Prior US intelligence gathering eg. of China’s Hainan Island Yulin/Sanya nuclear submarine naval base (above) can be (or is) very useful. (Photo courtesy mapsecrets via).
Military Intelligence Against Submarine Operations
Signals intelligence gathering by (sub or satellite) and sonar signature gathering by USNS Impeccable can act as a basis for further analysis of changing Chinese actions. This is in a low level confrontation scenario or a time of crisis (which may be a medium level shooting war).
For example discerning a rise in traffic levels that are typical of an Type 094 SSBN or Type 093 SSNs putting to sea at unusual times may make interception by a US SSN or distant "tailing" easier. That a Chinese SSBN or SSN might put to sea at an unusual time would also say something about the Chinese political and military structures' state of mind (useful strategic intelligence).
Traffic analysis is a basic part of signals intelligence, and can be a source of information about the intentions and actions of the target. Representative patterns include:
·
Frequent (shore or satellite to
submarine) communications — can denote planning
·
Rapid, short communications between
naval command elements — can denote readjustments
·
A lack of communication — can
indicate a lack of activity, or completion of a finalized plan
·
Who talks to whom (eg. political
leaders to admirals) can imply weapons-release or withdrawal
by a submarine, and
·
Who talks when — can indicate which
stations are active in connection with events, which
implies something about
the information being passed and perhaps something about the
personnel/access
of those associated with some stations
This is the process intercepting and (real time computer)
examination of messages to deduce
information from patterns in communication.
It can be performed even when the messages are encrypted and cannot be decrypted.
In general, the greater the number of messages observed,
or even intercepted and stored, the more can be inferred from the traffic.
Traffic analysis can be performed in the context of military intelligence, counter-intelligence, or pattern-of-life analysis, and is
a concern in computer
security.
Traffic analysis tasks are supported by dedicated computer
software programs and supercomputers. Advanced traffic analysis techniques may include various
forms of social network analysis.
Telephone exchanges are computer based as, of course, are
servers. In computer
security traffic analysis can involve an attacker gaining important information by monitoring the
frequency and timing of network packets.
A timing attack on the SSH protocol can use
timing information to deduce information about passwords since,
during interactive session, SSH transmits each keystroke as a message. The time between keystroke messages can be studied using hidden Markov models. A timing attack might recover passwords fifty times faster than a brute force attack.
Chinese sailors at Yulin Naval Base on Hainan Island should look over their shoulders - as they are being watched (by friend and foe) in so many ways.
Pete
I understand they use 'data diodes' to close off a ultra secure network from outside servers.
ReplyDeletehttps://en.wikipedia.org/wiki/Unidirectional_network
data diodes wwere developed further in the 1990s by Australia's Defence Science and Technology Organisation (DSTO) in the 1990s ...
Hi Ztev
ReplyDeleteData diodes may have been useful for a few years in providing some security, that is until the full security weaknesses of thumb-drive-USB ports on PCs and laptops began to be exploited.
By using thumb drives (USB sticks) traitors such as Snowden and Manning simply downloaded 100,000s (to millions of) highly classified page equivalents from theoretically secure Intranet databases. Also the thumbdrives can inject nasty malwares, like Flame or new variaties of Stuxnet, into "secure" Intranets.
For the latest prolific Traitor Downloader see http://intelnews.org/2016/10/28/01-2000/ Harold Thomas Martin III, arrested by the FBI for illegally removing classified material equivalent to 500 MILLION pages. Martin III, 51, served as a US Navy officer for over a decade, acquiring TS clearance and specialized in "cyber security" (like Snowden, sadly).
Like Snowden Mr Martin III spent much time as a contractor for Booz Allen Hamilton...and like Snowden Russian speakers may have been the ultimate beneficiaries/paymasters of a "patriotic-for civil liberties" act of Treason.
Martin's unmasking has been oddly under-reported in the media's campaign for Hillary Election. The FBI has also under-reported it. Like thee FBI under-reported the Islamic Terrorist explosions in the New York area a few weeks ago... see https://en.wikipedia.org/wiki/2016_New_York_and_New_Jersey_bombings
Submarine Matters will follow the Martin III (or is that the Civil Liberties Poster-Boy Traitor III case) blow-by-blow.
Cheers
Pete
Yes an inside mole is a difficult problem, but downloading data can be fixed by hardware without optical drives or USB ports. It seems funny that it could still be an issue when back in the days of floppy disks, moles would use them, putting data on the hidden reserved tracks for damaged sectors.
ReplyDeleteI was more referring to the suggestion that military computer networks can be watched for traffic analysis. Even when I worked for a major US computer software firm back in the late 90s-CSC who did major US defence business. I worked on the commercial side but to send an email to a customer in the same city meant it was first routed to a single exit point in Virginia on what used what used to be called leased lines. It was clear even nearly 20 years ago their internal networks were isolated largely from the city you were in. At the time their world wide workforce was some 100,000 or so.