Cyber Attack In News; Implications

https://www.insurancejournal.com/news/national/2019/12/03/550039.htm


Good afternoon all,

Per ...

Note the mention of the Pediatric National Stockpile.

Note "a hacker can cause more damage than a gunship".

 

WOW........WOW.......WOW'ZER.

That is a must read for every human who ever touches a keyboard.

Thanks for posting that link......it is truly terrifying how we have exposed ourselves to this horror.

 

That really highlights how very vulnerable the world is to such attacks with how interconnected everything is these days.

Just a few minutes of contemplating the various scenarios possible using cyber attacks is enough to cause a lot of apprehension. And wonder how long until devastation is occurs.

 

Now remember back a few weeks or months ago.........the extremely deep under ocean explosion that went hush'hush, and the scuddle'butt was that someone was using a deep-deep-deep diving special sub to splice into deep high security international communications lines off the coast of Alaska.

Which allegedly had been done unknown times in the past. Seems no one knows how many countries are tapped into these ultra high security lines deep in the ocean.

Now.........why expose yourself and your country to massive counter attack for launching a HEMP to destroy just for example, say America&Canada. Why only take down the power grid, when you can send a deep-deep-deep diving drone submarine and covertly launch a hack that takes down everything in a country, and leave the fingerprints of say maybe Iran or North Korea.

Maybe it could be sent to many countries at the same time, maybe all the countries of the world at the same time.

Maybe a massive attempt to alter global warming and over population.

 

MAYBE its an ALIEN from OUTER SPACE who will harvest us for our meat

 

What I found astounding is how massive the damage.....and this was an accident, it was intended for disrupting only the Ukraine government.

Think about a full cyber attack to shut down everything in a country.......everything. No water, no fuel, no food, no electric, no communications, no sewage, no trucking, no anything. And wonder how many country'states have that ability.

 

I kinda giggled when we and the Israelis destroyed the Iranian centrifuges cranking out heavy uranium.

Man, were the higher-ups at Siemens ever-so-torqued about Stuxnet getting into their control s/w products! I called some folk. I found the sh## downright delightful. Har har har!

Not so funny when it heads your way, true.

Irrespective of what I've worked with, I'm a Luddite at heart. Me loves the smell of burning kerosene lamps and a coal fire in the fireplace grate. I'm a kid again. I've gotten home from grammar school and built me fires. "Boys who play in the fires piss the bed!" Never did. Built thousands of fires. Happy boy takes a nap before supper. Warm again. Piss on winter's wind, sez the boy! I smiled at tons of coal shooting into our basement, even though I'd be the boy shoveling that tonnage into the hopper for the coal furnace. Happy days. Real Christmases. Fires, warm fires. I lived in a world of smoke, wonderful smoke. Eyebrows melting before an open furnace door. Sublime! Clinkers to the road a glowin'; 9-lb hammer over the boy's shoulder. "That sooty lad's a'smilin', why's that?!" The lad's in Heaven.

 

*yawn* This happens all the time and it's the stupid companies that don't know how to secure their systems. Plus don't have offsite backups.

I wrote the President a letter when he first took office on how we need to modernize our Internet infrastructure in accordance with the U.S. Cyber Command. I stated that we needed a consortium of computer and IT professors and white hat hackers to create guidelines and/or rules on how computer infrastructure should be safe guarded.

It mostly pertains to how a company deals with email. They need sandboxing capability and offsite backups that are air gaped and only used for backups.

 

A VPN does NOT protect you from polymorphic malware or any malware. All a VPN does is create a tunnel using encryption from your connection to another server. Between your connection and the server no one including your ISP should be able to see what you are loading on the Internet. It's just another Internet connection and that pipe can still give you malware.

Also, you need to make sure your VPN has no logs and is not in a five eyes jurisdiction.

If you really want to help keep out malware then check out Sandboxie for your browser. It's now freeware and you can also sandbox your email client. But you need to know how to add exclusions and what not so the data that should stick after you close Sandboxie sticks.

