Category Archives: NSA Spying

Trump Admin Trying to Get a Cyber Doctrine

Posted on by

October is national cyber awareness month, frankly every month and every day should be an awareness day.

octo | Office of the Chief Technology Officer

So, back in late 2017, the House passed by a voice vote H.R. 3559 – Cybersecurity and Infrastructure Security Agency Act of 2017. As you may guess, it is stalled in the Senate.

Meanwhile, in an effort to mobilize and consolidate cyber operations for the United States, there is no consensus within Congress. Should every government agency has a cyber division? Should the United States be able to perform counter cyber attacks? What kind of a cyber attack on the United States constitutes an act of war?

Just last month, Politico published a piece stating in part:

Recent reports that Russia has been attempting to install malware in our electrical grid and that its hackers have infiltrated utility-control rooms across America should constitute a significant wakeup call. Our most critical infrastructure systems are vulnerable to malicious foreign cyberactivity and, despite considerable effort, the collective response has been inadequate. As Director of National Intelligence Dan Coats ominously warned, “The warning lights are blinking red.”

A successful attack on our critical infrastructure — power grids, water supplies, communications systems, transportation and financial networks — could be devastating. Each of these is vital to our economy, health and security. One recent study found that a single coordinated attack on the East Coast power grid could leave parts of the region without power for months, cause thousands of deaths due to the failure of health and safety systems, and cost the U.S. economy almost $250 billion. Cyberattacks could also undermine our elections, either by altering our voter registration rolls or by tampering with the voting systems or results themselves.

The op-ed was written by retired General and former CIA Director David Petraeus who is arguing: “Our grab-bag approach isn’t working. Gen. David Petraeus says it’s time to go big.”

Actually, I agree with General Petraeus on his position. Last month also, John Bolton on the White House National Security Council declared that the U.S. is going on the offensive. Yet in an interesting article, Forbes offers a point and counter-point to that argument.

Last week, President Trump spoke to world leaders about how China is interfering in U.S. elections via the cyber realm. While no evidence has been offered, that is not to say there is no evidence, it is a common tactic of China. Additionally, the United States is offering robust assistance to NATO allies.

Acting to counter Russia’s aggressive use of cyberattacks across Europe and around the world, the U.S. is expected to announce that, if asked, it will use its formidable cyberwarfare capabilities on NATO’s behalf, according to a senior U.S. official.

The announcement is expected in the coming days as U.S. Defense Secretary Jim Mattis attends a meeting of NATO defense ministers on Wednesday and Thursday.

Katie Wheelbarger, the principal deputy assistant defense secretary for international security affairs, said the U.S. is committing to use offensive and defensive cyber operations for NATO allies, but America will maintain control over its own personnel and capabilities.

The decision comes on the heels of the NATO summit in July, when members agreed to allow the alliance to use cyber capabilities that are provided voluntarily by allies to protect networks and respond to cyberattacks. It reflects growing concerns by the U.S. and its allies over Moscow’s use of cyber operations to influence elections in America and elsewhere.

“Russia is constantly pushing its cyber and information operations,” said Wheelbarger, adding that this is a way for the U.S. to show its continued commitment to NATO.

Wheelbarger told reporters traveling to NATO with Mattis that the move is a signal to other nations that NATO is prepared to counter cyberattacks waged against the alliance or its members.

Much like America’s nuclear capabilities, the formal declaration of cyber support can help serve as a military deterrent to other nations and adversaries.

The U.S. has, for some time, considered cyber as a warfighting domain, much like air, sea, space and ground operations. In recent weeks the Pentagon released a new cybersecurity strategy that maps out a more aggressive use of military cyber capabilities. And it specifically calls out Russia and China for their use of cyberattacks.

China, it said, has been “persistently” stealing data from the public and private sector to gain an economic advantage. And it said Russia has use cyber information operations to “influence our population and challenge our diplomatic processes.” U.S. officials have repeatedly accused Moscow of interfering in the 2016 elections, including through online social media.

“We will conduct cyberspace operations to collect intelligence and prepare military cyber capabilities to be used in the event of a crisis or conflict,” the new strategy states, adding that the U.S. is prepared to use cyberwarfare along with other military weapons against its enemies when needed, including to counter malicious cyber activities targeting the country. Read more here.

Not to be left out is North Korea.

The Department of Homeland Security, the Department of the Treasury, and the Federal Bureau of Investigation have identified malware and other indicators of compromise used by the North Korean government in an ATM cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

For more information, see:

Yup, in closing…..we agree with General Petraeus….it is long overdue to go big and go NOW.

Is that Russian Submarine Threat Still out There?

Posted on by

It is not just the U.S. Navy that is on alert. Europe’s top Navy Commander:

NAPLES, Italy — Russia is deploying more submarines to the Mediterranean, the Black Sea and North Atlantic than at any time since the Cold War as part of a growing power game driving the U.S. to revive a decommissioned fleet and NATO to strengthen its naval defenses, the Navy’s top commander in the theater said.

Russia is upgrading its submarine forces and improving their missile capabilities, all while relations between Moscow and NATO remain tense over Russia’s annexation of Ukraine’s Crimean Peninsula in 2014, Adm. James Foggo, commander of U.S. Naval Forces Europe and Africa, said in an interview earlier this month.

“The illegal annexation of Crimea … that certainly has put a strain on our relationship,” Foggo told Stars and Stripes. “It’s their bad behavior, not ours. It’s the things they are doing.”

The Navy is reviving 2nd Fleet, though on a smaller scale than the one deactivated in 2011, to supply more ships in what Foggo described as growing competition between Russia and NATO in the Atlantic Ocean.

The renewed 2nd Fleet will be a Norfolk, Va.-based joint forces command, with many details yet to be worked out, Foggo said, adding that Navy leaders will know more after NATO’s July summit in Brussels. More here.

***

This is not really a new condition, it has been going on for a few years without any real U.S. response that is until the Omnibus was passed where monies were allocated for air-dropped sonobuoys that can detect submarines and transmit data back to motherships. The warnings began with Russia, operating in the Mediterranean where missiles were fired into Syria on several occasions.

The United States and Britain have been playing cat and mouse with Russia in several locations. Under Exercise Dynamic Mongoose, 10 NATO countries have been practicing hunting tactics of stealth submarines off Norway’s coast.

This past April, Lockheed Martin was awarded a $1 billion contract for a hypersonic cruise missile.

The Hypersonic Conventional Strike Weapon program is one of two hypersonic weapon prototyping efforts being pursued by the Air Force, and comes in addition to the Tactical Boost Glide program, which the Air Force is working on with DARPA and Raytheon. The service plans to have a prototype ready by 2023.

The Tactical Boost Glide is designed to operate at 5 times the speed of sound to enhance current military systems.

The United States has 70 nuclear powered submarines and 52 attack submarines along with 4 cruise missile armed submarines and 14 ballistic missile submarines. They all patrol bodies of water across the globe.

Russian Subs Are Reheating a Cold War Chokepoint - Defense One  photo

Adm. John Richardson, Chief of Naval Operations has confirmed increased foreign submarine operations.

According to GlobalFirePower.com, North Korea has the world’s largest submarine fleet by raw numbers with 76, though most of Pyongyang’s fleet consists of shorter-range, electric-diesel coastal patrol craft. China and Russia, both with modern nuclear-powered fleets that rival the U.S. fleet, have 68 subs and 63 subs, respectively.

NATO Secretary-General Jens Stoltenberg, in an interview with the Frankfurt Allgemeine and other news outlets in December, said the Kremlin is investing heavily in its submarine fleet, with 13 delivered since 2013. NATO countries, he said, have let their underwater firepower lag. “We have practiced less and lost skills,” the NATO chief said.

A particular point of concern, said one former high-level U.S. Navy official, is that Moscow may be attempting to tap into or sever some of the 550,000 miles of underwater fiber-optic cables that span the Atlantic and Arctic sea lanes.

“Russians have had a capability … to do things with these cables for the last 20 to 30 years,” said Tom Callender, who once served as head of capabilities for the Navy’s deputy undersecretary office and is now a senior defense fellow at The Heritage Foundation.

“Russians have had a capability … to do things with these cables for the last 20 to 30 years,” said Tom Callender, who once served as head of capabilities for the Navy’s deputy undersecretary office and is now a senior defense fellow at The Heritage Foundation.More than 95 percent of the global internet traffic — military and civilian, classified and unclassified — is transmitted across the network of submerged cables along the ocean floor, according to Washington-based tech firm TeleGeography. The quantity is massive compared with just a decade ago, when just 1 percent of all online traffic went through the cables.

Seabed vulnerability

The majority of the 285 underwater cables in place crisscross beneath heavily trafficked sea lanes of the Atlantic and Arctic regions. According to TeleGeography, the longest single cable stretches 24,000 miles and relays internet traffic and other electronic communications from Europe, Asia and Africa.

The scale and scope of global communications moving through the network of cables — some of which are only 2 inches thick — present a lucrative target that is vulnerable to attack by U.S. adversaries. It also poses a significant challenge to U.S. forces defending the lines. Read more detail here.

 

Trump Admin Seeking Global Cyber Dominance

Posted on by

Finally!

https://archive.org/services/img/2007NSAProceduresUsedToTargetNonUSPersons Archivo:Presidential-policy-directive 20.pdf - Wikipedia ...

President Trump signed an order that reverses the classified rules and cyber processes from the Obama administration, known as IVE PPD 20. It was signed in October 2012, and this directive supersedes National Security Presidential Directive NSPD-38. Integrating cyber tools with those of national security, the directive complements NSPD-54/Homeland Security Presidential Directive HSPD-23.

Per WikiPedia:

After the U.S. Senate failed to pass the Cybersecurity Act of 2012 that August,[12] Presidential Policy Directive 20 (PPD-20) was signed in secret. The Electronic Privacy Information Center (EPIC) filed a Freedom of Information Request to see it, but the NSA would not comply.[13] Some details were reported in November 2012.[14] The Washington Post wrote that PPD-20, “is the most extensive White House effort to date to wrestle with what constitutes an ‘offensive’ and a ‘defensive’ action in the rapidly evolving world of cyberwar and cyberterrorism.”[14] The following January,[15] the Obama administration released a ten-point factsheet.[16]

On June 7, 2013, PPD-20 became public.[15] Released by Edward Snowden and posted by The Guardian,[15] it is part of the 2013 Mass Surveillance Disclosures. While the U.S. factsheet claims PPD-20 acts within the law and is, “consistent with the values that we promote domestically and internationally as we have previously articulated in the International Strategy for Cyberspace”,[16] it doesn’t reveal cyber operations in the directive.[15]

Snowden’s disclosure called attention to passages noting cyberwarfare policy and its possible consequences.[15][17] The directive calls both defensive and offensive measures as Defensive Cyber Effects Operations (DCEO) and Offensive Cyber Effects Operations (OCEO), respectively.

President Trump has taken this action to aid not only the military, but it would work to deter foreign actors, impede election influence and apply new penalties for violations. There have been high worries by officials due to electric utilities and the brute cyber attacks.

***

Some lawmakers have raised questions in recent months about whether U.S. Cyber Command, the chief agency responsible for conducting offensive cyber missions, has been limited in its ability to respond to alleged Russian efforts to interfere in U.S. elections due to layers of bureaucratic hurdles.

The policy applies to the Defense Department as well as other federal agencies, the administration official said, while declining to specify which specific agencies would be affected. John Bolton, Mr. Trump’s national security adviser, began an effort to remove the Obama directive when he arrived at the White House in April, the official said.

As designed, the Obama policy required U.S. agencies to gain approval for offensive operations from an array of stakeholders across the federal government, in part to avoid interfering with existing operations such as digital espionage.

Critics for years have seen Presidential Policy Directive 20 as a particular source of inertia, arguing that it handicaps or prevents important operations by involving too many federal agencies in potential attack plans. But some current and former U.S. officials have expressed concern that removing or replacing the order could sow further uncertainty about what offensive cyber operations are allowed.

One former senior U.S. official who worked on cybersecurity issues said there were also concerns that Mr. Trump’s decision will grant the military new authority “which may allow them to have a domestic mission.”

The Obama directive, which replaced an earlier framework adopted during the George W. Bush administration, was “designed to ensure that all the appropriate equities got considered when you thought about doing an offensive cyber operation,” said Michael Daniel, who served as the White House cybersecurity coordinator during the Obama administration. “The idea that this is a simple problem is a naive one.”  More here from the WSJ.

So, What Really Goes in Space to Have a Space Force?

Posted on by

Primer: Did you know there is something called the OuterSpace Treaty? Yup, it covers arms control, verification and compliance. Sounds great right? Problem is it is dated 2002.

Then there is the NASA summary of the 1967 Space Treaty.

GPS is operated and maintained by the U.S. Air Force. GPS.gov is maintained by the National Coordination Office for Space-Based Positioning, Navigation, and Timing.

Like the Internet, GPS is an essential element of the global information infrastructure. The free, open, and dependable nature of GPS has led to the development of hundreds of applications affecting every aspect of modern life. GPS technology is now in everything from cell phones and wristwatches to bulldozers, shipping containers, and ATM’s.

GPS boosts productivity across a wide swath of the economy, to include farming, construction, mining, surveying, package delivery, and logistical supply chain management. Major communications networks, banking systems, financial markets, and power grids depend heavily on GPS for precise time synchronization. Some wireless services cannot operate without it.

GPS saves lives by preventing transportation accidents, aiding search and rescue efforts, and speeding the delivery of emergency services and disaster relief. GPS is vital to the Next Generation Air Transportation System (NextGen) that will enhance flight safety while increasing airspace capacity. GPS also advances scientific aims such as weather forecasting, earthquake monitoring, and environmental protection.

Finally, GPS remains critical to U.S. national security, and its applications are integrated into virtually every facet of U.S. military operations. Nearly all new military assets — from vehicles to munitions — come equipped with GPS.

***

There is a robust debate within Washington and the Pentagon if whether or not a new branch of Armed Services is really needed. Presently, the Air Force has most exclusive authority of all things space except for research and exploration which is performed by NASA.

There is even a debate within the Air Force which was raised last February.

US Air Force Chief of Staff General David L. Goldfein predicted it’ll only be a “matter of years” before American forces find themselves “fighting from space.” To prepare for this grim possibility, he said the Air Force needs new tools and a new approach to training leaders. Oh, and lots of money.

“[It’s] time for us as a service, regardless of specialty badge, to embrace space superiority with the same passion and sense of ownership as we apply to air superiority today,” he said.

These are some of the strongest words yet from the Air Force chief of staff to get the Pentagon thinking about space—and to recognize the U.S. Air Force as the service branch best suited for the job. “I believe we’re going to be fighting from space in a matter of years,” he said. “And we are the service that must lead joint war fighting in this new contested domain. This is what the nation demands.”

The USAF and other military officials have been saying this for years, but Goldfein’s comments had an added sense of urgency this time around. Rep. Mike Rogers, the Strategic Forces Subcommittee chairman, recently proposed the creation of a new “Space Corps,” one that would be modeled after the Marines. The proposed service branch, it was argued, would keep the United States ahead of rival nations like Russia and China. The idea was scrapped this past December—at least for now. Needless to say, Rogers’ proposal did not go over well with the USAF; the creation of the first new uniformed service branch in 70 years would see Pentagon funds siphoned away from the Air Force. Hence Goldfein’s speech on Friday, in which he argued that the USAF is the service branch best positioned to protect American interests in space.

But in order to protect “contested environments,” the US Air Force will need to exercise competency in “multi-domain operations,” he said. This means the ability to collect battlefield intelligence from “all domains,” including air, ground, sea, cyber, and space. “I look forward to discussing how we can leverage new technology and new ways of networking multi-domain sensors and resilient communications to bring more lethality to the fight,” said Goldfein.

Indeed, the USAF has plenty of work to do make this happen, and to keep up with its rivals. China, for example, recently proposed far-fetched laser-armed satellite to remove space junk, while also demonstrating its ability to shoot down missiles in space. Should a major conflict break out in the near future, space will most certainly represent the first battlefield.

“When you think of how dependent the US military is on satellites for everything from its communication and navigation to command and surveillance, we are already fighting in space, even if it’s not like the movies depicted,” Peter W. Singer, fellow at New America and author of Ghost Fleet: A Novel of the Next World War, told Gizmodo. “If we were ever to fight another great power, like a China or Russia, it is likely the opening round of battle would be completely silent, as in space no one would hear the other side jamming or even destroying each other’s satellites.”

To prepare the United States for this possibility, Goldfein said the Air Force needs to invest in new technologies and train a new generation of leaders. On that last point, the CSAF ordered Lt. Gen. Steven Kwast, the commander of Air Education and Training Command, to develop a program to train officers and non-commissioned officers for space ops. “We need to build a joint, smart space force and a space-smart joint force,” Goldfein said.

As reported in SpaceNews, the USAF is asking for $8.5 billion for space programs in the 2019 budget, of which $5.9 billion would go to research and development, and the remaining for procurement of new satellite and launch services. Over next five years it hopes to spend $44.3 billion on development of new space systems, which is 18 percent more than it said it would need last year to cover the same period.

 

Chinese/Russian Subs Prowling East Coast, Atlantic

Posted on by

In a press gaggle today, a member of the media asked Secretary of Defense Mattis:

Q:  Mr. Secretary, you stated you’re watching submarines in the North Atlantic and elsewhere.  But are Russia and China putting more submarines out to look at the United States than they have since the Cold War?   

SEC. MATTIS:  Yes, we always keep an eye on the — on the submarines at sea.  And I’d prefer not to say anymore than that.  Thanks.

Humm, okay let’s go deeper.

The Navy reactivated a the fleet responsible for overseeing the East Coast and the North Atlantic. The 2nd Fleet was deactivated in 2011 and Secretary Mattis upped the defense strategy earlier this year.

We do know that the Russians are snooping around all undersea telecommunications cables used by NATO. The Russian submarines are equipped with anti-submarine missiles and little is published about the Chinese submarines. Meanwhile, the United States has deployed patrols using manned and unmanned surface ships, attack submarines and air surveillance by the P-8 Poseidon, a sub hunting warplane.

Crew | USS SOUTH DAKOTA SSN 790

The most advanced US advanced fast attack submarine named the USS South Dakota is equipped with the most advanced technology including advanced stealth features.

“China is improving the lethality and survivability of its attack submarines and building quieter, high-end diesel and nuclear-powered submarines,” he said.
Both China and Russia have also increased their presence in the Indo-Asia-Pacific region, where Harris said 230 of the world’s 400 foreign submarines are operating.
Roughly 160 of those 230 submarines belong to China, North Korea, and Russia, according to Harris.
Forbes said the United States must also develop a strategy to counter Chinese and Russian activity in “gray zones” where they are incrementally expanding their presence by strategically “fighting and competing” through military posturing.
China’s claims in the South China Sea represent one glaring example as to how they’ve been able to successfully implement this type of strategy in a way that allows them to expand their military reach without engaging in direct confrontation, according to Forbes.

Meanwhile, a significant upgrade has taken place and that is to SOSUS.

Now, in what may be the biggest upgrade to the Navy’s fixed undersea surveillance system since the Cold War, General Dynamics has been recently awarded a contract by the Office of Naval Research to develop the Deep Reliable Acoustic Path Exploitation System (DRAPES). DRAPES appears to be part of a suite of upgrades to the Navy’s submarine detection capabilities to cope with expanding fleets of advanced submarines around the world.

When the Cold War ended, the U.S. Navy no longer faced a “peer threat” to its control of the seas and many capabilities and weapons necessary for defeating advanced adversary ships and submarines were decommissioned. Research for more advanced follow-on technology was also put on hold. After operating 30 undersea surveillance sites around the world during the Cold War, the Navy has only three operational today. But as Russia, and especially China, have developed larger and more advanced submarine fleets, the U.S. Navy has had to re-learn old Cold War anti-submarine warfare competencies while developing new capabilities to tackle more challenging modern submarine technology.

While the Navy says relatively little about the advanced sub-hunting capabilities of the Integrated Undersea Surveillance System (IUSS), of which SOSUS is a part, some IUSS systems have received more public attention. The afloat Surveillance Towed Array Sensor System (SURTASS) is a small fleet of civilian-crewed ships that carry sensitive towed listening (passive) arrays that can detect submarines from great distances. These ships grabbed headlines in 2009 when the SURTASS ship USNS Impeccable was harassed by Chinese Maritime Militia while operating in the vicinity of China’s South China Sea submarine bases on Hainan Island. The SURTASS ships have also received technical upgrades since the Cold War. The introduction of the Low Frequency Active (LFA) capability, an “active” system that transmits low frequency “pings” that bounce off of submarine hulls and are then picked up by the existing passive SURTASS arrays dramatically increases their ability to detect submarines at great distances.

By contrast, little is known publicly about the SOSUS networks after the Cold War. Defense Systems reports that DRAPES, like SOSUS, will be a fixed passive listening system with a new communications capability to transmit its data. Mobile systems like SURTASS have the advantage of being able to get closer to possible contacts and follow them, but can only be in one place at a time, and must eventually return to port. Fixed systems like SOSUS, and now DRAPES, have the advantage of providing permanent coverage over target areas and then “cueing” a mobile sensor capability, like a ship or aircraft, to zero in on a submarine it detects.

One reason there were 30 IUSS sites during the Cold War is that the SOSUS systems had to be connected to collection facilities by underwater cable, requiring sites to be relatively local to the target area. But DRAPES will apparently use a new underwater communications system to transmit the acoustic data it collects to the three remaining Navy Operational Processing Facilities (NOPFs). These facilities combine data from the static SOSUS networks and SURTASS ships to provide “detection, localization, and tracking of submarines.” DRAPES’ ability to provide wide coverage from a fixed location in the ocean, apparently without the need for additional NOPF facility footprints, would be a substantial improvement over the old SOSUS network.

As China and Russia have asserted themselves anew as “pacing competitors,” as described by Undersecretary of Defense Robert Work, the U.S. Navy has taken a renewed interest in its traditional Cold War antisubmarine warfare mission. Together, DRAPES and SURTASS promise to provide a persistent, long-range ability to detect adversary submarines around the globe. Using cueing data from those platforms, improved local anti-submarine assets like the P-8 Poseidon sub hunter aircraft (which replaces the 50 year-old P-3 Orion) and surface combatants with new, improved towed sonar arrays of their own, like the Multi-Function Towed Array, can then close on a target, and track or engage it as needed.