21st Century War?

For discussion of religion and politics

Moderators: LawBeefaroni, $iljanus

Post Reply
User avatar
Pyperkub
Posts: 23583
Joined: Mon Dec 13, 2004 5:07 pm
Location: NC- that's Northern California

21st Century War?

Post by Pyperkub »

I'm surprised no-one's talking about the first front of what could be a more important war than the conflict with Al Qaeda:

China vs. Google (basic Google press release, with associated bombshells in civil language.

The basics are that it appears as if China/Chinese hackers were caught trying to hack the google accounts of Chinese dissidents and their sympathizers, as well as attemptint to steal Google source code.

And the State Department's response:
Hillary Rodham Clinton, Secretary of State wrote:We have been briefed by Google on these allegations, which raise very serious concerns and questions. We look to the Chinese government for an explanation. The ability to operate with confidence in cyberspace is critical in a modern society and economy. I will be giving an address next week on the centrality of internet freedom in the 21st century, and we will have further comment on this matter as the facts become clear.
Some commentary and analysis:

Assessing Google's showdown with China: Does it make sense?:
The key points (Techmeme):

* The attack was coordinated and focused on 20 large companies and some appear to be confirming that they were also involved.
* The aim of this attack was to get the Gmail accounts of Chinese human rights activists.
* The attack also focused on U.S., China and Europe-based Gmail accounts that supported human rights in China.
* Google is way public about this attack and its reaction to them.
* Google says it won’t continue to censor search results and may just shut down operations in China.

Reading all of this laid out in a blog post can be summed up in one word: Wow.
The Google news: China enters its Bush-Cheney era:
- The significance for Google is of the "last straw" variety. For years, the company has struggled to maintain the right path in China...

...if a major U.S. company -- indeed, Google has been ranked the #1 brand in the world -- has concluded that, in effect, it must break diplomatic relations with China because its policies are too repressive and intrusive to make peace with, that is a significant judgment.
Google detonates the China corporate communications script:
The first half of the post discusses alleged hacking attempts on Google, apparently with the aims of both recovering Google source code and accessing the Gmail accounts of dissidents. But the second half of the post is more interesting.
In an era where there are international corporations which are more powerful than some nations and information can be king, the largest country in the world has attacked the largest information provider in the world.
Last edited by Pyperkub on Thu Nov 09, 2017 3:01 pm, edited 1 time in total.
Black Lives definitely Matter Lorini!

Also: There are three ways to not tell the truth: lies, damned lies, and statistics.
User avatar
Defiant
Posts: 21045
Joined: Tue Oct 12, 2004 11:09 pm
Location: Tongue in cheek

Re: 21st Century War? China vs Google

Post by Defiant »

...if a major U.S. company -- indeed, Google has been ranked the #1 brand in the world -- has concluded that, in effect, it must break diplomatic relations with China because its policies are too repressive and intrusive to make profit with, that is a significant judgment.
Fixed that.
User avatar
LawBeefaroni
Forum Moderator
Posts: 55316
Joined: Fri Oct 15, 2004 3:08 pm
Location: Urbs in Horto, outrageous taxes on everything

Re: 21st Century War? China vs Google

Post by LawBeefaroni »

It was touched in the Baidu hack thread. I didn't feel like starting a new one.

But since you've done the honors, I'll just say that I thought they had succeded, not just attempted. From what I read, some dissidents' accounts were compromised. Either way, it's a bold move by China. It's a foolish one too.
" Hey OP, listen to my advice alright." -Tha General
"No scientific discovery is named after its original discoverer." -Stigler's Law of Eponymy, discovered by Robert K. Merton

MYT
User avatar
noxiousdog
Posts: 24627
Joined: Tue Oct 12, 2004 11:27 pm
Contact:

Re: 21st Century War? China vs Google

Post by noxiousdog »

Nade wrote:
...if a major U.S. company -- indeed, Google has been ranked the #1 brand in the world -- has concluded that, in effect, it must break diplomatic relations with China because its policies are too repressive and intrusive to make profit with, that is a significant judgment.
Fixed that.
I don't think that's a fair shake here. They still have quite a market share in China, and the fallout is likely that they'll have to give that up. I don't know how many Chinese internet users there are but 25% of however many is a lot. It's certainly profitable.

