Page 4 of 5 FirstFirst ... 2345 LastLast
Results 61 to 80 of 85

Thread: Virtual Militias

  1. #61
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default

    Quote Originally Posted by anonamatic View Post
    In your earlier post, when you said "technology -> technology" can you clarify what you meant by that? I'm not sure quite what you mean there, although I follow the earlier synopsis a bit better.
    Cognition -> technology -> technology

    Synopsis: With intent "I" can use technology to "disrupt, degrade, and destroy" other forms of technology.

    Evidence point 1: Stuxnet
    Evidence point 2: DHS Aurora project to destroy generator

    In Verton's book Black Ice he discusses Blue Cascades which was an effort (previously classified and covered by NDA's) by the Seattle CIO to evaluate and test whether hackers could destroy or cause a mass casualty event. The result was suggested that engineers had designed the systems in such a way that a cyber event could not be translated into a major engineering failure. What was missing was a collective understanding of systems and a self imposed limitation of technocratic/network centric thinking.

    In Schniers recent book Beyond Fear he discusses the ramifications of systemic design and brings up Admiral Grace Hoppers contention about post world war 2 excess in complexity. Complexity of systems is often fixed through the use of information technology and "modernization" through automation. The Bhopal India Union Carbide plant relied on workers instead of automation and that led to a major accident. Cultural and background understanding absence of the indigenous population helped create the release of poisonous gas. The way to solve that currently is modernize and automate the industrial processes remotely and have "experts" watch those systems.

    Now we come to breaking things and killing people.

    Assumption 1: Military targets are often industrial in nature
    Assumption 2: Valid military targets include soldiers
    Assumption 3: In escalating wars the niceties of small wars, brush fire conflicts, and restricted engagement through proxies is no longer an issue.

    Premise: The most elite hack is the utilization of a system or process in a new and unexpected way. Thereby bypassing the security and safeguards that were never expecting the sideways attack.

    (Obfuscation and generalization purposefully inflicted sorry)

    A target worthy of military intervention and targeting is going to likely be of such size as requiring industrial processes and automation. As the system size and increasing complexity of the system grows so does the vulnerability matrix. The vulnerability matrix and opportunity of attacks is an infamous hockey stick graph. With y being vulnerabilities available, and x being system size + complexity. Since industrial processes are well documented inserting and implementing substantial counter-intuitive and sometimes resulting in violent failures.

    Examples (that actually won't work but for imaginary purposes)

    Example 1: Shutting off the blow off valve (electronically operated) of an oil refinery during the refining process resulting in an epic explosion.
    Example 2: Dump cleaning water into an electric arc furnace during a melt. The explosion would destroy the entire facility (there is no such thing as cleaning water but scrap drums filled with water have filled the same purpose).

    While talking around the issue and actual evidence it becomes apparent that network intrusions and jumping air gaps is fully possible (SIPR net attack, STUXnet attack, Syrian Radars). The actual attack vector may not even be a cyber attack but a hostile insider that uses cyber to enhance the effect. We can research significant industrial system failures and then engineer solutions that arrive at the same result by violating the right rules of correct conduct.

    Hope that answers the question in a round-about way.
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  2. #62
    Council Member
    Join Date
    Aug 2010
    Posts
    98

    Default

    Yea, it does answer that for me. That's along the lines I thought you were expressing, but I appreciate the elaboration.

    I can say that I'm broadly in agreement with what you wrote. I think you put that very well & accurately. I wish I could elaborate some on what you've said, but well you hit more than one wall for me with that. There are a few exceptions though as follows.

    Both of your examples were completely valid, the former one was quite good. There was initial speculation that the Deepwater Horizon disaster was the result of a hostile attack. When that occurred I started looking for known events that would disprove the idea & found some quickly. However it was worth examining for sure. Later though, & this has been very true with the NYT articles about what happened to all the systems on board, it was apparent there was a lot of intentional system isolation going on for reasons of structural safety. Those structural safety precautions also created systems protection through isolation. These were there because they wanted to literally firewall systems off from each other. That made it very unlikely that it was an attack. In fact had their systems been working the way they should have, they'd have prevented a number of back of the napkin attacks from doing any serious damage. In your other example dumping a cleaning system was an off the top of the head fiction, however if there was one it would be interesting. It doesn't matter though because it's a certainty that there would be something else.

    A lot of what goes into serious hacks are serious logical contortions. It's why it's not an easily taught subject. Pile on that the more complex a system is, the more research that is needed to understand the target, and the obstacle pile starts to grow a great deal. When it comes to military systems, and how the military uses them, and how civilian infrastructure works with defense industries that work with armed forces, well that's not exactly whipping up a game of Pong or writing some "Hello World" code either.

  3. #63
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default

    Quote Originally Posted by anonamatic View Post
    A lot of what goes into serious hacks are serious logical contortions. It's why it's not an easily taught subject. Pile on that the more complex a system is, the more research that is needed to understand the target, and the obstacle pile starts to grow a great deal. When it comes to military systems, and how the military uses them, and how civilian infrastructure works with defense industries that work with armed forces, well that's not exactly whipping up a game of Pong or writing some "Hello World" code either.
    A big part of my current research is into targeting in cyber warfare. I'm currently working on a set of techniques and tactics that allow for a structured assessment process for targeting. The tool set removes a lot of the traditional hacking but is better at capability enhancement. It has attack vectors, strategic paths, operational capabilities, across the entirety of the domain of cyber warfare. Basically you can give a commander a effects based outcome on a specific target with a high level of specificity. It is a multi-dimensional model that can be automated.

    Basically answering the issue of how military and civilian systems are integrated.

    Oh, did I mention the model can be reversed and allow detection of the holy grail of vulnerabilities that haven't previously been detected? Not specifically but it can tell you where to look.
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  4. #64
    Council Member Cannoneer No. 4's Avatar
    Join Date
    May 2007
    Location
    Georgia
    Posts
    140

    Default Fr0m Th3 Cyb3r Battle L1nes: Who Should Lead the Charge?

    IPT News
    January 14, 2010

    In the ever-changing conflict between the West and Islamist radicals, one front – the Internet – has emerged as a major battlefield. And, while in many areas of this frontier the Islamists strut about unchecked, one man, code-name th3j35t3r ("The Jester"), has made it his point to strike back with (cyber) force. As first reported by the security blog ThreatChaos, "The Jester" made a different kind of New Year's resolution than most: to wage war on jihadist and pro-Islamist websites and forums by systematically disrupting their servers via denial-of-service (DoS) attacks.

    Also unlike most, he has made good on his promise thus far – and there is no sign that he will let up.



    . . . Wherever one may stand on the issue of cyber-vigilantism – independent citizens taking matters into their own hands without the requisite knowledge of ongoing investigations utilizing that open-source data – it is clear that matters are shaping up just as Dorothy Denning predicted in an August 2008 article in Scientific American: "Soon, every interstate conflict, however minor, may be accompanied by some form of hacker war that is beyond the control of ruling governments."

    Read more at: http://www.investigativeproject.org/...ho-should-lead
    Is The Jester a Virtual Militia of One, or is he the Public Affairs/Psychological Operations face of a much larger Information Operation?

  5. #65
    Council Member
    Join Date
    Aug 2010
    Posts
    98

    Default

    He's at best himself and a few others, & apparently a non-state actor. Sadly if this were anything more official it'd look more like bird watching than hunting.

  6. #66
    Council Member Cannoneer No. 4's Avatar
    Join Date
    May 2007
    Location
    Georgia
    Posts
    140

    Default The Jester Counters Anonymous Propaganda

    http://th3j35t3r.wordpress.com/2011/...medium=twitter

    Before he came to Anonymous' attention he mostly applied Restrictive Measures to jihadi propaganda sites.

  7. #67
    Council Member Cannoneer No. 4's Avatar
    Join Date
    May 2007
    Location
    Georgia
    Posts
    140

    Default In the chatroom with the cyber guerrillas

    http://www.reuters.com/assets/print?...70I2DW20110119

    FIRE YOUR CANNON

    All you need to wage cyber war is a fast-paced internet forum packed with hundreds of determined activists and a simple piece of software called a Low Orbit Ion Cannon. Activists download the LOIC -- initially developed to help internet security experts test website vulnerability to DDoS attacks -- and start firing packets of data at the targeted website.

    If enough people join in, a DDoS attack prevents the overloaded server from responding to legitimate requests and slows the website to a crawl or shuts it down totally.

    Attackers can even listen to a dedicated internet radio station, Radiopayback, during attacks.

    A quarter of a million copies of the LOIC software have been downloaded from sourceforge.net so far, more than half of them since November when Web hosting and banking organizations began withdrawing support from WikiLeaks.
    LOIC is a volunteer botnet and psychological operation that gives large numbers of unsophisticated wannabe hackers the feeling that they're Information Operators, too.

    Meanwhile, an individual or group calling himself or themselves th3j35t3r has been doing Cyber COIN and counterpropaganda.

  8. #68
    Council Member AdamG's Avatar
    Join Date
    Dec 2005
    Location
    Hiding from the Dreaded Burrito Gang
    Posts
    3,096

    Default

    The year 2010 was a hugely significant one for computing criminality and could turn out to mark the beginning of a ‘third era’ of cybercrime, security expert Graham Cluley of Sophos has said in advance of the company's latest threat review of the year.
    http://news.techworld.com/security/3...e-says-report/
    A scrimmage in a Border Station
    A canter down some dark defile
    Two thousand pounds of education
    Drops to a ten-rupee jezail


    http://i.imgur.com/IPT1uLH.jpg

  9. #69
    Council Member Cannoneer No. 4's Avatar
    Join Date
    May 2007
    Location
    Georgia
    Posts
    140

    Default Estonia to lend cyber-expertise to Belarus exiles

    http://www.google.com/hostednews/afp...8fa452bb99.451

    TALLINN — Estonia said Friday it plans to lend its IT expertise to help exiled Belarussians who have taken to cyber-space to oppose their homeland's President Alexander Lukashenko.

    "Estonia is planning IT training for members of the Belarussian opposition, teaching them how to manage their websites and protect them from cyber-attacks," foreign ministry spokeswoman Mariann Sudakov told AFP.

    "We have also offered scholarship programmes in Estonian universities for Belarussian students whose have been kicked out of Belarussian universities for political reasons," she added.
    Pavel Morozau, an anti-Lukashenko campaigner exiled in Estonia since 2006, said the Internet was a crucial tool.

    "Activists from the Belarussian community in Estonia have created and managed websites in Estonia and elsewhere to support our friends in the Belarussian opposition and promote democracy in our fatherland," Morozau told AFP.

  10. #70
    Council Member Stan's Avatar
    Join Date
    Dec 2006
    Location
    Estonia
    Posts
    3,817

    Default

    Quote Originally Posted by Cannoneer No. 4 View Post
    Sure hope this doesn't come back to bite Estonia and traveling Estonians later. Lukashenko tends to deal with opposition Soviet-style, and it wasn't long ago that his opponents simply disappeared.

    Poland has been spearheading the democratic parade and I recon it's time for Estonia to pony up with good deeds.
    If you want to blend in, take the bus

  11. #71
    Council Member Cannoneer No. 4's Avatar
    Join Date
    May 2007
    Location
    Georgia
    Posts
    140

    Default Virtual Militia Recruiting Poster

    http://i.imgur.com/LfLhN.png

    Using Civilian Irregular PSYOP to encourage Civilian Irregular CNA, this time against the Mubarak regime.

    For discussion purposes only.

    Notice the .ru

  12. #72
    Council Member Stan's Avatar
    Join Date
    Dec 2006
    Location
    Estonia
    Posts
    3,817

    Default

    Estonia to launch internet police unit

    Initially one to two people will be employed, but the unit can be expanded in the future, if the project turns out to be successful.

    The police have to be where people are to work efficiently, which is why policemen patrol in the streets. Since people spend a lot of time surfing on the Internet, it is important the police are there as well, according to the Estonian Police and Border Guard Board.
    If you want to blend in, take the bus

  13. #73
    Council Member AdamG's Avatar
    Join Date
    Dec 2005
    Location
    Hiding from the Dreaded Burrito Gang
    Posts
    3,096

    Default

    Tunisian and Egyptian political activists used Facebook and Twitter to organize protests and publicize breaking news. Harvard's Jillian York discusses the use of social media platforms for digital activism, and cases in which governments have blocked the services or compromised user privacy.
    http://www.npr.org/2011/01/28/133306...-In-Arab-World
    A scrimmage in a Border Station
    A canter down some dark defile
    Two thousand pounds of education
    Drops to a ten-rupee jezail


    http://i.imgur.com/IPT1uLH.jpg

  14. #74
    Council Member Cannoneer No. 4's Avatar
    Join Date
    May 2007
    Location
    Georgia
    Posts
    140

    Default Anonymous speaks: the inside story of the HBGary hack

    http://arstechnica.com/tech-policy/n...ary-hack.ars/3

    Anonymous is a virtual militia.
    HBGaryFederal is a DOD Contractor.
    Information Assurance & Computer Network Attack/Defense cautionary tale.

  15. #75
    Council Member AdamG's Avatar
    Join Date
    Dec 2005
    Location
    Hiding from the Dreaded Burrito Gang
    Posts
    3,096

    Default

    An Iranian government official on Tuesday claimed the Islamic Revolutionary Guards Corps was behind a recent computer attack that disrupted Voice of America Internet programming.

    Iran‘s state-controlled Press TV quoted an IRGC official, Ali Saeedi Shahroodi, as saying the cyber-attack was the work of the Corps, the Iranian Islamic regime’s shock troops.

    “The hacking of a VOA home page by the Iranian Cyber Army and leaving a message on the site for the U.S. secretary of state shows the power and capability of the [Islamic Revolution Guards] Corps in the cyber arena,” Mr. Saeedi Shahroodi, an IRGC spokesman for Ayatollah Ali Khamenei, told the official IRNA news agency.
    http://www.washingtontimes.com/news/...a-cyberstrike/

    Extra happy funtime quote
    The Iranian IRGC spokesman said the hacking showed Iran‘s sophistication in developing cyberweapons.

    “The U.S. enjoys high capabilities in missile technology, including cruise missiles, nuclear arms and other weapons, but this is not the case when it comes to software and cybertechnology,” Mr. Saeedi Shahroodi added.
    Last edited by AdamG; 02-23-2011 at 01:45 AM.
    A scrimmage in a Border Station
    A canter down some dark defile
    Two thousand pounds of education
    Drops to a ten-rupee jezail


    http://i.imgur.com/IPT1uLH.jpg

  16. #76
    Council Member
    Join Date
    Aug 2010
    Posts
    98

    Default

    Quote Originally Posted by AdamG View Post
    http://www.washingtontimes.com/news/...a-cyberstrike/

    Extra happy funtime quote:

    “The U.S. enjoys high capabilities in missile technology, including cruise missiles, nuclear arms and other weapons, but this is not the case when it comes to software and cybertechnology,” Mr. Saeedi Shahroodi added.
    This speaks to the point I made elsewhere about too much talking and not enough doing. The whole temple model that has accompanied US strategy in this domain has been an abject failure in many respects. Clearly it's created weaknesses when the Iranians find themselves so emboldened as to make statements like this.

  17. #77
    Council Member Cannoneer No. 4's Avatar
    Join Date
    May 2007
    Location
    Georgia
    Posts
    140

    Default Hacktivist for good CNA's KaDaffy's official site

    Civilian Irregular Information Operator / cybervigilante known as th3j35t3r attacks Libyan dictator's website.


    www.algathafi.org - TANGO DOWN. Temporarily. For using military force on protesters. Kudos 3 AWOL pilots. #chatta #libya
    12 minutes ago via XerXeS Attack Platform V3.17
    An Irregular's Denial of Service attack on the personal website of the acknowledged leader of a sovereign Westphalian nation-state combines Computer Network Attack with Psychological Operations and Irregular Warfare.

    Would Military Information Support Operations conducted by non-military entities be properly referred to as Paramilitary Information Support Operations?
    Last edited by Cannoneer No. 4; 03-18-2011 at 11:54 PM.

  18. #78
    Council Member
    Join Date
    Aug 2010
    Posts
    98

    Default hacktivism

    It's back up, I suppose he did a DDoS attack but wasn't able to sustain it. I'm not sure what a good term for this would be aside from hacktivist (and I have some bias towards the term too), perhaps para-militia? The `patriotic hacker' notion doesn't translate too well into English, & doesn't work quite as clearly outside of politically primitive mono-culture states.

  19. #79
    Council Member Cannoneer No. 4's Avatar
    Join Date
    May 2007
    Location
    Georgia
    Posts
    140

    Default

    He did a DOS attack and didn't try to sustain it. Intended to be temporary Restrictive Measure against KaDaffy's propaganda site.

    Now that the shooting has started it will be interesting to see what Regular counterpropagandists of many nations do.

  20. #80
    Council Member
    Join Date
    Aug 2007
    Location
    Montreal
    Posts
    1,602

    Default

    Given the ridiculously counter-productive propaganda on that website--at the moment, one leading articles warns "Let everyone understand that the North Pole does not belong to anyone; it is the property of all the peoples of the earth and all the continents."--it is probably left alone for everyone to see.
    They mostly come at night. Mostly.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •