Tag Archives: cyber war

Dmitri and the Wallet

14 Thursday Sep 2017

Posted by in cyber war, Novel

Leave a comment

Tags

, , ,

DmitriHow big is your wallet?  Look at the objects on this tabletop.  I bet your wallet is not as big as Dmitri’s is.  I don’t really know his name.  Like any other guy, I was minding my own business in the hotel lobby when I was engulfed by a gaggle of techies attending some international conference for the betterment of humanity.  This guy sits in front of me, blocking my view of equally attractive people, and proceeds to pull out his wallet. Seemingly to make room for, not just one, but two smart phones.

To his credit, he used both mobiles at the same time.  Possibly dueling the same issue that was so important to him that he worked it while his comrades drank voraciously nearby.  Sounded more to me though that he was working some tech issue with skilled subject matter experts on the one phone, to the point he could set it down occasionally, while he yelled at the Help Desk on the other.  The wallet, despite serving as a focal point to at least me, was lost in all this performance art.

If you think it’s bad how I’m making fun of this guy, you should consider how much worse it is for me to take a photo of a complete, non-celebrity stranger, and post it online.  I don’t care.  This guy has earned a role as a European hacker in my pending novel.

Cyber Terrorism

24 Thursday Mar 2016

Posted by in cyber war

Leave a comment

Tags

,

iStock cyber warfare

The Department of Justice announced charges against seven Iranian hackers today for launching cyber attacks against the U.S. financial system and a dam in New York.  There is no question, these events were malicious cyber attacks.  But when is it cyber crime and when is it cyber war?  Apparently, sometimes never.  Loretta Lynch is calling this cyber terrorism, because also this week the Justice Department announced they have changed their approach and now treat nation-state affiliated hacking attacks like terrorism threats.

Lest you think everything is now clear, in the same statement, Loretta said, “In unsealing this indictment, the Department of Justice is sending a powerful message: that we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market,”  Really?  How powerful!  I imagine then the State Department, in coordination with the Department of Justice, will now approve travel visas for these seven terrorists so that we might possibly arrest them after stepping onto U.S. soil.

Here’s my disconnect.  I understand terrorism to be used to classify harmful acts that are attributed to stateless warriors.  The circumstances around terrorism differ from crime and war such that we have this third category of aggression.  Hence, we have tribunals in Gitmo.  I sort of understand it.  Cyber Security experts have coined unique terms for hacking to categorize attacks as militaristic or criminal.  Fairly intuitive.  War is when we’re attacked by a government-attached army and crime is when we’re attacked by a civilian.  I would then think that cyber terrorism is when we’re attacked by a stateless army, but I’m wrong.  It means when we are attacked by real countries, namely China and Iran, but electronically rather than by arms.  Maybe there is additional criteria, such as the attack is against a corporation or citizen rather than against our military?

So if Iran blows up Wall Street, that’s war.  If Iran only electronically implodes Wall Street, then that is terrorism by the individuals working for the Iranian government.  Not sure how to classify the dam attack.  We need to stop pussy-footing around and call it what it is.  Cyber War!

The Dark Side of the Cloud

18 Thursday Dec 2014

Posted by in cyber war

2 Comments

Tags

, , , , ,

KimThe first thing I have to say about the Sony hack is that I can’t believe both this and the Cuba thing are keeping the Taliban slaughter of over 130 children out of the news.  Seriously?  I’m commenting on this because I work in the cyber security industry.  Because $10M of pre-hack movie hype has bought this story top billing.  But I consider it a non-event relative to the school children massacre in Pakistan this week.

I thought I was fully up on this story yesterday but it ruled the news today.  It was bigger than Cuba by day’s end.  Poor GOP, does anyone even remember the immigration story?  Today’s dominant news theme was around the response of Americans to the Sony decision to yank the movie.  I watched ET and read news stories.  I saw it all day long on CNBC.  I’ve yet to hear one person say this.  Sony is Made in Japan.

So, armed with this intelligence; was America really hacked?  To everyone clamoring for a military response; would you like to pause and think about this now that you understand N. Korea invaded Japan?  I know, virtual borders are tough to decipher.  Trust me on this.  Check out Wikipedia.  Query their stock listing.  Sony is run by the Japanese.  Maybe you won’t have to totally back down from your position.  Perhaps there’s some clause in our joint defense treaty that provides Japan more protection than the U.S. Gov’t brings to bear each year when your credit card is hacked.

And how sure are you that Kim Jong-un is the culprit?  I actually wouldn’t challenge the U.S. Gov’t. on this.  It’s just I’m not sure I’ve read any credible government sources yet confirm this.  I feel like the media has liberally referenced government sources as they confirm it’s North Korea.  I think what makes me question this is how fast North Korea has been confirmed.  Otherwise, I have no doubt our boys can determine the source.  If not 100%, within five nines.

I will tell you I’m not worried about Sony.  I mean about them making money from the film.  I am starting to pity them somewhat with all the hits they keep taking.  In terms of profiting from the film, I always think of the old Hollywood expression, “even bad publicity is good publicity.”  So I’m not worried about the film making money.  In fact, The Interview will likely become the highest grossing non-release of all time.  Sony should start to care about all the damage this is doing to their brand.  And Prime Minister Abe might want to beef up his cyber security forces along with his plans to increase funding for the military.

As far as that goes, every one of you better start to shore up your security.  A cyber storm is coming.  If you feel wounded from the Sony cyber battle, wait to see what it feels like when you take a direct hit.

Stuxnet

07 Thursday Jun 2012

Posted by in cyber war, Geek Horror

Leave a comment

Tags

, ,

My favorite story in the news right now is confirmation of sorts that the U.S. and Israel launched a first-strike in cyber warfare against the Iranian nuclear jihad.  One of the more fun debates is political party rhetoric about the importance of confidential information – they want to find the source of the leaks.  Nevermind the stuxnet wiki article at the time of me writing this blog already quotes from Gary Samore as an early White House leaker.  So there are discussions of that nature.

Of course I read blogs on cyber security and anything else I’m currently interested in.  I discovered a pattern with this topic – the industry I work in.  Everything I read takes the position that cyber war is bad.  This only leads to an escalation in cyber warfare.  Stuxnet points to the need for more protection.

I couldn’t disagree more.  I felt compelled to comment on a recent blog but noticed the site was an aggregator.  The blog itself looked well read but I didn’t like the idea of publishing my content to this site that’s nothing more than an index selling advertisement.  It seemed like less of a professional dialog* and more of being part of someone’s business model.  Not that there’s anything wrong with that, but it occurs to me I have my own digital presence.  So rather than comment on that blog – I’ll blog it myself.

My position is this.  These security industry analysts are looking at this from inside the fish bowl.  In the context of a safe and free Internet and online commerce, this is a setback.  This is an escalation of arms and advances the bad guys.  In fact, by definition of cyber warfare, the bad guys are the government.

I look at this from the context of war.  A conventional approach to international conflict is to start out small and progress your actions slow enough so that they can be monitored by other nations and even weighed in on.  Going to the UN first or establishing a block-aid before the actual bombing of humans.  In the context of preemptive strikes, I’d personally prefer getting hit with a computer worm.  Cyber war is good.

Yes, cyber war leads to civilian casualties.  I’d argue maybe the damage is on par with a block-aid.  I understand Iran lost several months of production on their centrifuge operations.  In the context of war, this isn’t nearly as bad as the enemy sinking a passenger ship to stop the flow of supplies.  It’s a reasonable, less harmful approach in terms of human life.

I can’t interpret a blog written by someone in the computer security industry well enough to say what the blogger’s motives are.  I just know it’s bullshit taking the position this is bad for the industry.  Any company making security products or providing security services benefits from this.  The Cold War didn’t hurt the Defense Industry.  They say even art excels during times of war.  Innovation explodes in times of conflict.

Whatever your qualms over cyber warfare, get over it.  It beats real attacks against humans.  It promotes growth of the industry.  Turn your focus to lessons learned.  How successful was the attack at mitigating Iran’s nuclear development.  How fast did production return to normal – what was the downtime?  Was this effective in the context of international conflict?

* Poetic license on “dialog” because in social networking it’s really a broadcast.  A many-to-many discussion.  A party line.

Cyber War – Game Over

22 Friday Jan 2010

Posted by in cyber war

2 Comments

Tags

, , ,

“Are you kidding me!  WTF Sarge!  I mean, do you have any idea what you’re asking me to do?  You might as well just ask me to kill my first born!”  I/O was inconsolable, fairly incoherent and in a state of complete disbelief as he absorbed his Console Sergeant’s command to wipe the drives of all honeypots and pwned bots under the command of the Cyber Force.  This was over 50,000 computers world wide.  But it wasn’t the difficulty in carrying out the task.  Computers are automated if nothing else.  Apparently I/O had developed an emotional attachment to his bots.

“We’re withdrawing from this theater of conflict soldier.  Report back when it’s complete.”  The Console Sergeant turned and walked out of the war room.

Nearly everyone in the room was empathetic to I/O, except Tyler.  “Let it go I/O.  We have bigger concerns.  Game over man.  We all need an exit strategy.”

“What are you talking about?”  I/O was coming to terms and seemed ready to talk logic.  “Exit strategy for what?”

Tyler addressed the entire room, SecIntel along with the Ethical Hack team.  “You heard the Console Sergeant.  We’re shutting down operations.  And we never existed.  Most of us are within a year of returning to the private sector.  What do we do for resumes?  We can’t talk about it.”  Tyler paused but everyone stared at him with blank faces.  Clearly they must have understood his point but no one had a response yet.  “So, we need an exit strategy.  We need to latch on to opportunities where the employer has at least some implicit knowledge of our experience.”

Jane was the first to suggest a plan.  “My older brother went to work for the NSA after he left the Rangers.  And after two years there he had his pick of employers.  NSA will know what we’re about.”

Tyler liked that idea.  “Sounds pretty smart.  We all need to think about this.  This war might be over but it’s not like cyber warfare itself is going away.  And we’re not going away – in terms of our skills.  We need new homes.  And those new homes are going to need a new army of bots, so you might want to be selective in how you carry out your command I/O.”

The End

Cyber War – We Have Met the Enemy, and it is Us

19 Tuesday Jan 2010

Posted by in cyber war

Leave a comment

Tags

, ,

Tyler planned to spend the day in bed – Jane’s bed – playing her video games.  And he began the day like that but as his attention drifted to Jane’s concern about a possible inside attack, he logged into the Cyber Force’s VPN to research some ideas.  He couldn’t authenticate initially and then he remembered the computing policy in effect that mapped everyone’s home ISP IP address to their user credentials.  He ran into this issue when he was working from I/O’s house and recalled the network admin assigned him a temporary account without the restriction.  He tried that user account and it still worked.  Unbelievable!

Once on the network, Tyler did a telnet to a machine with some of his personal utilities.  This way he could run the utilities from within the Cyber Force data center network rather than over the wide area.  He booted up a wifi sniffer that searched the local area network for wireless access points.  He scrolled down the list it generated until he found one that clearly did not conform to the data center’s SSID naming convention as it had the default name of Linksys.  This suggested to him that perhaps the admin login was also default, and it was.  No user ID and the password was admin.  Brilliant.

Tyler then reviewed the DHCP log  which contained the MAC addresses that had been assigned IP addresses.  MAC addresses are 12 digit hexadecimal numbers in the format of MM:MM:MM:SS:SS:SS where the first 6 digits refer to the hardware manufacturer of the network adapter.  Tyler knew the Air Force was in bed with Cisco and most of the MAC addresses looked to be them – but he double checked against a list of vendors and they were all Cisco.  The Cyber Force were all on Apple computers and he didn’t see any of those vendor types, but then he spotted two MAC addresses that looked different.  He checked and sure enough these were from a Chinese manufacturer.  He cross checked against yet another list he had of known Chinese hackers and they matched that list in terms of the hardware vendor portion as well.

So now Tyler understood how the hackers got onto their network and were able to bypass network intrusion detection.  They were very likely sitting in the parking lot jacked into the Air Force unsecured WiFi.  Brilliant.  Talk about shooting yourself in the foot! Tyler called his Console Sergeant and advised him to search the parking lot.

Cyber War – Forensics

15 Friday Jan 2010

Posted by in cyber war

2 Comments

Tags

, , , ,

Tyler was back working in the war room.  The shift started with an operations review from the Console Sergeant while the unit went through the turnover checklist.

“This is what we know team.”  The Console Sergeant would randomly look different unit members directly in the eye as he talked.  He might turn to you once out of eight staff, or twice out of three – completely random.  But the duration of his stare was almost always exactly two minutes without ever looking at his watch.  “The attack wiped the hard drives to various degrees before our defenses pulled the power.  So Forensics focused on our virtual war room since backups were less than 24 hours old.  They discovered 5 vulnerabilities.  Technically two vulnerabilities, one on 2 machines and another on 3 other machines.  These were both Adobe vulnerabilities and there’s no excuse for that!  We’ll deal with that later.  Working on the assumption the attack emanated from one or both of these vulnerabilities, Forensics discovered the exploit.  The command and control function leveraged the DoD messaging system which has apparently been compromised for several months.  Now, I’m not saying we’re responsible for those systems but going forward I want more focus on defensive measures.  Forensics was able to track the exploit into our personnel system working from the assumption that in order to find your home addresses, they must have compromised that platform.  The compromise is confirmed but Forensics isn’t yet sure of the extent of exfiltration.  This is everything I know to date, any questions?”  The Console Sergeant took a sip of his coffee and looked over everyone’s heads.  That was his MO for when he didn’t want questions but Tyler was too tired to notice.

“Sir, what about the black ice that took down the Drone Pilot?”

The Console Sergeant looked into his coffee cup before setting it down and turned his gaze to Tyler.  “We don’t really know it was black ice that killed the Drone Pilot.  He might have suffered an aneurysm coincidentally during the attack.  I don’t believe that of course, but we don’t have evidence yet of the black ice; it was apparently a highly sophisticated Aurora APT.  Clearly, given the attackers were wiping our drives, we can assume they accomplished their objectives.  I assure you Forensics  continues to work around the clock on this.”

Tyler didn’t have any other questions.

Cyber War – NATO

14 Thursday Jan 2010

Posted by in cyber war

Leave a comment

Tags

, , ,

Tyler was falling in and out of sleep at the keyboard.  He was tracking 17 targets and had laid traps for 5 of them, but the usual adrenalin wasn’t there.  Eight hours earlier his house was bombed by his enemies.  He was spared from having to witness the head and limbs being separated from the UPS driver’s torso because first the flash blinded his video feed and then the blast blew apart the camera.  But the drama had left him drained.

After the blast he crawled out the egress window of his basement office and called his Console Sergeant.  The Console Sergeant immediately contacted the rest of the unit working from home and they successfully diffused additional bomb attempts.  So Tyler was now working at the home office of Cyberman First Class, Carl Weaver.  Carl’s unit called him I/O because the guy could hook stuff up.   Remember the movie Independence Day when David (played by Jeff Goldblum)  jacked his Apple laptop into the console port of an alien space ship – apparently with a universal serial bus cable?  Well in the real world, I/O was the guy who could probably actually do that.

I/O called over to Tyler to wake him, “Dude, you watching your dashboards?”

“Hmm, yeah, yeah.  I’m tired man.”

“Go lie down in my guest room, I got your dash.”  I/O paused but knew Tyler wasn’t moving and wasn’t likely to reply either so he struck up a line of conversation to see if he could stimulate him.  “You hear about the drone pilot?”

“No man, I just saw them carry a stretcher into their war room.  What happened?”

“Well they follow the same protocol as us but one of them was beta testing some new VR gear.  He’s brain dead.”

“What!  Are you fucking shitting me?  Holy shit!”  Tyler was alert again.

“I shit you not.  And here’s the deal.  Those drone pilots are Air Force man.  That theoretically  pulls NATO into this.  The  articles of NATO don’t cover cyber war – not that the President has ever acknowledged this as a war – but attacking the Air Force constitutes an attack on a recognized NATO member.  Up ’till now, NATO considered this a U.S. / China trade war.  The shit has hit the fan.”

Cyber War – Home Theater

13 Wednesday Jan 2010

Posted by in cyber war

3 Comments

Tags

, ,

Tyler sat in his game chair booting up his home theater.  The console sergeant ordered the unit to work from home after some oriental black ice took out the war room.  No one on his team was injured but he saw them carry a stretcher into the Drone Pilots’ war room on his way out the door.  Good thing his transfer to the Ethical Hack team full time came through – SecIntel was going to take some shit for this.

The Chinese sourced most of their attacks out to North Korean cyber mercenaries, and those guys weren’t known to have black ice capable of causing physical injury.  Tyler’s team only had two confirmed kills and they’d been at this for awhile.  Their black ice manipulated the target’s monitor and other I/O devices to stimulate a heart attack.  It required the target be physically susceptible and that was a very small population, but it helped spread fear.  All’s fair in cyber warfare.

Protocol would have placed Tyler on a jet to their disaster recovery site, but a funny thing about the Internet.  DARPA created the Net as a measure of robustness for critical computing systems.  The idea that internetworking would add redundancy.  This irony is not lost on hackers.  Tyler’s DR site went down with the same attack that took out his war room.  In retrospect, it’s better to maintain a DR site offline.  But the U.S. Cyber Command is resilient, or at a minimum his unit subscribes well to the consumerization of I/T.  Tyler’s unit was able to work from home.  Home Theater didn’t refer to Tyler’s personal audio/video equipment, but to his home war room.

The system was now fully up and Tyler scanned his situational dashboards.  He heard the brakes of a truck pull up outside his house.  He didn’t have a window view of his front porch but had a video cam out there and brought that up on one of his dashboards.  UPS.  Tyler couldn’t recall any outstanding shipments and googled the UPS tracking site.  Meanwhile the UPS driver placed the package at Tyler’s door and clicked on his wireless PDA to indicate the delivery.  Before he could turn halfway to walk back to his truck, the package exploded, setting fire to Tyler’s house.  The driver became the 2nd official U.S. casualty of cyber war.

Cyber War

12 Tuesday Jan 2010

Posted by in cyber war

Leave a comment

Tags

, , ,

Tyler was emotionally exhausted as he completed the shift turnover checklist with his replacement and badged out of the cyber war room.  He shuffled down the hallway, past the drone pilots’ war room and through the data center mantrap.  The parking lot was dark as he beeped his remote to find his car and he honestly couldn’t tell if it was morning or night.  For the last month he’d been pulling double shifts every other day (actually it makes more sense to refer to the time periods as every other 24 hours) and he had to stare at the military time display on his watch for several moments before his brain registered AM vs PM.  It was PM, so he figured he could quaff a few drinks at the Pwn Shop Lounge  on his way home.  His start of week AM shifts were followed by PM shifts, but his 2nd PM shifts were followed by a free 12 hours.  And the 2nd half of the week was the inverse.  He couldn’t keep track of it any longer.

Once inside the Pwn Shop Lounge, Tyler immediately saw some of the SecIntel soldiers and joined them at their table.  He ordered a cheeseburger and fries and poured himself a beer from the pitcher using an apparently extra glass.  “Cheers comrades.”  Tyler didn’t muster much excitement with the salute, it was more out of formality.  He didn’t work on this crew’s shift, but he did work SecIntel every other night – the last being 12 hours earlier.

“Cheers Tyler.”  This from Jane, the lone female cyber soldier in the crew.  She wasn’t exactly unattractive.  It was her voice, it had zero feminine qualities.  But from the neck down, visually while she wasn’t speaking, she wore the blue skirt and white blouse uniform like a porn star.  And Tyler was sitting next to her.  “So how’s the ethical hack shift soldier?  You fry some Choogles yet?”

Tyler thought “Choogles” was such a stupid term.  It hadn’t really caught on (it refered to Chinese cyber warriors in the context of them trying to replicate the secintel of Google) but Jane was young and into the hacker speech style.  “Not sure Jane.  Google doesn’t confirm our kills for 7 days.  Our black ice generally executes within 24 hours but it takes the Chinese a week to process the death record electronically.  How you doin?”

Tyler’s burger arrived before Jane could reply and she waited while he responded to the server.  “I’m good Tyler.  Wednesdays are my Fridays.  I’m ready to unwind.  You got 12 hours?”

Tyler liked the sound of that.  Hard to believe it wasn’t even a year since Google exited the Chinese market for search engines – which escalated into a full-blown cyber war – and he’d been laid only 3 times since.  War is hell.  “Let me finish this burger.  You want some of my fries?”