Israel is no stranger when it comes to rocket threats and has multiple countermeasures. So far, it seems to work pretty well overall when you look at the number of Israeli casualties due to incoming rocket fire. For the number of shots fired into the country, it is remarkably low even with the horrible accuracy of the rockets being fired.
I don't really know what use they have of such documents.
I mean there aren't that many places in the world where you could sell that. I still wonder if any tech developed by iron dome is really useful at all for terrorits, Russia or china.
I mean if hamas really has enough resource to build stealth rockets, or rockets than would be able to dodge iron dome, but I don't think they really have the resources to develop such thing.
I always wondered the same thing, when I worked at aerospace companies. I mean, how much use can stolen blueprints be in inches and pounds to countries on the metric system? And that's just for starters. A lot of the time, the engineers barely understood what kept a vehicle together and functioning. How would a bunch of engineers from a completely different culture understand them?
Also, just copying is going to lead you down strange alleys. I can recall one proposed engineering change to a drawing so that the drawing had the actual bolt hole size on it, not some smaller size. Yes, that's right, the 15 year old drawing had smaller bolt holes specified than actually were on the real, physical hatches. Stuff like that
happens all the time. A simple copy might not be flightworthy, much less fit to assemble.
Units are quite easy to convert, but I think there are lots of obvious reasons this information was sought. First off it was really cheap to steal and had nearly zero risk (Israel has no way to prosecute anyone in China). Simply the psychological factor of knowing that your secrets could be known to anyone who wants them is justification for such a hack. Finding solutions to problems or weak points in the system are a nice cherry on top.
Units are indeed easy to convert: getting an equivalent bolt or rivet or hi-shear or what have you is not. ISO or DIN thread on a bolt isn't the same as ANSI thread, either, they have different strength and fatigue characteristics. Fasteners are a big deal in airframes - in order to be light enough to fly, they have to have stressed skin construction. That means correct size, materials, number and fatigue properties of fasteners are key.
You're grossly underestimating the amount of work that goes into fasteners and how hard it would be to choose ISO, or Russian or Chinese equivalents.
As for the psychology of your secrets being out there, we used to wonder who in the company was leaking info to "Aviation Week". Every project I worked on that had a feature in "Aviation Week" had no general secrets. It was all there, in detail.
I guess I was under the impression that it wasn't so much that China intended to completely copy whatever they steal the plans for. Simply knowing the plans would seemingly make it easier to know its true capabilities (and cost, weak points, etc).
It's similar to why there's a market for complete tear downs of electronics--competitors are interested in the guts and components even if they never intend to rip it off. Knowing how someone else solved the same problem you're working on is always valuable.
For systems as complex and interrelated as airplanes they sometimes do build a direct copy. That reveals for them the failures in their own techniques and materials. Also, it serves as a general prototype for the next iteration.
Do you have any idea what kind of copy? I mean, McDonnel Aircraft used to build what they called "iron birds", dimensionally accurate, but maybe not made of exactly the right stuff, as an iron bird was used to see if wiring harnesses and tubes fit through various runs. Using titanium parts for the iron bird would have been a gross misuse of money. There were also dimensionally correct copies made of the right materials, but usually without piping and wiring, for dynamic testing. I forget what they called those.
I suppose CAD has eliminated a lot of the need for iron bird-style copies, but maybe not.
I was thinking along the same line. Even worse, what if the company moved the blueprints to a different server, and they got really early prototype versions of the blueprints?
I've worked at several places who moved, changed and deleted projects on various servers on a regular basis during the course of a big project.
My guess is that China isn't particularly interested in the Iron Dome. Sounds more like the UAVs and they got Iron Dome by dragnet as a sort of added bonus.
Well in future conflicts if the US or Israel were to deploy it against them (China), having the full schematics of it would certainly be beneficial. Seems right out of the PLA playbook to me.
That being said, Israel and the US are a decade ahead of the Chinese in UAV technology and they know it. Letting us do the R&D and them steal the secrets is certainly an expedient way to close that gap.
Or china develops the tech, and gives it to those who would work to further disrupt the region? The question is - what does China gain from an even more chaotic middle east?
Perhaps to throw a wrench into U.S. interests there? Being able to provide internal details of Israel's defense systems to anti-Israel factions would make U.S. intervention more necessary, allowing China a little more wiggle-room to do... something.
Defeating radar technology is still an uphill battle though. For a quick look at what you're dealing with, try Googling investigations on disrupting police radar guns (which is a very similar technology really as far as tracking radars for projectiles go).
I've no doubt a state might be able to come up with a counter-measure based on this, but it would not at all be cheap or easy to implement (and Iron Dome doesn't work well enough to justify it in a normal war situation).
Chinese hackers have been incredibly good at infiltrating defense contractors around the world. This is just the latest in a very long list. These types of intrusions really do reduce any technical military advantages the "West" has over China.
Many of the technical advantages that the "West" has over China with respect to weaponry are not based on things that are easily copied. The fundamental advanced technology behind most state-of-the-art weaponry is the ability to do bulk, ultra-precise fabrication of very exotic materials. There is an enormous gap between having the specifics of the design and implementing it effectively when it comes to advanced materials fabrication. There is quite a bit of arcane "magic" to it.
This was the basic technology advantage the US had over the Soviets during the Cold War. Russians had access to our designs (the captured a lot of our weapons) but did not have the ability to fabricate the required materials at the precision required to effect their own copies of the capability.
This advantage is either completely gone, or will be within the decade. China also has the advantage of being able to correct design mistakes, like the F35's lift fan.
In addition to the problems of fabrication and manufacturing, there is another issue. Specifically, China lacks the ability to design their own military systems. The ability to steal and maybe use the designs of others does not make up for this.
Besides, it's never a purely technological advantage. There needs to be doctrine and well-trained troops in place too.
>Besides, it's never a purely technological advantage. There needs to be doctrine and well-trained troops in place too.
I was a Soldier for over a decade. Engineers and computer scientists are what makes our military great. Most nations have well-trained Soldiers. Many nations even have larger quantities of highly trained Soldiers than we do.
The average citizen seems to think of basic training like its the Special Forces selection course. Basic training is incredibly easy. Its supposed to be easy, that's why its called basic training.
Don't get me wrong, there are lots of good Soldiers in the U.S., but there is nothing inherently superior about the American fighting man. That kind of attitude makes it sound like we are some kind of master race.
Yes. Apparently Chinese are awesome at getting caught too. Especially in cases where you can't prove anything. Weird that Americans never get caught, who knows. Maybe US doesn't do that sort of things.
The US/Israel did get caught with Stuxnet, so either they wanted to be found or they aren't perfect at hiding either. Note that I'm not making any comment on the ethics; I'm just mentioning evidence of the other side's activity.
Were they actually "caught", or was it simply determined that the level of sophistication was something that could only have come from state-sponsored malware (a claim I find dubious at best, but whatever)?
I'm curious, why do you find that claim dubious? That is the conclusion of numerous top security experts, not just some pundits with an agenda.
It seems like you're scoffing at the idea that only a national government could produce software that is "that good," or maybe even that they could at all, but mere code quality is not the whole basis for the claim. It's also the (initially) extremely precise target, the intelligence needed to affect the physical results they were after (disruption of uranium enrichment centrifuges), and the unprecedented effort to cover all tracks of the worm.
Ralph Langner, whose team did a lot of the primary technical investigation into the worm, has said "the leading force behind Stuxnet is the cyber superpower – there is only one; and that's the United States."
There are also numerous bits of circumstantial evidence detailed on Wikipedia. A former Vice Chairman of the Joint Chiefs of Staff was put under investigation by the DoJ last year for allegedly leaking info on Stuxnet and "Operation Olympic Games." At this point it's all but certain, I think one would need a pretty good reason to be doubtful.
> I'm curious, why do you find that claim dubious? That is the conclusion of numerous top security experts, not just some pundits with an agenda.
It's entirely the notion that it could only have been state sponsored that I have trouble with. While there may be no organization with resources comparable to the US government to throw at cyber security in general, there are certainly organizations which can throw large resources at any given particular problem.
Of course, other organizations that might have had the resources to create Stuxnet wouldn't have had the motive or the relevant context (knowledge of details of Iran's nuclear enrichment program) to do so. In that regard I don't doubt in the slightest that it was state sponsored malware, but I think it's dangerous to claim that anything could only have been state sponsored, as it accords a level of resourcing to the state that likely also applies to, e.g., organized crime or exceptionally large corporations who might not have our best interests at heart (not that I think the state always does either, mind you).
That said, my original question was genuine. I didn't follow Stuxnet after the initial speculation that it looked like a state sponsored project, and thus I didn't know whether we'd been officially caught or whether it was still (extremely well founded) speculation.
The fact that to build stuxnet required building an exact copy of the target uranium enrichment plant indicates that it was done by one or more states with deep pockets
Or maybe the US are being caught but other countries don't typically publish the fact they are catching the US. I can't see chinese/Russian leadership announcing to the world their systems have been hacked.
One way of dealing with intrusions like this is to leak documents with subtle design flaws in them, rather than correct designs. If enough of the stolen material requires checks by skilled engineers before use, it dramatically reduces the value of the stolen material.
(Of course, this requires the intrusion to be detected before it is over.)
It is standard practice in classified material communities to have carefully controlled variants of documents and a log of where and when the subtle variations go in order to detect and source leaks of information. When any particular area is detected as suspect, misinformation dressed up to look more valuable is then carefully spread in that direction to see who takes the bait. They are then either used to send misinformation or, if they have served their purpose or have nothing to offer, removed (fired/imprisoned or whatever is appropriate).
The Americans (TV Series) had a couple of themes based around this - it's not exactly a secret strategy and receivers of information know to verify what they get before getting too excited.
Since we're talking about government actors here, nowadays they would not be easily fooled and would have skilled engineers checking stuff no matter what, so that is not going to add any 'cost' to the operation. People in the espionage game learn pretty quickly or they don't get to play for very long.
Not a bad idea. Maybe they could name the flawed documents as "Blah Blah Blah [Final].doc" or "... [Corrected].doc" to throw them off the trail. Meanwhile, verbally inform internal staff to ignore anything with "final" in the title.
It might cause some confusion from time to time, such as with new staff, and of course some dumb person will end up mentioning the practice in a document, thus blowing the secret. But it will still make the intruders' job harder.
If defense firms are constantly under attack then maybe a good counter attack would be to embed exploits in documents that would "phone home" when opened outside the firms networks.
I can't imagine hackers being as stupid as to allow scripts run in the documents. Actually, most modern software prevents such "phoning home" AFAIK (e.g. your mail client, Word, Excel, ... all ask you before loading remote images and executing scripts).
Maybe an encrypted document which phones home for the keys? And to force the user to run the script, make it so that the encrypted blob is generated by running the script (and it's painfully obfuscated to prevent reverse engineering)
How about just "an encrypted document"?!? Why would they share the keys?! Anyhow, no competent hacker would do that, and no hacker with a botnet would give themselves away even if they did that.
Keep in mind that would not matter even if you could pull it off. Everyone already knows who the prime thieves of military / defense contractor technology are. Despite knowing that, nothing has ever been done about it. The routine will continue to be to 'fight back' with defense, because of the fear of overly angering China.
Unfortunately I can't find it, but if you dig around the CIA FOID documents on their website, you'll find a story about the fake shuttle documents the CIA "allowed" the Soviets to steal. They knew the Soviets were digging around, so they created a honeypot with technical documents that were oh-so slightly changed, but would be non-functional.
Too bad I can't find it, it was an interesting read.
They'd open them inside VMs without networking. Try phoning home inside a setup like that setup by a professional hacker.
...ya I don't think you'll phone home either.
You have to realize these hackers are people who have to deal with honeypots & law enforcement without getting infected/exposed/whatever. They are going to take some precautions if they are to be successful in the long run.
I love this: Five Chinese Military Hackers Charged with Cyber Espionage Against the US. Just 5? On the other side there's an entire entity known to spy/hack/attack virtually everyone.
In light of all these "iron dome doesn't work" articles, this is some great propaganda (intentional or not) that the system is effective enough to be stolen and copied.
> "In light of all these "iron dome doesn't work" articles"
I've not seen them; if you have links handy I'd like to go read some more.
My understanding was that they were managing between 80-90% success rate for the targets they aimed for (which is pretty good) but also that they were deliberately leaving any rockets that were obviously not going to hit anything important.
For example, imagine if several rockets are fired at a hospital. Iron Dome intercepts the rockets, throwing them off course. The rockets then land in parks and parking lots, killing no one.
Under Postol's standards, that's a complete failure. Because the warheads weren't destroyed.
But most people would judge that as a major success.
Assuming the rockets are reasonably accurate and targeted to do the most damage possible, simply damaging the rockets and changing their path is a success.
You're seriously overestimating the quality of the Palestinian rockets. See this http://mondoweiss.net/2012/11/dissecting-idf-propaganda-the-... article for the numbers. 12000 fired rockets yielding 26 casualties over a ten year period is not a good record. The number are from before the Iron Dome became operative.
Assuming the rockets are reasonably accurate and targeted to do the most damage possible,
I'm saying this hesitantly, because it has the potential for things to go off the rails into a flame war, but the rockets are very inaccurate -- literally hitting the side of a barn would be a good strike. Damaging them probably reduces the chances of them hitting a high-value target by a few percentage points, but they have no targeting systems on board. They are flung in a general area, and landing in place X or place Y in that general area isn't too much different.
There are also significant psychological factors at play.
Nah; if something is projected to land in a bunch of, say, farmland, then trying to intercept it could make it land someplace worse.
A necessary prerequisite to a missile defense system is a way of telling where rockets are going. Even if they don't have the first, they probably have the second.
I don't see Postol claiming that it doesn't work -- his report is full of theory but very low on numbers. Rather, it seems he is calling for the defenders of the system to provide verifiable numbers, such as "140 inbound targets were defended against, and here are the timestamps, and we intercepted 130 of them, given these timestamps," which could then be checked.
Watching from the outside, I have no particular reason to believe one side or the other.
Postol says maybe 5% of the Iron Dome rockets destroy their targets. A CNN page claimed 95%. This latest Krebs article has the IDF saying 20%.
This whole argument smells like a modern military getting everybody to believe that "Iron Dome is 95% effective", just like everybody knows that the Patriot system was 95% or more effective during Desert Storm I. Or like everybody knows that WMD were found in Iraq after the USA invaded.
That is, Iron Dome is more of a propaganda tool than a real defense system, or maybe its more of a way to funnel money to Rafael and IAI than a real defense system. I doubt we'll ever know. Statistically speaking, there's only a few real secrets, but there's lots and lots of career-ending blunders, accounting oddities, and systems gaming.
That is why there are also things like the TROPHY system for Israel's Merkava tanks or lighter APC like vehicles:
http://www.youtube.com/watch?v=4eCUCBS1SVk
http://en.wikipedia.org/wiki/Trophy_(countermeasure)
Israel is no stranger when it comes to rocket threats and has multiple countermeasures. So far, it seems to work pretty well overall when you look at the number of Israeli casualties due to incoming rocket fire. For the number of shots fired into the country, it is remarkably low even with the horrible accuracy of the rockets being fired.