jump to navigation

I am back ;) “The Markerian Heptad and Understanding Attacker Motivations” February 24, 2020

Posted by Chris Mark in cybersecurity.
Tags: , , , , , , , , ,
add a comment

It has been a bit of time since I have posted.  I am back with a blog post I wrote for AT&T CyberSecurity Blog. Titled, “Understanding CyberAttacker Motivations”  It discusses what I call the “Markerian Heptad” (Yes..I named it after myself 🙂 and describes the 7 basic motivations that underpin why an attacker would target a particular person, company, organization, etc.

“Implementing a risk based security program and appropriate controls against adaptive cyber threat actors can be a complex task for many organizations. With an understanding of the basic motivations that drive cyber-attacks organizations can better identify where their own assets may be at risk and thereby more efficiently and effectively address identified risks.  This article will discuss the Rational Actor Model (RAM) as well as the seven primary intrinsic and extrinsic motivations for cyber attackers.

Deterrence and security theory fundamentally rely upon the premise that people are rational actors. The RAM is based on the rational choice theory, which posits that humans are rational and will take actions that are in their own best interests.  Each decision a person makes is based upon an internal value calculus that weighs the cost versus the benefits of an action.  By altering the cost-to-benefit ratios of the decisions, decisions, and therefore behavior can be changed accordingly. 

It should be noted at this point that ‘rationality’ relies upon a personal calculus of costs and benefits.  When speaking about the rational actor model or deterrence, it is critical to understand that ‘rational’ behavior is that which advances the individual’s interests and, as such, behavior may vary among people, groups and situations.”..READ MORE HERE!

超限战 – “Warfare without Bounds”; China’s Hacking of the US February 24, 2020

Posted by Chris Mark in cyberespionage, cybersecurity, Politics, weapons and tactics.
Tags: , , , , , , , , ,
add a comment


“Pleased to meet you…hope you guessed my name…But what’s puzzling you is the nature of my game.”
– The Rolling Stones; Sympathy for the Devil

UPDATE:  On Feb 10, 2020 The US Government charged 4 Chinese Military Officers with hacking in the 2017 Equifax breach.  On January 28th, the FBI arrested a Harvard professor of lying about ties to a Chinese recruitment effort and receiving payment from the US Government.  The attacks, subterfuge and efforts continue against the US.  Why?  Read the original post form 2016 and learn about Unlimited Warfare.

Original post from 2016: More recently, the With the recent US Government’s acknowledgement of China’s hacking of numerous government websites and networks, many are likely wondering why China would have an interest in stealing employee data?  To answer this question, we need to look back at the 1991 Gulf War. You can read my 2013 Article (WorldCyberwar) in the Counter Terrorist Magazine on this subject.

In 1991, a coalition led by the United States invaded Iraq in defense of Kuwait.  At the time Iraq had the 5th largest standing army in the world.  The US led coalition defeated the Iraqi army in resounding fashion in only 96 hours.  For those in the United States the victory was impressive but the average American civilian did not have an appreciation for how this victory was accomplished.

The Gulf War was the first real use of what is known as C4I.  In short, C4I is an acronym for Command, Control, Communications, Computers, and Intelligence. The Gulf War was the first use of a new technology known as Global Positioning Systems (GPS).  The Battle of Medina Ridge was a decisive tank battle in Iraq fought on February 26, 1991 and the first to use GPS.  In this 40 minute battle, the US 1st Armored Division fought the 2nd Brigade of the Iraqi Republican Guard and won decisively. While the US lost 4 tanks and had 2 people killed, the Iraqis suffered a loss of 186 tanks, 127 Infantry Fighting Vehicles and 839 soldiers captured.  The Chinese watched the Gulf War closely and came away with an understanding that a conventional ‘linear’ war against the United States was unwinnable.

After the Gulf War the Chinese People’s Liberation Army tasked two PLA colonels (Qiao Liang and Wang Xiangsui) with redefining the concept of warfare.  From this effort came a new model of Warfare that is published in the book “Unrestricted Warfare” or “Warfare without Bounds”.  Unrestricted Warfare is just what it sound like.  The idea that ‘pseudo-wars’ can be fought against an enemy.  Information warfare, PR efforts and other tactics are used to undermine and enemy without engaging in kinetic, linear battle.  Below is a quote from the book:

“If we acknowledge that the new principles of war are no longer “using armed force to compel the enemy to submit to one’s will,” but rather are “using all means including armed force and non-armed force, military and non-military, lethal and non-lethal means to compel the enemy to accept one’s interests.”

“As we see it, a single man-made stock-market crash, a single computer virus invasion, or a single rumor or scandal that results in a fluctuation in the enemy country’s exchange rates or exposes the leaders of an enemy country on the Internet, all can be included in the ranks of new-concept weapons.”

It further stated: “… a single rumor or scandal that results in fluctuation in the enemy country’s exchange rates…can be included in the ranks of new concept weapons.”

On April 15, 2011, the US Congressional Subcommittee on Oversight and Investigations conducted a hearing on Chinese cyber-espionage. The hearing revealed the US government’s awareness of Chinese cyberattacks. In describing the situation in his opening remarks, subcommittee chairperman Dana Rohrbacher* astutely stated:

“[The]United States is under attack.”

“The Communist Chinese Government has defined us as the enemy. It is buying, building and stealing whatever it takes to contain and destroy us. Again, the Chinese Government has defined us as the enemy.”

Given the Chinese perspective on Unlimited Warfare, it becomes much more clear that what we are seeing with the compromises are examples of ‘pseudo wars’ being fought by the Chinese.  It will be interesting to see how or if the US responds.

*thank you to the reader who corrected my referencing Mr. Rohrbacher as a female.  My apologies to Chairman Rohrbacher!

Stolen Valor in a Small Town.. “DD214-Recon, Scout/Sniper…and…Now ;)” February 7, 2020

Posted by Chris Mark in Uncategorized.


COBRAUpdate Again!…I have been contacted by someone with a text from the person in question who has offered his “DOD Number”..so I can “check on him”.  Well..all I have asked for is the person’s DD214. I have already requested from the US Archives.  My belief is he never served in ANY capacity but I may be wrong and get an actually DD214. 

The post below was originally written in 2012 when I first began investigating Stolen Valor.  Recently, I had a particularly interesting story come to light. While the Supreme Court has upheld that Stolen Valor(United States v Alverez) is constitutional free right to speech under the 1st Amendment..it does not mean we cannot expose them.  It is also a crime for those who fabricate military honors to defraud others through those efforts.

I was contacted by a few people in a small Kentucky  town called Stanford, KY.  It has a population of about 3,500.  I lived in Kentucky as a child.  Beautiful place, and fine people.  There is, apparently, one individual who is making outlandish claims about being a Marine Sniper.  Some of what I have heard from those who know him (we will just call him Mick T for now) is that he is a “Ghost” (I don’t know where this originated but it is a common statement among valor thieves).  Claims to have “over 200 confirmed kills”…”best friend with Chris Kyle”…”records are all sealed” BS, BS, and more BS. He is, by accounts, profiting from his fraudulent claims.  Lies.

I have personally reached out to this person for clarification on his claims.  Instead of answer the simple question “Have you ever claimed to be a sniper”…he decided the best defense was a good offense and began disparaging me. Well..this has only happened about 50 times in the last 10 years.  Read the post below from 2012.  It includes my DD214(my last one..I have an earlier one, as well).  BTW>.that is a pic of me on the left..

So..YES….I am a real, legit, Marine Sniper..unlike Mick T.  I am a real, qualified Recon Marine.  I have worked Stolen Valor for years and will continue to pursue this case.  I have not published the organization to which he is a president out of a request from members.

I will continue to update this post as I gain more information.  It is troublesome when someone steals valor to promote themselves.  I invite “Mick T” to contact me (3rd request) to resolve this.  Guarantee, I hear nothing but crickets.  It really makes my white hackles….get raised when someone lies about their service like this.


Strangely, someone has been doing a number of searches on subjects such as “chris mark USMC fraud”, “chris mark military fraud”, “chris mark no sniper” and various other topics.  How do I know this?  Good question! I use the standard WordPress analytics plus Google Analytics!  For those companies wondering the value of Google, this should demonstrate that at the very least, you can see what people are trying to find on you!…but…I digress.  To assuage the person, or persons fears that I was not in the military or was somehow fabricating my experience, I have attached the single ‘God like’ document that shows one’s military experience.  The  mysterious, yet reliable DD214!  This is available to any US citizen in the Freedom of Information Act (FOIA). yup..you can request a DD214 on me, your grandfather, your dad, or the president (if he had served).  You can get an FOIA on anyone who has served.  Simply go to archives.gov and check it out!…The picture attached is me, in 1995 with 3rd Force Reconnaissance Company in Hawaii during our June 1995 amphibious operations. I am top row first on the right while AP is bottom row, second from right.  This happens to be the same month that Scott O’Grady was rescued from Bosnia after being shot down in his F16.  Look closely, and you may recognize some faces 😉

It should be noted that I was on active duty twice…once with the USMC and then with the USN as an officer.  This DD214 is my second…it shows the schools and awards but not my units (like 3/6 STA) while enlisted.  That is a separate DD214…

HR 4036, the “Hack Back Bill”; Understanding Active & Passive Deterrence and the Escalation of Force Continuum. May 24, 2018

Posted by Chris Mark in Uncategorized.
add a comment

A post on deterrence theory that is applicable to today’s environment and discussion on guns and school security

Global Security, Privacy, & Risk Management

SMallPirI wrote this original post several years ago but it seems to be more relevant now.   As CNN reports HR4036…”…formerly called the Active Cyber Defense Certainty (ACDC) Act and informally called the hack-back bill – was introduced as an amendment to the Computer Fraud and Abuse Act (CFAA) last week. Its backers are US Representatives Tom Graves, a Georgia Republican, and Kyrsten Sinema, an Arizona Democrat.”

This is a bill that is sound in theory and terrible in practice.  According to the Bill, (named ACDC) it would enable a company to take “..active defensive measures..” to access an attacker’s computer.  This is only applicable in the US…Think about this for a minute.  What is the evidence that I was the attacker of company A?  Maybe (quite possibly…almost certainly) a hackers is using my system as a proxy.  So some company can now attack my personal computer?  What happened to “due…

View original post 3,556 more words

Very good read! April 2, 2018

Posted by Chris Mark in Uncategorized.
add a comment

via The Tremendous Reputation of Those Who Went Before Me

%d bloggers like this: