November 9, 2015

Beware of hackers, human spies and employees!

(Graphics on Slide 12 courtesy Cyber Agency) A combination or overlap of motivations and actions may lead to a leak of information. For example a Disgruntled Employee may appoach a Competitor, Foreign Corporation or Foreign Government. The Disgruntled Employee may stay in place while he thumb-drives information out to (say):

-  a Competitor or Foreign Corporation who after months or years hires him as an employee or overpaid contractor

-  a Foreign Government that he/she defects/immigrates to - then becoming a "foreign contractor", liberal activist for an authoritarian government or bona fide immigrant.

---------------------------------------

 Clearly a noble tradition. Such inadvertent "sharing" of information may drive the price of weapons down, may create arms races, or may make stealth or improved nuclear weapons more obtainable for the have-nots. One case is China acquiring US F-22 and F-35 secrets as well as Su-33 secrets from Russia. Chinese espionage has led. Another case is Klaus Fuchs. (Map on Slide 10 courtesy Cyber Agency)
-------------------------------------------------------------

COMMENT

Attempted hacking of Western economic secrets by the Russian and Chinese Government and by Russian and Chinese arms companies is to be expected. Plain old hackers with no agenda other than to get into online secrets for the challenge “fun” of it are also a threat. 

The “30 to 40 (hacking) attempts per night,” reported by TKMS (article below) may be a standard year round level aimed at submarine secrets, many other technical secrets and politically sensitive material held by a company. It would be the same for targeted companies and governments in France and Japan.

On a traditional human intelligence (HUMINT) level Russian and Chinese diplomats, “agents” and students would also attempt to gather secrets from Western arms companies, research institutes and Western governments. Dr A Q Khan (now 79) is a classic agent-student case.

Conference attendees and couriers should watch out for pre-blackmail or chain-cutter wielding “honey traps” and “honeypots”. Bad news!

MAIN ARTICLE

A large number of publications on November 9, 2015 have drawn from an articlein The Australian November 9, 2015. For example an article in Europe online said in quotation marks “…” http://en.europeonline-magazine.eu/china-russia-reportedly-try-to-hack-into-australian-submarine-plans_421843.html and I have added comments in square brackets […]:

“Sydney (dpa) - Spies from both China and Russia have tried to hack into German, French and Japanese plans to build Australia‘s future submarines…”

[TKMS, DCNS and the Japanese government - hold highly sensitive Competitive Evaluation Process (CEP) questions and their highly classified answers in response to these questions.]

“The three bidders have been forced to rely on hand delivery of sensitive information and the Australian government has examined cyber-security with each of the foreign bidders.”

"We have about 30 to 40 (hacking) attempts per night, that‘s what our IT people say," according to Manfred Klein, [Senior Vice-President, Product Management, TKMS, Kiel, told The Australian]

"John White, chairman of the German group in Australia, told [TheAustralian] the attempted espionage was to be expected."

"They‘re trying to get into everyone‘s communications," White said. "Espionage and breaches of security ... you just assume it is happening. Everybody is in that game. It‘s a space that people play in. We don‘t suspect anyone, we suspect everybody."

[Final answers/responses from the three contenders are due November 30, 2015. The Australian Federal (Turnbull) Government is expected to pick a winner or eliminate one contender some time in 2016.]

Pete

7 comments:

Anonymous said...

Hi Pete

I would not be surprised at all. I predicted such a thing and had stressed the importance of the ISMS (Information Security Management System).

Regards
S

Peter Coates said...

Hi S

Yes security systems and standards are important, particularly regarding sensitive military technology.

Regards

Pete

Anonymous said...

Hi Pete

Introduction of IMS (Integrated Management System) including ISMS, OHSAS(Occupational Health and Safety Management System) and Project Management System may be better and comprehensive solution for submarine development. But, we should understand that implementation of meaningful and realistic MS (Management System) is very difficult. Conversation between Australia and Japan for establishment of better MS is very important for both countries.

Regards
S

Nicky said...

Hi Pete,
This may interest you. Here's the link to the article.

Chinese spies try to hack Future Generation submarine bidders’ plans
http://www.adelaidenow.com.au/news/south-australia/chinese-spies-try-to-hack-future-generation-submarine-bidders-plans/story-fni6uo1m-1227600920354?nk=c1e1402914a9ea0ac4a23ee19b37623a-1447085265

Peter Coates said...

Thanks Nicky

Unfortunately a geographical lock on http://www.adelaidenow.com.au/news/south-australia/chinese-spies-try-to-hack-future-generation-submarine-bidders-plans/story-fni6uo1m-1227600920354?nk=c1e1402914a9ea0ac4a23ee19b37623a-1447085265 directed me to a sign-up subscriber "offer".

Adelaide Now's loss.

Here is a Japanese version of the story http://www.japantimes.co.jp/news/2015/11/09/national/bidders-in-australian-submarine-project-hit-by-hackers/#.VkFSM7crLb1

Regards

Pete

Nicky said...

Hi Pete,
Check out this interesting Article

Navies, Narratives and Canada’s Submarine Fleet
https://www.cdainstitute.ca/en/blog/entry/navies-narratives-and-canada-s-submarine-fleet

Peter Coates said...

Hi Nicky

Thanks for https://www.cdainstitute.ca/en/blog/entry/navies-narratives-and-canada-s-submarine-fleet

I'll do an article on Canada’s Submarine Fleet today.

Regards

Pete