Category Archives: Cyber War

Eastern Europe under Extraordinary Threat from Russia

Posted on by

In part: Russia has been chipping away at the country since at least 2014, when the pro-Russian President of Ukraine, Viktor Yanukovych, lost an election, and Putin invaded the Crimea, the peninsula that sticks out into the Black Sea and separates it from the Sea of Azov to its northeast.

Stealth war

As part of Putin’s campaign, a war that isn’t quite a war, most authorities agree that Russian-based hackers mounted a cyberattack called NotPetya back in 2017.  It was aimed primarily at Ukrainian institutions, but it also affected thousands of other systems as well.  The White House later estimated that NotPetya caused about $10 billion worth of damage worldwide.

Now we come down to this week.  On January 15, dozens of Ukrainian government computer systems were infected with malware disguised as ransomware.  An infected computer displayed a demand for a certain ransom to be paid in Bitcoin, but what really happened is that the malware “renders the computer system inoperable,” ransom or no ransom.

Microsoft issued a statement saying that they observed these attacks aimed primarily at Ukrainian government agencies and closely-allied organisations, and that they had issued updates that will address the problems.  But in the meantime, the Ukraine is suffering yet another cyberattack which appears to be instigated by Russia, although no firm evidence of the source has yet been forthcoming.

***

The head of Ukraine’s defense intelligence agency told Military Times in November that Russia could launch an attack through Belarus.

source

Then there is the matter of Putin working to install a pro-Russian regime in Ukraine.

The UK Foreign, Commonwealth and Development Office (FCDO) named former Ukrainian MP Yevhen Murayev as a potential Kremlin candidate and once again warned Russia of “severe costs” of activities to subvert Ukraine.

“The information being released today shines light on the extent of Russian activity designed to subvert Ukraine, and is an insight into Kremlin’s thinking,” UK foreign secretary Liz Truss said in a statement on Saturday.

Russia rejects UK claim

Russia on Sunday rejected a British claim that Russia was seeking to replace Ukraine’s government with a pro-Moscow administration.

“The disinformation spread by the British Foreign Office is more evidence that it is the Nato countries, led by the Anglo-Saxons, who are escalating tensions around Ukraine,” Russian foreign ministry spokeswoman Maria Zakharova said on the Telegram messaging app on Sunday. “We call on the British Foreign Office to stop provocative activities, stop spreading nonsense.” source

***

Some other disturbing details:

  1. The Russian Navy has announced plan gunnery and missile firing 160 nautical miles off Mizen Head. The exercises, from February 3rd to 8th, are just on the edge of the drop-off into deep water. It is also within Ireland’s Exclusive Economic Zone (EEZ). Coming at a time of heightened tension between Russia and the West, this highlights Ireland’s strategic position.

    Of all the world’s ocean, it is interesting that Russia selected this small area in the Irish EEZ. It is far from Russia’s operating bases and regular training areas. So the location seems chosen for strategic or political reasons.

  2. Germany is actively collaborating with Russian armed aggression against Ukraine. The Estonians will tell the Germans to go to hell and the rest of NATO will back Estonia against the Moscow-Berlin axis.
    The Molotov-Ribbentrop Pact is still in force. The Russian regime of state terrorism and the Putinversteher faction in Germany are allied to destroy the freedom and independence of Eastern Europe.
    Germany has no business being in NATO when it aggressively thwarts the principle of collective security on which the alliance was founded. Germany has gone full Soviet with the new Chancellor.
    Russian ally Germany refuses to permit Estonia to transfer artillery to Ukraine, giving a boost to the Russian army which is mobilized for an offensive.
  3. The U.S. has ordered all family members of its embassy in Ukraine to evacuate amid rising tensions of a possible Russian invasion of Ukraine. The U.S. State Department also said non-essential personnel could also leave the country at the U.S. government’s expense.

One more item. Since President Biden halted the United States from being energy independent which was achieved under President Trump, the United States no longer exports energy to Europe. In fact, conditions are so dire that the United States is actually buying dirty oil from Russia. Think of that. If Russia decides to punish the U.S. even more….you can bet the cost of gasoline at the pump with reach $8.00 to $10.00 a gallon.

Then there is the threat of the United States versus Russia in the Arctic and in Space…imagine escalating hostilities in those battle-spaces…

Meanwhile…Ukrainians are drilling for safety in fallout shelters.

 

China versus Taiwan and the United States, Just the Facts

Posted on by

A hacking group has compromised at least nine global organizations in the fields of technology, defense, energy and other key sectors as part of an apparent espionage campaign. Attribution is still ongoing, specific tools and methods used in the apparent hacking efforts are in line with those used by Chinese cyber-espionage group Emissary Panda, also known as TG-3390, APT 27 and Bronze Union.

While China has indeed surpassed the United States in the size of their Navy, the other concern is the build up of Chinese nuclear weapons.  Meanwhile, the United States has deployed at least 30 U.S.military forces to Taiwan for training.For years, U.S.-Taiwan military exchanges have been thought of as an open secret—also known by the People’s Republic of China (PRC) leadership in Beijing. However, Tsai became the first Taiwanese leader in decades to publicly acknowledge the existence of a training program.

The United States has deployed the Iron Dome missile-defense system for testing in Guam by U.S. military planners concerned about possible Chinese attacks.Chinese President Jinping awarded additional 'War Powers ...

WAR GAMES:

The Chinese military – the People’s Liberation Army – is waging so-called gray-zone warfare against Taiwan. This consists of an almost daily campaign of intimidating military exercises, patrols and surveillance that falls just short of armed conflict. Since that report, the campaign has intensified, with Beijing stepping up the number of warplanes it is sending into the airspace around Taiwan. China has also used sand dredgers to swarm Taiwan’s outlying islands.

Military strategists tell Reuters that the gray-zone strategy has the potential to grind down Taipei’s resistance – but also that it may fall short, or even backfire by strengthening the island’s resolve. They are also envisioning starker futures. While they can’t predict the future, military planners in China, Taiwan, the United States, Japan and Australia are nonetheless actively gaming out scenarios for how Beijing might try to seize the prized island, and how Taiwan and America, along with its allies, might move to stop it.Xi’s options include seizing Taiwan’s outlying islands, blockades or all-out invasion. Some Taiwanese military experts say Beijing’s next step might be to seize the lightly defended and remote Pratas Islands in the north of the South China Sea.  Any of these moves could spin out of control into war between China and America over Taiwan.

Reuters has published a comprehensive report and possible scenarios.

The Chinese military has built targets in the shape of an American aircraft carrier and other U.S. warships in the Taklamakan desert as part of a new target range complex, according to photos provided to USNI News by satellite imagery company Maxar.

The full-scale outline of a U.S. carrier and at least two Arleigh Burke-class destroyers are part of the target range that has been built in the Ruoqiang region in central China. The site is near a former target range China used to test early versions of its so-called carrier killer DF-21D anti-ship ballistic missiles, according to press reports in 2013.

This new range shows that China continues to focus on anti-carrier capabilities, with an emphasis on U.S. Navy warships. Unlike the Iranian Navy’s aircraft carrier-shaped target in the Persian Gulf, the new facility shows signs of a sophisticated instrumented target range.

A target in the shape of a U.S. Destroyer in the Taklamakan Desert in Central China. H I Sutton Illustration for USNI News Satellite image ©2021 Maxar Technologies Used with Permission

The carrier target itself appears to be a flat surface without the carrier’s island, aircraft lifts, weapons sponsons or other details, the imagery from Maxar shows. On radar, the outline of the carrier stands out from the surrounding desert – not unlike a target picture, according to imagery provided to USNI News by Capella Space.

There are two more target areas representing an aircraft carrier that do not have the metaling, but are distinguishable as carriers due to their outline. But other warship targets appear to be more elaborate. There are numerous upright poles positioned on them, possibly for instrumentation, according to the imagery. Alternatively these may be used for radar reflectors to simulate the superstructure of the vessel.

The facility also has an extensive rail system. An Oct. 9 image from Maxar showed a 75 meter-long target with extensive instrumentation on a 6 meter-wide rail.

Target range in the Taklamakan desert in Central China. H I Sutton illustration for USNI News

The area has been traditionally used for ballistic missile testing, according to a summary of the Maxar images by geospatial intelligence company AllSource Analysis that identified the site from satellite imagery.

“The mockups of several probable U.S. warships, along with other warships (mounted on rails and mobile), could simulate targets related to seeking/target acquisition testing,” according to the AllSource Analysis summary, which said there are no indications of weapon impact areas in the immediate vicinity of the mockups. “This, and the extensive detail of the mockups, including the placement of multiple sensors on and around the vessel targets, it is probable that this area is intended for multiple uses over time.“

Analysis of historical satellite images shows that the carrier target structure was first built between March and April of 2019. It underwent several rebuilds and was then substantially dismantled in December 2019. The site came back to life in late September of this year and the structure was substantially complete by early October.

Detailed Photos of the mobile target at the Ruoqiang facility. H I Sutton Illustration for USNI News Satellite image ©2021 Maxar Technologies Used with Permission

China has several anti-ship ballistic missile programs overseen by the People’s Liberation Army Rocket Force. The land-based CSS-5 Mod 5 (DF-21D) missile has a range of over 800 nautical miles. It has a maneuverable reentry vehicle (MaRV) to target ships. The larger CSS-18 (DF-26) has a range of around 2,000 nautical miles.

“In July 2019, the PLARF conducted its first-ever confirmed live-fire launch into the South China Sea, firing six DF-21D anti-ship ballistic missiles into the waters north of the Spratly Islands,” according to the Pentagon’s latest annual report on China’s military. The Chinese are also fielding a longer range anti-ship ballistic missile that initially emerged in 2016.

“The multi-role DF-26 is designed to rapidly swap conventional and nuclear warheads and is capable of conducting precision land-attack and anti-ship strikes in the Western Pacific, the Indian Ocean, and the South China Sea from mainland China. In 2020, the PRC fired anti-ship ballistic missiles against a moving target in the South China Sea, but has not acknowledged doing so,” reads the report.

A Nov. 5, 2021 Capella Space synthetic aperture radar image of the target in the shape of a U.S. aircraft carrier in the Taklamakan Desert H I Sutton Illustration for USNI News

In addition to the land-based anti-ship ballistic missiles, China has a program to equip the People’s Liberation Army Navy H-6 bombers with a massive anti-ship ballistic missile. First revealed in 2018, the CH-AS-X-13 will likely be the largest air-launched missile in existence, and would be large enough to accommodate a hypersonic warhead.

Another possible launch platform for anti-ship ballistic missiles is the new Type-055 Renhai Class large destroyer. Described as a guided-missile cruiser, it will be capable of carrying anti-ship ballistic missiles, according to the Pentagon report.

It’s not the first time China has built an aircraft carrier target in the desert. Since 2003, a large concrete pad, roughly the size of a carrier, has been used as a target. The slab, which is part of the Shuangchengzi missile test range, has been hit many times and is frequently repaired. The new site in the Taklamakan desert is 600 miles away and is much more evolved. The newer ship targets are closer approximations of the vessels that they are supposed to represent.

DoD Graphic

While questions remain on the extent of weapons that will be tested at the new facility, the level of sophistication of what can now be seen at the site show the PLA is continuing to invest in deterrents to limit the efficacy of U.S. naval forces close to China – in particular targeting the U.S. carrier fleet.

According to the Pentagon report released last week, a primary objective of the PLARF will be to keep U.S. carriers at risk from anti-ship ballistic missiles throughout the Western Pacific.

About that Drone Attack on the Pennsylvania Power Grid

Posted on by

The Drive: U.S. officials believe that a DJI Mavic 2, a small quadcopter-type drone, with a thick copper wire attached underneath it via nylon cords was likely at the center of an attempted attack on a power substation in Pennsylvania last year. An internal U.S. government report that was issued last month says that this is the first time such an incident has been officially assessed as a possible drone attack on energy infrastructure in the United States, but that this is likely to become more commonplace as time goes on. This is a reality The War Zone has sounded the alarm about in the past, including when we were first to report on a still unexplained series of drone flights near the Palo Verde nuclear powerplant in Arizona in 2019.

ABC News was first to report on the Joint Intelligence Bulletin (JIB) covering the incident in Pennsylvania last year, which the Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the National Counterterrorism Center (NCTC) published on Oct. 28, 2021. The document, which ABC obtained a copy of, but only released a small portion of, is marked unclassified, but parts also labeled Law Enforcement Sensitive (LES) and For Official Use Only (FOUO). Other outlets have since obtained copies of this document, which reportedly says that this likely attack took place on July 16, 2020, but does not identify where the substation in question was located.


DHS via ABC News

RELATED READING: FBI Strategic Intelligence/Assessment on Domestic Terrorism

A portion of an annotated satellite image from a US Joint Intelligence Bulletin regarding a likely attempted drone attack on a power substation in Pennsylvania in 2020.

“This is the first known instance of a modified UAS [unmanned aerial system] likely being used in the United States to specifically target energy infrastructure,” the JIB states. “We assess that a UAS recovered near an electrical substation was likely intended to disrupt operations by creating a short circuit to cause damage to transformers or distribution lines, based on the design and recovery location.”

ABC and other outlets have reported that the JIB says that this assessment is based in part on other unspecified incidents involving drones dating back to 2017. As already noted, The War Zone previously reported on another worrisome set of incidents around Arizona’s Palo Verde Generating Station, the largest nuclear power plant in the United States in terms of its output of electricity, in 2019. In the process of reporting that story, we uncovered other reported drone flights that prompted security concerns near the Limerick Generating Station nuclear power plant in Pennsylvania earlier that year.

The Night A Mysterious Drone Swarm Descended On Palo Verde Nuclear Power Plant By Tyler Rogoway and Joseph Trevithick Posted in The War Zone
Here’s What’s In New Guidelines For Defending Infrastructure Against Drone Attacks By Brett Tingley Posted in The War Zone
The Y-12 Nuclear Development Site Has Deployed Its First Anti-Drone System By Brett Tingley Posted in The War Zone
Some Chinese-Made Drones Cleared By Pentagon For U.S. Government Use By Brett Tingley Posted in The War Zone
Is The United States Firing Off “Electricity Bombs” in Syria? By Joseph Trevithick Posted in The War Zone

“To date, no operator has been identified and we are producing this assessment now to expand awareness of this event to federal, state, local, tribal, and territorial law enforcement and security partners who may encounter similarly modified UAS,” the JIB adds.

Beyond the copper wire strung up underneath it, the drone reportedly had its camera and internal memory card removed. Efforts were taken to remove any identifying markings, indicating efforts by the operator or operators to conceal the identifies and otherwise make it difficult to trace the drone’s origins.


DHS via ABC News

A low-quality image showing the drone recovered after the likely attempted attack in Pennsylvania. The green lines are the nylon cables. A copper wire was attached to the bottom ends of both lines.

It’s unclear how much of a threat this particular drone posed in its modified configuration. The apparent intended method of attack would appear to be grounded, at least to some degree, in actual science. The U.S. military employed Tomahawk cruise missiles loaded with spools of highly-conductive carbon fiber wire against power infrastructure to create blackouts in Iraq during the first Gulf War in 1991. F-117 Nighthawk stealth combat jets dropped cluster bombs loaded with BLU-114/B submunitions packed with graphite filament over Serbia to the same effect in 1999.

Regardless, the incident only underscores the ever-growing risks that small drones pose to critical infrastructure, as well as other civilian and military targets, in the United States. If this modified drone did pose a real risk, it would also highlight the low barrier to entry to at least attempt to carry out such attacks. New DJI Mavic 2s can be purchased online right now for between $2,000 and $4,000.

The technology is so readily available that non-state actors around the world, from terrorists in the Middle East to drug cartels in Mexico, are already employing commercial quad and hexacopter-type drones armed with improvised explosive payloads on a variety of targets on and off more traditional battlefields. This includes attempted assassinations of high-profile individuals.

The U.S. government is finally coming to terms with these threats and there are certainly some steps being taken, at least at the federal level, to protect civilian and domestic military facilities against small drones. At the same time, it is equally clear that there is still much work to be done.

This particular incident in Pennsylvania last year highlights separate security concerns relating to Chinese-made small drones that are now widely available in the United States and are even in use within the U.S. government. DJI, or Da Jiang Innovations, is by far the largest Chinese drone maker selling products commercially in the United States today and has been at the center of these debates in recent years.

Whether or not the modified Mavic 2 posed a real danger in this instance or if this was truly the first-ever attempted drone attack on energy infrastructure in the United States, it definitely reflects threats are real now and will only become more dangerous as time goes on.

CIA Director in Moscow Did not Stop 90,000 Russian Troops at Ukraine Border

Posted on by

Senator Marco Rubio appears to be the only person really concerned about a Russian invasion of Ukraine. While CIA Director Bill Burns took a delegation to Moscow for what is said to be high level meetings, it has proven to be ineffective in altering Russian operations versus Ukraine. Top Russian security chief met with CIA director Burns ...

As usual we have this –>The Ukrainian Defense Ministry sent a release saying that about 90,000 Russian troops are stationed close to the border in areas east of the country controlled by rebel forces. This comes two days after Ukraine denied that Russian military personnel were in the area.

Eastern Ukraine has been a contentious area for years. In 2014, Moscow annexed the Crimean Peninsula shortly after the Ukrainian Revolution. Over 14,000 people have died as a result of the conflict.

Russian officials said the troops were present due to maneuvers. Kremlin spokesman Dmitry Peskov said that “Russia maintains troops presence on its territory wherever it deems necessary.”

The ministry’s statement said specifically that units of the Russian 41st army have remained in Yelnya, about 260 kilometers (about 160 miles) north of the Ukrainian border.

On Tuesday, Ukraine’s Defense Minister Andriy Taran submitted his resignation and Ukrainian lawmakers quickly approved it Wednesday. Davyd Arakhamia, the head of the parliamentary faction of President Volodymyr Zelenskyy’s Servant of the People party, said Taran had health problems.

Ukrainian media reported however that Zelenskyy’s office was behind the resignation of Taran and four other ministers, who were also dismissed by parliament on Wednesday.

Russia has cast its weight behind a separatist insurgency in Ukraine’s east that erupted shortly after Moscow’s 2014 annexation of Ukraine’s Crimean Peninsula.

A massive buildup of Russian troops in Russia’s west have been fueling fears of an escalation of large-scale hostilities.

Russian officials said that the troops were deployed as part of measures to counter security threats posed by the deployment of NATO forces near Russian borders. Russia and the alliance also have blamed each other for conducting destabilizing military exercises near the borders.

****CIA director makes rare trip to Moscow for talks on Russia ...

The CIA and the delegation came back empty handed it seems.

THE DIRECTOR OF THE United States Central Intelligence Agency has returned to Washington from a surprise visit to Russia, where he led a high-level team of American officials in meetings with their Russian counterparts. The two-day visit was announced almost simultaneously by both the American and Russian governments, following the arrival of the CIA director, William Burns, to Moscow on Tuesday.

Little information has emerged about the participants in the meetings. A statement from the American embassy in Moscow said simply that Burns had traveled there at the request of President Joe Biden, and that other United States officials had traveled with him. It is believed that Karen Donfried, the State Department’s assistant secretary for European and Eurasian Affairs, traveled with Burns. According to the American embassy, the meetings were held on Tuesday and Wednesday and concerned “a range of issues in the bilateral relationship between the United States and Russia.

A minute-long video, which was posted on social media by the Russian TASS news agency on Tuesday, showed a group of five American officials meeting with five Russian officials. The latter appeared to include Nikolai Patrushev, a close political ally of Russian President Vladimir Putin, who heads the Security Council of Russia —a body that is roughly equivalent to the United States National Security Council. Prior to his current role, Patrushev served as director of the Russian Federal Security Service (FSB).

It is worth noting that Burns speaks Russian and served twice as a diplomat in Russia, most recently as the American ambassador there. Some observers noted that Burns’ trip to Moscow is part of a broader pattern of increasingly frequent meetings between American and Russian officials in recent months. The last four months have seen at least four visits to Russia by senior officials in the Biden administration.