Is a Legal Assault an Effective Strategy Against Chinese Cyber Spying

Computer hacking allegedly perpetrated by Chinese military hackers led to indictments, but is a legal assault an effective strategy against Chinese cyber spying?

David Hickton, U.S. Attorney for Western Pennsylvania, said he remains hopeful about bringing Chinese hacking defendants to justice in Pittsburgh but believes the indictments have been successful in other ways. The cases defeated online anonymity by providing evidence that specifically tracked attacks and reversed decades of inaction on hard-to-prosecute international computer cases, he said.

Hickton said he does not know whether Chinese online spying has increased or abated in the past year.

“Even by just bringing indictments, we have served notice, we have laid out our evidence, and we have taken an official position that we are going to reverse the default position, which had existed for almost a decade, that we would allow crimes committed here and not charge them simply because it might be difficult to bring the perpetrators to justice,” Hickton told the Trib.

Online spying by the Chinese probably has increased, and the indictments had no practical legal effect, said Christopher Johnson, senior adviser and Freeman Chair in China Studies at CSIS. Legal action could have been better coordinated from the Justice Department with national security and diplomatic agencies, he said, but the cases were necessary.

“We had to do something, and the administration had to look like it was doing something,” Johnson said.

I remain unconvinced this move was anything other than a failed political play. Arresting Chinese military hackers without any solid evidence attributing specific attacks to these actual individuals is likely going to prove a waste of time, money, and effort.

Cyber Guard Exercise Expands to Whole-of-Nation Defense

Cyber Guard exercise expands to whole-of-nation defense as more than one-hundred organizations from government, industry, academia, and the international community met to conduct the fourth annual Cyber Guard exercise from June 8 – June 26:

“Cyber Guard is designed to exercise the interface between the Department of Defense — the active and Reserve and Guard components — that are focused on the cyber mission, and to partner with other elements of the U.S. government as well as state and local authorities,” U.S. Cyber Command Commander Navy Adm. Michael S. Rogers said in a statement.

“The greatest challenge in this exercise is, how do we build those partnerships between organizations that don’t necessarily have a common background, a common verbiage, a common set of terms, so how are we going to harness the power of governmental capacity to include our own department in defending critical infrastructure in the private sector of the United States,” Rogers said.

The exercise took place at a Joint Staff J7 facility in Suffolk, Va., which was designed to support a wide range of military tests and exercises.

Increasing the number of exercises, and the participants involved, will identify important gaps needing to be closed so the US military and its partners can adequately defend the nation in the event of a real cyber attack.

Photo of the Day – 20150702

Tokyo Tower in Tokyo, Japan.

I was walking close to Tokyo Tower both before and after a meeting in Kamiyacho late this afternoon. Because of how close the tower is to where I was, I though I would take a slight detour and snap a few pictures of probably my favorite Tokyo structure. Tokyo Tower has charisma, appeal, and character no other building in Tokyo has, not even the fabled Sky Tree.

Space Particles Are Helping Map the Inside of Fukushima Daiichi Nuclear Power Plant

Wired on how space particles are helping map the inside of Fukushima Daiichi nuclear power plant:

The detector works like this: Durham and his co-investigators sandwich the pipe in question between two four-by-four-foot aluminum slabs. When an errant muon passes through one of the slabs, it sends a message to a computer, which logs the particle’s trajectory. The muon continues through the pipe, then passes through the slab on the other side—which again measures the particle’s angle. By calculating the difference between angles, researchers can get an idea of the path the muon took through the pipe’s molecules. And with enough muons, they can draw a pretty good picture of what’s going on inside the pipe.

Or inside anything, really. Muon detectors were invented after the 9/11 attacks, as a way of looking for smuggled nukes. It’s no problem to sneak a bomb past an X-ray detector. But muons can see through cars, can see through boats, can see through shipping containers. “At Freeport, in the Bahamas, they have a detector big enough to drive an 18-wheeler through,” says Durham. The detector can find a lump of uranium in about a minute. “A lot of stuff goes through the Bahamas on its way to the East coast,” says Durham.

But finding a glowing hunk of uranium is a lot easier than detecting the structure of a faulty pipe—hence the Los Alamos breakthrough. Compared to the Bahaman detector, the Los Alamos model moves pretty slow. This is because muons are rare. “We only get one muon per square centimeter per minute,” says Durham, so it can take about 4 to 6 hours to survey a single section of pipe. Increase the area of the detector, and you can get a faster picture.

This sounds quite bad ass!

Terrifying Image Shows Heroic Crew Trying to Keep Stricken Osprey Flying

Foxtrot Alpha has a terrifying image showing a heroic crew trying to keep a stricken Osprey flying during the most recent fatal incident this aircraft has seen:

This image from the Marine Corps shows a deadly event that occurred on October 1 last year. The crew flew the Osprey in maintenance mode by accident, which greatly reduced engine power output. The harrowing story of heroics and the loss of a young Marine’s life, is a must read in this article by the San Diego Union Tribune.

After taking off and quickly losing altitude, the pilots stayed with the aircraft while the two crew chiefs bailed out the back. Only one survived. Even the survivor barely made it, as he was weighted down by his flack jacket, wearing a semi-defective life preserver and covered in jet fuel. Meanwhile, the pilots continued to dump fuel while the aircraft struggled partially submerged.

Finally, after porpoising in and out of the water and struggling for ten minutes, the Osprey began to gain altitude. The pilots chose to put it abruptly back on the ship’s deck while fuel continued to be dumped from its tanks, running from the aircraft abruptly after touchdown for fear that the Osprey’s hot exhaust would ignite the fuel on the deck.

These aircraft sound far more dangerous than I initially thought. While on some level I understand why the Osprey is important to the military and the additional capabilities it brings to the table. But considering the number of fatal incidents it has been involved in, it sure seems like a lot of unnecessary risk.

Japan Will Once Again Face the United States in the World Cup Finals

Fox Sports reports Japan beat England and will once again face the United States in the World Cup finals:

Japan advanced to the Women’s World Cup final with a 2-1 win over England on Wednesday thanks to an own-goal in stoppage time to set up an historic rematch. The reigning champions now will face off in Vancouver against the team they beat in 2011, the United States (live, FOX, FOX Sports Go, Sunday, 7 p.m. ET).

England’s Laura Bassett inexplicably poked the ball back into her own net in stoppage time, ricocheting it off the crossbar and giving keeper Karen Bardsley no chance on it. It was a cruel end to the Lionesses’ campaign as in truth they had been the better side by far, but they cracked late.

I love watching Japan play the United States because I am happy no matter which team wins. It literally is a win-win situation for me.

XKeyScore Is NSA’s Google for All of the World’s Private Communication

The Intercept on the scary thought about how XKeyScore is NSA’s Google for the world’s private communication. First, in case you have forgotten what XKeyScore is since it was actually first revealed by The Guardian in July 2013 (emphasis added):

The NSA’s XKEYSCORE program, first revealed by The Guardian, sweeps up countless people’s Internet searches, emails, documents, usernames and passwords, and other private communications. XKEYSCORE is fed a constant flow of Internet traffic from fiber optic cables that make up the backbone of the world’s communication network, among other sources, for processing. As of 2008, the surveillance system boasted approximately 150 field sites in the United States, Mexico, Brazil, United Kingdom, Spain, Russia, Nigeria, Somalia, Pakistan, Japan, Australia, as well as many other countries, consisting of over 700 servers.

These servers store “full-take data” at the collection sites — meaning that they captured all of the traffic collected — and, as of 2009, stored content for 3 to 5 days and metadata for 30 to 45 days. NSA documents indicate that tens of billions of records are stored in its database. “It is a fully distributed processing and query system that runs on machines around the world,” an NSA briefing on XKEYSCORE says. “At field sites, XKEYSCORE can run on multiple computers that gives it the ability to scale in both processing power and storage.”

So what types of data, specifically, is XKeyScore capable of collecting? Here is the answer:

XKEYSCORE also collects and processes Internet traffic from Americans, though NSA analysts are taught to avoid querying the system in ways that might result in spying on U.S. data. Experts and privacy activists, however, have long doubted that such exclusions are effective in preventing large amounts of American data from being swept up. One document The Intercept is publishing today suggests that FISA warrants have authorized “full-take” collection of traffic from at least some U.S. web forums.

The system is not limited to collecting web traffic. The 2013 document, “VoIP Configuration and Forwarding Read Me,” details how to forward VoIP data from XKEYSCORE into NUCLEON, NSA’s repository for voice intercepts, facsimile, video and “pre-released transcription.” At the time, it supported more than 8,000 users globally and was made up of 75 servers absorbing 700,000 voice, fax, video and tag files per day.

The reach and potency of XKEYSCORE as a surveillance instrument is astonishing. The Guardian report noted that NSA itself refers to the program as its “widest reaching” system. In February of this year, The Intercept reported that NSA and GCHQ hacked into the internal network of Gemalto, the world’s largest provider of cell phone SIM cards, in order to steal millions of encryption keys used to protect the privacy of cell phone communication. XKEYSCORE played a vital role in the spies’ hacking by providing government hackers access to the email accounts of Gemalto employees.

Numerous key NSA partners, including Canada, New Zealand and the U.K., have access to the mass surveillance databases of XKEYSCORE. In March, the New Zealand Herald, in partnership with The Intercept, revealed that the New Zealand government used XKEYSCORE to spy on candidates for the position of World Trade Organization director general and also members of the Solomon Islands government.

These newly published documents demonstrate that collected communications not only include emails, chats and web-browsing traffic, but also pictures, documents, voice calls, webcam photos, web searches, advertising analytics traffic, social media traffic, botnet traffic, logged keystrokes, computer network exploitation (CNE) targeting, intercepted username and password pairs, file uploads to online services, Skype sessions and more.

Yes, your cyber sex video chats with nude girls from all over the globe are captured by the NSA, watched, likely laughed at, and then indefinitely stored on their servers to be used against you at a later date.

This is, by far, the scariest of any of the NSA programs brought to light to-date. The capabilities of this system outlined in the article, and the lack of any technically-oriented security controls, is really what is more terrifying than anything.

That an NSA analyst can jump on XKeyScore and type in any type of search term and be provided with results, regardless of whether the search violated US laws and statutes, is confounding.

FBI Hunting for Suspects in California Internet Backbone Cable-Severing Attack

Engadget on the FBI hunting for suspects in California internet backbone cable-severing attack (emphasis added):

The severed cables belonged to backbone-internet companies Level 3 and Zayo. In order to access these cables, the vandals had to remove manholes and enter underground vaults. While the cut lines were fixed within a day, it does highlight how easy it is to disrupt the internet within the physical world. In a statement, the FBI asked for the public to contact it if anyone saw anything suspicious at one of the sites and added that, “the individuals may appear to be normal telecommunications maintenance workers or possess tools consistent with that job role.”

So instead of the internet being brought down by a virus or super hackers, it turns out that someone with a set of bolt cutters could severely disrupt how we get our news and do business.

I could not have said it any better. Malware is not required to disrupt our precious internets.

NSA Spied on Several German Ministers in Addition to German Chancellor Angela Merkel

Reuters on the news the gasp NSA spied on several German ministers in addition to German Chancellor Angela Merkel:

Revelations by former NSA contractor Edward Snowden about wide-ranging U.S. spying have caused outrage in close ally Germany where privacy is an especially sensitive issue after the extensive surveillance by Communist East Germany’s Stasi secret police and by the Gestapo in the Nazi era.

The spying scandal was compounded by allegations that the German BND foreign intelligence agency helped the NSA and tracked other European targets on behalf of the NSA.
In the latest development, the German newspaper Sueddeutsche Zeitung and broadcasting network ARD reported, based on Wikileaks documents, that the NSA targeted 69 telephone numbers in the German government administration.

Among the officials being targeted were Economy Minister and Vice Chancellor Sigmar Gabriel as well as several of his deputy ministers, the reports said. British intelligence agencies were also involved in some of the operations, they said.

There is absolutely nothing surprising about here. The NSA is paid to spy on foreign government, and I believe any average, sane American citizen would applaud this type of activity.

The line was crossed once the NSA started spying in bulk on American citizens. However, like in spy movies, agents of any foreign government are completely understandable targets.

New Department of Defense Cyber Strategy Stresses More Deterrence and Offensive Power

Federal Times on how the new Department of Defense cyber strategy stresses more deterrence and offensive power than its primarily defensive-oriented predecessor (emphasis added):

While the idea of deterrence may hark back to the Cold War, it is a critical piece of the new strategy and one that Carter underscored in an April 23 address at Stanford University in which he unveiled the new plan.

“Adversaries should know that our preference for deterrence and our defensive posture don’t diminish our willingness to use cyber options if necessary,” Carter said. “And when we do take action — defensive or otherwise, conventionally or in cyberspace — we operate under rules of engagement that comply with international and domestic law.”

Those rules of engagement might not include a military retaliation to a high-profile hacking incident like the one that recently hit Sony. But when such events happen and all eyes are on cybersecurity, the cyber strategy signifies the U.S. military’s presence and capabilities if something similar were to happen to a .mil network or another network deemed to be a U.S. national interest meriting defense from DoD. It also outlines how the Pentagon may coordinate with other key agencies in such a situation.

“This fits into strengthening deterrence, which is important after Sony, and even more important to signal to the Russians and Chinese,” said Jim Lewis, director and senior fellow of the Strategic Technologies Program at the Center for Strategic and International Studies. “They also want to get the public more comfortable with what DoD can and can’t do in cyberspace. It reiterates the defensive mission outside borders, offensive and defensive capabilities, and also an objective to support the Homeland Security Department and the FBI.”

Details related to those offensive or defensive capabilities in DoD’s cyber arsenal may be new to the DoD cyber discussion, at least as far as the general public is concerned. But insiders say it’s no different than the ways weapons are discussed in relation to operations on land, in the air and at sea.

This is exactly where DoD needs to be headed. They need to get out in front of cyber rather than being left behind by the likes of Russia, China, Iran, and other highly sophisticated nation states.