Henry Dalziel | Hacker Hotshots, Information Security Conferences, Latest InfoSec News, SCADA News and Training | November 19, 2013
We had an absolutely fascinating web show with Winn Schwartau and Bill Gertz titled: ‘Cyber Attacks/ Social Media and Electronic Grid Vulnerabilities.’ We keep saying this every time we have an InfoWarCon ‘speaker-to-be’ web show but this was a special one.
This show is a must even if you have the faintest inkling to go to InfoWarCon in Tennesse January 22-24. As a super rapid summary, InfoWarCon is an event that gathers the best people on planet earth that know the real facts of Cyber Warfare and where – and why – we are heading in the direction that we are.
For those that don’t know, Bill Gertz is an American editor and reporter for The Washington Free Beacon and The Washington Times. He has published many books and writes a weekly column on the Pentagon and national security issues called “Inside the Ring”. Seriously, don’t just take our word – just watch the video here [35 minutes long] and I dare you not to be fascinated with every avenue of conversation. Said another way, if subjects like Cyber Espionage and Chinese Nuclear Submarine plans don’t interest you then yes, you are at the wrong corner of the Internet!
In broad strokes, Winn and Bill discussed:
Max Dalziel, Concise Courses
Doesn’t Chinese ownership of US debt act as our biggest deterrent in them attacking our ICS networks? I mean, why destroy your debtor?
Well, that is an argument that has always been made regarding the Chinese [by us saying] ‘they own our debt and our economies are so integrated that we face no threat from them’. For the questioner I would point out a book that was written by two Chinese colonels called ‘Unrestricted Warfare’ where basically they talk about winning by any means necessary by economic warfare, politically, illegal warfare and kinetic warfare.
What people need to understand about the Chinese is that they have a dual approach to their foreign policy. First of all China is still a communist government, they basically have given up the Marxist and Leninist economy but their political structure is based on the Soviet system. It is run by a collective dictatorship of the politburo of the communist party of China that has a strong military and extremely tight internal security controls and they are becoming more and more nationalistic, I would even go as far as saying xenophobic. Just last week they attacked me [and] the Global Times Newspaper. They attacked because I reported on their anti-satelitte warfare.
The fact that most of the people that have their holding here doesn’t mean that they can’t move their holdings to Switzerland, Europe or other places. More or less they use that as a coercive diplomatic tool to influence our policies and it has been very successful, people say, ‘don’t upset the Chinese, don’t call them out when they threaten the Japanese over the Senkaku Islands’ and things like that.
It is something to be considered when US and China relations, but the problem with China is that they see us as the number one enemy and by that I mean the Chinese military. You will see nice smiles and handshakes from their political leadership but when you look at their military writings as I have you will see that they a definite plan, not only to help China rise but to also manufacture and manage the decline of the United States. They do that by supporting our enemies like Iran or North Korea – so that would be my answer.
Max Dalziel, Concise Courses
Does everyone have crap ICS SCADA systems?
I never operate in binary terms. Everyone? Not a clue. Where I learned some of this, more than I actually wanted to know, was by attending ASIS conventions, ‘ASIS International and the Security Industry Association’ which is one of those where you get to touch stuff and it’s all very cool, and a lot of the booths had the ICS and Smart Grid stuff and I started poking around. Before the sales guys came around with their brochures I was looking for that keyword of ‘security’ and it was very either not there at all or deeply buried. I got talking to the sales guys, and I mean [organizations] like Siemens, GE etc but some of the large companies and I asked about the security because they were running Internet Protocols like TCP/ IP so they needed it.
They replied – ‘don’t worry, we have it all taken care of,’ and I said ‘great!’ They said it was very technical [and I asked how they do it] and they replied that they use SSL (Secure Socker Layer) which is not an adequate mechanism to use, especially for industrial security. So, to say they all SCADA Systems have it [security] – no, I cannot say that they do, but I can also say on the positive that I have not seen one that would meet any Cyber guys or Security guys definition of security. If it does exist – please educate me so that we can further educate our audiences, but I don’t know of one.
