This month, North American Internet security researchers recently revealed that they had detected a China based espionage group, called the Shadow Network, that had hacked into PCs used by military and civilian personnel working for the Indian armed forces, and made off with huge quantities of data.
This was done via Internet based attacks against specific military and government officials. This is often carried out in the form of official looking email, with a file attached, sent to people at a specific military or government organization. It is usually an email they weren’t expecting. This is known in the trade as “spear fishing” (or “phishing”), which is an Cyber War technique that sends official looking email to specific individuals, with an attachment which, if opened, secretly installs a program that sends files from the email recipient’s PC to the spear fisher’s computer.
In the last year, an increasing number of military, government, and contractor personnel have received these official looking emails, with a PDF document attached, and asking for prompt attention.
This group – Shadow Network – is reminiscent of the speculated attack on the US infrastructure by China in CyberKill.
Here’s a scene from CyberKill that shows this. Fiction meets reality.
“Good,” said Bartley. “You’re all here, finally.” He checked his watch and shook his head. “Gentlemen — and lady — this facility is on an Info-Con Delta alert status.”
Cole interrupted. “For the benefit of us civilians, Colonel, what’s an Info-Con alert?”
“Specialist Stone,” said Bartley, “would you like to inform the civilians here what an Info-Con is?”
“Yes, sir,” Casey said. “Info-Con stands for ‘Information Condition’ indicating defense conditions prior to going to war.”
“Going to war?” the three of them erupted, with Dallas and Taylor standing up from their seats. Bartley stared forward impassively and ordered them to sit. When they had settled, he said, “Not a physical war. A cyberwar. We have authorization under National Security Presidential Directive Number Sixteen to commence offensive cyberwarfare.”
“Commence against whom?” asked Taylor.
“China,” replied Bartley. “We know that the disruptions in the wireless networks were initiated in the People’s Republic of China.”
“But that wasn’t a hack,” said Cole. “It was a network malfunction.”
“Our intel says otherwise, Cole. They, the Chinese, only made it look like a malfunction.”
Cole said, “You know as well as I do that my code was responsible for the malfunction, Colonel.”
Bartley raised an eyebrow to Cole’s disclosure, but remained silent. Bartley was not to be swayed. Cole hated that about the man. When he thought he was right, all others were wrong.
“We believe they took advantage of a glitch in your code, Cole, to bring down the wireless networks.”
Cole nearly stood. “There was no glitch in my code, Colonel. Someone tried to re-write it. We both know that, damn it. And they did an ax job of it, too.”
“That’s neither here nor there,” Bartley said calmly. “This attack fits the mold of China’s ongoing cool war against the West’s information infrastructure.”
“The cold war is over, Bartley!” cried Taylor. “I know we’re not on perfect political terms with the Chinese, but why would they deliberately try to harm our information infrastructure?”
Bartley’s nostrils flared briefly, almost comically. “A covert offensive in cyberspace is one way of settling old scores — without getting into a shooting war.”
“Why does the DoD think China is behind this and not Russia?” asked Cole, eying Taylor to clam up.
“We found emails from a Chinese ISP on the Brotherhood’s computers the FBI confiscated. Two plus two is four, Cole. It all fits.”
“And does the DoD think that the hacker attacks we’ve had over the last several days are also China’s doing?” asked Taylor, calming down.
“Yes,” Bartley said flatly. “And we believe China is backing the terrorists who, we’re certain, have been probing and testing in preparation for a ‘swarming attack.’”
“A what?” asked Taylor.
“A swarming attack,” repeated Bartley. “HomSec discovered a pattern in the attacks. The attacks were all different — Internet service outages, cell phone service disruptions, the Amtrak accident, and now the gas explosion that we suspect was also a cyberterrorist attack. HomeSec believes that China’s claws have been sharpening their skills, testing our information infrastructure in preparation for a big attack.”
“And what’s the lab going to do during this cool war?” asked Dallas.
“The cool war is about to get warm,” Bartley replied confidently. “The White House has authorized Operation Digital Sword. No bombs, no bullets, no bangs this time. The objective is to disrupt the information systems in China. We’re going to give them a taste of their own damn medicine. Digital Sword will be unleashed with such fury and effect that China will soon feel compelled to call a halt to their attacks.”
“The American way of war,” said Taylor mockingly. “Use an atom bomb to swat a fly.”
“And that’s always worked,” said Bartley proudly. “The Chinese are going to understand what it means to go to war with America. Even if it’s just a cyberwar. First we’ll bring down their power grid. Then we’ll disrupt their oil pipeline flows, drowning their military installations in oil in one place and starving it in others. At the same time we’ll wreak havoc with their financial sector. The result will be a taste of what they were planning to do to us. Their transportation, financial and power systems will shut down, causing incalculable economic damage — even more severe than what they planned for us.”
“And what about collateral damage?” questioned Taylor. “The civilian casualty count? What about that?”
“Don’t forget, Miss Taylor,” Bartley said defiantly, “they started this war. Not us. There will be acceptable losses. We’re prepared for that.”
“Acceptable losses,” Taylor mumbled under her breath.