Iranian military units are looking to bolster Islamic extremism in the U.S. by turning local mosques into "terror command centers," reports a senior fellow at EMPact America and former CIA operative, who goes by the alias Reza Kahlili.

Kahlili reports how the plan is being rolled out by Iran's Revolutionary Guards and its unit of Quds Forces, which are responsible for managing Iranian-backed terror networks around the world:

[The groups] have created two special units to undermine the regimes in the Persian Gulf and push America out of the region.

The Guards are using Imam Ali mosques around the globe, including some in the U.S., as terror command centers.

Unit 110 and Unit of Madinah – named after the second holiest city in Islam, the burial place of the Prophet Mohammad – were established to remove the U.S from the Gulf, sources report.

We learned Kahlili's expertise is based on his experiences as a retired CIA agent planted in Iran's Revolutionary Guard. Using a pseudonym to protect his identity, he wrote the 2010 book A Time to Betray, which is used by the Joint Counterintelligence Training Academy in Maryland, where he is also an instructor.

His report today, informed by an ex-intelligence officer who defected to a country in Europe, reveals mosques around the world bearing the holy name Imam Ali are "under the operation of the Guards’ intelligence office":

Noteworthy are the ones in Stockholm and Hamburg. Other mosques are in New Jersey, New York and Ohio, the former officer said.

But this report is puzzling to Saadi Nasim, a muslim living in New York who says: "The majority of Muslim American community is Sunni. By default we don't recognize any Iranian Mullah as a leader as they are oppressing Sunni citizens in Iran. The majority of Iranians in America who are Shiite are pro-Shah and came here to escape the Ayatollah in the late 70's." Nasim added if the report is true, and a specific mosque is being used for terrorist activity — "I personally will protest against in front of that mosque."

Iran's relative isolation from the rest of the world, coupled with economic sanctions in response to its defiant nuclear program, have led the country to find other means of funding some of its militant organizations which the U.S. deems as terror groups. 

Kahlili points out that the recent news of U.S. mosques being used as Iranian "command centers" coincides with the expansion of Iranian influence beyond the Middle East:

The Guards, in collaboration with the Muslim Brotherhood in Egypt, are working on overthrowing the military junta and creating another front against Israel and America... The Guards are also active in other African countries, where they train and arm Islamic militias and fund mosques and Islamic centers.

As reported recently, the Guards’ grand plan, “Time for The Collapse,” includes trafficking in arms, counterfeit money and illegal drugs not only to fund their worldwide terror networks but to destabilize the West through terror and drugs.

We previously reported how the U.S. has identified that Iranian-backed terror groups are expanding their networks into South America, where access to drug trafficking is a quick way to raise funds. Defense Secretary Leon Panetta recently visited South America and commented, "That, in my book, that relates to expanding terrorism. And that's one of the areas that I think all of us are concerned about."

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

Tom Cruise made "pre-crime'" a futuresque and controversial method of law enforcement in the 2002 movie Minority Report.

Ten years later, the idea of preemptively identifying a criminal — particularly an inside threat — is taking shape within the U.S. Defense Department, reports Joe Gould at Army Times.

Whether it's a low-ranking soldier intent on dumping secret information to WikiLeaks, or a rogue Sergeant going on a shooting rampage, insider threats can seriously plague the military and the government as a whole.

Taking a novel approach, the Pentagon is spearheading research into studying the predictive behavior of personnel in the lead-up to a betrayal. 

From Army Times:

The Army’s efforts dovetail with a broader federal government initiative. President Obama signed an executive order last October that established an Insider Threat Task Force to develop a government wide program to deter, detect and mitigate insider threats.

Among other responsibilities, it would create policies for safeguarding classified information and networks, and for auditing and monitoring users.

In January, the White House’s Office of Management and Budget issued a memo directing government agencies that deal with classified information to ensure they adhere to security rules enacted after the WikiLeaks debacle.

Beyond technical solutions, the document asks agencies to create their own “insider threat program” to monitor employees for “behavioral changes” suggesting they might leak sensitive information.

Gould points to a DARPA research solicitation for Suspected Malicious Insider Threat Elimination (SMITE) which would track employees' actions on their networked computers — in particular, seemingly insignificant "observational data of no immediate relevance" — to determine if the user's overall behavior is leading to something malicious. 

"Forensic-like techniques can be used to find clues, gather and evaluate evidence and combine
them deductively. Many attacks are combinations of directly observable and inferred events," states the solicitation, emphasizing the word "inferred".

Behavioral studies try to "look beyond computers to spot the point when a good soldier turns" — whether the attack at hand is an information leak, or even a homicide.

A solicitation for another program — Anomaly Detection at Multiple Scales, or ADAMS — uses accused Fort Hood shooter Maj. Nidal Hasan to frame the problem. It asks how to sift for anomalies through millions of data points — the emails and text messages on Fort Hood, for instance — using a unique algorithm, to rank threats and learn based on user feedback.

The Software Engineering Institute of Carnegie Mellon sheds light on what kind of character profile a once trusted employee-turned-threat would display. There are two noteworthy profiles of someone who would steal and leak intellectual information from his/her workplace:

• The Entitled Independent: "disgruntled with his job who typically exfiltrates his work a month before leaving."
• The Ambitious Leader: "steals information on entire systems and product lines, sometimes to take to a foreign country, such as China."

All of the government's ongoing research and exploration into "computer forensics" will culminate in new standards of defense against internal attacks later this year. The Insider Threat Task Force is expected to be unveiled in October.

Now Check Out The 25 Biggest Defense Companies In America >

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

Seventeen declassified documents obtained in the Abbottabad raid that killed Osama bin Laden were published on Thursday by the Combating Terrorism Center (CTC).

The 175 pages of electronic letters and drafts represent a small fraction of the 6,000 documents taken from bin Laden's compound, but they do provide a glimpse into the mind of al-Qaeda's founder and some of his confidants between September 2006 and April 2011.

We've gone through the cache and chose 10 items that shed light on the intentions and frustrations of bin Laden's global jihad movement. 

Osama bin Laden watched news and understood the influence of the media on popular opinion

In a letter addressed to al-Qaeda in the Arabian Peninsula (AQAP) leader Nasir al-Wuhayshi and most likely written by bin Laden or his close confidant Jamal Ibrahim Ishtiwi al-Misrati (i.e. Atiyya), the author(s) discuss media strategy:

"… a huge part of the battle is the media… If the cable channels concentrate on promoting a specific person, they will have success, and the opposite is correct. If those channels do not want that person to be successful, they will destroy him. This shows that we are at odds with most of the channels and al-Jazeera has a different agenda than ours. It would be better for us to stay neutral, even though this channel sometimes commits mistakes against us. These mistakes are limited, and if we confront it, al-Jazeera will raise propaganda against us and could hurt our image within the Muslim world."

And he tried to use mainstream media to win over the people of the West

A October 2010 letter from bin Laden to Atiyya explains plans for the 10th anniversary of 9/11:

"Enclosed is a special chip for the media. It contains Statement to the American People... Tell the brothers that this statement should be broadcasted before the American congressional election. Also, a copy of the statement should be given to the correspondent of al-Jazirah- English. Also, another copy of it should be given to an American news agency."

"We should also look for an American channel that can be close to being unbiased, such as CBS, or other channel that has political motives that make it interested in broadcasting the point of view of al- Mujaheddin. Then, we can send to the channel the material that we want the Americans to see."

We already know how al-Qaeda's American spokesman Adam Gadahn felt about Fox News and Keith Olbermann, but here's what Gadahn said about Catholics:

"The conclusion is that, in general, the Catholics are a fertile ground for call of God and to persuade them about the just case of the Mujaheddin, particularly after the rage expanding against the mother church (Vatican) as a result of its scandals and policies refused by many of its public."

bin Laden received a strong critique from a 'brother' in 2006 that seems to have heavily influenced al-Qaeda's strategy

In a September 14, 2006, letter to bin Laden from “a loving brother" who signed it "Riyadh" (i.e. the capital of Saudi Arabia), the author strongly advised bin Laden to change his policy in the Arabian Peninsula:

"There is no doubt that the peninsula is unique and different in terms of supporting jihad through cadre, financially, and morally. The peninsula is considered the rear base for all jihadi work in the world, starting from Afghanistan and Chechnya, all the way to Iraq and Palestine. Attacking this base has a very clear and apparent effect on all jihadi work."

"… the battle has shifted from ... America to the regimes. This was a colossal strategic error that caused many losses in exchange for a very limited number of gains. These gains do not compare to what was sacrificed for them... Public opinion polls in the Muslim world prove that support to you among the Arab and Muslim people has shrunk after you targeted the peninsula."

"... stay away from operating inside Muslim countries in order to protect the reputation of the mujaheddin, protect their acceptance within Muslim societies, prevent any harm to the mujaheddin and supporters of jihad, prevent the secularists and liberals from exploiting these events, and direct the souls of the youth for the great battle against the head of the snake."

Please follow Military & Defense on Twitter and Facebook.

A surprise deal by Israel's house of representatives Monday night has apparently left the U.S. far more concerned about an attack on Iran, by the new government, than it has let on.

Ron Friedman at The Times Of Israel reports that a local TV news station led the story that Washington officials are holding "marathon talks" over concern that Israel will strike Iran before America's November elections.

From The Times:

Undisclosed Washington sources told Channel 10 that they worry Kadima was offered a place in the coalition to shore up support for a preemptive attack aimed at halting the Islamic Republic’s nuclear drive, and that Kadima chairman Shaul Mofaz would approve of such an attack.

The report added that the US officials believe early Israeli elections would have kept the F-15s at bay, but are now genuinely concerned that with political backing, there is little to stop Prime Minister Benjamin Netanyahu from ordering the attack.

Basically the U.S. thought that with Israeli elections not happening until September they were safe, but now, all bets are off.

Elad Berari at Arutz Sheva also points out that Israeli's Defense Minister recently warned "that as long as Iran poses a threat to Israel with its nuclear program, all options are on the table."

“I believe it is well understood in Washington, D.C., as well as in Jerusalem that as long as there is an existential threat to our people, all options to prevent Iran from getting nuclear weapons should remain on the table,” Barak said.

“I have enough experience to know that a military option is not a simple one,” Barak added. “It would be complicated with certain associated risks. But a radical Islamic Republic of Iran with nuclear weapons would be far more dangerous both for the region and, indeed, the world.”

Berari concludes his report by reminding readers that President Obama is already softening his position on Iran's uranium enrichment.

The paper says Obama willingness to allow Iran uranium enrichment concentration of five percent, directly opposes Netanyahu's policy.

In April the Israeli leader told CNN in April "They have to stop all enrichment," even just three percent uranium.

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

Following recently passed legislation to allow 30,000 drones to operate over the U.S. by 2020, a newly discovered Air Force document posted by Steve Watson at InfoWars has some interesting implications (Via Drudge Report).

The USAF intelligence brief says that if any of those drones should accidentally capture footage of Americans, the data can be stored for three months to be scrutinized by the Pentagon.

From InfoWars:

"The instruction, dated April 23, admits that the Air Force cannot legally conduct “nonconsensual surveillance” on Americans, but also states that should the drones ”incidentally” capture data while conducting other missions, military intelligence has the right to study it to determine whether the subjects are legitimate targets of domestic surveillance.

“Collected imagery may incidentally include US persons or private property without consent,” the instruction states.

The brief goes on to say that the Pentagon can then give the data to any other law enforcement agency it likes.

Discovered by Steven Aftergood of the Federation of American Scientists, the Air Force report has the ACLU concerned, "[It] would push the nation willy-nilly toward an era of aerial surveillance without any steps to protect the traditional privacy that Americans have always enjoyed and expected.”

Activists are also concerned that the drones can be equipped with facial recognition software.

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

CBS 60 Minutes recently aired a fascinating session with former CIA spy Hank Crumpton, who had Osama bin Laden in his sights two years before 9/11, but couldn't get permission to kill him.

"Orders were fairly simple. Find al Qaeda and kill them," he summed up when asked by interviewer Lara Logan what he ordered his men to do. 

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

Earlier this year, two USA Today reporters—Tom Vanden Brook and his editor Ray Locker—became the victims of sophisticated online attacks that seemed to be designed to destroy their reputations.

A slew of fake websites, social media accounts, and even a Wikipedia page popped up. Content was published in their names, such as past articles written by Vanden Brook that contained inaccuracies —suggesting that the public should be wary of the USA Today reporter's credibility.

The trigger for the attacks proved to be a report they'd been working on about highly-expensive U.S. military propaganda efforts in the Middle East. 

It's now known who exactly was behind the malicious online activity. And it's a high-ranking individual.

Gregory Korte at USA Today reports:

The co-owner of a major Pentagon propaganda contractor publicly admitted Thursday that he was behind a series of websites used in an attempt to discredit two USA Today journalists who had reported on the contractor.

The contractor is "strategic communications" company Leonie, and the culprit is co-owner Camille Chidiac. He owned the company with his own sister, but has now been booted out.

In a statement made yesterday evening, Leonie announced it is cutting ties with Chidiac:

On Sunday, May 20, Leonie’s management was informed by Camille Chidiac, who owns a minority interest in Leonie and who was personally referenced in the USA Today coverage, that he was involved in the online activity.

This was the act of an individual, not the company.  Leonie was not aware of and did not authorize Mr. Chidiac’s online activity concerning the reporters.

In addition, Leonie has contacted government officials to inform them of the situation and will continue to work with government officials on this matter.

Chidiac confirms he conducted the online activity and registered the websites on his own, with his own funds.

But he says, "They were intended to create open dialogue in an open forum related to the reporters past articles. Due to the un-moderated nature of the forums, some of these discussions quickly degenerated from legitimate criticism to immature and irrelevant rhetoric by unknown users."

Still, at the end of the day, he admits:

"I take full responsibility for having some of the discussion forums opened and reproducing their previously published USA Today articles on them ... I recognize and deeply regret that my actions have caused concerns for Leonie and the U.S. military. This was never my intention. As an immediate corrective action, I am in the process of completely divesting my remaining minority ownership from Leonie."

As for the Pentagon, it chimed in and tried to distance itself from the bad press about one of its contractors. The attacks against Vanden Brook and Locker had people wondering if the Pentagon itself was behind the whole thing, which became known as a "misinformation campaign" against the two reporters. 

"We were deeply disappointed to read this disclosure from Leonie Industries. Smear campaigns—online or anywhere else—are intolerable, and we reject this kind of behavior," Pentagon press secretary George Little said.

Meanwhile this amendment legalizes the use of propaganda on the US public >

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

It's not a story you hear every day. The Army would rather turn down $91 million dollars worth of battle tanks from Congress. 

But that's the case.

The Senate Armed Service Committee (SASC) has just approved its $631.4 billion version of a bill to authorize the new defense budget.

And the M1A1 Abrams — a main battle tank made by General Dynamics — is on the shopping list.

Austin Wright at Politico digested the multi-page press release summarizing the SASC bill and confirms tanks are a "Winner" — the Senate committee wants to authorize $91 million for 33 new M1 Abrams tanks. The House agrees. 

But the Army says it doesn't have any use for them.

It has actually been planning to end its orders of Abrams tanks by 2014, and won't need to upgrade its current vehicles until 2017. Kate Brannen at Defense News reported in March that U.S. Army Officials tried to convince lawmakers that the service really didn't need any more. Officials explained:

Not only does the Army not need new tanks, it doesn’t need to upgrade the ones it has for another few years, Gen. Ray Odierno, chief of staff of the Army, told lawmakers during a March 7 hearing of the House Appropriations defense subcommittee.

It is one of the most modernized platforms in the Army and has an average age of two-and-a-half-years old, Army Secretary John McHugh said.

Plus, the Army is looking into re-structuring its forces — cutting combat teams and the need for "heavy capabilities." 

So why do lawmakers insist on spending $91 million for unwanted tanks?

It comes down to this:

Ordering the 33 new tanks will keep the production line of the General Dynamics Land Systems' facility in Ohio open. 

The new SASC bill indicates congressmen want to keep the defense contractor in business, just like they did last year when the Army previously attempted to convince lawmakers to hold off on new tanks.

"The Army tried to make the same argument last year, but Congress did not agree. In the 2012 defense appropriations bill, it provided an additional $255 million to buy 42 more tanks," reports Defense News.

Austin Wright at Politico points out the president's budget request this year, on the other hand, would temporarily shut down tank production in Ohio. The Army's own analysis of the production line agreed it would be more cost-effective to close the plant and re-open it later, when necessary:

"It would cost $600 million to $800 million to close and later reopen the production line versus the nearly $3 billion it would take to keep it up and running during that same time."

But the SASC has disregarded that — coming up with yesterday's authorization of $91 million to sustain the GD factory. It's a very calculated number — just enough to keep the factory lines open at minimum production capability, safeguarding a military-industrial partnership with General Dynamics.

The SASC bill will be considered by the Senate this June or July.

Now see the 25 biggest defense companies profiting from the US military >

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

After a posting a story today about Camille Chidiac — the man who just admitted he was behind the mysterious websites attacking two USA Today reporters — one of his spokespeople contacted me to talk about his side of the story.

The spokesperson said that Chidiac is embarrassed. 

But he's ready to take all the blame.

He was formerly the co-owner of successful Pentagon contractor Leonie Industries, which specializes in "strategic communications" and Information Operations — known to the public as military propaganda programs.

Earlier this year he registered websites and forums that claimed to be "unofficial fan sites" for two reporters, Tom Vanden Brook and his editor Ray locker, who had written critically about U.S. military information campaigns in the Middle East with which Leonie Industries was involved.

But the websites ended up hosting online discussions slamming the two journalists. Chidiac denies that this was his intention.

"Due to the un-moderated nature of the forums, some of these discussions quickly degenerated from legitimate criticism to immature and irrelevant rhetoric by unknown users," wrote Chidiac. 

USA Today claimed the online activity was a smear campaign against its journalists. 

His spokesperson pointed out that Chidiac did not publish false content; he just re-posted articles written by Vanden Brook to the "fan site" he created. 

The thing is, it didn't seem to be much of a fan site.

One of the prominently featured articles was a story by Vanden Brook that contained inaccuracies — suggesting that the public should be wary of the USA Today reporter's credibility.

I asked Chidiac's spokesperson why his client labeled the anonymous websites as "fan sites" — that pretense has people wondering about Chidiac's motivation. 

The spokesperson acknowledged they don't know Chidiac's motivation for doing that.

According to Chidiac, the sites were always "intended to create open dialogue in an open forum related to the reporters' past articles."

"I take full responsibility for having some of the discussion forums opened and reproducing their previously published USA Today articles on them.  Even though the USA Today articles written about my family included unfair personal attacks and false statements by the reporters, it did not motivate me to post anything personally nor did I encourage anyone to post anything that was untrue or defamatory in any way," he wrote in a statement.

He currently has a team of professionals representing him, from a defamation lawyer to media management.

The spokesperson asked not to be named, iterating that the story's not about him. 

Now check out 33 war strategies that will help you win everything in life >

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

The Department of Homeland Security's National Operations Center is a sprawling D.C. facility where over 80 federal, state and local government agencies struggle to keep the lid on domestic terrorism.

With a workforce that size and a $46 billion budget, training is paramount and facilitated through the agency's "Analyst's Desktop Binder" that gives a rundown on where agents can look for credible leads and what words should raise flags when prowling social media sites.

A freedom of information request pulled the binder into the press a couple months ago, but the topic has resurfaced and the entire binder is now uploaded to Scribd.

When DHS and other agencies see mention of agencies like Homeland Defense on someone's Facebook page they become concerned. 

Hazardous material teams become concerned when they see the word cloud.

And health teams become concerned when they see the word pork.

The full report is pretty interesting, but the list of news agencies the DHS looks to and how they break them into qualified groups is also intriguing.

Agents looks to CNN and Fox as the first two news sources in their First Tier credible sources for corroboration. Then the networks, MSNBC, AP, and Reuters. Sorry Bloomberg.

Business Insider would fall somewhere in the Third of Fourth (last) Tier under "serious" blog or news collection/compilation site where everything "Must be verified by a First Tier source prior to release."

Overall a pretty interesting look at how our $46 billion is being spent on training.

Now check out the refueling of the USS Wasp >
 

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

A powerful new report by Cambridge scientist Sergei Skorobogatov hit the Internet over the weekend confirming Chinese computer chips used in U.S. military systems have hidden "back doors" that can disable everything from American fighter jets to nuclear power plants.

It's a bold claim that until now has been impossible to prove, but Skorobogatov says he has developed a new ultra-sensitive technology that's able to detect "malicious insertions" into chips. "The scale and range of possible attacks," he says, "has huge implications for National Security and public infrastructure."

After the initial flurry of excitement, a response cropped up on the security blog Errata saying Skorobogatov's claim was bogus and there is actually no back door at all. We asked the scientist to respond to that post specifically in our list of questions and answers below.

BI: What are back doors?

SS: The back door is an additional undocumented feature deliberately inserted into the device for extra functionality. There are some traces of the existence of such back doors in the system files of Actel development software. The great danger comes from the fact that such a back door undermines the high level of security in FPGA making it exposed to various attacks. Although Actel makes a big claim that their devices are extremely secure because there is no physical path for the configuration data to the outside world, they made this way covertly and locked with the key for themselves.

BI: What kind of serious security issues in military technology did your research expose?

SS: [Trustworthiness] of chip developers who are subcontracted by military but mainly outsource their designs and chip fabrication to China and India.

BI: How are they malicious? And are they all dangerous?

SS: No, some features are made for debug purposes or memory initialization. But the one we described seriously undermines the security protection of the chip.

BI: Why is your research into military chip weaknesses relevant at this time?

SS: Because there is a growing demand for verification of chips being manufactured with third parties involved which are located in China and India. This happens at all levels from chip design to chip fabrication. 

BI: Why did you choose an American military chip and what is it used for?

SS: In that aspect we can only rely on the information provided by the manufacturer. They state that their chips are used in "Space and Missile Systems Centers, fighter jets, missiles, flight computers, mission computers, weapon systems, radar control systems ..."

There are several reasons we chose Actel products in our research. One is the very high level of their security protection as everyone knows that standard micro controllers are easy to attack. Another is their usage in critical applications which makes many discoveries have great impact.

BI: Can you explain what you mean by "breakthrough in silicon scanning"?

SS: We showed that our technique is capable of detecting malicious insertions into chips. All previous techniques are not sensitive enough to help in finding the back door in Actel devices.

BI: Could you respond to this Errata post specifically?

1) We have made no reference to any Chinese involvement in either of the released papers or any reference to espionage. Therefore we don't agree with Robert Graham's assertion that we suggest Chinese involvement. So we have no idea why people have linked the Chinese to this as it did not come from us.

2) As far as we are concerned the back door was implemented by the manufacturers at the design stage and we suggest that in the papers.

3) We do not know if the chip was certified to hold secrets or not. We quote Actel and their website which says that the ProASIC and other flash lines are sold to the military as well as into automotive, aerospace, medical and consumer systems. It is a very secure device with AES encryption, if you use it, then you want to protect the IP and there is no better way that using AES with no read-back.

4) It is not just a simple JTAG hack, there is a lot more involved than that and it's contained in the paper.

5) We do not agree it is just a debug port, you do not need a debug port to circumvent the security on the chip and read back the IP whilst telling everyone else no such feature exists.

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

Retired Lieutenant Colonel Bill Hagestad — a leader in cyber security strategy — was recently interviewed about his insight into Chinese cyber activity and what the U.S. should be doing to prepare itself.

He's also written the book 21st Century Chinese Cyberwarfare, which sounds pretty specific to the security industry, but he makes a good point:

"It’s important because anyone, anywhere, regardless of the industry they’re in...cannot pick up a newspaper or read a blog without hearing about the cyber threats from the People’s Republic of China, regarding their use of cyber and information warfare."

