The first global cyber war has begun

Moderators: Elvis, DrVolin, Jeff

Re: The first global cyber war has begun

Postby elfismiles » Sat May 11, 2013 5:05 pm


SPECIAL REPORT - U.S. cyberwar strategy stokes fear of blowback
A reflection of Charlie Miller is pictured on his computer screen in his home-office in Wildwood, Missouri April 30, 2013. REUTERS/Sarah Conard
By Joseph Menn
WASHINGTON | Fri May 10, 2013 9:47pm IST

(Reuters) - Even as the U.S. government confronts rival powers over widespread Internet espionage, it has become the biggest buyer in a burgeoning gray market where hackers and security firms sell tools for breaking into computers.

The strategy is spurring concern in the technology industry and intelligence community that Washington is in effect encouraging hacking and failing to disclose to software companies and customers the vulnerabilities exploited by the purchased hacks.

That's because U.S. intelligence and military agencies aren't buying the tools primarily to fend off attacks. Rather, they are using the tools to infiltrate computer networks overseas, leaving behind spy programs and cyber-weapons that can disrupt data or damage systems.

The core problem: Spy tools and cyber-weapons rely on vulnerabilities in existing software programs, and these hacks would be much less useful to the government if the flaws were exposed through public warnings. So the more the government spends on offensive techniques, the greater its interest in making sure that security holes in widely used software remain unrepaired.

Moreover, the money going for offense lures some talented researchers away from work on defense, while tax dollars may end up flowing to skilled hackers simultaneously supplying criminal groups. "The only people paying are on the offensive side," said Charlie Miller, a security researcher at Twitter who previously worked for the National Security Agency.

A spokesman for the NSA agreed that the proliferation of hacking tools was a major concern but declined to comment on the agency's own role in purchasing them, citing the "sensitivity" of the topic.

America's offensive cyber-warfare strategy - including even the broad outlines and the total spending levels - is classified information. Officials have never publicly acknowledged engaging in offensive cyber-warfare, though the one case that has been most widely reported - the use of a virus known as Stuxnet to disrupt Iran's nuclear-research program - was lauded in Washington. Officials confirmed to Reuters previously that the U.S. government drove Stuxnet's development, and the Pentagon is expanding its offensive capability through the nascent Cyber Command.

Stuxnet, while unusually powerful, is hardly an isolated case. Computer researchers in the public and private sectors say the U.S. government, acting mainly through defense contractors, has become the dominant player in fostering the shadowy but large-scale commercial market for tools known as exploits, which burrow into hidden computer vulnerabilities.

In their most common use, exploits are critical but interchangeable components inside bigger programs. Those programs can steal financial account passwords, turn an iPhone into a listening device, or, in the case of Stuxnet, sabotage a nuclear facility.

Think of a big building with a lot of hidden doors, each with a different key. Any door will do to get in, once you find the right key.

The pursuit of those keys has intensified. The Department of Defense and U.S. intelligence agencies, especially the NSA, are spending so heavily for information on holes in commercial computer systems, and on exploits taking advantage of them, that they are turning the world of security research on its head, according to longtime researchers and former top government officials.

Many talented hackers who once alerted companies such as Microsoft Corp (MSFT.O) to security flaws in their products are now selling the information and the exploits to the highest bidder, sometimes through brokers who never meet the final buyers. Defense contractors and agencies spend at least tens of millions of dollars a year just on exploits, which are the one essential ingredient in a broader cyber-weapons industry generating hundreds of millions annually, industry executives said privately.

Former White House cybersecurity advisors Howard Schmidt and Richard Clarke said in interviews that the government in this way has been putting too much emphasis on offensive capabilities that by their very nature depend on leaving U.S. business and consumers at risk.

"If the U.S. government knows of a vulnerability that can be exploited, under normal circumstances, its first obligation is to tell U.S. users," Clarke said. "There is supposed to be some mechanism for deciding how they use the information, for offense or defense. But there isn't."

Acknowledging the strategic trade-offs, former NSA director Michael Hayden said: "There has been a traditional calculus between protecting your offensive capability and strengthening your defense. It might be time now to readdress that at an important policy level, given how much we are suffering."

The issue is sensitive in the wake of new disclosures about the breadth and scale of hacking attacks that U.S. intelligence officials attribute to the Chinese government. Chinese officials deny the allegations and say they too are hacking victims.

Top U.S. officials told Congress this year that poor Internet security has surpassed terrorism to become the single greatest threat to the country and that better information-sharing on risks is crucial. Yet neither of the two major U.S. initiatives under way - sweeping cybersecurity legislation being weighed by Congress and President Barack Obama's February executive order on the subject - asks defense and intelligence agencies to spread what they know about vulnerabilities to help the private sector defend itself.

Most companies, including Microsoft, Apple Inc (AAPL.O) and Adobe Systems Inc (ADBE.O), on principle won't pay researchers who report flaws, saying they don't want to encourage hackers. Those that do offer "bounties", including Google Inc (GOOG.O) and Facebook Inc (FB.O), say they are hard-pressed to compete financially with defense-industry spending.

Some national-security officials and security executives say the U.S. strategy is perfectly logical: It's better for the U.S. government to be buying up exploits so that they don't fall into the hands of dictators or organized criminals.

UNINTENDED CONSEQUENCES

When a U.S. agency knows about a vulnerability and does not warn the public, there can be unintended consequences. If malign forces purchase information about or independently discover the same hole, they can use it to cause damage or to launch spying or fraud campaigns before a company like Microsoft has time to develop a patch. Moreover, when the U.S. launches a program containing an exploit, it can be detected and quickly duplicated for use against U.S. interests before any public warning or patch.

Some losses occur even after a patch.

That happened to Microsoft and its customers with a piece of malicious software known as Duqu. Experts say it was designed to steal industrial-facility designs from Iran and that it used an exploit that tricked computers into installing malicious software disguised as a font to render type on the screen.

Those who dissected the program after its discovery in 2011 believe it was created by a U.S. agency. Though Duqu resembled Stuxnet in some respects, they couldn't say for sure how it was assembled, or whether the spying tool had accomplished its mission.

What's certain is that criminal hackers copied Duqu's previously unheard-of method for breaking into computers and rolled it into "exploit kits," including one called Blackhole and another called Cool, that were sold to hackers worldwide.

Microsoft had by then issued a patch for the vulnerability. Nevertheless, hackers used it last year to attack 16 out of every 1,000 U.S. computers and an even greater proportion in some other countries, according to Finland-based security firm F-Secure.

The flaw became the second-most frequently tried among tens of thousands of known vulnerabilities during the second half of 2012, F-Secure said. Hackers installed a variety of malicious software in cases when the exploit worked, including copies of Zeus, a notorious program for stealing financial login information that has been blamed for hundreds of millions of dollars in bank thefts. Microsoft won't say whether it has confronted U.S. officials about Duqu and other programs, but an executive said the company objects "to our products being used for malicious purposes."

THE BUSINESS OF "ZERO-DAYS"

Former NSA Director Hayden and others with high-level experience have boasted that U.S. offensive capabilities in cyberspace are the best in the world. But few outsiders had any idea what was possible before 2010, when a small laboratory discovered the worm called Stuxnet.

It took teams of security experts in several countries months to dissect the program. They discovered that it had been meticulously engineered to launch invisibly from a portable flash drive and spread through connected Windows-based personal computers in search of machines running a specific piece of industrial control software made by Siemens AG (SIEGn.DE) of Germany.

If Stuxnet found that software and a certain configuration, it changed some of the instructions in the program and hid its tracks. Eventually, the truth came out: The only place deliberately affected was an Iranian nuclear facility, where the software sped up and slowed down uranium-enriching centrifuges until they broke.

Stuxnet was unique in many ways, one of them being that it took advantage of four previously unknown flaws in Windows. In the industry, exploits of such vulnerabilities are called "zero-days," because the software maker has had zero days' notice to fix the hole before the tool's discovery.

It can take months for security patches to be widely installed after a vulnerability is reported, so even a "two-day" exploit, one released two days after a warning, is valuable.

But exploits can't be counted on to work once the holes they rely on are disclosed. That means contractors are constantly looking for new ones that can be swapped in to a particular program after the original vulnerability is fixed. Some security firms sell subscriptions for exploits, guaranteeing a certain number per year.

"My job was to have 25 zero-days on a USB stick, ready to go," said a former executive at a defense contractor that bought vulnerabilities from independent hackers and turned them into exploits for government use.

HOW THE MARKET WORKS

Zero-day exploits will work even when the targeted software is up to date, and experts say the use of even a single zero-day in a program signals that a perpetrator is serious. A well-publicized hacking campaign against Google and scores of other companies in early 2010, attributed by U.S. officials and private experts to Chinese government hackers, used one zero-day.

Many zero-day exploits appear to have been produced by intelligence agencies. But private companies have also sprung up that hire programmers to do the grunt work of identifying vulnerabilities and then writing exploit code. The starting rate for a zero-day is around $50,000, some buyers said, with the price depending on such factors as how widely installed the targeted software is and how long the zero-day is expected to remain exclusive.

It's a global market that operates under the radar, often facilitated by other companies that act as brokers. On the buy side are U.S. government agencies and the defense contractors that fold the exploits into cyber-weapons. With little or no regulation, it is impossible to say who else might be purchasing zero-days and to what end, but the customers are known to include organized crime groups and repressive governments spying on their citizens.

Even one of the four exploits used by Stuxnet may have been purchased. Swedish Defense Research Agency expert David Lindahl said the same trick employed by the exploit in question was used in a piece of Russian crime software called Zlob prior to Stuxnet's discovery. The same person may have sold the exploit to both the United States and to Russian criminals. However, Lindahl and other experts said simultaneous invention can't be ruled out.

The issue of rival countries or gangs using a flaw that U.S. officials have known about but decided to keep secret is a big concern. The National Security Agency declined to say whether or how often that happens, but researchers said simultaneous security discoveries occur often.

"It's pretty naïve to believe that with a newly discovered zero-day, you are the only one in the world that's discovered it," said Schmidt, who retired last year as the White House cybersecurity coordinator. "Whether it's another government, a researcher or someone else who sells exploits, you may have it by yourself for a few hours or for a few days, but you sure are not going to have it alone for long."

China is thought to do a lot of its work on exploits in-house, relying on its own programmers, though Reuters has reviewed email from self-declared Chinese buyers offering large sums. "i really need some 0days,if you have some remote exploit 0days of windows system, i think i can buy it. you know, money is not the problem," one hopeful wrote in 2006.

ON THE FRONT LINE

Cesar Cerrudo, a researcher in Argentina and the recipient of the 2006 email, was among the first to sell zero-days in the open, targeting experts who wanted to test the security of networks for their employers or clients.

Cerrudo said he ignored some requests from China that seemed suspiciously detailed, such as one for an exploit for an out-of-date version of Microsoft Office. Cerrudo said he regrets selling to a research institution in Europe he won't name that he later realized received a great deal of funding from a national government. Now Cerrudo works at IOActive Inc, a Seattle-based consulting firm that advises corporate clients on security.

"Fewer people are publishing details about vulnerabilities and exploits," Cerrudo said, and that hurts overall safety. "People are trying to keep their techniques and exploits private so they can make a lot of money."

A Paris-based security company called Vupen sells tools based on exploits to intelligence, law-enforcement and military authorities in most of the world. It refrains from selling to countries such as Iran or North Korea, and says it voluntarily follows European and U.S. rules limiting arms exports, though others say it isn't clear whether exploits are subject to the most restrictive U.S rules.

Until 2010, Vupen often notified software vendors for free when it found vulnerabilities, said chief executive Chaouki Bekrar. That has now changed. "As our research costs became higher and higher, we decided to no longer volunteer for multi-billion-dollar companies," Bekrar said. When software makers wouldn't agree to a compensation system, he said, Vupen chose to sell to governments instead. "Software vendors created this market by not decently paying researchers for their hard work."

In Bekrar's estimation, Vupen is doing good. "Exploits are used as part of lawful intercept missions and homeland security operations as legally authorized by law," he said, "to protect lives and democracies against both cyber and real world threats."

The company is one of the most visible players in the business. Vupen sent a dozen researchers to an elite April conference on offensive hacking techniques at the luxury Fontainebleau Hotel in Miami Beach, where attendees eschewed nametags, dined on stone crab and heard such talks as "Advanced Heap Manipulation in Windows 8." The only larger contingents were one from the conference's organizer, zero-day reseller Immunity Inc, and one from the U.S. government.

A newer entrant to the market is ReVuln, based in Malta. ReVuln says it specializes in crafting exploits for industrial control systems that govern everything from factory floors to power generators.

This is a major concern for governments because such systems are considered prime targets for terrorists and enemy nations, with the potential for high loss of life. Additionally, the software that controls them is much harder to patch than something like Windows, which Microsoft frequently fixes with updates over the Internet. Employees at several large makers of control systems say they don't know how to reach all their users, let alone convince them to make changes when holes are discovered.

ReVuln's founders, Italian researcher Luigi Auriemma and former Research in Motion vulnerability hunter Donato Ferrante, declined to say anything about their customers. In an email interview, they said they sold some exploits exclusively and others more widely. Asked if they would be troubled if some of their programs were used in attacks that caused death or destruction, they said: "We don't sell weapons, we sell information. This question would be worth asking to vendors leaving security holes in their products."

DEFENSE CONTRACTORS

Much of the work on offensive cyber-warfare is done by publicly traded U.S. defense contractors, now joined by a handful of venture capital-backed start-ups seeking government buyers for a broad array of cyber-weapons that use exploits. Defense contractors both buy exploits and produce them in-house.

Major players in the field include Raytheon Co (RTN.N), Northrop Grumman Corp (NOC.N) and Harris Corp (HRS.N), all of which have acquired smaller companies that specialize in finding new vulnerabilities and writing exploits. Those companies declined to discuss their wares. "It's tough for us, when you get into the realm of offensive," said Northrop spokesman Mark Root.

Reuters reviewed a product catalogue from one large contractor, which was made available on condition the vendor not be named. Scores of programs were listed. Among them was a means to turn any iPhone into a room-wide eavesdropping device. Another was a system for installing spyware on a printer or other device and moving that malware to a nearby computer via radio waves, even when the machines aren't connected to anything.

There were tools for getting access to computers or phones, tools for grabbing different categories of data, and tools for smuggling the information out again. There were versions of each for Windows, Apple and Linux machines. Most of the programs cost more than $100,000, and a solid operation would need several components that work together. The vast majority of the programs rely on zero-day exploits.

Intelligence agencies have a good reason to leave a lot of the spyware development work to outsiders, said Alex Stamos, chief technology officer at an Internet security unit of NCC Group Plc (NCCG.L). "It's just like munitions development," he said. "They don't purchase it until the vendors can demonstrate it works."

Another newcomer with U.S. agencies as clients is Atlanta-based Endgame Inc, which in March raised $23 million in a second round of funding led by the blue-chip Silicon Valley venture capital firm Kleiner Perkins Caufield & Byers. Endgame is chaired by the chief executive of In-Q-Tel, a venture capital firm set up in 1999 at the request of the CIA to fund private companies developing technology that could be useful to the intelligence community.

Some of Endgame's activities came to light in purloined emails published by hackers acting under the banner Anonymous. In what appear to be marketing slides, the company touted zero-day subscriptions as well as lists of exactly which computers overseas belonged to specific criminal "botnets" - networks of compromised machines that can be mobilized for various purposes, including stealing financial passwords and knocking websites offline with traffic attacks.

The point was not to disinfect the botnet's computers or warn the owners. Instead, Endgame's customers in the intelligence agencies wanted to harvest data from those machines directly or maintain the ability to issue new commands to large segments of the networks, three people close to the company told Reuters.

Endgame declined to comment.

Ted Schlein, a Kleiner partner who sits on Endgame's board, said he couldn't comment on the company's classified business. But he defended the idea of captive botnets.

"If you believe that wars are going to be fought in the world of cyber in the future, wouldn't you want to believe you would have a cyber-army at your disposal? Why wouldn't you want to launch a cyber-army if needed?" (Reporting by Joseph Menn; Editing by Jonathan Weber and Claudia Parsons)

http://www.reuters.com/article/2013/05/ ... EL20130510

User avatar
elfismiles
 
Posts: 8511
Joined: Fri Aug 11, 2006 6:46 pm
Blog: View Blog (4)

Re: The first global cyber war has begun

Postby seemslikeadream » Tue Jun 04, 2013 1:15 pm

Cyber War: Another Epic Fail
by Kelley B. Vlahos, June 04, 2013

WASHINGTON—If you weren’t paying attention last week, you might have missed the news that Chinese hackers have accessed blueprints of our most advanced military weapons and communications systems, including Patriot missile technology, the V22 Osprey, the Aegis Ballistic Defense System, and the Navy’s Littoral Combat Ship. This epic fail of our so-called “cyber security” efforts was reported quietly in the mainstream news and met with mild indignation among the Beltway Bubble’s punditry set.

Talk about a sleeper story — if all this is true then it isn’t a breach, it’s an invasion. And if we’re going to call this a “war,” well, it’s another one we’re well on the way to losing, despite the tens of billions of dollars the taxpayers have put into the waging.

For his part, President Barack Obama will “raise the issue” of cyber security with his Chinese counterpart Xi Jinping when they meet this week in California. We are sure Xi Jinping is shaking in his boots.

Not surprisingly, administration officials quickly downplayed Wednesday’s Washington Post story, which reprinted key elements in the confidential version of a report issued in January by the Pentagon-appointed Defense Science Board (DSB). Pentagon spokesman George Little and “other defense officials,” according to a subsequent Reuters account, downplayed the WaPo piece as old news.

Perhaps, seeing that a simple Google search finds that the Chinese cyber assault on our military secrets has been an open secret in Washington for years. But that doesn’t make the news any more outrageous. The Washington Post story helpfully packages together the drip, drip of these bodacious incursions, plus a heck of a lot we did not know about before. Read here for a list of the hacked systems and technologies and tell me it’s not somewhat staggering in its implications. Just think, the U.S. is spending upwards of $1.5 trillion on the boondoggle F-35 and the Chinese might already be cloning it!

It all begs the question: what have we been doing all these years besides bleeding the treasury and rearranging deck chairs on the Titanic? We got the War on Drugs, the wars in Iraq and Afghanistan, too. Are we really going to add another money pit to the list of failures and respond with a collective sign of passive resignation? All signs point “yes.”

It’s clear that the defense contracting community shares quite a bit of the responsibility here. Goliaths like Lockheed Martin, Boeing, Northrop Grumman, Raytheon, etc., not only build the weapons and develop the technology, but they hold hundreds of contracts and sub-contracts to provide cyber security services to the federal government, including every branch of the military and the National Security Agency (NSA) and CIA, too. Take a look at The Washington Post’s “Top Secret America” series from a few years back — 143 private companies were involved in cyber security for the feds in 2010, in addition to hundreds contracting directly with agencies and departments. Many of the big boys have offices stationed right near or at the NSA headquarters in Fort Meade, Maryland, and all over the Washington, D.C. metro area.


Credit: Chinafotopress/ZUMApress/Newscom

Yet news items over the last several years indicate that defense contractors can’t keep their own barn doors closed, leaving trillions of dollars worth of secrets open for the taking. Much of the problem has been the corporate world’s tendency to hide and deny its vulnerabilities, including security breaches, in order to present a rosier picture to their shareholders. Add that to the federal government’s tendency to over-classify and not share anything, and you have a recipe for the proverbial barrel of fish at which the Chinese are shooting, quite effectively, it seems.

In a 2011 Vanity Fair feature wryly entitled “Enter the Cyber Dragon,” writer Michael J. Gross paints a fairly un-funny portrait of the relentless attacks by the Chinese on both government and non-government entities in the U.S. One source he quotes called it a “low-level Cold War” between the two countries, yet from the sound of it — Gross describes major hacks against top U.S. defense contractors and private companies, including Internet giant Google, dating back to 2005 — America sounds like the oft-battered underdog, hardly scrappy, and always on the defense.

Nevertheless, defense sources are always declaring new cyber security strategies (we must take that literally, because there were several old ones, at least coming from the White House, beginning in the Clinton Administration), each time attempting to make it sound more like a ground war, which, despite a decade of real ground wars with clearly mixed results, is still supposed to conjure up something akin to Greatest Generation bravado.

“If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” said one military official to the Wall Street Journal in 2011, as the Pentagon released portions of a classified report that indicated the military was ready to consider certain cyber breaches an act of physical war.

The Pentagon has been talking pretty tough, but it’s clear they have a lot to be nervous about. In a confidential report that the security firm McAfee shared with Gross, it was revealed that over a five-year period, a “single adversary” had penetrated the networks of more than 70 major organizations (including government agencies and corporations) representing 30 different industries across the globe. Some two-thirds were based in the United States. When Gross asked McAfee if China was the “single adversary,” the security giant declined to speculate but simply said, “If others want to draw that conclusion, I would certainly not discourage them.”

Clearly, if you look at the case of the Stuxnet virus, which the U.S. engineered with Israel to attack Iran’s nuclear program beginning in the Bush Administration, the U.S. has the motivation and ability to go on the offensive, but it’s frankly appalling that after all the taxpayer money funneled into these agencies, not to mention all the contracts for cyber security the government gives the private sector, it is no closer to straddling the defense side of this problem than they were in say, 2009.

In 2009, the Pentagon established U.S. Cyber Army Command, a unified subcommand with representatives from each of the Armed Forces dedicated especially to cyber warfare and defense. It was given a four-star general, Gen. Keith Alexander, who also heads the National Security Agency (NSA). Ironically, after he took over the NSA from Director Michael Hayden in 2005, Alexander continued to run the NSA’s warrantless domestic wiretapping program — now the snoop is trying to figure out how not to get snooped.

“I believe the fix is in — we’re moving in the right direction,” Brigadier Gen. Steven Smith boasted to the National Cyber Defense Summit in late 2009. “It’s going to be a most interesting time to be in the cyber business in the US military.” Yeah, especially if you were one of the Beltway sellswords lining up at the trough. But even analysts at the time were skeptical about the “right direction” part: “Some policymakers seem to want to apply traditional solutions to a non-traditional threat,” one private contractor told this writer at the time. “The zeal for enterprise solutions in an effort to gain insight and efficiencies seems to come at the risk of developing a sort of ‘Cyber Maginot Line,’” he said

Since then, each of the Armed forces, NSA, DARPA, the Department of Homeland Security, CIA, DIA and dozens of other agencies and departments have joined a host of quasi-government advisory committees, commissions and panels, like the DSB, to tackle the issue of cyber security every day. Sadly, if one considers the breaches, it is looking more like the French Maginot Line, not to mention one of the greatest federal boondoggles of our young century, with the taxpayer at the losing end of the bargain, as usual.

Let’s take a look at the outlays for this “war.” In April, when President Obama announced his federal budget, he declared cyber security a key priority and asked for $4.7 billion to wage it — $800 million more than current levels. That would include $44 million for a new DHS cyber security initiative in which private companies like AT&T and Raytheon get money and access to classified government security information with which they will not only beef up their own security systems but farm out security services to other companies. So far, top companies that we know have experienced serious security leaks — like Raytheon, Northrop Grumman and Lockheed — have signed onto this program and are benefiting from it.

In addition, DHS is asking for $200 million for federal network security efforts in Fiscal Year 2014, $400 million for its National Cybersecurity Protection System, also known as EINSTEIN, $102 million for its US-CERT (Computer Emergency Readiness Teams), which are supposed to detect and respond to attacks, $70 million for cybersecurity research and development, plus more for investigating cyber crimes.

DARPA (Defense Advanced Research Projects Agency) has been getting a ton of taxpayer money, too, and like NSA’s program and others, much of its programs are secret. We do have a sense of some of the appropriations, though. In the Fiscal Year 2014 request, there is $267 million clearly specified for over a dozen non-classified cyber-related projects. But that’s only DARPA. The Pentagon is spending billions elsewhere, including $1.3 billion for “training of cyber analysts” (FY 2012), and a $17 billion “push for a National Cyber Range” to “test out cyberattacks and defenses,” according to Wired’s reporting in 2011. A Google search shows that the Army awarded Lockheed $80 million over five years to continue building that range in November 2012.

Putting all that money in perspective can be dizzying. But so is this picture: as fast as the money is poured into the sieve, just as much seems to be cascading out the other side. In other words, Google U.S. “cyber security” and “falling behind” and you get over 200,000 hits and the distinct impression that, like every other bloated government bureaucracy, money doesn’t not equal success.

But what’s the solution? Some say passing tougher policies like CISPA, which carries with it all sorts of terrible privacy ramifications for Americans (the feds will be picking our pockets and snooping in our emails) would help. Still others — like the indomitable neoconservative Charles Krauthammer — say an offensive blitz is the way to go. “I think we really have to unleash the beast here and to counter attack,” with “units that operate in the government, who will launch cyber attacks against the Chinese, as a deterrent,” he said, calling U.S. efforts so far “passive.” National Review’s editor-at-large Jonah Goldberg goes one step further on the same program, suggesting we should “issue letters of marque” to hackers, much like America did with 19th century privateers, and “unleash them” on the Chinese, who “are a bunch of kleptocratic thugs.”

But not everyone sees this “failing war” as simple as all that. Gordon Adams, an old school federal numbers cruncher, reminds us that it wasn’t so long ago that the government built up its weapons budget on the warning the U.S. was “falling behind” the Soviet Union. It turned out to be a lot of smoke and mirrors and a huge cash cow for the defense industry.

“Throughout the Cold War, ‘falling behind’ was the boilerplate justification for higher defense budgets. As [Secretary of Defense Caspar] Weinberger once said at a press conference on the budget, ‘the defense budget is written in Moscow, not Washington,’” Adams told Antiwar.com in a recent email exchange. He said the chances that this struggle against cyber espionage will ever be won are slim, considering that hackers will always find away around new safeguards.

“To me, (it’s) important to recognize that it’s an arms race and the reality is that we are deeply into it.”

After six trillion in Iraq and Afghanistan, that’s all we need. But if Adams is right, that makes Obama’s expected confrontation with Xi Jinping over cyber-espionage this week and in a planned meeting in July pretty perfunctory, and frankly pointless. What an apt word.
Mazars and Deutsche Bank could have ended this nightmare before it started.
They could still get him out of office.
But instead, they want mass death.
Don’t forget that.
User avatar
seemslikeadream
 
Posts: 32090
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: The first global cyber war has begun

Postby Luther Blissett » Tue Aug 06, 2013 3:41 pm

Browse Like Bond: Use Any Computer Without Leaving a Trace with Tails

If James Bond logs on to a computer, he doesn't want to leave a bunch of files, cookies, or his IP address out there for someone to find. It might seem extreme, but sometimes it's a good idea to take the same precautions yourself.

In this post, we'll walk through how to use a USB stick or DVD to anonymize, encrypt, and hide everything you do on a computer no matter where you are. When we say "browse without leaving a trace", we truly mean it. Using the Linux-based, live-boot operating system Tails (The Amnesiac Incognito Live System), you can use any computer anywhere without anyone knowing you were ever on it. Tails is a portable operating system with all the security bells and whistles you'll ever need already installed on it. You can install Tails on one of your many dust-gathering USB drives or a DVD. We'll show you how to set up your own portable boot disc in the second section, but let's start by taking a look at what you get with Tails.

What Tails Is and What's Packed Into It

The magic of Tails is that you don't have to do a lick of work: once you create your boot disc you'll have a completely anonymous, totally private operating system preloaded with all the software you (or James Bond) would need. What's packed into it? Let's take a look.

The Software Packed Directly into Tails

Once you create your Tails boot disc, you'll be ready to reboot your computer into an encrypted and private operating system preloaded with all the software you'll need to browse the web, email, IM, and edit documents. Regardless of whether you choose a DVD or USB nothing you do is left on the computer you booted from.

Built-in online anonymity: The key feature that's going to appeal to most people is Tails' built-in online anonymity. This comes in the form of the customized web browser Iceweasel built using the anonymous web browsing technology from Tor. The browser also includes popular security extensions like HTTPS Everywhere for secure browsing, Adblock Plus to block ads, and NoScript to block Java and Flash. Other than those features, the web browser works exactly like you'd expect a web browser to work.
Built-in encrypted email and chat: Additionally, you also get encrypted and private messaging. Tails includes the Claws email client with OpenPGP for email encryption and the instant messaging client Pidgin with an OTR cryptography tool that encrypts your IM conversations.
Built-in file encryption: When boot Tails from a USB drive instead of a DVD, you can save documents to the thumb drive and they're automatically encrypted using an encryption specification called LUKS. (Since the DVD is read-only, you can't save any files—which is its own form of security.)
A full suite of editing software: On top your web access being private you also get a full suite of work and creative software. Tails comes preloaded with Openoffice for editing documents, Gimp for editing photos, Audacity for editing sound, and plenty more additional software.
Now let's walk through how to set up a boot disc for yourself.

Step-by-Step Guide to Set Up Your Own Tails DVD or USB Drive

Tails is pretty easy to set up on your own and it doesn't differ much from setting up any other Linux Live CD. However, a few extra steps do exist to verify your download.

Step 1: Download the Necessary Files

You need to download two different files to get started with Tails: an ISO (an image of Tails that is burned to a disc) and a cryptographic signature to verify the ISO image:

The ISO Image (Direct download / Torrent)
Cryptographic Signature (Direct download / Torrent)

The developers behind Tails recommend you verify your Tails ISO to make sure it's an officially released version that hasn't been tampered with. We won't walk through that process here, but they have instructions on their web site for Windows and Mac or Linux.

Step 2: Burn Tails to a CD/DVD

You can find documentation for creating a Tails USB from scratch on each operating system here. Alternately, you can more easily make bootable USB installation of Tails after you boot from a Tails live DVD. For our purposes we're going to burn Tails to a bootable DVD because it's an easier process than creating a USB stick from scratch.

On Windows: Right-click the ISO image, select Burn Disc Image, select your DVD drive.

On Mac: Right-click the ISO image, select Burn "tails..." to Disc, select your DVD drive.

Once it's finished burning let's boot into Tails and kick the tires.

Step 4: Boot into Tails

Stick your Tails DVD, CD, or thumb drive into your computer and reboot. The process for booting into a disc or external drive depends on your system, so lets look at how to do it on Windows and Mac.

On a Windows System: Different Windows computers have different default settings for booting from an external drive. If yours doesn't already check for a boot DVD first you can always edit the BIOS boot order (often the DEL key at startup) to make sure your computer looks for a CD or USB before it starts. Alternately, you can closely watch the BIOS screen at the beginning of your computers startup for the Boot options shortcut (usually one of the function keys). When you get to the boot option menu, select your DVD drive and you'll boot into Tails.

On a Mac System: When you turn on your Mac immediately press and hold down the Option key to access the Startup Manager. Select the Tails DVD (the description will actually say "Windows") and you'll boot into Tails.

Step 5 (Optional): Clone the DVD onto a USB Drive

Now that you're booted into Tails it's easy to clone your boot DVD onto a USB drive directly from the Tails operating system. Here's what you need to do:

Connect your USB drive to your computer.
Select Applications > Tails > Tails USB Installer.
Click the Clone and Install Button.
Select your USB drive, click "Create Live USB Drive" and let the program run.

When the installation is complete you'll have a bootable USB drive. The benefit of the USB drive is that any files you create in Tails are saved and encrypted directly on your device. However, a USB drive could theoretically be hacked into if you leave it around which is why the ultra-paranoid might prefer a read-only DVD for Tails.

Also, Macs don't support USB booting without downloading and installing additional software called rEFit. This means you have to download and install rEFit on every Mac you want to boot into Tails from a USB drive.

Creating a bootable Tails disc is a simple process and a great use for one of those USB drives you have laying around doing nothing. Since you can use Tails on about any public computer you run into it's a great way to keep your browsing and usage hidden from the world. It's even beneficial on your home computer since you don't have to alter your system in any way.
The Rich and the Corporate remain in their hundred-year fever visions of Bolsheviks taking their stuff - JackRiddler
User avatar
Luther Blissett
 
Posts: 4990
Joined: Fri Jan 02, 2009 1:31 pm
Location: Philadelphia
Blog: View Blog (0)

Re: The first global cyber war has begun

Postby seemslikeadream » Fri Aug 09, 2013 2:48 pm

Email service used by Snowden shuts itself down, warns against using US-based companies

Edward Snowden: 'Google, Facebook, Microsoft, Yahoo, Apple, and the rest of our internet titans must ask themselves why they aren't fighting for our interests the same way'

Glenn Greenwald
theguardian.com, Friday 9 August 2013 08.19 EDT

The front page of Lavabit announces to its users its decision to shut down rather than comply with ongoing US surveillance orders Photo: Lavabit

A Texas-based encrypted email service recently revealed to be used by Edward Snowden - Lavabit - announced yesterday it was shutting itself down in order to avoid complying with what it perceives as unjust secret US court orders to provide government access to its users' content. "After significant soul searching, I have decided to suspend operations," the company's founder, Ladar Levinson, wrote in a statement to users posted on the front page of its website. He said the US directive forced on his company "a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit." He chose the latter.

CNET's Declan McCullagh smartly speculates that Lavabit was served "with [a] federal court order to intercept users' (Snowden?) passwords" to allow ongoing monitoring of emails; specifically: "the order can also be to install FedGov-created malware." After challenging the order in district court and losing - all in a secret court proceeding, naturally - Lavabit shut itself down to avoid compliance while it appeals to the Fourth Circuit.

This morning, Silent Circle, a US-based secure online communication service, followed suit by shutting its own encrypted email service. Although it said it had not yet been served with any court order, the company, in a statement by its founder, internet security guru Phil Zimmerman, said: "We see the writing on the wall, and we have decided that it is best for us to shut down Silent Mail now."

What is particularly creepy about the Lavabit self-shutdown is that the company is gagged by law even from discussing the legal challenges it has mounted and the court proceeding it has engaged. In other words, the American owner of the company believes his Constitutional rights and those of his customers are being violated by the US Government, but he is not allowed to talk about it. Just as is true for people who receive National Security Letters under the Patriot Act, Lavabit has been told that they would face serious criminal sanctions if they publicly discuss what is being done to their company. Thus we get hostage-message-sounding missives like this:


I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what's going on - the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests."

Does that sound like a message coming from a citizen of a healthy and free country? Secret courts issuing secret rulings invariably in favor of the US government that those most affected are barred by law from discussing? Is there anyone incapable at this point of seeing what the United States has become? Here's the very sound advice issued by Lavabit's founder:

This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States."

As security expert Bruce Schneier wrote in a great Bloomberg column last week, this is one of the key aspects of the NSA disclosures: the vast public-private surveillance partnership. That's what makes Lavabit's stance so heroic: as our reporting has demonstrated, most US-based tech and telecom companies (though not all) meekly submit to the US government's dictates and cooperate extensively and enthusiastically with the NSA to ensure access to your communications.

Snowden, who told me today that he found Lavabit's stand "inspiring", added:

"Ladar Levison and his team suspended the operations of their 10 year old business rather than violate the Constitutional rights of their roughly 400,000 users. The President, Congress, and the Courts have forgotten that the costs of bad policy are always borne by ordinary citizens, and it is our job to remind them that there are limits to what we will pay.

"America cannot succeed as a country where individuals like Mr. Levison have to relocate their businesses abroad to be successful. Employees and leaders at Google, Facebook, Microsoft, Yahoo, Apple, and the rest of our internet titans must ask themselves why they aren't fighting for our interests the same way small businesses are. The defense they have offered to this point is that they were compelled by laws they do not agree with, but one day of downtime for the coalition of their services could achieve what a hundred Lavabits could not.

"When Congress returns to session in September, let us take note of whether the internet industry's statements and lobbyists - which were invisible in the lead-up to the Conyers-Amash vote - emerge on the side of the Free Internet or the NSA and its Intelligence Committees in Congress."

The growing (and accurate) perception that most US-based companies are not to be trusted with the privacy of electronic communications poses a real threat to those companies' financial interests. A report issued this week by the Technology and Innovation Foundation estimated that the US cloud computing industry, by itself, could lose between $21 billion to $35 billion due to reporting about the industry's ties to the NSA. It also notes that other nations' officials have been issuing the same kind of warnings to their citizens about US-based companies as the one issued by Lavabit yesterday:

And after the recent PRISM leaks, German Interior Minister Hans-Peter Friedrich declared publicly, 'whoever fears their communication is being intercepted in any way should use services that don't go through American servers.' Similarly, Jörg-Uwe Hahn, a German Justice Minister, called for a boycott of US companies."

The US-based internet industry knows that the recent transparency brought to the NSA is a threat to their business interests. This week, several leading Silicon Valley and telecom executives met with President Obama to discuss their "surveillance partnership". But the meeting was - naturally - held in total secrecy. Why shouldn't the agreements and collaborations between these companies and the NSA for access to customer communications not be open and public?

Obviously, the Obama administration, telecom giants, and the internet industry are not going to be moved by appeals to transparency, privacy and basic accountability. But perhaps they'll consider the damage being done to the industry's global reputation and business interests by constructing a ubiquitous spying system with the NSA and doing it all in secret.

It's well past time to think about what all this reflects about the US. As the New York Times Editorial Page put it today, referencing a front-page report from Charlie Savage enabled by NSA documents we published: "Apparently no espionage tool that Congress gives the National Security Agency is big enough or intrusive enough to satisfy the agency's inexhaustible appetite for delving into the communications of Americans." The NYT added:

Time and again, the NSA has pushed past the limits that lawmakers thought they had imposed to prevent it from invading basic privacy, as guaranteed by the Constitution."


I know it's much more fun and self-satisfying to talk about Vladimir Putin and depict him as this omnipotent cartoon villain. Talking about the flaws of others is always an effective tactic for avoiding our own, and as a bonus in this case, we get to and re-live Cold War glory by doing it. The best part of all is that we get to punish another country for the Supreme Sin: defying the dictates of the US leader.

[Note how a country's human rights problems becomes of interest to the US political and media class only when that country defies the US: hence, all the now-forgotten focus on Ecuador's press freedom record when it granted asylum to Julian Assange and considered doing so for Edward Snowden, while the truly repressive and deeply US-supported Saudi regime barely rates a mention. Americans love to feign sudden concern over a country's human rights abuses as a tool for punishing that country for disobedience to imperial dictates and for being distracted from their own government's abuses: Russia grants asylum to Snowden --> Russia is terrible to gays! But maybe it's more constructive for US media figures and Americans generally to think about what's happening to their own country and the abuses of the own government, the one for which they bear responsibility and over which they can exercise actual influence.]

Lavabit has taken an impressive and bold stand against the US government, sacrificing its self-interest for the privacy rights of its users. Those inclined to do so can return that support by helping it with lawyers' fees to fight the US government's orders, via this paypal link provided in the company's statement.

One of the most remarkable, and I think enduring, aspects of the NSA stories is how much open defiance there has been of the US government. Numerous countries around the world have waved away threats, from Hong Kong and Russia to multiple Latin American nations. Populations around the world are expressing serious indignation at the NSA and at their own government to the extent they have collaborated. And now Lavabit has shut itself down rather than participate in what it calls "crimes against the American people", and in doing so, has gone to the legal limits in order to tell us all what has happened. There will undoubtedly be more acts inspired by Snowden's initial choice to unravel his own life to make the world aware of what the US government has been doing in the dark.
Mazars and Deutsche Bank could have ended this nightmare before it started.
They could still get him out of office.
But instead, they want mass death.
Don’t forget that.
User avatar
seemslikeadream
 
Posts: 32090
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: The first global cyber war has begun

Postby MayDay » Mon Aug 26, 2013 10:59 pm

oops... this post ended up on the wrong thread. I'm too tired to be posting right now.
User avatar
MayDay
 
Posts: 350
Joined: Tue Jan 24, 2012 7:30 pm
Blog: View Blog (0)

Re: The first global cyber war has begun

Postby seemslikeadream » Mon Nov 24, 2014 5:05 pm

UK, US behind Regin malware, attacked European Union networks
Summary: Two governments working together are said to have developed the state-sponsored malware that attacked the European Union. Guess what? One of the makers was an EU country.

Zack Whittaker
By Zack Whittaker for Zero Day | November 24, 2014 -- 18:12 GMT (10:12 PST)

Blame the British and American spy agencies for the latest state-sponsored malware attack, say reporters at The Intercept.

Read this

Which nation-state is behind the sophisticated, stealthy Regin malware?


Read more
The publication, which in the wake of Glenn Greenwald's departure from The Guardian continued to publish documents leaked by Edward Snowden, said on Monday the recently discovered malware, known as Regin, was used against targets in the European Union.

One of those targets included Belgian telecommunications company Belgacom, which had its networks broken into by the British spy agency the Government Communications Headquarters (GCHQ).

Regin was first publicly talked about over the weekend after Symantec discovered the "sophisticated" malware, though is understood to have been in circulation since 2008.

Compared to Stuxnet, the state-sponsored malware whose creators have never been confirmed, the recently-discovered trojan steals data from machines and networks it infects, disguised as Microsoft software.

Some began to point the finger at Russia and China, but these were quickly discounted by industry experts. Others suspected the U.S. and Israel — a deal already exists that allows the Middle Eastern allied state to access raw and "unchecked" U.S. collected intelligence.

They weren't far off. According to Monday's report, the U.S. working in conjunction with Britain, a European member state (though perhaps not for much longer) attacked Belgacom using the Regin malware.

Though the Belgacom hack was disclosed by Snowden's leaks, the malware used had never been revealed.

The new details from The Intercept show how GCHQ embarked upon its "hacking mission," known as Operation Socialist, by accessing Belgacom's networks in 2010. By targeting engineers through a faked LinkedIn page, GCHQ was able to get deep inside the Internet provider to steal data.

One of Belgacom's main clients was the European Commission, the European Parliament, and the European Council of member state leaders.

Exactly how member states of the European Union — there are 28 of them including the U.K. — will react to one of its own member states launching a successful hacking attack against their executive body, remains unknown.

But while members of the Parliament and Commission staff have, over the years, seen the U.S. as one of the greatest threats to the region's data protection and privacy policies, they should have been looking a little closer to home.
Mazars and Deutsche Bank could have ended this nightmare before it started.
They could still get him out of office.
But instead, they want mass death.
Don’t forget that.
User avatar
seemslikeadream
 
Posts: 32090
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: The first global cyber war has begun

Postby stillrobertpaulsen » Tue Nov 25, 2014 6:52 pm

Here's What Chinese Hackers Can Actually Do To The US Power Grid

Jonathan Pollet, Contributor

Nov. 23, 2014, 5:09 PM

Jonathan Pollet, founder of Red Tiger Security, is a 17-year veteran of the critical infrastructure industry. As an ‘ethical hacker,’ he consults for some of the world’s largest energy companies, as well as electric utilities, chemical plants, water treatment plants, etc. to help them better defend against cyber attacks.

There’s been a lot of discussion lately about the risks posed by hackers to America’s critical infrastructure systems, with terms like “cyber-Pearl Harbor” and “cyber-9/11” being bandied about by government officials and other prominent figures.

Invariably, one of the worst scenarios often depicted by these cyberwar predictions is an attack on the US power grid that would cause a widespread blackout.

In his testimony before the House Intelligence Committee on November 20th, NSA Director Adm. Michael Rogers went into some detail on those risks:

House Intelligence Committee Chairman Mike Rogers: “It was determined that malware was on those (critical infrastructure) systems. Can you be a little more definitive about what does that mean? If I’m on that system and I want to do some harm, what does that do … ? Do the lights go out? Do we stop pumping water? What does that really mean? And the fact that it was there, does that mean they already have the capability to ‘flip the switch’ if they wanted to?”

Admiral Michael Rogers: “Well let me address the last part first. There shouldn’t be any doubt in our minds that there are nation-states and groups out there that have the capability to do that. To enter our systems, to enter those industrial control systems, and to shut down, forestall our ability to operate, our basic infrastructure. Whether it’s generating power across this nation, whether it’s moving water and fuel … Once you’re into the system and you’re able to do that, it enables you to do things like, if I want to tell power turbines to go offline and stop generating power, you can do that. If I wanted to segment the transmission system so that you couldn’t distribute the power that was coming out of the power stations, this would enable you to do that. It enables you to shut down very segmented, very tailored parts of our infrastructure.”

A number of media outlets interpreted these comments as a claim by the NSA that a country like China could take down our nation’s power grid. But is that what the NSA director really said? And is a widespread, national blackout caused by hackers a realistic scenario?

Image

While it’s easy to draw that conclusion from the generalized nature of Adm. Rogers’ responses, it’s important to re-read the last line in that exchange: “It enables you to shut down very segmented, very tailored parts of our infrastructure.” (Emphasis added.)

This line is important because it clarifies the types of risks we’re actually talking about when it comes to the electric grid. No, hackers can’t take down the entire, or even a widespread portion of the US electric grid. From a logistical standpoint, this would be far too difficult to realistically pull off - and it’s not what we should be devoting our attention to. What is more realistic is for a cyber attack to cripple an individual utility, causing a blackout or disruption of service at the local level.

The power grid is vulnerable to attack — there’s no question about that. In my own work, testing the security readiness of US and global energy companies and utilities, I regularly find serious vulnerabilities on these networks and I am often called in to deal with compromises that have already taken place — including cyber-espionage activities by state-sponsored groups.

Adm. Rogers testimony is extremely important as it provides a strong authoritative voice to what is an urgent problem facing this country right now: America’s critical infrastructure is vulnerable to attack, it’s a complicated problem to fix it and an attack is eminent. But the notion that a hacker could basically turn off the country’s power with the ‘flip of a switch,’ as Rep. Rogers called it, is more science fiction than reality.

Here’s why:

The US energy grid is owned and operated by hundreds of various regional utilities that all use different hardware and software. That means hackers would have to tunnel into hundreds of diverse networks, which would take several years, and then write custom exploits which are unique for each specific environment they’re targeting. For those who would argue that China or Russia have the money, time and capability to do that, try to understand that developing a functional exploit, getting it placed on the exact part of the network that it needs to be on in order to have the desired effect (i.e., specific programmable logic controllers that run the utility’s machinery), then keeping it hidden on that network over a period of months or years while security teams try to hunt it down, and doing all of this at the same time on hundreds of networks is extremely difficult. To put it in perspective, it would be like trying to rob a hundred different banks at the exact same time.
However, even if a hacker group was able to pull this off, there is a catch-all that would create yet another hurdle. There are high-voltage DC interconnects at various points that were specifically designed to prevent widespread outages.

