ANALYSIS:
DNI Chief Clapper Outlines
Cyber Threats to US
In testimony this week before the Senate Armed Service Committee, Director of National Intelligence James Clapper said cyber attacks would increasingly undermine US economic competitiveness and national security.
A report issued by his office in conjunction with the testimony said Russia’s military was setting up a cyber command to carry out attacks. The report also describes China, Iran and North Korea as leading threats.
Clapper highlighted the case of Russia, which he said posed the greatest a cyber risk to US interests. He said that threat from the Russian government was “more severe” than previously realized.
He noted that over the past year there have been a series of high-profile cyber attacks against US targets. North Korea was accused of being behind the theft of a huge data cache from Sony Pictures in November. China last year was linked to the large-scale theft of some 80 million Americans’ health care records, and also was blamed for pilfering sensitive personal data on 22 million federal workers during cyber attacks on Office of Personnel Management networks. The Obama administration took no action against China for the attacks. He also mentioned the example of an alleged Iranian attack on the Las Vegas Sands Casino Corporation last year.
Clapper also said ideologically driven hackers were also increasingly active. As proof, he noted that in January the Twitter and YouTube accounts of the US military command were hacked by a group claiming to back ISIS.
He said foreign hackers “remain undeterred from conducting reconnaissance, espionage, and even attacks in cyberspace because of the relatively low costs of entry, the perceived payoff, and the lack of significant consequences.”
Not all of the news was bad. Clapper said he no longer believed the US faced “cyber Armageddon.” The idea that major infrastructure such as financial networks or power grids could be disabled by hackers now looked less probable, he said.
However he warned, “We foresee an ongoing series of low-to-moderate level cyber attacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security.”
Clapper also acknowledged that the US had its own “offensive capabilities,” although he wouldn’t go into detail.
Emerging Threats
On cyber threats, Clapper said China and Russia have the most sophisticated cyber programs, with North Korea and Iran enhancing their cyber attack capabilities.
Emerging technology including the so-called “Internet of Things” – smart devices linked to the electric grid – and artificial intelligence could produce new vulnerabilities to cyber attacks in the civilian infrastructure and U.S. government networks, Clapper said.
The Internet of Things includes many modern devices like cell phones, televisions, computers, security systems, etc. that can spy on a person in their house and transmit the information to government agencies, either domestic or foreign. For instance Microsoft Windows 10 reports to Microsoft IP addresses thousands of times a day.
“In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,” Clapper said.
His comments follow a Harvard study published earlier this month which argued that the rise of connected devices presents massive opportunities for surveillance, bolstered by technology companies having business models that rely on data-mining their own users.
China and Satellite Cyber Warfare
Clapper also warned about the role of Chinese cyber espionage against the US and noted that non-state actors such as ISIS are also developing a cyber capability.
“China continues to have success in cyber espionage against the U.S. government, our allies, and U.S. companies,” Clapper said.
This confirms a report “Study on Space Cyber Warfare” by four engineers working at a Chinese defense research center in Shanghai.
Although this report specifies Chinese cyber strategy, it also probably reflects how other nations like Russia and North Korea would attempt to cripple America’s satellite constellation.
China’s military is preparing for war in cyberspace involving space attacks on satellites and the use of both military and civilian personnel for a digital “people’s war,” according to this report. “As cyber technology continues to develop, cyber warfare has quietly begun,” the report concludes, noting that the ability to wage cyber war in space is vital for China’s military modernization.
According to the report, strategic warfare in the past was built on nuclear weapons. “But strategic warfare in the information age is cyber warfare,” the report said. “With the reliance of information warfare on space, cyberspace will surely become a hot spot in the struggle for cyberspace control,” the report said.
The Chinese military understands that U.S. satellites are critical to relaying computer data traffic and are vulnerable to direct attack. And, they consider satellites and space vehicles to be very vulnerable to attack because satellites have limited defenses and anti-jamming capabilities.
A Chinese document titled “Research on Voidness of GPS,” from 2005 reveals that Chinese military planners are preparing to destroy or disable up to eight Global Positioning System satellites. The satellites are critical for U.S. military precision guided missiles and bombs.
“Eliminating two groups of GPS satellites can prevent GPS satellites from providing navigation service around the clock,” the study stated. “The effect of dropping these GPS satellites on the navigation accuracy of GPS satellites is quite obvious.”
Cyber attacks on US satellites fall into two categories – soft kills and hard kills.
Soft-kill methods are designed to disrupt or damage communication links to earth using jamming, network cyber attacks, and “deceit” (fooling the satellite into thinking a Chinese signal is actually coming from the US).
The cyber attacks include launching computer viruses, theft and tampering of data, denial of service attacks, and “detonation of [a] network bomb that can instantaneously paralyze or destroy enemy’s information network.”
“Soft kill measures are well concealed, fast in action, and the attack can be accomplished before the enemy even has time to discover it,” the report said. “Soft kill measures are deceptive and well hidden; they are difficult to detect and monitor.”
The British Ministry of Defense (MoD) has investigated using cyber warfare to conduct hard kills on satellites.
British defense expert Mark Roberts, who pioneered the introduction of cyber elements into the war games that the MoD runs, hypothesized a scenario in which hackers take control of one or more redundant satellites and use them to crash into more vital ones.
“There are lots of satellites in orbit at the moment that have been taken off line,” he explained. “They still have propulsion, they have the ability to be restarted. Somebody particularly nasty could hack one of these things and then start to maneuver it.”
This is a serious problem because many of these satellites have antiquated controls that were never designed to stop a cyber attack. And, America’s obsolete space program means that the US is relying more and more on an aging satellite network.
Even newer satellites are vulnerable. Most of the satellites in orbit were designed and built before satellite designers understood the very real threat of cyber attacks.
In 1999, a group of hackers reportedly seized control of a British Defense Ministry communications satellite, triggering a security advisory and immediate response from British intelligence and defense organizations. A few years later, hackers broke into a restricted US government computer system and stole proprietary code for controlling U.S. satellite systems. In 2006, the Bush administration warned of threats by terrorist groups and other nations against U.S. commercial and military satellites.
There are even allegations that the Chinese have already sabotaged US military satellites and the Russian space station.
The threat isn’t limited to defense satellites. The civilian world is relying more on satellites for communications, positioning, and even traffic control. Law enforcement and ambulances rely on GPS to quickly find their way to accidents or other medical emergencies. Experts warned about “ the carnage of an ISIS inspired mass terrorist attack, combined with a cyber attack on GPS and communications satellites…. the US doesn’t have a coherent cyber attack policy”. USMC General Stewart testified at the same Senate hearing that Clapper did and said the military needs clear policy guidance for dealing with cyber attacks and developing a strategy to deter cyber strikes on computer networks.
“I think it would be extremely helpful to have clear definitions of what constitutes cyber events versus acts of war,” Stewart said.
Senate committee Chairman Sen. John McCain (R, AZ) asked, “As I understand it, we have no policy as to whether we should deter, whether we should respond, [and] if so, how? Wouldn’t it be good if we had a policy?”
“Mr. Chairman, I always find it good to have a policy that guides the things that I can do as a military officer,” Stewart replied.
PUBLICATIONS
Erdogan Denounces U.S. Position on the PYD
By Bulent Aliriza
Center for Strategic and International Studies
February 10, 2016
Turkish President Recep Tayyip Erdogan’s exceptionally harsh comments directed at the United States on February 10 for its links with the Syrian Kurdish Democratic Union Party (PYD) have brought to the surface simmering tensions in the relationship because of the Syrian crisis. The immediate source of Erdogan’s ire was the formal acknowledgement by State Department spokesman John Kirby on February 8 of Washington’s association with the PYD in the fight against ISIS while responding to questions about the visit of Special Presidential Envoy Brett McGurk to the PYD-controlled part of Syria immediately beyond the Turkish border on January 30. Having long viewed the PYD as the extension in Syria of the Kurdistan Workers’ Party (PKK) which it has been fighting on and off for over three decades, as well as an ally of the Assad regime, Ankara had reacted angrily to the McGurk visit which included a meeting with a PYD commander who had previously been identified as a fighter in the ranks of the PKK. The criticism was amplified with accusations that U.S. arms provided to the PYD were being transferred to PKK elements in Turkey.
The Changing Patterns of Arms Imports in the Middle East and North Africa
By Anthony H. Cordesman
Center for Strategic and International Studies
February 5, 2016
It is scarcely surprising that almost all of the current focus on security developments in the Middle East and North African (MENA) is on counterterrorism and counterinsurgency, and on a new form of “balance” that compares state and non-state actors in terms of their success in preventing or carrying out acts of terrorism, and in achieving political control and influence, ideological impact, and tactical success in insurgencies or sectarian and ethnic rivalries and conflicts. The classic military balances between states are still critical aspects of national policy, but are almost ignored by both media and national security analysts. Even classic areas of controversy – the Arab-Israeli balance and the Gulf military balance receive little attention aside from a focus on Iran’s nuclear programs and missile developments.
The world after Mubarak
By Danielle Pletka
American Enterprise Institute
February 10, 2016
Five years ago, Hosni Mubarak stepped down from his de facto position as Egyptian president for life. At the moment, at least for those fighting to wrest back their vote from one of the Middle East’s most entrenched dictators, it was a fleeting high point in an Arab Spring that has torn apart the Middle East, reshaped the map and the politics of the region and roiled governments oceans away. Without rehearsing the sad course of events in Egypt, including the failure of secular liberals to capitalize on the popular movement unleashed in Tahrir Square just over half a decade ago, it is nonetheless not too soon to ask whether overthrowing Mubarak (not to speak of Qaddafi, Assad, Saleh et al.) was the best choice, particularly for secular liberals and minorities.
The Kremlin’s Selective Counterterrorism
By Ilan Berman
American Foreign Policy Council
January 27, 2016
To hear President Vladimir Putin tell it, his government is the proverbial tip of the spear in the global war on terror. For months, Kremlin officials have taken great pains to style their intervention in Syria in grandiose terms – not simply as a ploy to prop up a key strategic ally, but as a broader campaign against Islamic extremism. To hear them tell it, Russia has been forced to lead because of Western fecklessness in the face of gathering Islamic radicalism. Yet this bluster belies the fact that Moscow’s counterterrorism policy is both flawed and selective in the extreme. For one thing, the Kremlin is fueling the very flames of Middle Eastern extremism that it is purportedly fighting. Facing growing unrest among its own Muslim minority, the Russian government has reacted by exporting the problem. As Russia’s independent Novaya Gazetanewspaper has reported, Moscow is effectively “controlling” the flow of jihadists into Syria, with Russia’s various domestic security agencies assisting homegrown Islamic radicals in their efforts to migrate to the Middle East. In doing so, the Kremlin evidently hopes to ship out its domestic insurgency – and subsequently to fight those forces far from home.
Getting Serious about North Africa
By Ahmed Charai
Foreign Policy Research Institute
February 2016
A growing number of terrorist attacks in the United States and Europe have a North African connection — yet Washington policymakers continue to pay far less attention to the region than is warranted. ISIS and al-Qaeda, by contrast, regard the area as a primary focus of their strategy. North Africa is becoming a new Afghanistan: in large part, a mosaic of failed and failing states, and fertile territory for radical Islamists to gather recruits, train them, and harden them with continuous combat. Once proficient and confident in the art of war, these terrorists carry out attacks around the world. Across North Africa, radical groups have pledged allegiance to ISIS or al Qaeda. Libya alone is now home to some 5,000 ISIS-aligned terrorists, now fighting in that nation’s second civil war in five years. ISIS-allied groups claimed credit for two massive attacks in Tunisia in 2015. In Algeria, groups allied with al Qaeda or ISIS have kidnapped European tourists, killed Western gas-plant engineers, and planted countless bombs. And just as in Afghanistan in the early 1990s, American officials are largely disengaged as the threat grows. They defend their inaction in North Africa by pointing to Libya, arguing that NATO’s intervention there failed to produce a stable government while sending waves of refugees into Europe. But a more careful assessment of Libya shows that the ensuing devolution into civil war and chaos was not inevitable:
AKParty Response to Criticism: Reaction or Over-Reaction?
By Ilter Turan
German Marshall Fund
February 9, 2016
Turkey’s security forces are engaged in a long, drawn out, and patience-testing campaign in several towns in southeastern Turkey, trying to dislodge elements of the Kurdistan Workers’ Party (PKK) that has taken over sections of these towns. Those who get their information either from the newspapers or the evening news — both of which, in large part, rely on officially furnished documents and briefings — very likely have in their minds a picture of PKK irregulars holding the residents of the areas they have seized as hostages. They have dug ditches in the streets to prevent motorized access to homes and other facilities where they have situated themselves. They have set up remote-controlled explosives that can be activated when police or military vehicles cross, often producing casualties. They have driven trucks loaded with explosives into housing complexes where the families of government and security officials live. They have fired at ambulances that have come to take away the wounded, rendering rescue operations difficult and sometimes impossible. They have even thrown hand grenades and fired explosives at schools, presumably to prevent “Turkish education.”
The Future of the Kurdistan Region of Iraq Mosul, Economic Crisis, and Self-Determination
By Hemin Hawrami, David Pollock, and Michael Knights
Washington Institute
February 8, 2016
PolicyWatch 2555
When the Islamic State (IS) occupied Mosul and attacked the Kurdistan Region, Kurdish forces developed a three-part strategy to halt their advance, roll them back, and ultimately defeat them. Through the efforts of Peshmerga units with the aid of U.S. and coalition forces, Kurdish forces are currently rolling back IS in Iraq and have reclaimed 27,000 square kilometers; 1,603 Peshmerga have been killed in this effort and over 8,000 have been wounded. The Peshmerga and the Security Council of the Kurdistan Region under the leadership of Mr. Barzani have played a crucial role in defeating IS. Just today, a terrorist network in Erbil was arrested. This is an ongoing battle, and achievements against IS to date are significant. Mosul is the key to defeat and destroy IS.
The Shift in Saudi Foreign Policy
By David Schenker
Washington Institute
February 10, 2016
The tight-lipped family oligarchy in Saudi Arabia headed by a geriatric and purportedly infirm monarch has no penchant for transparency. Despite the opacity, the transition from King Abdullah to King Salman has been accompanied by a perceptible shift in Saudi foreign policy. While the fundamental contours of the Kingdom’s regional posture remain much the same, the ascendance of King Salman to the throne last January signaled a more robust Saudi approach to countering Iranian regional subversion. From Yemen to Syria to Lebanon, Riyadh is now pursuing an agenda that at times stands in stark opposition to the articulated regional policies of Washington.