Tag Archives: Cyber

Dream number three

I am trying to remember something. Yesterday I came up with short story number three, I dreamt the story and the big lines were done, but now I forgot the dream, only fragments remain. A stage where it is about one thing leading to another, I see the ending but I can no longer see the beginning. It is a shared setting that eludes me, and every time I my mind moves back to the story, it is overwhelmed with other facts. It takes me back to yesterday as I was writing the Kaseya story. The BBC is giving us “Researchers from the Dutch Institute for Vulnerability Disclosure found the problem and were helping Kaseya plug the hole long before the hackers found it”, yet if we are to believe ‘long before the hackers found it’ I wonder why Kaseya was continuing on the path they were. More important, if that was really true, why was Kaseya not monitoring the situation 24:7? In my case the story is not completed, I am creating it (almost) on the go. Kaseya is seemingly in a stage where they are in denial. First a few, then up to a 1,000 and now, after other sources give us a stage that sets the premise to up to 100,000, some sources give us ‘Between 800 and 1,500 companies potentially affected by Kaseya ransomware attack’, I get it, it is optional a seesaw that is balancing between optionally managing bad news and the speculative media on the other end of the seesaw. Neither side is overly reliable in my personal view. Yet the BBC gives us “the way the cyber-security world has pulled together to reduce the impact of the attack has been incredible”, you see, I have been involved in IT work since 1982, I have never seen competitors pull together, so the story of ‘the cyber-security world has pulled together’ remains debatable. They are all scared, they wanted solutions faster, automated and cheaper, it is like the house where you can choose 2 out of three, now the choice is nil, because the underlying factors are haywire. In this setting, and yes, this is all speculative. We have a solution that is faster/slower, automated/manual and cheap/expensive. They wanted it fast, but that requires matching hardware and software. This is where ‘plugging the hole’ is a problem, as such there was never a cheap solution. Then there was the automated setting, that is the one that they could pull off, but in a stage where there is too little security, and if ‘long before the hackers found it’ is to be believed, I speculate that the need was manual when the wrong parties opted for automated. And in the third we have cheap and expensive. They needed a solution that was cheap, but they needed a lot more expensive elements. This is ALL speculation, but the setting where we see system after system fail, in my personal opinion is all a setting towards shortcuts and that led to the weakness we now see exploited. I personally believe that players like Kaseya are too plenty and when we see ‘the cyber-security world has pulled together’, we see a stage where they all have a seemingly fat meal, they all get to set a field of limitations for all others and that will have long term repercussions. Microsoft, Solarwinds, Kaseya are examples that how us that the hackers are gaining more and more advantage and that is the larger stage. In this setup hell will get one happy resident and it is not the ruler of hell, I will let you consider who I am talking about and it is not a player that is mentioned in this article, neither is REvil, they seemingly found a gap that they exploited hoping to bank $70,000,000 but the stage is out there and the snippet “were helping Kaseya plug the hole long before the hackers found it” is merely a factor, so how long did the plugging take and why was it not successful? The words ‘long before’ should be an indication. So why are we (clearly) seeing several facts and the hack was still successful? The article is (at https://www.bbc.com/news/technology-57719820) merely one factor, the amount of MSP’s are another and the lack of alarms is a third part. A dangerous setting of cheap, seemingly fast and proclaimed automated systems in a stage where no one was the wiser. Consider a fast automated system without proper alarms and without logs, and that is merely one player using (or claiming to have) cloud solutions. A stage that is no solution (ask COOP in Sweden if you doubt me) and one that hands over cash to organised crime. How much risk are you willing to take with your business?

1 Comment

Filed under Finance, IT, Science

Mercy on stupid people?

In this age when we have 8,000,000,000 people walking around, should we show mercy on stupid people? I am not talking about people with some mental disorder, I am not talking about people with a speech impediment or people with a physical disorder. No, I am talking about people with a  greed disorder, a mental stage of everything is for free. Should we allow them to be alive? It is a serious question. You see, the BBC gives us ‘How hackers are using gamers to become crypto-rich’ (at https://www.bbc.com/news/technology-57601631) and the BBC adds to the stupidity to put a picture of a nice girl there, although these transgressions are most likely done by well over 90% males. The list “Versions of Grand Theft Auto V, NBA 2K19, and Pro Evolution Soccer 2018 are being given away free in forums” implies that. You see NOTHING is for free, and nowadays, the sun might be (for now) the only thing that comes for free, but air is close to no longer free. In the last decades we wasted air quality to such a degree that more and more need oxygen and that stuff is not free and not cheap. So when I see “hidden inside the code of these games is a piece of crypto-mining malware called Crackonosh, which secretly generates digital money once the game has been downloaded. Criminals have made more than $2m (£1.4m) with the scam, researchers say.” I reckon that this goes far beyond the UK borders and as such the revenue will be a lot higher, in addition, the stupid person thinking that they are getting a free game are using electricity like there is no tomorrow. So any gamer having anything from a 750W Corsair to a 1200W Asus Thor will be donating $0.50 – $0.75 a day per PC to that criminal group. And that is the best news theory, if they leave the computer on and unattended the price could go up by 200%-400% a day, which means that this free game is costing you a lot more, optionally buying that game in the story will cost you $48 at Amazon, implying that you will pay for the game more than once after 15 days, if you are lucky after 20 days. So how free was that game? You might not pay for the electricity yourself but it will reflect in the bill and mom and dad will hold your PC up for ransom if you do not pay the electricity bill. 

So far two places out of a lot more gives us: 

United States: 11,856 victims
United Kingdom: 8,946 victims

As such the $2m is delusionally optimistic, the damage is more than likely a lot higher, especially when we see 

When Crackonosh is installed, it takes actions to protect itself including:

disabling Windows Updates
uninstalling all security software

And that was merely the better news, when you consider elements like

computer slowing down
wearing out components through overuse

You end up with the short end of the stick, and you better believe that it is a lot shorter than you hope it is. So should I feel mercy when a stupid act degrades a persons PC, sets the cost of living a lot higher per week, but that does not matter, does it? You got a free game out of it!

There is one side that bothers me, it is the quote “Tracking the hackers’ digital wallets has revealed the scam has yielded over $2m in the cryptocurrency Monero, Avast says”, it is the part ‘hackers’ digital wallets’, wallets is plural, as such there is every chance not everything has been found and there is even a much larger chance that they will find one group and have several groups walk away, because they were never spotted, and they were optionally a little more clever than the other players. The damage I a lot worse, yet when it comes to stupid people, I do not mind, more game time, more original game time for me. And this is merely the first setting, you see, I took notice because it flushes the one element out into the open. I touched on this with “I believe that it is a first step in the overly effective phishing attacks we face, Facebook might not be part to that, but I reckon the phishing industry got access to data that is not normally collected and I personally believe that Facebook is part of that problem, I also believe that this will turn from bad to worse with all the ‘via browser gaming apps’ we are currently being offered. I believe that these dedicated non console gaming ‘solutions’ will make things worse, it might be about money for players like Epic (Fortnite), but the data collected in this will cater to a much larger and optionally fairly darker player in this, I just haven’t found any direct evidence proving this, in my defence, I had no way of seeing the weakness that SolarWinds introduced. It does not surprise me, because there is always someone smarter and any firm that has a revenue and a cost issue will find a cheaper way, opening the door for all the nefarious characters surfing the life of IoT, there was never any doubt in this.” I wrote it in ‘Not for minors’ in December 2020 (at https://lawlordtobe.com/2020/12/18/not-for-minors/) and anyone (read: Epic) with claims that they will stop this, would be lying to you. Criminals are massively intelligent and their opponents (police and FBI) are not equipped to deal with this, that is beside the manpower shortage they would face. So when you get to slide between stupid kids and greed driven short sighted IT solutions, the people are about to lose a bundle, for the tech criminals it will be Christmas for them 340 days a year (with 25 very well paid holidays).

And that was just the beginning, how long until these easy virtue characters offer games with even more powerful ways to mine? A version of some merge 3 game but now utilising 95% of your processor 100% of the time? It will not interfere with receiving calls, it will not interfere with laptop, tablet and other device, but you become the pawn in a need to mine and it will cost you a lot more than you think. How long until someone combines screensavers and locked screens with the old SETI program and let devices mine the truckloads out of massive data files and we all contribute for every downtime minute every day? That was the danger that greed driven Epic contributed to (as I personally see it), that is the danger that we all face, and it gets worse. You see Yahoo told us ‘Epic is deliberately keeping ‘Fortnite’ off Microsoft’s Xbox Cloud Game service’, isn’t that interesting? The cloud is their competitor, so they want to open up all the markets for THEM, but they are not that eager to hand their game to a streamer where they cannot collect as much. As I personally see it, it is about their margins, it always was and as such I personally consider their case to be a bogus one, but they opened a door, a door criminals will be eager to use, so how long until they offer Fortnite cheats, Fortnite chests with weekly prices, hardware and skins? It will be the gateway to more systems and the law is not ready and the makers of games will find out too late that the floodgates had been opened. That is how these events usually go, but in the end it will not cost them anything, because they will cover all third party solutions and it will be up to the gamer (and their parents) to pay that price. 

Leave a comment

Filed under Finance, Gaming, IT, Law, Science

Some small bits

We all see them, we all face them and even as there is no overwhelming story out there, I think it was time to set up a look at the small bits, the parts I have already given view to and now I am adding to them. 

Huawei

The first part is ‘Huawei row: Trump chief of staff to meet Dominic Cummings‘, here we see another media driven attempt to ban Huawei from the UK, the UK is now as much a bitch as the Australian government. So far the US has not given any evidence that the Huawei hardware can be used to spy on people by the Chinese government, so far the US is not even sending that person with a really bad haircut, so that he could compare barbers with Boris Johnson, no he is sending his acting White House chief of staff, Mick Mulvaney. Even after Richard Grenell gives us “to make clear that any nation who chooses to use an untrustworthy 5G vendor will jeopardize our ability to share intelligence and information at the highest level“, in my response ‘what intelligence?’ at present the CIA is regarded as one of the least trustworthy intelligence providers, we could argue that Facebook has better intelligence than the CIA does (hurts doesn’t it?)

Now, if the US had provided intelligence on Huawei several Cyber experts would nitpick that intel, yet the setting is out there, there is no evidence whatsoever, the US is fearing for its life and its economy. The backdraft is also there, any nation will get an advantage over whatever paperback spinal cord is supporting the US without evidence. All because the US cannot control its national corporations, we all must pay.

We can treat “A group of backbench Conservatives also wants Johnson to commit to remove all Huawei kit from British phone networks over time” with optional disgust as well, even as there is no stage set on ‘over time‘, as I personally see it these acts are profit driven, not national security driven, even as some will make a claim in that direction. 

Jeff Bezos

You know the man, the intelligent man with the really long forehead (read: bald), was hacked, it happened in 2018 and the media keeps on blaming the Crown Prince of Saudi Arabia, yet there is no evidence. In light of all that had happened, the idea that any Crown Prince is THAT hands on with an issue is overlooked on several levels. The FTI report reads like a joke and personally, if Mr. Bezos pays THAT much for what I personally see as trash, than I have optionally 4 IP stages, one unfinished book and over a 1000 articles for same for the mere price of $50,000,000 post taxation (50% for the IP and the rest is a gimmick), you see at least I am willing to say that upfront. In addition, his own paper gives us on January 28th “Indeed, in October 2018, Michael Sanchez and AMI entered into a nondisclosure agreement “concerning certain information, photographs and text messages documenting an affair between Jeff Bezos and Lauren Sanchez,” according to three people who have reviewed the agreement. The existence of the contract was first reported by the New York Times. One of those people also confirmed a Wall Street Journal report that federal prosecutors who are investigating whether the Enquirer tried to extort Bezos have reviewed the text messages that Lauren Sanchez allegedly gave to her brother and that he then provided to the tabloid.” as I personally see it several parties owe Crown Prince Mohammad bin Salman bin Abdulaziz Al Saud a few apologies and all kinds of Saudi catering hoping that it will appease his royal highness. On a personal note, I reckon he will be jealous of my yacht by the CRN ship wharves, so as we see the wealth of Jeff Bezos, he might just want to say ‘Sorry!’ to his royal highness and spend 0.5% of his wealth to appease that rather rich party with a yacht (so that mine will remain optionally safe, when it is completed). And no matter how it all get spinned, the UN report needs to be nitpicked and rather quickly, too many questions remain and even as we see that a person with knowledge of the investigation who was not authorized to speak publicly about its progress, or as the Washington Post is skating around the trandsetting term ‘anonymous source‘, which would place them on the same scale as the Enquirer, they give us “It’s possible that the Saudis hacked Bezos’s phone and Michael Sanchez independently got the photos from his sister and some people were trying to get paid and some people were trying to get Bezos,” all whilst there is no actual evidence that the hacker was Saudi, I did away with that quite nicely in ‘6 Simple questions‘ (at https://lawlordtobe.com/2020/02/03/6-simple-questions/), whilst the 6th question ‘Why on earth is the UN involved in an alleged Criminal investigation where so much information is missing?‘ was never answered by any media EVER! (OK, as far as I know).

Yet there is a reason why we bring this all, it is seen (at https://www.inc.com/jason-aten/facebook-says-apple-is-to-blame-for-hacking-of-jeff-bezos-phone.html) where we get introduced to ‘Facebook Says Apple Is to Blame for the Hacking of Jeff Bezos’s Phone‘, with the optional part “Nick Clegg, said that the hacking of Jeff Bezos’s phone wasn’t the fault of WhatsApp, pointing instead to the Apple iOS that powers the iPhone X Bezos was using. Or, at least, that’s presumably what he was trying to say, though his answer when asked by the BBC was largely incomprehensible“, as well as “he argued, “It sounds like something on the, you know, what they call the operate, operated on the phone itself.” To be clear, he didn’t specifically mention Apple by name, however it had been previously known that Bezos was using an iPhone X at the time he was hacked“, I find it debatable, but it takes the court away from the Saudi Crown Prince and a few others, if that hack is not one that NSO Group’s Pegasus or Hacking Team’s Galileo uses, then we have a much larger issue, one that is not identified and even as it takes the Saudi players off the board, it does not take the issue away. The NSO group has loudly denied the entire issue and this gives them the option to do that, so far the FTI report is too shabby, it does not seem to warrant or deny the optional allegations. So as we see: “someone actually took advantage of a vulnerability that WhatsApp itself has already acknowledged was an issue and issued a fix. It’s even more confusing that he attempted to pass the blame to Apple“, I personally feel in agreement with the writer, the entire WhatsApp feels like to comfortable solution, yet that vulnerability was out in the open and there is still no evidence that it was done by Saudi hands, even now, the list of perpetrators is growing, pushing the optionally (and alleged) Saudi players to the bottom of that list. I would advise Brainy Smurf Jeff Bezos that he pays up as fast as possible (and sizeable) before it becomes a behemoth of an issue that a mere sorry and a box of chocolates will not solve. 

Yemen

You might have heard of that place, apparently there are a few humanitarian issues playing and even as we now see ‘UN Condemns ‘Shocking’ and ‘Terrible’ US-Backed Saudi Coalition Bombing That Killed 31 Yemeni Civilians‘, we are given “Those who continue to sell arms to the warring parties must realize that by supplying weapons for this war, they contribute to making atrocities like today’s all too common“, yet the EU and the US are happy that this all continues. My evidence? Well consider that we see today ‘The EU has agreed to deploy warships to stop the flow of weapons into Libya‘, all whilst a similar action in Yemen would have diminished the dangers over two years ago, so how many ships had the EU to set up a blockade to stop weapons going into Yemen? As far as I can tell, there is an unwritten consensus to give as much freedom to Iran as possible. I gave that part in ‘Media, call it as it is!‘ (at https://lawlordtobe.com/2018/11/03/media-call-it-as-it-is/) almost 18 months ago, so why exactly is Yemen not an issue and Libya is? It is oil and everyone is dancing around the stage hoping for a barrel full of the substance. Yet the Yemeni don’t matter, if you doubt that you merely have to read the articles, all about complaints and condemning, not about action packed events, are they? And in all this Xavier Joubert, director of aid group Save the Children Yemen is equally to blame, does he give the stage in a proper setting? Does he give any information on the actions that Houthi forces have been eager to take forward (including those on children)? Nope! So when we see “after Houthi rebels claimed to have shot down a Saudi Tornado jet Friday in Al-Jawf province“, as well as ““possibility of collateral damage”—a common euphemism for civilian deaths“, yet how many enemy troops were there? that part is not given as it takes the power away from their own story, yet the story they give us is out of whack. So whilst people like Lise Grande come up with “it’s a tragedy and it’s unjustified“, all whilst for well over two years a blockade could have optionally limited the damage that could have occurred, yet no one is willing to skate that track, are they?

All whilst we see (at https://www.timesofisrael.com/pompeo-calls-for-action-against-iran-after-us-navy-seizes-weapons-sent-to-yemen/) ‘Pompeo calls for action against Iran after US Navy seizes weapons sent to Yemen‘, a stage that was set this week, we see the laughingly entertaining ‘World’s silence has emboldened Saudi-led war crimes in Yemen: Iran‘, all whilst we see Iranian Foreign Ministry spokesman Abbas Mousavi giving a speech on what he calls War Crimes, at the same stage where they send hundreds of missiles into Yemen, there is only so much hypocrisy I can stomach and Iran is handing us way too much. So whilst the Islamic Republic of Iran continues to defy the UN Security Council, we need to start being honest about the Yemen situation, the EU does not care about Yemen, it has nothing to offer, yet the US has on this occasion stopped one of several Iranian supply ships. I wonder how many were missed, the ongoing war clearly gives rise to the fact that this war will not be over soon and as such more civilians will die, it is the clear consequence of a war.

These are three of the small bits that I am adding today, there have been a whole range of issues I touched on in the last few days, yet these small bits are important parts to other information I gave out. 

Have a great day, see you all tomorrow

 

Leave a comment

Filed under Finance, IT, Media, Military, Politics

Evidence? Why?

I ignored the news initially, as I saw it, it was nothing more than some bash piece on Saudi Arabia. Yet something hot me, it was just a thought and it was: ‘What if I illuminate parts and let common sense people decide‘ (which takes out many journalists and mostly all politicians). As for me? The issue is that the media is all about bashing any royal part of Saudi Arabia, all whilst ignoring evidence (and debatable evidence to a much greater degree, their pursuit of circulation and agreeing to the beat of shareholders and stakeholders has gone to the heads of too many editors and I get a real rush to illuminate this part.

I have never ignored evidence, yet just like with Huawei, it is seemingly all about the big bully shouting, whilst the deciding world for the most ignores evidence and I think that it is a weird situation. Not merely in this blog, but on a few matters, we will get to hold them to account in a few years, at that point these people will make hastily formulated excuses whilst running to their mummies to get breastfeeding (I reckon).

So, lets begin. In the first we have ‘How the UN unearthed a possible Saudi Arabian link to Jeff Bezos hack‘ (the Guardian at https://www.theguardian.com/technology/2020/jan/22/how-the-un-unearthed-a-possible-saudi-arabian-link-to-jeff-bezos-hack) as well as ‘Did Saudi Arabia’s crown prince hack the Amazon king?’ (the Economist at https://www.economist.com/middle-east-and-africa/2020/01/25/did-saudi-arabias-crown-prince-hack-the-amazon-king), a nice side effect is that the Economist, is viewed and acted on on the 24th of January, whilst the article states that it is the Jan 25th 2020 edition, but enough about that. Let’s start with the Guardian who tells us “The UN’s demand for law enforcement authorities to conduct a proper investigation into the alleged hacking of Jeff Bezos’s mobile phone came after it reviewed the findings of a cybersecurity firm, FTI“, we might not see anything here, yet the UN, who is underfunded and strained has time for this? Is this another US Essay like the one by some French girl on the killing of Jamal Khashoggi? And what about ‘after it reviewed the findings of a cybersecurity firm, FTI‘? This implies that the United Nations called for the inspection, notified a cyber security firm (FTI) and investigated the phone of some so called billionaire (postage and shipping required). So why exactly is this not with the police or an official investigative body like the FBI Cyber division?

Following this we get the real beef with “concluded with “medium to high confidence” that it had been compromised because of actions attributable to a WhatsApp account used by the Saudi crown prince, Mohammed bin Salman“, first of all, if I want to investigate the corruption at an army base, I will not go in as the lawlordtobe, I would enter the situation as some poor schmuck who is from the city of Noonecares. It is almost like an assasination and the official in question uses his own service revolver instead of someone else’s. And what goes with ‘medium to high confidence‘, what evidence was uncovered? Then we get the part where is all falls to shambles. With “The UN was careful not to be definitive. Instead of pointing the finger, its statement said the apparent hack had been achieved using software “such as NSO Group’s Pegasus or, less likely, Hacking Team’s Galileo, that can hook into legitimate applications to bypass detection and obfuscate activity”“, just like the Khashoggi essay fiasco, the UN is all about being not definitive, as such we want to know how accusations can be made when you are not definitive. As such I would like to point the UN troll to a kids game called Clue, there in that games (for ages 8+) we are introduced to the concept of evidence, where you need to collect facts and state “I am accusing Colonel Mustard who killed Dr. Black (aka Mr. Boddy) in the Kitchen using the lead pipe” and then we look at the evidence and see if the claimant had his or her facts straight. None of that CIA BS where we see ‘medium to high confidence‘, I would offer that if the confidence is already medium, what was not looked at and what was discarded. The statement comes directly before “The NSO Group, an Israeli cyber-surveillance firm, strongly denied that its surveillance tools were responsible“, as such we are left with ‘less likely, Hacking Team’s Galileo‘. so there is a mountain of doubt on an article that throws the Crown Prince of Saudi Arabia in a bad light and there is seemingly an increasing lack of evidence. As we go on, we see the NSO giving the statement that offers direct opposition to some firm called FTI with “These types of abuses of surveillance systems blacken the eye of the cyber-intelligence community and put a strain on the ability to use legitimate tools to fight serious crime and terror. We expect that all actors in this arena put in place stringent procedures and technological controls, such as those that we have put in place, to assure that their systems are not used in an abusive manner“, as such there are larger questions not merely on the UN for setting the stage of something that is not on their plate, they apparently went to another small operation (who knows) and let them set up the stage of doubtful and debatable documentation, doubtful as we get one of the implied companies go directly into denial and setting a document based on evidence that is regarded as ‘medium to high confidence‘.

And then something beautiful happens. We see “The FTI report cited by the UN special rapporteurs, Agnes Callamard and David Kaye, noted that both NSO and Hacking Team, an Italian company, offered tools that could theoretically have performed the attack” where we are (again) introduced to that UN essay writer, the one that had given us the joke called some Khashoggi report (Agnes Callamard), as well hiding behind ‘tools that could theoretically have performed the attack‘, the idea that this joke from a building based at 760 United Nations Plaza, Manhattan, New York City, New York 10017 and hide behind the word ‘theoretically‘, as such pardon my French (oh, that was funny!) but how the fuck does she still have a job?

For several reasons I will not use the Economist (as I am not a subscriber), but the quotes in their magazine “which was soon used to steal large amounts of data—though the un did not say exactly what, or how it was used” as well as “It called for an “immediate investigation”. The Saudi embassy in Washington, dc, said the accusations were “absurd”.

As I see it, the UN is nothing more than an advertising paper tiger, adhering to the commands of some stakeholder (identity unknown), if this was a direct action by the UN, those people need to be investigated immediately, I feel decently certain I will get both China and Russia to sign off on this, as this has the distinct smell that comes from neither region, so they would score a win, in addition to that, the UN would have to submit data as to what exactly was taken and how it could be identified, which is also an issue that is unclear and optionally unclear to the UN people involved. 

The Verge had a lot more, they had (at https://www.theverge.com/2020/1/23/21078828/report-saudi-arabia-hack-jeff-bezos-phone-fti-consulting) the actual report, and there we see on page one we see the person we need to hackle for information, it is Anthony J. Ferrante who needs to give us the names of who this so called ‘Confidential Report’ was given to, because it seems that it was leaked. And there we see the originator (vice.com) giving us “The report, obtained by Motherboard, indicates that investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it. Instead, they only found a suspicious video file sent to Bezos on May 1, 2018 that “appears to be an Arabic language promotional film about telecommunications.”“, however, this is not the end. They also give us “Investigators determined the video or downloader were suspicious only because Bezos’ phone subsequently began transmitting large amounts of data. “[W]ithin hours of the encrypted downloader being received, a massive and unauthorized exfiltration of data from Bezos’ phone began, continuing and escalating for months thereafter,” the report states“. In this I state OK, let’s take an actual look.

And they do give us more, quotes like “The digital forensic results, combined with a larger investigation, interviews, research, and expert intelligence information, led the investigators “to assess Bezos’ phone was compromised via tools procured by Saud al Qahtani,” the report states“, as well as “A mobile forensic expert told Motherboard that the investigation as depicted in the report is significantly incomplete and would only have provided the investigators with about 50 percent of what they needed, especially if this is a nation-state attack“, ““They would need to use a tool like Graykey or Cellebrite Premium or do a jailbreak to get a look at the full file system. That’s where that state-sponsored malware is going to be found. Good state-sponsored malware should never show up in a backup,” said Sarah Edwards, an author and teacher of mobile forensics for the SANS Institute“, and “The investigators do note on the last page of their report that they need to jailbreak Bezos’s phone to examine the root file system. Edwards said this would indeed get them everything they would need to search for persistent spyware like the kind created and sold by the NSO Group. But the report doesn’t indicate if that did get done.“, which is as I personally see it the shallow political BS that some people go for. As such we see in the report “The following investigative steps are currently pending“, and more profound, on page 4 we see: “On May 1st, 2018, Bezos received a text from the WhatsApp account used by MBS“, my issue here is that this might have been the infected one, yet if I did that, I would use an originator that was real. And there we have it, the Dailymail gave us ‘New bug allows hackers to send fake messages pretending to be you – and there’s nothing you can do to stop them‘ (at https://www.dailymail.co.uk/sciencetech/article-6039533/WhatsApp-users-beware-Hackers-send-fake-messages-pretending-you.html) with the additional text: “First discovered by Israeli cybersecurity group CheckPoint Research, the flaw is incredibly complex and involves a gap within the app’s encryption algorithms. Writing on their website, the team said the vulnerability could make it possible for a hacker ‘to intercept and manipulate messages sent by those in a group or private conversation’ as well as ‘create and spread misinformation’. Hackers could use the bug to alter the text sent in someone else’s reply to a group chat, essentially ‘putting words in their mouth’, the group said.

It took me 5 minutes and Google search to find this. I am not stating that this is true and that the Daily Mail is the source to use (they often are not), yet this is a larger failing, I expected this from the very beginning, the origins of the setting was not properly investigated. Then Vice.com gave us “the report is significantly incomplete and would only have provided the investigators with about 50 percent of what they needed“, which is what I expected before I read one word of the accusation, and with US Essay writer Callamard involved (yes again it is her) we see what this is, another mindless attack on a nation and one person. They did not even bother getting him properly smeared, and no one is asking questions, I reckon that the involved stakeholders are likely to go for the, if we create enough barbeques, someone will shout fire: ‘I ran’ for office! Anyone?

what is the most irritating part is that the UN is again used as the cheap tool that they are. In this there is also the involvement of the FTI and more interesting that a Cyber Security firm did not look past the simplest trappings, as as we consider the optional involvement of Anthony J. Ferrante we need to consider sending quota to all 49 of the Global 100 companies that are FTI clients. Even if it was merely to make a few people sweat. When a non Cyber adapt like me can see through this part they have a clear problem and whether Anony Mouse Bezos was part of this or not will not matter. There is one other part in the report that should be considered. On page 2 we see “More significantly. al Qahtani is known to have played a key and senior role in the killing of Washington Post columnist Jamal Khashoggi.” In the first, he was acquitted (in a Saudi trial) and there has been no other trials, as such the statement should be read as false, no clear evidence was ever presented. In the second, as this is part of the executive summary, it seems that this was a way to blatantly strike out against one individual and the evidence is not corroborating any of this, too many questions are left unanswered and the media is not asking them either, as such I wonder what is to be believed, especially in light of the Daily Mail ‘revelation’ last August, which implies long in advance of this report. The fact that this (optional) fact is ignored gives out a much larger issue, the work in incomplete, debatable and political, not factual, as such sending serious cyber letters to the 49 of the Global 100 companies that are FTI clients, as I personally see it, these players are all about facts and when their provider and be painted as open for considerations, we should entertain all kinds of questions. 

I would also look at the footnotes and take a larger look at that descriptive part, I wonder what is left once I have had the chance to take a red pencil through this report. Now, I am not stating that Crown Prince of Saudi Arabia Mohammad Bin Salman Al Saud is innocent, I am merely considering that his evidence is so shallow, that I would never accuse him of anything, not before a lot more work was done (and a lot more footnotes were properly weighed), in this consider on page 3 footnote 8. When we go there, we see that the article is Lorenzo Franceschi-Bicchierai a member of Motherboard (so why is there no Motherboard article that is the source), we see “An investor from Saudi  Arabia is apparently behind a company that bought a stake in the controversial spyware vendor” where ‘apparently‘ is the operative word. It is also where we see: “Hacking Team was thoroughly owned, with its once-secret list of customers, internal emails, and spyware source code leaked online for anyone to see“, were all these customers on a secret list investigated? There is also ‘spyware source code leaked online for anyone to see‘, a small fact that is apparently not investigated, additional players all optionally ready to give someone called Bezos the time of his on-line life. Then we get “this apparent recovery is in part thanks to the new investor, who appears to be from Saudi Arabia“, a line ruled by, you guessed it ‘apparent‘ and ‘who appears‘, so much filtering and doubt, and in this FTI used that as a footnote source? A program co-owned for 80% by none other then David Vincenzetti. That does NOT make HIM a guilty party and neither is there any convincing evidence of any kind towards the Crown Prince of Saudi Arabia Mohammad Bin Salman Al Saud.

When I see all this I wonder if the UN (or FTI) has any clue how much we should regard them as tools. I cannot tell at present what kind of tools they are, but my personal view is that if this is the debatable level of evidence that some employ, we all are in so much more trouble then we ever thought.

 

1 Comment

Filed under IT, Law, Media, Military, Politics, Science

Exposing lies?

We are confronted with lies all the time, the CIA (who is truly gifted in the act) uses it to spread all kinds of discourse, but that is their operandus mondi, so we are not surprised. Yet now we are confronted that these tactics have been embraced by both the FBI and the Pentagon. And it is not my source; it is an American source that gives us this part.

To get to the heart of the matter, we will have to borrow a TARDIS and do some time-travel (a valid Dr Who reference). During this trip we will not be looking at apples and oranges, but we will be investigating fruit, and this has all the bearings on the case.

Trip one

Let’s travel back to November 24th, 2014. It is a sunny day at Sony Square New York, 21 degrees, nice and relaxing weather. It had all the marks of it being a lovely day, were it not that someone decided to hack Sony and they did it, not only did they do it, they left all the markers blaming North Korea. The FBI send their cyber experts and behold, they too agreed that it was North Korea. Even as we were extremely aware that they had no way of doing it, the FBI stood firm on their findings.

Trip two

We are pushing the envelope and stopping at 2015, 2016, 2017 and 2018. We are given “North Korea’s offensive cyber capabilities” and we see Randall Schriver, a top Pentagon official and all the ‘so called’ expressionistic ideas on how North Korea is the big nasty, the large danger and the big hacker. In addition to this the Financial times gives us (at https://www.ft.com/content/cbb28ab8-8ce9-11e9-a24d-b42f641eca37) “Pyongyang controls an army of thousands of hackers who bring in hundreds of millions of dollars annually, according to experts’ estimates“, which was given to us in June 2019.

Into the Heart of Darkness

It was only hours ago that we were given the first light of truth by the Washington Post. To give you that we need to change the topic to fruit and not apples or oranges. You might realise that to get ahead, you need to be ahead. Unless you build a system yourself, you need access to a system of equal quality to hack into a place. Unless you have the passcodes (current password = Inc0rrect%) and inner workings, you cannot hack past the Pentagon Cray, it is close to impossible to do with even the most updated equipment and North Korea is well over a decade behind. It is defended by firewalls and other encrypted matters. Sony is not that advanced, yet still has a lovely set of firewalls and other means to limit access. Yet North Korea, with technology that was considered advanced in 1990, was nothing of the sort a decade before they hacked Sony. In addition, certain access methods or planting of other abilities would have required 4G mastery, a mastery that they do not have. The digital footprint does not match up and it is there that the Washington Post (at https://www.washingtonpost.com/world/national-security/leaked-documents-reveal-huaweis-secret-operations-to-build-north-koreas-wireless-network/2019/07/22/583430fe-8d12-11e9-adf3-f70f78c156e8_story.html) is giving us the goods.

So as we are given: “Before 2008, North Korea struggled to find multinational companies willing to build a 3G network in such a risky business environment. That ended with the creation of the wireless provider Koryolink, which emerged from a discreet visit in 2006 by Kim’s father, Kim Jong Il, to Huawei’s headquarters in Shenzhen, China” this is the first piece of evidence, 6 years before the hack North Korea did not have access to 3G, it was not there, as such the knowhow of hacking would have been severely limited. In addition to this we need to consider “Alexandre Mansourov, an adjunct professor at Georgetown University’s School of Foreign Service, who in 2011 wrote about North Korea’s digital transformation. “They decided to work with Huawei from that time on.”” gives us that in 3 years that stage was not surpassed, or even achieved. The paper by Mansourov also gives: “less than 3 percent of the population currently use modern telecommunication services, it has adequately trained human capital, a rather developed industrial and technological base, and sufficient financial resources to pursue the digital revolution to the benefit of the majority“, which now implies that the fall back is actually a lot larger. If they truly had a ‘rather developed industrial and technological base‘, then they would be the oranges that need not rely on Huawei, yet they are technologically speaking merely apples, they are both fruit, but on a different shelf, a lower shelf and that is where we see the technology fail (especially in North Korea). In his paper we also see: “Because the cell phones connect to Chinese cell phone towers it is difficult for the North Korean government to eavesdrop on the calls, but it does mean use is restricted to the border area“, this implies that the limitations in North Korea are actually larger and as such knowledge is more limited. that last part came from ““How Chinese Cell Phones Help Information Flow,” Martyn Williams, 1 April 2010” which was 4 years before the hack, there is no way for any nation to evolve their technology level in that amount of time without having billions, as well as all the technology available for installation and implementation. Which was never the case, North Korea is hardly on the 3G path keeping them a decade behind everyone else.

Fruit, Apples and Oranges

So even if I am looking at fruit, looking at mobile technology versus hackers is like setting apples against oranges, yet the larger truth remains, a hacker cannot surpass certain levels of access if they lack access to the current generation of technology and that is where we see the flaw in all this. To have antiquated equipment access the Sony mainframe calls for all kind of issues as the access requires speed, and if you rely on old technology there is a limit to what you can get. For example getting a 4TB drive for a PlayStation 3 is bogus as it cannot address the complete drive, so when you look at it from that path, you lack the ability to store all that data and Sony was all about data. More important, if the skill to get behind a 4G system is not there, there was not even 3G, how can you get into the hack? Now we might rely on normal lines, but the flaw is already shown, you need a larger comprehension of technology and telecommunication to proceed and North Korea is stated that it could not get 3G without Huawei; at that point we should recognise that it could not get into Sony. If they actually had done that, then they would have been able to design and build their own 4G (which would still be half a decade too late), but that would be the premise. That absence gives us that the Washington Post, who also gives us: “According to a 2008 contract, Panda would transport Huawei equipment to Dandong, a town in northeastern China known for cross-border trade. From there, it would be taken by rail into Pyongyang“, as well as “In spring 2008, Orascom and Korea Post tasked Huawei with developing an encryption protocol for the network, noting that the government would create its own encryption algorithm, according to the documents” this much larger stage does not absolve Huawei (it is not about that), but the fact that encryption protocols were not in existence implies a delay of at least 2-3 years to get their 3G up and running, the entire matter would have given North Korea less than 2 years to get trained to the levels required to visit the Sony Server and become an actual cyber threat. There is no realistic chance that this would be the case and again, when we consider the press visit to North Korea (somewhere in 2012) where the Dutch press learned that their high ranking escorts had no idea of what a smartphone was, that alone gives a lot more insight in the technological limitations of North Korea and its army.

There is no doubt that North Korea would love to be an actual threat, but when it cannot comprehend 3G to the degree it needs and it has no 4G, how is North Korea an actual threat? I believe that Sony was hacked by someone else, there is also enough valid intelligence to see that those people would love to do business with North Korea, yet the entire matter connected to Huawei implies that North Korea is missing several links on the chain of telecom cleverness, the reigns of the horse of innovation and the armour of progress is all rusty, heavy and useless. In this stage the North Korean cavalry might be the most advanced they had but it still does not match up what other nations have had access to from the late 1800 onwards, when you realise the difference to that degree, do you still believe that North Korea could have been the hackers?

That is seen when we look at ‘The Hill’ in 2017. There we get North Korea and the quote: “Today, when warfare can include the operational use of nuclear weapons, the cumulative consequences of underestimating “friction” could be exponentially more serious. This conclusion is true by definition and thus, thoroughly incontestable” yet when we see in a 4G world that North Korea has not even mastered 3G to the degree it needs, we see a shift of needs, needs that are all about the consultants charging their overexposed ego’s by the hour, whilst we see a lack of evidence on the abilities towards the dangers that we are seemingly exposed to. In that regard the FBI and the pentagon has played into the hands towards consultants like Randall Schriver, yet the actual evidence (implied to be) as we now see in the Washington Post gives us another picture, one that bounces against earlier accusations and speculations. March 27th, 2019 C-Span gives us the premise that China and North Korea are set together as a threat, yet the overbearing accepted evidence shows that the division sets the stage where China is 99% the threat and North Korea a mere 1%, yet together is nice to bump the budget. So far no actual or factual evidence has been shown where North Korea is an actual cyber power. As I personally see it, even the NY Times is in on it.

When we are given: Their track record is mixed, but North Korea’s army of more than 6,000 hackers is undeniably persistent, and undeniably improving, according to American and British security officials who have traced these attacks and others back to the North“, as well as “North Korean hackers tried to steal $1 billion from the New York Federal Reserve last year, only a spelling error stopped them“, and “only sheer luck enabled a 22-year-old British hacker to defuse the biggest North Korean cyber-attack to date“. when we are confronted with ‘spelling error‘ and ‘sheer luck‘ we are sold a bag of goods, the fact that North Korea is at the most about 3G, we see the lack of certain abilities. If these hackers were that good, than their abilities would have been to acquire all the technology that we have full access to and that has seemingly not happened. In any war we acquire the weapons to be an equal footing, or more advanced footing, von Clausewitz and Sun Tzu taught us that. You do not rely on the flintlock when the opposition is walking with a 7.62mm MAG. The accusation (also from the NY Times) “the country is suspected of having thousands of hackers capable of carrying out global cyber-attacks, like the recent ransomware attack in more than 150 countries” gives us that they are a large threat and this is only possible with a large established infrastructure. That is seemingly not the case so as we ponder ‘suspected‘ we see the speculated inflated danger that North Korea is, and until today, until the Washington Post gave us the article, that part was too eagerly accepted.

There is no doubt that there are hackers in North Korea, but as the technology shows, they are fighting with one hand on the back wearing a blindfold. It does not make them less dangerous, but it also implies that the events that have taken place were done by others and as such the cyber operatives trying to stop it are not merely failing, they are at present completely unaware who they are actually up against and that is the sad part of this story. after all the billions they got they are still clueless in the dark, a sad story that only came to light as the Washington Post gave us: ‘Leaked documents reveal Huawei’s secret operations to build North Korea’s wireless network‘, seemingly a 3G network no less. And even there we have no evidence at present. That part is given through: “Since then, any company to provide Panda with telecom items intended for North Korea and containing at least 10 percent U.S.-origin content without a license would be in violation of the export ban”, so not only is there a question on one side, the lack of evidence at present gives rise to a lot more issues and that makes for such a sad situation at present.

 

Leave a comment

Filed under Uncategorized