SlideShare a Scribd company logo

Countering the Cyber Espionage Threat from China

Murray Security Services
Murray Security Services

Keynote Presentation - 2016 IMPACT Conference - National Security Institute Chantilly, VA

Technology
1 of 24
Download to read offline
IMPACT 2016 - National Security Institute Countering the Cyber Espionage Threat from China Dr. Shawn P. Murray, C|CISO, CISSP, CRISC
China’s Strategy China’s Strategy for Information Warfare • China has demonstrated its intention to become an internationally leading player in the fields of information-and- cyber warfare. Information warfare involves actions taken to achieve information superiority by affecting adversary information, information processes, information systems and computer-based networks, while denying the adversaries’ ability to do the same. • More than 20 years ago, China began to publish its theories, doctrines, policies and strategies concerning both defensive and aggressive use of cyberspace. • A student from the Institute of Systems Engineering of Dalian University of Technology in China published a research paper titled “Cascade-Based Attack Vulnerability on the US Power Grid.” • Several American experts and journalists analyzed the article as a new demonstration of China’s offensive motivations against American infrastructure (and indeed against the security and sovereignty of the USA), and also as proof of China’s involvement in a new arms race in cyberspace. • China’s approach to information warfare and cyber warfare has two main dimensions: military and civilian, both developed through theoretical and practical considerations. http://ensec.org/index.php?option=com_content&view=article&id=241:critical-energy-infrastructure-security-and-chinese-cyber-threats&catid=106:energysecuritycontent0510&Itemid=361
First Gulf War Influence on China The Military Dimension – from The Journal of Energy Security The dazzling success of the US in the first Gulf War was interpreted by several armies in the world as the victory of new technologies. According to this model • Information and information technologies’ dominance provided total control over the battlefield • Was also the key to military success, victory and power. This conclusion called for a radical transformation within armed forces. • China’s Revolution in Military Affairs (RMA) concept. • Transformation of Chinese doctrine guided new strategies of evolution in  Chinese military affairs  And in several industrialized countries worldwide. In this context, the concept of information warfare acquired greater consideration among military experts in China. Since the mid 1990s the Chinese army has implemented a modernization program guided by the concept of “informationization” (which translates as dominance over information technologies and cyberspace). http://ensec.org/index.php?option=com_content&view=article&id=241:critical-energy-infrastructure-security-and-chinese-cyber-threats&catid=106:energysecuritycontent0510&Itemid=361
First Gulf War Influence on China The Military Dimension – from The Journal of Energy Security In 1995 General Wang Pufeng, who is considered the father of Chinese doctrine of information warfare, outlined several key concepts of this doctrine. Among them he pointed out that: • The goal of information warfare is no longer the conquest of territories or the destruction of enemy troops, but the destruction of the enemy’s will to resist. • Information warfare is a war in which the ability to see, to know and to strike more accurately and before the adversary is as important as firepower. In 1997 Chinese Colonel Baocun Wang added that: • Information warfare can be conducted in times of peace, crisis and war; • Information warfare consists of offensive and defensive operations; The main components of information warfare are command and control, intelligence, electronic warfare, psychological warfare, hacker-warfare and economic warfare. http://ensec.org/index.php?option=com_content&view=article&id=241:critical-energy-infrastructure-security-and-chinese-cyber-threats&catid=106:energysecuritycontent0510&Itemid=361
3PLA The Third Department of the People’s Liberation Army’s General Staff Department Also known as 3PLA, China’s equivalent to the National Security Agency – Crucial to the country’s military strategy – Responsible for monitoring much of the world’s communications for threats and commercial opportunities. – Using Chinese government websites, academic databases and foreign security expertise, – The organization maintains what active and former U.S. officials say are facilities around Shanghai specialized in watching the U.S. – One of them located close to the main transoceanic communications cables linking China to the U.S. – Those activities were highlighted in May 2014, when the Justice Department indicted five officers of 3PLA on charges they stole U.S. corporate secrets. http://www.wsj.com/articles/chinas-spy-agency-has-broad-reach-1404781324
3PLA A ground view of 3PLA facilities with an organizational structure of the NSA-like military department. Increasingly rattles governments and corporations around the world while remaining obscure to outside security circles. http://www.wsj.com/articles/chinas-spy-agency-has-broad-reach-1404781324
Military Organization 3PLA Is Tasked With Monitoring World-Wide Electronic Information • Monitors Russia and tracks missiles. • Its military experts analyze Internet phone calls on an island dubbed China's Hawaii, • Eavesdrops on Europe from a secret town hidden behind an array of residential towers. • Recruited from elite specialist universities, 3PLA’s estimated 100,000-plus hackers, linguists, analysts and officers populate a dozen military intelligence bureaus, according to the foreign experts. http://www.wsj.com/articles/chinas-spy-agency-has-broad-reach-1404781324 Its operational units are spread out widely throughout China. From mountains near Beijing, China's 3LPA conducts the following:
FBI - Cyber’s Most Wanted Five Chinese Military Hackers Charged with Cyber Espionage Against U.S. On May 1, 2014, a grand jury in the Western District of Pennsylvania indicted five officers in Unit 61398 of the Third Department of the Chinese People’s Liberation Army (PLA) • HUANG ZHENYU (AKA: Huang Zhen Yu, “hzy_lhx”) • WEN XINYU (AKA: Wen Xin Yu, “WinXYHappy”, “Win_XY”, Lao Wen) • SUN KAILIANG (AKA: “Jack Sun”) • WANG DONG (AKA: Jack Wang, "UglyGorilla") • GU CHUNHUI (AKA: Gu Chun Hui, "KandyGoo")
Five 3PLA Officers Indicted From 2006-2014, the defendants allegedly involved in a hacking conspiracy that was targeted against: • Westinghouse Electric Co. • U.S. subsidiaries of SolarWorld AG • United States Steel Corp • Allegheny Technologies Inc. • United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union (USW) • Alcoa, Inc 31 criminal counts, including: – conspiring to commit computer fraud; – accessing a computer without authorization for the purpose of commercial advantage – private financial gain; – damaging computers through the transmission of code and commands; – aggravated identity theft; – economic espionage; – theft of trade secrets https://www.fbi.gov/wanted/cyber/sun-kailiang/view
Lisong Ma - 2013 Lisong Ma, a citizen of China, pled guilty for violating the International Emergency Economic Powers Act by attempting to export weapons-grade carbon fiber from the USA to China During the investigation, federal agents maintained a covert cyber-presence on web sites related to the brokering, purchase and sale of controlled commodities. • In February 2013, the defendant, using the name “Ma Li,” e-mailed an undercover agent and indicated that he was interested in acquiring several different types of high- grade carbon fiber. • Then, through various online communications, the defendant attempted to negotiate the purchase of five tons of carbon fiber. • Based on a review of Internet Protocol log-in information, investigators discovered that the defendant was communicating from the People’s Republic of China. • After traveling to the United States to meet those agents, Ma paid $400 for a spool of Toray-type, T-800 carbon fiber, and tried to ship it in a box whose invoice said it contained clothing, prosecutors said. http://www.reuters.com/article/us-usa-crime-exports-idUSBRE94T12920130530
Su Bin March 23, 2016 – FBI Press Report • “A Chinese businessman pleaded guilty on Wednesday to charges of conspiring to steal sensitive military aircraft data from computers belonging to Boeing and other defense contractors, in the latest reminder of what the US has called a massive Chinese cyber espionage campaign.” • “Su Bin, 50, admitted to collaborating with two unindicted Chinese co- conspirators over a near six-year period that ended shortly before his 2014 arrest. • Among the aircraft they targeted were: – Boeing’s C-17 military transport aircraft and – Lockheed Martin’s F-35 and F-22 fighter jets.” “In the last fiscal year alone, economic espionage and theft of trade secrets cost the American economy more than $19 billion.” “Economic espionage and theft of trade secrets are increasingly linked to the insider threat and the growing threat of cyber espionage.” http://www.ft.com/intl/cms/s/0/f1206e54-f13e-11e5-9f20-c3a047354386.html#axzz44vRXCKIr
