US offensive cyber campaign disabled Iran’s strike capabilities, say sources

IRGC IranThe Islamic Revolutionary Guard Corps (IRGC) is still recovering from the damage it suffered by an offensive American cyber campaign against it that took place in June, according to sources. The attack allegedly degraded the IRGC’s ability to strike at oil tankers and other ships in the Persian Gulf. The New York Times said on Thursday that the cyber attack took place on June 20, hours after United States President Donald Trump called off airstrikes on Iran. The White House had considered launching the airstrikes in retaliation against the downing of an American surveillance drone by Iranian forces and their alleged use of limpet mines against commercial oil tankers by the IRGC the previous month.

The paper did not reveal details of the cyber campaign, but said it did not target any part of Iran’s missile or other defense programs. Its mission was to degrade the covert strike capabilities of the IRGC, which operates in a paramilitary capacity and is not supervised by the military. Washington blamed the IRGC for the limpet mine attacks against oil tankers, and expressed concerns that they would continue. The cyber attack corrupted the computer databases and communications networks that the IRGC uses to co-ordinate covert operations at sea, and resulted in the temporary cessation of IRGC attacks on oil tankers, said The Times.

The June 20 cyber attacks were not meant to be permanent but their effects have endured much longer than was expected, according to the paper. It cited claims by anonymous senior American officials that the IRGC is “still trying to repair critical communications systems and has not recovered the data lost in the attack”. It is also worth noting that, according to US sources, Iran did not escalate its own cyber attacks against Western targets in retaliation to the American cyber campaign against the IRGC.

However, according to The Times, some American officials have expressed doubts about the wisdom and long-term impact of the cyber operation. They claim that the cyber attack gave the Iranians the opportunity to collect valuable information about US cyber capabilities. It also allowed them to detect and fix their vulnerabilities so that they are now better able to defend against future cyber attacks. Lastly, the attacks neutralized IRGC communications networks, which the US had penetrated and was collecting vital intelligence from, they argue.

Author: Joseph Fitsanakis | Date: 30 August 2019 | Permalink

US plans to beef up Cyber Command, separate cyberwar operations from NSA

PentagonThe White House will soon announce its decision to strengthen the United States Cyber Command and separate cyber war operations from intelligence functions, according to insider reports. For many decades, the National Security Agency has been in charge of protecting America’s cyber network and combating online threats. But in 2009, the Administration of US President Barack Obama established a brand new Cyber Command, proposing that the online environment represented a new theater of war. Since that time, the US Department of Defense has been campaigning in favor of strengthening the new Cyber Command and completely removing it from the patronage of the NSA –despite the fact that the latter is also a Pentagon agency.

According to media reports, US President Donald Trump has decided to follow the Pentagon’s suggestion. After several months of delay, his administration is now preparing to announce a major reinforcement of the US Cyber Command, and a formal separation between its functions and those of the NSA. According to the American news network PBS, which broke the news on Monday, the idea behind the move is to give the Cyber Command more operational autonomy and to allow it to establish its own mission statement, which will be distinct from that of the NSA. The latter is an intelligence organization, which means that it primarily seeks to exploit adversary networks for purposes of collecting information. Broadly speaking, therefore, the NSA finds operational adversary cyber networks far more useful than destroyed networks. That tends to clash with the goals of the US Cyber Command, whose tactical goals often center on launching destructive attacks on enemy networks. It is believed that the impending change will allow it to do so without the interference of the NSA.

According to PBS, which cited anonymous sources in its report, the details of the separation “are still being worked out”. Furthermore, some observers caution that the Cyber Command will continue to rely on NSA technology and expertise for years to come, until it is able to carry its own weight. There is even less discussion about the view of the NSA on the matter, which some claim is notably negative. However, the move appears to have been decided, and the Cyber Command’s budget will be increased by nearly 20% to $647 million in the coming year, reflecting its elevated role in US defense.

Author: Joseph Fitsanakis | Date: 19 July 2017 | Permalink

Islamic State’s cyber army still ‘largely intact’ despite America’s efforts

US Cyber CommandThe global reach of the Islamic State through the use of the internet remains “largely intact” despite relentless efforts by some of America’s most advanced cyber warfare experts to neutralize the group’s online presence. It is now over a year since the United States Department of Defense announced that it had launched a cyber war against the Islamic State —the militant Sunni Muslim group that today controls large parts of Syria and Iraq.

At that time, the Pentagon’s Cyber Command (USCYBERCOM), put in motion plans that included the deployment of computer viruses, denial-of-service attacks and other cyber weapons against computers, internet servers and cell phone networks belonging to the Islamic State. As intelNews wrote at the time, the idea behind the plan was that an all-out online war against the Sunni militant group would hurt its public image and prevent it from launching armed attacks against targets abroad. Additionally, the Pentagon aimed to disrupt the Islamic State’s ability to recruit new members online, to spread its propaganda and to coordinate operations through the use of encrypted communications.

However, according to The New York Times, American military commanders are disappointed with the Cyber Command’s efforts. The Pentagon is quickly discovering, says the paper, that its cyber warfare methods, which were designed for fixed targets in countries like North Korea and Iran, are ineffective against the mobile and polymorphic cyber army of the Islamic State. In many instances, US Pentagon hackers wipe out online information found on Islamic State servers, only to see it reappear elsewhere online within hours. In other cases, US Cyber Command experts uncover Islamic State information stored on the cloud, but are unable to access it because it is strongly encrypted.

According to The Times, the lack of progress in the cyber war against the Islamic State was one of the reasons why the administration of President Barack Obama sought to replace Admiral Mike Rogers, the head of the National Security Agency, who also led the US Cyber Command —and continues to do so under the Donald Trump administration.

Author: Ian Allen | Date: 20 June 2017 | Permalink

US considers launching all-out cyber war against Islamic State

US Cyber CommandFollowing a request from the White House, the United States Department of Defense is putting together options to launch offensive cyber operations of an unprecedented scale against the Islamic State. The White House reportedly issued the request soon after the December 2 shooting in San Bernardino, California, in response to reports that the two shooters were radicalized through exposure to online propaganda by the Islamic State. According to American government officials, US President Barack Obama directed the Pentagon to put together a report outlining options for “a stepped up cyber offensive” against online activities by the Islamic State in Iraq and Syria.

The report is allegedly being prepared by the US Cyber Command (USCYBERCOM), the Pentagon office responsible for conducting what the US military calls “full spectrum military cyberspace operations”. Offensive cyber security planners at USCYBERCOM, which is located at Fort George G. Meade in Maryland, are said to have prepared plans that include proposals to launch numerous computer viruses, denial-of-service attacks and other cyber weapons against computers, internet servers and cell phone networks belonging to the Islamic State. The idea behind the plan is that an all-out online war against the Sunni militant group would hurt its image and prevent it from launching armed attacks against civilian targets abroad.

However, Canadian newspaper The Toronto Star reports that a number of other US agencies, including the Federal Bureau of Investigation, have voiced objections to the USCYBERCOM plan, arguing that an all-out cyber war against the Islamic State could backfire. Specifically, some US intelligence officials argue that sabotaging online communications nodes, as well as cell phone networks, would make it harder to spy on the Islamic State. Additionally, such a move would hinder the work of aid groups, opposition forces, and even Western-backed rebel forces in the Levant, who rely on the same Internet and cellular networks to communicate with each other. These officials argue instead that the US should opt for surgical attacks on specific computers or cell phones used by senior Islamic State planners.

According to media reports, US Defense Secretary Ashton Carter is scheduled to meet with USCYBERCOM commanders this week in order to evaluate the possibilities for offensive cyber attacks against the Islamic State. He will then brief President Barack Obama on the available options.

Author: Ian Allen | Date: 22 December 2015 | Permalink

News you may have missed #350

Bookmark and Share

News you may have missed #333

  • Ex-MI6 officer allegedly betrayed spies. Daniel Houghton was arrested last month while trying to sell classified documents to MI5 spooks posing as foreign agents. But now the former MI6 employee is accused by British authorities of trying to trade lists of British intelligence personnel. It is unclear which nation’s spy service Houghton believed he was selling to at the time of his arrest, though it is believed that Dutch intelligence tipped off MI5.
  • NSA director under friendly fire in US Senate. US National Security Agency director, Army Lt. Gen. Keith Alexander, spoke last Thursday before the Senate Armed Services Committee. He addressed the synergies among the NSA, the newly created Cyber Command, and the Department of Homeland Security, as well as the concept of cyberwar: “In general terms, I do think a cyberwar could exist”, he said, but only “as part of a larger military campaign”.

Bookmark and Share

News you may have missed #0146

  • RAND wants the US to abstain from cyberattacks. A new report by the US Pentagon’s research arm, RAND Corporation, suggests the US may be better off playing cyber-defense instead of resorting to cyberattacks. On offense, cyberwar might be better relegated to support roles, and then only “sparingly and precisely”, according to the report. The study comes as the US military fires up its new unified Cyber Command (USCYBERCOM) program this month.
  • Turkey says it foiled al-Qaida plot against Israeli, US targets. Turkish security forces detained on Thursday 32 suspected members of al-Qaeda, believed to have been planning attacks on Israeli, US and NATO targets. The suspects, some of whom are said to have been trained in al-Qaeda camps in Afghanistan, were detained in simultaneous raids across eight provinces.
  • South Korea arrests alleged Swedish-handled spy. A former South Korean air force major general, identified only as Kim, was arrested last Friday on charges of leaking classified military information to Swedish defense and aviation company Saab, between August 2008 and May this year.

Bookmark and Share