Post on 04-Jun-2018
transcript
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
1/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
Session ID:
Session Classification:
&'((')* ,)-./0)1 22 34".156)-789:;:9/0%.80?6@ %A'8./.
%@B.6 &)6C)6.D
=D
ISBN: 9781849283342
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
5/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
23+*'4 !"'556 73" 73&"'84
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
6/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
!"#$%&' )* )#+ ,%-.+$'+/ $0$-& ).$1- '++%
2.*3 4%/*%+',$5 6*.)' 78 $%/ 99: ;+.+ )#+3*') -*33*%+)+/ 6*.)'5 $--*?%@%> 2*.
9A 6+.-+%) *2 *B'+.C+/ $0$-&' -*3B,%+/DE
E
9*#)*",+' :;"&8'
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
7/91!"#$%&'()*!+,+*(-.)/0
!"#$%
Cyber Threat MotiveTargets of
OpportunityMethodologies Capabilities
Nation States ~Peace Time
Economic,
Military,National
Secrets,Political
Commercial Enterprises,Intelligence, National Defense,
Governments, NationalInfrastructure
Military & Intel specificcyber doctrine,
hacktivists
Asymmetric use ofthe cyber domain
short of kinetic
Nation States ~War Time
Economic,Military,Political
Commercial Enterprises,Intelligence, National Defense,
Governments, NationalInfrastructure
Military & Intel specificcyber doctrine,
hacktivists
Asymmetric use ofthe cyber domain
including kinetic
Cyber Terrorists &
InsurgentsPolitical
Infrastructure, Extortion and
Political Processes
Combination ofadvanced persistent
threats (APT)
Developing will be
a concern in 2012
Cyber Criminals Grey & Black
Markets
FinancialIntellectual Property Theft, Fraud,Theft, Scams, Hijacked Network
& Computer Resources, CyberCrime for Hire
Exploits, MalwareBotnets, Worms &
Trojans
Cell-based structureas an APT
Criminal
Organizations RBN
FinancialUse of above with
distinct planning
Highly professional,
dangerous
Rogue Organizations Anonymous,
LulzSec
FinancialMilitary,
NationalSecrets,
Political
Intellectual Property Theft, Direct& Indirect pressure on OGA
Resources
Organic hackingcapabilities
unsurpassed
Organized yet de-centralized
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
8/91!"#$%&'()*!+,+*(-.)/0
!"#$%
:29>? !"@)&8
Office of the National CounterintelligenceExecutive (ONCIX)!2011 Report Foreign
Economic and Industrial Espionage
7 NOV 2011
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
9/91!"#$%&'()*!+,+*(-.)/0
!"#$%
Digital Spies: The
Alarming Rise ofElectronic Espionage!Popular Mechanics January 24, 2012
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
10/91!"#$%&'()*!+,+*(-.)/0
!"#$%
A73" B"*8'()*C, 26D"& E8&'8"(6A
F D',+. @&+*.+@5", )G 83" GH8H&" ,8&'8"(6I$ 26D"& /H,8 D" &".)(*+J"# ', ' K'&G'&" #)/'+* "LH'5 8) 5'*#M ,"'M '*# '+&N
$ O*6 #"G"*,+;" @),8H&" /H,8 () D"6)*# P())# 36(+"*"Q 8) +*.5H#" ,)@3+,R.'8"# '*#
'..H&'8" )@"&'R)*, 83'8 '55)K &'@+# &",@)*,"N
$ 26D"& #"G"*,", /H,8 &"'.3 D"6)*# 83" #"@'&8/"*8S, #)8$/+5 K)&5# +*8) .)//"&.+'5*"8K)&
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
11/91!"#$%&'()*!+,+*(-.)/0
!"#$%
g B&)a".8%&'()*[56=-! E8"@ ^I :K* 23+*'S, 26D"&@)5+."=-
ProjectDragonFly will start off with hacked chinese gov, edu and ac domains. Since I'm alone on this operation, I've wentand breached every site that was in my way.
Most are national site's, but a lot of them are also regional, like Hong Kong (hk), Beijing (bj), Shanghai (sh), Macau (mo),Tianjin (tj), Anhui (ah), etc. The leaks contain from usernames, passwords, addresses, phone numbers, passports, f light
numbers, to private messages, project descriptions, and a lot more.I apologize in advance if you will find also
names of files, those are the one's that also got shell'd by me, I won't be disclosing those, only raw data for now. This ismerely an introduction, after today the real fun will begin.
