Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for July 2011

Not So 3R337 Kidz

with 5 comments

Once again we find ourselves following the story of a new uber dump of data on a Friday (Fuck FBI Friday’s) as they have been dubbed by the skiddies. It seems that 4cid 8urn, C3r3al Kill3r, and Zer0C00l once again have failed to deliver the goods in their #antisec campaign with their ManTech dump. ManTech, for those who don’t know, is a company that handles defense and government security contracts for such things as secure networks etc. The skiddies decided to try and haxx0r the Gibson and get the goods on the bad bad men at ManTech.

Once again, they failed.

The files are mostly UNCLASS (kids, that means UN-CLASSIFIED mmkay?) with a few SBU (Sensitive but UNCLASSIFIED) as well. Many of the files are just documents of finances, bills, resume’s and email addresses that frankly you could get with a good Googling session. Again, we are not impressed by this crap Lulz skiddies. I have told you once, and now I till tell you again, you are failing to deliver anything of interest really.

Now, if you were real APT, then you would have used the data in the excel sheets to create some nice phishing exploits and then gone on to root some good shit. But no, you aren’t that advanced are you? You just want to do the quick hit and dump your ‘booty’ to collect the love from your adoring, albeit stupid, fans. I am sure some of them are at home now wanking off to the idea that you have really stuck it to ManTech and by proxy ‘the man’

Well, you haven’t.. Not so 3r337 as Raz0r and Bl4d3 say.

What you keep failing to understand are sever key things here:

  1. The good shit is in more protected systems, ya know, like the ones Manning had access to
  2. You have no idea what you are taking or what you are dumping! Bitch please, understand the classification markings!
  3. It’s only important to your ‘movement’ if the data actually uncovers bad behavior on the part of the government!

And it’s on that last point I want to harp a little more on. You guys say you are exposing fraud and devious behavior (other than your own subversive tendencies?) and yet, you keep missing the mark. There have been no cohesive plots outed by you other than Aaron and HB Gary’s little foray into creating 0day and programs for propaganda tools online.

Yay you!… ehhh… not so much.

You certainly did spank Aaron though, and for that my top hat and monocle are off to you. He rather deserved what he got for being so God damned stupid. However, you must all understand that these are the standard operating procedures in warfare (PSYOPS, INFOWAR, PROPAGANDA) every nation plays the game and its just the way of life. So, unless you get some real data of a plan to use this type of tech by the US on the US, (other than Rupert & Co.) Once again, I am not really so impressed.

Of course, you have to know that you are now the target of all of those tools right? Not only by the US, but other nations as I have mentioned before. Do you really think that you have not opened the door for other nation states to attack using your name? No one mentioned yet that you are now considered domestic terrorists and could even be considered non domestic after you get caught? You have opened Pandora’s box and all the bad shit is coming.. And much of it is going to be aimed straight at you.

The ironic thing is this.. You have delivered shit. It’s the idea and the cover you have given other nation states or individuals that is key here. You say you can’t arrest an idea… I say certainly not! BUT They can arrest YOU and then make that IDEA not so appealing to the other skiddies once your prosecutions begin on national TV.

So keep it up.. That hornets nest won’t spew hundreds of angry wasps…

K.

Of PLC Controllers and Obvious Statements

with one comment

The Summary from :

SCADA & PLC VULNERABILITIES IN CORRECTIONAL FACILITIES

by

Teague Newman
Tiffany Rad, ELCnetworks, LLC
John Strauchs, Strauchs, LLC

A logical conclusion to this research is that our findings do not only pertain to PLC and SCADA vulnerabilities in correctional facilities, but in any high-security location that uses these technologies as well as in manufacturing plants, transportation and just about anywhere that multiplexing is used. When securing the country’s most dangerous liabilities, we encourage that more attention be paid to access control, network security/segmentation and personnel policies. And as was the case with Stuxnet, proper adherence to secure operating procedures will greatly reduce the chances of infection of PLCs and control computers from the inside and outside of a secure facility.

Wait, you’re telling me that PLC systems (SCADA) are vulnerable and there are systems out there that are rather important that are likely vulnerable because of this?

NO WAY!

INCONCEIVABLE!

Sorry, just had to get that out of my system there. Seriously though, there is nothing new at all here with this white paper other than the fact that the prisons actually use these systems to keep the doors shut. Sure, if someone were savvy enough to get some code together (and it seems that there were some off the shelf exploits by the wording in the document) could possibly cause all of the doors in a penitentiary to open or close.

Uh, yeah.. Just like the same kinds of exploit code written for any other PLC system that is vulnerable (and lets face it, they all are) to make, say, a generator eat itself and burn up (see video here by DHS) Or maybe say, oh, I dunno, affect the rotational speeds of centrifuges in a nuclear fuel processing center?

Oh yeah, I remember now! That’s been done!

Stuxnet, still making waves in the news cycle was an important wake up call for the general public and not so much for the security world. Sure, the complexity and chaining of exploits (0day) to keep the Stux in the Natanz systems was APT all the way, but the concept of affecting SCADA systems adversly had been around for quite a long time. Just ask anyone who has maybe ping sweeped a factory with computer controlled PLC’s.

Shit will happen.

So, post Stuxnet, this paper and the presentation to follow at DEFCON this year seems more like a call for attention and perhaps a marketing scheme than anything revelatory befitting a talk at DEFCON. Having read the paper, it leaves me nonplussed as to why this s being presented at all. What is surprising is that companies and entities government or otherwise have not taken steps to insure that their PLC systems are not vulnerable. Furthermore, all those who use these systems for important functions like power regulation should in fact be screaming for security testing and upgrades to each and every maker of PLC systems. What we get though usually are excuses if not just silence

*crickets*

So, this paper and talk point out that prisons use the PLC’s and they are vulnerable to attack. It also makes mention that these systems seem to be connected to networks with internet connectivity!

SAY IT AIN’T SO!

Not much else to see here is there? These things we all know. In fact, the whole point of the Stuxnet attack was to blend it so that it would work in an air gapped as well as network environment! So, what exactly are you saying here Strauchs’ that is telling us anything we already didn’t know? Had the writers actually come up with some plans or legislation or even a call to arms for all PLC makers to secure their products, then I would say they have something to hang their hat on.. What you get here is “ho hum”

“Many places use PLC’s to control their operations”

“Many of those places connect their systems to networks with internet connections”

“The majority of PLC code is vulnerable to attack!”

…. Wait… Is that the CAPTAIN OBVIOUS sign in the sky over Las Vegas!?!?

See you there.

K.

 

 

Written by Krypt3ia

2011/07/31 at 00:14

ウェブ忍者が失敗する : Dox-ing, Disinformation, and The Fifth Battlespace

leave a comment »

Digital Ninja Fail: ウェブ忍者が失敗する

The recent arrests of alleged key members of LulzSec and Anonymous have been called into question by the ‘Web Ninja’s‘, a group of would be hackers who have been ‘DOX-ing” the anonymous hierarchy for some time now. Yesterday, they posted the following on their page concerning the arrest of a man from the Shetland Islands who is purported to be ‘Topiary‘ by the Met and SOCA.

Now, this is a bold statement for anyone who really knows what they are doing in the intelligence analysis field. So, it is my supposition that these guys have no clue about what they are doing by making bold assertions like this. The data they have is tenuous at best and by making such bold statements, I have to wonder if indeed the so called ‘Ninja’s” themselves might not be a tool of anonymous to in fact sow that disinformation.

Here are the facts as I see them;

  • To date, the federal authorities have not questioned anyone who was DOX’d by the Ninja’s that I am aware of
  • The individuals who were DOX’d that were investigated by the authorities were in fact outed by LulzSec/Anonymous themselves
  • Adrian Chen has spoken to the person that the Ninja’s have fingered and claims that he (said person) went to the authorities himself. So far he is still not a suspect.

So, taking into account these facts, I would have to say that the Ninja’s have failed in their stated mission so far and I would suffice to say that if they are indeed a part of a disinformation campaign, then that too has failed. After all, the police seem to be ignoring the data put on the interent by the likes of the Ninja’s in favour of other tried and true tactics. The primary tactic as I see it, is grab one individual and then get them to roll over on their compatriots in the face of massive jail time.

This pretty much works all the time as we, as human beings, are most willing to sacrifice others for the self. In the case of the likes of LulzSec skiddies, I would have to say that the ages of the players, and their generational tendencies will allow them to cut deals pretty quickly. It’s my assessment that they are in it for the self gratification and lulz, not for the altruism that the LulzSec and Anonymous press releases have been trying to have one believe. My assumption is that if indeed the 19 year old guy they popped in Scotland is involved with LulzSec, and is in fact Topiary, he will roll over soon enough.

I also believe that these are all untrained operatives and they have made and will make more mistakes. I am pretty sure that the alleged “leaderless” group has leaders AND that unlike a true guerrilla warfare cell, will know the other players personal details. Essentially, they have had no compartmentalisation and they will all fall eventually though interrogation and deal making. As I said before, the insider threat to the organisation is key here, and it was this idea I think the Ninja’s had.. Well, at least that was the original idea of the Ninja Warrior. They were spies who infiltrated the ranks and destroyed from within.

So far with these guys.. Not so much.

Welcome To Spook World: Disinformation Campaigns and Intelligence Analysis

Now, on the whole disinformation thing, I know that the Lulz and Anonymous have said that they are using disinformation as well to try and create a smoke screen. Frankly, all of the intelligence out there that is open source is suspect. Maltego map’s of end user names as I have shown in the past can be useful in gathering intelligence… Sometimes. For the most part, if a user keeps using a screen name in many places and ties that name to real data, then they can be tracked, but, it takes a lot of analysis and data gathering to do it. Though, many of the foot soldiers within the Anon movement are young and foolish enough to just keep using the same screen names for everything so there is a higher likelihood that the data being pulled up on Maltego and with Google searches is solid enough to make some justified conclusions.

With the more experienced people though, there has been some forethought and they have protected their identities as best they could. What became their real downfall was that they could not rise above petty infighting and dox-ing each other. Thus you have the start of the potential domino effect on the core group as well as anyone who has any peripheral affiliation with the Lulz. Be assured, those who have been pinched are giving up as many names as possible as well as whatever is on their hard drives, Anon hacker manuals or not. All of these scenarios lead to the conclusion of more arrests by the authorities and even more skiddies getting into legal trouble around the globe. Meanwhile though, if the core group has been smart, then perhaps the leaders will skate for a time, using the masses as canon fodder.

Gee kids.. Did you know that you were all expendable?

On another tac, I would like to speak about the potential of the disinformation campaigns being perpetrated by the authorities as well. Consider that the trained professionals out there who are hunting these characters (Topiary, Sabu, et al.) are also adept at using not only the technologies of the fifth battlespace, but also the training afforded them in ‘spook world’ This means disinformation campaigns, mole hunts, and insurgencies of their own, getting to the inner core of Anonymous and Lulz. Now, that there were six (alleged) lulzer’s it would be more difficult to do, especially if those LulzSec folks really do know one another (as they claim they do not, which, I just don’t buy.. Remember the compartmentalisation issue) The agent provocateur’s are out there I am sure and with each rung of the ladder, they get closer to the core group.

That is unless the core group falls apart on their own and DOX’s each other out. In the end, I am going to suggest that the authorities will use all of the tricks of the trade on the Anon/Lulz folks to bag them… And with concerted effort by government resources, they will get their men/women.

Untrained, Unruly, and Unprofessional Operators:

“Discretion is the better part of valour” as they say, and in the case of the Lulz and Anon crews, they seem to not have a clue. Perhaps the Lulz think that by being unruly and unpredictable to a certain amount, will be just the cover they need, but, I think that their lack of discretion will be their undoing as well as their hubris. Had many of these folks had some real training, they might have just stood down for a while (not just a week or so) after setting sail into the sunset.

As I have said before, it was a bad idea to recruit and have comm’s out in the open on IRC servers even if they had ‘invite only’ channels. As is being seen now, someone (jester perhaps) has taken down their servers again after other outages due to Ryan Cleary’s attack and pressure from the government on those connection sources that the Anon’s were using. I am sure the idea was to have a movement that could also serve as diversion for the core users as well as to LOIC, but this all failed in the end didn’t it? The LOIC is what has given the FBI the 1,000 IP addresses as a hit list, so to speak, that they are now using to collect people and charge them for the DD0S attacks.

Had these people been trained or not been so compulsive, they might have had more of a chance to keep this up for a much much longer time. As I write, the Lulz do continue, but they have slowed quite a bit since the arrests started again. This I think is because the cages are starting to get rattled and people are finally coming to the conclusion that some discretion is needed to not end up Bubba’s play pal in prison. It’s a learning curve, and likely going to be a painful one for the kiddies.

Unprofessional actions within this area of battle will end up with your being put in jail kids.

To end this section I would also like to add this thought. My assessment of the Lulz core group is this;

  • They were drunk on the power of their escapades
  • The more followers they had and more attention, the less risk averse they became
  • They seem to have compulsion disorders (don’t say it.. Aspergers!) that seem to not allow them to lay low (until now it seems)
  • The ego has eaten their id altogether
  • Base ages are within the teens with a couple over 20

Technical Issues Within The Fifth Battlespace:

Another BIG issue within this battlespace is the technology. The Anon’s and Lulz have been ascribing to the idea of “Proxies, we haz them! So we’re secure!” and to a certain extent they are right. There are always ways around that though and certainly leaks in data (such as the TOR leaks that have happened) that could lead someone to locate the end user behind the proxy, so they are not fool proof. Certainly not if the fool in question is some skiddie 12 year old using LOIC un-proxied and not obfuscated while they D0S Paypal.

The problem is that the technology could fail you as well as the untrained operative could make small and large mistakes that could lead authorities right back to their IP and home accts. On the other side of that equation is that when properly done, it is damn hard to prove a lot in hacking cases because of obfuscation, as well as mis-configured end systems that have been hit. I cannot tell you how many times I have seen incidents play out where the target systems had no logging on as well as being completely un-secured, thus leaving practically nothing for a forensics team to find and use.

Once again, this brings us back to the insider threat, whether they be the insider who decides to go turncoat, or, the agent provocateur (i.e. Jester and the Ninja’s as well as others from the authorities) who infiltrate the Lulz and then gut them from the inside. What it really boils all down to is that in the end, it will be the foibles of the Lulz core and the actions of spooks that will bring them down.. And I think they are learning that very fact now.

JIN; One Must Know The Enemies Mind To Be Victorious:

As a last note, I would like to say to the Ninja’s, you need to learn and practice your Kuji-in. It is obvious to me that you have failed on the ‘Jin’ (knowing the opponents mind) with your dox attempts. Until such time as I see people being hauled in that directly relate to your documents posted, then I am going to consider the following to be the case:

  1. DOX-ing is mostly useless and takes quite a bit of analysis before just releasing names
  2. The Feds are not taking your data as gospel, nor should the general public or media
  3. You yourselves may in fact be a tool of Anonymous/Lulz and as such, spewing disinformation
  4. You could be right, but by releasing it to the public at large, you are letting the Lulz know to destroy evidence and create obfuscation that will hinder arrests later.

Ninja’s got results.. Not so much for ‘Web’ Ninjas. At least Jester, if his claims are true, is breaking their C&C channels lately.. Which has its own problematic issues.. Just like his meddling in the Jihadi area, but, that’s a story for another time.

K.

The Many Minds of Anders Breivik AKA “Sigurd” Justiciar Templar Knight

with 2 comments

A Killing Spree In Oslo:

While on vacation, Anders Breivik decided to go lone wolf and ended up killing 90 people. After his arrest more and more information started to come out as to his motives for the killing spree. What followed has become a sort of armchair detectives dream for the masses. The manifesto as it turns out, is pretty much all we have on Anders’ motives and having read through most of its 1,500 pages, I have come to the conclusion that he is in fact quite mentally ill.

I base this not solely on his actions, but also on his dense prose that shows a very organized personality having an extreme break with reality. Unfortunately, those around Anders did not see this happening or refused to see it, and in the end 90 people died because of his dissociation with reality.

The Manifesto: A Declaration of preemptive War

The manifesto “A Declaration of Preemptive War” for the most part, is a conglomeration of cut and paste from other documents including a great swath of Ted Kaczynski’s manifesto against technology “Industrial Society and Its FutureFor the most part, the bulk of the document attempts to make the case that Europe has become infected by pervasive acquiescence on the part of the populace and government that has fomented a “multicultural” society. That society in turn, will result in the year 2083, in a “Islamification” of the EU and a new Caliphate will result.

Breivik rambles and cites numerous historical contexts trying to make connections from marxism to his end product of a new Caliphate and in so doing, is all over the map as he pedantically attempts to sway your mind to his point of view. All of this ‘documentation’ serves as the preamble for his personal writings further on (somewhere in the page 800 area) where he lays out the story of the PCCTS (Pauperes commilitones Christi Templique Solomonici) or The Knights Templar and his new twist on this, ‘The Justiciar Knights’ (Justiciar being the latin for justice)

What is most interesting though is that when Anders wrote this part of the book (book 3) he attempts to distance himself from the distorted reality that he had been living and creating for so long in the previous 800 or so pages. Perhaps Anders was having a sanity break? I am not sure as to why he decided to take the tac he did with this section, but, as you can see below, he prefaces the book of pre-emptive warfare with a rather lengthy caveat;

“It’s all fiction”

3. A Declaration of pre-emptive War (book 3)

LEGAL DISCLAIMER (for certain chapters in Book 2 and Book: 3. A Declaration of pre-emptive War):

Book 3, “A Declaration of preemptive War” and certain chapters in book 2 in this compendium, titled “2083”, and all related research files describes a hypothetical response to a perceived threat (so called cultural Marxist/multiculturalist atrocities and the threat of Islamisation). As such, it is a fictional description regarding how it could be like if Islam would be dominant in Europe. The concept of the story/plot is based on what it would be like if certain Christian/conservative/nationalist resistance groups/individuals chose to oppose these so called perceived threats and enemies. It describes in shocking detail how they would most likely rationalise/think/justify/argue and behave towards these perceived threats/enemies.  This books chapter 3 describes how a “fictional” resistance group is emerging and how it would operate from the so called “Phase 1 through Phase 3” in order to prevent these perceived threats and atrocities from futher manifesting and to prevent an alleged future Muslim takeover. It also describes specifically how this hypothetical fictional group, “PCCTS, Knights Templar”, would choose to respond towards the so called ”enablers” or the so called “cultural Marxist/multiculturalist” elites that are allegedly allowing millions of Muslims to enter Europe.The book contains detailed strategies (guerrilla tactics, instructions to execute, political campaigns etc.) which normally would be partly incriminatory to anyone who published or distributed the book (had it not been fiction). It also describes indirect and direct armed and non-armed strategies towards these so-called “traitors” – referred to as the cultural Marxists/ multiculturalists. The motivation for this “fiction-writer-approach” is to contribute to create a new type of innovative writing style. By defining, in a horrifically detailed way, a fictional scenario, the reader will be shocked due to the “hopefully” credible and extremely detailed elaborations. It should be noted that the author, as a sci-fi enthusiast, wanted to bring and create a complete new writing style that has the potential to shock the reader with an incredibly credible fictional plot (written in first, second and third person narrative). The author or distributor does not condone or agree with any of the descriptions or methods used in this book and the related chapters. However, the book was created to try to explain to the European political elites how the continuation of given political doctrines could result in similar manifestations (radicalisation of certain groups/individuals), as history has already proven, if they continue with their current policies. As such, it is a reminder to the current establishment what might happen if they repeat the mistakes of the past. Ignoring the will of the people will only contribute to radicalise groups/individuals and therefore contribute to polarise the political fronts and increase the chances of future conflicts. A continued humanist approach to mass Muslim immigration, and the implementation of Sharia on a local, national and pan-European level could result in a long term catastrophe. Not only as a result of a political Islamic consolidation from phase 1-3 but also the danger that REAL “resistance organisations” equivalent to the fictional group called “PCCTS” arises as a result of the discontent. Simulating the creation and detailed information about the actions of organisations like this is presented in detail (included combat/guerrilla simulations, planning phase, attack strategies etc) to try to forward a realistic impression to the reader and current European governments regarding what COULD develop if the current Islamisation process is allowed to continue. The detailed so called “terror descriptions” is therefore in place to create a sense of perceived credibility, reality under a credible fictitious framework. The threats, the discriminatory content and information about guerrilla warfare and violence, threats regarding killing of so called “traitors” and instruction on how to employ WMDs (which is all available through Wikipedia and other online sources to anyone btw) is therefore all a part of this fictional story/plot to strengthen the credibility of the framework. The book should therefore never be considered anything else than fiction (not real). Please note that in order to do some of the research in this compendium the author had to visit/seek several controversial websites/sources in order to gain access to the information. This does not mean that the author or distributor have any sympathy or empathy for any specified or un-specified violent or non-violent groups. All ”threats” etc in these fictional books are ”in character” and its primary goal is to give an impression of what it would be like if we were under threat by an extremist organisation. However, certain aspects of the content describing a lead character (a fictional political activist who has decided to become a so called “Justiciar Knight”) sounds very realistic due to the detailed descriptions. However, all incriminatory information in this work is written “in character” and must not be confused with an actual plan, or strategy to attempt to harm any individuals or infrastructure, any political groups or attempt to seize political or military control of Western European regimes. This book is therefore unique in many ways. It is speculated that this type of original approach has the potential to forward and present information in a new and original context. It is therefore no need for concern by any police/state/government prosecutors or intelligence agencies about the content of this book due to its fictional nature. This legal disclaimer was created to remove any doubt whatsoever that the author or anyone chosing to distribute the book “2083” has any hostile motives or intentions.  If any legal authority have reservations against this new and innovative form of writing style, they may address or contact the author, any publisher or distributor and share their concerns which will be taken under consideration. Changes will be considered and implemented. As such, the content in its current form will not incriminate anyone, the author or any distributor.

As you can see, Anders takes great pains to say that all of this section is just a fiction and that it is not to be construed as illegal activity. Perhaps this section of the manifesto was written before the rest, before he sunk into the depths of dissociative thought. No one can really know unless they locate drafts of the manifesto with differentiated dates on them. So far the document as a whole showed 8 revisions in the metadata, but this only means that he could have cut/pasted the bulk of it from previous documents as text and then just did the copy editing from there. (this is my contention)

Suffice to say though, that this section is VERY telling in that it seems to show the only sign of knowing that what he is writing about (pre-emptive warfare) is serious and dissemination of the data within it could have gotten him arrested quite easily, but, as he mentions in the following manual on spec-war techniques (including bomb making with very specific directions) could land him on watch lists if not arrested outright.

I believe that this section was written at a time when he was in a more lucid, albeit dissociative state of mind.

Working Alone:

Being a Justiciar Knight is not for everyone. You are normally required to plan absolutely everything alone; fight alone to see your mission through and you are likely to die alone with half of your city’s system protectors hunting you. However, I have never in my life felt that I have done anything more meaningful than what I am doing now regardless of the lack of moral support from my founding brothers or other armed resistance fighters. Support from our extremely distributed and anonymous “non-hierarchy” out there would be nice but I have managed to cope through mental discipline to become what I am today; a self driven and highly effective manifestation of an independent resistance cell.

This section of the document is also important in several ways to Anders mental state and the statements he has allegedly made to authorities post his capture. Since being taken into custody, Anders has claimed he did not work alone and that there are other ‘cells’ out there. In more than a few places within the document, Anders makes claims that there are 8 other ‘Jusitciar Knights’ out there, while he also says that he is a single cell. This duality he tries to explain away as part of the plan to maintain security for his operation. However, much of the text often lapses into a timbre of he and he alone was acting on this as the ‘leader’ knight to show the way for others. It is this back and forth that usually denotes mental illness (divergent thought/cognitive dissonance)

In the end, it is my contention that he did in fact do this all by himself. I also am somewhat circumspect on just how much of what he claims to have done in the later sections (the phases) was actually done as opposed to only having taken place in his delusions. (if you have the manifesto, check the phases for planning/buying/operations) Anders claims to have moved to a farm, created companies, etc all in the furtherance of his goals operationally. If indeed he did carry all of this out and it was within the timeline (roughly 2009-2011) then this dissociative state has been ongoing for some time. All the while though, it is interesting to note that Anders anal personality traits are what likely kept him from being exposed before pulling off his plan. A plan though, that was not laid out in this manifesto as it played out, so I assume that there was a stessor that set Anders off and put him into play so to speak to carry out his spree this month. Just what that stressor was, we may never know.

