Tag Archives: weaponized virus

From Pegasus to Pariah: Israeli Spying is Not Sexy

Leave a reply

When international news organizations revealed that at least ten governments had used Pegasus, a powerful software tool created by Israel’s NSO Group, to hack into the smartphones of thousands of people around the world, including politicians, human-rights activists and journalists, the Israeli government shrugged. None of its ministers has publicly commented….Israeli defence exporters privately expressed ridicule. “Arms companies can’t keep track of every rifle and bullet they sell to legitimate customers,” said one. “Why should we have higher expectations when it comes to software?…Israeli spying is a sexy subject and these reports are the price for doing business.”

Countries that have received Pegasus software include Brazil, Hungary and India, along with Sunni Arab regimes with whom Israel recently established diplomatic relations: Bahrain, Morocco and the United Arab Emirates. Saudi Arabia, a fellow enemy of Iran, is listed, too. “Deals on cyber-surveillance are the kind of sweetener you can throw into a diplomatic package with a foreign leader,” says a former NSO consultant.

Excerpts from Let Pegasus fly: Israel is loth to regulate its spyware exports, Economist, July 31, 2021

Who is the Boss? Cyber-War

Leave a reply

A new National Cyber Power Index by the Belfer Centre at Harvard University ranks 30 countries on their level of ambition and capability…That America stands at the top of the list is not surprising. Its cyber-security budget for fiscal year 2020 stood at over $17bn and the National Security Agency (NSA) probably gets well over $10bn. The awesome scale of America’s digital espionage was laid bare in leaks by Edward Snowden, a former NSA contractor, in 2013, which showed the agency hoovering up vast amounts of the world’s internet traffic and trying to weaken encryption standards.

China, in second place, has demonstrated a voracious appetite for commercial cyber-espionage abroad and an iron grip on the internet at home. Britain, whose National Cyber Security Centre has parried over 1,800 cyber-attacks since its creation in 2016, is third. Russia, whose spies interfered with America’s last election, is in fourth place. The big surprise is the Netherlands in fifth place, ahead of France, Germany and Canada. Dutch expertise in analyzing malware is particularly sharp…

Many countries outsource the dirtiest work to deniable proxies, like “hacktivists” and criminals….But while stealing things and disrupting networks is important, what matters most over the longer term is control of digital infrastructure, such as the hardware that runs mobile telecommunications and key apps. Dominance there will be crucial to economic strength and national security.

Excerpt from Digital dominance: A new global ranking of cyber-power throws up some surprises, Economist, Sept. 19, 2020

How to Engineer Bacteria to Search for Underground Chemical Weapons: DARPA

Leave a reply

U.S. military researchers asked in 2019 two companies to develop new kinds of biological sensors that can detect underground disturbances or the presence of buried chemicals or weapons.

Officials of the U.S. Defense Advanced Research Projects Agency (DARPA) in Arlington, Va., are looking to Raytheon BBN Technologies, and Signature Science, for the BioReporters for Subterranean Surveillance program.  This project seeks to use indigenous and engineered organisms to sense changes of interest to military commanders in natural and built environments. Raytheon BBN and Signature Science won separate $1.6 million contracts for the Subterranean Surveillance progam.

The two companies will perform laboratory research and proof-of-concept demonstrations of biological sensing systems in well- controlled field tests that take advantage of recent advances in microbial science and synthetic biology to develop biological sensors, signal transducers, and reporters that can reveal subterranean phenomena at a distance.  Bio Reporters should be able to sense a phenomenon at least one meter below the surface, propagate a signal to the surface within seven days, and be continuously detectable on the surface at a distance of 10 meters over the subsequent seven days.

DARPA researchers want Raytheon BBN and Signature Science experts to take advantage of the extensive biological networks that exist underground to monitor large areas to increase the military’s ability to detect subterranean events without the need for precise coordinates.

Excerpts from John Keller, Researchers eye new biological sensors to to detect underground objects like buried chemicals and weapons, https://www.militaryaerospace.com,  Nov. 6, 2019

In more detail  Signature Science and its partner, the Texas A&M University Center for Phage Technology, aim to leverage modern and synthetic phage biology and the straightforward molecular genetics of the harmless soil bacterium Bacillus subtilis to generate a new platform to recognize and report on specific chemical threats underground. The Spore-Phage Amplified Detection (SPADe) method, potentially extensible to explosives, radiation or physical disturbance sensing, seeks to substantially advance currently used techniques which rely heavily on manual soil testing. 

Cyber-Attacking Nuclear Plants: the 3 000 cyber bugs

Leave a reply

In the first half of 2019 , no country endured more cyber-attacks on its Internet of Things—the web of internet-connected devices and infrastructure—than India did. So asserts Subex, an Indian telecommunications firm, which produces regular reports on cyber-security. Between April and June of 2019, it said, recorded cyber-attacks jumped by 22%, with 2,550 unique samples of malware discovered. Some of that malicious code is turning up in hair-raising places.

