US plans to beef up Cyber Command, separate cyberwar operations from NSA

PentagonThe White House will soon announce its decision to strengthen the United States Cyber Command and separate cyber war operations from intelligence functions, according to insider reports. For many decades, the National Security Agency has been in charge of protecting America’s cyber network and combating online threats. But in 2009, the Administration of US President Barack Obama established a brand new Cyber Command, proposing that the online environment represented a new theater of war. Since that time, the US Department of Defense has been campaigning in favor of strengthening the new Cyber Command and completely removing it from the patronage of the NSA –despite the fact that the latter is also a Pentagon agency.

According to media reports, US President Donald Trump has decided to follow the Pentagon’s suggestion. After several months of delay, his administration is now preparing to announce a major reinforcement of the US Cyber Command, and a formal separation between its functions and those of the NSA. According to the American news network PBS, which broke the news on Monday, the idea behind the move is to give the Cyber Command more operational autonomy and to allow it to establish its own mission statement, which will be distinct from that of the NSA. The latter is an intelligence organization, which means that it primarily seeks to exploit adversary networks for purposes of collecting information. Broadly speaking, therefore, the NSA finds operational adversary cyber networks far more useful than destroyed networks. That tends to clash with the goals of the US Cyber Command, whose tactical goals often center on launching destructive attacks on enemy networks. It is believed that the impending change will allow it to do so without the interference of the NSA.

According to PBS, which cited anonymous sources in its report, the details of the separation “are still being worked out”. Furthermore, some observers caution that the Cyber Command will continue to rely on NSA technology and expertise for years to come, until it is able to carry its own weight. There is even less discussion about the view of the NSA on the matter, which some claim is notably negative. However, the move appears to have been decided, and the Cyber Command’s budget will be increased by nearly 20% to $647 million in the coming year, reflecting its elevated role in US defense.

Author: Joseph Fitsanakis | Date: 19 July 2017 | Permalink

Advertisements

Islamic State’s cyber army still ‘largely intact’ despite America’s efforts

US Cyber CommandThe global reach of the Islamic State through the use of the internet remains “largely intact” despite relentless efforts by some of America’s most advanced cyber warfare experts to neutralize the group’s online presence. It is now over a year since the United States Department of Defense announced that it had launched a cyber war against the Islamic State —the militant Sunni Muslim group that today controls large parts of Syria and Iraq.

At that time, the Pentagon’s Cyber Command (USCYBERCOM), put in motion plans that included the deployment of computer viruses, denial-of-service attacks and other cyber weapons against computers, internet servers and cell phone networks belonging to the Islamic State. As intelNews wrote at the time, the idea behind the plan was that an all-out online war against the Sunni militant group would hurt its public image and prevent it from launching armed attacks against targets abroad. Additionally, the Pentagon aimed to disrupt the Islamic State’s ability to recruit new members online, to spread its propaganda and to coordinate operations through the use of encrypted communications.

However, according to The New York Times, American military commanders are disappointed with the Cyber Command’s efforts. The Pentagon is quickly discovering, says the paper, that its cyber warfare methods, which were designed for fixed targets in countries like North Korea and Iran, are ineffective against the mobile and polymorphic cyber army of the Islamic State. In many instances, US Pentagon hackers wipe out online information found on Islamic State servers, only to see it reappear elsewhere online within hours. In other cases, US Cyber Command experts uncover Islamic State information stored on the cloud, but are unable to access it because it is strongly encrypted.

According to The Times, the lack of progress in the cyber war against the Islamic State was one of the reasons why the administration of President Barack Obama sought to replace Admiral Mike Rogers, the head of the National Security Agency, who also led the US Cyber Command —and continues to do so under the Donald Trump administration.

Author: Ian Allen | Date: 20 June 2017 | Permalink

US considers launching all-out cyber war against Islamic State

US Cyber CommandFollowing a request from the White House, the United States Department of Defense is putting together options to launch offensive cyber operations of an unprecedented scale against the Islamic State. The White House reportedly issued the request soon after the December 2 shooting in San Bernardino, California, in response to reports that the two shooters were radicalized through exposure to online propaganda by the Islamic State. According to American government officials, US President Barack Obama directed the Pentagon to put together a report outlining options for “a stepped up cyber offensive” against online activities by the Islamic State in Iraq and Syria.

The report is allegedly being prepared by the US Cyber Command (USCYBERCOM), the Pentagon office responsible for conducting what the US military calls “full spectrum military cyberspace operations”. Offensive cyber security planners at USCYBERCOM, which is located at Fort George G. Meade in Maryland, are said to have prepared plans that include proposals to launch numerous computer viruses, denial-of-service attacks and other cyber weapons against computers, internet servers and cell phone networks belonging to the Islamic State. The idea behind the plan is that an all-out online war against the Sunni militant group would hurt its image and prevent it from launching armed attacks against civilian targets abroad.

However, Canadian newspaper The Toronto Star reports that a number of other US agencies, including the Federal Bureau of Investigation, have voiced objections to the USCYBERCOM plan, arguing that an all-out cyber war against the Islamic State could backfire. Specifically, some US intelligence officials argue that sabotaging online communications nodes, as well as cell phone networks, would make it harder to spy on the Islamic State. Additionally, such a move would hinder the work of aid groups, opposition forces, and even Western-backed rebel forces in the Levant, who rely on the same Internet and cellular networks to communicate with each other. These officials argue instead that the US should opt for surgical attacks on specific computers or cell phones used by senior Islamic State planners.

According to media reports, US Defense Secretary Ashton Carter is scheduled to meet with USCYBERCOM commanders this week in order to evaluate the possibilities for offensive cyber attacks against the Islamic State. He will then brief President Barack Obama on the available options.

Author: Ian Allen | Date: 22 December 2015 | Permalink

Did US spies hack French government computers using Facebook?

The Palais de l'ÉlyséeBy JOSEPH FITSANAKIS | intelNews.org |
A sophisticated computer virus discovered at the center of the French government’s secure computer network was planted there by the United States, according to unnamed sources inside France’s intelligence community. Paris-based magazine L’Express, France’s version of Time magazine, says in its current issue that the alleged American cyberattack took place shortly before last April’s Presidential elections in France. It resulted in the infection of the entire computer system in the Palais de l’Élysée, which is the official residence of the President of France. The French magazine cites unnamed sources inside the French Network and Information Security Agency (ANSSI), which is responsible for cybersecurity throughout France. The sources claim that the snooping virus allowed its handlers to gain access to the computers of most senior French Presidential aides and advisers during the final weeks of the administration of French President Nicolas Sarkozy, including his Chief of Staff, Xavier Musca. The article claims that the virus used a source code nearly identical to that of Flame, a super-sophisticated version of Stuxnet, the virus unleashed a few years ago against the computer infrastructure of the Iranian nuclear energy program. Many cybersecurity analysts believe that the US and Israel were instrumental in designing both Stuxnet and Flame. IntelNews understands that the alleged virus was initially directed at employees of the Palais de l’Élysée through Facebook. The targets were allegedly befriended by fake Facebook profile accounts handled by the team that operated the virus. The targets were then sent phishing emails that contained links to phony copies of the login page for the Palais de l’Élysée intranet website. Read more of this post

