Global Cyber Arms Race Heating Up?

The United States has launched successful cyber attacks against Iran and North Korea in recent years, according to multiple credible reports. These cyber attacks have caused physical destruction of thousands of Iranian nuclear centrifuges and disrupted North Korean missiles on launchpads or shortly after takeoff. Some of the code and developer tools used in the attacks have leaked out. These leaks are enabling other nations to learn and develop their own offensive cyber weapons. The United States and the United Kingdom have accused Russia of using social media apps like Facebook and Twitter to exploit and deepen divisions during the US presidential elections and the UK's Brexit referendum in 2016. Similar warfare techniques, described by the US RAND Corporation as New Generation or Hybrid Warfare, are probably being deployed by other nations as well. It refers to the use of a broad range of subversive instruments, many of which are nonmilitary, to further a country's national interests. It wouldn't be far-fetched to think that India and Pakistan are learning from New Generation Warfare techniques developed and deployed by technologically advanced nations.

US-Israel Joint Stuxnet Against Iran:

A large number of  Iranian centrifuges suddenly started to blow up around 2008-9 soon after President Barack Obama's inauguration. The mystery was finally resolved in the summer of 2010  when a computer worm later named Stuxnet escaped Iran’s Natanz plant and spread around the world on the Internet.

New York Times' David Sanger reported that the United States and Israel developed Stuxnet and then tested it by building replicas of the Iranian Natanz plant equipped with Pakistani P-1 centrifuge designed in 1980s. Americans obtained P-1 centrifuges from Libyan leader Moammar Ghadafi and dismantled them to learn how it worked. P-1 uses a Siemens controller S7-417. Stuxnet inserted malware in the Siemens controller to suddenly change the centrifuge speed which caused its destruction.  It was designed to attack computers with specific configuration of Siemens S7-417 controller. Here's how New York Times' David Sanger described the test results:

"After several false starts, it worked. One day, toward the end of Mr. Bush’s term, the rubble of a centrifuge was spread out on the conference table in the Situation Room, proof of the potential power of a cyberweapon. The worm was declared ready to test against the real target: Iran’s underground enrichment plant."

US Left-of-Launch Attack Against North Korea:

A very high percentage of North Korean missile launches failed in the period from 2015 to 2017. The missiles either blew up on the launchpads or failed soon after launch. These failures are widely attributed to American cyber attacks.

American strategists see Left-of-Launch cyber weapons as a low-cost extension of their missile defense strategy. Gen. James Dickinson, the chief of Army Space and Missile Defense Command and Army Forces Strategic Command, explains it as follows:

“You’ve probably heard the conversation about how we’re on the wrong side of the cost curve for missile defense many times. We’re utilizing multi-million-dollar interceptors against very inexpensive missiles and those types of threats, So it’s a balance. It has to be a balance between the end game, if you will, where we’re relying on an interceptor to defeat the threat and other approaches."

Russia's Information Warfare in US, UK:

The United States and the United Kingdom have accused Russia of using social media apps like Facebook and Twitter to exploit and deepen divisions during the US presidential elections and the UK's Brexit referendum in 2016.

American and British intelligence officials believe Russia used all major social media platform to spread words, images and videos tailored to voters’ interests to help elect President Trump. Similar allegations have been made by the British government about Russian interference to influence the outcome of the Brexit vote in the U.K.

Facebook, Google and Twitter acknowledged in 2017 that they had identified Russian interference on their sites. The companies have responded to the threat — Facebook, in particular, created a “war room” in 2018 to fight interference around elections — but none has revealed interference around US midterm elections in 2017 on the same scale as in 2016.

Cyber Weapons Code and Tools Leaks:

Stuxnet worm and recently leaked NSA's hacking tools by Shadow Brokers have revealed the extent of US intelligence agencies' cyber spying and hacking operations. Symantec's Liam O'Murchu who was among the first to unravel Stuxnet says it is "by far the most complex piece of code that we've looked at — in a completely different league from anything we’d ever seen before." It is almost certain that the code is being reverse-engineered and repurposed as their weapon by cyber warriors in many countries around the world.

In 2013, a group known as "Shadow Brokers" leaked NSA's sophisticated cyberweapons that have exposed major vulnerabilities in Cisco routers, Microsoft Windows, and Linux mail servers.  Soona after the Shadow Brokers leak, North Korea is believed to have developed and used WannaCry ransomware. It encrypts files on the target PC's hard drive, making them inaccessible, then demands a ransom payment in bitcoin to decrypt them.

Summary:

American agencies have launched successful cyber campaigns against adversaries like  Iran and North Korea in recent years, according to multiple credible reports. These cyber attacks have caused physical destruction of thousands of Iranian nuclear centrifuges and disrupted North Korean missiles on launchpads or shortly after takeoff. Some of the code and developer tools used in the attacks have leaked out. These leaks are enabling other nations to learn and develop their own offensive cyber weapons. The United States and the United Kingdom have accused Russia of using social media apps like Facebook and Twitter to cause and deepen divisions during the US presidential elections and the UK's Brexit referendum in 2016. Similar warfare techniques, described by the US RAND Corporation as New Generation or Hybrid Warfare, are probably being deployed by other nations as well. It refers to the use of a broad range of subversive instruments, many of which are nonmilitary, to further a country's national interests. It wouldn't be far-fetched to think that India and Pakistan are learning from New Generation Warfare techniques developed and deployed by technologically advanced nations.


Comments

Riaz Haq said…
Hybrid warfare
Munir Akram December 09, 2018 Facebook Count


https://www.dawn.com/news/1450346


Pakistan has developed credible capabilities to deter nuclear and conventional aggression. However, it remains very vulnerable to hybrid warfare. Pakistan’s adversaries enjoy considerable prowess in IT, cyber, media projection and narrative construction, including ‘fake news’, subversion and sabotage, and sponsorship of terrorism, including ‘false-flag’ operations.

The main modality of this ‘indirect war’ against Pakistan is the media, including social media. Very few Indian media personalities enjoy the ‘freedom’ to be critical of their country or their current government. Meanwhile, Pakistan print and electronic media speaks with many voices. There is little space for pro-Pakistani narratives in the Western media. An army of Indian trolls has been recruited to malign Pakistan on the internet.

There are numerous other ‘agents of influence’ who are used to develop and project an anti-Pakistan narrative. Many foreign funded and directed non-governmental organisations have been ubiquitous in developing negative critiques about Pakistan within Pakistan. Some among our local elite are co-opted by these organisations through jobs, travel and other perks. No wonder there has been such a hue and cry about the long overdue diligence conducted recently by the government and the Foreign Office on these organisations.

The hybrid campaign incorporates some ethnic and religious groups. Foreign sponsorship of the Balochistan Liberation Army and the Tehreek-i-Taliban Pakistan is well established. Some others need to be subjected to close scrutiny.

Any foreign funding of any Pakistani organisation ought to be declared and officially approved. Receipt of undeclared foreign payments should be a crime. This is an international norm. (Surely, the Financial Action Task Force will approve.)

Pakistan’s agencies must be equipped with the most advanced surveillance and data collection techniques to detect future Jadhevs or Osamas and neutralise any ‘black ops’, ‘false-flag’ or infiltration operations planned by enemy agencies.

Pakistan must possess the cyber capability to defend its crucial command-and-control systems and its industrial and transport infrastructure against enemy attack. But to deter such attack, Pakistan must also have the capability for offensive cyber action.

The technologies for waging a “comprehensive” conflict and “new generation warfare” are being actively developed by every significant State. Pakistan cannot afford to be left behind. To acquire credible capacity to defend against and repel hybrid wars, Pakistan will need to make dedicated efforts, comparable to those deployed to develop its nuclear and missile programmes.

However, there are certain elements of such warfare (cyberattacks, autonomous weapons, false-flag operations) which pose the threat of systemic and global disruption, destabilisation and military escalation. Pakistan and other responsible nations should take an initiative in relevant international forums to secure a global ban or restrictions on such dangerous elements of hybrid warfare.
Riaz Haq said…
Understanding 5th generation warfare
By Cynthia D Ritchie

https://tribune.com.pk/story/1882213/6-understanding-5th-generation...

More ‘developed’ nations often claim they are more democratic than their developing counterparts and often employ talking heads to push this narrative. Over the years, and certainly more recently, these talking heads can be seen desperately trying to push one version of events while ganging up on others who have a difference of opinion — cyber bullying. Further, these talking troll heads try to muddy waters by falsely labeling people they don’t know and claiming Fifth Generation Warfare (5GW) is nothing more than a silly conspiracy to derail attempts at their free speech. And while many unfounded conspiracies abound, it behooves us to take a closer look at these individuals and their claims. For starters, let’s consider what 5GW is.

Turns out, 5GW is real. Only it doesn’t feature armies or clear ideas. In an article for Wired Magazine, written about 10 years ago, David Axe quoted the US Army Major Shannon Beebe, the top Intel officer for Africa at the time, as describing the “fifth-generation as a vortex of violence, a free-for-all of surprise destruction motivated more by frustration than by any coherent plans for the future.”
Axe writes further, “5GW is what happens when the world’s disaffected direct their desperation at the most obvious symbol of everything they lack.” He quotes Marine Lt Col Stanton Coerr, for Marine Corps Gazette: “5GW is… espoused by [the likes of] al Qaeda… with aspirations of setting up alternative political systems… they’re opportunists, intent only on destruction. But even pointless violence can have a perverse logic, for the sudden, irrational destruction undermines the idea that nations… are viable in the modern world.”


Interestingly, both military officers were quoted by Raashid Wali Janjua in one of his columns for a national daily: “Pakistan is already in the throes of this phenomenon, internally generated and externally abetted. Like the resource curse of countries like Angola and Congo, Pakistan’s geographical location is a curse. Instead of yielding economic dividends it has caused constant meddling by global powers in its internal affairs. Faced with such constant supply of war fuel, the soft state model of governance by an illiberal democracy is a sure recipe for chaos and disorder.” Clearly there are issues that need to be handled by the State.

But when you have cyber bullies attempting to force others to share their narrative, the message gets lost and becomes almost disingenuous. What may be seen as important news by some appears almost as propaganda to others. But with so much propaganda these days, how can one differentiate between what’s authentic and what is completely contrived?

A Forbes article, by Travis Bradberry, who covers emotional intelligence and leadership performance, recently described the ‘12 habits Of Genuine People’. In summary, these individuals: don’t try to make people like them — they “aren’t desperate for attention”, and “speak in a friendly, confident, concise manner;” they don’t “pass judgment” — they are open-minded and approachable, and have the ability to “see the world through other people’s eyes;” they forge their own paths — “genuine people don’t derive their sense of pleasure and satisfaction” from other’s opinions, they have their own “internal compass” and are not swayed by the fact that somebody may not like it; they “treat everyone with respect;” they “aren’t motivated by material things;” they are “thick-skinned”; they “aren’t driven by ego;” they “aren’t hypocrites.”
Riaz Haq said…
Could Chinese Telecom Giant Huawei Put U.S. Cyber-Security At Risk?

Terry Gross of Fresh Air interviews David Sanger of New York Times.

https://www.npr.org/templates/transcript/transcript.php?storyId=690291785

DAVID SANGER: Well, at its simplest, the 5G network is an increase in speed and range for what you see on your cell phone. So 5G means just fifth generation. But it's actually much more than that. The hope is that when you're using your phone or some other device over Wi-Fi, you'll get no lag time and that you'll get near instantaneous download of data, webpages and so forth. But as 5G was being rolled out, there was a recognition that the Internet had fundamentally changed, that this was a moment to roll out something that could accommodate a world in which the Internet of Things was connecting up to all of these other wireless devices. And so that's autonomous cars, which, of course, need to constantly get data back and forth from the cloud, constant connectivity so that they know where they are in addition to their sensors helping you drive. It's for every other Internet-connected device that you have.

If China is in command of the network itself and has sort of end end control from phones for which it makes its own chips to the software on the switch to all of the other tentacles of the central nervous system, that it, basically, can do whatever it wants. And the chances that you would see it are relatively diminished. Big network operators like AT&T and Verizon, if they bought Huawei equipment - and it's pretty clear the government is not going to allow them to do that - would have some visibility into the system.

But it's also possible that Huawei might be able to reach back from China directly into the equipment and software it's put in to go manipulate data. What could you do with that? Well, in the Worldwide Threat Assessment that came out earlier this week, the nation's intelligence chiefs mentioned, in particular, that China already has the capability to shut down, at least briefly, the natural gas network. They also said the Russians could do the same briefly with the electric grid.

If you had a country that was in full control of your networks, they could shut it down. They could siphon the traffic off to a place you didn't want it to go. They could siphon it back to China. And they would probably have a easier time intercepting it. Now, of course, a lot of that traffic is going to run encrypted. It's not as if the Chinese would be able to look at everything or would want to. But the more network equipment they put in, the more control they would have. And, of course, the Chinese government reserves the right to tell them what to go do with it.

---------------------

In "The Perfect Weapon," I describe a plan the United States had if we went to war with Iran, called Nitro Zeus, to basically unplug Iran's communications and electricity grids. Well, imagine that that's in the Chinese plans for the United States. If they're in control of the communications grid of the U.S. or its allies, you can imagine how much easier that is to do.

Now, there is a concern here that we could get into a world of Red Scare, and the president himself might be fueling that some. And I have concerns that we're blaming too much on the Chinese. But the fact of the matter is, these are all major, complex vulnerabilities that, as Henry Kissinger said to me as I was working on the book, are so much more complex than the issues that came up with China in the Cold War.
Riaz Haq said…
Why #5G is a big deal for militaries around the world. It is a big part of #China's #global #BRI and #CPEC initiative in #Pakistan. Inclusion of #technology 5G and Chinese PNT (Positioning, Navigation, Timing) parallels a trend in US military practice. https://www.c4isrnet.com/opinion/2019/02/05/why-5g-is-a-big-deal-for-militaries-throughout-the-world/

The project has several components, one of which has become known as the “digital road.” It anticipates projecting the deployment of China’s 5G telecommunication infrastructure over the dozens of countries now affiliated with the initiative. The 5G telecommunications network would be integrated with another Chinese project, its Beidou (“Big Dipper”) precision navigation and timing system (now in the latter stage of fielding) to displace the U.S. Global Positioning System enabling China’s telecommunications and PNT system to dominate the future IoT and other in areas affected by China’s belt-and-road project.

5G as an instrument of China’s international security policy

China’s global security ambitions overlap its economic aspirations. The 19th Congress of the Communist Party of China, the belt-and-road initiative and its associated activities were incorporated in the Chinese Constitution at the 19th CPC. In that context belt and road is a project of the Party, and not the State which significantly elevates its security role and importance to its national leadership.

The BRI creates a global economic presence that has become a combination of commercial enablers for its “Maritime Silk Road” and forward air and naval installations for China’s armed forces. These include air and naval facilities in Djibouti in the Horn of Africa, Jiwani, Pakistan (~80-km west of its large commercial port at Gwadar, and a naval base in Sri Lanka (Hambantota, which China acquired in a debt-for-sovereignty swap when Sri Lanka could not service its BRI debt to China). China’s switch from a regional to an aspiring global power reflect its aspirations that have shaped the CPC’s rule since Mao: the deconstruction the old-world order in favor of one which gives China its rightful place at the zenith of a new international order.


The incorporation of the technology 5G telecommunication and Chinese controlled PNT parallels a trend in US military practice. DoD military communications, like China’s is moving to a wireless, mobile, and cloud-based IT systems built around 5G technology. China’s convergence of its 5G, BRI presence (military and civil), PNT and dominant role in the BRI member states are aimed at becoming the world’s leading economic and military power by the 100th anniversary of the founding of the Communist State in 2049.

5G is both an enabler and product of China’s remarkable economic growth since 1979 and is likely to become a central element of China’s economic and military power for the 1st half of the 21st century.
Riaz Haq said…
Gerasimov of South AsiaPakistan ISPR’s Asif Ghafoor Pukhraj Singh, APR 02 2019, 22:05PM IST


https://www.deccanherald.com/opinion/main-article/gerasimov-of-south-asia-726631.html

If there is a Pakistani inter-services directorate as lethal as the Inter-Services Intelligence (ISI), it is the Inter-Services Public Relations (ISPR).

Military strategists may balk at the fact that I am equating a notorious intelligence agency with an innocuous media management department. Since the times I executed cyber operations in the government, I have been obsessed with deconstructing the ev...

Riaz Haq said…
An adversary India has paid little attention to: Pakistan army’s public relations wing
Facebook’s action against Pakistan-based pages spreading disinformation in India show its army’s PR wing headed by Asif Ghafoor is more lethal than ISI.
PUKHRAJ SINGH

https://theprint.in/opinion/an-adversary-india-has-paid-little-attention-to-pakistan-armys-public-relations-wing/215740/

ith Facebook taking down pages linked to Pakistani cyber actors spreading disinformation in India ahead of the 2019 Lok Sabha elections, it’s becoming increasingly clear that India has been late in spotting the danger: if there is a Pakistani inter-services directorate as lethal as the Inter Services Intelligence, it is, undoubtedly, the Inter-Services Public Relations.

Military strategists may balk at the fact that I am equating a notorious intelligence agency with an innocuous media management department. Since the times I executed cyber operations in the government, I have been obsessed with deconstructing the evolving mandate of this little-known outfit. And I have always held the opinion that the role, or rather the potential, of the ISPR has been severely underestimated in the Indian strategic circles.

Cyber operatives like me have been envisioning this scenario since a decade: how the South Asian flashpoint would manifest itself in the cyber-enabled information battlespace. The Balakot escalation unleashed another invisible playbook of the Pakistani military, and the ISPR was its key orchestrator.

Since 2009, the Pakistani Army has conducted a series of public wargames dubbed as Azm-e-Nau, meant to counter the elusive Indian Cold Start doctrine. With many successful iterations over the years, these exercises simulated massive mobilisations augmented by net-centric warfare, stopping short at the tactical nuclear weapons threshold. Azm-e-Nau (A New Beginning) further chiselled Pakistan’s homebrewed philosophy of hybrid war – fusing together many conventional and unconventional elements of conflict, power and diplomacy.

Interestingly, the said wargames treated the ISPR as the crucial pivot of conflict escalation and de-escalation. It was meant to undertake information operations, military deception and strategic communications – benignly dubbed as perception management in military parlance.

This was a couple of years prior to ‘hybrid war’ becoming all the rage in the media circles, manifesting itself as the wildly successful Russian playbook against Georgia, Ukraine, and the US elections. From leveraging non-uniformed militias to undertaking disruptive cyber operations that seeded widescale paranoia and confusion, the Russians reintroduced the cognitive dimension to this emerging format of war.

There were other classified Pakistani exercises that also hinged at the deftness and dexterity of the ISPR’s information warfare strategy. All of this neatly converged, almost with textbook precision, in the showdown after Pulwama.


DG ISPR

@OfficialDGISPR
In response to PAF strikes this morning as released by MoFA, IAF crossed LOC. PAF shot down two Indian aircrafts inside Pakistani airspace. One of the aircraft fell inside AJ&K while other fell inside IOK. One Indian pilot arrested by troops on ground while two in the area.

117K
11:19 PM - Feb 26, 2019
Twitter Ads info and privacy
71.9K people are talking about this
Valery Gerasimov, the chief of the general staff of the armed forces of Russia, is thought to be the key proponent of its hybrid war philosophy, which first found mention in his 2013 article for a journal called Military-Industrial Courier. The contents of his article gained such prominence that the Western media now prefers to call it the Gerasimov Doctrine.

Riaz Haq said…
Korybko To Pakistani Academia: Be Careful How You Counter Hybrid War
Written by Andrew Korybko on 2019-07-09

https://eurasiafuture.com/2019/07/09/korybko-to-pakistani-academia-be-careful-how-you-counter-hybrid-war/

Eurasia Future is publishing the full interview that Andrew Korybko gave to Beaconhouse National University’s Shahryaar Naeem as part of the article that he plans to publish in his university’s magazine about Hybrid War:

Q1: Please tell us something about your research or work regarding this topic.

I’ve been researching Hybrid War since 2013 when I enrolled as a student in the Moscow State Institute of International Relations’ (MGIMO) English-language International Relations master’s program for Governance and Global Affairs. I later published an expanded version of my thesis as a book in 2015 that I also released online. Since then, I’ve expanded my work by conducting Hybrid War risk assessments for close to 50 countries of relevance to China’s Belt & Road Initiative that I published online at Oriental Review and on Amazon as an e-book titled “The Law Of Hybrid Warfare: Eastern Hemisphere”. I also incorporate my developing theories about Hybrid War into most of my analyses whenever applicable in order to raise awareness about the prevalence of these tactics and strategies in practically all facets of contemporary international affairs.

Q2: Why do we call this type of war ‘hybrid’ and how it is different from conventional war?

I understand the “hybrid” in Hybrid War as referring to the interplay of overt and covert destabilization measures that go below the threshold of conventional war against one’s adversaries. Although kinetic means are sometimes applied, these are usually done through proxies and aren’t undertaken by the practitioner’s uniformed conventional forces.

Q3: What is ‘5th generation warfare’? Is it different from hybrid warfare? What were the previous generations of war? Are the theories of William S. Lind accurate on Modern Warfare?

I regard “Fifth Generational Warfare” as being analogous with Hybrid Warfare even though some experts consider them to be different from one another in some respects. In brief, the only thing novel about either of these two is the use of certain technologies in the informational and cyber spheres, as the general principle of weaponizing social processes and clandestinely destabilizing one’s adversaries has been around since time immemorial. As to the relevancy of Lind’s work, it’s still pertinent and forms the basis for better understanding Hybrid Warfare.

Q4: What types of wars are used in Hybrid War?

There are many different forms of Hybrid Warfare, but my book and the bulk of my research focus on the phased transition from Color Revolutions to Unconventional Wars in order to achieve Regime Tweaking (political concessions), Regime Change (self-explanatory), and/or Regime Reboot (constitutional reform) against the practitioner’s target. Information manipulation and NGOs figure prominently in catalyzing Color Revolutions, while Unconventional Wars see terrorist groups playing the main role.

Q5: Is bio warfare (e.g. the deliberate spread of viruses to kill masses) a part of this war?

Whether one chooses to classify it as part of Hybrid War or use some other terminology for describing it, biological warfare in the manner that you described certainly fulfills the purpose of indirectly destabilizing a target and is therefore of relevance to this topic.
Riaz Haq said…
Korybko To Pakistani Academia: Be Careful How You Counter Hybrid War
Written by Andrew Korybko on 2019-07-09

https://eurasiafuture.com/2019/07/09/korybko-to-pakistani-academia-be-careful-how-you-counter-hybrid-war/

Eurasia Future is publishing the full interview that Andrew Korybko gave to Beaconhouse National University’s Shahryaar Naeem as part of the article that he plans to publish in his university’s magazine about Hybrid War:

Q6: Which countries are most active in using this war as a tool and which countries or continents are most affected?


My work specializes on the US’ use of Hybrid Warfare as an instrument for defending its unipolar hegemony and focuses on how it’s applied in various ways to undermine its geopolitical rivals, especially in regards to sabotaging China’s Belt & Road Initiative. Nevertheless, whether one looks at my model of Hybrid Warfare or other experts’, practically every country’s military, intelligence, and diplomatic bureaucracies (“deep state”) are theoretically capable of employing some of these tactics and strategies, albeit to differing degrees and with different scopes in pursuit of different ends that altogether advance their national interests.

Q7: When did Hybrid War enter Pakistan and which countries used it against us?

Indirect destabilization campaigns, the basis of Hybrid War, have been waged against Pakistan since its inception, first by India and nowadays also by the US, both of which are trying to weaken it from within through proxy means in pursuit of the contemporary objective of stopping CPEC.

Q8: Is our media currently being used against us?

Information manipulation is a key component of Hybrid Warfare, and it’s comparatively easier to pull off in countries like Pakistan where media outlets have proliferated in the past 20 years and a wide diversity of discourse on practically all topics already exists. It can be as simple as indirectly encouraging influential figures and platforms to promote certain narratives or be as complex as literally having people on a foreign intelligence agency’s payroll (whether directly or through an NGO or other proxy) in order to promote the desired agenda.

Q9: What was Operation Hangover?

Operation Hangover wasn’t anything unique because it was just India’s application of the NSA’s secret surveillance tactics and strategies in pursuit of its interests vis-a-vis Pakistan. As the world enters the 5G Revolution and the internet becomes more ubiquitous in all aspects of everyday life, cyber attacks such as that particular one can be expected to increase as well.

Q10: Are the tribal areas in Pakistan most vulnerable to psychological attacks?

All areas and all demographics of every country are vulnerable to psychological attacks, but Pakistan’s tribal ones have been extensively targeted in the past because of their geopolitical significance adjacent to the Afghan border and also nowadays in close proximity to CPEC’s main route.

Q11: How do NGOs operate in this war?

I encourage the reader to review my article about “NGOs And The Mechanics Of Hybrid War” at Oriental Review for more details about this, but in brief, such organizations can oftentimes be exploited as foreign intelligence proxies, both directly in the sense of being created from the get-go as fronts and also indirectly in the sense of their employees, mission, and/or activities being influenced from abroad.

Q12: What are the external and internal threats to Pakistan’s security?

Hybrid Wars, and particularly their informational component that precedes Color Revolutions and other forms of foreign-influenced socially driven destabilization activities, work most successfully when they take advantage of preexisting identity conflicts and especially those that are overtly geopolitical such as the issues pertaining to the Durand Line. Their effectiveness can be improved when other instruments are used in these campaigns, such as targeted sanctions and the employment of various terrorist groups.

Riaz Haq said…
Korybko To Pakistani Academia: Be Careful How You Counter Hybrid War
Written by Andrew Korybko on 2019-07-09

https://eurasiafuture.com/2019/07/09/korybko-to-pakistani-academia-be-careful-how-you-counter-hybrid-war/

Eurasia Future is publishing the full interview that Andrew Korybko gave to Beaconhouse National University’s Shahryaar Naeem as part of the article that he plans to publish in his university’s magazine about Hybrid War:


Q13: Is Pakistan deliberately being pushed towards an economic crisis, and if so, how?


Pakistan has many preexisting socio-economic challenges that its adversaries are capitalizing upon in order to worsen the situation in the country. The intent is to push the country into taking painful austerity measures that could then be exploited by foreign forces to incite a renewed round of Color Revolution unrest. Violence might be deliberately used in order to provoke the security forces into responding with kinetic means to quell the disturbances, which could then be deliberately misportrayed through deceptively decontextualized and/or  edited images and footage in order to catalyze a self-sustaining cycle of destabilization. That’s why the professionalism of the Pakistan Armed Forces is paramount in order to avoid inadvertently escalating the situation in this scenario and playing into the enemies’ hands in the event that disproportionate force is used against civilians who are participating in this campaign through their irresponsible actions of rioting and other such related activities.

Q14: You mentioned ‘Color Revolutions’ in your book. Is there a secret plan to initiate one in Pakistan?

Yes, as I explained in the previous answer. The specific narratives and tactics employed can be flexibly adapted for any scenario, but it’s important to always keep in mind the basic strategy at play of provoking civilian-military clashes that could then be used as the basis upon which foreign forces can then “justify” their employment of terrorist groups and engage in other destabilization measures such as targeted sanctions and the like.

Q15: Is Pakistan only being targeted because of its nuclear program and CPEC project?

Those are both important reasons why it’s become a Hybrid War target, but it’s in India’s enduring national interests as it conceives of them to destabilize Pakistan precisely because of the fact that its existence as a separate state creates a precedent that New Delhi fears could inspire separatist movements within its own borders among its many diverse people.

Q16: Did Pakistan use 4th generation warfare in the Soviet-Afghan war by supporting the Mujahidin? Did India use it against us in the 1971 civil war?

If one simplifies Fourth Generation Warfare as simply being the use of proxies, then yes, both examples meet that criterion.

Q17: How ready is Pakistan to face this threat and how effectively are our intelligence agencies  countering it?

Hybrid War is a fact of life for Pakistan and its intelligence agencies are effectively thwarting it through their numerous proactive measures at home and abroad. The country has no choice but to adapt to this reality, as it has, and to creatively craft solutions for dealing with it without sacrificing the population’s basic freedoms (which could in turn be exploited from abroad to catalyze Color Revolutions and Unconventional Wars per the aforementioned strategy).

Riaz Haq said…
Korybko To Pakistani Academia: Be Careful How You Counter Hybrid War
Written by Andrew Korybko on 2019-07-09

https://eurasiafuture.com/2019/07/09/korybko-to-pakistani-academia-be-careful-how-you-counter-hybrid-war/

Eurasia Future is publishing the full interview that Andrew Korybko gave to Beaconhouse National University’s Shahryaar Naeem as part of the article that he plans to publish in his university’s magazine about Hybrid War:


Q18: What should be the role of Pakistani civilians and media in countering this threat?

It is important that individuals and information outlets anywhere in the world behave responsibly when sharing information. People should learn how to differentiate between various media products (factual news reports, op-eds, analyses, propaganda, fake news, etc.) in order to not be swayed by foreign-backed manipulation campaigns, but they also shouldn’t prematurely accuse their opponents of engaging in them just because they disagree with their views. Governments should educate their populations about how they might inadvertently be guided into participating in these campaigns in order to raise awareness of these modi operandi, especially pointing out the difference between the right to peacefully protest and the illegality of rioting, let alone the inadmissibility of using force against members of the security services. Hybrid War is everywhere and affects everyone, but getting its targets to overreact to this threat is also an objective of its practitioners in and of itself, which is why prudent policies should be put into place and practiced by the state and its people in order to avoid this dangerous pitfall.
Riaz Haq said…
#Israeli #spyware allegedly used to target #Pakistani officials' phones. The details are likely to fuel speculation that #India could have been using NSO #technology for domestic and international surveillance. #Modi #RAW #WhatsApp
https://www.theguardian.com/world/2019/dec/19/israeli-spyware-allegedly-used-to-target-pakistani-officials-phones?CMP=share_btn_tw

The mobile phones of at least two dozen Pakistani government officials were allegedly targeted earlier this year with technology owned by the Israeli spyware company NSO Group, the Guardian has learned.

Scores of Pakistani senior defence and intelligence officials were among those who could have been compromised, according to sources familiar with the matter who spoke on the condition of anonymity.

The alleged targeting was discovered during an analysis of 1,400 people whose phones were the focus of hacking attempts in a two-week period earlier this year, according to the sources.

All the suspected intrusions exploited a vulnerability in WhatsApp software that potentially allowed the users of the malware to access messages and data on the targets’ phones.

The discovery of the breach in May prompted WhatsApp, which is owned by Facebook, to file a lawsuit against NSO in October in which it accused the company of “unauthorised access and abuse” of its services.

The lawsuit claimed intended targets included “attorneys, journalists, human rights activists, political dissidents, diplomats, and other senior foreign government officials”.

NSO has said it will vigorously contest the claim and has insisted that its technology is only used by law enforcement agencies around the world to snare criminals, terrorists and paedophiles.

The alleged targeting of Pakistani officials gives a first insight into how NSO’s signature “Pegasus” spyware could have been used for “state-on-state” espionage.


The details also raise fresh questions about how NSO’s clients use its spyware.

“This kind of spyware is marketed as designed for criminal investigations. But the open secret is that it also winds up being used for political surveillance and government-on-government spying,” said John Scott-Railton, a senior researcher at the Citizen Lab, an academic research group located at the University of Toronto that has worked with WhatsApp to help identify victims of the alleged hacks.

“Spyware companies are clearly contributing to the proliferation of state-on-state technological espionage. No government seems particularly immune. This is probably further stretching the patience of governments around the world with this industry,” he added.

The Pakistani embassies in London and Washington declined multiple requests for comment. WhatsApp declined to comment.

Representatives for NSO declined to comment on questions about whether the company’s software had been used for government espionage.

The company has previously said it considered it a “misuse” of its product if the software was used for anything other than the prevention of “serious crime and terrorism”.

While it is not clear who wanted to target Pakistani government officials, the details are likely to fuel speculation that India could have been using NSO technology for domestic and international surveillance.

The government of the Indian prime minister, Narendra Modi, is facing questions from human rights activists about whether it has bought NSO technology after it emerged that 121 WhatsApp users in India were allegedly targeted earlier this year.

The figure included about two dozen alleged victims who are journalists, activists and human rights lawyers, a fact that prompted Modi opponents in the Indian National Congress to seek a supreme court inquiry into the matter.

Pakistan has not publicised the alleged hack, but there are signs the government, led by the prime minister, Imran Khan, is taking steps to address the matter.

Dr Arslan Khalid, who serves as Khan’s top adviser on digital issues, has said in local press reports that the government is working on developing an alternative to WhatsApp
Riaz Haq said…
The existential threat from cyber-enabled information warfare
Herbert Lin

https://www.tandfonline.com/doi/abs/10.1080/00963402.2019.1629574

Corruption of the information ecosystem is not just a multiplier of two long-acknowledged existential threats to the future of humanity – climate change and nuclear weapons. Cyber-enabled information warfare has also become an existential threat in its own right, its increased use posing the possibility of a global information dystopia, in which the pillars of modern democratic self-government – logic, truth, and reality – are shattered, and anti-Enlightenment values undermine civilization as we know it around the world.


Riaz Haq said…
Pakistan has established #Cyber Forensic Laboratory at NUST, and the #Computer Emergency Response Team (PAK-CERT). #Pakistan has made major progress in #Nuclear ‘Security and Control Measures’ category with an incredible (+25) points. https://moderndiplomacy.eu/2020/08/18/nti-2020-and-pakistans-cyber-preparedness/

Among countries with weapons-usable nuclear materials, Australia for the third time has been ranked at the first position in the sabotage ranking and for the fifth time for its security practices. Likewise, New Zealand and Sweden stand first in the ranking for countries without materials. It is very pertinent to highlight here that Pakistan’s commitment towards nuclear safety and security, has also been duly acknowledged. In this regard, since Pakistan has adopted new on-site physical protection and cyber security regulations, it has been appreciated in the index. This would likely further improve Pakistan’s existing insider threat prevention measures. Nevertheless, the 2020 NTI report has ranked Pakistan among the countries that have nuclear materials but its adherence to nuclear safety and security has been vindicated.

It is worth mentioning here that in the theft ranking for countries with nuclear materials, Pakistan has improved its ranking by an overall score of 7 points. In this regard, Pakistan has made major progress in the ‘Security and Control Measures’ category with an incredible (+25) points based on the new regulations. Also, Pakistan has improved in the Global Norms category with (+1) points. The strengthened laws and regulations have provided sustainable security benefits and resulted in improving Pakistan’s overall score. Moreover, Pakistan’s improvement in the Security and Control Measures category is quite significant. Over time, by improving +8 points in 2014, +2 points in 2016, and +6 points in 2018, Pakistan has steadily improved in the Security and Control Measures category. Owing to new regulations for on-site physical protection its score has improved since 2014. Whereas since 2018; the insider threat protection has also improved. When the report was first launched in 2012, since then Pakistan, unlike other states has improved its score in the security and control measure category with 25 points. This is an incredible improvement as it is the second-largest improvement among the related states.

At the national level, Pakistan has taken various initiatives including; the establishment of Cyber Forensic Laboratory at the National University of Science and Technology (NUST), and the Computer Emergency Response Team (PAK-CERT) to deal with cyber-related threats. Furthermore, the National Centre for Cyber Security at the Air University also aims at making cyberspace of Pakistan more secure. It has affiliated Research and Development Laboratories working on projects related to network security systems and smart devices. To maintain such a status, in the longer term, Pakistan needs to further expand the scope of its existing national cyber policy framework. This would enhance Pakistan’s capabilities to tackle cyber threats to nuclear security in a more efficient way.

Hence, the emergence of cyber threats to nuclear security both at the regional and the global levels needs to be addressed with greater cooperation among the states. Likewise, it is also essential to address the human factor for cyber security when insiders could unwittingly introduce or exacerbate cyber vulnerabilities. Pakistan needs to further enhance the role and increase the capacity of its specialized cyber workforce. In this regard, if required, the number of highly skilled technical staff may be increased keeping view of the emergent cyber threats to the nuclear facilities.
Riaz Haq said…
Experts are unanimous in saying that the most important target of #Indian #cyber-#espionage & #cyberattacks by far is #Pakistan. Limited employment prospects of Indian techies have created a swarm of underground threat actors in #India| The Daily Swig
https://portswigger.net/daily-swig/indian-cyber-espionage-activity-rising-amid-growing-rivalry-with-china-pakistan


ANALYSIS India is sometimes overlooked by some in the threat intelligence community, even though the South Asian nation has advanced cyber capabilities – not least a huge pool of talent.

The country boasts a large number of engineers, programmers, and information security specialists, but not all of this tech talent was put to good use, even before the Covid-19 pandemic cast a shadow over the global economy.

Their somewhat limited employment prospects are said to have created a swarm of underground Indian threat actors eager to show off their hacking talents and make money – a resource that the Indian government might be able to tap into in order to bolster its own burgeoning cyber-espionage resources.

India is in catch-up mode for now, but has the technical resources to make rapid progress.

Who is being targeted by Indian hacking groups?
Geopolitical factors have fueled an increase in cyber threat activity both originating from and targeting India.

Experts quizzed by The Daily Swig were unanimous in saying that the most important target of Indian cyber-espionage by far is Pakistan – a reflection of the decades-long struggle over the disputed region of Kashmir.

China, India’s neighbour and an ally of Pakistan, is also a top target of state-sponsored Indian cyber-espionage.

Paul Prudhomme, head of threat intelligence advisory at IntSights, told The Daily Swig: “Indian cyber-espionage differs from that of other top state-sponsored threats, such as those of Russia and China, in the less ambitious geographic scope of their attacks.”


Other common targets of Indian hacking activity include other nations of the South Asian subcontinent, such as Bangladesh, Sri Lanka, and Nepal. Indian espionage groups may sometimes expand their horizons further to occasional targets in Southeast Asia or the Middle East.

Indian cyber-espionage groups typically seek information on Pakistan’s government, military, and other organizations to inform and improve its own national security posture.

But this is far from the only game in town.

For example, one Indian threat group called ‘Dark Basin’ has allegedly targeted advocacy groups, senior politicians, government officials, CEOs, journalists, and human rights activists across six continents over the last seven years.

India is currently considered to have a less mature cyber warfare armoury and capability than the ‘Big Six’ – China, North Korea, Russia, Israel, the UK, and US – but this may change over time since its capability is growing.

Chris Sedgwick, director of security operations at Talion, the managed security service spinoff of what used to be BAE System’s intelligence division, commented:

The sophistication of the various Indian cyber threat actors do not appear to be in the same league as China or Russia, and rather than having the ability to call on a cache of 0-day exploits to utilise, they have been known to use less sophisticated – but still fairly effective – techniques such as decoy documents containing weaponised macros.
Riaz Haq said…
Experts are unanimous in saying that the most important target of #Indian #cyber-#espionage & #cyberattacks by far is #Pakistan. Limited employment prospects of Indian techies have created a swarm of underground threat actors in #India| The Daily Swig
https://portswigger.net/daily-swig/indian-cyber-espionage-activity-rising-amid-growing-rivalry-with-china-pakistan


Morgan Wright, chief security advisor at SentinelOne and former US State Department special advisor, told The Daily Swig: “India’s growing offensive capability is still immature compared to China, North Korea, Russia, Israel, the UK and US. However, there is no shortage of people with advanced technical skills in India.”

With Covid-19 causing significant unemployment in India, it can be “safely assumed a portion of people with these skills will engage in cybercrime”, according to Wright.

“Ironically, tactics learned in committing cybercrime will be of value to the intelligence and military establishment in India as they develop and grow units to engage in cyber warfare and espionage,” he said.


India security

Assaf Dahan, senior director and head of threat research at Cybereason, told The Daily Swig: “The level of sophistication of the activity groups affiliated with India can vary; some groups have shown a high level of sophistication and use of advanced custom-built tools or advanced exploits, while others exhibited significantly less sophisticated capabilities.

“Sometimes a group might exhibit different levels of sophistication on different operations, based on the group’s needs and reasoning,” he added.

Dahan concluded: “Another point to remember: the level of sophistication isn’t always correlated with the success rate of the group’s operation or goals. Sometimes, simple social engineering attacks delivering a known commodity malware can be enough to get the threat actors what they want.”

What examples are there of Indian APT groups?
Recent attacks by Indian hacker groups:

The highly active cyber-espionage entity known as SideWinder has been plaguing governments and enterprises since 2012. A recently released report by AT&T Alien Labs shows most of SideWinder’s activity is heavily focused on South Asia and East Asia, with the group likely supporting Indian political interests.
The allegedly Indian state-sponsored group Dropping Elephant has been known to target the Chinese government via spear-phishing and watering hole attacks.
Viceroy Tiger has been known to use weaponised Microsoft Office documents in spear-phishing campaigns. Security researchers at Lookout recently went public with research on mobile malware attributed to the threat actors and rated as medium sophistication.

The level of direct Indian government involvement in some of these operations is contested.
Cybereason’s Dahan cautioned: “The line between ‘state operated’ or ‘state ordered’ can be rather fine, so it’s not always easy to link certain operations directly to an official government or military institution, especially due to the growing popularity of cyber mercenaries (hackers-for-hire).”

How might India expand its cyber warfare capabilities and defences?
Through an emerging initiative to provide technology education to 400,000 low-income students, India will significantly increase its cyber “bench strength”, according to Mike Hamilton, former CISO for the City of Seattle and co-founder and CISO of cybersecurity firm CI Security.

Hamilton predicted that a “cybercrime population will emerge [in India] and differentiate itself from nationalist motivations”.

Other experts reckon the flow of talent will run the other way and allow Indian to expand its cyber-espionage capabilities from the cohorts of cybercriminals.

Riaz Haq said…
#China Appears to Warn #India : Push Too Hard and the Lights Could Go Out in the Entire #SouthAsian Nation of 1.3 billion. Most of the #malware was never activated in the #Mumbai grid attack that was meant as a warning to #Modi. - The New York Times

https://www.nytimes.com/2021/02/28/us/politics/china-india-hacking-electricity.html

As border skirmishing increased last year, malware began to flow into the Indian electric grid, a new study shows, and a blackout hit Mumbai. It now looks like a warning.

Early last summer, Chinese and Indian troops clashed in a surprise border battle in the remote Galwan Valley, bashing each other to death with rocks and clubs.

Four months later and more than 1,500 miles away in Mumbai, India, trains shut down and the stock market closed as the power went out in a city of 20 million people. Hospitals had to switch to emergency generators to keep ventilators running amid a coronavirus outbreak that was among India’s worst.

Now, a new study lends weight to the idea that those two events may well have been connected — as part of a broad Chinese cybercampaign against India’s power grid, timed to send a message that if India pressed its claims too hard, the lights could go out across the country.

The study shows that as the standoff continued in the Himalayas, taking at least two dozen lives, Chinese malware was flowing into the control systems that manage electric supply across India, along with a high-voltage transmission substation and a coal-fired power plant.


The flow of malware was pieced together by Recorded Future, a Somerville, Mass., company that studies the use of the internet by state actors. It found that most of the malware was never activated. And because Recorded Future could not get inside India’s power systems, it could not examine the details of the code itself, which was placed in strategic power-distribution systems across the country. While it has notified Indian authorities, so far they are not reporting what they have found.

Stuart Solomon, Recorded Future’s chief operating officer, said that the Chinese state-sponsored group, which the firm named Red Echo, “has been seen to systematically utilize advanced cyberintrusion techniques to quietly gain a foothold in nearly a dozen critical nodes across the Indian power generation and transmission infrastructure.”

The discovery raises the question about whether an outage that struck on Oct. 13 in Mumbai, one of the country’s busiest business hubs, was meant as a message from Beijing about what might happen if India pushed its border claims too vigorously.

News reports at the time quoted Indian officials as saying that the cause was a Chinese-origin cyberattack on a nearby electricity load-management center. Authorities began a formal investigation, which is due to report in the coming weeks. Since then, Indian officials have gone silent about the Chinese code, whether it set off the Mumbai blackout and the evidence provided to them by Recorded Future that many elements of the nation’s electric grid were the target of a sophisticated Chinese hacking effort.

It is possible the Indians are still searching for the code. But acknowledging its insertion, one former Indian diplomat noted, could complicate the diplomacy in recent days between China’s foreign minister, Wang Yi, and his Indian counterpart, Subrahmanyam Jaishankar, in an effort to ease the border tensions.

https://www.recordedfuture.com/redecho-targeting-indian-power-sector/
Riaz Haq said…
#India Suspects #China May Be Behind Major #Mumbai Blackout. Officials are investigating whether #cyberattacks from China could have caused the #power outage, an assertion that China rejects. #Modi #Ladakh https://www.wsj.com/articles/india-suspects-china-may-be-behind-major-mumbai-blackout-11614615383

Indian officials are investigating whether cyberattacks from China could have been behind a blackout in Mumbai last year.

State officials in Maharashtra, of which Mumbai is the capital, said Monday that an initial investigation by its cyber department found evidence that China could have been behind a power outage that left millions without power in October.

It was the worst blackout in decades in India’s financial capital, stopping trains and prompting hospitals to switch to diesel powered generators. The megacity has long prided itself on being one of the few cities in India with uninterrupted power supply even as most of the country struggles with regular blackouts.

Anil Deshmukh, home minister of the state, said officials were investigating a possible connection between the blackout and a surge in cyberattacks on the servers of the state power utilities. He wouldn’t single out China, but said investigators had found evidence of more than a dozen Trojan horse attacks as well as suspicious data transfers into the servers of state power companies.

“There were attempts to login to our servers from foreign land,” said Mr. Deshmukh. “We will investigate further.”

Another state official said 8GB of unaccounted for data slipped into power company servers from China and four other countries between June and October. The official cited thousands of attempts by blacklisted IP addresses to access the servers.

State-sponsored hackers increasingly target critical infrastructure such as power grids instead of specific institutions, said Amit Dubey, a cybersecurity expert at Root64 Foundation, which conducts cybercrime investigations.

“Anything and everything is dependent on power,” Mr. Dubey said. Targeting power supply, he said, can “take down hundreds of plants or day-to-day services like trains.”

Mr. Dubey said many countries such as China, Russia and Iran are deploying state-sponsored hackers to target the power grids of other nations. Russian hackers succeeded in turning off the power in many parts of Ukraine’s capital a few years ago, he said, and have also attacked critical infrastructure in the U.S. in recent years.

India’s announcement came after U.S. cybersecurity firm Recorded Future on Sunday published a report outlining what it said were attacks from close to a China-linked group it identified as RedEcho. It cited a surge in attacks targeting India’s power infrastructure.

The report said the attacks could have been a reaction to the jump in border tension between the two countries. During a military skirmish in June, India said 20 Indian soldiers were killed and China said four Chinese soldiers were killed when soldiers fought with rocks, batons and clubs wrapped in barbed wire.

In response to the Recorded Future report, which was earlier reported by the New York Times, China said it doesn’t support cyberattacks.

“It is highly irresponsible to accuse a particular party when there is no sufficient evidence around,” Wang Wenbin, spokesman for China’s Ministry of Foreign Affairs said in a briefing Monday. “China is firmly opposed to such irresponsible and ill-intentioned practice.

Recorded Future said it couldn’t directly connect the attacks to the Mumbai blackout because it doesn’t have access to any hardware that might have been infected.

India’s Ministry of Power said it has dealt with the threats outlined in the Recorded Future report by strengthening its firewall, blocking IP addresses and using antivirus software to scan and clean its systems software.

Riaz Haq said…
Pakistan-linked hackers targeted Indian power company with ReverseRat

https://thehackernews.com/2021/06/pakistan-linked-hackers-targeted-indian.html

A threat actor with suspected ties to Pakistan has been striking government and energy organizations in the South and Central Asia regions to deploy a remote access trojan on compromised Windows systems, according to new research.

"Most of the organizations that exhibited signs of compromise were in India, and a small number were in Afghanistan," Lumen's Black Lotus Labs said in a Tuesday analysis. "The potentially compromised victims aligned with the government and power utility verticals."

Some of the victims include a foreign government organization, a power transmission organization, and a power generation and transmission organization. The covert operation is said to have begun at least in January 2021.

The intrusions are notable for a number of reasons, not least because in addition to its highly-targeted nature, the tactics, techniques, and procedures (TTPs) adopted by the adversary rely on repurposed open-source code and the use of compromised domains in the same country as the targeted entity to host their malicious files.

At the same time, the group has been careful to hide their activity by modifying the registry keys, granting them the ability to surreptitiously maintain persistence on the target device without attracting attention.

Explaining the multi-step infection chain, Lumen noted the campaign "resulted in the victim downloading two agents; one resided in-memory, while the second was side-loaded, granting threat actor persistence on the infected workstations."

The attack commences with a malicious link sent via phishing emails or messages that, when clicked, downloads a ZIP archive file containing a Microsoft shortcut file (.lnk) and a decoy PDF file from a compromised domain.

The shortcut file, besides displaying the benign document to the unsuspecting recipient, also takes care of stealthily fetching and running an HTA (HTML application) file from the same compromised website.

The lure documents largely describe events catering to India, disguising as a user manual for registering and booking an appointment for COVID-19 vaccine through the CoWIN online portal, while a few others masquerade as the Bombay Sappers, a regiment of the Corps of Engineers of the Indian Army.
Riaz Haq said…
Pegasus was used to hack mobiles of Pak officials

https://www.sundayguardianlive.com/news/pegasus-used-hack-mobiles-pak-officials

New Delhi: Mobile phones of around 30 Pakistani government servants, who include serving army generals, officials attached with the ISI and senior bureaucrats, were hacked into by using Pegasus spying software during April and May 2019.

Pegasus takes control of the infected phone by entering the system through WhatsApp.


While the Pakistan government has so far kept the matter under wraps, possibly to avoid panic and public embarrassment, it, however, issued a special secret advisory to heads of departments, a copy of which was also sent to the secretary of Prime Minister Imran Khan, asking them to replace all phones purchased before 10 May 2019 immediately and prohibiting the transfer of official documents by using WhatsApp.

The hacking of the mobile numbers of around 30 officials—the exact number is known only to the group/individual/organisation that hacked into the phones—has sparked a frenzy among government officials because of speculation that key documents and vital information might have landed in unintended hands and offices across borders.

Information and classified documents that are generally found in the mobile phones of top government officials, are regarded as invaluable by both foreign government agencies and private operators as they give valuable insights into otherwise closely guarded policies and plans.

The Sunday Guardian reached out to the NSO Group, the Israel-based company that owns Pegasus, with a detailed questionnaire regarding the recent development. In a statement, the NSO Group said: “To protect the ongoing public safety missions of its agency customers and given significant legal and contractual constraints, NSO Group is not able to disclose who is or is not a client or discuss specific uses of its technology, as explained in its Transparency Statement of Principles. However, the company’s products are licensed only to government intelligence and law enforcement agencies for the sole purpose of preventing and investigating terror and serious crime. NSO’s technology is only licensed after a thorough vetting process that goes well beyond the legal requirements that we follow. All potential customers must meet strict export authority regulations before any sale, in addition to NSO’s internal vetting process that includes a focus on human rights. NSO’s governance framework aligns us with the UN Guiding Principles on Business and Human Rights and sets the highest standards in the cyber intelligence industry, embedding human rights due diligence into everything we do.”

This newspaper also shared its questions with the Pakistan high commission in New Delhi, and Pakistan’s Ministry of Information Technology & Telecom for response. However, no response was shared until the time the story went to press.

The NSO group gained some kind of notoriety after it emerged that Pegasus had infected at least 1,400 numbers across the world through WhatsApp. Facebook, the owner of WhatsApp, has already filed a suit against NSO in US courts for illegally breaking into WhatsApp.

Despite the controversy it has attracted in recent times, “Q Cyber Technologies”, the parent company of NSO, continues to remain active in the world of cyber espionage. It was one of the main sponsors of “ISS World Asia”—touted as the world’s largest gathering of law enforcement agencies, intelligence analysts, electronic surveillance and intelligence gathering—which was held in Kuala Lumpur, Malaysia in the first week of December.

In the said event, “Q Cyber Technologies” had defined itself as a company that equipped select intelligence agencies, militaries and law enforcement organisations around the world with the strategic, tactical and analytical technology capabilities required to ensure the success of their operations in fighting crime and terrorism.
Riaz Haq said…
India’s Gandhi and Pakistan’s Khan tapped as targets in Israeli NSO spyware scandal - Tech News - Haaretz.com


https://www.haaretz.com/israel-news/tech-news/.premium-india-s-gandhi-and-pakistan-s-khan-tapped-as-israeli-nso-spyware-targets-1.10012729

Prominent Indian politician Rahul Gandhi and Pakistani Prime Minister Imran Khan were selected as potential targets of the Israeli-made Pegasus spyware program by clients of the NSO Group cyberespionage firm, a global investigation can reveal Monday.

Additional potential targets included Pakistani officials, including a number once associated with Pakistani leader Khan. They also included Kashmiri separatists, leading Tibetan religious figures and even an Indian supreme court judge. Khan did not respond to a request for comment from the Washington Post.

Gandhi, who said he changes phones every few months to avoid being hacked, said in response: “Targeted surveillance of the type you describe, whether in regard to me, other leaders of the opposition or indeed any law-abiding citizen of India, is illegal and deplorable.

According to an analysis of the Pegasus Project records, more than 180 journalists were selected in 21 countries by at least 12 NSO clients. The potential targets and clients hail from Bahrain, Morocco, Saudi Arabia, India, Mexico, Hungary, Azerbaijan, Togo and Rwanda.

----------

India is Israel’s biggest arms market, buying around $1 billion worth of weapons every year, according to Reuters. The two countries have grown closer since Modi became Indian prime minister in 2014, widening commercial cooperation beyond their longstanding defense ties. Modi became the first sitting Indian leader to visit Israel in July 2017, while former Prime Minister Benjamin Netanyahu held a state visit to India at the start of 2018.
Riaz Haq said…
Cyber Weapons And Fragile Peace Between India And Pakistan – OpEd
 January 22, 2021  Fatima Ahmed and Tajjalla Munir*  0 Comments
By Fatima Ahmed and Tajjalla Munir*



https://www.eurasiareview.com/22012021-cyber-weapons-and-fragile-peace-between-india-and-pakistan-oped/





After the advent of nuclear weapons, cyber weapons are the most destructive thing that we can imagine in this contemporary world. Nuclear weapons can lead to tangible damage. In the age when the world has become a global village, cyber weapons pose a threat to international peace. Cyberspace provided the fifth domain in the area of armed conflict. Previously, they were air, land, sea, and space.  Nuclear weapons are generally used for deterrence purposes and they are mostly used or considered as last option weapons, cyber-attack on the other hand can be materialized when there is no apparent conflict between two states. Due to the deep enmity between Indian and Pakistan, it will always a threat that both countries can target each other in cyberspace. When a cyber-attack is launched against India and Pakistan, they will blame each other but the perpetrators of this attack could be the third party. That could be state-sponsored cyber-attack or even non-state actors and individuals could carry out such endeavors. This has already happened, when a cyber-attack targeted some websites in India. Initially, Pakistan was made responsible for these attacks but later it was revealed that the offensive was done by a third party. It was due to insecurity and doubt present in both states about each other’s intentions or capabilities. While initially cyber-attacks can be very limited in scope but there are fair chances that it could escalate which could result in a conflict with the use of conventional weapons. Therefore in modern times, cyber weapons pose a great threat to the peaceful relations between India and Pakistan. That will ultimately lead to regional instability.
Riaz Haq said…
Mr. Modi has used the Israeli spyware to not only spy on his critics at home but also his perceived enemies abroad. Pakistani Prime Minister Imran Khan is among the most prominent targets of the Modi government's cyber attacks, according to a recently released Project Pegasus report. The Indian government has neither confirmed nor denied the report. The focus of the report is the use of the Israeli-made spyware by about a dozen governments to target politicians, journalists and activists. The users of the Pegasus software include governments of Bahrain, Morocco, Saudi Arabia, India, Mexico, Hungary, Azerbaijan, Togo and Rwanda.

http://www.riazhaq.com/2022/01/ny-times-modi-bought-israeli-pegasus.html
Riaz Haq said…
Ignite Conducts Karachi Qualifier Round of Digital Pakistan Cybersecurity Hackathon 2022

https://propakistani.pk/2022/12/02/ignite-conducts-karachi-qualifier-round-of-digital-pakistan-cybersecurity-hackathon-2022/


Ignite National Technology Fund, a public sector company with the Ministry of IT & Telecom, conducted the qualifier round of Digital Pakistan Cybersecurity Hackathon 2022 in Karachi on 1st December 2022 after conducting qualifier rounds at Quetta and Lahore.

The Cybersecurity Hackathon aims to improve the cybersecurity readiness, protection, and incident response capabilities of the country by conducting cyber drills at a national level and identifying cybersecurity talent for public and private sector organizations.

Dr. Zain ul Abdin, General Manager Ignite, stated that Ignite was excited about organizing Pakistan’s 2nd nationwide cybersecurity hackathon in five cities this year. The purpose of the Cyber Security Hackathon 2022 is to train and prepare cyber security experts in Pakistan, he said.

Speaking on the occasion, Asim Shahryar Husain, CEO Ignite, said, “The goal of the cybersecurity hackathon is to create awareness about the rising importance of cybersecurity for Pakistan and also to identify and motivate cybersecurity talent which can be hired by public and private sector organizations to secure their networks from cyberattacks.”

“There is a shortage of 3-4 million cybersecurity professionals globally. So this is a good opportunity for Pakistan to build capacity of its IT graduates in cybersecurity so that they can boost our IT exports in future,” he added.

Chief guest, Mohsin Mushtaq, Additional Secretary (Incharge) IT & Telecommunication, said, “Digital Pakistan Cybersecurity Hackathon is a step towards harnessing the national talent to form a national cybersecurity response team.”

“Ignite will continue to hold such competitions every year to identify new talent. I would like to congratulate CEO Ignite and his team for holding such a marathon competition across Pakistan to motivate cybersecurity students and professionals all over the country,” he added.

Top cybersecurity experts were invited for keynote talks during the occasion including Moataz Salah, CEO Cyber Talents, Egypt, and Mehzad Sahar, Group Head InfoSec Engro Corp, who delivered the keynote address on Smart InfoSec Strategy.

Panelists from industry, academia, and MoITT officials participated in two panel discussions on “Cyber Threats and Protection Approaches” and “Indigenous Capability & Emerging Technologies” during the event.

The event also included a cybersecurity quiz competition in which 17 teams participated from different universities. The top three teams in the competition were awarded certificates.

41 teams competed from Karachi in the Digital Pakistan Cybersecurity Hackathon 2022.

The top three teams shortlisted after the eight-hour hackathon were: “Team Control” (Winner); “Revolt” (1st Runner-up); and “ASD” (2nd Runner-up).

These top teams will now compete in the final round of the hackathon in Islamabad later this month.

Popular posts from this blog

Pakistani Women's Growing Particpation in Workforce

Project Azm: Pakistan to Develop 5th Generation Fighter Plane

Pakistan's Saadia Zahidi Leads World Economic Forum's Gender Parity Effort