I'm assuming that uses radar triangulation to determine the firing location, rather than actively try to ward off incoming rounds... unless technology has improved FAR more than I was aware of!
Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online. The data was pilfered and dumped on the internet by the criminals behind the DoppelPaymer Windows ransomware, in retaliation for an unpaid extortion demand. The …
"[...] at least compared to a cricket bat."
In a Modesty Blaise novel - possibly "The Impossible Virgin" - a cricket bat is used to project primed hand grenades from behind a wall.
In a boys' comic of the 1960s. A story culminates in hand grenades being launched from a hand sling - following practice with small aubergines viz "egg plant".
In both cases the grenades were the British Mills Bomb style.
Can't speak for the one in the article but there are anti-mortar systems that detect the incoming rounds and shoot them out of the sky. There's one based on the the Phalanx naval anti-missile system - Phalanx CIWS. Phalanx is primarily anti-missile, but it can be used against mortars and artillery, although probably with a lower hit-rate. Also note that the gun fires a shed-load of rounds in the general direction of the incoming - it doesn't knock them out of the sky with a single shot. More of a grouse shooter than a sniper.
Yes, it’s learning the firing location that is the primary idea, so that you can lay in your own artillery on that location. The idea is, if you’re paying attention, to have your rounds heading back before theirs even land.
Of course, if they’ve got the same sort of radar you probably want to be careful to fire back only if their rounds are on target, because they may be firing in a general direction to illicit your artillery response so they then learn your actual location...
And if you throw in battlefield ESM too, your radar is giving away your location anyway, so you might not want to be using it routinely. That places an emphasis on keeping one’s ears open, switching your radar on only when you hear a thump, and make sure that your radar is well away from your artillery. But then you still have to second guess whether theirs are on target in the first place.
All in all, best be sneaky and be somewhere else entirely.
Just to nitpick slightly but mortars go crump, not thump. I'm slightly expert since the Barry Buddon military training firing range is within earshot of Muscleguy Towers, especially if the wind is from the East.
The lower cycle path between here and Carnoustie goes right past it, on their side of the railway line. I have run along there with an absolutely furious fusillade of automatic fire sounding from the right without an issue. They let wander around when the flags are not flying and all the ranges have high earthen berms behind them and none face inland, just in case.
Though they usually fire the mortars while I'm returning along the upper path by the A92 to Arbroath but the sound carries well up the hill so I'm familiar with the sound. Most of us can discern side arms, grenades, light automatic, heavy automatic and light artillery such as mortars which go Crump.
If post viral lockdown anyone is interested in taking such a stroll drive to Monifieth centre and follow the signs to the beach where you leave the car. Walk to the shoreline and follow the path above the beach, if the flags are not flying. There should be a squaddy in the guard box to prevent you as well. They are very careful. There's even a marine exclusion zone as they are wont to put target pontoons out for the heavier stuff. You are strongly advised to leave anything interesting you might come across well alone though.
It is also a good example of undeveloped coastlal Links which have not been turned into a golf course if you want an idea of how golf got started. You can walk all the way out to the lighthouses on the point as well.
There is also the technique of "shoot and scoot", which is what mobile arty is all about these days. But yeah, when the stakes get high enough, the counter-counter-counter-counter strategy loses to the counter-counter-counter-counter-counter strategy. Unless the counter-counter-counter-counter strategy changes at the last minute. Then all bets are off.
If I recall correctly, Lockheed have a 50kW laser weapon that can just heat rockets until they explode from several km distance. It can quite easily destroy planes. No suggestion they stole the docs for this though, as I imagine Lockheed have a variety of laser/radar/thermal scanning equipment in their portfolio.
I would personally not want to upset someone with that kind of weapon in the warehouse.
Laser systems aren't a magic kill against missiles. Most rely on melting a small spot on the missile skin and have aerodynamic forces tear it apart or start it tumbling. The simple approach of spinning the missile nearly defeats this, although it takes a more sophisticated or much simpler (e.g. the original sidewinder, which was awesomely clever) control system to do this.
"The simple approach of spinning the missile nearly defeats this, although it takes a more sophisticated or much simpler [...]"
An enhancement of primitive spears was to wrap one end of a short thong round the shaft several times. The other end was attached to the thrower's arm. When the spear was thrown the unwinding thong caused the shaft to spin - thus stabilising it in flight and increasing its accuracy.
There are various C-RAMS ssytems that the US has based on 2+ gatling guns firing a lot of lead and incendinaries to make life hard:
Not sure of the effective hit rate but it looks like they can target between 25-30 incoming rounds between reloads.
It is total and utter negligence that this contractor has allowed this information to be accessed by unauthorised individuals. Visser Precision should be barred from any further contracts, and whoever is/are responsible for their computer security (depending on if it's due to denied funding or just plain incompetence) should be locked up for a very long time.
this contractor has allowed this information to be accessed by unauthorised individuals
Oh that ship has sailed long, long time ago. As a matter of fact, that ship has even reached it's destination port and (may have) offloaded highly-classified cargo before anyone knew about it.
As a virtual real world example :
Try to secure a building. You use Perimeter controls, fences, secure doors, alarms, etc. Not hard, right?
Now try to imagine to secure a building where fences have holes you cannot see. Where walls have doors you cannot see. Some walls that used to exist forever are gone the next day. Some walls only look like walls when in reality they are just props from a film set. Where people that you cannot control are working on structural changes and who routinely refuse to tell you what they did. Where alarms notice some trespassers while ignoring others. Where you learn one day that while you thought you had the only keys to the building, the company who made the doors was handing out every key to every door they ever made to anyone who asked...
Good luck with that...
To expand on your real world analogy, real world security is mostly about making it harder and more difficult to enter premises or steal a car.
It doesn't make it impossible to enter, given enough time and some tools anyone can break into a bank vault or office but time is whatvreal word thieves don't have, they will be discovered and caught.
Infoscabs on the other hand can operate unseen and mostly undetected usually until it is too late, even when they are detected, it is usually only their virtual presence o are difficult to catch and prosecute physically.
"Infoscabs on the other hand can operate unseen and mostly undetected usually until it is too late"
That is down to who is watching, like in the real world, scouting the place, usually don't notice them, but if they have found a way which isn't monitored, they may be able to get in unnoticed. It's this part which is the problem. Most places will say that they monitor everything, when in fact they monitor nothing, just log, or have random crap showing up. They don't know what to look for.
Like with the bank job, someone cutting into a vault isn't normal, so is picked up and reported. Someone being some where they shouldn't is less likely to be, depending on who found them.
Most stuff with online security is post break in as the people monitoring do not know what to look for as people do not know what our of the ordinary, unless it's so blatent.
@EricM: "Now try to imagine to secure a building where fences have holes you cannot see. Where walls have doors you cannot see. Some walls that used to exist forever are gone the next day. Some walls only look like walls when in reality they are just props from a film set. Where people that you cannot control are working on structural changes and who routinely refuse to tell you what they did. Where alarms notice some trespassers while ignoring others. Where you learn one day that while you thought you had the only keys to the building, the company who made the doors was handing out every key to every door they ever made to anyone who asked..."
Now imagine the liability if you used that place to store hugely valuable stuff. You would have done your due diligence on the building before using it, and not taken someone else's word for its security. To do otherwise would find you liable for civil and possibly criminal action.
The problem with infosec is that there is too little liability when things go wrong. It needs to hurt if you use a movie-prop instead of a reinforced wall.
If you're the one choosing that, then yes, but the problem is that you're counting on somebody who told you the wall was solid concrete, when actually it was just thin plaster.
This is the state of computing today : Microsoft denies all responsibility if something goes wrong, anti-virus vendors do the same, everyone is functioning under "best effort" rules, and along the line, someone forgot the concrete.
Not to mention that it is not specified how the miscreants managed to get into position to encrypt the files. A click on a wrong link is not too far-fetched.
The real problem is that a defense contractor did not have sufficient intrusion detection. I'm guessing they had backups, but that won't keep the scum from publishing.
Security is hard, that's for sure.
If you're the one choosing that, then yes, but the problem is that you're counting on somebody who told you the wall was solid concrete, when actually it was just thin plaster.
This is the state of computing today : Microsoft denies all responsibility if something goes wrong, anti-virus vendors do the same, everyone is functioning under "best effort" rules, and along the line, someone forgot the concrete. ..... Pascal Monett
So simply complex misdisinformation is the problem bastard child, Pascal Monett?
A little twisted brother to the monstrous fcukup presently busy destroying money, bond and stock markets with their portfolios of bankrupt zombie operations and grand theft autocracies professed and processed to be untouchable and omnipotent rather than be known terrified of that and/or those au fait with being invisible and omniscient.
Is that why dodgy corrupt command and control systems cannot handle novel information which they do not possess?
> Now imagine the liability if you used that place to store hugely valuable stuff. You would have done your due diligence on the building before using it, and not taken someone else's word for its security. To do otherwise would find you liable for civil and possibly criminal action.
Accept criminal liability for security in a world where invisible doors exist and you cannot tell concrete and cardboard apart?
I'd get a new job immediately, since no amount of due diligence will make sure I have not overlooked one of the invilible doors. Or that no new door will pop up due to changes made by somebody else tomorrow.
@EricM: "... security in a world where invisible doors exist and you cannot tell concrete and cardboard apart?" That is part of what I'm talking about - is it a fundamental truth that invisible doors and papier maché walls will exist? If so, why?
"... no new door will pop up due to changes made by somebody else tomorrow." Surely this is part of the problem - too much reliance on "somebody else".
"... no amount of due diligence will make sure I have not overlooked one of the invisible doors." Then a new model is needed, and liability is a very effective way of doing that. Currently, we are at the pre-Factory Act* level, with risk externalised. That risk needs to become internal so that the metaphorical factories are built properly.
*Not exactly analogous I admit, but illustrative.
> That is part of what I'm talking about - is it a fundamental truth that invisible doors and papier maché walls will exist? If so, why?
Neccesarily. Whatever you need to do in computer security, securing Websites, Web-Apps or simply securing documents inside a company, you need to work with existing (and continually changing) hardware, firmware, drivers, operating systems, network protocol implementations, firewalls, management solutions, etc.
Every component you work with is updated regularly (if you do it right). This means a) known bugs a closed, b) new features are added and c) new bugs are introduced, every single one a potential new door.
On all architecture levels mentioned above - simultanously.
> too much reliance on "somebody else".
Yes, every application you create/run/maintain today sits on a ton of other software you cannot control.
OK, you _could_ try to create a for example document management solution based on your own Hardrware, firmware, drivers OS, own network stack, own firewall code and finally own application.
But you'd need to invest thousands (millions?) of man-years to create and test tons of new new code.
And with an overwhelming probablitity your own code will have many more bugs than the stuff already on the market that has been tested in in thousands of installationson.
So, yeah, relying on somebody else is a problem, but having to code everything up from bare matal yourself would pose a worse problem in terms of security, let alone feasability.
@EricM: Thanks for a comprehensive explanation of the current situation. However, you can't derive an "ought" from an "is". The current situation has grown into a clusterfuck, but lack of liability is part of that. There is no incentive to fix it at the moment - you (and I'm sure you are good at your job) are dependent on the weakest coder working for the lowest bidder. Given that the importance of computers to modern society is more important than coal to the industrial revolution, this cannot, morally or practically, be allowed to go on - this the law needs to step up and wield a baseball-bat to the industry.
I’m currently being pressured into doing stupid things because people who don’t have my skill set think it’s a better way of doing my job.
That’s why stupid invisible doors in invisible walls get built.
