SMALL WARS COUNCIL
Go Back   Small Wars Council > Small Wars Participants & Stakeholders > Media, Information & Cyber Warriors

Media, Information & Cyber Warriors Getting the story, dealing with those who do, and operating in the information & cyber domains. Not the news itself, that's here.

Reply
 
Thread Tools Display Modes
Old 12-23-2014   #81
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

Quote:
I am deeply skeptical of the FBI’s announcement on Friday that North Korea was behind last month’s Sony hack. The agency’s evidence is tenuous, and I have a hard time believing it. But I also have trouble believing that the U.S. government would make the accusation this formally if officials didn’t believe it.

Clues in the hackers’ attack code seem to point in all directions at once. The FBI points to reused code from previous attacks associated with North Korea, as well as similarities in the networks used to launch the attacks. Korean language in the code also suggests a Korean origin, though not necessarily a North Korean one since North Koreans use a unique dialect. However you read it, this sort of evidence is circumstantial at best. It’s easy to fake, and it’s even easier to interpret it wrong. In general, it’s a situation that rapidly devolves into storytelling, where analysts pick bits and pieces of the “evidence” to suit the narrative they already have worked out in their heads.
http://www.theatlantic.com/internati...k-sony/383973/

Note: Bruce Schneier is a contributing writer for The Atlantic and the chief technology officer of the computer-security firm Co3 Systems.
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 12-25-2014   #82
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

Quote:
In Plain English: Five Reasons Why Security Experts Are Skeptical that North Korea Masterminded the Sony Attack
https://medium.com/elissa-shevinsky/...e-24509b4b8331
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 12-26-2014   #83
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

Quote:
All the evidence leads me to believe that the great Sony Pictures hack of 2014 is far more likely to be the work of one disgruntled employee facing a pink slip.

I may be biased, but, as the director of security operations for DEF CON, the world’s largest hacker conference, and the principal security researcher for the world's leading mobile security company, Cloudflare, I think I am worth hearing out.
http://www.thedailybeast.com/article...hack-sony.html
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 12-30-2014   #84
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

Quote:
FBI agents investigating the Sony Pictures hack were briefed Monday by a security firm that says its research points to laid-off Sony staff, not North Korea, as the perpetrator — another example of the continuing whodunit blame game around the devastating attack.

Even the unprecedented decision to release details of an ongoing FBI investigation and President Barack Obama publicly blaming the hermit authoritarian regime hasn’t quieted a chorus of well-qualified skeptics who say the evidence just doesn’t add up.
Read more: http://www.politico.com/story/2014/1...#ixzz3NMAk7Dow
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 05-19-2015   #85
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

http://www.wsj.com/articles/penn-sta...ked-1431804110

Quote:
Hackers apparently based in China have had access to Pennsylvania State University’s engineering school computers for over two years, the university disclosed on Friday after a lengthy analysis by federal and private investigators.

The breach potentially has exposed research pertaining to technology for the U.S. Defense Department.

The university said it would take the affected computer network offline for several days to root out the hackers.

“This was an advanced attack against our College of Engineering by very sophisticated threat actors,” Penn State President Eric Barron said in a letter to students and faculty.
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 10-14-2015   #86
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

Cybersecurity Expert: Be Afraid, America. Be Very Afraid.
Quote:
Leading cybersecurity expert Joseph Weiss writes about how vulnerable America’s computer systems are. He features in the NOVA documentary ‘CyberWar Threat,’ premiering Oct. 14 on PBS.
http://www.thedailybeast.com/article...ry-afraid.html
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 10-15-2015   #87
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

Quote:
SAN FRANCISCO — Over the last four years, foreign hackers have stolen source code and blueprints to the oil and water pipelines and power grid of the United States and have infiltrated the Department of Energy’s networks 150 times.

So what’s stopping them from shutting us down?

The phrase “cyber-Pearl Harbor” first appeared in the 1990s. For the last 20 years, policy makers have predicted catastrophic situations in which hackers blow up oil pipelines, contaminate the water supply, open the nation’s floodgates and send airplanes on collision courses by hacking air traffic control systems.
http://bits.blogs.nytimes.com/2015/1...ing-pace/?_r=1
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 11-05-2015   #88
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

US Still Doesn’t Know Who’s In Charge of What If Massive Cyber Attack Strikes Nation
NOVEMBER 3, 2015 BY PATRICK TUCKER
Cyber physical attacks on infrastructure may be an unlikely sneak attack, but if it happens, the chain of command is far from clear.
http://www.defenseone.com/threats/20...ref=d-mostread



__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg

Last edited by AdamG; 11-05-2015 at 12:34 PM. Reason: Cultural reference points
AdamG is offline   Reply With Quote
Old 11-06-2015   #89
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

*Indicators*

http://entertainment.suntimes.com/en...-truly-lights/

Quote:
For Koppel it was a series of what he called “repeated little items,” and he provided several examples.

