| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 30 Aug 2006 18:08:14 +0100
From: "lsi" <stuart@...erdelix.net>
To: full-disclosure@...ts.grok.org.uk
Subject: (Fwd) <nettime> more on USG simulation attack by
nettime
slightly dated, pls don't kill me
------- Forwarded message follows -------
From: t byfield <tbyfield@...ix.com>
Subject: <nettime> more on USG simulation attack by nettime
Date sent: Sun, 20 Aug 2006 10:32:39 -0400
To: nettime-l@....thing.net
Send reply to: t byfield <tbyfield@...ix.com>
Last February I pointed out the USG's simulation of, basically,
nettime
and a bunch of bloggers attacking Our Precious Bodily Fluids:
http://www.nettime.org/Lists-Archives/nettime-l-
0602/msg00029.html
There's more! Kevin Poulsen picks up on it for WiReD:
< http://blog.wired.com/27BStroke6/index.blog?entry_id=1539952 >
Last February the Department of Homeland Security
oversaw a large-scale international cyber terror
simulation involving 115 public and private
organizations in the U.S., Canada, Britain,
Australia, and New Zealand, all testing their
ability to coordinate with one another and respond
to computer-driven attacks. It was called Cyber
Storm.
Nobody's said much about the results, or the
details of the exercise scenario. But a
newly-published DHS PowerPoint presentation on the
exercise reveals that the real terrorist threat in
cyber space isn't from obvious suspects like al
Qaida types or Connecticut voters; it's from
anti-globalization radicals and peace activists.
The attack scenario detailed in the presentation
is a meticulously plotted parade of cyber
horribles led by a "well financed" band of leftist
radicals who object to U.S. imperialism, aided by
sympathetic independent actors.
At the top of the pyramid is the Worldwide
Anti-Globalization Alliance, which sets things off
by calling for cyber sit-ins and denial-of-service
attacks against U.S. interests. WAGA's radical
arm, the villainous Black Hood Society, ratchets
up the tension on day one by probing SCADA
computerized control systems and military
networks, eventually (spoiler warning) claiming
responsibility for a commuter rail outage and the
heat going out in government buildings.
The Black Hoods are a faction of Freedom Not
Bombs, whose name is suspiciously similar to the
real Food Not Bombs,[1] which provides vegan meals to
the homeless.
[1] http://www.foodnotbombs.net/
Another allied lefty-group called the Peoples Pact
joins in, crashing portions of the power grid.
Things get confusing when the "Tricky Trio," three
evil hax0rs who are 50 percent more devious than
the Deceptive Duo,[2] hacks the FAA, issues false
Amber Alerts, and manipulates the communications
system of the U.S. Northern Command.
[2] http://www.securityfocus.com/news/414
Then someone posts the No-Fly List to a public
website (third act shocker: it's all nuns and
Massachusetts Democrats), and opportunistic cyber
thieves raid a medical database looking for
identity theft targets. Logic bombs explode,
wireless communications devices are corrupted, DNS
caches are poisoned.
And on it goes, with over 800 scenario "injects"
over four action-packed days.
Apparently, no computers were harmed in the making
of Cyber Storm. "There were no actual attacks on
live networks, no Red Team," the presentation
notes. "Players reacted to situation and incident
reports according to their regular/normal SOPs."
So it was more of a paper exercise. A referee
points at someone and yells, "You! Your website is
defaced. What do you do?" -- and the organization
responds accordingly.
According to the presentation, there were over 300
players in the war game, generating more than
21,000 e-mail messages. Among the commonsense
lessons learned: "Communication paths, methods,
means and protocols must be solidified in advance
of crisis/incident response" and "Cooperation must
include ability to link into or share info in all
streams: e.g., Cyber, Physical, (Law Enforcement),
Intelligence."
The scenario is nicely laid out, and perhaps
technically plausible -- some of the incidents are
ripped from the headlines, kind of. And I'm
frankly glad to see al Qaida wasn't behind it all,
since it seems unlikely that real terrorist groups
will ever move to computer attacks, while physical
destruction and murder is easier and more
terror-producing.
But does the administration really see the far
left as potential cyber terrorists ready to take
down the power grid and air traffic control
systems? This might explain why the U.S. keeps
getting caught spying on peaceful war-protestors.
Marked "For Official Use Only," the PowerPoint
deck became public when government transparency
purist John Young posted it on his website,
Cryptome,[3] this week. I couldn't open it, but I
located what appears to be the original on the
website of the New York branch of the ISSA, a
security organization, from a briefing given them
last June 21.
[3] http://www.cryptome.org/
A blogger, 'Digby,' elaborates:
http://digbysblog.blogspot.com/2006_08_01_digbysblog_archive.html#1155
79476831601893
Cheers,
T
# distributed via <nettime>: no commercial use without permission
# <nettime> is a moderated mailing list for net criticism,
# collaborative text filtering and cultural politics of the nets
# more info: majordomo@....thing.net and "info nettime-l" in the msg
body
# archive: http://www.nettime.org contact: nettime@....thing.net
------- End of forwarded message -------
---
Stuart Udall
stuart at@...erdelix.dot net - http://www.cyberdelix.net/
---
* Origin: lsi: revolution through evolution (192:168/0.2)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists