Trump elevates Cyber Command, setting the stage for NSA separation – The Verge

The Trump administration this week elevated the US Cyber Command to a Unified Combatant Command, in a long-awaited move that underscores the growing importance of cyber warfare.

The decision, announced Friday, puts the Cyber Command on par with nine other combat commands, and may lead to its separation from the National Security Agency (NSA). In a statement, President Trump said that Secretary of Defense James Mattis will examine the possibility of separating the Cyber Command and the NSA, and that he will announce recommendations at a later date.

This new Unified Combatant Command will strengthen our cyberspace operations and create more opportunities to improve our Nations defense, Trump said in the statement. The elevation of United States Cyber Command demonstrates our increased resolve against cyberspace threats and will help reassure our allies and partners and deter our adversaries.

Trump says the move will streamline command and control of time-sensitive cyberspace operations.

Trump also said that the move will streamline command and control of time-sensitive cyberspace operations, and that it will ensure that critical cyberspace operations are adequately funded.

Proposals for creating an independent Cyber Command were first made under the Obama administration, with supporters arguing that the units mandate was sometimes at odds with the NSAs intelligence gathering operations particularly with regard to the fight against ISIS.

Cyber Command was created as a sub-unit of the US Strategic Command, with a mandate to conduct cyber warfare and defend government networks. Navy Admiral Michael Rogers currently leads both Cyber Command and the NSA.

Read the rest here:

Trump elevates Cyber Command, setting the stage for NSA separation – The Verge

Related Post

Related:

Operation Battleship

Exclusive: New evidence Russia or Chinese hackers may have used cyber warfare in deadly U.S. navy crashes that claimed as many as seventeen lives in the Pacific this year.

The USS John McCain was on a routine voyage to Singapore through the Straits of Malacca on Saturday after conducting a sensitive “freedom of navigation mission” in the South China Sea. The Malacca Strait connects the Pacific and Indian Oceans and is the main thoroughfare for trade between the world’s biggest economies. Nearly 100,000 vessels pass through it each year, accounting for about one-quarter of the world’s traded goods. With so much traffic, it’s not the kind of route one sails without every precaution.

“When you are going through the Strait of Malacca, you can’t tell me that a Navy destroyer doesn’t have a full navigation team going with full lookouts on every wing and extra people on radar,” Jeff Stutzman, chief intelligence officer at Wapack Labs told McClatchy.

As the USS John McCain, entered the strait, the 338-man crew on the bridge faced multiple system failures. First the main steering mechanism failed to respond. Then, the back up system failed. The ship’s rudder was completely unusable.

Still, the experienced crew on board should have been able to guide the ship by altering the speed of the ship’s propellers. Perhaps they were trying that when the unthinkable happened. The 600-ft Liberian flagged oil tanker Alnic MC smashed into the warship’s rear left. The “rear-end collision” is an indicator the US vessel was not at fault. Satellite tracking also shows the Alnic MC unexpectedly veered sharply left at around that time.

The Alnic MC ripped into the USS John McCain’s side below the waterline and bore into the warship’s hull. Water flooded the machinery, communication rooms, sleeping quarters and an area on the vessel known as “shaft alley”. Ten crew members were reported missing, presumed drowned. Four injured sailors were medically evacuated to Singapore with non-life threatening injuries. The fifth sailor did not need further medical attention.

After the McCain limped back to shore, the US navy called for a rare one or two day pause in operations.

This is the third major accident involving a naval vessel from the Japanese-based Seventh fleet and the fourth incident involving U.S. vessels in the Pacific Ocean around Japan Singapore and China:

  • On January 31, the USS Antietam ran aground while sailing along the Japanese coastline.
  • On May 9, the USS Lake Champlain was struck by a South Korean fishing boat.
  • On June 17, seven US sailors died after a container ship collided into the USS Fitzgerald into the USS Fitzgerald.

“I don’t believe in coincidence,” Itay Glick, a cybersecurity expert and former Israeli intelligence agent told Australian media. “Both USS McCain and USS Fitzgerald were part of the Seventh Fleet, there is a relationship between these two events and there may be a connection.” he said.

Exclusive: The new evidence Russian or Chinese hackers may have used cyber warfare in four deadly U.S. navy crashes that claimed as many as seventeen lives in the Pacific this year.
Damage to the portside of the Guided-missile destroyer USS John S. McCain. Picture: US Navy/GettySource:Getty Images

Russian-based hackers recently tested a GPS “spoofing” device to trick 20 ships in the Black Sea into believing they were somewhere else.

Surprisingly, hacking a marine vessel is relatively easy. A group of cybersecurity researchers recently discovered “the configuration of certain ships’ satellite antenna systems leaves them wide open to attack,” Jack Morse wrote in Mashable. “Anyone who gained access to the system in question, and was so inclined, could manually change a ship’s GPS coordinates or possibly even brick the boat’s navigation system entirely by uploading new firmware.”

On June 22, a Russian-based hacker was able to infiltrate the GPS systems of 20 vessels in the eastern part of the Black Sea. The hackers were able to reprogram the ships’ navigation equipment, making it appear that the vessels were 20 miles inland, near an airport.

“We saw it done in, I would say, a really unsubtle way, a really ham-fisted way. It was probably a signal that came from the Russian mainland,” says Todd Humphreys of the University of Texas. On June 27, a worldwide hack of shipping giant A.P. Moller-Maersklead forced the company to deploy manual tracking of vessels.

Even car and passenger planes can be easily hacked and controlled remotely. Security experts recently took control of a Jeep Cherokee from ten miles away; the hackers were able to turn off the engine and apply the brakes, veering the car off the road. They did this via the software built into the dashboard of the manufacturer Fiat Chrysler’s cars. “There is already a lot of interest in cyber protection of cars and autonomous vehicles. We can deduce from that, there might be a way to control ships and airplanes,” Mr Glick told Australian media. “Whenever control of the vessel is done by computer, or navigation is done by computer, there is a big risk for a cyber attack on that computer.”

The US Defense Department is under constant attack by enemy hackers and utilizes vulnerable software.

The U.S. military is a tougher nut for hackers to crack than a car or plane, but it hasn’t stopped many from trying and succeeding. The Department of Defense alone experiences 41 million scans, probes and attacks per month. “The Navy Networking Environment consists of more than 500,000 end user devices; an estimated 75,000 network devices (servers, domain controllers); and approximately 45,000 applications and systems across three security enclaves,” Vice Adm. Jan Tighe, commander of U.S. Fleet Cyber Command told congress in 2015.

In recent years, the military has sought an operational advantage over its enemies by creating a more connected eco-system. It has contracted private Silicon Valley companies to link formerly isolated systems together. Once independent systems now rely on each other to link together our warfighters, ships, submarines, aircraft, land-based command centers and distant satellites.

One such system is Palantir, which has close ties to former National Security Adviser Lt-General Michael Flynn (a compromised Russian asset) and is founded by Peter Thiel, the PayPal founder who is allied to mercenary Erik Prince. Palantir has been criticized for its security vulnerability.

In March, U.S. counterintelligence officials warned that Russians had embedded malware into messages sent to the Defense Department’s 10,000 Twitter users. The message topics were specifically targeted to users’ unique interests – from sports to entertainment – but when clicked, the links took users to a Russian-controlled server that downloaded a malware allowing Russian hackers to take control of the victim’s phone or computer. The Department of Defense until recently also used Kaspersky Lab, a Russian built anti-virus software which has a built-in “back door” allowing Russian Intelligence to access vital networks.

Exclusive: The new evidence Russian or Chinese hackers may have used cyber warfare in four deadly U.S. navy crashes that claimed as many as seventeen lives in the Pacific this year.
The USS John McCain had just completed a “freedom of navigation” mission in the South China Sea where China has been building an artificial island and military outpost.

China and Russia have the capability to carry out a cyber hack on a vessel.

It’s not just Russia which has the capability of hacking navigation systems, as it did in the Black Sea last month. The location of the recent U.S. naval crashes in the Pacific Ocean suggest a possible link to China. When the USS John McCain was struck in the Straits of Malacca on Saturday, it was returning from a what the navy terms a “freedom of navigation” mission. This means it came within 12 nautical miles of an artificial island built by China in the “South China Sea”.

Nine days before the crash of the USS John McCain which may have killed 10 sailors, a US Navy official told Reuters the warship traveled close to Mischief Reef in the Spratly Islands. China has territorial disputes with its neighbors over the area, and the U.S. considers the man-built island an attempt to impede global trade and travel. The “freedom of navigation” mission undertaken by the USS John McCain was the third this year and comes at a time that the U.S. is seeking China’s help in North Korea.

Itay Glick, the cybersecurity expert and former Israeli intelligence agent believes countries like Russia and China may have the capability to launch an attack on the warships. “China has capabilities, maybe they are trying things, it is possible,” he said.

While the U.S. Navy initially dismissed the idea of a cyber attack, Chief of Naval Operations US Admiral John Richardson later tweeted there is a possibility the ship may have been the target of a hack. “[Regarding the] possibility of cyber intrusion or sabotage, [there are] no indications right now … but review will consider all possibilities,” he tweeted.

2 clarify Re: possibility of cyber intrusion or sabotage, no indications right now…but review will consider all possibilities

— Adm. John Richardson (@CNORichardson) August 21, 2017

Any investigation would have to consider two possible cyber attacks. The first on the navigation system of the oil tanker Alnic MC’s navigation system would have veered the ship off path and into the USS John McCain. The second would have disabled the USS McCain’s steering capability and its backup prior to the crash.

Who would have the capability of such a coordinated dual attack? Likely only a nation state like Russia or China with grudges to bear and the cyber warfare capability to expedite such an attack. Why? Other than the human, financial and tactical toll, such an attack would weaken America’s resolve at a time of crisis or could even provoke U.S. retaliation.

Like this:

LikeLoading…

Related:

Scientists encode computer virus into DNA

In essence, deoxyribonucleic acid, or DNA for short, is a genetic database for storing information. This genetic database forms the masterplan for the building blocks of all living things from a cellular level all the way to organs and tissues. Utilising its fundamental basis of data storage, scientists have been leveraging this mechanism to encode DNA to store other forms of information such as books, audio recordings and images. As research and experimentation on DNA storage begins to grow, so does the potential to store a greater variety of data and programs. One such example is the University of Washington’s recent foray into encoding DNA with a computer virus that is fully active.

Writing a virus into DNA

Wherein most digital data is stored in a binary coding system of 1s and 0s, DNA stores its data in the form of a quaternary nucleotides: adenine (A), guanine (G), thymine (T) and cytosine (C). Knowing this, all the researchers at the Washington team had to convert the quaternary nucleotides into a ‘binary form’ – and sequence the exact code for the computer virus into the DNA’s code.

When those recoded DNA strands were sequenced by a genetic analyser, the computer virus would become active and launch an attack against the computer system. Despite being the first team to successfully arm a DNA sequence with a virus, this success has proven to be a double-edged sword with the success of proving that DNA could be indeed used in the future, as a basis of cyber-attacks.

For now, the virus would only become active when read by a genetic analyser, a machine not commonly seen outside the scientific field.

For now, the virus would only become active when read by a genetic analyser, a machine not commonly seen outside the scientific field.

Nevertheless, the research team remains optimistic about the findings – serving as a precautionary measure of future cyber-attacks and the potential that DNA encoding holds. “The present-day threat is very small, and people don’t need to lose sleep immediately,” says Tadayoshi Kohno, a computer security expert, who led the team. “But we wanted to know what was possible and what the issues are down the line.” Currently, the virus-encoded DNA is only able to affect genetic sequencing machines, which read this exact strand of DNA.

While genetic sequencing has become considerably cheaper and the equipment involved significantly smaller – they remain relatively uncommon in a normal day-to-day setting. They are nowhere near as pervasive as thumb drives or internet files, which are often used to transfer viruses into computer systems. Moreover, the glitch elicited by the DNA virus onto the genetic sequencers can easily be spotted and rectified by the operators of the system – even without prior knowledge of the virus.

DNA – the future cyber weapon?

While the present proof of concept does not ring any major alarm bells; it is the future implications of these DNA viruses, which remain to be the most perturbing. Like any new malware in a cyber arsenal, they often start out benign; but quickly grow into something more malicious as programmers continue to work on and discover their potential.

This growth is compounded further by the exponential growth of computer’s processing power. Early examples of using these virus-encoded DNAs include compromising a crime scene with the DNA. When forensics team analyse the evidence for genetic data, these virus-encoded DNAs may provide false data or even wipeout the existing evidence.

Meanwhile, another creative use of the DNA would be to manipulate an individual’s genetic makeup, as explained by Peter Ney, a member of the research team, “If you can compromise [the sequencing pipeline], you could steal that data, or manipulate it to make it seem like people have genetic diseases they don’t have.”

Last but not least, these virus-encoded DNAs could be used for corporate sabotage especially for those within a scientific and medical field. The inclusion of this DNA into a competitor’s research could render their data wildly incorrect – or, worse still, halt all existing progress to the research. While the future certainly looks grim, the objective of the team was not to create a new cyber-weapon or strike fear in the general populace. Rather, quite the opposite. “We want to understand and anticipate what the hot new technologies will be over the next 10 to 15 years – to stay one step ahead of the bad guys,” echoes Kohno.

The research carried out by Tadayoshi Kohno and his team at the University of Washington have successfully encoded a virus into DNA. While potentially harmful, the virus would only become active when read by a genetic analyzer and, even then, can be counteracted easily. Nevertheless, this proof of concept gives us an idea of how our DNA may be armed in the future as part of the ever growing battle in cyber-warfare. “My hope is that over the next five to 10 years, people take a strong interest in DNA security, and proactively harden their systems against adversarial threats,” says Kohno. “We don’t know of such threats arising yet and we hope that they’ll never manifest.” MIMS

Read more:

New sequencing method finally completes Aedes mosquito genome

5 Singaporean researches seeking to eradicate diseases at the genetic level

Revisiting the Human Genome Project and other health studies for a more holistic view of genetic diseases



References:

https://www.statnews.com/2017/08/10/hacking-genetic-tests/

https://www.theatlantic.com/science/archive/2017/08/these-scientists-took-over-a-computer-by-encoding-malware-in-dna/536361/

http://dnasec.cs.washington.edu/dnasec.pdf

https://techcrunch.com/2017/08/09/malicious-code-written-into-dna-infects-the-computer-that-reads-it/

https://www.technologyreview.com/s/608596/scientists-hack-a-computer-using-dna/

Related:

Could USS McCain Have Been the Victim of Cyber Warfare?

With the craziness of the news cycle this week, it’s only natural that with a downturn in interest in the Confederate Monument story, that the Fake News Industrial Complex (FNIC) would find a new story to talk about.

The next scandal in line for the presidency most hated in the media happens to involve a US senator: John McCain. But not the person this time around, even though I’m sure he’s just champing at the bit for an opportunity to get in front of those MSNBC and CNN cameras to talk further about the incompetence of this president, this story involves his namesake: the guided-missile destroyer USS John McCain.

The naval vessel collided yesterday with a merchant vessel oil tanker that actually rammed into the side of the destroyer, breaching its hull and kill multiple sailors and injuring others. The full damage has not yet been assessed, but is ongoing.

What is damning to this report, however, is the fact that the vessels collided in calm waters with high visibility. In an age of modern military equipment, it seems inconceivable that one of our naval vessels could be “sneaked up” on by a commercial ship.

A recent investigation into electronics parts from China may provide investigators with an answer to this mystery. According to the Gateway Pundit, a Senate investigation committee looked into the sale of substandard “counterfeit” electronics parts that were being sold to the US military at full price as original equipment. What was discovered was a complete surprise.

On Monday the USS John S. McCain suffered serious damage to its hull when it was rammed by an oil tanker near Singapore.

The seas were calm and the visibility was unrestricted at the time of the collision.

FOX News reported:

The seas were relatively calm, and visibility was unrestricted. The bow of the container ship, the Philippine-flagged ACX Crystal, slammed into the Fitzgerald’s right side above the waterline, quickly flooding several areas inside the ship, including a berthing, or sleeping, area.

Seven sailors drowned.

According to FOX News, the US military ordered an investigation to determine the factors behind the collision – including a review into the possibility of “cyber intrusion or sabotage.”

This was the fourth Navy collision of this type since January.

A senate investigation in 2012 found over one million counterfeit parts used in the US military.

CNN reported:

The results of a more-than-year-long Senate investigation into counterfeit parts being used in U.S. military equipment were released Monday and – as they had from the start – investigators are putting most of the blame on China.

The committee reviewed in detail approximately 1,800 cases of suspect counterfeit parts. All told, the 1,800 cases involved more than 1 million counterfeit parts.

Which begs the question: Is it possible that China has been selling these substandard faulty electronics parts for the pure purposes of sabotaging our US navy and its equipment?

With cyber-warfare becoming a larger part of the overall landscape in possibility, the question should be taken seriously by our intel community. If not for these parts, could our Navy be operating with a clean bill of health in the way of accident-free exercises?

The next logical question is why the United States has not invested more in Silicon Valley for these parts to be produced here in this country? We have the means, the people available to work, the technology, and the resources. Isn’t it time to give our American technology companies the nod to produce 100% of our military-grade electronics?

Perhaps that’s a bit simple, but I believe you get where I’m going with this. The time has come where we need to bring these technology jobs back to the United States and quit attempting to make it sound like this is a situation that requires nuance. 10 sailors are dead, many more injured, and millions of dollars worth of damage to our naval vessel.

If that’s not enough of a reason to begin this work in America, I don’t know what is.

Cyber suspicions floated after latest ship collision

USS John S. McCain (Navy photo by Petty Officer 3rd Class James Vazquez)

Cyber suspicions floated after latest ship collision

  • By Matt Leonard
  • Aug 22, 2017

When the Navy destroyer John S. McCain crashed into an oil tanker off the coast Singapore on Aug. 7, it was the second Navy ship to collide with a commercial vessel this summer. The cause of the crash is under investigation, and the possibility that it could have been a “cyber intrusion or sabotage” has not been ruled out.

Chief of Naval Operations Adm. John Richardson said on Twitter that there was no indication that the wreck was caused by a cyberattack, but that the “review will consider all possibilities.”

A Navy official told CNN that the McCain suffered a steering failure as it was beginning its approach to the Strait of Malacca, a narrow waterway through with some 100,000 boats pass each year.

But others wonder how such a collision could happen.

Jeff Stutzman, an ex-information warfare specialist in the Navy who works at Wapack Labs, told McClatchy that it looks like “something more than just human error going on because there would have been a lot of humans to be checks and balances.” And in a busy waterway like the

Strait of Malacca, ships usually take every precaution in terms of navigation, he said.

“Statistically, it looks very suspicious, doesn’t it?” Todd E. Humphreys, a GPS expert and professor at the University of Texas at Austin told CSO.

In 2013 Humphreys and his students used GPS spoofing to take control of a 65-meter, $80 million super yacht in the Ionian Sea to illustrate the potential risks of relying on GPS signals for navigation.

While it’s not clear at this point what caused the collision, the Navy is certainly aware that ships are vulnerable to cyberattacks and has taken steps to harden its onboard systems.

Earlier this year, the Navy hosted a Hack-Our-Ship event in which private-sector hackers tried to penetrate the security systems of U.S. Navy warships.

In one challenge, hackers tried to penetrate ship systems through Booz Allen Hamilton’s “boat in a box” software, which simulates the systems that are used to control Navy fleets, including communication interfaces, automatic recognition systems that prevent collisions and weather satellite radio systems.

Navigation issues were addressed at the hackathon with a sprint that identified safer alternatives to GPS for maritime Precision Navigation and Timing.

The GPS signals used for navigation are relatively weak, making signal spoofing a serious concern. GPS jamming and spoofing have become so prevalent and potentially disruptive to public safety that the Department of Homeland Security has been conducting First Responder Electronic Jamming Exercises for the last two years.

In April, DHS’ Science and Technology Directorate invited manufacturers of commercial GPS receivers used in critical infrastructure test their equipment in a rarely available live-sky spoofing environment.

And some politicians and advocates support a technology called eLoran, which uses radio signals for positioning, to act as a backup for GPS.

About the Author

Matt Leonard is a reporter/producer at GCN.

Before joining GCN, Leonard worked as a local reporter for The Smithfield Times in southeastern Virginia. In his time there he wrote about town council meetings, local crime and what to do if a beaver dam floods your back yard. Over the last few years, he has spent time at The Commonwealth Times, The Denver Post and WTVR-CBS 6. He is a graduate of Virginia Commonwealth University, where he received the faculty award for print and online journalism.

Leonard can be contacted at mleonard@gcn.com or follow him on Twitter @Matt_Lnrd.

Click here for previous articles by Leonard.

Related:

  • No Related Posts

Is Someone Attacking the US Navy?

I’m most known for my research into currency wars, international monetary economics and financial warfare.

But I also jointly run a service, Rickards & Massengill’s Defense Technology Alert, that focuses specifically on the defense sector.

That’s why some recent tragic incidents involving the U.S. Navy have captured my attention.

There have been two deadly incidents within the past two months, in which Navy warships have collided with merchant vessels.

In the first incident, seven sailors were killed in June when the destroyer USS Fitzgerald collided with a cargo ship near Yokosuka, Japan.

Then early yesterday morning, the USS John McCain, a ship just like the Fitzgerald, collided with an oil tanker near the Strait of Malacca, close to Singapore. Sadly, 10 sailors are lost.

What’s going on here?

Is the Navy losing situational awareness? Are the crews not properly trained? Are they not keeping watch?

We don’t know at this point. It’s all under investigation. But there’s one possibility I want to raise, and I want to be very clear about this:

I’m raising the possibility for public debate. It’s speculation on my part; I do not have any hard evidence. So I want to be clear that this is not something based on any actual intelligence I have.

But if there were just one incident, if one civilian vessel had collided with one destroyer, the assumption would be that it was just an accident. Maybe there was some equipment failure or the crew on watch failed to detect the ship for whatever reason.

But when the same basic incident happens twice, you have to raise your eyebrows. When you have a low-probability event that happens twice, in other words, the likelihood of coincidence becomes infinitesimal.

You have to basically multiply one low probability by another low probability, and what you end up with is an extremely remote chance that both events are purely accidental.

Is it possible that our adversaries, whether North Korea or Russia or perhaps even China — who are extremely good at hacking — have hacked into the navigation systems of these civilian vessels?

Could they be using them as, in effect, battering rams or propeller torpedoes to crash into our naval vessels?

I started a discussion about this topic on Twitter. Here’s what I posted:

“Second tragic collision of U.S. warship with merchant vessel raises suspicion of nav system hacking on merchantmen. Are we already at war?”

It received a lot of comments. One was a very interesting comment from former Vermont governor and presidential candidate Howard Dean.

Dean said, “It’s a possibility. I’m not sure if maybe experts talked about this. How about putting some knowledgeable intelligence folks on it?”

I agree completely. Again, I don’t want to jump to conclusions. But we should at least consider the possibility that someone’s combining cyberwarfare with kinetic techniques to attack our ships. In other words, hacking into a system to turn a civilian merchant vessel into a battering ram to attack our vessels remotely.

This is something the Russians have worked on. That’s not speculation. We do have intelligence that the Russians have actually tried techniques like this on vessels in the Black Sea.

I’m not the only one asking questions about these incidents, though. Here’s what a former Navy information warfare specialist and current chief intelligence officer at a cyber intelligence service has to say about yesterday’s collision:

“When you are going through the Strait of Malacca, you can’t tell me that a Navy destroyer doesn’t have a full navigation team going with full lookouts on every wing and extra people on radar.”

He adds:

“There’s something more than just human error going on because there would have been a lot of humans to be checks and balances.”

Again, I want to make it clear: I have no proof that hackers were behind these recent incidents.

And if it’s not true, it would be a relief because the problem would be easier to fix through better training and improved protocols.

Again, it could all just be coincidence. But I don’t think we should ignore these incidents. The odds of these low-probability events taking place in such a limited amount of time at least make you scratch your head.

You can bet the Navy will be doing everything possible to get to the bottom of this.

Regards,

Jim Rickards

for The Daily Reckoning

Related: