Phony War: US Military To Carry Out Pretend Cyber War Against China & Russia

Uploaded on 2015-11-23 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW

In an unprecedented move tucked into the defense authorization bill, Congress ordered US Cyber Command to carry out simulated 'war games' against Russia, China, Iran and North Korea. It’s 2020 and Russian forces are seizing the Arctic, partly by hacking the FedEx networks that handle shipping orders for US troops. 

Not a far cry from reality, if one’s been following Defense Department warnings that cyberspace will be a part of any future war. And apparently, some US lawmakers want to project more power in the newest military domain.

In an unprecedented move, Congress just ordered US Cyber Command to carry out simulated “war games” against, specifically, Russia, along with China, Iran and North Korea. The drills are expected to run uniformed service members, civilians and contractors through the motions of staving off a cyber assault the likes of which each nation state will be equipped for — five to 10 years from now. 

The Joint Chiefs of Staff will “conduct a series of war games” to gauge the “strategy, assumptions, and capabilities of the United States Cyber Command to prevent large-scale cyberattacks, by foreign powers with cyberattack capabilities comparable to the capabilities that China, Iran, North Korea, and Russia are expected to achieve in the years 2020 and 2025, from reaching United States targets,” lawmakers wrote in the 2016 National Defense Authorization Act.

The bill is awaiting the signature of President Barack Obama, after clearing Congress. 
For decades in the Nevada desert, the military has run combat rehearsals with kinetic weapons such as jets and tanks, while Cyber Command, since coming to fruition in 2010, has simultaneously engaged in similar practice sessions.
But this is the first time Congress has identified which foreign cyber adversaries the Pentagon must consider an imminent threat to the livelihood of US citizens. The results of the war games must be delivered to lawmakers by fall 2016. 
War games typically refer to large-scale exercises, such as “Cyber Flag,” which is the information security portion of the yearly “Red Flag” training session, held at Nellis Air Force Base in Nevada, said Rob Bagnall, founder of contractor Maverick Cyber Defense, which supports the intelligence community’s annual cyber exercises.
“You are talking hundreds of participants from many places,” he said. Cyber Flag, for instance, teams all branches, CYBERCOM and other government entities in multiple locations. 

A Techno-thriller Could Signal China’s Ambitions

Over the past year, following several high profile, suspected government-backed hacks, US national security leaders have stopped mincing words about aggressors, publicly naming the countries allegedly responsible.
In June, Director of National Intelligence James Clapper called China the “leading suspect” in the theft of Office of Personnel Management background investigation records on 21.5 million individuals. 

Earlier, Obama said the North Korean government “cyber vandalized” Sony about a year ago, by leaking the entertainment conglomerate’s intellectual property and personnel records, in addition to destroying computer equipment. 
As for Russia, Clapper testified in a Sept. 10 House Intelligence Committee hearing the country is establishing its own cyber command to maneuver offensively in the domain, partly by “inserting malware into enemy command and control systems.” He added, “Russian cyber actors are developing means to remotely access industrial control systems used to manage critical infrastructures,” which are systems like power grids and transportation lines.

Earlier this year, at a Senate Armed Services Committee hearing, Clapper confirmed the Iranian government was responsible for a widely reported, destructive hack against Sands Las Vegas in 2014. 

Some policy influencers say wartime attacks by these four entities would put the Sony hack to shame.
“If there was a war with states like a China, Russia, Iran or North Korea, we’d learn ‘cyber war’ is far more than stealing Social Security numbers or email from gossipy Hollywood executives as too often it is used to describe, but the takedown of the modern military nervous system and Stuxnet-style digital weapons,” Peter Singer, strategist and senior fellow at the New America Foundation think tank, told Nextgov.
The Stuxnet virus, an alleged US-Israel project, hijacked machinery powering Iran’s nuclear program. 
“Worrisome for the US is that last year the Pentagon’s weapons tester found every single major weapons program had significant vulnerabilities to cyberattack,” Singer added. 

The defense bill also directs Defense to scan every weapons system for hacker entryways by 2019. 
This year’s “Ghost Fleet: A Novel Of the Next World War,” co-authored by Singer and August Cole, a nonresident senior fellow at the Brent Scowcroft Center on International Security at the Atlantic Council, lays out where China is headed, he said.  For example, it’s plausible that, in 2020 or 2025, China could not only compromise US weapons via software attacks, but also by the hardware itself, Singer said. By manipulating the supply of standard Chinese-made microchips, including those that power various US weapons systems like the F-35, Beijing could sabotage aircraft, he said.
DefenseOne: http://bit.ly/1NL1Muz

 

« A Spy Firm’s Price List for Secret Hacker Techniques
Entrepreneur’s Guide To Surviving A Tech Bubble »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

QNAP Systems

QNAP Systems

QNAP Systems, Inc. delivers world class network attached storage (NAS) and network video recorder (NVR) solutions.

MailGuard

MailGuard

MailGuard delivers a full suite of security solutions across email and web to protect your business before threats reach your environment.

London Office for Rapid Cybersecurity Advancement (LORCA)

London Office for Rapid Cybersecurity Advancement (LORCA)

LORCA's mission is to support the most promising cyber security innovators in growing solutions to meet the most pressing industry challenges and build the UK’s international cyber security profile.

Egyptian Supreme Cybersecurity Council (ESCC)

Egyptian Supreme Cybersecurity Council (ESCC)

ESCC is responsible for developing a national strategy to face and respond to the cyber threats and attacks and to oversee its implementation and update.

Braintrace

Braintrace

Braintrace’s services include Managed Detection and Response (MDR), Managed SIEM, SIEM-as-a-Service, SOC-as-a-Service, Advisory Services, and Incident Response.

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance is a global, non-profit industry association which is working to enable a secure connected future.

Wontok

Wontok

Wontok deliver innovative value-added data security services that fill the gaps left in traditional security solutions.

Gordian Networks

Gordian Networks

Gordian Networks offers complete managed IT services and IT support for small to large businesses.

Amvia

Amvia

Amvia is a fast-growing telecoms, Internet and Microsoft service provider. We supply voice, data and cyber security services to 100s of small and large companies.

Alibaba Cloud

Alibaba Cloud

Alibaba Cloud is committed to safeguarding the cloud security for every business by leveraging a comprehensive suite of enterprise security services and products on the platform.

RMRF Tech

RMRF Tech

RMRF is a team of cybersecurity engineers and penetration testers which specializes in the development of solutions for early cyber threat detection and prevention.

McDonald Hopkins

McDonald Hopkins

McDonald Hopkins is a business advisory and advocacy law firm. We focus on insightful legal solutions that help our clients strategically plan for an increasingly competitive future.

PROW Information Technology

PROW Information Technology

PROW is at the forefront of the technology and digital revolution with a focus and mastery in the cybersecurity, information security and data management realms.

CryptoDATA

CryptoDATA

CryptoDATA develops products and services based on Blockchain technology, that ensure user security and data encryption, applicable in various fields.

Gcore

Gcore

Gcore is an international leader in public cloud and edge computing, content delivery, hosting, and security solutions.