Have you ever heard of
Project RAHAB or
Operation EQUALIZER also known as the first instance of cyber espionage in the form of having German citizens compromise U.S based networks to actually supply the information to the KGB? Keep reading. In this post I'll provide actionable intelligence and I'll discuss in-depth the infamous "KGB Hack" and include an in-depth and never discussed perspective on how Germany's Intelligence Services at the time began outsourcing their cyber espionage needs to third-parties in particular the production of viruses at the time. What is Project RAHAB? Project RAHAB was among the first international campaign to utilize hackers for cyber espionage including possible disruptive activities internationally courtesy of Germany's Intelligence Service largely relying on public sources of information in particular Germany's Chaos Club that was widely known to have been working with and consisting of hackers which later on matured into a separate project called Operation EQUALIZER which aims to supply the KGB with cyber espionage secrets by compromising U.S based government and proprietary networks with the group consisting of German hackers who successfully managed to compromise the networks but eventually got caught which led to the first known case of cyber espionage with German hackers supplying information and U.S government secrets to the KGB.
"The Germans appear to have taken their cue from the success of such amateur hacker groups as the "Chaos Club" and the "Hannover Hackers" that worked with the KGB. According to Schweizer, the Germans created "Project Rahab," named after the biblical character who helped the Israelites infiltrate Jericho, in the mid 1980s to develop a "professional" hacking capability. The project was developed by the Bundes Nacrichten Dienst's (BND) Christian Stoessel, who wrote the initial "point paper" proposing hacking into foreign data bases for intelligence purposes. The project was joint effort between BND's Division I (HUMINT), Division II (SIGINT) and Division IV (HQ). In addition to the intelligence professionals, other technical experts from a variety of outside institutions were recruited, resulting in a staff of approximately 70 people. While focused initially on retrieving information, the Project Rahab staff soon turned to offensive measures that could be of use in a time of conflict, including a variety of viruses that could be inserted in to target computers. Schweizer claims that the Project has "accessed computer systems in the Soviet Union, Japan, France, the United States, Italy, and Great Britain,"67 Included in the "hacks" of the Rahab staff is penetration of the SWIFT network, a dedicated international banking network that carries there majority of worldwide bank transfers. The implications of this information falling into terrorist hands are clear."
"Bulgaria has been a "breeding ground" for computer viruses during and after Communist rule. In the early 1990s, the Bulgarians had developed thirty unique viruses with more than 100 different variations and were releasing them at a rate of one per week.60 The "Hannover hackers" of Cuckoo's Egg fame also identify the Bulgarians as active in computer intelligence. Madsen cites the National Intelligence Service (foreign and domestic intelligence), and Razuznavatelno Upravleniye na Ministerstvoto (RUMNO) (Military intelligence) as the Bulgarian intelligence organizations most likely to be involved in computer intelligence gathering.61 It has also been rumored that a new "virus library" that allows anyone, not just a skilled programmer, to write a virus by "picking and choosing" among several options was first developed in Bulgaria. This system has the potential to produce thousands of new viruses to be unleashed at random or specific targets. A cyberterrorist bent on bringing a system down could single-handily generate a flood of viruses to infect the targeted computer. Even if virus detection software was installed, the chances are good that a virus could be created to evade detection."
Stay tuned!
Continue reading →
RSS Feed