Chinese Hackers Disrupt U.S. Space Systems?

Why would China use cyber to disrupt U.S. space capabilities?

Because it’s cheaper, faster, and better than physical disruptions which might generate space debris, leave more evidence, and remove plausible deniability. As you may have been told, when you don’t have declared war, covert is good and overt is bad.

That’s likely why they used cyber space to disrupt U.S. space assets four times from 2007 to 2008 according to the 2011 Report to Congress of the U.S.-China Economic and Security Review Commission (starting on page 216):

• On October 20, 2007, Landsat-7, a U.S. earth observation satellite jointly managed by the National Aeronautics and Space Administration and the U.S. Geological Survey, experienced 12 or more minutes of interference. This interference was only discovered following a similar event in July 2008.

• On June 20, 2008, Terra EOS [earth observation system] AM–1, a National Aeronautics and Space Administration-managed program for earth observation, experienced two or more minutes of interference. The responsible party achieved all steps required to command the satellite but did not issue commands.

• On July 23, 2008, Landsat-7 experienced 12 or more minutes of interference. The responsible party did not achieve all steps required to command the satellite.

• On October 22, 2008, Terra EOS AM–1 experienced nine or more minutes of interference. The responsible party achieved all steps required to command the satellite but did not issue commands.

However, these charges against China are not airtight (or vacuum tested, so to speak), but rather are strongly suggestive based on Chinese past practice and doctrine.

These events are described here not on the basis of specific attribution information but rather because the techniques appear consistent with authoritative Chinese military writings.

None of this is to say China will be giving up on direct ascent anti-satellite weapons (which also have missile defense implications), space-faring proximity operations, or the old reliable jamming and frequency interference; it’s just that cyber attacks are useful additions to the Chinese war chest, with many potential disruptive benefits.

We probably need a Code of Conduct to stop China from pursuing such activities. What’s that, you say? China doesn’t want to participate in the Code of Conduct? And the Outer Space Treaty of 1967 already addresses such events in Article IX?

…If a State Party to the Treaty has reason to believe that an activity or experiment planned by it or its nationals in outer space, including the moon and other celestial bodies, would cause potentially harmful interference with activities of other States Parties in the peaceful exploration and use of outer space, including the moon and other celestial bodies, it shall undertake appropriate international consultations before proceeding with any such activity or experiment. A State Party to the Treaty which has reason to believe that an activity or experiment planned by another State Party in outer space, including the moon and other celestial bodies, would cause potentially harmful interference with activities in the peaceful exploration and use of outer space, including the moon and other celestial bodies, may request consultation concerning the activity or experiment.

So perhaps the U.S. requested consultations on the Chinese space/cyberwar?

The pump don’t work ‘cause the hackers are attackers

Think that cyber war is a distant threat? It isn’t.

Foreign hackers caused a pump at an Illinois water plant to fail last week, according to a preliminary state report. Experts said the cyber-attack, if confirmed, would be the first known to have damaged one of the systems that supply Americans with water, electricity and other essentials of modern life.

Step one: civil defense. It’s cheap, prudent, can be done quickly and without government sponsorship, and may even be necessary.

The pump don’t work ‘cause vandals took the handles? No, it won’t work because of cyberwar. You don’t need a weather man to know which way the wind blow.

Proof You Still Can’t Spell Assange Without A-s-s

Would this cause you to leave your job? 

You are part of an organization whose “primary interest is in exposing oppressive regimes in Asia, the former Soviet bloc, Sub-Saharan Africa and the Middle East, but we also expect to be of assistance to people of all regions who wish to reveal unethical behaviour in their governments and corporations.”

However, your boss ends up being a megalomaniac with a paranoid resistance to transparency, a lack of political neutrality, and an addiction to concentrating power in his own hands.

If you’re Daniel Domscheit-Berg (my goodness, what fun you could have with the first part of that hyphenated last name), the above observation provides a compelling entering argument to spill your guts on the true nature of the WikiLeaks organization, or perhaps better said, of its front-man, Julian Assange.  Remember, you can’t spell Assange without a-s-s.