Max Dalziel, Concise Courses
I read your piece on the China Nuclear Missile Submarine Threat. Let me ask you, who is better at Cyber Espionage in your opinion? I mean the Chinese stole our F35 Lightening Fighter plans. It just seems that we are losing the war on that side. Your comment please.
Sure, first of all, on the China Nuclear Missile Submarine, last Saturday I was at the Reagan Library in Simi Valley California for the Reagan Defense Forum and I asked the Chief of Naval Operations, Admirimal Jonathan Greenert specifically about this report that appeared in the Global Times in late October which revealed Chinese plans for Submarine launched deterrent. The way they did it was alarming. They did it by putting maps in their newspapers showing target areas of downtown Los Angeles and Pacific North West and they were openly talking about killing five million to twelve million Americans with missle attacks so I thought this was fairly alarming. The Pentagon and State Department declined to comment on the story I wrote about it so I asked Admiral Greenert about it and he had a kind-of ‘coy remark’, in which he said, ‘well, in order for that kind of Nuclear Submarine launch to be effective it needs to be stealthy and hidden from view.’ In other words he was playing it down and that is all he said on the subject.
I wrote a follow-up story on the Free Beacon website and basically he said that he [Admiral Greenert] didn’t think that they had a credible deterrent, but I believe that the Chinese are engaged in a major Nuclear forces build-up.
On Cyber, the Chinese are at very high levels of cyber-warfare capabilities. We don’t really know how good they are because we haven’t been in a Cyber War, but what we do know is that they are very good at Cyber Espionage and extremely good at Cyber Reconnaissance; the military use the term ‘preparation for the battle field.’ So, what do they do? Well, we’ve been seeing this for years, they plant what they call ‘sleeper agent software’ inside government systems that are very difficult to detect this software. It communicates very infrequently with Beijing which would be one way to detect it, and this software could be activated in a crisis to attacks computers; so that is really the concern.
Now, our side is also very good, and by ‘our side’ I mean NSA and Cyber Command. The National Security Agency has been doing Cyber Espionage for a long time and they are just coming online through Cyber Command with Cyber Warfare with defensive and offensive capabilities. Again, it is all very covered in secrecy and we don’t know how good they are, all their exercises are secret. The people that I talk to and the top General in charge they are cautiously bragging and saying, ‘look we can do this very well, but that I mean offensive Cyber Warfare.
Max Dalziel, Concise Courses
Why are SCADA systems Internet facing anyhows?
Well! I was just at a conference at San Diego and this exact point came up! Just because you can connect something to the Internet does not mean that you should. I got in to a discussion with Bill Cheswick, one of the great minds in the industry who created the firewall ‘way back when’ about Internet Protocols and having connectivity is really great. What I fear is that in the case of the Smart Grid the power companies never really thought out what communicate was needed and understand that risk. Does my home meter need to be connected to the Internet in order for the power companies to efficiently monitor me. I would argue – no. There are other protocols that have existed over the years and other ICS/ SCADA protocols that have existed over the years that would be able to help obviate the inherent connectivity of a flawed protocol. I think that three is a far better way to connect rather than defaulting to TCP/ IP and I think that the power companies and Smart Grid could have done something as original as ‘let’s design our own’ and really lock down a security protocol in to their own boxes before it gets into their networks. I don’t agree that you have to plug everything in, but we are doing it anyway.
Well in the network world it is very difficult to avoid being interconnected through the Internet. In a perfect world would we like an absolutely secure Internet? It’s just not where the architecture is at right now. The problem with the Internet is that it is basically a lawless environment and in those circumstances and this is my philosophy is that defense will only take you so far. Ultimately you have to go on the attack and when you are attacked you have to counter-attack and when that starts happening we will have a much more secure SCADA control system connected to the Internet.
Well, that’s the whole point of InfoWarCon. We want to not only look at the defense but to really understand the offense and out ourselves in the mindsets of our potential adversaries out there and my premise has always been, ‘how can you defend when you don’t know how to attack.’