by Oui
Sat Dec 30th, 2017 at 11:52:25 AM EST
The importance of the U.S. Presidential election and how difficult it will be to maintain democratic values.
In my analysis, the U.S. Election 2016 was unprecedented in malevolent intervention from Intelligence agencies from major world powers. The nations of the Asian continent have undoubtedly worked hard in hacking and cyber crimes on an equal basis as the Western world.
More and more, there is more than meets the eye in the whole #Russiagate affair of deception, espionage, smoke and mirrors. My belief there were people set-up around the original Republican funded Trump dossier. There were fall guys introduced, an FBI mole within the Trump campaign HQ and the bogus and poorly documented Steel dossier that was actually written and produced by Fusion GPS.
The Mueller investigation should focus on the role Fusion GPS played, the main characters Glenn Simpson and his spouse Jacoby.
Originally the Trump opposition dossier was funded by intrigant Paul Singer and a source within the Emirates (Abu Dhabi). The UAE has worked hand in glove with the Saudi regime in Yemen and in the Syrian civil war. Now the Gulf States (minus Qatar) have been cooperation with Israeli intelligence to turn US foreign policy in their favor and contribute all terror to the Islamic State of Iran.
Saudi and Israel intelligence had earlier joined forces in false-flag attacks in Syria. Both countries backed Al Qaeda and the Al-Nusra foreign fighters against Assad.
King Salman failed in his attempt to open a new battle front in Lebanon by incarcerating Saad Hariri.
Today, the Saudi regime with all its wealth, will do a new attempt to get Pakistan and its new leaders to follow the foreign policy demands of King Salman. Pakistan of course possesses the Islamic Nuclear bomb.
A werlcome sign for the region, unrest in a number of cities in Iran today. Most likely initiated by economic austerity measures, price hikes and the frustration of Iranians fighting and dying for a cause in foreign nations.
○ Escalation Towards Military Strike on Iran's Nuclear Facilities
○ Stuxnet: US-Israel Cooperation Cyber Warfare on Iran (2011)
○ The Saudi-Israeli Alliance and Piggy-back Coup of 2005
Cyber warfare after the joint US-Israeli Stuxnet Operation
More below the fold ...
@BooMan I posted a follow-up diary …
○ Dutch Cooperated with Sergei Mikhailov (FSB)
Israel's rash behavior blew operation to sabotage Iran's computers, US officials say | JPost - Feb. 2016 |
According to the claims in the film, the hasty Israeli action prevented the carrying out of a number of further planned actions that were intended to sabotage computers at a second, more fortified uranium enrichment facility at Fordow. The film also reveals another planned cyber unit covert operation code-named NZ (Nitro Zeus).
"We spent millions on this operation to sabotage all of the computers of the Iranian infrastructure in the instance of a war," a source quoted in the film said. "We penetrated the government, electricity lines, power stations and most of the infrastructure in Iran."
The deadly virus that was implanted at Natanz was named "Stuxnet" by computer security experts, but it had a different name among the Israeli and American intelligence communities that was not revealed in the film. The codename of the entire operation, as was revealed by New York Times' journalist David E. Sanger, was "Olympic Games." Conventional wisdom holds that the implanting of the virus marked the first time that a country, or two countries in this case (the US and Israel), engaged in cyber warfare against another country (Iran).
President Obama thwarted an Israeli attack on Iran
In order to calm Israel down, and to prove that the administration was working diligently to thwart an Iranian nuclear weapon, Obama ordered the intelligence community to increase its efforts and its cooperation with the Mossad and Unit 8200. He did so despite having some doubts about the operation. Obama expressed concern that "the Chinese and the Russians will do the same thing to us," and insert viruses into nuclear facilities and other strategic sites in the United States.
○ Penetrating the Iran Nuclear Talks: Israel -- And Others -- Use Malware for Cyber-Espionage
Not Getting the Balance Right by BooMan on Jul 21st, 2013
If former Vice Chairman of the Joint Chiefs of Staff James "Hoss" Cartwright actually gets indicted for leaking about the Stuxnet virus to David Sanger of The New York Times, I will be impressed. No one as high ranking has even been prosecuted for divulging classified information.
...
In August 2011, Cartwright retired from the military. Five months later, he joined the board of directors of Raytheon Co., the Pentagon's prime contractor for JLENS.
Cartwright collected $304,013 in company cash and stock in 2012, his first year on the board. Through the end of 2014, Raytheon had paid him a total of $828,020, according to filings with the U.S. Securities and Exchange Commission.
...
On November 2, 2012, in an interview with the FBI, Cartwright denied he was the source of the leaks. On October 17, 2016, Cartwright entered a guilty plea in the U.S. District Court for the District of Columbia on a charge of making false statements during the leak investigation, a felony.
Outgoing President Barack Obama pardoned Cartwright on January 17, 2017.
Social Engineering Insight fron DefCon by Kridts M. / Cyber Threat Intelligence Analyst, NJCCIC
Of all the lectures I attended, some of the most interesting and engaging speakers I saw shared their knowledge and insight at the "Social Engineering Village Talks," an area of the conference dedicated solely to the topic of social engineering. The main point each of these speakers emphasized was this: human beings are the most vulnerable entry point into a network, a business, or an organization. According to the IBM 2014 Cyber Security Intelligence Index, 95 percent of all investigated cybersecurity incidents listed human error as a contributing factor.
What is Social Engineering?
Social engineering is an umbrella term encompassing the full range of methods used to manipulate people into divulging sensitive information. There are two main types of social engineering: human-based and computer-based. Human-based methods require the attacker to interact with people in order to obtain information, gain physical access to a location, system, or network. Computer-based methods use technology in an attempt to convince people to take a specific action that will ultimately lead to infected systems, compromised networks, and data theft.
Some examples of human-based social engineering tactics include:
[Abstract]
- Researching the target: attackers will often conduct preliminary reconnaissance on their victims before attempting to make contact in order to craft the most believable scenario possible.
- Piggybacking and tailgating: an attacker attempts to gain unauthorized access to a location by following behind others to get through locked doors or restricted entryways.
- Shoulder surfing: an attacker tries to gain login credentials by looking over the shoulder of the victim as they type.
Some examples of computer-based social engineering tactics include:
- Spear phishing: an attacker using this technique will send specially-crafted emails targeting a specific group of people (e.g., an email that appears to originate from a company's IT department encouraging employees to reset their account passwords by clicking on a malicious link.)
- Baiting: this tactic involves enticing victims with something they desire or piquing their curiosity in order to get them to take an action that will result in an infected system or compromised network (e.g., leaving a curiously-labeled malicious USB drive in a high-traveled area, infecting a movie or music file on a peer-to-peer network with a malicious payload.)
- Website Cloning/Spoofing: an attacker makes a malicious version of a popular website and tries to trick victims into thinking it's legitimate and visiting it, which could result in a malware infection, stolen account credentials, or a compromised network.
My #SEVillage @defcon experience
Walking in your enemy's shadow: when fourth-party collection becomes attribution hell by Juan Andres Guerrero-Saade and Costin Raiu - Kaspersky Lab
Attribution is complicated under the best of circumstances. Sparse attributory indicators and the possibility of overt manipulation have proven enough for many researchers to shy away from the attribution space. And yet, we haven't even discussed the worst-case scenarios. What happens to our research methods when threat actors start hacking each other? What happens when threat actors leverage another's seemingly closed-source toolkit? Or better yet, what if they open-source an entire suite to generate so much noise that they'll never be heard?
Leaked documents have described how the standard practice of one espionage outfit infiltrating another has transcended into the realm of cyber in the form of fourth-party collection. While this represents an immediate failure for the victim intelligence service, the tragedy doesn't end there. Attackers can then go on to adopt the victim threat actor's toolkit and infrastructure, leveraging their data and access, and perpetrating attacks in their name. As interesting as this conversation could be in the abstract, we'd rather present examples from unpublished research that showcase how this is already happening in-the-wild.
Similarly, while we'd prefer to present threat intelligence research in its most polished and convincing form, fringe cases do appear. Strange activity overlaps between clusters, APT-on-APT operations, open-sourcing of proprietary tools, or repurposing of proprietary exploit implementations are some of the ways that the attribution and activity clustering structures start to break down and sometimes collapse. And this is not all an unintentional byproduct of our position as external observers; some threat actors are overtly adopting the TTPs of others and taking advantage of public reporting to blend their activities into the profiles researchers expect of other actors.
The material includes in-the-wild examples to substantiate previously hypothesized claims about attackers stealing each other's tools, repurposing exploits, and compromising the same infrastructure. These covert dynamics in the space of cyberespionage further substantiate the difficulties underlying accurate security research and the need to track threat actors continually. The examples we'll focus on come from unpublished research and unwritten observations from the original researchers themselves. The hope is to escape threat intel solipsism by providing a better framework to understand and discuss operations and actors and to understand how traditional espionage shadow games are being played out on the digital front.
○ Israel's Hand in the Short History of Islamophobia
○ Murdoch's WSJ Editorial Board Going Bats**t
Similar devious methods are used in daily life, HUMINT and media oriented propaganda what #Russiagate has become.
○ #PropOrNot: Russia propaganda Fall of 2016
○ A Breath of Fresh Air