SlideShare a Scribd company logo

Presd1 17

N
Niels Groeneveld

China and Russia are active in cyber operations. China conducts cyber reconnaissance and uses soft power through the internet to influence values. The document discusses a cyber attack on Google and ties it to Chinese universities. Russia focuses on developing cyber policy and military cyber theory, as well as information and electronic warfare equipment. Both countries see value in preemptive cyber attacks and deception operations to gain strategic advantage.

TechnologyBusiness
1 of 43
Download to read offline
UNDERSTANDING CHINA AND RUSSIA’S CYBER STRATEGIES MR. TIMOTHY L. THOMAS FMSO, MAY 2010
Where are these Countries Most Active in the Cyber Arena? • China—through the actual use of cyber reconnaissance and soft power • Russia—through the development of policy issues and equipment
Points of Emphasis for China • The Google Affair—Stealing code versus influencing values and damaging the Party’s image • Chinese hackers—who are they? • System sabotage warfare • Offensive actions • Strategic deception
Context Works against China… • Northrop Grumman Report of a US company that had information expertly exfiltrated from its files • US military testimony before Congress, attacks on Lockheed Martin • Two Canadian reports: Ghost Net and Shadow Network • Accusations from a host of countries (Germany, Israel, Japan, South Korea, India, UK, France, Australia, etc.) • Google hacks along with hacks of 26 largest companies in California (Intel, Yahoo, Symantec, Juniper Networks, Northrop Grumman, Dow Chemical, Adobe, etc.)
The Google Affair: Follow the “Gu Ge” to Freedom • Code stolen from Google and from “the 26 top companies in California.” Allen Paller of the SANS Institute stated that the chances of these companies NOT being 100% compromised is zero. • Legal-public affairs-psyop • Two pronged strategy—electronic reconnaissance and soft power
The Google Affair (Aurora): Jiaotong/Lanxiang Origination Points • Jiaotong University has alliances with Duke and the University of Michigan, and with Microsoft and Cisco Systems. • “Reliable clues” suggest Jiaotong was involved in the attacks on Google and other companies in California. Jiaotong spokesman stated school officials were shocked and indignant at the allegations. • Received funding from Project 863, has a School of Information Security Engineering, and has PLA ties according to the school’s website.
China’s Information Technology Security Plan 863 (www.863.org.cn) • Security for electric commerce systems • Network media information security technology • Network security management and measurement technology • Information protection technology • Information topic 306—intelligent computers
The Google Affair (Aurora): Jiaotong/Lanxiang Origination Points (cont.) • Lanxiang—boasts it has the world’s largest computer laboratory; school records (on web site) indicate they send many graduates to the army who become the army’s backbone; Mr. Shao, the school’s dean, says the computer science department’s graduates are recruited by the local military garrison but that these students are incapable of hacking into Google • Lanxiang spokeswoman Zhou said such speculation is ridiculous as the school has no ties with the military at all
Chinese Commentary on Google • Huang Xueping, Def Min Spokesman (25 Feb): such claims are baseless, irresponsible, and hyped with ulterior motives--PA • Li Daguang, NDU (9 March): Some Western powers may have adopted a strategy to sabotage China’s IT development; high profile criticism is a preemptive strike on China--PSYOP • Li Yizhong, Minister of Industry and Information Tech (12 March): Google must obey China’s laws. China opposes hacking--LEGAL
Chinese Commentary on Google • Chinese government has said that Google’s claims are groundless (instead of “we’ll investigate”); Where were the “counterpropaganda” accusations before the Google incident?
Chinese 22 March Counter Propaganda Commentary on Google • Google provides US intelligence with a record of its search engine results; Google was the 4th largest contributor to Pres Barack Obama’s campaign • Google is not in the game for commercial reasons but is trying to change Chinese society by imposing American values • Some Pentagon security experts are from Google (Sumit Agarwal is now a Deputy Assistant Sec of Defense for Public Affairs Outreach and Social Issues)
Chinese Instructions (25 March) on How to Report on Google--PA • For Chief editors and managers: Only use Central Gov main media (website) content; reposting must not change title; do not produce relevant topic pages, discussion sessions, and related investigative reporting; forums and blogs are not permitted to hold discussion or investigation on Google; clean up text attacking the Party, State, Gov agencies, and Internet policies or sites supporting Google; and monitor Google information and incidents.
Chinese Instructions on How to Report on Google (cont.) • Monitoring and Control Group: immediately follow-up and control actions in above directions; do not participate in Google’s information releases; do not report that Google is exerting pressure on China; and do not provide materials for Google to attack relevant policies.
Losttemp33 • An email used in Ghostnet (Tibet) turned up in the Shadows probe (India) as well. It is from losttemp33@hotmail and was associated with Xfocus and Isbase, two popular Chinese hacking forums. Losttemp33 possibly was a student of master hackers Glacier and Sunwear. The individual is believed to have studied at University of Electronic Science and Technology at Chengdu.
