How Chinese hackers snooped on Indian defence agencies for over 10 years

A Singapore based firm has uncovered a large scale cyber espionage network that is says is linked to the Chinese government. The network has been active for 10 years in the region and targets India in particular by infecting computer systems of key, selected individuals and organisations. Terming it the APT30, Singapore firm FireEye says that the infection is specially targeted at Indian military, aerospace and maritime sector.
What is interesting is that Singapore researches have uncovered the modus operandi of the spying network that uses decoy documents that users would download or read in their emails or online. The decoy documents contain a bug that can transmit data and information from the infection computer system back to servers in China. The bug can even hide in documents and infect secure computers not connected to a network.
The Decoy documents are specially tailored to meet the interests of individuals or organisations to be targeted - these include government agencies, private industry and media groups. Chinese hackers used decoy documents on Indian military movements in the South China sea, papers on the indigenous aircraft carrier under construction in Kochi, incidents on the China border and relations with Nepal to infect key
A sample of the phising documents includes :
A document titled - "India deploys world's largest military transport plane.doc"
Decoy documents on China's relationship with India, specially on military matters.
Documents related to Indian military projects, like the aircraft carrier being built at Kochi
Documents on Indian military activity in the South China Sea
FireEye says Indian firms infected include an aerospace and defense company and a telecommunications firm
Documents also relate to foreign relations in the region, including Bhutan and Nepal.






Read more at:
http://articles.economictimes.indiatimes.com/2015-05-07/news/61902630_1_aircraft-carrier-chinese-hackers-decoy

How to hack a military DRONE!

The research paper turned how-to hacking guide

Esti Peshin, director of cyber programs for Israel Aerospace industries noted that the hacking and downing of a CIA stealth drone by Iranians occurred a month after one such paper was published. In December 2011, a report in the Christian Science Monitor highlighted that Iran navigated an unmanned CIA aerial vehicle safely to the ground by manipulating the aircraft’s GPS coordinates.

The research study from 2011, co-authored by Nils Ole Tippenhauer of ETH Zurich and other ETH and University of California academics, was titled “The Requirements for Successful GPS Spoofing Attacks.” The academics detailed how to mimic GPS signals to fool the GPS receivers on-board the UAV (Unmanned Ariel Vehicle) that aid navigation.

“It’s a PDF file… essentially, a blueprint for hackers,” Peshin said.

Peshin stressed that she does not know whether the CIA drone was hijacked using GPS spoofing or even whether the hacker read the study. Equally, she highlighted just how easily available the publication is online.

“You can Google, just look up ’Tippenhauer’ — it’s the first result in Google. Look up ‘UAV cyberattacks’ — it’s the third one. ‘UAV GPS spoofing attacks’ — the first one,” Peshin said, speaking at the Defensive Cyberspace Operations and Intelligence conference, an Israeli-American summit held in Washington.

In the research study, the academics explained where an attacker must be optimally located to generate fake signals capable of fooling GPS receivers. They also described ways to replace legitimate signals with an attacker’s bogus signals, which renders the target “losing the ability to calculate its position.”

Their intention was not to aid and abet terrorists, but rather to highlight “effect receiver-based countermeasures, which are not implemented yet in current standard GPS receivers,” the researchers noted. Despite this, hackers could have quickly exploited their instructions before defense manufacturers had time to update and fortify satellite-guided vehicles, Peshin said.

“The fact is that we are slower than the bad guys and the bad guys could take this article and render it into a form of an attack,” she said. “One of the things that keeps me up at night is cybersecurity for operational networks, military systems, weapons systems.”

Peshin also pointed to a 2013 NATO risk assessment that set a few alarm bells ringing. “At the end of the article, as if this was not enough, they listed several UAVs and said these are riskier than others by the way,” Peshin said.

She declined to comment on changes (if any), made to drone security after the papers were released.
Impact of the research papers on manufacturers

Clearly, the research papers had the desired effect at the end. The Pentagon is taking measures to protect drones from outside interference. A hacker-proof Boeing Little Bird helicopter drone is scheduled to take flight toward the end of 2017.