Category Archives: Cyber Blue Team

China’s Hacking Of U.S. Remains A Top Concern : NPR

U.S officials have long complained about countries that systematically hack into U.S. computer networks to steal valuable data, but until recently they did not name names.

In the last few months, that has changed. China is now officially one of the cyber bad guys and probably the worst.

“We know and there’s good evidence … of very deliberate, focused cyber espionage to capture very valuable research and development information, or innovative ideas, or source code or business plans for their own advantage,” says Mike McConnell, a former director of national intelligence and before that the director of the National Security Agency.

It’s the Chinese he’s talking about, though other countries also engage in cyber espionage to gain a competitive edge. Russia, for example, but China stands out as especially aggressive.

“China does not care what other people think,” says Richard Bejtlich, the chief security officer at MANDIANT, a company that helps firms deal with cyber intrusions. “Culturally they are very interested in being seen as responsible, but when it comes to their actual work on the ground; if you try kicking them out of your network on a Friday, they’re back on a Monday.”

The increased willingness of the U.S. government to point a finger at the Chinese dates from an official report released last October that identified them “as the world’s most active and persistent perpetrators of economic espionage.”

via China’s Hacking Of U.S. Remains A Top Concern : NPR.

Advertisements

PLA “Online Blue Army” gets ready for cyber warfare

Defense Ministry spokesman Geng Yansheng hosts the ministry’s second regular press conference in Beijing, May 25, 2011. [Photo/China Daily, mod.gov.cn]

The People’s Liberation Army (PLA) confirmed in May 2011 that it has established an “Online Blue Army” to improve China’s defense capability and ensure the security of the country’s military network. The announcement drew close attention from military watchers and experts worldwide.

Zhang Shaozhong, a military expert and a professor from PLA National Defense University, told the People’s Daily that China is increasingly dependent on the Internet, but makes no domestic root servers, and various other types of software and Internet hardware are U.S. made. In this sense, China can be described as merely a computer user with a fairly fragile Internet security system. These are circumstances that cry out for the build up of Internet security forces.

Throughout 2010, 480,000 Trojans viruses and 13,782 Zombie viruses were detected, with 221,000 Trojan and 6,531 Zombie remote control clients found to originate in foreign countries.

via PLA “Online Blue Army” gets ready for cyber warfare – Headlines, features, photo and videos from ecns.cn.


“Cyber China” From Operation Aurora to China Cyber attacks Syndrome | Security Affairs

When we think of China in relation to cyber warfare, we imagine an army of hackers hired by the government in a computer room ready to successfully attack any potential target. China is perceived as a cyber power and ready to march against any insurmountable obstacle using any means. In this connection we read everything and its opposite, and we are ready to blame all sorts of cyber threats to the Country of the Rising Sun. The truth, however, is quite different, at least in my opinion, and understands that the Chinese people before others have understood the importance of a strategic hegemony in cyber space. However, many doubts are beginning to gather on the real technological capabilities of China.

It certainly has a high potential for cyber offensive but its quality is really arguable. China has the most extensive cyber-warfare capabilities. It began to implement an Information Warfare strategy in 1995 conducting a huge quantity of exercises in which computer viruses have been used to interrupt military and private communications. In 2000, China established a strategic Information Warfare unit, Net Force, which is responsible for “wage combat through computer networks to manipulate enemy information systems spanning spare parts deliveries to fire control and guid ance systems.” Today The PLA GSD Third Department and Fourth Departments are considered to be the two largest players in China‘s burgeoning cyber-infrastructure.  In November 2011, Desmond Ball, a professor in the Strategic and Defense Studies Centre at Australia’s National University argues that the Chinese offensive capabilities today are pretty limited and he has also declared that the internal security has a bunch of vulnerabilities.

via “Cyber China” From Operation Aurora to China Cyber attacks Syndrome | Security Affairs.


Cyber Revenge Against Japan?

The world has grown wearily accustomed to the concept of cyberspace being mankind’s newest battleground. So while the Japanese defence establishment was understandably unsettled by the recent cyber attacks against arms company Mitsubishi Heavy Industries (MHI)—which first occurred in August but were only disclosed this week—the phenomenon will have struck governments and corporations that have experienced similar attacks as nothing particularly new.

