Category Archives: China aggression

China Hacked the FDIC, will Trump Sanction?

Posted on by

Beyond not trusting Russia, the same holds true for Iran. But then there is China. Trump should never allow China to take the lead in handling North Korea. Anyway, back to hacking and covert hegemony in Latin America.

Related reading:

Problems uncovered after employees walk off job with thousands of SSNs on flash drives.

Image result for china hacked fdic

China hacked FDIC, US officials covered it up, report says

China’s spies hacked into computers at the Federal Deposit Insurance Corporation from 2010 until 2013 — and American government officials tried to cover it up, according to a Congressional report.

The House of Representative’s Science, Space and Technology Committee released its investigative report on Wednesday.

It presents the FDIC’s bank regulators as technologically inept — and deceitful.

According to congressional investigators, the Chinese government hacked into 12 computers and 10 backroom servers at the FDIC, including the incredibly sensitive personal computers of the agency’s top officials: the FDIC chairman, his chief of staff, and the general counsel.

When congressional investigators tried to review the FDIC’s cybersecurity policy, the agency hid the hack, according to the report.

Investigators cited several insiders who knew about how the agency responded. For example, one of the FDIC’s top lawyers told employees not to discuss the hacks via email — so the emails wouldn’t become official government records.

FDIC Chairman Martin Gruenberg is being summoned before the Congressional committee on Thursday to explain what happened.

The FDIC refused to comment. However, in a recent internal review, the agency admits that it “did not accurately portray the extent of risk” to Congress and recordkeeping “needs improvement.” The FDIC claims it’s now updating its policies.

Given the FDIC’s role as a national banking regulator, the revelation of this hack poses serious concern.

The FDIC’s role is to monitor any bank that isn’t reviewed by the Federal Reserve system. It has access to extremely sensitive, internal information at 4,500 banks and savings institutions.

The FDIC also insures deposits at banks nationwide, giving it access to huge loads of information on Americans.

“Obviously it’s indicative of the Chinese effort to database as much information as possible about Americans. FDIC information is right in line with the deep personal information they’ve gone for in the past,” said computer security researcher Ryan Duff. He’s a former member of U.S. Cyber Command, the American military’s hacking unit.

“Intentionally avoiding audits sounds unethical if not illegal,” he added.

Congressional investigators discovered the hacks after finding a 2013 memo from the FDIC’s own inspector general to the agency’s chairman, which detailed the hack and criticized the agency for “violating its own policies and for failing to alert appropriate authorities.”

The report also says this culture of secrecy led the FDIC’s chief information officer, Russ Pittman, to mislead auditors. One whistleblower, whose identity is not revealed in the report, claimed that Pittman “instructed employees not to discuss… this foreign government penetration of the FDIC’s network” to avoid ruining Gruenberg’s confirmation by the U.S. Senate in March 2012.

David Kennedy, a computer security expert and former analyst at the NSA spy agency, worries that federal agencies are repeatedly hiding hacks “under the blanket of national security.”

“With such a high profile breach and hitting the top levels of the FDIC, it’s crazy to me to think that this type of information wasn’t publicly released. We need to be deeply concerned around the disclosure process around our federal government,” said Kennedy, who now runs the cybersecurity firm TrustedSec.

This same committee, led by Republican Congressman Lamar Smith of Texas, has previously criticized the FDIC for minimizing data breaches.

Several cybersecurity experts — who have extensive experience guarding government computers — expressed dismay at the alleged cover-up.

“It’s incumbent upon our policymakers to know about these data breaches so we can properly evaluate our defenses. Trying to hide successful intrusions only makes it easier for the next hacker to get in,” said Dan Guido, who runs the cybersecurity firm Trail of Bits.

Image result for china in latin america

***  China’s Great Leap Into Latin America

U.S. President Donald Trump’s opposition to the North American Free Trade Agreement and his withdrawal from the Trans-Pacific Partnership have led some critics to claim that the United States is turning its back to regional trading partners, and that Trump is thus freeing up China to make inroads into Latin America. But China’s presence in the Western Hemisphere is already well-established, having predated Trump’s election by almost 20 years. Beijing’s involvement in the region is subject to the ebb and flow of the region’s economic and political changes, but it stems from the needs both of China and corresponding Latin American capitals.

But if China’s position has long since become a fixture in the hemisphere, it is equally true that U.S. policymakers have been remarkably complacent over the years as the growing Chinese presence has necessarily impacted not only the region, but U.S. political, economic, and security interests. That needs to change.

China’s interest in Latin America is both economic and strategic.  It was the accelerating Chinese economy’s voracious appetite for raw materials that keyed its entry to the region, a land of plenty when it comes to natural resources. Iron, soybeans, copper, and oil make up the bulk of Chinese imports from the region. In turn, securing access to Latin American markets for the export of Chinese manufactured products became a priority as well.

Image result for china in latin america

Economic Push

The numbers are staggering. China joined the World Trade Organization in 2001, and its bilateral trade with Latin America and the Caribbean has since skyrocketed, from $15 billion in 2001 to $288.9 billion in 2013 — an increase of almost 2000 percent. That number now represents 6 percent of China’s total foreign trade, an increase from 2.7 percent in 2000. (Some 13 percent of Latin America’s trade is now done with China, up from negligible levels in 2000.)

In the past decade, China’s two biggest development banks have provided $125 billion to Latin America — more than the combined total lending of the World Bank and the Inter-American Development Bank. China is now Latin America’s largest creditor. In addition, between 2000 and 2015, Chinese leaders visited the region more than 30 times.

Last November, Chinese President Xi Jinping made his third trip to the region since 2013, announcing a plan to double bilateral trade and to increase investment stock value by 150 percent over the next decade.

Not Just Economics

China also has significant geopolitical interests. It wants to project power and influence in an area long considered to be within the U.S. sphere of influence — no doubt a response to what Beijing considers U.S. efforts to contain and encircle China in Asia by cultivating allied and friendly governments.

Critical to China’s aspirations as a growing global power as well is what it calls global governance reform. In translation, that means Beijing uses its growing trade and financial might to challenge the architecture of the U.S.-dominated post-World War II order and alter it along lines more favorable to China. Beijing sees developing its own alliances through trade and loans as an important way to counterbalance U.S. influence and to secure support in multilateral forums on such important issues to Beijing as human rights, climate change, and economic governance.

It bears noting that China considers its principal regional economic and political interlocutor to be the Community of Latin America and Caribbean States, an organization established by the late Venezuelan firebrand Hugo Chavez that purposefully excludes the United States and Canada.

Finally, it is no coincidence that of the 22 countries that diplomatically recognize Taiwan, 12 are in Latin America and the Caribbean. China wants specifically to erode this support for Taipei. As a Chinese white paper on Latin America and the Caribbean in 2008 put it succinctly, “the One China principle is the political basis for the establishment and development of relations between China and Latin America.”

Changing Times

Chinese demand for commodities keyed its entry into the region and helped produce one of Latin America’s fastest periods of growth in decades, but the times are changing. Lackluster global economic growth and the cooling Chinese economy (which has contributed to the end of the global commodity boom) have resulted in a drop in Chinese imports from and exports to Latin America in recent years. Indeed, over the past year regional revenues from commodity exports to China dropped some 40 percent.

Latin America is also changing politically. China’s initial push into the Western Hemisphere was facilitated by the rise to power of a host of leftist populist governments — a phenomenon collectively referred to as the Pink Tide. Many leaders, foremost among them Venezuela’s Hugo Chavez, were determined to distance themselves from the United States and from institutions perceived to be allied with Washington. These leaders were happy to align themselves with China, which adheres to a supposed policy of non-interference in countries’ internal affairs. That equally suited a number of Latin American governments, which proceeded to undermine democratic institutions and the rights of their citizens.

However, with the bust in oil prices and other commodities exposing the economic dysfunction of the populist model, frustrated voters are shifting their support to more pragmatic, market-friendly governments. These governments can be expected to operate in a more sober and transparent manner, and to be more respectful of democratic institutions, eschewing the opaque, behind-the-scenes deals that China previously thrived on. With less opportunity to present itself as the buyer or lender of last resort, China will find itself needing to adapt to a more challenging and competitive environment.

Beijing seems to be adjusting well: China’s evolving economic strategy is now one of diversification, with an emphasis less on traditional industries such as mining and energy extraction and more on sectors such as infrastructure (including energy, airports, seaports, and roads), construction, telecommunications, manufacturing, finance, agriculture, tourism, and even the space sector.

Implications for the United States

China’s authoritarianism, global designs, and disregard for international norms and practices raise serious questions about the impact of its engagement in the Western Hemisphere on the promotion of democracy, human rights, and the rule of law. In recent congressional testimony, U.S. Southern Commander Adm. Kurt Tidd put it like this:

For Russia, China, and Iran, Latin America is not an afterthought. These global actors view the Latin American economic, political, and security arena as an opportunity to achieve their respective long-term objectives and advance interests that may be incompatible with ours and those of our partners. Their vision for an alternative international order poses a challenge to every nation that values non-aggression, rule of law, and respect for human rights — the very same principles that underlie the Inter-American system of peace and cooperation. Some of what they’re doing — while not a direct military threat — does warrant examination. Even seemingly benign activities can be used to build malign influence.

This was certainly evident in recent years, with China providing anti-American governments with an alternative source of trade, investment, and finance outside conventional institutions that ordinarily require some conditionalities on good governance, transparency, anti-corruption efforts, human rights, and the rule of law.  In some cases, it didn’t create major problems. In others, such as Venezuela ($65 billion in Chinese loans) and Ecuador ($11 billion), Beijing bankrolled authoritarianism and human rights abuses, undercutting U.S. efforts to promote its policy agenda in the Americas and setting the stage for the chaos now underway in Venezuela.

Yet it is not as though the United States can block or impede Chinese trade and investment in the hemisphere. It is also important to keep things in perspective: U.S. trade with Latin America is still three times larger than China’s. Nor can China match our proximity, cultural and familial ties, and long shared history. The best response therefore to the Chinese presence in the Western Hemisphere is to do what the United States does best: compete.

The situation is best approached as a strategic competition in which the United States employs its comparative advantages and the above described strengths to secure its role as the preferred partner of choice for our Latin American neighbors. China may have the cash advantage, but it cannot compete with the United States in terms of the aforementioned, nor in the agreements shared throughout the Western Hemisphere on rules-based behavior, transparency, and a belief in economic opportunity, strong institutions, and the rule of law. The United States also boasts a 50-year record of promoting sustainable long-term regional development and humanitarian projects, a commitment to corporate social responsibility,  and — not to put too fine a point on it — laws that prohibit bribery and other corrupt practices that often undermine the public’s faith in their systems.

This is in contrast to the Chinese presence, where cultural differences, radically divergent value systems, and different ways of doing business often impair mutual understanding and trust. China also has a poor record on human rights, anti-corruption practices, and environmental and labor conventions. (In many cases, Chinese construction companies import Chinese workers, spurring local resentments over lost employment opportunities.)

On the economic front, many economists worry that China’s demand for raw materials harkens back to Latin America’s bad old days of too much dependence on commodity exports. Neither do they see purchasing Chinese manufactured goods in return as being conducive to long-term development. Again, in contrast, the United States provides meaningful value-added, job-creating investment in the region while purchasing the sort of manufactured goods that generate more jobs.

Game On

Whatever professions of a win-win economic situation for all, or of China’s benign intent, China’s position in Latin America affects the U.S. agenda and regional stability — and Beijing has the resources and motivation needed to adapt to changing circumstances and to remain such a regional fixture for the foreseeable future. That is why U.S. complacency is not an option. Competition need not be hostile, just determined. In particular, the Trump administration has an excellent opportunity to press the U.S. advantage by drawing closer to regional heavyweights Brazil and Argentina, who are attempting to shake off the legacies of years of statist economics. These are countries where China has been particularly active. Each now has a market-friendly president desperate to produce economic growth and draw foreign investment.

A reinvigorated U.S. engagement with the hemisphere will reap significant benefits for the U.S. economy. It will create new investment opportunities, including in the energy sector, but it will also drive up the cost of doing business for Beijing. That China continues to expand its presence in other regions such as Asia and Africa is one thing, but encroaching in our own neighborhood more directly impacts the U.S. national interest. It’s time for America to pay closer attention.

Navy Restricted on FON, S. China Sea

Posted on by

The United States Navy has yet to send a ship within 12 miles of any disputed islands in the South China Sea under President Donald Trump.

Although Trump said during his presidential campaign that former President Barack Obama had been weak defending international waters from China, he has yet to increase Navy patrols in the region to cut off the country’s access to the artificial islands.

Image result for china disputed islands BusinessInsider

In an interview with The New York Times in March of last year, Trump said those islands built by China were “a military fortress, the likes of which perhaps the world has not seen.”

“Amazing, actually,” he added. “They do that at will because they have no respect for our president and they have no respect for our country.”

Freedom of navigation operations, known as Fonops, have not increased under Trump despite “all of the language, combined with the fact that the Republican foreign policy establishment had been critical of Obama for not carrying out enough Fonops, means there was a wide expectation that Trump would put down a marker early,” Kissinger Institute director Robert Daly told the Times.

“And that hasn’t happened.”

Upon entering office, Secretary of State Rex Tillerson called China’s island-building “akin to Russia’s taking of Crimea,” and that Trump’s administration was “going to have to send China a clear signal that, first, the island-building stops” and, “second, your access to those islands also is not going to be allowed.”

Anonymous Defense Department officials told the Times that Pacific Command asked for a naval excursion inside 12 nautical miles of Scarborough Shoal to show Beijing that island-building is a red line.

The officials added that this appeared in-line with the Trump administration’s wishes, though they also said that Defense Secretary James Mattis and Pentagon officials are reviewing the effects of these excursions on national security policy.

*** Image result for china disputed islands  Freedom of Navigation Fact Sheet found here.

China’s claim to nearly 90 percent of the South China Sea based on “historical discovery” — a claim largely invalidated by an international tribunal that China ignored last year — has led to boat ramming, arrests and other low-level clashes between China and neighboring nations.

International officials and analysts have voiced repeated concerns that overreaction by any one party could result in a conflict that threatens peace in the region and the global economy.

“We have rebuilt China, and yet they will go in the South China Sea and build a military fortress the likes of which perhaps the world has not seen,” Trump said during a campaign interview last year. “Amazing, actually. They do that, and they do that at will because they have no respect for our president and they have no respect for our country.”

The Navy routinely sends its ships, most often those based with the 7th Fleet in Japan, on regular patrols through the South China Sea’s international waters. However, the White House didn’t approve FON operations, which challenge violations of international norms, for nearly three years in the South China Sea.

In October 2015, the USS Lassen transited within 12 miles of Subi Reef amid Chinese objections. As of 2012, Subi Reef was naturally sea bottom and therefore does not generate territorial waters under international law, despite Chinese claims.

Subi Reef is now roughly the size of Pearl Harbor, according to satellite imagery posted by the Asia Maritime Transparency Initiative.

The Navy conducted more FON operations in 2016, with the last coming in October.

Secretary of State Rex Tillerson signaled a policy tougher than the Obama administration’s was on the way during his January confirmation hearing.

Lawmakers asked Tillerson what should be done about China’s artificial islands, which include runways long enough for its military aircraft, radar, deep harbors and self-propelled artillery. More here.

Readout: Senate Meeting at WH on N. Korea

Posted on by

Image result for senate at white house north korea WaPo

Joint Statement by Secretary of State Rex Tillerson, Secretary of Defense James Mattis, Director of National Intelligence Dan Coats

Press Operations

Past efforts have failed to halt North Korea’s unlawful weapons programs and nuclear and ballistic missile tests. With each provocation, North Korea jeopardizes stability in Northeast Asia and poses a growing threat to our allies and the U.S. homeland.

North Korea’s pursuit of nuclear weapons is an urgent national security threat and top foreign policy priority. Upon assuming office, President Trump ordered a thorough review of U.S. policy pertaining to the Democratic People’s Republic of Korea (DPRK).

Today, along with Chairman of the Joint Chiefs of Staff Gen. Joe Dunford, we briefed members of Congress on the review. The president’s approach aims to pressure North Korea into dismantling its nuclear, ballistic missile, and proliferation programs by tightening economic sanctions and pursuing diplomatic measures with our allies and regional partners.

We are engaging responsible members of the international community to increase pressure on the DPRK in order to convince the regime to de-escalate and return to the path of dialogue. We will maintain our close coordination and cooperation with our allies, especially the Republic of Korea and Japan, as we work together to preserve stability and prosperity in the region.

The United States seeks stability and the peaceful denuclearization of the Korean peninsula. We remain open to negotiations towards that goal. However, we remain prepared to defend ourselves and our allies.

***

North Korea Threatens Indo-Asia-Pacific Region, Harris Tells Legislators
WASHINGTON, April 26, 2017 — North Korea remains the most immediate threat to the security of the United States and its allies in the Indo-Asia-Pacific, Navy Adm. Harry B. Harris Jr., the commander of U.S. Pacific Command, told the House Armed Services Committee today.


Addressing security challenges in the Indo-Asia-Pacific region, the commander noted how North Korea threatened Australia in the past week with a nuclear strike.

“[It’s] a powerful reminder to the entire international community that North Korea’s missiles point in every direction,” Harris said. “The only nation to have tested nuclear devices in this century, North Korea has vigorously pursued an aggressive weapons test schedule with more than 60 listed missile events in recent years.”
Sense of Urgency

With every test, Kim Jong Un moves closer to his stated goal of a pre-emptive nuclear strike capability against American cities, and he’s not afraid to fail in public, the admiral said.

“Defending our homeland is my top priority, so I must assume that Kim Jong Un’s nuclear claims are true; I know his aspirations certainly are. And that should provide all of us a sense of urgency to ensure Pacom and U.S. Forces Korea are prepared to fight tonight with the best technology on the planet,” he said.

Threats from North Korea are why the United States has deployed its Terminal High Altitude Area Defense system to South Korea, put the USS Carl Vinson carrier strike group back on patrol in Northeast Asia and introduced the newest and best military platforms in the Indo-Asia-Pacific region, the admiral said.

And they are also why the U.S. is emphasizing trilateral cooperation between Japan, South Korea and calling on China to exert its “considerable economic influence to stop Pyongyang’s unprecedented weapons testing,” Harris said.

“As [President Donald J. Trump] and [Defense Secretary Jim Mattis] have made clear, all options are on the table. We want to bring Kim Jong Un to his senses, not to his knees,” the commander said.

Advancing Partnerships

The admiral named Russia, China and the Islamic State of Iraq and Syria as the other global and regional threats, but emphasized U.S. regional partnerships.
“We’ve strengthened America’s network of alliances and partnerships, working with like-minded partners on shared security threats like North Korea and ISIS. It’s a key component to our regional strategy,” he said.

Harris said he continues to rely on Australia for its advanced military capabilities and global operations leadership, and noted that last week’s trips by Vice President Mike Pence and Mattis to Northeast Asia emphasized U.S. alliances with South Korea and Japan.

The United States has also advanced its partnerships with regional powers such as India, Indonesia, Malaysia, New Zealand, Singapore, Sri Lanka and Vietnam, Harris said. Such partnerships, he said, reinforce “the rules-based security order that has helped underwrite peace and prosperity throughout the region for decades.”

Confronting Challenges

But more work remains to be done, he cautioned.

“We must be ready to confront all challenges from a position of strength and with credible combat power,” Harris told legislators.

He added, “So I ask this committee to support continued investment to improve our military capabilities. I need weapons systems of increased lethality, precision, speed and range that are networked and cost-effective [without] restricting ourselves with funding uncertainties [that] reduce our warfighting readiness. So I urge the congress to repeal sequestration and improve the proposed Defense Department budget.”

China is Charged With Control of North Korea, Bad Idea?

Posted on by

President Trump has conferred to Asian leaders over the matter of North Korea’s missile tests and the threats of a nuclear strike. Many conversations have been filling the phone wires that put President Xi of China in charge of handling Kim Jung Un. Okay, but can or will China do all that is necessary and will it resolve the threat of an escalated war in the region? The answer is unknown.

In part from FNC: U.S. commercial satellite images indicated increased activity around North Korea’s nuclear test site, while Kim has said that the country’s preparation for an ICBM launch is in its “final stage.”

South Korea’s Defense Ministry has said the North appears ready to conduct such “strategic provocations” at any time. South Korean Acting Prime Minister Hwang Kyo-ahn has instructed his military to strengthen its “immediate response posture” in case North Korea does something significant on the April 25 anniversary of its military. North Korea often marks significant dates by displaying military capability.

In a statement released late Friday, North Korea’s Foreign Ministry accused Trump of driving the region into an “extremely dangerous phase” with his sending of the aircraft carrier and said the North was ready to stand up against any kind of threated posed by the United States.

With typical rhetorical flourish, the ministry said North Korea “will react to a total war with an all-out war, a nuclear war with nuclear strikes of its own style and surely win a victory in the death-defying struggle against the U.S. imperialists.”

*** So, China appears to have taken some steps to send North Korea a message like refusing a coal shipment. But was that just a one off tactic? Cutting off oil and gasoline shipments…was that too yet another gesture by China? How about access to banking and ATM machines?

PYONGYANG, North Korea (AP) — No modern airport terminal is complete without an ATM, and Pyongyang’s now has two. But they don’t work — because of new Chinese sanctions, according to bank employees — and it’s not clear when they will.

ATMs are an alien enough concept in North Korea that those in the capital’s shiny new Sunan International Airport have a video screen near the top showing how they work and how to set up an account to use them. The explanatory video is in Korean, but the machines, which are meant primarily for Chinese businesspeople and tourists, don’t give out cash in the North Korean currency.

Humm right? But can we really trust China to go the distance to stop North Korea? I offer this answer…NO.

China has been angry with the United States over deploying the THAAD missile defense system in S. Korea. China is one of the largest know hacking networks in the world…remember that? Alright, how about this lil gem?

***

Researchers claim China trying to hack South Korea missile defense efforts

Deployment of THAAD upsets China, seen as espionage tool.

Sean Gallagher: Chinese government officials have been very vocal in their opposition to the deployment of the Terminal High-Altitude Air Defense (THAAD) system in South Korea, raising concerns that the anti-ballistic missile system’s sensitive radar sensors could be used for espionage. And according to researchers at the information security firm FireEye, Chinese hackers have transformed objection to action by targeting South Korean military, government, and defense industry networks with an increasing number of cyberattacks. Those attacks included a denial of service attack against the website of South Korea’s Ministry of Foreign Affairs, which the South Korean government says originated from China.

FireEye’s director of cyber-espionage analysis John Hultquist told the Wall Street Journal that FireEye had detected a surge in attacks against South Korean targets from China since February, when South Korea announced it would deploy THAAD in response to North Korean missile tests. The espionage attempts have focused on organizations associated with the THAAD deployment. They have included “spear-phishing” e-mails carrying attachments loaded with malware along with “watering hole” attacks that put exploit code to download malware onto websites frequented by military, government, and defense industry officials.

FireEye claims to have found evidence that the attacks were staged by two groups connected to the Chinese military. One, dubbed Tonto Team by FireEye, operates from the same region of China as previous North Korean hacking operations. The other is known among threat researchers as APT10, or “Stone Panda”—the same group believed to be behind recent espionage efforts against US companies lobbying the Trump administration on global trade. These groups have also been joined in attacks by two “patriotic hacking” groups not directly tied to the Chinese government, Hultquist told the Journal—including one calling itself “Denounce Lotte Group” targeting the South Korean conglomerate Lotte. Lotte made the THAAD deployment possible through a land swap with the South Korean government.

APT = Advanced Persistent Threat 10 refers to China as noted here with this summary which was found as early as 2009.  In part it includes:

“Operation Cloud Hopper” uses internet addresses also used by the threat actor known in the cybersecurity community as “APT10.” Using a combination of unique hacking tools and open source software, it has attempted to gather information about diplomatic and political organizations, as well as intellectual property, according to the report.

APT10 was identified in a 2013 report by FireEye detailing its use of the Poison Ivy family of malware, which the new report says ceased after FireEye revealed its findings. Also in 2013, FireEye identified APT1, which appears to be Unit 61398 of China’s People’s Liberation Army. The PwC-BAE report notes that the “Operation Cloud Hopper” attacks tend to occur during business hours in China.

Since 2009, APT10 has been observed to target mostly government and U.S. defense organizations, but now “has almost certainly been undertaking a global operation of unprecedented size and scale targeting a number of MSPs,” the report says.

China/Russia Using the Same Cyber Operations Playbook?

Posted on by

As President Trump meets with Xi Jinping of China at Mar A Lago, perhaps he should point to these two conditions in earnest.

North Korean hackers seem to have managed to access a secret war masterplan by South Korea and the U.S. in a cyberattack last September, sources here said Monday.

By Lee Yong-soo: (the item posted below is copyright protected)

Chosun: One government source said Defense Ministry investigators questioned around 40 people over the hacking attack and it appears that part of the masterplan, dubbed OPLAN 5027, “leaked.” A Defense Ministry source said the hackers accessed reports containing portions of the plan, not the entire document.

Defense Minister Han Min-koo and other military officials last year downplayed the seriousness of the hacking attack, saying that only a small number of sensitive military secrets leaked out.

OPLAN 5027 was first drawn up in 1978, when the South Korea-U.S. Combined Forces Command was established, and updated every two years since 1994. It includes troop deployment plans, key North Korean targets, strategies and military control of facilities in the North.

A military official said “discussions are still taking place” whether the plan has to be overhauled now the North has seen chunks of it.

The ministry found out about the leak while investigating a new computer virus in September that attacked the vaccine server at the military cyber command.

Investigators discovered that the Defense Ministry’s Internet and Intranet servers were infected with the same malware, affecting the minister’s own computer and around 2,500 computers with Internet access and 700 connected to the Intranet.

At the time, the ministry said only that hackers accessed “some military information, including sensitive information” and that North Korea appears to be responsible.

The hackers tried to attack the main server of the Defense Integrated Data Center, which serves as the cyber nerve center of South Korea’s defense system.

 

***

China’s Information Warriors Are Growing More Disciplined, Say US Cyber Leaders

And some U.S. cyber leaders worry that the American military’s approach is too reactive and defensive.

When President Trump meets this week with his Chinese counterpart, President Xi Jinping, he’ll be engaging with a leader who commands an increasingly disciplined and persistent information-warfare force.

In December 2015, the Chinese military stood up a Strategic Support Force as part of a larger series of reforms. Essentially a Chinese version of U.S. Cyber Command, the new force focuses on war in the electromagnetic spectrum, space, and cyberspace.  “All these are the new fields that determine whether the PLA can win in the future battlefield,” Chinese officials told state media.

The new force’s key focus is building capabilities to disrupt U.S. military operations, according to Martin Libicki, who leads cybersecurity studies at the U.S. Naval Academy. In January China announced that the country will develop the world’s first exascale super computer by the end of the year.

The move follows years of steady and incremental improvements in information operations, Vice Adm. Tim White, commander of the U.S. Cyber National Mission Force, said Tuesday at the Navy League’s Sea-Air-Space conference. “They are building what I would call campaigns. They are being very thoughtful about it and being purposeful in their approach and there is some design that they are organizing themselves,” he said of adversarial nations such as China but also Russia.  “It’s not just a single mission, point of time, or place. It’s interwoven together to achieve a national purpose.”

By contrast, White worries the U.S. military is thinking too defensively. He believes the Pentagon should work toward a more disciplined, consistent response, and shift from a “broadly reactive” posture “to something we are doing something as a result of our own campaign and planning efforts.”

“They’re on the field and we are figuring out how to get on that field,” White  said. “What nations are doing in this space, it’s more coordinated. It’s more interoperable from their perspective. It’s more structured and it’s more integrated.”

Industrial espionage from China appears to have  waned since Barack Obama and Xi signed an agreement in September 2015. But attacks have not vanished entirely. Between March and May of last year, Chinese hackers deployed a backdoor into a government services company, stole important credentials, and attempted to gain access to U.S. military secrets, according to the FireEye cyber security group.

Without speaking specifically about that incident, Vice Adm. Jan Tighe, deputy chief of naval operations for information warfare and the director of naval intelligence, said that many of the attacks, pings, intrusion attempts and probe “appear to be part of deliberate campaigns” of adversarial nation-state activities against Western targets.

How to fight them off? The head of U.S. Cyber Command, Adm. Michael Rogers, has suggested giving more authority to lower-ranking service personnel. The Navy anticipates that all 40 of the Navy’s cyber mission force teams will reach full operational capability by 2018.

Navy leaders at Sea-Air-Space also said  artificial intelligence would play a bigger role in attacking and defending networks.

“I would not say we see new and exquisite DARPA-like capabilities yet,” emerging out of China in terms of artificial intelligence specifically for information warfare, according to White. “But I do think it will be inevitable because you’re not constrained by physics.”

Meanwhile, the U.S. military is exploring the use of cognitive computing and deep learning to better understand network vulnerabilities and predict attacker behavior, according to Vice Adm. Michael Gilday, who leads the Navy’s 10th Fleet  and Cyber Command, in accordance with phase II of the Command’s strategic plan to 2020, first laid out in 2015.

Marine Maj. Gen. Lori Reynolds, the commander of Marine Forces Cyber Command also maid a plea to industry. “Anything we can do to automate the intelligence cycle … that’s the right investment,”

But Military cyber leaders say that the United States and China will likely put artificial intelligence to different uses in information warfare. Automation can and probably should take over much defensive work to better keep up with the speed of attacks. But the use of offensive cyber weapons will still involve human decision making for the United States military. They could not guarantee the same of China.

AI can absolutely tighten your ability to make a decision inside your enemy’s ability to make a decision,” said Gilday.

Defense One asked Gilday and Tighe if they were seeing adversarial nations attempt to automate the use of offensive cyber weapons. They declined to respond.