Tag Archives: cyber criminals

The Bully’s henchman

Yes, we saw it before and again we see a new ploy into the bashing by a bully. The Guardian (at https://www.theguardian.com/technology/2020/jan/29/uk-chance-relook-huawei-5g-decision-mike-pompeo) gave us “Britain has a chance to “relook” at its decision to allow Huawei into its 5G phone network in the future, the US secretary of state, Mike Pompeo, declared as he flew to London for a two-day visit to the UK“, the fact that the number one US bully (as some see him) sends out Mike Pompeo warrants more scrutiny. Lets not forget that on a global scale the US has not actually produced ANY evidence that Huawei is a security concern. We see merely that the US firms will lose their data drops on a global scale as Huawei makes a larger impact, and that is a much larger fear for the US than anything else. Even as we see news with senators with privacy concerns, we see an absolute lack of actions towards Google and Facebook to amend its protocols and data capture activities, all set in some loophole, flaws which are still legal and legally set in stone (of a sort mind you). Yet the undocumented claimed fear of Huawei and the Chinese government has still not been shown to actual cyber specialists and to actual independent hardware experts. 

So as senior (read: ancient) advisors of the Trump administration give: “insisted that sensitive American information should travel only through “trusted networks”” we see a lack of evidence by them. We also see that the US is changing its tune, the claim “But our view is that we should have western systems with western rules, and American information only should pass through trusted networks, and we’ll make sure we do that,” is it the changing claim of the bully that has changed evidence for ‘we should have western systems with western rules‘ is evidence of that. In addition to that its weak and waning “The secretary of state emphasised that work was being done between the two countries “to make sure that there are true competitors to Huawei” so that “we can deliver true commercial outcomes across real secure networks that aren’t subject to the Chinese Communist party’s control”“, where we need to valuate ‘work was being done between the two countries “to make sure that there are true competitors to Huawei”‘ reads more like a flaccid 90’s software sales agent with a concept to sell than an actual commitment. This situation merely exists because governments stopped seeing infrastructure as a priority and as US commercial people saw ‘gains’ elsewhere (read: cheaper/easier way to make commission), hardware needs lagged and the US is almost 3 years behind in the 5G circuit. Like in the BBC article yesterday, we see “The US says Huawei could be used by China for spying, via its 5G equipment” hiding behind the word ‘could‘ whilst not producing any evidence. All whilst presurring on “Mr Ren’s military background and Huawei’s role in comms networks to argue it represents a security risk” that is all slanted on a time when Mr Ren actually looked young and served for 9 years, he left the army in 1983, which was when Mike Pompeo was in High School optionally hoping to fondle a local cheerleaders boobies (we can presume), oh and by the way this was all 37 years ago, as such the lack of evidence on the equipment apart from an almost 10 year old case that was settled, the evidence presently seen is a joke.

This is all about the US losing its data collecting position and it is willing to sell anyother nation down the drain, all becasue the US became lacks, stupid and flaccid. Is that the legacy that the EU and the UK have to look forward to? Lets not forget that no matter how happy Nokia and Ericsson become, they are a little over 5 years in the running and well over 3 years too later to adapt to the high-tech that Huawei is currently releasing, that is the price of iterative technology.

The fact that my personal IP surpasses the US tech stream is further evidence still, in 1992 I was really behind the curve, it makes for the difference of innovative thinking and as the world relied on the US, its flaccid actions are now a real issue. 

In addition to all this, Wednesday also gave us “A group of anti-Huawei Tories want an assurance that the government will work towards reducing the Chinese company’s influence in UK infrastructure to zero, ultimately stripping it out of the 4G network as well” which is linked to “any provider deemed high-risk by the intelligence services should be phased out of the supply chain” and the problem here is not that Huawei is a claimed spy tool for the Chinese government, it is the fact that (as Alex Younger) stated that no infrastructure should be in the hands of non-UK corporations, which is acceptable. Yet they will hand the hardware over to EU and the US government, which is slicing the meat on the other side and almost as pointless. Let’s be clear, Alex (big boss MI6) gave a clear and understandable point of view. UK infrastructure needs to be in UK hands and as such we can accept that. Yet British Telecom is nowhere near this situation and as such we see a failing of policy on more than one shore.