The specifics of the attack on MHI and other Japanese entities remain unclear. While the Japanese media has attempted to trace the attack back to China—the usual suspect in these cases—its origin has not been publicly confirmed. Certainly, Beijing denied that it was involved, as it always does, despite admitting earlier this year to the existence of a PLA cyber warfare unit known as the Blue Army.

via Cyber Revenge Against Japan? | Flashpoints.


Mitsubishi Heavy Industries Hacked: Japan Defense Industry’s First Cyberattack

TOKYO (Reuters) – Japan’s biggest defense contractor, Mitsubishi Heavy Industries Ltd, said on Monday hackers had gained access to its computers, with one newspaper saying its submarine, missile and nuclear power plant component factories had been the target.

The company said in a statement that some information could have been stolen in the first known cyber attack on Japan’s defense industry.

“We’ve found out that some system information such as IP addresses have been leaked and that’s creepy enough,” said a Mitsubishi Heavy spokesman.

via Mitsubishi Heavy Industries Hacked: Japan Defense Industry’s First Cyberattack.


U.S. China face vast divide on cyber issues | Reuters

Two super powers have opposing views as to what shape security on the Internet should take!

WASHINGTON – For two years, academic experts from the United States and China have quietly held talks on cyber-security, straining to establish rules of the road in a realm that has proven a persistent irritant between the world’s two largest economies.

The informal discussions have yielded modest progress in areas such as cooperation to combat Internet fraud, where both Beijing and Washington have an incentive to work together, according to participants.

Click to Enlarge
AFP/Getty Images
Chinese anti-terrorism police undergo a drill in Suining, southwest China’s Sichuan province. After setting up its own cyber-warfare team, China’s military has now developed its first online war game aimed at improving combat skills and battle awareness, state press said. China and the U.S. have contrasting views on cyber security. Photo: Getty Images

China’s contrasting view of cyber security was made clear as soon as the United States began discussing the need to protect computer networks, James Mulvenon, a China expert at the Defense Group Inc, told a recent Washington conference.

China wanted to talk about censorship “The Chinese came back immediately and said no, no, no, we want to talk about information security, which is both protecting the network and policing the content on the network,” Mulvenon said.

“Right from the outset, we were talking past one another,” he asaid.

Digital attacks and cyber snooping on U.S. technology firms and government agencies including the Pentagon, many of them believed to have originated in or been routed through China, have pushed cyber-security up the list of thorny issues troubling Sino-American relations.

While Beijing denies it, U.S. officials and experts suspect China’s hand was behind the hacking and phishing of web-search giant Google Inc. this year and last, as well as intrusions into Pentagon networks.

On Thursday, the Pentagon is due to release its formal cyber-security strategy.

Unlike nuclear, chemical and biological weaponry, or trade wars, there are no existing international treaties that cover cyber-war, computer espionage or hacking.

Former Secretary of State Henry Kissinger, an architect of the U.S. opening with China in the 1970s, told a Thomson Reuters event last month that a high-level agreement between the two sides is needed. “If you take it case by case it will lead to accusations and counter-accusations,” he said.

But so far, there has been relatively little official movement.

The annual cabinet-level U.S.-China Strategic and Economic Dialogue included cyber security for the first time this year, but the session was just 90 minutes long, cut in half by translation and produced no breakthroughs.

The unofficial talks between experts began after China approached the United States with concerns that hacker intrusions were stoking bilateral tension, said James Lewis, a cybersecurity expert who leads the U.S. side of the talks.

The U.S. group and experts from the state-affiliated China Institutes of Contemporary International Relations have covered four areas: law enforcement, trade, military issues and espionage.

Five group meetings and three smaller informal meetings have made headway in the law enforcement area, said Lewis, of the Center for Strategic and International Studies, a Washington think tank.

In one instance, the FBI helped China’s law enforcement agencies by staging raids in New York on Chinese in the United States who were defrauding people back home, he said.

“It’s slow, but I think there’s a little bit of progress,” said Lewis, adding that the goal is to eventually hand the conversations over to official negotiating teams.

But the military and espionage tracks have been hard going, highlighting what analysts say is a huge U.S.-China perception gap over values, capabilities, interests – and even basic definitions of deterrence and cyber security.

Analysts say China’s People’s Liberation Army believes its ability to attack U.S. cyber infrastructure compensates for its conventional military weakness compared to the United States.

“I’m quite skeptical of the likelihood that any effective understanding of offensive operations can be reached with the Chinese government,” said Stewart Baker, a former U.S. Department of Homeland Security official, now at the law firm Steptoe & Johnson.

China’s eagerness to acquire foreign technology also has inspired cyber intrusions that anger trade partners.

Hackers based in China have been accused of trying to steal everything from Google’s valuable search algorithm to manuals for U.S. satellites to gigabytes of proprietary business information from Western energy companies.

But China’s spymasters, paradoxically for a centrally controlled government, do not keep a tight leash on hackers and others that they train, said Lewis, whose group will hold its next round of unofficial cyber-security talks later this year.

Lewis said he was skeptical that Beijing was directing the high-value intellectual property theft or could stop it.

“They do train people and they do use proxies but that doesn’t mean that everyone is under their control,” he said.

Even if the United States could verify that China was behind malicious cyber activity and Beijing had the capacity to rein it in, negotiations toward a cyber treaty might require concessions Washington would be loathe to put on the table.

Jack Goldsmith, an international law and cyber-security expert at Harvard Law School, says China and other countries would likely demand U.S. restraint in areas such as intelligence gathering and encouraging political activists who challenge curbs on Internet freedom.

“Until the United States gets serious about which concessions that are attractive to our adversaries it is willing and able to make, American talk of a cyber-arms agreement is empty,” Goldsmith wrote recently.

via telegraphjournal.com – U.S., China face vast divide on cyber issues | Reuters – Breaking News, New Brunswick, Canada.


U.S. GOES ON THE OFFENSE CYBER ATTACKS FROM CHINA

China's Cyber Warfare campaign against the US

The military must move from defending against major cyberattacks to deterring assaults by letting enemies know the U.S. is willing to retaliate with its own virtual weapons or military force, a top general said Thursday.

The Pentagon’s new strategy for threats from computer hackers primarily deals with enhancing the defense of its computer systems and those of its military contractors. But Marine Gen. James Cartwright, vice chairman of the Joint Chiefs of Staff, said that policy is just a start. He said that over the next decade the military would move beyond building better firewalls and make clear to adversaries that they will pay a price for serious cyberattacks.

Gen. Cartwright said.

“There is no penalty to attacking us now. We have to figure out a way to change that.” 

Deputy Secretary of Defense William Lynn said the laws of armed conflict apply in cyberspace, implying that the U.S., in some cases, reserves the right to use real bullets and real bombs to retaliate for virtual attacks. The Wall Street Journal reported the military’s conclusion in May.

At the same time, a critical part of the new strategy is to improve the defenses of the military’s computer networks to ensure that cyberattackers are quickly identified and get little of benefit when they strike.

Mr. Lynn said.

“If we can minimize the impact of attacks on our operations and attribute them quickly and definitively, we may be able to change the decision calculus of an attacker.”

Cyberattacks have resulted in the theft of thousands of files from the U.S. government, allies and private industry. Each year, a volume of intellectual property exceeding the size of the Library of Congress is stolen from U.S. government and private-sector networks, the Pentagon strategy document says.

Attackers have targeted the Pentagon’s most expensive weapons system, the Joint Strike Fighter (F-35), a project led by Lockheed Martin Corp.  Lockheed was the target of a more recent cyberattack, facilitated by a breach of the computer-security firm RSA, which makes tokens for secure network connections. A hacking group called AntiSec said this week it had hacked into defense contractor and consultancy Booz Allen Hamilton and stolen 90,000 military email addresses and passwords.

The document says about its information infrastructure.

“Our reliance on cyberspace stands in stark contrast to the inadequacy of our cybersecurity. Many foreign nations are working to exploit [the Pentagon’s] unclassified and classified networks, and some foreign intelligence organizations have already acquired the capacity to disrupt elements.”

Mr. Lynn said a “foreign intelligence service” had stolen 24,000 files from a U.S. defense contractor in a March cyberattack. He provided no other details of the attack but said a weapons system may need to be at least partly redesigned as a result of the breach.

Critics said the Pentagon strategy was incomplete.

“The plan as described fails to engage on the hard issues, such as offense and attribution,” or identifying who mounted an attack, said Stewart Baker, a former general counsel at the National Security Agency.

Gen. Cartwright cautioned that the U.S. wouldn’t routinely strike at foreign state-sponsored hackers, either with cyberweapons or real-world weapons. At a roundtable sponsored by the Center for Media and Security, he said subsequent strategy documents will clarify how the laws of war apply to cyberspace and what policies should guide deterrence.

Gen. Cartwright said he hoped the Defense Department’s cyber efforts will have moved from being 90% focused on defense to 90% focused on deterrence within a decade.

If the U.S. were attacked in a way that justified a response under the laws of armed conflict, it could react in a variety of ways. Responses could begin with diplomatic efforts, then escalate into a “kinetic” attack, with real-world weapons, Gen. Cartwright said.

Some cybersecurity specialists said the strategy was a reasonable first step. “They’ve identified the right problems and the right approaches to addressing them,” said James Lewis, a cybersecurity specialist at the Center for Strategic and International Studies, who frequently advises the administration.

Rep. Jim Langevin, a Rhode Island Democrat who has pressed for enhanced cybersecurity, applauded the strategy, but said it leaves key questions unanswered, such as whether data theft alone—rather than cyberattack that disabled the power grid, for instance—could ever amount to an act of war.

COMMENTARY:   China needs to be taught a lesson.  I think it’s time for the U.S. military to send China a dose of the Stuxnet: The Virus That Shutdown Iran’s Nuclear Program.   These cyber attacks are unwarranted.  The only reason they are doing this is because they have an inferior military and their high-technology weaponry is no match for the U.S., so they are testing us just incase there is armed conflict.  It really pisses me off knowing that we trade with China, we have thousands of plants and branch offices of American companies over there, and they pull this stunt.

Thankfully, we are well prepared for cyberattacks, and we can take it as well as give it. The two organizations entrusted with the role of defending our nation against cyber attacks is the United States Cyber Command or CYBERCOM and the National Security Agency or NSA.

United States Cyber Command or CYBERCOM

In a blog article dated February 7, 2011, I wrote about the United States Cyber Command or USCYBERCOM, the multi-branch military arm of the Department of Defense entrusted with protecting the U.S. against cyber attacks.  And, we really have a lot to protect, including all of our military installations, and our land, sea and air-based defense facilities throughout the world.  A successful cyberattack on any of these installations or facilities could be just as being attacked by weapons of mass destruction.

The precise mission of USCYBERCOM is to plan, coordinate, integrate, synchronize, and conduct activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full-spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.

National Security Agency or NSA

In a blog article dated April 28, 2011, I wrote about the NSA, the super-secret intelligence agency that goes by the nickname, “No Such Agency”.  NSA’s work is limited to communications intelligence; it does not perform field or human intelligence (spying on people) activities. By law, NSA’s intelligence gathering is limited to foreign communications.  NSA has the ability to spy on any individual, organization, business or government agency (foreign or domestic) and has done so 24/7, 365.   The NSA is a cryptologic intelligence agency and specializes in “signal intelligence”or code breaking.

The NSA is directed by at least a Army lieutenant general or Navy vice-admiral.   The present Director of the NSA is U.S. Army General Keith B. Alexander.  He is also Commander, U.S. Cyber Command or CYBERCOM.    See above video.

The NSA can intercept any electronic signal, in any form, frequency or language, encrypted or non-encrypted.  They can eavesdrop on anybody, even listen to conversations through brick walls.  Yes, they even listened to Osama Bin Ladin’s satellite phone conversations when he was hiding out in Tora Bora, and they could be listening to you right now.   You can bet that the NSA is watching China’s every move, and knows what Chinese are up especially of they plan future cyberattacks.

The Chinese Response

Naturally China has denied any wrongdoing, but the official newspaper of the People’s Liberation Army said it was Beijing that was vulnerable to attack, in a news report that surveyed the Pentagon’s efforts in cyber security.

The report in the Chinese-language Liberation Army Daily concluded.

“The U.S. military is hastening to seize the commanding military heights on the Internet, and another Internet war is being pushed to a stormy peak. Their actions remind us that to protect the nation’s Internet security, we must accelerate Internet defense development and accelerate steps to make a strong Internet army.”

The article was also published on the website of China’s Ministry of Defense (http://www.mod.gov.cn).

Although it does not amount to an official government statement, the report in the military newspaper — which is closely vetted to reflect official thinking — shows how China is also focused on the issues of Internet attacks and defense.

The report said.

“Although our country has developed into an Internet great power, our Internet security defenses are still very weak. So we must accelerate development of Internet battle technology and armament. Comprehensively improve our military’s ability to defend the Internet frontiers.”

