The National Cyber and Information Security Agency, registered office at Mučednická 1125/31, 616 00 Brno, pursuant to §12 paragraph 1 of the Act No. 181/2014 Coll. on Cyber Security and Change of Related Acts (Act on Cyber Security), as amended, issues this
w a r n i n g :
The use of technical or program tools of the following companies, including their subsidiary companies, poses a threat to the cyber security.
– Huawei Technologies Co., Ltd., Shenzhen, People’s Republic of China
– ZTE Corporation, Shenzhen, People’s Republic of China
R E A S O N I N G
1) On the basis of the facts found during the execution of its competence, the National Cyber and Information Security Agency (hereinafter referred to as “NCISA”) has found that the use of the technical or program tools of the aforementioned companies poses a threat to the cyber security and therefore, pursuant to §12 paragraph 1 of the Act on Cyber Security, issues this warning.
2) NCISA’s competence to issue this warning is embedded within the provisions of §22, b), of the Act on Cyber Security, which empowers it to issue measures. Pursuant to §11 paragraph 2 of the Act on Cyber Security, these measures also include a warning under §12 of the Act on Cyber Security.
3) This warning has been issued based on the following findings.
4) The legal and political environment of the People’s Republic of China (“PRC”) in which the companies primarily operate and whose laws are required to comply with, requires private companies to cooperate in meeting the interests of the PRC, including participation in intelligence activities etc. At the same time, these companies usually do not refrain from such cooperation with the state; in this environment, efforts to protect customers’ interests at the expense of the interests of the PRC are significantly reduced. According to available information, there is an organizational and personal link between these companies and the state. Therefore, this raises concerns that the interests of the PRC may be prioritized over the interests of the users of these companies’ technologies.
5) The PRC actively promotes its interests in the territory of the Czech Republic, including a conduct of influence and espionage intelligence activities (see, for example, Security Information Service Annual Report for 2017).
6) The security community’s findings on the activities of these companies in the Czech Republic and around the world, which are available to NCISA, raise reasonable concerns about the existence of potential risks in using the technical or program tools they provide to their customers in order to support the interests of the PRC.
7) The technical and program tools of the aforementioned companies are being supplied to the information and communication systems that are or may be of strategic importance from the national security standpoint. Disruption of information security, i.e. disruption of the availability, integrity, or confidentiality of information in such information and communication systems can have a significant impact on the security of the Czech Republic and its interests.
8) These facts, in their entirety, lead to reasonable concerns about possible security risks in the use of these companies’ technologies. The degree of potential risk due to the possible impact of information security breaches on information and communication systems relevant to the state is not negligible.
9) NCISA points out that the authorities or persons required to implement security measures under the Act on Cyber Security in connection with risk management pursuant to §5 paragraph 1 h) article 3 of the Decree No. 82/2018 Coll. on Security Measures, Cyber Security Incidents, Reactive Measures, Cyber Security and Data Disposal Submission Requirements (Cyber Security Regulation) in risk assessment and risk management plan shall take into account measures pursuant to §11 of the Act on Cyber Security. One of these measures is also a warning pursuant to §12 of the Act on Cyber Security.
10) NCISA points out that the authorities or persons required to implement security measures under the Act on Cyber Security in connection with risk management pursuant to §4 paragraph 1 c) and paragraph 2 c) of the Decree No. 316/2014 Coll. on Security Measures, Cyber Security Incidents, Reactive Measures, and Cyber Security Submission Requirements (Cyber Security Regulation) shall take into account threats and vulnerabilities. With regard to the transitional provision in §35 of the Decree No. 82/2018 Coll. on Security Measures, Cyber Security Incidents, Reactive Measures, Cyber Security and Data Disposal Submission Requirements (Cyber Security Regulation), these are the administrators and operators of the Critical Information Infrastructure information systems and the administrators and operators of the Critical Information Infrastructure communication systems, in case these systems were designated before May 28, 2018, as well as the administrators and operators of important information systems that met the criteria before May 28, 2018.
11) NCISA further points out that, pursuant to §4 paragraph 4 of the Act on Cyber Security, the authorities and persons referred to in §3 c) to f) of the Act on Cyber Security are required to take into account requirements arising from security measures during the selection of a supplier for their information or communication system, and include these requirements in a contract concluded with the supplier. Taking into account the requirements arising from security measures under the first sentence to the extent necessary to meet the obligations under the Act on Cyber Security cannot be considered an unlawful restriction of competition or an unjustified obstacle to competition.
In the last seven years, Russia has reasserted itself as a military force in Eastern Europe and the Caucasus. With the 2008 military incursion into Georgia and the 2014 seizure of Crimea and support for pro-Russian separatists in Ukraine, Russia has assumed a more aggressive, interventionist stance in Europe. In the effort to influence events in Ukraine, the Russians have used what the US Army defines as “Hybrid Warfare” to infiltrate, isolate, and dominate eastern Ukraine and Crimea. This is all a part of the strategy of what can be called “Indirect Action”—the belief by the Russians that they reserve the right to protect ethnic Russians and interests in their former states from domination by Western powers and NATO.
It is important to note that the Russians do not use the terms Hybrid Warfare or Indirect Action to describe these tactics. These are terms that the Western media, think tanks, and analysts have developed to define this method of warfare. The Russians have used terms such as indirect, asymmetrical, and non-linear when discussing what is commonly referred to as Hybrid Warfare. Hybrid Warfare is a part of the strategy/policy of what can be called Indirect Action that the Russians believe is essential to protect their interests in their former satellite states (referred to as “the near abroad”). To the Russians, using covert methods, information warfare (INFOWAR), and special operations troops to make up for conventional disadvantages has been the norm for decades. Because the terms Hybrid Warfare and Indirect Action are familiar, they will be used throughout this report in reference to Russian indirect, asymmetrical, and nonlinear tactics.
This Threat Tactics Report (TTR) will focus on three distinct operations—Georgia in 2008, Crimea in 2014, and eastern Ukraine in 2014–2015. The TTR will present and analyze the tactics used in these conflicts, the lessons learned, and adjustments made by the Russian Armed Forces.
The Russians have employed Hybrid Warfare and Indirect Action to counter NATO and Western influence for over seventy years.Hybrid
Warfare is the use of political, social, criminal, and other non-kinetic means employed to overcome military limitations.1Indirect Action
can be defined as the need for Russia to defend its interests and sphere of influence in its former states and satellites.
Although Western observers characterize the actions of Russian Armed Forces as hybrid warfare, the Russian Army practices its long-established tactics with new attention to advanced developments in many areas such as precision weapons, command and control (C2) and intelligence surveillance and reconnaissance (ISR), and electronic warfare (EW), and including direct and indirect application of these. The nature of these tactics is derived from Russia’s focused assessment of specific neighborhood threats and its long-time focus on security superiority in its Near Abroad.
Russia continues to maintain military bases in its former states to exert influence and control.
The Russians used conventional tactics in Georgia in 2008 and used indirect and asymmetric approaches in Crimea in 2014 and eastern Ukraine in 2014-2015.
The Euromaidan protests and overthrow of the Yanukovych government triggered the Russian incursion into Crimea and the seizure of the naval base at Sebastopol.
Russian intelligence operatives and SPF were instrumental in the success of the Crimea operation and are now assisting pro-Russian separatists in eastern Ukraine.
Russia may use these tactics in other areas such as Moldova, Transniestra, and the Baltic states.
Crimean Takeover: Operational Overview
Crimea has long sought its independence from Ukraine because of its protracted association with Russia and the people’s desire to rejoin the Russian Federation. Crimea had become the home to a large ethnic Russian population, many of which had served in the Soviet/Russian military. As far back as February 1994, Crimean politicians would make speeches declaring the Crimeans not only sought separation from Ukraine, but also a unification of Crimea with Russia. When Yuriy Meshkov won the first and only independent Crimean presidential election in 1994 with 73% of the votes, he stated, “In spirit, the Crimean people have been and remain part of Russia.” During the next couple of years, Ukrainian marines took possession of a number of naval facilities on Crimea, evicted the pro-Russian political leaders in Crimea, and ended the short-lived independent Crimea on 17 March 1995. With protests from Moscow, this eventually led to the 1997 treaty that divided the Russian naval facilities between the two countries and allowed for the Russians to maintain a military presence in Crimea, primarily to support the Russian navy’s Black Sea Fleet. One of the most overlooked clauses in the agreement which allowed the February/March 2014 events to take place was the section that permitted Russian forces to implement not only security measures at their own permanent bases in Crimea, but to provide security for their own forces during deployment and redeployment movements to and from Russia. In the early stages of the crisis in late February 2014, this very minor clause in the treaty allowed the Russian military to move initially around Crimea without interference by any Ukrainian military personnel under the guise of the movement authorized by the military agreement between the two countries.
The Russian military launched their operation in Crimea less than a week after Ukrainian President Viktor Yanukovych signed an agreement with the opposition political leaders on 21 February 2014 that confirmed early presidential elections would take place by the end of the year, ensured a national unity government would be created within a month, and guaranteed Ukraine would return to its 2004 constitution. Yanukovych then fled Kiev within 24 hours, however, instead of remaining in Ukraine to abide by the agreement. The timing also coincided with the scheduled military maneuvers in the Russian Central and Western Military Districts that obscured the Russian troop movements into the peninsula. The map in Figure 8 indicates the various activities from unclassified sources that took place in Crimea between the night of 27 February 2014 and 25 March 2014, when the Ukrainian government pulled its military forces from Crimea and ceded control of the peninsula to the Crimean “defense forces” backed by Russian military forces.
A North Korean regular infantry division is the most likely type of division a US unit would face on the Korean peninsula. While the Korean People’s Army (KPA) fields armor and mechanized units, the number of regular infantry units far exceeds the other types (pg 3).
KPA offensive operations include the heavy use of artillery with chemical munitions; a primary focus of attacks on combat support (CS), combat service support (CSS), and command and control (C2) units; and deep operations conducted by KPA special-purpose forces (SPF) (pgs 3–4, 11–16, 21–23).
KPA defensive operations focus on the elimination of enemy armor through the heavy use of artillery; battalion, regiment, and division antitank kill zones; and the use of counterattack forces at all levels above battalion-sized units (pgs 16–19, 23–26).
While US forces will face KPA conventional infantry to their front, KPA SPF will initiate offensive operations in the US/South Korean rear areas to create a “second front” (pgs 15–16).
KPA regular forces and SPF will remain in place to conduct stay-behind annihilation ambushes on CS, CSS, and C2 units passing through the passed unit’s area of operations (pg 25).
The KPA divisions are already prepared to fight US and Republic of Korea (ROK) forces today. The vehicles and equipment may be different in the future, but their tactics and techniques will be similar to those used today (pgs 10–26).
Since 2003, the KPA has created seven divisions that are specialized to operate in urban and mountain terrain using irregular warfare techniques. It is expected that the KPA will use several techniques deemed successful in Afghanistan and Iraq against US/ROK forces (pg 20).
TRADOC G-2 ACE Threats Integration (ACE-TI) is the source of the threat tactics series of products. The Threat Tactics Report: North Korea versus the United States (US) and the other similar products serve to describe the foreign nation’s most common combat division with an order of battle, its offensive and defensive doctrine as articulated in its manuals or recent military actions, and an analysis of how this actor would fight if facing the US in the future.
This document is intended primarily for US Army training organizations, but will be applicable across the wider community of US Army Combatant Commands, Army Service Component Commands, and allied partners.
North Korean Infantry Division Major Weapon Systems
The KPA uses a variety of primarily Tier 2, 3, and 4 equipment in its units, as it rarely disposes of any weapons. The best units receive new(er) weapons and their systems are then cascaded through the lower-quality units. Some of the KPA’s weapons and vehicles date back to World War II. Units will attempt to field the same type of weapon systems to reduce logistical issues. The following are some of the major weapons found in a KPA infantry division or infantry regiment.
The KPA prefers the offense over the defense and will stay on the defensive only until it can gather the strength to attack again. The KPA will attempt to avoid US/ROK combat units and will attempt to attack CS, CSS, and C2 units and vulnerable high-value targets in the rear areas in order to reduce the effectiveness of the US/ROK combat units. With assistance in creating a second front via the KPA SPF making these attacks in the US/ROK rear areas, the KPA believes the US/ROK combat units will become combat ineffective, making them vulnerable to KPA follow-on forces.
When forced to go on the defensive the KPA will concentrate its efforts in eliminating its enemy’s tanks. Any units bypassed by enemy forces are directed to continue to fight as a unit or, if the unit becomes combat ineffective, the soldiers are expected by their leaders to continue resistance by conducting irregular warfare operations against any enemy units in their area. Prepared UGFs exist throughout North Korea, especially within 50 miles of the DMZ. If forced on the defensive in these areas, the KPA will fight from these previously prepared positions.
US/ROK units will face intense indirect fire including chemical munitions, conventional KPA units to their front, and SPF elements in their rear areas. US/ROK units will need to simultaneously defeat the KPA divisions attacking their combat units, while defending all units from KPA SPF or stay-behind forces in their rear areas.
TOP SECRET – Defense Intelligence Study About Invisibility
The idea of invisibility has fascinated people for millennia, inspiring many myths, novels, and films. Invisibility cloaking has recently become a subject of science and technology. This paper describes the important current theoretical and experimental developments and tries to project into the future.
Invisibility may be achieved through three principal methods: camouflage, transparency, and cloaking. Many animals and some plants use camouflage to disguise themselves from predators-for example, by assuming the shapes and colors of objects in their surroundings. The military has long used forms of camouflage; a recent military application of camouflage is stealth technology.
Stealth planes have aerodynamically unusual, edgy shapes and are coated with a special material. Both features serve the same purpose: to make the plane “invisible” to radar. How does it work? In radar, electromagnetic microwaves are emitted by a source, and their reflection by an object-an airplane, for example-is detected. From the direction and the time delay of the reflected waves, the direction and distance of the object are inferred. If the object does not reflect the electromagnetic microwaves back to the source, it will not appear on the radar. This is precisely what stealth technology achieves. Owing to the edgy shape of the stealth plane, most of the incident electromagnetic waves are reflected in different directions; the coating of the plane absorbs the rest. In this way, the stealth plane has become completely black in the spectral range of radar. As for radar waves, the sky is black, not blue, and the plane has assumed the color of the background: the stealth plane is camouflaged.
As light is simply an electromagnetic wave with shorter wavelengths than microwave radiation, one could imagine an optical cloaking device as the microwave cloak but with much smaller cells, fitted to the smaller wavelength. However, this simple idea is too simple, for two different reasons. One is that metals like the copper of the circuit board or the gold of ruby glass are more electrically resistant to currents oscillating with the frequency of visible light than to currents in the microwave range of the spectrum. Second, and more important, the cells of a metamaterial also emit electromagnetic radiation in an incoherent way, not just as a coherent response to the incoming electromagnetic wave, similar to the spontaneous emission of light by atoms and molecules. The spontaneous emission is significantly stronger in the optical range of the spectrum. In short, metamaterials do not scale; they must be designed differently for visible light, and the loss of light by absorption and incoherent scattering usually is greater for visible light than for microwaves. Figure 13 below illustrates the idea 19 for an optical cloaking metamaterial. Instead of split-ring resonators, nano-scale metal wires are embedded in a transparent host material, for example glass. The wires replace the split-ring resonators on the circuit board of the microwave-cloaking device. They act similarly to the gold particles embedded in ruby glass; their optical properties depend on their lengths and on their arrangement, which, in principle, can be tailormade and controlled using the tools of modern nanotechnology. The thin wires will have lower electric losses than split-ring resonators, and their radiation losses by the equivalent of spontaneous emission are reduced as well. Such optical cloaking devices do not yet exist, but one can gauge the progress in the required technology by considering the progress in negatively refracting optical materials.
Download the study here: