Cyberwars

24 March 2011 Last updated at 07:18 ET

Iran accused in 'dire' net security attack

Hackers in Iran have been accused of trying to subvert one of the net's key security systems.

Analysis in the wake of the thwarted attack suggests it originated and was co-ordinated via servers in Iran.

If it had succeeded, the attackers would have been able to pass themselves off as web giants Google, Yahoo, Skype, Mozilla and Microsoft. The impersonation would have let attackers trick web users into thinking they were accessing the real service.

Fake identity

The attack was mounted on the widely used online security system known as the Secure Sockets Layer or SSL.

This acts as a guarantee of identity so users can be confident that the site they are visiting is who it claims to be. The guarantee of identity is in the form of a digital passport known as a certificate.

Analysis of the attack reveals that someone got access to the computer systems of one firm that issue certificates. This allowed them to issue bogus certificates that, if they had been used, would have let them impersonate any one of several big net firms.

It appears that the attackers targeted the SSL certificates of several specific net communication services such as Gmail and Skype as well as other popular sites such as Microsoft Live, Yahoo and the Firefox browser.

SSL certificate issuer Comodo published an analysis of the attack which was carried out via the computer systems of one of its regional affiliates.

It said the attack exhibited "clinical accuracy" and that, along with other facets of the attack led it to one conclusion: "this was likely to be a state-driven attack."

It is thought it was carried out by the Iranian authorities to step up scrutiny of opposition groups in the country that use the web to co-ordinate their activity.

The bogus certificates have now been revoked and Comodo said it was looking into ways of improving security at its affiliates. Browsers have also been updated so anyone visiting a site whose credentials are guaranteed by the bogus certificates will be warned.

Writing on the blog of digital rights lobby group the Electronic Frontier Foundation, Peter Eckersley, said the attack posed a "dire risk to internet security".

"The incident got close to — but was not quite — an internet-wide security meltdown," he said.

"We urgently need to start reinforcing the system that is currently used to authenticate and identify secure websites and e-mail systems," said Mr Eckersley.

http://www.bbc.co.uk/news/technology-12847072

4 March 2011 Last updated at 11:55 ET

US and Israel were behind Stuxnet claims researcher

Israel and the United States created the Stuxnet worm to sabotage Iran's nuclear programme, a leading security expert has claimed.

Ralph Langner told a conference in California that the malicious software was designed to cripple systems that could help build an Iranian bomb.

Mr Langner was one of the first researchers to show how Stuxnet could take control of industrial equipment.

It is widely believed that its target was machinery used to enrich uranium.

Speaking at the TED conference in Long Beach, California, Mr Langner said: "My opinion is that Mossad [israel's intelligence agency] is involved."

However he speculated that Israel was not the main driver behind the creation of Stuxnet.

"There is only one leading source, and that is the United States," said Mr Langner.

In a recent report on Stuxnet, the security firm Symantec said that it would have taken a team of between five and 10 developers, six months to create the worm.

Mr Langner said that the project would have required "inside information", so detailed that "they probably knew the shoe size of the operator."

Stuxnet first came to light in July 2010. Nearly 60% of reported infections were inside Iran.

Damaging centrifuges

The worm targets industrial control systems, known as programmable logic controllers (PLCs), made by Siemens.

While PLCs are used to control a wide variety of automated systems, it is believed that it was those inside Iran's nuclear facilities that were the intended target.

Analysts who have examined the Stuxnet code say it could have been used to damage centrifuges which play a crucial role in the process of enriching uranium for both nuclear power and weapons.

The United States and Israel have led an international campaign to halt Iran's nuclear programme, however there is no hard evidence to link either country to the creation of Stuxnet.

Earlier in the week Iran's Interior Ministry denied that Stuxnet had been responsible for a shutdown at the country's Bushehr nuclear reactor.

A report by the International Atomic Energy Agency showed that Russian engineers working at the plant had removed 163 fuel rods.

Iranian sources said that the action was taken as a result of problems with the rods, rather than Stuxnet.

http://www.bbc.co.uk/news/technology-12633240

16 February 2011 Last updated at 04:21 ET

Cyber war threat exaggerated claims security expert

By Maggie Shiels Technology reporter, BBC News, Silicon Valley

The threat of cyber warfare is greatly exaggerated, according to a leading security expert.

Bruce Schneier claims that emotive rhetoric around the term does not match the reality.

He warned that using sensational phrases such as "cyber armageddon" only inflames the situation.

Mr Schneier, who is chief security officer for BT, is due to address the RSA security conference in San Francisco this week

Speaking ahead of the event, he told BBC News that there was a power struggle going on, involving a "battle of metaphors".

He suggested that the notion of a cyber war was based on several high-profile incidents from recent years.

