cyber-uproar ~ verb. {broadly defined} assimilation and dissemination of information referring to the cause-and-effect nature of
Information Warfare (IW) waged against the United States and the resulting range of emotions that occur once digested.
This is a volunteer blog created in April of 2010. The goal is to put together acts of IW and other sundry events related to IW at both the high-level
(discussions of attack histories and political strategies possibly related to them) and low-level (who did what, how and approximately when).
Fun stuff.
Quid-pro-quo (!) discussions are welcome as well as questions, rebuttals, input and general reactions. An attempt to grasp the much broader
geopolitical intentions as well as technical hook-and-ladder discussions are equally welcome if interested parties are keen on such matters.
Thank you for joining in.
UPDATE - 7:14:2010 - The "Random Events vs. Virus Creation Dates and Hacks" timeline has been updated.Horizontal gliding, zooming in to the hour and out to 10 years is automatically enabled. There is a dark grey LOCK on the LEFT
hand-side of the SLIDING BAR. Click this to unlock the vertical position so that you can grab the timeline and view above and
below the current view.
Enjoy!
CYBER-UPROAR.COM
Cyber Espionage Could Cause a Global Shift in Power
As everyone around the world knows, China has become quite the cyber-espionage powerhouse, enabling them for many years to "leap frog" over their own technological developments by exploiting the advancements in the West to save time and money.
Already this year the U.S. has experienced multitudes of IW exploits, including an attack on an oil refinery site and at least 33 major intellectual property attacks against several leading commercial software companies. These companies employ some of the best and brightest application developers in the U.S., and their source code, algorithms, and specifically, the methodology involved in the evolutionary ways in which we currently think and process information have been extrapolated and are now in the hands of an unscrupulous competitor.
Looking through past and recent events in China's political, industrial, university and social activities and motives, it is very reasonable to predict that the next wave of cyber attacks will be against the Bio and NanoTechnology laboratory and research facilities, and here's why:
The BioTechnology impact will reach far beyond the health care and pharmaceuticals industry and into areas obscure to common thought. It is these obscure areas that many times hold the greatest opportunity and disruptive power.
NanoTechnology is an obscure science to many and one that only recently began to gain the attention of the press. It allows for the development and construction of materials one atom at a time. It is difficult to imagine an industry that will not be impacted as this advanced research becomes commercialized in the next several years.
The combination of Nano and BioTech will evolve (and has been evolving) into the next major revolution - "The Materials Age".
The economic and political implications of winning or losing the battle to be number one in this technology could cause a shift in global power.
Numerous laboratories in the U.S. have already experienced major exploits from the Chinese and fear the attack landscape they are facing in the upcoming months and years ahead.
A 2005 report from the U.S. National Academies of Science, Rising Above the Gathering Storm warns that the U.S. "could lose
its privileged position" in science, with "new competitors just a 'mouse click' away."
Demos , one of the U.K.'s most influential think tanks, published China: The Next Science Superpower? in
2007. Their report indicates that:
" 'While there is a marked improvement in the university sector, both in terms of the quantity of graduates [with around 350,000 IT graduates in 2004], and also ...
<< MORE >>SCADA - A Glimpse Beyond the 'Power Outage'
For at least the past ten+(+) years, we have heard or read about our Country's vital SCADA (Supervisory Control And Data Acquisition) systems being
vulnerable and overwhelmingly 'cyber-attacked' by malicious hackers.
In general, SCADA systems refer to an industrial control system: a computer system monitoring and controlling a process. The process can be industrial, infrastructure or facility-based, and they run on very old PC's running very old versions of Microsoft Windows operating systems using a very insecure network protocol run over TCP/IP. Some of their systems have been mildly upgraded and connected to the Internet for those workers who like to connect from home.
