asymmetric warfare

Reagan? No, Regin — Yet Another [GCHQ] Intelligence Malware

Recently, computer security firm Symantec reported discovery of another intelligence-gathering malware, dubbing  it “Regin.”

What’s particularly interesting about this malware is its targets:

  • It infected computers in Afghanistan, Austria, Belgium, India, Iran, Ireland, Mexico, Pakistan, Russia, Saudia Arabia;
  • At 48% of total infections, the largest group of targets were private individuals and small businesses.

Please do read Symantec’s blog post and its technical paper on Regin to understand how it works as well as its targets. Many news outlets either do not understand malware and cybersecurity, or they get facts wrong whenever major malware attacks are reported. Symantec’s revelation about Regin is no different in this respect.

Independent.ie offers a particularly exceptional example distorting Symantec’s report, claiming “Ireland is one of the countries worst hit globally by a dangerous new computer virus that spies on governments and companies, according to a leading technology firm.”

If by “worst hit,” they mean among the top four countries targeted by this malware? Sure. But only 9% of the infections affected Irish-based computers, versus 28% of infections aimed at Russian machines, and 24% affecting Saudi machines. The Independent.ie’s piece reads like clickbait hyperbole, or fearmongering, take your pick.

What wasn’t addressed by the Independent.ie and numerous other outlets, including those covering the tech sector are some fundamental questions:

  • What assets or activities might the targeted countries have in common that would make them targets of a single intelligence operation organized by one or more nation-states?
  • What are so many private individuals and small businesses targeted by this malware, in contrast to other malware-based intelligence-collection operations seen to date?

The Guardian came closest to examining these issues, having interviewed researchers at computer security firm F-Secure to ask the origins of the malware. As of 24-NOV-2014, the firm’s Mikko Hypponen speculated that the US, UK, and/or Israel were behind Regin’s development and deployment.

As of the video embedded above, Hypponen firmly says the UK’s intelligence entity GCHQ is behind Regin, in particular the malware’s invasion of a Belgian telecom network (see video at 07:20). Continue reading

Why So Surprised? CIA, U.S. Military Knew Chinese Hackers Expected Since 1999

Cover, Unrestricted Warfare via Wikimedia

Cover, Unrestricted Warfare via Wikimedia

The breathless reporting about the alleged Chinese hacking at The New York Times is truly annoying because of the shock it displays. The surprise any major government or private corporate entity shows at this point about any network-based security breach that appears to originate from China should be treated as propaganda, or a display of gross ignorance.

In 1999, the CIA’s Foreign Broadcast Information Service published a white paper entitled Unrestricted Warfare, written by the PRC’s Col. Qiao Liang and Col. Wang Xiansui. The publication outlined the methodologies a nation-state could deploy as part of an asymmetric war. Further, the same work outlined the U.S.’s weaknesses at that time were it to confront such asymmetric warfare. It did not focus any other nation-state, just the U.S.*

The colonels acknowledged that the U.S.—at the time of the paper—had considered using a range of tools in response to conflicts:

“…There’s no getting around the opinions of the Americans when it comes to discussing what means and methods will be used to fight future wars. This is not simply because the U.S. is the latest lord of the mountain in the world. It is more because the opinions of the Americans on this question really are superior compared to the prevailing opinions among the military people of other nations. The Americans have summed up the four main forms that warfighting will take in the future as: 1) Information warfare; 2) Precision warfare [see Endnote 8]; 3) Joint operations [see Endnote 9]; and 4) Military operations other than war (MOOTW) [see Endnote 10]. This last sentence is a mouthful. From this sentence alone we can see the highly imaginative, and yet highly practical, approach of the Americans, and we can also gain a sound understanding of the warfare of the future as seen through the eyes of the Americans. Aside from joint operations, which evolved from traditional cooperative operations and coordinated operations, and even Air- Land operations, the other three of the four forms of warfighting can all be considered products of new military thinking. General Gordon R. Sullivan, the former Chief of Staff of the U.S. Army, maintained that information warfare will be the basic form of warfighting in future warfare. For this reason, he set up the best digitized force in the U.S. military, and in the world. Moreover, he proposed the concept of precision warfare, based on the perception that “there will be an overall swing towards information processing and stealthy long-range attacks as the main foundations of future warfare.” For the Americans, the advent of new, high-tech weaponry, such as precision-guided weapons, the Global Positioning System (GPS), C4I systems and stealth airplanes, will possibly allow soldiers to dispense with the nightmare of attrition warfare. …”

The rise of military tools like drones for precision-guided stealth attacks was predicted; quite honestly, the PRC’s current cyber warfare could be a pointed response to Gen. Sullivan’s statement about information warfare.

But in acknowledging the U.S.’s future use of MOOTW, the colonels also offered up the most likely approaches in an asymmetric assault or response: trade war, financial war, new terror war in contrast to traditional terror war, ecological war. Of these, they cited a specific example of new terror war entity and attacks: Continue reading

Emptywheel Twitterverse
bmaz RT @DanCBarr: Well done story by @BrittanyBade_AZ of @cronkitenews on SB 1172, which seeks to limit teachers' speech rights. http://t.co/xv
6hreplyretweetfavorite
bmaz @WilliamOckhamTx Sure is. Dick is one hell of a lawyer.
8hreplyretweetfavorite
bmaz Has @Popehat escaped the singathon yet?
8hreplyretweetfavorite
bmaz RT @radleybalko: Obama has said he believes federal drug sentences are inhumane. So 22 commutations--of 1000s--isn't courageous. It's polit…
8hreplyretweetfavorite
emptywheel RT @ChrisDolmetsch: #scoopage by @ChristieSmythe HSBC Wins Dismissal of New York Foreclosure Practice Suit http://t.co/V69H0dIgd9
9hreplyretweetfavorite
emptywheel @moorehn We're having spring with the added benefit that, precipitation restarted, it appears to be behaving and precipping at night.
9hreplyretweetfavorite
bmaz Durst arrest warrant should be 'thrown out,' attys say http://t.co/jw5qdOhd26 Wow, if these facts are right, DeGuerin's motion may have legs
9hreplyretweetfavorite
emptywheel @DafnaLinzer And not even including Scooter Libby @BarackObama
9hreplyretweetfavorite
emptywheel @phillipanderson If we're the "Democratic" party can we demand less formulaic consultants?
9hreplyretweetfavorite
emptywheel @flexlibris That might be my favorite detail of the day. Especially bc LM recipients are always big surveillance fans.
9hreplyretweetfavorite
emptywheel RT @flexlibris: Meanwhile, Lockheed Martin is managing the "contact me" pages of a number of members of Congress. That's right.
9hreplyretweetfavorite
emptywheel @OKnox Saudis have quidded their pro I suspect. @GerardAraud
10hreplyretweetfavorite
April 2015
S M T W T F S
« Mar    
 1234
567891011
12131415161718
19202122232425
2627282930