Science/Techno Babble Random, Random

All the other crazy stuff we talk about. Politics, Science, News, the Kitchen, other hobbies.
User avatar
ti-amie United States of America
Posts: 22985
Joined: Wed Dec 09, 2020 4:44 pm
Location: The Boogie Down, NY
Has thanked: 5302 times
Been thanked: 3284 times

Honorary_medal

Science/Techno Babble Random, Random

#1

Post by ti-amie »

Stop Blaming Foreigners for America’s Awful Cybersecurity

John Schindler

This week brought disturbing news of a large-scale computer hack, a mega-hack if you like, of American government and industry by a foreign state actor that’s widely assumed to be Russia. Although the full scope of the damage inflicted is yet undetermined, it will take months of investigation for that to become clear, this already appears to be one of the worst cybersecurity fails in history.

What we can say for certain is that this cyber offensive was perpetrated over months in 2020 by APT29, a Russian hacker group popularly termed Cozy Bear. Western counterintelligence deduced years ago that APT29 is really the Russian Foreign Intelligence Service, or SVR. Thus, this year’s mega-hack comes to America courtesy of the Kremlin, a fact which Secretary of State Mike Pompeo admitted yesterday with his statement, “We can say pretty clearly that it was the Russians that engaged in this activity.”

Official Washington, DC is being tight-lipped about what exactly got hit, as federal investigators survey the cyber-damage, but we know this effort was not confined to the United States. Microsoft President Brad Smith, whose firm finds itself in the middle of this online maelstrom, stated that while more than 40 of its customers were hit by APT29, and 80 percent of them are American, Microsoft has identified hacking targets in Canada, Mexico, Belgium, Spain, Britain, Israel, and the United Arab Emirates as well. Smith cautioned that the number of victims in this case is certain to rise as the investigation proceeds.


This cyber offensive runs back to a Texas-based software firm called SolarWinds. In short, SVR hackers breached that company’s Orion software, which is used by tens of thousands of private clients as well as many agencies of the U.S. and allied governments. SolarWinds was already known to possess a dodgy security record, including use of weak passwords, among other problems, which can be perhaps attributed to the fact that SolarWinds did not have a chief information security officer on staff. Suspicion has inevitably fallen on a possible insider threat as the source of the compromise, in other words a turned or compromised employee (wittingly or not) – such is often the beginning of large-scale hacking operations – but information is sketchy at present.

Regardless, SolarWinds’ security failure has brought great pain to Washington, since the federal Departments impacted here include Agriculture, Commerce, Defense, Energy, Health and Human Services, Homeland Security, State, and Treasury. Alarmingly, among individual agencies reported to be vulnerable to APT29 penetration include the National Security Agency (our most sensitive Intelligence Community agency) and the National Nuclear Security Administration (which protects our atomic research and weaponry), all of which used SolarWinds software.

What passes for the good news is that APT29 penetration here is reported to be confined to unclassified communication systems; moreover, classified Pentagon communications networks like SPIRNet and JWICS, which handle Secret and Top Secret communications, respectively, are reported to be unaffected by the SolarWinds breach. That may be cold comfort since the SVR can learn an awful lot from just reading the unclassified emails and messages of a bevy of federal agencies, while cyber-penetrations of those unclassified networks can sometimes enable access to classified ones.

In response, Washington is doing what it knows how to do, making statements, issuing warnings, gathering investigators, creating task forces, and circling the bureaucratic wagons until the full extent of the damage can be assessed. This week, the Cybersecurity and Infrastructure Security Agency issued a blunt emergency directive to start pushing back the SolarWinds breach across government and industry, while the White House stood up a Cyber Unified Coordination Group to ensure that federal agencies are cooperating adequately to ascertain, and eventually roll back, what APT29 hath wrought here. Nevertheless, it will take months, at minimum, to undo this damage, not least because the SVR presumably is watching our mitigation efforts unfold on compromised networks in real time, while counteracting them wherever the Russians can.

There can be no sugarcoating what constitutes a grave failure of cybersecurity by the United States. The rhetoric emanating from Washington over Cozy Bear’s antics is severe, even extreme. While President Donald J. Trump is being castigated for keeping mum about this debacle, high-ranking Democrats are employing sky-is-falling rhetoric about the mega-hack. Illinois Sen. Dick Durbin termed it “virtually a declaration of war by Russia on the United States,” while his Connecticut colleague Sen. Richard Blumenthal stated that a classified briefing on the hack “left me deeply alarmed, in fact downright scared.” Their slightly more measured Delaware colleague Sen. Chris Coons explained, “It's pretty hard to distinguish this from an act of aggression that rises to the level of an attack that qualifies as war. ... [T]his is as destructive and broad scale an engagement with our military systems, our intelligence systems as has happened in my lifetime.”

However, it’s already apparent that APT29’s activities, while devastating from an information security viewpoint, plus deeply embarrassing to the United States, do not constitute the “Cyber Pearl Harbor” which cybersecurity gurus have been warning about since late in the last century. Where are the exploded power grids, the opened dams, the crashed trains, the darkened hospitals? The SVR seems to have gotten that deep inside lots of sensitive computer grids and networks, what did they actually do with that power? Nothing, it seems so far.

One of those alarmist gurus is Richard Clarke, who warned about a “Cyber Pearl Harbor” for decades from various perches in Washington, and he now seems to have gotten one, or close. As he stated this week, “This is the largest espionage attack in history. This is as though the Russians got a passkey, a skeleton key for about half the locks in the country. Think about it that way. It’s 18,000 companies and government institutions scattered around the U.S. And the world. This is an espionage attack.”

Clarke’s half right. It’s definitely espionage, but as yet there’s no evidence of any actual attack. Here there’s eliding of important cyberespionage terms, and Clarke certainly knows the difference. We need to talk about CNE versus CNA. The former, Computer Network Exploitation, is really just espionage via cyber means, the reconnaissance of online systems, stealing data and establishing what those networks do. Computer Network Attack is disrupting, damaging, or even destroying computer networks and the things which connect to them. CNA is what we fear, that’s potentially a Cyber Pearl Harbor. There’s no indication, as yet, that any CNA happened with APT29 in this vast cyberespionage operation. It’s all been CNE, based on what we’ve been told so far.

That’s cold comfort, of course, since CNE can easily turn into CNA, in fact you need to execute a lot of successful CNE to enable any painful CNA, but there remains a big difference between spying on computer networks versus blowing them up. Russian cyberespionage and attack doctrine are well understood, if you bother to read about them. Moscow doesn’t view cyber as something radically new, rather as an extension of normal intelligence collection and reconnaissance practice. As communications move into the cyber realm, that’s where you need to spy, it’s that simple.


This all has the whiff of politics about it, of course, because everything in America does these days. What APT29 did in 2020 represents the most serious American cybersecurity defeat since the mega-hack of Office of Personnel Management data by Chinese intelligence, which was announced by OPM in mid-2015. That hack compromised the most sensitive personal information of tens of millions of Americans who had applied for U.S. government security clearances. Despite repeated warnings about the pressing need to take cybersecurity seriously, OPM gave Beijing the store, an intelligence loss with staggering implications for multiple federal departments and agencies. It was a severe blow to morale in what the current White House resident terms the Deep State. Obama did not publicly call out Beijing over the OPM hack, beyond a banal statement that “There are certain practices that they are engaging in, that we know are emanating from China and are not acceptable.”

It’s impossible to miss that Democrats who are declaring war on Russia over Cozy Bear’s antics were much more moderate in their criticisms of China five years ago, while Republicans who were demanding that Obama retaliate harshly against Beijing over the OPM mega-hack are generally more circumspect about what we need to do against Moscow now. Since we do not want an actual war with Russia, a country which possesses several thousand nuclear weapons and seethes with hatred for the West in general and America in particular, it would be wise to assess what really happened with APT29 in 2020 with analytical precision rather than reckless rhetoric.

Thus far, it’s evident that this was another episode in the SpyWar which we’re in with both Moscow and Beijing, and the Kremlin won this round. The SVR is more cautious in its spy operations than its “neighbors” in military intelligence, the infamously reckless GRU, and APT29 seems to have executed an impressive reconnaissance of a wide array of American and allied computer networks, private and governmental. The intelligence loss to Moscow here appears to be massive. Vladimir Putin and his cyber-Chekists have good reason to be chilling champagne over this operation.

But they only got away with it because we let them.
Just as with China’s mega-hack of OPM back in 2014, the Russians succeeded here due to America’s lackadaisical attitudes towards cybersecurity, public and private. Our enemies are competent, but our defenses are too often incompetent, which makes for a deadly combination in the SpyWar. It’s difficult to be excessively critical of private companies and their security shortcomings when the federal government itself can’t get its act together with cybersecurity. Federal agencies, even very sensitive ones, conduct only cursory inspections of private software which they place on their governmental computer networks, thus “After embedding code in widely used network management software made by a Texas company called SolarWinds, all [the SVR] had to do was wait for the agencies to download routine software updates from the trusted supplier.”

These debacles will keep happening until we get serious about security in general, cyber or otherwise. There are big obstacles to getting better. Politics remains a problem, when our political parties are only interested in security when it can be used as a cudgel to beat the other party with. In addition, Americans of all stripes have had an unserious attitude towards counterintelligence for decades, as I highlighted in my last Top Secret Umbra column. Counterintelligence and security work can be a drag: difficult, time-consuming, and sometimes downright depressing. The SpyWar never sleeps. Victories there are incremental, never total, and sometimes difficult to detect at all.

This dismissive attitude towards counterintelligence was painful enough during the last Cold War, with traitors costing us lives, battles, and uncounted treasure. However, this fundamental unseriousness about protecting secrets is seriously lethal in the online age, when every government agency is fully networked and virtually every American is walking around every waking moment carrying around an espionage device that spies on everything they do, buy, and say, while offering Internet and telephone access in exchange.

There’s also hypocrisy at play here. We lost this round of the SpyWar to the SVR, but we’re plenty active in the hush-hush cyberespionage realm ourselves. NSA is probably the world’s most skilled agency at conducting CNE while its tightly linked U.S. Cyber Command partner is among the most effective at executing CNA. Edward Snowden spilled some of those Top Secret beans to the world back in 2013, when he walked out of NSA Hawaii with over a million classified documents on his way to Moscow. Although CNA can be construed as an act of war, CNE is merely espionage in the 21st century, something which every first-class intelligence agency in the world is doing, right now, as you read this.

We must get serious about cybersecurity, not least because defeat in the SpyWar often precedes defeat in an actual war, and right now a shooting war with China looms as a serious possibility. Just as we should assume that details of Beijing’s mega-hack of the OPM were shared with Moscow, the SVR’s mega-hack of American government and industry via SolarWinds is something the Kremlin has likely shared with its friends in China. The stakes here are important and rising. It would be nice if President Trump said something meaningful about APT29’s activities, including what the U.S. government is doing to mitigate the damage while discouraging Moscow from executing further mega-hacks. It would be nicer still if Washington got serious about counterintelligence and security, cyber and otherwise, beyond mere words, before it’s too late.

https://topsecretumbra.substack.com/p/s ... r-americas
“Do not grow old, no matter how long you live. Never cease to stand like curious children before the Great Mystery into which we were born.” Albert Einstein
User avatar
ponchi101 Venezuela
Site Admin
Posts: 14722
Joined: Mon Dec 07, 2020 4:40 pm
Location: New Macondo
Has thanked: 3857 times
Been thanked: 5565 times
Contact:

Re: Techno Babble Random, Random

#2

Post by ponchi101 »

I remember the 2012 debate between Romney and Obama, when they were asked who was the greatest threat to the USA. Romney, unequivocally, said "Russia". Obama laughed him off, saying Russia was weak.
I am not saying that Romney would have been a better president, but on that aspect, he was right.
Ego figere omnia et scio supellectilem
User avatar
ti-amie United States of America
Posts: 22985
Joined: Wed Dec 09, 2020 4:44 pm
Location: The Boogie Down, NY
Has thanked: 5302 times
Been thanked: 3284 times

Honorary_medal

Re: Techno Babble Random, Random

#3

Post by ti-amie »

Microsoft says Russians hacked its network, viewing source code

By
Ellen Nakashima
Dec. 31, 2020 at 2:11 p.m. EST

Russian government hackers engaged in a sweeping series of breaches of government and private-sector networks have been able to penetrate deeper into Microsoft’s systems than previously known, gaining access to potentially valuable source code, the tech giant said Thursday.

