Archive

Posts Tagged ‘hacking’

Short Note on Media Disinformation: No, No, No… CIA is not Impersonating Others in Hacking Others … There is just not Proof!

March 16th, 2017 1 comment

Vault 7Recently, with Wikileak’s release of so-called “Vault 7” of documents that revealed the vast array of tools the CIA on hacking and spying on American citizens, Western media is on a full-court press of disinformation in pushing back.  One particular spin is how Wikileaks does not prove that CIA has framed or impersonated Russia.  Even usually politically-neutral sites such as Wired has gotten into the act.  U.S. might have taken tools from those bad boys in Russia … or China, but the goal is not to frame those countries, but to save American resources to use the tools there to advance American aims.

Wait … WAIT!

First, according to wikileaks, Vault 7 represents but 1% of the documents it has from the CIA.  And even of the released documents, there has been redaction of materials that we do not get to see.  And of course, even the full set of documents Wikileaks may have is but a small universe of what exists in reality.  Let’s just say there is a lot more that we do not know.  So just because what we do not see solid proof of CIA’s intentions one way or the other from released public documents doesn’t mean that its intention must be ergo be what Americans would like to believe to be. Read more…

Categories: Analysis, politics Tags:

Sony: the great propagandizer in the middle of its hacking scandal

December 25th, 2014 13 comments

Sony has a tumultuous month with its hacking scandal involving the embarrassing leaked emails, ncluding: Angela Jolie, Barack Obama, and Leaked Salaries.

Sony being sued because of the leaked data is not the worst part, but the potential loss of its business because Hollywood can no longer trust Sony is probably even worse. So at Sony’s darkest hour, Sony decides to deflect from its hacking scandal to North Korea. Western Propaganda ate this whole thing up: From FBI blames North Korea, Obama vows response, to North Korea Internet down.

Besides deflecting the criticism towards the North Korea, Sony seem to kill 2 birds with one stone and will get free publicity towards “The Interview” movie anyways as the movie is released in digital media and movie theaters in its Christmas Day release. It makes Americans as a ‘patriotic’ thing to do as a thumbs down against ‘censorship’ and North Korea to watch this otherwise mediocre movie.

The only problem is that alot of Security experts doubt that North Korea actually did the hack. There are plenty of articles that like this, this, and that.  I would like to add in my 2 cents.

First it is the type of data being stolen. Most of the “normal” hacking incidents is usually logins, passwords, addresses, credit card #’s which can be obtained from a compromised e-tailer’s web server like Home Depot and Target. However, the type of data being stolen in this hacking incidents are emails, computer inventory spreadsheets, and data that could not get stolen in an web server. The only incidents where this type of data was in the Bradley Manning and Edward Snowden, where a former insider was able to retrieve this kind of data.

Second it is amount of data data being stolen. yet how can 100 TB of data be stolen under the noses of the security engineers of Sony? Let’s face it, North Korea’s internet infrastructure won’t handle this much data and the speculation of some North Korea’s elite unit operating in Shenyang is just ludicrous.

Third it is the intent. the original intent from hackers was to extort money from Sony for not releasing the embarrassing emails, and not to stop the release “The Interview.”  An article from Wired best summarize this:

Nation-state attacks aren’t generally as noisy, or announce themselves with an image of a blazing skeleton posted to infected computers, as occurred in the Sony hack. Nor do they use a catchy nom-de-hack like Guardians of Peace to identify themselves. Nation-state attackers also generally don’t chastise their victims for having poor security, as purported members of GOP have done in media interviews. Nor do such attacks involve posts of stolen data to Pastebin—the unofficial cloud repository of hackers—where sensitive company files belonging to Sony have been leaked. These are all hallmarks of hacktivists—groups like Anonymous and LulzSec, who thrive on targeting large corporations for ideological reasons or just the lulz, or by hackers sympathetic to a political cause.

The only plausible explanation of this hack is from a current or former disgruntled employee with backdoor access was able to steal more than 100 TB worth of data under Sony’s nose.  Instead Sony being in turmoil, it seems to be able to save its own skin by blaming North Korea.

Categories: Analysis Tags: , ,

[Unit] 61398, The New Number of The Beast

February 26th, 2013 16 comments

Earlier Black Phoenix wrote about the problem with Mandiant attributing the Comment Crew hacking to the Chinese military. The recent media frenzy around yet another “China hacking” story focused on a supposedly shadowy PLA military unit in Shanghai, Unit 61398, as the “state actor” behind the cyber attacks. Their primary source, Mandiant APT1 report, even cited the address of Unit 61398 central office as 208 Datong Road in Gaochao, Pudong.

Only problem is 208 Datong Raod is the address of a kindergarden run by the not-so-secret military unit, and is open to the public:

Star Baby review

– Here’s Star Baby, a preschool ratings site, giving Unit 61298 Preschool a favorable review:

http://www.starbaby.cn/jigou/1368-jieshao

– Here’s another preschool review site with photos of the potential “hackers”:

http://www.studyget.com/youeryuan/item-660.html

– No, this is not a picture of PLA hackers using children as human shields. The kindergarden was practicing emergency preparedness, probably in response to a school attack that occurred in China:

http://www.pudong-edu.sh.cn/web/pd/45322-450000032148.htm

Having never been to the place, I would conceed the nursery school COULD be a front for China’s premier cyber espionage center – saved the fact the school’s online registration information shows it is one of the schools in Pudong that accepts foreign families.

I hope cooler heads prevail. While it is reasonable to believe the Chinese probably is doing everything we’re doing, to pin this on the Chinese military requires more compelling evidence than bunch of toddlers running around.

The Problem of Cyber Crimes Is More Serious Than Conspiracy Theories (War on Hackers)

February 24th, 2013 6 comments

In my previous post, http://blog.hiddenharmonies.org/2013/02/how-to-hack-a-human-brain-from-experts-of-hacking/, I discussed the many flaws in the Mandiant Report on hacker group designated APT1.

Mandiant has responded to some of the criticisms, with the usual generalized responses of “we released our conclusion based on what we had.”

In other words, flaws are admittedly due to their jumping to conclusions.

Indeed, the Report from Mandiant read like a simple Conspiracy Theory, in that the only evidence of the Conspiracy is in circumstantial evidence.

By the same logic, virtually everyone can be found guilty of conspiracy of murder and theft, simply because there are murders and thefts near where they live.

Read more…

How To Hack A Human Brain, From Experts of Hacking

February 21st, 2013 5 comments

Answer:  With Knowledge, both Lies and Truths.  Every lie has some element of truth.  Every truth has some bias of lie.  Great lies appear more true than obvious lies.  Great truths appear more false than some lies.

A computer hack is a lie to a computer, disguised as a truthful command.  All lies, great or small, told to human beings, are designed to hack their brain in essence.

By that logic, we are all hackers.  We hack each other’s brains, sometimes with lies that others spread to us, to influence each other, for power, for personal gains.  Sometimes the truth hacks back.  Thus, knowledge and information simultaneously enlighten us and threaten us.

But in this philosophical turn of rhymes, it doesn’t matter whether one is told a truth or a lie.  One realizes that one is being hacked by information delivered by someone else.  It’s someone else’s truth or lie, designed to influence us.

If one allows the information to hack one’s brain, then one becomes a victim, a slave to someone else’s influence.

One’s ONLY defense is a security feature, a filter called Reason.  With Reason, we filter, decrypt, digest, break down the information into OUR own truths or lies.  Then, we have some control, we can choose to be UNSWAYED or UNINFLUENCED by the information bombarding us.

The ONLY achievable means of our own security in our own reason, is to be stubbornly refused to be swayed or influenced.  That is the ONLY true individuality.

***With that, I now apply my reasons on my latest refusal to be swayed or influenced.

How Many Chinese Hackers Can Dance In A Cyber Espionage Report?

Apparently, the answer is inevitably, a lot, because otherwise, who would bother to write a report about them?

If that sounds familiar, it is because you can apply that to just about any answer that’s begging for a pointless question.

That is to say, if you believe that there is a massive number of angels capable of dancing on the head of a pin, you don’t need any proofs.  Every thing will confirm your beliefs.

So, the same logic serves the report recently released by Mandiant.  http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf  Which by the way, reads like rehashed media stories of equally questionable logic.  But somehow, if a bunch of tabloid reports are compiled, it would be too many coincidences, as the logic goes.

Granted, all governments are researching cyber warfare.  And so are many private individuals.  Some for noble causes, others for mercenary reasons.  But by the same logic, one’s reaction ONLY demonstrates one’s own basic belief in human nature.

Critics of the Mandiant Report argue similar general points.  http://www.voanews.com/content/china-russia-israel-france-iran-cyber-threat/1608419.html

I do not care to venture into what Mandiant’s report writers believes, but let us talk about some of their basic errors in their conclusions:  (And this may take a few days)

Read more…

McAfee’s Report on Operation Shady RAT

August 4th, 2011 46 comments

Given the attention that the recent McAfee’s report has generated, and in light of the fact that the report was not generally available when I wrote my post “Biggest-ever series of cyber attacks uncovered,” I have decided to do an updated post describing my personal response to the report.

Following are excerpts of the report – together with my observations.  I will necessarily be able to address only specific passages given that the report is some 17 pages long. If people have questions on other passages I did not address, please direct those to me in the comments. Read more…

Biggest-ever series of cyber attacks uncovered

August 3rd, 2011 32 comments

News of the uncovering of the “biggest-ever” series of cyber attacks by McAfee seems to be spreading through the media like wildfire.  In thisWashington Post article, it is reported:

A leading computer security firm has used logs produced by a single server to trace the hacking of more than 70 corporations and government organizations over many months, and experts familiar with the analysis say the snooping probably originated in China.

Among the targets were the Hong Kong and New York offices of the Associated Press, where unsuspecting reporters working on China issues clicked on infected links in e-mail, the experts said. Read more…

Google’s empty allegations, again, but what next?

June 7th, 2011 9 comments

Students learning to become hairdressers at Lanxiang Vocational School in Jinan

Google has been up to making empty allegations against China since it decided to withdraw last year. In its latest salvo, it accused the Chinese government of a phishing attack on Gmail accounts. As predicted, such allegations are spreading like wild fire in the Western media. In fact, the innuendos are narrated into facts, and it is always amazing to see how this propaganda machinery works.

It claimed the phishing attacks “appears to originate from Jinan, China.” The Lanxiang Vocations School which was at the center of Google’s last year claim of Gmail attacks is also in Jinan. Apparently, the hairdressing students at Lanxiang no longer find this spotlight funny.

Did Google offer any more facts than last time? No. But, seriously, let’s look at some real ones. In this respected business and venture capital journal, Venture Beat, Matt Marshall tells us: Read more…

China Hacking, Poison and Piracy

February 13th, 2011 14 comments

Here is another story about hackers from China.

Allegedly some organization have tracked yet another hacking that originated from some computer from China.

Red alert – we are under attack from China!

I found it interesting that we never hear from hackers from U.S., Britain, Germany characterized as that.  We are more specific than that.  Bad hackers are individual bad apples.  They may be deranged individuals or part of standard industrial espionage operations. But when it comes to hackers form China, it has to be “hackers from China” – they are coming after us! Read more…