Category Archives: Information Warfare

You can track the first helium balloons of Google Project Loon’s aerial wireless network

Helium balloons of the future network that should give Internet to everyone in the world fortunately use ADS-B.

If you point your browser to Flightradar24.com and zoom off the coast of New Zealand, you’ll see 7 slow moving aircraft: these are actually helium balloons, part of Google’s Project Loon, broadcasting their position, speed, altitude etc. via Mode-S ADS-B.

Project Loon is a research and development project whose aim is to provide Internet access to everyone, even if they live in rural and remote areas. The project features high-altitude balloons, made from sheets of polyethiylene plastic and measuring 15×12 meters,  placed in the stratosphere at an altitude of about 20 mi (32 km) with the purpose of crating an aerial wireless network with up to 3G-like speeds.

The helium balloons are all “floating” around 1,000 feet to the southeast of New Zealand, and a probably involved in a testing campaign; after the trial (kicked off in June 2013) Google hopes to launch thousands of balloons around Earth to provide global Internet access.

In the wake of Snowden scandal, someone said that the purpose of the project may not be philantropic and the task of the network of balloons would be global communications monitoring. But this is another story.

Top: Flightradar24.com screenshot

Enhanced by Zemanta

Cyber Threats debut on the flightline at Nellis Air Force Base’s Red Flag

Maintainers counter cyber threats for first time at Nellis’s Red Flag

“Train as you fight, fight as you train” has always been Red Flag‘s motto.

U.S. Air Force’s main exercise has to prepare aircrew and support personnel to fight modern war. In the air, on the ground, over the sea and in the cyberspace.

For the first time, the recent Red Flag 14-1 at Nellis Air Force Base featured a “contested, degraded or operationally limited” environment, or CDO, for maintainers, who were trained to cope with cyber vulnerabilities in the systems they use on the flightline.

Ground personnel are always using  computers and brand new technologies that may be targeted by cyber attacks launched by tech-savvy adversaries: laptop used for aircraft maintainance and diagnosis, GPS systems, communication and network equipment are all high-value targets for enemy hacking teams. That’s why Red Flag maintainers receive academics on cyber vulnerabilities, information operations and other CDO-related threats.

Hence, along with “kinetic operations” conducted by fighter jets, attack planes and strategic bombers that must dominate a contested airspace or battlefield, a simulated “non-kinetic” war is fought by Red Flag participants to defend their critical systems from attacks coming from the cyberspace; attacks that may be as devastating as those using bullets, bombs and missiles.

Image credit: U.S. Air Force

 

Enhanced by Zemanta

This Map shows all Distributed Denial Of Service attacks worldwide, in real time

Even wondered what countries are under cyberattack right now?

Google may have the answer for you. By teaming up with Arbor Networks, Google Ideas team has created a visualisation of all the distributed denial of service (DDoS) attacks around the world.

DDoS are among the most common, effective and hard to face attacks websites can suffer. They are launched using so-called botnets of hijacked computers that are simultaneously instructed to connect to a particular website thus consuming all the available bandwidth or the web server’s resources, slowing the site down significantly or taking it offline.

DDoS have become the tools used by hacktivists and attackers driven by political reasons to hit websites of organizations they dislike: a way to digitally silence those organizations.

Even though it can’t bring down the enemy’s military forces, or a whole society’s infrastructure, considered the effect it can have on a specific company, agency or service, a DDoS attack is one of the tools in the hands of cyber army teams around the world to wage, if not a full scale cyberwar (that would rely on APTs and multiple kinds of attacks), at least cyberguerrilla operations.

For instance, the Syrian Electronic Army, a collection of pro-government computer hackers aligned with Syrian President Bashar al-Assad, has used DDoS attacks to target media organization websites in their attempt to support the Syrian regime.

Anyway, the new tool, Digital Attack Map, gives a clear idea of what is happening in the cyberspace, and lets you look back through at historic attacks, source and destination ports used in the attacks, and select specific countries.

 

Enhanced by Zemanta

A Cyber attack by Syrian Electronic Army may be Assad’s most dangerous reaction to U.S. air strikes

Considered the current status of the Syrian military, whose capabilities have been consumed by a couple of years of war against the rebels of the Free Syrian Army, a series of cyber attacks by the Syrian Electronic Army is the most serious answer the U.S. can expect from Damascus following an attack on Assad’s Chemical Warfare arsenal.

According to Wikipedia:

“The Syrian Electronic Army, also known as the Syrian Electronic Soldiers, is a collection of pro-government computer hackers aligned with Syrian President Bashar al-Assad. Using denial of service attacks, defacement, and other methods, it mainly targets political opposition groups and western websites, including news organizations and human rights groups. The Syrian Electronic Army (SEA) is the first public, virtual army in the Arab world to openly launch cyber attacks on its opponents, though the precise nature of its relationship with the Syrian government is debated.”

Hackmageddon.com Editor Paolo Passeri (@paulsparrows) explains:

“The SEA is not an Advanced Persistent Threat as we know it. Their attacks are limited, not persistent nor advanced.

They usually conduct social engineering attacks against media with the aim to spread their propaganda messages using compromised Twitter accounts or defaced websites. They send spear phishing emails to their targets in order to get the user credentials needed to get into the accounts and post their messages.

Most of times, once compromised, the targeted media disclosed the (successful) attack describing the hack with specific blog posts, like done by The Onion and Outbrain.”

Hackmageddon.com was one of the first ICT security-focused blogs to follow SEA’s activities and record all their hacks in its attack timelines.

In the last hours SEA attacked NYTimes.com (the media outlet had its DNS redirected to a page displaying the “Hacked by SEA” message) whereas Twitter’s domain registrar was changed.

Since they are a loose-knit hacker group loyal to Assad, SEA are likely to react to the air strikes that are about to pound Syria. Even if their assault will be not-persistent, not-advanced it could still cause some pain. If not to Obama or the Pentagon, to one of the media outlets that will be reporting about the U.S. air campaign in Syria.

Enhanced by Zemanta

Here’s why everyone believes NSA Leaker Edward Snowden is on Aeroflot 150 to Cuba

Aeroflot 150 is a scheduled flight from Moscow, Russia, to Havana, Cuba.

It is flown by an Airbus A330 and, as any scheduled commercial liner, unless something very special happens, it always takes the same route to Cuba.

However, on Jul. 11 it flew a different route, a southern route that completely avoids the U.S. airspace (for the history of such flight in the last weeks take a look here). Furthermore, AFL150 is the same flight believed to be carrying the NSA leaker Edward Snowden a couple of weeks ago, when some journalist boarded the plane to find the accused spy’s seat empty.

Comparison

Image credit: FlightAware

Even if such a significant change of route is at least unusual, it might be explained by the bad weather affecting U.S. East Coast.

At the time of writing, the aircraft is about to land at Int’l José Martí airport in Havana. If Snowden is on board, we’ll know very soon.

Enhanced by Zemanta