Interdiction

Last updated

Interdiction is interception of an object prior to its arrival at the location where it is to be used in military, espionage, and law enforcement.

Contents

Military

In the military, interdiction is the act of delaying, disrupting, or destroying enemy forces or supplies en route to the battle area. [1] [2] A distinction is often made between strategic and tactical interdiction. The former refers to operations whose effects are broad and long-term; tactical operations are designed to affect events rapidly and in a localized area.

Types

In different theaters of conflict:

Law enforcement

The term interdiction is also used in criminology and law enforcement, such as in the U.S. War on Drugs and in immigration. [4]

Espionage

United States

The term interdiction is also used by the NSA when an electronics shipment is secretly intercepted by an intelligence agency (domestic or foreign) for the purpose of implanting bugs before they reach their destination. According to Der Spiegel , the NSA's TAO group is able to divert shipping deliveries to its own "secret workshops" in a method called interdiction, where agents load malware onto the electronics or install malicious hardware that can give US intelligence agencies remote access. The report also indicates that the NSA, in collaboration with the CIA and FBI, routinely and secretly intercepts shipping deliveries for laptops or other computer accessories, such as a computer monitor or keyboard cables with hidden wireless transmitters bugs built-in for eavesdropping on video and keylogging. [5]

China

In July 2014 it was reported that handheld shipping image scanners manufactured in China were found with pre-installed, weaponized malware which was capable of exfiltrating CRM data and financial data. These scanners are of the type used by many United States retailers and warehouses, as well as delivery services such as United Parcel Service and FedEx. [6] The scanned data was copied and sent out to an established comprehensive command and control connection (CnC) to a Chinese botnet that was terminated at the Shandong Lanxiang Vocational School located in China. [7]

Related Research Articles

<span class="mw-page-title-main">ECHELON</span> Signals intelligence collection and analysis network

ECHELON, originally a secret government code name, is a surveillance program operated by the five signatory states to the UKUSA Security Agreement: Australia, Canada, New Zealand, the United Kingdom and the United States, also known as the Five Eyes.

<span class="mw-page-title-main">Industrial espionage</span> Use of espionage for commercial purposes rather than security

Industrial espionage, also known as economic espionage, corporate spying, or corporate espionage, is a form of espionage conducted for commercial purposes instead of purely national security.

Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. Researchers tend to classify malware into one or more sub-types.

<span class="mw-page-title-main">National Security Agency</span> U.S. signals intelligence organization

The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collection, and processing of information and data for foreign intelligence and counterintelligence purposes, specializing in a discipline known as signals intelligence (SIGINT). The NSA is also tasked with the protection of U.S. communications networks and information systems. The NSA relies on a variety of measures to accomplish its mission, the majority of which are clandestine. The NSA has roughly 32,000 employees.

<span class="mw-page-title-main">Tempest (codename)</span> Espionage using electromagnetic leakage

TEMPEST is a U.S. National Security Agency specification and a NATO certification referring to spying on information systems through leaking emanations, including unintentional radio or electrical signals, sounds, and vibrations. TEMPEST covers both methods to spy upon others and how to shield equipment against such spying. The protection efforts are also known as emission security (EMSEC), which is a subset of communications security (COMSEC).

<span class="mw-page-title-main">UKUSA Agreement</span> Multilateral signals intelligence treaty signed in 1946

The United Kingdom – United States of America Agreement is a multilateral agreement for cooperation in signals intelligence between Australia, Canada, New Zealand, the United Kingdom, and the United States. The alliance of intelligence operations is also known as the Five Eyes. In classification markings this is abbreviated as FVEY, with the individual countries being abbreviated as AUS, CAN, NZL, GBR, and USA, respectively.

<span class="mw-page-title-main">Five Eyes</span> Intelligence alliance

The Five Eyes (FVEY) is an Anglosphere intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. These countries are parties to the multilateral UK-USA Agreement, a treaty for joint cooperation in signals intelligence. Informally, Five Eyes can refer to the group of intelligence agencies of these countries.

<span class="mw-page-title-main">Special Collection Service</span> Classified joint CIA–NSA program to insert eavesdropping equipment in difficult places

The Special Collection Service (SCS), codenamed F6, is a highly classified joint U.S. Central Intelligence Agency–National Security Agency program charged with inserting eavesdropping equipment in difficult-to-reach places, such as foreign embassies, communications centers, and foreign government installations. Established in the late 1970s and headquartered in Beltsville, Maryland, the SCS has been involved in operations ranging from the Cold War to the Global War on Terrorism.

Signals intelligence by alliances, nations and industries comprises signals intelligence (SIGINT) gathering activities by national and non-national entities; these entities are commonly responsible for communications security (COMSEC) as well.

Cyber spying, cyber espionage, or cyber-collection is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information using methods on the Internet, networks or individual computers through the use of proxy servers, cracking techniques and malicious software including Trojan horses and spyware. Cyber espionage can be used to target various actors- individuals, competitors, rivals, groups, governments, and others- in order to obtain personal, economic, political or military advantages. It may wholly be perpetrated online from computer desks of professionals on bases in far away countries or may involve infiltration at home by computer trained conventional spies and moles or in other cases may be the criminal handiwork of amateur malicious hackers and software programmers.

Rohde & Schwarz GmbH & Co KG is an international electronics group specializing in the fields of electronic test equipment, broadcast & media, cybersecurity, radiomonitoring and radiolocation, and radiocommunication. The company provides also products for the wireless communications, electronics industry, aerospace and defense, homeland security and critical infrastructures.

<span class="mw-page-title-main">Tailored Access Operations</span> Unit of the U.S. National Security Agency

The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32, is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least 1998, possibly 1997, but was not named or structured as TAO until "the last days of 2000," according to General Michael Hayden.

<span class="mw-page-title-main">XKeyscore</span> Mass surveillance system

XKeyscore is a secret computer system used by the United States National Security Agency (NSA) for searching and analyzing global Internet data, which it collects in real time. The NSA has shared XKeyscore with other intelligence agencies, including the Australian Signals Directorate, Canada's Communications Security Establishment, New Zealand's Government Communications Security Bureau, Britain's Government Communications Headquarters, Japan's Defense Intelligence Headquarters, and Germany's Bundesnachrichtendienst.

<span class="mw-page-title-main">Mass surveillance in the United States</span>

The practice of mass surveillance in the United States dates back to wartime monitoring and censorship of international communications from, to, or which passed through the United States. After the First and Second World Wars, mass surveillance continued throughout the Cold War period, via programs such as the Black Chamber and Project SHAMROCK. The formation and growth of federal law-enforcement and intelligence agencies such as the FBI, CIA, and NSA institutionalized surveillance used to also silence political dissent, as evidenced by COINTELPRO projects which targeted various organizations and individuals. During the Civil Rights Movement era, many individuals put under surveillance orders were first labelled as integrationists, then deemed subversive, and sometimes suspected to be supportive of the communist model of the United States' rival at the time, the Soviet Union. Other targeted individuals and groups included Native American activists, African American and Chicano liberation movement activists, and anti-war protesters.

<span class="mw-page-title-main">2010s global surveillance disclosures</span> Disclosures of NSA and related global espionage

During the 2010s, international media reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly relate to top secret documents leaked by ex-NSA contractor Edward Snowden. The documents consist of intelligence files relating to the U.S. and other Five Eyes countries. In June 2013, the first of Snowden's documents were published, with further selected documents released to various news outlets through the year.

<span class="mw-page-title-main">Global surveillance</span> Mass surveillance across national borders

Global mass surveillance can be defined as the mass surveillance of entire populations across national borders.

<span class="mw-page-title-main">Timeline of global surveillance disclosures (2013–present)</span>

This timeline of global surveillance disclosures from 2013 to the present day is a chronological list of the global surveillance disclosures that began in 2013. The disclosures have been largely instigated by revelations from the former American National Security Agency contractor Edward Snowden.

Regin is a sophisticated malware and hacking toolkit used by United States' National Security Agency (NSA) and its British counterpart, the Government Communications Headquarters (GCHQ). It was first publicly revealed by Kaspersky Lab, Symantec, and The Intercept in November 2014. The malware targets specific users of Microsoft Windows-based computers and has been linked to the US intelligence-gathering agency NSA and its British counterpart, the GCHQ. The Intercept provided samples of Regin for download, including malware discovered at a Belgian telecommunications provider, Belgacom. Kaspersky Lab says it first became aware of Regin in spring 2012, but some of the earliest samples date from 2003. Among computers infected worldwide by Regin, 28 percent were in Russia, 24 percent in Saudi Arabia, 9 percent each in Mexico and Ireland, and 5 percent in each of India, Afghanistan, Iran, Belgium, Austria, and Pakistan.

The Equation Group, classified as an advanced persistent threat, is a highly sophisticated threat actor suspected of being tied to the Tailored Access Operations (TAO) unit of the United States National Security Agency (NSA). Kaspersky Labs describes them as one of the most sophisticated cyber attack groups in the world and "the most advanced (...) we have seen", operating alongside the creators of Stuxnet and Flame. Most of their targets have been in Iran, Russia, Pakistan, Afghanistan, India, Syria and Mali.

References

  1. Snider, John A. (1990). "Air Interdiction--Focus For The Future". globalsecurity.org. Archived from the original on Oct 7, 2022.
  2. "Joint Publication 3-03 - Joint Interdiction" (PDF). Intelligence Resource Program. 9 September 2016. Archived (PDF) from the original on Aug 15, 2021.
  3. Wragg, David W. (1973). A Dictionary of Aviation (first ed.). Osprey. p. 164. ISBN   9780850451634.
  4. "Annual report 2009-10" (PDF). Australian Government - Department of Immigration and Citizenship. 2010. p. 152. Archived from the original (PDF) on 2014-02-13.
  5. Appelbaum, Jacob; Horchert, Judith; Stöcker, Christian (29 December 2013). "Catalog Reveals NSA Has Back Doors for Numerous Devices". SPIEGEL ONLINE. Archived from the original on Jun 13, 2024.
  6. Scharr, Jill (15 July 2014). "China-Made Handheld Barcode Scanners Ship with Spyware". Tom's Guide. Archived from the original on Mar 1, 2024.
  7. "Malware Hidden In Chinese Inventory Scanners Targeting Logistics and Shipping Companies". Supply Chain 24/7. 10 July 2014. Archived from the original on Jan 1, 2020.