Read my post here at my forum on how to chose the right VPN. Note that your VPN may not be able to connect to my website becasue I block so many cloud/hosting ASNs and VPNs get caught up in the mix.

Another thing. You never want to run more than one anti-virus product. They can work against each other.

 

Access Denied!
Why Blocked: Cloud service ("Next Layer", L5868:F38, [AT]), Proxy ("Applied Privacy", L186:F41, [AT]), Access from what looks like a TOR Project exit node.!

Can you post it here, or elsewhere like on pastebin? I'd like to read it.



Paranoia, or words of wisdom?

 

Try not using Tor next time. I don't allow Tor. It's a source of BS and hacking crap. Plus, you should have read at the top of the block page an email to contact me with and there is audio that plays automatically on the block page, but new browsers block audio by default. You'd have to go into the browser settings to change that.

 

Depends on what you're doing. Then you need to know how to do it. LOL

 

No offense F22, but in matters of preparedness (including VPNs, encryption, search history, etc) I treat my IP like my SSN. The only thing I do with my real IP is check the local weather and a couple stocks. Hope you don't mind but I let archive.org capture and archive the page, and I read it from there using Tor. Thanks for the tips, Romania, Iceland, or Switzerland it will likely be.

 

Good morning F-22,

It requires much more than computer and IT professors and white hat hackers.

The US Cyber Cmd has little institutional knowledge.

If, for example, a company places its personnel info on a cloud for efficiency and some of company's personnel are Europeans in EU countries, a second EU based and approved cloud is required. The EU cloud has different standards and thus guessing different systems architecture.

If, for example, a US company is a member of IATA Montreal and affiliated with ICAO Montreal, the system the US airline is using is at risk - as to what I'm hearing.

I'm an IT illiterate but many of the folks here are EE / IT types and they tell me the web is akin to the olden semaphore flags. It's an open system even if using the flags with a code. They told me to look up "Pegasus" spyware program.

POTUS Trump talked about an overall (military, banking ,transport,health care, etc) cyber organization being established. The rest involves political matters.

I love email but it only augments snail because of the web's openness.

 

You do know that Tor is not the most privacy orientated platform out there, right? The exit nodes can be sniffed and I have read that the FBI, etc has their ass involved. I even wrote a blog on that. You're better off with a good VPN that you can trust.

 

When I have to choose between US or EU standard I choose EU without any hesitation. The problem with US firms & gov't institutions has always been in their business practice rather than any technical related.

All spyware are designed to attack very specific system, and there is no such thing as one-size-fit-all spyware either regardless the scale of the attack. The openness nature of the web can bee seen as security feature on its own in what we called security by obscurity

Actually what Trump typically said to the EU is something in line with "You should spend more $ to buy more American stuff"

 

I have a VPN account with a US based company, I use it to keep my identity concealed in other matters but the package I get doesn't include https support for websites, the package that includes that costs more. Tor is free, and honestly I don't do or say anything illegal that would make law enforcement track me down, but also under no illusion that some government agencies' algorithm isn't scanning Tor traffic for keywords either. Tor here is more for casual anonymity, if this site gets hacked (or the owner or a mod goes rogue) for example I don't want my real IP known to them.

 

Here is the public IP I currently use to post this,

202.67.40.241

So what does that tell you about me? The answer is NOTHING of substance let alone compromising information. Your public IP is the first thing any website see about you (among a lot of other far more useful things)

 

I'm not trying to convince anyone, but who knows how this information might be used in the future? I had to stencil my social security number (which was also our service number) in 2 inch high numbers on my seabag back in the 80's, identity theft really wasn't a thing then but it is now. Imagine walking through an airport with your social security number stenciled on your luggage today.

Not saying it will happen, but someday we could regret leaving our uniquely identifying information lying all over the internet.

 

I wasn't referring any of your statement nor anyone else in specific. It just this whole "hype" about cyber attack / security has been blown off out of proportion (thanks to the medias). I'm saying this because having the false sense of security is extremely dangerous. Even when your behind a VPN there is still all kind of web scripts that will severely compromise your OPSEC, and filtering out those web scripts will typically render viewing that website to be useless.

In most case your public IP information ISN'T UNIQUE. In fact getting someone public IP address merely tell what network they were using and the general location of where the IP address has been assigned (typically this is referring to location within municipal level). For someone to be able to compromising your OPSEC, they need much more information than your public IP and these days the easiest way to get them is by paying Google, Alexa, Facebook, etc. In fact if I were to compromise anyone, I won't even bother with their public IP address.

 

Static IP here, and I don't allow scripts to run. No java/javascript, activeX, flash, etc. I leave my browser window the default size as that's another way of identifying one tor user from another. It does make some sites less usable, some are even unusable. Personal preference, I don't feel like I'm missing out on anything now (except a lot of ads lol) and I might be thankful I did in the future - or maybe 20 years from now I find it was all unnecessary. I don't see a downside anyway.

Our owner/admin here has some reason for paying for this site, maybe it's strictly charitable but I suspect there's some monetary motive involved. Ad revenue (does this site have ads, not even sure)? Maybe to grow it and sell it (along with the members and their account info)? Some other "cash for clicks" type of venture? Not that I suspect anything nefarious, and I appreciate him hosting it, but prefer to opt-out of providing personally identifying info. YMMV

 

That static IP of yours is also get assigned to someone else, meaning your not the only one connecting using that public IP address. This is because IPv4 address is finite resources and most network assigned multiple customer into a single public IP for that very reason. Which is why I said earlier that your public IP address isn't unique.

BTW my current IP address for posting this is, 116.206.40.65

That most likely the primary motive. Remember what happen to SB?

 

SurvivalBlog or SurvivalistBoard? I browse both sometimes, but not much of quality there (recently anyway) that I've found.

 

That's a mobile ISP out of Indonesia. You pretty much don't have to worry about that one. But if someone with a residential IP posts that here I can DDoS it, look it up at Shodan and Nmap it for open ports and go from there...

 

"Major US airport websites taken offline, pro-Russia hacking group takes credit"

https://www.foxbusiness.com/technol...offline-pro-russia-hacking-group-takes-credit

"Airports in Atlanta, Chicago, Los Angeles, other US cities affected

"According to Bleeping Computer, the group, known as KillNet, launched a distributed denial-of-service (DDOS) attack, making the affected airports' websites unavailable.

"The affected airports include Hartsfield-Jackson Atlanta International Airport, Los Angeles International Airport and Chicago O'Hare International Airport. The attack does not appear to have impacted operations at the airports themselves.

"KillNet – which has stepped up hacking efforts against countries that oppose Russia's war in Ukraine – previously claimed responsibility for attacks that targeted government websites in Colorado, Kentucky, and Mississippi last week and Congress' website in July.

"'Vladimir Putin seeks to compel the U.S. to stop providing military support to Ukraine by attempting to place pressure on Americans," Rebekah Koffler, a former Defense Intelligence Agency officer and the author of "Putin’s Playbook: Russia’s Secret Plan to Defeat America,' told FOX Business. 'Inflicting gradual pain by disrupting the normal functioning of the society is part of the doctrine. The goal is to reach the point where people get tired of inconveniences and demand that the U.S. government abandon Ukraine."
.

 

Many American industries do not have sufficient fire-walls. Military, yes they are improving.

Industrial systems use their own comm protocols such as DeviceNet and PROFIBUS. These have their own safety gates. I no longer work in that world and it's been a long time, so I do not know how robust they are today.

