Facing limits of remote hacking, Army cybers up the battlefield

Enlarge / FORT IRWIN, California – Spc. Nathaniel Ortiz, Expeditionary CEMA (Cyber Electromagnetic Activities) Team (ECT), 781st Military Intelligence Battalion, "conducts cyberspace operations" at the National Training Center at Fort Irwin, Calif., May 9, 2017. (credit: Bill Roche, U.S. Army Cyber Command)

The US military and intelligence communities have spent much of the last two decades fighting wars in which the US significantly over-matched its opponents technologically—on the battlefield and off. In addition to its massive pure military advantage, the US also had more sophisticated electronic warfare and cyber capabilities than its adversaries. But those advantages haven't always translated into dominance over the enemy. And the US military is facing a future in which American forces in the field will face adversaries that can go toe to toe with the US in the electromagnetic domain—with disastrous physical results.

That's in part why the Army Cyber Command recently experimented with putting "cyber soldiers" in the field as part of an exercise at the Army's National Training Center at Fort Irwin, California. In addition to fielding troops to provide defensive and offensive cyber capabilities for units coming into NTC for training, the Army has also been arming its opposition force (the trainers) with cyber capabilities to demonstrate their impact.

That impact was demonstrated clearly in May, when an armored unit staging a simulated assault at NTC was stopped dead in its tracks by jamming of communications. As the unit's commanders attempted to figure out what was wrong, a simulated artillery barrage essentially took the unit out of action.

Read 6 remaining paragraphs | Comments

Facing limits of remote hacking, Army cybers up the battlefield

Enlarge / FORT IRWIN, California – Spc. Nathaniel Ortiz, Expeditionary CEMA (Cyber Electromagnetic Activities) Team (ECT), 781st Military Intelligence Battalion, "conducts cyberspace operations" at the National Training Center at Fort Irwin, Calif., May 9, 2017. (credit: Bill Roche, U.S. Army Cyber Command)

The US military and intelligence communities have spent much of the last two decades fighting wars in which the US significantly over-matched its opponents technologically—on the battlefield and off. In addition to its massive pure military advantage, the US also had more sophisticated electronic warfare and cyber capabilities than its adversaries. But those advantages haven't always translated into dominance over the enemy. And the US military is facing a future in which American forces in the field will face adversaries that can go toe to toe with the US in the electromagnetic domain—with disastrous physical results.

That's in part why the Army Cyber Command recently experimented with putting "cyber soldiers" in the field as part of an exercise at the Army's National Training Center at Fort Irwin, California. In addition to fielding troops to provide defensive and offensive cyber capabilities for units coming into NTC for training, the Army has also been arming its opposition force (the trainers) with cyber capabilities to demonstrate their impact.

That impact was demonstrated clearly in May, when an armored unit staging a simulated assault at NTC was stopped dead in its tracks by jamming of communications. As the unit's commanders attempted to figure out what was wrong, a simulated artillery barrage essentially took the unit out of action.

Read 6 remaining paragraphs | Comments

“Hacked” e-mail account of White House worker exposed in 2013 password breach

Enlarge / A photo of First Lady Michelle Obama's passport from a dump of the e-mail of White House contractor Ian Mellul. Mellul's password may have been in a 2013 Adobe user data breach.

On September 21, a dump of an e-mail account belonging to a White House contractor was posted to the "hacktivist" website DCleaks.com. This is the same site that already revealed e-mails from former Secretary of State Colin Powell, a Navy captain leading a weapons procurement program, and a public relations person who has done advance work for Hillary Clinton. The latest victim did advance work for travel by First Lady Michelle Obama and Vice President Joe Biden. Attributing the leak will be difficult because, as with previous "dumps" published on DCleaks, the compromised account's password information was widely available on the Internet from a previous data breach.

An unnamed US intelligence official was quoted by NBC News as calling the leak of contractor Ian Mellul's e-mails "the most damaging compromise of the security of the president of the United States that I've seen in decades"—one caused by the use of an outside personal e-mail account for government business. The e-mails included full scans Mellul had forwarded to himself from a White House e-mail account of passports, including Michelle Obama's. Mellul likely forwarded the e-mails to his Gmail account because he couldn't access White House mail offsite without a secure device.

Government sources have described DCleaks.com as being connected to Russian intelligence organizations. But just about anyone could have gotten into Ian Mellul's e-mail if he was using the same password for his Gmail account that was exposed in a 2013 breach of Adobe user data—just as was Navy Captain Carl Pistole's. The accounts of Powell and of Sarah Hamilton were both leaked as part of a 2012 breach of Dropbox's user data, according to data from HaveIBeenPwned.

Read 2 remaining paragraphs | Comments