USTRANSCOM September 2014 • “In a 12-month period beginning June 1, 2012, there were about 50 intrusions or other cyber events into the computer networks of TRANSCOM contractors, the 52-page report stated.” • “At least 20 of those were successful intrusions attributed to an "advanced persistent threat," a term used to designate sophisticated threats commonly associated with attacks against governments. All of those intrusions were attributed to China.” • “The investigation found that a "Chinese military intrusion" into a Transcom contractor between 2008 and 2010 "compromised emails, documents, user passwords and computer code." • “In 2012, another intrusion was made into multiple systems of a commercial ship contracted by Transcom, the report said.”
Private Health Care “Healthcare is by far the largest sector of where data breaches are occurring.” According to the Experian identity theft resource center, in 2014, 43% of the major data breeches were from the health care industry. • August 2014 - Community Health Systems (CYH.N), one of the largest U.S. hospital groups, said Chinese hackers had stolen Social Security numbers and other personal data from some 4.5 million patients. • A group of sophisticated Chinese hackers known for its high-stakes corporate espionage has a history of stealing medical-device blueprints, prescription-drug formulas and other valuable intellectual property from large health-care companies. – For over a year, Dell's SecureWorks division responded to multiple intrusions by a hacking group targeting health-care and pharmaceutical companies. – The group uses phishing e-mails and has even gained physical access to computers to infect target companies. – They have been "extremely successful in exfiltrating the most valuable intellectual property of organizations," according to Dell. • October 2015 - Hackers in China targeted health insurer Anthem to learn how medical coverage is set up in the US as Beijing grapples with providing healthcare for an ageing population, US investigators have concluded. – “People familiar with the Anthem investigation believe that gaining intellectual property and trade secrets were the rationale for the hack. The individual data held by Anthem, which insures many US government employees, could also be helpful to Chinese intelligence agencies.”
Comparing Costs How much did the September 11 terrorist attack cost America? • Counting the value of lives lost as well as property damage and lost production of goods and services, losses already exceed $100 billion. • Including the loss in stock market wealth -- the market's own estimate arising from expectations of lower corporate profits and higher discount rates for economic volatility -- the price tag approaches $2 trillion. Among the big-ticket items: - The loss of four civilian aircraft valued at $385 million. - Destruction of major buildings in the World Trade Center with replacement cost of from $3 to $4.5 billion. - Damage to a portion of the Pentagon: up to $1 billion. - Cleanup costs: $1.3 billion. - Property and infrastructure damage: $10 billion to $13 billion. - Federal emergency funds (heightened airport security, sky marshals, government takeover of airport security, retrofitting aircraft with anti-terrorist devices, cost of operations in Afghanistan): $40 billion. - Direct job losses amounted to 83,000, with $17 billion in lost wages. - The amount of damaged or unrecoverable property hit $21.8 billion. - Losses to the city of New York (lost jobs, lost taxes, damage to infrastructure, cleaning): $95 billion. - Losses to the insurance industry: $40 billion. - Loss of air traffic revenue: $10 billion. - Fall of global markets: incalculable. - http://www.iags.org/costof911.html
Comparing Costs Cybercrime and espionage costs $445 billion annually The estimate conducted by the Center for Strategic and International Studies The report, funded by the security firm McAfee, which is part of Intel Security, represents one of the first efforts to analyze the costs, drawing on a variety of data. – CSIS estimated that the United States lost about $100 billion. – Germany was second with $60 billion. – China followed with $45 billion. https://www.washingtonpost.com/world/national-security/report-cybercrime-and-espionage-costs-445-billion-annually/2014/06/08/8995291c-ecce-11e3-9f5c-9075d5508f0a_story.html
What can you do? • Identify Critical Data and Information – Protect it with defense in depth – Don’t put all your eggs in one basket • Split up and store the secrets in different locations • Control and monitor access • Identify Critical Personnel – Positions key to the success and continuity – Train replacements – Perform and record job task analysis • Identify Critical Resources – Tech power – High value technology
Insider Threat Who is an Accidental Insider Threat?
Insider Threat Who is an Accidental Insider Threat? • All employees – exhibit bad habits – Passwords left on screens, under keyboards – Tailgating into restricted areas, loss of accountability – Using their computers to surf the web or communicate personal e-mail – Bring personal computing devices to work (laptops, PDAs, Smart Phones & Tablets) – Failing to follow OPSEC – Social Engineering – Phone call from imposters, Phishing Emails etc.. • IT Personnel - Create vulnerabilities by: – Having group accounts – Separation of duties – Create scripts or back doors for conveniences – Don’t change default passwords • Security Personnel – exhibit bad habits – Deviate from security practices they are required to enforce • Executive Management
Insider Threat Reduce the Risk for the Accidental Insider Threat: • Educate and Train all personnel on exhibiting good habits & behavior – Computer based – Internal/External (DSS/DISA, Others) – Develop in house programs – External training & Conferences – Provide periodically (monthly, biannually, annually) – Gear training to the audience • All personnel • IT Personnel • Security Personnel • Assess the training material for currency and effectiveness – Update – Provide Examples (real world events or case studies)
Key Take Aways • Technology touches every aspect of our daily lives – Does every computing environment need access to the network? • 2.8 personal devices exist for every human on earth • IoT creates more ways to be hacked, be wary of new technology • Work with other stakeholders in the organization • Look at your contracts and DD-254s – Do clearances align with both documents? – What are the ADP/IT requirements? • Look at 3rd party vendors and – Create and sign service agreements • Supply Chain Management – Applies to sub contractors – Applies to R&D & Academia relationships • Talk to HR, Legal and other Stakeholders – Establish an Incident Response Team and practice it – Establish a Insider Threat program and review it, meet and discuss indicators
Resources
Resources How to Combat the Threat FBI - Economic Espionage: Protecting American’s Trade Secrets https://www.fbi.gov/about-us/investigate/counterintelligence/economic-espionage-brochure The FBI’s Business Alliance Initiative https://www.fbi.gov/about-us/investigate/counterintelligence/us-business-1 Internet Social Networking Risks https://www.fbi.gov/about-us/investigate/counterintelligence/internet-social-networking-risks Journal of Energy Security http://ensec.org/index.php?option=com_content&view=article&id=241:critical-energy-infrastructure-security-and-chinese-cyber- threats&catid=106:energysecuritycontent0510&Itemid=361 Infragard Chapters https://www.infragard.org/ Dr. Shawn P. Murray on SlideShare http://www.slideshare.net/ Security Organizations (DSS, ISSA, ISC2, Others) National Security Institute – Reference CD & News Letters
References & Citations Resources and references used for presentation: • http://www.reuters.com/article/us-usa-military-cyberspying-idUSKBN0HC1TA20140918 • http://blogs.wsj.com/chinarealtime/2014/07/08/meet-3pla-chinas-version-of-the-nsa/?KEYWORDS=china%20hackers • https://project2049.net/documents/pla_third_department_sigint_cyber_stokes_lin_hsiao.pdf • http://www.strategicstudiesinstitute.army.mil/pdffiles/pub1191.pdf • http://www.ft.com/cms/s/0/242c2f4e-7c2e-11e5-98fb-5a6d4728f74e.html#axzz44vRXCKIr • https://news.wgbh.org/post/why-would-chinese-hack-your-health-care-account-why-would-anybody • http://ensec.org/index.php?option=com_content&view=article&id=241:critical-energy-infrastructure-security-and-chinese-cyber- threats&catid=106:energysecuritycontent0510&Itemid=361
Questions? Thank You!

Recommended

Cuban missile crisis
Cuban missile crisisCuban missile crisis
Cuban missile crisis
mrdowdican
 
Causes of the Cold War - Nuclear weapons and Military Rivalry
Causes of the Cold War - Nuclear weapons and Military RivalryCauses of the Cold War - Nuclear weapons and Military Rivalry
Causes of the Cold War - Nuclear weapons and Military Rivalry
mrmarr
 
Conspiracy Theories and the Concept of Foreshadowing in the Modern World
Conspiracy Theories and the Concept of Foreshadowing in the Modern World Conspiracy Theories and the Concept of Foreshadowing in the Modern World
Conspiracy Theories and the Concept of Foreshadowing in the Modern World
The Annual International Conference on Languages, Linguistics, Translation and Literature
 
Social media in the conduct of foreign affairs and diplomacy
Social media in the conduct of foreign affairs and diplomacySocial media in the conduct of foreign affairs and diplomacy
Social media in the conduct of foreign affairs and diplomacy
Saeed Al Dhaheri
 
Lecture 2 -Technology, Innovation and Great Power Competition
Lecture 2 -Technology, Innovation and Great Power CompetitionLecture 2 -Technology, Innovation and Great Power Competition
Lecture 2 -Technology, Innovation and Great Power Competition
Stanford University
 
CAMBRIDGE A2 HISTORY: TRUMAN'S CONTAINMENT POLICY
CAMBRIDGE A2 HISTORY: TRUMAN'S CONTAINMENT POLICYCAMBRIDGE A2 HISTORY: TRUMAN'S CONTAINMENT POLICY
CAMBRIDGE A2 HISTORY: TRUMAN'S CONTAINMENT POLICY
George Dumitrache
 
Cold War: The war that changed the table of international relations
Cold War: The war that changed the table of international relationsCold War: The war that changed the table of international relations
Cold War: The war that changed the table of international relations
arokiya17
 
Higher history revision notes - cold war (vietnam and cuba)
Higher history revision notes - cold war (vietnam and cuba)Higher history revision notes - cold war (vietnam and cuba)
Higher history revision notes - cold war (vietnam and cuba)
mrmarr
 

Recommended

Cuban missile crisis
Cuban missile crisisCuban missile crisis
Cuban missile crisis
mrdowdican
 
Causes of the Cold War - Nuclear weapons and Military Rivalry
Causes of the Cold War - Nuclear weapons and Military RivalryCauses of the Cold War - Nuclear weapons and Military Rivalry
Causes of the Cold War - Nuclear weapons and Military Rivalry
mrmarr
 
Conspiracy Theories and the Concept of Foreshadowing in the Modern World
Conspiracy Theories and the Concept of Foreshadowing in the Modern World Conspiracy Theories and the Concept of Foreshadowing in the Modern World
Conspiracy Theories and the Concept of Foreshadowing in the Modern World
The Annual International Conference on Languages, Linguistics, Translation and Literature
 
Social media in the conduct of foreign affairs and diplomacy
Social media in the conduct of foreign affairs and diplomacySocial media in the conduct of foreign affairs and diplomacy
Social media in the conduct of foreign affairs and diplomacy
Saeed Al Dhaheri
 
Lecture 2 -Technology, Innovation and Great Power Competition
Lecture 2 -Technology, Innovation and Great Power CompetitionLecture 2 -Technology, Innovation and Great Power Competition
Lecture 2 -Technology, Innovation and Great Power Competition
Stanford University
 
CAMBRIDGE A2 HISTORY: TRUMAN'S CONTAINMENT POLICY
CAMBRIDGE A2 HISTORY: TRUMAN'S CONTAINMENT POLICYCAMBRIDGE A2 HISTORY: TRUMAN'S CONTAINMENT POLICY
CAMBRIDGE A2 HISTORY: TRUMAN'S CONTAINMENT POLICY
George Dumitrache
 
Cold War: The war that changed the table of international relations
Cold War: The war that changed the table of international relationsCold War: The war that changed the table of international relations
Cold War: The war that changed the table of international relations
arokiya17
 
Higher history revision notes - cold war (vietnam and cuba)
Higher history revision notes - cold war (vietnam and cuba)Higher history revision notes - cold war (vietnam and cuba)
Higher history revision notes - cold war (vietnam and cuba)
mrmarr
 
NSA Snooping Scandal
NSA Snooping ScandalNSA Snooping Scandal
NSA Snooping Scandal
Arun Prasaath
 
Security Concerns and International Relations
Security Concerns and International RelationsSecurity Concerns and International Relations
Security Concerns and International Relations
Jarno Limnéll
 
Korean war! Explained. Phases and causes. Outcome?
Korean war! Explained. Phases and causes. Outcome?Korean war! Explained. Phases and causes. Outcome?
Korean war! Explained. Phases and causes. Outcome?
Ernesto Correa Gómez
 
6. detente
6. detente6. detente
6. detente
The Grange School & Sports College
 
Eisenhower Foreign Policy
Eisenhower Foreign PolicyEisenhower Foreign Policy
Eisenhower Foreign Policy
Nathan Tengowski
 
nuclear proliferation (1).pptx
nuclear proliferation (1).pptxnuclear proliferation (1).pptx
nuclear proliferation (1).pptx
RobertKhan12
 
The us and the post cold war era pp
The us and the post cold war era ppThe us and the post cold war era pp
The us and the post cold war era pp
Anthony Murphy
 
Civil – military relations in india a perspective
Civil – military relations in india a perspectiveCivil – military relations in india a perspective
Civil – military relations in india a perspective
Umong Sethi
 
War in Afghanistan
War in AfghanistanWar in Afghanistan
War in Afghanistan
mrbruns
 
Korean war
Korean warKorean war
Korean war
award79
 
End of the cold war
End of the cold warEnd of the cold war
End of the cold war
lherzl
 
Eisenhower's Cold War Policies - 5/13/09
Eisenhower's Cold War Policies - 5/13/09Eisenhower's Cold War Policies - 5/13/09
Eisenhower's Cold War Policies - 5/13/09
kryackey
 
Gulf war presentation
Gulf war presentationGulf war presentation
Gulf war presentation
Olexiy Dubilet
 
Military Technology and the Military Industrial Complex
Military Technology and the Military Industrial ComplexMilitary Technology and the Military Industrial Complex
Military Technology and the Military Industrial Complex
leavingcerthistory
 
Cold War: Prague Spring
Cold War: Prague SpringCold War: Prague Spring
Cold War: Prague Spring
princessprimaballerina
 
Chapter 18 PPT
Chapter 18 PPTChapter 18 PPT
Chapter 18 PPT
ezasso
 
The War in Iraq
The War in IraqThe War in Iraq
The War in Iraq
abonica
 
Causes of the Cuban Missile Crisis – Khrushchev's view of Kennedy
Causes of the Cuban Missile Crisis – Khrushchev's view of KennedyCauses of the Cuban Missile Crisis – Khrushchev's view of Kennedy
Causes of the Cuban Missile Crisis – Khrushchev's view of Kennedy
mrmarr
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect us
Luis Borges Gouveia
 
War on Terror: Afghanistan
War on Terror: AfghanistanWar on Terror: Afghanistan
War on Terror: Afghanistan
abonica
 
Cyberwar
CyberwarCyberwar
Cyberwar
zapp0
 
Barcode Metadata & Privacy - What is the risk really?
Barcode Metadata & Privacy - What is the risk really?Barcode Metadata & Privacy - What is the risk really?
Barcode Metadata & Privacy - What is the risk really?
Murray Security Services
 

More Related Content

What's hot

Civil – military relations in india a perspective
Civil – military relations in india a perspectiveCivil – military relations in india a perspective
Civil – military relations in india a perspective
Umong Sethi
 
End of the cold war
End of the cold warEnd of the cold war
End of the cold war
lherzl
 
Eisenhower's Cold War Policies - 5/13/09
Eisenhower's Cold War Policies - 5/13/09Eisenhower's Cold War Policies - 5/13/09
Eisenhower's Cold War Policies - 5/13/09
kryackey
 
Military Technology and the Military Industrial Complex
Military Technology and the Military Industrial ComplexMilitary Technology and the Military Industrial Complex
Military Technology and the Military Industrial Complex
leavingcerthistory
 

What's hot (20)

NSA Snooping Scandal
NSA Snooping ScandalNSA Snooping Scandal
NSA Snooping Scandal
 
Security Concerns and International Relations
Security Concerns and International RelationsSecurity Concerns and International Relations
Security Concerns and International Relations
 
Korean war! Explained. Phases and causes. Outcome?
Korean war! Explained. Phases and causes. Outcome?Korean war! Explained. Phases and causes. Outcome?
Korean war! Explained. Phases and causes. Outcome?
 
6. detente
6. detente6. detente
6. detente
 
Eisenhower Foreign Policy
Eisenhower Foreign PolicyEisenhower Foreign Policy
Eisenhower Foreign Policy
 
nuclear proliferation (1).pptx
nuclear proliferation (1).pptxnuclear proliferation (1).pptx
nuclear proliferation (1).pptx
 
The us and the post cold war era pp
The us and the post cold war era ppThe us and the post cold war era pp
The us and the post cold war era pp
 
Civil – military relations in india a perspective
Civil – military relations in india a perspectiveCivil – military relations in india a perspective
Civil – military relations in india a perspective
 
War in Afghanistan
War in AfghanistanWar in Afghanistan
War in Afghanistan
 
Korean war
Korean warKorean war
Korean war
 
End of the cold war
End of the cold warEnd of the cold war
End of the cold war
 
Eisenhower's Cold War Policies - 5/13/09
Eisenhower's Cold War Policies - 5/13/09Eisenhower's Cold War Policies - 5/13/09
Eisenhower's Cold War Policies - 5/13/09
 
Gulf war presentation
Gulf war presentationGulf war presentation
Gulf war presentation
 
Military Technology and the Military Industrial Complex
Military Technology and the Military Industrial ComplexMilitary Technology and the Military Industrial Complex
Military Technology and the Military Industrial Complex
 
Cold War: Prague Spring
Cold War: Prague SpringCold War: Prague Spring
Cold War: Prague Spring
 
Chapter 18 PPT
Chapter 18 PPTChapter 18 PPT
Chapter 18 PPT
 
The War in Iraq
The War in IraqThe War in Iraq
The War in Iraq
 
Causes of the Cuban Missile Crisis – Khrushchev's view of Kennedy
Causes of the Cuban Missile Crisis – Khrushchev's view of KennedyCauses of the Cuban Missile Crisis – Khrushchev's view of Kennedy
Causes of the Cuban Missile Crisis – Khrushchev's view of Kennedy
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect us
 
War on Terror: Afghanistan
War on Terror: AfghanistanWar on Terror: Afghanistan
War on Terror: Afghanistan
 

Viewers also liked

InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
Radware
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
Radware
 
Counterintelligence
CounterintelligenceCounterintelligence
Counterintelligence
kelsports
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
swapneel07
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security
Ana Meskovska
 

Viewers also liked (20)

Cyberwar
CyberwarCyberwar
Cyberwar
 
Barcode Metadata & Privacy - What is the risk really?
Barcode Metadata & Privacy - What is the risk really?Barcode Metadata & Privacy - What is the risk really?
Barcode Metadata & Privacy - What is the risk really?
 
Putting the tea back into cyber terrorism
Putting the tea back into cyber terrorismPutting the tea back into cyber terrorism
Putting the tea back into cyber terrorism
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
 
IT Position of Trust Designation
IT Position of Trust DesignationIT Position of Trust Designation
IT Position of Trust Designation
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider Threat
 
SLVA - Werksmans Security for Privacy
SLVA - Werksmans Security for PrivacySLVA - Werksmans Security for Privacy
SLVA - Werksmans Security for Privacy
 
Ce hv6 module 48 corporate espionage by insiders
Ce hv6 module 48 corporate espionage by insidersCe hv6 module 48 corporate espionage by insiders
Ce hv6 module 48 corporate espionage by insiders
 
Corporate Espionage: Technical Surveillance Threats
Corporate Espionage: Technical Surveillance ThreatsCorporate Espionage: Technical Surveillance Threats
Corporate Espionage: Technical Surveillance Threats
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
 
ToR - Deep Web
ToR - Deep Web ToR - Deep Web
ToR - Deep Web
 
Information Gathering in Intelligence Agencies
Information Gathering in Intelligence AgenciesInformation Gathering in Intelligence Agencies
Information Gathering in Intelligence Agencies
 
Basic intelligence
Basic intelligenceBasic intelligence
Basic intelligence
 
Counterintelligence
CounterintelligenceCounterintelligence
Counterintelligence
 
Intelligence Cycle
Intelligence CycleIntelligence Cycle
Intelligence Cycle
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
 
Social media threats and risks: corporate espionage
Social media threats and risks: corporate espionageSocial media threats and risks: corporate espionage
Social media threats and risks: corporate espionage
 
Espionage
EspionageEspionage
Espionage
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security
 

Similar to Countering the Cyber Espionage Threat from China

Great Chinese Hack of the United States Government's Personnel Office in 2015
Great Chinese Hack of the United States Government's Personnel Office in 2015Great Chinese Hack of the United States Government's Personnel Office in 2015
Great Chinese Hack of the United States Government's Personnel Office in 2015
Dr. Tim Dosemagen
 
Each question should be done on a separate word document, with refer
Each question should be done on a separate word document, with referEach question should be done on a separate word document, with refer
Each question should be done on a separate word document, with refer
wildmandelorse
 
Major Essay_ US-China Relations_FINAL
Major Essay_ US-China Relations_FINALMajor Essay_ US-China Relations_FINAL
Major Essay_ US-China Relations_FINAL
Louise Collins
 
Foreign military studies office publications human network attacks
Foreign military studies office publications human network attacksForeign military studies office publications human network attacks
Foreign military studies office publications human network attacks
Clifford Stone
 
61Shackelford & Bohm - Securing North American Critical Infra
61Shackelford & Bohm - Securing North American Critical Infra61Shackelford & Bohm - Securing North American Critical Infra
61Shackelford & Bohm - Securing North American Critical Infra
simisterchristen
 
Northrop Grumman Prc Cyber Paper Final Approved Report 16 Oct2009
Northrop Grumman Prc Cyber Paper Final Approved Report 16 Oct2009Northrop Grumman Prc Cyber Paper Final Approved Report 16 Oct2009
Northrop Grumman Prc Cyber Paper Final Approved Report 16 Oct2009
Jose Gonzalez
 
International Strategy for Cyberspace_ Kinetic Solutions to Virtual Challenges
International Strategy for Cyberspace_ Kinetic Solutions to Virtual ChallengesInternational Strategy for Cyberspace_ Kinetic Solutions to Virtual Challenges
International Strategy for Cyberspace_ Kinetic Solutions to Virtual Challenges
Chikere Uchegbu
 

Similar to Countering the Cyber Espionage Threat from China (20)

Great Chinese Hack of the United States Government's Personnel Office in 2015
Great Chinese Hack of the United States Government's Personnel Office in 2015Great Chinese Hack of the United States Government's Personnel Office in 2015
Great Chinese Hack of the United States Government's Personnel Office in 2015
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopolitics
 
Future of Chinese Cyber Warfare
Future of Chinese Cyber WarfareFuture of Chinese Cyber Warfare
Future of Chinese Cyber Warfare
 
Cyber warfare capabiliites : A Reality Check
Cyber warfare capabiliites : A Reality CheckCyber warfare capabiliites : A Reality Check
Cyber warfare capabiliites : A Reality Check
 
Presentación3
Presentación3Presentación3
Presentación3
 
Each question should be done on a separate word document, with refer
Each question should be done on a separate word document, with referEach question should be done on a separate word document, with refer
Each question should be done on a separate word document, with refer
 
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
 
Major Essay_ US-China Relations_FINAL
Major Essay_ US-China Relations_FINALMajor Essay_ US-China Relations_FINAL
Major Essay_ US-China Relations_FINAL
 
Presd1 17
Presd1 17Presd1 17
Presd1 17
 
Cyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliCyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant Mali
 
Foreign military studies office publications human network attacks
Foreign military studies office publications human network attacksForeign military studies office publications human network attacks
Foreign military studies office publications human network attacks
 
61Shackelford & Bohm - Securing North American Critical Infra
61Shackelford & Bohm - Securing North American Critical Infra61Shackelford & Bohm - Securing North American Critical Infra
61Shackelford & Bohm - Securing North American Critical Infra
 
Exam notes for the Certified in Homeland Security -- Level II
Exam notes for the Certified in Homeland Security -- Level IIExam notes for the Certified in Homeland Security -- Level II
Exam notes for the Certified in Homeland Security -- Level II
 
Northrop Grumman Prc Cyber Paper Final Approved Report 16 Oct2009
Northrop Grumman Prc Cyber Paper Final Approved Report 16 Oct2009Northrop Grumman Prc Cyber Paper Final Approved Report 16 Oct2009
Northrop Grumman Prc Cyber Paper Final Approved Report 16 Oct2009
 
Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...
Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...
Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...
 
International Strategy for Cyberspace_ Kinetic Solutions to Virtual Challenges
International Strategy for Cyberspace_ Kinetic Solutions to Virtual ChallengesInternational Strategy for Cyberspace_ Kinetic Solutions to Virtual Challenges
International Strategy for Cyberspace_ Kinetic Solutions to Virtual Challenges
 
Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014
Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014
Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014
 
2015 Cyber Security Strategy
2015 Cyber Security Strategy 2015 Cyber Security Strategy
2015 Cyber Security Strategy
 
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
 

More from Murray Security Services

More from Murray Security Services (11)

Cybersecurity Maturity Model Certification
Cybersecurity Maturity Model CertificationCybersecurity Maturity Model Certification
Cybersecurity Maturity Model Certification
 
Accidental Insider Threat - 2018 Version
Accidental Insider Threat - 2018 VersionAccidental Insider Threat - 2018 Version
Accidental Insider Threat - 2018 Version
 
Manufacturing Hacks
Manufacturing HacksManufacturing Hacks
Manufacturing Hacks
 
Spectre & Meltdown
Spectre & MeltdownSpectre & Meltdown
Spectre & Meltdown
 
Global Shortage on Cyber Security Workforce - An Analysis of a Complex Issue
Global Shortage on Cyber Security Workforce - An Analysis of a Complex IssueGlobal Shortage on Cyber Security Workforce - An Analysis of a Complex Issue
Global Shortage on Cyber Security Workforce - An Analysis of a Complex Issue
 
Cybersecurity for Small Business
Cybersecurity for Small BusinessCybersecurity for Small Business
Cybersecurity for Small Business
 
Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security Risk
 
How to Write Good Policies
How to Write Good PoliciesHow to Write Good Policies
How to Write Good Policies
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber Crime
 
Social Engineering 2.0
Social Engineering 2.0Social Engineering 2.0
Social Engineering 2.0
 

Recently uploaded

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 

Recently uploaded (20)

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Countering the Cyber Espionage Threat from China

  • 1. IMPACT 2016 - National Security Institute Countering the Cyber Espionage Threat from China Dr. Shawn P. Murray, C|CISO, CISSP, CRISC
  • 2. China’s Strategy China’s Strategy for Information Warfare • China has demonstrated its intention to become an internationally leading player in the fields of information-and- cyber warfare. Information warfare involves actions taken to achieve information superiority by affecting adversary information, information processes, information systems and computer-based networks, while denying the adversaries’ ability to do the same. • More than 20 years ago, China began to publish its theories, doctrines, policies and strategies concerning both defensive and aggressive use of cyberspace. • A student from the Institute of Systems Engineering of Dalian University of Technology in China published a research paper titled “Cascade-Based Attack Vulnerability on the US Power Grid.” • Several American experts and journalists analyzed the article as a new demonstration of China’s offensive motivations against American infrastructure (and indeed against the security and sovereignty of the USA), and also as proof of China’s involvement in a new arms race in cyberspace. • China’s approach to information warfare and cyber warfare has two main dimensions: military and civilian, both developed through theoretical and practical considerations. http://ensec.org/index.php?option=com_content&view=article&id=241:critical-energy-infrastructure-security-and-chinese-cyber-threats&catid=106:energysecuritycontent0510&Itemid=361
  • 3. First Gulf War Influence on China The Military Dimension – from The Journal of Energy Security The dazzling success of the US in the first Gulf War was interpreted by several armies in the world as the victory of new technologies. According to this model • Information and information technologies’ dominance provided total control over the battlefield • Was also the key to military success, victory and power. This conclusion called for a radical transformation within armed forces. • China’s Revolution in Military Affairs (RMA) concept. • Transformation of Chinese doctrine guided new strategies of evolution in  Chinese military affairs  And in several industrialized countries worldwide. In this context, the concept of information warfare acquired greater consideration among military experts in China. Since the mid 1990s the Chinese army has implemented a modernization program guided by the concept of “informationization” (which translates as dominance over information technologies and cyberspace). http://ensec.org/index.php?option=com_content&view=article&id=241:critical-energy-infrastructure-security-and-chinese-cyber-threats&catid=106:energysecuritycontent0510&Itemid=361
  • 4. First Gulf War Influence on China The Military Dimension – from The Journal of Energy Security In 1995 General Wang Pufeng, who is considered the father of Chinese doctrine of information warfare, outlined several key concepts of this doctrine. Among them he pointed out that: • The goal of information warfare is no longer the conquest of territories or the destruction of enemy troops, but the destruction of the enemy’s will to resist. • Information warfare is a war in which the ability to see, to know and to strike more accurately and before the adversary is as important as firepower. In 1997 Chinese Colonel Baocun Wang added that: • Information warfare can be conducted in times of peace, crisis and war; • Information warfare consists of offensive and defensive operations; The main components of information warfare are command and control, intelligence, electronic warfare, psychological warfare, hacker-warfare and economic warfare. http://ensec.org/index.php?option=com_content&view=article&id=241:critical-energy-infrastructure-security-and-chinese-cyber-threats&catid=106:energysecuritycontent0510&Itemid=361
  • 5. 3PLA The Third Department of the People’s Liberation Army’s General Staff Department Also known as 3PLA, China’s equivalent to the National Security Agency – Crucial to the country’s military strategy – Responsible for monitoring much of the world’s communications for threats and commercial opportunities. – Using Chinese government websites, academic databases and foreign security expertise, – The organization maintains what active and former U.S. officials say are facilities around Shanghai specialized in watching the U.S. – One of them located close to the main transoceanic communications cables linking China to the U.S. – Those activities were highlighted in May 2014, when the Justice Department indicted five officers of 3PLA on charges they stole U.S. corporate secrets. http://www.wsj.com/articles/chinas-spy-agency-has-broad-reach-1404781324
  • 6. 3PLA A ground view of 3PLA facilities with an organizational structure of the NSA-like military department. Increasingly rattles governments and corporations around the world while remaining obscure to outside security circles. http://www.wsj.com/articles/chinas-spy-agency-has-broad-reach-1404781324
  • 7. Military Organization 3PLA Is Tasked With Monitoring World-Wide Electronic Information • Monitors Russia and tracks missiles. • Its military experts analyze Internet phone calls on an island dubbed China's Hawaii, • Eavesdrops on Europe from a secret town hidden behind an array of residential towers. • Recruited from elite specialist universities, 3PLA’s estimated 100,000-plus hackers, linguists, analysts and officers populate a dozen military intelligence bureaus, according to the foreign experts. http://www.wsj.com/articles/chinas-spy-agency-has-broad-reach-1404781324 Its operational units are spread out widely throughout China. From mountains near Beijing, China's 3LPA conducts the following:
  • 8. FBI - Cyber’s Most Wanted Five Chinese Military Hackers Charged with Cyber Espionage Against U.S. On May 1, 2014, a grand jury in the Western District of Pennsylvania indicted five officers in Unit 61398 of the Third Department of the Chinese People’s Liberation Army (PLA) • HUANG ZHENYU (AKA: Huang Zhen Yu, “hzy_lhx”) • WEN XINYU (AKA: Wen Xin Yu, “WinXYHappy”, “Win_XY”, Lao Wen) • SUN KAILIANG (AKA: “Jack Sun”) • WANG DONG (AKA: Jack Wang, "UglyGorilla") • GU CHUNHUI (AKA: Gu Chun Hui, "KandyGoo")
  • 9. Five 3PLA Officers Indicted From 2006-2014, the defendants allegedly involved in a hacking conspiracy that was targeted against: • Westinghouse Electric Co. • U.S. subsidiaries of SolarWorld AG • United States Steel Corp • Allegheny Technologies Inc. • United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union (USW) • Alcoa, Inc 31 criminal counts, including: – conspiring to commit computer fraud; – accessing a computer without authorization for the purpose of commercial advantage – private financial gain; – damaging computers through the transmission of code and commands; – aggravated identity theft; – economic espionage; – theft of trade secrets https://www.fbi.gov/wanted/cyber/sun-kailiang/view
  • 10. Lisong Ma - 2013 Lisong Ma, a citizen of China, pled guilty for violating the International Emergency Economic Powers Act by attempting to export weapons-grade carbon fiber from the USA to China During the investigation, federal agents maintained a covert cyber-presence on web sites related to the brokering, purchase and sale of controlled commodities. • In February 2013, the defendant, using the name “Ma Li,” e-mailed an undercover agent and indicated that he was interested in acquiring several different types of high- grade carbon fiber. • Then, through various online communications, the defendant attempted to negotiate the purchase of five tons of carbon fiber. • Based on a review of Internet Protocol log-in information, investigators discovered that the defendant was communicating from the People’s Republic of China. • After traveling to the United States to meet those agents, Ma paid $400 for a spool of Toray-type, T-800 carbon fiber, and tried to ship it in a box whose invoice said it contained clothing, prosecutors said. http://www.reuters.com/article/us-usa-crime-exports-idUSBRE94T12920130530
  • 11. Su Bin March 23, 2016 – FBI Press Report • “A Chinese businessman pleaded guilty on Wednesday to charges of conspiring to steal sensitive military aircraft data from computers belonging to Boeing and other defense contractors, in the latest reminder of what the US has called a massive Chinese cyber espionage campaign.” • “Su Bin, 50, admitted to collaborating with two unindicted Chinese co- conspirators over a near six-year period that ended shortly before his 2014 arrest. • Among the aircraft they targeted were: – Boeing’s C-17 military transport aircraft and – Lockheed Martin’s F-35 and F-22 fighter jets.” “In the last fiscal year alone, economic espionage and theft of trade secrets cost the American economy more than $19 billion.” “Economic espionage and theft of trade secrets are increasingly linked to the insider threat and the growing threat of cyber espionage.” http://www.ft.com/intl/cms/s/0/f1206e54-f13e-11e5-9f20-c3a047354386.html#axzz44vRXCKIr
  • 12. USTRANSCOM September 2014 • “In a 12-month period beginning June 1, 2012, there were about 50 intrusions or other cyber events into the computer networks of TRANSCOM contractors, the 52-page report stated.” • “At least 20 of those were successful intrusions attributed to an "advanced persistent threat," a term used to designate sophisticated threats commonly associated with attacks against governments. All of those intrusions were attributed to China.” • “The investigation found that a "Chinese military intrusion" into a Transcom contractor between 2008 and 2010 "compromised emails, documents, user passwords and computer code." • “In 2012, another intrusion was made into multiple systems of a commercial ship contracted by Transcom, the report said.”
  • 13. Private Health Care “Healthcare is by far the largest sector of where data breaches are occurring.” According to the Experian identity theft resource center, in 2014, 43% of the major data breeches were from the health care industry. • August 2014 - Community Health Systems (CYH.N), one of the largest U.S. hospital groups, said Chinese hackers had stolen Social Security numbers and other personal data from some 4.5 million patients. • A group of sophisticated Chinese hackers known for its high-stakes corporate espionage has a history of stealing medical-device blueprints, prescription-drug formulas and other valuable intellectual property from large health-care companies. – For over a year, Dell's SecureWorks division responded to multiple intrusions by a hacking group targeting health-care and pharmaceutical companies. – The group uses phishing e-mails and has even gained physical access to computers to infect target companies. – They have been "extremely successful in exfiltrating the most valuable intellectual property of organizations," according to Dell. • October 2015 - Hackers in China targeted health insurer Anthem to learn how medical coverage is set up in the US as Beijing grapples with providing healthcare for an ageing population, US investigators have concluded. – “People familiar with the Anthem investigation believe that gaining intellectual property and trade secrets were the rationale for the hack. The individual data held by Anthem, which insures many US government employees, could also be helpful to Chinese intelligence agencies.”
  • 14. Comparing Costs How much did the September 11 terrorist attack cost America? • Counting the value of lives lost as well as property damage and lost production of goods and services, losses already exceed $100 billion. • Including the loss in stock market wealth -- the market's own estimate arising from expectations of lower corporate profits and higher discount rates for economic volatility -- the price tag approaches $2 trillion. Among the big-ticket items: - The loss of four civilian aircraft valued at $385 million. - Destruction of major buildings in the World Trade Center with replacement cost of from $3 to $4.5 billion. - Damage to a portion of the Pentagon: up to $1 billion. - Cleanup costs: $1.3 billion. - Property and infrastructure damage: $10 billion to $13 billion. - Federal emergency funds (heightened airport security, sky marshals, government takeover of airport security, retrofitting aircraft with anti-terrorist devices, cost of operations in Afghanistan): $40 billion. - Direct job losses amounted to 83,000, with $17 billion in lost wages. - The amount of damaged or unrecoverable property hit $21.8 billion. - Losses to the city of New York (lost jobs, lost taxes, damage to infrastructure, cleaning): $95 billion. - Losses to the insurance industry: $40 billion. - Loss of air traffic revenue: $10 billion. - Fall of global markets: incalculable. - http://www.iags.org/costof911.html
  • 15. Comparing Costs Cybercrime and espionage costs $445 billion annually The estimate conducted by the Center for Strategic and International Studies The report, funded by the security firm McAfee, which is part of Intel Security, represents one of the first efforts to analyze the costs, drawing on a variety of data. – CSIS estimated that the United States lost about $100 billion. – Germany was second with $60 billion. – China followed with $45 billion. https://www.washingtonpost.com/world/national-security/report-cybercrime-and-espionage-costs-445-billion-annually/2014/06/08/8995291c-ecce-11e3-9f5c-9075d5508f0a_story.html
  • 16. What can you do? • Identify Critical Data and Information – Protect it with defense in depth – Don’t put all your eggs in one basket • Split up and store the secrets in different locations • Control and monitor access • Identify Critical Personnel – Positions key to the success and continuity – Train replacements – Perform and record job task analysis • Identify Critical Resources – Tech power – High value technology
  • 17. Insider Threat Who is an Accidental Insider Threat?
  • 18. Insider Threat Who is an Accidental Insider Threat? • All employees – exhibit bad habits – Passwords left on screens, under keyboards – Tailgating into restricted areas, loss of accountability – Using their computers to surf the web or communicate personal e-mail – Bring personal computing devices to work (laptops, PDAs, Smart Phones & Tablets) – Failing to follow OPSEC – Social Engineering – Phone call from imposters, Phishing Emails etc.. • IT Personnel - Create vulnerabilities by: – Having group accounts – Separation of duties – Create scripts or back doors for conveniences – Don’t change default passwords • Security Personnel – exhibit bad habits – Deviate from security practices they are required to enforce • Executive Management
  • 19. Insider Threat Reduce the Risk for the Accidental Insider Threat: • Educate and Train all personnel on exhibiting good habits & behavior – Computer based – Internal/External (DSS/DISA, Others) – Develop in house programs – External training & Conferences – Provide periodically (monthly, biannually, annually) – Gear training to the audience • All personnel • IT Personnel • Security Personnel • Assess the training material for currency and effectiveness – Update – Provide Examples (real world events or case studies)
  • 20. Key Take Aways • Technology touches every aspect of our daily lives – Does every computing environment need access to the network? • 2.8 personal devices exist for every human on earth • IoT creates more ways to be hacked, be wary of new technology • Work with other stakeholders in the organization • Look at your contracts and DD-254s – Do clearances align with both documents? – What are the ADP/IT requirements? • Look at 3rd party vendors and – Create and sign service agreements • Supply Chain Management – Applies to sub contractors – Applies to R&D & Academia relationships • Talk to HR, Legal and other Stakeholders – Establish an Incident Response Team and practice it – Establish a Insider Threat program and review it, meet and discuss indicators
  • 22. Resources How to Combat the Threat FBI - Economic Espionage: Protecting American’s Trade Secrets https://www.fbi.gov/about-us/investigate/counterintelligence/economic-espionage-brochure The FBI’s Business Alliance Initiative https://www.fbi.gov/about-us/investigate/counterintelligence/us-business-1 Internet Social Networking Risks https://www.fbi.gov/about-us/investigate/counterintelligence/internet-social-networking-risks Journal of Energy Security http://ensec.org/index.php?option=com_content&view=article&id=241:critical-energy-infrastructure-security-and-chinese-cyber- threats&catid=106:energysecuritycontent0510&Itemid=361 Infragard Chapters https://www.infragard.org/ Dr. Shawn P. Murray on SlideShare http://www.slideshare.net/ Security Organizations (DSS, ISSA, ISC2, Others) National Security Institute – Reference CD & News Letters
  • 23. References & Citations Resources and references used for presentation: • http://www.reuters.com/article/us-usa-military-cyberspying-idUSKBN0HC1TA20140918 • http://blogs.wsj.com/chinarealtime/2014/07/08/meet-3pla-chinas-version-of-the-nsa/?KEYWORDS=china%20hackers • https://project2049.net/documents/pla_third_department_sigint_cyber_stokes_lin_hsiao.pdf • http://www.strategicstudiesinstitute.army.mil/pdffiles/pub1191.pdf • http://www.ft.com/cms/s/0/242c2f4e-7c2e-11e5-98fb-5a6d4728f74e.html#axzz44vRXCKIr • https://news.wgbh.org/post/why-would-chinese-hack-your-health-care-account-why-would-anybody • http://ensec.org/index.php?option=com_content&view=article&id=241:critical-energy-infrastructure-security-and-chinese-cyber- threats&catid=106:energysecuritycontent0510&Itemid=361