18 August 2016

America uses stealthy submarines to hack other countries’ systems

https://www.washingtonpost.com/news/the-switch/wp/2016/07/29/america-is-hacking-other-countries-with-stealthy-submarines/ 
By Brian Fung and Andrea Peterson July 29 
When Donald Trump effectively called for Russia to hack into Hillary Clinton's emails Wednesday, the GOP nominee's remarks touched off a (predictable) media firestorm. Here was a presidential candidate from a major U.S. party encouraging a foreign government to target American interests with cyberspying — an act that could not only expose national security information but also potentially undermine the actual security infrastructure of the United States. 

Cyberwarriors working for Moscow and other regimes are already poking and prodding at our networks, so there's little reason to think Trump's words were all that damaging in themselves. But it's a good opportunity to talk about the state of state-sponsored hacking, and to offer a reminder that the United States is just as active in this space as the next government. 
The U.S. approach to this digital battleground is pretty advanced. For example: Did you know that the military uses its submarines as underwater hacking platforms? 
In fact, subs represent an important component of America's cyber strategy. They act defensively to protect themselves and the country from digital attack, but — more interestingly — they also have a role to play in carrying out cyberattacks, according to two U.S. Navy officials at a recent Washington conference

"There is a — an offensive capability that we are, that we prize very highly," said Rear Adm. Michael Jabaley, the U.S. Navy's program executive officer for submarines. "And this is where I really can't talk about much, but suffice to say we have submarines out there on the front lines that are very involved, at the highest technical level, doing exactly the kind of things that you would want them to do." 
The so-called "silent service" has a long history of using information technology to gain an edge on America's rivals. In the 1970s, the U.S. government instructed its submarines to tap undersea communications cables off the Russian coast, recording the messages being relayed back and forth between Soviet forces. (The National Security Agency has continued that tradition, monitoring underwater fiber cables as part of its globe-spanning intelligence-gathering apparatus. In some cases, the government has struck closed-door deals with the cable operators ensuring that U.S. spies can gain secure access to the information traveling over those pipes.)

These days, some U.S. subs come equipped with sophisticated antennas that can be used to intercept and manipulate other people's communications traffic, particularly on weak or unencrypted networks. 

"We've gone where our targets have gone" — that is to say, online, said Stewart Baker, the National Security Agency's former general counsel, in an interview. "Only the most security-conscious now are completely cut off from the Internet." Cyberattacks are also much easier to carry out than to defend against, he said. 

One of America's premier hacker subs, the USS Annapolis, is hooked into a much wider U.S. spying net that was disclosed as part of the 2013 Edward Snowden leaks, according to Adam Weinstein and William Arkin, writing last year for Gawker's intelligence and national security blog, Phase Zero. A leaked slide showed that in a typical week, the Navy performs hundreds of so-called "computer network exploitations," many of which are likely the result of submarine-based hacking. 

"Annapolis and its sisters are the infiltrators of the new new of cyber warfare," wrote Arkin and Weinstein, "getting close to whatever enemy — inside their defensive zones — to jam and emit and spoof and hack. They do this through mast-mounted antennas and collection systems atop the conning tower, some of them one-of-a-kind devices made for hard to reach or specific targets, all of them black boxes of future war." 

But even this doesn't compare to what the Navy wants to be able to do next: turn its submarines into motherships for underwater drones that can maneuver themselves even closer to shore and conduct jamming or hacking operations while allowing the sub to work at a distance. 

"We want the boat to grow longer arms," said Rear Adm. Charles Richard, director of the Navy's undersea warfare division. "We are at all-ahead flank [speed], both on unmanned aerial and undersea vehicles." 

(U.S. Navy) 

It's unclear how far behind — or ahead — other navies may be when it comes to submarine-based cyber offense. Many of the cybersecurity and military experts we interviewed for this story had hardly heard of the Defense Department's own undersea cyber capabilities. 


But, Baker said, "espionage is a game where there's a lot of following the leader — so it's perfectly possible it's happening in this field as well."

What is clear is that the U.S. military operates some of the most sophisticated information networks ever designed, and it's using them to penetrate foreign computer systems as part of an evolving cyber strategy.

We may never know precisely what dirt the Pentagon is digging up with its submarine espionage, or be able to draw a link between it and any political or military events in the real world. But despite the rising prominence of Russian hackers in this news cycle — and Chinese hackers before that — it's worth pointing out that the United States has grown fairly proficient in cyberspace, too.

No comments: