Cyberwars: Watching the US and China in Real-Time

norse-hacking-map-640x353Since the dawn of the internet age, there has been no shortage of stories about hackers, malware-peddling malcontents, online scams and identity theft. Add to that the growing consensus that wars in the future will be fought online through “cyberwarfare divisions”, and you can understand why such positive statements once made about the internet – like how it would bring the world together and create “a global village” – would seem incredibly naive now.

However, despite the prevalence of hacking and cyberwarfare-related fear, very few people have actually experienced what it is like. After all, the effects of hacking are mostly invisible to the untrained eye, with the exception of very-high-profile database breaches. Now, though, a security company has produced a fascinating geographic map that shows global hacking attempts in real-time. And of course, the ongoing battle between US and Chinese forces accounts for much of it.

norse-china-usa-hacking-smallerThe real-time map, maintained by the Norse security company, shows who’s hacking who and what attack vectors are being used. The data is sourced from a network of “honeypot” servers – essentially a juicy-looking target that turns out to be a trap -maintained by Norse, rather than real-world data from the Pentagon, Google, or other high-profile hacking targets. The Norse website has some info about its “honeynet,” but it’s understandably quite sparse on actual technical details.

If you watch the map for a little while, it’s clear that most attacks originate in either China or the US, and that the US is by far the largest target for hack attacks. You can also see that the type of hack used, indicated by the target port, is rather varied. Microsoft-DS (the port used for Windows file sharing) is still one of the top targets , but DNS, SSH, and HTTP are all very popular too. CrazzyNet and Black Ice – two common Windows backdoor programs often used by script kiddies and criminals – is also sure to pop up.

Unit-61398-Chinese-Army-Hacking-Jobs-With-Great-BenefitsOn occasion, the map is likely to show a big burst of coordinated attacks coming from China and directed towards the US. And while it is difficult to blame these attacks directly on the Chinese government (as they are adept at routing their attacks through other servers) government and independent researchers are confident the majority of these attacks are being directed by the People’s Liberation Army’s Unit 61398 – aka. the PLA’s cyberwarfare division.

A lot of hacks originate in the US, too, but their targets are much more varied. And in cases where Chinese facilities (or other nations that are nominally identified as hostile to the US) you can bet that the US Cyber Command at Fort Meade is behind the lot of them. But the map is still limited in that it uses Norse’s own honeypot operations to identify these attacks, and it therefore cannot be said with absolute certainty that real attacks happen in the same fashion.

nsa_aerialBut a general picture of the size and shape of global hacking and cyberwarfare can be divined by looking at the stats. Back in 2012, the US DOD reported that it was the target of 10 million cyber attacks per day. Likewise, the National Nuclear Security Administration says it saw 10 million attacks per day in 2012. In 2013, BP’s CEO said it sees 50,000 cyber attacks per day, and the UK reported around 120,000 attacks per day back in 2011.

While the extent and purpose of these attacks certainly varies, it is pretty clear that hacking and cyberwarfare is a global problem and something that governments, corporations, and institutions need to pay attention to. Last year, the Obama administration’s announced that it would not sit idly by in the face of stepped up attacks from China. However, the subsequent testimony and document leaks by Snowden showed that the US has been conducting its own attacks the entire time (and even beforehand).

And such is the nature of war, regardless of the context or the weapons used. States rattle their swords claiming they will not tolerate aggression, but there is always a fine line between maintaining one’s defenses and escalating a situation to the point that mutual destruction becomes inevitable. Perhaps the people who are currently fighting this alleged cyberwar should look to the past – specifically to the First World War and the Cold War – to see just how effective “arms races” are!


Cyberwars: NSA Building Quantum Computer

D-Wave's 128-qubit quantum processorAs documents that illustrate the NSA’s clandestine behavior continue to be leaked, the extents to which the agency has been going to gain supremacy over cyberspace are becoming ever more clear. Thanks to a new series of documents released by Snowden, it now seems that these efforts included two programs who’s purpose was to create a ““useful quantum computer” that would be capable of breaking all known forms of classical encryption.

According to the documents, which were published by The Washington Post earlier this month, there are at least two programs that deal with quantum computers and their use in breaking classical encryption — “Penetrating Hard Targets” and “Owning the Net.” The first program is funded to the tune of $79.7 million and includes efforts to build “a cryptologically useful quantum computer” that can:

sustain and enhance research operations at NSA/CSS Washington locations, including the Laboratory for Physical Sciences facility in College Park, MD.

nsa_aerialThe second program, Owning the Net, deals with developing new methods of intercepting communications, including the use of quantum computers to break encryption. Given the fact that quanutm machinery is considered the next great leap in computer science, offering unprecedented speed and the ability to conduct operations at many times the efficiency of normal computers, this should not come as a surprise.

Such a computer would give the NSA unprecedented access to encrypted files and communications, enadling them to break any protective cypher, access anyone’s data with ease, and mount cyber attacks with impunity. But a working model would also vital for defensive purposes. Much in the same way that the Cold War involved ongoing escalation between nuclear armament production, cybersecurity wars are also subject to constant one-upmanship.

quantum-computers-The-Next-GenerationIn short, if China, Russia, or some other potentially hostile power were to obtain a quantum computer before the US, all of its encrypted information would be laid bare. Under the circumstances, and given their mandate to protect the US’s infrastructure, data and people from harm, the NSA would much rather they come into possesion of one first. Hence why so much attention is dedicated to the issue, since whoever builds the worlds first quantum computer will enjoy full-court dominance for a time.

The mathematical, cryptographical, and quantum mechanical communities have long known that quantum computing should be able to crack classical encryption very easily. To crack RSA, the world’s prevailing cryptosystem, you need to be able to factor prime numbers — a task that is very difficult with a normal, classical-physics CPU, but might be very easy for a quantum computer. But of course, the emphasis is still very much on the word might, as no one has built a fully functioning multi-qubit quantum computer yet.

quantum-entanglement1As for when that might be, no one can say for sure. But the smart money is apparently anticipating one soon, since researchers are getting to the point where coherence on a single qubit-level is becoming feasible, allowing them to move on to the trickier subject of stringing multiple fully-entangled qubits together, as well as the necessary error checking/fault tolerance measures that go along with multi-qubit setups.

But from what it’s published so far, the Laboratory for Physical Sciences – which is carrying out the NSA’s quantum computing work under contract – doesn’t seem to be leading the pack in terms of building a quantum computer. In this respect, it’s IBM with its superconducting waveguide-cavity qubits that appears to be closer to realizing a quantum computer, with other major IT firms and their own supcomputer models not far behind.

hackers_securityDespite what this recent set of leaks demonstrates then, the public should take comfort in knowing that the NSA is not ahead of the rest of the industry. In reality, something like a working quantum computer would be so hugely significant that it would be impossible for the NSA to develop it internally and keep it a secret. And by the time the NSA does have a working quantum computer to intercept all of our encrypted data, they won’t be the only ones, which would ensure they lacked dominance in this field.

So really, thess latest leaks ought to not worry people too much, and instead should put the NSAs ongoing struggle to control cyberspace in perspective. One might go so far as to say that the NSA is trying to remain relevant in an age where they are becoming increasingly outmatched. With billions of terabytes traversing the globe on any given day and trillions of devices and sensors creating a “second skin” of information over the globe, no one organization is capable of controlling or monitoring it all.

So to those in the habit of dredging up 1984 every time they hear about the latest NSA and domestic surveillance scandal, I say: Suck on it, Big Brother!


Cyberwars: Massive Government Surveillance Uncovered!

wire_tappingOn Friday, Washington DC found itself embroiled in controversy as revelations were made about the extent to which US authorities have been spying on Americans in the last six years. This news came on the heels of the announcement that the federal government had been secretly cataloging all of Verizon’s phone records. No sooner had the dust settled on that revelation that it became known that the scope of the Obama administration’s surveillance programs was far greater than anyone had imagined.

According to updated information on the matter, it is now known that The National Security Agency (NSA) and the FBI have been tapping directly into the central servers of nine leading U.S. Internet companies, extracting everything from audio and video chats, photographs, e-mails, documents, and connection logs that would enable their analysts to track foreign targets.

prism3This information was revealed thanks to a secret document that was leaked to the Washington Post, which shows for the first time that under the Obama administration, the communication records of millions of US citizens are being collected indiscriminately and in bulk – regardless of whether they are suspected of any wrongdoing. Equally distressing is the names being named: U.S. Service Providers such as Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.

The document further indicates that all of this has been taking place since 2007, when news disclosures, lawsuits and the Foreign Intelligence Surveillance Court forced then-president George W. Bush to look for new authority to justify his program warrantless domestic surveillance. It’s continuance and expansion under Obama has created a great deal of understandable intrigue, and not only because of promises made that “illegal wiretapping” would not take place under his watch.

prism1The joint FBI-NSA program responsible for mining all the data is known as PRISM, and it may very well be the first of its kind. While the NSA and FBI have a long history of monitoring suspects via phone records and computer activity, and are both accustomed to corporate partnerships that help it divert data traffic or sidestep barriers, such a vast program has never before been possible. In the current information age, there is an immense wealth of information out there, and where better to access all of this than in Silicon Valley?

Not long after the news broke in Washington, London’s Guardian reported that GCHQ, Britain’s equivalent of the NSA, also has been secretly gathering intelligence from the same internet companies through an operation set up by the NSA. According to the same leaked information, PRISM appears to allow the GCHQ to circumvent the formal legal process required in Britain to seek personal material such as emails, photos and videos from an internet company based outside of the country.

prism2But perhaps worst of all is the fact that this process is entirely above board, at least for the companies involved. Back in 2007, Congress passed the Protect America Act, and then in 2008 followed it up with the FISA Amendments Act, both of which immunized private companies that cooperated voluntarily with U.S. intelligence collection against prosecution. And late last year, when critics in Congress sought changes in the FISA Amendments Act, the only lawmakers who knew about PRISM were bound by oaths of office to hold their tongues.

An anticipated, a bi-partisan amalgam of Senators came out to defend the initial reports of phone record monitoring shortly after it was announced. In a rare display of solidarity that cut across party lines, Democrats and Republicans from both the Senate and House came forward to say that the program was justified, only spied on terrorists, and that law-abiding citizens need not worry.

National Security Agency - aerial view
National Security Agency – aerial view

Once again, the argument “if you’ve done nothing wrong, you’ve got nothing to fear” finds itself employed by people who do not want to voice criticisms about a government spying program. Echoes of the Bush administration and McCarthy era all over again. Needless to say, all of this has many people worried, not the least of which are people opposed to government intrusion and the protection of privacy for the past decade.

Ever since it became possible to “mine data”  from numerous online digital sources, there has been fear that corporations or governments might try to ascertain the habits and comings and goings of regular people in order to effectively monitor them. For some time now, this sort of monitoring has been somewhat benign, in the form of anticipating their spending habits and using targeted advertising. But always, the fear that something more sinister and totalitarian might emerge.

government-surveillanceAnd with the “War on Terror”, the Patriot Act, domestic warrantless wiretapping, the legitimization of torture, and a slew of other crimes the Bush administration was indicted in, people all over the world have become convinced that “Big Brother” government is just around the corner, if indeed it is not already here.

The fact that such processes have continued and even expanded under Obama, a man who originally pledged not to engage in such behavior, has made a bad situation worse. In many ways, it demonstrates that fears that he too would succumb to internal pressure were justified. Much as he was won over by the Pentagon and CIA to continue the war in Afghanistan and UAV programs, it seems that the constellation of FBI and NSA specialists advising him on domestic surveillance has managed to sway him here as well.

Stealth-Wear1One can only hope that this revelation causes the federal government and the Obama administration to reconsider their stances. After all, these are the same people who were convinced to stand down on the use of UAVs in oversees operations and to take measures that would ensure transparency in the future. We can also hope that the NSA and FBI will be required to once again have to rely on the court system and demonstrate “just cause” before initiating any domestic surveillance in the future.

Otherwise, we might all need to consider getting our hands on some stealth wear and personal cameras, to shield ourselves and create an environment of “sousveillance” so we can spy on everything the government does. Might not hurt to start monitoring the comings and goings of every telecommunications and Silicon Valley CEO while were at it! For as the saying goes, “who watches the watchers?” I’ll give you a hint: we do!

Also, be sure to check out the gallery of artist Adam Harvey, the man who pioneered “stealth wear” as a protest against the use of drones and domestic surveillance. To learn more about sousveillance, the concept of a society monitored by common people, check out Steve Mann’s (inventor of the EyeTap) blog.



Cyberwarfare: Not Just for Anarchists Anymore!

Hack the Planet by von Shin Kurohoshi
Hack the Planet by von Shin Kurohoshi

For those deeply concerned about internet security and privacy, the year of 2013 certainly opened with a bang. First, there was the news that a cyberspy ring – apparently operating out of Russia – had been spying on embassies, governments and research institutions around the world for the past five years using a virus dubbed “Red October”. This was back in January, when the Moscow-based antivirus firm known as Kaspersky Lab announced the discovery of the international intrigue.

Then, on Jan. 30th, the New York Times announced that they too have been the target of hackers, this time from China. In a statement released by the newspaper, the company claimed that Chinese hackers have been persistently attacking their publication for the last four months, infiltrating its computer systems and getting passwords for its reporters and other employees.

Jin_jiaboaThe timing of the attacks coincided with a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings. The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them.

With the help of  Mandiant, the internet security company hired by The Times, they were able track the intruders, study their movements and help erect better defenses to block them. In the end, The Times reported that they had successfully expelled the attackers and kept them from breaking back in. However, the fact these hackers were able to infiltrate the network of a private news organization in the first place was much cause for worry.

Cyber-WarFor one, this is not the first time that hackers, originating in China, have used these sort of subterfuge tactics to hack US databases. According to experts at Mandiant, their company has tracked many such intrusions back to the Chinese mainland, all of which used the same approach of cloaking their efforts using US servers. In addition, this incident, which smacked of state-involvement, did not occurr in a vacuum.

Back in 2008, internet security experts indicated that Chinese hackers had begun targeting Western journalists as part of a wider campaign to identify and intimidate their sources and contacts, and to anticipate stories that might damage the reputations of Chinese leaders. The purpose behind this far-reaching and growing spy campaign aimed at corporations, government agencies, activist groups and media organizations inside the US seemed to be for the purpose of controlling China’s public image, domestically and abroad, as well as stealing trade secrets.

cyber-war-1024x843But of course, China is hardly alone in these sorts of covert cyber-warfare. As already mentioned, Russia has already shown signs of developing cyber weapons to assist in spying abroad, and there’s mounting evidence that Israel, Iran and the US are on board too. Starting in 2008, Iran’s main nuclear enrichment plant was hit by a sophisticated computer worm that caused damage to it, thus putting a crink in their efforts to become a nuclear power.

While no one took responsibility for this incident, the evidence seemed to indicate that the worm originated from sources within Israel and the US. Attacks which took place later on American banks and oil companies within the US were believed to have been caused by Iran, in retaliation for the worm that hurt their main source of enriched uranium and a key component in their nuclear program.

anonymous_flagFor some time now, hacking federal databases has become something of a sport for various groups and causes who are seeking to reveal government secrets and expose their inner workings to public scrutiny. The “Hacktivist” group known as Anonymous is a perfect example, a group closely linked to Assange (of Wikileaks) who’s most recent infiltration of the Federal Reserve Bank made the news earlier this month as well.

But as I’m sure all will agree, it’s one thing when private citizen attack domestic and foreign databases, and quite another when nations attack each others. While cyber criminals may constitute a vague and slippery enemy, one which is much harder to identify and prosecute, nation-states constitute a far more frightening one. Not only are their resources far more vast, the consequences of battling them are far greater.

Knowing who your enemy is, and that they have nuclear capabilities and the ability to strike at you physically… Yes, I think that’s a much scarier prospect! While the old ways of plausible deniability and covert action may apply, no one likes the idea of subtle attacks which could escalate into a full-scale conflict. Even if it is waged entirely by computer, the effects are still likely to be felt!