Category Archives: CNA

Patriot Hacker The Jester’s Libyan Psyops Campaign

https://www.infosecisland.com/blogview/12745-Patriot-Hacker-The-Jesters-Libyan-Psyops-Campaign.html

It appears as if the patriot hacker known as The Jester (th3j35t3r) may have embarked on his own psyops campaign aimed at breaking the spirit of the troops loyal to Libyan strongman Muammar Gaddafi.

Having conducted several interviews with the hacktivist, and spent dozens of hours in IM chats, I would venture to say that his motivation probably stems from his patriotism and oft expressed concern for the lives of European and American military personnel who may be in put harm’s way if the conflict in Libya persists.

Based on the contents of the planted articles, it seems the operation is intended to simply erode the morale of the Gaddafi loyalists and inspire some to either desert their posts or defect and join the opposition.

th3j35st3r is the proof of concept of the Civilian Irregular Information Operator.

4 Comments

Filed under CNA, Heroes, IW, PSYOP

Information Warfare: North Korea And The Cyber Bandits

Information Warfare: North Korea And The Cyber Bandits.

Comments Off

Filed under CNA

Civilian Irregular Computer Network Attackers Noticed by @Strategypage

Information Warfare: We Are Not Amused.

China [is] one of many nations taking advantage of the Internet to encourage, or even organize, patriotic Internet users to obtain hacking services. This enables the government to use (often informally) these thousands of hackers to attack targets (foreign or domestic.) These government organizations arrange training and mentoring to improve the skills of group members. Turkey has over 45,000 of hackers organized this way, Saudi Arabia has over 100,000, Iraq has over 40,000, Russia over 100,000 and China, over 400,000. While many of these Cyber Warriors are rank amateurs, even the least skilled can be given simple tasks. And out of their ranks will emerge more skilled hackers, who can do some real damage. These hacker militias have also led to the use of mercenary hacker groups, who will go looking for specific secrets, for a price. Chinese companies are apparently major users of such services, judging from the pattern of recent hacking activity, and the fact that Chinese firms don’t have to fear prosecution for using such methods.

The U.S. has one of the largest such informal militias, but there has been little government involvement. That is changing. The U.S. Department of Defense, increasingly under hacker attack, is now organizing to fight back, sort of. Taking a page from the corporate playbook, the Pentagon is sending off many of its programmers and Internet engineers to take classes in how to hack into the Pentagon. Not just the Pentagon, but any corporate, or private, network. It’s long been common for Internet security personnel to test their defenses by attacking them. Some “white hat hackers” (as opposed to the evil “black hat hackers”) made a very good living selling their attack skills, to reveal flaws, or confirm defenses. Seven years ago, this was standardized with the establishment of the EC (E Commerce Consultants) Council, which certified who were known and qualified white hat hackers. This made it easier for white hats to get work, and for companies to find qualified, and trustworthy, hackers to help with network security. Now the Department of Defense is paying to get members of its Internet security staff certified as white hats, or at least trained to be able to do what the black hats do, or recognize it. While many in the Department of Defense have been calling for a more attack-minded posture, when it comes to those who are constantly attacking Pentagon networks, the best that can be done right now is to train more insiders to think, and operate, like outsiders.

Sending a GS-11 dues paying member of the AFGE, AFL-CIO, off to hacker school ought to give them mad skilz, fer sure.

The Regulars recruit highly intelligent, physically fit, patriotic young people in to the Armed Forces. The recruiting standards are so high few young Americans can meet them. The stereotypical fat, dope-smoking, basement-dwelling script kiddie with Cheeto-stained fingers can’t be turned into a presentable facsimile of a soldier, sailor, airman or Marine in a reasonable amount of time in this all-volunteer Politically Correct era, and in this economy the Regulars’ ability to recruit credentialed IT professionals in to the Federal Civil Service is only as good as the budget the Republican Congress appropriates for them. That also impacts the Regular’s ability to hire Civilian Irregular Information Auxiliaries from Private Military Contractors.

Regular .gov/.mil information assurers/computer network defenders/information operators can’t be given enough autonomy from the bureaucracy to compete with all the cyber criminals and anti-American cyber patriots attacking our networks. The Bad Guys will always be more opportunistic, flexible, adaptable and imaginative than Regular Good Guys will ever be allowed to be.

1 Comment

Filed under CNA, Info Warriors, IW

Anonymous and Tunisia: A New Cyber Warfare?

Anonymous and Tunisia: A New Cyber Warfare?.

Anonymous certainly didn’t bring down the Tunisian government, and it may not have even altered the landscape of the Tunisian media. But its digital-collective involvement in an intrinsically domestic conflict was undeniably a first. Inspired by the struggles of a repressed Tunisian citizenry, a stateless, international group of free-speech advocates took it upon themselves to engage in a still-undefined form of guerilla warfare. Their tactics are unproven, and their success is undetermined.

Comments Off

Filed under CNA, G-2, Info Warriors, IW, PSYOP

» Muslim World Uprisings Demonstrate Why Government Involvement with the Internet is a BAD Idea – Big Government

» Muslim World Uprisings Demonstrate Why Government Involvement with the Internet is a BAD Idea – Big Government.

Comments Off

Filed under CNA, Idea War, PSYOP

In the chatroom with the cyber guerrillas

In the chatroom with the cyber guerrillas

Global chaos is not Anonymous’ aim. As the WikiLeaks and Tunisia cases show, the group targets specific institutions and its attacks are designed to temporarily delay more than destroy. Think of them not as acts of cyber war but as high-profile guerrilla strikes.

Comments Off

Filed under CNA, Cyber Guerrilla Chieftains, IW, PSYOP Auxiliaries

We live in a world where a few top-quality hackers can accomplish a considerable amount of damage at the national and strategic level.

Cyberwar Case Study: Georgia 2008 ( http://smallwarsjournal.com/blog/journal/docs-temp/639-hollis.pdf )

Read the whole thing, then come back and think about:

. . . There was another historically unique and critical aspect to the fighting – the emergence of synchronized cyberspace domain actions as an intelligence indicator for strategic, operational, and tactical level military operations. Unlike the (alleged) Russian cyberattack upon Estonia in 2007, the (alleged) Russian cyberattack on Georgia was accompanied by physical domain combat between Russian and Georgian military forces. The (alleged) Russian network attack operations in virtual cyberspace occurred prior to hostilities and later mirrored (apparently synchronized with) Russian combat operations in the land warfighting domain.7 These attacks included various distributed denial of service (DDOS) attacks to deny/disrupt communications and information exfiltration activities conducted to accumulate military and political intelligence from Georgian networks. These attacks also included web site defacement for Russian propaganda purposes.8 One of the first elements of Georgian society that were attacked was a popular hacker forum – by attempting to take out Georgian hackers, Russian-supported hacker militia preemptively tried to forestall or mitigate a counter-attack (or returning fire) from Georgian hackers.9 What is not widely known is that pro-Georgian hackers made limited but successful network counter-attacks against Russian targets.10 Hacker wars between (often quite talented) patriotic amateur hackers, cyber militias, and organized criminal gangs have become a widely accepted de facto form of nation-state conflict over the past twenty years (for example: Israeli vs Arab/Muslim (Sept 2000), India vs Pakistan, US vs China (April-May 2001), Russian vs Estonia (April-May 2007), etc…). These non-governmental national assets are generally used for the traditional purposes of imposing one nation’s will and conditions upon another.

Two and a half years later and we can only allege? That’s the plausible deniability irregular information operators offer.

One of the first targets of enemy Civilian Irregular Information Operators will be friendly Civilian Irregular Information Operators.

What are some of the operational and intelligence lessons that can be drawn from these conclusions? First, for Russia or China to employ their people’s patriotic ‘hacker militia’ to conduct a network attack against a target nation-state, they must engage them first – to motivate and ‘sell’ them on the concept; steer them toward appropriate targets; synchronize those cyberspace operations with combat activity in the physical realm; and discuss the most effective cyberspace tactics, techniques and procedures (TTPs) to be used. The patriotic hackers and cyber militias need to be focused by the aggressor government against the opponent‟s center of gravity and their activities to be synchronized with attacks against that center of gravity from the other domains. These hackers and cyber militias need to understand the opponent‟s center of gravity in order to develop cyberspace domain approaches and techniques to effectively attack it. These preliminary cyberspace activities often create an identifiable signature that can be tracked and monitored in advance of combat operations. Nations need to monitor hacker chat rooms and communications of potential aggressor nations in order to intercept and understand this activity.

How would the United States employ our people’s patriotic ‘hacker militia’?
What arm of the fedgov.mil octopus could engage them, motivate and ‘sell’ them on the concept, steer them toward appropriate targets; synchronize those cyberspace operations with combat activity in the physical realm; and discuss the most effective cyberspace tactics, techniques and procedures (TTPs) to be used?

Nobody in our .gov/.mil could overtly engage them without suffering political retribution from Legislative/Executive branch elements that do not want American patriotic hacker militias engaged. That leaves former or retired .gov/.mil beyond the reach of retribution, and contractors that don’t get much political oversight.

Russian-oriented hackers/militia took out news and local government web sites specifically in the areas that the Russian military intended to attack in the ground and air domains. The Federal and local Georgian governments, military, and local news agencies were unable to communicate with Georgian citizens that were directly affected by the fighting. This provided an intelligence indicator of the ground and air attack locations. It created panic and confusion in the local populace, further hindering Georgian military response. This effect also provides a future aggressor nation with an opportunity to conduct military deception operations via feints and ruses to mislead the target nation population, government, and military. A sudden „blackout’ of cyberspace activities in a specific region may provide an indicator of a tactical or operational level conventional attack. Or it could be used as a sophisticated cyberspace operation as part of a larger deception plan, creating a feint in the cyberspace domain to lure opposing forces into believing an attack is imminent in another warfighting domain. Use of patriotic hackers and cyberspace militia themselves might be a deception effort to attract the target nation‟s attention away from the aggressor nation‟s top-quality military and intelligence community cyberspace operators that quietly conduct the main effort in the overall cyberspace domain operation.

Are we even allowed to use MILDEC anymore? Could any U. S. MILDEC’ers work by, with and through American patriotic hackers and cyberspace militia?

In future combat, aggressor nation patriotic hacker militia can be called upon to conduct cyberspace fire & maneuver operations performed directly in support of forces in other domains, They could also be extensively utilized to conduct deception efforts in cyberspace in support of operations in the other domains or to act as a distraction for other cyberspace operations conducted by government professionals against target nation high value targets (HVT).

UPDATE 012911: This Week at War: Lessons from Cyberwar I

5 Comments

Filed under CNA, CND, Info Warriors, IW, PSYOP Auxiliaries