US and Israel behind computer virus that hit Iran, say sources

Flame virus code segmentBy JOSEPH FITSANAKIS | intelNews.org |
Flame, a sophisticated computer malware that was detected last month in computers belonging to the Iranian National Oil Company and Iran’s Ministry of Petroleum, was created by Israel and the United States, according to a leading American newspaper. Quoting “officials familiar with US cyber-operations”, The Washington Post reported on Wednesday that the malware, which is said to be “massive in size”, is part of a wider covert program codenamed OLYMPIC GAMES. The paper said that the US portion of the program is spearheaded by the National Security Agency, which specializes in cyberespionage, and the CIA’s Information Operations Center. The Post further claims that OLYMPIC GAMES has a three-fold mission: to delay the development of the Iranian nuclear program; to discourage Israeli and American officials from resorting to a conventional military attack on Iran; and to buy time for those officials who favor addressing the Iranian nuclear stalemate with diplomatic pressures coupled with sanctions. According to one “former intelligence official” quoted in The Post, the scale of OLYMPIC GAMES “is proportionate to the problem that’s trying to be resolved”. Russian antivirus company Kaspersky Lab, which first spotted the Flame virus in May, said that it is “one of the most complex threats ever discovered”. It is over 20 megabytes in size, consisting of 650,000 lines of code. In comparison, Stuxnet, a computer super-virus that was detected by experts in 2010, and caused unprecedented waves of panic among Iranian cybersecurity experts, was 500 kilobytes in size. Read more of this post

News you may have missed #675

Eugene ForseyBy IAN ALLEN | intelNews.org |
►►US ‘has engaged in cyberwarfare’. Former National Security Agency Director Mike McConnell said in an interview with Reuters that the United States has already used cyber attacks against an adversary. Most believe he was referring to Stuxnet, the computer virus unleashed against Iran in 2010.
►►Philippines studying US offer to deploy spy planes. The Philippines is considering a US proposal to deploy surveillance aircraft on a temporary, rotating basis to enhance its ability to guard disputed areas in the South China Sea, the Philippine defense minister said last week. The effort to expand military ties between the United States and the Philippines, which voted to remove huge American naval and air bases 20 years ago, occurs as both countries grapple with the growing assertiveness of China.
►►Canadian intelligence spied on constitutional expert. Canadian security forces kept close tabs on renowned constitutional scholar Eugene Forsey from his early days as a left-wing academic to his stint as a senator, according to newly declassified documents. The collection of more than 400 pages, which has been obtained by Canadian newspaper The Toronto Star, reveals the RCMP Security Service (the predecessor to the Canadian Security Intelligence Service), followed Forsey for four decades throughout his career as an economics professor, research director for the Canadian Congress of Labour (now called the Canadian Labour Congress), a two-time Ottawa-area candidate for the Cooperative Commonwealth Federation and then his 1970 appointment as a Liberal senator. No surprises here.

US Pentagon computers cannot be protected, says NSA head

General Keith AlexanderBy JOSEPH FITSANAKIS | intelNews.org |
The man in charge of America’s most powerful intelligence agency says the United States Department of Defense computer network is so disordered and chaotic that it cannot be defended from cyberattacks. General Keith Alexander directs the National Security Agency, America’s wealthiest intelligence institution, which expert James Bamford has described as “the world’s most powerful spy agency”. As America’s foremost signals intelligence agency, the NSA is largely responsible for protecting the integrity, security and cohesion of the country’s public and restricted military communications networks, including computer networks. To do so, it consumes an annual budget that dwarfs those of most other intelligence agencies, and employs entire armies of computer security experts and other professionals. But, according to General Alexander, who also heads the US Pentagon’s new Cyber Command, there is not much his army of cyberwarriors can do to either prevent or repel possible large-scale cyberattacks directed against the DoD’s computer networks. The NSA chief was speaking yesterday at the International Conference on Cyber Security, a high-profile gathering of experts at New York’s Fordham University. He told the conference, which is sponsored by the Federal Bureau of Investigation, that the Pentagon’s computer infrastructure is too anarchic and chaotic to be successfully defended from cyberespionage, cyberterrorism, or cyberwarfare assaults. He said the DoD computer system consists of so many interconnected networks —over 15,000 in all— that the NSA “can’t see them all [let alone] defend them all”. As a result, said Alexander, the DoD’s current communications infrastructure “is indefensible”. Read more of this post