from the people-in-glass-houses-should-not-throw-stones dept.
Cyber threats from the US and Russia are now focusing on civilian infrastructure – TechCrunch
Cyber-confrontation between the U.S. and Russia is increasingly turning to critical civilian infrastructure, particularly power grids, judging from recent press reports. The typically furtive conflict went public last month, when The New York Times reported U.S. Cyber Command's shift to a more offensive and aggressive approach in targeting Russia's electric power grid.
The report drew skepticism from some experts and a denial from the administration, but the revelation led Moscow to warn that such activity presented a "direct challenge" that demanded a response. WIRED magazine the same day published an article detailing growing cyber-reconnaissance on U.S. grids by sophisticated malware emanating from a Russian research institution, the same malware that abruptly halted operations at a Saudi Arabian oil refinery in 2017 during what WIRED called "one of the most reckless cyberattacks in history."
Although both sides have been targeting each other's infrastructure since at least 2012, according to the Times article, the aggression and scope of these operations now seems unprecedented.
[...] Washington and Moscow share several similarities related to cyber-deterrence. Both, for instance, view the other as a highly capable adversary. U.S. officials fret about Moscow's ability to wield its authoritarian power to corral Russian academia, the private sector, and criminal networks to boost its cyber-capacity while insulating state-backed hackers from direct attribution.
Moscow sees an unwavering cyber-omnipotence in the U.S., capable of crafting uniquely sophisticated malware like the 'Stuxnet' virus, all while using digital operations to orchestrate regional upheaval, such as the Arab Spring in 2011. At least some officials on both sides, apparently, view civilian infrastructure as an appropriate and perhaps necessary lever to deter the other.
Whatever their similarities in cyber-targeting, Moscow and Washington faced different paths in developing capabilities and policies for cyberwarfare, due in large part to the two sides' vastly different interpretations of global events and the amount of resources at their disposal.
A gulf in both the will to use cyber-operations and the capacity to launch them separated the two for almost 20 years. While the U.S. military built up the latter, the issue of when and where the U.S. should use cyber-operations failed to keep pace with new capabilities. Inversely, Russia's capacity, particularly within its military, was outpaced by its will to use cyber-operations against perceived adversaries.
[...] By no means should the Kremlin's activity go unanswered. But a leap from disabling internet access for Russia's 'Troll Farm' to threatening to blackout swaths of Russia could jeopardize the few fragile norms existing in this bilateral cyber-competition, perhaps leading to expanded targeting of nuclear facilities.
The U.S. is arriving late to a showdown that many officials in Russian defense circles saw coming a long time ago, when U.S. policymakers were understandably preoccupied with the exigencies of counterterrorism and counterinsurgency.
Washington could follow Moscow's lead in realizing that this is a long-term struggle that requires innovative and thoughtful solutions as opposed to reflexive ones. Increasing the diplomatic costs of Russian cyber-aggression, shoring-up cyber-defenses, or even fostering military-to-military or working-level diplomatic channels to discuss cyber redlines, however discretely and unofficially, could present better choices than apparently gambling with the safety of civilians that both sides' forces are sworn to protect.
Related Stories
From the IEEE, an algorithm that creates "background noise" during data transmission that alerts officials to hacking:
Some of the most important industrial control systems (ICSs), such as those that support power generation and traffic control, must accurately transmit data at the milli- or even mirco-second range. This means that hackers need interfere with the transmission of real-time data only for the briefest of moments to succeed in disrupting these systems. The seriousness of this type of threat is illustrated by the Stuxnet incursion in 2010, when attackers succeeded in hacking the system supporting Iran's uranium enrichment factory, damaging more than 1000 centrifuges.
Now a trio of researchers has disclosed a novel technique that could more easily identify when these types of attacks occur, triggering an automatic shutdown that would prevent further damage.
The problem was first brought up in a conversation over coffee two years ago. "While describing the security measures in current industrial control systems, we realized we did not know any protection method on the real-time channels," explains Zhen Song, a researcher at Siemens Corporation. The group began to dig deeper into the research, but couldn't find any existing security measures.
[...] The approach involves the transmission of real-time data over an unencrypted channel, as conventionally done. In the experiment, a specialized algorithm in the form of a recursive watermark (RWM) signal is transmitted at the same time. The algorithm encodes a signal that is similar to "background noise," but with a distinct pattern. On the receiving end of the data transmission, the RWM signal is monitored for any disruptions, which, if present, indicate an attack is taking place. "If attackers change or delay the real-time channel signal a little bit, the algorithm can detect the suspicious event and raise alarms immediately," Song says.
Critically, a special "key" for deciphering the RWM algorithm is transmitted through an encrypted channel from the sender to the receiver before the data transmission takes place.
Tests show that this approach works fast to detect attacks. "We found the watermark-based approach, such as the RWM algorithm we proposed, can be 32 to 1375 times faster than traditional encryption algorithms in mainstream industrial controllers. Therefore, it is feasible to protect critical real-time control systems with new algorithms," says Song.
Originally spotted on The Eponymous Pickle.
