Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘CyberFAIL’ Category

ASSESSMENT: The Islamic Cyber Resistance: Wikileaks.ir Bin Laden Group and Mossad Dumps

with 3 comments

Screenshot from 2013-12-19 14_04_27

Dmvtz MCB!

The Islamic Cyber Resistance:

It seems that there is a new player in the cyber town and they call themselves the Islamic Cyber Resistance ( هيئة دعم المقاومة الاسلامية في لبنان ) They are loosely affiliated with Anonymous and it also seems perhaps the Syrian Electronic Army due to a combined hack effort recently. In the case of the Wikileaks.ir dump however they seem to be working on their own and doing so because of the loss of Hassan Lakkis a Hezbollah commander who was killed near his home recently. The ICR dump was to “honor” him and to perhaps get people energized to do more even using “rememberhassan” as the password to the rar files uploaded to the net. I do wonder though at just how newly minted the ICR is because they have no Facebook site, no website that can be found as yet and little mention until recently. The are affiliated with Hezbollah notionally and seem to have ties to moqwama.org, the Hezbollah resource site which collects support for the Hezbollah organization. Ostensibly this hack attack against the Mossad and other entities and this dump were revenge for what is perceived as Israel’s killing of Hassan but the realities of the dump (which I will go into below) are much less vengeance and more an attempt to grab the spotlight in the great cyber jihad.

hassan

Hassan Lakkis

Screenshot from 2013-12-20 09:21:39

OPIsrael with Anonymous

Screenshot from 2013-12-20 08:42:01

moqwama.org front page

Screenshot from 2013-12-20 08:46:53

WHOIS of moqwama.org

Wikileaks.ir:

Meanwhile there’s a new Wikileaks in town and that is the Wikileaks.ir domain and site that these dumps were announced and posted on. It seems that the Wikileaks.ir domain has been around for a few years now and stared off as a WordPress site that wanted to be affiliated from the get go. However, it seems that the site was not an official one nor is it today according to what I have found looking around the internet. The domain is currently owned by someone calling themselves Ehsan Goorabi, who according to searches has been a graphic designer/web designer/printer owning his own business called “Lemon Graphics” in Lebanon. It turns out that Eshan is also in fact now a CEH so this kind of ties a nice little cyber bow on him as perhaps being a part of if not the main player in the ICR. The wikileaks.ir site is now getting play within the media and I am sure is getting plenty of traffic. However, after looking at all the dumps on there I just don’t see anything really spectacular in the way of secret information. In fact what can be found is the usual rhetoric and talk but no real shock and awe.

Screenshot from 2013-12-20 08:16:35WHOIS wikileaks.ir

Screenshot from 2013-12-19 14_37_05

Ehsan Goorabi CEH

Screenshot from 2013-12-19 14_42_55

Ehsan Goorabi Printer

Screenshot from 2013-12-20 08:29:14

Wikileaks.ir FOR SALE!

The Dump:

The data dump in memory of Hassan too was pretty much a re-hash of data already out there in other dumps. The alleged hacking of Mossad data (personnel data seen already out there) and the alleged hack of the Bin Laden Group (BLG) Now the ICR and the WL site claims that there is some real bombshell information here but in reality it’s all just common data from the company that was hacked. PDF files and emails on daily business things that after looking at are nothing at all to be interested in even if there are claims of shoddy workmanship and perhaps some fraud. If you listened to the ICR they would have you believe it shows complicity with the government and other terrible things. Honestly though what would this data really mean to anyone within AQ, who nominally are mentioned in the dumps other than a sleight against the Bin Laden family who begat OBL in the first place? I guess time will tell if the dumps get better with this crew but to date they certainly aren’t stellar and more than certainly not worthy of all the press attention that this has garnered them.

Screenshot from 2013-12-20 07:09:57

Cyber Jihad:

So, the cyber jihad is on evidently. Well perhaps not a jihad, but at least a resistance as the moniker places them. It would seem that the ICR and SEA, who are already working together, along with the Wikileaks.ir site may be something to keep an eye on if they get their acts together. SEA has been very active with low end hacks that grab headlines but really don’t create any substantive change. In aligning with the Wikileaks ethos though perhaps they will seek to out corruption within their area of influence. Maybe they will just keep flailing along in hopes of garnering the attention they seek, we shall see in the near future I imagine. I do wonder though at the alleged connections with IRGC though. To date these seem to be just pipe dreams of the media though. I cannot see my way to seeing any kind of IRGC support here because these people lack OPSEC as well as skill it seems from what they have laid out so far. In fact I think SEA, as lame as their attacks have been in real impact, are much more technically capable than the ICR today.

It will be interesting to keep an eye on these guys and see what they come up with next….

K.

Written by Krypt3ia

2013/12/20 at 16:17

Posted in Cyber, CyberFAIL, jihad

DPR: Not so dread inspiring but surely now full of dread….

leave a comment »

DPRFAIL

zwfviyhpjvezupkhcfz?

No one would surrender to the Dread Pirate Ulbricht.

Well the news cycle exploded this week with the arrest of Ross Ulbricht aka DPR or if you like The Dread Pirate Roberts of Princess Bride and now Silk Road fame. The schadenfreude here had been epic as the criminal empire that was one of the largest in the darknet was taken down because the “pirate” could not comprehend how to carry out OPSEC properly. What lead to this guy’s demise was some good old fashioned internet gumshoe work by an SA who also worked on the Sabu case back last year. Ross it seems decided to use his personal Gmail address for postings pimping Silk Road as well as  other assets that tied it all together digitally back to him. Not the best of OPSEC here Ross.

I challenge you to a battle of wits.

Anyway Ross had an idea and that idea was pretty interesting in that he wanted to use the darknet to have a Libertarian nirvana of commerce for just about anything. He set up his site, maintained it himself for a time, and then began to realize that he could not do it alone and this is where things start to go wrong. You see, when you run something yourself you only have yourself to deal with. When you start bringing in people to work for you and they know things about you (and you will always slip up here and give things away unless you are a trained spook) and that makes them a liability to your Operational Security. Ross learned this the hard way I suppose in that he started to feel that people needed to be whacked because they knew too much.

Meanwhile the OPSEC failures that Ross had made were steadily creeping up on him. So too were the UC’s on Silk Road who worked their way into the boards making deals and gaining his trust. In the end Ross decided that one of the UC’s was actually a cool Huggy Bear kind of guy and asked him to whack one of his administrators who he felt was a threat… OOOPS! If it’s one thing a Dread Pirate should know is to “Trust No One” but Ross I guess did not read that lesson in his Econ Theory classes. I guess it’s just another pointer I would make to all of you would be Pirates or Ninja’s out there … You can’t trust anyone. Oh, and yeah unless you are trained for this at say Langley or maybe Академия федеральной службы безопасности Российской Федерации you are more than likely to fuck up majorly and end up in the clink with Ross and many others. I have to say though that the idea of using the darknet and all the means that Ross had put together was a pretty good plan. The only real hitch was that he never took into account that he was going to be going up against a nation state(s) and they always win.

Hey, at least he didn’t fall for that land war in Asia thing right? …..

Look, are you just fiddling around with me or what?

So Ross went on to become the ersatz Walter White of the darknet until one day at his apartment in San Fran his doorbell rang. At the door was ICE/DHS and they had an interesting package for him in their hands. The package was full of ID’s with his face on them but not his name and when asked about them according to the complaint/affidavit his answer was “Anyone could get documents like these online at places like Silk Road” which let me tell you Ross, isn’t the thing you want to be saying here. After some questions and answers it seems the ICE/DHS folks went away which is confusing to me. First off, I surmize that the ICE Q&A was just a front for the FBI’s ongoing investigation into Ross but really, why tip their hand like that? If I were Ross I would have closed the door, waved at the feds through the window, watched them leave and RAN to my system to have a fire sale at Silk Road. I would have chosen a new DPR and been on my way to a non extradition country but ol’ Ross?

…..Nope.

Ross instead of cutting and running doubled down! He went on to do an interview with Forbes and continued on his way doing the business of being the “Dread Pirate” which let me tell you son, was one of the most ballsy and stupid things I have seen since Barrett Brown on camera threatened federal officers lives. Ross what were you thinking? I mean damn dude, did you really think you were Walter White? Oh well I guess time will tell as interviews are carried out or data dumps come from the feds as we go along slouching toward a plea bargain. Perhaps though your cognitive dissonance between personae online and offline just sort of short circuited you out and you couldn’t do anything other than carry on thinking you were covered.

Time will tell… But let this be a lesson to all you would be Pirates out there. You may call yourself a pirate or a ninja or even a Ninja Pirate but you really are just some shmuck with a grandiose sense of the self instilled in you by your helicopter parents who always told you just how fucking special and magnificent you were. So as you sit in federal pound you in the ass prison Ross take heart, for I am sure there will be another DPR someday in the darknets ….Sailing the dark digital waters with the shrieking eels that will some day end up in the cell next to yours where you can commiserate.

K.

Written by Krypt3ia

2013/10/06 at 20:25

WEAPONS OF MASS INANITY: MIKE HAYDEN RETIRES BUT NEVER GOES AWAY

with one comment

MOF

oepseqlrndhrypgwcqvo

LADIES AND GENTS, THE NEW DOCTOR CYBERLOVE IS….

What is it Mike? Why do you feel you need to sit and smirk on panels while spinning more and more exotic fantasist tales about the terrible cyber future out there? For that matter why do you feel compelled to joke about putting Ed Snowden on a kill list? I mean, you are retired man! You should be somewhere warm with your wife, sitting on a porch sipping a warm beer and enjoying life. Instead you are making the rounds trying increasingly more boldly to steal Dr. Cyberlove’s (Richard Clarke) thunder? What is up with you man? I mean are you trying to sell services or some kind of security appliance to the masses now that you are on that sweet sweet government pension? Or is it that you are now able to be the center of attention and talk after being bottled up so long as a secret squirrel at NSA?

Well in any case you are taking THE PRIZE with this little story you told about “CYBER MASS SHOOTERS!!”  WHOA dude you went completely plaid with this one! You have my attention at the very least! Well, that may not be so good though having my attention but I digress. Shall I tell the folks out there what I think about your little story?

*looks conspiratorially at the crowd and ushers them closer with an eyebrow waggle*

BOLLOCKS! It’s absolu-fucking-lutely bollocks my friend! Holy what the hell? Dude you are delusional and those panels that people are inviting you to increasingly are going to be comprised of you and Alex Jones having aneurysm fights.

ZOMG IT’S A CYBER MASS SHOOTER WITH METASPLOIT! TAKE COVER!

The fastest-growing cyber threat is from a kind of digital mass shooter, a deranged or outraged hacker able to obtain cyberweapons currently available only to nation-states and organized crime, a former senior U.S. intelligence official said Thursday.

“They’re just mad, they’re mad at the world,” said retired Air ForceGen. Michael Hayden. “They may have demands that you or I cannot understand.”

Mr. Hayden warned that within five years hackers “will acquire the [cyberattack] capabilities that we now associate with criminal gangs or nation states,” such as being able to conduct online sabotage of industrial control systems that run power plants, factories and utilities.

Looks at that statements over and over and over again always having the same vapor lock.. HOLY WTF? Who do you think invented this shit in the first place? The hackers, the criminals, and YOU GUYS Mike! I cannot fathom just how clueless Mike seems here. I mean, he was in charge of the NSA so how could he be so out of touch? Perhaps he has early onset Alzheimers? Did he eat the British beef in the 80’s? 

*shakes head*

Ok so yeah “cyber mass shooters” I am trying to stifle a giggle every time I say it in my head. I don’t think Mike has really thought this one through. Has he seen the hackers out there? Has he got a good grasp of the infrastructure as well that we have? I mean HOLY COW! First off, let’s look at the hackers. It would take a cabal to do what he is talking about. The only cabals I know of are the criminal gangs, the nation states, and maybe Anonymous. So yeah, it’s all groups Mike, not one sole hacker master mind. I mean really, we aren’t all Thomas Jane ya know..

*slips in Die Hard refence #score!*

Next we have the idea that one sole hacker is going to be able to attack the “infrastructure” in a way that will be able to take it down. Uh yeah Mike, I’m sorry but that is just not so easy. I mean, it’s not like all the power companies run all the same things and are all connected to the same subnet mmkay? No Mike, it will take nation state patience, money, and access to take down a section of the grid for example and cause mass annoyance. There will not be “mass casualties” as you allude to and what did you say.. “Dislocation”???

Head—>Desk—>Head—>Desk

Following that stellar statement we have this claptrap about how the hacker can now have “cyber weapons” like those of the nation state. Let me disabuse you of this notion right now Mikey…

WE ALREADY HAVE THEM! AND WE ARE MAKING THEM EVERY DAY!

The derp on that statement makes me want to just punch some small furry critter in the nuts man. SEE WHAT YOU DO TO ME MIKE!?!? Look, if you have a copy of Metasploit you are now actually, according to you Mike, A MASS CYBER SHOOTER! Your statement is infantile and it is the WORST type of fear mongering I have seen since your predecessor Dr. Cyberlove (aka Richard Clarke)

*hangs head*

Lastly, let’s talk about this infinitely stupid comment about how the “mass cyber shooter” may have no “demands” that we can understand.

*blink*

What? Just how many movies have you been watching since you retired man? I think you have some real misinformation in your head from watching one too many Die Hard movies my friend. Wow.. Just WOW man! I am in awe of your derp on this one and that is a hard thing for me to do. I am almost speechless here …. Well not really.

THE NEW MINISTRY OF FEAR

Finally I think Mike has envisioned a new “Ministry of Fear” for us all to cling to in troubled times. He will be in charge of the ministry and he will make the rounds to all of the appropriate places to spew his stories of “cyber mass shooters” to a ravening lame stream media machine. Your hopes I am sure, are that you and your pals can scare the straights into compliance with the NSA pogroms you and yours have been carrying out and are now in trouble over. As long as you keep the fear levels at the right height, you and your pals can keep on keepin on with the tacit approval from the people.

Mike, you’d be wrong.

The Ministry of fear will fail and as long as you are out there saying these epic derptastic things I will be here countering them on my measly little blog. So, for the news media I will now break this down into small bytes, which I will then puree into a nice baby food consistency for you to slurp down.

//BEGIN

  1. There will be no singular cyber mass shooter it takes too much effort and coherence to pull something off like this.
  2. WE ALREADY HAVE THE TECH TO WREAK HAVOC I MEAN, HAVE YOU SEEN ANONYMOUS? MASS ANNOYANCE IS ALREADY HERE!
  3. If demands are made sure, you may have to look up some terms on Wikipedia or 4chan but hey, you will understand what “we” want so rest assured you will know.
  4. FINALLY: NO NO NO NO THE GRID WILL NOT COLLAPSE FROM A HACKER. THIS IS NOT A BRUCE WILLIS FILM! THE END IS NOT NYE.

END\\

God I need a drink…

K.

Written by Krypt3ia

2013/10/04 at 18:36

So here’s my thing….

with 3 comments

dark_of_night_OURO

VQX HWMVCUSE JQJFASSNTG QV! X HQ JD ISIAVVE!

Face it.. We are all PWND six ways to Sunday

Every frigging day we hear more and more about how the NSA has been emptying our lives of privacy and subverting the laws of this land and others with their machinations. It’s true, and I have been saying as much since the day Mr. Klein came out of his telco closet and talked about how the NARUS system had been plugged into the MAE West back in the day. We are all well and truly fucked if we want any kind of privacy today kids and we all need to just sit back and think about that.

*ponder ponder ponder*

Ok, I have thought about it and I have tried to think of any way to protect myself from the encroachment of the NSA and all the big and little sisters out there. I am absolutely flummoxed to come up with any cogent means to really and truly protect my communications. Short of having access to the NSA supercloud and some cryptographers I don’t think that we will not truly have any privacy anymore. If you place it on the net, or in the air. We have reached in my opinion the very real possibility of the N-Dystopia I have talked about before in the Great Cyber Game post.

As the pundits like Schneier and others groan on and on about how the NSA is doing all of this to us all I have increasingly felt  the 5 stages of grief. I had the disbelief (ok not completely as you all know but the scope was incredible at each revelation) Then the anger came and washed over me, waves and waves of it as I saw the breadth and scope of the abuse. Soon though that anger went away and I was then feeling the bargaining phase begin. I started to bargain in my head with ideas that I could in fact create my own privacy with crypto and other OPSEC means. I thought I could just deny the government the data. I soon though began to understand that no matter what I did with the tools out there that it was likely they had already been back door’d. This came to be more than the case once the stories came out around how the NSA had been pressuring all kinds of tech companies to weaken standards or even build full back doors into their products under the guise of “National Security”

Over time the revelations have all lead to the inescapable truth that there is nothing really anyone can do to stop the nation state from mining our communications on a technological level. Once that had fully set in my mind the depression kicked in. Of late I have been more quiet online and more depressed about our current state as well as our future state with regard to surveillance and the cyberwarz. I came to the conclusion that no matter the railing and screaming I might do it would mean nothing to the rapidly approaching cyberpocalypse of our own creation arriving. ….In short, we can’t stop it and thus the last of the five stages for me has set in. I accept that there is nothing I can do, nay, nothing “we” can do to stop this short of a bloody coup on the government at large.

