Originally posted by Officer of Engineers
View Post
With all due respect to your hacking skills, only computer which is fully secure is one which is not connected to a network, and what good is that computer except to play games;) .
Outside US, some of the best computer programmers are in Russia, China and India. The best US programmers are employed by Video Game industry (yes, no longer by NSA).
Some excerpts from couple of publications;
Specific Targeting Analysis of Network Attacks Against Logistics
There are two macro-level targets for Chinese computer network operations: military network information and military information stored on networks. CNA seeks to use the former to degrade the latter. Like U.S. doctrine, Chinese CNA targeting focuses specifically on “enemy C2 centers,” especially “enemy information systems.” Of
these information systems, PLA writings and interviews suggest that logistics computer systems are a top military target. According to one PLA source, “we must zero in on the...crucial links in the system that move enemy troops... such as information systems.”28 Another source writes, “we must attack system information accuracy, timeliness of information, and reliability of information.”29 In addition to logistics computer systems, another key military target for Chinese CNA is
military reliance on civilian communications systems. These concepts, combined with the earlier analysis of the PLA view that the main U.S. weakness is the deployment phase, lead PLA IO theorists to conclude that U.S. dependence on computer systems, particularly logistics systems, is a weak link that could potentially be exploited through CNA. Specifically, Chinese authors highlight DoD’s need to use the civilian backbone and unclassified computer networks (e.g., NIPRNET [Non-Secure Internet Protocol Router Network]) as an Achilles’ heel. There is also recognition of the fact that operations in the Pacific are especially reliant on precisely coordinated transportation, communications, and logistics networks, given the “tyranny of distance” in the theater. PLA strategists believe that a disruptive CNA against these systems or affiliated civilian systems could potentially delay or degrade U.S. force deployment to the region while allowing China to maintain a degree of plausible deniability. The Chinese are right to highlight the NIPRNET as an attractive
and accessible target, unlike its classified counterparts. It is attractive because it contains and transmits critical deployment information in the all-important TPFDL (time-phased force deployment list), which is valuable for intelligence gathering about U.S. military operations as well as a lucrative target for disruptive attacks. In terms of accessibility, it was relatively easy to gather data about the NIRPNET
from open sources, at least prior to 9/11. Moreover, the very nature of the system is the source of its vulnerabilities, since it has to be unclassified and connected to the greater global network, albeit through protected gateways. To migrate all of the NIPRNET to a secure, airgapped network would likely tax the resources and bandwidth of DoD’s military networks.
DoD’s classified networks are an attractive but less accessible target for the Chinese. On the one hand, these networks would be an intelligence gold mine and are likely a priority CNE target. On the other hand, they are a less attractive CNA target, thanks to the difficulty of penetrating its defenses. Any overall Chinese military strategy predicated on a high degree of success in penetrating these networks during crisis or war is a high-risk venture and increases the chances of
failure of the overall effort to an unacceptable level. Moreover, internal Chinese writings on information warfare show no confidence in China’s ability to get inside NCW aboard deployed ships or other self-contained operational units. Instead, the literature is focused on preventing the units from deploying in the first place and thereafter breaking the C4I linkages between the ships and their headquarters.
Chinese CNE/CNA operations against logistics networks could have a detrimental impact on U.S. logistics support to operations. Chinese CNE activities directed against U.S. military logistics networks could reveal force deployment information, such as the names of ships deployed, readiness status of various units, timing and destination of deployments, and rendezvous schedules. This is especially important for the Chinese in times of crisis, since they utilize U.S. military Web sites and newspapers as principal sources of deployment information in peacetime. An October 2001 People’s Daily article, for example, explicitly cited U.S. Navy Web sites for information about the origins, destination, and purpose of two CVBGs exercising in the South China Sea. Because the quantity and quality of deployment
information on open Web sites has been dramatically reduced after 9/11, the intelligence benefits of exploiting the NIPRNET have become even more paramount.30 CNA could also delay resupply to the theater by misdirecting stores, fuel, and munitions, corrupting or deleting inventory files, and thereby hindering mission capability. The advantages to this strategy are numerous: (1) it is available
to the PLA in the near term; (2) it does not require the PLA to be able to attack or invade Taiwan with air or sea assets; (3) it has a reasonable level of deniability, provided that the attack is sophisticated enough to prevent tracing; (4) it exploits perceived U.S. casualty aversion, overattention to force protection, the tyranny of distance in the Pacific, and U.S. dependence on information systems; and (5) it
could achieve the desired operational and psychological effects: deterrence of U.S. response or degrading of deployments.
There are two macro-level targets for Chinese computer network operations: military network information and military information stored on networks. CNA seeks to use the former to degrade the latter. Like U.S. doctrine, Chinese CNA targeting focuses specifically on “enemy C2 centers,” especially “enemy information systems.” Of
these information systems, PLA writings and interviews suggest that logistics computer systems are a top military target. According to one PLA source, “we must zero in on the...crucial links in the system that move enemy troops... such as information systems.”28 Another source writes, “we must attack system information accuracy, timeliness of information, and reliability of information.”29 In addition to logistics computer systems, another key military target for Chinese CNA is
military reliance on civilian communications systems. These concepts, combined with the earlier analysis of the PLA view that the main U.S. weakness is the deployment phase, lead PLA IO theorists to conclude that U.S. dependence on computer systems, particularly logistics systems, is a weak link that could potentially be exploited through CNA. Specifically, Chinese authors highlight DoD’s need to use the civilian backbone and unclassified computer networks (e.g., NIPRNET [Non-Secure Internet Protocol Router Network]) as an Achilles’ heel. There is also recognition of the fact that operations in the Pacific are especially reliant on precisely coordinated transportation, communications, and logistics networks, given the “tyranny of distance” in the theater. PLA strategists believe that a disruptive CNA against these systems or affiliated civilian systems could potentially delay or degrade U.S. force deployment to the region while allowing China to maintain a degree of plausible deniability. The Chinese are right to highlight the NIPRNET as an attractive
and accessible target, unlike its classified counterparts. It is attractive because it contains and transmits critical deployment information in the all-important TPFDL (time-phased force deployment list), which is valuable for intelligence gathering about U.S. military operations as well as a lucrative target for disruptive attacks. In terms of accessibility, it was relatively easy to gather data about the NIRPNET
from open sources, at least prior to 9/11. Moreover, the very nature of the system is the source of its vulnerabilities, since it has to be unclassified and connected to the greater global network, albeit through protected gateways. To migrate all of the NIPRNET to a secure, airgapped network would likely tax the resources and bandwidth of DoD’s military networks.
DoD’s classified networks are an attractive but less accessible target for the Chinese. On the one hand, these networks would be an intelligence gold mine and are likely a priority CNE target. On the other hand, they are a less attractive CNA target, thanks to the difficulty of penetrating its defenses. Any overall Chinese military strategy predicated on a high degree of success in penetrating these networks during crisis or war is a high-risk venture and increases the chances of
failure of the overall effort to an unacceptable level. Moreover, internal Chinese writings on information warfare show no confidence in China’s ability to get inside NCW aboard deployed ships or other self-contained operational units. Instead, the literature is focused on preventing the units from deploying in the first place and thereafter breaking the C4I linkages between the ships and their headquarters.
Chinese CNE/CNA operations against logistics networks could have a detrimental impact on U.S. logistics support to operations. Chinese CNE activities directed against U.S. military logistics networks could reveal force deployment information, such as the names of ships deployed, readiness status of various units, timing and destination of deployments, and rendezvous schedules. This is especially important for the Chinese in times of crisis, since they utilize U.S. military Web sites and newspapers as principal sources of deployment information in peacetime. An October 2001 People’s Daily article, for example, explicitly cited U.S. Navy Web sites for information about the origins, destination, and purpose of two CVBGs exercising in the South China Sea. Because the quantity and quality of deployment
information on open Web sites has been dramatically reduced after 9/11, the intelligence benefits of exploiting the NIPRNET have become even more paramount.30 CNA could also delay resupply to the theater by misdirecting stores, fuel, and munitions, corrupting or deleting inventory files, and thereby hindering mission capability. The advantages to this strategy are numerous: (1) it is available
to the PLA in the near term; (2) it does not require the PLA to be able to attack or invade Taiwan with air or sea assets; (3) it has a reasonable level of deniability, provided that the attack is sophisticated enough to prevent tracing; (4) it exploits perceived U.S. casualty aversion, overattention to force protection, the tyranny of distance in the Pacific, and U.S. dependence on information systems; and (5) it
could achieve the desired operational and psychological effects: deterrence of U.S. response or degrading of deployments.
Comment