Saturday, January 5, 2019

Global Cyber Arms Race Heating Up?

The United States has launched successful cyber attacks against Iran and North Korea in recent years, according to multiple credible reports. These cyber attacks have caused physical destruction of thousands of Iranian nuclear centrifuges and disrupted North Korean missiles on launchpads or shortly after takeoff. Some of the code and developer tools used in the attacks have leaked out. These leaks are enabling other nations to learn and develop their own offensive cyber weapons. The United States and the United Kingdom have accused Russia of using social media apps like Facebook and Twitter to exploit and deepen divisions during the US presidential elections and the UK's Brexit referendum in 2016. Similar warfare techniques, described by the US RAND Corporation as New Generation or Hybrid Warfare, are probably being deployed by other nations as well. It refers to the use of a broad range of subversive instruments, many of which are nonmilitary, to further a country's national interests. It wouldn't be far-fetched to think that India and Pakistan are learning from New Generation Warfare techniques developed and deployed by technologically advanced nations.

US-Israel Joint Stuxnet Against Iran:

A large number of  Iranian centrifuges suddenly started to blow up around 2008-9 soon after President Barack Obama's inauguration. The mystery was finally resolved in the summer of 2010  when a computer worm later named Stuxnet escaped Iran’s Natanz plant and spread around the world on the Internet.

New York Times' David Sanger reported that the United States and Israel developed Stuxnet and then tested it by building replicas of the Iranian Natanz plant equipped with Pakistani P-1 centrifuge designed in 1980s. Americans obtained P-1 centrifuges from Libyan leader Moammar Ghadafi and dismantled them to learn how it worked. P-1 uses a Siemens controller S7-417. Stuxnet inserted malware in the Siemens controller to suddenly change the centrifuge speed which caused its destruction.  It was designed to attack computers with specific configuration of Siemens S7-417 controller. Here's how New York Times' David Sanger described the test results:

"After several false starts, it worked. One day, toward the end of Mr. Bush’s term, the rubble of a centrifuge was spread out on the conference table in the Situation Room, proof of the potential power of a cyberweapon. The worm was declared ready to test against the real target: Iran’s underground enrichment plant."

US Left-of-Launch Attack Against North Korea:

A very high percentage of North Korean missile launches failed in the period from 2015 to 2017. The missiles either blew up on the launchpads or failed soon after launch. These failures are widely attributed to American cyber attacks.

American strategists see Left-of-Launch cyber weapons as a low-cost extension of their missile defense strategy. Gen. James Dickinson, the chief of Army Space and Missile Defense Command and Army Forces Strategic Command, explains it as follows:

“You’ve probably heard the conversation about how we’re on the wrong side of the cost curve for missile defense many times. We’re utilizing multi-million-dollar interceptors against very inexpensive missiles and those types of threats, So it’s a balance. It has to be a balance between the end game, if you will, where we’re relying on an interceptor to defeat the threat and other approaches."

Russia's Information Warfare in US, UK:

The United States and the United Kingdom have accused Russia of using social media apps like Facebook and Twitter to exploit and deepen divisions during the US presidential elections and the UK's Brexit referendum in 2016.

American and British intelligence officials believe Russia used all major social media platform to spread words, images and videos tailored to voters’ interests to help elect President Trump. Similar allegations have been made by the British government about Russian interference to influence the outcome of the Brexit vote in the U.K.

Facebook, Google and Twitter acknowledged in 2017 that they had identified Russian interference on their sites. The companies have responded to the threat — Facebook, in particular, created a “war room” in 2018 to fight interference around elections — but none has revealed interference around US midterm elections in 2017 on the same scale as in 2016.

Cyber Weapons Code and Tools Leaks:

Stuxnet worm and recently leaked NSA's hacking tools by Shadow Brokers have revealed the extent of US intelligence agencies' cyber spying and hacking operations. Symantec's Liam O'Murchu who was among the first to unravel Stuxnet says it is "by far the most complex piece of code that we've looked at — in a completely different league from anything we’d ever seen before." It is almost certain that the code is being reverse-engineered and repurposed as their weapon by cyber warriors in many countries around the world.

In 2013, a group known as "Shadow Brokers" leaked NSA's sophisticated cyberweapons that have exposed major vulnerabilities in Cisco routers, Microsoft Windows, and Linux mail servers.  Soona after the Shadow Brokers leak, North Korea is believed to have developed and used WannaCry ransomware. It encrypts files on the target PC's hard drive, making them inaccessible, then demands a ransom payment in bitcoin to decrypt them.

Summary:

American agencies have launched successful cyber campaigns against adversaries like  Iran and North Korea in recent years, according to multiple credible reports. These cyber attacks have caused physical destruction of thousands of Iranian nuclear centrifuges and disrupted North Korean missiles on launchpads or shortly after takeoff. Some of the code and developer tools used in the attacks have leaked out. These leaks are enabling other nations to learn and develop their own offensive cyber weapons. The United States and the United Kingdom have accused Russia of using social media apps like Facebook and Twitter to cause and deepen divisions during the US presidential elections and the UK's Brexit referendum in 2016. Similar warfare techniques, described by the US RAND Corporation as New Generation or Hybrid Warfare, are probably being deployed by other nations as well. It refers to the use of a broad range of subversive instruments, many of which are nonmilitary, to further a country's national interests. It wouldn't be far-fetched to think that India and Pakistan are learning from New Generation Warfare techniques developed and deployed by technologically advanced nations.


11 comments:

Khan said...

One thing I don't understand how stuxnet entered centrifuge system did some mole implanted it manually or were they linked with internet ????

Riaz Haq said...

Khan: "One thing I don't understand how stuxnet entered centrifuge system did some mole implanted it manually or were they linked with internet ????"

It was probably downloaded on a laptop which was later connected to the internal network at Iran's Natanz plant.

Riaz Haq said...


Cyber-Threats to Strategic Networks: Challenges for
Pakistan’s Security
Rizwan Naseer
COMSATS Institute of Information Technology Islamabad, Pakistan.
Musarat Amin
Fatima Jinnah Women University Rawalpindi, Pakistan.


http://pu.edu.pk/images/journal/csas/PDF/2_v33_1_18.pdf

Stuxnet was designed to sabotage critical computer infrastructure dealing with
software; proved that shakedowns might spread to real lives as well. Stuxnet is a
significant new piece of virus which totally changed the security landscape of
state‟s military strategies (Thomas M. Chen, 2011).After Stuxnet, two other
embattled computer malwares for surveillance surfaced named as Duqu in
September, 2011, followed by Flame in May, 2012. Media reported that these two
were also designed to target Iran‟s nuclear infrastructure but were not as successful
as Stuxnet (Nakashima, 2012). India and Pakistan kept their nuclear weapons
under foolproof security from any physical threat. Physical threat is comparatively
easy to counter whereas cyber-threat is more complex and devastating. There have
been rumours about the vulnerability of terrorist attacks on Pakistan‟s nuclear
weapons based on the assumption that if General Headquarter(GHQ) came under
terrorist attack then how could nuclear weapons be secured. Former Ambassador
to United Nations Masood Khan while addressing United Nations General
Assembly assured the UN that Pakistan‟s tactical weapons were secure from entire
spectrum of threats including cyber attacks. He also put forth that “Pakistan‟s
nuclear weapons‟ security is guided by five Ds, that is to Deter, detect, delay,
defend and destroy” (APP, 2013). Despite acknowledgement of the safety of
Pakistan‟s nuclear weapons, cyber-threats remain a larger concern because
guarding weapons with trained and well equipped guards is different from
guarding it against an unknown threat which might attack anytime and sabotaging
network like Stuxnet did with Iran.
Massive Hacking of Crucial Websites
On the eve of Pakistan‟s 70th Independence Day, through a well coordinated cyberattack, websites of Pakistan‟s key ministries were hacked including Ministry of
Defence, Ministry of Water and Power, Ministry of Information, Ministry of
Environment Change and Ministry of Food Security (Zaidi, 2017). As an act of
disgrace that hackers posted Indian flag and a Happy Independence Day message
for India on those websites. Pakistan Telecommunication Authority (PTA) had to
shut down the websites. Losing a control over Ministry of defence website is quite
embarrassing because such incidents encourage hackers to hit on bigger things like
strategic assets and their control. Such attacks might sound like nonsense to those
who control it but not for those who hear news of crucial websites and system
hacking on frequent basis not only from Pakistan but from highly technological
nations.

Khan said...

So a mole
why would anyone connect a net connected laptop to a centrifuge system without a malice

Riaz Haq said...

Khan: "So a mole. why would anyone connect a net connected laptop to a centrifuge system without a malice"

It could have been a mole or an unwitting scientist who made a mistake.

Anonymous said...

I seem to remember that an usb was used to get inside. And yes a mole was used

Riaz Haq said...

Hybrid warfare
Munir Akram December 09, 2018 Facebook Count


https://www.dawn.com/news/1450346

THE 2018 IDEAS Expo in Karachi featured a high-level seminar on hybrid warfare. This was a timely recognition that threats to national security can and do assume complex forms.

For over 60 years, nuclear weapons have deterred a major conflict between nuclear-armed states, and, because of the global revulsion against the use of nuclear weapons, the nuclear powers have been also unable to realise offensive objectives through nuclear coercion, even against non-nuclear weapon states. Thus, most conflicts are in the form of conventional military interventions against smaller or weaker states, sub-conventional (guerrilla or irregular) conflicts or ‘hybrid warfare’.

Western analysts have termed the comprehensive approach employed by Russia in Ukraine (encompassing narrative control, cyberattacks, use of anonymous militias and irregular forces, clandestine supplies and diplomatic support) as “hybrid warfare”. The Russians refer to it as the ‘Gerasimov Doctrine’ (after the Russian military chief). This form of warfare is also called: asymmetrical, non-conventional, gray zone conflict, ‘new generation warfare’, ‘whole of government’ approach and so on. It is emerging as the preferred modality in today’s contests between the great powers.

Often, hybrid war may not be a war at all. The objective may not be to secure an adversary’s immediate defeat, but to erode its morale; isolate it; ‘soften’ it up before a conflict; deflect it from pursuing unacceptable military or political objectives; disrupt its communications, command and control and/or important infrastructure; impose economic pain to secure adherence to political demands; delegitimise an adversary’s government; compromise its leaders.


The objective may not be to secure an adversary’s immediate defeat, but to erode its morale.

The toolbox of instruments that can be used to wage such ‘hybrid’ warfare is rapidly expanding and becoming more sophisticated: eg autonomous weapons, advanced cyber programmes, social media, data mining, algorithms and artificial intelligence (AI), etc. By 2020, the ‘internet of things’ will reportedly connect 30 billion devices. Power will rest with the people who control these devices.

Technology is progressively blurring the distinction between hybrid and conventional warfare and increasing the incentives, opportunities and compulsions for the preemptive or ‘first-use’ of offensive action by adversaries eg to knock out an enemy’s command and control through a cyber strike. Given the complexities of defence and offence in such complex conflict, it will become increasingly difficult to prevent the escalation of hybrid wars to the conventional and even the nuclear level.

Pakistan was the target of hybrid or indirect ‘war’ in 1971. New Delhi’s hybrid strategy (promotion of Mujib’s six-point plan, the genocide and refugees narrative, training the Mukti Bahini, the Indo-Soviet ‘Friendship Treaty’) all laid the ground for the coup de grĂ¢ce of Indian military intervention in East Pakistan.

Since then, Pakistan has been the target of multiple ‘hybrid’ campaigns. Exaggerated proliferation concerns and coercive diplomacy were utilised to hold back Pakistan’s nuclear and missile programmes. The legitimacy of the Kashmiri freedom struggle was eroded by its projection as terrorism including through false-flag operations, infiltration of militant Kashmiri groups and concerted propaganda. The onus for America’s colossal military and political failure in Afghanistan was ascribed to alleged Afghan Taliban ‘safe havens’ in Pakistan. The Pakistan Army and the ISI remain a special focus of propaganda and fake news.

Today, the hybrid war against Pakistan is focused on Balochistan, the former Fata region, Gilgit-Baltistan and the China-Pakistan Economic Corridor.

Riaz Haq said...

Hybrid warfare
Munir Akram December 09, 2018 Facebook Count


https://www.dawn.com/news/1450346


Pakistan has developed credible capabilities to deter nuclear and conventional aggression. However, it remains very vulnerable to hybrid warfare. Pakistan’s adversaries enjoy considerable prowess in IT, cyber, media projection and narrative construction, including ‘fake news’, subversion and sabotage, and sponsorship of terrorism, including ‘false-flag’ operations.

The main modality of this ‘indirect war’ against Pakistan is the media, including social media. Very few Indian media personalities enjoy the ‘freedom’ to be critical of their country or their current government. Meanwhile, Pakistan print and electronic media speaks with many voices. There is little space for pro-Pakistani narratives in the Western media. An army of Indian trolls has been recruited to malign Pakistan on the internet.

