Norway has stunned the international community by presenting “proof” Russia was behind a sophisticated GPS attack during war games.
War games are supposed to test a military’s ability to deal with the unexpected. But NATO got more than it anticipated last year when its warships’ navigation systems started acting up.
There was no way they could be where their computers were telling them they were.
This was no small issue: warships from 31 different nations were manoeuvring together in what was one of NATO’s largest exercises in decades.
But the implications went far beyond safety.
It means weapon systems without alternate means of finding out where they were could end up hundreds of kilometres off course.
It wasn’t the first time this GPS ‘glitch’ had been observed in Nordic nations such as Finland, Norway and Sweden. Civilian air traffic has reported several instances of their navigation systems going haywire.
EXPLORE MORE: Huge NATO exercise ‘jammed’ by Russia
DELVE DEEPER: Russia, China test GPS jamming systems’
In all, GPS signals have been reportedly disrupted five times in the northeastern region of Norway, Finland and Sweden since autumn 2017. But Trident Juncture exercise in October and November last year experienced the most intense attack.
A member of staff of the NATO naval and marine works with a navigation display on the bridge of USS Mount Whitney of the US Navy during the NATO-led military exercise Trident Juncture. Picture: AFPSource:AFP
Suspicion immediately fell upon Russia.
Moscow dismissed the claims.
Russian Foreign Minister Sergey Larov went so far as to call the allegations “fantasy”.
But, now, Norway says it has proof.
“Russia asked to give proof. We gave them the proof,” Norwegian Defence Minister Frank Bakke-Jensen told reporters after a bilateral meeting with Russia in Oslo.
Norwegian civilian science outposts had recorded the type, strength and origins of the signals used to distort signals emitted by GPS satellites, he said.
This data has now been handed over to Moscow.
“Russia said ‘thank you, we will come back when our experts review that’. To have such an answer from Russia is a positive thing,” he said.
Minister Bakke-Jensen said Russia would have had to be well aware of the impact of its jamming systems.
A map provided by Norway’s intelligence service showing the source and intensity of GPS jamming signals. Picture: Norway Defence MinistrySource:Supplied
“They were exercising very close to the border and they knew this will affect areas on the other side,” he said. “We recognise Russia’s right to exercise and train its capacities [but] it is not acceptable that this kind of activity affects security in Norwegian air space.”
And international conventions dictate notice be given of any kind of major military test.
The dates and locations of NATO’s Trident Juncture exercise was known to Russia for years.
But Moscow called a snap ‘live-fire’ exercise of its own warships on the boundaries of the NATO games. It also appears to have engaged in an undeclared test of its electronic jamming systems, encompassing Trident Juncture’s designated exclusion area.
Russia shows little regard for the ‘fallout’ of its electronic warfare testing.
Norways’ Ministry of Foreign Affairs was forced to contact Moscow in October 2017 to request jamming exercises along its border as part of Russia’s annual Zapad war-games be halted due to public safety concerns.
“It was a large military exercise by a big neighbour and it disrupted civilian activities including air traffic, shipping, and fishing,” defence minister Bakke-Jensen said at the time.
Category Archives: NSA Spying
5G Coming with Major Risks from China
Primer:
Stuart Madnick, who’s been professor of information technology at the Massachusetts Institute of Technology since 1972, tells Inverse that the FCC and ISPs are casting a double-edged sword in their rush to implement 5G.
“It’s like going from fireworks to dynamite sticks,” Madnick says. “5G encourages further evolution and expansion of Internet of Things related networks. All of the good news and bad news that comes along with this technology gets magnified.”
He’s especially concerned about the risk of denial of service attacks — or DDoS for short — becoming more powerful than ever before. One of the advertised benefits of 5G is that it will allow even more IoT devices, like refrigerators or light bulbs, to come online. This would allow users to remotely check the contents of their fridge or dim their bedroom lights using their phones, but these devices can also be harnessed for nefarious purposes.
One of the most notorious DDoS incidents in history — the 2016 Dyn cyberattack — was facilitated by unsecured IoT devices, like security cameras, printers, and baby monitors. Hacker groups Anonymous and New World Hackers allegedly took control of thousand of electronics that still had their default passwords to amass an army of zombie devices, known as a botnet.
This network was used to overwhelm the servers of internet performance management company, Dyn. Websites like Twitter, SoundCloud, Spotify, and Shopify were inaccessible for a day. Madnick believes this could happen again, to a degree that hasn’t even been imagined yet. Perhaps the biggest sites on the web will go down for days, including online blanks, or worse, the internet that controls a public utility like electricity. Perhaps the biggest sites on the web will go down for days, including online blanks, or worse, the internet that controls a public utility like electricity.
*** Related reading: Lessons Learned from WannaCry attack
Ex-security minister Admiral Lord West calls for urgent government action after Chinese firms are banned in Australia and the US.
Security threats from Chinese companies building 5G networks could end up “putting all of us at risk” if they are not tackled quickly, according to a former security minister.
Speaking to Sky News, Admiral Lord West, a former First Sea Lord who served under Gordon Brown as a security minister, urged the government to set up a unit reporting directly to the prime minister to monitor the risk posed by Chinese equipment in 5G.
5G has been hailed as the next great leap for mobile communications, enabling everything from smart cities to hologram calls.
However, the best 5G technology comes from Chinese companies, raising the fear that China’s government could have ground-level access to – even control of – the UK’s critical data infrastructure.
“We’ve got to see there’s a risk,” Lord West said. “Yes, we want 5G, but for goodness sake we need to do all of these things to make sure it’s not putting all of us at risk.”
In April, the United States banned Chinese multinationals Huawei and ZTE – both specialists in 5G – from selling equipment to the federal government.
In August, the Australian government banned the same two firms from supplying technology for its 5G network, a decision foreign minister Marise Payne described as necessary for “the protection of Australia’s national security”.
In a statement, Huawei called the decision “politically motivated, not the result of a fact-based, transparent, or equitable decision-making process,” adding that “there is no fundamental difference between 5G and 4G network architecture… 5G has stronger guarantees around privacy and security protection than 3G and 4G”.
Robert Hannigan, former director of GCHQ, told Sky News an outright ban in the UK would not make 5G safe.
“The best companies in 5G are probably the Chinese ones and there aren’t many alternatives,” he said, before warning that new measures were needed to test the security of the network.
“We do need to find a way of scrutinising what is being installed in our network, and how it is being overseen and how it is being controlled and how it’s being upgraded in the future. And we have to find a more effective way of doing that at scale.”
In April, GCHQ’s National Cyber Security Centre warned ZTE could pose a national security risk to the UK.
Two months later, the UK’s Huawei Cyber Security Evaluation Centre, a group set up by the government to monitor the Chinese firm, announced that it had “only limited assurance” that Huawei posed no threat to national security
“It was a bit of a warning to Huawei,” said Mr Hannigan. “They needed to get better at cooperating and take this more seriously.”
The difficulty for the Huawei Cyber Security Evaluation Centre is knowing for certain that the code it vets and approves is the same code that is going into networks.
“That’s been a persistent problem,” said Mr Hannigan. “That needs more work.”
The government has put £200m into the development of 5G. Last month, the first 5G pilot centre launched in the West Midlands, testing the technology before a national roll-out.
BT, which uses Huawei to supply parts for its network, told Sky News that it would “apply the same stringent security measures and controls to 5G when we start to roll it out, in line with continued guidance from government”.
Trump Admin Trying to Get a Cyber Doctrine
October is national cyber awareness month, frankly every month and every day should be an awareness day.
So, back in late 2017, the House passed by a voice vote H.R. 3559 – Cybersecurity and Infrastructure Security Agency Act of 2017. As you may guess, it is stalled in the Senate.
Meanwhile, in an effort to mobilize and consolidate cyber operations for the United States, there is no consensus within Congress. Should every government agency has a cyber division? Should the United States be able to perform counter cyber attacks? What kind of a cyber attack on the United States constitutes an act of war?
Just last month, Politico published a piece stating in part:
Recent reports that Russia has been attempting to install malware in our electrical grid and that its hackers have infiltrated utility-control rooms across America should constitute a significant wakeup call. Our most critical infrastructure systems are vulnerable to malicious foreign cyberactivity and, despite considerable effort, the collective response has been inadequate. As Director of National Intelligence Dan Coats ominously warned, “The warning lights are blinking red.”
A successful attack on our critical infrastructure — power grids, water supplies, communications systems, transportation and financial networks — could be devastating. Each of these is vital to our economy, health and security. One recent study found that a single coordinated attack on the East Coast power grid could leave parts of the region without power for months, cause thousands of deaths due to the failure of health and safety systems, and cost the U.S. economy almost $250 billion. Cyberattacks could also undermine our elections, either by altering our voter registration rolls or by tampering with the voting systems or results themselves.
The op-ed was written by retired General and former CIA Director David Petraeus who is arguing: “Our grab-bag approach isn’t working. Gen. David Petraeus says it’s time to go big.”
Actually, I agree with General Petraeus on his position. Last month also, John Bolton on the White House National Security Council declared that the U.S. is going on the offensive. Yet in an interesting article, Forbes offers a point and counter-point to that argument.
Last week, President Trump spoke to world leaders about how China is interfering in U.S. elections via the cyber realm. While no evidence has been offered, that is not to say there is no evidence, it is a common tactic of China. Additionally, the United States is offering robust assistance to NATO allies.
Acting to counter Russia’s aggressive use of cyberattacks across Europe and around the world, the U.S. is expected to announce that, if asked, it will use its formidable cyberwarfare capabilities on NATO’s behalf, according to a senior U.S. official.
The announcement is expected in the coming days as U.S. Defense Secretary Jim Mattis attends a meeting of NATO defense ministers on Wednesday and Thursday.
Katie Wheelbarger, the principal deputy assistant defense secretary for international security affairs, said the U.S. is committing to use offensive and defensive cyber operations for NATO allies, but America will maintain control over its own personnel and capabilities.
The decision comes on the heels of the NATO summit in July, when members agreed to allow the alliance to use cyber capabilities that are provided voluntarily by allies to protect networks and respond to cyberattacks. It reflects growing concerns by the U.S. and its allies over Moscow’s use of cyber operations to influence elections in America and elsewhere.
“Russia is constantly pushing its cyber and information operations,” said Wheelbarger, adding that this is a way for the U.S. to show its continued commitment to NATO.
Wheelbarger told reporters traveling to NATO with Mattis that the move is a signal to other nations that NATO is prepared to counter cyberattacks waged against the alliance or its members.
Much like America’s nuclear capabilities, the formal declaration of cyber support can help serve as a military deterrent to other nations and adversaries.
The U.S. has, for some time, considered cyber as a warfighting domain, much like air, sea, space and ground operations. In recent weeks the Pentagon released a new cybersecurity strategy that maps out a more aggressive use of military cyber capabilities. And it specifically calls out Russia and China for their use of cyberattacks.
China, it said, has been “persistently” stealing data from the public and private sector to gain an economic advantage. And it said Russia has use cyber information operations to “influence our population and challenge our diplomatic processes.” U.S. officials have repeatedly accused Moscow of interfering in the 2016 elections, including through online social media.
“We will conduct cyberspace operations to collect intelligence and prepare military cyber capabilities to be used in the event of a crisis or conflict,” the new strategy states, adding that the U.S. is prepared to use cyberwarfare along with other military weapons against its enemies when needed, including to counter malicious cyber activities targeting the country. Read more here.
Not to be left out is North Korea.
The Department of Homeland Security, the Department of the Treasury, and the Federal Bureau of Investigation have identified malware and other indicators of compromise used by the North Korean government in an ATM cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.
For more information, see:
Yup, in closing…..we agree with General Petraeus….it is long overdue to go big and go NOW.
Is that Russian Submarine Threat Still out There?
It is not just the U.S. Navy that is on alert. Europe’s top Navy Commander:
NAPLES, Italy — Russia is deploying more submarines to the Mediterranean, the Black Sea and North Atlantic than at any time since the Cold War as part of a growing power game driving the U.S. to revive a decommissioned fleet and NATO to strengthen its naval defenses, the Navy’s top commander in the theater said.
Russia is upgrading its submarine forces and improving their missile capabilities, all while relations between Moscow and NATO remain tense over Russia’s annexation of Ukraine’s Crimean Peninsula in 2014, Adm. James Foggo, commander of U.S. Naval Forces Europe and Africa, said in an interview earlier this month.
“The illegal annexation of Crimea … that certainly has put a strain on our relationship,” Foggo told Stars and Stripes. “It’s their bad behavior, not ours. It’s the things they are doing.”
The Navy is reviving 2nd Fleet, though on a smaller scale than the one deactivated in 2011, to supply more ships in what Foggo described as growing competition between Russia and NATO in the Atlantic Ocean.
The renewed 2nd Fleet will be a Norfolk, Va.-based joint forces command, with many details yet to be worked out, Foggo said, adding that Navy leaders will know more after NATO’s July summit in Brussels. More here.
***
This is not really a new condition, it has been going on for a few years without any real U.S. response that is until the Omnibus was passed where monies were allocated for air-dropped sonobuoys that can detect submarines and transmit data back to motherships. The warnings began with Russia, operating in the Mediterranean where missiles were fired into Syria on several occasions.
The United States and Britain have been playing cat and mouse with Russia in several locations. Under Exercise Dynamic Mongoose, 10 NATO countries have been practicing hunting tactics of stealth submarines off Norway’s coast.
This past April, Lockheed Martin was awarded a $1 billion contract for a hypersonic cruise missile.
The Hypersonic Conventional Strike Weapon program is one of two hypersonic weapon prototyping efforts being pursued by the Air Force, and comes in addition to the Tactical Boost Glide program, which the Air Force is working on with DARPA and Raytheon. The service plans to have a prototype ready by 2023.
The Tactical Boost Glide is designed to operate at 5 times the speed of sound to enhance current military systems.
The United States has 70 nuclear powered submarines and 52 attack submarines along with 4 cruise missile armed submarines and 14 ballistic missile submarines. They all patrol bodies of water across the globe.
Adm. John Richardson, Chief of Naval Operations has confirmed increased foreign submarine operations.
According to GlobalFirePower.com, North Korea has the world’s largest submarine fleet by raw numbers with 76, though most of Pyongyang’s fleet consists of shorter-range, electric-diesel coastal patrol craft. China and Russia, both with modern nuclear-powered fleets that rival the U.S. fleet, have 68 subs and 63 subs, respectively.
NATO Secretary-General Jens Stoltenberg, in an interview with the Frankfurt Allgemeine and other news outlets in December, said the Kremlin is investing heavily in its submarine fleet, with 13 delivered since 2013. NATO countries, he said, have let their underwater firepower lag. “We have practiced less and lost skills,” the NATO chief said.
A particular point of concern, said one former high-level U.S. Navy official, is that Moscow may be attempting to tap into or sever some of the 550,000 miles of underwater fiber-optic cables that span the Atlantic and Arctic sea lanes.
“Russians have had a capability … to do things with these cables for the last 20 to 30 years,” said Tom Callender, who once served as head of capabilities for the Navy’s deputy undersecretary office and is now a senior defense fellow at The Heritage Foundation.
“Russians have had a capability … to do things with these cables for the last 20 to 30 years,” said Tom Callender, who once served as head of capabilities for the Navy’s deputy undersecretary office and is now a senior defense fellow at The Heritage Foundation.More than 95 percent of the global internet traffic — military and civilian, classified and unclassified — is transmitted across the network of submerged cables along the ocean floor, according to Washington-based tech firm TeleGeography. The quantity is massive compared with just a decade ago, when just 1 percent of all online traffic went through the cables.
Seabed vulnerability
The majority of the 285 underwater cables in place crisscross beneath heavily trafficked sea lanes of the Atlantic and Arctic regions. According to TeleGeography, the longest single cable stretches 24,000 miles and relays internet traffic and other electronic communications from Europe, Asia and Africa.
The scale and scope of global communications moving through the network of cables — some of which are only 2 inches thick — present a lucrative target that is vulnerable to attack by U.S. adversaries. It also poses a significant challenge to U.S. forces defending the lines. Read more detail here.
Trump Admin Seeking Global Cyber Dominance
Finally!
President Trump signed an order that reverses the classified rules and cyber processes from the Obama administration, known as IVE PPD 20. It was signed in October 2012, and this directive supersedes National Security Presidential Directive NSPD-38. Integrating cyber tools with those of national security, the directive complements NSPD-54/Homeland Security Presidential Directive HSPD-23.
Per WikiPedia:
After the U.S. Senate failed to pass the Cybersecurity Act of 2012 that August,[12] Presidential Policy Directive 20 (PPD-20) was signed in secret. The Electronic Privacy Information Center (EPIC) filed a Freedom of Information Request to see it, but the NSA would not comply.[13] Some details were reported in November 2012.[14] The Washington Post wrote that PPD-20, “is the most extensive White House effort to date to wrestle with what constitutes an ‘offensive’ and a ‘defensive’ action in the rapidly evolving world of cyberwar and cyberterrorism.”[14] The following January,[15] the Obama administration released a ten-point factsheet.[16]
On June 7, 2013, PPD-20 became public.[15] Released by Edward Snowden and posted by The Guardian,[15] it is part of the 2013 Mass Surveillance Disclosures. While the U.S. factsheet claims PPD-20 acts within the law and is, “consistent with the values that we promote domestically and internationally as we have previously articulated in the International Strategy for Cyberspace”,[16] it doesn’t reveal cyber operations in the directive.[15]
Snowden’s disclosure called attention to passages noting cyberwarfare policy and its possible consequences.[15][17] The directive calls both defensive and offensive measures as Defensive Cyber Effects Operations (DCEO) and Offensive Cyber Effects Operations (OCEO), respectively.
President Trump has taken this action to aid not only the military, but it would work to deter foreign actors, impede election influence and apply new penalties for violations. There have been high worries by officials due to electric utilities and the brute cyber attacks.
***
Some lawmakers have raised questions in recent months about whether U.S. Cyber Command, the chief agency responsible for conducting offensive cyber missions, has been limited in its ability to respond to alleged Russian efforts to interfere in U.S. elections due to layers of bureaucratic hurdles.
The policy applies to the Defense Department as well as other federal agencies, the administration official said, while declining to specify which specific agencies would be affected. John Bolton, Mr. Trump’s national security adviser, began an effort to remove the Obama directive when he arrived at the White House in April, the official said.
As designed, the Obama policy required U.S. agencies to gain approval for offensive operations from an array of stakeholders across the federal government, in part to avoid interfering with existing operations such as digital espionage.
Critics for years have seen Presidential Policy Directive 20 as a particular source of inertia, arguing that it handicaps or prevents important operations by involving too many federal agencies in potential attack plans. But some current and former U.S. officials have expressed concern that removing or replacing the order could sow further uncertainty about what offensive cyber operations are allowed.
One former senior U.S. official who worked on cybersecurity issues said there were also concerns that Mr. Trump’s decision will grant the military new authority “which may allow them to have a domestic mission.”
The Obama directive, which replaced an earlier framework adopted during the George W. Bush administration, was “designed to ensure that all the appropriate equities got considered when you thought about doing an offensive cyber operation,” said Michael Daniel, who served as the White House cybersecurity coordinator during the Obama administration. “The idea that this is a simple problem is a naive one.” More here from the WSJ.