“For instance, there was the time [former Defense Secretary and CIA director] Leon Panetta refered to a ‘cyber Pearl Harbor.’ Or when Janet Napolitano was leaving, after almost five years as secretary of Homeland Security. She gave a speech at the National Press Club in Washington — and way down at the bottom of the speech was this warning we were facing a cyber-attack on the power grid.

“Then President Obama in 2013 said something about foreign governments trying to break into our power grid with cyber techniques.”

While each piece wasn’t all that compelling, the combination of those mentions led Koppel to want to look into the potential threats to America. He thought initially that if all those “well-informed people are offering warnings about the likelihood of this happening, what is being done about it?”
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 11-06-2015   #90
davidbfpo
Council Member
 
davidbfpo's Avatar
 
Join Date: Mar 2006
Location: UK
Posts: 10,764
Default

From CNA a report on the power grid:https://www.cna.org/mab/reports?

It seems like everyone knows there is a problem and what solutions are available, but no-one does anything. A common problem here too.
__________________
davidbfpo
davidbfpo is offline   Reply With Quote
Old 06-14-2016   #91
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

For those of you folks in the bowels of the Kremlin following this thread, nice job guys!


Quote:
Russian government hackers penetrated the computer network of the Democratic National Committee and gained access to the entire database of opposition research on GOP presidential candidate Donald Trump, according to committee officials and security experts who responded to the breach.

The intruders so thoroughly compromised the DNC’s system that they also were able to read all email and chat traffic, said DNC officials and the security experts.

The intrusion into the DNC was one of several targeting American political organizations. The networks of presidential candidates Hillary Clinton and Donald Trump were also targeted by Russian spies, as were the computers of some GOP political action committees, U.S. officials said. But details on those cases were not available.
https://www.washingtonpost.com/world...7a0_story.html


__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 06-14-2016   #92
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

Quote:
Originally Posted by davidbfpo View Post
From CNA a report on the power grid:https://www.cna.org/mab/reports?

It seems like everyone knows there is a problem and what solutions are available, but no-one does anything. A common problem here too.
It's easier to jump on social media and do some hashtag activism.

#HouseCurrentMatters
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 07-26-2016   #93
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

Quote:
A U.S. intelligence official told CBS News that the signature of the breach is Russian and the U.S. government has identified methods and techniques used by Russia in past hacks that mirror those used in the DNC incursion.

"We understand how hack groups use the Internet to attack. The pattern and launch point used before by Russians is similar to the DNC attack," the official said.

A cyber analyst quoted by the Associated Press, Michael Buratowski with Fidelis Cybersecurity, which investigated the hack, said he was near certain that Russia was the culprit, based on the use by the hackers of "Russian internet addresses, Russian language keyboards, and the time codes corresponding to business hours in Russia, as well as the sophistication of the hack," according to the AP.
http://www.cbsnews.com/news/russian-...d-on-dnc-hack/


In related popcorn-worthy readings, see also https://twitter.com/wikileaks/status/757335823754887168
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 11-28-2016   #94
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

San Francisco's BART system shut down. Welcome to the BladeRunner world.
http://gizmodo.com/commuters-get-fre...anc-1789408436
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 12-31-2016   #95
OUTLAW 09
Council Member
 
Join Date: Nov 2013
Posts: 32,752
Default

This is exactly why one must seriously question the political "sanity" of Trump and his transition team when he openly and publicly denies the Russians are in fact hacking the US.....

http://www.msn.com/en-us/news/us/rus...a-vermont-util...
Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say

Quote:
A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials.

While the Russians did not actively use the code to disrupt operations, according to officials who spoke on the condition of anonymity to discuss a security matter, the discovery underscores the vulnerabilities of the nation’s electrical grid.

And it raises fears in the U.S. government that Russian government hackers are actively trying to penetrate the grid to carry out potential attacks.

Officials in government and the utility industry regularly monitor the grid because it is highly computerized and any disruptions can have disastrous implications for the country’s medical and emergency services.

Burlington Electric said in a statement that the company detected a malware code used in the Grizzly Steppe operation in a laptop that was not connected to the organization’s grid systems.

The firm said it took immediate action to isolate the laptop and alert federal authorities.

Friday night, Vermont Gov. Peter Shumlin (D) called on federal officials “to conduct a full and complete investigation of this incident and undertake remedies to ensure that this never happens again.”

“Vermonters and all Americans should be both alarmed and outraged that one of the world’s leading thugs, Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health, and safety,” Shumlin said in a statement. “This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling.”

Sen. Patrick J. Leahy (D-Vt.) said he was briefed on the attempts to penetrate the electric grid by Vermont State Police onFriday evening. “This is beyond hackers having electronic joy rides — this is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter,” Leahy said in a statement. “That is a direct threat to Vermont and we do not take it lightly.”

American officials, including one senior administration official, said they are not yet sure what the intentions of the Russians might have been. The incursion may have been designed to disrupt the utility’s operations or as a test to see whether they could penetrate a portion of the grid.

Officials said that it is unclear when the code entered the Vermont utility’s computer, and that an investigation will attempt to determine the timing and nature of the intrusion, as well as whether other utilities were similarly targeted.

“The question remains: Are they in other systems and what was the intent?” a U.S. official said.

This week, officials from the Department of Homeland Security, FBI and the Office of the Director of National Intelligence shared the Grizzly Steppe malware code with executives from 16 sectors nationwide, including the financial, utility and transportation industries, a senior administration official said.

Vermont utility officials identified the code within their operations and reported it to federal officials Friday, the official said.

The DHS and FBI also publicly posted information about the malware Thursday as part of a joint analysis report, saying that the Russian military and civilian services’ activity “is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens.”
Another senior administration official, who also spoke on the condition of anonymity to discuss security matters, said in an email that “by exposing Russian malware” in the joint analysis report, “the administration sought to alert all network defenders in the United States and abroad to this malicious activity to better secure their networks and defend against Russian malicious cyber activity.”

According to the report by the FBI and DHS, the hackers involved in the Russian operation used fraudulent emails that tricked their recipients into revealing passwords.

Russian hackers, U.S. intelligence agencies say, earlier obtained a raft of internal emails from the Democratic National Committee, which were later released by WikiLeaks during this year’s presidential campaign.

President-elect Donald Trump has repeatedly questioned the veracity of U.S. intelligence pointing to Russia’s responsibility for hacks in the run-up to the Nov. 8 election. He also has spoken highly of Russian President Vladimir Putin, despite President Obama’s suggestion that the approval for hacking came from the highest levels of the Kremlin.

Trump spokesman Sean Spicer said it would be “highly inappropriate to comment” on the incident given the fact that Spicer has not been briefed by federal authorities at this point.

Obama has been criticized by lawmakers from both parties for not retaliating against Russia before the election. But officials said the president was concerned that U.S. countermeasures could prompt a wider effort by Moscow to disrupt the counting of votes on Election Day, potentially leading to a wider conflict.

Officials said Obama also was concerned that taking retaliatory action before the election would be perceived as an effort to help the campaign of Democratic presidential nominee Hillary Clinton.

On Thursday, when Obama announced new economic measures against Russia and the expulsion of 35 Russian officials from the United States in retaliation for what he said was a deliberate attempt to interfere with the election, Trump told reporters, “It’s time for our country to move on to bigger and better things.”

Trump has agreed to meet with U.S. intelligence officials next week to discuss allegations surrounding Russia’s online activity.

Russia has been accused in the past of launching a cyberattack on Ukraine’s electrical grid, something it has denied. Cybersecurity experts say a hack in December 2015 destabilized Kiev’s power grid, causing a blackout in part of the Ukrainian capital.

On Thursday, Ukranian President Petro #Poroshenko accused Russia of waging a hacking war on his country that has entailed 6,500 attacks against Ukranian state institutions over the past two months.

Since at least 2009, U.S. authorities have tracked efforts by China, Russia and other countries to implant malicious software inside computers used by U.S. utilities. It is unclear if the code used in those earlier attacks was similar to what was found in the Vermont case. In November 2014, for example, federal authorities reported that a Russian malware known as BlackEnergy had been detected in the software controlling electric turbines in the United States.

The Russian Embassy did not immediately respond to a request for comment. Representatives for the Energy Department and DHS declined to comment Friday.
BUT WAIT if Trump had attended his daily intelligence briefings he would have been informed about this latest Russian attack and thus his spokesperson could and should have had an answer...not this "we will get back to you and it "ain't our fault"....

Last edited by davidbfpo; 12-31-2016 at 12:03 PM.
OUTLAW 09 is offline   Reply With Quote
Old 12-31-2016   #96
davidbfpo
Council Member
 
davidbfpo's Avatar
 
Join Date: Mar 2006
Location: UK
Posts: 10,764
Default Moderator at work

The previous post was moved here, from the Ukraine War thread, it sists here better and updates this quiet thread.