More importantly is that they came public with this, while the 20 other companies have done nothing as far as we know.
Black Lives Matter

"To wield Grond, the mighty hammer of the Federal Government, is to be intoxicated with power beyond what you and I can reckon (though I figure we can ball park it pretty good with computers and maths). Need to tunnel through a mountain? Grond. Kill a mighty ogre? Grond. Hangnail? Grond. Spider? Grond (actually, that's a legit use, moreso than the rest)." - Peacedog
User avatar
Pyperkub
Posts: 23583
Joined: Mon Dec 13, 2004 5:07 pm
Location: NC- that's Northern California

Re: 21st Century War? China vs Google

Post by Pyperkub »

One thought off the top of my head - who's better equipped to handle the threat from Chinese hackers, the US Gov't or Google? And if so desired, retaliate?
Black Lives definitely Matter Lorini!

Also: There are three ways to not tell the truth: lies, damned lies, and statistics.
User avatar
Zarathud
Posts: 16437
Joined: Fri Oct 15, 2004 10:29 pm
Location: Chicago, Illinois

Re: 21st Century War? China vs Google

Post by Zarathud »

Pyperkub wrote:One thought off the top of my head - who's better equipped to handle the threat from Chinese hackers, the US Gov't or Google? And if so desired, retaliate?
Bet on the Googlebomb, beyatch.
"If the facts don't fit the theory, change the facts." - Albert Einstein
"I don't stand by anything." - Trump
“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.” - John Stuart Mill, Inaugural Address Delivered to the University of St Andrews, 2/1/1867
“It is the impractical things in this tumultuous hell-scape of a world that matter most. A book, a name, chicken soup. They help us remember that, even in our darkest hour, life is still to be savored.” - Poe, Altered Carbon
User avatar
The Preacher
Forum Moderator
Posts: 13037
Joined: Mon Nov 01, 2004 11:57 am

Re: 21st Century War? China vs Google

Post by The Preacher »

I'm still struggling to discover why this is more important than a terrorist organization that actually wants to physically harm US citizens.
You do not take from this universe. It grants you what it will.
User avatar
Pyperkub
Posts: 23583
Joined: Mon Dec 13, 2004 5:07 pm
Location: NC- that's Northern California

Re: 21st Century War? China vs Google

Post by Pyperkub »

The Preacher wrote:I'm still struggling to discover why this is more important than a terrorist organization that actually wants to physically harm US citizens.
Allegedly Northrop Grumman and Dow Chemicals were 2 of the 20 companies also attacked. Two pretty well known Defense contractors...
Black Lives definitely Matter Lorini!

Also: There are three ways to not tell the truth: lies, damned lies, and statistics.
User avatar
stessier
Posts: 29819
Joined: Tue Dec 21, 2004 12:30 pm
Location: SC

Re: 21st Century War? China vs Google

Post by stessier »

noxiousdog wrote:
Nade wrote:
...if a major U.S. company -- indeed, Google has been ranked the #1 brand in the world -- has concluded that, in effect, it must break diplomatic relations with China because its policies are too repressive and intrusive to make profit with, that is a significant judgment.
Fixed that.
I don't think that's a fair shake here. They still have quite a market share in China, and the fallout is likely that they'll have to give that up. I don't know how many Chinese internet users there are but 25% of however many is a lot. It's certainly profitable.
Google said the effect would be immaterial . An analyst estimated pulling out would reduce revenues by $600 million. They had revenues off $22 billion last year.
I require a reminder as to why raining arcane destruction is not an appropriate response to all of life's indignities. - Vaarsuvius
Global Steam Wishmaslist Tracking
Running____2014: 1300.55 miles____2015: 2036.13 miles____2016: 1012.75 miles____2017: 1105.82 miles____2018: 1318.91 miles__2019: 2000.00 miles
User avatar
noxiousdog
Posts: 24627
Joined: Tue Oct 12, 2004 11:27 pm
Contact:

Re: 21st Century War? China vs Google

Post by noxiousdog »

stessier wrote:
noxiousdog wrote:
Nade wrote:
...if a major U.S. company -- indeed, Google has been ranked the #1 brand in the world -- has concluded that, in effect, it must break diplomatic relations with China because its policies are too repressive and intrusive to make profit with, that is a significant judgment.
Fixed that.
I don't think that's a fair shake here. They still have quite a market share in China, and the fallout is likely that they'll have to give that up. I don't know how many Chinese internet users there are but 25% of however many is a lot. It's certainly profitable.
Google said the effect would be immaterial . An analyst estimated pulling out would reduce revenues by $600 million. They had revenues off $22 billion last year.
That's 3% of their current revenue in a market growing at least 10% a year.
Black Lives Matter

"To wield Grond, the mighty hammer of the Federal Government, is to be intoxicated with power beyond what you and I can reckon (though I figure we can ball park it pretty good with computers and maths). Need to tunnel through a mountain? Grond. Kill a mighty ogre? Grond. Hangnail? Grond. Spider? Grond (actually, that's a legit use, moreso than the rest)." - Peacedog
User avatar
Pyperkub
Posts: 23583
Joined: Mon Dec 13, 2004 5:07 pm
Location: NC- that's Northern California

Re: 21st Century War? China vs Google

Post by Pyperkub »

WaPo article today.:
The recent attacks seem to have targeted companies in strategic industries in which China is lagging, industry experts said. The attacks on defense companies were aimed at gaining information on weapons systems, experts said, while those on tech firms sought valuable source code that powers software applications -- the firms' bread and butter.
PS, the confirmed list is now 34 companies...
Black Lives definitely Matter Lorini!

Also: There are three ways to not tell the truth: lies, damned lies, and statistics.
User avatar
LordMortis
Posts: 70101
Joined: Tue Oct 12, 2004 11:26 pm

Re: 21st Century War? China vs Google

Post by LordMortis »

"The recent cyber-intrusion that Google attributes to China is troubling, and the federal government is looking into it," White House spokesman Nick Shapiro said.
In China, news about Tuesday's public rebuke by Google was heavily censored except for a stinging opinion piece in the official People's Daily that called the Silicon Valley tech giant a "spoiled child" and predicted that it would not follow through on its ultimatum.
Whose government is looking into things how quickly?
User avatar
Pyperkub
Posts: 23583
Joined: Mon Dec 13, 2004 5:07 pm
Location: NC- that's Northern California

Re: 21st Century War?

Post by Pyperkub »

Updated topic title in light of the Russian interference in the US elections as well as this item:
A plan for the United Arab Emirates to wage financial war against its Gulf rival Qatar was found in the task folder of an email account belonging to UAE Ambassador to the United States Yousef al-Otaiba and subsequently obtained by The Intercept.

The economic warfare involved an attack on Qatar’s currency using bond and derivatives manipulation. The plan, laid out in a slide deck provided to The Intercept through the group Global Leaks, was aimed at tanking Qatar’s economy...

...a scheme to drive down the value of Qatar’s bonds and increase the cost of insuring them, with the ultimate goal of creating a currency crisis that would drain the country’s cash reserves...

...There is no conclusive evidence the plan has been initiated, nor that it will ever be launched — and the current pressure Qatar’s currency is under as a result of an ongoing blockade imposed by the UAE means those direct, overt steps may be more effective economic sabotage than anything the slides outline. Additionally, the publication of this story means the secrecy the plan says it requires no longer exists...

...The new project comes amid — and, if implemented, would escalate — a regional crisis that reached new heights in June, when the UAE and Saudi Arabia led a bloc of Gulf nations in blockading and cutting off diplomatic relations with Qatar. U.S. Secretary of State Rex Tillerson recently faulted the blockading countries for intransigence, but President Donald Trump has largely taken the opposite approach, emboldening Saudi Arabia and the Emirates at the expense of Qatar, which is home to one of the largest overseas U.S. military bases in the world. Tillerson traveled to the region on October 20 in the latest effort to defuse the crisis...