They include blackouts in Brazil in 1998, attacks by China on Google in 2009 and the Stuxnet virus that attacked Iran's nuclear facilities.

He also pointed to the fallout from Wikileaks and the hacking of Republican vice-presidential candidate Sarah Palin's e-mail.

"What we are seeing is not cyber war but an increasing use of war-like tactics and that is what is confusing us.

"We don't have good definitions of what cyber war is, what it looks like and how to fight it," said Mr Schneier.

Sarah Palin Casualty of war? Attacks such as Sarah Palin's e-mail hack have been lumped into the debate

His point of view was backed by Howard Schmidt, cyber security co-ordinator for the White House.

"We really need to define this word because words do matter," said Mr Schmidt.

"Cyber war is a turbo metaphor that does not address the issues we are looking at like cyber espionage, cyber crime, identity theft, credit card fraud.

"When you look at the conflict environment - military to military - command and control is always part of the thing.

"Don't make it something that it is not," Mr Schmidt told a small group of reporters on the opening day of the conference.

A report last month by the Organisation for Economic Cooperation and Development also concluded that the vast majority of hi-tech attacks, described as acts of cyber war, do not deserve the name.

Christo an I have been talking about Stux for a minute. Israel was always suspect and then that general came out and claimed responsibility at his retirement party. It's posted in the Stux thread in here somewhere.

As for Schneier...hmm. The guy knows what he's talking about, but he's downplaying what is happening.

Comodo Hackers Manifesto

http://erratasec.blogspot.com/2011/03/comodo-hacker-releases-his-manifesto.html

hmm, maybe i shouldn't have started a new thread about this then., i hadn't noticed one sorta already existed.

i'll admit, i have to read up on this. not really my area

thoughts on a merge anyone?

I'm game, there's a few threads about this stuff.

One thing I was interested in when it was happening was when China got caught hacking Google and Google responded by getting rid of censored searches within China...here's part of the story as it was related on Slashdot-

http://yro.slashdot.org/story/10/01/12/2329231/Google-Hacked-May-Pull-Out-of-China

It made me realize Google has a sense of....something, maybe not exactly humor but more like "Oh really? You're gonna hack our servers? Well, check this out."

At any rate, they weren't afraid to tell the world's most populous nation to go fuck itself (indirectly or otherwise).

Contrary to what a lot of people on 12 oz think, I'm more of a hardware geek and not so much a hacker/cracker but that side of tech definitely interests me.

hmm, maybe i shouldn't have started a new thread about this then., i hadn't noticed one sorta already existed.

 

i'll admit, i have to read up on this. not really my area

 

 

thoughts on a merge anyone?

Nah, please keep this one up. It's more generalized. The other was specific to Stux.

In the last few weeks ever since the Jazz-men demonstrations started here Gmail has basically been retarded (in the real sense of the word) and VPNs disabled with IP blocks.

The internet as a whole is super fucking slow and so much shit is blocked here right now.

Difficult place just got more difficult.

In the last few weeks ever since the Jazz-men demonstrations started here Gmail has basically been retarded (in the real sense of the word) and VPNs disabled with IP blocks.

 

The internet as a whole is super fucking slow and so much shit is blocked here right now.

 

Difficult place just got more difficult.

Hope it doesn't affect your porn browsing. That'd be criminal.

fuckin bummer.

it'll prolly happen here eventually. they are already talking caps on usage, plus the whole coica thing.

sucks.

i did enjoy google's response to china, but after seeing them try to merge with myriad companies i'm not so sure they'll keep with their don't be evil mantra

i really wish i knew more about the hacker cracker stuff.

Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon

TOR Made for USG Open Source Spying Says Maker

http://cryptome.org/0003/tor-spy.htm

This is why I use peerblock in conjunction with Tor. Blocks those

nasty assholes.

Iran says it has detected second cyber attack

http://www.reuters.com/article/2011/04/25/us-iran-computer-virus-idUSTRE73O1OL20110425

i really wish i knew more about the hacker cracker stuff.

I have some ebooks that are entry level hacker/cracker related...PM me if you want to check them out.

if i could hack id be rich

That's not really what hacking is about. Spam is where the money is and there's not much to that- it's just a numbers game where the more you have out there the better your chances are of making something...and more often than not your return involves pennies accruing over a period of time, which increases your exposure.

i used to mess with this site years ago.

hackthissite.org

TECHNOLOGYMAY 31, 2011

Cyber Combat: Act of War

Pentagon Sets Stage for U.S. to Respond to Computer Sabotage With Military Force

WASHINGTON—The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.

http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html

Good luck, I'm behind 7proxies.

LulzSec versus FBI (we challenge you, NATO!)

Donate BitCoins for more lulz: 176LRX4WRWD5LWDMbhr94ptb2MW9varCZP

## DOWNLOAD LINKS LOCATED AT THE BOTTOM ##

. /$$ /$$ /$$$$$$

.| $$ | $$ /$$__ $$

.| $$ /$$ /$$| $$ /$$$$$$$$| $$ \__/ /$$$$$$ /$$$$$$$

.| $$ | $$ | $$| $$|____ /$$/| $$$$$$ /$$__ $$ /$$_____/

.| $$ | $$ | $$| $$ /$$$$/ \____ $$| $$$$$$$$| $$

.| $$ | $$ | $$| $$ /$$__/ /$$ \ $$| $$_____/| $$

.| $$$$$$$$| $$$$$$/| $$ /$$$$$$$$| $$$$$$/| $$$$$$$| $$$$$$.$

.|________/ \______/ |__/|________/ \______/ \_______/ \_______/

//Laughing at your security since 2011!

.-- .-""-.

. ) ( )

. ( ) (

. / )

. (_ _) 0_,-.__

. (_ )_ |_.-._/

. ( ) |lulz..\

. (__) |__--_/

. |'' ``\ |

. | [Lulz] \ | /b/

. | \ ,,,---===?A`\ | ,==y'

. ___,,,,,---==""\ |M] \ | ;|\ |>

. _ _ \ ___,|H,,---==""""bno,

. o O (_) (_) \ / _ AWAW/

. / _(+)_ dMM/

. \@_,,,,,,---==" \ \\|// MW/

.--''''" === d/

. // SET SAIL FOR FAIL!

. ,'_________________________

. \ \ \ \ ,/~~~~~~~~~~~~~~~~~~~~~~~~~~~

. _____ ,' ~~~ .-""-.~~~~~~ .-""-.

. .-""-. ///==--- /`-._ ..-' -.__..-'

. `-.__..-' =====\\\\\\ V/ .---\.

. ~~~~~~~~~~~~, _',--/_.\ .-""-.

. .-""-.___` -- \| -.__..-

Dear Internets,

It has come to our unfortunate attention that NATO and our good friend Barrack

Osama-Llama 24th-century Obama have recently upped the stakes with regard to hacking.

They now treat hacking as an act of war. So, we just hacked an FBI affiliated website

(Infragard, specifically the Atlanta chapter) and leaked its user base. We also took

complete control over the site and defaced it, check it out if it's still up: http://infragardatlanta.org/

While not very many logins (around 180), we'd like to take the time to point out that all

of them are affiliated with the FBI in some way. Most of them reuse their passwords in other places,

which is heavily frowned upon in the FBI/Infragard handbook and generally everywhere else too.

One of them, Karim Hijazi, used his Infragard password for his personal gmail, and the gmail of

the company he owns. "Unveillance", a whitehat company that specializes in data breaches and botnets,

was compromised because of Karim's incompetence. We stole all of his personal emails and his company

emails. We also briefly took over, among other things, their servers and their botnet control panel.

After doing so, we contacted Karim and told him what we did. After a few discussions, he offered to

pay us to eliminate his competitors through illegal hacking means in return for our silence. Karim,

a member of an FBI-related website, was willing to give us money and inside info in order to destroy

his opponents in the whitehat world. We even discussed plans for him to give us insider botnet information.

Naturally we were just stringing him along to further expose the corruption of whitehats.

Please find enclosed Karim's full contact details and a log of him talking to us through IRC.

Also, enjoy 924 of his internal company emails - we have his personal gmail too, unreleased.

We call upon journalists and other writers to delve through the emails carefully, as we have

uncovered an operation orchestrated by Unveillance and others to control and assess Libyan

cyberspace through malicious means: the U.S. government is funding the CSFI to attack Libya's

cyber infrastructure. You will find the emails of all 23 people involved in the emails.

Unveillance was also involved in a scheme where they paid an Indian registrar $2000 to

receive 100 domains a month that may be deemed as botnet C&Cs. Shameful ploys by supposed "whitehats".

We accept your threats, NATO. Game on, losers.

Now we are all sons of bitches,

Lulz Security

## YOU HAVE SKIPPED OR READ THE PRETENTIOUS BORING MESSAGE AND ARE NOW ACQUIRING LULZ ##

won't post links to emails. You can find them if you want.

I never really saw this thread. When east timor was fighting for independence and going to a vote and all that. There were cyber attacks on indonesian government servers and shit. I dont know the exact details off the top of my head or scientific explanation but i had to write a policy paper on telecommunications there years ago.....if i can find my old papers works cited page ill link some info on it later.

Look forward to reading them.

I.M.F. Reports Cyberattack Led to ‘Very Major Breach’

WASHINGTON — The International Monetary Fund, still struggling to find a new leader after the arrest of its managing director last month in New York, was hit recently by what computer experts describe as a large and sophisticated cyberattack whose dimensions are still unknown.

The fund, which manages financial crises around the world and is the repository of highly confidential information about the fiscal condition of many nations, told its staff and its board of directors about the attack on Wednesday. But it did not make a public announcement.

Several senior officials with knowledge of the attack said it was both sophisticated and serious. “This was a very major breach,” said one official, who said that it had occurred over the last several months, even before Dominique Strauss-Kahn, the French politician who ran the fund, was arrested on charges of sexually assaulting a chamber maid in a New York hotel.

Asked about the reports of the computer attack late Friday, a spokesman for the fund, David Hawley, declined to provide details or talk about the scope or nature of the intrusion. “We are investigating an incident, and the fund is fully functional,” he said.

Because the fund has been at the center of economic bailout programs for Portugal, Greece and Ireland — and possesses sensitive data on other countries that may be on the brink of crisis — its database contains potentially market-moving information. It also includes communications with national leaders as they negotiate, often behind the scenes, on the terms of international bailouts. Those agreements are, in the words of one fund official, “political dynamite in many countries.” It was unclear what information the attackers were able to access.

The concern about the attack was so significant that the World Bank, an international agency focused on economic development, whose headquarters is across the street from the I.M.F. in downtown Washington, cut the computer link that allows the two institutions to share information.

A World Bank spokesman said the step had been taken out of “an abundance of caution” until the severity and nature of the cyberattack on the I.M.F. is understood. That link enables the two institutions to share nonpublic data and conduct meetings, but users of the system say that it does not permit access to confidential financial data.

Companies and public institutions are often hesitant to describe publicly the nature or success of attacks on their computer systems, partly for fear of providing information that would be useful to the individuals or countries mounting the efforts. Even so, Google has recently been aggressive in announcing attacks and, in one recent case, of declaring that its origin was China, an accusation the Chinese government quickly denied.

But in the case of the I.M.F., officials declined to say where they believe the attack originated — a delicate subject because most nations are members of the fund.

The attacks were likely to have been made possible by a technique known as “spear phishing,” in which an individual is fooled into clicking on a malicious Web link or running a program that allows open access to the recipient’s network. It is also possible that the attack was less specific, a case in which an intruder was testing the system merely to see what was available.

The fund said that it did not believe that the intrusion into its systems was related to a sophisticated digital break-in at RSA Security that took place in March, which compromised some information that companies and governments use to control access to their most sensitive computer systems. RSA notified its clients of the loss of its data, and last month hackers attempted to use the information stolen from RSA to gain access to computers and networks at the Lockheed Martin Corporation, the nation’s largest military contractor.

After that attack, the World Bank briefly shut down external access to its most sensitive systems, for fear that the stolen information could make it a target. But it quickly resumed its normal operations and says it has seen no evidence of any attacks.

David E. Sanger reported from Washington, and John Markoff from San Francisco.

http://www.nytimes.com/2011/06/12/world/12imf.html?_r=1

supp00s3d1y an0n is gwon to a44ack nat0

supposedly.

Here are some links to articles that talk about timors independence and the role the internet played

http://www.pressreference.com/Co-Fa/East-Timor.html

Personally i take online sources as......well with a grain of salt. Anyone can make shit up. This link has a list of book sources that if your intrigued you could peep.

This is a periodical

You can peep it but you cant really read it without paying or i got it through my university email

http://www.jstor.org/pss/3351468

This talks a lot about maritime borders and telecommunications.

Not really a cyberattack but the reality is people dont really give a fuck and p3ople care less when they can steal your maritime borders and resources and also wipe out access to your nonviolent weapon...telecommunications

http://www.easttimorgovernment.com/economy.htm

Right now lulzsec and /b/ are about to go at it. Something very interesting is happening and most are completely unaware.

We are the concentrated success of 2005 /b/, being "hunted" by the 2011 furry horde. Challenge accepted, losers. :D about 4 hours ago via web

Just saw a thread on /b/ where they're trying to hunt us: you /b/tards realize that we are everything you've ever tried to be? Damn furries.

http://twitter.com/LulzSec?_escaped_fragment_=/LulzSec/#!/LulzSec/

I can't believe these guys are being so communicative. Will update. This is the cyberwar happening right in front of our eyes. Probably the beginning of the end of freedom on the internet.

Anonymous members arrested in Turkey

http://www.bbc.co.uk/news/technology-13762626

boobs were shown. spectacular show,

Lulzsec just took down cia.gov.

popcorn aborted. This is getting fucked up.

http://twitter.com/LulzSec/statuses/81115804636155906?_escaped_fragment_=/LulzSec/status/81115804636155906#!/LulzSec/status/81115804636155906

Adrian Fucking Lamo owns the lulzsec site. CIA all the way.

Fucker.

Eat1ng p0pc0rn,,,, Th15 15 gett1ng 1ntere5t1ng.