Posts Tagged ‘cyber operations’

War of Words Escalates Between Iran, U.S.

October 8, 2017

TEHRAN THREATENS US BASES AS TRUMP RESHAPES IRAN STRATEGY

BY REUTERS
 OCTOBER 8, 2017 12:20

“If America’s new law for sanctions is passed, this country will have to move their regional bases outside the 2,000 km range of Iran’s missiles,” warns Revolutionary Guards Corps chief.

Iranian President Hassan Rouhani fires back at US President Donald Trump on Iran nuclear deal, October 7, 2017. (Reuters)

“As we’ve announced in the past, if America’s new law for sanctions is passed, this country will have to move their regional bases outside the 2,000 km range of Iran’s missiles,” Guards’ commander Mohammad Ali Jafari said, according to state media.

Jafari also said that additional sanctions would end the chances for future dialog with the United States, according to state media, and issued a stark warning to American troops.

“If the news is correct about the stupidity of the American government in considering the Revolutionary Guards a terrorist group, then the Revolutionary Guards will consider the American army to be like Islamic State all around the world particularly in the Middle East,” Jafari said.

The Revolutionary Guards (IRGC) are Iran’s most powerful internal and external security force. The Quds Force, the IRGC’s foreign espionage and paramilitary wing, and individuals and entities associated with the IRGC are on the US list of foreign terrorist organizations, but the organization as a whole is not.

Iran sees the Sunni Muslim militants of Islamic State as an existential threat to the Islamic Republic where the majority of the population are Shi’ites.

On June 7, Islamic State claimed an attack on Tehran’s parliament and the mausoleum of Ayatollah Ruhollah Khomeini, the founder of the Islamic Republic, killing 18 people. The Guards fired missiles at Islamic State bases in Syria on June 18 in response.

Guards commanders have framed their military involvement in Iraq and Syria, where they are fighting to support the government of President Bashar al-Assad, as a fight against Islamic State.

Dozens of members of the Guards, including senior commanders, have been killed in Syria and Iraq.

MISSILE PROGRAM

The website for state TV reported Jafari as adding that the United States was mistaken if it thought it could pressure Iran into negotiating on regional issues.

Jafari also said that Tehran would ramp up its defense capabilities, including its missile program, if the US undermined a nuclear deal between Iran and Western powers.

Under the 2015 deal, Iran agreed to limit its disputed nuclear program in return for the easing of economic sanctions.

However, Trump is expected to announce soon that he will decertify the deal, a senior administration official has said, in a step that potentially could cause the accord to unravel.

“The Americans should know that the Trump government’s stupid behavior with the nuclear deal will be used by the Islamic Republic as an opportunity to move ahead with its missile, regional and conventional defense program,” Jafari said, according to state media.

The prospect of Washington backtracking on the deal has worried some of the US allies that helped negotiate it, especially as the world grapples with another nuclear crisis in the shape of North Korea.

If Trump does not certify that Iran is in compliance, the U.S. Congress will have 60 days to decide whether to reimpose sanctions waived under the deal. U.N. inspectors have verified Iranian compliance with the terms.

The Guards navy was also carrying out a military exercise on Sunday in the Gulf, an area of tension with the US navy in recent months.More than 110 vessels were involved in the exercise, including some that have rocket and missile capabilities, a state media report quoted a Guards commander as saying.

Advertisements

Israeli Intelligence Was The First To Alert Allies To Laptop Bomb Threat to Aircraft

June 12, 2017

AFP

© AFP | Israeli spies hacked Islamic States computers to uncover a plot to blow up commercial airliners using laptop bombs, prompting a US ban on laptops and tablets on flights from Turkey and the Arab world, such as this Emrirates Airlines flight from Dubai coming in to land at Los Angeles Airport on March 21, 2017

WASHINGTON (AFP) –  Israeli government spies hacked into the operations of Islamic State bombmakers to discover they were developing a laptop computer bomb to blow up a commercial aircraft, the New York Times reported Monday.The Times said the work by Israeli cyber operators was a rare success of western intelligence against the constantly evolving, encryption-protected and social-media-driven cyber operations of the extremist group.

It said the Israeli hackers penetrated the small Syria-based cell of bombmakers months ago, an effort that led to the March 21 ban on carry-on laptops and other electronics larger than cellphones on direct flights to the United States from 10 airports in Turkey, the Middle East and North Africa.

The Israeli cyber-penetration “was how the United States learned that the terrorist group was working to make explosives that fooled airport X-ray machines and other screening by looking exactly like batteries for laptop computers,” the Times said.

The intelligence was so good that the detonation method for the bombs was understood, the Times said, citing two US officials familiar with the operation.

Following the US laptop ban, Britain announced a similar prohibition for flights originating from six countries.

Israel’s contribution to the intelligence on the laptop bombs became public after President Donald Trump revealed details on it to Russian Foreign Minister Sergei Lavrov in a May 10 White House meeting.

Trump’s disclosure “infuriated” Israeli officials, according to the Times.

U.S. military cyber operation to attack ISIS last year sparked heated debate over alerting allies

May 9, 2017

.


The Washington Post
May 9 at 6:00 AM
.
A secret global operation by the Pentagon late last year to sabotage the Islamic State’s online videos and propaganda sparked fierce debate inside the government over whether it was necessary to notify countries that are home to computer hosting services used by the extremist group, including U.S. allies in Europe.

While U.S. Cyber Command claimed success in carrying out what was called Operation Glowing Symphony, the issue remained unresolved and now confronts the Trump administration, which is conducting a broad review of what powers to give the military in countering the Islamic State, including in the cyber realm.

As part of the operation, Cyber Command obtained the passwords to a number of Islamic State administrator accounts and then used them to access the accounts, change the passwords and delete content such as battlefield video. It also shut the group’s propaganda specialists out of their accounts, former officials said.

Cybercom developed the campaign under pressure from then-Defense Secretary Ashton B. Carter, who wanted the command to raise its game against the Islamic State. But when the CIA, State Department and FBI got wind of the plan to conduct operations inside the borders of other countries without telling them, officials at the agencies immediately became concerned that the campaign could undermine cooperation with those countries on law enforcement, intelligence and counterterrorism.

The issue took the Obama National Security Council weeks to address and still looms large for the Trump administration as the military seeks greater latitude to wage offensive cyber operations around the world.

“It’s a tricky thing to navigate,” said aformer U.S. official, who like a dozen other current and former officials interviewed, declined to be named because the operation remains classified. “Think how we would react if one of our allies undertook a cyber operation that affected servers here in the United States without giving us a heads-up.”

The operation was supposed to be launched at the end of September last year. Pentagon officials argued that under an existing authority they had to counter terrorists’ use of the Internet they did not need to request the permission of countries in which they were zapping propaganda.

“At a very basic level, what they were trying to do was remove content that the adversary was putting out there,” said a former defense official. “It didn’t require exquisite tools.”

The Pentagon drew up a list of about 35 countries outside of the war zones of Iraq and Syria that might have hosting services with videos and other Islamic State content to remove.

In a series of Obama Situation Room meetings, CIA Director John Brennan, Secretary of State John F. Kerry, FBI Director James B. Comey and Director of National Intelligence James R. Clapper Jr. argued that notice was necessary — especially to allied countries — to preserve relationships. Carter, Cybercom commander Adm. Michael S. Rogers and Gen. Joseph F. Dunford Jr., the chairman of the Joint Chiefs of Staff, countered that existing authority did not require it, particularly as the Pentagon insisted there would be no harmful collateral effects.

They also argued that if notice is given, word of the operation could leak. That could tip off the target and enable other adversaries to discover the command’s cyber capabilities.

A major flash point was Germany, a strategic ally and a country with which the United States had a dust-up several years ago in the wake of disclosures by former National Security Agency contractor Edward Snowden that the NSA had intercepted the phone calls of Chancellor Angela Merkel.

In the end,about 15 countries were notified, but action was taken in only about five or six.

Beginning in November, personnel at Cybercom’s headquarters in Fort Meade, Md., began a rolling series of propaganda takedowns and account lockouts in a campaign that stretched into the new year.

The Pentagon and Cyber Command officials maintain the operation was a success. It showed that Cybercom could integrate computer attack capabilities into traditional battle plans as U.S. Central Command sought to help local allies push the Islamic State out of strongholds in Iraq and Syria.

Intercepts of Islamic State militants revealed that in some cases they “didn’t know what the hell was going on” with their platforms, one former official said.

A senior defense official said: “It took a little while, but they learned so much in the first few months of doing it that it set the stage for things that are happening now, and I would say for operations in the future.”

U.S. intelligence officers, in contrast, concluded about a month into the campaign that the impact on the Islamic State was short-lived at best as the group either restored the content or moved it to new servers, current and former officials said.

The conflicting assessments stem from different definitions of success, said a second former defense official. “Cyber Command and DOD tend to define success as temporary disruptions or distraction of the adversary,” he said, while “the intelligence analysts say, ‘Prove to me what effect you had. Was it or wasn’t it enduring?’”

Private sector researchers who track militant websites also expressed skepticism about the operation’s value. Evan Kohlmann, chief innovation officer of Flashpoint, a research firm, said there was a dip in Islamic State propaganda releases beginning in mid-October that lasted through January, but it was impossible to know whether it was the result of cyber operations or physical operations in Syria.

“In the last year, ISIS has suffered heavy casualties among its media emirs, video narrators, cameramen, and others associated with propaganda production,” Kohlmann said, using an acronym for the Islamic State. “Even absent any specific cyber campaign targeting them, one would naturally expect them to be producing and releasing less content.”

Rita Katz, director of SITE Intelligence Group, said the group’s primary means to release propaganda is on the encrypted messaging app, Telegram, through a channel called Nashir, which has suffered no significant disruptions in the past six months. “ISIS media isn’t something you can just shut off or directly disrupt,” she said. “The group and its network of supporters are too adaptive and persistent, and they’ll adjust to any attempts to do so.”

The operation was carried out by Cybercom’s Joint Task Force Ares, created by Rogers last year to develop digital weapons and strategies to go after the Islamic State’s networks.

Adam Entous, Greg Miller and Missy Ryan contributed to this report.

https://www.washingtonpost.com/world/national-security/us-military-cyber-operation-to-attack-isis-last-year-sparked-heated-debate-over-alerting-allies/2017/05/08/93a120a2-30d5-11e7-9dec-764dc781686f_story.html?utm_term=.12a27a10248f

Russian Cyber Operations Related to the U.S. Election — Russia Is Ready For Cyber War — Is The U.S. About To Retaliate?

October 15, 2016

.

U.S. Poised For Unprecedented Cyber Assault Targeting Russia 3:17
http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636

The Obama administration is contemplating an unprecedented cyber covert action against Russia in retaliation for alleged Russian interference in the American presidential election, U.S. intelligence officials told NBC News.

Current and former officials with direct knowledge of the situation say the CIA has been asked to deliver options to the White House for a wide-ranging “clandestine” cyber operation designed to harass and “embarrass” the Kremlin leadership.

The sources did not elaborate on the exact measures the CIA was considering, but said the agency had already begun opening cyber doors, selecting targets and making other preparations for an operation. Former intelligence officers told NBC News that the agency had gathered reams of documents that could expose unsavory tactics by Russian President Vladimir Putin.

Vice President Joe Biden told “Meet the Press” moderator Chuck Todd on Friday that “we’re sending a message” to Putin and that “it will be at the time of our choosing, and under the circumstances that will have the greatest impact.”

When asked if the American public will know a message was sent, the vice president replied, “Hope not.”

Retired Admiral James Stavridis told NBC News’ Cynthia McFadden that the U.S. should attack Russia’s ability to censor its internal internet traffic and expose the financial dealings of Putin and his associates.

“It’s well known that there’s great deal of offshore money moved outside of Russia from oligarchs,” he said. “It would be very embarrassing if that was revealed, and that would be a proportional response to what we’ve seen” in Russia’s alleged hacks and leaks targeting U.S. public opinion.

Sean Kanuck, who was until this spring the senior U.S. intelligence official responsible for analyzing Russian cyber capabilities, said not mounting a response would carry a cost.

MTP Exclusive: VP Biden Promises Response to Russian Hacking 1:00
http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636

“If you publicly accuse someone,” he said, “and don’t follow it up with a responsive action, that may weaken the credible threat of your response capability.”

President Obama will ultimately have to decide whether he will authorize a CIA operation. Officials told NBC News that for now there are divisions at the top of the administration about whether to proceed.

Two former CIA officers who worked on Russia told NBC News that there is a long history of the White House asking the CIA to come up with options for covert action against Russia, including cyber options — only to abandon the idea.

“We’ve always hesitated to use a lot of stuff we’ve had, but that’s a political decision,” one former officer said. “If someone has decided, `We’ve had enough of the Russians,’ there is a lot we can do. Step one is to remind them that two can play at this game and we have a lot of stuff. Step two, if you are looking to mess with their networks, we can do that, but then the issue becomes, they can do worse things to us in other places.”

A second former officer, who helped run intelligence operations against Russia, said he was asked several times in recent years to work on covert action plans, but “none of the options were particularly good, nor did we think that any of them would be particularly effective,” he said.

Putin is almost beyond embarrassing, he said, and anything the U.S. can do against, for example, Russian bank accounts, the Russian can do in response.

“Do you want to have Barack Obama bouncing checks?” he asked.

Former CIA deputy director Michael Morell expressed skepticism that the U.S. would go so far as to attack Russian networks.

“Physical attacks on networks is not something the U.S. wants to do because we don’t want to set a precedent for other countries to do it as well, including against us,” he said. “My own view is that our response shouldn’t be covert — it should overt, for everybody to see.”

The Obama administration is debating just that question, officials say — whether to respond to Russia via cyber means, or with traditional measures such as sanctions.

The CIA’s cyber operation is being prepared by a team within the CIA’s Center for Cyber Intelligence, documents indicate. According to officials, the team has a staff of hundreds and a budget in the hundreds of millions, they say.

The covert action plan is designed to protect the U.S. election system and insure that Russian hackers can’t interfere with the November vote, officials say. Another goal is to send a message to Russia that it has crossed a line, officials say.

While the National Security Agency is the center for American digital spying, the CIA is the lead agency for covert action and has its own cyber capabilities. It sometimes brings in the NSA and the Pentagon to help, officials say.

Could Russian Hackers Be Targeting U.S. Election Systems?2:17
http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636

In earlier days, the CIA was behind efforts to use the internet to put pressure on Slobodan Milosevic in Serbia in 1999, and to pressure Iraqi leadership in 2003 to split off from Saddam Hussein.

According to documents leaked by Edward Snowden, the CIA requested $685.4 million for computer network operations in 2013, compared to $1 billion by the NSA.

Retired Gen. Mike Hayden, who ran the CIA after leading the NSA, wrote this year: “We even had our own cyber force, the Information Operations Center (IOC), that former CIA director George Tenet launched and which had grown steadily under the next spy chief, Porter Goss, and me. The CIA didn’t try to replicate or try to compete with NSA… the IOC was a lot like Marine Corps aviation while NSA was an awful lot like America’s Air Force.”

“I would quote a Russian proverb,” said Adm. Stavridis, “which is, ‘Probe with bayonets. When you hit mush, proceed. When you hit steel withdraw.’ I think unless we stand up to this kind of cyber attack from Russia, we’ll only see more and more of it in the future.”

http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636

**************************

By Joe Tacopino
New York Post
October 14, 2016 | 11:09pm

The Obama administration is threatening to launch a vast cyber war against Russia in response to the country’s alleged interference with the presidential election.

Vice President Joe Biden told NBC News Friday that “we’re sending a message” to Russian President Vladimir Putin and that the wide-ranging “clandestine” cyber operation will take place.

“We’re sending a message,” Biden said during an interview with “Meet the Press” that will air on Sunday. “We have the capacity to do it. It will be at the time of our choosing, and under the circumstances that will have the greatest impact,”

The vice president belittled Russia’s alleged interference in the US election but stressed their efforts, however futile, would be responded in kind.

“Their capacity to fundamentally alter the election is not what people think,” Biden said.

“And I tell you what, to the extent that they do we will be proportional in what we do.”

It was not clear whether the American public would be alerted when or if an attack actually took place. When asked about whether the public would even be aware an attack took place Biden simply said “Hope not.”

Intelligence officials told NBC News that CIA has already begun “opening cyber doors, selecting targets and making other preparations for an operation.”

James Stavridis, a retired four-star Navy admiral who served as the supreme allied commander at NATO, told NBC that the CIA should “embarrass” the Kremlin by exposing financial dealings of Putin and his cronies.

“It’s well known that there’s great deal of offshore money moved outside of Russia from oligarchs,” Stavridis said. “It would be very embarrassing if that was revealed, and that would be a proportional response to what we’ve seen” in the recent hacks into US political figures and committees.

The US publicly blamed Russia last week for the recent cyberattacks against Democratic Party organizations.

“These thefts and disclosures are intended to interfere with the U.S. election process,” the Office of Director of National Intelligence and the Department of Homeland Security said in a joint statement last Friday. “We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities.”

The talk of an impending cyber war between the two countries takes place while the powers struggle to collaborate in the war against ISIS and inside Syria.

The ultimate decision on whether to launch to cyber attack would rest with President Obama, officials said. Sources told NBC News that there are diverging view within the administration about how to proceed.

“I think unless we stand up to this kind of cyber attack from Russia, we’ll only see more and more of it in the future,” Admiral Stavridis said.

http://nypost.com/2016/10/14/us-prepped-for-massive-cyber-assault-on-russia/

**************************

CBS News

Gen. Michael Hayden: Russia launches cyberattacks to “mess with our heads”

One of the most critical issues facing the 2016 presidential nominees is national security. In this installment of “Issues That Matter,” retired four-star Air Force Gen. Michael Hayden – who served as director of the CIA and the NSA, as well as principal deputy director of national intelligence – takes a look at the threats the next president will have to confront.

.
The Obama administration is “confident” that Russia is trying to interfere in the presidential election – and so is the former CIA and NSA director, Gen. Michael Hayden. Though Russia has denied the allegations, Hayden says he thinks Russia is trying to “erode” Americans’ larger confidence in the political process.

“The Clinton campaign has said they’re doing it to pick a winner. I don’t think that’s true,” Hayden, a retired four-star Air Force general, told “CBS This Morning” Friday. “It’s to mess with our heads. It’s to do to us what he thinks we do to him and his political processes. It’s a way of his pushing back against what he views to be American pressure.”

Hayden believes Russian criminal gangs, directed by the Russian state, are behind the hack of Clinton campaign chairman John Podesta’s emails. Clinton has vowed as president to fight cyberattacks like any other assault on the country, with “serious political, economic and military responses.” Hayden agrees, but thinks cyberattacks should be examined in a larger context.

“Don’t put this in the ‘cyber problem’ box. Put this in the ‘Russian problem’ box,” Hayden said. “Put this in that box with all these other indicators – actual Russian behavior to which we should respond – in my view, respond more robustly than we’ve responded.”

Hayden said the Obama administration’s response to the Russia’s intervention in Syria has been “too light,” agreeing with criticism that the U.S. has created a “vacuum” in the war-torn country. Hayden suggested different ways U.S. actions could be “more robust” to create a “tectonic shift in a Russian pressure point.”

“Can we be more robust in Ukraine, with regard to what we may or may not provide them? Can we be more robust in Syria, with how much space we give the Russians to operate?” Hayden said. “Getting out of the narrow box, why don’t we make it American policy to wean the Europeans off of Russian gas? Why don’t we simply say, ‘We got it, we’re going to exploit it, and we’re going to ship it.’”

Hillary Clinton and Donald Trump have found little common ground on issues in the presidential campaign, but both have suggested setting up some form of safe zones in Syria. Hayden agreed, but said it would be complicated to do – especially given Russia’s presence there – and suggested creating “relatively thin zones” along the Turkish and Jordanian borders.

“And here’s where it really gets tough, all right? And at this point you actually got to say to all the players,’We’re serious. This is a safe zone.’ Now we got responsibilities. We can’t let one side or the other operate out of there and conduct attacks. That’s our policing function, it’s not yours, you can’t go there,’” Hayden said.

Hayden – who has yet to endorse either candidate but has said Trump was not qualified to be president – said he agreed with Republican vice presidential nominee Mike Pence’s statement that the U.S. should be prepared to use military force to strike military targets of the Assad regime, if Russia continues to be involved in airstrikes.

.
“I thought (that) was far more robust. Unfortunately, he was disowned by his own presidential candidate,” Hayden said, referring to Trump’s claim in the second presidential debate that he disagreed with his running mate on the Syrian matter.

Former CIA and NSA director Gen. Michael Hayden

“But I do think on a raw, humanitarian basis, we’ve got to do more,” Hayden said.

Hayden also addressed other critical foreign policy issues confronting the next president, ranking them on a timeline according to “how bad is it, how much time do you have?” Hayden set terrorism – cyberattacks included – first on the timeline, then, three to five years from now, threats from “ambitious, fragile and nuclear” states including North Korea, Pakistan, Iran and Russia.

“And then… when I run the timeline out here about ten years, I got this bubble way up here that’s really important and that’s the Sino-American relationship,” Hayden said. “Not saying China’s an enemy, but if we don’t get that right, over the long term, that’s pass-fail.”

http://www.cbsnews.com/news/issues-that-matter-2016-presidential-race-michael-hayden-donald-trump-hillary-clinton-foreign-policy/

Related:

)

Two F-15K Slam Eagles flying above a U.S. Air Force B-1B Lancer supersonic bomber over South Korea on Sept. 21, a show of force the U.S. said was aimed at reminding North Korea of its powerful military assets in the region. The flight was the closest a B-1 has ever been to the inter-Korean border.
Two F-15K Slam Eagles flying above a U.S. Air Force B-1B Lancer supersonic bomber over South Korea on Sept. 21, a show of force the U.S. said was aimed at reminding North Korea of its powerful military assets in the region. The flight was the closest a B-1 has ever been to the inter-Korean border. PHOTO: KYEONG RYUL/AGENCE FRANCE-PRESSE/GETTY IMAGES

U.S. Decides to Retaliate Against China’s Hacking — The Manner and Timing Were Not Revealed

July 31, 2015

The Obama Administration said on Friday, July 31, 2015 that it would retaliate to China’s cyber attacks and hacking of the U.S. But nobody knows how or when….

AND The Los Angeles Times

A barrage of cyberattacks on government agencies, blue-chip companies and critical infrastructure has prompted Pentagon officials to take a hard look at adapting the military concept that helped keep the world safe from nuclear bombings during the Cold War to the digital battlefield of the 21st century.

For four decades, the U.S. and the Soviet Union built up massive stockpiles of nuclear weapons but never used them. Part of the reason was the belief on both sides that any attack would be met with an equally devastating counterstrike. Military planners called the idea mutually assured destruction.

Today, plans for “cyber deterrence” aim to develop something analogous — an ability to retaliate that would be so threatening that no adversary would try to breach federal computer networks.

National security officials have recently stepped up their public warnings about the need to build such a deterrent.

The Pentagon’s Cyber Command and the National Security Administration, with headquarters at Ft. Meade in Maryland, are looking for ways to deter foreign cyberattacks against U.S. government and business targets. (Patrick Semansky / Associated Press)

“If we do nothing, then one of the potential unintended consequences of this could be, does this send a signal to other nation states, other groups, other actors that this kind of behavior is OK and that you can do this without generating any kind of response?” Adm. Mike Rogers said in a recent speech. Rogers, who is both the military’s top commander for cyber operations as head of U.S. Cyber Command and director of the National Security Agency, made the remarks at the Aspen Security Forum in Aspen, Colo., last week.

National Security Agency director Mike Rogers.  (AP Photo/Marcio Jose Sanchez)

Without an aggressive U.S. response as a deterrent, a rise in destructive cyberattacks against government and business appears likely, a recent intelligence assessment predicted.

“Until such time as we come up with a form of deterrence that works, we’re going to have more and more of this,” said Director of National Intelligence James R. Clapper, also at the Aspen forum.

“I think the next wave, if you will, will be data deletions and data manipulation, which will also be very, very damaging,” Clapper said.

But despite a significant increase in the number of attacks, the Obama administration has not settled on a consistent policy for responding.

Director of National Intelligence James Clapper.
Director of National Intelligence James Clapper. PHOTO: BRYAN THOMAS/GETTY IMAGES

As the internal debates continue, the problem has escalated.

In recent months, thousands of emails have been sent to government addresses by hackers trying to entice federal officials into downloading carefully disguised spyware. The “spear-phishing” emails are tailored to convince the recipient to open an attachment.

The increase in state-sponsored computer attacks stems in part from a perception that “there is little price to pay for engaging in some pretty aggressive behaviors” online, Rogers said.

In many cases, hackers designed the spear-phishing emails using personal information stolen in earlier breaches of government databases, including what officials say was China’s theft of millions of security-clearance files from the Office of Personnel Management and the infiltration by Russian hackers of the State Department’s unclassified email system. Officials say the personnel records are a gold mine for designing future cyberattacks and approaching American government officials who might be turned into spies.

Those incidents were part of an escalating fusillade of cyberattacks, some of which caught U.S. intelligence off-guard.

In February 2014, hackers who officials say were linked to Iran erased hard drives and froze servers running slot machines and loyalty rewards programs at Las Vegas Sands Corp. casinos in Las Vegas. Sands was likely targeted because the casino company’s owner, conservative billionaire Sheldon Adelson, had said the year before that a “mushroom cloud” could rise over Tehran if it continued its nuclear development program.

November saw the attack on Sony Pictures, in which hackers wiped out data and released sensitive files. The FBI said the North Korean government wanted to prevent the studio from releasing “The Interview,” a film that mocked leader Kim Jong Un. Sony has spent at least $15 million to repair the damage.

Then, the attacks on the State Department email system and the government’s personnel files proved how vulnerable some government systems were.

“The number of threats have gotten worse and are only escalating,” warned Mac Thornberry (R-Texas), chairman of the House Armed Services Committee. “We have to figure out how to retaliate against an attack.”

Building a cyber deterrent, however, is more complicated in some ways than developing the capacity to retaliate against a nuclear strike.

One set of problems involves the unintended consequences of deploying a cyber weapon. Intelligence analysts have warned that if the U.S. decides to engage in tit-for-tat cyberattacks, the effect could ripple across the World Wide Web. Even though the Internet was invented by American computer scientists, existing defenses on U.S. computer systems may not be strong enough to withstand a series of counterattacks.

Another difficulty is identifying an attacker. If a nuclear-tipped missile were launched toward the U.S., it wouldn’t be difficult to identify where it came from. Determining the origin of a cyberattack is sometimes much harder.

“This is a new realm of war,” said Peter W. Singer, a fellow at the nonprofit New America Foundation in Washington and coauthor of the book “Cybersecurity and Cyberwar.”

“We need to get better at it. We need to develop a better deterrence model. But it’s never going to protect you against 100% of all attacks that’s sent your way.”

Military officials insist, however, that given enough time, they can develop tools that will work. During a congressional hearing in March, Rogers discussed the need to build up a stock of cyber weapons to deter foreign countries from trying to hack vital networks.

“Just as we fashioned a formidable nuclear capability that served us through the Cold War and beyond, I am confident in our ability to keep pace with adversaries,” he said.

http://www.latimes.com/nation/la-na-cyber-deterrent-20150731-story.html#page=1

ALSO:

Washington’s fight over the budget might shut down the government again

Obama seeks support for Iran deal by reminding allies of Iraq war

Congress approves stopgap bill to keep highway projects going

******************************************

U.S. Decides to Retaliate Against China’s Hacking

The Obama administration has determined that it must retaliate againstChina for the theft of the personal information of more than 20 million Americans from the databases of the Office of Personnel Management, but it is still struggling to decide what it can do without prompting an escalating cyberconflict.

The decision came after the administration concluded that the hacking attack was so vast in scope and ambition that the usual practices for dealing with traditional espionage cases did not apply.

But in a series of classified meetings, officials have struggled to choose among options that range from largely symbolic responses — for example, diplomatic protests or the ouster of known Chinese agents in the United States — to more significant actions that some officials fear could lead to an escalation of the hacking conflict between the two countries.

Read the rest:

Related:

.

The “Dirty Tricks” Used By British Spies, As Revealed By Edward Snowden

February 8, 2014

Revelations from documents taken from NSA leaked by Edward Snowden

  • Outline techniques used by Joint Threat Research and Intelligence Group
  • Spy unit whose goal is to ‘destroy, deny, degrade [and] disrupt’ enemies

By Jill Reilly

 

British spies employed ‘dirty tricks’ including ‘honey traps’ to trap nations, hackers, terror groups, suspected criminals and arms dealers, according to leaked documents.

The bombshell revelations have been made public through the release of documents taken from the National Security Agency by whistle-blower Edward Snowden.

The Powerpoint slides outline techniques apparently used by the Joint  Threat Research and Intelligence Group (JTRIG), a British spy unit whose  goal is to ‘destroy, deny, degrade [and] disrupt’ enemies.

British spies employed 'dirty tricks' including honey traps' in a bid to trap nations, hackers, terror groups, suspected criminals and arms dealers

British spies employed ‘dirty tricks’ including honey traps’ in a bid to trap nations, hackers, terror groups, suspected criminals and arms dealers

 

The slides from 2010 and 2012, published by NBC News show that  the JTRIG completed their mission by ‘discrediting’ adversaries through  misinformation and hacking their communications.

Two main methods of attack detailed in the ‘Effects’ campaigns are cyber operations and propaganda campaigns.

The bombshell revelations have been made public through the release of documents taken from the National Security Agency by whistleblower Edward Snowden

The bombshell revelations have been made public through the release of documents taken from the National Security Agency by whistleblower Edward Snowden

 

JTRIG, which is part of the NSA’s British counterpart, the cyber spy agency known as GCHQ, used Twitter, Flickr, Facebook and YouTube for deception, mass messaging and ‘pushing stories’.

Another strategy is ‘false flag’  operations – this is when British agents carry out online actions that are  designed to look like they were performed by one of Britain’s  adversaries.

The main cyber attack is the ‘distributed denial of service’ (DDoS) attack.

This is when computers are taken over by hackers and they bombard a website’s  host computers with requests for information causing it to crash –  this is a method successfully used by Wikileaks hackers.

Earlier this week it was revealed that JTRIG agents issued their DDoS on  Anonymous chat rooms, preventing its users from communicating with one  another.

In one case, reported the BBC,  agents are said to have tricked a hacker nicknamed P0ke who claimed to  have stolen data from the US government. They did this by sending him a  link to a BBC article entitled: ‘Who loves the hacktivists?’

Eric King, an attorney who currently teaches IT law at the London School of  Economics, told NBC it is ‘remarkable’ that the GCHQ has become so adept at launching DDoS attacks without ‘clear lawful authority,’  particularly because the British government has criticised similar strategies used by other  governments.

‘GCHQ has no clear authority to send a virus or conduct cyber-attacks,’ he said. ‘Hacking is one of the most  invasive methods of surveillance.’

According to notes on the 2012 documents, a computer virus called Ambassadors  Reception was ‘used in a variety of different areas’ and was ‘very  effective.’

More…

 

 

 

When sent to adversaries, says the presentation, the virus will ‘encrypt itself, delete all emails, encrypt all files, make [the] screen shake’ and block the computer user from logging on.

One of the ways to block a target communicating reads: ‘Bombard their phone with text messages, bombard their phone with calls, delete their online presence, block up their fax machine.’

The slide details examples of how this was used in Afghanistan including significantly disrupting the Taliban, sending targets a text message ‘every 10 seconds or so’ and ‘calling targets on a regular basis’.

The British cyber spies also used blog posts and information spread via blogs in an operation against Iran.

Mobile phone user
A young woman looking at Facebook website on laptop computer

One of the ways to stop a target communicating reads: ‘Bombard their phone with text messages, bombard their phone with calls, delete their online presence, block up their fax machine’

 

 

The same 2012 presentation describes the ‘honey trap’ method of discrediting a target commenting it is ‘very successful’ when it works.

The individual is lured ‘to go somewhere on the internet, or a physical location’ where they are then ‘met by a friendly face.’

It does not give any examples of when the honey trap has been used by British agents, but the same slide also details how ‘paranoia’ can be heightened by changing a target’s photo on a social networking website – the slide reads ‘You have been warned JTRIG is about!’

A programme called ‘Royal Concierge’ took advantage of hotel reservation systems to track the  location of foreign diplomats and the slides encourage agents to monitor targets through ‘close access technical operations’.

It also suggests they question ‘Can we influence hotel choice? Can we cancel their visits?’

According to reports in Der Spiegel last year, British intelligence tapped the reservations systems of over 350 top hotels around the world for the past three years to set up the programme.

Using the GCHQ’s SIGINT (signal-intelligence) program it was used to spy on trade delegations, foreign diplomats, and other targets with a taste for the high life.

NBC news reported GCHQ would not comment on the newly published documents or on JTRIG’s operations.

In a statement it told them: ‘All of GCHQ’s work is carried out in accordance with a strict legal and policy framework,’ said the statement, ‘which ensure[s] that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All of our operational processes rigorously support this position.’

Read more:

Read more: http://www.dailymail.co.uk/news/article-2554529/British-spies-dirty-tricks-inc
luding-honey-traps-deleting-online-profiles-intimidate-trap-enemies-leaked-
Snowden-documents.html#ixzz2sl5Zkgnw

Follow us: @MailOnline on Twitter | DailyMail on Facebook

America’s Failing Grade on Cyber Attack Readiness

July 27, 2012

The man in charge of America’s cyber operations said that on a scale of one to 10, the nation’s preparedness to deal with a major cyber attack on critical infrastructure sits at a dismal three.

“Somebody who finds vulnerability in our infrastructure could cause tremendous problems,” Army Gen. Keith Alexander, Director of the National Security Agency and chief of U.S. Cyber Command, told audience members at the Aspen Institute’s annual security forum late Thursday, according to multiple reports. Alexander said that since 2009, attempted cyber attacks on the nation’s infrastructure systems have risen seventeen-fold.

“I’m worried most about power. I’m worried about water. I think those are the ones that need the most help,” he said.

By LEE FERRAN | ABC News

America's Failing Grade on Cyber Attack Readiness

Top current and former U.S. security officials have for years been decrying vulnerabilities in the computer networks of critical infrastructure industries from water treatment centers to electric power plants — largely facilities owned and operated by private entities. In his remarks, Alexander reportedly pushed for greater role of government, specifically the Department of Homeland Security, in regulating security measures across industries.

Two years ago, computer experts discovered Stuxnet, a cyber weapon of unprecedented power and complexity that was apparently designed to damage an Iranian nuclear facility. The worm had demonstrated what computer experts had long though possible but had never actually seen: computer code that was no longer confined to disrupting computer systems internally but could reach out and physically alter how a facility works, or potentially destroy it.

Before the worm was alleged to have been a creation of a joint U.S.-Israeli cyber operation, other U.S. officials quickly realized that such a powerful cyber tool may be turned on the homeland. In a Senate Homeland Security committee hearing in November 2010, committee chairman Joe Lieberman (D.-Connecticut) warned the worm could be used as a “blueprint” for other “malicious hackers.”

Richard Clarke, former White House counterterrorism advisor, cyber security expert and ABC News consultant, said in January that since Stuxnet was a “plug-and-play” worm, other hackers or foreign governments could take it, modify it and turn it against the U.S.

“You can take out certain components and put in others and you have a very powerful weapon that could be used against the electric power grid or any other system that has computers telling machines what to do,” he said. “The best cyber weapon in the world has been spread around for other people to have copies of… I think it’s very likely that somebody could do this.”

READ: Beware the Cyber Boomerang

Months later, the Department of Homeland Security revealed that the original Stuxnet worm did manage to infiltrate a computer system in the U.S., but since it was only tailored to hit the Iranian nuclear facility, it didn’t do any known damage to the American facility.

READ: When Stuxnet Hit the Homeland

Sean McGurk, a former DHS official who is now senior policy officer at the Industrial Controls Systems Information Sharing and Analysis Center, told a radio show in early June that he had already seen hackers modifying Stuxnet for their own uses. He also noted that as one of the most computer-reliant nations on the planet, the U.S. is also one of the most vulnerable.

“Because everything from elevators to prison doors are controlled by computers in our country, these systems lend themselves to manipulation and potentially to destruction,” he said.

Since Stuxnet’s discovery, cyber experts have found two other highly-sophisticated cyber weapons:Duqu, a cyber program built in the style of Stuxnet but for espionage rather than offensive operations, and Flame, the largest espionage program in history designed to capture any keystroke, image and conversation even near the infected system. Based on stunning similarities in the code of all three programs, researchers said they believe they were all created by either the same team, or at least teams of computer experts with access to each other’s original work.