Aug 29 2022

NATO Investigates Dark Web Leak of Data Stolen from Missile Vendor

Category: Cyber Threats,Cyber War,Dark Web,Digital cold warDISC @ 1:23 pm

Documents allegedly belonging to an EU defense dealer include those relating to weapons used by Ukraine in its fight against Russia.

blue hacker hands over keyboard
Source: Andrey Khokhlov via Alamy Stock Photo

NATO is investigating the leak of data reportedly stolen from a European missile systems firm, which hackers have put up for sale on the Dark Web, according to a published report.

The leaked data includes blueprints of weapons used by Ukraine in its current war with Russia.

Integrated defense company MBDA Missile Systems, headquartered in France, has acknowledged that data from its systems is a part of the cache being sold by threat actors on hacker forums after what appears to be a ransomware attack.

Contradicting the cyberattackers’ claims in their ads, nothing up for grabs is classified information, MBDA said. It added that the data was acquired from a compromised external hard drive, not the company’s internal networks.

NATO, meanwhile, is “assessing claims relating to data allegedly stolen from MBDA,” a NATO official told Dark Reading on Monday.

“We have no indication that any NATO network has been compromised,” the official said.

Double Extortion

MBDA acknowledged in early August that it was “the subject of a blackmail attempt by a criminal group that falsely claims to have hacked the company’s information networks,” in a post on its website.

The company refused to pay the ransom and thus the data was leaked for sale online, according to the post.

Specifically, threat actors are selling 80GB of stolen data on both Russian- and English-language forums with a price tag of 15 bitcoins, which is about $297,279, according to a report from the BBC, which broke the news about the NATO investigation Friday. In fact, cybercriminals claim to already have sold data to at least one buyer.

NATO is investigating one of the firm’s suppliers as the possible source of the breach, according to the report. MBDA is a joint venture between three key shareholders: AirBus, BAE Systems, and Leonardo. Though the company operates out of Europe, it has subsidiaries worldwide, including MBDA Missile Systems in the United States.

The company is working with authorities in Italy, where the breach occurred.

MBDA reported $3.5 billion in revenue last year and counts NATO, the US military, and the UK Ministry of Defense among its customers.

Classified Info & Ukraine

Hackers claimed in their ad for the leaked data to have “classified information about employees of companies that took part in the development of closed military projects,” as well as “design documentation, drawings, presentations, video and photo materials, contract agreements, and correspondence with other companies,” according to the BBC.

Among the sample files in a 50-megabyte stash viewed by the BBC is a presentation appearing to provide blueprints of the Land Ceptor Common Anti-Air Modular Missile (CAMM), including the precise location of the electronic storage unit within it. One of these missiles was recently sent to Poland for use in the Ukraine conflict as part of the Sky Sabre system and is currently operational, according to the report.

This might provide a clue about the motive of threat actors; advanced persistent threats (APTs) aligned with Russia began hitting Ukraine with cyberattacks even before the Russian official invasion on Feb. 24.

After the conflict on the ground began, threat actors continued to throttle Ukraine with a cyberwar to support the Russian military efforts.

The sample data viewed by the BBC also included documents labelled “NATO CONFIDENTIAL,” “NATO RESTRICTED,” and “Unclassified Controlled Information,” according to the report. At least one stolen folder contains detailed drawings of MBDA equipment.

The criminals also sent by email documents to the BBC including two marked “NATO SECRET,” according to the report. The hackers did not confirm whether the material had come from a single source or more than one hacked source.

Nonetheless, MBDA insists that the verification processes that the company has executed so far “indicate that the data made available online are neither classified data nor sensitive.”

https://

/vulnerabilities-threats/nato-investigates-leak-of-data-stolen-from-missile-vendor

Cyber War

Tags: cyber threats, cyberwarfare, dark web


Mar 01 2022

CISA and FBI warn of potential data wiping attacks spillover

Category: Cyber War,data security,Digital cold warDISC @ 10:08 am

US CISA and the FBI warned US organizations that data wiping attacks targeting Ukraine entities could spill over to targets worldwide.

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory to warn US organizations of data wiping attacks targeting Ukraine that could hit targets worldwide.

The advisory warns of the potential effects of the two destructive malware, tracked as WhisperGate and HermeticWiper, on organizations worldwide.

The US agencies believe that further disruptive data wiping attacks could target organizations in Ukraine and may unintentionally spill over to organizations in other countries.

This joint Cybersecurity Advisory (CSA) provides information on the two wipers as well as indicators of compromise (IOCs) that could be used by defenders to detect and prevent infections. The advisory also provides recommended guidance and considerations for organizations to address as part of network architecture, security baseline, continuous monitoring, and incident response practices.

“Destructive malware can present a direct threat to an organization’s daily operations, impacting the availability of critical assets and data. Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries.” reads the advisory. “Organizations should increase vigilance and evaluate their capabilities encompassing planning, preparation, detection, and response for such an event.”

Below is the list of actions recommended to the organizations:
• Set antivirus and antimalware programs to conduct regular scans.
• Enable strong spam filters to prevent phishing emails from reaching end users.
• Filter network traffic.
• Update software.
• Require multifactor authentication.

The advisory also includes recommendations for System and Application Hardening and Recovery and Reconstitution Planning along with Incident Response instructions.

Blackout Warfare: Attacking The U.S. Electric Power Grid A Revolution In Military Affairs 

Tags: Blackout Warfare, data wiping attacks


Jan 08 2022

One Book Reveals the Future of the Chinese-American Conflict

In great-power competition, force is the coin of the realm. The Great Nightfall: Why We Must Win the New Cold War explains how. 

Ambassador Middendorf delivers a seminal book for understanding military competition in an era of great-power competition. No one who is serious about the future security, prosperity and freedom of America should neglect this essential read.

Ambassador Bill Middendorf makes one unambiguous argument in his new book, The Great Nightfall: Why We Must Win the New Cold War. America won’t survive and thrive in an era of great-power competition without a strong, dominant military. There is one reason for that. China.  

The Great Nightfall lays out the threat posed by the Chinese Communist Party. It also makes a compelling argument for the kind of military the U.S. needs to match the dangers posed by Beijing. 

Middendorf has given a full lifetime of service to the nation, from his days at sea during World War II to diplomatic assignments and government posts. Among the latter, a turn as Secretary of the Navy. He was instrumental in designing the naval forces that completely outmatched the Soviets during the Cold War. Today, he remains America’s maritime Henry Kissinger, the nation’s preeminent thinker on naval modernization. 

In The Great Nightfall, Middendorf deconstructs great-power competition. Regardless of how many internet trolls, little green men, bank accounts and businesses a state controls, it’s not enough to make the state a great power. That requires real military power. 

Without the capacity to physically defend national interests, big states are fat banks waiting to be robbed. In contrast, nations that can defend themselves have a foundation on which to build sustainable diplomatic, economic and political policies. “The Cold War ended,” Middendorf argues in The Great Nightfall, “because we were the strongest military force in the world, backed by a unified NATO and strong allies in the Pacific.”  

In short, in great-power competition, force is the coin of the realm. The problem with contemporary competition, Middendorf notes, is that “[t]imes have changed.” China is on a path to challenge the United States for number one.  

One of the attributes the great-power competition shares with the Cold War is that our adversaries would prefer to “win without fighting.” In other words, they want to achieve victory without the debilitating costs and risks of direct military conflict. These opponents are predisposed to adopt indirect approaches to whittle-away at the strength and solidarity of the free world. That said, military competition plays an important role in their calculus, particularly for China. Chinese strategy envisions ultimately demonstrating sufficient military dominance that Beijing can intimidate other nations and bend them to its will. 

In some ways, the new era of great-power competition resembles a new type of arms race. And, as was the case during the Cold War, there are concerns that the competition could turn into armed confrontation. Indeed, The Great Nightfall maps out several scenarios—from North Korea to the South China Seas—where great powers could actually come to blows. 

The Great Nightfall, however, is fundamentally a book about how the United States can establish conventional and strategic deterrence in the modern world. “This book is not a call for war,” writes the author. “The best way to prepare for war is to be prepared to win it. We need to stop underfunding the military, especially in areas of research, non-conventional war, space, cyberwar, and artificial intelligence. War is changing, and we need to change with it. We cannot expect success fighting tomorrow’s conflicts with yesterday’s weapons.”  

Middendorf’s blueprint for protecting America in the twenty-first century stands out in two ways. First, he provides a detailed assessment of how to protect the U.S. capacity to build and sustain a modern military. Here, he addresses issues from research and development, to establishing secure, “clean” supply chains, to ship-building. Second, he delivers a comprehensive overview of future U.S. naval needs.

It is not just his naval service and stint as Secretary of the Navy that lead the ambassador to focus on seapower. Fundamentally, China’s potential as a global threat is rooted in its ability to project maritime power. And naval power, in the modern sense, is multidimensional, linking the ability to sail the seas with undersea warfare, air, space, and cyber operations. 

The outstanding contribution of The Great Nightfall is its extraordinarily deep evaluation of all aspects of naval power, covering the nature of the Chinese threats and the appropriate countermeasures. In the end, Middendorf delivers a seminal book for understanding military competition in an era of great-power competition. No one who is serious about the future security, prosperity and freedom of America should neglect this essential read.  

Tags: Chinese-American Conflict, New Cold War, The Great Nightfall


Oct 14 2021

Ex-DoD Security Chief: China is Winning—it’s ‘A Done Deal’

Category: Cyber War,Digital cold warDISC @ 9:43 am

The former chief software officer for the U.S. Air Force, Nicolas Chaillan, says the U.S. is falling far behind China in cybersecurity. In a no-holds-barred interview, he unloads his frustrations, built up over three years of inept bungling at the Pentagon.

He quit his job last month, in disgust. “We are setting up critical infrastructure to fail,” Chaillan warned. And now Defense Department officials will be bracing themselves for more criticism as he vows to testify to Congress.

Lauren Knausenberger now holds the poisoned chalice. In today’s SB Blogwatch, we plan to fail.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Fruit salad word salad.

Beijing Back Better

What’s the craic? Katrina Manson reports—“Chaillan speaks of ‘good reason to be angry’ as Beijing heads for ‘global dominance’”:

Kindergarten level”
In his first interview since leaving the post at the Department of Defense a week ago, Nicolas Chaillan told [me] the failure of the US to respond to Chinese cyber and other threats was putting his children’s future at risk. “We have no competing fighting chance against China in 15 to 20 years. Right now, it’s already a done deal; it is already over in my opinion,” he said.

Chaillan, 37, who spent three years on a Pentagon-wide effort to boost cyber security and as first chief software officer for the US Air Force, said Beijing is heading for global dominance because of its advances in artificial intelligence, machine learning and cyber capabilities. He argued these emerging technologies were far more critical to America’s future than hardware such as big-budget fifth-generation fighter jets such as the F-35.

Senior defence officials have acknowledged they “must do better” to attract, train and retain young cyber talent. … Chaillan announced his resignation in a blistering letter at the start of September, saying military officials were repeatedly put in charge of cyber initiatives for which they lacked experience, decrying Pentagon “laggards” and absence of funding.

Chaillan said he plans to testify to Congress about the Chinese cyber threat to US supremacy, including in classified briefings, over the coming weeks. … He added US cyber defences in some government departments were at “kindergarten level.”

Ex-DoD Security Chief: China is Winning—it’s ‘A Done Deal’

The New Art of War: China’s Deep Strategy Inside the United States 

Tags: China is Winning, cyberwarfare, New Art of War


Sep 19 2021

The digital identity imperative

Category: Digital cold war,Information PrivacyDISC @ 2:24 pm

But creating an identity layer wasn’t imperative for the creators of the internet as they didn’t predict the emergence of online platforms that facilitate people-to-people interaction.

The digital presences most of us have are based on browsing or consumer habits and are siloed within various accounts and social networks. Indeed, they don’t present an accurate picture of our unique identifiers and who we are.

Building an identity layer is complex

Establishing a verified digital identity is a complex process. Authenticating that a person performing an action online is who they say they are, and then validating that they exist is tedious for two major reasons.

The digital identity imperative

Self-Sovereign Identity

Tags: Digital Identity, Self-Sovereign Identity


May 04 2021

ON THE INTERNET THE “COLD” WAR HAS TURNED HOT

Category: Cyber War,Digital cold warDISC @ 9:20 am

America has a serious infrastructure problem.

America’s most urgent infrastructure vulnerability is largely invisible and unlikely to be fixed by the Biden administration’s $2 trillion American Jobs Plan.

I’m thinking about vulnerabilities that lurk in your garage (your car), your house (your computer), and even your pocket (your phone). Like those devices of yours, all connected to the Internet and so hackable, American businesses, hospitals, and public utilities can also be hijacked from a distance thanks to the software that helps run their systems. And don’t think that the American military and even cybersecurity agencies and firms aren’t seriously at risk, too.

Such vulnerabilities stem from bugs in the programs — and sometimes even the hardware — that run our increasingly wired society. Beware “zero-day” exploits — so named because you have zero days to fix them once they’re discovered — that can attract top-dollar investments from corporations, governments, and even black-market operators. Zero days allow backdoor access to iPhones, personal email programs, corporate personnel files, even the computers that run dams, voting systems, and nuclear power plants.

It’s as if all of America were now protected by nothing but a few old padlocks, the keys to which have been made available to anyone with enough money to buy them (or enough ingenuity to make a set for themselves). And as if that weren’t bad enough, it was America that inadvertently made these keys available to allies, adversaries, and potential blackmailers alike.

The recent SolarWinds hack of federal agencies, as well as companies like Microsoft, for which the Biden administration recently sanctioned Russia and expelled several of its embassy staff, is only the latest example of how other countries can hack basic American infrastructure. Such intrusions, which actually date back to the early 2000s, are often still little more than tests, ways of getting a sense of how easy it might be to break into that infrastructure in more serious ways later. Occasionally, however, the intruders do damage by vacuuming up data or wiping out systems, especially if the targets fail to pay cyber-ransoms. More insidiously, hackers can also plant “time bombs” capable of going off at some future moment.

ON THE INTERNET THE “COLD” WAR HAS TURNED HOT

The Coming Cyber War

Tags: Cyber-warfare, cybergeddon, cyberwar, cyberwarfare


Dec 13 2020

Suspected Russian hackers spied on U.S. Treasury emails

Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury Department and an agency that decides internet and telecommunications policy, according to people familiar with the matter.

Three of the people familiar with the investigation said Russia is currently believed to be behind the attack.

Two of the people said that the breaches are connected to a broad campaign that also involved the recently disclosed hack on FireEye, a major U.S. cybersecurity company with government and commercial contracts.

“The United States government is aware of these reports and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” said National Security Council spokesman John Ullyot.

The hack is so serious it led to a National Security Council meeting at the White House on Saturday, said one of the people familiar with the matter.

Source: Suspected Russian hackers spied on U.S. Treasury emails – sources


    Active Exploitation of SolarWinds Software

    Emergency directive: Global governments issue alert after FireEye hack is linked to SolarWinds supply chain attack

    SolarWinds Security Advisory

    Massive suspected Russian hack is 21st century warfare

    The government has known about the vulnerabilities that allowed the SolarWinds attack since the birth of the internet—and chose not to fix them.

    WATCH: Trump refuses to acknowledge that Russia meddled in US elections



RUSSIAN GOVERNMENT HACKING GROUP ‘APT29’ BEHIND CYBER HACK ON US GOVERNMENT
httpv://www.youtube.com/watch?v=FM66FgFk6Ls



U.S. Agencies Hit in Brazen Cyber-Attack by Suspected Russian Hackers
httpv://www.youtube.com/watch?v=vlVGnu7i0tY



#Sandworm: A New Era of #Cyberwar and the Hunt for the #Kremlin’s Most #Dangerous #Hackers Paperback




Tags: APT29, cyber hacking, FireEye, Greenburg, Russian cyber attack, Russian espionage, Russian hackers, Sandworm, U.S. Treasury


May 22 2019

China, Leverage, and Values

Category: Cyber Espionage,Cyber War,Digital cold warDISC @ 5:12 pm

If there is a new tech cold war, it is one with shots fired over a decade ago, largely by China. The questions going forward are about both leverage and values.

Source: China, Leverage, and Values

5G is a war the US is about to lose warns DoD

more on Cyber War

 

Image result for Digital Cold War

Jack Goldsmith: “The United States is Losing the Digital Cold War” | Talks at Google





Tags: digital cold war, Tech cold war