Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘DIGITAL CIVIL UNREST’ Category

ASSESSMENT: Operation Rolling Thunder

with 2 comments

LMeye

Operation: ROLLING THUNDER:

Screenshot from 2014-02-06 15:54:47 Screenshot from 2014-02-06 15:55:02 Screenshot from 2014-02-06 15:55:32

It has come to light that the GCHQ (The UK’s NSA) took action against Anonymous by DDoS as well as the use of HUMINT and malware attacks to attempt to dissuade them from further actions. While this may be a surprise to some it is just a matter of action and reaction in the hive mind of the IC. Of course at one time there may have been more trepidation about carrying out direct action against quote unquote “dissidents” as some may call Anonymous but those days are long gone and one of the primary reasons such actions are easily rationalized now is because of terrorism. Terrorism used to mean blowing things up or taking hostages but now, with the 5th domain of cyber, that equation has changed greatly in the eyes of the worlds governments. Of course in this case it was the British carrying out the covert actions against the anonymous servers and users and as many know the Brits don’t have the most stellar first amendment record (D orders) and have a different perspective on what people have the right to do or say that may be considered civil disobedience. However, I should like to point out that it is highly likely that the UK did not act alone here and that it is probable that the NSA and the UKUSA agreements were in play here as well. I once sat on a panel at Defcon where I warned that these types of tactics as well as others would be used by the governments of the world against the Anon’s if push came to shove and it seems that I was not far off the mark. We have crossed the Rubicon and we are all in a new domain where the rules are fluid.

Civil Disobedience vs. Criminality In Anon Actions:

Some have written that these actions now revealed by Snowden show that we are all in danger of censorship and of direct action if we say or do things online that a government or agency doesn’t like and they are correct. It really is a matter of dystopian nightmare import when one stops to think that these were not state actors nor really terrorists by definition (yet) that GCHQ and the JTRIG were carrying out netwar on. The rationale I am sure is that the C&C of Anon needed to be taken out because they were “attacking” sites with DDoS or other actions (hacking in the case of LulzSec) and thus were a clear and present danger to… Well… Money really. While some consider DDoS a form of civil disobedience others see it as a threat to the lifeblood of commerce as well as portents of larger attacks against the infrastructure of the internet itself or perhaps the power grid as we keep hearing about from sources who really haven’t a clue on how these things work. Sure, there were criminal actions taken by Sabu and others within the collective as well as the splinter cell that was LulzSec/Antisec but most of the activity was not anything that I would consider grounds for covert action. That the JTRIG not only used malware but also HUMINT and SIGINT (all things used in nation state covert collections and actions) shows that they were genuinely afraid of the Anon’s and Lulzers and that their only solution was to reciprocate with nation state tools to deny and disrupt their cabal. I think though that most of the aegis that the IC had though was the fact that they “could” do it all without any sanction against them because it was all secret and they hold the keys to all of the data. Of course now that is not the case and they should be held accountable for the actions they took just as the CIA has been or should have been in the past over say the covert action in Nicaragua. I don’t think this will happen though so what will really only come out of this revelation is more distrust of governments and a warning to Anonymous and others about their operational security.

Cyber Warfare and Law:

What this release shows though most of all is that the government is above the law because in reality there is very little real law on the books covering the 5th domain of cyberspace. As we have seen in the last few years there has been a rapid outpace of any kind of lawfare over actions taken in cyberspace either on the nation state level (think APT tit for tat) and criminal actions such as the target hack and all the carding going on. In the case of the US government the military has far outstripped the government where this is concerned with warfare units actively being formed and skills honed. All the while the government(s) has/have failed to create or edit any of the current law out there concerning cyber warfare in any consistent manner. So this leaves us with warfare capabilities and actions being carried out on a global medium that is not nation state owned but globally owned by the people. Of course this is one of the core arguments over the internet, it’s being free and a place of expression whereas corporations want to commoditize it and governments want to control it and make war with it. This all is muddled as the people really do not truly own the infrastructure corporations do and well, who controls what then without solid laws? Increasingly this is all looking more and more like a plot from Ghost in the Shell SAC with government teams carrying out covert actions against alleged terrorists and plots behind every bit passing over the fiber. The upshot though is that as yet the capacity to carry out actions against anyone the government see’s as a threat far outstrips the laws concerning those actions as being illegal just as much as the illegalities of actors like Anonymous. The current law is weak or damaged and no one has really stepped up in the US yet to fix even the CFAA in a serious way as yet.

Covert Actions, HUMINT, and SIGINT:

When I was on the panel at DEFCON I spoke of the governments and agencies likely using disinformation and other covert actions against the digital insurgency that they perceived was being levied against them. Now with the perspective of the Snowden collection it is plain to me that not only will the easily make the call to carry out actions against those they fear but also those actions are myriad. If you are going against the nation state by attacking it’s power elite or its interests expect the actions to be taken against you to be swift and unstoppable. In the case of the DDoS this was just a tit for tat disruptive attack that seemed to have worked on some. The other more subtle attacks of hacking via insertion of malware through phishing and intelligence gathering my using spiked links and leverage against providers shows how willing they were to effect their goals. Now consider all that we have learned from Snowden and conjure up how easy it is today with NSL letters and obfuscated secret court rulings on the collection of data wholesale from the internet and infrastructure.. You should be scared. Add to this the effect of the over-classification of everything and you have a rich environment for abuses against whomever they choose no matter how many in the IC say that they are to be trusted. The base fact is this; The internet is the new battlefield for war as well as espionage not just criminality and law enforcement actions. If you are considered a threat by today’s crazy standards of terrorism is everywhere, then you too can have your data held in Utah where someday someone could make a case against you. Some of that data may in fact come from direct covert actions against you by your government or law enforcement per the rules today as they stand.

ANALYSIS:

The final analysis of this presentation that was leaked and the actions alleged to have been taken against Anonymous is that there is no real accountability and that secrecy is the blanket for covert action against non combatants in any war. We are in a new dystopian nightmare where cyberwar is concerned and there is a lot of fear on the governments part on attacks that could take down grids (misinformed ones really) as well as a ravening by some to be “in” on the ground level for carrying out such warfare. Without proper laws nationally and internationally as well as proper oversight there never will be an equitable solution to actions in cyberspace as either being criminal, grounds for war, or civil disobedience just as there will always be the high chance of reciprocity that far outstrips a common DoS. The crux here is that without the proper laws you as a participant of a DDoS could be sanctioned for attack and then over prosecuted for your actions as we have seen these last few years. Without a solid legal infrastructure and a Geneva Convention of sorts concerning cyber warfare, no one is safe. As an ancillary factor to this I would also say to all those in Anonymous and any other collectives that may rise you should be very careful and step up your OPSEC and technical security measures if you are going to play this game. As we have seen many of those key players in Anonymous and LulzSec were caught up with and are in legal trouble just as much as the guy who just decided to join a DoS for a minute and was fined a huge amount of money for his trouble. Remember, it’s all fun and games until the governments of the world decide that it’s not and want to squash you like a bug.

K.

Written by Krypt3ia

2014/02/06 at 22:21

I Am Disappoint: Gabby Coleman and Anonymous

leave a comment »

0

LAMESTREAM SOCIOLOGY

So Schneier, the paragon (most of the time lately) of being behind the curve, has linked a paper put together by Gabriella Coleman (ersatz sociologist and Anonymous cipher) Before clicking on the link and downloading I braced myself for a read that likely would make me want to perform the head—>desk ritual. Sure enough, after reading the 27 pages of mostly histrionics regarding Anonymous I was ready to apply said head to desk with the usual force. Why do I do this to myself? I suppose that I am that person who Einstein referred to as the epitome of insanity by performing a task over and over again expecting a different outcome. Either way, I thought it appropriate to call this into question for the larger audience to look upon and judge post my bile spewing.

HOW MANY YEARS OF STUDY DID IT TAKE TO PUT 27 PAGES OF DRIVEL TOGETHER?

Well Gabby, how long were you following the anon’s around again? I think you would have been better served by reading Parmy’s book and then spewing out some facts and insights after a little digestion than what you have put out there as a scholarly text on the Anonymous movement. Sure, your generalities concerning modus operandi citing the Rand report from 1997 is all super cool and all but really, what audience are you reaching out here to? You neither get into the issue deeply enough for the non novice concerning the net and Anonymous nor do you really put together a usable picture for the un-initiated to follow along as to what is really happening and has been since Anon percolated up out of the pool that is 4chan.

All in all the paper if it be called such, just lays out in florid language, the long and winding road of histrionics around Anonymous but not really touching on the issues of how it/they have been effected as well as are affecting the net/global politics/cyberwar today. There are hints and allegations in it but really, you are a sociologist are you not? Should you not be taking up this kind of inquiry as well? What you do do though is state that they are a not so anonymous and not so leaderless group which sounds awfully familiar to me. *I wonder why? Maybe you should look at my blog posts all these years eh?* While you point out that they have been a force, you do not really maintain what kind of force they are nor do you summarize whether or not you think that they will be a real force in change nor why they would not be? Well nominally I think you allude to the lack of cohesion but then you go on to counter that with all of the amazing things they can do with PR and hive mind. Frankly you just seem muddled there. Perhaps overall it is because they are so amorphous that you cannot really conclude anything at all? Which you again allude to.. It’s like that saying from the Supreme court on porn “I know it when I see it” It’s mighty useless when it comes to actually explaining something.

ANONYMOUS IN THE AGE OF THE PANOPTICON

The one thing.. ONE thing that I would have loved to have seen anything solid about is how today post events with busts like that of Silk Road and the other fallout from the Snowman revelations have affected the anons. You kinda sorta mention it at the end but then drop it. Perhaps it is too early to tell on that account. Perhaps you are just still milking this whole thing to further your drivel writing. I dunno. I just think that there is a far richer picture here that needs to be looked at and you are failing to do so with all your years of allegedly “studying” the anon diaspora. This paper was useless and I sure hope that policy makers aren’t reading it to understand anything other than the history of how Anon was born because otherwise they will be left more clueless and tired eyed than they started.

Oh and yeah so when do you appear on the next Dr. Phil?

K.

Written by Krypt3ia

2013/10/03 at 18:08