Tag Archive for: military

Xi Jinping calls for China’s biggest military reorganization since 2015 – Firstpost

/in


Chinese President Xi Jinping. Source: AP

As cyber warfare between China and the United States intensifies, Chinese President Xi Jinping ordered what is being touted as the biggest reorganization of the nation’s military since 2015.

With an intention to expand its military capabilities, China terminated the Strategic Support Force and in turn created a new branch called the Information Support Force. This provides China with the ability to bolster its capabilities in several areas including cyber warfare, Xinhua News reported.

It is important to note that Beijing’s now-terminated Strategic Support Force was created more than eight years ago with the aim of enhancing capabilities in space, cyber, political and electronic warfare.

What’s new? 

China’s defence ministry maintained that the aerospace and cyber units previously under the Strategic Support Force will now be organizationally parallel to the newly created Information Support Force.

The aerospace unit is expected to improve China’s capability to use space and step up the management of space crises.

While announcing the new re-organisation, Xi reiterated the Communist Party’s leadership over the army. The Chinese President insisted that the new force would provide “key support in coordinating the construction and utilization of the cyber information system.”

According to Xinhua, Li Wei, the political commissar from the now-defunct Strategic Support Force, will take over the same role with the Information Support Force.

Following the announcement, Li pledged to “resolutely” listen to Xi’s instructions. Bi Yi on the other hand was appointed the new commander of the new force.

The change amid a tense climate

The restructuring came as China continues to face off with the US in a fight for global influence with cyberwarfare emerging as a key battleground. Last month, the US, the UK and New Zealand accused China of sponsoring malicious cyber activity and targeting democratic institutions.

Interestingly, the disappearance of the previous commander of the Strategic Support Force Ju Qiansheng, has led to a rise in speculations about the growing turmoil within China’s military leadership.

While Ju recently appeared in the…

Source…

Military Cyber Security market is projected to grow at a CAGR of 7.6% by 2034: Visiongain

/in


Visiongain Reports Ltd

Visiongain Reports Ltd

Visiongain has published a new report entitled Military Cyber Security Market Report 2024-2034: Forecasts by Deployment Mode (Cloud-based, On-premise), by Component (Hardware, Software, Services), by End-user (Army, Navy, Air Force, Cyber Commands), by Security Type (Network Security, Endpoint Security, Application Security, Cloud-based Security, Data Security), by Solutions (Threat Intelligence and Response Management, Identity and Access Management (IAM), Intrusion Detection and Prevention Systems (IDPS), Security Information and Event Management (SIEM), Firewall, Other) AND Regional and Leading National Market Analysis PLUS Analysis of Leading Companies AND COVID-19 Impact and Recovery Pattern Analysis.

The global military cyber security market was valued at US$28.4 billion in 2023 and is projected to grow at a CAGR of 7.6% during the forecast period 2024-2034.

Emergence of Advanced Persistent Threats (APTs)

Advanced Persistent Threats (APTs) are sophisticated cyber-attacks conducted by well-funded and highly skilled adversaries, such as nation-state actors and cyber espionage groups, with the intent to infiltrate, exfiltrate, and persist within targeted military networks for extended periods without detection. APTs often employ stealthy tactics, techniques, and procedures (TTPs) to evade traditional security defences and exploit vulnerabilities in software, hardware, and human factors. Detecting and mitigating APTs require advanced threat intelligence, behaviour analysis, anomaly detection, and incident response capabilities to identify and neutralize ongoing cyber threats.

Strategic Shift Towards Offensive Cyber Operations

In response to evolving cyber threats and geopolitical tensions, military organizations are increasingly investing in offensive cyber capabilities to conduct cyber operations, including reconnaissance, espionage, sabotage, and information warfare, against adversaries. Offensive cyber operations enable military forces to disrupt enemy communications, disrupt critical infrastructure, manipulate information, and gain strategic advantages in cyberspace. However, offensive cyber operations also raise concerns about escalation, unintended…

Source…

U.S. Wages Cyber War on Russian Military Botnet

/in


The United States and its allies have struck a significant blow to a Russian military botnet network whose targets included numerous government and military entities and corporations.

A January 2024 court-authorized operation effectively neutralized a network of hundreds of small office/home office (SOHO) routers that the Armed Forces of the Russian Federation (GRU) Military Unit 26165 used to conceal and enable a variety of cybercrimes, according to a U.S. Department of Justice Office of Public Affairs news release. The GRU unit is also known as APT 28, Sofacy Group, Forest Blizzard, Pawn Storm, Fancy Bear, and Sednit.

The GRU’s cybercrimes included vast spearphishing and similar credential harvesting campaigns against targets of interest to the Russian government, the Justice Department said.

Federal Bureau of Investigation (FBI) Director Christopher Wray spoke at the Munich Security Conference this week where he announced the impact of Operation Dying Ember on the Russian cyber operation.

“Operation Dying Ember, where working with our U.S. — and, again, worldwide law enforcement partners — we ran a court-authorized technical operation to kick the Russian GRU off well over a thousand home and small business routers and lock the door behind them, killing the GRU’s access to a botnet it was piggybacking to run cyber operations against countries around the world, including America and its allies in Europe,” Wray said.

He continued, “With these operations, and many more like them, we’ve set our sights on all the elements that we know from experience make criminal organizations tick: their people — a term we define broadly to include not just ransomware administrators and affiliates, but their facilitators, like bulletproof hosters and money launderers; their infrastructure; their servers, botnets, etc.; and their money, the cryptocurrency wallets they use to stash their ill-gotten gains, hire associates and lease infrastructure.

“Because we don’t just want to hit them — we want to hit them everywhere it hurts, and put them down, hard.”

Cyber Experts Weigh In

Tom Kellermann, senior vice president of Cyber Strategy at Contrast Security, who partners with MSSPs,…

Source…

Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network

/in


Feb 07, 2024NewsroomCyber Espionage / Network Security

Dutch Military Network

Chinese state-backed hackers broke into a computer network that’s used by the Dutch armed forces by targeting Fortinet FortiGate devices.

“This [computer network] was used for unclassified research and development (R&D),” the Dutch Military Intelligence and Security Service (MIVD) said in a statement. “Because this system was self-contained, it did not lead to any damage to the defense network.” The network had less than 50 users.

The intrusion, which took place in 2023, leveraged a known critical security flaw in FortiOS SSL-VPN (CVE-2022-42475, CVSS score: 9.3) that allows an unauthenticated attacker to execute arbitrary code via specially crafted requests.

Cybersecurity

Successful exploitation of the flaw paved the way for the deployment of a backdoor dubbed COATHANGER from an actor-controlled server that’s designed to grant persistent remote access to the compromised appliances.

“The COATHANGER malware is stealthy and persistent,” the Dutch National Cyber Security Centre (NCSC) said. “It hides itself by hooking system calls that could reveal its presence. It survives reboots and firmware upgrades.”

COATHANGER is distinct from BOLDMOVE, another backdoor linked to a suspected China-based threat actor that’s known to have exploited CVE-2022-42475 as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa as early as October 2022.

The development marks the first time the Netherlands has publicly attributed a cyber espionage campaign to China. Reuters, which broke the story, said the malware is named after a code snippet that contained a line from Lamb to the Slaughter, a short story by British author Roald Dahl.

Cybersecurity

It also arrives days after U.S. authorities took steps to dismantle a botnet comprising out-of-date Cisco and NETGEAR routers that were used by Chinese threat actors like Volt Typhoon to conceal the origins of malicious traffic.

Last year, Google-owned Mandiant revealed that a China-nexus cyber espionage group tracked as UNC3886 exploited zero-days in Fortinet appliances to deploy THINCRUST and CASTLETAP implants for executing arbitrary commands received from a…

Source…