Archive

Posts Tagged ‘cyber attacks’

Short Note on Media Disinformation: No, No, No… CIA is not Impersonating Others in Hacking Others … There is just not Proof!

March 16th, 2017 2 comments

Vault 7Recently, with Wikileak’s release of so-called “Vault 7” of documents that revealed the vast array of tools the CIA on hacking and spying on American citizens, Western media is on a full-court press of disinformation in pushing back.  One particular spin is how Wikileaks does not prove that CIA has framed or impersonated Russia.  Even usually politically-neutral sites such as Wired has gotten into the act.  Yes, the U.S. did get caught using tools from those bad boys in Russia … and China, but the goal has never been to frame those countries, but to save American resources to use the tools there to advance American aims.  There is no proof of the U.S. framing or impersonating others

Wait … WAIT!

Notice just how the media has re-framed the issues.

Remember the recent blah blah of Russian hacking and interference of American elections?  Even though the publicly provided evidence was virtually nil, the allegations ripped like wildfire across the nation.  Behind the veil of “national security,” all that is enough to pin the hacks as Russia are some references that the tools used was similar to what other Russian hackers have used … and that the attack was traced to an IP address that was Russian…

This was the same bull shit previously leveled against China and which we had previously analyzed before.  But as we had pointed out so many times before: just because you find some Chinese tools or IP addresses doesn’t mean the attack was Chinese.  Hacker’s tools are for the most part public tools – Chinese, Russian, or otherwise.  Hackers will use each others’ tools – government, private, black hat, white hat, male, female, gay, straight, or others – for their own goals.  So the mere fact that you find a Chinese being used could mean it was the Chinese gov’t, Chinese Maria, or the CIA at the controls.  We just don’t know!

As for IP addresses, as we also have explained, unless you traced the attack to a server that you have access to, IP addresses per se tell you Nada – Nothing – Zilch!   If you do not have direct access to the server – the logs, the logins, etc. – you simply cannot know who actually controlled and launched the attack.

In an age where normal non-tech people use vpn’s to protect their “privacy,” you would think hackers – especially sophisticated state actors – would at least use some sort of multiple IP hops schemes to mask their identity.  In an age where most people have seen emails from their “friend’s” email accounts which have been compromised and used as launching points for sending spams, you would think that most would understand that just because an attack appears to come from a particular server or email account, the actual attacker may be hidden several layers behind what things appear to be.

AND now Vault 7 proves how right we have been all along – with the CIA as a showcase!

Now we know how when the CIA uses tools to mount attacks how those attacks might look very much like attacks from other nations.

So does this prove that it was the CIA and not the Russians that hacked the DNC’s and Hillary’s computers?  Of course not (albeit it sure does raise some interesting possibilities.)  But if all the evidence is of some tools of Russian origin and some Russian IP addresses, well that is not evidence at all.

Many people in the U.S. media want to spin this bombshell into a story that there is yet no proof that it was actually the CIA – not the Russians – are behind the recent “hacking.” This is part of the “disinformation” that we see so often in the U.S. dominated press – twisting and reframing the issues … to reframe the stories….

The issue is not about proving CIA involvement – but the lack of any evidence of Russia behind any hacking.

And even if one is of the conspiracy type: according to wikileaks, Vault 7 represents but 1% of the documents it has from the CIA. Of the released documents, there has been redaction of materials that we do not get to see. Even the full set of documents Wikileaks may have is but a small universe of what exists in reality. So just because what we do not yet see solid proof of CIA’s intentions one way or the other from released public documents doesn’t mean that ergo that CIA has been cleared of anything. Read more…

Obama lecturing China about hacking and snooping? Shameless!

September 30th, 2015 1 comment

cyeberhacking1_3077109bOne of the key conflicts – at least in U.S. view – between U.S. and China over the last few years has been “cyber attack” and “cyber espionage.”  During President Xi’s recent visit to the U.S., Obama has scolded Xi very publicly – and with much fanfare – that Chinese cyber espionage against U.S. government and companies must stop.  Obama told reporters:

“I raised once again our very serious concerns about our growing cyberthreats to American companies and American citizens,” Obama said. “I indicated that it has to stop.”

“The U.S. government does not engage in cyber-economic espionage for commercial gain, and today I can announce that our two countries have announced a mutual understanding on the way forward,” he added.

The U.S. has long tried to distinguish between economic and political espionage, and tries to claim the high-road that it does not engage in the former.  But as I have commented before, that distinction never held any water under closer observation.

In the lead up to Xi’s visit, there has been much posturing in U.S. media that the U.S. will hit back against China for recent attacks against U.S., including one against the Office of Personnel Management (OPM) that allegedly compromised the social security numbers of 21 million Americans, finger prints of 5.6 million Americans, among others.

China has long protested that it is the victim of wide-spread espionage … not a perpetrator.

Last week, Obama and Xi finally reached an agreement.

But there was no retaliation.  Why?  Read more…

The Problem of Cyber Crimes Is More Serious Than Conspiracy Theories (War on Hackers)

February 24th, 2013 6 comments

In my previous post, http://blog.hiddenharmonies.org/2013/02/how-to-hack-a-human-brain-from-experts-of-hacking/, I discussed the many flaws in the Mandiant Report on hacker group designated APT1.

Mandiant has responded to some of the criticisms, with the usual generalized responses of “we released our conclusion based on what we had.”

In other words, flaws are admittedly due to their jumping to conclusions.

Indeed, the Report from Mandiant read like a simple Conspiracy Theory, in that the only evidence of the Conspiracy is in circumstantial evidence.

By the same logic, virtually everyone can be found guilty of conspiracy of murder and theft, simply because there are murders and thefts near where they live.

Read more…

How To Hack A Human Brain, From Experts of Hacking

February 21st, 2013 5 comments

Answer:  With Knowledge, both Lies and Truths.  Every lie has some element of truth.  Every truth has some bias of lie.  Great lies appear more true than obvious lies.  Great truths appear more false than some lies.

A computer hack is a lie to a computer, disguised as a truthful command.  All lies, great or small, told to human beings, are designed to hack their brain in essence.

By that logic, we are all hackers.  We hack each other’s brains, sometimes with lies that others spread to us, to influence each other, for power, for personal gains.  Sometimes the truth hacks back.  Thus, knowledge and information simultaneously enlighten us and threaten us.

But in this philosophical turn of rhymes, it doesn’t matter whether one is told a truth or a lie.  One realizes that one is being hacked by information delivered by someone else.  It’s someone else’s truth or lie, designed to influence us.

If one allows the information to hack one’s brain, then one becomes a victim, a slave to someone else’s influence.

One’s ONLY defense is a security feature, a filter called Reason.  With Reason, we filter, decrypt, digest, break down the information into OUR own truths or lies.  Then, we have some control, we can choose to be UNSWAYED or UNINFLUENCED by the information bombarding us.

The ONLY achievable means of our own security in our own reason, is to be stubbornly refused to be swayed or influenced.  That is the ONLY true individuality.

***With that, I now apply my reasons on my latest refusal to be swayed or influenced.

How Many Chinese Hackers Can Dance In A Cyber Espionage Report?

Apparently, the answer is inevitably, a lot, because otherwise, who would bother to write a report about them?

If that sounds familiar, it is because you can apply that to just about any answer that’s begging for a pointless question.

That is to say, if you believe that there is a massive number of angels capable of dancing on the head of a pin, you don’t need any proofs.  Every thing will confirm your beliefs.

So, the same logic serves the report recently released by Mandiant.  http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf  Which by the way, reads like rehashed media stories of equally questionable logic.  But somehow, if a bunch of tabloid reports are compiled, it would be too many coincidences, as the logic goes.

Granted, all governments are researching cyber warfare.  And so are many private individuals.  Some for noble causes, others for mercenary reasons.  But by the same logic, one’s reaction ONLY demonstrates one’s own basic belief in human nature.

Critics of the Mandiant Report argue similar general points.  http://www.voanews.com/content/china-russia-israel-france-iran-cyber-threat/1608419.html

I do not care to venture into what Mandiant’s report writers believes, but let us talk about some of their basic errors in their conclusions:  (And this may take a few days)

Read more…

McAfee’s Report on Operation Shady RAT

August 4th, 2011 46 comments

Given the attention that the recent McAfee’s report has generated, and in light of the fact that the report was not generally available when I wrote my post “Biggest-ever series of cyber attacks uncovered,” I have decided to do an updated post describing my personal response to the report.

Following are excerpts of the report – together with my observations.  I will necessarily be able to address only specific passages given that the report is some 17 pages long. If people have questions on other passages I did not address, please direct those to me in the comments. Read more…

Biggest-ever series of cyber attacks uncovered

August 3rd, 2011 32 comments

News of the uncovering of the “biggest-ever” series of cyber attacks by McAfee seems to be spreading through the media like wildfire.  In thisWashington Post article, it is reported:

A leading computer security firm has used logs produced by a single server to trace the hacking of more than 70 corporations and government organizations over many months, and experts familiar with the analysis say the snooping probably originated in China.

Among the targets were the Hong Kong and New York offices of the Associated Press, where unsuspecting reporters working on China issues clicked on infected links in e-mail, the experts said. Read more…

Google’s empty allegations, again, but what next?

June 7th, 2011 9 comments

Students learning to become hairdressers at Lanxiang Vocational School in Jinan

Google has been up to making empty allegations against China since it decided to withdraw last year. In its latest salvo, it accused the Chinese government of a phishing attack on Gmail accounts. As predicted, such allegations are spreading like wild fire in the Western media. In fact, the innuendos are narrated into facts, and it is always amazing to see how this propaganda machinery works.

It claimed the phishing attacks “appears to originate from Jinan, China.” The Lanxiang Vocations School which was at the center of Google’s last year claim of Gmail attacks is also in Jinan. Apparently, the hairdressing students at Lanxiang no longer find this spotlight funny.

Did Google offer any more facts than last time? No. But, seriously, let’s look at some real ones. In this respected business and venture capital journal, Venture Beat, Matt Marshall tells us: Read more…

China Hacking, Poison and Piracy

February 13th, 2011 14 comments

Here is another story about hackers from China.

Allegedly some organization have tracked yet another hacking that originated from some computer from China.

Red alert – we are under attack from China!

I found it interesting that we never hear from hackers from U.S., Britain, Germany characterized as that.  We are more specific than that.  Bad hackers are individual bad apples.  They may be deranged individuals or part of standard industrial espionage operations. But when it comes to hackers form China, it has to be “hackers from China” – they are coming after us! Read more…