Speaking with Chris Archer at the Institute for Defense and Government Advancement (IDGA), Hagestad shares why China has delved into cyber warfare — the reason goes back hundreds of years — and offers fascinating tidbits about the issue, such as pointing out how the Chinese language makes it a cryptologic force to be reckoned with.

On that note, he also shares his view of the U.S. military's weaknesses and the challenges it faces in countering Chinese cyber threats. Find out what he reveals, based on his conversation with Chris Archer of the IDGA.

How does Chinese Communism and the country's heritage relate to its activity in cyberspace?

"One has to go back no greater than 200 years to look at how the Chinese view the Western world. Perhaps further back, taking an example in history of the Mongol invasion of China.

"The Chinese are sick and tired of having foreign forces come and invade them and extract the natural resources of their country.

"They know they cannot defend themselves kinetically with the military they have, so what they have decided to do is take the high ground and take the advantage in the cyber realm, i.e. the internet, and take that fight to their foes through the use of Cyber and Information Warfare."

Source: Institute for Defense and Government Advancement

What should the US understand first about dealing with China?

"Understanding who China really is. And I think that is something that’s not known.

"There are a lot of people who say they’re China experts, I would never claim to be a China expert. All I can tell you is I love the country of China but I also love my country and when there is a unique crossroads of understanding one’s own culture and a foreign culture, only then can you start to be able to defeat it.

"There are many anecdotes from SunTsu, the Chinese war God from 500 B.C. His writings can give us some proper guidance in those regards."

Source: Institute for Defense and Government Advancement

How can the US prepare for Chinese cyber attacks?

"How can the U.S. government defend itself? I think the most important thing is to start to develop a concrete offensive and perhaps establish some political dialogue to go along with that but when the political dialogue erodes, dissolves, or becomes useless they can go forward with offensive cyber capabilities and combine it with kinetic farms (physical things like bullets, bombs, and troops)."

Source: Institute for Defense and Government Advancement

Please follow Military & Defense on Twitter and Facebook.

Forget about Stuxnet, the hand crafted computer virus that targeted Iran's Bushehr nuclear plant, a bigger, better virus called "Flame" has been found —unprecedented in its size and sophistication.

Raphael Satter and Amy Tiebel at The AP report that Flame turns every computer into a listening device that is even able to draw data from nearby cell phones.

Flame is the third big cyber weapon discovered in the past two years and speculation immediately focused on Israeli involvement, a suspicion that country has done little to dispel.

Talking to Army Radio, Israeli Vice Premier Moshe Yaalon said “Whoever sees the Iranian threat as a significant threat is likely to take various steps, including these, to hobble it. Israel is blessed with high technology, and we boast tools that open all sorts of opportunities for us.”

From The Associated Press:

Alan Woodward, a professor of computing at the University of Surrey in southern England, said that Flame was a different order of threat than run-of-the-mill cyberfraud programs.

“Most malware writers like to have tiny bits of code that kind of hide away in the dross that’s on a computer,” Woodward said. “Flame is 20 megabytes large. That’s nearly 60 times the average size of malware samples collected by Internet security company Sophos in 2010, around the same time that Kaspersky believes Flame first started spreading.

The full story here by The AP offers more details >

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

This new Boeing drone, designed to stay aloft for days at a time, completed its first successful flight Friday at Edwards Air Force Base in California.

Fueled by liquid-hydrogen, the Phantom Works inspired Phantom Eye reached an altitude of over 4,000-feet and speeds of around 70 mph before clambering back to earth.

The flight was in fact a bit better than the landing. A release from Boeing says the craft was damaged when its landing gear sunk into the lakebed on which it was returning and broke, but that won't slow the new drone down for long.

Phantom Works, Boeing's classified defense dream shop, has been looking forward to the arrival of the Phantom Eye for years and the technology that keeps it aloft is a welcome arrival.

The goal of the project is to offer the military a long term solution to monitoring wide patches of ground for extended periods of time, without requiring multiple aircraft and a series of take-offs and landings, which interrupt surveillance.

The single flight surveillance will hopefully provide better intelligence than what's been achieved in the past and let's face it, that's a good thing when the U.S. is firing Hellfire missiles at suspected insurgents in civilian populations across the globe.

The Phantom Eye will fly at up to 65,000 feet, generating only water as a byproduct, carry a 450-pound payload, and has a 150-foot wingspan.

Boeing's defense, space & security is also behind the A160 Hummingbird, the Unmanned Little Bird, the Camcopter S-100, Integrator, Scaneagle, the Dominator, and the Phantom Ray.

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

Last week we reported on how the new Flame virus seems to be the work of the National Security Agency and Israel.

Following that announcement the Obama Administration admitted that the Stuxnet virus was a joint U.S.-Israeli attack on Iran's computer networks and that they've been working on similar cyber weapons since 2006.

Now people are worried about the implications of an all-out cyberwar and wondering if/when high-profile cyberweapons will "boomerang" and be used against U.S. cyber networks.

Dr. Mike Lloyd, Chief Technology Officer at Red Seal Networks, spends his days doing penetration testing to help organizations understand their security defenses and how they can be attacked. 

Lloyd said that while it's interesting to find out who is behind the newest and most sophisticated cyberattacks, the important thing to recognize is that cyberweapons are growing in number and the U.S. is already vulnerable.

Successful attacks — including ones that steal directories of credit numbers, patient records and social security numbers — are occurring every day.

"It's not about whether these fancy weapons, that look like we built, could be used on us," Lloyd said. "We need to take a step back and think, 'What kind of weapon would it take to hurt us?' And the answer is that simple weapons work today."

To understand why it's so easy to hack America right now, one must recognize the immensity of the U.S. cyber infrastructure and the consequent due diligence required to secure it.

"The difference with America is that we are so interconnected, we're so networked," Lloyd said. "All of our systems are connected together — our finance systems, our power generation systems, our social media sites, and so on. We're interconnected here much more than anywhere else in the world and that means if this stuff is fragile, it is much more fragile than everywhere else."

Lloyd, whose job is to study the fragility of U.S. networks, posits that it is indeed fragile.

Last year in the U.S. there were 855 incidents of corporate data breaches that involved 174 million compromised records, according to Verizon's 2012 Data Breach Investigations Report (DRIC).

"People in glass houses shouldn't throw stones," Lloyd said. "Well unfortunately, it's not just that. Very simple stones can break our glass windows. We have very thin defenses."

However, Lloyd points out that it doesn't have to be this way.

While 2011 saw the second-highest data loss total since Verizon started keeping track in 2004, 96 percent of attacks were not highly difficult and 97 percent of breaches were avoidable through simple or intermediate controls.

"Now that's really interesting," Lloyd said. "It's about the thinness of the glass... We're at the level where it is far too easy to break in."

Lloyd said that the members of LulzSec or Anonymous — the loose hacker collectives that have shut down websites and stolen sensitive information —  exploit weak defenses of companies by being "doorknob twisters"  at the "side doors" of a company's network.

"The vast majority [of cyberattacks] don't take the complexity of a Stuxnet — it just takes rattling all the doorknobs," Lloyd said. "What they're doing is rattling all of the doors, and they find one or two that are open."

So why aren't companies using simple and intermediate controls to make sure their networks are secure?

Lloyd said that things that companies must do are simple, but they must be constantly done everywhere (i.e. make sure all side doors are locked). The issue becomes that "if you're an American corporation, utilities industry, government agency, you have to be amazingly consistent and that's what we're bad at… because our infrastructures are so big and so complex… we can't secure effectively these days."

Furthermore, it's not even good enough for a single U.S. company to be properly secure because the huge mesh of interconnectivity means that if one company has a problem then the companies with which it interacts also have a problem.

And although it's not easy to get companies to collaborate with their competitors when they've had a breach, Lloyd remains optimistic because disclosures have been going up, companies are recognizing weaknesses and tools are available to implement a stronger collective defense.

What is required, according to Lloyd, are "established standards of due diligence" — as defined by the cybersecurity industry — that will "demand good practices out of the people that look after our data."

Because the vast majority of attacks can be avoided if the easy attacks are deterred through established practices (as opposed to being invited by shoddy practices).

Things like implementing disclosure laws, requiring consistent measurement of cyber defenses, and using automation to better understand the complexity of the U.S. grid will hold companies accountable while also generating greater discussion about the requirements for acceptable cybersecurity.

The bottom line is that we're all part of the same infrastructure, and right now we're not ready for attacks.

"Attacks are going on, our defenses are weak and it's time to wake up and smell the coffee," Lloyd said. "Given that we have this spyware [e.g. Flame, Duqu], and the data-destroying [e.g. Skywiper aspect of Flame] and the physical machine-destroying stuff [e.g. Stuxnet] rattling around the globe, we have to take this stuff more seriously."

Below are recommendations for smaller organizations from Verizon's 2012 Data Breach Investigations Report. The DRIC states that "all the evidence at our disposal suggests a huge chunk of the problem for smaller businesses would be knocked out if they were widely adopted."

ALSO SEE: It Looks Like The Devastating New Virus Ripping Through Iran Was A Joint US-Israel Attack >

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

The Air Force just did a significant overhaul of its online policies for their computers.

They've tried to adapt to a world that's increasingly digital, socially connected and constantly online — by cracking down on most of those things.

Some of the Air Force's directives are obvious, others are bizarre, and some are understandable.

We combed through the 36-page directive to find the good parts. 

You're going to want to see this. 

Here's what the Air Force wants — and doesn't want — people to do using its internet connection:

• They would consider it inappropriate if you were participating in terrorist activities. The Air Force explicitly lists "terrorist activities" as inappropriate under section 3.2.3 of the policy.

• Gambling and pornography are on the same level of inappropriate-ness of terrorism. They're listed all together in that brief subsection. 

• The Air Force isn't a fan of chain emails. They're of the opinion that emails with subject lines like "FW:FW:Fw:FW:Fw: Best joke" adversely reflect on the DoD. We can't help but agree. 

• Also, please use "Reply-All" less. The Air Force asks that users cut down on Replying to All. It's bogging down their internet. For the record, it's also somewhat annoying and pretty risky if a sender isn't paying attention. 

• The Air Force would really prefer if you only used the internet to talk to your family and look for jobs. The new policy says that authorized use is comprised of exchanging information with family members, enhancing the skills of employees, and searching for jobs. Also, they're okay with sending messages out to members of your Department of Defense (DoD) approved organization. That's it.

• The Air Force doesn't want you to download free software like Adobe Flash or Firefox unless you acquire pre-approval. How many calls do the Air Force system admins get requesting permission to install Skype? We'll never know. 

• While you can subscribe to government-sponsored news, using non-DoD subscription news services is a "misuse of a government system." If you're in violation of this, it's already too late to close out of the browser window, because...

• The Air Force is monitoring your browsing already. Using any DoD device constitutes consent to monitoring, according to sections 2.7, 3.4, 4.3, and 6.1. Sorry.

The full text of the policy overhaul can be found here.

Now, look at the next generation of drone warfare >>

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

The U.S. Air Force's secretive unmanned space plane will end a year-long mission in orbit sometime in the next few weeks, and there is no indication what that mission is.

The X-37B Orbital Test Vehicle 2 launched from Cape Canaveral, Fla., on March 5, 2011.

Its mission was scheduled to end in December but was extended for unknown reasons, reports Rob Waugh of the Daily Mail.

The 29-foot, solar-powered craft has been circling Earth at 17,000 miles per hour in a low-earth orbit between 110 and 500 miles above the Earth's surface (whereas the International Space Station orbits at about 220 miles).

Some analysts speculate that the mission was extended to take advantage of the technology on board because the office that developed the X-37B will be shut down under budget cuts for 2013 to 2017 proposed by the Obama administration.

Others have speculated that the Boeing-made craft is used for surveillance as last May amateur astronomers detected the orbital pattern of the first X-37B included flyovers of North Korea, Iraq, Iran, Pakistan and Afghanistan, according to Waugh.

Col. Nina Armagno, 30th Space Wing commander, told Leonard David of Space.com that the personnel at Vandenberg Air Force Base in California "are ready to execute safe landing operations anytime and at a moment’s notice."

The first version of the NASA-designed craft landed last December at Vandenberg after more than seven months in orbit.

 Below is a layout of the X-37B (via Space.com):

Here is a video of the X-37 Approach and Landing Test Vehicle (the predecessor of the X-37B): 

ALSO SEE: The Navy Gave Me Total Access To The USS Wasp Amphibious Assault Ship >

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

North Korea's abilities to wage a devastating cyber war are behind only those of the United States and Russia, after the isolated nation has devoted more than thirty years toward development and research, a South Korean expert has claimed.

All that prep is finally paying off for the North Koreans. 

That declaration, by information security  professor Lee Dong-hoon, comes in the wake of two weeks of devastating attacks on GPS signals which interfered with signals throughout the Korean peninsula. 

The GPS jamming, which was carried out unabated by North Korea's Reconnaissance General Bureau, were carried out from April 28 to May 13, Stars and Stripes reported. 

That agency is quickly becoming the bane of the world's cyber-defense industry. 

The Reconnaissance General Bureau is the overseer of all North Korean sabotage and espionage operations, and has been recruiting and training a generation of cyber warriors. The bureau has developed a nurturing mentality toward information disruption specialists, creating one of the most dominant digital warfare groups on the planet.

They've made a culture of hacking.

The Bureau has units devoted to cyber attacks on the South Korean military, propaganda dissemination across the greater internet, and hacking operations.

This isn't the first time they've landed success ful hits, not by a long shot. 

In 2009, South Korean military sites suffered a massive Distributed Denial of Service (DDoS) attack, an cyber strategy wherein a group of antagonists bombard a target website with such a volume of hits and requests that the site is knocked down, rendering it unusable for people who actually need it.

That attack, likely carried out by Pyongyang Computer Technology University, knocked out 26 South Korean and foreign governmental websites. 

But this latest attack had sweeping, real-world impacts.

The latest hit, against the GPS signal in South Korea, cause national disruption and confusion in air traffic control and maritime transit. Moreover, the North Korans have been devoted to hacking South Korean defense systems, and their dedication is still causing problems. 

The South Korean military remains woefully unprepared for mounting counterattacks in this active cyber war. 

They don't even have a cyber unit, training, or command, and what they do have in the information security sector amounts to recruits from telecom colleges.

With them up against an adversary with a culture of cyber war ingrained in their strategy, on their own the South Koreans are woefully out-gunned on that front. 

Now check out these stunning photos from inside North Korea >>

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

There appears to be little doubt China steals both U.S. commercial and military secrets through hacking in addition to selling counterfeit electronic parts to customers of U.S. companies and to the Department of Defense (DoD).

But the adverse affects of these practices, both financially and militarily, seem both substantial and largely unknown.

We spoke with Louis P. Feuchtbaum, a former assistant district attorney in the Bronx who has worked extensively with electronic fraud, and represents large IT companies to help them deal with counterfeit electronics and procurement fraud, to gain a better understanding of what's at play here.

He says that when a company suspects its counterfeits products are flooding the market, it needs to do an internal investigation to see where they're coming from; how they're getting into the U.S.; who has them in the country; and how they are being resold so that the trade can be shut down (through referrals to law enforcement or civil lawsuits).

As a former Naval officer who served in combat, Feuchtbaum is in a unique position to also understand the military aspect of the problem because he knows what's it like to be "bobbing around on ships that lose propulsion" and has seen service members seriously injured because of failed technology.

He regards the economic and safety issues involved in counterfeit electronic products as "undefinable and undeniable because they could be so grave."

To understand how the situation has become so bad — and what can be done to mitigate the problems counterfeit parts cause —  it helps to first distinguish between its corporate and military aspects of counterfeit electronics.

Corporate Counterfeiting

"As commercial conflicts become more critical to national security, industrial espionage is a very serious issue," said Feuchtbaum. "The U.S. economy has been steadily shifting away from manufacturing to the development of its intellectual property. We are the genius that powers much of the world's engines. If ... our intellect/design/ingenuity can just be swiped pretty easily because of these products that have been installed that compromise our communications, the consequences for that could be grave."

The most expensive part of bringing an electronics product to market is research and development, followed by significant costs in maintaining quality control through production.

So the way a manufacturer of genuine products makes up for overhead costs and increases profit margins is on the selling of the individual product from overseas plants.

But counterfeit manufacturers don't have much overhead.

By developing stuff that kind of looks and functions like the genuine product — so that it passes initial testing and enters the marketplace — counterfeiters only pay the cheap cost to manufacture an inferior product.  

Then they "undersell the genuine manufacturers by very substantial amounts" to create a market force for their fake products.

The result is that a company's brand and corporate interests are damaged each time a purchased product fails or doesn't perform up to its intended specifications.

"When you have counterfeit products you lose the assurance of reliability — quality control goes out the window," Feuchtbaum said. "You may be dealing with algorithms and programming that could work until too many demands are placed upon a system [and] you make it to a point where actually component failure due to material breakdown."

Feuchtbaum notes that "China is a huge source for electronic counterfeit, and they don't have very strong enforcement mechanisms" because prosecutions are controlled at the local level where government corruption is rampant.

"It really is kind of the Wild West over there in terms of electronic counterfeiting," Feuchtbaum said. "And it goes on to a really extreme degree."

But when Feuchtbaum and his associates at Sideman and Bancroft trace a counterfeit product to the actual time and place of manufacture, they find shill companies that churn out fakes en masse and sell to multiple different distributors (who sell again) so that the counterfeit products take their own unique paths to the marketplace.

Thus it's difficult to detect and shut down corrupt manufacturers because the path is "like a spiderweb" and "provides a degree of insularity to a government if they are involved in that type of activity."

And although companies are becoming more sophisticated when creating publicly and privately-known product markings (e.g. trademarks, holograms, etc.) — which give the marketplace a degree of comfort that what they're buying is genuine — Feuchtbaum said that "it's always just a matter of holding back for a flood. There's just way too much money here."

The flood occurs at the moment when the replicas are so good that even experts can't tell the difference. At that point the market is being given a false sense of assurance and counterfeit products are readily accepted as genuine.

"This is where it gets a little bit scary," Feuchtbaum said. "There's a continual race that there are quality control checks on the genuine products that the counterfeiters can't copy. And those are good, and they work, but usually only for a period of time."

Just how costly is it when the quality controls are compromised and the floodgates open? That, according to Feuchtbaum, is inconceivable.

"There are cases I have been involved with where counterfeit products relating to a single product — not even a product line [but] a single part number — ... costs the American company tens of millions of dollars. For a single part. Take that and multiply it across product lines and then across the whole production of the company, and the losses are almost uncountable."

That's why most large IT companies have their own distribution channels with quality controls to thwart distributors and resellers from buying potentially counterfeit products off the secondary markets.

The bottom line, according to Feuchtbaum, is that "if one buys only through an authorized distributor, the chance of getting counterfeit is severely reduced."

Nevertheless, some "honest companies that make great products don't comprehend the severity of the problem." Feuchtbaum can think of at least one well-known company with a big market following that doesn't even track the serial numbers of its products. By neglecting to do so, the company "severely hampers" its ability to combat counterfeits in the market.

Military Counterfeiting

In addition to the regular problems with counterfeit products of higher product failure, Feuchtbaum explained that the DoD is facing "a very large vulnerability for national defense."

It's impossible to know how deeply embedded these criminal products are in a supply chain because once they get through the initial filters of a quality check and feel genuine, they could be in place for a long time if they don't fail.

"And if a country has designed a back door because their real intent is to get access to a system to affect its operations at some time, they want that product to work because they don't want it to be replaced," Feuchtbaum said.

A recent Senate report, titled Inquiry Into Counterfeit Electronic Parts In The Department Of Defense Supply Chain, "uncovered overwhelming evidence of large numbers of counterfeit parts making their way into critical defense systems." 

The investigation found 1,800 cases of counterfeit electronic parts involving over one million suspect parts in 2009-10 alone, thereby exposing "a defense supply chain that relies on hundreds of unveiled independent distributors to supply electronic parts for some of our most sensitive systems."

The report concluded, among other things, that China is the "dominant source" of counterfeit products that enter the DoD supply chain, that the Chinese government does little to stop it and that the DoD doesn't know the "scope and impact" of these parts on critical defense systems. 

Feuchtbaum called the report "jaw-dropping" and cited examples of U.S. weapons having counterfeit parts as why this stuff is "so scary when you really think about it."

Serious problems are created through outright spying — tracking the communications of American citizens, corporations and government to steal critical information — which can be used to enhance research and development at a low cost.

The other vulnerability arises through the employment of back doors, which are features designed into a product when someone wants to gain access to that electronic module at some point without permissions and without detection.

"It's almost like having a skeleton key to your neighbor's home, and you could just enter at will without your neighbor's permission," Feuchtbaum said.

Feuchtbaum said to think of counterfeit products as cyber land mines — they are things planted by the enemy that are secretly hidden away until the time comes when a threat confronts them. And these land mines are especially destructive because they are installed in the critical infrastructure in the homeland as well as in critical machinery of defense overseas. 

"Let's say an entity, maybe China, has adverse security interests to the United States. The U.S. does its analysis and says 'In this region of the world where there is conflict, we have the following defense resources... so we could go ahead and feel safe that we have enough deterrents there.'

"The calculus would be changed a lot if the other country looked and said 'Yeah, they've got all these resources here but we know that their bombs aren't going to work, their planes aren't going fly, that we could invade their communications, that we can disrupt their supply chains once we go in the back door and … shut down those functionalities.'"

Compounding the issue is that things like bombers are going to have a life of decades, so the DoD needs to be comfortable that as parts are replaced on the airplanes they are being replaced by only genuine parts. If the DoD doesn't have quality controls, it's inviting problems years down the line.

What can be done?

When asked how he felt, as a former officer, about the infiltration of counterfeit parts into the DoD, Feuchtbaum said that it "causes a very grave fear that lack of diligence could cause the loss of American life."

That diligence, for both IT companies and the DoD, comes in the form of having robust anti-counterfeiting programs that keep counterfeit products out of the supply chain.

Feuchtbaum said that the most robust programs continually test the marketplace to see what's out there, know what counterfeit products look like, constantly manufacture new controls to ensure that the products they're selling are not being successfully copied, and update the guidance they give to the marketplace — as well as immigration and customs enforcement — on how to spot fakes. 

"For companies that don't [have robust anti-counterfeiting programs] ... there is a rising tide of counterfeits in the supply chain and it becomes more difficult to ensure that you're buying genuine," Feuchtbaum said.

Which is precisely what has happened to the U.S. military. Feuchtbaum posits that the best course of actions for the DoD is to begin purchasing electronic parts only from authorized supply chains or the manufacturers themselves.

They better start soon because an unknown number of cyber land mines are already installed.

ALSO SEE: This New $7 Billion Warship Is Part Of The US Response To China's Military Buildup >

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »

The head of MI5, Britain's counter-intelligence agency, described the recent levels of cyber assaults on the United Kingdom's computer systems as "astonishing". 

Jonathan Evans is dealing with the security nightmare that is the upcoming London 2012 Olympic Games, and described how cyber attacks against UK industry — from both criminals and states — have increased exponentially recently. 

The BBC reported that Russia and China had been previously cited as the nations most involved in state-based attacks.

Their attackers are organized on "an industrial scale."

The cyber assaults are being perpetrated by both state-sponsored espionage agencies as well as organized cyber criminals, all trying to access secret information and take down networks. 

There's an immense amount at stake for Britain — it's not just the success of the Olympics at risk. 

"What is at stake is not just our government secrets but also the safety and security of our infrastructure," Evans told the BBC, "the intellectual property that underpins our future prosperity and... commercially sensitive information."

Please follow Military & Defense on Twitter and Facebook.

Join the conversation about this story »