I now luxuriate in my apathy and were I to really care any more I would lose my fucking mind.

OPSEC! OPSEC! OPSEC!

Speaking of losing one’s mind.. Lately people all have been yelling that OPSEC is the only way! One (the gruqq) has been touting this and all kinds of counterintelligence as the panacea for the masses on these issues. Well, why? Why should we all have to be spies to just have a little privacy in our lives huh? I mean it’s one thing to be a shithead and just share every fucking stupid idea you have on FriendFace and Tweeter but really, if you can’t shut yourself up that is your problem right? No, I speak of the every day email to your mom telling her about your health status or maybe your decision to come out etc. Why should the government have the eminent domain digitally to look at all that shit now or later?

If you take measures to protect these transactions and those measures are already compromised by the government why then should you even attempt to protect them with overburdened measures such as OPSEC huh? I mean, really if you are that worried about that shit then go talk to someone personally huh? I know, quite the defeatist attitude I have there huh? The reality is that even though I claim not to be caring about it (re: apathy above) I actually do but I realize that we no longer have privacy even if we try to create it for ourselves with technical means. If the gov wants to see your shit they will make a way to do so without your knowing about it. I fully expect someday that they will just claim eminent domain over the internet completely.

Fuck OPSEC.. I want my government to do the right thing and not try to hide all their skirting of the law by making it classified and sending me an NSL that threatens to put me in jail for breaking the law.

Fuck this shit.

CYBERWARZ

Then we have the CYBERWARZ!! Oh yeah, the gubment, the military, and the private sector all have the CYBERWARZ fever. I cannot tell you how sick of that bullshit I am really. I am tired of all the hype and misdirection. Let me clear this up for you all right here and right now. THERE IS NO CYBERWAR! There is only snake oil and espionage. UNTIL such time as there is a full out kinetic war going on where systems have been destroyed or compromised just before tanks roll in or nukes hit us there is no cyberwar to speak of. There is only TALK OF cyber war.. Well more like masturbatory fantasies by the likes of Beitlich et al in reality. So back the fuck off of this shit mmkay? We do not live in the world of William Gibson and NO you are not Johnny Mnemonic ok!

Sick. And. Tired.

I really feel like that Shatner skit where he tells the Trekkies to get a life…

Awaiting the DERPOCALYPSE

All that is left for us all now is the DERPOCALYPSE. This is the end state of INFOSEC to me. We are all going to be co-opted into the cyberwarz and the privacy wars and none of us have a snowball’s chance in hell of doing anything productive with our lives. Some of us are breaking things because we love it. Others are trying to protect “ALL THE THINGS” from the breakers and the people who take their ideas and technologies and begin breaking all those things. It’s a vicious cycle of derp that really has no end. It’s an ouroboros of fail.

RAGE! RAGE! AGAINST THE DYING OF THE PRIVACY! is a nice sentiment but in reality we have no way to completely stop the juggernaut of the NSA and the government kids. We are all just pawns in a larger geopolitical game and we have to accept this. If we choose not to, and many have, then I suggest you gird your loins for the inevitable kick in the balls that you will receive from the government eventually. The same applies for all those companies out there aiding the government in their quest for the panopticon or the cyberwarz. Money talks and there is so much of it in this industry now that there is little to stop it’s abuse as well.

We are well and truly fucked.

So, if you too are feeling burned out by all of this take heart gentle reader. All you need do is just not care anymore. Come, join me in the pool of acceptance. Would you care for a lotus blossom perhaps? It’s all good once you have accepted the truth that there is nothing you can do and that if you do things that might secure you then you are now more of a target. So, do nothing…

Derp.

K.

Book Review: An Introduction to Cyber-Warfare: A Multidisciplinary Approach

with one comment

cyberwarprimer

IJPFRH CPAGP EIIL!

CYBER CYBER CYBER!

CYBER CYBER CYBER! or “CRY HAVOC AND LET SLIP THE DIGITAL DOGS OD CYBER WAR!”” is often what you hear from me in a mocking tone as I scan the internet and the news for the usual cyber-douchery. Well this time kids I am actually going to review a book that for once was not full of douchery! Instead it was filled with mostly good information and aimed at people who are not necessarily versed at all in the cyberz. I personally was surprised to find myself thinking that I would approve this for a syllabus (as it has been placed into one by someone I know and asked me to read this and comment)

The book really is a primer on IW (Information Warfare) and Cyber-Warfare (for lack of a better nomenclature for it) which many of you reading my blog might be way below your desired literacy level on the subjects. However, for the novice I would happily recommend that they read the book and then spend more time using ALL of the footnotes to go and read even more on the subject to get a grasp of the complexities here. In fact, I would go as far as to say to all of you out there that IF you are teaching this subject at all then you SHOULD use this book as a starting point.

I would also like to say that I would LOVE to start a kickstarter and get this book into the hands of each and every moron in Congress and the House. I would sit there and MAKE them read it in front of me *surely watching their lips move as they do so* There are too many people in positions of power making stupid decisions about this stuff when they haven’t a single clue. I guess the same could be said about the military folks as well. We have plenty of generals who have no idea either.. That’s just one man’s opinion though.

As we move further and further down the cyber-war road I think that books like this should be mandatory reading for all military personnel as well as college level courses in not only IW/INFOSEC but also political and affairs of state majors as well. We will only continue down this road it seems and it would be best for us all if the next wave of digital natives had a real grasp of the technologies as well as the political, logical, and tactical aspects of “Cyber”

I have broken down the book into rough chapters and subject areas as it is within the book (mostly) It really does cover more of the overall issues of cyber-warfare and methods used (not overly technical) The modus operandi so to speak of the actual events that have taken place are laid out in the book and give you a picture of the evolving of IW to what we see today as “cyber-warfare” I will comment on those sections on what I thought was good and what I thought was derpy of course, I mean would you all have it any other way?

IW (INFORMATION WARFARE) RUSSIA

The authors cover early IW with the Russian saga’s over Georgia and Estonia. There is a lot in there that perhaps even you out there might not know about the specifics of the incidents where Russia is “alleged” to have attacked both countries at different times with different goals and effects. Much of this also touches on the ideas of proxy organizations that may or may not be state run that were a part of the action as well as a good overview of what happened.

In the case of Georgia it went kinetic and this is the first real “cyber-warfare” incident in my mind as cyber-war goes. I say this because in my mind unless there is an actual kinetic portion to the fighting there is no “war” it is instead an “action” or “espionage” so in the case of tanks rolling in on Georgia we have a warfare scenario outright that was in tandem with IW/CW actions.

OUR CHINESE OVERLORDS

Ah Chairman Meow… What book on Cyber would be complete without our friends at the MSS 3rd Directorate huh? Well in the case of this primer it gets it right. It gets across not only that China has been hacking the living shit out of us but also WHY they are doing it! The book gives a base of information (lots of footnotes and links) to ancillary documentation that will explain the nature of Chinese thought on warfare and more to the point Cyber-Warfare. The Chinese have been working this angle (The Thousand Grains of Sand etc) for a long time now and there are more than a few treatises on it for you to read after finishing this book.

The big cases are in there as well as mention of the malware used, goals of the attacks and some of the key players. If you are out to start teaching about Chinese electronic/cyber/IW then this is a good place to start. Not too heavy but it gets the point across to those who are not so up to speed on the politics, the tech, or the stratagems involved.

ANONYMOUS/SEA/LULZSEC

Anonymous, as someone on my Twitter feed was just asking me as I was writing this piece, is also a part of this picture as well. The idea of asymmetric online warfare is really embodied by these groups. The book focuses more on Lulzsec and their 50 days of sailing but it doesn’t go too in depth with the derp. Suffice to say that all of them are indeed important to cyber-warfare as we know it and may in fact be the end model for all cyber-warfare. How so? Well, how better to have plausible denyability than to get a non state group to carry out your dirty war? Hell, for that matter how about just blame them and make it look like one of their ops huh?

Oddly enough just days ago Hammond wrote a piece saying this very thing. He intoned that the FBI via Sabu were manipulating the Anon’s into going after government targets. This is not beyond comprehension especially for places like China as well. So this is something to pay attention to. However, this book really did not take that issue on and I really wished that they had. Perhaps in the next updated edition guys?

THE GRID

OY VEY, the “GRID” this is one of the most derpy subjects usually in the media as well as the books/talks/material on cyber-warfare out there. In this case though I will allow what they wrote stand as a “so so” because they make no real claim to an actual apocalypse. Instead the book talks about the possible scenarios of how one could attack the grid. This book makes no claim that it would work but it is something to think about especially if you have an army of trained squirrels with routers strapped to their backs.

It is my belief that the system is too complex to have a systematic fail of apocalypse proportions and it always has been so. If the book talked about maybe creating a series of EMP devices placed at strategic high volume transformers then I would say they’d be on to something. However, that said, the use of a topological attack model was a good one from a logical perspective. They base most of this off of the Chinese grad students paper back years ago so your mileage may vary. So on this chapter I give it a 40% derp.

WHAT’S MISSING?

All in all I would have liked to have seen more in the political area concerning different countries thought patterns on IW/CW but hey, what can ya do eh? Additionally I think more could have been done on the ideas of offense vs. defense. Today I see a lot of derp around how the US has a GREAT OFFENSIVE CAPABILITY! Which for me and many of you out there I assume, leads me to the logical thought conclusion of “GREAT! We are totally offensive but our defense SUCKS!” So much for CYBER-MAD huh?

I would have also like to have seen more in the way of some game theory involved in the book as well concerning cyber-warfare. Some thought experiments would be helpful to lay out the problems within actually carrying out cyber-war as well as potential outcomes from doing so more along the lines of what I saw in the Global Cyber-Game.

OVERALL TAKE

Well, in the end I think it is a good start point for people to use this in their syllabus for teaching IW/CW today. It is a primer though and I would love to see not only this end up on the list but also the Global Cyber Game as well to round out the ideas here. To me it is more about “should we do this?” as opposed to “LETS FUCKING DO THIS!” as the effects of doing so are not necessarily known. Much of this territory is new and all too much of it is hyped up to the point of utter nonsense. This is the biggest problem we have though, this nonsense level with regard to the leaders of the land not knowing anything about it and then voting on things.

We need a more informed populace as well as government and I think this book would be a good start. So to the person who asked me to review this..

Put it in the syllabus!

K.

The Global Cyber Game

with one comment

globalcybergame

bqrebnbtsinmpvcdro

The Global Cyber Game:

I had been meaning to write about this before when I had originally read the text but things got in the way as usual (work, more work, some more work after that, Defcon/Bsides) Now though I am in a space where I can reflect back on this paper and write about it here for you all to see. The Defence Academy (UK) put this together to describe how we might approach “cyberwar” on the level of game play or game theory. They constructed a board and began to set to the task of creating game play and tactics given certain scenarios in the cyber world. (see image of game board below) You can actually play this game if you create a board from this design and work within the rules of game theory but this is not why I find this treatise so important.

globalcybergame1

What I find most interesting is the actual scenario’s that play out within the game play as well as the end game status that the paper puts it all down to in the end of N-Utopia and N-Dystopia. As one can gather from the inherent meaning of the words, N-Utopia means that we all work out our problems globally and work on bettering society (which in the Nash equations is the best play) or we end up with N-Dystopia, a Balkanization of the net, and warfare that scales all levels up to kinetic and will be the death of us all. Can you guess where I think we are right now on the N-scale? Yes, you’d be right to lean toward the N-Dystopia area. In fact I would even like to see that idea rendered in a new way with an older iconography, that being the Doomsday Clock analogy. Perhaps someone can take that up online and create one for the cyebrwarz eh?

Power Dimensions:

What must be taken into account in the great cyber game is that all of this is centered around power plays. The use of information as power, the use of information to effect actions vis a vis “power” and the varying types of power that are being wielded by the players. This paper covers this idea pretty well and should be required reading for anyone looking to study cyber-warfare along side Clausewitz and other more well known pieces of doctrine. Some however may already be familiar with the ideas of hard and soft power but let’s take that into the electronic warfare arena which is a bit harder to scope today.

  • Hard power
    • Overt threats and rewards
    • Kinetic action
    • Coercion
  • Soft power
    • Cooperation
    • Co-Option

Both of these types of dynamic play off of one another and work in tandem. There actually is a whole spectrum of power plays that can be derived from these basic premises but I will not go into all that here. To date I have seen an abundance of hard power tactics being employed on the game board and I fear that that seems to be what the governments of the world have locked on to as their aegis. I would love for more to try the soft power tactics and methods but I am too much of a realist to hope that it will ever really happen.

The game play today that we are all seeing unfold before us is the hard power of Stuxnet or the ramping up of every piece of malware and 0day conceivable being purchased by the US government or others in an effort to be superior when the battle comes. That is though when they are not using those said same exploits in the darker games of realpolitik that they are prosecuting now. As I see it now we are hurtling towards a massive cyberfail of our own making and the real cost of the bad play will be economies around the world and other collateral damage that may not be an apocalypse as we currently understand them to be.

The power dimensions portion of this paper is quite enlightening and you should broaden the scope of how those plays are made with information and the internet. One must understand the playing field as well as the weapon you wield. This is the main problem I have of late is that all too many people and governments are not understanding the game play, the field of play, nor the tools they are using (pieces) well enough to play the game well. This makes not only for bad play, but in this game there are real world consequences for us all when some government or actor does something immensely stupid.

Cyber Games Today:

So what are we seeing today that has me worried? Well, we have the cybergames with Stuxnet and other malware to start. I liken the release of Stuxnet as skin to the release of a biotoxin or virus that eventually will be re-worked or manipulated into a more fearsome weapon. These are not one use tools, they are in fact re-usable and re-tune-able. Once these things are out there is no controlling them and with the idea of Stuxnet you have something that was used against one target but could affect hundreds more in friendly countries if they had the same configuration.

Another cybergame being played today is the new surveillance state that we find ourselves in. It seems in the case of the US we have people who are interpreting our Constitution to suit their needs under the rubric of protecting the homeland. This cybergame is all about information and the power dimension of controlling it. I have been watching this Snowden affair unfold and frankly I am frightened of the capabilities that the NSA has but I am much more scared that they claim that they are protecting us while a Snowden subverts the very systems they are saying cannot be misused. This particular cybergame when looked at, show’s all of the hard and soft power dimensions at play with the media and the law. This should also be brought into the cyber game play as well.

Yet another cybergame going on is within the public/private sector and I call the “Patriot Games” What I mean by this is that we have non state actors playing rolls of asymmetric warriors online to effect whatever change they see fit. A certain un-named clown for one is a primary actor in this space and really started the trend in my opinion. The cybergamers here are vigilantes nothing more and nothing less and may or may not have an effect on the grander scheme of things on the net and in public policy. For the most part however, these players are on the hard power end of the spectrum and thus just mostly come off as thugs.

Lastly, the cybergame that seems to be the one with the most chance of playing in the larger space is that of Anonymous. Anonymous has been able to leverage many players into semi cogent action and could in the future have a real effect on policy and other dimensions within the cybergame play. The only reason that I place Anon into this game is because of that mobilizing force that they seem to carry. If motivated and able to be cohesive enough this group could affect the greater games being played and have on a microcosmic scale thus far in recent history.

In all, the games that are being played, and they are games, all serve as a means to an end for those paying attention to understand and perhaps help those in the seat of power how not to play the game at all. Our petty squabbling on the internet is just that. The reality is that the net is important and much of our lives today require it to run smoothly but if the net were to go down permanently our society would not utterly collapse. We would survive and we would re-build. The question then becomes would we have learned from it and do things better the next time around?

Cyber-Utopia and Cyber-Dystopia:

The idea of Cyber-Utopia is a far fetched one in my mind and probably many others out there. This would be a great thing if we could make it happen but given the petty nature of our.. well nature.. We will only see this ideal wash up on the rocks and sink into the ocean rather quickly. In the Cyber-Utopia we all work together, we cooperate, and we work towards a better day. … And I just don’t see this happening barring some kind of alien intervention frankly.

Cyber-Dystopia though I am afraid is already the case in many respects. We are seeing an almost Balkanization of the internet today as it is never mind the games being played in reality with Stuxnet and cyberwar. If the N-Dystopia comes to pass we will find ourselves at war with each other constantly in a “cyberworld” much like the episode of STOS “A Taste of Armageddon”  where all warfare is carried out via computer simulations and only the casualties report to be disintegrated as a means to balance it all out. Today though we will see attacks on economies as well as infrastructures to effect “war” (economic, political, or other) on our enemies and the real world costs will have to be measured in profit loss or perhaps even actual loss of human life.

The cyber-dystopia though is more than just an outcome of war. It is the outcome from our own inabilities to work with each other and our ability to rationalize warfare through a non apocalyptic destruction of life. It will be a tit for tat war of attrition that will not lead to any clear victories and certainly not elevate our societies in any way and that is the sad truth of it. Ladies and gents we are already in the dystopia. We just may not understand that yet.

Understand the game:

So, I leave you with the paper: The Global Cyber Game pull it down and read it. Learn from it, play the game if you like, and spend some time thinking about it all. We are on the cusp of another evolution in our society that we have seen repeated in every other evolution we have had. We create something, then we weaponize it. Perhaps if more of us understand it and the pitfalls we can prevent the N-Dystopia from becoming any worse.

K.

Cyberwar, Cyberdouchery, and Where The Rubber Meets The CyberRoad

leave a comment »

BEGIN//

Uso Xqx gukk: Xyc cpu sw zol kz sw tkrbp zpditaeeag rp xyh Gncai.

Zr kq b qrwhyt vj cghc bru gsuvo, e imcb fmkksl vv wrdgrz si wc lwpr. Ycpaf mk lg u ubfacer pj zqeokyc nfkai grq ch pv etaqsox sh byisitrgb.

\\END

CYBER CYBER CYBER CYBER WAR! (A new song by Culture Club soon!)

I have been more quiet lately due to being a little burned out on the whole INFOSEC scene. The usual groups of factions are bellowing their usual bloviations and rutting like wild animals online, locking horns with others for dominance. It all frankly makes me just want to step back into my blind and clean my weapon, but, it also gives me pause to think and reflect on it all. It has been in this mode that I have sat and watched the “cyberwars” continue to amp up with the Kaspersky’s of the world finding more and more malware to write neat little papers on how they work and how “nation-statey” they are (oddly though never Russian in origin.. Gee I wonder why?) 

Others out there are writing treatises on how “Cyberwar” will work all the while there has been no real definition put down and agreed upon by the masses as to what “cyberwar/Cyber-War/Cyber-Warfare” really is. It has not been codified really, even with the recent UN Tallinn document:

“A cyber attack is a cyber operation, whether offensive or defensive, that is reasonably expected to cause injury or death to persons or damage or destruction to objects.”
Tallinn Manual on The International Law Applicable to Cyber Warfare – Michael N. Shmitt

Without a common definition we are all left with a great amount of confusion and gray area to move forward and commit actions that may or may not be “war” because there is no set ground rules, law, or definitions. So, here we are, we have all these people making a great hue and cry, plans and deeds, all without really understanding perhaps the potentials for their actions, all eager to get in on the ground floor of the “new war” and yes, you gentle INFOSEC reader are also part and parcel, willing participants to it all as well. The “cyberdouchery” it seems cannot be washed from your hands as well, and this includes me I think.

Mea culpa.. Mea culpa…

While reflecting in my recently infected state (pre-con flu) I sat down with the laptop and watched “Cyberwar: Not what we were expecting” a BruCon presentation that I had a hand in with Josh and Brian. The presentation went well, and as I had seen and thought about the material before, having had discussions with both in the process of creation, I began to have a bit of a paradigm change in thought on this after the final presentation. I looked back at my own mind set and writings on the douchery and realized my own shortsightedness, I too had fallen prey to the “cyberwars” and the only conclusion I could have now is that they are upon us, no matter the definition and I had better think on that.

Let’s face facts here… No matter how many times we call douchery, it’s here…

For all of the high handed railing that I have done in the past, I perhaps had missed the salient fact that people are people, and that we as a society will always latch on to the new “thing” that is super cool, but may in fact be the worst thing for us (think of the iPhone madness) We as a species, tend to go, like many other creatures, say parrots or cockatiels, for the “shiny things” It’s just our nature. So how much more shiny than anything else is the notion of a clean “cyberwar” where we take out the enemy with a click of the button, no, not with kinetic explosions but instead with the lights just going out or a centrifuge breaking.

Yeah, sound familiar?

This neat idea though could in fact cause some dystopian scenarios to happen and yes, in the idea of “war” as we commonly know it, kinetic actions (i.e. tanks and planes and bombs) would likely be employed as well, but, this in fact may not be the end goal of “cyberwar” in the minds eye of those dreaming and plotting it. After all, I would say that we are in the era of the “cyberwars” now in fact, and the only use of kinetic force seems to be only taking place in the non declared wars in Afghanistan and now the Horn of Africa right?

The “cyberwars” though, have been playing out mostly quietly, bits and bytes doing their non kinetic (mostly) damage, stealing data for financial gain or other espionage goals. Both nation state as well as personal, group, non nation state, whatever you decide to name the actors as, they are doing it, right now.. You can almost hear the clicks of the hard drives now right?

It’s really just a war of packet attrition… But then again I hear you thinking,

“But, you said war.. and well, that’s not war.. That’s espionage and maybe sabotage”

Well, yes, but, then there’s this notion of “Cold War” to deal with.

“Christ, I miss the Cold War.” (Cold War vs. Hot War)

The above quote was one of my favorites from “Casino Royale”, the recent re-boot of the James Bond story line. I find it apropos to this discussion as even with Josh and Brian, the idea of the nomenclature of war has been somewhat nebulous really. The idea of a “cold war” seemed elusive to them and perhaps even to me in some way, though I lived through the cold war and was actually in East Germany briefly just before the wall fell. Seeing the “cold war” first hand kind of gives you a new perspective I guess, so I was a little more pliable to the idea that a cold war was in fact a war, just not one where we have outright battles being fought in the “open” and that’s the key here.

Cold War Noun:
A state of political hostility existing between countries, characterized by threats, violent propaganda, subversive activities, and…
The state of political hostility that existed between the Soviet bloc countries and the US-led Western powers from 1945 to 1990.

Cyberwar, is the new “black” of Cold War.

See what I am getting at here? Sure, there can be an all out war that employs a “digital aspect” to it, (i.e. disrupting comms and supply chains) but also, the mainstay thus far of digital warfare is “information war” and this is much closer to “cold warfare” as it has ever been as you can see from the standard definition. Case in point, we are trying to contain Iran from having its own nuclear weapons. What have we been doing? Well, sanctions, propaganda, espionage, and now, post Stuxnet, digital sabotage of their programs as well as great swaths of digital thievery of their data to see just how far along they are.

Now, look up at that definition again and think about it… See what I’m saying here? Of course this is one element though and there are others like the kinetic typical warfare also described. Actions in tandem (digital and physical/kinetic) like that of Estonia but you get the point. It’s mostly, at this point, about cold war tactics to manipulate an enemy without committing to all out warfare and that’s the rub. Of course there are many war planners out there looking at plans to do more than just manipulate an enemy politically, that’s more the bailiwick of the likes of the CIA and other three letter agencies.

Diplomacy it seems, has a new tool in it’s little black bag…. As does the military sector.. Truly “Dual use” technology here.

State vs. Non State, War vs. Non War (What’s in a name?)

In the rubric though of “cyberwar” lately, we have seen arguments made (some unqualified, some quite qualified) about just what it constitutes and one of those factors has been whether or not the actors are “state or non state” actors. I would put it to you right up front, who’s to say who is or is not state actors to start with? Have none of you ever heard about proxy wars? I mean come on people, we lived through the 80’s and the wars being fought by proxy and still you guys don’t get it?

Iran Contra

Afghanistan and the Mujahideen

The War on Drugs

The Current War on Drugs with boots on the ground in Mexico (CIA/MIL)

So, you are going to quibble over nation state and non nation state actors in cyber warfare? What’s more, you are going to do so when attribution is so damned hard? Wow, the hubris of it is just stunning on some people’s parts within this community. Talk about douchery, just take a look around people. Sure, there is a lot of douchery going around, but I just have to say look in the mirror here and take a good long look. I think we all could be blamed just as equally here.

Actions taken by entities, in this arena (cyber-warfare) no matter the attribution, which may be wholly wrong mind you, can always have a sliver of doubt attached to them as to whether they are a proxy of a nation. It’s as simple as that. So, in the case of say the Georgia DDoS that happened, who can be sure, unless they have a really solid HUMINT report in hand, that this attack was not in some way or shape condoned or sponsored by the Russian government or factions thereof?

*silence.. baleful stare*

All I’m really saying is that the world is grey and to make great pronouncements of “I know shit” isn’t going to cut it in reality, and that even goes for me. Like they say on the internets, photo’s or it never happened. What can be said though, is that it would seem, from all evidence within the media machine and the rhetoric of the governments of the world, that the Dr. Cyberlove’s of the world are beating the drums for “cyberwar” pretty damn hard… And that the governments are scurrying to get a piece of the action.

“A fool with a tool.. Is still a fool” (Or: Simians flinging digital poo)

Which brings me to my next diatribe. As the title above says, a fool with a tool.. Is still a fool. Folks, we have all kinds of work going on developing 0day’s and plans of action by various warfighting units new and old. It seems that whenever we, as a race, come up with a new way to get over on the other guy, we mass produce and refine it without really thinking about the ramifications of our actions. It’s just human nature it seems, but in cases like this we just rush headlong into it, like we did for so long with biological warfare.

“Surely digital warfare and code is nothing as bad as biological warfare” is what some of you are thinking out there now as you read these lines, and yes, you are right I think on the whole, but, there is always wiggle room for disaster right? The potentials for malware and unforeseen consequences are there and unlike Jericho’s take on the dangers of “cyberwar” now, I can give it a little more room for possible bad outcomes from what’s being created now. What will happen as we all reach the singularity that some are postulating as we network everything? Currently the grid is a big topic as we make the “smart grid”, a model that is already being attacked by hackers as well as perhaps nation states trying to gather intelligence on how it works/will work and how to manipulate it. This type of attack alone could be dual use, like the Stuxnet attack, it could be a way to manipulate a country and its policies, or the prelude to a further physical attack. Who’s to know until it happens right?

All in all, I just have to look on in wonder at the hubris of the whole affair. We truly are monkeys with digital guns. Unfortunately today we have political systems that are short sighted and, in the case of our own here in the US, groups of diametrically opposed morons in a political election cycle that looks much more like a high school election campaign for prom queen. These are the people in the political office that direct the policies and war plans for us, which now include the idealistic ideas of “clean cyber warfare, targeted and with little blowback or collateral damage”

Monkeys with digital guns…

Cyberwar and YOU

Well, so here we are, we are in the age of the “Cyberwars” as much as the term might stick in the craw of many in the community. I would put it to you that as a person with anything online, you are a target. Whether it be the cyberwarfare of the state, or the cyber machinations of the criminal gang seeking to steal your money or your data, we all are under the same threats. Infrastructure as well as your personal PC are targets within a larger game of digital Stratego. Face the fact, live with it a while, and then think about what you can do to insulate yourselves a bit better.

It seems that even if you do not have a computer (some don’t.. no, really!) you still have a digital presence online because the companies that you do business with have one. The governments have their records online and those records are your records! There is no escaping it really, you are a part of the picture and you should get used to the idea. The power that you suck up every day with your digital toys is somewhat vulnerable and a target, and even if the adversary cannot take out the whole country, let me tell you from experience, just take out one state and see the shit fly because people don’t have power. Where I live we had that big storm a year ago and when people could not get their gas to power their generators it started getting hairy, and that was with the power only being out a week or so. Imagine if it were in fact long term? It’s the people’s reactions (base and territorial) that worries me more than the power being off.

So, whether it’s your data, your power, or your money, you too are a cog in the vast cyberwar machine that is all the rage. Will bad things happen? Maybe. Will epic and tragically bad things happen? Maybe. I am not short sighted enough to say it won’t ever happen, nor can I say that these attacks will not be employed by some foreign power or Bondian villain. I’m just saying it is possible, not overly likely, but look at all the work going on at DARPA and other places looking into how to make it a reality.

The cyberwar is upon us and we had best start taking it seriously because people in power are making plans, and like biological warfare, it seems perhaps there could be unforeseen cirucmstances that could trigger bigger and worse things.

Plan accordingly and think a bit more cogently.

K.

Written by Krypt3ia

2012/09/29 at 13:16

Follow

Get every new post delivered to your Inbox.

Join 131 other followers