There are numerous other ‘agents of influence’ who are used to develop and project an anti-Pakistan narrative. Many foreign funded and directed non-governmental organisations have been ubiquitous in developing negative critiques about Pakistan within Pakistan. Some among our local elite are co-opted by these organisations through jobs, travel and other perks. No wonder there has been such a hue and cry about the long overdue diligence conducted recently by the government and the Foreign Office on these organisations.

The hybrid campaign incorporates some ethnic and religious groups. Foreign sponsorship of the Balochistan Liberation Army and the Tehreek-i-Taliban Pakistan is well established. Some others need to be subjected to close scrutiny.

Any foreign funding of any Pakistani organisation ought to be declared and officially approved. Receipt of undeclared foreign payments should be a crime. This is an international norm. (Surely, the Financial Action Task Force will approve.)

Pakistan’s agencies must be equipped with the most advanced surveillance and data collection techniques to detect future Jadhevs or Osamas and neutralise any ‘black ops’, ‘false-flag’ or infiltration operations planned by enemy agencies.

Pakistan must possess the cyber capability to defend its crucial command-and-control systems and its industrial and transport infrastructure against enemy attack. But to deter such attack, Pakistan must also have the capability for offensive cyber action.

The technologies for waging a “comprehensive” conflict and “new generation warfare” are being actively developed by every significant State. Pakistan cannot afford to be left behind. To acquire credible capacity to defend against and repel hybrid wars, Pakistan will need to make dedicated efforts, comparable to those deployed to develop its nuclear and missile programmes.

However, there are certain elements of such warfare (cyberattacks, autonomous weapons, false-flag operations) which pose the threat of systemic and global disruption, destabilisation and military escalation. Pakistan and other responsible nations should take an initiative in relevant international forums to secure a global ban or restrictions on such dangerous elements of hybrid warfare.

Riaz Haq said...

Understanding 5th generation warfare
By Cynthia D Ritchie

https://tribune.com.pk/story/1882213/6-understanding-5th-generation...

More ‘developed’ nations often claim they are more democratic than their developing counterparts and often employ talking heads to push this narrative. Over the years, and certainly more recently, these talking heads can be seen desperately trying to push one version of events while ganging up on others who have a difference of opinion — cyber bullying. Further, these talking troll heads try to muddy waters by falsely labeling people they don’t know and claiming Fifth Generation Warfare (5GW) is nothing more than a silly conspiracy to derail attempts at their free speech. And while many unfounded conspiracies abound, it behooves us to take a closer look at these individuals and their claims. For starters, let’s consider what 5GW is.

Turns out, 5GW is real. Only it doesn’t feature armies or clear ideas. In an article for Wired Magazine, written about 10 years ago, David Axe quoted the US Army Major Shannon Beebe, the top Intel officer for Africa at the time, as describing the “fifth-generation as a vortex of violence, a free-for-all of surprise destruction motivated more by frustration than by any coherent plans for the future.”
Axe writes further, “5GW is what happens when the world’s disaffected direct their desperation at the most obvious symbol of everything they lack.” He quotes Marine Lt Col Stanton Coerr, for Marine Corps Gazette: “5GW is… espoused by [the likes of] al Qaeda… with aspirations of setting up alternative political systems… they’re opportunists, intent only on destruction. But even pointless violence can have a perverse logic, for the sudden, irrational destruction undermines the idea that nations… are viable in the modern world.”


Interestingly, both military officers were quoted by Raashid Wali Janjua in one of his columns for a national daily: “Pakistan is already in the throes of this phenomenon, internally generated and externally abetted. Like the resource curse of countries like Angola and Congo, Pakistan’s geographical location is a curse. Instead of yielding economic dividends it has caused constant meddling by global powers in its internal affairs. Faced with such constant supply of war fuel, the soft state model of governance by an illiberal democracy is a sure recipe for chaos and disorder.” Clearly there are issues that need to be handled by the State.

But when you have cyber bullies attempting to force others to share their narrative, the message gets lost and becomes almost disingenuous. What may be seen as important news by some appears almost as propaganda to others. But with so much propaganda these days, how can one differentiate between what’s authentic and what is completely contrived?

A Forbes article, by Travis Bradberry, who covers emotional intelligence and leadership performance, recently described the ‘12 habits Of Genuine People’. In summary, these individuals: don’t try to make people like them — they “aren’t desperate for attention”, and “speak in a friendly, confident, concise manner;” they don’t “pass judgment” — they are open-minded and approachable, and have the ability to “see the world through other people’s eyes;” they forge their own paths — “genuine people don’t derive their sense of pleasure and satisfaction” from other’s opinions, they have their own “internal compass” and are not swayed by the fact that somebody may not like it; they “treat everyone with respect;” they “aren’t motivated by material things;” they are “thick-skinned”; they “aren’t driven by ego;” they “aren’t hypocrites.”

19640909rk said...

Riaz Haq: "Pakistan was the target of hybrid or indirect ‘war’ in 1971. "
Riaz Bhai, not true. Pakistan was killing East Pakistanis in a genocidal manner. India intervened because it was flooded with refugees from "East Pakistan" and being a very poor nation in that period, was unable to handle the refugee situation.

India's intervention in fact, helped Pakistan to get out of the mess. India did not even press for trial of Pakistani army officers involved in the genocide of 3 million Bangladeshi citizens. Can you imagine what Pakistani army would have done if "the boot was on the other leg"?

Riaz Haq said...

19640909rk: "Pakistani army officers involved in the genocide of 3 million Bangladeshi citizens."


The "Genocide" story was part of the hybrid warfare by India against Pakistan that started with propaganda war and then expanded to RAW-inspired Mukti Bahaini insurgency and finally an outright military invasion of East Pakistan. These facts have been confirmed by multiple sources including BBC's Mark Tully, Indian author-journalist Sarmila Bose and Ex RAW official RK Yadav.

https://www.riazhaq.com/2017/07/mascarenhas-1971-genocide-story-biased.html

Pakistani journalist Anthony Mascarenhas' sensational story headlined "GENOCIDE", published by London's Sunday Times on June 13 1971, had a profound effect on all subsequent media coverage of East Pakistan, according to veteran BBC South Asia correspondent Mark Tully.

Mascarenhas' "Genocide" story was accepted on face value and widely disseminated by major western and Indian media outlets without any verification or fact-checks. Decades later, Sarmila Bose, an Indian journalist and scholar, finally scrutinized the story and found it to be "entirely inaccurate".

Bose's investigation of the 1971 Bangladeshi narrative began when she saw a picture of the Jessore massacre of April 2, 1971. It showed "bodies lie strewn on the ground. All are adult men, in civilian clothes....The caption of the photo is just as grim as its content: "April 2, 1971: Genocide by the Pakistan Occupation Force at Jessore." Upon closer examination, Bose found that "some of the Jessore bodies were dressed in shalwar kameez ' an indication that they were either West Pakistanis or ‘Biharis’, the non-Bengali East Pakistanis who had migrated from northern India". In Bose's book "Dead Reckoning" she has done case-by-case body count estimates that lead her in the end to estimate that between 50,000 and 100,000 people were killed on all sides, including Bengalis, Biharis, West Pakistanis and others, in 1971 war.


Ex RAW official RK Yadav has confirmed India's sponsorship of Mukti Bahini insurgency in East Pakistan. On Mukti Bahini Page 231, Yadav writes:

https://www.riazhaq.com/2015/05/ex-indian-spy-documents-raws-successes.html

Since the Indian Army was not prepared and well-equipped for an immediate army action at that point (March 1971), it was planned to raise and train a guerrilla outfit of the Bengali refugees of East Pakistan by R&AW which would harass the Pakistan Army till the Indian Army would be ready for the final assault to the liberation of East Pakistan. She (Indira Gandhi) then asked R.N. Kao, Chief of R&AW, to prepare all possible grounds for the army for its final assault when the clearance from General Maneckshaw was received for its readiness for the war.

On 3 RAW created Forces (Mujeeb Bahini, Special Frontier Force (SFF) and Kader Bahini Page 242:

"..He (Kader Siddiqui aka Tiger Siddiqui) was the main operative of R&AW in the most vital areas of strategic operation around Dacca... Kader Bahini played havoc with the communication system of the army (Pakistani), ambushed enemy columns, blew up supply and ammunition dumps and assaulted a number of enemy convoys.....all these three guerrilla outfits created by R&AW with the help of BSF and the (Indian) army proved a vital force .. "