5/15/17: CYBERHEX
CYBERHEX
MONOLOGUE WRITTEN BY CLYDE LEWIS
A massive ransomware worm shut down computers all over the world over the weekend, in part by appropriating a National Security Agency exploit that the mysterious group called, Shadow Brokers, released to the public last month.
The WannaCry, ransomware program, also known as WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor, and others similar, began with infecting one computer on Friday, until infecting all others in a local area network.
The ransomware encrypts infected computer’s hard disk drive, then attempts to gain access so it can further spread on random computers connected to the internet via TCP port 445.
The virus encrypts user files and demands a ransom in Bitcoin to release them. Microsoft’s management has made it clear that the virus originated from the NSA.
Organizations affected were FedEx, National Health Service hospitals in the UK, Nissan Motor Manufacturing UK in Tyne and Wear, Renault, Russia’s Ministry of Internal Affairs, Russian Railways and MegaFon, Romania’s Ministry of Foreign Affairs, Telenor Hungary, German railway company Deutsche Bahn, Telefónica and several other large companies in Spain, several parts of the European Union, Brazil’s São Paulo Court of Justice and Vivo, China’s PetroChina and Public Security Bureaus, India’s Andhra Pradesh Police, Indonesia’s Dharmais and Harapan Kita hospital, and many others.
It is not surprising how this event took place only weeks after a major power outage on both the west and east coast of the United States(in the cities of San Francisco, Los Angeles, and New York), days after recovery drills involving Operation Gotham Shield in New York, days after the recent cyber attack Executive Order signed by President Trump, and moments after finance ministers from the G7 group of leading industrial countries had been meeting the exact same time to discuss the potential “threat” of cyber attacks.
Microsoft, released a patch for its no longer supported Windows XP operating system to prevent computers still running it from being infected. The tech company patched vulnerability in its newer supported software last month after the leak was made public, but operating systems that were not updated are still vulnerable.
As much as our government wants to track down and arrest Julian Assange, he warned of cyber vulnerabilities that have been stored by the intelligence agencies – to use as shut down tools. They can be compared to internet weapons of mass destruction set aside for an internet kill switch whenever they feel draconian measures are necessary.
The NSA, in conjunction with telecommunications companies, has built a system that can reach deep into the U.S. Internet backbone and cover 75% of traffic in the country, including not only metadata but the content of online communications. The report also explains how the NSA relies on probabilities, algorithms and filtering techniques to sift through the data and find information related to foreign intelligence investigations.”
Now with this in mind, we have to once again bring up the chilling reminder that with this much power in the hands of the few, comes the dark reality of heavy-handed regulation of the Internet and in some cases, switching it off in order to silence or curtail communication.
The idea of an internet kill switch has always been a feared and tangible government option when there are debates over cyber security measures and the possibility of an internet attack. Although legalese allowing the President to flip a figurative kill switch to shut down parts of the Internet have been removed from the cyber security debate, this does exclude the possibility that the government can’t get the word from the president to shut down or take over communications systems including the internet.
Many internet experts have assured us that it would be virtually impossible for the governments of the United States and Europe to completely shut down the entire net.
This doesn’t mean that governments aren’t seeking ways to find communication system overrides in case of national emergencies.
There were 81 government planned internet disruptions across 19 countries totaling 753 days according to Brookings Institute from July 2015 to June 2016.
Several African countries shut down social media. These countries include Republic of Congo, Ethiopia, Uganda, Burundi, Chad, Mali, Algeria, The Gambia and Zimbabwe during elections or social unrest. Ethiopia and Algeria closed social media during final exams at the universities.
The shutdowns usually involve the government sending a letter instructing telcos and mobile operators to completely cutoff internet access. Recently, some of the shutdowns have become more surgically precise targeting only specific social media. Influence” conspiracy theory spun to provide a reason for the defeat of Hillary Clinton in the 2016 election.
The Arab Spring showed us the potential of social media to mobilize people. Thousands of people would appear at a location out of thin air after a social media post. And, they could move from location to location after postings.
There have been proposals to shut down social media during elections all over the world – even here in the United States.
Draconian measures like these indicate governments are now becoming more and more unstable.
Microsoft President and Chief Legal Officer Brad Smith, stated that “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem.”
“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage” Smith wrote, adding that an “an equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.”
Isn’t this a perfect example of hypocrisy?
Microsoft is playing like they are all up above this treachery after a history of helping US intelligence services by enabling backdoors for them in the first place.
The internet was the brain child of CERN and DARPA and throughout history, we have heard of scandals of back door cyber frauds from INSLAW to STUXNET.
While the mainstream narrative can continue ingratiate itself over the whole Russian hacking story – this story has enough complexity to demonstrate that “U.S. hacking” tools, are far more detrimental than an email phishing scheme which apparently duped John Podesta, are put on public display for all to see.
The media continues the outrage about this conspiracy theory, Vladimir Putin is laughing at us.
Putin said intelligence services should beware of creating software that can later be used for malicious means after researchers said this weekend’s WannaCry attacks exploited a hacking tool built by the US National Security Agency.
As regards the source of these threats, Putin believes that the leadership of Microsoft have announced this plainly, that the initial source of the virus is the intelligence services of the United States.
“Once they’re let out of the lamp, genies of this kind, especially those created by intelligence services, can later do damage to their authors and creators,” he told reporters in Beijing.
This attack is more of an attempt at extortion more so than a hack.
The extortion scheme has hit 150 countries including the US, Britain, Russia, China, Germany and France, and could wreak even greater havoc as more malicious variations appear.
What strikes me as suspicious that the so-called “Shadow Brokers” asked for their ransom to be paid in Bitcoin. The block screen contained three Bitcoin payment addresses that are hard-coded into the malware.
The total ransom figure is still increasing. The ransom is set to double after a few days and the malware threatens to permanently lock victims out of their data after seven days. We could simply be in a holding pattern while victims are scrambling to figure out if there’s another way to recover their data.
Windows computers that are running vista or higher were not vulnerable to the attack, however many networks have been slowed down by the whole mess.
I think the reason for this attack is obvious – the NSA wants to bust the anonymity of Bitcoin and the corporate technocrats want people to update their computers so they can install more spyware in the backdoors.
Until recently, gold has widely been regarded as a safe haven asset, which by definition means an investment that retains or increases its value amidst market turbulence and economic certainty, over time. In the past seven years, gold hasn’t met either of the two descriptions. Gold has failed to sustain its value over a seven-year period and has failed to see an increase in its value. Thus, whether gold can still be considered as a safe haven asset is quite unclear.
Bitcoin, however, has significantly outperformed the Japanese yen, Canadian dollar, Euro, Silver, Gold, US Dollar, bonds, global stocks, US real estate and US stocks.
Naturally, its decentralized nature, high liquidity and transportability began to appeal to a wide range of investors seeking for alternative assets to protect their wealth with a long-term investment.
Gold spot prices at the moment are at $1,231.90 — Bitcoin is now at $1,748.00.
Bitcoin’s attributes consist of the block-chain system, partial anonymity, and overall system integrity are raising the questions over whether or not this is the way tomorrows government issued currency will work and how we will be able to get our money in the future.
While there are detractors to the idea of cryptocurrency there has to be a more secure way of doing e-commerce that doesn’t include exposing credit card numbers and personal information. The markets are learning and improving. Hardware devices are appearing to make transactions more secure and safer.
E-commerce is convenient now, but most of the market is still gun-shy after hearing about identity theft and the recent breach of security at the Target online store during the Christmas shopping season.
E-currency or cryptocurrency is the first step in securing transactions on the Internet. The vision of cryptocurrency, most importantly Bitcoin is to replace state-backed currencies with a digital version that’s tougher to forge.
It is a currency that holds its worth across international boundaries and it can be stored on your hard drive instead of in a bank.
It is being said that the intentions are simple — and that this is an attempt to decentralize currency and have the people control it.
Bitcoin is often described as an anonymous currency because it is possible to send and receive Bitcoins without giving any personally identifying information. However it is said that Bitcoin is not totally untraceable, however, do you really think the powers that be want an anonymous currency worth more than gold being passed around without their control over it?
Think of this: a $10,000 investment in Bitcoin made in July 2010 would have earned investors a $200 million return.
To be exact, a Bitcoin investor who purchased $10,000 worth of Bitcoin in 2010 would have earned $201.56 million.
In contrast, an investor who purchased $10,000 worth of gold in 2010 would have experienced a negative return of $9,981.
There is yet another dark theory that is circulating about this latest cyber attack and that is we have all been witnessing various power failures and warnings that the grid may face an attack, where internet systems would shut down because of some massive failure caused by inside job espionage or EMP.
North Korea, once again defied calls to curb its weapons program, by firing a ballistic missile that landed in the sea near Russia on Sunday. Japanese Defense Minister Tomomi Inada said the missile could be a new type. It flew for 30 minutes before dropping into the sea between North Korea’s east coast and Japan. North Korea has consistently test-fired missiles in that direction.
A U.S. official, speaking on condition of anonymity, said initial assessments showed the missile landed 60 miles south of Russia’s Vladivostok region.
The missile flew 700 km 430 miles and reached an altitude of more than 1,245 miles, according to officials in South Korea and Japan, further and higher than an intermediate-range missile North Korea successfully tested in February from the same region of Kusong, northwest of its capital Pyongyang.
Last week, we reported that United States intelligence has been known to low ball the threat of North Korea based on its inability to successfully launch a long range missile. However it has been proposed that all of the so called failed missile launches have been successes in as much as North Korea can send a rocket high enough to detonate an EMP blast capable of shutting down power systems over populated areas.
Could this cyber attack be just the tip of the iceberg?
Will we be seeing more of these cyber false flags, in order for the government to have tighter controls on the internet?
Remember when North Korea “hackers” breached several firewall layers at Sony, exposing gigabytes of confidential data, only for it to eventually emerge that it was all the work of a disgruntled Sony employee?
Apparently not, because the same plot line is being re-run all over again.
Two of the world’s largest anti-virus companies said they are “looking into clues” that suggest a North Korea-linked group may be behind the Wannacry cyberattack.
According to Reuters, Symantec and Kaspersky are investigating whether hackers from the Lazarus Group were responsible for infecting an estimated 300,000 machines in 150 countries. The two companies have said that “some code in an earlier version of the WannaCry ransomware had also appeared in programs used by the Lazarus Group, which researchers from many companies said is run by North Korea.”
If the narrative around North Korea launching the worst malware cyberattack against the world is repeated often and loud enough, it will quickly become fact, even if no actual evidence is presented. If so, watch out for literal fireworks as all those who were impacted by the worm demand Kim’s blood, either literally or figuratively.
