SecurityCertified

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Saturday, January 8, 2011

More on Chinese Stealth Fighter and APT

Posted on 5:32 PM by Unknown
Since my 27 December post Courtesy of APT, featuring the new Chinese stealth fighter, Aviation Week writer Bill Sweetman wrote more about the development of this aircraft and the support from APT:

One question that may go unanswered for a long time concerns the degree to which cyberespionage has aided the development of the J-20. U.S. defense industry cybersecurity experts have cited 2006—close to the date when the J-20 program would have started—as the point at which they became aware of what was later named the advanced persistent threat (APT), a campaign of cyberintrusion aimed primarily at military and defense industries and characterized by sophisticated infiltration and exfiltration techniques.

Dale Meyerrose, information security vice president for the Harris Corp. and former chief information officer for the director of national intelligence, told an Aviation Week cybersecurity conference in April 2010 that the APT had been little discussed outside the classified realm, up to that point, because “the vast majority of APT attacks are believed to come from a single country.”

Between 2009 and early 2010, Lockheed Martin found that “six to eight companies” among its subcontractors “had been totally compromised—e-mails, their networks, everything,” according to Chief Information Security Officer Anne Mullins.

Note the 2006 date is consistent with my APT history article for Information Security magazine. However, before being officially named "APT" by the US Air Force in 2006, APT was active against cleared defense contractors in 2003, and probably earlier.

Bill makes an interesting point about the availability of photographs of this aircraft:

The way in which the J-20 was unveiled also reflects China’s use and control of information technology to support national interests. The test airfield is located in the city of Chengdu and is not secure, with many public viewing points. Photography is technically forbidden, but reports suggest that patrols have been permitting the use of cell phone cameras. From Dec. 25‑29, these images were placed on Chinese Internet discussion boards, and after an early intervention by censors—which served to draw attention to the activity—they appeared with steadily increasing quality. Substantial international attention was thereby achieved without any official disclosures.

In other words, consistent with their information warfare doctrine, China is presenting this aircraft as a deterrent to Western, and specifically American, interference in their region, through psychological operations.

Tweet
Email ThisBlogThis!Share to XShare to Facebook
Posted in apt, china | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • DojoCon Videos Online
    Props to Marcus Carey for live streaming talks from DojoCon . I appeared in my keynote , plus panels on incident response and cloud secur...
  • Bejtlich Speaking at TechTarget Emerging Threats Events in Seattle and New York
    I will be speaking at two events organized by TechTarget , for whom I used to write my Snort Report and Traffic Talk articles. The one-da...
  • SANS WhatWorks Summit in Forensics and Incident Response
    I wanted to remind everyone about the SANS WhatWorks Summit in Forensics and Incident Response in DC, 8-9 July 2010. The Agenda looks gre...
  • A Book for the Korean Cyber Armies
    I've got a book for the Korean cyber armies, North and South. That's right, it's my first book , The Tao of Network Security Mo...
  • Sguil 0.7.0 on Ubuntu 9.10
    Today I installed a Sguil client on a fresh installation of Ubuntu 9.10. It was really easy with the exception of one issue I had to troubl...
  • Microsoft Updates MS09-048 to Show XP Vulnerable to 2 of 3 CVEs
    Microsoft published a Major Revision of MS09-048 to show that Windows XP Service Pack 2 and Windows XP Service Pack 3* are now Affected So...
  • Understanding Responsible Disclosure of Threat Intelligence
    Imagine you're hiking in the woods one day. While stopping for a break you happen to find a mysterious package off to the side of the t...
  • Embedded Hardware and Software Pen Tester Positions in GE Smart Grid
    I was asked to help locate two candidates for positions in the GE Smart Grid initiative. We're looking for an Embedded Hardware Penetr...
  • BeyondTrust Report on Removing Administrator: Correct?
    Last week BeyondTrust published a report titled BeyondTrust 2009 Microsoft Vulnerability Analysis . The report offers several interesting ...
  • Human Language as the New Programming Language
    If you've read the blog for a while you know I promote threat-centric security in addition to vulnerability-centric security. I think ...

Categories

  • afcert
  • Air Force
  • analysis
  • announcement
  • apt
  • attribution
  • bestbook
  • blackhat
  • books
  • breakers
  • bro
  • bruins
  • certification
  • china
  • cisco
  • cissp
  • cloud
  • clowns
  • commodore
  • conferences
  • controls
  • correlation
  • counterintelligence
  • cybercommand
  • cyberwar
  • dfm
  • education
  • engineering
  • feds
  • fisma
  • freebsd
  • GE
  • ge-cirt
  • hakin9
  • history
  • impressions
  • information warfare
  • ipv6
  • law
  • leadership
  • malware
  • mandiant
  • microsoft
  • mssp
  • nsm
  • offense
  • oisf
  • packetstash
  • philosophy
  • pirates
  • powerpoint
  • press
  • psirt
  • reading
  • redteam
  • reviews
  • russia
  • sans
  • sec
  • sguil
  • snorby
  • spying
  • threat model
  • threats
  • Traffic Talk
  • training
  • tufte
  • tv
  • ubuntu
  • usenix
  • verizon
  • vulnerabilities
  • wisdom
  • writing

Blog Archive

  • ►  2013 (16)
    • ►  September (1)
    • ►  August (1)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (3)
    • ►  January (6)
  • ►  2012 (60)
    • ►  December (4)
    • ►  November (5)
    • ►  October (3)
    • ►  September (10)
    • ►  August (2)
    • ►  July (6)
    • ►  June (6)
    • ►  May (4)
    • ►  April (2)
    • ►  March (9)
    • ►  February (6)
    • ►  January (3)
  • ▼  2011 (108)
    • ►  December (3)
    • ►  November (7)
    • ►  October (11)
    • ►  September (9)
    • ►  August (18)
    • ►  July (10)
    • ►  June (5)
    • ►  May (4)
    • ►  April (13)
    • ►  March (17)
    • ►  February (2)
    • ▼  January (9)
      • Wanted: Incident Handler in Michigan
      • Seven Cool Open Source Projects for Defenders
      • More on Chinese Stealth Fighter and APT
      • Happy 8th Birthday TaoSecurity Blog
      • The "IT as a Business" Train Wreck
      • To Those Who Want Tim Thomas Books
      • TaoSecurity Lab
      • VizSec 2011 Call for Papers Open
      • Starting the New Year Right
  • ►  2010 (193)
    • ►  December (14)
    • ►  November (11)
    • ►  October (6)
    • ►  September (16)
    • ►  August (15)
    • ►  July (26)
    • ►  June (15)
    • ►  May (15)
    • ►  April (15)
    • ►  March (16)
    • ►  February (19)
    • ►  January (25)
  • ►  2009 (123)
    • ►  December (10)
    • ►  November (17)
    • ►  October (21)
    • ►  September (13)
    • ►  August (20)
    • ►  July (21)
    • ►  June (21)
Powered by Blogger.

About Me

Unknown
View my complete profile