Patriot Hacker The Jester’s Libyan Psyops Campaign

https://www.infosecisland.com/blogview/12745-Patriot-Hacker-The-Jesters-Libyan-Psyops-Campaign.html

It appears as if the patriot hacker known as The Jester (th3j35t3r) may have embarked on his own psyops campaign aimed at breaking the spirit of the troops loyal to Libyan strongman Muammar Gaddafi.

Having conducted several interviews with the hacktivist, and spent dozens of hours in IM chats, I would venture to say that his motivation probably stems from his patriotism and oft expressed concern for the lives of European and American military personnel who may be in put harm’s way if the conflict in Libya persists.

Based on the contents of the planted articles, it seems the operation is intended to simply erode the morale of the Gaddafi loyalists and inspire some to either desert their posts or defect and join the opposition.

th3j35st3r is the proof of concept of the Civilian Irregular Information Operator.

Information Warfare: North Korea And The Cyber Bandits

Information Warfare: North Korea And The Cyber Bandits.

Civilian Irregular Computer Network Attackers Noticed by @Strategypage

Information Warfare: We Are Not Amused.

China [is] one of many nations taking advantage of the Internet to encourage, or even organize, patriotic Internet users to obtain hacking services. This enables the government to use (often informally) these thousands of hackers to attack targets (foreign or domestic.) These government organizations arrange training and mentoring to improve the skills of group members. Turkey has over 45,000 of hackers organized this way, Saudi Arabia has over 100,000, Iraq has over 40,000, Russia over 100,000 and China, over 400,000. While many of these Cyber Warriors are rank amateurs, even the least skilled can be given simple tasks. And out of their ranks will emerge more skilled hackers, who can do some real damage. These hacker militias have also led to the use of mercenary hacker groups, who will go looking for specific secrets, for a price. Chinese companies are apparently major users of such services, judging from the pattern of recent hacking activity, and the fact that Chinese firms don’t have to fear prosecution for using such methods.

The U.S. has one of the largest such informal militias, but there has been little government involvement. That is changing. The U.S. Department of Defense, increasingly under hacker attack, is now organizing to fight back, sort of. Taking a page from the corporate playbook, the Pentagon is sending off many of its programmers and Internet engineers to take classes in how to hack into the Pentagon. Not just the Pentagon, but any corporate, or private, network. It’s long been common for Internet security personnel to test their defenses by attacking them. Some “white hat hackers” (as opposed to the evil “black hat hackers”) made a very good living selling their attack skills, to reveal flaws, or confirm defenses. Seven years ago, this was standardized with the establishment of the EC (E Commerce Consultants) Council, which certified who were known and qualified white hat hackers. This made it easier for white hats to get work, and for companies to find qualified, and trustworthy, hackers to help with network security. Now the Department of Defense is paying to get members of its Internet security staff certified as white hats, or at least trained to be able to do what the black hats do, or recognize it. While many in the Department of Defense have been calling for a more attack-minded posture, when it comes to those who are constantly attacking Pentagon networks, the best that can be done right now is to train more insiders to think, and operate, like outsiders.

Sending a GS-11 dues paying member of the AFGE, AFL-CIO, off to hacker school ought to give them mad skilz, fer sure.

The Regulars recruit highly intelligent, physically fit, patriotic young people in to the Armed Forces. The recruiting standards are so high few young Americans can meet them. The stereotypical fat, dope-smoking, basement-dwelling script kiddie with Cheeto-stained fingers can’t be turned into a presentable facsimile of a soldier, sailor, airman or Marine in a reasonable amount of time in this all-volunteer Politically Correct era, and in this economy the Regulars’ ability to recruit credentialed IT professionals in to the Federal Civil Service is only as good as the budget the Republican Congress appropriates for them. That also impacts the Regular’s ability to hire Civilian Irregular Information Auxiliaries from Private Military Contractors.

Regular .gov/.mil information assurers/computer network defenders/information operators can’t be given enough autonomy from the bureaucracy to compete with all the cyber criminals and anti-American cyber patriots attacking our networks. The Bad Guys will always be more opportunistic, flexible, adaptable and imaginative than Regular Good Guys will ever be allowed to be.

Anonymous and Tunisia: A New Cyber Warfare?

Anonymous and Tunisia: A New Cyber Warfare?.

Anonymous certainly didn’t bring down the Tunisian government, and it may not have even altered the landscape of the Tunisian media. But its digital-collective involvement in an intrinsically domestic conflict was undeniably a first. Inspired by the struggles of a repressed Tunisian citizenry, a stateless, international group of free-speech advocates took it upon themselves to engage in a still-undefined form of guerilla warfare. Their tactics are unproven, and their success is undetermined.

» Muslim World Uprisings Demonstrate Why Government Involvement with the Internet is a BAD Idea – Big Government

» Muslim World Uprisings Demonstrate Why Government Involvement with the Internet is a BAD Idea – Big Government.

In the chatroom with the cyber guerrillas

In the chatroom with the cyber guerrillas

Global chaos is not Anonymous’ aim. As the WikiLeaks and Tunisia cases show, the group targets specific institutions and its attacks are designed to temporarily delay more than destroy. Think of them not as acts of cyber war but as high-profile guerrilla strikes.

We live in a world where a few top-quality hackers can accomplish a considerable amount of damage at the national and strategic level.

Cyberwar Case Study: Georgia 2008 ( http://smallwarsjournal.com/blog/journal/docs-temp/639-hollis.pdf )

Read the whole thing, then come back and think about:

. . . There was another historically unique and critical aspect to the fighting – the emergence of synchronized cyberspace domain actions as an intelligence indicator for strategic, operational, and tactical level military operations. Unlike the (alleged) Russian cyberattack upon Estonia in 2007, the (alleged) Russian cyberattack on Georgia was accompanied by physical domain combat between Russian and Georgian military forces. The (alleged) Russian network attack operations in virtual cyberspace occurred prior to hostilities and later mirrored (apparently synchronized with) Russian combat operations in the land warfighting domain.⁷ These attacks included various distributed denial of service (DDOS) attacks to deny/disrupt communications and information exfiltration activities conducted to accumulate military and political intelligence from Georgian networks. These attacks also included web site defacement for Russian propaganda purposes.⁸ One of the first elements of Georgian society that were attacked was a popular hacker forum – by attempting to take out Georgian hackers, Russian-supported hacker militia preemptively tried to forestall or mitigate a counter-attack (or returning fire) from Georgian hackers.⁹ What is not widely known is that pro-Georgian hackers made limited but successful network counter-attacks against Russian targets.¹⁰ Hacker wars between (often quite talented) patriotic amateur hackers, cyber militias, and organized criminal gangs have become a widely accepted de facto form of nation-state conflict over the past twenty years (for example: Israeli vs Arab/Muslim (Sept 2000), India vs Pakistan, US vs China (April-May 2001), Russian vs Estonia (April-May 2007), etc…). These non-governmental national assets are generally used for the traditional purposes of imposing one nation’s will and conditions upon another.

Two and a half years later and we can only allege? That’s the plausible deniability irregular information operators offer.

One of the first targets of enemy Civilian Irregular Information Operators will be friendly Civilian Irregular Information Operators.

What are some of the operational and intelligence lessons that can be drawn from these conclusions? First, for Russia or China to employ their people’s patriotic ‘hacker militia’ to conduct a network attack against a target nation-state, they must engage them first – to motivate and ‘sell’ them on the concept; steer them toward appropriate targets; synchronize those cyberspace operations with combat activity in the physical realm; and discuss the most effective cyberspace tactics, techniques and procedures (TTPs) to be used. The patriotic hackers and cyber militias need to be focused by the aggressor government against the opponent‟s center of gravity and their activities to be synchronized with attacks against that center of gravity from the other domains. These hackers and cyber militias need to understand the opponent‟s center of gravity in order to develop cyberspace domain approaches and techniques to effectively attack it. These preliminary cyberspace activities often create an identifiable signature that can be tracked and monitored in advance of combat operations. Nations need to monitor hacker chat rooms and communications of potential aggressor nations in order to intercept and understand this activity.

How would the United States employ our people’s patriotic ‘hacker militia’?
What arm of the fedgov.mil octopus could engage them, motivate and ‘sell’ them on the concept, steer them toward appropriate targets; synchronize those cyberspace operations with combat activity in the physical realm; and discuss the most effective cyberspace tactics, techniques and procedures (TTPs) to be used?

Nobody in our .gov/.mil could overtly engage them without suffering political retribution from Legislative/Executive branch elements that do not want American patriotic hacker militias engaged. That leaves former or retired .gov/.mil beyond the reach of retribution, and contractors that don’t get much political oversight.

Russian-oriented hackers/militia took out news and local government web sites specifically in the areas that the Russian military intended to attack in the ground and air domains. The Federal and local Georgian governments, military, and local news agencies were unable to communicate with Georgian citizens that were directly affected by the fighting. This provided an intelligence indicator of the ground and air attack locations. It created panic and confusion in the local populace, further hindering Georgian military response. This effect also provides a future aggressor nation with an opportunity to conduct military deception operations via feints and ruses to mislead the target nation population, government, and military. A sudden „blackout’ of cyberspace activities in a specific region may provide an indicator of a tactical or operational level conventional attack. Or it could be used as a sophisticated cyberspace operation as part of a larger deception plan, creating a feint in the cyberspace domain to lure opposing forces into believing an attack is imminent in another warfighting domain. Use of patriotic hackers and cyberspace militia themselves might be a deception effort to attract the target nation‟s attention away from the aggressor nation‟s top-quality military and intelligence community cyberspace operators that quietly conduct the main effort in the overall cyberspace domain operation.

Are we even allowed to use MILDEC anymore? Could any U. S. MILDEC’ers work by, with and through American patriotic hackers and cyberspace militia?

In future combat, aggressor nation patriotic hacker militia can be called upon to conduct cyberspace fire & maneuver operations performed directly in support of forces in other domains, They could also be extensively utilized to conduct deception efforts in cyberspace in support of operations in the other domains or to act as a distraction for other cyberspace operations conducted by government professionals against target nation high value targets (HVT).

UPDATE 012911: This Week at War: Lessons from Cyberwar I

Low Orbit Ion Cannon

Ain’t got time to blog about all the current Civilian Irregular Information Operations underway, but check this out:

What is LOIC?

LOIC (“Low Orbit Ion Cannon”) is an application developed by 4Chan-affiliated hackers designed to—when used en masse by thousands of anonymous users—launch Distributed Denial of Service (DDoS) attacks on websites. Like Visa.com and Mastercard.com, for instance.

You don’t even need script kiddie skills to participate in a DDOS anymore. Low Orbit Ion Cannon is revolutionary, like issuing AK-47’s to crossbowmen.

Also:

WikiWars: blow by blow

Cyber guerrillas can help US

http://www.ft.com/cms/s/0/d3dd7c40-ff15-11df-956b-00144feab49a.html#axzz179p6Blrv

Evgeny Morozov’s “cyber guerrillas” are referred to as Civilian Irregular Information Operators on this blog, but we are both talking about non-state actors. 

Morozov essentially wants somebody to persuade, change and influence the sophomoric Julian Assange to collaborate with traditional media, redact sensitive files, and offer those in a position to know about potential victims of releases the chance to vet the data and turn Wikileaks into a new Transparency International.

I want him dead.

Morozov thinks that would create a global movement of anti-American politicised geeks clamouring for revenge.

Possibly.

Are there enough pro-American politicised geeks to counter vengeful anti-American politicised geeks?

Are there any U. S. .mil /.gov Information Operators capable of  countering vengeful anti-American politicised geeks working by, with and through pro-American politicised geeks?  No real way of knowing.  Bound to be some who are capable of it, but of those, how many are willing to risk their careers associating with politically incorrect  pro-American politicised geeks?

Red Hackers Alliance

CHICOM Civilian Irregular Information Operators Harnessing Hacker Hatred.

The RHA has a paid staff, including university trained network security experts. Officially, the RHA provides training and advice about network security. But the RHA has also apparently absorbed the thousands of Chinese hackers who used to belong to informal hacker organizations. These groups often openly launched Cyber War attacks against foreign targets. One of the more notorious examples of this was in the Spring of 2001, when outraged Chinese hackers went after American targets in the wake of a Chinese fighter crashing, after colliding with an American P-3 patrol aircraft. American hackers fought back, and apparently there was more damage on the Chinese side. This offended the Chinese hackers a great deal, and they vowed to not fail in the future.