Because these systems are proprietary and owner-operated, the reports and propaganda that has been passed around in the news and even in the industry itself has been focused on only one aspect of SCADA's area of control: The power grid. I would like to list the other Industrial control systems that SCADA systems influence:
:: Refining;
:: Fabrication;
:: Power generation;
:: Manufacturing;
:: Production;
:: Water treatment and distribution;
:: Waste water collection and treatment;
:: Oil and gas pipelines;
:: Electrical power transmission and distribution;
:: The pharmaceutical industry;
:: Wind farms;
:: Civil defense siren systems and
:: Large range communication systems
Facility processes occur both in public facilities and private ones, including buildings, airports, ships, and space stations. They monitor and control HVAC, access, and energy consumption.
So, as you can see, disrupting our SCADA system could mean a whole lot more than simply shutting down our power for a week. If all, or even three targets were taken down, say water treatment, waste water collection and, oh... large range communication systems, all at once (and they would be down for more than one week), whatever area(s) that were affected would feel and smell like a third world country pretty quickly. Is that the master plan - or am I hyping a conspiracy theory? It's plausible.
Think about the probability of one of the leading pharmaceutical companies being overtaken without anyone's knowledge and the grim thought of wide-spread distribution of an altered drug? Impossible? No!
It is interesting to note that several months ago I had decided to research this SCADA topic from several different angles for a book - including the "elite" hacker point of view (HD Moore and his pride and joy "Metasploit" architecture), imodscan (a network scanner built with Metasploit to scan and exploit the SCADA network protocol), and the modbus protocol (the very insecure ... << MORE >>
In general, SCADA systems refer to an industrial control system: a computer system monitoring and controlling a process. The process can be industrial, infrastructure or facility-based, and they run on very old PC's running very old versions of Microsoft Windows operating systems using a very insecure network protocol run over TCP/IP. Some of their systems have been mildly upgraded and connected to the Internet for those workers who like to connect from home.
Because these systems are proprietary and owner-operated, the reports and propaganda that has been passed around in the news and even in the industry itself has been focused on only one aspect of SCADA's area of control: The power grid. I would like to list the other Industrial control systems that SCADA systems influence:
:: Refining;
:: Fabrication;
:: Power generation;
:: Manufacturing;
:: Production;
:: Water treatment and distribution;
:: Waste water collection and treatment;
:: Oil and gas pipelines;
:: Electrical power transmission and distribution;
:: The pharmaceutical industry;
:: Wind farms;
:: Civil defense siren systems and
:: Large range communication systems
Facility processes occur both in public facilities and private ones, including buildings, airports, ships, and space stations. They monitor and control HVAC, access, and energy consumption.
So, as you can see, disrupting our SCADA system could mean a whole lot more than simply shutting down our power for a week. If all, or even three targets were taken down, say water treatment, waste water collection and, oh... large range communication systems, all at once (and they would be down for more than one week), whatever area(s) that were affected would feel and smell like a third world country pretty quickly. Is that the master plan - or am I hyping a conspiracy theory? It's plausible.
Think about the probability of one of the leading pharmaceutical companies being overtaken without anyone's knowledge and the grim thought of wide-spread distribution of an altered drug? Impossible? No!
It is interesting to note that several months ago I had decided to research this SCADA topic from several different angles for a book - including the "elite" hacker point of view (HD Moore and his pride and joy "Metasploit" architecture), imodscan (a network scanner built with Metasploit to scan and exploit the SCADA network protocol), and the modbus protocol (the very insecure ... << MORE >>
Timeline Update / Correction to 'China's Long-Term (2 Year!) IW Strategy Hits U.S. Hard!'
It has been a long and arduous journey. The relocation was fairly painless and the rest of the management team transitioned here as well. The rest of the
contract will be taking up much more of my time than usual; however, I have a plethora of posts coming soon. In the meantime, enjoy the timeline - I will be adding a third layer showing the
hardware and software "security products" explosion over time and its success (or failure and why) to meet the needs of the increased virus outbreaks and hacks. The hope is that 'pitting' all
three layers together to provide a vivid visual analysis will reveal more interesting patterns.
I have made a request to the developers to add more functionality to the timeline and they heartily accepted the additions. Therefore, be on the lookout for a timeline key, which will immensely aid your viewing, and in the near-future, the ability to stack up to 5 (or perhaps even more) vertical layers onto the timeline for even more pattern visualization. Fun, fun!
Thank you for your patience and insightful email commentary.
Correction:
In an earlier post: 'China's Long Term (2 Year!) IW Strategy Hits U.S. Hard' I bastardized the art of analysis and reporting by indicating the myth that China had established "copyrights" to over 90+ percent of rare earth minerals.
That post has been duly corrected: China has secured a "dominant position" regarding the rare earth materials, including ores, oxides, metals, alloys and semi-finished rare earth products that cannot be reproduced artificially.
The source for this correction requests to remain anonymous.
My sincere apologies to my readers - the inaccuracy shows slight of diligence which will be carefully avoided in all future posts. ... << MORE >>
I have made a request to the developers to add more functionality to the timeline and they heartily accepted the additions. Therefore, be on the lookout for a timeline key, which will immensely aid your viewing, and in the near-future, the ability to stack up to 5 (or perhaps even more) vertical layers onto the timeline for even more pattern visualization. Fun, fun!
Thank you for your patience and insightful email commentary.
Correction:
In an earlier post: 'China's Long Term (2 Year!) IW Strategy Hits U.S. Hard' I bastardized the art of analysis and reporting by indicating the myth that China had established "copyrights" to over 90+ percent of rare earth minerals.
That post has been duly corrected: China has secured a "dominant position" regarding the rare earth materials, including ores, oxides, metals, alloys and semi-finished rare earth products that cannot be reproduced artificially.
The source for this correction requests to remain anonymous.
My sincere apologies to my readers - the inaccuracy shows slight of diligence which will be carefully avoided in all future posts. ... << MORE >>
It's 2010, Can Someone Please Tell Me What Information Warfare Really IS?
There are several Chinese authors who command respect for the scope of their works and depth of their thought on IW issues, as well as Mr. Timothy L. Thomas from the Foreign Military Studies Office
in Fort Leavenworth, K.S., to whom I owe a great debt for the translation of much of this material. ...
<< MORE >>
Visual Timeline Reveals Swarm of Hacks
Today (tonight?) I finally began working with TimeGlider , the web-based timeline maker I mentioned in my earlier post, built by Mnemograph.
My objective is to (hopefully later today), embed a two layered timeline (the top layer filled with "random" events, the bottom layer filled with attacks and virus outbreaks) that is interactive. At the current time, I have a "work in progress" ready to go, however, I failed to use the beta version of the software that would have enabled me to conjoin the two timelines together in one embedded statement, and may need to start the project over.
So, I've taken a snapshot to give just one example of some random data that I've captured today.
The picture below is an actual view of the two timelines I mentioned. This is a five-year view, but you can zoom down to the day. If you hover over the event, you will get the date and time - if you click on the event, you will get any added information. For simplicity, I added no pictures, just icons.
I want to draw your attention to the large red star on the top timeline, and the black half-moons on the bottom timeline. Since I zoomed out for the five-year snapshot, I'll fill in the dates.
On September 6th, 1996, after China opened it's 256K dedicated circuit connected to the US, 10 days later the CIA was hacked, the UK Labour Party was hacked... you can see the pattern for yourself. It is amazing when you zoom out even farther - you begin to realize what is happening with the business and political events simultaneously. But, there are such things as coincidences.
Note: There were no other hacks to government sites before this - there were only viruses, and virus creation toolkits wide spread and made available on the internet, from what information I have gathered thus far. Of course, this information is incomplete.
If I continue to fill in the blanks (who knows how long it would take and if it could ever be completed by one person), I'm quite certain I would continue to see a fascinating orchestration and multiple arrays of events both past,present, and presumably future.
At any rate, this is just one of many examples that a visual timeline can do. It acts like a gliding scatter-plot that you can add pictures and icons and meaningful text, data, and/or links to.
This particular example was done in just a few hour's time and is simply a few inches of a few feet of data that I have entered into the (free) software.
I utilized and compiled various existing sources (which I will thank profusely once I have the actual timeline posted) on the internet and also obtained information from several books that I have been reading in my spare time, but I have yet to have cracked the surface on the data I have available.
I am going to concentrate on virus outbreaks and attacks against the U.S. for the majority of my time (among other things). I welcome any assistance.
Once the live version is available, it will be embedded in the header or footer of the blog. I haven't decided yet.
Join in - comments are disappearing into the ether...
My objective is to (hopefully later today), embed a two layered timeline (the top layer filled with "random" events, the bottom layer filled with attacks and virus outbreaks) that is interactive. At the current time, I have a "work in progress" ready to go, however, I failed to use the beta version of the software that would have enabled me to conjoin the two timelines together in one embedded statement, and may need to start the project over.
So, I've taken a snapshot to give just one example of some random data that I've captured today.
The picture below is an actual view of the two timelines I mentioned. This is a five-year view, but you can zoom down to the day. If you hover over the event, you will get the date and time - if you click on the event, you will get any added information. For simplicity, I added no pictures, just icons.
I want to draw your attention to the large red star on the top timeline, and the black half-moons on the bottom timeline. Since I zoomed out for the five-year snapshot, I'll fill in the dates.
On September 6th, 1996, after China opened it's 256K dedicated circuit connected to the US, 10 days later the CIA was hacked, the UK Labour Party was hacked... you can see the pattern for yourself. It is amazing when you zoom out even farther - you begin to realize what is happening with the business and political events simultaneously. But, there are such things as coincidences.
Note: There were no other hacks to government sites before this - there were only viruses, and virus creation toolkits wide spread and made available on the internet, from what information I have gathered thus far. Of course, this information is incomplete.
If I continue to fill in the blanks (who knows how long it would take and if it could ever be completed by one person), I'm quite certain I would continue to see a fascinating orchestration and multiple arrays of events both past,present, and presumably future.
At any rate, this is just one of many examples that a visual timeline can do. It acts like a gliding scatter-plot that you can add pictures and icons and meaningful text, data, and/or links to.
This particular example was done in just a few hour's time and is simply a few inches of a few feet of data that I have entered into the (free) software.
I utilized and compiled various existing sources (which I will thank profusely once I have the actual timeline posted) on the internet and also obtained information from several books that I have been reading in my spare time, but I have yet to have cracked the surface on the data I have available.
I am going to concentrate on virus outbreaks and attacks against the U.S. for the majority of my time (among other things). I welcome any assistance.
Once the live version is available, it will be embedded in the header or footer of the blog. I haven't decided yet.
Join in - comments are disappearing into the ether...
How the U.S. Has Been Blindingly Scathed by the Chinese Stratagems of InfoWar - Part Two
Refresher:
1. Stratagems for the Stronger Force
2. Stratagems for Two Equal Forces
3. Stratagems for Direct Attack
4. Stratagems to Confuse the Enemy
5. Stratagems to Gain Ground
6. Stratagems Before the Last Stand
Once again I am using example situations of how the Chinese"net force" has been using the 36 stratagems of war against the U.S. in IW manuevers by using one or two examples.
Continuing from Part One, as highlighted above, we are concluding the techniques of section one: the Stronger Force and moving into section two: Two Equal Forces.
Category 1: Stratagems for the Stronger Force
No. 04. Wait at ease for the enemy
(To be near the goal while the enemy is still far from it, to wait at ease while the enemy is toiling and struggling, to be well-fed while the enemy is famished:—this is the art of husbanding one's strength.)
The Chinese set their global, holistic goal in place many years ago, as is evident by the astonishing array and multi-dimensional orchestration of their barrage of cyber attacks as well as non-cyber initiatives and activities against the United States and other countries over the last 14+ years.
The U.S. Military has be struggling on many levels to discern the correct approach to resolve the integral issue of technical deterrence. Compounded by corporate and privately owned layers of Internet backbone and routing technology, the Military has no accurate way to pinpoint 100% attribution on-demand.
While the U.S. toils away on this matter, Beijing waits, patiently at ease, well-fed on the information they have gathered via IW, like taking candy from a baby, closer and closer to accomplishing their goal of global Military, Economic, Industrial, Biotechnological, Biochemical, Cyber, and Knowledge/Information domination. (I'm certain I've missed a few.)
Category 2: Stratagems for Two Equal Forces
These stratagems focus on immediate options that you have on hand: using what you already have or what exists in your environment; create illusions; make new weapons; or form new and innovative plans. These stratagems require that you look at your own situation with fresh eyes and that you understand how your opponent looks at your environment and arsenal, so that you can create convincing illusions or put old items to new uses.
In this sense, the Chinese are looking at the U.S. as an equal force in cyber technology, which represents an important factor which I will go into detail about in the final installment: "Clipping the Wings of the Tiger: Final Installment of How the U.S. Has Been Blindingly Scathed by the Chinese Stratagems of InfoWar".
No. 0.7 Create something out of nothing
(Get what you need by trickery or illusion.)
China leveraged its economy to force IT companies, most significantly Microsoft, to reveal sensitive and proprietary information regarding their software applications. This information allows the PLA to utilize "zero-day" security flaws in Microsoft applications that exploit unknown or unpatched software vulnerabilities before the vendor patch is available. It also greatly enhances the PRC's ability to plant malicious software designed to collect sensitive information or potentially damage networks and infrastructure.
No. 08 Use a well-known path to advance by a hidden path
(Use the commonly expected strategy to hide the real strategy.)
China is notorious for hacking servers such as the Pentagon, the Department of Defense and Sandia Laboratories. These attacks, along with distributed denial of service (DDoS) attacks, have been their "expected" strategies.
Attacking the IMF in 2007 wasn't a huge surprise, however the information stolen that led to China obtaining information regarding third world countries who the U.S. has and has not funded in order to gain mineral dominance for 97 percent of all raw minerals for over 20 years was not a strategy that was expected.
Additionally, infiltrating U.S. organizations where some of the best and brightest software developers are employed and stealing the source code for their major applications was not an area the U.S. expected as part of the IW threat from China.
No. 10. Conceal a dagger in a smile
(Never express anger, and never express sarcasm. They show weakness, and they show hastiness in revealing motives.)
On April 1, 2001, a cyberwar between China and the United States erupted after a U.S. Navy spy plane collided with a Chinese fighter jet over international waters in the South China Sea, resulting in the death of the Chinese fighter pilot.
Chinese hackers declared a week-long May Day war on U.S. sites.
In retaliation, several U.S. hacker groups defaced hundreds of Chinese government and commercial websites with pornographic images and messages advocating drug abuse.
1. Stratagems for the Stronger Force
2. Stratagems for Two Equal Forces
3. Stratagems for Direct Attack
4. Stratagems to Confuse the Enemy
5. Stratagems to Gain Ground
6. Stratagems Before the Last Stand
Once again I am using example situations of how the Chinese"net force" has been using the 36 stratagems of war against the U.S. in IW manuevers by using one or two examples.
Continuing from Part One, as highlighted above, we are concluding the techniques of section one: the Stronger Force and moving into section two: Two Equal Forces.
Category 1: Stratagems for the Stronger Force
No. 04. Wait at ease for the enemy
(To be near the goal while the enemy is still far from it, to wait at ease while the enemy is toiling and struggling, to be well-fed while the enemy is famished:—this is the art of husbanding one's strength.)
The Chinese set their global, holistic goal in place many years ago, as is evident by the astonishing array and multi-dimensional orchestration of their barrage of cyber attacks as well as non-cyber initiatives and activities against the United States and other countries over the last 14+ years.
The U.S. Military has be struggling on many levels to discern the correct approach to resolve the integral issue of technical deterrence. Compounded by corporate and privately owned layers of Internet backbone and routing technology, the Military has no accurate way to pinpoint 100% attribution on-demand.
While the U.S. toils away on this matter, Beijing waits, patiently at ease, well-fed on the information they have gathered via IW, like taking candy from a baby, closer and closer to accomplishing their goal of global Military, Economic, Industrial, Biotechnological, Biochemical, Cyber, and Knowledge/Information domination. (I'm certain I've missed a few.)
Category 2: Stratagems for Two Equal Forces
These stratagems focus on immediate options that you have on hand: using what you already have or what exists in your environment; create illusions; make new weapons; or form new and innovative plans. These stratagems require that you look at your own situation with fresh eyes and that you understand how your opponent looks at your environment and arsenal, so that you can create convincing illusions or put old items to new uses.
In this sense, the Chinese are looking at the U.S. as an equal force in cyber technology, which represents an important factor which I will go into detail about in the final installment: "Clipping the Wings of the Tiger: Final Installment of How the U.S. Has Been Blindingly Scathed by the Chinese Stratagems of InfoWar".
No. 0.7 Create something out of nothing
(Get what you need by trickery or illusion.)
China leveraged its economy to force IT companies, most significantly Microsoft, to reveal sensitive and proprietary information regarding their software applications. This information allows the PLA to utilize "zero-day" security flaws in Microsoft applications that exploit unknown or unpatched software vulnerabilities before the vendor patch is available. It also greatly enhances the PRC's ability to plant malicious software designed to collect sensitive information or potentially damage networks and infrastructure.
No. 08 Use a well-known path to advance by a hidden path
(Use the commonly expected strategy to hide the real strategy.)
China is notorious for hacking servers such as the Pentagon, the Department of Defense and Sandia Laboratories. These attacks, along with distributed denial of service (DDoS) attacks, have been their "expected" strategies.
Attacking the IMF in 2007 wasn't a huge surprise, however the information stolen that led to China obtaining information regarding third world countries who the U.S. has and has not funded in order to gain mineral dominance for 97 percent of all raw minerals for over 20 years was not a strategy that was expected.
Additionally, infiltrating U.S. organizations where some of the best and brightest software developers are employed and stealing the source code for their major applications was not an area the U.S. expected as part of the IW threat from China.
No. 10. Conceal a dagger in a smile
(Never express anger, and never express sarcasm. They show weakness, and they show hastiness in revealing motives.)
On April 1, 2001, a cyberwar between China and the United States erupted after a U.S. Navy spy plane collided with a Chinese fighter jet over international waters in the South China Sea, resulting in the death of the Chinese fighter pilot.
Chinese hackers declared a week-long May Day war on U.S. sites.
In retaliation, several U.S. hacker groups defaced hundreds of Chinese government and commercial websites with pornographic images and messages advocating drug abuse.
How the U.S. Has Been Blindingly Scathed by the Chinese Stratagems of InfoWar - Part One
The Chinese feel a compelling need to develop a specific Chinese IW theory. This theory must be in accordance with Chinese culture, the economic and military situation in the country, the perceived threat, and the Chinese military philosophy and terminology.
Chinese IW theory is strongly influenced by Chinese military art. China has quickly integrated IW theory into its People's War concept, and it is believed that they have already developed their independent "net force" branch of service (to supplement the navy, army and air force), and have applied the 36 stratagems of war into their IW methods.
Here in Part One I will outline ways in which China's "net force" has already used two of these stratagems against the U.S. In future segments I will continue this trend until they are exhausted and will finish with a proposed strategy on how to apply several of the stratagems of war in unique and interesting ways to the U.S. IW theory in an effort to assuage the Chinese attacks as they successfully pick and choose their targets. The goal is to, over time... reverse roles by poly-morphing several stratagems together into one complex whole.
Before beginning, I find it important to enlighten or refresh you regarding the Chinese war theory and how it is very different than the traditional game of Chess. As you probably are aware, in Chess one starts with a board filled with pieces, the object being to think several moves in advance of your opponent and capture pieces as you move along until there are no more pieces - the game ending when one King has captured the other King.