Previously:
Cyber Threats from the US and Russia are Now Focusing on Civilian Infrastructure
Hackers Behind Dangerous Oil and Gas Intrusions are Probing US Power Grids
Stuxnet-Style Code Signing is More Widespread Than Anyone Thought
(Score: 2) by AnonTechie on Tuesday July 23 2019, @09:18AM (8 children)
It sure seems like tit for tat between USA and Russia. How long before these cyber attacks morph into real physical conflict between them ?? Is there a red line beyond which physical conflict becomes inevitable ??
Albert Einstein - "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."
(Score: 0) by Anonymous Coward on Tuesday July 23 2019, @10:58AM (6 children)
For past 70 years, all aggression were initiated by the USA.
(Score: 4, Informative) by janrinok on Tuesday July 23 2019, @01:32PM (4 children)
Remind me again when the USA invaded the Ukraine? Cyber-warfare was an important part of the Russian's invasion plan but I cannot find any information on the USA's actions.
When did cyber-warfare begin? There has been electronic warfare since late 1917 if one ignores communications spoofing, and well before that if you include it. But cyber-warfare is a much more recent development. So your claim that it has been used by the USA for over 70 years seems a little bit of an exaggeration, therefore I will assume you intend your statement to mean any military aggression. If that is the case, please correct my history knowledge by explaining how the USA started the war in Korea, or how western weapons and forces came face to face with a Russian equipped and (covertly assisted) conflict in Kuwait and subsequently Iraq. I can think of more examples, but I will wait for you to clarify these two for now.
So perhaps you only mean direct conflict between the USA and Russia (formerly the Soviet Union). When did this conflict occur? Who declared the war and how long did it last? How many people died or were injured? What action by the USA precipitated the conflict? For example, did the USA ask the Soviet Union to install nuclear missiles in Cuba? There is obviously so much that I have to learn about how the USA is responsible for all that is bad in the world.
(Score: 0) by Anonymous Coward on Tuesday July 23 2019, @02:44PM (3 children)
I heard the US spent a billion dollars to fund local extremists to stage a coup and get the Ukraine into the West's pocket. That whole Victoria "Fuck the EU" Nuland story under our Nobel Peace Prize winning president.
(Score: 2) by janrinok on Tuesday July 23 2019, @07:30PM (2 children)
And that makes the US an 'aggressor' in your book, even if the report is substantiated as being accurate - for which I can find no evidence at the moment?
From the BBC report [bbc.com] on the transcription of the alleged discussion:
... it is apparent that the discussion took place after the Russian invasion of Ukraine, so of itself it does not show that the US precipitated the crisis, rather that they did not agree with the EU's handling of the situation. Welcome to the world of politics.
You may have better information that can be presented as proof of the US's involvement in precipitating the Russian action, in which case please present it so that I can educate myself. Oh, and you simply ignored the other examples that I suggested countered your claim. Seems to me that you already have made your decision ignoring my claims that you might want to re-evaluate your current beliefs. A discussion should be an exchange of ideas - not simply a categorical statement that, currently, appears unsubstantiated.
Also from the BBC report:
Again this is evidence - if the report is accepted to be factual - that it is referring to events after the invasion and not before it.
(Score: 0) by Anonymous Coward on Tuesday July 23 2019, @10:16PM (1 child)
I don't know how you order dates, but the Nuland conversation was 28 January 2014, the coup completed on 21 February 2014 with President Yanukovych forced to flee, and 23 February 2014 ethnic Russian Ukranian police secured Crimea (and got Russian support). President Yanukovych formally requested Russian support to restore the rule of law 1 March 2014.
Source: wikipedia.
(Score: 0) by Anonymous Coward on Wednesday July 24 2019, @12:03AM
Just a reminder that Yanukovich was overthrown by the US *twice*. Elected, overthrown and replaced by that crazy "nuke Russia" lady, elected again, then overthrown again and replaced by Poroshenko who got under 10% during the last elections.
(Score: 1) by khallow on Tuesday July 23 2019, @01:45PM
(Score: 0) by Anonymous Coward on Wednesday July 24 2019, @12:05AM
Perhaps, the whole thing exists in liberal fake news imagination only.
(Score: 2) by Gaaark on Tuesday July 23 2019, @10:42AM
The article makes it sound like "Russia started it and the US need to keep playing catch-up!"
LOL!
Gods: so the US isn't sophisticated enough or 'EVIL' enough to start it, but has Dogs will behind it to stop the real evil....
FUUUUUUUUUUCCCCCCCC...........
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 0) by Anonymous Coward on Tuesday July 23 2019, @03:33PM
Who needs cyber threatening the power grids, when those damn blind-as-a-bat ETs keep crashing into power poles & severing power lines in their fancy-shmancy race-craft?
(Score: 0) by Anonymous Coward on Tuesday July 23 2019, @08:53PM
assuming the current regime of state control of licenses and what not, all critical infrastructure should be mandated to be FOSS and probably written in Rust. This ancient insecure, closed source shit is going to cost lives and the suited whores that run the energy distribution companies/coops are only going to replace with more closed source shit from scumbag companies unless someone slaps some sense into them. or just wait until the power goes out and people will kick their fucking doors in and register their complaints in person.