cyber warfare and attacks

ngatimozart

Super Moderator
Staff member
Verified Defense Pro
Apparently the US antivaxxer movement have been active on the Samoan Govt Facebook pages over the last 24 hours because of the Samoan measles epidemic. A lot of young kids and babies have died and the govt have declared a 2 day curfew during daylight hours so that they can vaccinate as many as possible. The antivaxxers have tried to attack the govt through its Facebook pages over this. It's low level cyberwarfare, by a group whom the WHO have declared a danger to humanity - up there with the plague and Ebola.

Anti-vax groups swamp Samoan government's online pages during massive vaccination campaign
 

hauritz

Well-Known Member
The average person in the street really doesn't understand the potential damage that Cyberwarfare can unleash on the planet. The problem is that a lot of major companies don't either.

The aim of warfare is most likely to subjugate a country and seize its resources. Using guns and bombs is a messy way of going about doing that and frankly isn't all that cost-effective. Cyberattacks, on the other hand, can achieve many of the same goals with minimal risks.

Let's say you are an oil company and conducting test drills. Every day reports are sent, most likely by email, to head office. Some Chinese hacker has long since worked out the emailer's password and has been monitoring it for several months. One day you find a massive deposit. Almost before that email hits the CEOs inbox several Chinese state-owned companies have raided your companies shares. Now China owns that oil.

That is how easy it is and how sloppy a lot of companies are when it comes to cybersecurity.
 

oldsig127

The Bunker Group
Verified Defense Pro
Let's say you are an oil company and conducting test drills. Every day reports are sent, most likely by email, to head office. Some Chinese hacker has long since worked out the emailer's password and has been monitoring it for several months. One day you find a massive deposit. Almost before that email hits the CEOs inbox several Chinese state-owned companies have raided your companies shares. Now China owns that oil.

That is how easy it is and how sloppy a lot of companies are when it comes to cybersecurity.
Then the regulatory authority steps in and you have the Chinese money AND the oil...

oldsig.
 

Todjaeger

Potstirrer
The average person in the street really doesn't understand the potential damage that Cyberwarfare can unleash on the planet. The problem is that a lot of major companies don't either.

The aim of warfare is most likely to subjugate a country and seize its resources. Using guns and bombs is a messy way of going about doing that and frankly isn't all that cost-effective. Cyberattacks, on the other hand, can achieve many of the same goals with minimal risks.

Let's say you are an oil company and conducting test drills. Every day reports are sent, most likely by email, to head office. Some Chinese hacker has long since worked out the emailer's password and has been monitoring it for several months. One day you find a massive deposit. Almost before that email hits the CEOs inbox several Chinese state-owned companies have raided your companies shares. Now China owns that oil.

That is how easy it is and how sloppy a lot of companies are when it comes to cybersecurity.
Cyberwarfare is not just about the collection of data, which itself is an intel-gathering function. It can also include addition of data, and/or alteration of data.

It can also provide an avenue to compromise or gain control of an asset.

In the above example of the petroleum company, imagine if a cyberware organization targeted the company. Instead of just monitoring the emails regarding test drills however, they decided take a more active hand in things. Things like actively working to compromise company employees so that company data can be manipulated and trade secrets/technology stolen.

The work to compromise employees could range from collecting personal data on employees to find out the state of employees' finances to see who might be susceptible to bribery, or who might have debts which could be purchased and then called in. Or if key employees do not have compromising data which would be useful, cyberwarfare efforts could manufacture and insert such data. There are certain classes of data and activities which in a number of nations, even a credible allegation of possession, creation, distribution, participation or viewing tends to damage if not destroy a person's reputation, not to mention the potential for stiff criminal penalties. The potential for cyber efforts to remotely connect to a device and then upload such content exists. This in turn could be done to either compromise someone into becoming an asset, otherwise they find themselves under investigation and potentially indictment depending on how skilled and thorough the investigating agency is. Or alternatively, the material could be uploaded so that a threat or obstacle to an already compromised person who has been turned into an asset could be removed.

The whole scenario above can get quite disturbing if people look at the big picture potential. Imagine if you will, that an active effort to compromise a petroleum company employee has been successfully carried out, particularly earlier in their career and when they are comparatively young. Then their handlers push them to climb the corporate ladder if they are not already in or near executive-level positions within the energy industry. Once at this level where the asset can influence corporate policy and decisions, efforts are made to groom the person to make the jump into gov't, working in a sector which relates to their work and expertise in the energy industry. This would then essentially give the agency which engaged in cyberwarfare a mole within the gov't of a potential adversary...
 

ngatimozart

Super Moderator
Staff member
Verified Defense Pro
Just as vaccine arrivals are easing the COVID crisis (hopefully), this link warns the next virus might be cyber and its spread will be much more rapid than biological versions with the potential to do great harm.
That's always a possibility, but calling it a pandemic is a bit steep I feel. Pandemic is a health term for an infectious disease or virus that directly attacks the human body with the potential to cause death in large numbers. It is a naturally occurring pathogen. A cyber attack is no such case. If one is launched on such a scale, as suggested in the article, that's an act of war.
 

Gracie1234

Active Member
Another example is that an attacker can co-opt a system and actually lock out the authorised users. If they targeted a hospital then that facility would not be able to perform any health care, if they target a bank then customers will not be able to access their money, if they target a water plant then the water would stop. Overall Cyber provides the cheapest tool to disrupted another country or entity. I would expect a vast increase in investment in this area as we are not paying enough attention to it. As an example the attacks on NZ finance institutions in the past 6 months are a cause of great concern and had real impact, that of course was down-played in the media as they do not understand.
 

John Fedup

The Bunker Group
Never know, the media may have been convinced to STFU for their and the country’s well being. Absolutely correct about most Western government investment in cyber security, doesn’t seem to be keeping pace as recent attacks show. Governments beat up on commercial cyber security (lack of) yet some of the worse hacks are on government servers. Minor and medium league adversaries are indeed seeing cyber attacks as a very cost effective solution.
 

John Fedup

The Bunker Group
An article highlighting current risks correctly (IMHO) with the suggestion cyber threats pose the greatest risk. This in turn is made worse by Western governments not being more forceful in retaliation against those doing the attacking.
 

Gracie1234

Active Member
I agree, we should invest not only in defensive measures, there are plenty of commercial solutions available. But we should significantly increase our retaliation capability.
 

ngatimozart

Super Moderator
Staff member
Verified Defense Pro
Overnight NZ time all the FVEY nations, NATO, Japan, and the EU have accused the PRC MSS and PRC state sponsored actors of conducting malicious cyber activity including the massive Microsoft Exchange attack.


The NZ government along with the other governments has condemned such actions by the PRC which has elicited a quick and typical response from the PRC Embassy in Wellington.


The weekly PRC Foreign Ministry media briefing will be occurring later today in Beijing, NZ time, and there will be the usual shrill howls of self righteous indignation followed by threats and punitive actions, justlike a toddler throwing spitting the dummy and throwing all their toys out of their cot.

UPDATE: Reuters story.
 
Last edited:

StobieWan

Super Moderator
Staff member
Tripped over an interesting one this weekend, was following the UK CSG thread on FB and was noticing that every so often, someone would pop up and insist the RN should be home, dealing with the "migrant crisis". Now, there is a basic rule of thumb that any defence related discussion in a UK forum will turn to immigration inside of about ten posts or less - but this seemed very persistent.

Turns out there's a whole cottage industry of Russian and Chinese FB accounts, spamming the same thing - that the RN should be in the Channel, and I mean, the English one.
 

ngatimozart

Super Moderator
Staff member
Verified Defense Pro
Tripped over an interesting one this weekend, was following the UK CSG thread on FB and was noticing that every so often, someone would pop up and insist the RN should be home, dealing with the "migrant crisis". Now, there is a basic rule of thumb that any defence related discussion in a UK forum will turn to immigration inside of about ten posts or less - but this seemed very persistent.

Turns out there's a whole cottage industry of Russian and Chinese FB accounts, spamming the same thing - that the RN should be in the Channel, and I mean, the English one.
Doesn't surprise me. I have been in a couple of shit fights on social media with so called Kiwis who take offence at my criticism of the PRC. Some got worked up about my comments on the recent global hacking story. They don't appreciate my services sense of humour. How sad, to bad, never mind.

Actually I apparently have upset some Jacindarella lovers and they suggested that I was stupid because I didn't understand critical thinking. I replied that I understood it very well having used it in the sciences for years to sort out the good material from the rubbish. I went on to say that the modern use of the term of critical thinking was a fascist censorship that's oppression of the masses by urban middle class pseudo educated lefties who wouldn't even have a clue how to wipe their bums.
 

John Fedup

The Bunker Group
Interesting article on South Korea’s experiences with the disinformation industry, which began almost 8 years before Trump’s efforts in 2008. (Governments were doing this earlier to each other). The private and political sectors are utilizing disinformation more often now and the sooner effective strategies are found to counter this can’t happen soon enough.
 
Top