WASHINGTON — Hours after Russian President Vladimir Putin claimed his military has successfully tested a hypersonic cruise missile, the head of the Pentagon’s high-tech workshop says the U.S. is on track for a series of hypersonic prototype tests in the coming years, thanks to a big spending increase in the fiscal year 2019 budget request.
Even with that funding boost, Steven Walker, the director of the Pentagon’s DARPA, warned that it is time for America to come to grips with the fact that a national push is needed if the U.S. is to keep pace with competitors in the hypersonic realm.
Hypersonic flight — going Mach 5, or five times the speed of sound — has been a dream of military planners for years, for obvious reasons. Any weapon system able to move that quickly would be able to avoid conventional missile and air defenses, and would have benefits both for manned or unmanned systems.
The X-51A Waverider, a U.S. Air Force test program, has successfully shown hypersonic flight is possible. But Russia may have passed the U.S. in this crucial technology. (U.S. Air Force graphic)
“We have lost our technical advantage in hypersonics,” Selva said Jan. 30 at an event hosted by the Defense Writers’ Group. “We haven’t lost the hypersonics fight.”
Whereas both those nations threw a ton of money at developing a specific capability, the U.S. has invested to “come up with a family of hypersonic systems that work without necessarily trying to close all the technology pieces at the front end,” Selva said. “We’re going to start flying these systems in 2019, you’ll see lots of flight tests, and we’re excited that these will be systems that will be very capable that we can use from standoff” range, Walker said. “These are not going to be just flying propulsion concepts through the air.” More here.
***
Michael D. Griffin, the undersecretary of defense for research and engineering, today spoke to more than 500 senior leaders from the U.S. government and defense industry to explore the impact of integrating directed energy capabilities into the national security enterprise at the 2018 Directed Energy Summit at the Ronald Reagan Building and International Trade Center here.
Directed energy weapon systems employ lasers, microwaves and particle beams against enemy targets.
Griffin has been in this arena since the 1980s and worked for the first three directors of the original missile defense agency.
“Directed energy was then in our view an important part of our future portfolio because only directed energy could offer the kind of extended magazine, if you will, the extended range, speed of light delivery of the kill,” Griffin said. “It was the only way that in the long run you could see yourself competing with the threat and coming out on top.”
Directed energy has gone through a lot of evolutions over the years, Griffin added.
Superpower Competition
Griffin said there’s a recognition that superpower competition is again on the rise, and the United States must modernize its military if it wants to maintain its position of global preeminence.
“We will not win in a man-to-man fight,” Griffin said. “We have to have the technological leverage. That realization was responsible for the creation of my office, to elevate the role of technology maturation and deployment and I believe it is responsible for the renewed interest in directed energy weapons.”
And, directed energy is more than big lasers, the undersecretary said.
The undersecretary asked his audience to consider directed energy systems such as high-power microwaves, different laser designs and particle beam weapons.
“Each of these systems has its own advantages and each has its own disadvantages,” he said. “We should not lose our way as we come out of the slough of despondence in directed energy into an environment that is more welcoming of our contributions. We should not lose our way with some of the other technologies that were pioneered in the ’80s and early-’90s and now stand available for renewed effort.”
In his capacity as undersecretary for research and engineering, Griffin said he is going to be very welcoming of other approaches that may not have had a lot of focus in recent years or decades.
Directed Energy Venues
There are four venues, he said, in which directed energy can serve: land, air, sea and space.
He urged the audience to not forget that because the technologies are fundamental and can be applied across those domains, all of which are important to them.
The basing strategies, the warfighting tactics, techniques, procedures, the logistics support requirements, the manpower that is needed for support, all of these things are different and are required to be different because of the different venues in which they will have to operate, he added. More here.
Assassinations of Russians, a Trend or Long Game?
A registry of foreign agents to Russia, compiled by the Justice Department, includes many of Washington’s most powerful legal, communications and lobbying firms, including Sidley Austin, Venable, APCO and White & Case. A review of those records, by the Center for Responsive Politics, found 279 registrations of Russian agents in the United States. More here.
***
“Putin’s inner circle is already subject to personal U.S. sanctions, imposed over Russia’s 2014 annexation of Ukraine’s’ Crimea region,” the Reuters news agency points out. … “But the so-called ‘oligarchs’ list’ that was released on Tuesday … covers many
people beyond Putin’s circle and reaches deep into Russia’s business elite.”
Prime Minister Dmitry Medvedev is among the 114 senior political figures in Russia’s government who made the list, along with 42 of Putin’s aides, Cabinet ministers such as Foreign Minister Sergey Lavrov, and top officials in Russia’s leading spy agencies, the FSB and GRU. The CEOs of major state-owned companies, including energy giant Rosneft and Sberbank, are also on the list.
So are 96 wealthy Russians deemed “oligarchs” by the Treasury Department, which said each is believed to have assets totaling $1 billion or more. Some are the most famous of wealthy Russians, among them tycoons Roman Abramovich and Mikhail Prokhorov, who challenged Putin in the 2012 election. Aluminum magnate Oleg Deripaska, a figure in the Russia investigation over his ties to former Trump campaign chairman Paul Manafort, is included.
Russian Deputy Prime Minister Arkady Dvorkovich dismissed the list as simply a “who’s who” of Russian politics. He told Russian news agencies Tuesday he wasn’t surprised to find his name on the list, too, saying that it “looks like a ‘who’s who’ book.” Dvorkovich stopped short of saying how Russia would react to it, saying the Kremlin would “monitor the situation.” More here.
*** So when there are murder cases of Russian asylees in Britain, what are the agencies in the United States thinking?
Well there was Mikhail Lesin, a former friend of Putin found dead in his hotel in Dupont Circle, Washington DC. Then there was Operation Ghost Stories, the massive spy swap.
Imagine what the context and case reference is for the FBI when it comes to Russian operations in the United States and in allied countries.Or how many planes have been shot out of the sky where clues and evidence point to Russia? More explained in video below.
Beyond the attempted assassination of Skripal and his daughter in Salisbury two weeks ago, there was yet another confirmed death.
Whoever is behind the murder of a prominent Russian exile, who believed he was on a Kremlin hit list, managed to get inside his home without breaking in, police believe.
Nikolai Glushkov, 68, was found dead at home last week at his home in southwest London, and officers are now hunting for the culprits. His official cause of death is “compression to the neck.”
Before his death, Glushkov warned that a close friend of his had been murdered, and that he would be next.
In a Monday morning update on the investigation, the Metropolitan Police said they examined Glushkov’s house and found no signs of forced entry.
*** How bad is this trend?
Genocide of White Farmers in S. Africa
A White Farmer Is Killed Every Five Days in South Africa and Authorities Do Nothing about It, Activists Say
*** The world is silent on this….question is why?
In 2017:
The couple, who had lived in the area for 20 years, were tied up, stabbed, and tortured with a blowtorch for several hours. The masked men stuffed a plastic bag down Mrs Howarth’s throat, and attempted to strangle her husband with a bag around his neck.
The couple were bundled into their own truck, still in their pyjamas, and driven to a roadside where they were shot. Mrs Howarth, 64, a former pharmaceutical company executive, was shot twice in the head. Mr Lynn, 66, was shot in the neck.
Miraculously he survived, and managed to flag down a passer-by early on Sunday morning. Mrs Howarth, who police said was “unrecognisable” from her injuries, had multiple skull fractures, gunshot wounds and “horrific” burns to her breasts.
“Sue was discovered amongst some trees, lying in a ditch,” writes Jana Boshoff, reporter for the local Middelburg Observer newspaper. “Her rescuers managed to find her by following her groans of pain and then noticing drag marks from the road into the field.
In any other country, such a crime would be almost unthinkable. But in South Africa, these kinds of farm attacks are happening nearly every day. This year so far, there have been more than 70 attacks and around 25 murders in similar attacks on white farmers.
Earlier this month, for example, 64-year-old Nicci Simpson was tortured with a power drill during an attack involving three men at her home on a farm in the Vaal area, about two hours drive from Johannesburg.
When paramedics arrived, they found three dead dogs, and the woman lying in a pool of blood, spokesman Russel Meiring told News24. “They used a drill to torture her,” police spokesman Lungelo Dlamini said.
Citigroup Pentagon Payment Portal 1.3 Million Weekend Hack Attempts
There are 47 pages of regulations for Department of Defense personnel using Citigroup credit cards while traveling.
Pentagon confirms hack attempt against Defense Department credit card holders
- The Pentagon on Thursday confirmed that there was a hacking attempt against an online financial services portal that Citigroup manages for the Defense Department.
- Citigroup had told CNBC that a “malicious actor” attempted to gain access to several Citi credit card accounts tied to the Department of Defense.
- The attack, which included 1.3 million attempts, occurred over this past weekend.
The Pentagon on Thursday confirmed that there was a hacking attempt this past weekend against an online financial services portal that Citigroup manages for Defense Department credit card holders.
The confirmation comes a day after Citigroup told CNBC that a “malicious actor” attempted to gain access to information for Pentagon-linked credit card accounts.
The bank had responded to CNBC’s inquiry regarding an attempted hack this past weekend. The Pentagon, citing information from Citigroup, confirmed to CNBC on Thursday that there was an attack over the weekend of March 10.
The bank told the Defense Department that the attack came from a computer system that was randomly guessing cardholder account usernames and passwords.
The program hit Citigroup’s Pentagon online account application more than 1.3 million times. The hackers did successfully guess 318 Pentagon cardholders’ usernames and passwords, but they did not get past a secondary layer of account authentication.
“No data compromise occurred,” Citi told the Pentagon.
Citi provides financial services for the Government Travel Charge Card, or GTCC, which is used by Department of Defense personnel to pay for authorized expenses when on official travel.
CitiManager is the online portal used by the Defense Department to view statements online, make payments and confirm account balances.
The Pentagon’s Defense Travel Management Office oversees the processing of the GTCC.
*** Back in 2016, there was a hacker contest held by the Pentagon under Secretary Ash Carter….guess they missed that payment portal vulnerability possibility.
When the Pentagon announced the “Hack the Pentagon” event back in March, many wondered what kinds of vulnerabilities hackers would find when checking government websites for bugs. Now we know.
According to Defense Secretary Ash Carter, more than 250 participants out of the 1,400 submitted at least one vulnerability report, with 138 of those vulnerabilities determined to be “legitimate, unique and eligible for a bounty,” he said. The bounties ranged per person from $100 to around $15,000 if someone submitted multiple bugs.
The pilot program, which ran from April 18 to May 12, cost about $150,000, with around half of that going to participants. The results were released on Friday, according to the Department of Defense’s website.
“Hack the Pentagon” was deemed a cost-effective way to scour five of the US defense departments’ websites (defense.gov, dodlive.mil, dvidshub.net, myafn.net and dimoc.mil, according to a DoD spokesman) for security bugs. Instead of going to outside security firms, which would’ve cost upwards of $1 million, the government instead recruited amateur hackers to do it for much less, some who were only in high school.
In addition to reporting on the number of bugs, Carter also said that the government has worked with HackerOne, a bug bounty platform, to fix the vulnerabilities and that the department has “built stronger bridges to innovative citizens who want to make a difference to our defense mission.” Carter wants the “bug bounty” program to extend to other areas of the government and wants to ensure that hackers and researchers can report bugs without a dedicated program.
“When it comes to information and technology, the defense establishment usually relies on closed systems,” he said. “But the more friendly eyes we have on some of our systems and websites, the more gaps we can find, the more vulnerabilities we can fix, and the greater security we can provide to our warfighters.”
Many website already have bug bounty programs in place, but it was the first time the federal government had come up with such a program. It’s good experience for young hackers and security fiends who want to try and hack a government agency, although that’s a small amount of money for their time.
4 Days of Food Left…Panic? National Grid Hacked
If there is no transportation, there is no food, medicine or basic supplies….what country is ready to deal with this?
British cities would be uninhabitable within days and the country is only a few meals from anarchy if the National Grid was taken down in a cyber attack or solar storm, disaster and security experts have warned.
Modern life is so reliant on electricity that a prolonged blackout would quickly lead to a loss of water, fuel, banking, transport and communications that would leave the country “in the Stone Age”.
The warning comes weeks after the Defence Secretary, Gavin Williamson, said Russia had been spying on the UK’s energy infrastructure and could cause “thousands and thousands and thousands” of deaths if it crippled the power supply.
***
The U.S. government has just released an important cybersecurity alert that confirms Russian government cyberattacks targeting energy and other critical infrastructure sectors in the United States.
While there has recently been a significant rise in cyberattacks in these industries, up to now we’ve only been able to speculate on who the actors are, or what their motives may be. In this case the threat actor and their strategic intent has been clearly confirmed, something the U.S. government rarely does publicly.
In addition, the US-CERT alert provides descriptions of each stage of the attack, detailed indicators of compromise (IOCs), and a long list of detection and prevention measures. Many of the attack tactics are like Dragonfly 2.0, so much so that one might call this an expanded playbook for Dragonfly. The Nozomi Networks solution ships today with an analysis toolkit that identifies the presence of Dragonfly 2.0 IOCs.
This article is intended to help you gain perspective on this recent alert, provide additional guidance on what security measures to take, and describe how the Nozomi Networks solution can help.
Multi-Stage Campaigns Provide Opportunities for Early Detection
The US-CERT alert characterizes this attack as a multi-stage cyber intrusion campaign where Russian cyber actors conducted spear phishing and gained remote access into targeted industrial networks. After obtaining access, the threat vectors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).
This pattern of behavior is typical of APTs (Advanced Persistent Threats). APTs occur over an extended period, meaning there is an opportunity to detect and stop them before damage is done. With the right technology monitoring the industrial network, it is much harder for them to go unobserved before their final attack.
In this case the Russian cyberattacks started by infecting staging targets, which are peripheral organizations, such as trusted third-party suppliers, as pivot points for attacking the final intended targets.
The attackers used a multitude of tactics involving information relevant to industrial control professionals for initial infection of the staging targets. Examples include:
- Altering trade publication websites
- Sending emails containing resumes for ICS personnel as infected Microsoft Word attachments
- Analyzing publicly available photos that inadvertently contained information about industrial systems
The credentials of staging targets’ staff were in turn used to send spear phishing emails to the staff of the intended targets. They received malicious .docx files, which communicated with a command and control (C2) server to steal their credentials.
The SMB (Server Message Block) network protocol was used throughout the spear phishing phases to communicate with external servers, as was described for the Dragonfly 2.0 attacks.This is a distinctive tactic. SMB is usually only used to communicate within LANs, not for outbound communications. Now that this is known, asset owners should ensure their firewalls are locked down for outbound service restrictions.
The credentials of the intended targets were used to access victim’s networks. From there, the malware established multiple local administrator accounts, each with a specific purpose. The goals ranged from creation of additional accounts to cleanup activity. For the report, click here.
***
What Is Known
Forensic analysis shows that the threat actors sought information on network and organizational design and control system capabilities within the organization. In one instance, the report says, the threat actors downloaded a small photo from a publicly accessible human resource page, which, when expanded, was a high-resolution photo that displayed control systems equipment models and status information in the background. The threat actors also compromised third-party suppliers to download source code for several intended targets’ websites. They also attempted to remotely access corporate web-based email and virtual private network (VPN) connections.
Once inside the intended target’s network, the threat actors used privileged credentials to access domain controllers via remote desktop protocols (RDP) and then used the batch scripts to enumerate hosts and users, as well as to capture screenshots of systems across the network.
Along with publishing an extensive list of indicators of compromise, the DHS and FBI recommended that network administrators review IP addresses, domain names, file hashes, network signatures, and a consolidated set of YARA rules for malware associated with the intrusion authored by the National Cybersecurity and Communications Integration Center. YARA is an open-source and multiplatform tool that provides a mechanism to exploit code similarities between malware samples within a family.