 2013 by jerryking
‘Cyberwar’ allegations threaten rift between Brazil and Canada
Oct. 07 2013 | The Globe and Mail | STEPHANIE NOLEN, COLIN FREEZE AND STEVEN CHASE.
Martin Rudner, a former Carleton University professor, said Canadian defence ministers have spent decades directing CSEC to collect foreign intelligence – including intelligence acquired through economic espionage.

He said Brazil could be a long-term strategic target, given its emerging oil resources could potentially cut into the market for Alberta oil. Probing the Brazilian energy ministry’s data would be one way for Ottawa to figure out the scale of that economic threat, Mr. Rudner said.

According to the Fantastico exposé, CSEC may have been trying to hack into an encrypted government server in Brazil that hosts correspondence between government officials and corporations. “These are state conversations, government strategies which no one should be able to eavesdrop upon,” Brazilian Energy Minister Edison Lobao was quoted as saying.

The leaked documents – all stamped “CSEC – Advanced Network Tradecraft”– yield intriguing glances into the previously unexplored world of Canadian cyberespionage, a world where disparate bits of data are painstakingly amassed in hopes of seeing what happens on a given “target’s” smarthphone or e-mail chains.
espionage  CSE  Brazil  cyber_warfare  cyber_security  Dilma_Rousseff  diplomacy  sigint  spycraft  Ottawa 
october 2013 by jerryking
A secretive world moves from cloak and dagger to the smartphone - FT.com
June 5, 2013 4:19 pm
A secretive world moves from cloak and dagger to the smartphone

By John Reed
The 21st century has produced one of the most effective: the “silent” smartphone.

Terrorists, drug barons or insurgents can pick up a networked mobile phone almost anywhere. If they avoid voice calls – which can be intercepted – and use them just for computing and instant messaging services, they can transact nefarious business with little fear of detection....
A three-year-old Israeli start-up, NSO, is selling what it calls “intelligence collection tools” that allow clients to combat perceived security threats posed by such users of smartphones. Its signature product is software that allows officials to obtain access to encrypted data transmitted via a user’s smartphone, tablet or other mobile device.
Israel  Israeli  start_ups  security_&_intelligence  cyber_security  cyber_warfare  mobile_phones 
june 2013 by jerryking
An Elizabethan Cyberwar - NYTimes.com
May 31, 2013 | NYT | By JORDAN CHANDLER HIRSCH and SAM ADELSBERG.

Instead of trying to beat back the New World instability of the Internet with an old playbook, American officials should embrace it. With the conflict placed in its proper perspective, policy makers could ratchet down the rhetoric and experiment with a new range of responses that go beyond condemnation but stop short of all-out cyberwar — giving them the room to maneuver without approaching cyberconflict as a path to Defcon 1.

In these legally uncharted waters, only Elizabethan guile, not cold war brinkmanship, will steer Washington through the storm.
cunning  cyber_warfare  China  China_rising  U.S.  security_&_intelligence  guile  lessons_learned  contextual  Elizabethan  cyber_security  instability  resilience  perspectives  tools  frenemies  espionage  risk-mitigation  policy_tools  cyberweapons  U.S.-China_relations  policymakers  policymaking  playbooks 
june 2013 by jerryking
Cyberattacks to threat to U.S., intelligence chief says - Google Drive
March 13,2013 | NYT | Mark Mazzetti and Scott Shane.

"The nation’s top intelligence official warned Congress on Tuesday that a cyberattack could cripple America’s infrastructure and economy and suggested that such attacks pose the most dangerous immediate threat to the United States, more pressing than an attack by global terrorist networks. James R. Clapper Jr., the director of national intelligence, said in prepared testimony to the Senate Intelligence Committee that American spy agencies saw only a 'remote chance' in the next two years of a major cyberattack — what he defined as an operation that 'would result in long-term, wide-scale disruption of services, such as a regional power outage.' Still, it was the first time that Mr. Clapper has listed cyberattacks first in his annual presentation to Congress about the various threats facing the United States, and the rare occasion since 2001 that intelligence officials have not listed international terrorism first in the catalog of dangers facing the United States."
cyber_warfare  China  Iran  security_&_intelligence  spymasters  infrastructure  power_grid  vulnerabilities  James_Clapper  cyberattacks  cyberthreats 
march 2013 by jerryking
Barack Obama: Taking the Cyberattack Threat Seriously - WSJ.com
July 19, 2012 | WSJ| Barack Obama

In a future conflict, an adversary unable to match our military supremacy on the battlefield might seek to exploit our computer vulnerabilities here at home.
adversaries  cyber_security  cyber_warfare  Obama  simulations  vulnerabilities  asymmetrical  cyberattacks 
july 2012 by jerryking
Pentagon Digs In on Cyberwar Front - WSJ.com
July 6, 2012 |WSJ | By JULIAN E. BARNES.

Pentagon Digs In on Cyberwar Front
Elite School Run by Air Force Trains Officers to Hunt Down Hackers and Launch Electronic Attacks
cyber_warfare  Pentagon  USAF  cyber_security  offensive_tactics 
july 2012 by jerryking
U.S. Probe Ties Chinese Cyberspying to Military - WSJ.com
December 13, 2011 | WSJ |By SIOBHAN GORMAN.
U.S. Homes In on China Spying
Probe Pinpoints Groups of Hackers and Ties Most to Military; Officials Prepare to Confront Beijing
cyber_warfare  China  hackers  PLA  NSA  security_&_intelligence  espionage 
april 2012 by jerryking
THE ABCs OF CYBER-SECURITY
April 27, 2012 | Report on Business | Ivor Tossell
Everything today is digital - and, increasingly, everything is getting hacked. To be absolutely safe, you could move into a cave. Or you could read our handy primer by online culture.xpert Ivor Tossell

IVOR TOSSELL
cyber_security  hackers  China  cyber_warfare  primers 
april 2012 by jerryking
Syria hack signals evolution of cyber warfare
Mar. 16, 2012 | - The Globe and Mail | Peter Apps.
cyber_warfare  Syria  hackers 
march 2012 by jerryking
« earlier      
per page:    204080120160

Copy this bookmark:





to read