So as we get to “Unhappy MPs held a series of meetings in Westminster, although they are keen to operate behind the scenes to push for a concession, several senior Tories believe they have a chance of getting the 45 rebels needed for a successful backbench revolt on legislation relating to regulation of Huawei” which would boil down to a conservative mutiny on a few fronts, the question that I am currently posing is: “If I investigate these 45 ‘proclaimed rebel’ members, how many will reveal a carefully denied personal link and gain from a non Chinese Telecom market?” Is that not an interesting side either?

And the intentional limitation of 35% would that be to keep American commerce happy, or is there an actual security setting here?

There is too much on the surface that we should investigate and it is not. Even as the article makes a reference to American diplomat Plus One, whose wife Anne Saccolas is accused of causing the death of 19-year-old motorcyclist Harry Dunn. They still insist on their bully tactics and they will refuse to make public any evidence of the Chinese government links to Huawei hardware, all whilst the massive bugs in the Cisco routers are ignored by all.

So whilst we all cry over non existent hacks on Huawei equipment, we are faced by Cisco insecurity, and whilst some will not get this, the fact that the bulk of all servers in the world rely on Cisco Switches. so when we get (source: Cisco) “2020 January 29. A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.” Now apart from the local need to fix this, there is no real blame at Cisco, this happens and whilst we see

Vulnerable Products

  • 200 Series Smart Switches
  • 300 Series Managed Switches
  • 500 Series Stackable Managed Switches

So whilst everyone is crying over non proven proclaimed weaknesses, there are actual weaknesses in the hardware leading to the internet and that gets my goat up, the entire Hawei matter is about the US losing too much revenue and the US being out of the data loop, and we support that….why?

When we wonder how we care on who gets our data, we seem to forget that someone gets it, yet the US wants to be the only runner in this race, based on decades of feigned superiority and now that they are in the race and moving from first to 4th position we seem to grant them all the leeway they need, whilst on the other side we see no improvement on personal data intelligence security, why do we need to continue this situation?

That issue becomes larger when we see the Financial Times (at https://www.ft.com/content/96c79040-40ea-11ea-bdb5-169ba7be433d). Here we see “Wealthy individuals are scrambling to lock down their privacy in the wake of the alleged hack of Jeff Bezos’ iPhone, as personal cyber security experts warn that the rich and famous are increasingly becoming the target of sophisticated cyber criminals“, which makes sense and the supported ‘a report last week alleged that Amazon founder Mr Bezos was hacked by Saudi Crown Prince Mohammed bin Salman in 2018‘ in all this there are (at least) two sides

  1. We see a proven part where ‘sophisticated cyber criminals‘ are getting onto more and more mobiles (an issue that will continue faster and more intense in 5G. 
  2. The world is realising that corporations are not lucrative targets, the softer market and larger market of one million mobiles might be worth a lot more, and the collected information could lead to a switch in ‘criminal economies’, that part is optionally seen in “Rubica, a company that provides more affordable digital protection for families, added that had he received “lots of inbound” inquiries last week from clients about how to better protect themselves from adversaries“, and as we see “According to data compiled by RSA Security, 70 per cent of fraudulent transactions in 2019 originated on mobiles
  3. (Optional) The guilt of Saudi Crown Prince Mohammed bin Salman was never clearly established and is by some experts in the field regarded as a strange choice of actor to incriminate in the first place, as such it implies that there is a larger concern that the ‘vested’ parties cannot make clear statements on guilt and providing proof on who did it. Making the cyber setting a lot more dangerous, especially as insurers will try to seek more ways on options to not having to pay out (making more stringent contracts), this setting could hurt millions of people whilst the actual criminals go on without prosecution.

We see a shift in the market and this shift becomes a much larger issue in 5G, as such do you want your 5G infrastructure to be 3 years behind the latest technology? It will go faster and faster as I saw what the direction was and my IP would (hopefully) lessening the impact by almost 30% whilst 400 million starters (globally) will get a much larger slice of their marketing pie for their small businesses, whilst keeping more control of their information. All because some people forgot to look in one direction, that too is the effect of flaccid American innovation. I would never be a contender if they upped their game, so when my ship does come in, I will have to thank them for that.

Marc Rogers, vice-president of cyber security at Okta is right when we see “The cache of data on these devices is just growing, We’ve seen a massive escalation of theft [from] mobile devices because criminals are realising that people are storing immense amounts of personal and financial information,” is part of that crux and the US whilst bullying their Huawei part are basically not ready to deal with this, because they will claim that is up to you and your insurance. Which is an interesting ploy to give out in the near future as Cyber crime will spike and all whilst most global governments still do not have a clear and well documented Common Cyber Sense setting in play, many are hiding it in some HR document and using that to sack people when the damage becomes a little too pronounced, or the transgression becomes a ‘politically correct’ consideration. 

I see a much larger problem and the US is merely adding fuel to the fire and whomever they send will merely be the spokesboard of US data collection groups (as I personally see it) that need their data to maintain existence. 

So who is ready to play catch with the next henchman that the US sends?

 

 

Leave a comment

Filed under Finance, IT, Media, Politics

Investigating Self

I have always held myself to the highest degrees, I have always doubted myself. This has nothing to do with ego, or with the fact that I am better than others. This is about the setting that I am not perfect and I too make mistakes. I have never had doubt there. You see, the people claiming that they do not make mistakes are liars, plain and simple. It is not, or has it ever been about making mistakes or guilt. It has forever been about the ability to repair or adjust actions taken. I have forever stood by my words, whether wrong or right, and when wrong I have never opposed being corrected or adjust the view that I had. That is the responsible steps for any person to take.

And in the past I have given a very clear setting of the entire Novichok debacle and now, actually 6 daus later, I am taking a look at the US papers, you see, there are clear screw ups there. Yet there is also news that was never spread by the media to the degree that had to be given, was that not strange too?

So let’s take a look at the UN event (at https://www.gov.uk/government/speeches/you-dont-recruit-an-arsonist-to-put-out-a-fire-you-especially-dont-do-that-when-the-fire-is-one-they-caused).

On Sunday, 4 March, Sergei Skripal and his daughter Yulia were found unconscious on a bench in the city centre after being poisoned by a Novichok nerve agent. Detective Sergeant Nick Bailey, a Wiltshire police officer, was also seriously ill after having been exposed to a nerve agent. Following this attack, the United Kingdom notified the OPCW, invited them to confirm the identity of the substance involved, and we briefed members of the Security Council. The OPCW’s independent, expert laboratories confirmed the UK’s identification of the Novichok nerve agent.

Here in the first part we see that there is already one part (when you nitpick) it. The setting ‘the Novichok nerve agent‘ might be partially correct, we see that the BBC gives us two parts. The first: “The name means “newcomer” in Russian, and applies to a group of advanced nerve agents developed in secret by the Soviet Union in the 1970s and 1980s” and the second part is “One variant was reportedly approved for use by the Russian military as a chemical weapon“. When we see that Novichok is a group, which specific one was it? Some will say that this is merely Semantics, yet the UN and the UNSC are ALL about semantics, the specifics are very important here, because it allows for ambiguity, and that is not a good thing. In addition, when we consider ‘One variant‘, was that the one that was found? A lack of details is already seen from the very beginning from a whole host of media deliverers and that is not a good thing.

The second part is even worse. With: “On 4 September, the OPCW’s independent, expert laboratories have again confirmed the UK’s identification of the Novichok nerve agent with a very high level of purity and to remind Council members, the very high level of purity means that it will have been made by a state“, we are now treated to ‘with a very high level of purity‘, as well as ‘made by a state‘. These two parts are important, the first one was not mentioned in the initial attack, the emphasis on the purity is important, because all parties hit by the initial attack survived, the third victim, the police officer was seemingly indirectly exposed, implying that his exposure was even less and we do get that he was lucky and that the indirect exposure gave him a much better chance, yet the ‘purity’ now gives the question on how the first two survived in the first place. and if we see the reference to ‘the use of such agents on door handles‘ later in their statement, was there evidence of that, merely an example and if it was the door handle, one would be exposed for certain, the second one would have more likely than not evaded exposure for longer, optionally exposed to a much lesser degree (an assumption on my side).