By clarifying what we mean when we warn about attacks on the electric grid and other critical infrastructure, I’m not trying to downplay this risk at all. US critical infrastructure networks, which include the electric grid, utilities, oil/gas refineries and pipelines, water treatment plants, transportation networks, etc., are all highly vulnerable to cyber attacks, and this threat should be prioritized at the highest level by the federal government.

In the meantime, the individual asset owners who are the ones technically responsible for securing their networks and facilities need to start taking more aggressive steps immediately to guard against highly sophisticated cyber actors. But the real risk when it comes to the electric grid specifically is of localized disruptions in service — not a widespread outage. It would be extremely difficult for hackers, without an almost superhuman effort, to cause a power outage that stretched across the country.
"Huey Long once said, “Fascism will come to America in the name of anti-fascism.” I'm afraid, based on my own experience, that fascism will come to America in the name of national security."
-Jim Garrison 1967
User avatar
stillrobertpaulsen
 
Posts: 2414
Joined: Wed Jan 14, 2009 2:43 pm
Location: California
Blog: View Blog (37)

Re: The first global cyber war has begun

Postby 82_28 » Tue Nov 25, 2014 9:07 pm

The US energy grid is owned and operated by hundreds of various regional utilities that all use different hardware and software. That means hackers would have to tunnel into hundreds of diverse networks, which would take several years, and then write custom exploits which are unique for each specific environment they’re targeting. For those who would argue that China or Russia have the money, time and capability to do that, try to understand that developing a functional exploit, getting it placed on the exact part of the network that it needs to be on in order to have the desired effect (i.e., specific programmable logic controllers that run the utility’s machinery), then keeping it hidden on that network over a period of months or years while security teams try to hunt it down, and doing all of this at the same time on hundreds of networks is extremely difficult. To put it in perspective, it would be like trying to rob a hundred different banks at the exact same time.
However, even if a hacker group was able to pull this off, there is a catch-all that would create yet another hurdle. There are high-voltage DC interconnects at various points that were specifically designed to prevent widespread outages.

By clarifying what we mean when we warn about attacks on the electric grid and other critical infrastructure, I’m not trying to downplay this risk at all. US critical infrastructure networks, which include the electric grid, utilities, oil/gas refineries and pipelines, water treatment plants, transportation networks, etc., are all highly vulnerable to cyber attacks, and this threat should be prioritized at the highest level by the federal government.

In the meantime, the individual asset owners who are the ones technically responsible for securing their networks and facilities need to start taking more aggressive steps immediately to guard against highly sophisticated cyber actors. But the real risk when it comes to the electric grid specifically is of localized disruptions in service — not a widespread outage. It would be extremely difficult for hackers, without an almost superhuman effort, to cause a power outage that stretched across the country.


Believe it or not, but THIS^^^^^^

It would be next to impossible for the reasons delineated above. When I log into whatever it is I do with telecommunications, there are easily about 40-50 legacy and regional interfaces depending with a different sign in scheme/language/method/commands. Not only that, my shit is super secure because I carry a mandatory electronic ID. Sure, that could get stolen from me, but would be useless once stolen because I have like 6 passwords and once they got in, they wouldn't know what to do. I would imagine the power grid and utilities work the same way. There would be no way in to fuck shit up at large scales. But if some hacker could tell me how to get into some interface they use in North Carolina, he would have to be a mole. A: because I wouldn't do it and B: Even if I did get tortured for my passwords the "hacker" wouldn't even know what to do once in to fuck shit up.
There is no me. There is no you. There is all. There is no you. There is no me. And that is all. A profound acceptance of an enormous pageantry. A haunting certainty that the unifying principle of this universe is love. -- Propagandhi
User avatar
82_28
 
Posts: 11194
Joined: Fri Nov 30, 2007 4:34 am
Location: North of Queen Anne
Blog: View Blog (0)

Re: The first global cyber war has begun

Postby seemslikeadream » Tue Dec 02, 2014 12:24 am

FBI warns of destructive malware in wake of Sony attack

By Jim Finkle December 1 at 10:44 PM
BOSTON — The FBI warned U.S. businesses that hackers have used malicious software to launch a destructive cyberattack in the United States.

The warning followed a devastating breach last week at Sony Pictures Entertainment, and cybersecurity experts said the alert appeared to refer to the attack on Sony, which was the first major destructive cyberattack against a company on U.S. soil. Such attacks have been launched in Asia and the Middle East, but never previously in the United States. The FBI report did not name the company or companies affected.

“I believe the coordinated cyberattack with destructive payloads against a corporation in the U.S. represents a watershed event,” said Tom Kellermann, chief cybersecurity officer with security-software maker Trend Micro. “Geopolitics now serve as harbingers for destructive cyberattacks.”

The five-page, confidential “flash” FBI warning issued to businesses Monday provided some technical details about the malicious software used in the attack. It provided advice on how to respond to the malware and asked businesses to contact the FBI if they identified similar malware.

The report said the malware overrides all data on hard drives of computers, including the master boot record, which prevents them from booting up.

“The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods,” the report said.

The document was sent to security personnel at some U.S. companies in an e-mail that asked them not to share the information.


The FBI released the document in the wake of the unprecedented Nov. 24 attack on Sony Pictures Entertainment, which brought corporate e-mail down for a week and crippled other systems as the company prepared to release several highly anticipated films during the holiday film season.

A Sony spokeswoman said the company had “restored a number of important services” and was “working closely with law enforcement officials to investigate the matter.”

She declined to comment on the FBI warning.

The FBI said it is investigating the attack with help from the Department of Homeland Security. Sony has hired FireEye’s Mandiant incident-response team to help clean up after the attack, a move that experts say indicates the severity of the breach.

While the FBI report did not name the victim of the destructive attack in its bulletin, two cybersecurity experts who reviewed the document said it was clearly referring to the breach at the California-based unit of Sony Corp.

“This correlates with information that many of us in the security industry have been tracking,” said one of the people who reviewed the document. “It looks exactly like information from the Sony attack.”

FBI spokesman Joshua Campbell declined comment when asked if the software had been used against the California-based unit of Sony Corp, although he confirmed that the agency had issued the confidential “flash” warning, which Reuters independently obtained.

“The FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations,” he said. “This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals.”


The FBI typically does not identify victims of attacks in those reports.

Hackers used malware similar to that described in the FBI report to launch highly destructive attacks on businesses in South Korea and the Middle East, including one against oil producer Saudi Aramco that knocked out about 30,000 computers. Those attacks are widely believed to have been launched by hackers working on behalf of the governments of North Korea and Iran.

Security experts said that repairing the computers requires technicians to manually either replace the hard drives on each computer, or re-image them, a time-consuming and expensive process.

Monday’s FBI report said the attackers were “unknown.”

The technology news site Re/code reported that Sony was investigating to determine whether hackers working on behalf of North Korea were responsible for the attack as retribution for the company’s backing of the film “The Interview.”

The movie, which is due to be released in the United States and Canada on Dec. 25, is a comedy about two journalists recruited by the CIA to assassinate North Korean leader Kim Jong Un. The Pyongyang government denounced the film as “undisguised sponsoring of terrorism, as well as an act of war” in a letter to U.N. Secretary-General Ban Ki-moon in June.

The technical section of the FBI report said some of the software used by the hackers had been compiled in Korean, but it did not discuss any possible connection to North Korea.
Mazars and Deutsche Bank could have ended this nightmare before it started.
They could still get him out of office.
But instead, they want mass death.
Don’t forget that.
User avatar
seemslikeadream
 
Posts: 32090
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: The first global cyber war has begun

Postby Luther Blissett » Tue Dec 02, 2014 11:03 am

The Rich and the Corporate remain in their hundred-year fever visions of Bolsheviks taking their stuff - JackRiddler
User avatar
Luther Blissett
 
Posts: 4990
Joined: Fri Jan 02, 2009 1:31 pm
Location: Philadelphia
Blog: View Blog (0)

Re: The first global cyber war has begun

Postby seemslikeadream » Tue Dec 02, 2014 12:18 pm

that's funny...my internet was down for at least 10 hours and then the first thing I read is this
Mazars and Deutsche Bank could have ended this nightmare before it started.
They could still get him out of office.
But instead, they want mass death.
Don’t forget that.
User avatar
seemslikeadream
 
Posts: 32090
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: The first global cyber war has begun

Postby NaturalMystik » Thu Dec 11, 2014 3:58 pm

Fresh dirt from the Sony Hack files...

Producer Scott Rudin 'deeply sorry' over emails leaked in Sony hack

Stunning revelations continue to flow from the cyber security breach at Sony last month that saw unreleased movies and confidential emails leaked online.

Movie producer Scott Rudin issued an apology Thursday on the industry website Deadline over racially charged comments he made in private emails leaked Wednesday night.

Hacked documents quoted in Variety reveal an embarrassing exchange between Rudin and Sony Pictures CEO Amy Pascal in which they joke about the kinds of movies U.S. President Barack Obama would like.

"Should I ask him if he liked DJANGO?" wrote Pascal, referring to Quentin Tarantino’s 2012 film. Rudin replied by naming off more titles featuring black characters including 12 Years a Slave, The Butler and Think Like a Man.

"I made a series of remarks that were meant only to be funny," Rudin said in his apology Thursday. "But in the cold light of day, they are in fact thoughtless and insensitive — and not funny at all.

"To anybody I've offended, I'm profoundly and deeply sorry."

Pascal also issued an apology Thursday for her part in the exchange. "The content of my emails were insensitive and inappropriate but are not an accurate reflection of who I am," she said in a statement quoted in Variety.
Angelina Jolie a 'spoiled brat'

More damaging emails between Rudin and Pascal released earlier in the week reveal a bitter internal battle at Sony over the troubled Steve Jobs biopic, Jobs.

The stolen exchanges, also quoted in Variety, centre on Hollywood star Angelina Jolie's apparent displeasure that David Fincher was set to direct Jobs, thereby making him unavailable for one of her projects.

Rudin lashed out in one email in which he called the actress a "minimally talented spoiled brat."

"YOU BETTER SHUT ANGIE DOWN BEFORE SHE MAKES IT VERY HARD FOR DAVID TO DO JOBS," warned Rudin in an all-caps quote.

Jobs has since been taken over by Universal Pictures.

Dispute over exploding head

The cyber saga has also revealed a fight between Canadian actor Seth Rogen and and Sony over The Interview, the comedian's new movie that depicts the assassination of North Korean dictator Kim Jong-un.

Warning: movie plot spoilers ahead

In one leaked exchange, obtained by Reuters, Pascal confronted Rogen about a scene that shows the North Korean leader’s head exploding – a graphic depiction that the CEO of Sony’s Japanese parent company apparently asked to be toned down.

But the 32-year-old Canadian, who wrote, directed and stars in the R-rated comedy, pushed back.

"This is now a story of Americans changing their movie to make North Koreans happy," wrote Rogen in an email. "That is a very damning story."

Despite his resistance, Pascal eventually succeeded in having the film altered, with Rogen submitting the final cut for approval in October.

"This is it!!! We removed the fire from the hair and the entire secondary wave of head chunks," said Rogen. "Please tell us this is over now."
FBI investigating

Many have speculated that North Korea is behind the cyber attack on Sony in retaliation for The Interview, but Pyongyang has denied any involvement, while maintaining its condemnation of the film.

A group calling itself the Guardians of Peace has claimed responsibility for the attack, but FBI investigators have not determined the source of the breach.

When The Interview premieres in Los Angeles Thursday night, there will be no interviews granted on the red carpet.

A Sony spokesman confirmed Wednesday that no broadcast media have been invited to cover the film's premiere, but would not link the blackout to the massive cyber attack.

http://www.cbc.ca/news/arts/producer-sc ... -1.2870021
Do not attempt to adjust the picture. We are controlling the transmission.
User avatar
NaturalMystik
 
Posts: 535
Joined: Fri Jan 11, 2008 4:37 am
Location: The Golden Horseshoe
Blog: View Blog (0)

Re: The first global cyber war has begun

Postby Luther Blissett » Tue Dec 16, 2014 10:51 am

Wouldn't it be convenient for Universal Pictures to carry out and blame North Korea for this hack? I haven't seen anyone applying any critical thinking at Sony Pictures' competitors.
The Rich and the Corporate remain in their hundred-year fever visions of Bolsheviks taking their stuff - JackRiddler
User avatar
Luther Blissett
 
Posts: 4990
Joined: Fri Jan 02, 2009 1:31 pm
Location: Philadelphia
Blog: View Blog (0)

Re: The first global cyber war has begun

Postby elfismiles » Tue Dec 16, 2014 5:44 pm

Sony Hackers Threaten 9/11 Attack on Movie Theaters That Screen ‘The Interview’
December 16, 2014 | 10:13AM PT
Brent Lang
Senior Film and Media Reporter @BrentALang

The Sony hackers have threatened a 9/11-like attack on movie theaters that screen Seth Rogen and James Franco’s North Korean comedy “The Interview,” substantially escalating the stakes surrounding the release of the movie.

The attackers also released the promised “Christmas gift” of files. The contents of the files are unknown but it’s called “Michael Lynton,” who is the CEO of Sony Pictures Entertainment.

“The world will be full of fear,” the message reads. “Remember the 11th of September 2001. We recommend you to keep yourself distant from the places at that time. (If your house is nearby, you’d better leave.) Whatever comes in the coming days is called by the greed of Sony Pictures Entertainment.”

Past messages have included budgets to Sony films, salary information of top executives, and employee medical records and social security numbers.

There have been suspicions that the attack may have been launched by North Korea in retaliation for “The Interview’s” depiction of an assassination attempt on Kim Jong-un. The country has denied involvement but praised the attacks.

The note also threatens people who attend the premiere of “The Interview.” A New York premiere of the film is scheduled to take place Thursday at Sunshine Cinema and has already been scaled down, according to a report in the New York Post. A special screening of the film took place in Los Angeles last week without incident.

A spokesman for the studio, an FBI spokesman and a spokesman for the National Association of Theatre Owners were not immediately available for comment.

Read the full message:

Warning

We will clearly show it to you at the very time and places “The Interview” be shown, including the premiere, how bitter fate those who seek fun in terror should be doomed to.
Soon all the world will see what an awful movie Sony Pictures Entertainment has made.
The world will be full of fear.
Remember the 11th of September 2001.
We recommend you to keep yourself distant from the places at that time.
(If your house is nearby, you’d better leave.)
Whatever comes in the coming days is called by the greed of Sony Pictures Entertainment.
All the world will denounce the SONY.

More to come…


http://variety.com/2014/film/news/sony- ... 201380712/
User avatar
elfismiles
 
Posts: 8511
Joined: Fri Aug 11, 2006 6:46 pm
Blog: View Blog (4)

Re: The first global cyber war has begun

Postby 82_28 » Tue Dec 16, 2014 7:17 pm

This is beyond belief. So now we're getting "warnings" of a "9/11 type attack"? The ratio of what can and can't be done is off the charts. In a lot of ways I wish Hugh was still around to unpack this in a novel way.

Has it occurred to anyone outside of those present that all our lives have been lived as a layer upon one grand lie? Dare I say, ancient lie?
There is no me. There is no you. There is all. There is no you. There is no me. And that is all. A profound acceptance of an enormous pageantry. A haunting certainty that the unifying principle of this universe is love. -- Propagandhi
User avatar
82_28
 
Posts: 11194
Joined: Fri Nov 30, 2007 4:34 am
Location: North of Queen Anne
Blog: View Blog (0)

PreviousNext

Return to General Discussion

Who is online

Users browsing this forum: No registered users and 41 guests