Reuters is reporting that Russian radar operators (at Armavir Radar station, using Voronezh-dm radar) have picked up two ballistic ‘objects’ being launched from the central eastern Mediterranean, although they state that no explosions were recorded in Damascus.
According to Reuters the Israeli’s have said they are not aware of any missile launches from that area.
The day after its discovery, there are few doubts that the infamous malware dubbed Flame (or sKyWIper) has been developed by a government with significant budget and effort. The complexity of the malware suggests that it has been used for a huge cyber-espionage campaign and, easily predictable, Israel is listed as the main culprit, even if in good company if it is true, as argued by some bloggers, that the malware was created by a strict cooperation coproduction between CIA and Mossad.
Israeli vice Premier Moshe Ya’alon has contributed to fuel the Flame: speaking in an interview with Army Radio, Ya’alon has hinted that Jerusalem could be behind the cyber attack, saying “Israel is blessed to be a nation possessing superior technology. These achievements of ours open up all kinds of possibilities for us.” In light of this statement, it does not appear a simple coincidence the fact that the main victims of the cyber weapon, as reported by Kaspersky Lab, are nations who may not be just considered in good neighborhood relations with Israel.
Consequently it is not that surprise the fact that the same interview has been readily reported by the Iranian News Agency Fars (which has interpreted it as a sign of liability and has hence blamed Israel for waging cyber war in Iran) as well as it is not that surprise the tone of several comments to an article posted on the Haaretz newspaper’s Web site (“Nice One Israel, Proud of You!!!!”).
Of course it is too soon to jump to conclusion,in any case, whether Israel (and U.S.) is behind Flame or not, I could not help but wonder how it is possible that a malware has been able to go undetected for at least 5 years. Are endpoint protection technologies really dead, leaving us at the mercy of a (cyber)world ruled by APTs?
If you want to have an idea of how fragile our data is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated) at hackmageddon.com. And follow the author of this article @paulsparrows on Twitter for the latest updates.
Almost ignored by some media outlets, a major strategic theater cooperation exercise including 19 countries and more than 12,000 participants is currently taking place in Jordan.
U.S. Central Command (CENTCOM) says that the Eager Lion 2012 is “the largest annual exercise in the Central Command area of operations” whose is aim is “to strengthen military-to-military relationships of participating partner nations through a joint, whole-of-government, multinational approach, integrating all instruments of national power to meet current and future complex national security challenges. The exercise scenarios are designed to portray realistic, modern-day security challenges. The scenarios are designed years in advance to fulfill collaborative training goals.”
Although “annual”, this year’s Eager Lion seems to be a bit different from 2011 edition: what does not pass unnoticed is that the drills are no longer bilateral (U.S. – Jordan) but involve the military of 17 different countries.
Participating countries are Australia, Bahrain, Brunei, Egypt, France, Italy, Iraq, Jordan, Kingdom of Saudi Arabia, Kuwait, Lebanon, Pakistan, Qatar, Spain, Romania, Ukraine, United Arab Emirates, United Kingdom and United States.
Image credit: U.S. Army via CENTCOM
Even if officials strongly denied the drills are aimed at any realistic threats in the region, the fact that the U.S. is amassing forces in Middle East seems to be a sign that Washington (along with several close and less close partners) is preparing to manage a large crisis response operation in that part of the globe.
In fact, there are fears that the Syrian uprising will force thousands refuge into Jordan across Syria’s southern border. And, there is also a specific concern that Assad regime could lose control of some its chemical and biological weapons stocks, that could illicitly smuggled into Jordan, as reported by the CNN.
Eager Lion, headquartered at Kasotc (King Abdullah II Special Operation Training Center), in Amman, focuses on irregular warfare, special operations, counterinsurgency and crisis response.
Little is known about the participating units. Just a few press releases and some images published on Flickr days after the exercise kicked off give an idea of what is currently operating in Jordan whilst there is almost no or little information about the assets and troops brought in by the rest of the coalition partners.
In the same hours in which I was publishing my post on Cyber Weapons, news agencies all around the world have begun to release (few) details about a new alleged Cyber Attack targeting the Iranian Oil Ministry, the National Iranian Oil Company and several other state-owned businesses.
Of course Iran is not new to Cyber Attacks targeting Critical Infrastructures (do you remember Stuxnet and the possible hoax of Duqu Stars?), in any case it is too soon to draw any connection with Stuxnet or any other kind of State-Sponsored Attack, even because, according to the scant information available, only a server providing public information has been harmed.
Probably this malware has nothing to deal with cyber weapons but, just for fun, I cannot help but notice that this alleged Cyber Attack came in the same day in which, among many doubts, Iran has announced to have reverse-engineered the U.S. stealthy RQ-170 Sentinel drone captured by Iran in December 2011.
I have just published a timeline covering the main Cyber Attacks targeting Military Industry and Aviation, but it looks like the latest events will force me to post an update, soon.
Although perpetrated with very different timelines, origins and motivations behind them, the last three days have seen a new wave of attacks against military industry that has unexpectedly become the point of intersection between cybercrime and cyberwar.
The first clamorous attack was disclosed a couple of days ago, when the Sunday Times revealed that alleged Chinese Hackers were able to penetrate into computers belonging to BAE Systems, Britain’s biggest defence company, and to steal details about the design, performance and electronic systems of the West’s latest fighter jet, the costly F-35 Joint Strike Fighter. The hacking attack has raised concerns that the fighter jet’s advanced radar capabilities could have been compromised and comes few weeks after papers about the future British-French drone were stolen in Paris.
Apparently, once again, an APT-based attack, or maybe one of its precursors, since it was first uncovered nearly three years ago. In any case, according to the sources and the little information available, it lasted continuously for 18 months, exploiting vulnerabilities in BAE’s computer defences to steal vast amounts of data. A fingerprint analogous to other similar cyber operations, allegedly generated from China such as Operation Aurora or the controversial operation Shady RAT.
Details of the attack have been a secret within Britain’s intelligence community until they were disclosed by a senior BAE executive during a private dinner in London for cyber security experts late last year.
Curiously the F-35 seems to be a very attracting prey for hackers as it was already the victim of a Cyber Attack in 2009; once again the latest attack is believed to be originated from China, who is showing a restless cyber activity.
Although completely different for impact and motivations, a second attack has just been announced by the infamous hacking collective Anonymous, which, in name of the #OpFreePalestine operation, has published the contact details for senior staff at BAE (hit once again), Lockheed, Gulfstream Aerospace, a division of General Dynamics, and the United States Division Of Israeli Owned Arms Company Elbit Systems. An attempt to embarrass military industry considered involved in the events happening in Palestine.
Although the data dumps apparently contain little valuable information (according to V3.co.uk many of the telephone numbers listed are for company headquarters, while several of the names appear to be out of date), the latest attacks represent a quantum leap in the Middle East Cyber War, after the “reign of terror” threatened by Anonymous against Israel.
The F-35 JSF is not only the most advanced stealthy fighter plane of the next future. It is also the most expensive. That’s why some partners have been compelled to downsize their initial requirements because of cuts imposed by the increasing unit price (with the new contract the total unit cost for an LRIP 5 jet is 205.3 million USD!!).
Apparently these cuts are interesting even the IT Security budgets of the manufacturers.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated) at hackmageddon.com. And follow the author of this article @paulsparrows on Twitter for the latest updates.