...The economic blockade has already directly impacted Qatar’s economy, decimating trade, travel, and finance flows in and out of the country. Qatar’s sovereign wealth fund recently brought $20 billion back to the country to prop up the country’s banking system, and the country’s currency is already showing signs of financial stress...

...Banque Havilland is best known for its role in a previous incarnation in the bankruptcy of Iceland, from which it sprung as a new bank out of the Luxembourg branch of the Icelandic bank Kaupthing, and for a willingness to work with controversial clients, such as Nigerian tycoon Kola Aluko...

...The documents were provided to The Intercept by an opaque group that calls itself Global Leaks. Over the summer, Global Leaks began distributing emails from Otaiba’s inbox to media outlets, including The Intercept. Little is known about the organization, but the Global Leaks operatives use a .ru email account, which suggests they are either Russian or attempting to give that impression. Global Leaks claims it is not connected to the Russian government or any other government.

Global Leaks said it received the documents from sources connected to Banque Havilland, a claim The Intercept investigated and found had merit, though other possibilities — such as a hacking operation — can’t definitively be ruled out
Black Lives definitely Matter Lorini!

Also: There are three ways to not tell the truth: lies, damned lies, and statistics.
User avatar
Pyperkub
Posts: 23583
Joined: Mon Dec 13, 2004 5:07 pm
Location: NC- that's Northern California

Re: 21st Century War?

Post by Pyperkub »

Things getting more serious:
In August, a petrochemical company with a plant in Saudi Arabia was hit by a new kind of cyberassault. The attack was not designed to simply destroy data or shut down the plant, investigators believe. It was meant to sabotage the firm’s operations and trigger an explosion.

The attack was a dangerous escalation in international hacking, as faceless enemies demonstrated both the drive and the ability to inflict serious physical damage. And United States government officials, their allies and cybersecurity researchers worry that the culprits could replicate it in other countries, since thousands of industrial plants all over the world rely on the same American-engineered computer systems that were compromised.
Black Lives definitely Matter Lorini!

Also: There are three ways to not tell the truth: lies, damned lies, and statistics.
User avatar
Holman
Posts: 28907
Joined: Sun Oct 24, 2004 8:00 pm
Location: Between the Schuylkill and the Wissahickon

Re: 21st Century War?

Post by Holman »

Seems like a good place for this: Cyberattacks Put Russian Fingers on the Switch at Power Plants, U.S. Says.

This is no longer speculative.
The Trump administration accused Russia on Thursday of engineering a series of cyberattacks that targeted American and European nuclear power plants and water and electric systems, and could have sabotaged or shut power plants off at will.

United States officials and private security firms saw the attacks as a signal by Moscow that it could disrupt the West’s critical facilities in the event of a conflict.

They said the strikes accelerated in late 2015, at the same time the Russian interference in the American election was underway. The attackers had compromised some operators in North America and Europe by spring 2017, after President Trump was inaugurated.

In the following months, according to a Department of Homeland Security report issued on Thursday, Russian hackers made their way to machines with access to critical control systems at power plants that were not identified. The hackers never went so far as to sabotage or shut down the computer systems that guide the operations of the plants.

Still, new computer screenshots released by the Department of Homeland Security on Thursday made clear that Russian state hackers had the foothold they would have needed to manipulate or shut down power plants.
Much prefer my Nazis Nuremberged.
User avatar
Blackhawk
Posts: 43501
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: 21st Century War?

Post by Blackhawk »

You know in the movies, when the protagonist and antagonist meet alone somewhere, and we know that the protagonist is holding all the cards? And then, suddenly, two dozen red dots appear on his chest, and all that bravado fades away as you realize that the bad guy owns the protagonist and can put him down on a whim.

That's us.
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
User avatar
Holman
Posts: 28907
Joined: Sun Oct 24, 2004 8:00 pm
Location: Between the Schuylkill and the Wissahickon

Re: 21st Century War?

Post by Holman »

Blackhawk wrote: Fri Mar 16, 2018 4:43 pm You know in the movies, when the protagonist and antagonist meet alone somewhere, and we know that the protagonist is holding all the cards? And then, suddenly, two dozen red dots appear on his chest, and all that bravado fades away as you realize that the bad guy owns the protagonist and can put him down on a whim.

That's us.
The best hope is that this is another M.A.D. situation: they can do it to us, but we can also do it to them.
Much prefer my Nazis Nuremberged.
User avatar
Pyperkub
Posts: 23583
Joined: Mon Dec 13, 2004 5:07 pm
Location: NC- that's Northern California

Re: 21st Century War?

Post by Pyperkub »

Kaspersky tracking the US Security Agencies efforts...
The U.S. government and Russian cybersecurity giant Kaspersky Lab are currently in the throes of a nasty legal fight that comes on top of a long-running feud over how the company has conducted itself with regard to U.S. intelligence-gathering operations.

A recent Kaspersky discovery may keep the feud alive for years to come.

CyberScoop has learned that Kaspersky research recently exposed an active, U.S.-led counterterrorism cyber-espionage operation. According to current and former U.S. intelligence officials, the operation was used to target ISIS and al-Qaeda members.

On March 9, Kaspersky publicly announced a malware campaign dubbed “Slingshot.” According to the company’s researchers, the campaign compromised thousands of devices through breached routers in various African and Middle Eastern countries, including Afghanistan, Iraq, Kenya, Sudan, Somalia, Turkey and Yemen.
Black Lives definitely Matter Lorini!

Also: There are three ways to not tell the truth: lies, damned lies, and statistics.
User avatar
LordMortis
Posts: 70101
Joined: Tue Oct 12, 2004 11:26 pm

Re: 21st Century War?

Post by LordMortis »

They should call in Baron. He's the best at Cyber.

With regard to infrastructure, why are key controls connected to the Internet at all? Even through layers and layers of DMZs and Firewalls? It it too expensive to man our infrastructure 24 hours a day and keep a human layer between its computer controls and the Internet's computer controls? How far back do we have to go to learn that lesson? The 70s forward? 50 years and we're still going OKOKOK, I got it. First the powder then the wadding then the shot....
User avatar
Paingod
Posts: 13132
Joined: Wed Aug 25, 2010 8:58 am

Re: 21st Century War?

Post by Paingod »

LordMortis wrote: Tue Mar 27, 2018 9:10 amIt it too expensive to man our infrastructure 24 hours a day and keep a human layer between its computer controls and the Internet's computer controls?
I don't think it's expense as much as efficiency.

I'm really not sure where you'd insert a human influence to try and thwart cyber attacks. Power grids need to communicate, I'm sure, on an instantaneous level to make sure power supply volumes are handled consistently and outages are bypassed immediately. I've heard that the US runs a huge mish-mash of different systems, so standardized options are out - but it also means no one can really effectively take them all out at once.

If the "safe" alternative to what we have now means dealing with surges, brownouts, and hours of lost power anytime something happens, I'll take what we have now.
Black Lives Matter

2021-01-20: The first good night's sleep I had in 4 years.
User avatar
Remus West
Posts: 33592
Joined: Mon May 09, 2005 5:39 pm
Location: Not in Westland

Re: 21st Century War?

Post by Remus West »

Why do power grids need to communicate with terminals outside their own grid? I think that a closed system would be safer. No working from home for power grid employees. Get to the office because that is where the only option for accessing the power network is.

Admittedly I'm not a tech guy but if we can invest in a wall to prevent the horde of Mexicans from coming shouldn't we be able to invest in the fiber optics to build a closed network for the grid?
“As democracy is perfected, the office of president represents, more and more closely, the inner soul of the people. On some great and glorious day the plain folks of the land will reach their heart's desire at last and the White House will be adorned by a downright moron.” - H.L. Mencken
malchior
Posts: 24794
Joined: Wed Oct 13, 2004 12:58 pm

Re: 21st Century War?

Post by malchior »

Remus West wrote: Tue Mar 27, 2018 1:59 pm Why do power grids need to communicate with terminals outside their own grid? I think that a closed system would be safer. No working from home for power grid employees. Get to the office because that is where the only option for accessing the power network is.

Admittedly I'm not a tech guy but if we can invest in a wall to prevent the horde of Mexicans from coming shouldn't we be able to invest in the fiber optics to build a closed network for the grid?
Funny you should ask - I used to do this for a living. There are a lot of reasons to connect the grid - with some risks and some trade offs inherent to doing so. First off building a totally private network is cost prohibitive, doesn't guarantee safety as Stuxnet proved, and would make operations difficult. In reality at some point you need to update equipment and people will carry executables into the environment anyway to do so. There is no true air gap in a digital world.

So why do it? The big upside is centralized monitoring of equipment and filling the plant/grid historians with operations data. There are thousands of sensors in plants/transmission infrastructure/etc. They provide data to improve efficiency and reliability of the grid. On top the grid has to be perfectly balanced between generation and load. This requires communication with the ISO. The ISO decides who generates power and how much to deliver at any moment. Also the operating organizations in the sector need to know how much they are generating or transmitting to develop pricing models, manage the supply chain of fuel, and many other purposes. The grid operators need to know what segments of the grid are up and operating, how much load is on them, and available capacity. This is part of how they've driven down generation costs over time though natural gas prices are a big driver.

What are the cons? Hacks! Viruses! Ransomware! Power plants are full of old stuff. Very old stuff. Power plant people often stake out a don't fix it if it ain't broke model of the universe. So they'll have systems that haven't been updated in decades. Often because they aren't supported any more and have no price effective replacements. Yes - I know that is super comforting. They often get walled off behind layers of firewalls at well-run organizations.

So what is being done since these networks are connected to other systems? The big ones are the NERC/CIP standards. That stands for North American Electricity Reliability Corporation Critical Infrastructure Protection. They layout out controls that require organizations to designate critical infrastructure, detail how they'll protect it, reporting requirements if attacked, etc. They are generally well thought out and comprehensive with some minor issues.

The NERC standards have been pretty good at driving security gains but variance in adoption is pretty high due to some regional enforcement differences which I won't go into in depth. Essentially there are regional entities responsible for auditing adherence to NERC/CIP requirements. This has led to some big organizations having to deal with regional flavors of NERC compliance. That has introduced additional complexity into already complex environments. On top, some of the controls are underdeveloped and others overdeveloped. NERC has been iterating through this but the process is pretty slow. Power plants are fairly complex, typically old, so documenting them is a bit of a nightmare. There are inevitably gaps in them that sometimes lead to issues.

Those issues are being wrung out but more could be done and despite the headline events the true adverse events are far and few between. So the trade off is generally seen as reasonable at this time. That'll likely change if someone turns out all the lights but we'll see if that happens.
User avatar
Pyperkub
Posts: 23583
Joined: Mon Dec 13, 2004 5:07 pm
Location: NC- that's Northern California

Re: 21st Century War?

Post by Pyperkub »

ISO = Independent System Operator (I didn't know that, though I'd heard the term thrown around a lot with regards to the Power Grid). Figured I'd share.
Black Lives definitely Matter Lorini!

Also: There are three ways to not tell the truth: lies, damned lies, and statistics.
User avatar
Remus West
Posts: 33592
Joined: Mon May 09, 2005 5:39 pm
Location: Not in Westland

Re: 21st Century War?

Post by Remus West »

and now I know. Thank you. :D
“As democracy is perfected, the office of president represents, more and more closely, the inner soul of the people. On some great and glorious day the plain folks of the land will reach their heart's desire at last and the White House will be adorned by a downright moron.” - H.L. Mencken
Post Reply