Archive for the ‘EPIC FAIL’ Category
I had heard that Ted Koppel was making the rounds on TV trying to pimp his book on the end of the world as well know it through cyber. Of course I instantly knew it would be utter trash, a tissue of assertions and half ass reporting relying on government and beltway bandit quotes that likely would enrage me. How little did I know about the true scope of fuckery and rage that would ensue from reading its breathlessly penned pages about our coming Armageddon. Once again we have a reporter who does not really do his homework and takes the word of people with interests over the realities of those who work in the industry at the scene of the crime.
From the first pages we are being told that the grid is vulnerable to attack. Not just physical attack, no, worse, more scary, the dreaded CYBER attack. Of course as you delve deeper in to the book you do not get any kind of technical interviews with white hat hackers or security experts other than those bottom feeders such as former NSA directors and Richard Clarke. All of these players who worked (past tense) in the government that failed to secure all the things and who now offer services as board members and pitch men. You see, no one interviewed in this book actually has hacked anything.
But trust us.. The grid will go down if attacked by the CYBER.
I will not bore you with recalling the rest of this awful book. Truly, do not buy it and certainly do not read it if you want to know anything about the potential for the power going out more permanently. Instead, I would like to give you a primer on how hard it would be to actually take the whole grid down. I would also like to show you just how hard it would be to take great sections of it out as well. Neither of these scenarios is easy and neither of them is something we will not recover from. All of the bullshit around the bugaboo that the grid could be taken out by Da’esh is fantasy for the most part and a tool to scare the public by halfwits looking for clicks or book sales.
Are there issues with the grid? Yes, there are. Could damage be done that could cause a lot of consternation and perhaps even deaths? Yes this could happen in pockets of our society. These things are true but a systemic outage across the whole of the country that would cause severe, unrecoverable damage to the grid as a whole is not probable. In fact, it may not even be possible and I plan on telling you here why. By going through the internet and seeking out data from experts, governmental files, and papers by doctoral candidates as well as those who own and operate the power systems I can give you the data you need to see what the truth of the matter is.
However, let me break this down into small consumable bullet points for you.
- Even a nation state with capable hackers could not own every system effectively enough to take them all down simultaneously
- Even if systems are hacked and malware like stuxnet implanted, it still takes a kinetic attack to damage many of the systems out there that transmit the power as well as generate it. Malware alone will not kill the grid.
- Current activities in gridsec and grid technologies are making these scenarios even harder to implement due to the nature of the diaspora that is power generation and transmission
- Certainly sections of the grid could be taken down and have in the past. All you need do is Google Squirrel+blackout and you will see how their kinetic attacks caused systemic failures that caused outages.
- Frankly, an X-Flare has a higher probability of taking out the grid as a whole should one hit the US. This should be a real concern and the companies and government should be looking to shield against EMP but they aren’t.
So all the bleak punditry about how the grid could be taken down by hackers using Shodan is really just sensationalistic bunkem. Of course there have been a couple of interesting theories, one that made some news back in 2008 I believe was a paper by a student on a cascade effect that could black out the grid. This possible attack might be the only one that would work but the control over the disparate systems involved to make it happen is almost impossible really. Another theory was one put forth by the government itself when they performed the AURORA experiment. This particularly relies on attacking nine points on the grid (power gen and transfer) that could be the genesis of a cascade attack.
It is the cascade attack that should trouble people but this is not really explained by most of the purveyors of FUD like Koppel. The real scary point about the cascade effect though is that the attack, if successful would take out the LPT’s and those by their nature are costly and take years to build. They are also on backorder so there is that too. If you take these out, and there are no replacements then you are pretty much stuck in the 19th century in certain areas until you get one replaced. Now once again I will tell you that to take them all out at one time is damn near impossible unless you have an X-Flare that covers the whole grid with an EMP.
So where does that leave us? Well, that leaves us with scary scary ideas but little follow through on actual means to that end. Of course now the big scary scary is over the CYBER right? And when they say CYBER they really mean SCADA, ICS, and HMI technologies that monitor and control the big hardware that generates and transfers the power from the generation plant to you. Now consider that there were as of 1996, 3,195 electric companies in the US that handle generation and transmission of power. That is a lot of targets to get into and control effectively, in tandem, to create a super grid blackout. All of this is going to be done by attacking their SCADA? Are there really that many of these things that are internet rout-able anyway? This means that the adversary would have to really hack the majority of them and have major footholds in all to access the networks to get at the systems that may not be networked to their non air gapped networks.
Think this through people.
This is just not a real tenable plan to start with and then you have to consider just who would try to pull this off and why. If you take out the grid in the US sure you cause mayhem but we have military bases all over the globe. We have ships and subs at sea. We have the capacity to bomb the shit out of anyone we think carried off such an attack. So really, unless you attempt this a la some scenario like “Red Dawn” with planes in the air and boots on the ground, you pretty much don’t win. Many of these scare pieces don’t go into the semantics of attack and counter attack, they only cry havoc about how we are CYBER doomed and the grid is a scary scary thing. It makes my ass tired even thinking about all these idiots out there talking to the likes of Richard “Dr. Cyberlove” Clark and believing them.
Stop the madness.
In the end yes, sections of the grid could go down and yes, they could be down for a while because of the nature of the hardware and it’s replacement. It would be inconvenient but it would not be the end of the world. It also would likely be more the action of Squirrels or tree limbs rather than a clandestine hacker attack on our SCADA systems. So everyone needs to just calm the fuck down and breathe. What you really should worry about is some form of EMP that melts everything and puts the whole of the country down, and really once again, that is the only scenario I buy into on this matter. If we have another Carrington Event, we are well and truly fucked.
Anyway, don’t give Koppel any money…
UPDATE: I left a review of this book on Amazon and the one response back was this:
I guess I am no Dick Clarke so meh, nevermind.
Newest U.S. Counterterrorism Strategy: “Trolling”… Say, Doesn’t Someone Already Have The Corner On This Market?
Trolling VS. Jihad
Well, once again I hear a story about CT efforts that I just have to facepalm and say WTF? The story was evidently posted while I was on vacation and not looking to enrage myself with the stupid (thus meaning I was reading Hunter and other classics whilst sitting on a beach) So, someone tipped me off the other day that this little gem was out there. The premise of the story/program is that the Dept. Of State has given the go ahead to this 20-something to put together a coalition of people across the globe to subtly (maybe) troll the jihobbyists and jihadi’s out there online to break them up as groups.
Really? Sooo, you are going to go on to say Shamikh and start to troll the players there in hopes that you will shame them into dropping the notions of radical jihad? Why am I surprised that a hair brained scheme like this would come out of State? My initial reaction was tempered when I read the piece again and the tempering was that this was going to be aborted before it got anywhere in the first place as the article describes scope creep already and a certain sense of other agenda’s on the parts of the players. In the end, I suspect there will be a failure to launch, but, what if they were to pull their act together? Would this in fact have any net effect on the jihadi’s and the forums they frequent?
I certainly think so… But… Not in the way that the creator of the idea has in mind….
The Psychology of Jihad and Trolling Them:
In reading the article the use of the word “Trolling” is somewhat a misnomer really I think. I would use “cajole” more than troll because the goal here is to subtly shame them and make them not only uncomfortable with wit and sarcasm, but also to lead them to drop jihad. Now, will this actually work? I suppose a dialog with certain folks as peers might actually work if you don’t alienate them with your “wit and sarcasm” but really, take a look at the mind set and the social norms of the people being targeted here. You are going to troll people who, though maybe misguided by doctrine or imam, or their personal histories, are rather devout about their beliefs, to the point that some actually take on jihad literally and go fight.
… And you seriously think mocking them will make them say; “oh, wow, I was being silly”
Good luck with that. Its my feeling that given the nature of the people I have seen/dealt with on the boards, that this will just not work. In fact, in certain spaces (and those spaces are now consolidating rapidly online creating a clearer channel) you will get yourselves banned rather quickly from the board. This too will also cause them to close ranks further and to become very selective about who they let in and who gets to talk, not to mention maybe force their hand to go to other places like the darknet to host their content. So, overall, I just don’t think that this line of action will be productive in any way.
Now, if you are going to go after more “moderate” sources of dialog like muslim.net or some of the other sites out there, you may have more luck and might be the right territory to hunt in and dissuade people from acting on jihad. It’s all a matter of how hard core these people are and how new they are to the whole thing. Sure, AQ/AQAP/Global Jihad is seeking new recruits all the time online but, they are also not really gaining a huge amount of traction there either. I do appreciate the idea of trying to debate these nascent jihadi’s with smart dialog, but, in the end, “trolling” will likely only make them angry, ban you, and then make vague and useless threats. Remember, these are giant crazy echo chambers and it’s not that easy to default them to sanity just by saying they are being stupid.
I would also say that using the moniker of “Troll” for this article on Wired was disingenuous if not just wrong for the circumstances. In the article, further down in graph 2 or three, the creator of the program clarifies that it’s not really trolling per se by the netspeak definition of it. Usually today’s troll is someone who is just maladjusted and looking for an outlet for odious behavior while usually enabled by anonymity. If one were to go troll (trollhard… haha..just had an image of another Bruce Willis movie there) hard at the jihadi’s it would be quite counterproductive. Unfortunately, this kind of thing already has been happening a little bit. It seems that some people have been not only inserting themselves into boards, hacking them, ddos’ing them etc. This has served only to cause them to be much more suspicious and clamp down on security.
This is not what we need.
YOU TROLL ME! I KILL YOU!
In the end, I just see this program having the net effect of creating a bunch of Ahmed the Dead Terrorist skits online…
… And that may be hilarious to some… It just won’t help us in the GWOT.
ZOMG LinkedIN was HACKED!
A tweet conversation yesterday finally snapped my brain into focus on the whole LinkdIN hack password debacle. Someone had tweeted about the non complex nature of the majority of the passwords from the hash dump and my snarky response was basically “Who cares? After all, LinkedIN certainly didn’t, why bother when places don’t carry out due diligence?” After all, it was only LinkedIN right? I mean, who’s not already “in the know” that this is the Mos Eisley of business networking right? Between all the cutout accounts and stupid headhunters, one really has to know that it’s just a business version of Faceyspace right?
Well, I guess there are some out there who are using it like it’s a super secure and wonderful tool to make “spook” contacts for intelligence gathering huh? *SNORT* If anything we have seen that it has just turned into a festival of stupid commentary, casual hooking up, and one of the BEST tools for someone like Tommy Ryan to nab all kinds of .MIL and .GOV folks with their digital pants down more than anything else. So they were hacked, any of us in the business with half a brain “should” have been using throw away passwords or phrases with the apropriate complexity anyway, this includes the government and certainly the military people….
Well, it seems that this is not really the case….
ZOMG LinkedIN WASN’T PROTECTING MY PASSWORD!
So, once again we find that a company, that people do in fact pay for, was NOT performing the due diligence that they should be on behalf of their clients and protecting their passwords with salted hashes at the very least. Nope, no crypto of worth was at work within the rarefied digital confines of LinkedIN and WHO’DA THUNK IT? Even after they found out they were hacked they did not really have a grasp on if they “really” had been and failed to issue an alert until later the same day (much later, like late afternoon) when word of the hack and proof of the dump was out on the Russian hacker board at 6am EST.
Now, given the past history of security gaff’s and certain unsavory people/accounts on LinkedIN over the recent few years, and LinkedIN’s lackadaisical attitude towards security, is it any surprise that this all happened? That LI was not encrypting the password database to BASIC security standards? After all, they just take your money so you can hit up the pretty recruiters right? No security needed there… Nah. Hell, they don’t even have a CIO/CSO/CISO do they? Who needs them huh? C’mon “We no need your stinkin CISO”
So what has the “INFOSEC Community” have to gripe about here? I mean, gee, we already kinda knew their posture right? You should have collectively had your throw away password anyway, so no biggie. Yet, look at all the hue and cry here!
ZOMG The 6 MILLION Passwords Were On The Whole SIMPLE AND INSECURE!!!
Yup, that headline says it all really. You see, people on average don’t really care about their passwords nor do they really have the security awareness to even attempt to create complex ones. I mean, hey, it’s as simple as downloading a password manager/vault that creates them for you with good complexity as well as saves them for you to look upon when you forget right?
*Evidently, THAT is too hard for the majority of end users… Hangs head…*
Nope, all too many people had simple passwords like 1234 for their access to a site where they lay bare much of their business and social data it seems. Oh, and did I also mention that in the same day there was a vuln released on their iOS app that was thieving YOUR calendar data? Oh yeah, nice! I guess it’s all just human nature to be lazy and create passwords that are easy to remember but this is just getting silly people. One wonders just how many of those people replicate those silly passwords on to other sites like their email or maybe their bank huh?
Oh my…. That many? We’re DOOMED.
Look, I have said it before and I will say it again, our own natures provide the largest attack surface. In the case of LinkedIN and the six million passwords there are two:
- Laziness on the part of the company not encrypting the passwords to basic standards and laziness on the part of the EU’s not creating stronger passwords
- A STUNNING lack of situational and security awareness on the part of both parties
ZOMG The Security Industry FAILED To Teach Us All About Strong Passwords!!!
Meanwhile, there was a great hue and cry by the twits on my feed and in articles on Island and other places on how the industry (as well as LI) failed once again in the security space. We evidently do not have enough “evangelistas” out there teaching the wretched masses about the wonders of proper password choice. We are just not reaching them and when we see things like this we then go on ad nauseum chiding them or in most cases just pointing our collective fingers and laughing.
Yeah, that’ll teach em. I can feel their collective IQ’s rising now.
I guess my question is can we even really inculcate these things when the basic human nature is to not use our frontal lobes too much? We have too many passwords now and it’s hard! C’mon, just lemme do 1234 it’s gonna be fine because the company is protecting my data! How do I know? Oh, cuz they have this pretty graphic here with a lock on it!!
If you believe that, I have this bridge I’d like to sell you.
Look, all you INFOSEC people out there lamenting, stop. Breathe. The simple truth is that you cannot win this battle unless YOU are in direct control of the systems that would FORCE password complexity on the end users. The sad fact is too many of us aren’t actually in control, its the C levels who are in the end, we just tell them what would be best for the security of the business. It just so happens that much of the time these measures cost money, or, more likely, inconvenience the workers and the perception is that work and PROFIT would suffer from your new fangled security measures.
No, you cannot do that.. The workers will revolt and we will lose productivity Sonny Jim! That would affect the bottom line..
ZOMG You INFOSEC Weenies Are MISSING THE POINT!
Ok, so, it happened. LinkedIN handled it exceedingly poorly, and there is a great cry upon the internets over it all. People were tweeting and blogging, exhorting users to CHANGE THEIR PASSWORDS on LinkedIN but were failing to give a more nuanced warning.
“Uhhh, but, LI wasn’t sure they were hacked, how they were hacked, or IF they were still hacked!”
GO NOW! CHANGE YOUR PASSWORDS!
But, what about the whole password re-use thing? Any mention of that? Or that if you change your password, it may yet again be leaked because they may still be hacked?
Yup, bang up job people.
The real point for me is this salient fact: LinkedIN and other companies like Sony have shown time and again, they DON’T CARE about YOUR data. Always remember this people. So, you want an account on these places, then you best make a throw away pass and limit your data on the sites that host it. Otherwise, there will be a compromise like this one and not only your data there, but elsewhere (if you re-use or iterate) will be up for the taking.
What this also means is that business in general doesn’t get it nor care to and this is the most important point.
Either we demand they all do better or we just let them carry on leaking our data.
I followed a link today off of esecurityintelligence.net and after reading the first graph of the piece I pretty much had a bad case of Tourrettes syndrome. This is some of the WORST reporting I have seen where it concerns the state of internet jihad. Now, I know why these places all do this, they just want a lead story and headline that will draw people in and make them click into the site. I get it… But.. It’s just wrong. The internet jihad is more a propaganda campaign than anything else and as you can see from the piece below from of all places, “The Sun” did a bit of a better job on the facts than dnaindia did!
Now that is surprising.
So, as I was saying, a ‘bit’ of a better job.. Then they too go off the rails. Look, the cyber jihad or Internet jihad is comprised mostly of jihobbyists, guys who want to get in on the action but are too clueless to actually go to the battlefield in some cases. In others, they are deluded individuals with mental health issues that need to be medicated and taken care of. In either case, the needed skills to really cause greater issues other than setting up php bulletin boards to throw propaganda on are lacking on the part of the general jihobbyist populace. Just how many of the attacks by LulzSec were attributed to the likes of Al Qaeda?
Yet the media persists in perpetuating this idea the there are some 31337 jihadi’s out there who are going to pwn the grid. Really guys, get your shit straight when reporting on things ok? I have seen some strives in the Jihadi hacking scene these last few years, but NOTHING like what you are talking about. Hell, their real hacker went to jail years ago (Irhabi007) What is worse it seems, is that likes of Home Secretary May, may in fact be spinning half truths about Internet jihad for whatever political expediency she needs. I have reported in the past about the Facebook Jihad (notice 2010) and pretty much sum it up to propaganda and thats it. Sure, there may be some illicit comms channels here, but, its Facebook for God’s sake! They are on top of this shit, TRUST ME! The jihadi’s have been complaining that as soon as they set up a Facebook page it gets taken down by Zucky and company! So really, there is no threat there.
So, lets take another look at it from the post LulzSec perspective.
Lulz have been wreaking digital havoc with some pretty low level hacks. They carried out DD0S, they hacked low hanging fruit and stole data which they then published. LULZ did it, NOT Al Qaeda. Now, don’t you think that if AQ was adroit at hacking and wanted to cause pandemonium they would have beaten LulzSec to it all? Don’t you further think that perhaps when and if they hacked the servers with the low hanging fruit hacks (SQLi) that instead of just publishing the data, they would have say RM’d the whole databases?
Think about it;
- Economic targets like the stock market
- Military targets like the recent Anon attacks on Booz Allen
- Attacks on grid and other key infrastructure targets
ALL of these things likely already harbor vulnerabilities that the likes of Anonymous could already have access to! The difference? The LULZ don’t want to be thrown in a hole forever and know their limits I suspect. Now, if you were AQ though, what’s to lose?
AQ, if they had the capabilities would already have used it! They haven’t, which means to me they lack the critical skills in their jihobbyist base to be a threat in this arena. It is as simple as that. So please Media, fucking buy a clue and stop just trying to use the “If it bleeds it leads” mentality to get clicks. Do your JOB’s and get subject matter experts with credentials to talk about this stuff instead of just trying to scare the straights with false reports.
I have often written on this topic in the past and from what I have seen here is the overall picture of the state of Jihadi hacking tech.
- They are using OLD malware packages to infect machines to steal data/money (mostly money)
- They are using OLD hacking exploits for the most part just as they are with the malware packages
- SOME jihadi hackers (TNT_ON) are clued in and know what they are doing technically, but yet are inept enough to leave their real IP addresses in their tutorial videos (I see you!)
- They are learning.. Slowly.. but their sites still keep getting popped and their super sekret rooms online have been penetrated
- Their crypto program (Mujahid Secrets) has been cracked/Reverse Engineered
Finally, let me leave you with this little bit of wisdom post the demise of OBL:
- They got him because his lackeys were tracked by their electronic comms
- Even though they were using sneakernet and email Dead Drops we managed to catch on (these techniques are not hacking)
Were OBL and his crew using high tech hacking techniques or crypto (aka steg) as their main means of communications, judiciously, it would have been even harder to get a line on what they were up to, where they were, and moving forward, determine future plans from OBL’s hard drives etc. Instead, they were using old spy tactics with minor digital twists to evade the US and other countries. This says a lot about their abilities and ours to detect them. They decided it was better to go old school because we cornered the digital market.
This follows today to the hacking scene, where we have some muslim hacker groups out there defacing pages, but not doing much else in the way of Islamic Electronic Jihad. So, media, let me put it plainly again;
They don’t have the skills to be super scary like you want them to be in your exaggerated reports!
CUT IT OUT!
I will let you know when they have their shit together.. Trust me.
Past posts on this subject:
It seems that 2011 is turning into the year of the cracker. Between Anonymous, Lulzsec, and the ongoing wave of espionage being carried out by nation states, we have begun to see just how serious a threat cacking really is. Of course both of these groups of attacks have greatly differing motives as well as means. Lulzsec, well, is doing it for the Lulz and the others such as nation states or criminal gangs, are doing it for political, financial, or personal gains. In this post I will cover all three groups and their motives as well as means.
Lulzsec is a splinter group of Anonymous who for all intents and purposes, have decided to carry out raids on any and all sites that they feel need their attention. This could be simply a process of finding the lowest hanging fruit and exploiting it or, there may be some further agenda that they have yet to explain fully. So far though, we have the simple explanation of “They are doing it for the Lulz”
Lulzsec really began their efforts with focusing their full attention on Sony Corp. Sony pissed them off by attempting to prosecute a coder/hacker/reverse engineer named GeoHotz. Geohotz managed to tinker with some Sony code and they went out of their way to try and destroy him. It’d be one thing if he was being malicious, but Geohotz was not.. Instead Sony was. This caused a great backlash in the hacker community against Sony, and though they came to an agreement with Geohotz, Lulzsec decided they needed some attention.
After numerous attacks on Sony that netted Lulzsec much data and showed just how poor Sony was at protecting their client data, Lulzsec decided to take their show on the road so to speak. They began their new campaign with “The Lulz Boat” which set sail for #fail as they say. Soon the Lulz were epic and the target scope began to open up. Lulzsec attacks began to show up on Pirate Bay as well as on pastebin where they would dump the data from their attacks and laugh at the targets poor security.
What once seemed to be revenge has now morphed into a free for all of potential piratical actions for unknown reasons by Lulzsec. Of late, they also seem to be profiting from their actions by donations of bitcoins as well as perhaps other help from the masses who enjoy their antics. It is hard to tell exactly what the agenda seems to be for Lulzsec as it is still evolving…
Meanwhile, their actions have risen the ire of not only the likes of Sony, but now the governments of the world as well as their law enforcement communities. Who knows how long it will be before they are collared or if they will be at all.
Nation State Actors:
The ‘Nation State Actors’ may well be the most sophisticated group here. Many of you likely have heard the term APT, and this group would be the core of the APT. Those nations that have the means to use assets at their disposal to make long term and concerted attacks against their targets. This is the real meaning of APT (Advanced Persistent Threats)
What we have seen in these last few months is either an escalation on their part, or, we are just now catching on to their attacks by actually paying attention to information security. I am not sure which it is really, but, I lean toward there being more attacks as the programs developed by certain countries have solidified and spun up. As you have seen here, I have made much mention of China as being the culprit in many of the attacks recently. I stand by that assessment, but one must not forget other countries like Russia or Israel for APT attacks.
This all of course is just a natural progression from the old school espionage with physical assets in the field to a digital remote attack vector. As we have gotten wired, so has the espionage game. In the case of the wired world, unfortunately, much of the security that would usually surround assets in the old days, are not put into place in the digital. Why is this? It could be a lack of understanding, or, it could also be that the technology has outpaced the security values that they require to protect the data within.
Either way, hacking/cracking has now become a tool of war as well as intelligence gathering. It’s just a fact of life today and unfortunately the vendors and users have not caught up on means to protect the assets properly.
This is where the APT, Lone crackers, Companies, and Nation States meet. All of these groups use hacking/cracking as a means to an end. In the case of nation states, they are often looking to steal IP from companies. Often times that IP happens to be from defense contractors. This is a dual use type of technology both for war as well as any technology taken could further their own in many other ways.
In today’s world, you have all of these players using attacks to steal data for themselves, or their masters. The recent attacks on Lockheed are just this, APT attacks, likely by China engaged to steal IP on military hardware and technologies to augment their own and compete not only on the battlefield but also economically.
Other attacks are likely un-noticed and carried out by single aggressors or small teams that hire themselves out for this purpose. These are the civilian equivalent of the nation state spies and often can be contracted by nation states or other companies to carry out the work. In fact, this has become a boutique niche for certain individuals and companies in the ‘private intelligence’ arena. For this type of actor, I suggest reading ‘Broker, Trader, Lawyer, Spy’
This brings me to the criminal gangs. These are most commonly from the Eastern Block (The former Soviet Union) and they too often work tacitly for the government. In the case of Russia, there is a large amount of governmental complicity with the gangs. This is because much of the Russian government is made up of Russian mob types or, are paid handsomely by them for complicity.
Much of the crimeware trojans out there are Russian (Ukraine) made and the money that they steal from their quick hits goes to the East. Just by looking at the news, you can see how many ATM skimming attacks have money mules hired by the Russians and how often the money makes its way there. An interesting convergence here is also the connection between the Chinese in some cases and the Russians working together. There was a spate of Russian run botnets that had Chinese involvement as well as Russian servers/sites showing up in China recently.
With the synergy of the Russian and the Chinese malware makers working together, we will have a level of attacks that will only escalate as they learn from each other and perfect their methods. Meanwhile, they are robbing places blind by stealing PII data to create identities with as well as just transferring large sums of money digitally from banks that lately seem to be getting off for not performing the due diligence of security on behalf of their clients.
When The Players All Meet:
It seems that in the end all of the players meet at the nexus of digital crime. Whether its stealing data for profit, or as an act of patriotism for a nation state, all of the players work within the same digital playground. As the technologies meet, so do the players and it is likely there will be bleeding together of means and opportunity.
In the case of Lulzsec, it has yet to be determined what they really are all about other than the laughs. As they were once a part of Anonymous, one might think they might have a political agenda, but they have said otherwise. However, some of their actions speak to a more political bent than anything else. The recent attack on the senate websites seems to belie at least some politics at play as they stated they didn’t like them very much.
More importantly though, it is the response by the nation states and their law enforcement groups that will be interesting. For groups like Lulzsec, they are now passing from the nuisance category into perceived enemies of the state. Once they start attacking government and military targets with their lulz, then they are likely to see a more hardened response from intelligence agencies as well as the likes of the FBI.
Once the laws and the enforcement agencies catch up with the technology, then we are going to see some interesting times…
Quote from Die Hard 4
A friend of mine, a more-or-less retired CIA paramilitary operative, sees the solution in characteristically simple terms. “We should go get him,” he said, speaking of Assange.
When my friend says “get him,” he isn’t thinking of lawsuits, but of suppressed pistols, car bombs and such. But as heart-warming as it is to envision Assange surveying his breakfast cereal with a Geiger counter, we shouldn’t deal with him and WikiLeaks that way.
At the risk of abusing the Bard, let’s “Cry havoc, and let slip the geeks of cyberwar.” We need to have a WikiLeaks fire sale.
A “fire sale” (as those who saw Die Hard 4 will remember) is a cyber attack aimed at disabling — even destroying — an adversary’s ability to function. Russia did this to Estonia in 2007 and Israel apparently did this to Syrian radar systems when it attacked the Syrian nuclear site later that year. The elegance of this is that if we can pull off a decisive cyber operation against WikiLeaks, it can and should be done entirely in secret.
Plausible deniability, anyone?
Full article HERE
So, with the revelations over the weekend of rape charges that mysteriously just vanished, one has to wonder if indeed there are forces at work trying to discredit Assange as step one in a much more ornate plan. After all, if one were to discredit him, then he could more easily be shipped out of his hidey hole to a more US friendly place with regard to legal standings right? Though, one wonders at the rape charge.. I mean we couldn’t get Polanski back here for child molestation, so what do you think is gonna happen with a regular rape charge?
Also this last week there was an article claiming to have a story being told by Lamo that there is a “velvet spy ring” Umm yeah, those days are not so over as this was the big deal with the Cambridge five no? I haven’t yet chased that story down due to laziness as well as.. Well, I can see that just as a poorly constructed propaganda attempt by someone.
Adrian, care to comment?
Anyway, this whole Fire Sale thing.. Uhh guys.. It ain’t gonna work. Sorry, but as the article alludes to, the Wikileaks pages are all over the place. They have some online ready to go and others are in their silos waiting to be prepped for launch. So, there is no real way to stop the data coming out if they want it out. I mean, I didn’t even mention the torrents… But this is who we are dealing with… A mindset that cannot grasp the intricacies of the intertubes sometimes. The damage has been done and short of taking down the whole of the Internet, the data will be set free by Wikileaks.
So what now?
Well, how about we make sure that the data does not get out of the compartmented systems in the first place huh? Manning evidently showed signs to others that he was a security risk and nothing was done. He had access to systems that if they were paying attention to infiltration and exfiltration methods, would have prevented the data from being burned to disc and taken out. It really reminds me of “The Falcon and the Snow Man” they were not paying attention to many of the rules in the secret areas and at the guard stations, thus the data was just taken out in quantity. I am sure that if the precautions were in place effectively and watched, Manning would have been caught sooner and perhaps this would not be as much a debacle.
Now, on the other side of the coin here… I am not against Wikileaks altogether. I agree with what Daniel Ellsberg did with the Pentagon Papers. The government was clearly lying about the war. In this case today, I am also sure that there were lies being told and likely still are… But the data I have seen thus far is no smoking gun and in no way shows any real malfeasance by the government. In fact, all the data thus far is about Afghanistan. Where I feel the big lies… well lie.. is in Iraq. Of course Assange is saying that data is coming soon.
We shall see.
So, to sum up..
1) You military and gov types… Get over it and tighten up your security!
2) Anything done to Assange will only make him a martyr
3) There is no stopping this data because it is already out of your control (pentagon, White House) So just buckle up cuz its likely to be a bumpy ride.