(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for February 7th, 2009

Studio 360: Jukai

leave a comment »


Aokigahara has been a fascination for me since I saw that Scifi episode of “Destination Truth”. Studio 360 sent a reporter there to take a trip inside and to see just what the story is concerning the history of the “Sea of Trees” Great stuff….

Written by Krypt3ia

2009/02/07 at 14:03

Posted in Japan, Psy

Reading Materials

leave a comment »

While poking around the internets tonight I came across a site that contained a bevy of documents that some of you might be interested in. They all pertain to Jihad and terrorism studies and might be of use for some of you looking to gain a better understanding of how their minds work, how we respond to them now post 9/11, and give you a picture (literally in the zip file contained within) of terror up to the Mumbai attacks.

The reading room is open…

Now, as you look at these and I have already, one has to ponder “should these be online and available to the internets?” Yeah, well I have to wonder at times if we aren’t already our own worst enemy…

Written by Krypt3ia

2009/02/07 at 02:14


with one comment

The New E-spionage Threat

A BusinessWeek probe of rising attacks on America’s most sensitive computer networks uncovers startling security gaps

The e-mail message addressed to a Booz Allen Hamilton executive was mundane—a shopping list sent over by the Pentagon of weaponry India wanted to buy. But the missive turned out to be a brilliant fake. Lurking beneath the description of aircraft, engines, and radar equipment was an insidious piece of computer code known as “Poison Ivy” designed to suck sensitive data out of the $4 billion consulting firm’s computer network.

The Pentagon hadn’t sent the e-mail at all. Its origin is unknown, but the message traveled through Korea on its way to Booz Allen. Its authors knew enough about the “sender” and “recipient” to craft a message unlikely to arouse suspicion. Had the Booz Allen executive clicked on the attachment, his every keystroke would have been reported back to a mysterious master at the Internet address, which is registered through an obscure company headquartered on the banks of China’s Yangtze River.

The U.S. government, and its sprawl of defense contractors, have been the victims of an unprecedented rash of similar cyber attacks over the last two years, say current and former U.S. government officials. “It’s espionage on a massive scale,” says Paul B. Kurtz, a former high-ranking national security official. Government agencies reported 12,986 cyber security incidents to the U.S. Homeland Security Dept. last fiscal year, triple the number from two years earlier. Incursions on the military’s networks were up 55% last year, says Lieutenant General Charles E. Croom, head of the Pentagon’s Joint Task Force for Global Network Operations. Private targets like Booz Allen are just as vulnerable and pose just as much potential security risk. “They have our information on their networks. They’re building our weapon systems. You wouldn’t want that in enemy hands,” Croom says. Cyber attackers “are not denying, disrupting, or destroying operations—yet. But that doesn’t mean they don’t have the capability.”

The Rest Here

Ahhh the ubiquitous It’s an ongoing problem even though this article comes to you in 2007. All of you out there in the infosec field should be at least liminally aware of this lil bugger if not fire fighting it now still. The Chinese have been rather pesky with this one too. It’s polymorphic and seems to hop systems like a flea on a pack of feral dogs.

You should also be looking out for,, and… Actually just be looking for any sites in your logs really like this DOE CIRC report shows from last December. And within the cacaphony of it all, there is a signal to noise ratio going on too. The inscrutble ones are out there hiding the SIGINT in the noise.

As yet, I have not seen a clear strategy on cleaning systems that have been infected because this particular set of attacks is polymorphic. If a system gets compromised and actually beacons out, it then downloads via alternate ports, to get an FTP session and downloads new code. Which then does all the new and fun things that the makers have thought up in the interim. Meanwhile, with all this going on, it’s the worm you don’t see that is the problem. The quiet ones, the stealth bugs. All of them though are taking small bites of data from all the companies and individuals in the “Thousand Grains Of Sand” approach that is Chinese espionage.

I hope that the executive orders signed by Bush are continued and enhanced by Obama and that we as a country take this threat seriously. The Chinese are the noisy ones… Just think about the ones you don’t hear about. So the next time you, Mr. CEO get an email that says “FREE SCREEN SAVER!” please, think before you click.

If you’d like a better breakdown of the 3322 bug (one of the iterations) then go HERE for a nice sniff of the traffic and a dissection of it’s code.

Written by Krypt3ia

2009/02/07 at 01:16