Oops, they did it again. The most recent case of hacktivism recently occurred :
"Shortly after IDF tanks rolled into Gaza, another old front of conflict was reopened early Wednesday morning, but in this battle Kassam rockets and artillery shells were replaced by worms and viruses as pro-Palestinian hackers shut down approximately 700 Israeli web domains. A range of different Web sites were targeted by the group, including Web sites of banks, medical centers, car manufacturers and pension funds.Well-known companies and organizations, including Bank Hapoalim, the Rambam Medical Center, Bank Otsar Ha-Hayal, BMW Israel, Subaru Israel and Citr en Israel, real estate company Tarbut-Hadiur and the Jump fashion Web site all found their Web sites shut down and replaced by the message: Hacked by Team-Evil Arab hackers u KILL palestin people we KILL Israel servers."
Zone-H has naturally covered the event and mirrored it, in between receiving an official PR release from the defacement group -- guess it's not just terrorists with cheap marketing teams given the badly structured press release. What these folks don't seem to be able to realize is that if they were to deface every web site hosting the infamous Muhammad cartoons, they would end up with a full-time job doing so. What's worth mentioning is the nature of defaced servers, banks, hospitals, private sector companies, my point is that if they were really up to causing havoc, they had the necessary privileges to do so. Let's not think on loud on worst case "what if" analysis though.
Defacements are a great example of PSYOPS , most importantly the indirect way of undermining a country's population confidence in their abilities to win any war or political campaign. During WWII brochures were laying around everywhere, and planes were dropping them across various cities to, either undermine, of influence the opinion of the locals towards their vision. The power of the Internet echo is what they're aiming to achieve, and while I may be whispering their "achievements" even further, the visitors of the affected sites partly got exposed to their propaganda. It's also to interesting to think of PSYOPS in reverse, that is users in countries with restrictive regimes trying to reach out the rest of world through malware -- beneficial malware, or beneficial PSYOPS?
What the current, emerging and future state of Hacktivism? In her outstanding research titled "Hacktivism and the Future of Political Participation", Alexandra Samuel points out some of the key points to keep in mind, and constructively speculates on the future trends.
At the bottom line, what's all the fuss about? No, it's not because an Israeli covert operative was kidnapped and held hostage, but because of an 18 years old "destruction machine" which reminds me of the way we used to argue and wage wars on the sand around the same age. The type of, "the wind has just blown your soldier way beyond the DMZ, and therefore we have no other choice but to attack you with all our forces. Resistance is futile!" conflicts.
Go to school, hell, even go to an ethical hacking one, or else you'll end up like a walking sausage having to squeeze yourself with a belt so tight in order not to have your pants fall down! Automated defacement tool shot courtesy of WebSense. And btw, how was your July Morning?
Related resouces :
Israeli-Palestinian Cyberconflict (IPCC) - the complete coverage back in 2001!
The Israeli-Palestinian Cyberconflict
Activism, Hacktivism, and Cyberterrorism : The Internet as a Tool for Influencing Foreign Policy
The Cycle of Cyber Conflict
Cyber Attacks During the War on Terrorism
Examining the Cyber Capabilities of Islamic Terrorist Groups
Cyberprotests : The Threat to the U.S Information Infrastructure
Analysis: U.S.-China 'cyberwar' fires blanks
Techno Imperialism and the Effect of Cyberterrorism
Cyberterrorism - don't stereotype and it's there!
Cyberterrorism - recent developments
Saturday, July 01, 2006
Hacktivism Tensions - Israel vs Palestine Cyberwars
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Friday, June 30, 2006
Real-Time PC Zombie Statistics
Zombies inevitably turning into botnets represent a huge, automated and efficient advantage to malicious attackers, I topic and most of its dimensions I covered in my Future trends of malware research. CipherTrust's Zombie Stats help you measure the approximate population of infected zombie PCs according to the vendor's TrustedSource. Not surprisingly, China's steadily increasing novice Internet population, both represents a growing menace to the entire Internet, and a market development opportunity for AV and security vendors. The situation is getting of hand with ISPs upgrading Internet connections, while still not putting enough efforts when it comes to dealing with botnets. And while some are taking actions under enforcement, major ISPs are still reluctant to face the issue -- ISPs still prefer to offer security services on a license basis or through reseller partnerships, though I'm certain there's an entire market segment waiting to be discovered by them if they manage to reset their position in this space.
Moreover, Prolexic's Zombie report for Q1-Q2 2005, provides even more detailed info, and a neat visualization of the routes involved with DDoS attacks, where the blue represents the U.S, and the red China. For the the time being, the ShadowServer guys keep on enthusiastically dealing with the problem, for no profit at all.
Moreover, Prolexic's Zombie report for Q1-Q2 2005, provides even more detailed info, and a neat visualization of the routes involved with DDoS attacks, where the blue represents the U.S, and the red China. For the the time being, the ShadowServer guys keep on enthusiastically dealing with the problem, for no profit at all.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
The WarDriving Police and Pringles Hacking
These days you never know where the next hacking attempt on your wireless network may come from. In this case, it's from the police, as authorities start mimicking wardriving behavior :
"The Douglas Country Sheriff's DOffice says it's going to start warning computer users that their networks may be vulnerable to hackers. The Sheriff's Department plans to equip several of its community service and patrol cars with devices that detect unprotected computer networks. In cases where investigators can figure out who owns the networks, they'll try to warn of potential security issues. They'll also drop off brochures with instructions to computer users on how to password protect their networks."
Back in 2004, Kelly Martin wrote a very pragmatic article on Catching a virus writer, empasizing on how "with the consumer WiFi explosion, launching a virus into the wild has never been easier and more anonymous than it is today." Moreover, Kaspersky labs recently assessed the situation in England, and you can easily see the need of basic awareness there.
I don't feel it's a good idea mainly because it generates more noise for the end user to sort through. They'd rather assess and position on a map the regions with most vulnerable networks and figure out a cost-effective ways of spreading awareness in these regions, instead of taking the role of an ethical wardriving. On the other hand, if they start taking care of wireless, would they start taking into consideration Bluetooth as well? There're just too many ethical wardrivers to deal with and deceive these days, and creative end users tend to multiply themselves or, of course, use common sense protection.
WarDriving Awareness brochure courtesy of Tom Hayward. Recommended reading - "War, Peace, or Stalemate: Wargames, Wardialing, Wardriving, and the Emerging Market for Hacker Ethics".
"The Douglas Country Sheriff's DOffice says it's going to start warning computer users that their networks may be vulnerable to hackers. The Sheriff's Department plans to equip several of its community service and patrol cars with devices that detect unprotected computer networks. In cases where investigators can figure out who owns the networks, they'll try to warn of potential security issues. They'll also drop off brochures with instructions to computer users on how to password protect their networks."
Back in 2004, Kelly Martin wrote a very pragmatic article on Catching a virus writer, empasizing on how "with the consumer WiFi explosion, launching a virus into the wild has never been easier and more anonymous than it is today." Moreover, Kaspersky labs recently assessed the situation in England, and you can easily see the need of basic awareness there.
I don't feel it's a good idea mainly because it generates more noise for the end user to sort through. They'd rather assess and position on a map the regions with most vulnerable networks and figure out a cost-effective ways of spreading awareness in these regions, instead of taking the role of an ethical wardriving. On the other hand, if they start taking care of wireless, would they start taking into consideration Bluetooth as well? There're just too many ethical wardrivers to deal with and deceive these days, and creative end users tend to multiply themselves or, of course, use common sense protection.
WarDriving Awareness brochure courtesy of Tom Hayward. Recommended reading - "War, Peace, or Stalemate: Wargames, Wardialing, Wardriving, and the Emerging Market for Hacker Ethics".
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Thursday, June 29, 2006
North Korea - Turn On the Lights, Please
North Korea's recent missile launch furor, and the obvious conventional weaponry doctrine in place, as well as my comments in the Travel Without Moving series - Korean Demilitarized Zone, reminded me of a how they tend to fuel growth in military spending/the regime, where the trade-off is a developing economy, or any economy at all. I feel North Korea is still quite dark these days, very impressive imagery showing that :
"South Korea is bright, North Korea is dark. This amazing image is included in the standard US Department of Defense briefings on North Korea. It was mentioned in a news briefing on 23 December 2002 by Defense Secretary Rumsfeld, who stated that "If you look at a picture from the sky of the Korean Peninsula at night, South Korea is filled with lights and energy and vitality and a booming economy; North Korea is dark." There are a number of versions of this image in circulation, with visible differences that vary according to the conditions at the time the imagery was acquired."
Rich Karlgaard's comment on lifting North Korea sanctions, and Quentin Hardy's argument that "Capitalism has corrupted other authoritarian regimes, why not North Korea?”are worth taking into consideration.
"South Korea is bright, North Korea is dark. This amazing image is included in the standard US Department of Defense briefings on North Korea. It was mentioned in a news briefing on 23 December 2002 by Defense Secretary Rumsfeld, who stated that "If you look at a picture from the sky of the Korean Peninsula at night, South Korea is filled with lights and energy and vitality and a booming economy; North Korea is dark." There are a number of versions of this image in circulation, with visible differences that vary according to the conditions at the time the imagery was acquired."
Rich Karlgaard's comment on lifting North Korea sanctions, and Quentin Hardy's argument that "Capitalism has corrupted other authoritarian regimes, why not North Korea?”are worth taking into consideration.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Comments (Atom)