3_@IZZ@',8",+8"-.)/Zfhi`i
BjK*"# j &))8=--
!"#$%&'()*!+,+*(-.)/0
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
12/91
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
13/91!"#$%&'()*!+,+*(-.)/0
!"#$%
!H,,+' ["#"&'R)*=-
!"#$%&'()*!+,+*(-.)/0
nlo bpqre [Eo bstre
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
14/91!"#$%&'()*!+,+*(-.)/0
!"#$%
!H,,+'* 26D"& W)&5#=-
u'+* 23'&'.8"&,=-
^e !H,,+'* ["#"&'R)*\e !H,,+'* u+5+8'&6fe [)&/"& !-o->- b!H,,+'* oH,+*",,
>"8K)&
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
15/91!"#$%&'()*!+,+*(-.)/0
!"#$%
2008
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
16/91!"#$%&'()*!+,+*(-.)/0
!"#$%
2013
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
17/91!"#$%&'()*!+,+*(-.)/0
!"#$%
n"6 !H,,+'* .6D"& @"&,)*'5+R",u+5+8'&6 7".3*+.'5 9*G)&/'R)* v %"."/D"& c83
^ccc u'&,3'55 E"&("6";O@&+5 \\*#\]]] $ u+5+8'&6 %).8&+*"wx8"&*'5 73&"'8,v T),R5" 9*G)&/'R)* :@"&'R)*, 8'&("R*( /+5+8'&6 ,".H&+86
9*8"&*'5 73&"'8,v %+,&H@R;" :@"&'R)*, 8'&("R*( +*G)&/'R)* +*G&',8&H.8H&"
E"@8"/D"& c
83
\]]] $ 9>[:!uO79:> Ew2V!97y %:27!9>w :[ 7Tw !VEE9O>[w%w!O79:>
F G66.*C+/ B= H.+',/+%) *2 )#+ I?'',$% J+/+.$@*% K
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
18/91!"#$%&'()*!+,+*(-.)/0
!"#$%
z{||}~ }~ ~
!H,,+'* 9*G)&/'R)* %).8&+*"u+5+8'&6 7".3*+.'5 9*G)&/'R)* v
M 5.L.*B.6 :0A 9::: u'&,3'55 E"&("6";[).H, )G +*G)&/'R)* K"'@)*, #";"5)@/"*8I
^- 26D"& K"'@)*,\- O55$K"'83"& &".)**'+,,'*." '*# '..H&'8" 5)*($&'*(" K"'@)*,f- lH+#"# '*# "5".8&)/'(*"R. "*"&(6 K"'@)*,i- E8"'583 H*/'**"# .)/D'8 @5')&/, bVOe
!"#$%&'()*!+,+*(-.)/0
!";)5HR)* )G u+5+8'&6 OU'+&, b!uOe
'@@"'&'*." )G *"K 86@", )G *)*$ *H.5"'&'&/'/"*8, K3)," ,+(*+.'*." '@@&)'.3",
83" &)5" )G *H.5"'& K"'@)*,-
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
19/91
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
20/91!"#$%&'()*!+,+*(-.)/0
!"#$%
P26$D"'&Q W'&G'&"I !H,,+'S, \^,8 2"*8H&6 O@@&)'.3 8)
[H,+*( 7".3*)5)(6 '*# W'&G'&"
!H,,+'* .+;+5+'*M /+5+8'&6 +*8"55+("*." m ,".H&+86 ,"&;+.", '&"
+*.&"',+*(56 H,+*( .6D"&$'_'.7M m )83"& +*8"55+("*."
.)55".R)* )@"&'R)*, =
'.LH+&" ".)*)/+.M *'*.+'5M '*# @&)@&+"86 #'8' '*# 8".3*)5)(6 8)
#+&".856 ,H@@)&8 !H,,+'C, ".)*)/+. #";"5)@/"*8 '*# "*"&(6
,".H&+86=
3_@IZZKKK-G)&"+(*@)5+.6#+(",8-)&(Z.6$D"'&$K'&G'&"$&H,,+'$\^,8$."*8H&6$'@@&)'.3$8)$GH,+*($8".3*)5)(6$'*#$K'&G'&"Z
3_@IZZ,)HG'*(&)H@-.)/Z*"K,Z#"8'+5,Z4O&R.5"9#\]f
!H,,+'* 26D"& O_'.
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
21/91!"#$%&'()*!+,+*(-.)/0
!"#$%
!"#$%&'()*!+,+*(-.)/0
\^ u'&.3 \]^\ !H,,+' 2)*,+#"&+*( 26D"&$E".H&+86 2)//'*#
%"@H86 B&+/" u+*+,8"& %/+8&6 !)()J+*
^` O@&+5 \]^] !H,,+'C, 26D"& E".H&+86 B5'*,
5'#+,5'; E3"&,8H6H
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
22/91!"#$%&'()*!+,+*(-.)/0
!"#$%
T+,8)&6 )G !H,,+'* 26D"& W'&G'&"
!H,,+'* 9*;',+)* 9*.5H#"# 83" [+&,8 !"'5 V," )GP26D"& W'&G'&"Q%7*G?0.6 .PG.60/ )6. '8N./Q-)Q8- 0A. L@B.6)F)LO 0A)0 B67?-A0 17J8 R.76-')8 &.B /'0./ 1?6'8- "?//')S/
'8N)/'78 7C R.76-')T )81 /)@ 0A. )//)?(0 *)@ *)6O 0A. U6/0 ()6-.M/L)(. )F.*G0 )0 =L@B.6 J)6C)6.KD $/
"?//')8 0)8O/ B.-)8 07 67(( '807 R.76-') 78 V6'1)@T *'(('78/ 7C .P06)8.7?/ 6.W?./0/ X ) /7ML)((.1 5'/06'B?0.1
5.8')( 7C #.6N'L. 3557#< )F)LO X 077O 17J8 R.76-')S/ B)8O'8- )81 -7N.68*.80 /'0./K Y#.L?6'0@ .PG.60
R6)A)* %(?(.@ /)@/HZ =28 *71.68 J)6C)6.T '0S/ 870 ?8?/?)( 07 /.. 7GG7/'8- C76L./ 0)O. 7N.6 [\ /0)Q78/T6)1'7/ )81 8.J/G)G.6/K 28 7?6 L.80?6@T 0)O'8- 7N.6 280.68.0 /'0./ '/ 87J G)60 7C 0A. /)*. O'81 7C /06)0.-@D
w,8)*+'* 2)/D+*"# 26D"&$n+*"R. O_'.^^_ JA.8 `/078')8 -7N.68*.80 &.B /'0./ J.6. B67?-A0 17J8 '8
6./G78/. 07 0A. -7N.68*.80S/ G()8/ 07 *7N. ) "?//')8M'8/0)((.1 *78?*.80a ) >^M@.)6M7(1
"?//')8 A)LO.6 J)/ ()0.6 L78N'L0.1 7C 76-)8'b'8- 0A)0 )F)LOK $/ C76 JA7S/ 6./G78/'B(. C76 0A. L?66.80 78('8./06'O. )-)'8/0 R.76-')T 0A. 0A.76'./ 6)8-. C67* =/7*. O'1/ JA7 -70 7N.6.PL'0.1D Y%c`[Z 07 ) L6'*'8)(
8.0J76O 1'6.L0.1 B@ 0A. "?//')8 R7N.68*.80dK
3_@IZZD5)(,-#+,.);"&/'('J+*"-.)/Zd]D"'8,Z\]]dZ]dZ^fZ&H,,+'*$
+*;',+)*$+*.5H#"#$83"$&,8$&"'5$H,"$)G$.6D"&$K'&G'&"Z
!"#$%&'()*!+,+*(-.)/0
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
23/91
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
24/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
:.+'5 E8'8"/"*8 )G !H,,+'* ["#"&'R)*
&"('+*( 9*8"&*"8 B)5+.6
!"#$%&'()*!+,+*(-.)/0
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
25/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
!"#$%&'()*!+,+*(-.)/0
\c$^\$\]]d
73" 9*G)&/'R)* E".H&+86 %).8&+*" )G 83" !H,,+'* ["#"&'R)* &"@&","*8, ' 8)8'5+86 )G ).+'5 ;+"K,
)* 83" ()'5,M )Da".R;",M @&+*.+@5", '*# D',+. (H+#"5+*", G)& "*,H&+*( +*G)&/'R)* ,".H&+86 +* 83"
!H,,+'* ["#"&'R)*-
73" @&","*8 %).8&+*" ,"&;", ', 83" D',+, G)&I
$ ,3'@+*( ();"&*/"*8 @)5+.6 )* +*G)&/'R)* ,".H&+86 +* 83" !H,,+'* ["#"&'R)*N
$ @&"@'&+*( ,H((",R)*, 8) +/@&);" 83" 5"('5M @&)."#H&'5M ,.+"*R.$8".3*+.'5 '*# )&('*+J'R)*'5
G&'/"K)&< G)& "*,H&+*( +*G)&/'R)* ,".H&+86 +* 83" !H,,+'* ["#"&'R)*N
$ #";+,+*( 8'&("8"# *'R)*'5 +*G)&/'R)* ,".H&+86 @&)(&'/,-
73" @&","*8 %).8&+*" "x@)H*#, 83" >'R)*'5 E".H&+86 2)*."@8 )G 83" !H,,+'* ["#"&'R)* ','@@5+"# 8) 83" +*G)&/'R)* ,@3"&"-
73" u+5+8'&6 %).8&+*" )G 83" !H,,+'* ["#"&'R)*
O@@&);"# D6 !H,,+'*
["#"&'R)* B&",+#"*R'5 w#+.8 )* F ["D&H'&6 \]^]
3_@IZZ
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
26/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
$eRe#[ >^^fd"?//')8 L@B.6 J)6 L7**.8L./
P:* OH(H,8 d83M !H,,+'* 8&))@, .&),,"# +*8) E)H83 :,,"R' ;)K+*( 8) #"G"*# K3'883"6 .'55"# P!H,,+'* .)/@'8&+)8,Q- O, 83+, K', 8'
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
27/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
!H,,+'* 26D"& W'&[wo \]]c $ !H,,+' "*('("# +* .6D"& K'& K+83 *"+(3D)&+*(.)H*8&+",=X'*H'&6 /'&
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
28/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
Characteristics Iran Russia China
Started IW/EW 1999
Founding Father
S.P. Rastorguev
("#$%&'()*+C.,.) &Marshall Sergeyev
(-#'.#//0*'(**+)
Used as Combined
Arms?Yes 2007 & 2008
Use of Hacktivism
as a Proxy?
Yes w/criminal
intentions
Official Military
Command2010
External
Motivators
United States of
America
Internet Controls? Yes
Criminal Cyber
Capability?Yes
Impact on
Commerce?Yes
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
29/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
9,5'/+.!"@HD5+. )G
9&'*
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
30/91
9&'*+'* 26D"& %+5"//'
!"#$%&'()*!+,+*(-.)/0
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
31/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
32/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
33/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
34/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
W36 9&'*=4
g E7V?>w7g %VVg [YOuw
g W9Bw!=-
!"#$%&'()*!+,+*(-.)/0
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
35/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
u+##5" w',8=
73&"'8 4Z !",)H&."4
W3 + 9 4
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
36/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
W3"&" +, 9&'*=4
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
37/91
3+S 3 3
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
38/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
E3+S'3=EH**'3=o:7T
j Y"',8 ^\ )& u)&"=
#+;"&," "83*+.+R",=-m y"8 \ !"5+(+)*,=-
: R 9 + Y+D R
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
39/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
:@"&'R)* 9&'*+'* Y+D"&'R)*=
3_@IZZKKK-5+D-H8"x',-"#HZ/'@,Z+&'*-38/53_@IZZKKK-)+5"/@+&"-H,Z)+5$a@(Z+&'*@"8&)5"H/G'.+5+R",\]]i-a@(
g 7)8'5 :+5 !","&;", ^F] D+55+)*D'&&"5, b\i^]c/fe
g O@@&)x+/'8"56 ^] )G W)&5#S,:+5
g B"&,+'* lH5Gg 2',@+'* E"'=-
:@"&'R)* 9&'*+'* Y+D"&'R)*=
:9Y
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
40/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
9&'*+'* 9*G&',8&H.8H&"=
3_@IZZKKK-.5',,K'&G'&""x+,8,-.)/ZK@$.)*8"*8ZH@5)'#,Z\]^\Z]\Z.',@+'*$,"'-a@(
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
41/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
9 + 9 G 8 8
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
42/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
9&'*+'* 9*G&',8&H.8H&"=
26D"& 7'&("8
EightKnown
Iranian
NuclearSites
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
43/91
# 9 + 9 8 55+
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
44/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
H#, v 9&'*+'* 9*8"55+("*."
g [)H*#"# '"& chc=9&'*S, !";)5HR)*=L+6W#F+ HW'/W.W%F+ X%Y+
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
45/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
O*)*6/)H, 7'&("8, 9&'* K+83 %)E '_'.
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
46/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
`PG76Q8- 26)8')8 ".N7(?Q78dK
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
47/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
48/91
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
49/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
50/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
9&'*+'* u+5+8'&6=26D"& b:[[929OYe
73" 26D"& %"G"*," 2)//'*#Q bl3'&'&('3$" %"G'$" E'+D"&+e
g >);"/D"& \]^] v :"& ",8'D5+,3"# D6 O6'8)55'3 n3'/"*"+g u+,,+)* )G &",@)*#+*( 8) >29 "U".8, D&)H(38 H@)* D6 E8Hx*"8g EH@"&;+,"# D6 I
X)+*8 E8'U )G 83" O&/"# [)&.", bE"8'#$" n)5$" >+&H3'6$" u),'5'3e :@"&'R)*'556 ;+' B',,+;" 2+;+5 %"G"*," :&('*+J'R)* bE'J"/'*$" B'#'G'*#$"
l3"6&$" O/"5e
3_@IZZKKK-.6D"&,8&'8"(+"-)&(Z4L(&'*#,$#),,+"&,Z.)*k+8,$&2f Oc(+)*'Hx$"8$.6D"&8"&&)&+,/"Z,8&H.8H&"$)G$+&'*w\d]cc,$.6D"&$K'&G'&"
u)R;'R)* 8) ",8'D5+,3=--
2))+*'R*( *H/"&)H, ();"&*/"*8 )&('*+J'R)*, '*#'("*.+", 8) *)*$/+5+8'&+56 &",@)*# 8) ' /+5+8'&6 '_'.< )* 83"
.)H*8&6 K+83 83" ()'5 )G /+*+/+J+*( #'/'(" 8) 83" .)H*8&6S,
+*G&',8&H.8H&" '*# G'.+5+R", +* 83" ";"*8 )G ' @&)D'D5" K'&=
* * $ *
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
51/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
!*+,*&+-,$./01*
3_@IZZKKK-&G"&5-)&(Z.)*8"*8Z9&'*+'*26D"&O&/6T'.
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
52/91
o +a B +5+8 [
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
53/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
o',+a B'&'/+5+8'&6 [)&." v
26D"& u+5+R', =
b!)(H"=m wU".R;"e
3_@IZZ+&'*D&+"*(-*"8Z4@\`d\3_@IZZKKK-G)x*"K,-.)/Z,8)&6Z]M\cffMFfi^^`M]]-38/5
9&'*S, @'&'/+5+8'&6 /+5+R' 3"5@+*( /'+*8'+*
+*8"&*'5 ,".H&+86=
B&+/'&6 l)'5 +,I%"G"'8 )G PW",8)x+.'R)*MQ
9&'*+'* 8"&/ G)& 83" 3'&/+*( )G B"&,+'* .H58H&"
D6 W",8"&* +*kH"*.", @&","*8 +* 83" .6D"& &"'5/
9&'*+'* 26D"& B)5+."
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
54/91
!"#$%&'()*!+,+*(-.)/0
!"#$%
9&'*+'* 26D"& B)5+."=-
3_@IZZKKK-#'&
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
55/91
!"#$%&'()*!+,+*(-.)/0!"#$%
2)//+_"" 8) 9#"*RG6
V*'H83)&+J"# E+8",
3_@IZZ@&+;'.6-.68'5
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
56/91
Characteristics Iran Russia China
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
57/91
!"#$%&'()*!+,+*(-.)/0!"#$%
Characteristics Iran Russia China
Started IW/EW 2005 1999
Founding Father
Major General Yahya Rahim
Safavi(12342567)
S.P. Rastorguev
("#$%&'()*+C.,.) &Marshall Sergeyev(-#'.#//0*'(**+)
Used as Combined
Arms?Yes - 2011 Yes 2007 & 2008
Use of Hacktivism
as a Proxy?Yes
Yes w/criminal
intentions
Official Military
Command2010 2010
External
Motivators
United States of
America, UK & Israel
United States of
America
Internet Controls? Yes Yes
Criminal Cyber
Capability?Yes Yes
Impact on
Commerce?No Yes
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
58/91
!"#$%&'()*!+,+*(-.)/0!"#$%
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
59/91
!"#$%&'()*!+,+*(-.)/0!"#$%
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
60/91
23+ +
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
61/91
!"#$%&'()*!+,+*(-.)/0!"#$%
23+*"," +"K=
^` OVlVE7
\]^^
23+*"," B"&,@".R;"=-
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
62/91
!"#$%&'()*!+,+*(-.)/0!"#$%
23+*"," B"&,@".R;"=-
PO E);"&"+(* 2)H*8&6 uH,8 T';" E8&)*( %"G"*,"QD6 u+* %'3)*(M#+&".8)& )G 83" >"8K)&< m %+(+8'5 u"#+' !","'&.3 :." j 23+*' O.'#"/6
)G E).+'5 E.+"*.",N
PO/"&+.'S, B'*#)&'S, o)xS 26D"& E8&'8"(6 2)*GH,", 83" W)&5#QD6 E3"* y+$ [H#'* V*+;"&,+86S, %"@'&8/"*8 )G 9*8"&*'R)*'5 B)5+R.,N
P26D"& B)K"& E3H", 83" 2',SI T)K 23+*' 2'* :;"&8'
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
63/91
i
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
64/91
!"#$%&'()*!+,+*(-.)/0!"#$%
i
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
65/91
!"#$%&'()*!+,+*(-.)/0!"#$%
(CPC) (PLA) (SOE) (Dark Guests)
=-4 Groups!Official & Unofficial!.
23+ 9 G R 2 8 5
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
66/91
!"#$%&'()*!+,+*(-.)/0!"#$%
23+*"," 9*G)&/'R)* 2)*8&)5
!23+*"," l);"&*/"*8 9*8"*8"l)5#"* E3+"5#=[+58"& 83" 23+*"," 9*8"&*"8
o%",+(*"# ^ccdo:@"&'R)*'5 >: \]]fo29E2: @)K"&"# v .),8 d]]u VE%o23+*'S, u+*+,8&6 )G BHD5+. E".H&+86 buBEe )@"&'8",=-
"l&""* %'/=- 23+*"," l);"&*/"*8 E@6K'&" "U".R;"^ XH56 \]]c=*"K B2S, /H,8 3';" =-
!u+5+8'&6 [).H,!2+;+5+'* %+/"*,+)*j .)*8&)5 G&""#)/ )G ,"'&.3
v .)*8&)5 G&""#)/ )G ,@"".33_@IZZKKK-."&8/'(-.)/Z&"'#-@3@4+*fc]`3_@IZZKKK-"$+&-+*G)Z\]^]Z]iZ^fZ.3+*","$+*G)&/'R)*$'*#$.6D"&$K'&G'&"Z
3_@IZZKKK-J#*"8-.)/ZD5)(Z();"&*/"*8Z.3+*'$#"/'*#,$*"K$@.,$.'&&6$
,@6K'&"Zic]`
2B2
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
67/91
!"#$%&'()*!+,+*(-.)/0!"#$%
! Codified cyber warfare in 2010! In response to US Cyber Command 6 months earlier!
! Official Edict: protect national infrastructure fromexternal cyber threats President Hu Jin tao
! President Hus successor Xi Jin ping !.Motivations:
Maintain & Retain Chinese Dream! Ensure Chinas Sovereignty! Control Freedom of Search! Ensure stable transition of Communist Regime!
- 2B2
k?6'C@ 0A. '80.68.0
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
68/91
!"#$%&'()*!+,+*(-.)/0!"#$%
k?6'C@ 0A. '80.68.0dK
[)&/"& 23+*"," B&",+#"*8 TH X+*8') 3'# #".5'&"#
2)//H*+,8 @'&86C, +*8"*8 8) ,8&"*(83"*'#/+*+,8&'R)* )G 83" )*5+*" "*;+&)*/"*8 m /'+*8'+*
83" +*+R'R;" +* )*5+*" )@+*+)*=
"Au'+*8'+* 83" +*+R'R;" +* )@+*+)* )* 83" 9*8"&*"8N" P!'+," 83" 5";"5 )G (H+#'*." )*5+*"QN '*#M"AW" /H,8 @&)/)8" .+;+5+J"# &H**+*( '*# H," )G 83"
9*8"&*"8 '*# @H&+G6 83" 9*8"&*"8 "*;+&)*/"*8=-Q
3_@IZZKKK-&"H8"&,-.)/Z'&R.5"Z\]]hZ]^Z\iZH,$.3+*'$+*8"&*"8$3H$+#VEBwncFh]F\]]h]^\i
23+*"," 2)//H*+,8 ).+'5, 8) +*8"*,+G6 .)*8&)5 ";"* ', 83"6,""< 8) &"5"'," 83" 9*8"&*"8C, ".)*)/+. @)8"*R'5-
Aw*,H&" 83'8 )*" 3'*# (&',@, #";"5)@/"*8 K3+5" )*" 3'*#
(&',@, '#/+*+,8&'R)*=A
23+*"," 26D"& B)5+."
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
69/91
!"#$%&'()*!+,+*(-.)/0!"#$%
23+*"," 26D"& B)5+."
3_@IZZKKK-Da-.6D"&@)5+."-.*Z+*#"x-#)
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
70/91
!"#$%&'()*!+,+*(-.)/0!"#$%
E3)H5# 5))< 5+
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
71/91
!"#$%&'()*!+,+*(-.)/0!"#$%
!"/"/D"& g7"'/ l3),8 E3"55
BYO
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
72/91
!"#$%&'()*!+,+*(-.)/0!"#$%
! 500 BCSun-Tzus Art of War basis! Sun Pings Military Methods! 1995-Major General Wang Pufeng
Founding father of Chinese Information Warfare (IW)
!1999
- War Without Limits PLAAF Senior ColonelsQiao Liang & Wang Xiangsui
! 2002 - PLA's IW strategy spearheaded by Major GeneralDai Qingmin -
$ BYO
9*8"(&'8"# >"8K)&wWe
:.+'5 E8'8"/"*8 )G 23+*"," 9W
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
73/91
!"#$%&'()*!+,+*(-.)/0!"#$%
General Staff Directorates (GSD) Cyber WarfarePrincelings!
General Zhang Qinsheng General Chen Bingde General Ma Xiaotian Vice Admiral Sun Jianguo Major General Hou Shu sen
:.+'5 E8'8"/"*8 )G 23+*"," 9W
20 JUL 2010 ordered by President Hu
Jintao to handle cyber threats as Chinaenters the information age, & strengthen
the nation's cyber-infrastructure
!Han ChineseCommunist!
Technologists!PLA Leaders!. &
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
74/91
!"#$%&'()*!+,+*(-.)/0!"#$%
Chinas Goal is to achieve a strategic
objective!over adversaries!You have to meet my political conditions
or your government will be toppled, or
you promise to meet some of my political
conditions.
Major General Hu Xiaofeng, Deputy Director for theNational Defense University Department of Information
Warfare and Training Command Professor Meng Xiangqing, National Defense University
Institute for Strategic Studies
, 2009; [Online] Available at: http://www.thedarkvisitor.com/category/uncategorized/
23+*"," u+5+8'&6 =- [H8H&" :BE
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
75/91
!"#$%&'()*!+,+*(-.)/0!"#$%
P=8&'+* ' *"K 86@" )G 3+(3$.'5+D"& /+5+8'&6 @"&,)**"5 +* 5'&(" *H/D"&,M
+*8"*,+;"56 .'&&6 )H8 /+5+8'&6 8&'+*+*( H*#"& .)/@H8"&+J"# .)*#+R)*,M '*#
"*3'*." +*8"(&'8"# .)/D'8 .'@'D+5+86 D',"# )* "x8"*,+;" 97 '@@5+.'R)*=QN
P=+/@5"/"*8 83" /+5+8'&6 ,8&'8"(6 )G '.R;" #"G"*," G)& 83" *"K @"&+)#M '*#
"*3'*." /+5+8'&6 ,8&'8"(+. (H+#'*." ', 83" R/", ,) &"LH+&"QN
P=,8&"*(83"* *'R)*'5 #"G"*," '+/ 8) ,'G"(H' 23+*'C, ,);"&"+(*86M ,".H&+86 '*#8"&&+8)&+'5 +*8"(&+86 '*# "*,H&" +8, @"'."GH5 #";"5)@/"*8=PN
P="*3'*." 83" .'@'D+5+86 8) '..)/@5+,3 ' K+#" &'*(" )G /+5+8'&6 8',
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
76/91
!"#$%&'()*!+,+*(-.)/0!"#$%
E8'8" :K*"# w*8"&@&+,",
23+*' 7"5".)/ v )K*"# D6 83" 2B2M )@"&'8"# D683" BYO
TH'K"+ v )K*"# D6 G)&/"& BYO )."& #+&".8 5+*
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
77/91
!"#$%&'()*!+,+*(-.)/0!"#$%
E8'8" :K*"# w*8"&@&+,",
! Commercial theme, profit oriented!! Research base, ties to Chinese Academy of
Sciences (CAS)!
! International interest & focus!developingcountries!
! No organic innovation capabilities!!
Foreign cyber espionage capability via PLA (GSD) &MSS!
Common Themes!
>)&8"5 2'," E8H#6
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
78/91
!"#$%&'()*!+,+*(-.)/0!"#$%
2001 !. Insider plants data exfiltration trojan Corporate executives targeted!. Leadership avoids ignores warnings of threat Telecommunications Intellectual Property data theft continues
unabated!for TEN years
Market valuation and position lost! 2011 !Nortel ceases to exist as a Canadian Company!. Chinese State Owned Enterprises!Huawei ZTE suddenly take
global leadership in telephony!.
>)&8"5 2'," E8H#6=
` XV>w \]^\ P E".&"8 u"/) W'&*,
)G 2'*'#+'* 26D"& 73&"'8 O"&
>)&8"5 O_'.
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
79/91
!"#$%&'()*!+,+*(-.)/0!"#$%
O@@5" )G 23+*'S, w6" =-
!"#$%&'()*!+,+*(-.)/0
! 2+&.' \]]i v 23+*"," .5'+/, 8) 3';" +*;"*8"# +B3)*"=! O@@5" '@@"'5, v +, 3"5# '..)H*8'D5" G)& *)8 &"(+,8"&+*( 8".3*)5)(6=! B'6, uH5R$/+55+)* #)55'& 9B &'*,)/ G)& &+(38 8) 23+*' /'&
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
80/91
!"#$%&'()*!+,+*(-.)/0!"#$%
! O@@5" @'6, `] /+55+)* 8) ,"_5" 23+*' +B'#8&'#"/'&< #+,@H8"= \ XVYy \]^\ =!"H8"&,
! 23+*"," 2)/@'*6 .5'+/, 8) 3';" +*;"*8"#E+&+= XVYy \]^\
! 23+*"," 2)/@'*6 8'
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
81/91
!"#$%&'()*!+,+*(-.)/0!"#$%
v P%'&< lH",8,Q
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
82/91
!"#$%&'()*!+,+*(-.)/0!"#$%
! Originally supported by CPC & PLA Now uncontrollable!.Golden Shield Project? Comment Group! Elderwood Gang! Use of known Chinese malware for commercial purposes now!
! Reinforce PRCs nationalism via the web Taiwan, the renegade Chinese Province Punishing Japan for WWII war crimes, Daiyu Islands Confronting Philippines, Oil near Huangyuan Coderas anti-Chinese web rhetoric
! Capability to carry out Chinese State Policieswithout attribution!.
v %'&< lH",8,
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
83/91
!"#$%&'()*!+,+*(-.)/0!"#$%
MKKK
Characteristics Iran Russia China
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
84/91
!"#$%&'()*!+,+*(-.)/0!"#$%
Started IW/EW 2005 1999 1995
Founding Father
Major General Yahya Rahim
Safavi (12342567)
S.P. Rastorguev("#$%&'()*+C.,.) &
Marshall Sergeyev(-#'.#//0*'(**+)
Major General Wang Pu Feng
( )
Used as Combined
Arms?Yes - 2011 Yes 2007 & 2008 Yes - 2011
Use of Hacktivism
as a Proxy?Yes
Yes w/criminal
intentionsYes
Official MilitaryCommand
2010 2010 2010
External
Motivators
United States of
America, UK & Israel
United States of
America
United States of
America
Internet Controls? Yes Yes Yes
Criminal Cyber
Capability?Yes Yes Yes
Impact on
Commerce?No Yes Yes
2)*.5H,+)*,
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
85/91
!"#$%&'()*!+,+*(-.)/0!"#$%
2)*.5H,+)*,
^e 26D"&$",@+)*'(" +, ,8'8" ,@)*,)&"#N 6"8 #+&".8 '_&+DHR)* +, '* +55H,+)*=-\e 9&'*M !H,,+' m @5'* .6D"&$",@+)*'(" v #"G"*,+;"56 m )U"*,+;"56Nfe w'.3 >'R)* E8'8" 3', ,"@'&'8" m #+,R*.8 &"',)*,=ie O55 73&"" 2)H*8&+", ,8'&8"# 83"+& /+5+8'&6 .6D"& .)//'*#, +* \]^]NFe 2H58H&'5M ".)*)/+.M 3+,8)&+.'5 m 5+*(H+,R. 83&"'#, G)& 9&'*+'*M !H,,+'* m
23+*"," .6D"&$",@+)*'("N
`e 2+RJ"* 3'.
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
86/91
!"#$%&'()*!+,+*(-.)/0!"#$%
ce 9&'*+'* bB"&,+'*eM !H,,+'* m u'*#'&+* 5'*(H'(", '&" '*"x."@R)*'5 G)&/ )G .&6@8)(&'@36=
^]eO55 W",8"&* 9*G)E". 7".3*)5)(6 +*"U".R;" '('+*,8 [)&"+(*.6D"& '_'.'R)* E8'8" .6D"&$",@+)*'(" 83&"'8, '&" ;"&6 ,"&+)H, m K+55)*56 D".)/" /H.3M /H.3 K)&,"=--
2)*.5H,+)*,
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
87/91
!H,,+'* !"G"&"*.",=
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
88/91
!"#$%&'()*!+,+*(-.)/0!"#$%
AFGHIIJJJK.J18KL7*I>^9lI^9I>mIC/BM07MC76-.M'0M/A'.(1M)-)'8/0M-(7B)(ML@B.6M)F)LO/I AFGHIIJJJK.J18KL7*I>^9>I^>I^>I6.G760M6?//')M/Q((M)M0A6.)0M07M-(7B)(ML@B.6M/.L?6'0@MB?0M
(.//M.PG7/.1M07M)F)LO/I
AFGHIIJJJK0.LAJ..O.?67G.KL7K?OI8.J/I6.G760M/?G.6M1)8-.67?/M6?//')8ML@B.6M-)8-M)66./0.1MEf>>>
AFGHIIJJJK.J18KL7*I>^9lI^>I>fI6?//')8M)6*@M1.N.(7G/ML@B.6)F)LOM1.C.8/./I AFGHIIL7*G?0.6MC76.8/'L/K/)8/K76-IB(7-I>^99I9>I9EI1'-'0)(MC76.8/'L/M/'n'8-MLA.)Q8-MQ*.('8./M
J'0AM(7->Q*.('8.
AFGHII.)/07CL.80.6K07(K76-I>^9>I^EI6?//')8M0.)*M?8L7N.6/M/0?P8.0M78M/0.67'1/ AFGHII60KL7*IG7('QL/I761.6/MC/BM/'0./M)F)LO/M;^>I AFGHIIJJJK1.C.8L.0)(OKL7*IL@B.6M/?G.6J.)G78MN'6?/M?8L7N.6.1M6?//')8MU6*M;>f_EI AFGHIIJJJK'BQ*./KL7K?OI)6QL(./I;ml>llI>^9l^;^lIo)/AB)LOML6.)076M?8*)/O.1M6?//')8M
L@B.6ML6'*'8)(M*)P'*KA0*i
3_@IZZKKK-8".3*)5)(6&";+"K-.)/Z;+"KZi^dicFZ&H,,+',$.6D"&$,".H&+86$@5'*,Z
3_@IZZG/,)-5"';"*K)&83-'&/6-/+5Z#).H/"*8,Z!H,,+'*;H+K-38/
3_@IZZKKK-'+&@)K"&-'H-'G-/+5Z'+&.3&)*+.5",Z'@aZ'@ac`Z,@".c`Z83)/',-38/5
9!O>9O> !"G"&"*.",=
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
89/91
!"#$%&'()*!+,+*(-.)/0!"#$%
3_@IZZKKK-a@),8-.)/Z9&'*+'*73&"'8Z>"K,ZO&R.5"-',@x4+#\d`\fd 3_@IZZKKK-&"H8"&,-.)/Z'&R.5"Z\]^\Z^]Z]fZH,$+&'*$.6D"&$+#VEo!wdc\]u:\]^\^]]f 3_@IZZKKK-"H&',+'&";+"K-.)/Z]f^]\]^\$H,$+,&'"5+$.6D"&$'_'.
8/13/2019 Hta w01 Comparative Study Iran Russia Prc Cyber War Copy1
90/91
!"#$%&'()*!+,+*(-.)/0!"#$%
!"G"&"*.",= AFGHII0A.1'G(7*)0KL7*I>^9lI^;I9:I'/ML@B.6MJ)6M0A.M8.JML7(1MJ)6Ii)((p06?. AFGHIILA'8)1'-'0)(Q*./K8.0I>^9lI^;IL@B.6/.L?6'0@M)81M0A.M8.JML7(1MJ)6Ii AFGHII0A.1'G(7*)0KL7*I>^99I^fI>mI1'1MLA'8)MQGML@B.6MJ)6MA)81I AFGHII0A.1'G(7*)0KL7*I>^^:I^fI9lI78M0A.ML@B.6MJ)6G)0AI AFGHII0A.1'G(7*)0KL7*I>^99I99I^:ILA'8)q`>qf^q::/ML@B.6M*7N./MA?60MB.'r'8-Ii)((p06?. &'((')* sK t@88 222 &K 5.C.81'8- ) c.J 57*)'8H [A. k.80)-78u/ %@B.6/06)0.-@KII V76.'-8 $v)'6/K
#.G0.*B.6IhL07B.6 >^9^K
AFGHIIJJJKC76.'-8)v)'6/KL7*I)6QL(./IEEmm>IJ'((')*MrM(@88M'''I1.C.81'8-M)M8.JM17*)'83>:K^fK>^9^^9^I^f>:IG.80)-78MJ.'-A/M)GG(@'8-MG6..*GQN.MJ)6C)6.M0)LQL/M'80.68.0I 3l^K^fK>^9^