The firm previously acknowledged that it had inadvertently downloaded a software patch used by Russian cyber spies as a potential “back door” into victims’ systems. But it was not known that the hackers had viewed the firm’s source code, or the crucial DNA of potentially valuable, proprietary software.

Microsoft, however, did not specify what type of source code was accessed.

“We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories,” the firm said in a blog posthttps://msrc-blog.microsoft.com/2020/12 ... on-update/.

The hackers did not have permissions to modify any code or engineering systems, Microsoft said, adding “our investigation further confirmed no changes were made. These accounts were investigated and remediated.”

The Redmond, Wash.-based company said it has found no evidence of access to production services or customer data. It said its investigation also found no indications that its systems have been used to attack others.

However, some of its cloud customers have been hacked through a third-party partner that handles the firm’s cloud-access services, The Washington Post reported last week.

Microsoft has said it was the first to alert several U.S. government agencies in recent weeks to the fact they had been compromised.

This is a developing story and will be updated.

https://www.washingtonpost.com/national ... story.html
“Do not grow old, no matter how long you live. Never cease to stand like curious children before the Great Mystery into which we were born.” Albert Einstein
User avatar
ponchi101 Venezuela
Site Admin
Posts: 14722
Joined: Mon Dec 07, 2020 4:40 pm
Location: New Macondo
Has thanked: 3857 times
Been thanked: 5565 times
Contact:

Re: Techno Babble Random, Random

#4

Post by ponchi101 »

And here I can quote myself, just two posts further up.
What else must Vlad do for the rest of the world to wake up?
Ego figere omnia et scio supellectilem
User avatar
ti-amie United States of America
Posts: 22985
Joined: Wed Dec 09, 2020 4:44 pm
Location: The Boogie Down, NY
Has thanked: 5302 times
Been thanked: 3284 times

Honorary_medal

Re: Techno Babble Random, Random

#5

Post by ti-amie »




“Do not grow old, no matter how long you live. Never cease to stand like curious children before the Great Mystery into which we were born.” Albert Einstein
User avatar
JazzNU United States of America
Posts: 6655
Joined: Sun Jan 03, 2021 6:57 pm
Location: Pennsylvania
Has thanked: 2786 times
Been thanked: 2374 times

Re: Techno Babble Random, Random

#6

Post by JazzNU »

Parler looks like they may land with Epik. Epik has hosted a lot of far right wing stuff, so that makes sense. They host Gab. But I don't think they host the Chans anymore, think they dropped them following some violent attack, so it'll be interesting to se if they are truly going to take on the risk and for how long. I think they Gab may be in danger before long too as more will move there if Parler is down too long. I'm not sure, but I don't believe any of the previous sites Epik hosted will get nearly as much attention or heat as Parler would.
User avatar
ti-amie United States of America
Posts: 22985
Joined: Wed Dec 09, 2020 4:44 pm
Location: The Boogie Down, NY
Has thanked: 5302 times
Been thanked: 3284 times

Honorary_medal

Re: Techno Babble Random, Random

#7

Post by ti-amie »

A bit of navel gazing by @jack, the man behind Twitter

I do not celebrate or feel pride in our having to ban @realDonaldTrump from Twitter, or how we got here. After a clear warning we’d take this action, we made a decision with the best information we had based on threats to physical safety both on and off Twitter. Was this correct?

I believe this was the right decision for Twitter. We faced an extraordinary and untenable circumstance, forcing us to focus all of our actions on public safety. Offline harm as a result of online speech is demonstrably real, and what drives our policy and enforcement above all.

That said, having to ban an account has real and significant ramifications. While there are clear and obvious exceptions, I feel a ban is a failure of ours ultimately to promote healthy conversation. And a time for us to reflect on our operations and the environment around us.

Having to take these actions fragment the public conversation. They divide us. They limit the potential for clarification, redemption, and learning. And sets a precedent I feel is dangerous: the power an individual or corporation has over a part of the global public conversation.

The check and accountability on this power has always been the fact that a service like Twitter is one small part of the larger public conversation happening across the internet. If folks do not agree with our rules and enforcement, they can simply go to another internet service.

This concept was challenged last week when a number of foundational internet tool providers also decided not to host what they found dangerous. I do not believe this was coordinated. More likely: companies came to their own conclusions or were emboldened by the actions of others.

This moment in time might call for this dynamic, but over the long term it will be destructive to the noble purpose and ideals of the open internet. A company making a business decision to moderate itself is different from a government removing access, yet can feel much the same.

Yes, we all need to look critically at inconsistencies of our policy and enforcement. Yes, we need to look at how our service might incentivize distraction and harm. Yes, we need more transparency in our moderation operations. All this can’t erode a free and open global internet.

The reason I have so much passion for #Bitcoin is largely because of the model it demonstrates: a foundational internet technology that is not controlled or influenced by any single individual or entity. This is what the internet wants to be, and over time, more of it will be.

We are trying to do our part by funding an initiative around an open decentralized standard for social media. Our goal is to be a client of that standard for the public conversation layer of the internet. We call it @bluesky:

This will take time to build. We are in the process of interviewing and hiring folks, looking at both starting a standard from scratch or contributing to something that already exists. No matter the ultimate direction, we will do this work completely through public transparency.

It’s important that we acknowledge this is a time of great uncertainty and struggle for so many around the world. Our goal in this moment is to disarm as much as we can, and ensure we are all building towards a greater common understanding, and a more peaceful existence on earth.

I believe the internet and global public conversation is our best and most relevant method of achieving this. I also recognize it does not feel that way today. Everything we learn in this moment will better our effort, and push us to be what we are: one humanity working together.

• • •

https://threadreaderapp.com/thread/1349 ... 50690.html
“Do not grow old, no matter how long you live. Never cease to stand like curious children before the Great Mystery into which we were born.” Albert Einstein
User avatar
ti-amie United States of America
Posts: 22985
Joined: Wed Dec 09, 2020 4:44 pm
Location: The Boogie Down, NY
Has thanked: 5302 times
Been thanked: 3284 times

Honorary_medal

Re: Techno Babble Random, Random

#8

Post by ti-amie »



Adam Sculthorpe
@AdamSculthorpe
Parler website is back up.

With a DDos-Guard IP, exactly as I predicted the day it went offline. DDoS Guard is the Russian equivalent of CloudFlare, and runs many shady sites.

RiTM (Russia in the middle) is one way to think about it.

“Do not grow old, no matter how long you live. Never cease to stand like curious children before the Great Mystery into which we were born.” Albert Einstein
User avatar
JazzNU United States of America
Posts: 6655
Joined: Sun Jan 03, 2021 6:57 pm
Location: Pennsylvania
Has thanked: 2786 times
Been thanked: 2374 times

Re: Techno Babble Random, Random

#9

Post by JazzNU »

Did I call it or what? That's basically the route that the Chan sites took but not as swiftly despite the heinous stuff on there. Epik's corporate office is here though, they are still subject to US laws. They've been pressed before, but not like this. Guess we'll see how lucrative this is for them or if the liability ends up being too steep.
User avatar
JazzNU United States of America
Posts: 6655
Joined: Sun Jan 03, 2021 6:57 pm
Location: Pennsylvania
Has thanked: 2786 times
Been thanked: 2374 times

Re: Techno Babble Random, Random

#10

Post by JazzNU »

User avatar
ti-amie United States of America
Posts: 22985
Joined: Wed Dec 09, 2020 4:44 pm
Location: The Boogie Down, NY
Has thanked: 5302 times
Been thanked: 3284 times

Honorary_medal

Re: Techno Babble Random, Random

#11

Post by ti-amie »

Imagine if they'd banned him as soon as he refused to use the official @POTUS account.
“Do not grow old, no matter how long you live. Never cease to stand like curious children before the Great Mystery into which we were born.” Albert Einstein
User avatar
ponchi101 Venezuela
Site Admin
Posts: 14722
Joined: Mon Dec 07, 2020 4:40 pm
Location: New Macondo
Has thanked: 3857 times
Been thanked: 5565 times
Contact:

Re: Techno Babble Random, Random

#12

Post by ponchi101 »

I will put this here for a change of pace, and because it is a nice story which is ending well.
baby.jpg
This little creature is my grand-niece. My niece had the unfortune of having a severe hypertension event while pregnant, and the pregnancy had to be interrupted: it was either both of them dead, or a chance for my niece and her daughter. This happened at 5 MONTHS 3 WEEKS into the term. So, on Thanksgiving day, we had to go through that, and the obvious possibility that little Grace here (that is her name) would not live.
I will not post some of the other photos. She was so small (410 grams) and so premature that she still had not skin pigmentation. My sister, a doctor, got some other shots in which she could see the baby's intestines, as her skin had not fully formed and, again, was basically transparent. But this is where science entered. She of course went into neo-natal care, and has been supported now for almost two months there, growing. She is still a minuscule creature, but is seems that she will pull through. She was initially being fed via a tube, and had a full tube feeding her air/oxygen. Those have been removed and now she can breath with an assistance of solely oxygen, delivered by medical "moustaches" (surprisingly, that is how they call them). She recently broke the two pounds threshold, a very good sign.
CT scans show no abnormalities and her brain seems to be totally unscathed by the ordeal. More testing show that her eyes are not affected (it seems to be a very common problem in premmies) but that still is a possibility. More tests await.
We understand that she will never be "totally normal"; she will, most certainly, never play basketball like a pro (expected; my niece is tiny) and my plans for her to play aggressive serve-and-volley tennis may be curtailed to a strong, counterpunching baseliner that will tell her opponents "I was born at 5.75 months. What's YOUR story?", but, in all, a very scary event may end up not as a tragedy.
Science, science, science. The progress in this matter is absolutely impressive. Had this happened as little as 10 years ago, this little girl would not have made it. She is truly on the threshold of possibility.
Now, I need somebody to help me with her forehand (in about 8 years; that is my weak side).
A bit longer of a story than I thought. But it makes me happy, and felt like sharing. Obviously, I wish this on nobody. But is it happens, it is no longer a lost cause.
Off Topic
When my nephew-in-law said that this was thanks to the Virgin of Guadalupe (he is devout to her) I did bite my tongue. But I still wonder if I should charge him for the stitches. Damn, did I grow up? Mommy?
You do not have the required permissions to view the files attached to this post.
Ego figere omnia et scio supellectilem
User avatar
ti-amie United States of America
Posts: 22985
Joined: Wed Dec 09, 2020 4:44 pm
Location: The Boogie Down, NY
Has thanked: 5302 times
Been thanked: 3284 times

Honorary_medal

Re: Techno Babble Random, Random

#13

Post by ti-amie »

“Do not grow old, no matter how long you live. Never cease to stand like curious children before the Great Mystery into which we were born.” Albert Einstein
User avatar
JazzNU United States of America
Posts: 6655
Joined: Sun Jan 03, 2021 6:57 pm
Location: Pennsylvania
Has thanked: 2786 times
Been thanked: 2374 times

Re: Techno Babble Random, Random

#14

Post by JazzNU »

ti-amie wrote: Tue Jan 26, 2021 5:54 pm

Oh I am aware. Driving me crazy. Not gonna be a productive day!
User avatar
ti-amie United States of America
Posts: 22985
Joined: Wed Dec 09, 2020 4:44 pm
Location: The Boogie Down, NY
Has thanked: 5302 times
Been thanked: 3284 times

Honorary_medal

Re: Techno Babble Random, Random

#15

Post by ti-amie »




“Do not grow old, no matter how long you live. Never cease to stand like curious children before the Great Mystery into which we were born.” Albert Einstein
Post Reply

Who is online

Users browsing this forum: No registered users and 6 guests