Cyberwarfare.com is a quarterly diary of cyberwarfare activity. What is cyberwarfare? Cyberwarfare is defined as the most aggressive form of attack by a foe or rival over the internet. It largely applies to actions by states and involves denying internet services to communities or countries, or, at worst, destroying critical infrastructure or industrial facilities.
U.S. v. Russia cyber conflict intensifies
Menlo Park, Calif. – Dec. 30, 2016
The quarter began with an official accusation that Russia interfered with elections in the United States and ended with dozens of the Kremlin’s diplomats being expelled from their American digs in retaliation for that interference.
In between, there was a destructive cyberattack on Saudi Arabia, a demonstration of a new stealth fighter build with stolen U.S. tech, a call for banning Lenovo hardware in the Defense Department and a hacker assault on a U.S. aircraft carrier in the South China Sea.
Dec. 31. U.S. Department of Homeland Security says malware found on a laptop belonging to the Burlington (Vermont) Electric Company matches malicious software attributed to Russian hackers found on the computers of the Democratic National Committee.
Dec. 30. President Barrack Obama expels from the United States 35 suspected Russian spies for “malicious cyber activity and harassment” in connection with Russia’s attempt to influence the 2016 presidential election.
Dec. 29. U.S. Department of Homeland Security and FBI release 13-page report on Russian interference with U.S. Presidential election by hacking American political sites and email accounts.
Dec. 29. Ukrainian President Petro Poroshenko says his country’s state institutions have been targeted about 6,500 times in the past two months by hackers, including agents of Russian security services.
Dec. 28. The Organization for Security Cooperation in Europe, which monitors the Ukraine-Russian conflict, says it suffered a data breach that compromised the security of its computer network.
Dec. 23. CNBC reports the FBI is investigating infiltration of computers at Federal Deposit Insurance Corporation, which insures consumer deposits in U.S. banks, believed to be perpetrated by China’s military.
Dec. 22. Crowdstrike, an information security company, reports the Russian hacking group that stole data from the computers of the Democratic National Committee also used their skills to pinpoint and kill Ukrainian soldiers in 2014.
Dec. 15. CBS News reports that in August 2015 Russian hackers seized control of the non-classified email system of the U.S. Joint Chiefs of Staff used by about 3,500 officers and civilians.
Dec. 15. The Wall Street Journal reports the Republican National Committee foiled attempts to break into its computer systems using the same techniques that compromised the systems of its Democratic counterpart.
Dec. 9. Hans-Georg Maassen, head of the BfV, Germany’s domestic intelligence agency, says in statement that his agency has seen aggressive and increased cyber spying and cyber operations aimed at weakening and destabilizing the Federal Republic of Germany.
Dec. 2. Russia’s Federal Security Service says it has thwarted a cyberattack mounted by “foreign intelligence services” designed to destabilize its country’s financial system.
Dec. 1. Bloomberg reports cyberattacks believed to be launched from Iran against Saudi Arabia have erased data and disrupted operations at the agency running the country’s airports.
Nov. 17. Recruitment website for the Canadian armed forces hacked and visitors redirected to the home page of the Chinese government.
Nov. 4. NBC News reports that U.S.military hackers have penetrated Russia’s power grid, telecommunications networks and command systems making them vulnerable to American cyber weapons.
Nov. 4. Swiss Attorney General’s office suspends 18-month investigation into cyber espionage at Iran nuclear program talks in 2015 because it can’t find who was behind the criminal wrongdoing.
Nov. 3. WikiLeaks founder Julian Assange tells Russian-government run news station that Kremlin did not feed him stolen emails from Democratic Party organizations in the United States.
Nov. 2. Microsoft says Russian hackers accused of interfering with U.S. elections exploited a “zero day” vulnerability in Windows to attack users of that operating system.
Nov. 1. Chinese demo their J-20 stealth fighter, which is believed to be based on blueprints for the U.S. F-22 stealth fighter stolen by hackers from the military.
Oct. 31. A group called Shadow Brokers dumps online a list of servers compromised by the Equation Group, which has been linked to the NSA, and appear to be have been used for surveillance and other activity.
Oct. 28. Volexity, a network security company, says Chinese hackers launched a network attack targeting defense officials, defense industry representatives, defense security experts and think-tank scholars attending U.S.-Taiwan Defense Industry Conference in Williamsburg, Va. earlier this month.
Oct. 27. Ukrainian hackers release thousands of emails that appear to link between Russian President Vladimir Putin’s adviser Vladislav Surkov and the pro-Russia rebels fighting Ukrainian forces.
Oct. 24. The Washington Beacon reports the Pentagon’s J-2 intelligence directorate is warning the military against using equipment produced by Chinese firm Lenovo because it could introduce compromised hardware into the U.S. Defense Department supply chain.
Oct. 21. U.S. Navy confirms Chinese hackers launched a cyberattack against the Nimitz-class aircraft carrier U.S.S. Ronald Reagan while it was on patrol in the South China Sea, but there was no evidence the foray was successful.
Oct. 18. Information security firm ThreatConnect reports Chinese hackers have compromised a European drone company and the U.S. subsidiary of a French energy management company to most likely obtain information to help Chinese businesses in those sectors.
Oct. 12. CNN reports federal investigators believe Russian hackers compromised a contractor for Florida’s election system and exposed information about the state’s voters.
Oct. 12. CrowdStrike, an information security company, says commercial hacking by China against U.S. firms has declined 90 percent since the Beijing and Washington inked an agreement 13 months ago to curb economic espionage.
Oct. 11. The Telegraph reports that ministers of UK Prime Minister Theresa May’s government have been banned from wearing Apple Watches to cabinet meetings for fear the devices could be hacked by Russian spies.
Oct. 7. The Obama administration officially accuses Russia of attempting to interfere with the 2016 U.S. elections by hacking the computers of the Democratic National Committee and other political organizations.
Oct. 1. National Cyber Safety and Standards of India claims it has infiltrated Pakistan’s critical and defense infrastructure and could destroy it if ordered to do so by the Indian government.
Stay tuned for the Q1 2017 edition of the Cyberwarfare.com.
– John P. Mello, Jr. a freelance writer specializing in business and technology subjects, including consumer electronics, business computing and cyber security.
© 2016-2017 Cybersecurity Ventures. All rights reserved. Federal copyright law prohibits unauthorized reproduction of this Report by any means and imposes fines up to $150,000 for violations. Reproduction in whole or in part in any form or medium without expressed written permission of Cybersecurity Ventures is prohibited.