Tag Archives: hacking military

How Russia Invaded Microsoft

Leave a reply

Microsoft  said in March 2024 a Russian state-sponsored hacking group that stole information from its senior leadership team is still using that information to gain unauthorized access to its internal systems. The technology company disclosed in January  2024 that the group, which it has identified as Midnight Blizzard, had extracted information from a small percentage of employee email accounts, including members of its senior leadership team and employees in its cybersecurity and legal teams. Since that disclosure, the group has used that information to gain access to Microsoft’s source code repositories and internal systems. The volume of some aspects of the attack, including password sprays, jumped 10-fold in February compared with the already large volume Microsoft encountered in January, it said.

“Midnight Blizzard’s ongoing attack is characterized by a sustained, significant commitment of the threat actor’s resources, coordination, and focus,” Microsoft said. The company said that its investigations of Midnight Blizzard activities are continuing and that it is coordinating efforts with federal law enforcement. In a blog post last August 2023, Microsoft said it had detected Midnight Blizzard, previously known as Nobelium, launching targeted social-engineering attacks that used Microsoft Teams chats to phish for credentials. The former Nobelium group has been linked by U.S. authorities to the Foreign Intelligence Service of the Russian Federation and is known for its involvement in the massive SolarWinds hack of 2020.

Excerpts from Dean Seal, Microsoft Says Russian-Sponsored Hackers Still Using Stolen Information, WSJ, Mar. 9, 2024

The Under-Our-Noses Nasty Wars

Leave a reply

Christopher Wray warned in February 2023 that Beijing’s efforts to covertly plant offensive malware inside U.S. critical infrastructure networks is now at “a scale greater than we’d seen before,” an issue he has deemed a defining national security threat. Citing Volt Typhoon, the name given to the Chinese hacking network that was revealed in 2023 to be lying dormant inside U.S. critical infrastructure, Wray said Beijing-backed actors were pre-positioning malware that could be triggered at any moment to disrupt U.S. critical infrastructure. Officials have grown particularly alarmed at Beijing’s interest in infiltrating U.S. critical infrastructure networks, planting malware inside U.S. computer systems responsible for everything from safe drinking water to aviation traffic so it could detonate, at a moment’s notice, damaging cyberattacks during a conflict.

The Netherlands’ spy agencies said in February 2024 that Chinese hackers had used malware to gain access to a Dutch military network in 2023. The agency, considered to have one of Europe’s top cyber capabilities, said it made the rare disclosure to show the scale of the threat and reduce the stigma of being targeted so allied governments can better pool knowledge.

A report released in February 2024 by agencies including the FBI, the Cybersecurity and Infrastructure Agency and the National Security Agency said Volt Typhoon hackers had maintained access in some U.S. networks for five or more years, and while it targeted only U.S. infrastructure directly, the infiltration was likely to have affected “Five Eyes” allies…

Excerpts from  Joe Parkinson, BI Director Says China Cyberattacks on U.S. Infrastructure Now at Unprecedented Scale, WSJ, Feb. 19, 2024

The Right Way to Steal

Leave a reply

Chinese government hackers have compromised the computers of a Navy contractor, stealing massive amounts of highly sensitive data related to undersea warfare — including secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020, according to American officials.   The breaches occurred in January and February  2018, the officials said… The hackers targeted a contractor who works for the Naval Undersea Warfare Center, a military organization headquartered in Newport, R.I., that conducts research and development for submarines and underwater weaponry.

Taken were 614 gigabytes of material relating to a closely held project known as Sea Dragon, as well as signals and sensor data, submarine radio room information relating to cryptographic systems, and the Navy submarine development unit’s electronic warfare library…This fact raises concerns about the Navy’s ability to oversee contractors tasked with developing ­cutting-edge weapons.

For years, Chinese government hackers have siphoned information on the U.S. military, underscoring the challenge the Pentagon faces in safeguarding details of its technological advances. Over the years, the Chinese have snatched designs for the F-35 Joint Strike Fighter; the advanced Patriot PAC-3 missile system; the Army system for shooting down ballistic missiles known as Terminal High Altitude Area Defense; and the Navy’s new Littoral Combat Ship, a small surface vessel designed for near-shore operations, according to previous reports prepared for the Pentagon.  In some cases, suspected Chinese breaches appear to have resulted in copycat technologies…

Investigators say the hack was carried out by the Chinese Ministry of State Security, a civilian spy agency responsible for counterintelligence, foreign intelligence and domestic political security. The hackers operated out of an MSS division in the province of Guangdong, which houses a major foreign hacking department….

In September 2015, in a bid to avert economic sanctions, Chinese President Xi Jinping pledged to President Barack Obama that China would refrain from conducting commercial cyberespionage against the United States. …Both China and the United States consider spying on military technology to fall outside the pact.

Excerpts from Ellen Nakashima and Paul Sonne, China hacked a Navy contractor and secured a trove of highly sensitive data on submarine warfare, Washington Post, June 8, 2018

Space Weapons and Space Law

Leave a reply

“Policy, law and understanding of the threat to space is lagging behind the reality of what is out there,” warned Mark Roberts, a former Ministry of Defence official who was in charge of government space policy and the UK’s “offensive cyber portfolio”.….

The disabling of satellites would have a disastrous impact on society, knocking out GPS navigation systems and time signals. Banks, telecommunications, power and many infrastructures could fail, Roberts told the conference….Agreements such as the 1967 Outer Space treaty and the 1979 Moon treaty are supposed to control the arms race in space. Some states have signed but not ratified them, said Maria Pozza, research fellow at the Lauterpacht Centre for International Law at Cambridge University.  Existing treaties do not specify where air space ends and outer space begins – although 100km (62 miles) above the Earth is becoming the accepted limit.

The Navstar constellation of satellites was used to provide surveillance of Iraq during the Gulf war in 1991. Was that, asked Pozza, an aggressive use of space, a “force-multiplier”? Satellites may have also been used to photograph and locate al-Qaida bases, Osama bin Laden or even assess future strikes against Syria.

The Chinese government has recently moved to support a 2012 EU code of conduct for space development, which, Pozza said, was a softer law. The draft Prevention of the Placement of Weapons in Outer Space treaty has not yet been agreed. “Are we dismissing the possibility of a hard law or giving it a good chance?” Pozza asked.

The Chinese tested an anti-satellite weapon in 2007 that destroyed a defunct orbiting vehicle and showered debris across near Earth orbits. Other satellites have been jammed by strong radio signals. BBC transmissions to Iran were disrupted during this year’s elections through ground signals ostensibly sent from Syria.

In 2011, hackers gained control of the Terra Eos and Landsat satellites, Roberts said. The orbiting stations were not damaged. “The threat can now be from a laptop in someone’s bedroom,” he added.

Professor Richard Crowther, chief engineer at the UK Space Agency, said scientists were now exploring the possibility of robotic systems that grapple with and bring down disused satellites or laser weapons to clear away debris in orbit.  Both technologies, he pointed out, had a potential dual use as military weapons. 3D printing technologies would, furthermore, allow satellite operators to develop new hardware remotely in space.

The UK is formulating its space security policy, group captain Martin Johnson, deputy head of space policy at the MoD, said. Fylingdales, the Yorkshire monitoring station, has been cooperating for 50 years with the USA to enhance “space awareness” and early warning systems. The UK, Johnson said, was now working with the EU to develop a complementary space monitoring system.

Excerpt, Owen Bowcott, legal affairs correspondent, The Guardian, Sept. 11, 2013