The review of Domscheit-Berg’s book at the Washington Post brings to mind a more depraved (but less deadly) Jim Jones. 

Of course a guy like Assange needs an enemy to rally around:

Domscheit-Berg was concerned about growing criticism that all of WikiLeaks’s major publications in 2010 were aimed at its “only enemy,” the United States — mostly because focusing on a less visible adversary “wouldn’t have gotten [Assange] on the nightly news.”

That might make you wonder what WikiLeaks didn’t drop.

Domscheit-Berg appears to have only eaten the pudding; perhaps he skipped the kool-aid.

 

Does Stuxnet Have Chinese Origins?

From Forbes:

As far as China goes, I’ve identified 5 distinct ties to Stuxnet that are unique to China as well as provided a rationale for the attack which fits China’s unique role as Iran’s ally and customer, while opposing Iran’s fuel enrichment plans. There’s still a distinct lack of information on any other facilities that suffered damage, and no good explanations for why there was such massive collateral damage across dozens of countries if only one or two facilities in one nation state were the targets however based solely on the known facts, I consider China to be the most likely candidate for Stuxnet’s origin.

If so, think of the exquisite knowledge required, as well as the effort, reported at five man-years, put into the effort. 

That leads one to wonder if this was a non-U.S. led job: we can’t even cut a request for proposal or contract inside the timelines being described.

Stuxnet might be the best global security investment of all time!

The WikiLeaks – Homeland Security Irony

The Department of Homeland Security has publicly seized a number of domain names for alleged copyright infringement. Which particular organization falling under the gigantic Homeland Security umbrella took this action? Immigration and Customs Enforcement, AKA ICE.

Immigration and Customs Enforcement? Really?!

In the meantime, WikiLeaks has and will post volumes of documents with potentially profound national security implications and thumbs its nose at the U.S. government.

Assignment: note the use of irony in the above situation and provide a comment.

The Destructive Power of WikiLeaks

How destructive will the WikiLeaks fallout prove to be? It could be bad. From the Washington Post:

“Without getting into specifics, typical cables describe summaries of meetings, analysis of events in other countries and records of confidential conversations with officials of other governments and with members of civil society,” Crowley said. “They are classified for a very good reason. They contain sensitive information and reveal sources of information that impact our national interests and those of other countries.”

Crowley is State Department spokesman P.J. Crowley. And with a few specifics stuck in, it gets worse. Much worse.

The cables could also show that allies sometimes take private actions that directly contradict publicly declared policies. The London-based daily al-Hayat reported that WikiLeaks is planning to release files that show Turkey has helped al-Qaeda in Iraq – and that the United States has helped the PKK, a Kurdish rebel organization. The documents reportedly suggest that the U.S. has supported the PKK, which has been waging a separatist war against Turkey since 1984 and has been classified by the State Department as a terrorist organization since 1979.

So what is the most powerful nation in the world left to do? To issue what’s effectively a non-state demarche.

“We condemn what WikiLeaks is doing,” Crowley said. “Its actions are gratuitous, harm relations among countries and erode the trust that enables governments to cooperate and collaborate and work together to resolve regional and global challenges. Little good will come from what WikiLeaks has indicated it plans to do.”

There may be less public actions, but if there aren’t, this is a pretty toothless response.

A Worm In Iran’s Nuclear Apple?

And you thought evercookies were a problem…

Surely you’ve heard of Stuxnet, the worm that may be eating up Iran’s nuclear apple?  Tell me you’ve at least thought about it, right?  I mean the news services and their writers have.

Some initial background regarding Israel–completely unrelated so far as you know–from Reuters:

Cyber warfare has quietly grown into a central pillar of Israel’s strategic planning, with a new military intelligence unit set up to incorporate high-tech hacking tactics, Israeli security sources said on Tuesday.

This from the New York Times:

The Iranian government agency that runs the country’s nuclear facilities, including those the West suspects are part of a weapons (more…)