In direct contrast, the Chinese theory to war is like that of the game of Go, where one starts with an empty board, and the players take turns placing pieces (black and white stones) on the board in an effort to gain control of as much territory as possible. Although capturing of an opponent's stones is possible, it is secondary to controlling territory. To play well, one must balance defending one's own territory and attacking the vulnerable pieces of the opponent. The game of Go ends with the board filled with pieces and the winner controls the greatest amount of territory.
36 Stratagems (don't worry, all 36 are not listed here), are broken down into six categories:
1. Stratagems for the :: Stronger Force
2. Stratagems for :: Two Equal Forces
3. Stratagems for :: Direct Attack
4. Stratagems to :: Confuse the Enemy
5. Stratagems to :: Gain Control
6. Stratagems :: Before the Last Stand
I'll begin with two stratagems (from China's perspective of being the Stronger Force) that their "net force" has already used against us by simply using an example or two, although (unfortunately) there are quite a few of each.
Category 1: Stratagems for the Stronger Force
No. 01. Deceive the sky to cross the sea
(Conceal your preparations by being completely open and public.)
A network administrator was looking for a hacker that continued to break into a Department of Defense server to gain access to a confidential database. After failing to stop him after several weeks of diligently trying, he was funded the money and set up an Intrusion Detection System in front of the firewall to inspect and log all of the incoming and outgoing traffic. The logs were almost immediately full, and his days were filled with combing the logs, looking for suspicious traffic. Finally the administrator spent several weeks worth of late nights over coffee looking over the logs and observantly realized that a General's Secretary was logging into his system at 18:00 hours every night when he was never there. The hacker had succeeded so long because he had legitimate credentials and had made himself an acceptable part of the scenery while in the act of committing IW.
Category 1: Stratagems for the Stronger Force
No. 05. Loot a burning house
(If your opponent suffers adversity not related to your battle, you can use the diversion of his attention, energy, and resources to further weaken him.)
January 12, 2010 - Haiti was struck by a magnitude -7.0 earthquake, creating much diversion in the U.S.
Google censorship intensifies, forensic analysts, the CIA and FBI (and many others, presumably) are called in to investigate the Google incident, and millions of Americans and government agencies rush to the aid of the Haitians.
January 25, 2010 - The U.S. oil industry is hit by cyber attacks with another "new level of sophistication", once again focused on one of the crown jewels of the industry: valuable bid data detailing the quantity, value, and location of oil discoveries worldwide (coincidentally similar to the 2007 IMF incident).
Once again, the attackers took over a major portion of the network (again, coincidentally like the IMF incident). A previous (yet different in style) attack from China in 2008 gained the attackers all the information they needed to assemble and craft the perfect bullet for this infiltration - all that they needed was a major distraction.
Attention is still drawn to the Google and Haiti incident while remaining experts are in awe over the attack that looks nothing like anything they have ever seen before.
Chinese IW theory is strongly influenced by Chinese military art. China has quickly integrated IW theory into its People's War concept, and it is believed that they have already developed their independent "net force" branch of service (to supplement the navy, army and air force), and have applied the 36 stratagems of war into their IW methods.
Here in Part One I will outline ways in which China's "net force" has already used two of these stratagems against the U.S. In future segments I will continue this trend until they are exhausted and will finish with a proposed strategy on how to apply several of the stratagems of war in unique and interesting ways to the U.S. IW theory in an effort to assuage the Chinese attacks as they successfully pick and choose their targets. The goal is to, over time... reverse roles by poly-morphing several stratagems together into one complex whole.
Before beginning, I find it important to enlighten or refresh you regarding the Chinese war theory and how it is very different than the traditional game of Chess. As you probably are aware, in Chess one starts with a board filled with pieces, the object being to think several moves in advance of your opponent and capture pieces as you move along until there are no more pieces - the game ending when one King has captured the other King.
In direct contrast, the Chinese theory to war is like that of the game of Go, where one starts with an empty board, and the players take turns placing pieces (black and white stones) on the board in an effort to gain control of as much territory as possible. Although capturing of an opponent's stones is possible, it is secondary to controlling territory. To play well, one must balance defending one's own territory and attacking the vulnerable pieces of the opponent. The game of Go ends with the board filled with pieces and the winner controls the greatest amount of territory.
36 Stratagems (don't worry, all 36 are not listed here), are broken down into six categories:
1. Stratagems for the :: Stronger Force
2. Stratagems for :: Two Equal Forces
3. Stratagems for :: Direct Attack
4. Stratagems to :: Confuse the Enemy
5. Stratagems to :: Gain Control
6. Stratagems :: Before the Last Stand
I'll begin with two stratagems (from China's perspective of being the Stronger Force) that their "net force" has already used against us by simply using an example or two, although (unfortunately) there are quite a few of each.
Category 1: Stratagems for the Stronger Force
No. 01. Deceive the sky to cross the sea
(Conceal your preparations by being completely open and public.)
A network administrator was looking for a hacker that continued to break into a Department of Defense server to gain access to a confidential database. After failing to stop him after several weeks of diligently trying, he was funded the money and set up an Intrusion Detection System in front of the firewall to inspect and log all of the incoming and outgoing traffic. The logs were almost immediately full, and his days were filled with combing the logs, looking for suspicious traffic. Finally the administrator spent several weeks worth of late nights over coffee looking over the logs and observantly realized that a General's Secretary was logging into his system at 18:00 hours every night when he was never there. The hacker had succeeded so long because he had legitimate credentials and had made himself an acceptable part of the scenery while in the act of committing IW.
Category 1: Stratagems for the Stronger Force
No. 05. Loot a burning house
(If your opponent suffers adversity not related to your battle, you can use the diversion of his attention, energy, and resources to further weaken him.)
January 12, 2010 - Haiti was struck by a magnitude -7.0 earthquake, creating much diversion in the U.S.
Google censorship intensifies, forensic analysts, the CIA and FBI (and many others, presumably) are called in to investigate the Google incident, and millions of Americans and government agencies rush to the aid of the Haitians.
January 25, 2010 - The U.S. oil industry is hit by cyber attacks with another "new level of sophistication", once again focused on one of the crown jewels of the industry: valuable bid data detailing the quantity, value, and location of oil discoveries worldwide (coincidentally similar to the 2007 IMF incident).
Once again, the attackers took over a major portion of the network (again, coincidentally like the IMF incident). A previous (yet different in style) attack from China in 2008 gained the attackers all the information they needed to assemble and craft the perfect bullet for this infiltration - all that they needed was a major distraction.
Attention is still drawn to the Google and Haiti incident while remaining experts are in awe over the attack that looks nothing like anything they have ever seen before.
Is creating a separate Service Branch on par with the Army, Navy and Air Force a bad idea for "Cyber War"?
I don't necessarily think so.
Well, let me rephrase that. I think the tactics used (at this time) are to obtain information, and as such - should be properly termed InfoWar and and as such, the currently existing "armed" services shouldn't be going around shooting and blowing up bits and bytes.
I do believe that our enemies tactics are similar to our own U.S. hackers and are thus two-fold in nature: one - they issue a barrage of distraction DDoS attacks and other annoyances to tie up random ... << MORE >>
Well, let me rephrase that. I think the tactics used (at this time) are to obtain information, and as such - should be properly termed InfoWar and and as such, the currently existing "armed" services shouldn't be going around shooting and blowing up bits and bytes.
I do believe that our enemies tactics are similar to our own U.S. hackers and are thus two-fold in nature: one - they issue a barrage of distraction DDoS attacks and other annoyances to tie up random ... << MORE >>
China's long-term (2 year!) InfoWar Strategy Hits U.S. Hard!
In October of 2008,
The International Monetary Fund took a blind hit from Chinese state-sponsored hackers in a military tactic known as 'Strategic Information Warfare'.
At the time of the attack that lasted for approximately one week, the IMF had a network link into the World Bank, the World's largest anti-poverty
agency.
Spy-ware was detected on the entire network, "but absolutely no evidence that any sensitive information or systems were breached".
(Note: ...
<< MORE >>