I do know that the U.S. (allegedly ) and the Israelis were able to get into the Siemens Automation software controlling the Iranian centrifuges used to extract heavy uranium. That was PROFIBUS comm to/from a Siemens SCADA system. A Stuxnet worm was introduced therein. The SCADA control system was made to think that the rotational velocity on the centrifuges was adequate when indeed the velocity was way too slow. This inadequate rotational speed ruined the centrifuge motors.

Due to America's lack of preparedness, Russia could zap our infrastructure.

--------------------

There's hope:

"New algorithm may help prevent ransomware attacks on the grid"

https://www.power-grid.com/td/new-algorithm-may-help-prevent-ransomware-attacks-on-the-grid/

.

 

"Russia is targeting the US homeland with its strategy of Cyber Armageddon"

https://www.foxnews.com/opinion/russia-targeting-us-homeland-strategy-of-cyber-armageddon

Begin quote:

A Russia linked ransomware bug attacked the Department of Energy last week

Multiple federal agencies were struck with a massive Russian cyberattack, among them the Department of Energy, which manages U.S. nuclear infrastructure and sets America’s nuclear policy. The new attack has been devastating as millions of Americans and countless businesses, organizations, schools and universities had their data compromised with a destructive ransomware bug. But what’s even more terrifying is its intent. Russian President Putin is almost certainly messaging to Team Biden that Moscow has the wherewithal to unleash a much more crippling attack on the U.S. homeland, resulting in a Cyber Armageddon.

As a former senior intelligence analyst specializing in Putin’s mindset and Russian doctrine and strategy, it is my assessment that Russia possesses the capability and the will to launch a catastrophic cyberattack, under certain circumstances. The threshold for such a decision is extremely high. But given that Moscow and Washington are in an ever escalating proxy war over Ukraine, Putin may very well be contemplating it.

Although the top U.S. cybersecurity agency CISA attributed the attack to a Russian ransomware group Cl0P, rather than the Russian state, it is a false distinction whether a Russian government employee or a hired gun that does the actual hacking. Russian intelligence routinely hires cyber-criminals to execute high-profile cyber operations, especially those targeting U.S. high-value targets, to ensure plausible deniability. According to the Russian cyberwarfare doctrine, the Russian president is the one who authorizes the attack, no matter who pulls the cyber trigger.

Russian strategists believe that cyber weapons even have advantage over nuclear arms. Major General Igor Dylevsky, the leading expert on cyber warfare in Russia’s General Staff, speaking at the Sixth Moscow Conference on International Security, pointed to the unique nature of cyber weapons. He said they are "bloodless" and "don’t destroy the environment," capable of delivering a "blow to the adversary" through such peaceful channels as the internet, telecommunications networks, and mass media." The Russians call cyber a strategic non-nuclear weapon as it can do the same job but without creating the nuclear mushroom.

To operationalize its Cyber Armageddon doctrine, Russia has studied our vulnerabilities, mapped out access to our critical infrastructure, and practiced conducting cyber intrusions into our networks and computer systems for two decades. The Russians have compromised the networks of many sectors of the economy and countless government agencies, including the White House, the State Department and the Pentagon.

Putin’s cyber strategist Dylevsky once stated that by launching "computer attacks on the critical infrastructure targets that are vital for the functioning of a society, it is possible to ‘heat up’ the situation in any country, all the way up to the point of social unrest."

Moscow views cyber as a potent non-kinetic tool capable of disrupting an opponent’s society, by targeting his military, economy, and vital support structures such as hospitals, or even plunging an entire country into darkness, when war is unavoidable.

Unleashing Cyber Armageddon on America would be Putin’s last ditch effort, if he thought that U.S. troops were about to flood into Ukraine to bloody his nose. "God save the queen, man!" said President Biden during a speech on gun control last week, punctuating his remarks with yet another outburst of utter confusion. Our confused Commander in Chief’s policy in Ukraine has baffled even Putin, provoking the Russian spy master to target the U.S. homeland with assorted Armageddons. And that is a terrifying reality America faces.

End quote