Glacier-no photo available • 1. Real Name: Huang Xin (黄鑫黄鑫) 黄鑫 • 2. 冰河) 冰河 Online Name: Glacier (冰河 • 3. Organization: www.xfocus.org, http://blog.xfocus.net/index.php?blogId=15 • 4. Age: 29 (In 2007) • 5. Known Hacks: Developed the Glacier Trojan, China’s most popular. Created X-scan • 6. Summary: Graduated from Xi’an Electronic Sci-Tech University. Married to Chinese female hacker Wollf. In 2006, he was 28 years old and a resident of Guangxi. Godfather of the Chinese Trojan. • 7. DarkVisitorLinks:
Military Theory Includes Concepts such as System Sabotage and Offensive Reconnaissance that Fits with Traditional Chinese Theory • Win victory before the first battle • Strategic deception
System Sabotage • The key point to “system sabotage” is in “gaining control, precision strikes for maximum damage, and paralyzing the enemy to subjugate his will.” • To make system sabotage effective, we need to establish a basic mode of thinking where we “destroy before conducting war, using destruction to aid in the fight.” • Destruction can come about through reconnaissance of computer networks, through cognitive attacks that destroy will power, etc.
1996 Book Deceptive Strategy (Chai Yuchiu) Contains 30 Chapters • Roles, necessity, philosophical foundations, psychological laws, general principles, systems, operational art, creativity is the life, mistakes in, and skills for mastery • Deceptive strategy thought process, deceptive strategy and religious superstition
Dai—Direct IW Offense/Attack • Computer network reconnaissance is the prerequisite for seizing victory in warfare. It helps to choose opportune moments, places, and measures for attack.
Methods • Focus on collecting technical parameters and specific properties of all categories of information weapon systems and electronic information products
Where are these Countries Most Active in the Cyber Arena? • China—through the actual use of cyber reconnaissance and soft power to control the capability to “win victory before the first battle”
Russia’s Cyberstrategy Timothy L. Thomas Work: 913-684-5957, fax 913-684-5960; tim.l.thomas@us.army.mil Foreign Military Studies Office Fort Leavenworth, Kansas Graphics by Cathy Elliott Center for Army Lessons Learned
Overview of Russian Cyber Issues • Development of policy • Development of theory (info-tech, info-psych)
Other Documents • United Nations suggestions • 2000—Information Security Policy of Russia • Feb 2008—Governmental Commission for the Implementation of Information Technologies in the Work of National Agencies and Agencies of Local Self-Government. • Electronic Russia and Electronic Government—to be completed by the end of 2010—doubtful at this point
Russia and Network-Centric War Col Yu. Gorbachev, 2006 • Network war is also called cyberwar (a component of IO that includes CNA and CND). It may use EW assets (directed energy equipment, weapons, etc.), information weapons, and diverse electronic and computer defense assets. • NCW, on the other hand, is a new form and method for the command and control of the armed forces with the use of integrated information space in near real-time mode.
Russia and Network-Centric War Gorbachev (cont.) • Russia should transform its EW service into information and EW troops, because the US has information war agencies and forces pursuing information wars that are based on EW forces
Russia and Network-Centric War Gorbachev (cont.) • Russia must immediately work on creating information weapons and directed energy weapons “capable of disrupting the operation of automated databases and computer networks and disabling the main enemy command and control and reconnaissance components.”
Strategic Deterrence in the Theater of Information Warfare Sergei Modestov • Information warfare’s threats create another possibility for strategic deterrence (besides nuclear and conventional), which is “strategic deterrence in the theater of information warfare by means of the threat of large-scale targeted impact on the information resource objects of a likely adversary.”
Russia versus China • Russia—provide a story that encourages the turtle to take off his shell • China—the mouse and the bell
A Russian Information Weapon Definition According to Rastorguyev An information weapon A means directed at activating (or blocking) information system processes in which the subject using the weapons has an interest. An information weapon can be any technical, biological, or social means or system that is used for the purposeful production, processing, transmitting, presenting or blocking of data and or processes that work with the data.
Rastorguyev on IW and IO in 2002 Rastorguyev defined IW as “a battle between states involving the use of exclusively information weapons in the sphere of information models.” The final objective of an information weapon’s effect is the knowledge of a specific information system and the purposeful use of that knowledge to distort the model of the victim’s world. Rastorguyev defined an information operation as “a sequence of actions to use an information weapon to achieve an assigned task”
Where are these Countries Most Active in the Cyber Arena? • Russia—through the development of policy issues and equipment to support command and control issues
Timothy Lee Thomas Foreign Military Studies Office (FMSO) Phone: 913-684-5957 Fax: 913-684-5960 Tim.l.thomas@us.army.mil http://fmso.leavenworth.army.mil
Presd1 17

Recommended

Sj terp emerging tech radar
Sj terp emerging tech radarSj terp emerging tech radar
Sj terp emerging tech radar
SaraJayneTerp
 
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
Sara-Jayne Terp
 
Cognitive security: all the other things
Cognitive security: all the other thingsCognitive security: all the other things
Cognitive security: all the other things
Sara-Jayne Terp
 
2021 12 nyu-the_business_of_disinformation
2021 12 nyu-the_business_of_disinformation2021 12 nyu-the_business_of_disinformation
2021 12 nyu-the_business_of_disinformation
SaraJayneTerp
 
SANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political BreachesSANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political Breaches
John Bambenek
 
Risk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of ageRisk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of age
Sara-Jayne Terp
 
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
Sara-Jayne Terp
 
Distributed defense against disinformation: disinformation risk management an...
Distributed defense against disinformation: disinformation risk management an...Distributed defense against disinformation: disinformation risk management an...
Distributed defense against disinformation: disinformation risk management an...
Sara-Jayne Terp
 

Recommended

Sj terp emerging tech radar
Sj terp emerging tech radarSj terp emerging tech radar
Sj terp emerging tech radar
SaraJayneTerp
 
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
Sara-Jayne Terp
 
Cognitive security: all the other things
Cognitive security: all the other thingsCognitive security: all the other things
Cognitive security: all the other things
Sara-Jayne Terp
 
2021 12 nyu-the_business_of_disinformation
2021 12 nyu-the_business_of_disinformation2021 12 nyu-the_business_of_disinformation
2021 12 nyu-the_business_of_disinformation
SaraJayneTerp
 
SANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political BreachesSANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political Breaches
John Bambenek
 
Risk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of ageRisk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of age
Sara-Jayne Terp
 
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
Sara-Jayne Terp
 
Distributed defense against disinformation: disinformation risk management an...
Distributed defense against disinformation: disinformation risk management an...Distributed defense against disinformation: disinformation risk management an...
Distributed defense against disinformation: disinformation risk management an...
Sara-Jayne Terp
 
UNITED STATES AND CHINA 2001: PATRIOTIC HACKING
UNITED STATES AND CHINA 2001: PATRIOTIC HACKINGUNITED STATES AND CHINA 2001: PATRIOTIC HACKING
UNITED STATES AND CHINA 2001: PATRIOTIC HACKING
Lillian Ekwosi-Egbulem
 
disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...
Sara-Jayne Terp
 
The Business(es) of Disinformation
The Business(es) of DisinformationThe Business(es) of Disinformation
The Business(es) of Disinformation
Sara-Jayne Terp
 