Earlier this month, U.S. Defense Secretary Robert Gates said Washington was seriously concerned about cyber-attacks and prepared to use force against any it considered acts of war.

Although it does not amount to an official government statement, the report in the military newspaper — which is closely vetted to reflect official thinking — shows how China is also focused on the issues of Internet attacks and defense.

China’s military has set up an elite Internet security task force tasked with fending off cyber attacks, state media reported May 27, denying that the initiative is intended to create a “hacker army.”

The People’s Liberation Army has reportedly invested tens of millions of dollars in the project, which is sure to ring alarm bells around the world among governments and businesses wary of Beijing’s intentions.

Ministry spokesperson Geng Yansheng of the People's Liberation Army announces formation of a Blue Cyber Team

The Global Times quoted China’s defense ministry spokesman Geng Yansheng as telling a rare briefing this week.

“Cyber attacks have become an international problem affecting both civilian and military areas.  China is relatively weak in cyber-security and has often been targeted. This temporary program is aimed at improving our defenses against such attacks.”

The 30-member “Cyber Blue Team” – the core of the PLA’s cyber force – has been organized under the Guangdong military command in the country’s south and will carry out “cyber-warfare drills”, the newspaper said.

Brainstorming China's Cyber Capabilities -- Defense and Offense

The Cyber Blue Team  is based in Jinan, China where there are 12 Universities and a high tech zone and boast 6 million people. It’s also the headquarter of the PLA. The squad is aimed at carrying out attacks on other countries Internet.

China's Blue Cyber Team busy hacking computer systems throughout the world

Li Li, a military expert at the National Defense University said,

“China’s Online Blue Army is currently at its fledging period.”  

Zhang Shaozhong, a military expert from the PLA adds.

“Just like the army and air forces, the ‘online blue army’  is a historical necessity.”

The reason is very simple. Teng Jianqun, a research fellow at the China Institute of International Studies, said.

“We must adapt to the new types of warfare in the information era. The ‘online blue army’ is of great strategic significance to China’s economic development and social stability.” 

The United States, Australia, Germany and other Western nations have long alleged that hackers inside China are carrying out a wide-range of cyberattacks on government and corporate computer systems worldwide.

But in a commentary, the Global Times hit out at “some foreign media” for interpreting the program as a breeding ground for a “hacker army” said.

“China’s capability is often exaggerated. Without substantiated evidence, it is often depicted by overseas media as the culprit for cyberattacks on the US and Europe. China needs to develop its strong cyber defense strength. Otherwise, it would remain at the mercy of others.”

China’s military has received annual double-digit increases in its budget over much of the last two decades as it tries to develop a more modern force capable of winning increasingly high-tech wars.

In 2007, the Pentagon raised concerns about a successful Chinese ballistic missile test strike on a satellite. That weapon could be used to knock out the high-tech communications of its enemies.

U.S. computer firm McAfee said in February that hackers from China have also infiltrated the computer networks of global oil companies and stole financial documents on bidding plans and other confidential information.

According to US diplomatic cables obtained and published by WikiLeaks, the United States believes that China’s leadership has directed hacking campaigns against U.S. Internet giant Google and Western governments.

In one cable, the U.S. Embassy in Beijing said it learned from “a Chinese contact” that the Politburo had led years of hacking into computers of the United States, its allies and Tibet’s exiled spiritual leader, the Dalai Lama.

Chinese Hacking Groups

The Chinese were ahead of the game in connecting not only with the People’s Liberation Army, but also the nascent hacker communities in their country. Using a combination of leveraging companies like Huawei to tap into their technical staff and the patriotism on the part of the PLA and the hacker communities, China has forged a solid directorate for electronic warfare and espionage.

  • The Chinese Military (PLA) —–> Leverage many corporations that the military actually has majority stock in to gain access to technology and assets.
  • The Chinese Hacker Community —-> Sell and work for the PLA creating 0day and performing hacks for money as well as patriotism.  (NOTE: See the video below)
  • Chinese Corporations —-> Often used as cutouts to gain access economically and intelligence wise to assets in other countries

Often, the corporations, which are many times, sponsored or majority owned by the PLA are the training grounds and the operative section for soft power operations for China. By using financial deals and alliances, China often attempts to gain the upper hand by having asset connections inside of companies that they wish to affect or to steal from. No longer is it needed to install spies within when the company is partially owned or has access granted because they are working “together”

It is the Chinese hacking community that is of most interest to many in my field however. Many of these people are still in universities and are often times motivated by their nationalistic tendencies ostensibly. Some of these groups have become actual companies producing security software or offering security services.

Of course they are still likely to be assets for the PLA and probably the tip of the spear operators for China in operations. The reason for this simply would be that they are expendable in the sense of hacking as a nation state would cause international issues. Hacking as a hacking group though could be seen as their own initiative and they could be burned without losing face.

Within this amalgam of groups we then see the attack “teams” who crack the systems, then other teams perform recon, and still others, keep the access open and retrieve dataAll in all, they have a slick operation and we would be wise to pay attention to how they operate.

Cyber warfare is not just a political and military problem between nations, but there is a huge network of individual hackers and hacking communities who hack computer systems throughout the world out of nationalistic pride because they believe the governments in those countries represent a threat to their country.  Other groups are social and political activists who are anti-corporate and anti-government, and this is their way at fighting back, creating chaos and effecting political and social change.

To get a clearer picture at just how vast the Chinese hacking community is, I highly recommend The Dark Visitor blog.

Courtesy of an article dated July 15, 2011 appearing in The Wall Street Journal  and an article dated May 27, 2011 appearing in Defense News and an article dated July 8, 2011 appearing in the China Cyber Warfare Blog an article dated April 21, 2011 appearing inInfosec Island, and an article dated May 26, 2011 appearing in Radio86.com

Red More – U.S. GOES ON THE OFFENSE TO DETER CYBER ATTACKS FROM CHINA AND OTHER ENEMIES DETERMINED TO ATTACK US THROUGH CYBERSPACE – PBT Consulting.


Rogue State Stole 24,000 Pentagon Files with Sensitive Data in March – International Business Times

China Cyber TIMELINE   Chronology IF you look under the March 2011 you will see what was going on in cyberspace as to China -2011 timeline Only.

In one of the most blatant cyber attacks carried out against the United States by a foreign government, as many as 24,000 Pentagon files were stolen in March, US Deputy Secretary of Defense revealed on Thursday

via Rogue State Stole 24,000 Pentagon Files with Sensitive Data in March – International Business Times.


Pentagon discloses largest-ever cyber theft – Technology & science – Security – msnbc.com

WASHINGTON — The Pentagon on Thursday revealed that in the spring it suffered one of its largest losses ever of sensitive data in a cyber attack by a foreign government. It’s a dramatic example of why the military is pursuing a new strategy emphasizing deeper defenses of its computer networks, collaboration with private industry and new steps to stop “malicious insiders.”

William Lynn, the deputy secretary of defense, said in a speech outlining the strategy that 24,000 files containing Pentagon data were stolen from a defense industry computer network in a single intrusion in March. He offered no details about what was taken but said the Pentagon believes the attacker was a foreign government. He didn’t say which nation.

“We have a pretty good idea” who did it, Lynn said in an interview before the speech. He would not elaborate.

Many cyber attacks in the past have been blamed on China or Russia. One of the Pentagon’s fears is that eventually a terrorist group, with less at stake than a foreign government, will acquire the ability to not only penetrate U.S. computer networks to steal data but to attack them in ways that damage U.S. defenses or even cause deaths.

In his speech at the National Defense University, Lynn said that sophisticated computer capabilities reside almost exclusively in nation-states, and that U.S. military power is a strong deterrent against overtly destructive cyber attacks. Terrorist groups and rogue states, he said, are a different problem and harder to deter.

“If a terrorist group gains disruptive or destructive cyber tools, we have to assume they will strike with little hesitation,” he said.

The Pentagon has long worried about the vulnerability of its computer systems. The concern has grown as the military becomes more dependent not only on its own computers but also on those of its defense contractors, including providers of the fuel, electricity and other resources that keep the military operating globally.

At his Senate confirmation hearing last month, new Defense Secretary Leon Panetta cited “a strong likelihood that the next Pearl Harbor” could well be a cyber attack that cripples the U.S. power grid and financial and government systems. He said last weekend that cyber security will be one of the main focuses of his tenure at the Pentagon.

“For the Department of Defense, our networks are really our lifeblood,” Marine Gen. James Cartwright, vice chairman of the Joint Chiefs of Staff, told reporters in an interview prior to Lynn’s release of the new strategy.

As shown by the March attack on a defense industry computer network that contained sensitive defense data, the military’s vulnerability extends beyond its own computers. In a new pilot program, the Pentagon is sharing classified threat intelligence with a handful of companies to help them identify and block malicious activity.

Lynn said intrusions in the last few years have compromised some of the Pentagon’s most sensitive systems, including surveillance technologies and satellite communications systems. Penetrations of defense industry networks have targeted a wide swath of military hardware, including missile tracking systems and drone aircraft, he said.

In Cartwright’s view, a largely defensive approach to the problem is inadequate. He said the Pentagon currently is focused 90 percent on defensive measures and 10 percent on offense; the balance should be the reverse, he said. For the federal government as a whole, a 50-50 split would be about right, Cartwright argued.

“If it’s OK to attack me and I’m not going to do anything other than improve my defenses every time you attack me, it’s difficult” to stop that cycle, Cartwright said. He added that a number of complex legal and cultural issues need to be sorted out before the Pentagon can devise a comprehensive offensive strategy.

Earlier this year, President Barack Obama signed executive orders that lay out how far military commanders around the globe can go in using cyber attacks and other computer-based operations against enemies and as part of routine espionage. The orders detail when the military must seek presidential approval for a specific cyber attack on an enemy, defense officials and cyber security experts told the AP.

The strategy unveiled by Lynn is oriented toward defensive rather than offensive measures. It calls for developing more resilient computer networks so the military can continue to operate if critical systems are breached or taken down. It also says the Pentagon must improve its workers’ cyber “hygiene” to keep viruses and other intrusions at bay. And it calls for fuller collaboration with other federal agencies, companies and foreign allies.

The strategy also is focused on insider threats. Without citing specifics, it says it will try to deter “malicious insiders” by “shaping behaviors and attitudes through the imposition of higher costs for malicious activity.”

Stewart Baker, a former assistant secretary at the Department of Homeland Security, called the plan thoughtful but lacking in some aspects.

“It’s an incomplete description of a defensive strategy,” he said. “If the Pentagon announced that our nuclear warfare strategy centered on fallout shelters, we’d all hope that they had a real strategy that was better than that.

via Pentagon discloses largest-ever cyber theft – Technology & science – Security – msnbc.com.


Chinese Cyber Blue Team is Here to Stay | China’s economic development and social stability

The Chinese PLA (Peoples Liberation Army) now has a cyber “Blue Team” that can use cyber space as the new frontier for warfare.

uscyberlabs.com

The US and China defense policies are changing. The (Cyber Blue Team, 2011) is based in Jinan, China where there are 12 Universities and a high tech zone and boast 6 million people. It’s also the headquarter of the PLA. The squad is aimed at carrying out attacks on other countries Internet. (Li Li, 2011), a military expert at the National Defense University said, “China’s Online Blue Army is currently at its fledging period.  (Zhang Shaozhong, 2011), a military expert from the PLA said, “Just like the army and air forces, the ‘online blue army’ is a historical necessity. The reason is very simple. “We must adapt to the new types of warfare in the information era. The ‘online blue army’ is of great strategic significance to China’s economic development and social stability,” Teng Jianqun, a research fellow at the China Institute of International Studies, said.

The Internet has the potential to transform Chinese  (Jones E-Library, 2011) society and politics. Cyber Space is the next front lines for military operations.

Consider the US (US cyber attack Iraq, 2003) prior to invasion the US froze Saddam Hussein’s bank account and disable the country’s financial and communication system before a shot was ever fired. Cyber Warfare is a first strike capabilities weapon and it can be a deterrent if used wisely. China wants’ to be able to do the things it’s cyber brothers can do and who could blame them. The truth be told China has a bad cyber infrastructure and we are hacking them all the time. DHS (disclosed china secrets, 2011) the US told the world that China had some major security holes. Now the whole hacking communities (lulzsec and anonymous) know about China’s problems. This is a shot at the bow of the Chinese government to stop hacking the US or we are going to hack you.

It is a fact that Russia and others are quietly going about cyber intelligence and espionage but they are good so nobody hears about them but they are out there. When China get’s it’s Cyber Blue Team going strong we will not hear a sound about China then the Cyber warfare has really started and there is no way back. The Internet is here to stay and to government like China this an essential weapon to be a world player in cyber space.

later,

gatomalo_at_USCyberLabs_dot_com