Tag Archives: Hacking

In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc, by Nicole Periroth and Scott Shane

Posted on May 26, 2019 | Leave a comment

The NSA won’t even admit that a trick has been stolen from its bag of tricks, but it’s playing hell with a number of local governments. From Nicole Periroth and Scott Shane at nytimes.com:

The National Security Agency headquarters in Maryland. A leaked N.S.A. cyberweapon, EternalBlue, has caused billions of dollars in damage worldwide. A recent attack took place in Baltimore, the agency’s own backyard.CreditCreditJim Lo Scalzo/EPA, via REX, via Shutterstock

For nearly three weeks, Baltimore has struggled with a cyberattack by digital extortionists that has frozen thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services.

But here is what frustrated city employees and residents do not know: A key component of the malware that cybercriminals used in the attack was developed at taxpayer expense a short drive down the Baltimore-Washington Parkway at the National Security Agency, according to security experts briefed on the case.

Since 2017, when the N.S.A. lost control of the tool, EternalBlue, it has been picked up by state hackers in North Korea, Russia and, more recently, China, to cut a path of destruction around the world, leaving billions of dollars in damage. But over the past year, the cyberweapon has boomeranged back and is now showing up in the N.S.A.’s own backyard.

It is not just in Baltimore. Security experts say EternalBlue attacks have reached a high, and cybercriminals are zeroing in on vulnerable American towns and cities, from Pennsylvania to Texas, paralyzing local governments and driving up costs.

Continue reading→

 

Leave a comment

Posted in Crime, Government, Intelligence, Technology

Tagged , , ,

The Looming Crisis You’re Not Hearing About, by Jim Rickards

Posted on August 22, 2018 | Leave a comment

It doesn’t get much press, but America’s infrastructure is exquisitely vulnerable to hacking and other malfeasance. From Jim Rickards at dailyreckoning.com:

All the talk about Russian tampering with the 2016 presidential election, which is vastly overstated by the way, diverts attention from the more fundamental problem:

The vulnerability of America’s critical infrastructure to cyberattack by hostile actors.

When I say critical infrastructure, I mean the power grid, hydroelectric systems, nuclear power plants, energy pipelines, railroads, air traffic control systems, internet and stock exchanges.

These are large, complex systems that affect the entire country. And they are computerized and automated like never before. The scale and degree of interconnectedness are increasing, which creates great vulnerabilities.

If any of them fail, it could lead to massive disruptions, panic and social unrest.

Look at the chaos that followed Hurricane Katrina in 2005, for example. That was an interesting case study in what I call the veneer of civilization and how quickly it can break down under emergency conditions.

Imagine what would happen, for example, if a virus implanted in the control system of a hydroelectric dam opened floodgates to inundate downstream targets, killing thousands by drowning and destroying bridges, roads and agriculture.

Meanwhile, hackers have targeted nuclear power plants. Last year alone, government sources say a dozen U.S. nuclear power plants were targeted, possibly by Russian hackers.

Now, the operations of most nuclear power plants use older analog systems, so they aren’t vulnerable to cyberattacks. They aren’t connected to the net. It’s one case where older and less sophisticated is better.

But hackers are extremely creative, and increasing digitization of these plants could allow hackers backdoor entry points into critical operating systems. I don’t need to spell out the possibilities.

Or think of what would happen if the power grid went down for an extended stretch. Imagine what it would mean for air travel if air traffic control systems were down for a long period.

That’s just for starters.

To continue reading: The Looming Crisis You’re Not Hearing About

Leave a comment

Posted in Business, Collapse, Government, Technology

Tagged ,

The Cost Of Arrogance, by Karl Denninger

Posted on May 15, 2017 | 2 comments

The computer security infrastructure is riddled with holes. What happened with WannaCry this past weekend will happen again and again, and future incidents will be even more serious. From Karl Denninger at theburningplatform.com:

I hate having to use this….

smiley

It wasn’t that long ago that I wrote a few articles on the hubris of our government thinking they were the smartest people in the room when it came to computer hacking.  I pointed out that while we undoubtedly have very smart people working for the NSA and other three-letter agencies so do other nations and their people, along with “unaffiliated” folks who are just plain old-fashioned troublemakers, are equally smart.

Indeed, that was the focus of an article from 10/2014 in relation to one of Comey’s brain-farts in which he implored Congress to basically force back doors into US-made equipment and software.

Now we get treated to the outcome without the force first, because the NSA was writing that code anyway and a group of crooks got their hands on it, perverted it to force cryptolocker software on computers and is spamming it all over the globe.

 How did they get their hands on it?  That’s the subject of much debate. Many are pointing to the “all Russians, all the time” narrative run by many in the so-called “security industry” (including some who have been caught lying in the past) along with half the left-leaning idiocracy parade that makes up most of the mainstream media punditry.
A more-plausible explanation is that it was an inside job, although in reality it doesn’t matter because the entire point is that no matter how good you are someone’s equal or better and thus whether they work for you or someone else it only takes one such person with their own motives and you’re toast.
What we do know is that the “weaponization” of this apparent NSA code took mere hours after the password to the encrypted archive was posted publicly.
There’s another key point here though that nobody in the media is talking about and yet it’s the key point when it comes to this particular aspect of cybersecurity:

I have also said repeatedly that nobody in their right mind runs “packaged” software, say much less “cloud based” software, for critical system purposes from places like Microsoft or any of the other big vendors.  Why?  Because there are too many damned cooks in the kitchen, too many of them are incompetent and will drop a rat in the stew pot whether on accident or otherwise and too many shortcuts will be taken.

To continue reading: The Cost of Arrogance

2 Comments

Posted in Business, Crime, Intelligence, Technology

Tagged

WikiLeaks Reveals “Marble”: Proof CIA Disguises Their Hacks As Russian, Chinese, Arabic… by Tyler Durden

Posted on March 31, 2017 | 1 comment

The latest from Wikileaks documents CIA hacking practices, particularly its ability to disguise its hacks. From  Tyler Durden at zerohedge.com:

WikiLeaks’ latest Vault 7 release contains a batch of documents, named ‘Marble’, which detail CIA hacking tactics and how they can misdirect forensic investigators from attributing viruses, trojans and hacking attacks to their agency by inserted code fragments in foreign languages. The tool was in use as recently as 2016. Per the WikiLeaks release:

“The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, — but there are other possibilities, such as hiding fake error messages.”

 

Follow
WikiLeaks ✔@wikileaks
RELEASE: CIA Vault 7 part 3 “Marble” https://wikileaks.org/vault7/?marble#Marble%20Framework … #Vault7
2:58 AM – 31 Mar 2017
3,110 3,110 Retweets 2,862 2,862 likes

The latest release is said to potentially allow for ‘thousands’ of cyber attacks to be attributed to the CIA which were originally blamed on foreign governments.

WikiLeaks said Marble hides fragments of texts that would allow for the author of the malware to be identified. WikiLeaks stated the technique is the digital equivalent of a specialized CIA tool which disguises English language text on US produced weapons systems before they are provided to insurgents.

It’s “designed to allow for flexible and easy-to-use obfuscation” as “string obfuscation algorithms” often link malware to a specific developer, according to the whistleblowing site.

The source code released reveals Marble contains test examples in Chinese, Russian, Korean, Arabic and Farsi.

To continue reading: WikiLeaks Reveals “Marble”: Proof CIA Disguises Their Hacks As Russian, Chinese, Arabic…

1 Comment

Posted in Government, Intelligence, Technology

Tagged , ,

US Intel Vets Dispute Russia Hacking Claims, by Veteran Intelligence Agents for Sanity

Posted on December 17, 2016 | 2 comments

According to this group of intelligence professionals, if the DNC was actually hacked, the NSA would know about it and who did it. Because the NSA has not come forward, it points to the probability of a leak, rather than a hack, that led to the WikiLeaks leaks. The leaks could have come from a DNC insider, or from an intelligence agency or the FBI, but it couldn’t have come from Russia. From VIPS at consortiumnews.com:

As the hysteria about Russia’s alleged interference in the U.S. election grows, a key mystery is why U.S. intelligence would rely on “circumstantial evidence” when it has the capability for hard evidence, say U.S. intelligence veterans.

Veteran Intelligence Professionals for Sanity

MEMORANDUM

Allegations of Hacking Election Are Baseless

A New York Times report on Monday alluding to “overwhelming circumstantial evidence” leading the CIA to believe that Russian President Vladimir Putin “deployed computer hackers with the goal of tipping the election to Donald J. Trump” is, sadly, evidence-free. This is no surprise, because harder evidence of a technical nature points to an inside leak, not hacking – by Russians or anyone else.

Monday’s Washington Post reports that Sen. James Lankford, R-Oklahoma, a member of the Senate Intelligence Committee, has joined other senators in calling for a bipartisan investigation of suspected cyber-intrusion by Russia. Reading our short memo could save the Senate from endemic partisanship, expense and unnecessary delay.

In what follows, we draw on decades of senior-level experience – with emphasis on cyber-intelligence and security – to cut through uninformed, largely partisan fog. Far from hiding behind anonymity, we are proud to speak out with the hope of gaining an audience appropriate to what we merit – given our long labors in government and other areas of technology. And corny though it may sound these days, our ethos as intelligence professionals remains, simply, to tell it like it is – without fear or favor.

We have gone through the various claims about hacking. For us, it is child’s play to dismiss them. The email disclosures in question are the result of a leak, not a hack. Here’s the difference between leaking and hacking:

Leak: When someone physically takes data out of an organization and gives it to some other person or organization, as Edward Snowden and Chelsea Manning did.

Hack: When someone in a remote location electronically penetrates operating systems, firewalls or any other cyber-protection system and then extracts data.

All signs point to leaking, not hacking. If hacking were involved, the National Security Agency would know it – and know both sender and recipient.

In short, since leaking requires physically removing data – on a thumb drive, for example – the only way such data can be copied and removed, with no electronic trace of what has left the server, is via a physical storage device.

To continue reading: US Intel Vets Dispute Russia Hacking Claims

2 Comments

Posted in Government, Surveillance, Technology

Tagged , ,

Did the Russians Hack Hillary? by Andrew P. Napolitano

Posted on December 15, 2016 | Leave a comment

The infamous Democratic emails weren’t hacked, by Wikileaks, the Russians, or anyone else, they were leaked. From Andrew P. Napolitano at antiwar.com:

Earlier this week, leaders of the Democratic National Committee and former officials of Hillary Clinton’s presidential campaign made the startling allegation that the Russian government hacked into Clinton’s colleagues’ email accounts to tilt the presidential election toward Donald Trump. They even pointed to statements made by CIA officials backing their allegations.

President-elect Trump has characterized these claims as “ridiculous” and just an “excuse” to justify the Clinton defeat, saying they’re also intended to undermine the legitimacy of his election. He pointed to FBI conclusions that the CIA is wrong. Who’s right?

Here is the back story.

The American intelligence community rarely speaks with one voice. The members of its 17 publicly known intelligence agencies – God only knows the number of secret agencies – have the same biases, prejudices, jealousies, intellectual shortcomings and ideological underpinnings as the public at large.

The raw data these agencies examine is the same. Today America’s spies rarely do their own spying; rather, they rely on the work done by the National Security Agency. We know that from the Edward Snowden revelations. We also know from Snowden that the NSA can monitor and identify all digital communications within the United States, coming into the United States and leaving the United States. Hence, it would be foolhardy and wasteful to duplicate that work. There is quite simply no fiber-optic cable anywhere in the country transmitting digital data to which the NSA does not have full-time and unfettered access.

To continue reading: Did the Russians Hack Hillary?

Leave a comment

Posted in Civil Liberties, Crime, Government, Politics

Tagged , , ,

About Those So-Called ‘Russian’ Hackers…, by Karl Denninger

Posted on October 21, 2016 | 1 comment

Here’s a gust of fresh air: a guy talking about hacking and computers who actually knows something about hacking and computers. From Karl Denninger on a guest post on theburningplatform.com:

Let’s focus just for a minute on the oft-repeated claim that the US Government’s “agencies” have “declared” that Russia is behind the Podesta (and other) Wikileaks releases — that is, they stole the data.

There’s no evidence to support that which passes even the most-rudimentary sniff test.

You have one guy who’s made that claim in the US — Clapper. The same Clapper who knowingly lied before Congress in the past. Yes, that Clapper.

Now it is certainly true that Russia is likely capable of such a hack. Then again the hack itself, as I’ve pointed out, isn’t especially surprising given that it appears many of these “email accounts” have been sitting on public cloud-provided email services.

By definition such ‘services’ are not secure and cannot be made secure. That people like Podesta are using them for sensitive private matters (which the government is NOT entitled to copies of) such as campaign work is proof of their stupidity — and little more.

Folks, I can set anyone up with a system that is virtually hack-proof for email, yet for those emails where you don’t care about security you can still exchange them with anyone else. I use such a system myself, built by myself. Key to this sort of design is that unencrypted emails that you wish to be secure against tampering, interception or both are never stored on the server.

This is obviously unsuitable for the government and its official business (which is why they don’t do that) because the government relies on being able to see what is going on both for routine business purposes and to comply with FOIA requests. Obviously a classified network is an entirely different thing but an unclassified network used for government business stores and distributes unencrypted email because if it was otherwise nobody, including legitimate government oversight organs, could access it!

Let’s assume you want to send me a secure email. All you need to do is email me first, and ask me to reply to you. Doing so will give you my public key for S/MIME. You now use that key to encrypt your message (which modern email clients can do automatically) and send me the message you wish to send “securely.” Commonly-available client software which can do this includes Outlook (Microsoft’s), Thunderbird, BlackBerry’s Android phones (the Priv and DTEK50) and reasonably-recent Apple iPhone software, among others. You can obtain a key pair for such a purpose from a number of places on the Internet, some of them free, and the better ones do not require that anything other than your public key ever touch their infrastructure, so the risk of them leaking your private key to others is zero (since they are never in possession of it.)

To continue reading: About Those So-Called ‘Russian’ Hackers…

1 Comment

Posted in Politics, Technology

Tagged

The Campaign to Blame Putin for Everything, by Justin Raimondo

Posted on August 31, 2016 | Leave a comment

Don’t hesitate to blame Vladimir Putin for anything that may be going wrong in your life. The diabolical Russian leader is responsible for everything. From Justin Raimondo at antiwar.com:

Hardly a day goes by without some “news” about the Russian “threat,” and in the past twenty-four hours the hate-on-Russia campaign seems to have picked up speed. After learning from Hillary Clinton that Vladimir Putin is not only responsible for the Trump campaign, but also for the “global nationalist movement” that yanked the British out of the European Union, mainstream media are telling us that Russian interlopers are supposedly invading our electoral process by hacking into voter databases. The Washington Post “reports”:

“Hackers targeted voter registration systems in Illinois and Arizona, and the FBI alerted Arizona officials in June that Russian hackers were behind the assault on the election system in that state.

“The bureau told Arizona officials that the threat was ‘credible’ and severe, ranking as ‘an 8 on a scale of 1 to 10,’ said Matt Roberts, a spokesman for the secretary of state’s office.

“As a result, Secretary of State Michele Reagan shut down the state voter registration system for almost a week.”

So the Russkies are invading the American polity, launching a cybernetic assault on the very basis of our democracy? Really? Well, no, as becomes apparent when the reader gets down in the weeds and exercises his critical faculties, if such exist. Because by the time we arrive at paragraph five of this “news” story, we learn that:

“It turned out that the hackers did not succeed in compromising the state system or even any county system, but rather had managed to steal the user name and password for one Gila County elections official.”

Oh, but never mind that nothing much happened and no data was altered, because:

“Nonetheless, the revelation comes amid news that the FBI is investigating suspected foreign hacks of state election computer systems, and earlier this month warned states to be on the alert for intrusions.”

“Russian” hackers have now been magically transformed into “suspected foreign hacks”: we aren’t supposed to notice this shift in attribution because, after all, the FBI is supposedly putting its imprimatur on this conspiracy theory. Except they aren’t: nowhere in the story does the FBI confirm that the Russians or any foreign actors are behind this.

In Illinois, election officials – who just happen to be Democrats – report a similarly minor intrusion, which one Kyle Thomas, director of voting and registration systems for the State Board of Elections, describes as “a highly sophisticated attack most likely from a foreign (international) entity.” How does he know that? Well, he doesn’t. As we read on, we are told that “The bureau has told Illinois officials that they’re looking at possible foreign government agencies as well as criminal hackers.”

In other words, it could’ve been a couple of teenagers sitting in a cyber-café in Shanghai.

Is there a shred of evidence the Russians were behind any of this, as reporter Ellen Nakashima states in her opening paragraph? The answer to that question is an unequivocal no.

To continue reading: The Campaign to Blame Putin for Everything

Leave a comment

Posted in Foreign Policy, Geopolitics, Governments

Tagged , ,

The “Internet of Things” Gets Hacked To Smithereens, by Wolf Richter

Posted on August 1, 2015 | 1 comment

There may be one or two bumps in the road to the universally wired “Internet of Things.” From Wolf Richter at wolfstreet.com:

Nothing is secure, not even drug infusion pumps in hospitals.

You see, the Internet of Things is the rapidly arriving era when all things are connected to each other and everything else via the Internet, from your Nest thermostat that measures and transmits everything that’s going on inside your house to your refrigerator that’s connected to Safeway and automatically transmits the shopping list, to be delivered by a driverless Internet-connected car with an Internet-connected robot that can let itself into your house and drop off the Internet-connected groceries while you’re at work.

Convenient? Convenient for hackers.

OK, someone hacking into your fridge and fiddling with the temperature setting to freeze your milk is one thing…. But we already had the first hacking and remote takeover of a car.

Researchers hacked into a Chrysler Cherokee via its Internet-connected radio system and issued commands to its engine, steering, and brakes until it ran into the ditch. Thankfully this exploit wasn’t published until after Chrysler was able to work out a fix. It then recalled 1.4 million vehicles. The “recall” was done just like the hackers had done it: via the Internet. So if Chrysler can modify the software via the Internet, hackers can too.

That was a week ago. Today, the National Highway Traffic Safety Administration warned that Chrysler’s supplier sold these hackable radio systems to “a lot of other manufacturers.” NHTSA head Mark Rosekind told reporters: “A lot of our work now is trying to find out how broad the vulnerability could be.”

Maybe better not drive your Internet-connected car for a while.

And yesterday, researchers demonstrated (video) how hackers could exploit a security flaw in a mobile app for GM’s OnStar vehicle communications system.

To top off the week, the Food and Drug Administration warned today that hospitals and other healthcare facilities should stop using Hospira’s Symbiq Infusion System, a computerized pump that continuously delivers medication into the bloodstream because it’s vulnerable to hacking.

The FDA explained that the system communicates with a Hospital Information System (HIS) via a wired or wireless connection. The HIS is connected to the Internet. And thus, this pump is just one more thing on the Internet of Things.

To continue reading: The “Internet of Things” Gets Hacked To Smithereens

1 Comment

Posted in Other Views, Technology

Tagged ,

Home 470,000 Vehicles At Risk After Hackers “Take Control & Crash” Jeep Cherokee From A Sofa 10 Miles Away, by Tyler Durden

Posted on July 22, 2015 | Leave a comment

The original article comes from Andy Greenberg at wired.com. It is a lengthy, fascinating, and disturbing look at hacking modern automobiles, which the article says carmakers are doing their best to turn into a smartphone. Here is the link to Greenberg’s article on wired.com:

http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

And here is a much shorter article with excerpts from the wired.com feature, from Tyler Durden at zerohedge.com:

In what is being called “the first of its kind,” Wired.com reports that hackers, using just a laptop and mobile phone, accessed a Jeep Cherokee’s on-board systems (via its wireless internet connection), took control and crashed the car into a ditch from 10 miles away sitting on their sofa. As The Telegraph details, the breach was revealed by security researchers Charlie Miller, a former staffer at the NSA, and Chris Valasek, who warned that more than 470,000 cars made by Fiat Chrysler could be at risk of being attacked by similar means. Coming just weeks after the FBI claimed a US hacker took control of a passenger jet he was on in the first known such incident of its kind, the incident shows just how vulnerable we are to modern technology.

As The Telegraph reports, the hackers (security experts) worked with Andy Greenberg, a writer with tech website Wired.com, who drove the Jeep Cherokee on public roads in St Louis, Missouri…

In his disturbing account Greenberg described how the air vents started blasting out cold air and the radio came on full blast when the hack began.

The windscreen wipers turned on with wiper fluid, blurring the glass, and a picture of the two hackers appeared on the car’s digital display to signify they had gained access.

Greenberg said that the hackers then slowed the car to a halt just as he was getting on the highway, causing a tailback behind him – though it got worse after that.

He wrote: ‘The most disturbing maneuver came when they cut the Jeep’s brakes, leaving me frantically pumping the pedal as the 2-ton SUV slid uncontrollably into a ditch.

‘The researchers say they’re working on perfecting their steering control – for now they can only hijack the wheel when the Jeep is in reverse.

‘Their hack enables surveillance too: They can track a targeted Jeep’s GPS coordinates, measure its speed, and even drop pins on a map to trace its route.’

The hack was possible thanks to Uconnect, the Internet connected computer feature that has been installed in fleets of Fiat Chrysler cars since late 2013.

It controls the entertainment system, deals with navigation and allows phone calls.

The feature also allows owners to start the car remotely, flash the headlights using an app and unlock doors.

But according to Miller and Valasek, the on-board Internet connection is a ‘super nice vulnerability’ for hackers.

All they have to do is work out the car’s IP address and know how to break into its systems and they can take control.

In a statement to Wired.com Fiat Chrysler said:

“Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorised and unlawful access to vehicle systems.

‘We appreciate the contributions of cybersecurity advocates to augment the industry’s understanding of potential vulnerabilities. However, we caution advocates that in the pursuit of improved public safety they not, in fact, compromise public safety.”

http://www.zerohedge.com/news/2015-07-21/470000-vehicles-risk-after-hackers-take-control-crash-jeep-cherokee-sofa-10-miles-aw

Leave a comment

Posted in Other Views, Technology

Tagged ,