The New York Times quotes unnamed US officials as acknowledging that the US "military planners suggested a far narrower computer-network attack to prevent Pakistani radars from spotting helicopters carrying Navy Seal commandos on the raid that killed Osama bin Laden on May 2." It says the idea of cyber attack on Pakistani air defense system was dropped, and radar-evading Black Hawk helicopters and stealthy RQ-170 Sentinel surveillance drone were instead used to for the raid in the Pakistani town of Abbottabad. The CIA spied on Osama bin Laden’s compound in Pakistan by video transmitted from a new bat-winged stealth drone, the RQ-170 Sentinel, which hovered high above Abbottabad for weeks before the raid. There are speculations that the US might be doing such aerial surveillance in other parts of Pakistan, particularly on Pakistan's nuclear installations.
Recently, officials at Creech Air Force Base in Nevada acknowledged a virus infecting the drone “cockpits” there, according to Wired magazine. The source of the virus has not been identified. Back in 2009, the Wall Street Journal reported that militants in Iraq used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they needed to evade or monitor U.S. military operations.

At the 2009 World Economic Forum, the U.S.-based security software firm McAfee's CEO Dave Walt reportedly told some attendees that China, the United States, Russia, Israel and France are among 20 countries locked in a cyberspace arms race and gearing up for possible Internet hostilities. He further said that the traditional defensive stance of government computer infrastructures has shifted in recent years to a more offensive posture aimed at espionage, and deliberate disruption of critical networks in both government and private sectors. Such attacks could disrupt not only command and control for modern weapon systems such as ballistic missiles, but also critical civilian systems including banking, electrical grid, telecommunications, transportation, etc, and bring life to a screeching halt.
In a Sept 2010 report, the Wall Street Journal quoted cyber security specialists saying that "many countries including the U.S., Russia, China, Israel, the U.K., Pakistan, India and North and South Korea have developed sophisticated cyber weapons that can repeatedly penetrate and have the ability to destroy computer networks".
Last year, Chinese hackers apparently succeeded in downloading source code and bugs databases from Google, Adobe and dozens of other high-profile companies using unprecedented tactics that combined encryption, stealth programming and an unknown hole in Internet Explorer, according to new details released by the anti-virus firm McAfee and reported by Wired magazine. These hack attacks were disguised by the use of sophisticated encryption, and targeted at least 34 companies in the technology, financial and defense sectors, exploiting a vulnerability in Adobe’s Reader and Acrobat applications.
While the Chinese cyber attacks on US and India often get wide and deep coverage in the western media, a lower profile, small-scale cyber warfare is also raging in the shadows between India and Pakistan, according to some reports. These reports indicate that around 40-50 Indian sites are being attacked by Pakistani hackers on a daily basis whereas around 10 Pakistani sites are being hit by their Indian counterparts.
Here is how Robert X. Cringeley described the potential effects of full-scale India-Pakistan cyber war in a June 2009 blog post captioned "Collateral Damage":
"Forget for the moment about data incursions within the DC beltway, what happens when Pakistan takes down the Internet in India? Here we have technologically sophisticated regional rivals who have gone to war periodically for six decades. There will be more wars between these two. And to think that Pakistan or India are incapable or unlikely to take such action against the Internet is simply naive. The next time these two nations fight YOU KNOW there will be a cyber component to that war.
And with what effect on the U.S.? It will go far beyond nuking customer support for nearly every bank and PC company, though that’s sure to happen. A strategic component of any such attack would be to hobble tech services in both economies by destroying source code repositories. And an interesting aspect of destroying such repositories — in Third World countries OR in the U.S. — is that the logical bet is to destroy them all without regard to what they contain, which for the most part negates any effort to obscure those contents."
Coming back to the US, it is no secret that the Pentagon and the CIA have increasingly been using America's significant technology edge for war fighting in many parts of the world in recent years. One example is the growing fleet of the remotely controlled stealthy drones being deployed in Afghanistan, Pakistan, Iraq, Yemen and elsewhere for espionage and attacks. Among other new developments, the modern drone is just one of the ways to fight wars covertly in remote places at low cost to America in terms of dollars and casualties, often without so munch as declaring such wars.
The Pentagon now has some 7,000 UAVs, compared with fewer 50 just 10 years ago. The US Air Force is now anticipating a decrease in manned aircraft but expects its number of “multirole” aerial drones like the Reaper — the ones that spy as well as strike — to nearly quadruple, to 536, according to NY Times. Already the Air Force is training more remote pilots, 350 this year alone, than all of the fighter and bomber pilots combined.
The covert nature of drone warfare is particularly true outside Afghanistan and Iraq which are declared wars. In Pakistan, for instance, the secret war is being fought by the CIA, an intelligence agency, not the American military. This war is not even publicly acknowledged by the US administration, and it's a clear violation of international laws and all conventions of war.
The US politicians, spies and generals seem to be calculating that the American people would be more willing to support such wars if they don't bust the US budget and result in as few American body bags as possible. However, this calculation ignores the basic fact that most international conflicts, including terrorism, are essentially political in nature, and must be solved by political rather than the military means.
Related Links:
Haq's Musings
Cyber Attacks in India, Pakistan and China
Nature of Future India-Pakistan Warfare
ITU Internet Access Data by Countries
Foreign Origin of India's Agni Missiles
Pakistan's Space Capabilities
Seeing Bin Laden's Death in Wider Perspective
Pakistan's Multi-Billion Dollar IT Industry
John Arquilla: Go on the Cyberoffensive
Pakistan Defense Industry Going High Tech
India-Pakistan Military Balance
21st Century High Tech Warfare
27 comments:
However, this calculation ignores the basic fact that most international conflicts, including terrorism, are essentially political in nature, and must be solved by political rather than the military means.
Absolutely!This is why there should be a political solution of dismantling Afghanistan the northern part needs to merge with Tajikistan,Uzbekistan and the PAshtun part needs to merge with NWFP and decleared Pashtoonistan with all pashtoons living in Karachi etc being forcefully repatriated so that we have a semblance of a funtioning country.
But who will do this Obama?Zardari?
I am afraid Pakistan is destined to be unstable for much of this decade!!:(
Karzai says Afghans will support Pakistan if US attacks, reports the Wall Street Journal:
KABUL—America's latest attempts to strengthen its relationship with Afghan President Hamid Karzai received an unexpected jolt over the weekend, as the Afghan leader said he would back Pakistan if it went to war with the U.S.
"God forbid, if any war took place between Pakistan and the United States, we will stand by Pakistan," Mr. Karzai said an interview broadcast Saturday on Pakistan's Geo television network. "If Pakistan is attacked and if the people of Pakistan needed Afghanistan's help, Afghanistan will be there with you."
The prospects for a U.S. war with Pakistan are remote, and Mr. Karzai's comments were viewed by some Afghan and Western officials in Kabul as a poorly executed effort to blunt his recent angry comments about Pakistan's support for Afghan insurgent groups.
"This is not about war with each other," said Gavin Sundwall, spokesman for the U.S. Embassy in Kabul. "This is about a joint approach to a threat to all three of our countries."
On Sunday, Shaida Mohammad Abdali, Mr. Karzai's deputy national security adviser, said the president's comments had been taken out of context and didn't reflect a change in Afghan policy in the region.
"I think the president's remarks have been blown up without looking at the real context of the message he was trying to convey," he said. "It is a 50 minute-long interview. Of course one or two sentences can't speak for a 50 minute-long interview on a specific subject."
Meanwhile, Mr. Karzai's comments came as a surprise to some Western officials in Kabul, who were heartened by the success of last week's visit by U.S. Secretary of State Hillary Clinton.
In the past, Mr. Karzai has alienated his Western allies with comments suggesting that he might side with the Taliban, or that America could come to be seen as an occupier if its forces didn't stop killing Afghan civilians.
Mr. Karzai's latest remarks struck a nerve with some Afghan and Western officials in Kabul who were reminded of the president's penchant for criticizing the U.S.-led coalition that supports and funds his government.
"It was totally careless, unnecessary and, yes, irresponsible," said one Afghan official. "He hasn't pleased anyone except, maybe, a few Pakistani generals."
American officials said, however, that Mr. Karzai's remarks wouldn't overshadow Mrs. Clinton's visit. Mr. Karzai and Mrs. Clinton were united during her trip in demanding that Pakistan stop supporting the Taliban and other Afghan insurgent groups.
Relations between Afghanistan and Pakistan have vacillated over the past year between spells of political chill and attempts at a rapprochement.
Mr. Karzai and the U.S. have sought to pressure Pakistan in recent weeks to clamp down on the Haqqani insurgent network suspected of staging a series of deadly attacks on American and Afghan targets.
Afghan officials also accused Pakistan's spy agency of involvement in last month's assassination of Burhanuddin Rabbani, the former Afghan president who had been leading the country's peace entreaties to the Taliban. Pakistan denied these accusations.
Earlier this month, Mr. Karzai flew to New Delhi to sign a strategic agreement with Pakistan's archenemy India. The move angered Pakistani officials, who viewed it as political provocation...
http://online.wsj.com/article/SB10001424052970203911804576648971550801968.html
Here's a Guardian story on nuclear weapons spending by several nations including India and Pakistan:
..For several countries, including Russia, Pakistan, Israel and France, nuclear weapons are being assigned roles that go well beyond deterrence, says the report. In Russia and Pakistan, it warns, nuclear weapons are assigned "war-fighting roles in military planning".
The report is the first in a series of papers for the Trident Commission, an independent cross-party initiative set up by Basic. Its leading members include former Conservative defence secretary Sir Malcolm Rifkind, former Liberal Democrat leader and defence spokesman Sir Menzies Campbell and former Labour defence secretary Lord Browne.
--------
Pakistan and India, it warns, appear to be seeking smaller, lighter nuclear warheads so they have a greater range or can be deployed over shorter distances for tactical or "non-strategic" roles. "In the case of Israel, the size of its nuclear-tipped cruise missile enabled submarine fleet is being increased and the country seems to be on course, on the back of its satellite launch rocket programme, for future development of an inter-continental ballistic missile (ICBM)," the report notes.
A common justification for the new nuclear weapons programmes is perceived vulnerability in the face of nuclear and conventional force development elsewhere. For example, Russia has expressed concern over the US missile defence and Conventional Prompt Global Strike programmes. China has expressed similar concerns about the US as well as India, while India's programmes are driven by fear of China and Pakistan.
Pakistan justifies its nuclear weapons programme by referring to India's conventional force superiority, the report observes.
In a country-by-country analysis, the report says:
• The US is planning to spend $700bn on nuclear weapons over the next decade. A further $92bn will be spent on new nuclear warheads and the US also plans to build 12 nuclear ballistic missile submarines, air-launched nuclear cruise missiles and bombs.
• Russia plans to spend $70bn on improving its strategic nuclear triad (land, sea and air delivery systems) by 2020. It is introducing mobile ICBMs with multiple warheads, and a new generation of nuclear weapons submarines to carry cruise as well as ballistic missiles. There are reports that Russia is also planning a nuclear-capable short-range missile for 10 army brigades over the next decade.
• China is rapidly building up its medium and long-range "road mobile" missile arsenal equipped with multiple warheads. Up to five submarines are under construction capable of launching 36-60 sea-launched ballistic missiles, which could provide a continuous at-sea capability.
-----------
• Pakistan is extending the range of its Shaheen II missiles, developing nuclear cruise missiles, improving its nuclear weapons design as well as smaller, lighter, warheads. It is also building new plutonium production reactors.
• India is developing new versions of its Agni land-based missiles sufficient to target the whole of Pakistan and large parts of China, including Beijing. It has developed a nuclear ship-launched cruise missile and plans to build five submarines carrying ballistic nuclear missiles..
http://www.guardian.co.uk/world/2011/oct/30/nuclear-powers-weapons-spending-report?INTCMP=SRCH
Here's a report in The Hill on Ron Paul's criticism of US policy in Pakistan:
GOP presidential hopeful Ron Paul said Sunday that the U.S. military is inciting a civil war in Pakistan.
The Texas Republican said the civilian casualties resulting from the Pentagon's drone attacks over Pakistan and other countries only create more enemies at the expense of homeland security.
"Sometimes they miss and sometimes there's collateral damage. And every time we do that, we develop more enemies," Paul said on Fox News Sunday.
"We're dropping a lot of drone missile/bombs in Pakistan and claim we've killed so many, but how about the innocent people [who have] died? Nobody hears about that. This is why the people of Pakistan can't stand our guts and why they disapprove of their own government," he said.
"We're bombing Pakistan and trying to kill some people, making a lot of mistakes, building up our enemies, at the same time we're giving billions of dollars to the government of Pakistan," he added. "We're more or less inciting a civil war there, so I think that makes us less safe.
"For everyone you kill, you probably create 10 new people who hate our guts and would like to do us harm."
The eight-term Republican reiterated his calls for a $1 trillion cut in federal spending in year one if he reaches the White House, and rejected the notion that those reductions could undermine the country if programs like medical research and development (R&D) are eliminated.
"If you take all these resources out of the hands of the government, that doesn't mean the money isn't going to be spent. It means that the individuals are going to be spending it," he said.
"You would have much more R&D and it would be better directed if investors and the market makes these decisions, because believe me, the politicians and the bureaucrats aren't smart enough to know what you should be investing in."
Paul also weighed in on the sexual harassment allegations dogging fellow-GOP presidential contender Herman Cain, saying the focus on the scandal "dilutes the real debate."
"The media's blown that way out of proportion," Paul said. "I don't like these distractions."
http://thehill.com/blogs/blog-briefing-room/news/192023-ron-paul-us-is-inciting-civil-war-in-pakistan
Guardian report on yet another innocent victim of US drone attacks in Pakistan:
Last Friday, I met a boy, just before he was assassinated by the CIA. Tariq Aziz was 16, a quiet young man from North Waziristan, who, like most teenagers, enjoyed soccer. Seventy-two hours later, a Hellfire missile is believed to have killed him as he was travelling in a car to meet his aunt in Miran Shah, to take her home after her wedding. Killed with him was his 12-year-old cousin, Waheed Khan.
Over 2,300 people in Pakistan have been killed by such missiles carried by drone aircraft such as the Predator and the Reaper, and launched by remote control from Langley, Virginia. Tariq and Waheed brought the known total of children killed in this way to 175, according to statistics maintained by the organisation I work for, the Bureau of Investigative Journalism.
The final order to kill is signed allegedly by Stephen Preston, the general counsel at the CIA headquarters. What evidence, I would like to know, does Mr Preston have against Tariq and Waheed? What right does he have to act as judge, jury and executioner of two teenage boys neither he nor his staff have ever met, let alone cross-examined, or given the opportunity to present witnesses?
It is not too late to call for a prosecution and trial of whoever pushed the button and the US government officials who gave the order: that is, Mr Preston and his boss, President Barack Obama.
There are many people whom I know who can appear as witnesses in this trial. We – a pair of reporters, together with several lawyers from Britain, Pakistan and the US – met the victim and dozens of other young men from North Waziristan for dinner at the Margalla hotel in Islamabad on Thursday 27 October. We talked about their local soccer teams, which they proudly related were named for Brazil, New Zealand and other nations, which they had heard about but never visited.
The next morning, I filmed young Tariq walking into a conference hall to greet his elders. I reviewed the tape after he was killed to see what was recorded of some of his last moments: he walks shyly and greets the Waziri elders in the traditional style by briefly touching their chests. With his friends, he walks to a set of chairs towards the back of the hall, and they argue briefly about where each of them will sit. Over the course of the morning, Tariq appears again in many photographs that dozens of those present took, always sitting quietly and listening intently.
Tariq was attending a "Waziristan Grand Jirga" on behalf of drone strike victims in Pakistan, which was held at the Margalla hotel the following day. As is the Pashtun custom, the young men, each of whom had lost a friend or relative in a drone strike, did not speak. For four hours, the Waziri elders debated the drone war, and then they listened to a resolution condemning the attacks, read out by Mirza Shahzad Akbar, a lawyer from the Foundation for Fundamental Rights. The group voted for this unanimously.
Neil Williams, a volunteer from Reprieve, the British legal charity, sat down and chatted with Tariq after the jirga was over. Together, they traveled in a van to the Pakistani parliament for a protest rally against drone strikes led by Imran Khan, a former cricketer, and now the leader of the Tehreek-e-Insaaf political party.
The next day, the group returned home to Waziristan. On Monday, Tariq was killed, according to his uncle Noor Kalam.
The question I would pose to the jury is this: would a terrorist suspect come to a public meeting and converse openly with foreign lawyers and reporters, and allow himself to be photographed and interviewed? More importantly, since he was so easily available, why could Tariq not have been detained in Islamabad, when we spent 48 hours together? ....
http://www.guardian.co.uk/commentisfree/cifamerica/2011/nov/07/cia-unaccountable-drone-war
Here are some excerpts of NY Times on the killing of 24 Pakistani soldiers by NATO:
The question now, as one senior American official put it on Sunday, is “what kind of resilience is left” in a relationship that has sunk to new lows time after time this year — with the arrest in January of a C.I.A. officer, Raymond Davis, the killing of Osama bin Laden in May and the deaths of so many Pakistani soldiers.
In each of those cases, Pakistan had reason to feel that the United States had violated its sovereignty. Even if circumstances on the ground justified the American actions, they have nonetheless made it difficult to sustain political support inside Pakistan for the strategic cooperation that both countries acknowledge is vital to winning the war in Afghanistan. “Imagine how we would feel if it had been 24 American soldiers killed by Pakistani forces at this moment,” Senator Richard J. Durbin, Democrat from Illinois, said on “Fox News Sunday.” The rift is one result of the United States’ two-pronged strategy in Afghanistan, which relies on both negotiating and fighting to end the war.
-------------
Just last Friday, Pakistan’s military commander, Army Gen. Ashfaq Parvez Kayani, met Gen. John R. Allen, the commander of coalition forces in Afghanistan, in Rawalpindi to discuss “measures concerning coordination, communication and procedures” between the Pakistan Army, the NATO-led International Security Assistance Force and the Afghan Army, “aimed at enhancing border control on both sides,” according to a statement by the Pakistani military.
“Then you have an incident that takes us back to where we were before her visit,” said Vali Nasr, a former deputy to the administration’s regional envoy, Richard C. Holbrooke, and now a professor at Tufts University.
The problem, Mr. Nasr said, is that the United States effectively has not one but two strategies for winning the war in Afghanistan.
While the State Department and the White House believe that only a negotiated political solution will end the war, American military and intelligence commanders believe that they must maximize pressure on the Taliban before the American military withdrawal begins in earnest before 2014. The military strategy has led to the intensified fighting in eastern Afghanistan along the border with Pakistan, increasing tensions. A major offensive last month involving 11,000 NATO troops and 25,000 Afghan fighters in seven provinces of eastern Afghanistan killed or captured hundreds of extremists, many of them using Pakistan as a base.
http://www.nytimes.com/2011/11/28/world/asia/pakistan-and-united-states-bitter-allies-in-fog-of-war.html
"A cyber warfare expert claims he has linked the Stuxnetcomputer virus that attacked Iran's nuclear program in 2010 toConficker, a mysterious "worm" that surfaced in late 2008 and infected millions of PCs."
http://news.yahoo.com/insight-did-conficker-worm-help-sabotage-irans-nuke-061355305.html
Insight: Did Conficker help sabotage Iran's nuke program?
Here's WSJ excerpts on Iran shooting down American stealth drone RQ-170 Sentinel also used in bin Laden raid in Pakistan:
WASHINGTON—Iran said on Sunday that it shot down a U.S. stealth drone near the country's eastern border, but U.S. officials in Afghanistan said the craft could instead be an unmanned reconnaissance plane that veered off course and crashed last week.
Iran's official Islamic Republic News Agency quoted a military official who said Tehran had downed an RQ-170 Sentinel, the U.S. Air Force's stealth drone.
U.S. and NATO officials wouldn't say what kind of American drone had disappeared, but U.S. officials said there was no indication that the aircraft had been shot down by the Iranians. One American official said the drone likely suffered from a mechanical failure.
American officials said they believe that after the remote pilots lost control of the aircraft, the drone crashed in an unknown location.
On Sunday afternoon, the North Atlantic Treaty Organization's command in Afghanistan said the Iranians may have been referring to an unmanned craft lost while flying a mission over western Afghanistan "late last week."
---------------
The RQ-170 Sentinel was the type of stealth drone used to conduct surveillance on the compound used by Osama bin Laden in Abbottabad, Pakistan, before the May raid by Navy SEAL commandos that killed the al Qaeda leader.
-----------
Defense analysts have speculated in the past that the Sentinel, built by Lockheed Martin Corp., was based in Afghanistan not just to conduct secret missions into Pakistan but also for surveillance of Iranian military sites.
The stealth drone was originally part of the Air Force's classified fleet and its existence was officially denied.
But the service now makes available a fact sheet about the aircraft.
The drone is a wing-shaped aircraft, like the stealth bomber, a design that is supposed to make it less visible to radar.
The number of Sentinels that the Air Force operates remains a closely guarded secret.
The "RQ" designation is used for unarmed drones, such as the RQ-4 Global Hawk. But some analysts have said the U.S. might try to arm the airframe at some point in the future.
Iran claims to have its own fleet of unarmed drones, but U.S. officials question Tehran's ability to conduct even short-range reconnaissance with unmanned aircraft.
http://online.wsj.com/article/SB10001424052970204770404577078160095550518.html
Kudos to Iran's EW capabilities.
Iranian TV has shown the first video footage of an advanced US drone aircraft that Tehran says it downed 140 miles (225km) from the Afghan border.
Images show Iranian military officials inspecting the RQ-170 Sentinel stealth aircraft which appears to be undamaged.
US officials have acknowledged the loss of the unmanned plane, saying it had malfunctioned.
However, Iranian officials say its forces electronically hijacked the drone and steered it to the ground.
BBC security correspondent Frank Gardner says the intact condition of the Sentinel tends to support their claim.
Iran's Press TV said that the Iranian army's "electronic warfare unit" brought down the drone on 4 December as it was flying over the city of Kashmar.
Brig General Amir-Ali Hajizadeh, head of Iran's Revolutionary Guards' aerospace unit, told Iranian media that the drone "fell into the trap" of the unit "who then managed to land it with minimum damage".
He said Iran was "well aware of what priceless technological information" could be gleaned from the aircraft.
Nato said at the weekend that an unarmed reconnaissance aircraft had been flying a mission over western Afghanistan late last week when its operators lost control of it.
Pentagon officials have said they are concerned about Iran possibly acquiring information about the technology.
Iranian media said on Thursday that the foreign ministry had summoned the Swiss envoy to express its "strongest protest over the invasion of a US spy drone deep into its airspace".
Washington has no diplomatic relations with Iran and US affairs in the country are dealt with via the Swiss embassy in Tehran.
http://www.bbc.co.uk/news/world-middle-east-16098562
US Council on Foreign Relation elevates risk of conflict with Pakistan in 2012, according to AFP:
WASHINGTON: A conflict with Pakistan, the euro crisis, and a political instability in Saudi Arabia and have emerged as top potential threats facing the United States in 2012, an influential think-tank said Friday.
The Council on Foreign Relation’s Center for Preventive Action anonymously surveyed US officials and experts to compile an annual list of the most plausible conflicts for the United States in the new year.
The 2012 list elevated several contingencies to the top tier of risks: a US conflict with Pakistan prompted by an attack or counter-terrorism operation; an intensified euro crisis, which could plunge the United States back into recession; and a Saudi instability, which would threaten global oil supplies.
Threats that remained at the top of the list from last year included a potential incident between the United States and China, internal instability in Pakistan, intensified nuclear crises with Iran or North Korea, and a spillover of drug-related violence from Mexico.
Micah Zenko, a fellow at the Council on Foreign Relations who focuses on conflict resolution, said that the survey was designed to fill a gap as the US government has a poor record forecasting future instability and conflict.
“It is a perennial problem to get policymakers to focus on future challenges when dealing with the tyranny of the inbox,” Zenko said, referring to the overwhelming flow of messages.
“But in an age of austerity it has never been more important to forecast, prevent or mitigate plausible contingencies that could result in an expensive and long-lasting US military involvement,” he said.
The survey elevated the risk of conflict with Pakistan amid high tensions in 2011 following the US operation that killed Osama bin Laden. But the think-tank removed the potential for military escalation between Pakistan and arch-rival India from the top tier of risks.
The survey also added Bahrain as a “tier-two” risk to the United States, citing fears that growing instability in the Sunni-ruled kingdom could spur fresh military action by Saudi Arabia or Iran.
Other risks that were downgraded or removed from last year included:
- Intensified military conflict between Sudan and South Sudan.
- Renewed military conflict between Russia and Georgia.
- Violent instability in Thailand.
- Violent instability in Myanmar.
- A succession crisis in Zimbabwe.
http://tribune.com.pk/story/304332/conflict-with-pakistan-among-top-potential-threats-for-us-in-2012-report/
Iran guided the CIA's "lost" stealth drone to an intact landing inside hostile territory by exploiting a navigational weakness long-known to the US military, according to an Iranian engineer now working on the captured drone's systems inside Iran, reports Christian Science Monitor.
Iranian electronic warfare specialists were able to cut off communications links of the American bat-wing RQ-170 Sentinel, says the engineer, who works for one of many Iranian military and civilian teams currently trying to unravel the drone’s stealth and intelligence secrets, and who could not be named for his safety.
Using knowledge gleaned from previous downed American drones and a technique proudly claimed by Iranian commanders in September, the Iranian specialists then reconfigured the drone's GPS coordinates to make it land in Iran at what the drone thought was its actual home base in Afghanistan.
"The GPS navigation is the weakest point," the Iranian engineer told the Monitor, giving the most detailed description yet published of Iran's "electronic ambush" of the highly classified US drone. "By putting noise [jamming] on the communications, you force the bird into autopilot. This is where the bird loses its brain."
The “spoofing” technique that the Iranians used – which took into account precise landing altitudes, as well as latitudinal and longitudinal data – made the drone “land on its own where we wanted it to, without having to crack the remote-control signals and communications” from the US control center, says the engineer.
------------
Western military experts and a number of published papers on GPS spoofing indicate that the scenario described by the Iranian engineer is plausible.
"Even modern combat-grade GPS [is] very susceptible” to manipulation, says former US Navy electronic warfare specialist Robert Densmore, adding that it is “certainly possible” to recalibrate the GPS on a drone so that it flies on a different course. “I wouldn't say it's easy, but the technology is there.”
In 2009, Iran-backed Shiite militants in Iraq were found to have downloaded live, unencrypted video streams from American Predator drones with inexpensive, off-the-shelf software. But Iran’s apparent ability now to actually take control of a drone is far more significant.
http://www.csmonitor.com/World/Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-says-Iranian-engineer
Pakistan is turning away from the West and looking East, reports RT.com:
...
(Dai Bingguo) visit came shortly after Beijing and Islamabad finalized a $1.6 billion currency swap agreement which will allow the two countries to boost their trade relations and decrease the involvement of the dollar. Currently China-Pakistan trade stands at $10 billion a year, but Dai has called for that figure to be increased to $15 billion over the next three to four years.
China is strengthening its role as a regional leader, and Pakistan is among key targets for Beijing’s influence building strategy. It is investing in a number of big construction projects in the country, including the Karakorum Highway and Gwadar Port, both of which will improve China’s transport links with energy-rich Gulf nations. It will also help Pakistan develop its nuclear power industry.
The Chinese army also regularly performs joint war games with Pakistani forces. Islamabad is seeking China’s military support against its long-time rival, India, while China needs a stable and well-defended Pakistan to stop any future incursion into its territory of extremists from volatile Afghanistan.
The visit comes as Pakistan distances itself from its long-time strategic ally, the US. The year 2011 was a difficult one for relations between Islamabad and Washington, with a number of incidents contributing to the deterioration. The downward spiral started in January when a CIA contractor killed two men but later evaded punishment because families of the victims were paid blood money. The case caused anger in Pakistan when the US said the perpetrator had diplomatic immunity and demanded his release.
In May, US commandos raided Pakistan’s territory and killed Osama bin Laden, who had been living in the country for several years. Islamabad was given no warning of the operation, which angered the Pakistani military. Washington said if it had informed Pakistan’s government in advance, the Al-Qaeda leader would have been alerted, enabling him to escape.
In November, a US air strike on a Pakistani border post killed 24 troops who were mistaken for Taliban militants. It took the Pentagon a month to reluctantly admit their part of the blame for the deadly mistake and offer apologies. However, the Pakistani military do not appear to consider the case closed.
The Americans also have their share of grudges against Pakistan, from the alleged embezzlement of military aid to alleged support for Taliban attacks in Afghanistan, to harboring bin Laden. With relations between the allies deteriorating, Pakistan has more and more incentive to turn away from the US as its key partner and side with China, which challenges American influence in the region.
Joseph Chang, a professor of political science at Hong Kong City University, believes the alliance is beneficial to both sides. China, an ally of Pakistan against India and Soviet Union during the Cold War, now sees the benefits of a partnership with Pakistan as primarily economic.
“Pakistan has been Beijing’s best ally throughout the history of the People’s Republic of China,” he told RT. “Increasingly, Pakistan has a certain strategic value to China because of the completion of the Karakorum Highway, as well as the almost-completion of the Gwadar port. China certainly hopes that it can, through land links to Pakistan, then open up sea links to the Indian Ocean and bring oil through this route, avoiding the overcrowded Straits of Malacca.”
Chang believes Pakistan could also profit from the alliance: “China is always very helpful in terms of trade, investment as well as military and economic aid. So having an ally like China will help to much strengthen Pakistan’s bargaining power with Washington DC.”
http://rt.com/news/pakistan-china-ties-us-647/
Here are some excerpts of CBS 60 Minutes segment on Stuxnet aired on Mar 4, 2012:
The first attack, using a computer virus called Stuxnet was launched several years ago against an Iranian nuclear facility, almost certainly with some U.S. involvement. But the implications and the possible consequences are only now coming to light.
FBI Director Robert Mueller: I do believe that the cyberthreat will equal or surpass the threat from counterterrorism in the foreseeable future.
Defense Secretary Leon Panetta: There's a strong likelihood that the next Pearl Harbor that we confront could very well be a cyberattack.
House Intelligence Committee Chairman Mike Rogers: We will suffer a catastrophic cyberattack. The clock is ticking.
And there is reason for concern. For more than a decade, the U.S. military establishment has treated cyberspace as a domain of conflict, where it would need the capability to fend off attack, or launch its own. That time is here. Because someone sabotaged a top secret nuclear installation in Iran with nothing more than a long string of computer code.
Ret. Gen. Mike Hayden: We have entered into a new phase of conflict in which we use a cyberweapon to create physical destruction, and in this case, physical destruction in someone else's critical infrastructure.
----------
We know from reverse engineering the attack codes that the attackers have full, and I mean this literally, full tactical knowledge of every damn detail of this plant. So you could say in a way they know the plant better than the Iranian operator.
We wanted to know what Retired General Michael Hayden had to say about all this since he was the CIA director at the time Stuxnet would have been developed.
------------
You can download the actual source code of Stuxnet now and you can repurpose it and repackage it and then, you know, point it back towards wherever it came from.
Kroft: Sounds a little bit like Pandora's box.
McGurk: Yes.
Kroft: Whoever launched this attack--
http://www.cbsnews.com/8301-18560_162-57390124/stuxnet-computer-worm-opens-new-era-of-warfare/?pageNum=4&tag=contentMain;contentBody
Here's a piece in a Russian newspaper on Putin's visit to Pakistan:
Russian President-elect Vladimir Putin will, on his first foreign tour after taking office, make his first stop in Pakistan. It symbolizes not just Pakistan’s importance in the region, but the shift in relations which means that the two countries, kept apart for so many years because of Russia’s espousal of Communism, are trying to come together. Russia seeks a new ally in the region, to substitute for India, now in the American lap, after the collapse of the USSR. Mr Putin’s visit shows that Russia intends to play a more proactive role in world affairs. It must do so, because by ceding to US supremacy, it has seen it not just invade Afghanistan physically, but threaten Iran. Russia has found its own physical space threatened by US expansionism, with the expansion of Nato threatening it in the West, the snatching away of India and the occupation of Afghanistan threatening it in Asia. The visit is a result of the successful visits to Russia by President Asif Zardari, in August 2010 for the Quadrilateral Summit, and by Foreign Minister Hina Rabbani Khar earlier this year.
Russia had previously tried to make headway in Pakistan through the Steel Mills project, and now it has offered to be involved in the Iran-Pakistan gas pipeline project. This is an offer that Pakistan must not hesitate to take up. While Pakistan's official 'ally' has done its best to sabotage the project, and has insisted India withdraw from it, Russia is extending a helping hand. Unlike the steel mills, the pipeline from Iran is existential, providing as it will, gas not just for domestic and industrial users, but also for power production. Thus not just for strategic concerns, but national interest should incline Pakistan towards Russia. However, as strategic concerns include Afghanistan, which Russia has been deeply interested in for a very long time, Russia would also be interested in how Pakistan sees the future of Afghanistan.
It should also be recognized that Russia has a deep interest in the reset in relations between the USA and Pakistan that is presently being discussed by the joint sitting of Parliament. Russia too has seen that the US has not just gained access to South Asia through Pakistan, but also Central Asia. As Russia is seeking an ally in the region to substitute for India, and as Pakistan is distanced from the USA, Russia is naturally more interested in Pakistan than ever before. President Putin’s visit, the first ever by a Russian President to Pakistan, reflects that.
http://english.ruvr.ru/2012_04_13/71586559/
Here's Wall Street Journal story on cyberweapons:
"Cyberattacks are easy, can be carried out at a low cost and have potentially high benefits," said Peter Sommer, a computer-security expert who teaches at the London School of Economics. "You don't have to keep agents in location for a long time. You can be sitting at a computer in your home country."
Many countries—including the U.S., Russia, China, Israel, the U.K., Pakistan, India and North and South Korea—have developed sophisticated cyberweapons that can penetrate and destroy computer networks, experts say. Increasingly, governments are going public about break-ins to their networks to raise public awareness.
"We are seeing an important shift in the way people understand computer security," said Ilias Chantzos, the director of government affairs outside the U.S., at technology-security firm Symantec Corp. "It used to be exotic. Now we are seeing it elevated to a national level."
Recently, the North Atlantic Treaty Organization said it would develop a new policy to deal with computer threats after a string of attacks on member countries.
In 2009, the European Commission published a paper calling for greater cooperation among member states to fend off cyberattacks.
However, keeping up with the development of new cyberthreats is proving challenging for governments, which have to spend heavily upgrading their defense systems and focusing their efforts on their most vulnerable points, experts say. France, for instance, created ANSSI in 2009. In 2012, the agency will hire 70 new staff and have an annual budget of €90 million ($125.8 million).
"No single infrastructure system is safe enough," said Mr. Pailloux.
http://online.wsj.com/article/SB10001424052748703386704576186061676412704.html
Here's an IEEE Spectrum piece on Stuxnet virus:
1986
The Brain boot sector virus (aka Pakistani flu), the first IBM PC–compatible virus, is released and causes an epidemic. It was created in Lahore, Pakistan, by 19-year-old Basit Farooq Alvi and his brother, Amjad Farooq Alvi.
-----------
Computer cables snake across the floor. Cryptic flowcharts are scrawled across various whiteboards adorning the walls. A life-size Batman doll stands in the hall. This office might seem no different than any other geeky workplace, but in fact it’s the front line of a war—a cyberwar, where most battles play out not in remote jungles or deserts but in suburban office parks like this one. As a senior researcher for Kaspersky Lab, a leading computer security firm based in Moscow, Roel Schouwenberg spends his days (and many nights) here at the lab’s U.S. headquarters in Woburn, Mass., battling the most insidious digital weapons ever, capable of crippling water supplies, power plants, banks, and the very infrastructure that once seemed invulnerable to attack.
Recognition of such threats exploded in June 2010 with the discovery of Stuxnet, a 500-kilobyte computer worm that infected the software of at least 14 industrial sites in Iran, including a uranium-enrichment plant. Although a computer virus relies on an unwitting victim to install it, a worm spreads on its own, often over a computer network.
This worm was an unprecedentedly masterful and malicious piece of code that attacked in three phases. First, it targeted Microsoft Windows machines and networks, repeatedly replicating itself. Then it sought out Siemens Step7 software, which is also Windows-based and used to program industrial control systems that operate equipment, such as centrifuges. Finally, it compromised the programmable logic controllers. The worm’s authors could thus spy on the industrial systems and even cause the fast-spinning centrifuges to tear themselves apart, unbeknownst to the human operators at the plant. (Iran has not confirmed reports that Stuxnet destroyed some of its centrifuges.)
------------
Companies have been slow to invest the resources required to update industrial controls. Kaspersky has found critical-infrastructure companies running 30-year-old operating systems. In Washington, politicians have been calling for laws to require such companies to maintain better security practices. One cybersecurity bill, however, was stymied in August on the grounds that it would be too costly for businesses. “To fully provide the necessary protection in our democracy, cybersecurity must be passed by the Congress,” Panetta recently said. “Without it, we are and we will be vulnerable.”
In the meantime, virus hunters at Kaspersky and elsewhere will keep up the fight. “The stakes are just getting higher and higher and higher,” Schouwenberg says. “I’m very curious to see what will happen 10, 20 years down the line. How will history look at the decisions we’ve made?”
http://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet
Here's a Washington Post report on US black budget targeting Pakistan for extra concerns and greater surveillance:
The $52.6 billion U.S. intelligence arsenal is aimed mainly at unambiguous adversaries, including al-Qaeda, North Korea and Iran. But top-secret budget documents reveal an equally intense focus on one purported ally: Pakistan.
No other nation draws as much scrutiny across so many categories of national security concern.
A 178-page summary of the U.S. intelligence community’s “black budget” shows that the United States has ramped up its surveillance of Pakistan’s nuclear arms, cites previously undisclosed concerns about biological and chemical sites there, and details efforts to assess the loyalties of counterterrorism sources recruited by the CIA.
Pakistan appears at the top of charts listing critical U.S. intelligence gaps. It is named as a target of newly formed analytic cells. And fears about the security of its nuclear program are so pervasive that a budget section on containing the spread of illicit weapons divides the world into two categories: Pakistan and everybody else.
The disclosures — based on documents provided to The Washington Post by former intelligence contractor Edward Snowden — expose broad new levels of U.S. distrust in an already unsteady security partnership with Pakistan, a politically unstable country that faces rising Islamist militancy. They also reveal a more expansive effort to gather intelligence on Pakistan than U.S. officials have disclosed.
----
Beyond the budget files, other classified documents provided to The Post expose fresh allegations of systemic human rights abuses in Pakistan. U.S. spy agencies reported that high-ranking Pakistani military and intelligence officials had been aware of — and possibly ordered — an extensive campaign of extrajudicial killings targeting militants and other adversaries.
Public disclosure of those reports, based on communications intercepts from 2010 to 2012 and other intelligence, could have forced the Obama administration to sever aid to the Pakistani armed forces because of a U.S. law that prohibits military assistance to human rights abusers. But the documents indicate that administration officials decided not to press the issue, in order to preserve an already frayed relationship with the Pakistanis.
In a statement, a spokeswoman for the National Security Council said the United States is “committed to a long-term partnership with Pakistan, and we remain fully engaged in building a relationship that is based on mutual interests and mutual respect.”...
http://www.washingtonpost.com/world/national-security/top-secret-us-intelligence-files-show-new-levels-of-distrust-of-pakistan/2013/09/02/e19d03c2-11bf-11e3-b630-36617ca6640f_story.html
From Wall Street Journal:
Russian researchers expose breakthrough U.S. spying program. The National Security Agency found a way to implant spyware into the firmware of hard drives, allowing the agency the ability to spy on the majority of computers worldwide, according to Kaspersky Lab. The Moscow-based security agency said it found infected computers in 30 countries, with the most infections found in Iran, Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included banks, energy companies, government and military institutions. A former NSA employee tells Reuters that Kasperky’s analysis is correct. The news could soon lead to more backlash against Western technology vendors.
http://blogs.wsj.com/cio/2015/02/17/ups-business-rides-on-orion-routing-algorithm/
#US #NSA hacked NTC to spy on #Pakistan military, political leadership: #Snowden documents reveal #NSAhack https://www.thenews.com.pk/latest/143967-US-hacked-NTC-to-spy-on-Pakistan-military-political-leadership-Snowden-documents …
The United States hacked into targets in the Pakistan's National Telecommunications Corporation (NTC) to spy on the country's political and military leadership, documents released by former National Security Agency contractor Edward Snowden confirm.
According to a report by online news site The Intercept, the previously unpublished documents released by Snowden confirm that some of the NSA's top-secret code has been leaked or hacked.
In the latest leak of top-secret documents, Snowden has given The Intercept a classified draft NSA manual on how to implant the SECONDDATE malware – malicious code that is used to monitor or control someone else's computer, the website said.
"There are at least two documented cases of SECONDDATE being used to successfully infect computers overseas: An April 2013 presentation boasts of successful attacks against computer systems in both Pakistan and Lebanon," said The Intercept report.
"In the first, NSA hackers used SECONDDATE to breach 'targets in Pakistan’s National Telecommunications Corporation’s (NTC) VIP Division,' which contained documents pertaining to 'the backbone of Pakistan’s Green Line communications network' used by 'civilian and military leadership'," said the report.
According to report, SECONDDATE is just one method used by the NSA to hack into target computer systems and networks.
Another document in the cache released by Snowden describes how the NSA used software other than SECONDDATE to repeatedly attack and hack into computer systems in Pakistan.
#US #NSA used #malware to spy on #Pakistani civilian, military leadership. #Pakistan #NSAhack #Snowden
http://www.dawn.com/news/1279013/nsa-used-malware-to-spy-on-pakistani-civilian-military-leadership-report
The United States' clandestine National Security Agency (NSA) allegedly spied on top civil-military leadership in Pakistan using malware, The Intercept reported.
Malware SECONDDATE allegedly built by the NSA was used by agency hackers to breach "targets in Pakistan’s National Telecommunications Corporation’s (NTC) VIP Division", which contained documents pertaining to "the backbone of Pakistan’s Green Line communications network" used by "civilian and military leadership", according to an April 2013 presentation document obtained by The Intercept.
The file appears to be a 'top secret' presentation originating from the NSA's SigDev division.
SECONDDATE is described as a tool that intercepts web requests and redirects browsers on target computers to an NSA web server. The server then infects the web requests with malware.
The malware server, also known as FOXACID, has been described in earlier leaks made by former NSA contractor Edward Snowden.
SECONDDATE, however, is just one method the NSA allegedly uses to redirect a target's browser to the FOXACID server. Others involve exploiting bugs in commonly used email providers by sending spam or malicious links that lead to the server, The Intercept said.
Another document obtained by The Intercept, an NSA Special Source Operations division newsletter describes how agency software other than SECONDDATE was used to repeatedly direct targets in Pakistan to the FOXACID servers to infect target computers.
The Intercept confirmed the "authenticity" of the SECONDDATE malware by means of a data leak reportedly made by Snowden.
Snowden released a classified top-secret agency draft manual for implanting malware which instructs NSA operators to track their use of a malware programme through a 16-character string ─ the same string which appears in the SECONDDATE code leaked by a group called ShadowBrokers.
ShadowBrokers last week announced that SECONDDATE was part of a group of NSA-built 'cyber weapons' that it was auctioning off.
Although it is unclear how the code for the software leaked and was obtained by ShadowBrokers, The Intercept claims "the malware is covered with NSA's virtual fingerprints and clearly originates from the agency".
The ShadowBrokers auction of SECONDDATE is the first time any full copies of NSA software have been made available to the public.
"The person or persons who stole this information might have used them against us," Johns Hopkins University cryptographer Matthew Green said on the dangers of such software becoming available to the public.
Speaking to The Intercept, Green said that such exploits could be used to target anyone using a vulnerable router. "This is the equivalent of leaving lockpicking tools lying around a high school cafeteria. It’s worse, in fact, because many of these exploits are not available through any other means, so they’re just now coming to the attention of the firewall and router manufacturers that need to fix them, as well as the customers that are vulnerable."
The Intercept has in the past published a number of reports from documents released by Snowden. The site’s editors include Glenn Greenwald, who won a Pulitzer Prize for his work in reporting on the whistleblower’s revelations.
https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/
Wikileaks reveal #American #Spy Agency #NSA #Cyber Weapons Used to Hack #Pakistan mobile system http://bit.ly/2nQ1VHn via @techjuicepk
New information about the involvement of US in hacking Pakistan mobile system has been found in a release by Wikileaks. This leak points to NSA’s cyber weapons which include code related to hacking of Pakistan mobile system.
NSA’s interest in Pakistan
NSA, National Security Agency responsible for global monitoring, collection, and processing of information and data for foreign intelligence and counterintelligence purposes in the USA, has allegedly spied on Pakistani civilian and military leadership in the past. Edward Snowden, a former NSA employee, has also suggested in the past that NSA used wiretapping and cyber weapons to spy on many international leaders.
Scope of new information
On Saturday, Wikileaks revealed hundreds of cyber weapons variants which include code pointing towards NSA hacking Pakistan mobile system.
The link shared in the tweet by Wikileaks’ official account points to a Github repository containing the decrypted files pertaining to NSA cyber weapons. A complete analysis of these files by a cyber security expert is needed to further highlight the severity of the situation. Initial impressions, however, seem to indicate that these leaks will certainly provide more substance to previous allegations against NSA.
IT ministry to come up with plan to ensure country’s cyber-security
National12 HOURS AGO BY APP
https://www.pakistantoday.com.pk/2018/01/11/it-ministry-to-come-up-with-plan-to-ensure-countrys-cyber-security/
Ministry of Information Technology has been entrusted with the responsibility to propose an appropriate organisation in order to ensure cyber-security of Pakistan.
The decision was taken during a high-level meeting on Thursday to develop a framework and way forward to coordinate and evolve a mechanism for country’s cyber-security.
National Security Adviser Nasser Khan Janjua chaired the meeting. National Security Division secretary, representatives from Ministry of Information and Broadcasting, Ministry of Information Technology, Pakistan Electronic Media Regulatory Authority (PEMRA), Pakistan Telecommunication Authority (PTA) and Federal Investigation Agency (FIA) attended the meeting.
Moreover, the Ministry of Information and Broadcasting will propose a mechanism that could chalk out a way forward towards the use of social media for a progressive Pakistan.
The meeting ended on a note that a next session would be scheduled soon to conclude the process of evolving a mechanism for ensuring cyber-security.
E-governance council to be established in Pakistan for policy formulation
https://www.techjuice.pk/e-governance-council-to-be-established-in-pakistan-for-policy-formulation/
Nasser Khan Janjua, the National Security Advisor Lt General (Retd) said during a closing ceremony that Pakistan is in need of excelling and developing an e-governance council policy formulation according to the globally acceptable parameters. The ceremony, “Cyber Secure Pakistan – Policy Framework” was arranged by CGSS and was held in Islamabad on Tuesday.
The seminar highlighted the importance of emerging technologies in the cyber world. It aimed to create an awareness about the threats concerning the national security due to the evolvement in the cyberspace and therefore, to plan a consolidated cybersecurity policy for the country.
The advisor said, “Pakistan is engulfed in traditional threats and insecurities due to which the new emerging threats have been ignored hence, we have to do better more than ever before,”
The ‘emerging threats’ are due to the growing digitalization of the cyberspace and are pertaining to the country’s defense and security, he expressed.
He added that the whole sphere had been endangered and it was very important to get out of the consumer market and venture into the new dimensions.
Mr. Nasser further stated, “Excessive use of internet has put our security under the threat. Due to our increasing alliance on the internet, cybersecurity policy is becoming the need of the hour.”
Moreover, Lieutenant General Muhammad Zahir Ul Islam (Retd) – Chairman CGSS, in his opening remarks stated that a well-articulated legislation must be passed by the government that would provide a legal framework for law enforcement and intelligence agencies to operate under. Likewise, Secretary National Security Division, Syed Iftikhar Hussain Babar also called attention to the significance of the cybersecurity in his opening address.
He mentioned that the danger of the cyber warfare is real and protecting the data is as important as protecting ourselves. The government and many private institutions have been working in this regard. Before the world moves a step further in the cyberspace, Pakistan must secure a firm position in this particular field and formulate its state policy accordingly.
Experts are unanimous in saying that the most important target of #Indian #cyber-#espionage & #cyberattacks by far is #Pakistan. Limited employment prospects of Indian techies have created a swarm of underground threat actors in #India| The Daily Swig
https://portswigger.net/daily-swig/indian-cyber-espionage-activity-rising-amid-growing-rivalry-with-china-pakistan
ANALYSIS India is sometimes overlooked by some in the threat intelligence community, even though the South Asian nation has advanced cyber capabilities – not least a huge pool of talent.
The country boasts a large number of engineers, programmers, and information security specialists, but not all of this tech talent was put to good use, even before the Covid-19 pandemic cast a shadow over the global economy.
Their somewhat limited employment prospects are said to have created a swarm of underground Indian threat actors eager to show off their hacking talents and make money – a resource that the Indian government might be able to tap into in order to bolster its own burgeoning cyber-espionage resources.
India is in catch-up mode for now, but has the technical resources to make rapid progress.
Who is being targeted by Indian hacking groups?
Geopolitical factors have fueled an increase in cyber threat activity both originating from and targeting India.
Experts quizzed by The Daily Swig were unanimous in saying that the most important target of Indian cyber-espionage by far is Pakistan – a reflection of the decades-long struggle over the disputed region of Kashmir.
China, India’s neighbour and an ally of Pakistan, is also a top target of state-sponsored Indian cyber-espionage.
Paul Prudhomme, head of threat intelligence advisory at IntSights, told The Daily Swig: “Indian cyber-espionage differs from that of other top state-sponsored threats, such as those of Russia and China, in the less ambitious geographic scope of their attacks.”
Other common targets of Indian hacking activity include other nations of the South Asian subcontinent, such as Bangladesh, Sri Lanka, and Nepal. Indian espionage groups may sometimes expand their horizons further to occasional targets in Southeast Asia or the Middle East.
Indian cyber-espionage groups typically seek information on Pakistan’s government, military, and other organizations to inform and improve its own national security posture.
But this is far from the only game in town.
For example, one Indian threat group called ‘Dark Basin’ has allegedly targeted advocacy groups, senior politicians, government officials, CEOs, journalists, and human rights activists across six continents over the last seven years.
India is currently considered to have a less mature cyber warfare armoury and capability than the ‘Big Six’ – China, North Korea, Russia, Israel, the UK, and US – but this may change over time since its capability is growing.
Chris Sedgwick, director of security operations at Talion, the managed security service spinoff of what used to be BAE System’s intelligence division, commented:
The sophistication of the various Indian cyber threat actors do not appear to be in the same league as China or Russia, and rather than having the ability to call on a cache of 0-day exploits to utilise, they have been known to use less sophisticated – but still fairly effective – techniques such as decoy documents containing weaponised macros.
Experts are unanimous in saying that the most important target of #Indian #cyber-#espionage & #cyberattacks by far is #Pakistan. Limited employment prospects of Indian techies have created a swarm of underground threat actors in #India| The Daily Swig
https://portswigger.net/daily-swig/indian-cyber-espionage-activity-rising-amid-growing-rivalry-with-china-pakistan
Morgan Wright, chief security advisor at SentinelOne and former US State Department special advisor, told The Daily Swig: “India’s growing offensive capability is still immature compared to China, North Korea, Russia, Israel, the UK and US. However, there is no shortage of people with advanced technical skills in India.”
With Covid-19 causing significant unemployment in India, it can be “safely assumed a portion of people with these skills will engage in cybercrime”, according to Wright.
“Ironically, tactics learned in committing cybercrime will be of value to the intelligence and military establishment in India as they develop and grow units to engage in cyber warfare and espionage,” he said.
India security
Assaf Dahan, senior director and head of threat research at Cybereason, told The Daily Swig: “The level of sophistication of the activity groups affiliated with India can vary; some groups have shown a high level of sophistication and use of advanced custom-built tools or advanced exploits, while others exhibited significantly less sophisticated capabilities.
“Sometimes a group might exhibit different levels of sophistication on different operations, based on the group’s needs and reasoning,” he added.
Dahan concluded: “Another point to remember: the level of sophistication isn’t always correlated with the success rate of the group’s operation or goals. Sometimes, simple social engineering attacks delivering a known commodity malware can be enough to get the threat actors what they want.”
What examples are there of Indian APT groups?
Recent attacks by Indian hacker groups:
The highly active cyber-espionage entity known as SideWinder has been plaguing governments and enterprises since 2012. A recently released report by AT&T Alien Labs shows most of SideWinder’s activity is heavily focused on South Asia and East Asia, with the group likely supporting Indian political interests.
The allegedly Indian state-sponsored group Dropping Elephant has been known to target the Chinese government via spear-phishing and watering hole attacks.
Viceroy Tiger has been known to use weaponised Microsoft Office documents in spear-phishing campaigns. Security researchers at Lookout recently went public with research on mobile malware attributed to the threat actors and rated as medium sophistication.
The level of direct Indian government involvement in some of these operations is contested.
Cybereason’s Dahan cautioned: “The line between ‘state operated’ or ‘state ordered’ can be rather fine, so it’s not always easy to link certain operations directly to an official government or military institution, especially due to the growing popularity of cyber mercenaries (hackers-for-hire).”
How might India expand its cyber warfare capabilities and defences?
Through an emerging initiative to provide technology education to 400,000 low-income students, India will significantly increase its cyber “bench strength”, according to Mike Hamilton, former CISO for the City of Seattle and co-founder and CISO of cybersecurity firm CI Security.
Hamilton predicted that a “cybercrime population will emerge [in India] and differentiate itself from nationalist motivations”.
Other experts reckon the flow of talent will run the other way and allow Indian to expand its cyber-espionage capabilities from the cohorts of cybercriminals.
Experts are unanimous in saying that the most important target of #Indian #cyber-#espionage & #cyberattacks by far is #Pakistan. Limited employment prospects of Indian techies have created a swarm of underground threat actors in #India| The Daily Swig
https://portswigger.net/daily-swig/indian-cyber-espionage-activity-rising-amid-growing-rivalry-with-china-pakistan
Morgan Wright, chief security advisor at SentinelOne and former US State Department special advisor, told The Daily Swig: “India’s growing offensive capability is still immature compared to China, North Korea, Russia, Israel, the UK and US. However, there is no shortage of people with advanced technical skills in India.”
With Covid-19 causing significant unemployment in India, it can be “safely assumed a portion of people with these skills will engage in cybercrime”, according to Wright.
“Ironically, tactics learned in committing cybercrime will be of value to the intelligence and military establishment in India as they develop and grow units to engage in cyber warfare and espionage,” he said.
India security
Assaf Dahan, senior director and head of threat research at Cybereason, told The Daily Swig: “The level of sophistication of the activity groups affiliated with India can vary; some groups have shown a high level of sophistication and use of advanced custom-built tools or advanced exploits, while others exhibited significantly less sophisticated capabilities.
“Sometimes a group might exhibit different levels of sophistication on different operations, based on the group’s needs and reasoning,” he added.
Dahan concluded: “Another point to remember: the level of sophistication isn’t always correlated with the success rate of the group’s operation or goals. Sometimes, simple social engineering attacks delivering a known commodity malware can be enough to get the threat actors what they want.”
What examples are there of Indian APT groups?
Recent attacks by Indian hacker groups:
The highly active cyber-espionage entity known as SideWinder has been plaguing governments and enterprises since 2012. A recently released report by AT&T Alien Labs shows most of SideWinder’s activity is heavily focused on South Asia and East Asia, with the group likely supporting Indian political interests.
The allegedly Indian state-sponsored group Dropping Elephant has been known to target the Chinese government via spear-phishing and watering hole attacks.
Viceroy Tiger has been known to use weaponised Microsoft Office documents in spear-phishing campaigns. Security researchers at Lookout recently went public with research on mobile malware attributed to the threat actors and rated as medium sophistication.
The level of direct Indian government involvement in some of these operations is contested.
Cybereason’s Dahan cautioned: “The line between ‘state operated’ or ‘state ordered’ can be rather fine, so it’s not always easy to link certain operations directly to an official government or military institution, especially due to the growing popularity of cyber mercenaries (hackers-for-hire).”
How might India expand its cyber warfare capabilities and defences?
Through an emerging initiative to provide technology education to 400,000 low-income students, India will significantly increase its cyber “bench strength”, according to Mike Hamilton, former CISO for the City of Seattle and co-founder and CISO of cybersecurity firm CI Security.
Hamilton predicted that a “cybercrime population will emerge [in India] and differentiate itself from nationalist motivations”.
Other experts reckon the flow of talent will run the other way and allow Indian to expand its cyber-espionage capabilities from the cohorts of cybercriminals.
Ignite Conducts Karachi Qualifier Round of Digital Pakistan Cybersecurity Hackathon 2022
https://propakistani.pk/2022/12/02/ignite-conducts-karachi-qualifier-round-of-digital-pakistan-cybersecurity-hackathon-2022/
Ignite National Technology Fund, a public sector company with the Ministry of IT & Telecom, conducted the qualifier round of Digital Pakistan Cybersecurity Hackathon 2022 in Karachi on 1st December 2022 after conducting qualifier rounds at Quetta and Lahore.
The Cybersecurity Hackathon aims to improve the cybersecurity readiness, protection, and incident response capabilities of the country by conducting cyber drills at a national level and identifying cybersecurity talent for public and private sector organizations.
Dr. Zain ul Abdin, General Manager Ignite, stated that Ignite was excited about organizing Pakistan’s 2nd nationwide cybersecurity hackathon in five cities this year. The purpose of the Cyber Security Hackathon 2022 is to train and prepare cyber security experts in Pakistan, he said.
Speaking on the occasion, Asim Shahryar Husain, CEO Ignite, said, “The goal of the cybersecurity hackathon is to create awareness about the rising importance of cybersecurity for Pakistan and also to identify and motivate cybersecurity talent which can be hired by public and private sector organizations to secure their networks from cyberattacks.”
“There is a shortage of 3-4 million cybersecurity professionals globally. So this is a good opportunity for Pakistan to build capacity of its IT graduates in cybersecurity so that they can boost our IT exports in future,” he added.
Chief guest, Mohsin Mushtaq, Additional Secretary (Incharge) IT & Telecommunication, said, “Digital Pakistan Cybersecurity Hackathon is a step towards harnessing the national talent to form a national cybersecurity response team.”
“Ignite will continue to hold such competitions every year to identify new talent. I would like to congratulate CEO Ignite and his team for holding such a marathon competition across Pakistan to motivate cybersecurity students and professionals all over the country,” he added.
Top cybersecurity experts were invited for keynote talks during the occasion including Moataz Salah, CEO Cyber Talents, Egypt, and Mehzad Sahar, Group Head InfoSec Engro Corp, who delivered the keynote address on Smart InfoSec Strategy.
Panelists from industry, academia, and MoITT officials participated in two panel discussions on “Cyber Threats and Protection Approaches” and “Indigenous Capability & Emerging Technologies” during the event.
The event also included a cybersecurity quiz competition in which 17 teams participated from different universities. The top three teams in the competition were awarded certificates.
41 teams competed from Karachi in the Digital Pakistan Cybersecurity Hackathon 2022.
The top three teams shortlisted after the eight-hour hackathon were: “Team Control” (Winner); “Revolt” (1st Runner-up); and “ASD” (2nd Runner-up).
These top teams will now compete in the final round of the hackathon in Islamabad later this month.
Post a Comment