HQDA Cyber Directorate Weekly Media Report

31 December 2016-4 January 2017

Table of Contents


Army’s RCO Approves Strategy to Prototype Electronic Warfare Capability

Defense News, 30 Dec 16, Jen Judson

Army Lasers Will Soon Destroy Enemy Mortars, Artillery and Drones From Strykers

Scout Warrior, 31 Dec 16, Kris Osborn

New in 2017: New Army secretary

Army Times, 2 Jan 17, Michelle Tan and Leo Shane


Why China and Russia Should Fear What Comes after the F-35 Stealth Fighter

Scout Warrior, 3 Jan 17, Kris Osborn

Opinion: Improve Land-based Electronic Warfare Aircraft Readiness

USNI News, 3 Jan 17, Col. H. Wayne Whitten


Doubt cast that Moscow tried to hack Vermont utility, Washington Post says

CBS News, 3 Jan 17, Unattributed

Chinese Information Warfare: The Panda That Eats, Shoots, and Leaves

The Washington Free Beacon, 3 Jan 17, Bill Gertz

Thai army to recruit civilian ‘cyber warriors’ following Anonymous’ onslaught on government sites

International Business Times, 4 Jan 17, India Ashok

IDF Reveals Model City Used to Train Cyber Defense Units

The Algemeiner, 3 Jan 17, Shiryn Ghermezian


Trump derides intel briefing on ‘so-called’ Russian hacking

CNN, 4 Jan 17, Unattributed

Democrats talk up the one Trump nomination they can torpedo

Politico, 3 Jan 17, Austin Wright and Jeremy Herb

Sasse, Perdue join Armed Services Committee

The Hill, 3 Jan 17, Rebecca Kheel

Senate push for new Russia hacking probe fizzles

Politico, 3 Jan 17, Burgess Everett

***Relevant Conferences & Events listed at bottom of report.


Army’s RCO Approves Strategy to Prototype Electronic Warfare Capability

Defense News, 30 Dec 16, Jen Judson

The Army’s newest outfit — set up to quickly fill land forces capability gaps — will make major headway in 2017, particularly in the realm of electronic warfare, an area where adversaries, such as Russia, have shown startling prowess in recent years.

The Rapid Capabilities Office (RCO) — officially formed in August — is designed to zero in on the Army’s biggest requirements with the intent to deliver capabilities within a one- to five-year horizon. It’s part of the service’s aggressive overhaul to its troubled procurement system and pushes even beyond acquisition reform outlined in the 2016 defense policy.

In the coming years, the RCO has decided to prioritize what ground maneuver forces are going to need to fight in contested domains now and into the future.

The Army must be able to operate through the electromagnetic spectrum in a way that influences adversaries and ultimately defeats their capabilities. Because of this need, the RCO is working to develop robust electronic and cyber warfare capabilities as well as the ability to navigate without GPS — otherwise known as Precision Navigation and Timing (PNT).

The RCO’s board met in mid-December and received approval for a “phased” way ahead to rapidly prototype electronic warfare capability, Maj. Gen. Walter Piatt, the RCO’s director of operations, told Defense News in an interview the day after the board meeting.

While Piatt could not detail the effort because much of it is classified, “the purpose is not to wait for perfect, but to get capabilities that exist today that we can rapidly prototype, get them in the hands of operators … to be able to put into an operational assessment,” and “over time learn from that and keep improving that prototype or that method or doctrine or training approach so we can get to the right answer and form the more long term program.”

The approach is designed, in part, to address an electronic warfare capability operational needs statement from US Army Europe. The RCO traveled to Europe at the end of November into early December to ensure it understood what the European theater needs to operate against adversaries with strong electronic warfare capabilities.

The trip confirmed a “shared understanding of the problem,” Piatt said, and the urgency to “get going faster to close that strategic gap and allow our land forces to maneuver in contested domains.”

The phased approach, according to Piatt, will repurpose existing material the Army already has within six months and ramp up training across the chain of command.

Col. Jeffrey Church, the chief of strategy and policy in the cyber directorate, has long lamented the slow pace of the Army’s previous fielding plan for EW capability.. He told Defense News in March that bringing the ability to detect signals and jam them wouldn’t reach initial operational capability until 2023. But Church indicated this month he is more optimistic the capability will be fielded earlier due to efforts across the Army including the RCO.

Then the service will rapidly prototype an EW capability for limited fielding and operational assessments within a year. Some of the assessments will be conducted in Europe and some in the US. The RCO is also looking for more opportunities to incorporate capability assessments into more exercises to refine its solutions more quickly.

While the plan will fulfill the electronic warfare operational needs statement from Europe, it won’t be “the answer” in terms of a full capability, Piatt noted.

There isn’t a single system out there that is going to solve all electromagnetic spectrum challenges for ground maneuver, he said. Electronic warfare has three components: electronic protection, electronic support and electronic attack.

The Army has work to do particularly in the electronic support and attack capabilities, Piatt said. The service has to be able to read the environment to know where the enemy is and where the enemy is using its capabilities to deny the Army’s capabilities. Then the commander needs to have options in terms of how to defeat the enemy’s capability.

One system may work well in a mounted version while it doesn’t work well with a dismounted soldier. “Where we use it, how it’s used, each one will have its advantages and disadvantages,” but the assessments using prototypes will inform the greater Army on a path forward, Piatt said.

The RCO did not recommend an immediate way ahead in the areas of cyber and PNT at the most recent board meeting, Piatt said.

With PNT, “we are very close,” he said. “What we gave them was an update on where we are in our study.” The RCO will come back in a month to re-address the approach.

Piatt said the office would have liked to have a PNT strategy approved by now but “it’s a real technical challenge.”

The good news, he added, is that with the capability the Army already has, it isn’t starting from ground zero. “We are trying to figure out how, what modifications can be made in our systems, to create a very efficient way to operate in this denied environment,” Piatt said. “We think it’s doable but we don’t have all the answers yet.”

The RCO is also trying to centralize its focus in cyber efforts because currently there are “too many areas that need work.” Once a focus is determined, RCO will be able to design an approach, according to Piatt.

Another capability area that the RCO may end up taking on down the road is long-range precision fires, Piatt noted. The Army has made it a priority within its modernization strategy.

The RCO, the entire Army staff and the Pentagon’s Strategic Capabilities Office are working on how the service might move faster to bring on greater capability in that area. Piatt added there are many different ways the RCO can become involved down the road.

Back to Top

Army Lasers Will Soon Destroy Enemy Mortars, Artillery and Drones From Strykers

Scout Warrior, 31 Dec 16, Kris Osborn

The Army and General Dynamics Land Systems are developing a Stryker-mounted laser weapon aimed at better arming the vehicle to incinerate enemy drones or threatening ground targets.

Concept vehicles are now being engineered and tested at the Army’s Ft. Sill artillery headquarters as a way to quickly develop the weapon for operational service. During a test this past April, the laser weapons successful shot down 21 out of 23 enemy drone targets.

The effort marks the first-ever integration of an Army laser weapon onto a combat vehicle.

“The idea is to provide a solution to a capability gap which is an inability to acquire, track and destroy low, slow drones that proliferate all over the world,” Tim Reese, director of strategic planning, told Scout Warrior in an interview.

The weapon is capable of destroying Group 1 and Group 2 small and medium-sized drones, Reese added.

The laser, which Reese says could be ready for additional tests as soon as 11-months from now, will be integrated into the Fire Support Vehicle Stryker variant designed for target tracking and identification.

General Dynamics Land Systems is now working on upgrading the power of the laser from two kilowatts of power to five kilowatts. The laser weapon system uses its own tracking radar to acquire targets in the event that other sensors on the vehicle are disabled in combat and has an electronic warfare jamming system intended to jam the signal of enemy drones. Boeing is the maker of the fire-control technology integrated into the laser weapon. The laser is also integrated with air-defense and field artillery networks

“The energy of the laser damages, destroys and melts different components of the target,” Reese explained.

The Army is now in research and test mode, with a clear interest in rapidly deploying this technology. Reese added that GDLS anticipates being able to fire an 18-kilowatt laser from the Stryker by 2018.

One of the challenges with mobile laser weapons is the need to maintain enough exportable power to sustain the weapon while on-the-move, developers have explained.

“As power goes up, the range increases and time to achieve the melt increases. You can achieve less than one-half of the burn time,” he said.

This initiative is of particular relevance given the current tensions in Europe between Russia and NATO. US Army Europe has been amid a large-scale effort to collaborate with allies on multi-lateral exercises, show an ability to rapidly deploy armored forces across the European continent and up-gun combat platforms stationed in Europe such as the Stryker.

Lasers at Forward Operating Bases

The Army is planning to deploy laser weapons able to protect Forward Operating Bases (FOB) by rapidly incinerating and destroying approaching enemy drones, artillery rounds, mortars and cruise missiles, service leaders told ScoutWarrior.

Forward-deployed soldiers in places like Afghanistan are familiar with facing incoming enemy mortar rounds, rockets and gunfire attacks; potential future adversaries could launch drones, cruise missiles, artillery or other types of weapons at FOBs.

Adding lasers to the arsenal, integrated with sensors and fire-control radar, could massively help U.S. soldiers quickly destroy enemy threats by burning them out of the sky in seconds, Army leaders said.

Laser weapons have been in development with the Army for many years, Mary Miller, Deputy Assistant Secretary, Research and Technology, told Scout Warrior in an interview several months ago.

“We’ve clearly demonstrated you can takeout UAVs pretty effectively. Now we are not only working on how we take out UAVs but also mortars and missiles–and eventually cruise missiles,” she said.

The emerging weapons are being engineered into a program called Indirect Fire Protection Capability, or IFPC Increment 2. Through this program, the Army plans to fire lasers to protect forward bases by 2023 as part of an integrated system of technologies, sensors and weapons designed to thwart incoming attacks.

At the moment, Army soldiers at Forward Operating Bases use a system called Counter Rocket, Artillery, Mortar – or C-RAM, to knock down incoming enemy fire such as mortar shells. C-RAM uses sensors alongside a vehicle-mounted 20mm Phalanx Close-in-Weapons-System able to fire 4,500 rounds per minute. The idea is to blanket an area with large numbers of small projectiles as a way to intercept and destroy incoming artillery, rocket or mortar fire.

Also, lasers bring the promise of quickly incinerating a wide range of targets while helping to minimize costs, Miller explained.

“The shot per kill (with lasers) is very inexpensive when the alternative is sending out a multi-million dollar missile,” Miller said.

Boeing’s Avenger Laser weapon successfully destroyed a drone in 2008 at White Sands Missile Range. Army weapons developers observed the test.

The Army is also developing a mobile high-energy solid-state laser program called the High Energy Laser Mobile Demonstrator, or HEL MD. The weapon mounts a 10 kilowatt laser on top of a tactical truck. HEL MD weapons developers, who rotate the laser 360-degrees on top of a Heavy Expanded Mobility Tactical Truck, say the Army plan is to increase the strength of the laser up to 100 Kilowatts, service officials said.

“The supporting thermal and power subsystems will be also upgraded to support the increasingly powerful solid state lasers. These upgrades increase the effective range of the laser or decrease required lase time on target,” an Army statement said

In November of 2013, the U.S. Army Space and Missile Defense Command/Army Forces Strategic Command used the HEL MD, a vehicle-mounted high energy laser, to successfully engage more than 90 mortar rounds and several unmanned aerial vehicles in flight at White Sands Missile Range, N.M.

“This was the first full-up demonstration of the HEL MD in the configuration that included the laser and beam director mounted in the vehicle. A surrogate radar (Enhanced Multi Mode Radar) supported the engagement by queuing the laser,” an Army statement said.

Miller explained how the Army hopes to build upon this progress to engineer laser weapons able to destroy larger targets at farther ranges. She said the evolution of laser weapons has spanned decades.

“We first determined we could use lasers in the early 60’s. It was not until the 90’s when we determined we could have the additional power needed to hit a target of substance. It took us that long to create a system and we have been working that kind of system ever since,” Miller added.

Back to Top

New in 2017: New Army secretary

Army Times, 2 Jan 17, Michelle Tan and Leo Shane

A West Point graduate and billionaire philanthropist has been nominated to be the next Army secretary.

As President-elect Donald Trump builds his team at the Pentagon, he announced Dec. 19 that he has nominated Vincent Viola for the top Army civilian job.

Viola, founder of digital stock trading firm Virtu Financial and owner of the National Hockey League’s Florida Panthers, is a 1977 West Point graduate who rose to the rank of major in the Army Reserve.

If confirmed by the Senate, Viola will replace Eric Fanning, who was sworn in in May after a bumpy eight-month confirmation process.

Before the Army, Fanning served in key leadership positions in the Air Force and Navy. He also was Defense Secretary Ash Carter’s chief of staff and one of his closest advisers.

Fanning also marked a milestone: he is the first openly gay secretary of a military service.

The Army secretary is responsible for all matters relating to the Army, from manpower and personnel to installations, financial management and weapons system and equipment acquisition.

Fanning’s successor will lead the Army during a critical period that includes continuing budget constraints, growing demand for troops around the world, more troop cuts, and growing instability around the world.

As of late December, no timetable had been set for when Viola’s confirmation hearing may take place. In a statement, he called the responsibility of the role an honor and a challenge.

“If confirmed, I will work tirelessly to provide our president with the land force he will need to accomplish any mission in support of his national defense strategy,” Viola said. “A primary focus of my leadership will be ensuring that America’s soldiers have the ways and means to fight and win across the full spectrum of conflict.”

Viola brings a wealth of business experience to Trump’s Pentagon, and will be a key figure in helping carry out the next president’s promises to cut waste and build up America’s armed forces.

The 60-year-old businessman is a former chairman of the New York Mercantile Exchange and was serving in that role during the Sept. 11 attacks in New York and Washington, D.C.

In response, he helped found the Combating Terrorism Center at West Point, a privately funded research wing of the school focused on “counterterrorism policy and strategy” and “ways to confront the dynamic threat environment” facing America today.

He has also been a donor to numerous Army charities and support networks, including the Army Cyber Institute, the Modern War Institute and Army athletic programs.

He’s the son of Italian immigrants, and his father served in the U.S. Army during World War II.

Back to Top


Why China and Russia Should Fear What Comes after the F-35 Stealth Fighter

Scout Warrior, 3 Jan 17, Kris Osborn

The Pentagon’s 6th Generation Fighter may be stealthy and will likely have next-generation computers, electronic warfare technology, speed, weapons and sensors.

Fighter jets in 20-years may likely contain the next-generation of stealth technoology, electronic warfare, sophisticated computer processing and algorithms, increased autonomy, hypersonic weapons and so-called “smart-skins” where sensors are built into the side of the aircraft itself.

Some of these characteristics may have been on display earlier this year when Northrop Grumman’s SuperBowl AD revealed a flashy first look at its rendering of a new 6th-generation fighter jet. Northrop is one of a number of major defense industry manufacturers who will bid for a contract to build the new plane – when the time is right.

The new aircraft, engineered to succeed the 5th-generation F-35 Joint StrikeFighter and explode onto the scene by the mid 2030s, is now in the earliest stages of conceptual development with the Air Force and Navy. The two services are now working together on early conceptual discussions about the types of technologies and capabilities the aircraft will contain. While the Air Force has not yet identified a platform for the new aircraft.

The Navy’s new aircraft will, at least in part, replace the existing inventory of F/A-18 Super Hornets which will start to retire by 2035, Navy officials said.

The Navy vision for a future carrier air wing in 2040 and beyond is comprised of the carrier-launched variant of the Joint Strike Fighter, the F-35C, and legacy aircraft such as the EA-18G Growler electronic jamming aircraft.

Also, around this time is when Navy planners envision its 6th generation aircraft to be ready, an aircraft which will likely be engineered for both manned and unmanned missions.

Technologies are rapidly advancing in coatings, electromagnetic spectrum issues, maneuvering, superiority in sensing the battlespace, communications and data links, Navy leaders have said.

Navy officials also add that the Navy is likely to develop new carrier-launched unmanned air vehicles in coming years as well.

Analysts have speculated that as 6th generation developers seek to engineer a sixth-generation aircraft, they will likely explore a range of next-generation technologies such as maximum sensor connectivity, super cruise ability and an aircraft with electronically configured “smart skins.”

Maximum connectivity would mean massively increased communications and sensor technology such as having an ability to achieve real-time connectivity with satellites, other aircraft and anything that could provide relevant battlefield information.The new aircraft might also seek to develop the ability to fire hypersonic weapons, however such a development would hinge upon successful progress with yet-to-be-proven technologies such as scramjets traveling at hypersonic speeds. Some tests of early renderings of this technology have been tested successfully and yet other attempts have failed.

Super cruise technology would enable the new fighter jet to cruise at supersonic speeds without needing afterburner, analysts have explained.

Smart aircraft skins would involve dispersing certain technologies or sensors across the fuselage and further integrating them into theaircraft itself, using next-generation computer algorithms to organize and diplay information for the pilot.

Smart skins with distributed electronics means that instead of having systems mounted on the aircraft, you would have apertures integrated on the skin of the aircraft, analysts have said.

This could reduce drag, increase speed and maneuverability while increasing the technological ability of the sensors.

It is also possible that the new 6th-generation fighter could use advanced, futuristic stealth technology able to enable newer, more capable air defenses. The air defenses of potential adversaries are increasingly using faster computing processing power and are better networked together, more digital, able to detect a wider range of frequencies and able to detect stealthy aircraft at farther distances.

The new 6th-generation fighter will also likey fire lasers and have the ability to launch offensive electronic attacks.

Back to Top

Opinion: Improve Land-based Electronic Warfare Aircraft Readiness

USNI News, 3 Jan 17, Col. H. Wayne Whitten

President-Elect Donald Trump has called for hard-hitting initiatives to be included in a first-100-day thrust to make America strong again. Hoping to be included in that effort are some common-sense, low-cost changes to our land-based expeditionary electronic warfare (EW) force posture that would immediately improve operational readiness and have a positive economic effect to boot.

These changes would delay, if not cancel, the ill-timed phase-out of Marine Corps EW aircraft; retaining the highly-trained aircrews; and a geographic realignment of the Navy’s expeditionary squadrons. These are proactive force posture changes that would signal a higher priority for warfighting readiness without increasing deployments abroad.

As the combatant commanders know – and our adversaries respect – this is about the frontline force they call upon to support warfighters engaged in operations across the spectrum of conflict. EW aircraft and their powerful electronic attack systems were initially designed to counter sophisticated air defenses but now support ground and special operations forces engaged in conventional and asymmetric warfare. These versatile assets are fully integrated into the battlespace command and control architecture to provide commanders unparalleled situational awareness and targeting to support battle management decisions. With an ever-evolving array of offensive EW weaponry that now extends to PSYOPS and on to cyber warfare, they are well equipped for sowing chaos in keeping with a strategy espoused by secretary of defense nominee retired-Gen. James Mattis.

Today EW forces may be tasked to counter improvised explosive devices and communication devices used by ISIS and the Taliban, or target frontline Russian-supplied surface-to-air missiles in Syria that they may be tasked to jam later on. In the Pacific, they stand ready to take on the sophisticated Chinese air defense systems protecting made-made islands as part of their anti-access/area-denial (A2/AD) strategy.

Since the retirement of the U.S. Air Force EF-111s in the mid-1990s, the expeditionary EW mission has been entrusted to the Navy and Marine Corps. That meant the Navy began sharing a mission pioneered by the Marine Corps during the Vietnam War and performed with distinction in the Persian Gulf and Balkan campaigns. For many years both services employed the EA-6B Prowler, initially designed to counter integrated air defense networks but quickly modified during the Iraq War to provide direct support to U.S. and coalition ground and special operations forces. Those efforts came in time for the Prowlers to support Marines engaged in the bloody fight for Fallujah in 2004.

The Navy has now retired its EA-6Bs and is transitioning both its carrier-based and expeditionary squadrons to the EA-18G Growler, a hybrid variant of the F/A-18 Super Hornet. Standup of the Navy’s expeditionary squadrons is not complete, with about 40 new production EA-18Gs yet to be delivered. The expeditionary and carrier-based squadrons are all to be homeported at NAS Whidbey Island, WA.

In a departure from the Navy’s aircraft modernization strategy, the Marine Corps some years ago chose to pass on the Super Hornet and Growler in favor of awaiting development of the F-35B, the V/STOL (vertical and/or short take-off and landing) variant of the Joint Strike Fighter. Unlike the Navy, the Marines saw the promise of the stealthy fifth-generation F-35B with its integrated EW systems as obviating the need for external support in high-threat environments. That premise resulted in the decision not to replace their aging EA-6Bs with new production EA-18Gs. Instead, their VMAQ squadrons are to be phased out in favor of a system-of-systems concept designed around non-dedicated platforms including UAVs to support the ground combat element. The first of four squadrons has already stood down and the second is scheduled to sunset in June 2017. Overall this plan stands down 50 percent of the joint expeditionary EW force and drops a Marine aviation capability that dates back to the Korean War.

These changes are still taking place as scheduled despite major delays in fielding the F-35B and its as-yet unproven capabilities to penetrate emerging air defense radar networks. It will be well over five years before half of the Marines F/A-18 Hornet aircraft that heavily depend on EA-6B support are replaced, and at least three years before the system-of-system concept bears fruit.

There is no planned back-up reserve capability.

The resulting three- to five-year gap in expeditionary EW capability impacts Marine Corps and joint force readiness and must be dealt with quickly by the new administration. Suspending the retirement of the VMAQs and retaining their highly trained and career-oriented EW officers is an obvious first step. They remain a vital component of the force that must be able to “fight tonight” and contribute to joint warfighting requirements. Given the circumstances, this should garner Commandant of the Marine Corps Gen. Robert Neller’s support, as it is in keeping with his recently stated priorities to beef up the Marine Corps’ cyber/EW capabilities.

Luckily the former chief of naval operations, Adm. Jonathan Greenert, an avowed EW advocate, committed the Navy to taking additional EA-18Gs funded by a far-sighted Congress to support both carrier-based and expeditionary requirements. This will help bridge the capability gap but raises operational readiness issues given that all the EA-18Gs are destined to be homeported at NAS Whidbey Island. It’s noble in intent but highly questionable from a roles and mission standpoint that all land-based EW aircraft will be owned by the Navy, the service with the least natural ties and expertise in ground combat operations.

To compound that issue is the imbalance in cross-training afforded joint forces if the entire expeditionary EW force is based on the Northwest coast. The inherent logistical advantages of single-site basing must be secondary to restoring joint force operational readiness and improving joint force warfighting capabilities, two key stated objectives of the Chairman of the Joint Chiefs of Staff Gen. Joseph Dunford. It is also counter to warfighting doctrine which calls for synergistic training of all combatants under train-as-you-will- fight scenarios. Bear in mind over half of the Army, Marine Corps, SOF and tactical Air Force units are in the eastern U.S. Additionally, DoD has a sizable investment in East Coast ranges that continue to be under-utilized for EW training.

Given the increasingly unsettled Middle East and NATO commitments, a realignment of expeditionary forces would send a message to Russia, its Syrian cronies and Iran that the pivot to the Pacific is not an open door for adventurism elsewhere in the world. Achieving a geographic balance by establishing an East Coast homeport for the EA-18Gs is consistent with long-held Navy policy. Eventual re-commissioning of a reserve squadron on the East Coast should also be considered, as there was an EA-6B squadron based at Joint Base Andrews before the transition from Prowlers to Growlers began. Again, the timing is right, as new production deliveries will support standup of EA-18G squadrons on the East Coast.

Finally, the regional economic benefits must not be ignored. Ironically, the increase in aircraft loading at NAS Whidbey Island has created an environmental impact even as the draw down in EA-6Bs at Marine Corps Air Station Cherry Point, NC, and delays in the F-35B deliveries are causing serious economic concerns. One would think North Carolina officials would see now is the time to put aside fears that questioning the EA-6B drawdown would somehow be viewed as threatening the F-35B. In fact, they should be making the case to homeport the Navy expeditionary EA-18Gs at MCAS Cherry Point.

For the first time since the Reagan years the Pentagon’s table of change is set and invitations sent from the new commander-in-chief. For the Marine Corps, this may mean more Title 10 missions “such as the President may direct.” No regrets please, the joint warfighters now more than ever need you to bring your proven EW assets to the table.

Back to Top


Doubt cast that Moscow tried to hack Vermont utility, Washington Post says

CBS News, 3 Jan 17, Unattributed

Federal officials probing suspicious code found on a Vermont utility laptop last week “are finding evidence that the incident is not linked to any Russian government effort to target or hack the utility, according to experts and officials close to the investigation,” The Washington Post reported late Monday night.

According to the Post, “An employee at Burlington Electric Department was checking his Yahoo email account Friday and triggered an alert indicating that his computer had connected to a suspicious IP address associated by authorities with the Russian hacking operation that infiltrated the Democratic Party.

Officials told the company that traffic with this particular address is found elsewhere in the country and is not unique to Burlington Electric, suggesting the company wasn’t being targeted by the Russians. Indeed, officials say it is possible that the traffic is benign, since this particular IP address is not always connected to malicious activity.”

The utility has said the laptop wasn’t connected to the electric grid.

The newspaper says U.S. officials “have found on the device a package of software tools commonly used by online criminals to deliver malware. The package, known as Neutrino, does not appear to be connected with Grizzly Steppe, which U.S. officials have identified as the Russian hacking operation. The FBI, which declined to comment, is continuing to investigate how the malware got onto the laptop.”

The Post notes the utility first said the code on the laptop had been connected by the Department of Homeland Security to Grizzly Steppe but backtracked over the weekend, saying only that it had “detected suspicious Internet traffic” on the device.

“The murkiness of the information underlines the difficulties faced by officials as they try to root out Grizzly Steppe and share with the public their findings on how the operation works,” the Post observes.

The word comes amid concerns that Russian cyberattacks have been more extensive than originally thought. Since the U.S released a report on election-related cyberattacks Thursday, a government official has said more cases have come to light, CBS News’ Justice and Homeland Security correspondent Jeff Pegues reports.

Revelation about new cases of attempted or potentially successful cyber intrusions came just days after the Obama administration announced a series of actions in response to what the White House called “the Russian government’s aggressive harassment of U.S. officials and cyber operations aimed at the U.S. election.” In addition to sanctions announced on Thursday, 35 Russian diplomats have been expelled from the United States.

While President Obama and most congressional Republicans have denounced Russia for its alleged election interference, President-elect Donald Trump has been reluctant to do so, even after FBI Director James Comey and Director of National Intelligence James Clapper backed the CIA’s conclusion that Russia interfered. The CIA said in December it has high confidence that Russians tried to influence the election and that they favored Mr. Trump.

“I know a lot about hacking,” Mr. Trump said before his New Years Eve party at Mar-a-Lago Saturday night. “And hacking is a very hard thing to prove. So it could be somebody else. And also – I know things that other people don’t know – and so they cannot be sure of the situation.”

Mr. Trump promised new information on Tuesday or Wednesday. But Sean Spicer, the Trump transition’s spokesman, seemed to walk that back.

“Well it’s not a question of necessarily revealing, remember the president-elect is privy to a lot of classified information, intelligence reports, he gets briefed by his national security team on a daily basis,” Spicer said, speaking on CNN.

It is unclear, however, where Mr. Trump or his national security team are getting their intelligence reports. All U.S. intelligence agencies are in agreement that the Russian government with the blessing of Russian President Vladimir Putin orchestrated “aggressive” cyberattacks prior to and during the U.S. election.

Back to Top

Chinese Information Warfare: The Panda That Eats, Shoots, and Leaves

The Washington Free Beacon, 3 Jan 17, Bill Gertz

The year is 2028. It is August and the weather is hot. People’s Liberation Army (PLA) Col. Sun Kangzhou and three highly trained special operations commandos from the Chengdu military region in southern China are sitting in two vehicles outside a Wal-Mart Supercenter in rural Pennsylvania about 115 miles northeast of Pittsburgh. Dressed in jeans, t-shirts, and work boots, the men appear to be just like any construction workers. In fact, Colonel Sun and his men are members of the elite Falcon special forces team. One of the vehicles is a heavy-duty pickup truck with a trailer carrying a large backhoe. The other is a nondescript blue sedan. The commandos’ target today is not a military base but something much more strategic.

It has been two weeks since the deadly military confrontation between a Chinese guided-missile destroyer and a U.S. Navy P-8 maritime patrol aircraft thousands of miles away in the South China Sea. The 500-foot-long Luyang II missile warship Yinchuan made a fatal error by firing one of its HHQ-9 long-range surface-to-air missiles at the P-8 as it flew some 77 miles away. The militarized Boeing 737 had been conducting a routine electronic reconnaissance mission over the sea, something the Chinese communist government in Beijing routinely denounces as a gross violation of sovereignty. The Chinese missile was tracked by the P-8’s sensors after a radar alarm signal went off, warning of the incoming attack. The advance sensor warning allowed the P-8 pilot to maneuver the jet out of range of the missile. The crew watched it fall into the sea. Fearing a second missile launch, the pilot ordered the crew to fire back. The aircraft bay doors opened and an antiship cruise missile, appropriately named SLAM-ER, for Standoff Land Attack Missile-Expanded Response, took off. Minutes later, the missile struck the ship, sinking the vessel and killing most of the crew.

The South China Sea incident, as the military encounter was called, was just the kind of military miscalculation senior American military leaders feared would take place for years, as China’s military forces over the years had built up military forces on disputed islands and gradually claimed the entire strategic waterway as its maritime territory.

Following the South China Sea incident, U.S.-China tensions reached a boiling point with threats and counterthreats, including official Chinese government promises of retaliation. In Washington, phone calls to Chinese political leaders went unanswered. Beijing streets were filled with thousands of protesters in what were carefully orchestrated government-run demonstrations denouncing America. The demonstrators were demanding payback for sinking the warship. Tensions were the highest in history and threatened to end the peaceful period since the two major trading partners shelved their ideological differences beginning in the 1980s.

Colonel Sun and his team are now striking back in ways the United States would never suspect. The sabotage mission they have embarked on is unlike any conducted before and is one that China’s military over the past two decades has been secretly training to carry out: an information warfare attack on the American electrical power grid.

Chinese military intelligence hackers, after decades of covert cyber intrusions into American industrial control computer networks, have produced a detailed map of the United States’ most critical infrastructure—the electrical power grid stretching from the Atlantic to the Pacific and north and south between Canada and Mexico.

Unbeknownst to the FBI, CIA, or National Security Agency, the Chinese have discovered a strategic vulnerability in the grid near the commandos’ location. The discovery was made by China’s Unit 61398, the famed hacker group targeted in a U.S. federal grand jury indictment more than a decade earlier, which named five of the unit’s PLA officers. The officers and their supporters had laughed off the Americans’ legal action as just another ineffective measure by what Beijing believed had become the weakened “paper tiger” that was the United States.

The raid is code-named Operation Duanlu—Operation Short-Circuit—and was approved by the Communist Party of China Central Military Commission a day earlier. The commission is the ultimate power in China, operating under the principle espoused by People’s Republic of China founder Mao Zedong, who understood that political power grows from the barrel of a gun.

The two commandos in the truck drive off to a remote stretch of highway several miles away to a point that was previously identified near a large hardwood tree that has grown precariously close to a key local power line. The truck drives by the tree, whose roots have been weakened on the side away from the power lines by the commandos weeks earlier. The backhoe arm pushes the tree over and into the power lines, disrupting the flow of electricity and shutting down power throughout the area.

At precisely the same time as the tree strikes the power lines, Colonel Sun sits in the car, boots up a laptop computer, and with a few keystrokes activates malicious software that has been planted inside the network of a nearby electrical substation. The substation is one of the most modern power centers and is linked to the national grid through “smart grid” technology designed to better automate and operate the U.S. electrical infrastructure. The smart grid technology, however, has been compromised years earlier during a naïve

U.S. Energy Department program to cooperate with China on advanced electrical power transmission technology. The Chinese cooperated, and they also stole details of the new U.S. grid system and provided them to Chinese military intelligence.

Once in control of the substation’s network, Colonel Sun sets in motion a cascading electrical power failure facilitated by cyberattacks but most important carried out in ways that prevent even the supersecret National Security Agency, America’s premier cyber-intelligence agency, from identifying the Chinese cyberattackers and linking them to Beijing. The agency never recovered from the damage to its capabilities caused years earlier by a renegade contractor whose charges of illegal domestic spying led to government restrictions on its activities that ultimately prevent the agency from catching the Chinese before the electrical infrastructure cyberattack. For political leaders, the devastating power outage is caused by a tree in Pennsylvania, leading to a cascading power outage around the nation.

The Chinese conducted the perfect covert cyberattack, which cripples the United States, throwing scores of millions of Americans into pre-electricity darkness for months. Millions of deaths will ensue before Washington learns of the Chinese military role and, rather than fight back, makes a humiliating surrender to all Beijing’s demands—withdrawal of all U.S. military forces from Asia to areas no farther west than Hawaii, and an end to all military relationships with nations in Asia.

The above scenario is fictional. Yet the devastation a future information warfare attack would have on critical infrastructures in the United States is a real and growing danger.

No other nation today poses a greater danger to American national security than China, a state engaged in an unprecedented campaign of information warfare using both massive cyberattacks and influence operations aimed at diminishing what Beijing regards as its most important strategic enemy. Yet American leaders remain lost in a Cold War political gambit that once saw China as covert ally against the Soviet Union. Today the Soviet Union is gone but China remains a nuclear-armed communist dictatorship on the march.

From an information warfare stance, China today has emerged as one of the most powerful and capable threats facing the United States. By May 2016 American intelligence agencies had made a startling discovery: Chinese cyber-intelligence services had developed technology and network penetration skills allowing them to control the results of Internet searches conducted on Google’s world-famous search engine. By controlling one of the most significant Information Age technologies used in refining and searching the massive ocean of data on the internet, the Chinese are now able to control and influence what millions of users in China see when they search using Google. Thus a search for the name Tiananmen—the main square in Beijing, where Chinese troops murdered unarmed prodemocracy protesters in June 1989—can be spoofed by Chinese information warriors into returning results in which the first several pages make no reference to the massacre. The breakthrough is similar to the kind of totalitarian control outlined in George Orwell’s novel Nineteen Eighty-Four with the creation of a fictional language called Newspeak, which was used to serve the total dominance of the state.

Technically, what China did was a major breakthrough in search engine optimization—the art and science of making sites appear higher or lower in search listings. The feat requires a high degree of technical skill to pull off and would require learning the secret algorithms—self-contained, step- by-step computer search operations—used by Google. The intelligence suggests that Chinese cyberwarfare researchers had made a quantum leap in capability by actually gaining access to Google secrets and machines and adjusting the algorithms to make sure searches are produced according to Chinese information warfare goals.

Those goals are to promote continued rule by the Communist Party of China and to attack and defeat China’s main enemy: the United States of America. Thus Chinese information warriors can continue the lies and deception that China poses no threat, is a peaceful country, does not seek to take over surrounding waterways, and does not abuse human rights, and that its large-scale military buildup is for purely defensive purposes.

The dominant battle space for Chinese information warfare programs is the internet, using a combination of covert and overt means. The most visible means of attack can be seen in Chinese media that is used to control the population domestically, and to attack the United States, Japan, and other declared enemies through an international network of state-controlled propaganda outlets, both print and digital, that have proved highly effective in influencing foreign audiences. One of the flagship party mouthpieces is China Daily, an English-language newspaper with a global circulation of 900,000 and an estimated 43 million readers online. China Central Television, known as CCTV, operates a 24-hour cable news outlet as well to support its information warfare campaigns.

One of the most damaging Chinese cyberattacks against the United States was the theft of federal employee records in the Office of Personnel Management (OPM) in 2015. That attack took place after an earlier private sector cyber strike against millions of medical records held by the major health-care provider Anthem.

The data theft included the massive loss of 21.5 million records. Worse, the OPM delicately announced that among those millions of stolen records was “an incident” affecting background investigation records, among some of the most sensitive information in the government’s possession used in determining eligibility for access to classified information.

It was a security disaster for the millions who held security clearances and were now vulnerable to Chinese intelligence targeting, recruitment, and neutralization. A senior U.S. intelligence official briefed on the classified details of the OPM told me that the early technical intelligence analysis of the data theft revealed that it was part of a PLA military hacking operation. “It is fair to say this is a Chinese PLA cyberattack,” said the official, adding that the conclusion was based on an analysis of the software operating methods used to gain access to the government network.

The threat was not theoretical. In the months after the OPM breach, several former intelligence officials began receiving threatening telephone calls that authorities believe stemmed from the compromised information obtained from OPM background investigation data hacked by the Chinese.

The response by the Obama administration to the Chinese hacking was to ignore it, despite appeals from both national security officials and private security experts that immense damage was being done to American interests and that something needed to be done to stop the attacks.

The White House, however, under Obama had adopted a see-no-evil approach to Chinese hacking that would endure throughout his administration and border on criminal neglect. On several occasions, Obama and his key White House aides were presented with proposals for proactive measures against the Chinese designed to send an unmistakable signal to Beijing that the cyberattacks would not be tolerated. Intelligence officials revealed to me that beginning in August 2011, a series of policy options were drawn up over three months. They included options for conducting counter-cyberattacks against Chinese targets and economic sanctions against key Chinese officials and agencies involved in the cyberattacks. The president rejected all the options as too disruptive of U.S.-China economic relations. Obama never explained why he refused to take action against China, but he clearly rejected anything that might make the United States appear as a world leader and power.

By the summer of 2015, the group of sixteen U.S. intelligence agencies—including the CIA, DIA, and NSA—that make up what is called the intelligence community weighed in on the growing threat of strategic cyberattacks against the United States. In their top-secret National Intelligence Estimate, the consensus was that as long as the continued policy of not responding remained in place, the United States would continue to be victimized by increasingly damaging cyber- attacks on both government and private sector networks. A strong reaction was essential.

Chinese cyberattacks have been massive and have inflicted extreme damage to U.S. national security.

Among the exotic Chinese information weapons Beijing plans to use in a future conflict are holographic projectors and laser-glaring arms that can present large unusual images in the skies above enemy forces that would simulate hallucinations among troops on the ground, according to one recent translated Chinese military report on the subject.

Traditional propaganda also will be used, including “public opinion propaganda and PSYWAR weapons to execute psychological attacks against the enemy, so as to disrupt the enemy command decision making, disintegrate the enemy troop morale, and shake the enemy’s will to wage war,” according to recently translated Chinese military writings.

Stefan Halper, a Cambridge University professor and editor of Pentagon study on Chinese information warfare, told me the Chinese are far more advanced than the Pentagon in the art of information war. “We’re in a period where it’s not whose army wins. It’s whose story wins, and the Chinese figured that out very quickly,” Halper says. “They’re way ahead of us in this. We’re in an age where nuclear weapons are no longer usable. They understand that. We keep nattering on about nuclear capabilities, and shields and so on, but it’s really quite irrelevant.”

As Jake Bebber, a U.S. Cyber Command military officer, put it, the threat from China and its strategy of seeking the destruction of the United States have been misunderstood by the U.S. government and military. “China seeks to win without fighting, so the real danger is not that America will find itself in a war with China, but that America will find itself the loser without a shot being fired,” he wrote in a report for the Center for International Maritime Security.

In the future, an American president must come to the realization that the decades-long policy of appeasing and accommodating the communist regime in Beijing is not just contrary to American national interests, but is in fact advancing a new strategic threat to free and democratic systems everywhere.

Retired army lieutenant general and former DIA director Michael Flynn, the incoming White House national security adviser, has criticized the failure to understand Information Age threats and respond to them forcefully.

“Until we redefine warfare in the age of information, we will continue to be viciously and dangerously attacked with no consequences for those attackers,” he told me. “The extraordinary intellectual theft ongoing across the U.S.’s cyber-critical infrastructure has the potential to shut down massive components of our nation’s capabilities, such as health care, energy, and communications systems. This alone should scare the heck out of everyone.”

China today employs strategic information warfare to defeat its main rival: the United States. China’s demands to control social media and the Internet are part of its information warfare against America and must be resisted if free and open societies and the information technology they widely use are to prevail. China remains the most dangerous strategic threat to America—both informationally and militarily.

Back to Top

Thai army to recruit civilian ‘cyber warriors’ following Anonymous’ onslaught on government sites

Civilian experts will reportedly be employed to assist the army in combating cybercrime.

International Business Times, 4 Jan 17, India Ashok

The Thai army is reportedly planning to recruit civilian “cyber warriors” in efforts to boost the government’s ability to respond to cyber threats. Civilian experts are slated to be employed to assist the government in combating cybercrime, as well as help the government improve its systems, according to reports.

Thai army commander-in-chief Chalermchai Sittisat said: “We don’t have enough personnel with expertise in cyber security. Therefore, we need to recruit civilians for our centre, who can manage it properly and earn a reasonable salary,” the Bangkok Post reported.

The junta’s move follows a recent series of cyberattacks, reportedly mounted by the hacktivist group Anonymous, in retaliation for Thailand passing a newly amended cyber law, widely considered to be restrictive to users’ internet freedom.

Anonymous’ OpSingleGateway campaign saw many major Thai government websites, including the Thai defence ministry website, temporarily knocked offline.

General Chalermchai reportedly acknowledged the challenges in tracking down and apprehending hackers, given their far-reaching global networks. He stressed, however, that the cyberattacks had not resulted in causing any major damage to databases.

The army chief dismissed concerns over potential spies being recruited, possibly leading to classified information being leaked. He stressed that applicants would go through rigorous background checks before they were hired.

The move follows a recent series of cyberattacks, reportedly mounted by the hacktivist group Anonymous, in retaliation for Thailand passing a newly amended cyber lawiStock.

A pseudonymous hacker called “Blackplans”, claiming to be associated with Anonymous and its assault against the Thai government, told IBTimes UK that the campaign now appears to have gathered steam from its “original purpose” of protesting against “a single, easily monitorable internet gateway into and out of Thailand, into an op focusing on a myriad of freedom of speech issues within the country.”

The hacker said: “OpSingleGateway and Anonymous’ involvement in Thailand has been ongoing for well over a year now, along with F5Cyberarmy and Citizens Against Single Gateway.”

Commenting on the new restrictive cyber law, the hacker said: “The CCA (Computer Crime Act) makes it illegal to possess any data ordered deleted by the government. This is quite literally Big Brother tactics from 1984; a modern society cannot function with these dictatorial restrictions in place, anyone could unknowingly break the law.

“Similarly there are no court orders required for the authorities to demand user data from Thai businesses, there is no oversight. The Army Cyber Centre of Thailand has even publicly threatened that people criticising the CCA could be arrested; they leave no room for debate.”

Authorities have arrested several suspects believed to be linked to the cyberattacks. However, it still remains unclear as to how many suspects remain in custody. The army is also believed to have backed a Facebook page, created to launch a counterattack against the hacktivist group, as well as to inform the public about the amended cyber law, the Asian Correspondent reported.

Back to Top

IDF Reveals Model City Used to Train Cyber Defense Units

The Algemeiner, 3 Jan 17, Shiryn Ghermezian

The Israel Defense Forces (IDF) revealed on Monday one of the devices it uses to teach cyber defense units how to confront hacker-attacks.

The IDF’s C4I Directorate created a “Sim City,” a platform on which there is a model town, with residential and commercial areas, a railroad system, runway, military base, missile defense system, stock market, electricity grid and a radio station. Each part of the model city is used to simulate a different cyber attack, and IDF programmers practice keeping it safe from threats.

In one scenario, for example, hackers infiltrate the computers of the stock market and cause a financial crisis. In another, terrorists hack into the computers guiding Israel’s missile defense system.

IDF Corporal Hagar, a commander at the IDF’s Cyber Defense 101 training course, said Sim City “challenges and teaches our soldiers in an interesting way. We really want to show and emphasize the fact that the cyber world is also a physical world, and that there are real consequences when information and access falls into the wrong hands.”

Cpl. Hagar said that hacking poses a major global threat, explaining, “IDF activity is based on a huge amount of different computer systems. If someone manages to hack these systems, he will have access to passwords, data, information about people, the layout of our forces, and more.

Back to Top


Trump derides intel briefing on ‘so-called’ Russian hacking

CNN, 4 Jan 17, Unattributed

President-elect Donald Trump took to Twitter Tuesday evening to deride the US intelligence agencies due to brief him on alleged Russian hacking of American political groups.

It was his latest attack on a key body he will rely on as commander in chief and again put him at odds with the agencies’ unanimous conclusion that Russia hacked Democratic Party groups and individuals to interfere in the US presidential election.

Trump suggested that intelligence officials postponed an ” ‘intelligence’ briefing on so-called ‘Russian hacking’ ” that they were set to deliver to him this week because they might need more time “to build a case.” He called the alleged delay “very strange.”

Trump tweeted Wednesday, “Julian Assange said ‘a 14 year old could have hacked Podesta’ – why was DNC so careless? Also said Russians did not give him the info!”

Trump said last week that he would receive an intelligence briefing on the Russian breaches this week and suggested it would come early on, telling reporters on New Year’s Eve that they would know more about the subject “Tuesday or Wednesday.”

But US intelligence officials disputed Trump’s tweet alleging a delay.

Top US intelligence officials have been scheduled to brief Trump on the full report on Russian hacking President Barack Obama ordered once it was completed, but the meeting was not set to take place until later in the week, according to US officials.

The meeting was never scheduled for Tuesday, as even Obama has yet to receive the full-fledged briefing on the Russian hacking, one US official said.

And a US intelligence official told CNN that Director of National Intelligence James Clapper was never scheduled to be in New York City, where Trump is, on Tuesday — and was perplexed about the “delay” Trump claimed was taking place.

Trump on Tuesday did receive a classified intelligence briefing — the Presidential Daily Briefing — which Trump has elected to receive only sporadically. But it did not dive deeply into the Russian hacking.

US officials briefed on the matter said Clapper, National Security Agency Director Adm. Mike Rogers, FBI Director James Comey and CIA Director John Brennan are scheduled to attend the meeting with Trump providing him details on the Russian hacking.

While Obama met with the heads of US intelligence agencies in his first weeks as president-elect, Trump has yet to do so eight weeks after he was elected, which US offici

Show more