Yet the second part ‘made by a state‘ remains the issue. You see, in ‘Does it taste like chicken‘ (at https://lawlordtobe.com/2018/07/05/does-it-taste-like-chicken/) we see: “The additional information that was published in 2016: ‘Iranian chemists identify Russian chemical warfare agents‘, which we got from http://www.spectroscopynow.com/details/ezine/1591ca249b2/Iranian-chemists-identify-Russian-chemical-warfare-agents.html. You see, the problem was already clear in the previous attack“, the fact that Iranian academics created the substance for detection with: “The authors succeeded in synthesising and obtaining detailed mass spectral data on a series of unusual nerve agents. The data have been added to the Organisation for the Prohibition of Chemical Weapons’ Central Analytical Database (OCAD)” we are given the prove that the evidence shows that this is not limited to state actors, hiding behind the term ‘purity level’ is just folly in several levels. The fact that this was done in 2016 also shows that the formulas had been out for a while, the Leonard Rink case is further evidence still, all elements ignored by too many players.

Let’s be clear, there it is not in question that there is more likely than not a Russian involvement, yet the evidence that it was Russian state remains debatable, that part has always been the case. In addition when we are confronted with “testing of the hotel the pair stayed in in London revealed the presence of traces of the Novichok substance in their hotel room” is clear evidence of the two persons being involved in all that, yet in opposition, the entire matter of  “Looking around in the security business, I have been confronted with quotes like “their lack of covert tradecraft seems kind of bizarre“, “The shitty tradecraft, not just with clothes but by traveling together, and by leaving a noticeable trail“, as well as “Arriving together??? Staying together??? Leaving together?” is a first instance in all this” is equally important. Open sources all over the place by people in the security industry are giving us the question on why these two remained so visible, so outspokenly noticed. Even as a non-Trade-craft person I would be more likely than not be able to avoid clear detection and identification for around 50% of that time, that setting in all this matters, because we are confronted with a government knowingly targeting the wrong player, more likely than not the wrong Russian player.

This now evolves into something more when the statement “The GRU has time and again been responsible for Russian interference in other countries’ affairs, and most recently, we saw US indictments of GRU individuals in relation to the 2016 Democratic National Committee PAC“, not merely connecting two events, we are given ‘we saw US indictments of GRU individuals‘, yet when we look deeper we see in Forbes (at https://www.forbes.com/sites/kateoflahertyuk/2018/08/23/midterm-election-hacking-who-is-fancy-bear) “The group (Fancy Bear) – also known as APT28 and Strontium – is allegedly affiliated with Russian military intelligence agency the GRU. Fancy Bear’s aims centre around geopolitical disruption through cyber influence“, it is not merely the ‘allegedly’ part it is also the ‘affiliated’ part. What officially connects these two? What evidence is there that in the first they are officially connected, and in the second part where is the evidence? The Estonian Foreign Intelligence Service has them too in their papers, and I am not debating their existence, yet the clarity of evidence is missing.

For example, we do not question the SVR, the GRU or the FSB. We know who they are and what they do, that was never in debate. Yet when it comes to hacktivists and cyber criminals, the line gets to be blurry, more important, either of them can be both and at that point, is it them, or are they doing what their government tells them, or even a third party? Now we see Ambassador Karen Pierce having her moment of folly connecting the two together, making matters worse, or perhaps better started ‘more impossible to prove‘. That was always the case, proving that it was all state driven. It was never on the Russian part, that part was easy enough (almost too easy), it is the state driven part that is the case and when we get to rely on that some parts were ‘almost too easy‘, you better believe that it is anything but that. It still gives me the stronger conviction that this is organised crime, most likely Russian organised crime. At that point the equation changes by a lot and that is where we are stuck. Even as we accept (with the evidence of trace), how come that Alexander Petrov and Ruslan Boshirov were not infected? Why would anyone be this casual in the usage of the material, but allowing for trace toxin in their room? That question also remains at present. So when we are given ‘we have clear evidence of Russian state involvement‘, we see the speech, but what evidence was handed over showing that evidence? Merely two names and two passports? If that is the evidence then it is evidence that is slimmer than a silk thread, no weight can be applied to it with any confidence, no matter how strong silk is regarded to be.

Yet there is other news too, interestingly not from a government source. We see (at https://www.chemistryworld.com/news/key-suspects-identified-in-novichok-nerve-agent-poisonings-/3009475.article), the acceptable parts come in two stages: “Consequently, the agency was not able to conclude from its chemical analysis that both poisonings were definitely caused by the nerve agent discovered in the counterfeit perfume bottle“, as well as “Impurities in the nerve agent samples taken from the Skripals’ and the unknown storage conditions of the bottle have made it difficult for the OPCW to conclude whether the two nerve agents originated from the same batch” elements I brought out before these articles were released. Now, we must also critically challenge these statements, because ‘impurities’ implies more. It could merely be the humidity it got exposed to, which is not strictly an impurity, merely a lessened impact. So the precision of ‘impurity’ could also spell as evidence that it is optionally not the Russian state, merely a Russian player and my much earlier opinionated assumption that it was not smuggled into the UK, but optionally made in the UK is more visible with ‘whether the two nerve agents originated from the same batch‘, or the UK would have to admit that it is lacks and allowed for Biological agents to get smuggled into the UK twice over, hurting everyone’s ego.

Which leaves us with the final quote: “Consequently, the agency was not able to conclude from its chemical analysis that both poisonings were definitely caused by the nerve agent discovered in the counterfeit perfume bottle“, giving the UK a much larger problem, one I do not envy them to have. Part of me wants to examine all the CCTV footage myself (if it comes with a job). Too much in that does not make sense in the entire setting (yes I am happily paranoid). There is too much flim flam in all this. We see that with the BBC article (at https://www.bbc.co.uk/news/uk-england-wiltshire-45362840). When we are given “A number of vehicles which were used in the response to the Salisbury Novichok poisoning have been buried at landfill. Defra said the “potentially contaminated items” were taken to a site at Bishop’s Cleeve near Cheltenham before “being disposed of safely”“, all this whilst we have been told from more than one source that water and humidity dissolves and the Independent gave us last week: “Within the environment, these agents react with water to degrade, including moisture in the air, and so in the UK they would have a very limited lifetime. This is presumably why the street in Salisbury was being hosed down as a precaution – it would effectively destroy the agent“, such an overreaction is not merely stupid, it now implies that there is more, or perhaps a lot less and no one wants to open that can of worms. If you wanted to overreact, just drive it into a swimming pool and take it out the next day, fix the car and use it again.

Even if we accept that some overreactions are merely due to fear, a healthy dose of fear mind you, then still the entire Russian State part does not make sense. In the end, two targets that are still alive and two unknowns are dead. If I was either a ‘member’ of SVR, FSB, or GRU I would have been hurt in my pride and take one of at least two dozen of lethal solutions (not of them toxins) to remedy the situation. If you doubt me ask anyone in any of the NATO related special forces this simple question: ‘Can you live with your failed operation that left the enemy alive and innocent people dead?‘, some of these people do not accept failure in any way shape or form ever, I have the weird hunch that this ego driven sentiment is also present in Russian special forces. These people are weird that way (all of them, go figure), only fortifying my belief that we are dealing with another fish altogether and figuring out what fish we are dealing with is actually a lot more important than most think. Identifying that player should be the top priority before it is too late, merely because if I am proven right, it will also show that a lot of high end spokespeople will validly receive the limelight with merely one question ‘Show us that evidence!‘ At that point we will see soon thereafter a new option in Google Search:

Which one are you looking for?

  • WMD (US) Iraq
  • WMD (UK) Salisbury/Amesbury

What a legacy for these people to leave us.

#OneStepClosertotheWeekend

 

Leave a comment

Filed under Media, Military, Politics, Science