#Feds Are the Cyber-Terrorists?

The National Defense Magazine (USA) issued an article dated July 2007[1] quoting Dorothy Denning, noted cyber security expert at the Naval Postgraduate School. Denning reviewed the 2000, Sunshine Coast of Australia incident[2] where a disgruntled politico (Vitek Boden) hacked into a waste management computer system and altered pump station operations releasing 264,000 gallons of raw sewage killing marine life, contaminating water, and stinking up the region. Denning[3] claims this incident was not motivated for political reasons or to instill fear so it is not cyber terrorism. I contend she is dead wrong leading the parade of ignorance setting up a blinded pace of cyber terrorism and cyber warfare. We are in an ongoing cyber terrorist circumstance, at this very moment. Who told me? Ed #Snowden, a former US intelligence contractor who understands free expression and the meaning of watchdog like none other, except maybe Julian Assange.

#Cyber #terrorism is a hot button buzzword, debated[4] across the venues of #hactivism, security expertise enclaves, and govt. counter-terrorism units. For those of us who report on cyber terrorism and are familiar with cyber attacks, breaches, #Anonymous, #WikiLeaks, and others who are whistleblowers, hackers, and crackers the debate needs to conclude. It can if we open our eyes and see, not merely look.

To assume cyber terrorism is not real is a lethal falsehood buried in propagandizing. Cyberspace threats taken to the actuality (tender to extreme) are capable of disarming or arming comprehensive computer systems used to fire nuclear missiles, or to destroy international linked communications systems (read satellites), or eliminate like dominoes the usefulness of life-giving infrastructure millions are dependent upon. To argue Boden (the guy in the first paragraph) was not politically motivated is duplicitous and smacks of both denial and orchestrated mis-information.

In June 2015 technology and national security specialists received their come-upings when the Office of Personnel Management (OPM) of millions of US Federal workers were hacked[5] into with such expertise there are virtually no footprints to track who or what perpetrated a massive infringement into govt. protected databases. While the piddle stream media reports it was the Chinese govt., there exist absolutely no facts to back up such an assertion.

Stolen data streams in this mass attack included social security numbers, employee reviews and recommendations, complaints and resolutions, home addresses, health records, and other private information for over four million USA govt. employees. Certain departments were more heavily hit including the Dept. of Commerce and Dept. of the Interior and to date the govt. is not forthcoming what exact data blocks were hacked into citing “national security protocol’. Such critical intelligence (read information) was stolen by an unknown entity using a digital back door through a subcontractor to the govt. The attack went on for at least four months and may be continuing.

The OPM second attack[6] added to the first is even more alarming since it targeted Intel gathering employees of the intelligence communities of the US govt. However, policy makers are mis-directed by arrogance and lack of understanding of computer science. Leading policy institutions[7] continue to keep their heads in the sands stuck on Muslim terrorism as not capable of cyber warfare/terrorism. These experts are not paying attention to who is competent enough to perpetrate a devastating cyber strike. It only takes one (Snowden) or a handful of adept hackers (Syria Electronic Army) to reach into the matrix and dump malware and/or retrieve enormous amounts of information.

Further, to assert a Denial of Service (DoS) is not a cyber attack is stupidity. The Syrian Electronic Army (SEA)[8] took down and defaced the US Army’s public website (www.army.mil), and they have accomplished other operations. They are a group of youth who can no longer stay silent towards massive distortion of facts about what is happening in Syria.

President O-Bomb-O gives credence to cyber terrorism in his 2015 state of the union address. “No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families, especially our kids. We are making sure our government integrates intelligence to combat cyber threats, just as we have done to combat terrorism. And tonight, I urge this Congress to finally pass the legislation we need to better meet the evolving threat of cyber-attacks, combat identity theft, and protect our children’s information. If we don’t act, we’ll leave our nation and our economy vulnerable. If we do, we can continue to protect the technologies that have unleashed untold opportunities for people around the globe.”[9]

While cyber security and cyber experts meet and present, there are evidential findings worth reviewing outlining cyber terrorism exists. They are as follows:

“Several recurrent themes emerge from the preceding summary of the seven panels:[10]

  • It is clear that cyberspace opens considerable potential opportunities for terrorist activities, including communication, fund-raising, and attacks.
  • It remains an open question whether terrorist uses of the Internet constitute an evolutionary or revolutionary dynamic. This question hinges, in part, on one’s view of how the Internet differs to earlier technologies.
  • There are multiple constraints on terrorist engagements with cyberspace. First, the feasibility of the terrorist activities listed above varies considerably with some requiring very little technical knowledge and others necessitating a high level of expertise. In addition to this are further constraints such as financing and the comparative desirability of more traditional attacks for reasons of visibility or know how.
  • A range of legal and political instruments are available within national and international bodies with which to confront the challenge of cyber terrorism. However, these instruments are limited by different factors including: different strategic cultures and capabilities across countries; the language and construction of existing legal instruments such as the ‘use of force’ requirement in international law; and, sensitivities towards sharing information and data.
  • Distinguishing between different types of cyber-threat is challenging, in part, because motives and behavior in this realm are difficult to identify and monitor.
  • The value of existing models and methods of deterrence to confront challenges such as cyber terrorism is unproved, at best.
  • Efforts to address threats such as cyber terrorism raise considerable ethical as well as political, legal, and technical challenges.
  • Cyber terrorism has a discursive existence as well as a ‘material’ one. How this phenomenon is framed or constructed in media and political language matters greatly.
  • The disciplinary backgrounds and commitments of academics are not incidental within debate on the definition of cyber terrorism. In part, this is because of different views of the purposes of definition itself: to ensure effective communication between researchers and/or policymakers; to facilitate cooperation across jurisdictional boundaries; to distinguish terrorism from crime and war; or, to impose limits on investigative and prosecutorial powers.

Here is a list of recent data breaches and cyber attacks, as empirical as possible, for only one month = July 2015.[11]

  • Cyber attack:

Hacking Team hacked[12] – cyber surveillance company tells customers to stop using its software.

Nursery webcam accessed by stranger to speak to parent and child. 

Coordinated cyber attack hits four New Jersey gambling sites.

Digital media streaming service Plex hacked, forum held for ransom.

Canadian Security Intelligence Service website taken offline.

Tour de France leader Chris Froome suffers alleged data hack.

  1. Data breaches:

Infidelity site Ashley Madison hacked.

Cyber attack on Edinburgh city council leaks 13,000 email addresses.

Breach affects 3,000 clients enrolled in Georgia state program.

East Sussex NHS Trust apologizes over data breach.

Personal data on laptop stolen from attorney with California law firm.

Data on 86K individuals inadvertently made accessible to Internet.

Orlando Health employee improperly accesses patient medical records.

Costco now hit by alleged PNI data breach.

  1. Payment card information breach:

Evans Hotels announces payment card incident involving malware.

Detroit Zoo, eight others across the county experience POS breach.

CVS and Wal-Mart Canada Are Investigating a Data Breach.

Clothing website Dungarees hacked – customer payment card details exposed. 

Donald Trump hotel chain hit with credit card data breach.

Fighting back against cyber crime. 

UAE busts Nigerian cyber criminal gang.

Europol knocks out mobile cyber crime gang in Spain.

Cyber crime Kingpin Pleads Guilty.

ID Theft Service Proprietor Gets 13 Years.

The Wheels of Justice Turn Slowly.

Other:

LinkedIn fixes phishing flaw.

Car entertainment systems vulnerable to cyber attack.

Banking malware targets UK high street banks.”

(Note: Going to the website will provide links to each).

In conclusion, I quote Edward Snowden, two days before he left for asylum in Russia. He probably at this state of cyber-wars, cyber-terrorism, and cyber-madness is the world’s premier expert on the subject.

“Snowden believed there had been more than 61,000 NSA hacking operations globally, with hundreds of targets in Hong Kong and on the mainland (China).

“We hack network backbones – like huge internet routers, basically – that give us access to the communications of hundreds of thousands of computers without having to hack every single one,” he said.” [13]

What we are witnessing is a cyber war between the hackers (white hats) and the govt. surveillance apparatus. I would suggest this is the first round of what the feds will label as cyber terrorism and you and I will know as hactivism. Depending on one’s political perspective both fit every parameter of the definition of what is cyber terrorism or what is hactivism. I would additionally submit Snowden is not a terrorist he is a hactivist. He is an American hero who loves his country and its values of liberty and Bill of Rights so intensely he could no longer partake in the mass hacking (cyber terrorism) of its citizenry by the National Security Agency (NSA) of the US govt.

In reality, network backbones are exactly what was hacked into at the OPM US of govt. human resources data forks and then vacuumed up by the intruders. This factoid will not be found in the media, academia, policy maker’s white papers, or govt. reports on cyber terrorism. It was reported to me by a reliable source. A source by the way I will never reveal.

The assumption cyber terrorism does not exist is ludicrous based on playing a three card monte game on us. By railing on it does not exist there is no alarming the citizenry while the govt. is intruding into everyone’s emails, cell phones, Skype calls, Facebook posts, tweets on Twitter, GPS coordinates, ATM withdrawls, debit and credit purchases, and, so forth. It makes no difference if one is the President of France[14] or the 33 million in 46 countries committing adultery[15] via the Ashley Madison site. To continue to debate cyber terrorism’s definition and parameters is not only a waste of resources and time it is an exercise in planned mis-direction. We live during the times I label, “Why solve the problem when we can spend millions studying it?”

Finally, I submit the following report in light of the 600,000 or more refugees seeking asylum hailing from Syria, Iraq, Afghanistan, and other points in MENA, and beyond, now clogging up the roadways of Hungary hoping to cross into Germany, Scotland, and other countries willing to accept them as they literally walk away from the killing fields.

Read the following and see the graphics:

http://www.aljazeera.com/programmes/peopleandpower/2015/06/syria-electronic-armies-150617151503360.html [16]

Graphic: What the SEA hacked.

Screen shot 2015-09-06 at 5.28.09 PM

Screen shot 2015-09-06 at 5.28.19 PM

https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-behind-the-syria-conflict.pdf

[1] http://www.nationaldefensemagazine.org/archive/2007/July/Pages/ExpertsDownplay2581.aspx

[2] ibid

[3] Denning, Dorothy; “A View of Cyberterrorism Five Years Later”, Naval Post Graduate School, 2006

[4] http://www.cse.wustl.edu/~jain/cse571-11/ftp/terror/index.html

[5] http://arstechnica.com/security/2015/06/why-the-biggest-government-hack-ever-got-past-opm-dhs-and-nsa/

[6] http://www.voanews.com/content/us-government-hacking/2820370.html

[7] http://www.cfr.org/terrorism-and-technology/cyberterrorism-hype-v-fact/p21434

[8] http://sea.sy/index/en

[9] https://medium.com/@WhiteHouse/president-obamas-state-of-the-union-address-remarks-as-prepared-for-delivery-55f9825449b2

[10] http://www.cyberterrorism-project.org/wp-content/uploads/2013/07/CTP-Conference-Report.pdf

[11] http://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-july-2/

[12] http://www.cbc.ca/news/technology/attack-on-hacking-team-spills-global-cyber-spying-secrets-1.3155981

[13] http://www.scmp.com/news/hong-kong/article/1259508/edward-snowden-us-government-has-been-hacking-hong-kong-and-china

[14] https://wikileaks.org/nsa-france/

[15] http://www.theguardian.com/world/2015/jul/21/ashley-madison-adultery-site-hack-will-i-be-found-out-what-you-need-to-know

[16] https://www.fireeye.com/blog/threat-research/2015/02/behind_the_syrianco.html

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s