On October 28, 2019 reports indicated that malware had been found on the computer systems of Kudankulam Nuclear Power Plant in Tamil Nadu, the newest and largest such power station in India. Pukhraj Singh, a cybersecurity researcher who formerly worked for the National Technical Research Organisation (NTRO), India’s signals-intelligence agency, says he was informed of the malware by an undisclosed third party in September, and notified the government.The attackers, he said, had acquired high-level access and struck “extremely mission-critical targets”…. On October 30, 2019 the body that operates nuclear power plants acknowledged, sheepishly, that a computer had indeed been infected, but it was only an “administrative” one.

Sensitive sites such as power plants typically isolate the industrial-control systems (those that control the workings of a plant) from those connected to the wider internet. They do so using air-gaps (which involve disconnecting the system from the wider world), firewalls (which monitor data-flows for suspicious traffic) or data diodes (which allow information to flow out but not in).

But breaching a computer on the outside of these digital moats is nevertheless troubling. It could have given the attackers access to sensitive emails, personnel records and other details which would, in turn, make it easier to gain access to the more isolated operational part of the plant. America and Israel are thought to have sneaked the devastating Stuxnet virus into Iran’s air-gapped uranium-enrichment plant at Natanz around 2007 by planting a USB stick on a worker, who carried it inside and plugged it in.

The culprit behind the Kudankulam attack is unknown, but left some clues. The malware in question is from a family known as DTrack, which gives attackers an intimate look at what victims are doing—down to their keystrokes. It is typically used to monitor a target, making it easier to deliver further malware. DTrack was originally developed by a group of hackers known as the Lazarus Group, who are widely assumed to be controlled or directed by North Korea.

Excerpts from On the DTrack: A cyber-attack on an Indian nuclear plant raises worrying questions, Economist, Nov. 1, 2019

Humans as Lab Rats: Weaponizing Ticks

Leave a reply

In July 2019, the US House of Representatives added an unusual amendment to the 2020 U.S. defense budget: a requirement that the Department of Defense reveal details of any biological warfare research it did involving ticks during the Cold War. The requirement stems from allegations that Lyme disease was actually a biowarfare experiment accidentally released into the wild.  The amendment was added to the defense budget by New Jersey Congressman Christopher Smith. It calls on the U.S. government to “conduct a review of whether the Department of Defense experimented with ticks and other insects regarding use as a biological weapon between the years of 1950 and 1975.”

If there was any sort of research the Pentagon Inspector General “must provide the House and Senate Armed Services committees with a report on the experiments’ scope and ‘whether any ticks or insects used in such experiments were released outside of any laboratory by accident or experiment design.’”

The call for information comes after the publication of the book Bitten: The Secret History of Lyme Disease and Biological Weapons. A major allegation in the book is that Willy Burgdorfer, the discoverer of the bacterium that causes Lyme Disease, claimed that the disease was the result of a biological weapons program that went awry. Burgdorfer himself was involved in biological warfare programs that involved using blood-sucking insects, including fleas, ticks, and mosquitoes, as vectors for the transmission of human diseases.

Weaponizing bugs isn’t a completely novel idea. Imperial Japan weaponized insects, typically fleas infected with plague and cholera, where they were used against the civilian population in China. The Japanese military organization responsible for the research, Unit 731, was later rounded up by the U.S. military after the war.  Despite committing serious, egregious crimes against humanity, including vivisection, members of the unit were only lightly punished by the Allies, reportedly in exchange for research data.

Lyme Disease affects approximately 30,000 people a year, primarily in the northeastern United States. The book alleges biowarfare research involving ticks took place at Fort Detrick, Maryland, and Plum Island, New York—both areas where CDC maps note the disease is very prevalent, but the CDC itself does not have an opinion on the allegation.

So…Did the Pentagon Use Ticks for Biological Warfare?, Popular Mechanics. July 17, 2019.

Hacking Nuclear Plants – South Korea

Leave a reply

Korea Hydro & Nuclear Power Co Ltd said it would beef up cybersecurity by hiring more IT security experts and forming an oversight committee, as it came in for fresh criticism from lawmakers following recent hacks against its headquarters.  The nuclear operator, part of state-run utility Korea Electric Power Corp, said earlier this month that non-critical data had been stolen from its systems, while a hacker threatened in Twitter messages to close three reactors.

The control systems of the two complexes housing those reactors had not been exposed to any malignant virus, Seoul’s energy ministry and nuclear watchdog said in a joint statement, adding the systems were inaccessible from external networks.  Energy Minister Yoon Sang-jick told a parliamentary session that evidence of the presence and removal of a “worm” — which the ministry said was probably inadvertently introduced by workers using unauthorized USB devices — was unrelated to the recent hacking incidents, drawing scepticism from some lawmakers.  “I doubt control systems are perfectly safe as said,” Lee Jung-hyun, a lawmaker in the ruling Saenuri party, told the committee hearing.

Worries about nuclear safety in South Korea, which relies on nuclear reactors for a third of its power and is the world’s fifth-largest nuclear power user, have mounted since the 2011 Fukushima disaster in Japan and a domestic scandal in 2012 over the supply of reactor parts with fake security certificates…Korea Hydro and Nuclear Power President and CEO Cho Seok told the hearing that all control systems of the country’s 23 nuclear reactors were safe against malignant codes. Recently, he said that cyberattacks on non-critical operations at the company’s headquarters were continuing, although he did not elaborate for security reasons.

Excerpt from South Korea nuclear operator finds computer ‘worm’ in control system, Reuters, Jan, 1, 2015