India, Belgium warn of Chinese attacks
Browsing Posts published on May 8, 2008
Excellent article, chronicling the surveillance debate from the mid 1980s until today. Don’t expect good coverage of the current debate, however: the legality of the NSA’s recent domestic eavesdropping program, and the legality of the assistance provided by the telcos.
Can the Linux community get over its “not invented here” ideology which has often hindered its ability to adopt technological improvements from outside sources? I keep saying myself, I hope so. But recent events have shown me that we have a long way to go until we become a culture of inclusion and not of [...]
[From Unixfication II]
Esther Schindler writes “CSO has an annotated, zoomable map of real botnet topologies showing shows the interconnections between the compromised computers and the command-and-control systems that direct them. The map is based on work by security researcher David Voreland; it has interactive controls so you can zoom in and explore botnets’ inner workings. Hackers use botnets for spamming, DDoS attacks and identity theft. One recent example is the Storm botnet, which may have comprised 1 million or more zombie systems at its peak. As with any networking challenge, there are good (resilient) designs and some not-so-good ones. In some cases the topology may be indicative of a particular botnet’s purpose, or of a herder on the run.”
[From What a Botnet Looks Like ]
This article first appeared in Aviation Week’s Ares Weblog.
President Bush publicly acknowledged that Syria has been doing something suspicious involving nuclear development and North Korea. Following his lead, other officials are quietly dropping clues about how Syrias suspicious facility was attacked.
The Israel Air Force’s stunning, undetected flight through Syria’s air defenses late last year — as part of a raid on a suspected nuclear facility — bears electronic fingerprints similar to those left in Baghdad by the U.S. in 1991 and 2003, say U.S. military and IT industry specialists.
The raid on Syria was winked at by the U.S. which also supplied some non-participatory support, they say.
The answer to the question of why the U.S. was involved is that “The Israelis can do things [within the region and Israel's political structure that] we sometimes can’t do,” says a senior U.S. Air Force official with long background in black operations. Syria’s construction of the facility and North Korea’s participation “was an area of concern for us as well, so there was some help provided in discussing vulnerabilities and providing other knowledge [of Syria's integrated air defenses and electrical grid]. What occurred, isn’t inconsistent with what happened in Iraq twice before.”
So what did the U.S. forces do in Iraq in 1991 and 2003 to confound air defenses, communications and the ability to command forces in the field?
Read the rest of this story, see pics of Marine LAVs getting busy and get inside a big ‘ole helo gaggle from our good friends at Aviation Week on Military.com.
China is well known for its global cyber espionage efforts. And while the United States has received most of the media attention given to cyber attacks, we are not the only ones dealing with this issue. India is now pointing the finger at China, claiming they have systematically launched a series of attacks on sensitive information systems and networks of Indian agencies. India rapidly responded and now has cyber-security forces down to the division-level to guard against cyber wars. But is that really enough given China’s stated ambitions?
China’s Cyber Warfare Doctrine is designed to achieve global “electronic dominance” by 2050 which would include the capability of disruption of the information infrastructure of their enemies. This doctrine includes strategies that would disrupt financial markets, military and civilian communications capabilities as well as other parts of the enemy’s critical infrastructure prior to the initiation of traditional military operations. With all the attacks that have been attributed to China, there has to be significant intelligence out there about techniques, cyber weapons and strategies that have been used in these cyber assaults. The proliferation of China’s cyber capabilities will be the topic of a Congressional hearing in DC on May 20th. This hearing will examine “China’s Proliferation Practices and the Development of its Cyber and Space Warfare Capabilities.”
Military and intelligence sources have known that Chinese cyber forces have developed these detailed plans for cyber attacks against the United States and others. It is believed that the plans for such an attack were drawn under the direction of the People’s Liberation Army (PLA).
China has a significant cyber weapons and intelligence infrastructure in place today. What is alarming is not only do they have the intent, but they have the money. Beijing has the world’s second or third largest defense budget depending on where you look for the numbers. Their military budget has been on the rise at 10 percent or more a year for over a decade. This, as well as the attacks, are evidenced by their cyber operational ability to scan, acquire nodes for their growing botnet as well as the continued sophisticated assaults on defense information systems in the US, Germany, UK and India. In addition, in April 2007, Sami Saydjari, who has worked on cyber defense systems for the Pentagon since the 1980s, told Congress: “The situation is grave, with nation-states such as China developing serious offensive capabilities.”
Recent attacks on the United States and India have brought this threat to the forefront. While diplomatic efforts to address these attacks have been initiated, virtually no progress has been made, according to individuals close to the issue. The following information has been provided by Spy-Ops and represents their assessment of China’s current cyber capabilities.
China People’s Liberation Army (PLA)
Military Budget: $62 Billion USD
Global Rating in Cyber Capabilities: Number Two
Cyber Warfare Budget: $55 Million USD
Offensive Cyber Capabilities: 4.2 (1 = Low, 3 = Moderate and 5 = Significant)Cyber Weapons Arsenal:
In Order of Threat — Large, advanced BotNet for DDos and espionage
Electromagnetic pulse weapons (non-nuclear)
Compromised counterfeit computer hardware
Compromised computer peripheral devices
Compromised counterfeit computer software
Zero-day exploitation development framework
Advanced dynamic exploitation capabilities
Wireless data communications jammers
Computer viruses and worms
Cyber data collection exploits
Computer and networks reconnaissance tools
Embedded Trojan time bombs (suspected)
Compromised microprocessors & other chips (suspected)
Cyber Weapons Capabilities Rating: Advanced
Cyber force Size: 10,000 +
Broadband Connections: More than 55 million
China’s Hacker Community: Honker Union, Red Hackers Alliance (The 5th largest hacking organization in the world.)
China’s Software Industry: In Q1 2007, the software industry RMB 96.7 billion with a year-on-year increase of 26.9%.In Q1 2008, China recorded RMB 144.36 billion in software industry sales revenue, up sharply year-on-year.
From all this information one can only conclude that China has the intent and technological capabilities necessary to carry out a cyber attack anywhere in the world at any time. Nations around the world can no longer ignore the advanced threat that China’s cyber warfare capabilities may have today and the ones they aspire to have in the near future. Just recently Belgian justice minister, Jo Vandeurzen, claimed that attacks against the Belgian Federal Government originated from China and are most likely sanctioned by Beijing. The Belgian minister of foreign affairs, Karel De Gucht, told their parliament that his ministry is the subject of cyber-espionage by Chinese cyber agents. This is just the tip of the iceberg. Spy-Ops believes that an estimated 140 countries will be working on their cyber weapons by the end of 2008 and that in the next five years we will see countries and extremist groups jockeying for cyber supremacy.
[From China's Cyber Forces]
The F-117 Nighthawk — the U.S. Air Force’s greatly touted stealth attack aircraft — is gone. At least, we think it’s gone — can one really be certain with a stealth airplane? The aircraft, which won combat honors during operations over Panama, Serbia, and Iraq, was officially retired in late April after a 27-year service life.
“It was a mistake to retire them,” said Dr. Richard Hallion, former historian of the Air Force and special assistant to that service’s secretary. Hallion explained to this writer that the large number of F-16 and F-15 fighter-type aircraft flown by the Air Force are not stealthy and the number of F-22 Raptors, which do have stealth characteristics, are too few in number to meet the U.S. need for low-observable strike aircraft.
Cited by the Air Force as the world’s first operational aircraft designed to exploit low observable — stealth — technology, the F-117A entered service in 1982. Through 1990 Lockheed built 59 aircraft at a Burbank facility.
The F-117 first flew in combat during the U.S. invasion of Panama in 1989 that led to the capture of dictator Manuel Noriega. F-117s were also flown in the air campaign over Serbia in 1999, and were among the first aircraft to strike targets in the Persian Gulf War in 1991 and in the invasion of Iraq in 2003.
One F-117 was shot down by Serbian anti-aircraft fire on 27 March 1999. Serbian forces launched Soviet-provided “Neva-M” missiles (NATO designation SA-3 Goa) to down the F-117A serial number 82-806. The pilot ejected after the aircraft was struck and was subsequently rescued by Allied forces.
According to then-NATO commander General Wesley Clark and other NATO officials, Serbian air defenses found that they could detect F-117s with their radars operating on unusually long wavelengths. This made the aircraft visible by radars for short times.
The wreckage of the F-117 was not immediately bombed due to possible media fallout from news footage showing civilians around the wreckage. The Serbs were believed to have invited Russian personnel to inspect the remains, inevitably compromising the U.S. stealth technology.
Some of the wreckage is reportedly on display at the Museum of Yugoslav Aviation close to Belgrade’s Nikola Tesla Airport.
During the 1991 air campaign against Iraq, the F-117 was the only coalition aircraft to fly over Baghdad. (The Navy’s ship-launched Tomahawk cruise missiles also “flew” over Saddam’s capital city.)
F-117s flew combat missions only at night, hence their name Nighthawk.
The F-117 was born at the Lockheed “Skunk Works” in Burbank, California, the same design facility that produced the ultra-secret U-2 and SR-71 spyplanes. A production decision was made in 1978 and the first flight was made on 18 June 1981. The single-seat F-117’s low-observable characteristics were derived from both its bat-like shape, with twin turbofan engines “buried” in the “boxy” fuselage. Capable of in-flight refueling, in 1992 F-117s flew non-stop from Holloman Air Force Base in New Mexico, to Kuwait, a flight of approximately 18-1/2 hours — a record for single-seat fighters that still stands.
Although designated as a “fighter,” the F-117 had no air-to-air capabilities. It was an attack aircraft that could carry some 4,000 pounds of bombs or missiles in an internal weapons bay.
The first F-117s were retired in December 2006. The surviving aircraft will be stored in hangars at a secret location in Nevada. Their special storage is based on retaining the secrecy of their special features rather than any consideration of someday reactivating the planes.
OpenSolaris: Excellent OS but is the license holding it back?
[From OpenSolaris Just Wants to be Free]
Attackers can exploit a hole in one of the components of the widely used WonderWare range of SCADA systems to deny service.
[From Denial of service hole in WonderWare SCADA systems]