Another 1 I spotted the other week, a part of the business complaining network connectivity isn’t working, demanding we escalate to get it to work. Simple questions like what is the hi level design and what do you need to connect to what go unanswered, just demands to allow through ip ranges but no detail as to what to allow the, through to. An old change request raised Over a year ago showed a change was made 3 weeks ago to accommodate this request and was performed by a junior engineer who did not question the intention and applied access to an existing rule.
Turned out the access they needed was to a cloud deployed system, not managed by us with no visibility by us, and we have had no further contact from that business unit since they fixed their issue. Questions about PII/Pci etc also unanswered.
That unnecessary access they got implemented is still there though. Can I get a change approved to remove it, no, who’s gonna pay for that?
That’s how invisible doors in paper thin walls get made. no one is ever going to close it
Now try to imagine to secure a building where fences have holes you cannot see....
So you encrypt your data when it's at rest.
You may not see the holes, but you should know where they will be. You set up firewall rules with a whitelist for the only permitted external connections. You disallow externally initiated conections through the firewall, although I'll accept that in this case the ransomware probably initiated connections from inside the firewall - though it's still worth seeing what you could do in that area.
And ultimately, of course, if the sensitivity of the information is great enough, you air gap your systems - with no connections to the outside world.
And so on....
Sure you do that - you block all known attack vectors to access the data.
Until someone comes up with a new idea or - as is likely in this case - someone turns an authorized user's computer into a trojan horse that effectively steals the documents.
For encryption at rest:
Many people think that's a silver bullet, however, if continous accessability of the information is part of the requirement (which is true in most cases) you need to distribute the password/private key in some form to the point of access, otherwise even the authorized end user cannot read and work with the data. That's why I tend to view most implementations of encryption at rest somewhat as snake oil. The just make it somewhat harder to extract cleartext data.
Same problem with air-gapping systems.
In this case you need to bring every user of the data behind the air gap. Which excludes such a solution from most real-world scenarios.
Especially in complex distributed development, where optimized sharing of documentation/information is regarded as key to mission success..
Another analogy is to invest trillions in people technology, buying influence etc etc to learn state secrets and then declare some secret about a foreign state to your president who then blabs about it on tv or twitter.
All the security, processes and technology won’t defeat that unless the process is not to tell the President for fear of unraveling everything.
Allowing internet access to your secure systems is fundementally a bad decision if you want to retain security.
Again with the banking analogy breaking in is one thing getting out with the loot is another, if the only way to access the data is by physically being in a secure and policed area then the chances of catching the bad guy before he causes you real issues are much better than where the bad guy can be sitting at home in a different country.
Given the number of recent US security breaches that were down to "security inept"/stupid contractors not taking the same security measures as their client then one wonders if allowing extrernal contractors is really a good idea, assuming of course that these leaks are not intentional misdirection.
in the olden days, default gateways where to a black hole on each site and each router.
We are now being asked to implement default gateways so that cloud services work, from Meraki, to Google services, to ring central, to zoom, to cloud hosted offerings with Load Balancers.
fundamental basic security is continually undermined to enable stupid cloud offerings that replace perfectly functioning internal systems.
You forgot to add "And where the security staff make genuine, justified access to the building such a nightmare of locks, checks and sheer bloody-mindedness that every employee who can arranges his or her own private gate into the most secure areas.
That's awesome if you want a cover up, in cyber security the most effective operate a blame free culture, learning from mistake and implementing effective controls.
Please don't get a job in cyber security, we need to reduce breaches.
...and yes I suspect it was started by something basic...just someone opening an email on a system due a patch that day.
This sort of data sounds like sensitive, but not classified, information (a category called "controlled unclassified information", CUI). In the US, the prevailing attitude is not that suppliers "should be barred" so much as noting that they (Visser) may have difficulty getting new contracts from their customers (whose data they allowed to leak)...
Biting the hand that feeds IT © 1998–2021