Cyber Security2

A 21st Century Power Struggle: bombs are out, bots are in!

/1 Comment/in /by BeyondKona

Article Updates

— April 26, 2021

Russia ‘likely’ kept access to US networks after SolarWinds hack

Russia’s alleged success with the SolarWinds hack might not have ended just because US agencies and companies have bolstered their defenses. CNN sources aware of the investigation claim Russia’s SVR intelligence agency “likely” still has access to American networks despite efforts to close exploits. The attackers are still “very much out there,” one contact said.

Deputy National Security Adviser Anne Neuberger didn’t directly acknowledge the allegation when CNN asked, but did say that formally blaming the SVR was meant to “shape [Russia’s] calculus” on the value of hacks. The US wasn’t going to dissuade Russia with a single action, the adviser said.

A continued presence in American networks is consistent with history. Russia continued to mount cyberattacks against the US after the Obama administration imposed sanctions in late 2016, targeting politicians (Sen. Claire McCaskill) and other systems during the 2018 midterms and beyond. Even if the US successfully dislodged Russia from government systems, there was a good chance it would find another security hole.

If the report is accurate, though, it illustrates just how difficult it may be to secure a lasting victory against state-sponsored cyberattacks. Even the large-scale response to a campaign like the SolarWinds hack apparently wasn’t enough to dislodge the intruders. The US might not get a reprieve for a long, long time to come.

— April 11, 2021

Israel confirms it carried out cyberattack on Iran nuclear facility

Israel appeared to confirm claims that it was behind a cyber-attack on Iran’s main nuclear facility on Sunday, which Tehran’s nuclear energy chief described as an act of terrorism that warranted a response against its perpetrators.

The apparent attack took place hours after officials at the Natanz reactor restarted spinning advanced centrifuges that could speed up the production of enriched uranium, in what had been billed as a pivotal moment in the country’s nuclear program.

As Iranian authorities scrambled to deal with a large-scale blackout at Natanz, which the country’s Atomic Energy Agency acknowledged had damaged the electricity grid at the site, in statement today by Israeli defense chief, Aviv Kochavi.

Natanz has remained a focal point of Israeli fears, with an explosion damaging a centrifuge assembly plant last July, and a combined CIA and the Mossad cyber-attack using a computer virus called Stuxnet in 2010 that caused widespread disruption and delayed Iran’s nuclear program for several years.

Original Article Post

With barely sixty days into his administration, President Joe Biden got a taste of what the next four years may look like: a new era of bitter superpower competition, marked by perhaps the worst relationship Washington has had with Russia since the fall of the Berlin Wall, and with China since 1972, marked by the beginning of diplomatic relations with the United States.

In recent years, Putin’s Russia and Xi Jinping’s China both took sharp turns toward authoritarianism.  President Biden acknowledged a reporter’s question-statement that Putin was a “killer”, in reference to a long string of not-so-mysterious deaths of people on Putin’s enemy list.

Then there’s the first Biden administration meeting with Chinese officials last month in Alaska, when Chinese representatives lectured the American delegation about their arrogant view that the world wants to replicate their freedoms.  It may have been political theater, but the underlining issues were real enough for both sides.

The Cold War period has not resumed, there are no drop drills or super power nuclear brinkmanship, the current competition is over technology, cyber attacks, and influence operations — scenes which are now playing in the shadows of those bygone bad old days.

Russia today

Putin, however, has lamented that the Russia of the early 21st century is a shadow of the former Soviet Union. Russia’s economy is roughly the size of Italy’s and is based on two assets of the past, fossil fuels and weapons.

The real power in Putin’s Russia, in the 21st century, is mostly limited to cyber warfare in disrupting governments and societies, instilling fear, stealing trade and state secrets,  silencing dissension, and using the state’s highly advanced cyber abilities for personal political and economic gain.

Today’s Russia mostly resembles a mafia-run enterprise more than a former superpower. Its state goals are not social or idealistic, but for profiting the few and powerful within Putin’s inner circle, an almost czar-like government.  It’s a far cry from the idealistic workers revolution of 1917 which created the former Soviet Union.

China today

After several decades experimenting with shades of capitalism, China’s recently installed (in relative terms) president Xi Jinping has placed China back onto its authoritarian path to power by building new networks, rather than disrupting old ones.

Economists debate when the China will assume the title (currently held by the United States) of having the world’s largest gross domestic product — some economists predict within less than 10 years.

Underlying the goal of global economic dominance, China’s national goals are building the world’s most powerful military and dominating the race for key technologies by 2049 — the 100th anniversary of Chairman Mao’s revolution. Their military aspirations are not to repeat the costly mistakes of their former ally the Soviet Union.

The United States invented the Internet, we own it through one means or another from the idea of the Internet to its underlying technology, standards and regulatory entities.  But that is changing, and changing at technology fast speeds.Russian Cyber Center

For China, it’s all about expanding economic might by positioning their government-subsidized technology to wire developing nations — be it Latin America or the Middle East, Africa or Eastern Europe — with Chinese 5G wireless networks intended to tie them ever closer to Beijing. Like competing rail monopolies of the 19th century, it was all about who owned the rails, not the trains that mattered.

For China today, Internet competition and cyber dominance comes in the form of laying the undersea cables. China is presently connecting the developing world with undersea and terrestrial fiber and 5G wireless networks running on Chinese-owned (not US) circuits.

China is developing the “second” worldwide Internet. The one we know and the one that’s coming under the control of Chinese minders, placing national and commercial interests of the United States and its democratic allies at risk; not as enemies, but as economic competitors for market and mind share.

The United States (a new sheriff is in town)

Shortly after taking office, President Biden met by phone with President Xi Jinping.   In the two hour conversation, Biden told Xi that the Chinese narrative of the U.S. in decline was badly mistaken.   It was a foundational statement from this new president whose mission is to right the America ship of state which had been adrift the previous four years and was sailing through a foreign policy fog.

President Biden’s leadership mission for the United States is summed up on the White House web site as…

This is the moment to reimagine and rebuild a new economy.

The American Jobs Plan is an investment in America that will create millions of good jobs, rebuild our country’s infrastructure, and position the United States to out-compete China. Public domestic investment as a share of the economy has fallen by more than 40 percent since the 1960s.

The American Jobs Plan will invest in America in a way we have not invested since we built the interstate highways and won the Space Race.

Biden’s Infrastructure plan clearly recognizes what’s needed at a time of a growing global threat to US dominance. Elements of the plan include a historic national investment – consisting principally of one-time capital investments in our nation’s productivity and long-term growth.

The plan will invest about 1 percent of GDP per year over eight years to upgrade our nation’s infrastructure, revitalize manufacturing, invest in basic research and science, shore up supply chains, and solidify our care infrastructure.

In total, the plan will invest in America nearly about $2 trillion this decade – perhaps this is what Biden meant when he told president Xi of China “the Chinese narrative of the U.S. in decline was badly mistaken”.

Solar-Winds

Yang Jiechi, China’s most senior diplomat, put China’s present day’s feeling about the United States this way…“I don’t think the overwhelming majority of countries in the world would recognize that the universal values advocated by the United States or that the opinion of the United States could represent international public opinion…”   In another words, there is room for oligarchs and dictators, just not democracies.

The ongoing cyber attacks by Russia and China (and others) on the United States and Western democracies is ample evidence that a new age of soft warfare is well underway — practiced daily by both the United States and its competitors. Less obvious than the cold war days of classroom drop drills, but equally representative of times. Cyber Security3

In 2020, a major cyberattack by a group backed by a foreign government penetrated thousands of organizations globally including multiple parts of the United States federal government, leading to a series of data breaches.

While malicious attacks occur every day through phishing, malware, and other means, the so-called SolarWinds attack (because hackers used the SolarWinds software platform — unbeknownst to the company) to facilitate the hackers’ attack and enable the attackers code scale to spread across companies and government agencies. It is especially shocking by weaponizing third-party software operating on targeted systems as the means of attack.

The hackers’ attack spread into data systems around the world faster than a pandemic.

Austin-based SolarWinds sells technology products to an extensive list of sensitive targets, including all five branches of the U.S. military.  The company sells it’s technology products to an extensive list of sensitive targets, including all five branches of the U.S. military. The company said it has more than 300,000 customers worldwide, including a large number of the U.S. Fortune 500 who have been affected by the attack..

The SolarWinds cyberattack and data breaches were reported to be among the worst cyber-espionage incidents ever suffered by the U.S., due to the sensitivity and high profile of the targets, as well as  the long duration (eight to nine months) before being detected. Hackers had access to the systems data and data operations. Within days of discovery, at least 200 organizations around the world had reported being affected by the attack, and some of these suffered serious data breaches.

The attack, which had gone undetected for months, was first publicly reported on December 13, 2020, and was initially only known to have affected the U.S. Treasury Department and the National Telecommunications and Information Administration (NTIA), a part of the U.S. Department of Commerce.  Key agencies within the United Kingdom, European Parliament were also attacked, as well as Microsoft and many of its large private and public sector customers. Microsoft reported they knew of at least 60 major customers with compromised email systems, in which the same attackers had used email for reconnaissance purposes.

In addition to the theft of data, the attack caused costly inconvenience to tens of thousands of SolarWinds customers, who had to check whether they had been breached, and had to take systems offline and begin months-long decontamination procedures as a precaution.

U.S. Senator Richard J. Durbin described the cyberattack as tantamount to a declaration of war.

US intelligence agencies have been expectedly silent on the hack, but technology experts strongly believe the pattern of the attack suggests it originated with Russia’s Federal Security Service, the FSB.

How Secure Is Hawaii?

State and local governments have been begging the Federal government for help and more resources since they are on the front lines of a growing number of cyberattacks.

State and local government computer systems have, in effect, been locked up by hackers seeking a ransom payout before they release the attacked computer systems data files, and some cases system access.

The intended targets of this type of cyber attack is normally directed to government data silos responsible for vital services. Digital applications and databases, some of which are even more critical during a pandemic – including hospitals, schools and government benefit distribution systems.

It’s a problem growing exponentially according to the US Department of Homeland Security’s cybersecurity division. Hawaii is not exempt from these attacks — the question is are we prepared?

 

1 reply
  1. MARK TANG
    MARK TANG says:

    Very important subject. And the casualties of this form of warfare are likely not even to be aware of their wounds!…ie. Q-anon followers ;-(
    But they do infect immensely, the ‘body politic’.
    What to do??? Turn off the computer?

    Reply

Leave a Reply

Join the Community discussion now - your email address will not be published, remains secure and confidential. Mahalo.

Leave a Reply

Your email address will not be published. Required fields are marked *