2020 12 nyu-workshop_cog_sec
2020 12 nyu-workshop_cog_sec2020 12 nyu-workshop_cog_sec
2020 12 nyu-workshop_cog_sec
Sara-Jayne Terp
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect us
Luis Borges Gouveia
 
Info leakage 200510
Info leakage 200510Info leakage 200510
Info leakage 200510
Prof John Walker FRSA Purveyor Dark Intelligence
 
Cyber warfare capabiliites : A Reality Check
Cyber warfare capabiliites : A Reality CheckCyber warfare capabiliites : A Reality Check
Cyber warfare capabiliites : A Reality Check
Rajeev Chauhan
 
Information warfare and information operations
Information warfare and information operationsInformation warfare and information operations
Information warfare and information operations
Clifford Stone
 
Fail To Plan
Fail To PlanFail To Plan
Fail To Plan
bfuesz
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
Cyber Security Alliance
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectors
Love Steven
 
2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley
Sara-Jayne Terp
 
NSA Journal of Information Warfare
NSA Journal of Information WarfareNSA Journal of Information Warfare
NSA Journal of Information Warfare
David Sweigert
 
Fake news and trust and distrust in fact checking sites
Fake news and trust and distrust in fact checking sitesFake news and trust and distrust in fact checking sites
Fake news and trust and distrust in fact checking sites
Petter Bae Brandtzæg
 
Presd1 13
Presd1 13Presd1 13
Presd1 13Niels Groeneveld
 
Presd1 14
Presd1 14Presd1 14
Presd1 14Niels Groeneveld
 
Presd1 11
Presd1 11Presd1 11
Presd1 11Niels Groeneveld
 
Presd2 04
Presd2 04Presd2 04
Presd2 04Niels Groeneveld
 
Presd2 02
Presd2 02Presd2 02
Presd2 02Niels Groeneveld
 
Presd2 06
Presd2 06Presd2 06
Presd2 06Niels Groeneveld
 
Back-to-School Survey 2016
Back-to-School Survey 2016Back-to-School Survey 2016
Back-to-School Survey 2016
Deloitte United States
 
AI and its Effects on the Global World Order
AI and its Effects on the Global World OrderAI and its Effects on the Global World Order
AI and its Effects on the Global World Order
The Future Society
 

More Related Content

What's hot

UNITED STATES AND CHINA 2001: PATRIOTIC HACKING
UNITED STATES AND CHINA 2001: PATRIOTIC HACKINGUNITED STATES AND CHINA 2001: PATRIOTIC HACKING
UNITED STATES AND CHINA 2001: PATRIOTIC HACKING
Lillian Ekwosi-Egbulem
 
disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...
Sara-Jayne Terp
 
The Business(es) of Disinformation
The Business(es) of DisinformationThe Business(es) of Disinformation
The Business(es) of Disinformation
Sara-Jayne Terp
 
2020 12 nyu-workshop_cog_sec
2020 12 nyu-workshop_cog_sec2020 12 nyu-workshop_cog_sec
2020 12 nyu-workshop_cog_sec
Sara-Jayne Terp
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect us
Luis Borges Gouveia
 
Info leakage 200510
Info leakage 200510Info leakage 200510
Info leakage 200510
Prof John Walker FRSA Purveyor Dark Intelligence
 
Cyber warfare capabiliites : A Reality Check
Cyber warfare capabiliites : A Reality CheckCyber warfare capabiliites : A Reality Check
Cyber warfare capabiliites : A Reality Check
Rajeev Chauhan
 
Information warfare and information operations
Information warfare and information operationsInformation warfare and information operations
Information warfare and information operations
Clifford Stone
 
Fail To Plan
Fail To PlanFail To Plan
Fail To Plan
bfuesz
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
Cyber Security Alliance
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectors
Love Steven
 
2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley
Sara-Jayne Terp
 
NSA Journal of Information Warfare
NSA Journal of Information WarfareNSA Journal of Information Warfare
NSA Journal of Information Warfare
David Sweigert
 
Fake news and trust and distrust in fact checking sites
Fake news and trust and distrust in fact checking sitesFake news and trust and distrust in fact checking sites
Fake news and trust and distrust in fact checking sites
Petter Bae Brandtzæg
 

What's hot (14)

UNITED STATES AND CHINA 2001: PATRIOTIC HACKING
UNITED STATES AND CHINA 2001: PATRIOTIC HACKINGUNITED STATES AND CHINA 2001: PATRIOTIC HACKING
UNITED STATES AND CHINA 2001: PATRIOTIC HACKING
 
disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...
 
The Business(es) of Disinformation
The Business(es) of DisinformationThe Business(es) of Disinformation
The Business(es) of Disinformation
 
2020 12 nyu-workshop_cog_sec
2020 12 nyu-workshop_cog_sec2020 12 nyu-workshop_cog_sec
2020 12 nyu-workshop_cog_sec
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect us
 
Info leakage 200510
Info leakage 200510Info leakage 200510
Info leakage 200510
 
Cyber warfare capabiliites : A Reality Check
Cyber warfare capabiliites : A Reality CheckCyber warfare capabiliites : A Reality Check
Cyber warfare capabiliites : A Reality Check
 
Information warfare and information operations
Information warfare and information operationsInformation warfare and information operations
Information warfare and information operations
 
Fail To Plan
Fail To PlanFail To Plan
Fail To Plan
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectors
 
2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley2021-02-10_CogSecCollab_UBerkeley
2021-02-10_CogSecCollab_UBerkeley
 
NSA Journal of Information Warfare
NSA Journal of Information WarfareNSA Journal of Information Warfare
NSA Journal of Information Warfare
 
Fake news and trust and distrust in fact checking sites
Fake news and trust and distrust in fact checking sitesFake news and trust and distrust in fact checking sites
Fake news and trust and distrust in fact checking sites
 

Viewers also liked

Back-to-School Survey 2016
Back-to-School Survey 2016Back-to-School Survey 2016
Back-to-School Survey 2016
Deloitte United States
 

Viewers also liked (7)

Presd1 13
Presd1 13Presd1 13
Presd1 13
 
Presd1 14
Presd1 14Presd1 14
Presd1 14
 
Presd1 11
Presd1 11Presd1 11
Presd1 11
 
Presd2 04
Presd2 04Presd2 04
Presd2 04
 
Presd2 02
Presd2 02Presd2 02
Presd2 02
 
Presd2 06
Presd2 06Presd2 06
Presd2 06
 
Back-to-School Survey 2016
Back-to-School Survey 2016Back-to-School Survey 2016
Back-to-School Survey 2016
 

Similar to Presd1 17

AI and its Effects on the Global World Order
AI and its Effects on the Global World OrderAI and its Effects on the Global World Order
AI and its Effects on the Global World Order
The Future Society
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopolitics
tnwac
 
Cyber Security Emerging Threats
Cyber Security Emerging ThreatsCyber Security Emerging Threats
Cyber Security Emerging Threats
isc2dfw
 
Countering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from ChinaCountering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from China
Murray Security Services
 
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
CODE BLUE
 
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
Pukhraj Singh
 
Lecture 5- Technology, Innovation and Great Power Competition
Lecture 5- Technology, Innovation and Great Power CompetitionLecture 5- Technology, Innovation and Great Power Competition
Lecture 5- Technology, Innovation and Great Power Competition
Stanford University
 
Cyber security
Cyber securityCyber security
Cyber security
Luke Veltjens-Swan
 
Towngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationTowngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentation
Charles Mok
 
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
Pukhraj Singh
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?
Jim Geovedi
 
ACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securityACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of security
siswarren
 
War Against Terrorism - CIO's Role
War Against Terrorism - CIO's RoleWar Against Terrorism - CIO's Role
War Against Terrorism - CIO's Role
Ayodeji Rotibi
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
Maira Asif
 
Using Chaos to Disentangle an ISIS-Related Twitter Network
Using Chaos to Disentangle an ISIS-Related Twitter NetworkUsing Chaos to Disentangle an ISIS-Related Twitter Network
Using Chaos to Disentangle an ISIS-Related Twitter Network
Steve Kramer
 
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
Boston Global Forum
 
Cyber espionage
Cyber espionageCyber espionage
Cyber espionage
harshitakhandelwal26
 
Policy primer
Policy primerPolicy primer
Policy primer
Michael Natoli
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )
Sameer Paradia
 
Lesson2.9 o u2l6 who cares about encryption
Lesson2.9 o u2l6 who cares about encryptionLesson2.9 o u2l6 who cares about encryption
Lesson2.9 o u2l6 who cares about encryption
Lexume1
 

Similar to Presd1 17 (20)

AI and its Effects on the Global World Order
AI and its Effects on the Global World OrderAI and its Effects on the Global World Order
AI and its Effects on the Global World Order
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopolitics
 
Cyber Security Emerging Threats
Cyber Security Emerging ThreatsCyber Security Emerging Threats
Cyber Security Emerging Threats
 
Countering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from ChinaCountering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from China
 
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
 
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
 
Lecture 5- Technology, Innovation and Great Power Competition
Lecture 5- Technology, Innovation and Great Power CompetitionLecture 5- Technology, Innovation and Great Power Competition
Lecture 5- Technology, Innovation and Great Power Competition
 
Cyber security
Cyber securityCyber security
Cyber security
 
Towngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationTowngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentation
 
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?
 
ACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securityACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of security
 
War Against Terrorism - CIO's Role
War Against Terrorism - CIO's RoleWar Against Terrorism - CIO's Role
War Against Terrorism - CIO's Role
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
 
Using Chaos to Disentangle an ISIS-Related Twitter Network
Using Chaos to Disentangle an ISIS-Related Twitter NetworkUsing Chaos to Disentangle an ISIS-Related Twitter Network
Using Chaos to Disentangle an ISIS-Related Twitter Network
 
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
 
Cyber espionage
Cyber espionageCyber espionage
Cyber espionage
 
Policy primer
Policy primerPolicy primer
Policy primer
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )
 
Lesson2.9 o u2l6 who cares about encryption
Lesson2.9 o u2l6 who cares about encryptionLesson2.9 o u2l6 who cares about encryption
Lesson2.9 o u2l6 who cares about encryption
 

Recently uploaded

Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Jeffrey Haguewood
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
Hiike
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
saastr
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
Shinana2
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
flufftailshop
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 

Recently uploaded (20)

Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 

Presd1 17

  • 1. UNDERSTANDING CHINA AND RUSSIA’S CYBER STRATEGIES MR. TIMOTHY L. THOMAS FMSO, MAY 2010
  • 2. Where are these Countries Most Active in the Cyber Arena? • China—through the actual use of cyber reconnaissance and soft power • Russia—through the development of policy issues and equipment
  • 3.
  • 4.
  • 5. Points of Emphasis for China • The Google Affair—Stealing code versus influencing values and damaging the Party’s image • Chinese hackers—who are they? • System sabotage warfare • Offensive actions • Strategic deception
  • 6. Context Works against China… • Northrop Grumman Report of a US company that had information expertly exfiltrated from its files • US military testimony before Congress, attacks on Lockheed Martin • Two Canadian reports: Ghost Net and Shadow Network • Accusations from a host of countries (Germany, Israel, Japan, South Korea, India, UK, France, Australia, etc.) • Google hacks along with hacks of 26 largest companies in California (Intel, Yahoo, Symantec, Juniper Networks, Northrop Grumman, Dow Chemical, Adobe, etc.)
  • 7. The Google Affair: Follow the “Gu Ge” to Freedom • Code stolen from Google and from “the 26 top companies in California.” Allen Paller of the SANS Institute stated that the chances of these companies NOT being 100% compromised is zero. • Legal-public affairs-psyop • Two pronged strategy—electronic reconnaissance and soft power
  • 8. The Google Affair (Aurora): Jiaotong/Lanxiang Origination Points • Jiaotong University has alliances with Duke and the University of Michigan, and with Microsoft and Cisco Systems. • “Reliable clues” suggest Jiaotong was involved in the attacks on Google and other companies in California. Jiaotong spokesman stated school officials were shocked and indignant at the allegations. • Received funding from Project 863, has a School of Information Security Engineering, and has PLA ties according to the school’s website.
  • 9. China’s Information Technology Security Plan 863 (www.863.org.cn) • Security for electric commerce systems • Network media information security technology • Network security management and measurement technology • Information protection technology • Information topic 306—intelligent computers
  • 10. The Google Affair (Aurora): Jiaotong/Lanxiang Origination Points (cont.) • Lanxiang—boasts it has the world’s largest computer laboratory; school records (on web site) indicate they send many graduates to the army who become the army’s backbone; Mr. Shao, the school’s dean, says the computer science department’s graduates are recruited by the local military garrison but that these students are incapable of hacking into Google • Lanxiang spokeswoman Zhou said such speculation is ridiculous as the school has no ties with the military at all
  • 11. Chinese Commentary on Google • Huang Xueping, Def Min Spokesman (25 Feb): such claims are baseless, irresponsible, and hyped with ulterior motives--PA • Li Daguang, NDU (9 March): Some Western powers may have adopted a strategy to sabotage China’s IT development; high profile criticism is a preemptive strike on China--PSYOP • Li Yizhong, Minister of Industry and Information Tech (12 March): Google must obey China’s laws. China opposes hacking--LEGAL
  • 12. Chinese Commentary on Google • Chinese government has said that Google’s claims are groundless (instead of “we’ll investigate”); Where were the “counterpropaganda” accusations before the Google incident?
  • 13. Chinese 22 March Counter Propaganda Commentary on Google • Google provides US intelligence with a record of its search engine results; Google was the 4th largest contributor to Pres Barack Obama’s campaign • Google is not in the game for commercial reasons but is trying to change Chinese society by imposing American values • Some Pentagon security experts are from Google (Sumit Agarwal is now a Deputy Assistant Sec of Defense for Public Affairs Outreach and Social Issues)
  • 14. Chinese Instructions (25 March) on How to Report on Google--PA • For Chief editors and managers: Only use Central Gov main media (website) content; reposting must not change title; do not produce relevant topic pages, discussion sessions, and related investigative reporting; forums and blogs are not permitted to hold discussion or investigation on Google; clean up text attacking the Party, State, Gov agencies, and Internet policies or sites supporting Google; and monitor Google information and incidents.
  • 15. Chinese Instructions on How to Report on Google (cont.) • Monitoring and Control Group: immediately follow-up and control actions in above directions; do not participate in Google’s information releases; do not report that Google is exerting pressure on China; and do not provide materials for Google to attack relevant policies.
  • 16. Losttemp33 • An email used in Ghostnet (Tibet) turned up in the Shadows probe (India) as well. It is from losttemp33@hotmail and was associated with Xfocus and Isbase, two popular Chinese hacking forums. Losttemp33 possibly was a student of master hackers Glacier and Sunwear. The individual is believed to have studied at University of Electronic Science and Technology at Chengdu.
  • 17. Glacier-no photo available • 1. Real Name: Huang Xin (黄鑫黄鑫) 黄鑫 • 2. 冰河) 冰河 Online Name: Glacier (冰河 • 3. Organization: www.xfocus.org, http://blog.xfocus.net/index.php?blogId=15 • 4. Age: 29 (In 2007) • 5. Known Hacks: Developed the Glacier Trojan, China’s most popular. Created X-scan • 6. Summary: Graduated from Xi’an Electronic Sci-Tech University. Married to Chinese female hacker Wollf. In 2006, he was 28 years old and a resident of Guangxi. Godfather of the Chinese Trojan. • 7. DarkVisitorLinks:
  • 18.
  • 19. Military Theory Includes Concepts such as System Sabotage and Offensive Reconnaissance that Fits with Traditional Chinese Theory • Win victory before the first battle • Strategic deception
  • 20. System Sabotage • The key point to “system sabotage” is in “gaining control, precision strikes for maximum damage, and paralyzing the enemy to subjugate his will.” • To make system sabotage effective, we need to establish a basic mode of thinking where we “destroy before conducting war, using destruction to aid in the fight.” • Destruction can come about through reconnaissance of computer networks, through cognitive attacks that destroy will power, etc.
  • 21. 1996 Book Deceptive Strategy (Chai Yuchiu) Contains 30 Chapters • Roles, necessity, philosophical foundations, psychological laws, general principles, systems, operational art, creativity is the life, mistakes in, and skills for mastery • Deceptive strategy thought process, deceptive strategy and religious superstition
  • 22. Dai—Direct IW Offense/Attack • Computer network reconnaissance is the prerequisite for seizing victory in warfare. It helps to choose opportune moments, places, and measures for attack.
  • 23. Methods • Focus on collecting technical parameters and specific properties of all categories of information weapon systems and electronic information products
  • 24. Where are these Countries Most Active in the Cyber Arena? • China—through the actual use of cyber reconnaissance and soft power to control the capability to “win victory before the first battle”
  • 25. Russia’s Cyberstrategy Timothy L. Thomas Work: 913-684-5957, fax 913-684-5960; tim.l.thomas@us.army.mil Foreign Military Studies Office Fort Leavenworth, Kansas Graphics by Cathy Elliott Center for Army Lessons Learned
  • 26. Overview of Russian Cyber Issues • Development of policy • Development of theory (info-tech, info-psych)
  • 27.
  • 28. Other Documents • United Nations suggestions • 2000—Information Security Policy of Russia • Feb 2008—Governmental Commission for the Implementation of Information Technologies in the Work of National Agencies and Agencies of Local Self-Government. • Electronic Russia and Electronic Government—to be completed by the end of 2010—doubtful at this point
  • 29.
  • 30. Russia and Network-Centric War Col Yu. Gorbachev, 2006 • Network war is also called cyberwar (a component of IO that includes CNA and CND). It may use EW assets (directed energy equipment, weapons, etc.), information weapons, and diverse electronic and computer defense assets. • NCW, on the other hand, is a new form and method for the command and control of the armed forces with the use of integrated information space in near real-time mode.
  • 31. Russia and Network-Centric War Gorbachev (cont.) • Russia should transform its EW service into information and EW troops, because the US has information war agencies and forces pursuing information wars that are based on EW forces
  • 32. Russia and Network-Centric War Gorbachev (cont.) • Russia must immediately work on creating information weapons and directed energy weapons “capable of disrupting the operation of automated databases and computer networks and disabling the main enemy command and control and reconnaissance components.”
  • 33.
  • 34. Strategic Deterrence in the Theater of Information Warfare Sergei Modestov • Information warfare’s threats create another possibility for strategic deterrence (besides nuclear and conventional), which is “strategic deterrence in the theater of information warfare by means of the threat of large-scale targeted impact on the information resource objects of a likely adversary.”
  • 35.
  • 36. Russia versus China • Russia—provide a story that encourages the turtle to take off his shell • China—the mouse and the bell
  • 37.
  • 38. A Russian Information Weapon Definition According to Rastorguyev An information weapon A means directed at activating (or blocking) information system processes in which the subject using the weapons has an interest. An information weapon can be any technical, biological, or social means or system that is used for the purposeful production, processing, transmitting, presenting or blocking of data and or processes that work with the data.
  • 39. Rastorguyev on IW and IO in 2002 Rastorguyev defined IW as “a battle between states involving the use of exclusively information weapons in the sphere of information models.” The final objective of an information weapon’s effect is the knowledge of a specific information system and the purposeful use of that knowledge to distort the model of the victim’s world. Rastorguyev defined an information operation as “a sequence of actions to use an information weapon to achieve an assigned task”
  • 40.
  • 41. Where are these Countries Most Active in the Cyber Arena? • Russia—through the development of policy issues and equipment to support command and control issues
  • 42. Timothy Lee Thomas Foreign Military Studies Office (FMSO) Phone: 913-684-5957 Fax: 913-684-5960 Tim.l.thomas@us.army.mil http://fmso.leavenworth.army.mil