American hackers prevailed 9 years ago. Will anything useful be accomplished by them next time?

By, With, and Through, you Regulars. Plausible Deniability.

Does the TEA Party have sympathetic hackers on their side? Democrats did two years ago, now, not so much. Do the RINO’s have any Cyber capability at all?

China’s Restless Hackers, 2006/04/18

Red Chinese Cyber-Militia, 2008/05/29

Chinese Cyber Warriors, 2008/08/18

Cyber Operations Planner 2

This is the kind of job .mil is seeking contractors to do for them. Not the point of contact, so don’t ask this disgruntled former employee of that particular component of the Military-Industrial Complex for help getting this gig. Blogged here because civilian contractors hired to be cyber operations planners for Regulars are Civilian Irregular Information Operators.

Works as an Operations Analyst at the Army’s Regional Computer Emergency Response Team located at Ft. Gordon, Ga. Responsible for functions pertaining to planning, coordinating, executing, tracking, and reporting of unit operations. Supports the deployment of teams on short-notice and preplanned missions in response to computer security events at Army posts, camps, and stations around the world. Supports the development and maintenance of Tactics, Techniques and Procedures and Standard Operating Procedures. Coordinates vertically and horizontally across internal and external organizations. Responsible for matters that concern training, planning, coordination of missions, operations and plans.
Coordination based on customer needs and requirements. Evaluate and recommend uses of resources required by customer missions in order to complete successfully.

Essential Functions: Preparation, coordination, authentication and distribution of SOP, Operations Plans, Operations Orders, fragmentary orders (FRAGOs), warning orders, review of plans and orders of other departments. Reviews, disseminates and explains plans and orders of other departments to team members. Reviews customer OPLANs and OPORDs for completeness. Ensures necessary support requirements are provided when and where required for the customer. Will be responsible to complete various reports, status updates, and conduct briefings on a variety of subjects. Mission planning and data entry utilizing various mission planning and reporting software applications.

Basic Qualifications:

Exceptional communication skills, strong writing skills. Experience with Military Staff organization and operations policies and procedures is desired. Microsoft Office expertise, Military Decision Making Process (MDMP), and the Joint Operation Planning Process (JOPP), Strong customer interface skills required. Demonstrated ability to schedule and manage support requirements in a dynamic work environment. Secret Clearance required and must be clearable to TS/SCI. Bachelors Degree and 2 years experience, Masters degree and 0 years of experience, or 6 years of relevant experience in lieu of a degree.

Preferred Qualifications:

Experience in performing duties as Battle Captain are highly desired. Functional experience in S3 Operations with experience in developing Operation Orders (OPORDs), Operation Plans (OPLANs), FragmentaryOrders (FRAGOs), and Warning Orders (WARNOs) is desired. Experience with Military Staff organization and operations policies and procedures is desired. Bachelors Degree and 2 years experience, or Masters degree and 0 years of experience preferred

A Department of the Army Civilian GS-13 doing this exact same job would be a Civilian Regular Information Operator, likely a member of Local 2017, American Federation of Government Employees, AFL-CIO, and damn hard to be shed of once his services are no longer required.

Don’t You Just Hate It . . .

. . . when you’re commenting on some one else’s blog and they close comments down before you can post it?

Here’s what Belmont Clubbers were deprived of, Wretchard:

Impotence.

Every day Assange remains unterminated with extreme prejudice is a propaganda defeat for us.

Regular .mil & .gov Computer Network Attack, Operational Security, Psychological Operations/Military Information Support Operations, Information Assurance, Public Affairs and Intelligence have all screwed the pooch on this. Not only is the Emperor naked, he’s fat, ugly and hung like a mouse.

Effective Restrictive Measures have not been applied to Wikileaks.

Civilian Irregular Information Operators, counterpropagandists, hoaxers, and white hat hackers are going to have to do what Regulars can’t or aren’t allowed to.

Beam Me Up, Scotty

New Air Force Cyberspace badge guidelines released

The Air Force’s Chief of Warfighting Integration and Chief Information Officer said the new badge reflects the importance of cyber operations. “The Air Force’s cyberspace operators must focus on operational rigor and mission assurance in order to effectively establish, control, and leverage cyberspace capabilities. The new cyberspace operator badge identifies our cyberspace professionals with the requisite education, training, and experience to operate in this new critical domain. The badge symbolizes this new operational mindset and the Air Force’s commitment to operationalize the cyberspace domain,” said Lt Gen William T. Lord.

And there really are Cyber Space Cadets.

National Defense University Blogging About Civilian Irregular Information Operators

Deterring Chinese Cyber Militias with Freedom Militias

US defenses are insufficient to stop Chinese cyber attacks. The US-China Economic and Security Review Commission estimates that Chinese cyber attacks cost the US hundreds of billions of dollars annually. By way of comparison, this is substantially more than the entire Chinese military budget.
What is needed is a threat that is both capable of forcing China to take notice and that it will believe the United States would execute. Such a threat exists. While China’s regime does not appear willing to be deterred by conventional diplomatic or legal complaints, it has demonstrated considerable concern about threats to its censorship apparatus.
The most effective way to threaten Chinese censorship would be for US and partner nations to develop their own cyber militias. Rather than stealing intellectual property and disabling public institutions, however, Western militias would aim at finding ways to bypass Chinese firewalls to spread internet freedom.

There already are American cyber militias. Pretty much the entire Psychological Operation effort intended for the American domestic target audience is entrusted to them. American cyber militia Computer Network Exploitation is a specialty of Internet Anthropologist Think Tank.

The Jawa Report are outstanding American cyber militia Computer Network Attackers and counterpropagandists, specializing in monitoring and taking down Jihadi websites.

Most of the conservative and libertarian blogosphere would love to be involved in disseminating information that annoys the Chicoms and spreads internet freedom behind the Great Firewall. But who amongst the .gov/.mil Regulars dares to work by, with and through Irregular Information Operators in the current political environment?

Also at GlobalSecurity.org

Countering the Cyber Jihad, 2006/04/28

Geek Battalion, 2006/05/01

Virtual Cyber Militias Must Run with the Ball OGAs Dropped, 2007/09/15

The Unorganized Cyber Militia of the United States, 2007/09/26

Wedges and Mauls, 2007/09/30

Irregular Restrictive Measures — Blogospheric Computer Network Attack, 2007/10/11

Plausibly Deniable Cat Herders, 2007/10/19

People’s Information Support Team, 2008/02/24

Fuzzy Bunny Slippers IO — The Rise of Pajamahadeen, Virtual Militias, and Irregular Information Operators, 2008/05/22

Red Chinese Cyber-Militia, 2008/05/29

Civilian Irregular Auxiliary Counterprogandists Contributed To Victory, 2008/11/22

Public Affairs and Information Operations, 2008/12/31

eResistance in Moldova, 2009/04/07

The amateurization of cyberwarfare, 2009/08/09

CJCSI 6504.01

Chairman of the Joint Chiefs of Staff Instruction 6504.01, Information Assurance and Computer Network Operations, dated 1 APR 10,  is out.  Irregulars who want to impress Regulars by larding their conversation with the latest buzz words should memorize these: 

 

 

 

Cyberwar 

War using cyberspace operations to achieve sensational yet bloodless results for friendly forces while seeking to inflict massive inconvenience on the adversary in a manner that offers the most photogenic and telegenic depiction for domestic and international public audiences. 

 

 

Cyberwarrior 

 

Uniformed and non-uniformed personnel of the Department of Defense, civilian resources, and other government agencies (OGA) conducting fullspectrum cyberwarfare operations. 

 

Make sure you get to p. 11. 

H/T:  InfowarMonitor

Political Computer Network Attack/Restrictive Measures

If participating in Distributed Denial of Service (DDOS) attacks on the regime sounds like fun to you, read Spam offers to let people use their PC to attack Obama site and And Now Hackers are DDoSing Obama – Or are they Just Zombifying Your Machine?

Civilian Irregular Information Operators are on both sides of the Idea War.  The demographic stereotypically associated with hackers would generally trend towards supporting the regime.  How did Axelrod get your email address? 

Don’t be surprised some fine morning when you go to check out your favorite blogs and find a bunch of them down.  That would be the regime’s Supportive  Civilian Irregular Information Operators implementing Restrictive Measures against what they see as the propaganda of Opposition Civilian Irregular Information Operators.  Of course, Robert Gibbs will plausibly deny any Administration involvement.

H/T: Daily Uprising

The amateurization of cyberwarfare

Is CYXYMU the first “digital refugee”?

What was done to him by Russian Civilian Irregular Information Operators could be done to me by Obamerican Civilian Irregular Information Operators, or Russian, or Chinese, or any other virtual militia whose enmity I might incur.

The amateurization of cyberwarfare has been one permanent feature of virtually all recent cyber-attacks that somehow implicated Russia; it may be part of a broader Kremlin effort to “crowdsource” its defenses and offenses to groups of nationalistic vigilantes, not just in cyberspace. Thus, recent news reports suggest that Nashi, Kremlin’s youth arm, will soon be recruiting up to 100,000 problematic teenagers to form ARMED militia units that would patrol the streets. It would make some sense if they also invest into units of “cyber-vigilantes” who would be patrolling cyberspace, particularly given the rising importance of the Internet in Russia’s public life.

Does the youth arm of The New Black Panther Party have an IO Cell?

Private Military Company Recruiting Mercenary Cyber Warriors

Contractor Seeks ‘Cyber Warriors’ to Help Defend U.S.

National cybersecurity is a hugely growing field, with the crude but effective shutdown of U.S. and South Korean government Web sites over July 4 weekend coming as the latest example of our weaknesses.

A report released just this past Wednesday found that the federal government is woefully behind in cybersecurity, with the lack of trained personnel the biggest problem.

Cyber Warriors Wanted

Information Operations/Information Assurance

Software engineers/developers – JAVA/J2EE/, JAVA/XML, C++

FPGA expertise

Software security engineers

Test engineers

Software testers

Systems administrators – Linux, Solaris, Unix, Red Hat, VMware (Certifications are preferred)

Systems engineers – CNO, CNA, CNE, NOC, Requirements management

NOC is Network Operations Center. Had to look that up.

How many military Information Operations can be conducted without the involvement of non-military information operators?   And of those non-military information operators, how many are Government Employees?

H/T: Bill Austin

Foreign Civilian Irregular Information Operations

Irregulars can mix PSYOP propaganda/counterpropaganda with CNA (Computer Network Attack) botnets to hit enemy web sites with DDOS attacks, thus applying Restrictive Measures to sources of enemy propaganda.  A certain amount of PSYOP expertise is required to influence Supporters to volunteer for the CNA botnet, which will be used for PSYOP.  Civilian Irregular PSYOP’ers and Civilian Irregular hackers can work together nicely.

Read:

Citizen Propaganda in Contemporary Conflicts: The Case of Israel-Gaza, Russia-Georgia and China-Tibet

Install a trojan for Israel? Uh, no thanks.

Hacktivist tool targets Hamas

Wage Cyberwar Against Hamas, Surrender Your PC

Hackers Take the Fight Over Gaza Online

Help Us Win

UPDATE 200901121951: Israel’s Looking for a Few Good Cybermen

Help Israel Win

UPDATE 200901141557:  Technology Delivers War Propaganda to Gaza, Israeli Citizens

UPDATE 200901141643:   Gaza crisis spills onto the web

Cyber-Nationalism

Strategy Page calls it a disease.

This new disease manifests itself when an event, or government propaganda, stirs up nationalistic feelings among many Internet users. There then follows much chatter on message boards, email, messaging and so on. This quickly evolves into the organizing of online vigilantes. Nationalistic hackers proceed to do damage to any available target of these nationalistic feelings. Often there isn’t a target, as in the case of a natural disaster, where the mobilized net users concentrate on helping out. But when the news event involves another nation, or person, there follows hacking attacks, of varying degrees of intensity, against the designated “enemy.”

I don’t think nationalism is a disease. I’m an American nationalist myself. What SP is describing is what the American eResistance, a combination of psychological operations and computer network attack by civilian irregular information operators, will look like. We have much to learn from the Chinese, Grasshopper.