For a non-cyber attack on the Silicon Valley power grid see this closed thread:http://council.smallwarsjournal.com/...ad.php?t=20044
__________________
davidbfpo
davidbfpo is offline   Reply With Quote
Old 01-01-2017   #97
davidbfpo
Council Member
 
davidbfpo's Avatar
 
Join Date: Mar 2006
Location: UK
Posts: 10,764
Default Vermont hack update

Whoops:
Quote:
U.S. officials say they have no information that a power grid in the northeastern state of Vermont was penetrated, even as they continue to investigate suspected Russian malware found on a utility's laptop computer. The Department of Homeland Security said late New Year's Eve that the laptop was not connected to the electrical grid operated by the Burlington Electric Department.
Link:http://www.voanews.com/a/russian-mal...d/3658860.html

A more polemical, almost funny in places given the author, but it does cite the WaPo story having an Editor's update:
Quote:
Link:https://theintercept.com/2016/12/31/...electric-grid/
__________________
davidbfpo
davidbfpo is offline   Reply With Quote
Old 01-28-2017   #98
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

Quote:
WASHINGTON — The United States has long relied on its borders and superior military might to protect against and deter foreign aggressors. But a lack of boundaries and any rulebook in cyberspace has increased the threat and leveled the playing field today.
It's unclear how President Donald Trump, who has emphasized an "America First" approach to domestic issues, will respond to cyberspace threats, which transcend traditional borders and make it easier and cheaper than ever for foreigners to attack the U.S. Whatever the approach, it will set the tone and precedent for global policies during a critical time when the ground rules are still being written.
At a hearing this month on foreign cyberthreats, the chairman of the Senate Armed Services Committee, Sen. John McCain, R-Ariz., ran through a list of recent operations the U.S. believes was carried out by foreign countries — Russia, China, Iran and North Korea. The targets: the White House, State Department, Office of Personnel Management, Joint Chiefs of Staff, Navy, major U.S. financial institutions, a small New York dam and Sony Pictures Entertainment Inc.
"Our adversaries have reached a common conclusion, that the reward for attacking America in cyberspace outweighs the risk," McCain said.
Now that we passed the pearl-clutching, we get to the "parking your fighter planes in neat rows on the tarmac is dumb" part.

Quote:
With most of the U.S. critical infrastructure in private hands and Americans among the most connected citizens in the world, the potential attack surface for any hacker is vast and increasing. U.S. officials and lawmakers have argued that because there is no official policy on cyberwarfare, the response to any attack can be slow, politicized and ultimately ineffectual.
http://www.msn.com/en-us/news/techno...cid=spartandhp
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 01-29-2017   #99
AdamG
Council Member
 
AdamG's Avatar
 
Join Date: Dec 2005
Location: Hiding from the Dreaded Burrito Gang
Posts: 1,999
Default

Quote:
Lille (France) (AFP) - Jihadists have yet to shut down a power grid, paralyse a transport network or banking system or take over a key industrial site from afar, but experts say the threat of such a cyber attack should be taken seriously.
Analysts fear that while extremist groups may not have the necessary skills themselves, they could hire someone else to wreak havoc.
https://www.yahoo.com/tech/fears-gro...061030636.html
__________________
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail


http://i.imgur.com/IPT1uLH.jpg
AdamG is offline   Reply With Quote
Old 01-29-2017   #100
OUTLAW 09
Council Member
 
Join Date: Nov 2013
Posts: 32,752
Default

The attacks on IoT..internet of things...are getting brutal lately and will be coming soon to the US five star hotels....unless they take immediate action to avoid what has been happening to five star European hotels....

All hotels now have IT/internet controlled door locking systems and hackers have been taking over those IT based door locking systems...locking them shut with either customers inside their rooms or locked out...forcing hotels to privately pay millions in Bitcoin payments to get them unlocked and their computers systems back online....

The IoT is going to cause far more damage than just a power grid....because it is now everywhere and not able to be secured....and driven by Chinese manufacturers who also deliberately planted backdoors even when warned about the backdoors...
OUTLAW 09 is offline   Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Russo-Ukraine War 2016 (April-June) davidbfpo Europe 1088 07-01-2016 08:44 PM
The Threat from Swarm Attacks (catch all) davidbfpo Doctrine & TTPs 4 08-07-2012 11:42 AM
USAF Cyber Command (catch all) selil Media, Information & Cyber Warriors 150 03-15-2011 09:50 PM
Attacks in Iraq Down Considerably SWJED Blog Watch 1 01-23-2006 09:33 PM


All times are GMT. The time now is 11:36 PM.


Powered by vBulletin® Version 3.8.9. ©2000 - 2017, Jelsoft Enterprises Ltd.
Registered Users are solely responsible for their messages.
Operated by, and site design © 2005-2009, Small Wars Foundation