Following the killing of Iran IRGC Quds Force chief Qasem Soleimani, Iran may use advanced Chinese cyber tools against Israel or the US, a former top Shin Bet (Israel Security Agency) official told The Jerusalem Post on Tuesday. The official, Dr. Harel Menashri, was a founder of the Shin Bet’s cyber department and is currently the Head of Cyber at the Holon Institute of Technology.
The Post also spoke with former Shin Bet cyber chief Eric Harris Berbing about key cyber issues confronting Israel, with both officials due to appear at the Cybertech conference in Tel Aviv between January 28 and 30. Menashri explained that even the Islamic Republic’s homegrown cyber capabilities had gotten much stronger in recent years, but that it likely has acquired Chinese capabilities, which are even more threatening.“I assume they received new capabilities from China in cyber defense…and China is the strongest in cyber defense. China probably did not give them offensive cyber capabilities [directly]. But when you carry out defensive cyber, you also learn about offensive cyber,” said Menashri. Essentially, Menashri’s point was that Iran could reverse-engineer some of the advanced cyber defense capabilities it likely received from China, which it might not have acquired on its own. Then it could turn them into new, advanced attack capabilities against Israel and the US. This could be particularly worrying in this time period – so soon after Soleimani was killed on January 3 – in which Tehran is still deciding how to retaliate, and against whom.
One benefit of cyber attacks for Iran is that it could give it plausible deniability, that direct use of military force would not afford.
“We need to take their [Iranian leaders] statements seriously…about taking revenge…and with foreign media reports, that maybe Israel was involved in collecting intelligence against Soleimani,” Menashri said, expressing that Iran may want to vent its anger against Israel. Even before the Soleimani issue, Menashri said that he understood that Israel was already fending off approximately eight million cyberattacks per day, many of which came from Iran. In other words, Israel is and must continue to be ready to defend against Iranian cyber attacks, whether there is additional danger after the Soleimani hit or not. Cyber is also an area where Iran can invest very little in terms of funds – at a time when its economy is shaky – while achieving a large upside in causing potential damage. Menashri warned of Iranian cyberattacks on critical infrastructures, such as relating to electricity, water, hospitals, and banks.
Meanwhile, former Shin Bet cyber chief Berbing focused on Tuesday’s reports, that Russian hackers targeted a Ukrainian gas company at the center of the Trump impeachment query in an attempt to recover details regarding the former vice president and 2020 presidential hopeful Joe Biden. The attack is being compared to Russia’s influence operation, to tamper with the 2016 US presidential election through leaking damaging hacked emails from Hilary Clinton’s campaign. First, Berbing qualified that it was possible that “the report itself is part of an influence operation someone wants to carry out against the Russians.”Despite that qualifier, Berbing said, “There is hard evidence that Russia was involved in the US 2016 presidential election, involved in encouraging BREXIT and other elections.” Cyber attacks like those revealed on Tuesday, if part of a broad influence operation, is still a way that Russia can tip elections in the direction it wishes, or generally promote chaos among its Western adversaries, he said. Berbing described the methods used by cyber powers like Russia to cover their tracks as being extremely advanced.
Besides Russia often having the cyberattacks carried out from a different geographic area in order to throw forensic cyber investigators off their scent, Moscow is likely to pay outside cybercriminals to promote the offensive cyber operations. The former Shin Bet official, who also headed its counter-terror division for Jerusalem, Judea, and Samaria, said that Russia has learned even more techniques for erasing any hint of its involvement in recent years. If top cyber officials have previously told the Post that even Russia once left behind traces of Russian language at deep levels of its coding, Berbing said that Moscow now has cut out even such minor errors. In addition, he said that Russian and other major powers’ cyber operations have intelligence analysts intimately woven into their operations so that they know everything about their targets and what makes them tick before they engage. Reports even indicate that the latest Russian attempt to hack the Biden-connected Ukraine company, included Moscow creating mirror versions of the company’s suppliers.
This meant that company employees could have received communications from what looked like trusted, long-time business associates, making it nearly impossible to realize they were being hacked. Berbing said that sometimes the only way that he and other experts discovered Russian or other top cyber power involvement, was comparing the use of similar cyber moves and tactics which were previously used by specific countries. Moreover, he said sometimes errors could be found in complex cultural references which would be harder for even intelligence analysts to help fake. Berbing said the key to combating these highly complex cyber attacks was redundant barriers, to get permission to access sensitive information, or even splitting sensitive information into entirely separate databases.He also said that any organization with sensitive information must constantly update its employees to keep them aware of the morphing methods that hackers may try to use to target them.
‘Most people are much more concerned about an attack they can see and feel, and can’t relate to this idea of a clandestine war’…
For the overwhelming number of Americans who have little interest in adding a war with Iran to the list of ill-advised, modern U.S. military conflicts, this week brought only confusion about what lies ahead. On the one hand, leaders from both countries veered from full-throated antagonism to wary rapprochements, like a pair of guys who’d traded punches outside a bar, but then decided they wanted to head home before things got really ugly.
Yet the international brinkmanship that arguably began when President Donald Trump ordered a Jan. 3 airstrike that killed Iranian Maj. Gen. Qassem Soleimani seems unlikely to have reached its end with Iran’s casualty-free missile attack on U.S. bases in Iraq. Bullets and bombs, after all, are just one way of waging war — inelegant, violent, primitive. Intelligence analysts, cybersecurity experts, and former U.S. officials worry that Iran’s next retaliatory move will be quieter and more sinister: a devastating cyberattack on U.S. infrastructure, or against private companies whose operations are intertwined with so many people’s daily lives. It’s not difficult to conjure visions of blackouts, dead phone lines, or the chaos that could spring from a crippling strike on banking systems. Iran has flirted with such activity before; in 2016, the United States indicted seven Iranians who allegedly knocked off-line the computer networks of nearly four dozen financial institutions, and tried to gain control of a dam’s operational system in Westchester County, N.Y.”Most people are much more concerned about an attack they can see and feel, and can’t relate to this idea of a clandestine war,” said Tom Ridge, the Republican former governor of Pennsylvania, who served as the first U.S. secretary of Homeland Security in the early 2000s.”But there’s a digital war going on that’s basically undeclared, the potential consequences of which — if it gets out of control — are far greater than a physical attack.”
Strikes target Iranian militias on Iraq-Syria border, media blame Israel Ridge knows better than most the challenge of trying to predict a foreign adversary’s next moves. He had to get the newly created Department of Homeland Security off the ground in the first years that followed the attacks of Sept. 11, 2001, a period marked by deep paranoia about additional terrorist plots. His mornings often started in the White House, where he waited with then-FBI Director Robert Mueller and then-Attorney General John Ashcroft to be ushered into the Oval Office. The three men reviewed, with President George W. Bush, the dozens of daily threats that had been gleaned from intelligence-gathering operations.”Were we anxious? Yeah. Some of the threats seemed more credible than others,” Ridge said.”This was 15 years ago. There wasn’t the same concern about terrorists having cyber capabilities.
Fast forward, and now everyone has that capability: nation-states, hackers, terrorists.”In 2009, a U.S. intelligence assessment concluded that Iran had the motivation to carry out a cyberattack of some kind, but lacked the necessary know-how, according to the New York Times. Three years later, Iran was accused of launching a cyberattack against Saudi Aramco, one of the world’s largest oil companies, that wiped out 75% of the data on Aramco’s computers.”We really gained an understanding of how their activities evolved from their activity in the Gulf region,” said Luke McNamara, a principal analyst with FireEye, a California-based cybersecurity firm. “We’ve seen them grow in their capability over the years.”Between 2011 and 2013, Iran directed denial-of-service attacks at 46 companies, including American Express, JPMorgan Chase, Wells Fargo, and AT&T. Customers were unable to access their accounts, sometimes for hours at a time.”I just take it as a foregone conclusion that our enemies know the most vulnerable sectors of our economy,” Ridge said, “where they can do enormous damage.”Global Guardian, an international security and intelligence firm, produced a report for some of its clients in the wake of Soleimani’s death, summarizing some of Iran’s cyber capabilities and methods.
The three-page document was filled with sobering information, according to a copy obtained by The Inquirer. Previous cyberattacks have left Iran with access to millions of computers around the world, Global Guardian found, and the country relies on at least four distinct espionage groups — with names like CopyKittens and APT33 — that each have areas of specific focus, from telecommunication and travel industries to countries that include the United States, Turkey, Germany. and Jordan. One group, Charming Kitten, tries to access email and Facebook accounts of people who work in academia, human rights, and the media. Last weekend, a government website — the Federal Depository Library Program — was hacked, its home page replaced with an image of a fist clobbering Trump in the face, with blood trickling down to his chin. “Hacked by Iran Cyber Security Group!” read part of a message posted on the site
Global Guardian wrote in its report that it would take seven to 10 days “before we begin seeing more sophisticated cyber activity.”But Dale Buckner, the company’s president, and CEO noted that Iran might not want to take credit for a more serious stroke that could invite a heavy military response from the United States. “They can utilize their proxies throughout the world, which could make it really difficult to attribute an attack to Iran,” he said. Buckner wasn’t swayed by the more cautious tone that both U.S. and Iranian officials seemed to adopt after Iran’s missile attacks on U.S. bases in Iraq.”I don’t think that changes the calculus on a cyberattack,” he said. “I don’t think they’ll miss a beat on that.”While the odds seem heavily weighted in favor of Iran pursuing something more serious than digital graffiti on one government website, none of the experts who spoke to The Inquirer seemed ready to stuff their savings under their mattresses or begin hoarding firewood and water bottles. This is simply the new normal — governments and corporations can always expect that someone will be digitally casing their operations, poking and prodding for hidden vulnerabilities that can be exploited at just the right moment. Buckner said the United States had, for a time, lagged behind in its defense of critical infrastructure, like electrical grids, but has “surged in the amount of time, money, and effort dedicated to locking those things down during the last seven or eight years.”Ridge noted that Homeland Security had only a handful of cyber defense experts during his time leading the agency.
“Now they have hundreds.”According to retired U.S. Gen. David Petraeus, the chief question is whether the United States will be moved to “respond with direct attacks on Iranian forces and infrastructure, at a time when the Iranian economy is already seriously damaged by sanctions, and when the Iranian people have already been demonstrating against the regime in very considerable numbers.”The United States will undoubtedly continue its own covert activity, which has found varying degrees of success in recent years. In 2010, a malware attack led by the United States and Israel reportedly caused nearly 1,000 centrifuges in an Iranian nuclear facility to self-destruct. Iran responded by beefing up its cyber capabilities even more.”This,” Ridge said, “is the next dimension of warfare.” Source JP
The Birth Pains Are Growing Stronger….
One of the signs of ruling class collapse is when they can no longer enforce the rules that maintain them as a ruling class. When the Romans started making exceptions to republican governance, it was a matter of time before someone simply decided the rules no longer applied to them. Perhaps the robot historians will consider Obama our Marius or Sulla. Maybe that person is in the near future. Either way, the rule of law is over and what comes next is the rule of men.
“Man will ultimately be governed by God or by tyrants.” as in Nancy Pelosi (D-San Fran-feces)
Our government has been overthrown. As evidenced by Trump’s capitulation on the border, his recent servitude to the GMO industry and his acquiescence to the warmongers, our President has been compromised. Our liberties are being eliminated one by one. Gun confiscation is next. The Constitution is gasping its last breaths. Our borders are destroyed and our culture has been turned upside down by every perversion known to man.
Julian Assange: The CIA director is waging war on truth-tellers like WikiLeaks By Julian Assange Opinions April 25 at 7:39 PM Julian Assange is editor of WikiLeaks. Mike Pompeo, in his first speech as director of the CIA, chose to declare war on free speech rather than on the United States’ actual adversaries.
Sources: JP HNewsWire
cyberattacks, Iran, Shin, Betcyber, security, Qasem Soleimani, cyberWarfare
The number of Orphans aging out of Child Protective Custody has grown at an alarming rate. The 127 Faith Foundation receives many requests each week to house them at our ranch. Our prayer is that the good people of our country will step up to the challenge and offer financial support for "the least among us." We need your help! StevieRay Hansen, Founder, The 127 Faith Foundation