Majority of Indian Army Cyber Breaches from Pen Drives and PowerPoint

Though Chinese and Pakistani hackers are a constant threat to India’s sensitive military information, restricting the use of pendrives and PowerPoint presentations is the key to preventing the cyber invasion against India according to Chief of Army Staff General Bikram Singh.

Analysis of Indian cyber breaches have shown that over 70 percent have been caused by the use of USB Pen drives. General Singh has also ordered that all sensitive war plan meetings be done paperless and that PowerPoint use is to be restricted.

The Indian military believes that doing this along with the standing practice of limiting military information leaked to social media sites will help keep the cyber invasion in check.

Last year the Indian army ordered all of its troops to remove their pictures and any military affiliation from social networking sites. This is a very good move, and one that I wish the United States would do with our troops. Social Engineering hackers are scanning these sites looking for military personal to target.

I have seen military personal post way too much military identifying information on their personal sites. This even includes members of our military cyber teams. And terrorist groups like the Taliban have been known to pose as attractive woman on social media sites to try to lure information out of allied soldiers.

Iran Practices Cyber Defense During Naval Drills

For the first time, Iranian Naval forces included a cyber attack scenario during maritime military drills. According to Iran’s Press TV, their Navy’s Cyber Defense group successfully detected and blocked a simulated attack against navy systems.

During six days of simulated naval defense drills, called Velayat 91, Iranian ships practiced defending coastal waters against suspected invasion tactics. Though not mentioned, the drills were obviously intended to give Iran’s navy practice against a possible attack by American warships.

But this year, the drills included a cyber war scenario putting their Naval Cyber Defense group through the paces. Iran’s Rear Admiral Amir Rastegari told reporters that during the drill, aggressive forces launched a cyber attack against the computer network of defensive forces in order to infiltrate the network and hack information or spread viruses.

According to Admiral Rastegari, the Navy’s Cyber Defense is tasked with monitoring all naval system and detects “all cyber infiltration and immediately takes necessary measures to counter them.“

And apparently the group successfully stop the simulated red team attack.

But after how successful Stuxnet was in the past, I am curious how well the group would do against a real American cyber attack. Especially attacks that would likely coincide with other forms of electronic warfare and include the full force of American sea, air and land units if we did invade.

China Copies, I mean Creates, a C-17 Transport Plane Clone – Was it Cyber Espionage?

China is working on a new transport plane dubbed the Y-20. The plane was supposedly developed by a joint program with Russia involving the Russian IL-76, but early photos show that it looks a lot more like the America C-17. Was the plans for the plane gained in Cyber Espionage attacks, or where they stolen the “Old Fashion Way”?

China’s Ministry of Defense spokesman Yang Yujun recently announced the development of the Y-20 heavy transport cargo plane. According to CNTV.cn The spokesman stated that “the advanced long-range aircraft is being developed to be used in disaster relief work and humanitarian emergency situations” and that “the research and development of the large transport aircraft is going forward as planned.”

Blurry photos of the Y-20 leaked on Christmas Eve to an aviation site seemed to bear a strong resemblance to the C-17:

Several of China’s new military toys seem to look a lot like their American counter-part. Some think this is due to the heavy cyber espionage campaign that China has waged against American military contractor sites and other allied design companies around the world.

So it would seem that the Y-20, like the new Russian stealth fighter, was made from plans stolen from American designers. Surprisingly though, it may not have been a case of cyber espionage in this instance. They actually could have been obtained the “Old-Fashioned” way.

Back in February 2008 Dongfan “Greg” Chung, an ex-Boeing engineer, was tried and convicted for economic espionage. Seems he had over 200,000 pages of sensitive pages in his home. The material included information about Boeing developed aerospace and defense technologies. These included documents about the Space Shuttle, Delta IV rocket and interestingly enough, the C-17 Globemaster troop transport.

Apparently the 78 year old Chinese born spy started pilfering American secrets in the 1970’s. It is amazing to me that China has been actively targeting our military secrets for that long!

2/3 of Britains believe they should Strike first in Cyber War – Would it Work?

A recent poll in the UK by the security company LogRhythm revealed that 65% think that Britain should pre-emptively strike countries that pose a cyber threat to the nation. And only 18% of those polled believed that pre-emptive strikes were unjustified.

Britain is hit by up to 1,000 cyber attacks per hour. These attacks are focusing on government sites, corporations, and even the country’s communication network. By why would such a large number believe that first strikes are the correct course of action?

According to the poll, the public in general seems to have lost faith that their private information can indeed be kept private. 41% polled believe that their data stored by companies or the government will be compromised by hackers. And these fears are not unjustified, especially with the rise of hacktivism. Hackers are constantly breaking into big name technology corporations and government sites worldwide and dumping databases to the public.

I agree in taking an offensive stance against cyber attacks. But one problem is the very anonymous nature of the internet. Being attacked in the cyber realm is not like facing another nation on the field of battle. Forces don’t form battle lines and approach in columns. There are no entrenched troops to strike and no supply lines to cut.

It is fairly trivial for a hacker to bounce his attacking traffic through several nations before it reaches the intended target. He could even be using a compromised server in an ally nation (or neutral country) to attack yours. How would you know which nation to strike back at?

Earlier this year a Pakistani hacker group attacked Israeli websites over the Gaza strikes. They changed Israeli DNS settings and pointed major Israeli websites to a defaced website – that was hosted in Texas!

The hacker group set up a server with a legitimate American server hosting company. When they made the DNS change, anyone who surfed to Israel’s Microsoft site or big name social media sites would end up at the server in Texas.

Of course, as soon as the US web hosting company was notified of what was going on, they moved to have the correct DNS settings restored and took down the hosted webpage. Oddly enough, for a short period of time though before it was complete taken down, the hosted website displayed a new message – “Pakistanis Suck!”

Another problem with hacktivism type attacks is that they seem to pull in other groups who respond in kind. So you may have one or two perform web defacements or SQL attacks, then in reprisal two or three other groups attack back in revenge. Which of course spurs more groups into the fray to respond with their own attacks.

Granted these are more nuisance types of attacks, but as Russia’s military is rumored to use the RBN to perform attacks, China or other nations could do the same. And they could be armed with more potent programs like Stuxnet, instead of those that just perform denial of service attacks.

A lot of cyber attacks and cyber espionage attempts do seem to originate from China. By far, China has the most internet users in the world. They have 10 times the users that the UK has and twice as many as the US. The scary part is that the US already has almost 80% of their population online. so far, China is only 40% connected…

At this point they could probably put up 5-10 very talented hackers for every one of ours. Maybe 100 or even 1000 to one for those just running script based attacks or using hacker programs.

Do we really want to get into a tit-for-tat battle with them?

Something must be done, and now. Any attacks against foreign nations would have to be covert. Chances our that allied forces already have a good hold on foreign networks and communication systems.

The US cyber command was formed from initial work by the NSA. According to Richard Clarke’s book “Cyber War: the next Threat to National Security” the NSA has already compromised many foreign networks:

“Although not authorized to alter data or engage in disruption and damage, NSA thoroughly infiltrated the Internet infrastructure outside the U.S. to spy on foreign entities.”

But the NSA did not have legal authority to actually attack in times of war. US military forces were folded in with the NSA to give it the legal authorization needed to attack foreign cyber space. Thus creating Cyber Command.

The US is allegedly the top in offensive cyber power, but obviously is far lacking in defense. The UK suffers from the same weakness. This past summer, Jonathan Evans, the head of MI5 claimed that one attack alone caused a London based company about $1.3 Billion.

The question is then, how do we perform critical pre-emptive offensive strikes without being crippled ourselves by a counter attack?