Archive for the ‘Terrorism’ Category
The Irrational Actor and Asymmetric Propaganda Jihads
The Irrational Actor:
EVERYONE has lost their shit over the attack on Pulse in Orlando. The media is in a feeding frenzy, Twitter is lit up with rhetoric and those flogging their points of view, and even I had a moment of “SOMEONE ON THE INTERNET IS WRONG!” which some of you probably will say is just par for the course with me. I am trying to stay out of it as much as possible after yesterday and it has even led me to look at the Twitter feed much less because it just drags you into the collective mass hysteria when you do, but I thought it appropriate to have a moment of clarity and maybe introspection here and leave the arena altogether.
Many of the reports on the news and the tweets in the feeds are verbally gesticulating about how this attacker was inspired by or a lone wolf for Da’esh and arguing about this fact or that that really have yet to be categorically proven. I would like you all to just take what is known as of today and step back a moment from the whole jihad angle and look at the actor as one might in a profiling situation that the FBI might carry out. What motivated this guy? How did he carry things out? What are his past actions?
- The FBI looked into him three times because he was pegged by others as being a potential terrorist from comments he made
- The FBI talked to him and found out that he did not know about the groups in any real in depth way and that he seemed to be attention seeking or perhaps a bit unbalanced
- As of late yesterday reports have surfaced that this man was a closeted individual (wife and others reporting this)
Now, if you removed all of the surface content of jihad and da’esh all you have is that this guy seemed to have some internal struggles from his upbringing and his proclivities. He was raised in a household that may have adhered to a more strict interpretations of right and wrong (in their minds about perhaps sexuality) and by indications today, may have caused a fair bit of self loathing for his own desires. Suffice to say this guy had issues and that perhaps was the stressor that lead to this incident. What I want you all to consider here is that without the jihad angle, this guy is what is termed as a “Spree Killer” what has everyone bent is the fear of terrorism on American soil but they are failing to see the forest for the trees in this case.
Now this brings me to the irrational actor part of the title to this post. Everyone and their brother is going on and on about terrorism, lone wolves, and planning while I would suggest that we consider that this guy was an irrational actor with an organized personality. What this in fact means is that he was stressed, he was unbalanced, perhaps delusional, but he was also an organized killer. He planned this attack out and carried it off, but he was not what I would consider a rational actor motivated by an ethos of Radical Islam. I would instead really like to say he was a troubled individual who used Da’esh as much as they used him after he carried out this heinous crime. Each served their purpose for rationalizing their irrational and malevolent behaviour.
So, please take a step back and consider that this spree killer did what he did and blamed it all on an ethos that he may not have wholly understood nor believed in. Had he really been a true believer then he might have gone to Syria or been a under more prevalent scrutiny by the authorities. Instead he was taken off the watch list because he wasn’t seen as a real threat in the sense of being a true jihadi. Of course perhaps he should have been considered a threat under the rubric of being an unbalanced individual who may act out.. But we really do not have that option here do we?
The Asymmetric Propaganda Jiahd:
On the other side of this issue we have much being bandied about by the media and the bevy of former CT/Security darlings who get air time about how the paradigm has changed since this attack was carried out. Has it really? How long has “Open Source Jihad” been around anyway? Oh yeah, years. Inspire was the first magazine to coin the term and since its inception there have been more than a few attacks in various places around the world that I would equate with the teachings of OSJ as being a source of inspiration. So now that someone has killed 49 people on US soil it is suddenly a paradigm change?
Come on!
The fact of the matter is this, this asymmetric propaganda war has been being waged for years first by AQ/AQAP and perfected with Da’esh’s tweaks that made it more appealing to the unbalanced amongst us. As we have seen over the last few years the government finally started to understand the problem and so too have companies like Twitter who is trying to fight it with account banishments. Of course nothing has worked so far and the message keeps getting through over a medium that is the internet as a whole. Communication at the speed of light is the medium and there is no putting that genie back in the bottle. We must come up with more thoughtful and meaningful approaches on how to fight it but so far the US government has only half heartedly attempted a counter propaganda campaign “Think again look away” that frankly seems to have been written by advertising reps from the 50’s.
The reality is this; In the last year there have been one hundred and thirty three mass shootings in the US since January first 2016. Two of these to my knowledge have been at all related to jihad. When are we going to look at the larger issue of the spree killings and the psychology of irrational actors perpetrating them instead of focusing on the jihadi aspect of only two? This is the crux of the issue and I have to tell you all here that like psychological profiling, it is an art, not a science. What I am trying to really say here is that there is no way to really stop these things from happening. In the case of Omar Mateen, he said things and was investigated but unless he was put under complete surveillance 24/7 there were no solid ways to determine his actions to come. Hell, for that matter, the stressor of being under scrutiny could have been the straw that breaks the camels back and caused an attack!
Everyone needs to understand that life is random. The universe is random, and there is no sure way to stop these attacks.
No guns… Sure, someone will get a katana and hack people to death
Surveillance of everything in drift-net unstructured data…. Still won’t help if you aren’t analysing it all and even then you miss things.
Investigations like the FBI carried out and being put on watch lists… Nope as we can see it did not work.
All of you need to understand that you could die slipping in your shower just as much as being killed by a spree killer with an AR-15. It’s just the roll of the cosmic dice. I am of course not saying that we don’t need to try, but let’s not react the way I have been seeing in the media, the net, and the everywhere after this attack. It does no one any good. Was what Omar did terrorism? Yes, it was because his goal was achieved, just look around you now.
K.
Tweeter, Jihadi, Soldier, Spy: OSINT in the Twitter JIHAD
IS and the Propaganda Wars
Since the time that Zarqawi created AQI and got UBL’s approval the latter day ISIL/IS/Daesh group was a rag tag crew of angry guys looking to blow shit up. Post Abu’s passing and with the rise of Abu Baqr, the ISIL/IS/Daesh group has grown not only in numbers but also savvy on messaging and recruiting. Of course some of this has to do with the shifting nature of the region given all the politics and US screw ups since the invasion in 2003 that allowed for the group to coalesce into what we have today running amok in the region. Once the group really gained traction though, and AQ even turned their back on them for being too brutal, the IS became a force to be reckoned with in the area but now they have spread onto the internet as a means of propaganda warfare and recruitment. Much to the United States chagrin they have been all too successful in propagating their message as well as giving fodder to the main stream media to roll out the fear machine and set it to eleven.
Twitter Jihad
Primarily the IS took the model that AQAP had started and learned what AQAP did not. IS is much more capable at propaganda and slick messaging than AQAP ever was. IS has even now started it’s own magazine “Dabiq” which is much like the Inspire magazine but seems to be much more art directed than Inspire was. Now the Daesh has even broken into full blown advertising with small propaganda films that film school students probably look at and swoon over for their slick nature and editing. These things though do not have as much reach without the Twitter Jihad that is going on in tandem and as their medium for dissemination.
Twitter has been the battle ground of late in the war of ideas between IS and the world. Of course the US has decided that either the accounts on Twitter should be banned (or maybe that is just Twitter making that decision?) but it seems that the net effect here is a great game of whack-a-mole while the world burns. The US has frankly been stymied to come up with a good solution to the problem of the propaganda that IS has been using to get the ummah to come to the jihad but recently they decided that trolling might be the answer they need.
Of course what I would call trolling is not what I am seeing out of the Department of State’s account at all. I am seeing reasoned arguments that are aimed at unreasonable individuals or those who may have some mental issues that need addressing. By being logical and refuting the call to this particular type of jihad you are just going to maybe get a lock on the rational individuals. However, Daesh wants only the cream of the crop in the whacknuttery department to join their ranks or to self radicalize and act out their fantasies here in the West. Much like I would assume the attacker from yesterday in Canada did with his shootem up at the capitol.
Frankly, I have no solid answers on how to respond to all of this. I would love to see some plans in action that would stem the tide here and perhaps staunch the flow of propaganda and jihad on Twitter. So far the only thing I can come up with is what you will see below for those who are either interested in watching the great game at a larger scale or perhaps to get inside of it a little more and work towards some asymmetric solutions. Perhaps the likes of Anonymous and others would truly “Troll” these players and drive them to drink, spending more time wasting time setting up accounts than actually placing their crap online.
… Just a thought…
On the other end of the spectrum this will be a little primmer on perhaps how you might use some tools to get closer to these guys. By getting closer I mean more in the HUMINT side of the house because as we are seeing they are learning that their metadata is on the Twitter as well. A recent manual that came out from Daesh instructing the brothers on how to stamp out their metadata and specifically called out the fact that geotags had been a problem. Well, as you can see at the top of this post that yes, this is a problem for them. However, I would posit that unless you are watching them real time somewhere in the bowels of Twitter HQ the latency issue becomes a key factor in whether or not we can send a drone and a hell-fire up their asses.
Clearly they are learning from their mistakes and it seems of late that the Bellingcat is out of the bag here with regard to things like looking near real time at their metadata through their posting of images and tweets from places like Raqqa and elsewhere. It was this manual that prompted the post you are reading now in fact. After looking at all the data and seeing the immensity of the accounts online now that are jihadi related I think that it’s just too much for the government to handle. For that matter I think it is certainly too much for the private companies to handle as well and once you come to that conclusion you then have to think about how well they don’t all talk to each other. In the end there is a morass out there and from all intents and purposes today from what I have seen the government has no idea what to do about it. There’s just too much noise to even get the signal and soft trolling is just pathetic.
Recon
So it comes to this, I have decided that the best way of creating some tension that might cause pain to the Daesh is to give you all a taste of recon and OSINT on the Daesh. There are many tools out there you can work with and certainly there are fools with tools out there but I would like to see some smarter approaches here. So here goes…
Some tools:
- Recon-ng
- Mentionmap
- Maltego
- twiangulate
- twtrland
- EXIF tools (online and off)
- regex.info
- Foca
- A raft of other command line tools in live distro’s for forensics
It’s a toolbox really and you put the right tools in there that you like and do the job. I am sure you all out there have others you like. These are just a few of the ones I use daily for my fun and games. Lately though I have been leveraging Recon-ng for their twitter features and will be expanding even further into the youtubes and other modules that they have for this kind of work. Suffice to say that you can really profile people on Twitter for example with just this tool alone. Below are some of my outputs for you to see.
Supporter in Raqqa tweeting 10.17.2014Recon-ng of user on Twitter who is a player within Daesh and is in Syria
Another user logging their connections including their DM connections
A map of a user and who they talk to/mention with frequency as well as hash tags
Supporter in Raqqa tweeting 10.17.2014
All of this data is pretty easy to get once you have the right tool sets and a good place to start looking. I leveraged a couple of accounts that I knew of (Adam Gadhan and Juni Al Britani) but you can use others. I will say though once you start spidering ou you will see a flood of accounts out there that are like minded. The trick though is to locate all those users in country and who are real players in the Daesh palooza and this is where you have the analysis phase of the game. As I have said in my posts about Threat Intelligence, it’s all about the analysis and product. If you don’t carry out the analysis well it all means nothing.
PS.. if you don’t know the tools go learn. I am not here to teach you how to use them. Buy the ticket… Take the ride.
Analysis
Analysis of the data here is the part of the cycle that takes a human being. Someone who can make connections as well as verify them. Tools are great but there are many fools with tools out there as I said above so if you use the tool but you fail in the analysis then you will give bad data in the form of connections that are incorrect. In the case of the Twitter jihad you have to have some idea of who you are dealing with. Are you in fact dealing with a real player who is in Raqqa or Ramadi or are you dealing with a wannabe in the US? You have to actually look at all the traffic, understand the language, and the psyche to make any real headway here. Just grabbing user names won’t do and it certainly won’t do if you cannot even Google translate a bit of the language to even have an idea of what is going on.
By analysis of the connections and reading the tweets you can then react appropriately by:
- Passively collecting intelligence
- Actively collecting intelligence
- Actively degrading their activities through disinformation operations
- Actively reporting their activities to authorities (thus degrading their capacities through blocks)
I am advocating all of these things now because this is just Twitter. This stuff is public to begin with and as such it is not like they are planning operational details through Twitter. They are instead advertising really and that to me is up for grabs for the common folk on the internet to attack. I am sure some out there will have a hissy about all of this (Flashpoint, lookin at you Evan you dickweed) but I don’t give a crap. This stuff is just polluting the weak minded and any way to stop it in my book is sauce for the gander.
If you are going to do this then you had best learn OSINT and intelligence analysis. If you want to just scrape names and pass them to Twitter to block, fine, but at least give them the real players and not some hapless reporter ok? Do the work, learn the tools and make a difference.
Asymmetric Response
So what I say to you all out there is pick your plan and go with it. Give the daesh a pain in the ass. I know that in the past Anon’s have been threatening all out war on the jihadi’s on Twitter and I have seen a bunch of nothing come of it. Doxing these guys will only work if they are in the US or another country where they can be picked up.I do fully support the idea though that if you are going to do this then you report them to the authorities. Drop the FBI a dump of accts and maybe some of these guys /girls can get picked up before they pull a stunt like we have seen with be-headings to mass shootings.
The governments trolling is not working and it seems that more and more of these accounts keep popping up. I mean hell, Juni’s on his 103’rd acct right?
Derp.
Just do a good job.. No half ass attempts.. And remember.. I am watching you Daeshbags!
K.
Digital Jihad: The Great Irhabi Cyber War That Won’t Be.
Islamic State militants are planning the creation of a ‘cyber caliphate’ protected by their own encryption software – from behind which they will launch massive hacking attacks on the U.S. and the West.
Both Islamic State and Al Qaeda claim to be actively recruiting skilled hackers in a bid to create a team of jihadist computer experts capable of causing devastating cyber disruptions to Western institutions.
They are now boasting it is only a matter of time before their plan becomes a reality.
The Great Cyber Jihad
Since Junaid Hussain escaped over the border to the new lands of jihad (aka Syria) he has been vocal on Twitter showing off his great cyber manhood in classic irhabi bloviating online. That Junaid made some inroads by hacking into the prime minister’s email address at Gmail only lends him dubious credit to his hacking skills to a person involved in the security field. This however is not how the great unwashed within the media and certain quarters of the government and the military seem to perceive the threat posed by Junaid today now that he is an ISIL irhabi.
Islamic State militants are planning the creation of a ‘cyber caliphate’ protected by their own encryption software – from behind which they will launch massive hacking attacks on the U.S. and the West.
Both Islamic State and Al Qaeda claim to be actively recruiting skilled hackers in a bid to create a team of jihadist computer experts capable of causing devastating cyber disruptions to Western institutions.
They are now boasting it is only a matter of time before their plan becomes a reality.
The above text came from just one of the spate of recent reports on the great “Cyber Jihad” that is being touted to come from the likes of Junaid and ISIS/L as they attempt to expand their reach from the Middle East globally. This ls.particular commentary makes the bile rise within my gut on so many levels though. But that kind of pales in comparison to the one right below…
“We’re in a pre-9/11 moment with cyber,” John Carlin, assistant attorney in charge of the Justice Department’s National Security Division, warned at a July conference in Aspen. “It’s clear that the terrorists want to use cyber-enabled means to cause the maximum amount of destruction as they can to our infrastructure.”
PRE-9/11 OMG!!! Look you fuckwit if that were the case then China would have already put us out of our misery really. For that matter some half assed pot sodden kid who happened to hack into our grid would have taken us down years ago. There is just no need for this posturing and certainly above all coming from someone without a clue in their head about how things really work in the world of computer security. This kind of scare tactic aimed at getting people to respond in fear to allow for the government to do anything in the name of protecting us is vile.
Meanwhile you have other players such as the one below making statements of “ALL OUT CYBER WAR” while commenting on Anonymous’ operation against ISIS. I laughed and I laughed and I laughed until I just wanted to cry at the sheer stupidity of it all. Look, Anonymous can’t get their shit together enough to be both leaderless and effective so really, how much of an “ALL OUT CYBER WAR” can there be there huh? Do you even know what a cyber war really means? Cyber warfare is both digital and kinetic in it’s purest form and what kinetics did Anonymous really carry out in this operation to DoS ISIS offline?
Lemme give you a clue… None.
“Anonymous announced late last week a full scale cyber war against the Islamic State (Operation Ice ISIS), intended to attack ISIS supporters using social media for propaganda purposes”
So aside from the bloviating and the scare tactics coming out of ISIS itself we also have our responses from the government and the media with all their so called experts on cyber war and jihad. There is a lot of wankery going on here but finally this guy makes a little sense in the middle of his post on this mess…
ISIS’s main effort to date in cyberspace has focused on psychological warfare by generating fear through flooding the internet with video clips portraying the brutal acts of beheading and mass executions, as well as victory parades, as part of developing deterrence and creating an illusion of force in excess of the organization’s actual strength. The essence of its online activity, however, is broader. It enables its supporters to obtain operational information, including training in preparing explosives and car bombs, and religious rulings legitimizing massacres in regions under ISIS control. In tandem, it distributes indoctrination materials, such as a maagzine called Dabiq: The Return of Khilafah, which focuses mainly on topics relating to formation of the new Islamic state headed by ISIS leader Abu Bakr al-Baghdadi. However, ISIS’s technological expertise is not the only factor. Perhaps the public, which is revolted by the organization’s deeds but closely follows these clips and photos as a kind of reality show, is contributing a great deal to the organization’s popularity.
Yes, there it is.. ISIS has been carrying out a PROPAGANDA war primarily and with that comes from PSYOPS as well. This is the first true set of statements I have seen to date over this whole debacle. Ok, they are waging a propaganda war and a recruitment drive for sure but really, a cyber caliphate? I mean to date I have not seen this show up verbatim anywhere on the boards or on twitter so who’s leaping logic here? Seems to me that there’s a sucker born every minute and about 99% of them want to go into journalism nowadays.
A propaganda war using Twitter does not a cyber war make.
Cyber Warfare and Jihad
So let’s chat about the realities here about the capabilities of the Irhabi (ISIS/L or AQ or SEA) in a context of what we have seen so far. What have we seen you ask? Well, DoS, some data thievery, some malware use and phishing, but generally nothing spectacularly scary. Certainly nothing on the level of a nation state actor like China has been seen out of any of the loose groups that claim some jihadi notions online to date. So where do we get all this BOOGA BOOGA over the likes of Junaid Hussain and ISIS taking down our grids and things?
*squint*
Yeah, there’s no there there. I am sorry but even if ISIS/L used it’s monies that it has stolen over the last months to set up a “cyber team” they still would be LIGHT YEARS behind the likes of China.. Hell they would even be way behind Iran for that matter so really, there is nothing to fear here. Never mind that many of these guys like Junaid are working in countries that are actively being bombed and shooting is happening so really, how much longer does Juny have anyway before he gets a Hellfile missile up his ass?
Truly the cyber jihad is a non starter for me and it should be for you too. On the other end of that equation though is the fact that they are actively recruiting and getting their message out using social media and this is a problem. Now don’t get me wrong, it is not a clear and present danger kind of thing because really, 100 Americans out of how many people seeing their online drivel have actually left the country to go to jihad pretty much gives a sense of the threat. You have to be pretty unbalanced to want to do this shit to start with so if you get up and leave the country to join up you are a truly unbalanced person to start. One so easily swayed by the propaganda wing of ISIS needs help and what they will certainly get is a bullet instead while fighting. Even ISISL really doesn’t care about the Takfiri, you see kids, they are just bodies to be used… Nothing more. They may call you brother but under their breath they call you fodder.
Much Ado About Nothing
The reality is that ISIS is more a conventional force than anything else. They are not as well planned as AQ and they tend to be one dimensional thinkers. I will admit that their propaganda war has been interesting to watch but I don’t see that it is an existential threat. In fact, I concur with the assessment that AQ is still the real player here who can strike at the US and had a better track record thus far. Surely if ISIS continues to carry out the propaganda war they may garner more recruits but I just don’t see them being that inspirational to get lone wolves to activate/radicalize. I certainly don’t see them being able to put teams together to hack our infrastructure and take us down either. In fact I am not a proponent of that line of thinking anyway as a great threat. Our systems are too complex and fragmented to allow for such a spectacular attack.
So please news media… STFU.
K.
ASSESSMENT: Physical Attacks On Grid Infrastructure As Terrorism
Physical Attacks on Grid Systems As Terrorism:
The fear of cyber attacks on the grid (or more to the point transformers and power stations) has been in the news cycle incessantly since Stuxnet made the news back in 2010. The fixation on the cyber world really has occluded the fact that the physical attacks against power systems are the easiest to carry out and often times occur not by attack per se but in reality are acts of nature like squirrels or tree branches. The recent re-hash of a story that happened last April in California is case in point of hype as well as a real cause celebre being propagated by the former head of FERC Jon Wellinghoff. Speaking on NPR and other news outlets he makes it clear that not only can a branch cause a blackout like the one in 2003 that took out the east coast so too can an attack like this at strategic points in the country. While Mr. Wellinghoff is absolutely correct here the news is making this more of a terrorist scenario than the FBI is willing to label it for website hits but perhaps that is what is needed to effect change here. Wellinghoff is in earnest talking about how FERC and the government have done nothing substantive to build in redundancy to protect the grid from such physical attacks as well as accidents such as the aforementioned tree limb in 2003. So really, can you blame someone like Wellinghoff using the media to point out these issues and perhaps get them really addressed instead of spending millions and millions on alleged cyber vulnerabilities?
After the attack in San Jose, Wellinghoff says, he went to the scene with a team of Defense Department specialists who train special forces personnel. They found evidence of pre-planning — including piles of stones to apparently mark locations from which to shoot. The specialists also told Wellinghoff it’s their opinion that a lookout monitored police radio traffic — and raised an alert as officers came near. Otherwise, Wellinghoff says, shots might have taken out three more transformers and power to Silicon Valley might have been threatened.
What stands out here though and what the FBI is not calling terrorism, even claiming that perhaps it was domestic terrorism or even testing and planning is that the attackers in California were motivated and rather methodical about their attack. As is noted by Wellinghoff after visiting the scene with some commandos who assessed the attack. So we have a set of attackers who planned their operation by casing the power station and seemingly had knowledge of what to hit in order to cause a systems failure for that area. Such information could be gathered from Google maps as well as going on site as it is also the same for any information on power station plans and manuals as I have written about before on here. Does this though say to us all that it was a probative attempt at a larger plot to attack the power grid by some terrorist group? Or does this say that there may in fact be a group of kids who decided to live out their dream of a commando raid black op outside of their Xbox? No one can really say definitively and only speculation thus far has been spun in the news cycle but nevertheless the truth of the matter is that power stations on average are vulnerable to physical attacks.
Cause and Effect From Physical Attacks to Infrastructure:
Another truth is that there is an obvious cause and effect if one were to attack the right areas of the grid. As we saw from the great blackout in 2003 if you overflow or underflow the system it can have a domino effect depending on the time of the day, year, and weather conditions at the time. If you were going to attack the grid there are about 5-6 places I can think of that you would want to attack simultaneously to cause a cascade effect that would effect a large swath of the country potentially. These attacks could be like the one in California but most likely would be something along the lines of explosives or even crashing something into the stations to cause the dominoes to start to fall. One would have to have a good working knowledge of how the system works overall and how the interlinks work across the country to do this as well as it would have to be a concerted effort with more than a few people. Still though, to what end would this all be done? So the power goes out and perhaps everyone will know it’s from an attack of some kind but really, then what? This attack scenarios to me would only be carried out by a nation state to really be of any real use and that would have to be in tandem with an invasion force on the continental US. So for terrorism’s sake would it really be worth it? This is not to say that some actors just might to it to “watch the world burn” as it were so it is not inconceivable that someone could pull it off on small scale like in California.
Another not really discussed possible effect from such attacks might be losses in the markets both in the general markets as well as directed losses for the power companies. Such attacks would cause prices to fluctuate as well as instill fear that the companies cannot protect their systems. This too would also put doubt into the picture concerning the national infrastructure’s overall security and any and all regulation thereof. So an attack would not only leave us in the dark but could be used as a financial weapon as well. The cascade failures would also place the power companies at a loss for having to re-tool their systems and upgrade the infrastructure as a whole which then would also have financial effects on the end users by way of fee increases. It is a web of more than just physical lines, heat, and power isn’t it? There are many scenarios here that we could cover on this but let’s just leave it at the idea that a physical attack is quite possible as well as one that could be carried off to darken a great swath of the nation. However, who would do so and what else would they be up to after they did so? What is the aegis here as well as what is the bigger picture?
ANALYSIS:
This story has been burning up the wires for a day or so now and people are all asking why now? Well, the why is because of Mr. Wellinghoff, he has been pimping this story along with the Wall Street Journal and rightly so if we are to face facts that these stations are poorly protected. However, I would like to point out some things here that one should consider concerning this story;
- The attack in California was carried out by individuals who had some SECOPS knowledge in that they had cut the lines to prevent automated alerts but anyone with sufficient will could do this even teens
- The California attackers also planned out where to shoot from with regard to their weapons (AK47’s it seems) and at 60 yards they are not “snipers” nor are AK47’s considered sniper rifles. Had these attackers had Barret’s or some other .50 cal with depleted uranium that’d be a different story altogether
- The FBI is saying this was not terrorism so what was it?
- Could it be possible that someone could be making the point by action to get someone like Mr. Wellinghoff ammunition to make a case for securing these systems over spending all the money on cyber attacks? He says outright in his NPR interview that he believes the cyber attack scenario is much less a possibility or a threat than an actual physical attack.
- For all we know this caper was pulled off to black out a local jewelry store for an epic heist and not actually as some pre-cursor to an all out attack on the USA.
While I think this core story is much ado about nothing the point being made by Mr. Wellinghoff is absolutely valid. Will changes be made to protect these systems? Will new walls be put up and more security laid on to prevent such attacks in the future? Well, let me point you back to Mr. Wellinghoff’s point on what happened post the 2003 incident in the Northeast. Ferc was not mandated to make any redundancy changes or upgrades by law by the Congress. So there you have it. Unless something really serious happens nothing will change so do go to sleep at night in the warm blanket of governmental ineptitude. Maybe, just maybe the lights will still be on in the morning.
K.
JIHADI’S HOLD LEGION OF DOOM CON CALL!! WOULD YOU LIKE TO KNOW MORE?
AZIJ XXRZ HMCKIDACVA GZ UZZW!
The Legion of DOOM!
Yesterday the camel’s back finally snapped in my head after reading a post on Harper’s Magazine entitled “Anatomy of an Al Qaeda Conference Call” which the author called into question the whole story that was put out by the Washington Times and their “anonymous sources” The paper claimed that Ayman Zawahiri and all the heads of the various jihadi splinter groups got onto their polycom phones and their SIP connections to have a “concall” as we say in business today.
You all may remember the heady headlines in the last couple weeks where the mass media picked up on this story and began scribbling away on how the so called jihadi “Legion of Doom” dialed in for a sooper sekret meeting to plan the end of our Western Civilization. Now, I am sure some of you out there have seen my screeds (140 chars at a time more so recently) on just how we get played too often by the media and the government on some things but this, this is just epic stupid here. If you or anyone you know believed any of this claptrap coming from the media please seek psychiatric attention post haste.
Let me tell you here and now and agreeing with the article cited above, that the “LOD” did not have a skype or asterisk call to plan our downfall. At the most they likely had a meeting of the minds in a chat room somewhere within the jihadist boards out there or had a server set up somewhere for them all to log into an encrypted chat. I lean towards the former and not the latter as they usually lack subtlety online. Though, given the revelations from Mssr “Snowman” I can see how the prudent Ayman would want this to be on it’s own server somewhere and for people to authenticate locally and encrypted on a system that does not keep logs… But I digress…
Suffice to say that a group of leaders and minions thereof got together for a chat on <REDACTED> and that they talked about plans and ideas (from hereon I am going to coin the term ideating) for the destruction of the West and the raising of a new global caliphate. Does that sound familiar to you all? Gee, I can’t seem to put my finger on where I have heard that one before. … So yeah, there was a meeting, there were minions, and there were plans but here’s the catch; NOTHING WAS SAID THAT ALLUDED TO A REAL PLAN! No, really, there wasn’t any solid evidence that prompted the closing of the embassies all over. It was a smoke and mirrors game and YOU all were the captive audience!
As you can see from the article cited there seems to be a lot amiss with all of this now that some reality has been injected into the media stream of derp. Why was this all brought to you in the way it was put out there by the media? Was it only the demented scribblings of one reporter seeking to make copy for his dying paper? Or was there more to it? Was there a greater plan at play here that would have the media be the shill to the duping of the public in order to make them see say, the NSA in a different light in these times of trouble for them?
Makes you wonder huh?
DISINFORMATON & OPSEC
So yeah, a story comes out and there are “sources” sooper sekret sources that are telling the reporter (exclusively *shudder with excitement*) that the Great Oz of the NSA has intercepted a LIVE call with the LOD and that it had scary scary portents for us all!
WE. ARE. DOOMED!
That the NSA had help prevent a major catastrophe from happening because they had the technology and the will to listen in on a conversation between some very bad dudes like Ayman and the new AQAP leaders plotting and planning our cumulative demise.
*SHUDDER*
The truth of the matter though is a bit different from the media spin and disinformation passed on by the so called “sources” however. The truth is this;
- The “con call” never happened. There was no set of polycoms and Ayman is not a CEO of AQ.
- The fact is that Ayman and many of the other “heads” of the LOD were not actually there typing. It was a series of minions!
- The contents of the “chat” were not captured live. There was a transcript captured on a courier that the Yemeni got their hands on and passed it on to the Western IC. (So I have heard, there may in fact be a chance they captured the stream using this guys acct) the Yemeni that is, not so sure it was us.
- As I understand it, there was nothing direct in this series of conversations that gave any solid INTEL/SIGINT that there was a credible threat to ANY embassies.
There you have it. This has been WHOLLY mis-represented to the Amurican people. The question I have is whether not there was an agenda here on the part of one of the three parties or more.
- Right wing nutbag Eli Lake
- The “anonymous sources of intel”
- The “anonymous sources handlers”
These are the key players here that I would really like to get into the box and sweat for a while. After the madness was over and sanity let it’s light creep into the dialog, we began to see that these so called sources were no more or less better than “CURVEBALL” was during the run up to the Iraq war. In fact, I guess you could say they were less effective than old curveball because we did not actually go into another half baked war on bad intelligence this time did we?
Another question that should be asked here is why was this information leaked in this way to the press on an ongoing operation that I would say might be pretty sensitive. I mean, you have a channel into a chat room (or *cough* con call as the case may be har har) that you could exploit further and yet you decide to close all the embassies and leak the fact that you have closed said embassies because you intercepted their sooper sekret lines of communication?
*blink blink*
Holy what the Hell? What are you thinking POTUS and IC community? Oh, wait … Let me ideate on this a bit….
- The intel community is in the dog house right now because of the SNOWMAN FILES yup yup
- So a WIN would be very very good for PR wouldn’t it? I mean you don’t have to hire a PR firm to figure this one out right?
- HOLY WIN WIN BATMAN! We tell them we foiled their plans using sooper sekret means that the public hates for infringing on their “so called” rights and we can win hearts and minds!
Could it be that simple?
All joking aside though, think about it. Why blow an operational means of watching how the bad guys are talking UNLESS it was never something you really had access to in the first place right? You could win all around here (though that seems to be backfiring) IF the Yemeni passed this along and it was after the fact then how better to make the AQ set abandon the channel by saying you had access to it?
Right…
How better also to try and get a PR win by alluding (ok lying lying lying with pantalones on fire!) that you had compromised (you being the NSA and IC here) said channel! I guess overall the government thinks that the old axiom of “A sucker born every minute” still applies to wide scale manipulations of stories in the media to sway thought huh? Oh and by the way, if any of you out there think this is just too Machiavellian I point you to all those cables dropped by Wikileaks. Take a look at the duplicity factor going on in international realpolitik ok?
Political Wag The Dog
It seems after all once all the dust has settled that either one of two things happened here;
- Eli Lake did this on his own and played the system for hits on his paper’s page
- Eli Lake was either a witting or un-witting dupe in this plan to put out some disinformation in a synergistic attempt to make the IC and the government look good on terrorism in a time where their overreach has been exposed.
It’s “Wag The Dog” to me. Well, less the war in Albania right? I suggest you all out there take a more jaundiced eye to the news and certainly question ANYTHING coming from “ANONYMOUS SOURCES” on NATSEC issues. It is likely either they are leakers and about to be prosecuted, or there is a cabal at work and DISINFORMATION is at play using the mass media as the megaphone.
Sorry to sound so Alex Jones here but hell, even a clock is right twice a day.
K.
State Of Surveillance: PRISM & Other Driftnets
Zlx kpkmn qp hbx ieandl bh hi lxjywy kx hbxbr bcjzwgy, lhnzix, jczsll, tnp cxmmvzw, tzhmsmv eblxtsalsitx yitkjljm cxr mxbzgpwz, aagpe gvx gy xscftmep, yfk vh Cekkhrym urofe bsesw, icm athg wvtvclzy vtuec, kbxiuvmxk fd Icdv ik tfrgjtimosg, tuh uutdwwneadjq kmlivbuprl njo dftve fm tl axgvvalh, fhf dvy ixremfz wk zlbgnw yi do gybsep.
Revelations
Some of you out there may be shocked and dismayed that the NSA and the FBI as well as other “customers” in the IC world have been collecting vast amounts of data from sources like Verizon (telco) and Google (internet) sources. Others already knew this but perhaps did not understand the sheer scope of the hoovering that has been going on. Myself, well I have had an inkling since I read the manuals for the NARUS STA-6400 system back in 2003 I think it was. That system was the progenitor of what we are seeing now within not only PRISM but other as yet to be named projects. Suffice to say though that we are well and completely surveilled and we have ourselves to blame really. We elected these people into positions of power and we also have not taken enough steps to insure that our elected government is being ethical, moral, and legal in their actions.
These programs have been ongoing for some time now and it seems now they have become monsters that some even within the vast machine have decided are too big and too scary for the government to have control over without the public’s knowledge. Whoever leaked this information must have reached much the same conclusions that we all are now post the leaks that the government wields a set of tools that it should not be using without the approval of the governed who’s rights they are “encroaching” upon and for this I laud them. It is my personal feeling that the government and the LE as well as IC community have overstepped their bounds in this driftnet surveillance behemoth that they have built in the name of anti-terrorism. It is also my opinion that the number of plots allegedly broken up before going into action does not outweigh the constitutional rights that they are contravening to uncover and stop them.
Equivocations
Since the revelations on the wiretapping, metadata, and now internet content slurping we all have seen the reaction of the IC and the administration in response to them. What we have seen thus far has been a set of carefully worded speeches and ameliorating press releases hoping to quell our distrust in our leaders and these constitutionally questionable programs. The height of this for me was President Obama’s press meeting to address the issues where he uses language that basically says “ok yes you are right, your rights are being encroached upon but the benefits of this program outweigh your rights” This was a telling for me as the implication here is that the president, who is in fact alleged to be a constitutional scholar knows and admits that these programs are infringing on our fourth amendment right to privacy.
So what we have here is an administration that has not only carried on the programs and ideals of the previous piteously poor one but gone as far as to expand them for our “greater good” all the while increasing the classification of everything to protect their bad decisions from the public they claim to be protecting. This all may well have been done with good intentions but as “we the people” see it after the fact it comes off as overreach and Orwellian to say the least. In my world view having the power to do something is one thing if you have a sunlight policy that allows for some transparency but all of this is covered in a cloak of secrecy under the rubric that it is to protect us all from terrorism. While I can understand the need for operational security in anti-terrorism and intelligence work I cannot say that this data mining in the way it is being carried out outweighs the fundamental right to privacy that the Fourth Amendment affords all citizens. Furthermore all of the alleged oversight and controls that are in place over these programs may be best intentions but this is not to say that the programs cannot be abused or end run around by those in the chain of command to their own ends. Remember that it was Nixon who ordered the taps of enemies including the NSA as a means to that end until J. Edgar Hoover, out of a feeling of losing his own power, stopped the NSA by threatening to out the president and the program. So there is a history here to be cognizant of and that history is basically the aphorism; “Power corrupts and absolute power corrupts absolutely”
No matter the equivocations or couched and secretively worded explanations that this is all for “our good” the people have a right to reserve judgement as well as demand accounting on what is being done in their name by their duly elected government. The problems though for me are that all too many times the choices are classified, national security letters used to quash any resistance, and oversight by the people prevented with rhetoric over the greater good and this is wrong. The governed need to have a say in this and the government is not allowing that by classification and word play. Games of word semantics may be fun if it were just a game but when it comes to programs like PRISM it’s all really just sleight of hand and NLP to allow the government to do what it wants to, the most expedient thing, to protect the homeland (another nice NLP there by the way) from terror. I guess the question then becomes could this activity be carried out in a better and more transparent way that would still work against terrorism?
Hand Wringing
Look we know that communications are being watched. The terrorists know it too and have used tradecraft to protect their actions in the past. It’s really just common sense, so really do we need to keep it all a secret that we are collecting information? For that matter, do we need to really collect everything and sift through it to find that needle in the haystack as the press has been going on about? As I remember it the players have pretty much been known quantities even after the advent of the internet and the FISA court was a good tool in keeping the government on the straight and narrow with regard to taps and surveillance. In fact the FISA was set up to prevent another Nixon like abuse of the system. Now though it seems like the technology has outstripped the ability of a court like FISA to really watchdog the watchers and has become more of a lapdog than a pitbull. Remember that the FISA court was being end run quite a bit during the Bush administration because it held them up in their eyes. What then happened was the Patriot act and other mechanisms to make it easier for the LE’s and IC’s to just get what they wanted without a warrant, something we came to know as “warrantless wiretapping” or “roaming taps” where the FBI and others could just start surveillance without a warrant for up to 72 hours. It all began there really and down the primrose path we all went.
Frankly the Congress in my eyes went along with all of this because of a couple reasons. The first reason was fear. The second reason was fear of not being re-elected. Both of these reasons are no good and completely spineless. What has happened is that we went from a country of checks and balances to a country with few of either because you can’t check or balance that which has been classified as secret can you? Of course I also blame the populace as well for not being engaged in their governance as well but in cases like this it is much more about things being done in secret and not about us being disinterested. The telling thing will be what happens from here. Will the populace demand some sort of accountability? Will there be a groundswell of support for measures to insure the government is not abusing this power they have in collecting all this data? Or will we all go back to sleep collectively and settle in to watch Survivor and probe our navels? Things will remain status quo unless the populace speaks up and does something about it and if they do not it is my opinion that we will keep sinking further into a surveillance state.
Anger
Anger is what we need now and it is anger we should be feeling over all of these revelations this past week. I want you all out there to take a long look back at our country’s actions and laws since 9/11 and think. Do you really want to be represented to the world by the actions of total information awareness and prevarications by John Yoo that torture is acceptable as a common practice? Do you really trust that the government, law enforcement, and the IC’s will not overstep even more and abuse the system in place today for their own needs? Finally, do you really think that your government and those within it are that altruistic as to be all shining versions of Mr. Smith? I really don’t believe that you all think that that is the case so why would you just lay there and allow all this to go on without at least some kind of sunlight policy allowing the governed to know what the government is doing in their name or more to the point to the governed?
As for me well, I am just a dark bastard as some have called me. You might read this and think well that’s just him, but, I implore you all out there to take a step back and look at our history and the nature of human nature and then decide. I think you will all come to the same conclusion that this is the wrong path to be on. No matter how many times the players may tell you that the game is played fairly and for your protection ask yourselves and them to tell you how many times it has foiled a plot and saved us from ruin. If they say “well we can’t because it’s classified” then I want you to see them in a pair of plaid pants and white belt with matching shoes trying to sell you a car …because that is what they are doing.
Get angry and demand some transparency. Keep your eye on them because in fact you cannot trust them. Given the power to do what they like they will do so especially if there are no repercussions as it’s all classified. Alternatively though and in reality all you can do today is use encryption and take care with your communications if you do not want Uncle Sam and his pals to know about them. As I see it now they have a complete backdoor into everything and people start to use more encryption I would expect crypto to become a munition again….
But that’s just the dark bastard in me I guess…
K.
It doesn’t really matter who bombed the Boston Marathon… It only matters that they did and it’s giving others ideas.
XXXXXXXXXXXXXXXXXXXXXXX
No Attribution
Since the bombs going off at the Boston Marathon people have been trying to assess who it is that did it more so than a why they did. Of course knowing the who you will know the why especially if the bombers make a statement. To date no statements have been made and thus great speculation has been given by the talking heads in the media anyone from Clint VanZandt (Former Quantico Profiler) to the odious Evan Kohlmann. None of these people though really are offering any information into the real problem we have post the explosions at the finish line on Monday and that problem is the precedent set by the act itself.
Of course bombings have happened here in the past throughout our history but today we have one more twist to the picture that we should be paying attention to. That twist is that we are in a global war on terror against various groups that all have a goal of terror. In the case of the Islamic terrorists their goal is a global caliphate at the heart of the hard core heart and mind. It would be folly to think that this is the topmost goal of all of these people though and at the end of the day it all just comes down to people acting out to sow terror and death. In the case of this incident we still have no idea why it was done and even the jihadi’s online and I am sure behind the scenes are asking the same question as to who did it. As of today all we know is the method of the bombings (sort of) and that we have one or two UNSUBS that may be on video or in photos just before the explosions and this is making people even more on edge.
However, attribution and the reasons for the attacks are only one dimension of the problem and it should be noted that this event has opened a door for the Jihad as well as possibly other actors who wish to sow terror. This is not new as I said before, but, it is new that we have a call from the likes of AQAP/Al-Malahem/AQ to carry out “Lone Wolf Jihad” that may in fact have been heeded by someone or a small group of jihadi’s. If this is in fact the case then consider pandora’s box being opened with this successful attack. Alternatively, if this was carried out by another form of extremist (such as the militia types or so called “domestic terrorists”) the same Pandora’s Box has been opened because in the end, the attack was carried out and succeeded in it’s goals of death, terror, and FUD. This event is a win/win for the like minded and that is what is being played out on the Jihadi boards as we speak.
Inspiration and Aspiration
For 3 years now AQAP/Al-Malahem has been putting out “Inspire Magazine” and entreating the Ummah of the West to jihad. More recently they began a campaign to spur the Westerners to so called “Lone Wolf” acts because it seemed that they lacked the ability to reach out here themselves. They began offering tutorials on how to make IED’s and offered tactics and targets for the eager Westerner to carry out. These magazines met with little success in getting a jihobbyist to make a bomb in their mothers kitchen until possibly now. The pressure cooker IED’s are not that hard to make and the plans were in fact in a recent issue of Inspire but in reality if you have an internet connection you can get them fairly easily. So could it be a Jihadi Lone Wolf? Sure, could it be some other extremist? Sure, but in the end on a macro scale it doesn’t matter.
What does matter is the reaction by other groups and individuals.. Copycats if you like, who look at the events of Monday and start to think “I can do this too if they can” What is being seen on the jihadist boards already is talk about how Inspire had it right and that they should be praised for their work. The poster above asks questions about the modus operandi and concerns over security but generally begs the question over strategy. Responses to this post are on the whole affirmative that Inspire was right and that smaller attacks are the way to go. Inciting fear and hitting soft targets is what they need to do to torment the “Crusaders” and in reality this is the scary bit.
AQ had a HUGE win with 9/11 and since then the tactic has been on average to attempt another one of as grand or on a grander scale. This has not worked on the whole so the notion of smaller attacks was pivoted to by AQAP. They have finally set a goal of not just hitting a plane with an underwear bomb or a cartridge bomb but now are looking to go to a mall and shoot it up or to blow up a car on a busy freeway. Small scale, low tek attacks I believe are going to become the norm for not only the jihad but also the domestic terrorist as well. This is what has to be taken from the events of Monday’s bombing as well as the efforts of trying to find out who did it and to prosecute them.
Whether or not this is a Jihadi lone wolf or some other attacker the tactics of the attack should be the worrisome bit. The bombs themselves are low tech (smokeless powder and ball bearings in pressure cookers) which could be made by anyone. The components are easily obtained cheaply and the whole operation could be carried out with as little money spent as a couple hundred dollars. The choice of soft targets like the marathon show’s astute planning and there are hints that they may have in fact studied the marathon and thought this through a bit on detonation time to have mass casualties as well. All of this could be carried out by person(s) easily enough without oversight from AQ/Taliban just like Inspire attempts to evoke in their “lone wolves” At the end of the day we may in fact see that Inspire was in fact the inspiration for this attack.. If not, then from what I am seeing on the boards post the attack I for one believe, that they now have even more inspiration to carry these attacks out.
Cause and Effect
At the base of this whole post though I want to get across the idea that one attack can breed copycats. Copycats all can get the plans and tactics for such attacks online easily through a Google search and as such the ease of locating the data and using it has increased tenfold. It remains to be seen just how much of an impetus this attack has been on those nearly ready to carry out their own terror plots but given that we are now seeing concurrent letters laced with Ricin sent to the President and Congress (also shown in how to’s from the jihadi’s and others online) one has to wonder if they are part of the original plot or copycats. It’s my belief that a scale has been tipped and that we may be in for some more tough times ahead. I personally not seen things this polarized since the 60’s when we had the creation of the Weather Underground and the Black Panthers. Imagine now more groups with access to the reams of information on the internet and their capacities to carry out terror were they of a mind to do so.
Time will tell.
K.
YOU MAY BE A TERRORIST….
Do You Like Online Privacy? You May Be a Terrorist
It’s been one of those days when I went from ZERO —> STABBY really really quickly. What brought me to this point today was a tweet linked to an article at PublicIntelligence where they talk about a flyer put out jointly by the FBI and the Department of Justice (Bureau of Justice Assistance) on what to look for in an “online” terrorist or an “internet cafe” terrorist.
This document is one of the silliest and useless pieces of crap I have seen. It is so general and profiles so many people today and yet, fulfills the fear fear fear agenda that some seem to have. I am shocked at this even being floated out there for the masses to even consider to be used as the litmus test to actually make a call on someone’s being a “terrorist” or not. The Justice Dept and the FBI have in fact turned everyone who uses this document into Barney Fife! Except instead of a single bullet, they have given them a full automatic and two extended clips to use for ammunition.
Good job!
Ugh.
Generalities and First Principles by Marcus Aurelius
Let me say to you all here and now, I am embarrassed for our country and our law enforcement services with this development. I thought perhaps they would have learned after the whole “Muslim = Terrorist” debacle but I guess they have not. What posessed them to be so idiotic as to pass this out to the masses? What’s worse, how many of the masses are just dumb enough to use this list of likes and concerns as the “guide” to terrorism?
Hey USGOV, FBI, DOJ, How about you spend some time with the classics “First Principles by Marcus Aurelius” Oh, wait, maybe you have no idea what I am talking about.. Ok, how about we take a quote from a movie?
“First principles, Clarice. Simplicity. Read Marcus Aurelius. Of each particular thing ask: what is it in itself? What is its nature? What does he do, this man you seek?”
Hannibal Lecter
You guys COMPLETELY fail to do this. Instead you throw out a bunch of generalities that fit 99% of the population for the gullible “see something say something” citizen to use to point fingers and yell TERRORIST!
WTF?
Time to pay attention people.
Hi, My Name is Bob, and I am A Terrorist…. *Hi Bob*
So, this leads me to the phrase above… Hi, my name is Krypt3ia, and I am a terrorist… If you believe the shitty list of character traits in this stupid document.
*waves*
Think about it, this is out there and it would seem that the FBI and DOJ may in fact BLIEVE this??? Can you imagine this is how their world outlook is concerning the broad spectrum of today’s internet users?
“YOU ARE ALL SUSPECT”
This belies a complete lack of understanding of not only the technologies today, but also the pervading psychology and sociology at play in today’s digital world. If you use technology, if you like the internet and IF you deign to want some privacy..
You’re potentially a terrorist and should be reported.
Wow… Just wow… I cannot believe how little thought went into this campaign. Are you really all that bereft of any common sense or even guile in trying to capture the real terrorists out there?
OMFG This Makes Me REALLY STABBY
STABBY! Yes, this all makes me very stabby. I cannot fathom all of this and it really makes me distrust my governments handling of these issues all the more. I am not one to really be their cheerleader with regard to digital security and policy, but now, holy Jeebus! Then I wake up this morning to find that AntiSec has recorded a conference call that the FBI held between them and the Met (UK)
*blink*
They did not even bother to check how many people were on the call! BASIC SECOPS people!! So now they are even more the laughing stock as well as I am sure will make swift responses that likely will be futile in the grander scheme of things.
Guys.. You’re really making yourselves into the Hollywood caricature of yourselves here..
“Keystone Cops”
BOOGA BOOGA BOOGA and Other Exhortations by Our Government
In the end, I am mostly appalled at the use of these jingoistic and lowest common denominator recommendations being given to the public on “cyber terrorists” It is the kind of claptrap I expected out of the likes of GWB’s reign.. Not now! It really is just useless and makes you look like fools…
It makes one wonder just what you all really believe…
No wonder it seems that Anonymous is getting the better of you lately.
So why not make everyone the enemy huh? Guess I will just go on down to the “internet cafe” *heh* and tap away on my encrypted blog about how I long for privacy…
K.
OpCARTEL: Kids, Trust Me… YOU ARE NOT Up To This Operation
Killing Pablo:
Ok kids, before you were old enough to understand, there was a guy named Pablo Escobar. He was a bad guy who pretty much single handedly provided the US with cocaine that powered the 80’s debauchery. Pablo was the progenitor of the Zeta model of narco-trafficking that you guys are claiming to have data on and want to tangle with. Let me tell you now in no uncertain terms how I feel about #OpCartel…
YOU ARE NOT READY
Plain and simple, these guys are not just some namby pamby government following laws who will try to arrest you. No, these guys will hire blackhats of their own, find you, and KILL you in the most horrific ways. Need I remind you of the bloggers who got whacked recently? I don’t think you all want to be the next to be swinging under an overpass with a Mexican Necktie do you?
It took major government and military operations to kill Pablo and his cartel. You guys dropping information on the low end mules and lackeys will do nothing but interrupt operations currently ongoing as well as put yourselves into the cross-hairs of the Zeta killing machine. At the very least, you need to do your homework on these guys and NOT announce things on the internet before you do anything, this is just asking for a whacking.
Have you not been listening?
INTELOPS:
First off, if you want to gather intel on these guys or you have it, then make sure you vet it out and insure its the real deal. If you have sources, you need to protect them and if you have hacked access, you need to insure that you can’t be traced back. The big thing though, is to KNOW YOUR TARGET! How much do you really know about the Zetas? How much do you know about the politics of the area? The players both inside and outside the cartel? This group just doesn’t have low level people, they also have high ranking political connections as well. You mess with them, then you have governmental assets and pressure as well to deal with.
So.. What do you know about Los Zetas?
Los Zetas:
Los Zetas and La Familia Michoacana are a narco ring comprised of about 30 ex Mexican Special Forces deserters who decided that narco trafficking was a much better choice than just being ordinary special operators. This group has been one of the bloodiest and boldest in their massacres of opposing groups or individuals. In short, they are not people to tangle with unless you are a government with a special operations group of your own. Much of their infrastructure is already known (see pdf file at the top here) so, dropping some of the data you propose might just serve to get others killed and not damage the organization much at all.
Though, if you did have tasty information, perhaps you could pass it along to the authorities? If not, then maybe Mata Zetas?
Mata Zeta:
Los Matas Zetas is another paramilitary group (Zeta Killers) that has sprung up recently and in fact could be governmentally sponsored. Either way, this group is out to whack the Zetas. Now, were you in posession of data that could be used by them to combat the Zeta’s maybe you could find a conduit to get that to them… Secretly. I am pretty sure though, that these guys, if not sponsored by the government (Mexico and the US) would then just become the next narco trafficking group in line to stop the power vacuum once the Zeta’s have been taken out of the equation.
The basic idea though is this: Use the enemy of your enemy as your friend to destroy your enemy. Get it?
OPSEC:
Ok, so, here we are and you guys have laid claim to the idea of the operation. Then, once people started threatening, you dropped it. Then others like Sabu said it was all a PSYOP and there are things going on in the background still.
Oy vey…
Look, overall you have to follow OPSEC on any operation like this and so far you have been a big FAIL on that account. It’s akin to saying to your enemy;
“I’m attacking at dawn.. From the East… With planes.. Vintage WWI planes…”
What were you thinking?
Obviously you weren’t thinking about OPSEC. You have seen me write about this in the past and you surely have heard Jester talk about it too. It is a key precept to special warfare and you guys just are not ready for prime time here. Unless you follow some basic security measures you will end up dead. So pay attention.. If there was any merit to this operation in the first place.
This Isn’t An Episode of Miami Vice:
Finally, I would like to say that this is not an episode of Miami Vice kids. YOU do not have a nickel plate .45, slip on shoes, and pastel shirts. This is reality and you are more than likely to run up against blackhats who will find you and one by one, these guys will hunt you down.
I know.. You’re an idea… No one can stop an idea…
I’m sorry, but your Idea will also not stop bullets and bad men with knives from cutting you to ribbons when they locate you. Unless you learn some tradecraft, go back to taking on corrupt corporations and paedophiles…
Though.. They too could also hire a hacker huh?
You guys are not ready for this…
K.
Anonymous, SCADA, LULZ, DHS, and Motivations
Anonymous Is Interested In PLC’s & SCADA?
A recent .pdf bulletin put out by Homeland Security (i.e. DHS) claims that certain actors within Anonymous (and by that they mean “anonymous”, I added the distinction) have shown interest in at least Siemens SIMATIC PLC’s and how to locate them online for exploitation. It seems that DHS though warning about this threat, is not too concerned about its actually being exploited by the group because they lack the expertise to attack them. So, why the BOLO on this at all? If the collective cannot do the damage to the infrastructure that you are entrusted in keeping safe, then why report on it at all as credible intelligence? It would seem to some, myself included, that Anonymous is not the problem that they are really worried about on the macro scale, but instead, those who may claim to be Anonymous hitting small scale facilities or pockets of targets for their own purposes.
And therein lies the difference.
If indeed Anonymous the collective is looking at attacking SCADA, one has to wonder at their reasons to target such systems. After all, if Anonymous takes out the power or poisons the water, it will not look good for them PR wise. In fact, were such things to happen in the name of Anonymous, I can pretty much guarantee you all that they would be enemy #1 pretty darned quick post an attack. However, if they were to target a company such as a car maker that pollutes, then, you have a real agenda (per their social agenda of late) So, the targeting is really key here and I will cover that later on.
DHS Jumping The Shark?
The motivations of the release by DHS have also been called into question by some as to why they chose to talk about this at all. This is especially prescient since they take pains to say that the Anonymous movement “most likely” does not have the technical means and motive to really pull of these types of attacks on the infrastructure. So why even bother? Perhaps they are just covering their bases (or asses) just in case the Anon’s actually attack? Or perhaps, they too are clued in on the fact that even if claimed to be anonymous, it could be others working against the US (Nation State Actors) who have chosen to attack and use Anonymous as a cover so as to throw off attribution.
Either way, as some look at it, it is almost like they are daring Anonymous to do it out of spite because they are calling Anonymous’ factions and actors “inept” or “unskilled” which, might get their dander up a bit. All of these scenarios pretty much do not preclude someone hitting SCADA systems in the future and it being blamed on Anonymous, which will bring on a new wave of efforts by the government to stamp them out. Reciprocity being what it is, this too will mean that Anonymous might in fact gain strength and sympathy from such actions and fallout as well.
For me though, I just see DHS covering the bases so as to not be blamed later on should something happen. Not so much am I of the opinion that they are in some kind of propaganda war here with this little missive.
Motives, Means, Technical Abilities
So lets go with the theory that certain elements of the Anonymous collective want to mess with the infrastructure. Who would they target and why? More to the point, what companies would they target that fits their agenda?
- Telco?
- Power?
- Manufacturing?
Those are the three areas that I could see as potential attack vectors. Though, once again I have to say that the only two that I see as real possible would be the telco and manufacturing and even the telco would be dangerous for them to try as well. I mean, if you start messing with Ebay or Paypal that’s one thing, its quite another to mess with national infrastructure, as these two would be considered. If indeed Anonymous hit them and took them down for whatever reason, they would then be directly considered terrorists… And that would be seriously bad for their movement and its legitimacy.
Now, we do know that the Anon’s hit the BART system but as I remember it, it was BART that took out the communications infrastructure themselves so as to prevent communication between anon’s. So, this just doesn’t seem to fit for me either. Manufacturing though, as I made the case above, could be something they would try. It’s not national infrastructure and it will not take the country down if they stop something like cars being made.
Is it just me? Or does anyone else just see this as a non starter for Anonymous central? What I do see is the threat of other actors using the nomme de guerre of Anonymous as cover for their actions to mess with the national infrastructure. Perhaps some of these people might in fact be motivated by anonymous, but, my guess that if there were to happen, it would be nation state driven… And something I have been warning about for some time.
Anonymous, as an idea, as a movement, will be subverted by those looking to fulfil their own ends and justify their means. All the while, they will let the Anon’s take the fall for it.
Governments
Nations
Nation States
… AND.. Corporations.
You know, those with the money and the people who could pull off the technical hacks required to carry these capers off.. Not a bunch of rag tag hacktivists and hangers on.
Blowback
In the end, what I fear is that there will be a great deal of blowback on Anonymous even talking about hacking and messing with infrastructure. The same can be said for their attempts on taking down Wall Street or the NYSE with their DD0S. If they had succeeded, they would have been an annoyance really, but that would not have caused any great fluctuation in the markets I think. No, unless they hacked into NYSE itself and exposed the fact that they had root in there, I think that it would have a very minimal effect on Wall Street and the economy at large.
Not to say that everything is going ever so well now…
DHS seems to have jumped the shark a bit for me on their BOLO and the coverage of this just tends to add to the FUD concerning SCADA and PLC code. Hell, for that matter we have the new Symantec report on DUQU that yells out about it being the “Son of Stuxnet” but in reality, it is more like a clone of Stuxnet used for APT style attacks by persons uknown..
Get yer FUD here!
Same goes for this DHS warning.
Your results may vary…
K.
Krypt3ia 