Lone Wolf Jihad As A Video Game:

Another telling piece of the puzzle comes from a latter section of the manifesto where it seems that Anders begins to slide into unreality even further and melds his reality to that of the computer gaming (RPG) world that he mentions in numerous areas of the document. In a section concerning being caught or captured, he goes on to say the following about caching weapons and equipment;

This depot is intended to work as a cache in a scenario where the Justiciar Knight survives his operation and where he faces apprehension and subsequent incarceration. When incarcerated, the Justiciar Knight should do everything in in his power to escape from prison. If he succeeds, he may initiate a “bonus operation” which consists of the assassination of 3-5 primary category B traitors/multiculturalists. Prior to his arrest he must acquire at least basic intel on his targets (picture, address, full name) so that he may execute his operation in a timely and professional manner (the 3-5 executions combined should take no longer than 1-3 hours). After the escape from prison and after the equipment is retrieved; the Justiciar Knight will expropriate a vehicle from a civilian and initiate his mission (if you fear there are road blocks you may want to sleep camp in the forrest for 1-2 days). It is essential that the Justiciar Knight memorises the intel and container location prior to apprehension. 

A bonus operation, much like the bonus round or an extra level in a game. It seems that for Anders, the world of the RPG and reality had fused together to the extent that they were the same thing. An even further interesting tidbit is that one of the games mentioned on a site that I will be discussing below, has a plot line where the protagonist is flung into the future to fight.

His main game of choice though seems to have been “Dragon Age”in which he played a Templar Knight.

Islam, Christianity, Jihad, and Templar Martyrdom:

Reading through the manifesto, it also becomes clear, as I mentioned above, that Anders shows some confused thought on exactly why he is doing all of this. He makes statements against Islam, then, in true cognitive dissonance, praises the Muslim people and faith. He drags out Communism and Marxism as well, but in all, fails to come up with cogent arguments altogether as to why he and his knights are doing what they are alleged to be doing. This is the greatest area of disorganized thought by Anders and is augmented mainly by the cut and paste of great swaths of infomation to back up his thought processes.

Overall, it just seems to be a manifested boogey man culled from the current environment with regard to terrorism and some of Anders deeper fears. In all, none of his ramblings that he claims are the aegis of the “Justiciar Knights” are fully articulated. If anything, he seems to be emulating the jiadhi’s as well as perhaps empathizing with their travails in that he takes a lot of time thnking about his operational security. Much of these sections are remarkably like the writings lately in Inspire magazine by Al Malahem. Perhaps Anders even read the first six issues of Inspire.

Additionally, Breivik calls his operation a “martyr” operation. Everything else though within the document does not intone his intention to take his own life as a part of the operation. In fact, he actually says that he hopes to be taken alive to be an exemplar for future knights. It is also interesting to note that in his manifesto’s picture section, he has a picture of himself with what looks to be a suicide belt (explosives) but to date, I have not heard that he in fact had this on him at the time of his arrest. Once again, muddled thinking showing his dissociative condition where he just seems to be mirroring the jihadi’s…

In the distorted mirror of his mental illness. An illness that was exacerbated with steroid and anti depressant use.

PCCTS.com & quofataferunt.com Connections:

Soon after this story broke, and the internet hounds began digging, someone discovered a site called pccts.com. Now, pccts.com is in fact no longer available to look at as the owners have removed all of the content but, if you dig around enough, you get a sense of just what its all about. Primarily, the site appears to be a melange of Templar Knights rhetoric overlaid with conspiracy theories that involve the Illuminati and nuclear strikes on the US.

In other words, a heady mix for someone with a dissociative disorder that seems focused on Templar Knights and conspiracies no?

It is my belief that the PCCTS and Quofataferunt sites really have no real connection to the mass murder other than perhaps being fodder for the delusions of Anders. I would be interested to know if Anders actually frequented the site and if he was a posting member, but, since the redact, there have been no Google caches to use to verify this whatsoever. I can though say that the content of the site does jive with some of what Anders was saying in his manifesto. There are posts that show some crazy future plans for a nuclear attack on cities in the US as well as many articles concerning the encroachment of Islam including the following post:

Once translated, the post talks about how the jihad now has designs against Masons and Masonic temples. Evidently, there was a CSIS (Canadian Intelligence) put out a paper on how the jihadi’s now think that the Masons pose a threat to them. The post is certainly more conspiracy fodder for like minded persons and certinaly would have been a worry for someone like Anders who claims to have been a Mason. I assume that this type of thread within this site may have re-enforced the delusions of someone like Anders.

Also, it is interesting to note that the site and its adherents are supporters of Anonymous as well. One conspiracy opens the doors for others it seems. Of course the real smoking gun for me is the image directly below. The new world order of Islam… Indeed.

I am sure that if Anders saw this he would have certainly felt that his delusion was correct and would re-double his own efforts with the Justiciar Knights. Another fun fact that I located on this site is a connection (albeit circumstantial) between the admin of this site “Baphomet or Temohpab” and Anders. The connection is within the following post;

Translation from Dutch:

@ Dreams: Take a good look on the sagas of the Norse Vikings and then youdiscover that some who have played really well and that these are things to check!

But you’re right! I too have discovered something last night in my bloodline!

One of my ancestors was Hardeknud (Wiki: en.wikipedia.org / wiki /Harthacnut_of_Denmark) and there is a strange kink in the cable. He was the sonof: the Mythological Sigurd Snake-in-the-Eye (Wikipedia: en.wikipedia.org / wiki /Sigurd_Snake-in-the-Eye) and then by son: Ragnar Lodbrok (Wiki: and.wikipedia.org / wiki / Ragnar_Lodbrok) so suddenly from Hardeknud keeps up withthe era …

The connection here is that within the manifesto, Anders claims that his Templar Knights code name is “Sigurd” and his superior was Richard (Lionheart) I find it interesting that Baphomet should lay claim to this connection way back in October 2010 while Anders was still formulating his manifesto. Of course the symbolism here is all too coincidental for me, (Knights Templar sites run by Baphomet and the PCCTS, The claim that Baphomet is directly linked lineally to Sigurd, the conspiratorial nature of the sites Baphomet runs) that Anders would not have known about this site and perhaps contributed.

The problem though is that unless we get evidence from the site itself (mostly redacted now) or from Anders systems, we may never really know. It is also key to note that within Anders manifesto, he takes great pains as well to teach about security and anonymity on the internet. He makes claims that he was wiping hard drives and using encryption as well as hides for his drives and data (in one case he claims to have created secret compartments in walls where he had hidden usb drives with data as well) If indeed Anders did follow his own tutorials, we may not have much to work with (i.e. the cops as well) to see what his digital footprint was.

Another fact that backs this up is that the Facebook account and his year2083@gmail acct seem to have both been created right before he went on his so called mission. All other traces of him are hard to come by on the internet. I have tried with Maltego to see if there is more to run with, but there is too much dirty data since the incident as well as not too much to go on because if he was posting out there, it was not under his real name.

It’s a bit of a digital dead end until the cops leak data on anything they find forensically.

Signs of the Times:

In the end, I guess that I just see this as the usual sign of the times with the pressures of today on a sick mind. Anders presents some classical symptoms of paranoid delusion or schizoid behavior while doing so in a very ordered fashion. It was this tendency toward anal behavior that kept him on track and from being detected sooner I think. Well, that and the whole aegis of his crusade was to be secretive as a single cell operation for the Justiciar Knights. Anders cherry picked conspiracy theories, religious and political beliefs and molded them into his own cohesive delusion spurred on by the news of the day concerning terrorism and Islam. He was bombarded with it every day as well as I am sure, lived out his fantasies within the game world of RPG Templar adventures.

It was only a matter of time before he actuated it in reality (his own) and it then connected with ours in a deadly way.

This behavior though can be seen online in others. The PCCTS site and its sisters are just one manifestation of a trend I have seen online. There are may conspiracy nuts out there, and more of them seem to be going to or creating sites like these. Alex Jones for one example has a whole cottage industry in conspiracy theories on new world order and ranting that at times makes me worry that one day his Texan ass will snap and he will unload a hail of bullets at some government facility. For that matter, I am actually much more concerned that Anders may in fact have been a listener as well as frequenting his sites as well, reading up and fueling his own delusions. Sufice to say that Jones’ sites may be spawning even more Anders out there himself.

Of course he has the right to publish what he wants and I would defend that to the end.. However, I would keep an eye on the site for tell tale signs of people who may be on the same path as ‘Sigurd’

Time will tell as the court case goes on in Norway as to what other details of Anders life will come out. I predict though that perhaps one of Anders wishes in the manifesto may come to pass… He may yet be a martyr and an example for other delusional people out there and they will use his blueprint to create their own jihad.

K.

Written by Krypt3ia

2011/07/27 at 11:13

Posted in Oslo, Profiling

Commentary: AnonyLulzyAntiSec, Just What Have You Done for Us Lately?

with 5 comments

With all of the rhetoric being flung about like so much monkey feces, I thought it was time to make an assessment of just how much AntiSec has done for the masses. The claim of late by Sabu and others within the organization is that they are fighting the “good fight” against the corporgovmilitary industrial complex that is ruling over our lives.

From LulzSec:

These governments and corporations are our enemy. And we will continue to fight them, with all methods we have at our disposal, and that certainly includes breaking into their websites and exposing their lies.

We are not scared any more. Your threats to arrest us are meaningless to us as you cannot arrest an idea. Any attempt to do so will make your citizens more angry until they will roar in one gigantic choir. It is our mission to help these people and there is nothing – absolutely nothing – you can possibly to do make us stop.

Lies you say? Deciet and chicanery you say? Wow GREAT! I am a child of the Sixties man! Show me the shit man! Give me the ammo to enrage the general populace and move us all to a revival of the sixties man! I am there man! DO IT!

*crickets*

Uh, hey… Man… So, where’s the good shit man? Did I take the brown acid… Man?

Yeah, so far I have seen nothing but the HB Gary emails that hint at false flag op’s and other programs to monitor would be bad actors that make me feel all hinky. So, where is the good shit man? You keep crowing that you have all this dirt but then when you release stuff its all lame and ordinary.

Tell me man, where’s the email that shows the smoking gun of corruption and deceit? Cuz, I ain’t seein it so far man.

It’s time to put up or shut up my friends.

Let me put this another way… You guys aren’t the new Daniel Ellsberg. You certainly aren’t the new Hunter S. Thompson either, after all, Hunter could write in more than 140 characters at a time with more eloquence and honesty than anything I have seen out of you lot.

The slow-rising central horror of “Watergate” is not that it might grind down to the reluctant impeachment of a vengeful thug of a president whose entire political career has been a monument to the same kind of cheap shots and treachery he finally got nailed for, but that we might somehow fail to learn something from it.

Hunter.

 

So, just when is it that you will actually make a difference instead of just amusing yourselves with low hanging fruit SQLi attacks on poorly defended/configured servers of opportunity? Do you actually have the skill sets to get the real goods by targeting specified systems and being the new APT ?

I guess the core question I have is this;

“Are you glory seeking pussies or do you really have an agenda for change?”

Cuz, as I tally it up from your dumps and your rhetoric, you’re pretty much pussies in my book man. I give much more honor and props to Wikileaks because they delivered on shit. Assange may be a HUGE festering ASSHOLE, but he did deliver some pretty damning evidence of malfeasance in MANY places and you wanna know how?

*Anonymous, Please pick up the courtesy white clue phone.. The courtesy white clue phone at the front desk, Anonymous, you have a message*

Ok, here it is kids.. “Insiders and whistle blowers!”

That’s right! So far, ALL of the major damning things that have come out over all these years have been from whistle blowers!

  • Woodward and Bernstein woulda been nowhere without “Deep Throat”
  • Ellsberg gave us the Pentagon Papers
  • Manning gave us the cables and the Collateral Murder vid
You wanna know why? Because these people were on the inside and saw what was going on. They had the moral conviction and backbone to speak truth to power, and thus you have the huge outcomes from their information releases.
  • Watergate
  • Pentagon papers; lying about Viet Nam
  • Manning, well the collateral murder video at the least. The cables, meh, not so earth shattering really.

You guys? Monsatno emails… WHOOOO! not. Of course, you claim to have all this dirty email from Rupert’s operation… But I have yet to see anything productive out of that other than giving me a chuckle over the obit you placed on their main page.

*SNORT* I did love that! +1 But you lost style points by not mentioning Xanadu or his red runner sled -1 Total Score = 0

Alright, so back on the Magic Bus kids! It’s time to take a trip to somewhere cuz this “summer of love” is wearing thin for me and you keep passing out the brown acid!

K

 

 

 

 

Written by Krypt3ia

2011/07/22 at 11:49

Inspire 6: Operational Methods Changes

with 2 comments

Inspire vol 6 came out yesterday and for the most part, it was more of the same ol same ol. Long diatribes on AQ doctrine, the usual shahidi laments and exhortations, a bomb making cook recipe for Acetone Peroxide (I can see more than a few jihobbyist fingers getting taken off accidentally) and then the little section below screen captured titled “Jihadi Experiences”

Jihadi Experiences:

After OBL was sent to his pineapple under the sea, I had written a post titled “Al Qaeda: The Case of A More Diffuse and Autonomous Organisationin which I made the observation that AQ might be re-thinking its C&C structure as well as its organizational groups. This part of the Inspire magazine is saying that very thing.

  • Point one on the list is the fact that they need to re-tool their operations to have more diffused and compartmented cells. They want to have cells that operate in a way that if one of their members gets caught, they will not know the whole picture and be able to give away the rest of the team.
  • Point two notes that they need younger recruits but those recruits seem to not want to commit themselves fully to the cause. They are observing that perhaps they could get the youth involved by contributions but not having them commit fully. This seems to be the essence of the jihobbyist to me. Looks like they want to use this.
  • Point three re-iterates the need for more diffused, mobile, and agile units because the battle space is not longer driven by discreet front lines.
  • Point four makes a key statement that the drone strikes are causing problems for them and backs up point three in that wherever they are meeting or hiding, even underground, we are using technology to find them and strike them.
The summation though from these points is rather telling however;
  • Firstly, they have renamed jihad to “resistance” its a bit more Western friendly term for those jihobbyists who do not speak Arabi well and it is a paradigm change. You are fighting a battle of resistance against the oppressor instead of being mandated by Allah and the Koran to do so. It goes to the whole idea of using the youth as a movement without the absolute commitment to Jihad.
  • The second statement re-iterates the need for a new youth movement that will ease them all into the ideology of jihad. Once again, using the key word of “resistance”
  • The third and fourth statements have key changes but ones that has been building. They are aiming for more lone wolf jihadi acts. They say this though, with the intent of directing those lone wolves to key targets. I believe that they want to deploy the command and control over the propaganda wing’s postings online. This would make sense, just dangle targets out there and exhort the ‘youth ummah’ to go forth and commit jihad.
  • The fifth statement concerns their ongoing efforts online to spread jihadi ‘sciences’ as well as political doctrine. Of late, the forums have been under attack by differing factions. Mostly though, the actors taking down the sites seem to be non state actors (patriot hackers) egged on by the recent spate of Anonymous hacks and attacks. However, there have been other issues the jihobbyists have been facing. Their Facebook jihad has been failing because Facebook keeps taking their pages down. It has been suggested that they create front pages with links to harder content that is hidden to prevent this. All of this though is tempered with the fact that they do not want to be caught, like said Anonymous actors who lately have been scooped up by the authorities.
  • Statements six and seven are interesting. They speak of creating cells of resistance and re-naming them systems of action “Nizam Al-Amal” and not as secret organizations for action “Tandim Lil-Amal” Once again, the movement is looking to have secure cells that will have a C&C but not so much that if any of their members are caught, the cell will not be taken down nor will that effect the upper echelons security.
This section of the magazine is the most interesting to me. It shows just how much harder is has become for the jihad to function with our intelligence apparatus and drone strikes going on. Obviously AQAP has been feeling the bite of counterintelligence operations as well as counter insurgency efforts. The problems they face though are pretty tough. Just how do you go on to inspire the ummah with no way to really have a command and control apparatus to guide them?
Even with all the subtle changes to language here (neuro-linguistic programming) I don’t see that any organization like theirs can have what they seek. After all, the basic premise that AQ and other radical orgs have used to to indoctrinate the youth in places like the madrassa’s of Afghanistan. They only teach them the Koran and they only teach them barely what they need to function, all the while controlling very carefully, the youth’s doctrinal belief. Without this, and seeking a Western cache of jihadi troops to fill their ranks, they are seeking a new way not only to bring them to the ‘resistance’ but also to control them.
Guess what AQ, it will fail. No matter what method you finally try to use.
Look at this from the anonymous perspective of command and control. They claim to be headless but in fact they have always had an underlying structure. There will always be need for command and control over any operational force that goes into battle.
And with that C&C structure, there will always be a method to get inside it and tear it apart…  As the Anonykids are discovering now (see yesterday’s arrests of 14 more anons)
So, we can see that AQAP is grappling with the issue and perhaps their base is eroding even further. I am glad to see that they are having problems and trying to work them out in a public forum for me to watch. I am sure others in the community are as well…
Keep giving us all your ideas AQAP. The more you give, the sooner we will have you all wrapped up.
K.

Written by Krypt3ia

2011/07/20 at 10:36

America Faced With Wave of Chinese Espionage: Hello? Where Have You Been?

with one comment

America Faced With Wave of Chinese Espionage

Defense Department officials are struggling to plan for a massive
 cyber-attack from Beijing – and fend off spies in the meantime. Tara McKelvey reports on the secret warfare.

Jul 16, 2011 9:47 AM EDT

 Deputy Defense Secretary William Lynn III never said the word China 
in his speech on Thursday
 about “Cyber Strategy,” but he didn’t have to. The
 threat of a cyber-attack from Beijing weighs heavily on the minds of 
military commanders. And while officials have not said publicly who
 was behind the newly disclosed theft of 24,000 files from a defense contractor in 
March, one of the worst cyber-assaults in Pentagon history—
it may well have been a Chinese operation. And even if Beijing
 officials were not involved in the theft, they have been implicated in 
other matters—so many, in fact, that federal officials are
 discussing publicly what do to about cyber-attacks, without saying
 explicitly who their number-one villain is.

From The Daily Beast

CYBER WAR!! CHINA TO BLAME! DIGITAL TSUNAMI IMMINENT!

So, we are going to be in for a digital wave of hacking and espionage are we? Say, have you been around lately? Like say the last oh, twenty years or so? Cuz if this is the big wave, I would hate to see what the tsunami is going to look like. Well, at least this article has some of the facts right including the issues over attribution for attacks and operations. however, it still glosses over the fact that this is nothing new. Espionage by the Chinese has been a favorite past time for them with regard to the U.S. and now that espionage is taking place within computer networks.

But.. This too has been happening for a long time (see Titan Rain or others like Moonlight Maze)

Nope, this is indeed nothing really new. The scale of it may be the new twist here and that is really because of the interconnection that has happened over the years to the internet. We have done it to ourselves and we did it without any real thought as to the security of our networks/systems/data

But, that is a screed for another day.

Since we are so connected now, and even systems that should not have (S) (NOFORN) data have been hooked up too (I know, I have seen it myself)  or said data has been placed on non cleared servers, we have been making it easier for the likes of China to get our secret sauce. China though, is not the only one doing this, but, they have made it an art form. The reason for this is that the Chinese had decided early on, that cyberspace (for lack of a less buzzworthy name) was going to be the 5th battlespace as well as the next frontier in espionage. Rightly so too.

As I said above, the networking of the world has made it that much easier to gather intelligence and in the case of the Chinese, they began to use the nascent hacker community to do it. However, old school espionage on the part of China has been going on for a long long time. If you are interested in this, then I suggest you pick up “Tiger Trap” by David Wise Suffice to say, that we have been industrially spied on at the very least by China dating back to at least WWII.

And they have been exceedingly successful.

(for more on China’s Thousand Grains of Sand and Espionage go HERE)

Back to the article and its catchy headline though, the great Cyber War has yet to come and we are woefully ill equipped to handle it right now. There have been incursions that we have found and I am sure there are more that we still don’t know about (whether or not the government has classified them, thus burying them) that paint a larger picture of the issue I am sure. So, when they cry out that we are in for the big hit yet to come, I say “heh” look at what already has happened!

Pretexts; Anonymous, China, and Cyber-Espionage:

The one area that the Beast article does not allude to that it should in my book on this subject is the current climate in the ‘cyber’ world. As you can likely tell from the header here, I personally think that Anonymous and LulzSec are the key to future attacks. Not that they are directly involved per se, at least not knowingly, but that China has latched onto their antics as a pretext for their own attacks.

Think of Anonymous, AntiSec, and LulzSec as the gift that keeps on giving any state or person who wants to carry out attacks online and have the questionable cover of it all being for the Lulz.

With all of the AntiSec/Anonymous operations ongoing, who is to say that China’s PLA has not infiltrated the infrastructure and effected the decision making process some? What better way to deflect than to use an alleged headless group of nae’r do wells to do your bidding in some larger scale attack? This is an area of thought that I have put out there before and every day I am convinced more and more that not only China is using this, but also other state actors.

…At least they would be smart to do so *wink wink nudge nudge, SAY NO MORE!*

Even if these state actors are not directly working from within the Anon’s.. At the very least they can be blamed.

Just saying… “Interesting times indeed”

Current Status China: Landlord, Banker, Petulant Child:

Beijing’s leaders have ramped up spying operations partly because they 
are angry at the United States, and they have been especially peeved
 at State Department officials; China believes that the
 Americans have tried to empower dissidents and to influence domestic 
politics. Indeed, Secretary of State Hillary Clinton has pushed for
 greater access to the Web for dissidents, giving a speech 
in February in which she called for “a global commitment to Internet 
freedom,” a phrase that officials in Beijing found particularly 
galling. The Chinese officials resented her proclamations about the Net, which they believed are an underhanded way of trying 
to meddle in their affairs. “For them, this is a very aggressive 
interventionist policy,” Fidler explains.

From The Daily Beast

To conclude though, I would also like to touch on the fact that China has always been a proud nation. In that, they have been prone to reaction to any perceived sleight by nations such as ours. Much of the proto hacking that went on in China took place over the acts of countries like Viet Nam or Taiwan and resulted in defacement of pages (in a nice and polite way as well) Today though, the tenor of the hacking has taken a bit of a darker tone and much of it is due to the hard liners in the politburo taking the reigns and directing the Green Army to act.

While China holds much of our debt, they still do not have all of our assets (IP) and as such, they want to keep us under control politically and financially. All the while giving us the rope to not just hang ourselves, but to do so for China’s best interest. The only time that I will worry that China will go all out cyber war on us is when they have nothing left to use us for.

Then we are in some deep shit. Imagine they call our markers AND hit our systems with attacks. They may not have the military capabilities hardware wise, but, they certainly could likely cause our military to falter and fail by breaking the command and control as well as supply chain with attacks today. So, I am not all that worried if they get peeved at us over Obama meeting HH Dalai Lama as much as I am their just calling our debt markers.

Sure, the Chinese leaders are worried about the Arab Spring, but they will just pull another Tienamen won’t they? After all, if they hold our debt, what are we going to do to them that isn’t going to be measured to not offend? So on it will go, we will ruffle their feathers, they will hack and steal data, and we still won’t have a debt ceiling agreement because our politicians are too self involved to care about the country.

I welcome Chairman Meow…

K

 

Written by Krypt3ia

2011/07/18 at 12:39