Defence IQ's Blog

We are the IQ of global defence.

Tag Archives: cyber

Rumoured Chinese computer espionage to be analysed by defence leaders

At a US hearing last month, two Chinese telecoms firms formally denied allegations that their products are being built for purposes of espionage.

Shenzhen-based Huawei and ZTE stated before the committee that the ‘backdoors’ believed to be built into some of the technology are merely ‘software bugs’ and that neither company is controlled by the Chinese government.

Lt Col (Rtd) William Hagestad, former US Marine and author of ‘21st Century Chinese Cyber Warfare’, has spent several years flagging this type of vulnerability to the digital security world, but many had previously not considered the idea to be a genuine threat.

Asked in an interview with Defence IQ about the recent developments that are finally bringing the issue to the attention of the wider public, Hagestad replied: ‘I wish I had been wrong.’

Explaining that the possibility of major telecommunications manufacturers violating their respective hardware for espionage purposes has always existed, Hagestad points to evidence to suggest that this is not a case of mistaken identity.

‘When you look at the recent DEFCON 20 presentation that describes in great detail some of the Huawei routers and some of the compromises that have led to buffer overflow, you can see that it is not a software bug,’ he said.

‘These are actual, no kidding, compromises to the hardware and software of the telecommunications manufacturers. Now whether they are overt, covert or unknown is irrelevant – the fact that they exist… is a concern not only commercially but also to the national security of the countries that are using them.’

Hagestad was speaking ahead of his involvement in the annual Cyber Defence & Network Security (CDANS) conference, set to take place in London from January 24–27, which bring together the world’s defence chiefs and heads of CERT, systems security, military IT, counterterrorism, and cybercrime professionals. Last year’s BBC-covered event hosted over 150 attendees and over 25 speakers from 24 nations.

This year, much of the focus will rest on dealing with the ongoing threat to critical national infrastructure and cloud computing, but there will also be inevitable discussion on the potential of the use of cyber weapons and foreign state responses to the evolving cyber domain.

Asked whether these allegations are likely to change how the technology industry manufactures its products, or if we are in fact too late to counter the threat, Hagestad is philosophical.

‘I would hope that we’re never too late,’ he said.

‘And I’m not one to say that we should ban every Chinese product. That doesn’t do international trade, cooperation, and geopolitical agendas any good – that’s actually counterproductive.’

You can listen to the full interview here.

Do you have an opinion on this topic? Can East and West ever see eye-to-eye in the digital realm? Email with comments, views and questions, or simply post your comments below.

More information on attending the event can be found on the Cyber Defence & Network Security website here.


Information: The military’s greatest asset

As a decade of operations begin to wind down in Afghanistan, it is clear that the military’s insatiable demand for timely, secure and high quality information will continue to grow exponentially. Some estimates forecast a near 1000% rise in information generation before 2020.

One thing is clear: More than bullets or bombs, information will remain militaries’ greatest force multiplier.

Afghanistan has shown that severe challenges exist in how information is gathered, exploited and shared in the global battlespace. While recent multinational and national networks have gone some way in alleviating a number of these challenges, it is far from certain that future mission networks will not suffer from the same problems.

The solution does not then lie in the military, political or industrial realms alone. A balanced approach will be required so that nations can make the most of the information that is out there.

Industry needs to provide solutions that are simple for people to use, can handle and exploit increasing volumes of data, and not cost the world. Militaries and their political superiors must start to take a serious look at the organisational structures and procedures they employ on operations.

Read the full article here.

2012 cyber threat predictions: Part 2

2012 cyber predictions: Part 1

Cyber crime: “It’s about the suffix crime, not the prefix cyber”

“We’re seeing 66,000 pieces of malware a day according to FireEye data; last year it was 20,000 a day and two years ago it was only 5,000 a day,” said Robert Lentz, President of Cyber Security Strategies and former CISO for the U.S. DoD at the Cyber Defence and Network Security conference in London.

The issue of cyber crime, cyber terrorism, and, dare I say it, cyber war, is becoming increasingly prevalent today and it shows no signs of slowing down anytime soon. Listening to Lentz it’s easy to see why. Indeed, Maajid Nawaz, Chairman of the Quilliam Foundation, said it’s only “going to get worse.”

“The defining change of our generation”

Cyber security has become, in many respects, just a buzzword. However, the threats hiding behind it are very real, and not least when a digital threat is turned into a physical attack.

“I’m not being melodramatic … but the reality is cyber threats will lead to lead to physical attacks,” said Lentz.

There are countless scenarios in which this could emerge. Hacking into a hospital’s network and altering a patient’s medical records would be considered an assassination. Hacking into a nation’s nuclear weapons system and fiddling with the delicate balance of its reactors could be considered an act of cyber war….ah, wait a minute….oh yes, Stuxnet.

Cyber war itself is an issue of particular contention. What is it? How do you define it? Does it even exist as a tangible entity or is it just a term dreamed up in an attempt to describe an ethereal concept?

Dick Crowell of the U.S. Navy War College has a thoughtful response to this. “I don’t believe there will ever be a thing which we can call a ‘Cyber War’ … but I think cyber warfare tactics will be employed in all future conflicts.” That is an important distinction because it suggests that in the future a conflict will not be defined by a single strategy; the onset of the threat from cyberspace is shifting the battlespace to a point where the lines between peace and war become blurred.

The trouble is with the term itself: ‘War’ has become convoluted over the past half century, it is used more as an evocative term than a descriptive one. Technically the US has not been at ‘War’ since 1945, it has instead been involved in supposed peacekeeping missions and counter-insurgency operations.

Shaw explained that: “The word war has lost all its meaning; it’s now only relevant in political theory, not as an operational term.”

Cyber hygiene: Managing the threat

“The growth of the internet is the defining change of this generation,” said Mark Field MP, a member of the Intelligence and Security Committee. Learning how to manage and mitigate the threats it poses will need to be the next.

“The reality is we can’t keep the bad guys out of our networks,” said Lentz. This means we need to improve our resiliency; we need to figure out how to ensure networks remain online and operational even during a cyber attack, Lentz explained.

For Lentz, the most effective response to this is to employ offensive cyber tactics. He called for key government and industry actors to conduct more drills, exercises and live operations as a way of preventing the advanced persistent threat.

For the military at least, the perception of ‘cyberspace’ has to change for this to become a reality. “We need to think about cyberspace as an operational domain, just like the land, sea and air domains,” said Lieutenant General Rhett Hernandez, Commander at U.S. Army’s Cyber Command.

Here, Lentz and Hernandez agree that changes must be implemented at the ground level. “We need to focus on the training dimension,” said Lentz. Hernandez shares this sentiment: “We need to think differently about recruiting and training.”

Staying safe online

Moving this argument forward, Major General Shaw, Commander at the MoD’s UK Cyber Policy and Plans Team, stated that “education offers the only response to preventing attacks.”

But that leads to an important question: Whose responsibility is it?

Should the government be the ones to educate the public about ‘staying safe online’ and legislate to protect against cyber criminals? More specifically is it a military or government services concern? Should industry be more accountable? Or is it up to the individual and the individual alone?

There’s no simple answer, but there’s little doubt government should be taking a more proactive approach. Whitehall has produced a Staying Safe Online campaign, but Shaw postulates that only about 1% of the UK population has actually set eyes on it (let alone heard of it) because it was not a promoted campaign. The THINK! Seatbelt campaign worked in 1973 because the government put its weight behind it, it was well promoted and reached the targeted demographic. At the moment the government is doing little more than going through the motions regarding cyber security – the ‘Great Get Along’ as Lentz calls it.

For now though, little is likely to change. We will likely only see a step-change in the government’s attitude towards cyber security after it’s too late, similar to how the War on Terror was born out of the 9/11 attacks.

“Cyber physical threats are on the horizon and that will be the ‘tipping point’ when the government really becomes involved,” said Lentz.

Shaw concluded that it will take a “whole society approach” to manage the advanced persistent threat in the future.

White House’s Cyber Strategy “surprising and disappointing”

So, after lengthy consideration, White House officials unveiled the “International Strategy for Cyberspace” along with the proposal for new, tough, cybersecurity legislation.

In response, the Chief Information Security Officer at Yahoo! has written up a review from a “practitioner’s perspective”, focusing on areas that he has found to be confused and underdeveloped.

Justin Somaini raises an important issue. Are policy decision driven more by academia than by frontline operational experience? And if so, are national and international security strategies destined to fail?

Others have also thrown in their thoughts on the paper over the past few weeks – chief among them China, whose media reports have openly criticised aspects from the government’s implication that it will allow itself to potentially meet any threat with military force, and that it could stoke more flames between the two nations in regards to public levels of freedom on the internet.

Europe is currently addressing many of the same digital issues, and will no doubt look to U.S.policy and its impact as they move towards more concrete cyber defence. Readers who want early insight into these developments can register at Cyber Warfare Europe 2011 being held in Berlin this September.

Secretary of State Hilary Rodham Clinton presents the official report

Private and Public sector must work closely together to combat Cyber Warfare Threat

Information sharing, education and cyber training are essential for mitigating the threat of cyber security for public sector, military and private sector bodies.

Information leaks, identity theft, malware and intellectual property theft are major cyber security threats facing private and public sector organisations alike. In an exclusive interview with Defence IQ Niels Groeneveld, head of Operation Aurora, the Cyberconflict Research Group for online cyber research and Robert Nowill, the Director of Cyber at BT, have strongly argued for the importance of the public and private sector to work together to combat the rapidly evolving threat of cyber warfare.

Both Robert Nowill and Niels Groenveld contend that more can be done across Europe to ensure a better working relationship between public and private sector bodies. Nowill contends that the preparation for organisations to deal with the cyber security threat varies across European countries and suggests that it is important for there to be a uniform, international response cyber threats across public-private sector lines.

However, even when there has been co-operation between public and private sector bodies, efforts have often been clouded by a reluctance to share sensitive information. This is now changing, according to Nowill, who states that there is a greater recognition amongst public and private sector bodies that organisations cannot form “an effective cyber security strategy without an increased degree of sharing some of the more sensitive areas.”

While there might be an array of advanced technical solutions to cyber security threats, Groenvield states that the weakest link in network security is often comes down to a lack of education and human error. If an end-user can be tricked into performing an unsafe action, he or she can compromise a network’s safety.

Robert Nowill concurs, stating that what fundamentally matters for organisations of all sizes and at an individual level, is cyber security education. Computer-based training, “cyber alarm” exercises and an ability to efficiently and appropriately react to a cyber security threat, can all help to mitigate cyber risks.

The cyber warfare threat will be discussed at Cyber Warfare Online, Defence IQ’s inaugural virtual summit that will bring together members of the US Cyber Command, USMC and NATO to facilitate information sharing across nations. For more information about the event, which will be taking place from June 13th – July 8th, please visit

Rapidly Evolving Cyber Warfare Threats to be discussed at Defence IQ?s Cyber Warfare Online

As cyber warfare threats continue to evolve at a rapid rate, senior representatives from the US Cyber Command, NATO and EU will discuss cyber warfare strategies, tactics and practices at Defence IQ’s Cyber Warfare Online Event.

In an interview with Defence IQ at Cyber Warfare Europe 2011, Lieutenant Colonel William Hagestead, USMC, contends that cyber vector threats will ‘change so rapidly that we won’t even know they’re there.’

From STUXNET to Wikileaks, recent attacks on critical infrastructure and information security lapses, have thrown cyber warfare into mainstream headlines and made military bodies such as the US Army and US Marine Corps, which are traditionally focussed on kinetic warfare, move onto the cyber security domain.

In order to address the strategic and tactical challenges faced by cyber professionals within military bodies, cyber security companies and intelligence agencies, Defence IQ will be holding Cyber Warfare Online 2011.

The virtual summit, which includes a keynote speech from Brigadier General John Davis, the Director of Current Operations for US Cyber Command, will keep cyber professionals up-to-date with the latest developments in battle management, command and control and defensive counter-cyber strategies.

It will also be a prime opportunity for cyber warfare and cyber security experts to see how military bodies are developing their exploit and attack capabilities in conjunction with government and intelligence agencies. Given the transmogrifying nature of cyber warfare threats, forums such as Cyber Warfare Online play a pivotal role in developing and understanding effective cyber warfare and security strategies.

In spite of the fast-evolving nature of cyber warfare threats, Lieutenant Colonel Hagestead, who will be speaking at the event, suggests that cyber warfare incidents can be far from typical and that while ‘there may be cyber battles but there will not be full scale cyber warfare’.

He also notes that the curious character of cyber threats is that they are more likely to be internal, not external.  ‘If one looks at the recent case with the wikileaks example…it’s purported that the majority of the data was leaked from an internal source. That goes to show that the majority major threats are going to be internal, not external.’

To listen to the full interview with Lieutenant Colonel William Hagestad II,  Force Movement Control, US Marine Corps on ‘Transmogrification’: US Marine Corps Cyber Officer Stares Down a Rapidly Changing Threat’ visit For more information about Cyber Warfare Online or to get involved, please visit

US and UK Formalise the Cyber Terror Risk to National Security

It’s official – national security strategies in the US and the UK have formally acknowledge the role of cyber security in the national security hierarchy. Dr Dan Kuehl is director of the Information Strategies Concentration Program at the National Defense University in Washington, DC. He specialises in information operations and warfare as well as military doctrine for IO. In this interview, he explores the Stuxnet threat and how this impacts the west’s ‘cyber dependency’ predicament. Dr Kuehl chaired this year’s Cyber Warfare event in London.

Watch the full video here:

Cyber Defence Event Series demands Call for Action from Global Security Industry

Europe’s leading cyber warfare conference has revealed an urgent demand for investment and integration between national defence agencies and private computer security developers if major crisis is to be avoided.

The fifth Annual Cyber Warfare Event, which took place this January at London’s American Square Conference, brought together its biggest assembly of military and industry specialists from over twenty different nations, and included presentations from the UK GCHQ, German Ministry of Defence, and United States Air Force.

According to a survey undertaken at the event by conference organiser Defence IQ, 89 per cent of responders with an opinion on the matter stated that they did not believe the public and private sector work closely enough together to properly mitigate the risk of a cyber attack on a nation’s critical infrastructure.

72 per cent of responders believed that more spending by government and military was also required in the field to better protect against an attack, despite worldwide budget cuts forcing most militaries to scale back on procurement and investment in traditional warfare.

Other findings included an uncertainty about the future of “cyber-weaponry” and a perceived deficit in the efforts made between joint powers to share and discuss national programmes or initiatives.

Speaking at the event, Dr. Daniel Kuehl of the Information Resources Management College (IRMC) at the US National Defence University insisted that the forum sets a precedent for discussion on the topic.

“This conference in particular brings together a tremendous diversity of attendees and speakers from within the militaries, of the governments and of private sectors as well. That’s one of the reasons why I think this conference in particular has been so successful and has had the impact it’s having.”

Defence IQ’s Cyber Defence series will continue throughout the year, hosting the Critical Infrastructure Protection summit in London from March 29. The event will focus on the need and requirements for contingency planning to protect the most vulnerable of national infrastructure, from transport networks to power plants.

This will be followed by the annual Cyber Security conference at Le Plaza in Brussels, Belgium from May 30, to provide a technical spotlight on government-industry network protection.

From Dr. Kuehl’s perspective: “One of the key problems is ‘who are the owners and the operators of these critical infrastructures?’ And ‘how do you get the various pieces of the private sector to view this through a broader lens then their own business-specific soda straw?’ We’ve made a lot of progress in this area, but there’s a lot more that needs to be done.”

Additional articles, speaker interviews and other downloadable material is available online at and, respectively. Bookings can be made by emailing, or by calling +44 (0) 20 7368 9300.

The Defence IQ – Military Community LinkedIn group is open for membership – for related content, join the Defence IQ community at

%d bloggers like this: