Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘Conspiracy Theory’ Category

ASSESSMENT: Edward Snowden KGB Asset

with 4 comments

snowmanpootykgb

THE SNOWDEN AFFAIR:

Since the revelations began and the man without a country odyssey started all of our lives have changed at a fundamental level regarding our digital and private lives. The now million plus document trove is being parsed out by Glen Greenwald and others for the public to get a look into the inner workings of the state surveillance apparatus much to the consternation of the IC as well as the government and the dismay of the public. However you look upon Mr. Snowden and his choice you have to admit that the information does lend an insight into the great potential for abuse of the apparatus that the NSA has put together no matter what they may tell you they are doing or not doing to protect us. You see the point is no matter what alleged safeguards and altruism may lie within the apparatus and it’s employees it’s still ripe for abuse that will never see the light of day because it’s all classified and codified by the government. This is the point of the exercise as I see it from Mr. Snowden’s point of view and the aegis behind his doing what he did. Of course from day one darker minds would make assertions that there were darker geopolitical machinations at play and this was all just a dastardly plan to destroy us as a country. Of course as the passion play played out it was first China, the go to country for all our woe’s of late (APT etc) but as time wore on and Snowden found a perch in Russia, it’s now “clear” to some in the government that the plot was in fact Russian all along.

KGB ASSET:

Mike Rogers has been the bell ringer on the idea that Snowden from the get go was in fact a handled and groomed asset by a foreign power. His most recent bellowing without any real evidence is that Snowden was in fact an asset for Russia from the start and furthermore that all of this was done to damage the US and seek primacy once again on the international stage. Of course as I mentioned already Mike cannot offer any evidence and he alludes to “secrecy” of the data but in reality until you have proof that you can emphatically state and present the people it’s all just wild speculation and a form of conspiracy or propaganda in and of itself. While it is possible that Snowden was from the start an asset of the KGB  FSB, the evidence thus far for motive, methods, and follow through are somewhat thin and I cannot go on the record as thinking he was handled from the start by Russia or any other nation state. The fact that Snowden ended up in Russia at Sheremetyevo may in fact be because of the machinations of Assange and Wikileaks brokering the deal to get him there and then to get him allowed into the country not as a plan all along. There is more evidence to say that this is in fact the case then there is of any KGB FSB actions.

OCCAM’S RAZOR:

Using the paradigm of “Occam’s Razor” here let’s run through the possibilities on whether or not the claims being made by Mike Rogers and others out there that this was a carefully planned operation that cultivated Ed Snowden to become the largest leaker in history.

  • Ed Snowden is a naive individual who became through a sequence of events, an administrator within the IC networks and began to see things he thought were illegal and immoral
  • He used his knowledge of hacking and technologies to accumulate data through his own administrative access and social engineering
  • Once he saw the data he decided to leak all that he could and after seeing what happened to Manning made a plan to go to a country that in all the spy novels is easy to infiltrate and ex-filtrate out of
  • The NSA itself had poor OPSEC and threats from insiders were poorly covered thus making this possible (proven to be the case)
  • The NSA could not even keep track of internal access and exploitation (proven to be the case)
  • He contacted the press and was turned down by some until he met Greenwald and Poitras who then planned with him how to release the data and to firewall Snowden off
  • While in HK it became clear he could not stay there once the NSA/USA/UKUSA and other apparatus began working in the background to extradite him
  • Poitras, Greenwald, and then Wikileaks ex-filtrated Snowden out of HK and to Russia where a brokered interim solution of the airport no mans zone was at least possible
  • Snowden is a prize for the KGB FSB after the fact from not only an intelligence perspective but also a political one that thumbs its nose at the US (a win win for Putin)

 

  •  Edward Snowden was a carefully orchestrated long term asset by the KGB FSB trained by them to infiltrate the NSA and then use his domain admin/root access to steal them blind, exploiting their logical and technical vulnerabilities who they then ex-filtrated to HK and to Russia as a smoke screen for their own operational cover
    • Snowden was handled by KGB FSB for years while coming up the ranks as an UN-credentialed cleared individual clearly taking advantage of the US’ lax clearance and oversight process post 9/11
    • Snowden was in contact with Russia from the start and is a consummate operator perhaps even a cleverly created cutout sleeper agent
    • Once gathering all the data Snowden then passed it to Russia for them to digest and then leak to the world to cover their own operations and shame the US
    • Snowden is now a hero of the state in Russia and will get a hero’s treatment with access to all that Russia can offer in the post Soviet Oligarchy (inclusive Anna Chapman visits)

Hmmm is it just me or does the razor only really cut one way?

ANALYSIS:

My take on the whole affair is that Snowden was not a paid/cultivated/handled asset of the KGB FSB nor do I think that he was aided in any way by Russia in carrying out this leak/exploit. What I do think is that he is naive but also that what he was seeing, what we are all now seeing today in the news made him feel that the accumulation of power in a central secret body was anathema to freedom and the American ethos. As we have seen in the news there have been many things that the government has allowed, even shall we say promulgated, that are clearly violations of the US Constitution no matter the inveigling that might occur by those in power as to it’s legality. So I for one can see why someone like Snowden might do what they did outside of their own propensities for spy novels and a sense of right and wrong.

The realities are that no matter the attestations by those running the programs and their need to use them, there is always a chance of their abuse and subsequent burial of the facts through classifications and National Security letters as we have seen these last years. Were egregious abuses happening and are they still today? I am sure there are some, after all this is nothing new and all you need do to confirm that is Google Quis custodiet ipsos custodes? or look just to recent history with the Plame Affair to see how abuses can and have happened. So is it really outside the pale for someone with a conscience and perhaps an overactive imagination to think that great wrongs are being committed in all our names? I think that while there may have been no abuses “may” I also think that the capacity for abuse and the infrastructure to hide them is easily seen within the current architecture of the IC apparatus of the NSA and their programs. After all, if you want to ask about the idea that if you have nothing to hide you have nothing to fear, I ask you to tell me just exactly how you feel every time you go through a TSA checkpoint at the airport today.

Finally, I would also like to touch on the idea that the governments own hubris and now embarrassment is firing the boilers on this whole blame game that Snowden is in fact a handled asset of the Russians. I think that the NSA/USGOV and IC community feel the sting of their inadequacies as they have been laid bare for all to see. You see, Snowden did not carry out some 3l33t hacking here to gather the data. He used common techniques and vulnerabilities within the NSA and other government IC bodies to steal data and put them all on a USB stick and then walk out with them. It’s a simple trick and the top of that list is actually just socially engineering people for their passwords within the confines of the most secretive and secret IC shops in the world. Now that has to sting a bit wouldn’t you agree? So there is shame all around here on the part of the government and it puts them all in a weak position tactically. The reactions of all those at play seems to be more along the lines of dialogue from a playground spat rather than state or spycraft and it’s sad really. As the immortal words of GW Bush can attest;

“There’s an old saying in Tennessee – I know it’s in Texas, probably in Tennessee – that says, fool me once, shame on – shame on you. Fool me – you can’t get fooled again.”

To me, it seems that Snowden just did what he did because of a myriad reasons that also include a certain amount of self aggrandizement. However, I can point to things in our own history and to popular media that may explain why someone might do something like this on the grounds that they think it’s illegal, immoral, and against the tenets of the USA. While POTUS is right about how important these types of programs can be in the war on terror and the every day intelligence gathering that every country needs to survive, it should also be possible to have some level of oversight to disallow for abuses of power to happen and happen with great frequency due to over classification. These are fundamental changes that should occur but the reality is that the very nature of the work being done and the culture within it’s halls will stoip any real progress being made. In the end nothing will change and the NSA will continue to collect all the data it can like a giant hoover-matic for later sorting and use.

Having grown up in the era of Nixon though, and other revelations like Iran Contra, I for one not only know that these things will continue to happen but that they have in the past and should be in our collective consciousness. Unfortunately many do not remember and the only entree into such ideas may in fact be cinema… I leave you with this scene from “Three Day’s Of The Condor”

Not everything in cinema is just fantasy…

“scr hrw lgihr kzpzz cwl nci pjwt”

Written by Krypt3ia

2014/01/20 at 14:25

The DARKNET: Operation Legitimacy?

leave a comment »

strongbox

gaiuaim ioi dui pln!

The DARKNETS…

The “Darknets” You’ve all heard of them. Some of you out there may have traversed their labyrinthine back alleys. However, have you ever thought that someday the darknet would be just as legitimate as the “clearnet” is today? With the recent bust of DPR and the Silk Road there has once again been great interest in the “Deep Web” and this interest was sparked once again for me too. It seems that the darknet is the new black once again and people are flocking to it just like onlookers at a traffic accident. Others though seem to be aiming to use the darknet technology (TOR and hidden services) to support free speech and to pass information as a legitimate whistle blower.

Still Mos Eisley but….

I loaded up TOR & Tails and took a trip once again into the digital Mos Eisley. It is still dark and full of crazy things and if you go there you too will see black market items, services like Assassinations for Bitcoins, and run of the mill blogs. You can (allegedly) buy just about any kind of drug in quantity just as easily as buying/mining bitcoins and paying for your drugs with them. All anonymously (once again allegedly as you can see from the DPR fiasco) via the Onion hidden services and backed by other services from anonymous email on TOR to bitcoin exchanges. However one can now see other sites out there that aren’t so black market oriented as well.

One such site is pictured above. The New Yorker decided post Ed Snowden’s revelations, that it was a good idea to put their new “secure dropbox” on the hidden services. This is a legit site that has been talked about on the clearnet as well as in the media a couple months ago. This is one of the first more legit sites I have seen out there that is offering a secure means to talk to reporters using the security that others on the darknets are using to carry out illegal activities. I have yet to really look at the site’s security but overall I see this one site being the key to showing others out there how the darknet can be used for something other than crime. Of course then again, if you ask the Obama Administration even this site could be considered illegal or an accessory to illegal leaking I guess. It’s really a matter of perspective.

Gentrification?

So what about other sites? What would you out there use the darknet for that is not “illicit” but requires some security and anonymity? I can foresee other sites popping up perhaps in the arena of free speech or even political movements that might like this model to pass their ideals on. I honestly think this is a turning point for the darknet. Of course this is all predicated on the darknet being “secure” after the revelations from the Snowden Archive of late. It seems the NSA is really trying pretty hard to de-anonymize anyone they want to and would love to have it just not anonymous at all. Well, let me re-phrase that.. Have them THINK it’s anonymous while it is not so much to the NSA.

Other sites out there include an online Koran as well as all kinds of other non criminal sites that are.. Well.. Kinda goofy or fringe. I think that perhaps now things might shift as the technology becomes easier to manage making it easier with global connectivity for us all to hang up a shingle in the darknet.

Time will tell though I guess…

K.

So here’s my thing….

with 3 comments

dark_of_night_OURO

VQX HWMVCUSE JQJFASSNTG QV! X HQ JD ISIAVVE!

Face it.. We are all PWND six ways to Sunday

Every frigging day we hear more and more about how the NSA has been emptying our lives of privacy and subverting the laws of this land and others with their machinations. It’s true, and I have been saying as much since the day Mr. Klein came out of his telco closet and talked about how the NARUS system had been plugged into the MAE West back in the day. We are all well and truly fucked if we want any kind of privacy today kids and we all need to just sit back and think about that.

*ponder ponder ponder*

Ok, I have thought about it and I have tried to think of any way to protect myself from the encroachment of the NSA and all the big and little sisters out there. I am absolutely flummoxed to come up with any cogent means to really and truly protect my communications. Short of having access to the NSA supercloud and some cryptographers I don’t think that we will not truly have any privacy anymore. If you place it on the net, or in the air. We have reached in my opinion the very real possibility of the N-Dystopia I have talked about before in the Great Cyber Game post.

As the pundits like Schneier and others groan on and on about how the NSA is doing all of this to us all I have increasingly felt  the 5 stages of grief. I had the disbelief (ok not completely as you all know but the scope was incredible at each revelation) Then the anger came and washed over me, waves and waves of it as I saw the breadth and scope of the abuse. Soon though that anger went away and I was then feeling the bargaining phase begin. I started to bargain in my head with ideas that I could in fact create my own privacy with crypto and other OPSEC means. I thought I could just deny the government the data. I soon though began to understand that no matter what I did with the tools out there that it was likely they had already been back door’d. This came to be more than the case once the stories came out around how the NSA had been pressuring all kinds of tech companies to weaken standards or even build full back doors into their products under the guise of “National Security”

Over time the revelations have all lead to the inescapable truth that there is nothing really anyone can do to stop the nation state from mining our communications on a technological level. Once that had fully set in my mind the depression kicked in. Of late I have been more quiet online and more depressed about our current state as well as our future state with regard to surveillance and the cyberwarz. I came to the conclusion that no matter the railing and screaming I might do it would mean nothing to the rapidly approaching cyberpocalypse of our own creation arriving. ….In short, we can’t stop it and thus the last of the five stages for me has set in. I accept that there is nothing I can do, nay, nothing “we” can do to stop this short of a bloody coup on the government at large.

I now luxuriate in my apathy and were I to really care any more I would lose my fucking mind.

OPSEC! OPSEC! OPSEC!

Speaking of losing one’s mind.. Lately people all have been yelling that OPSEC is the only way! One (the gruqq) has been touting this and all kinds of counterintelligence as the panacea for the masses on these issues. Well, why? Why should we all have to be spies to just have a little privacy in our lives huh? I mean it’s one thing to be a shithead and just share every fucking stupid idea you have on FriendFace and Tweeter but really, if you can’t shut yourself up that is your problem right? No, I speak of the every day email to your mom telling her about your health status or maybe your decision to come out etc. Why should the government have the eminent domain digitally to look at all that shit now or later?

If you take measures to protect these transactions and those measures are already compromised by the government why then should you even attempt to protect them with overburdened measures such as OPSEC huh? I mean, really if you are that worried about that shit then go talk to someone personally huh? I know, quite the defeatist attitude I have there huh? The reality is that even though I claim not to be caring about it (re: apathy above) I actually do but I realize that we no longer have privacy even if we try to create it for ourselves with technical means. If the gov wants to see your shit they will make a way to do so without your knowing about it. I fully expect someday that they will just claim eminent domain over the internet completely.

Fuck OPSEC.. I want my government to do the right thing and not try to hide all their skirting of the law by making it classified and sending me an NSL that threatens to put me in jail for breaking the law.

Fuck this shit.

CYBERWARZ

Then we have the CYBERWARZ!! Oh yeah, the gubment, the military, and the private sector all have the CYBERWARZ fever. I cannot tell you how sick of that bullshit I am really. I am tired of all the hype and misdirection. Let me clear this up for you all right here and right now. THERE IS NO CYBERWAR! There is only snake oil and espionage. UNTIL such time as there is a full out kinetic war going on where systems have been destroyed or compromised just before tanks roll in or nukes hit us there is no cyberwar to speak of. There is only TALK OF cyber war.. Well more like masturbatory fantasies by the likes of Beitlich et al in reality. So back the fuck off of this shit mmkay? We do not live in the world of William Gibson and NO you are not Johnny Mnemonic ok!

Sick. And. Tired.

I really feel like that Shatner skit where he tells the Trekkies to get a life…

Awaiting the DERPOCALYPSE

All that is left for us all now is the DERPOCALYPSE. This is the end state of INFOSEC to me. We are all going to be co-opted into the cyberwarz and the privacy wars and none of us have a snowball’s chance in hell of doing anything productive with our lives. Some of us are breaking things because we love it. Others are trying to protect “ALL THE THINGS” from the breakers and the people who take their ideas and technologies and begin breaking all those things. It’s a vicious cycle of derp that really has no end. It’s an ouroboros of fail.

RAGE! RAGE! AGAINST THE DYING OF THE PRIVACY! is a nice sentiment but in reality we have no way to completely stop the juggernaut of the NSA and the government kids. We are all just pawns in a larger geopolitical game and we have to accept this. If we choose not to, and many have, then I suggest you gird your loins for the inevitable kick in the balls that you will receive from the government eventually. The same applies for all those companies out there aiding the government in their quest for the panopticon or the cyberwarz. Money talks and there is so much of it in this industry now that there is little to stop it’s abuse as well.

We are well and truly fucked.

So, if you too are feeling burned out by all of this take heart gentle reader. All you need do is just not care anymore. Come, join me in the pool of acceptance. Would you care for a lotus blossom perhaps? It’s all good once you have accepted the truth that there is nothing you can do and that if you do things that might secure you then you are now more of a target. So, do nothing…

Derp.

K.

BofA Gets A Burn Notice

leave a comment »

data-deeper

rode bb iqdnpmbia fpn’k ybi lr qektrf?

PARANOIA 

par·a·noi·a

[par-uh-noi-uh]  

noun

1.

Psychiatry. a mental disorder characterized by systematized delusions and the projection of personal
conflicts, which are ascribed to the supposed hostility of others, sometimes progressing to
disturbances of consciousness and aggressive acts believed to be performed in self-defense or as a mission.
2.

baseless or excessive suspicion of the motives of others.
Also, par·a·noe·a  [par-uh-nee-uh]  Show IPA .
Origin: 
1805–15;  < Neo-Latin  < Greek paránoia  madness. See para-, nous, -ia

Paranoia , the Anonymous intelligence division (self described) published a dump of data ostensibly taken from Bank of America and TEK Systems last week. The information presented seems to show that BofA had contracted with TEK to create an ad hoc “Threat Intelligence” unit around the time of the LulzSec debacle. Of course since the compromise of HB Gary Federal and the revelations that BofA had been pitched by them to do some contract work in the disinformation business it only makes sense that BofA would set up a threat intel unit. The information from the HB Gary dumps seemed to allude to the fact that BofA was actively looking to carry out such plans against those they perceived as threats. Anons out there took great umbrage and thus BofA was concerned.

This blog post is being put together to analyze the data dumped by Anonymous and to give some perspective on what BofA may have been up to and to set some things straight on the meanings of the data presented by Paranoia. First off though I would like to just say that I think that generally BofA was being handed lackluster threat intel by a group of people with intelligence background. (for those names located in the dumps their LinkedIN pages showed former mil intel work) This of course is an opinion formed solely from the content that was available online. There may have been much more context in formal reports that may have been generated by the analysts elsewhere that was not open for the taking where Anon found this dump. The daily and monthly reports found in the database showed some analysis but generally gave rough OSINT reports from online chat logs, news reports, and pastebin postings. There seemed to be a general lack of product here and as such I have to wonder if there ever was or if perhaps those reports never made it to the internet accessible server that anonymous downloaded them from.

B of A’s THREAT INTELLIGENCE TEAM

Since the leak of their threat intelligence BofA has been recruiting for a real team it seems. A Google of the parameters show that they have a bunch of openings all over the place for “Threat Assessment” It makes sense since the TEK Systems team may in fact be mostly defunct but also that they likely would want an in house group and not have to pay overhead on consultants to do the work for them. TEK’s crew as well may have been the problem that caused the leak in the first place by placing the data in an accessible area of a web-server or having passed the data to someone who did not take care of it. Either way it looks as though BofA is seeking to create their own intelligence apparatus much as many other corporate entities are today. The big difference though is what exactly is their directive as a group is to be.

One of the problems I have with the Paranoia analysis is that they take it to the conspiratorial level and make it out to be some pseudo CIA like entity. The reality though is that from what has been shown in the documents provided, that this group really was only tasked with OSINT and threat intelligence by passive listening. This is a key difference from disinformation operations and active participation or recruiting of assets. I will cover this in more detail further on in this post so suffice to say that what BofA was doing here was not only mediocre but also not Machiavellian in nature. The argument can be made though that we don’t know the whole picture and I am sure Paranoia and Anonymous are leaning that way. I cannot with what I have seen so far. What I see is an ad hoc group of contractors trying to create an intelligence wing as a defensive maneuver to try and stay ahead of incidents if not deal with them more effectively should they not be able to stop them.

Nothing more.. Nothing less.

Threat Intelligence vs. Analysis and Product

All of this talk though should be based on a good understanding of what intelligence gathering really is. There are many variations on intelligence tasks and in this case what is clearly seen in the emails and documents is that this group was designated as a “Threat Intelligence” collection group. I have written in the past about “Threat Intelligence” and the misnomer many have on the idea that it is some arcane CIA like pursuit. One of the bigger problems overall is perception and reporting where intelligence gathering is concerned. Basically in today’s parlance much of the threat intelligence out there in INFOSEC is more around malware variants, their C&C’s and perhaps who are running them. With the advent of APT actors as well as criminal activity and entities like Anonymous the paradigm of threat intelligence has come full circle back to the old school idea of what it is from the military sphere of operations.

Today’s threat intelligence is not only technical but also human action driven and this makes it even more important to carry out the collection and analysis properly in order to provide your client with the information to make their decisions with. Unfortunately in the case of the data from BofA we see only sketchy outlines of what is being pasted online, what may be being said in IRC sessions, and what is in the news. Nothing overly direct came from any of the data that I saw and as “product” I would not be able to make much of any decisions from what was presented by TEK Systems people. What is really missing within the dump from Paranoia was any kind of finished analysis product tying together the information in a cogent way for the executives at BofA. Did TEK actually carry this type of activity out? Were there actual reports that the execs were reading that would help in understanding the contents of the raw intelligence that was being passed on in emails daily and monthly? I cannot say for sure. What I did see in the reporting (daily threat reports as well as monthly) were some ancillary comments by a few of the analysts but nothing overly structured or productive. I really would like to know if they had more of an apparatus going on here as well as if they plan on creating one again with all of the advertised positions in that Google search above.

Threat Intelligence vs. HUMINT

This brings me to the whole issue of Threat Intel vs. HUMINT. It would seem that Paranoia thinks that there is much more than meets the eye within the dump that makes them intone that there is a HUMINT (Human Intelligence) portion to the BofA program. While there may well be some of that going on it was not evident from any of the documents I looked at within the dump files. HUMINT would imply that there are active participants of the program out there interacting with the targets trying to recruit them or elicit information from them. With that kind of activity comes all of the things one might conjure up in their heads when they think on NOC (Non Operational Cover) officers in the CIA trying to harvest intelligence from sources (assets) in the field. From everything seen that was posted by Paranoia this is not the case.This operation was completely passive and just collecting data that was in public view aka OSINT. (Open Source Intelligence) Could BofA be seeking to interact more with Anon’s and generate more personal data other than that which the Anon’s posted about each other (DOX’ing) sure but there is no evidence of that. Given the revelations with HB Gary though I can see why the Anon’s might be thinking that they are likely taking more robust non passive actions in the background elsewhere though. Overall I just want everyone to understand that it’s not all cloak and dagger here and seems that Paranoia has a flair for the dramatic as a means to get their point across. Or, perhaps they are just living up to their name.

Assessment

My assessment in a nutshell here of the Paranoia BofA Drop is as follows:

  1. Paranoia found some interesting documentation but no smoking gun
  2. TEK systems did a mediocre job at Threat Intelligence with the caveat that I am only working with the documents in plain view today
  3. BofA like any other company today has the right to carry out this type of activity but they need to make sure that it’s done well and that it isn’t leaked like this
  4. If more documents come out showing a more in depth look at the OSINT being collected then perhaps we can change the above findings
  5. BofA needs to classify their data and protect it better on this front
  6. Paranoia needs to not let its name get the best of itself

All the drama aside this was a ho hum really. It was funny seeing all the analysts taking down their LinkedIN pages (really, how sekret squirrel is it to have a LI page saying who you work for doing this kind of work anyway? SECOPS anyone?) I consider those players quite burned and assume they are no longer working on this contract because of it. All you analysts out there named, you are now targets and you are probably learning SECOPS the hard way huh? I guess in the end this will all just be another short chapter in Encyclopedia Dramatica and an object lesson for BofA and maybe TEK Systems.

For everyone else.. It’s just LULZ.

K.

The Son of Stuxnet… Methinks The Cart Be Before Ye Horse

with 2 comments

My dear dear lord,
The purest treasure mortal times afford
Is spotless reputation—that away,
Men are but gilded loam, or painted clay.
A jewel in a ten-times barr’d-up chest
Is a bold spirit in a loyal breast.

Mowbray, Richard II Act 1 Scene 1

 

 

As fate would have it, today I saw a tweet that said Symantec had a paper coming out on “Stuxnet II” I surfed on over and read the document and what I was left with was this;

“We rushed to judgement here and wanted to get this out to get attention before anyone else did.. Here’s STUXNET REDUX!”

Now, sure, the code base appears to be Stuxnet’s and yes, there are similarities because of this, however, calling this Stuxnet Redux or “Son of Stuxnet” is just a way of patently seeking attention through tabloid style assumptions put on the Internet. Let me pick this apart a bit and you decide…

Code Bases and Re-Tasking

So ok, the coders seemed to have access to the FULL source of Stuxnet. It has been out there a while and surely some people in the world of “APT” have had access to this. It’s not like it was some modified version of Ebola kept at Sverdlosk at Biopreparate. Had you even considered that it was released on purpose as chaff to get others to tinker with it and thus middy the waters?

I’m guessing not from the report that I read, hurried as it was and full of conclusions being jumped to. In fact, Symantec even said that they had not fully audited the code! C’mon…

Alrighty then, we have a newly released and re-tasked version of Stuxnet that turns out to be just a recon tool to steal data. I find it interesting that they make so much of this and intone that the coders of the original are up to shenanigans again but fail to even beg the question that it could be anyone with the requisite skills to cut into the original code (after it had been laid out for everyone to look at) and re-task it with a new time frame. Please note that there are not the original 0day attacks and multiplicity factors of infection vectors as well as exfiltration schemes.

So, not really so complicated as I see it.. You?

The original code/malware was very targeted and this, well this is really just like any other APT attack that I have seen out there.. In fact, in some ways its less clever than the APT attacks out there from the past.

So, really Symantec, take a step back and mull this all over again before you release.. Say.. Just who else had the code and you were worried about that would steal your thunder here?

Pathetic.

RATS, RECON, & Targets

Speaking of the infiltration/ex-filtration picture, I see from the report that they are linking the RAT to the original worm but have not real proof that it came from DUQU! It was found in situ on the box that they analyzed and make the assumed statement that it was “likely” downloaded by the malware via its comms to the C&C.

Once again I say “Evidence Much?”

You have no basis other than assumption but you make no real clarification on this. Though there is mention of a DQ.tmp file which I assume means that it came from the RAT.. But.. Proof again please? It’s the little things that count here and I see a great failure in your haste Symantec.

Another thing that is bugging me now is that the news cycle is making connections to DUQU with attacks on power grids.

HOLY WTF?

Symantec, DO YOU HAVE EVIDENCE of what companies were “Targeted” by this malware re-hash? If so, you should come out of the closet here a bit because this is BS unless you have proof. I of course understand that you cannot name the companies, but CONFIRM OR DENY that they were all Power companies before making claims and allusions that the media will just shriek at the top of their lungs placing more FUD on the headlines.

Or… Wait.. Now that might be an advantage to you guys huh?

Ponder.. Ponder…Ponder…

Well played….

What it all boils down to for me is this:

Someone re-tasked the malware and stuck a common RAT in it. Until you (Symantec) come up with more solid evidence of more interesting and technical attacks, then I call bullshit on you.

What? No Mention Of APT Here?

Meanwhile, I see that people are assiduously avoiding the APT word… Hmmmm What does this attack really remind one of… APT!

There, I said it.

APT attacks:

  • Infiltrate
  • Seek data
  • Exfiltrate data
  • Keep access

And therein lies the rub. DUQU has a 36 day shelf life. Now, this is good from a foot-printing level AND could be excellent for setting up the next attack vector that could include the component of sustained access. So, the reality here for me is that this was a foot print attempt on whatever companies it was set upon. It was a recon mission and that was all.

NOT STUXNET..NOT SON OF STUXNET!

Had you called it a Stuxnet like attack re-purposing code then I would have had less problems with your document Symantec. Instead we got FUD in a hurry.

Baseless Claims: Pictures Or It Never Happened!

Finally, I would like to see Symantec spend some more time here as well as see others pull this all apart. I want to see more proof before you all go off half cocked and get the straights all upset over an attack that may have nothing to do with the original.

Frankly, I find your faith in rationality disturbing… Symantec…

K.

OP OccupyWallStreet, OP “InvadeWallStreet”, “The Bankers Are The Problem”, and Disinformation

with 2 comments

The Focus and the Locus:

Now that Occupy Wall Street is in full swing and spinning off other occupations the media is finally paying attention. That attention has begun to show just how unfocused this group really is, in fact, I might say “groups” really because I don’t believe there is a central locus to all of this. I really think that this is in part due to the genesis of Occupy Wall Street being created by those who are either a part of Anonymous or like minded. Just as Anonymous seems to lack cohesion much of the time, so too does the (anonymous approved) Occupy Wall Street crowd as well. This is not to say that their list of demands from the Occupy Wall Street site is unclear. In fact, this is the only group that seems to be clear at all, but, when you ask the average protester, you get mixed replies. So, the message seems to be lost here.

Occupy Wall Street’s Demands:

Demand one: Restoration of the living wage. This demand can only be met by ending “Freetrade” by re-imposing trade tariffs on all imported goods entering the American market to level the playing field for domestic family farming and domestic manufacturing as most nations that are dumping cheap products onto the American market have radical wage and environmental regulation advantages. Another policy that must be instituted is raise the minimum wage to twenty dollars an hr.

Demand two: Institute a universal single payer healthcare system. To do this all private insurers must be banned from the healthcare market as their only effect on the health of patients is to take money away from doctors, nurses and hospitals preventing them from doing their jobs and hand that money to wall st. investors.

Demand three: Guaranteed living wage income regardless of employment.

Demand four: Free college education.

Demand five: Begin a fast track process to bring the fossil fuel economy to an end while at the same bringing the alternative energy economy up to energy demand.

Demand six:
 One trillion dollars in infrastructure (Water, Sewer, Rail, Roads and Bridges and Electrical Grid) spending now.

Demand seven: One trillion dollars in ecological restoration planting forests, reestablishing wetlands and the natural flow of river systems and decommissioning of all of America’s nuclear power plants.

Demand eight: Racial and gender equal rights amendment.

Demand nine: Open borders migration. anyone can travel anywhere to work and live.

Demand ten: Bring American elections up to international standards of a paper ballot precinct counted and recounted in front of an independent and party observers system.

Demand eleven: Immediate across the board debt forgiveness for all. Debt forgiveness of sovereign debt, commercial loans, home mortgages, home equity loans, credit card debt, student loans and personal loans now! All debt must be stricken from the “Books.” World Bank Loans to all Nations, Bank to Bank Debt and all Bonds and Margin Call Debt in the stock market including all Derivatives or Credit Default Swaps, all 65 trillion dollars of them must also be stricken from the “Books.” And I don’t mean debt that is in default, I mean all debt on the entire planet period.

Demand twelve: Outlaw all credit reporting agencies.

Demand thirteen: Allow all workers to sign a ballot at any time during a union organizing campaign or at any time that represents their yeah or nay to having a union represent them in collective bargaining or to form a union.

These demands will create so many jobs it will be completely impossible to fill them without an open borders policy.

All of these demands seek to rectify some area of social injustice and on the whole would be nice to see frankly.. This is not to say they will ever happen. So, the media is being rather disingenuous or, shall I say lackadaisical in reporting the whole story here? There are demands, there are people who might be able to recite them or have them on a sign, but, its easier and more news worthy if they report that a mass of whacky nouveau hippies have taken to the streets in Manhattan right?

I am guessing though, that the masses of people that they might gravitate to would just be the “newsworthy” one’s with the crazy eyes to make their segments pop..

So, Occupy Wall Street and Anonymous, I think, if you are behind all of the above demands, then you should set the record straight and often instead of just letting the media portray you all as bags of crazy. This will only lend to the image that the right has of you and serve you no purpose. Focus on the issues here so as to not just get cast aside as a group of malcontent’s  alone. Of course, the genie is out of the bottle in many ways Anonymous, you see, in your inability to control the message (due to your very nature of herding cats) has opened the door to others who would seek to derail everything.

Whether they be individuals, corporate entities, or.. Who knows…

Disinformation and Conspiracies:

Back in August I and my partners on the Anonymous panel warned that your message was diffused, uncontrolled, and could be easily hijacked or turned around by those who want to sow trouble. Much as the Lulz came out and caused so much damage, so too now are the conspriacists, and the disinformation (spin doctors) seeking to control the message and the movement (or at least parts of it they can influence) In an earlier post I wrote a bout the psychology that I believed to be prevalent within the Anonymous crowd as well as the median ages. Due to the age groups involved, much of the naivety can be laid upon their youth and the fact that their brains are not fully formed. However, there is a lot more going on here.

Some have been working behind the scenes to stoke the conspiracy fires that have been burning for a while now. Conspiracies that have been streamed online by the Alex Jones’ of the world. It was this kind of dark reality that I think prompted the first Youtube video posted at the top of this article. I have written recently about this vid and have to wonder if this is just a splinter person looking to gain traction on their personal belief or something else.  Could this video that purports to be an “Anonymous” person from NYC be just a manipulation to incite the thus far mostly peaceful protests at Wall Street to violence?

This one video really touches on all the key points of conspiracy belief.

  • The bankers at the cause of all our troubles
  • The bankers fund coup d’etat’s and war on both sides
  • The Bankers are the modern Medici’s controlling governments and the message
  • The Root of all evil are Bankers and they are the bane of humanity
  • Bankers control the media and the education system
  • Bankers launder drug money and keep the drugs illegal
  • The international Banker is the scum of the earth
  • Bankers are the infected blankets and whiskey on the Indian reservations

I guess the real question about this video and its release is whether or not it is convincing enough to cause anyone to really commit violence against bankers or others down on Wall Street. The other effect it likely will have is to re-enforce the belief in conspiracy theories by the Anonymous groups in general. A high number of Anon’s seem to hold to these theories and one has to wonder just where this might lead them.

NLP and Other Means of Manipulation:

One of the problems with this video is that the diatribe presented by the narrator is using a form of NLP (Neuro Linguistic Programming) to make his points. This type of leading language and word choice makes the argument even more potent to a believer of the conspiracy or conspiracies in general. While not actually “NLP” in the strict sense of the term, the narrator does a pretty good job at sounding convinced of his statements and mentally mirroring the self fulfilling prophecies conspriacists espouse.

As you might be able to tell, I am intrigued by this video and its creator. My fascination stems from the programming style of presentation down to the use of music in the background (something along the lines of Dead Can Dance chant) that sets a psychological stage key to its purpose. Was this created by just another guy with some skill? Or was this something that was created by professionals?

Professionals you might say? Has he gone round the conspiracy bend?

Well, take a look at the video.. Not much to see..

Now “listen” to the video. Look away and just listen to it. Then you will tell the difference here. The dialogue is smooth, professional. The choice of the narrator, if one was “chosen” was good in that it is one of those egotistical and self important sounding persons with an English/Aussy accent akin to the voice of “The Voice of Britain” aka Lewis Prothero on V for Vendetta. Remember, oration is a key to convincing people, just ask Hitler and Goebbels, so this choice was deliberate I think. My question is this;

“Was this a pre-canned voice over from something else?”

“Is this the actual author’s voice?”

If this was not a one or two man job, not to sound conspiratorial, then just who and why did they do this? For the lulz? Still, the message is key and the scariest part of it all. Mainly, advocating physical violence against all bankers and the system itself.

Attacking Wall Street Digitally and Its Fallout:

Meanwhile, there is another message (linked above) that was recently released exhorting people to take part of a DD0S of the NYSE website. The actual words used were to “erase” NYSE from the web or some such, but you get the idea. This, to me, is the next step before actual attacks on bankers by people on the street. It’s pretty much the digital pitchfork and torch patrol. If this attack is carried off, and there are other issues that stem from these attacks (say someone actually hacks the site or their systems in some way) it would have a cascade effect on the markets that likely could cause many more problems for the economy.

FUD is a great motivator in the tanking of the markets and an attack on the NYSE itself, or NYNEX, or any of the players here could have ripples later on. Those ripples would come in the form of people selling off their stocks, companies and corporations as well, and the net effect could potentially be large losses in the market. Even the DoS of the site could sow enough FUD in the system so as to cause this to happen.. Just look at what happened in Hong Kong last month. While it did not kill the market, it did cause large losses and a depressed market in HK for a while.

Anonymous, for what its worth claims that they did not put this video out nor the call to DoS Wall Street. Of course with Anonymous, there is no way to really know if it was a sanctioned operation because of Anonymous’ very nature. They are decentralised (sorta) due to the splinter cell nature of it now. Even if they wanted to, Anonymous could no longer control their masses because the “Idea” is hard to stop.. The people acting on it.. Not so much as we can see from the arrests so far. What it really comes down to is that the DDoS of Wall Street is an exceedingly bad idea as is the all out “run” on bankers and no matter what the core of Anonymous says or does, they likely can’t stop its happening in their name.

And this will be their demise… The genie is literally out of the bottle.

K.

Written by Krypt3ia

2011/10/05 at 18:31

Anonymous, Conspiracies, And Blowback

with 4 comments

A user named AnonguyNYC has posted this video on YouTube that has some ominous overtones that I for one, have been somewhat expecting out of the Anon movements base. While I do not think this is a sanctioned piece by the Anon core, this individual is using linguistic programming and heavy imagery to incite people to do more than just protest Wall Street.  The video was found by me on a link from a blog site and was linked on newsnow.co.uk, a news aggregator. What is most worrisome to me is that there may be individuals out there who will heed this guy’s call and go for an all out “run” as he called it, on Wall Street bankers.

The import here to the words and their play within this video is that the creator is seeking to re-inforce the contention that the bankers are the worlds greatest evil and that they are behind such things as a coup d’etat or other larger conspiracy schemes to control the world. This is something I have been seeing play out more and more not only within the anonymous community, but also even to the political arena with the Ron Paul’s or the Jesse Ventura’s of the world saying that there are grand conspiracies at work to control the government and the people.

Frankly guys, no one is that capable or cohesive as a group to really pull things off in my opinion. However, this trend has been going on since 9/11 with the truther movement, which begat so many others. What’s worse is that today I heard an NPR interview with an evangelic Christian who is part of a movement that wants to take over the government and other areas of life (even including the arts) to save us all ( New Apostolic Reformation’s C. Peter Wagner) This would be somewhat comical to me had it not been that the current political cycle has members running who follow this cult.

Fresh Air with Terry Gross

Talk about your cognitive dissonance huh? At any rate, this video is intriguing and somewhat scary. Things are ramping up and as we keep hearing more and more news cycles cover how economies are failing around the world, I would not be surprised if soon it becomes open season on the bankers.

Pitchforks and torches will be replaced with automatic weapons…

Hey Anonymous, this is NOT V for Vendetta… Work within the system to fix the system. Don’t color outside of the lines so much that you make yourselves public enemy number one.

K.

Written by Krypt3ia

2011/10/03 at 18:37