Hello and welcome to the Americans for a Stronger Navy, a non-profit organization that promotes naval warfare and technology. We are a community of naval enthusiasts, experts, and advocates who share a common passion and vision for the US Navy and its allies.
We believe that the US Navy is the most powerful and versatile naval force in the world, and that it plays a vital role in maintaining global peace and security.
We also believe that the US Navy needs to constantly innovate and modernize its capabilities and systems to keep up with the evolving threats and challenges in the 21st century. Today’s blog post includes a recent announcement from the Pentagon regarding Cybersecurity.
The US military is preparing to adopt a zero-trust approach to cybersecurity, which means that no user, device, or system is trusted by default and must be continuously verified.
This is a radical departure from the conventional methods that rely on perimeter-based defenses. Pentagon Chief Information Officer John Sherman announced that the Pentagon leadership will soon evaluate plans to implement zero-trust measures throughout the US military by the end of this year.
The plans are being developed by a specialized team led by Randy Resnick, the director of the zero-trust portfolio management office. Sherman said that this is a crucial step to address the growing and evolving cyber threats that the US military faces in 2023 and beyond.
This news is important for the members and subscribers to the Americans for a Stronger Navy and why Americans should care because it shows that the US military is taking proactive and innovative steps to protect its digital and physical infrastructure from cyberattacks. Cybersecurity is a vital component of naval warfare and technology, as it affects the communication, command, control, intelligence, surveillance, and reconnaissance capabilities of the US Navy and its allies. A zero-trust approach can help the US Navy achieve its mission of maintaining maritime superiority, deterring aggression, and winning wars. It can also help the US Navy collaborate with other services, agencies, industry, academia, and partners to leverage the best practices and innovations in AI and related technologies. Some other sources for this news are: • DOD Releases Path to Cyber Security Through Zero Trust Architecture , which describes how the Defense Department plans to move beyond traditional network security methods to achieve reduced network attack surfaces, enable risk management and effective data-sharing in partnership environments, and contain and remediate adversary activities over the next five years. • CISA Releases updated Zero Trust Maturity Model , which provides guidance for federal agencies on how to assess and improve their progress toward a zero trust architecture in support of the National Cybersecurity Strategy. • 5 areas where zero trust can’t protect your organization , which highlights some of the potential blind spots and challenges that organizations may face when implementing a zero trust model, such as unmonitored IoT devices or third-party systems.
China has been conducting aggressive cyber operations to steal sensitive data and disrupt critical communications infrastructure of the United States and its allies.
Recently, Chinese-backed hackers breached technology systems belonging to the U.S. Navy, targeting its assets on Guam, a strategic island in the Pacific.
This blog post will explain what we know about this hack, why it matters for America’s security and peace through strength, and what we can do to protect ourselves from such threats.
Americans for a Stronger Navy is a community-driven and membership-supported organization that advocates for policies and legislation that support the Navy’s ability to meet the challenges of a rapidly changing global security environment.
We believe that a strong and capable U.S. Navy is essential for protecting America’s interests and ensuring peace through strength. Join us today and help us promote a stronger navy for a safer world.
Summary:
The hack was carried out by a group called Volt Typhoon, which used legitimate credentials and small-office routers to gain access to the systems.
The hackers aimed to develop capabilities that could disrupt communications between the United States and Asia in a crisis. The Navy confirmed that it was impacted by the hack, but did not reveal the extent of the damage.
The United States and its allies issued a joint advisory on how to detect and prevent similar intrusions.
In this blog post, we will answer the following questions:
Who is behind the hack? A brief overview of the group’s history, motives, and techniques.
What was affected by the hack? A description of the infrastructure and sectors targeted by the hack, especially the Navy’s assets on Guam and their importance for regional security.
What’s being done to prevent or respond to the hack? A summary of the responses and actions taken by the United States and its allies, including Microsoft, the Five Eyes intelligence sharing organization, and the Cybersecurity and Infrastructure Security Agency.
Answers
Who is behind the hack? The hack was carried out by a group called Volt Typhoon, which is believed to be a state-sponsored actor based in China that typically focuses on espionage and information gathering.
The group has been active since at least 2021 and has targeted critical infrastructure organizations in Guam and elsewhere in the United States. Volt Typhoon uses legitimate credentials and small-office routers to gain access to the systems, disguising their origin and activity.
They also use custom versions of open-source tools to establish a command and control channel over proxy. The Chinese government has denied any involvement in the hack, calling it a “collective disinformation campaign” by the United States and its allies.
What was affected by the hack? The hack targeted key infrastructure like communications, electric and gas utilities, manufacturing, transportation, construction, maritime, government, information technology, and education sectors. The hackers aimed to develop capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.
One of the main targets was the U.S. Navy’s infrastructure on Guam, a strategic island in the Pacific that hosts several military installations, including B-52 bombers and submarines. Guam is a vital part of the U.S. military’s strategy in the region, as it provides access to resources and markets, protects sea lanes of communication, and supports humanitarian aid in times of crisis.
What’s being done to prevent or respond to the hack?
Microsoft was the first to report on the hack and identify Volt Typhoon as the perpetrator.
Microsoft contacted all groups affected by the hack and provided guidance on how to detect and mitigate this malicious activity
The cybersecurity agencies of the Five Eyes member nations (the United States, United Kingdom, Canada, Australia and New Zealand) issued a joint advisory on how to prevent or respond to similar intrusions.
One of the agencies involved in issuing the advisory was the Cybersecurity and Infrastructure Security Agency (CISA), which also published a statement highlighting China’s continued use of sophisticated means to target America’s critical infrastructure. CISA director Jen Easterly said in a statement:
“For years, China has conducted aggressive cyber operations to steal intellectual property and sensitive data from organizations around the globe. Today’s advisory highlights China’s continued use of sophisticated means to target our nation’s critical infrastructure, and it gives network defenders important insights into how to detect and mitigate this malicious activity.” – CISA director Jen Easterly
The advisory contains a hunting guide for the tactics, techniques, and procedures used by Volt Typhoon.
The Cybersecurity and Infrastructure Security Agency (CISA) also published a statement highlighting China’s continued use of sophisticated means to target America’s critical infrastructure. CISA urged network defenders to implement best practices such as patching vulnerabilities, enforcing strong passwords, monitoring network activity, and reporting incidents.
Key takeaways:
China is pursuing cyber warfare as a means of challenging America’s interests and influence in the Asia-Pacific region.
The hack exposed vulnerabilities in America’s communications systems and naval infrastructure, which could have serious consequences in a conflict scenario.
The United States needs to invest more in strengthening its cyber defenses and resilience, as well as enhancing its naval capabilities and readiness.
Conclusion:
The hack by Volt Typhoon is a wake-up call for America and its allies to take China’s cyber threats seriously.
A strong and capable U.S. Navy is essential for protecting America’s security and ensuring peace through strength. Americans for a Stronger Navy is a community-driven and membership-supported organization that advocates for policies and legislation that support the Navy’s ability to meet the challenges of a rapidly changing global security environment.
Join us today and help us promote a stronger navy for a safer world.
In an era of rapidly evolving digital landscapes, cybersecurity is not only a private concern but a national defense priority. The American infrastructure recently faced an audacious cyber attack, with the U.S. Navy being one of the primary targets. How we respond to these invasions is critical to the future of our nation’s security and the strength of our Navy. It is imperative, now more than ever, for us to comprehend these challenges and stand united to support and protect our nation’s defenders.
Summary
This article delves into a recent cyber attack where Chinese-backed hackers targeted the U.S. Navy’s technology systems, seeking to disrupt critical communications. It focuses on the facts surrounding this breach, who is behind it, the affected areas, and the necessary steps being taken to prevent such incidents in the future.
Chinese Cyberattack: A Wake-up Call
Reports confirmed that hackers supported by China had successfully breached American infrastructure, including vital technology systems belonging to the U.S. Navy. The hackers’ aim was to disrupt crucial communication lines between the United States and Asia during potential crises. This was first reported by technology giant Microsoft, which attributed the hacking operation to a China-based group, Volt Typhoon.
Who is Pulling the Strings?
Microsoft identified the perpetrators as Volt Typhoon with “moderate confidence.” This group is a state-sponsored actor based in China that specializes in espionage and information gathering and has been active since at least 2021. The hackers employed legitimate credentials and small-office routers to infiltrate the systems, an approach known as “living off the land”. This audacious attack led to the breach of the U.S. Navy infrastructure on Guam, home to several crucial military installations.
The Scope of the Impact
The full extent of the breach is currently unclear, but the targets included several sectors such as communication, manufacturing, utility, transportation, construction, maritime, government, IT, and education. Secretary of the Navy Carlos Del Toro confirmed that the Navy was impacted by the hack, without disclosing further details. However, he expressed that China’s initiation of such a cyber attack was “no surprise”.
Key Takeaways
This attack is not an isolated incident, but rather part of a larger pattern of aggressive cyber operations by China, aiming to pilfer intellectual property and sensitive data. It is a wake-up call that highlights the persistent threat our nation’s critical infrastructure faces and provides insights into the sophisticated methods used by these malicious actors.
Taking Measures Against the Threat
In response to this attack, Microsoft has reached out to all groups affected. Additionally, cybersecurity agencies from the Five Eyes member nations have issued a joint advisory on the hack, outlining several preventive steps against such “living off the land” style intrusions.
Conclusion
As we sail through these uncharted waters of digital threats, it is crucial to stand united in support of the strength and security of our Navy. We must stay informed, vigilant, and proactive in understanding the nuances of these cyber threats, their implications, and the protective measures necessary to safeguard our nation’s assets. As a society, we can contribute to this mission by educating ourselves and raising awareness about the significance of cybersecurity in national defense, thus bolstering the resiliency of our Navy, and by extension, our nation.
