lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <44F5D40E.29004.4D12ABD@stuart.cyberdelix.net>
Date: Wed, 30 Aug 2006 18:08:14 +0100
From: "lsi" <stuart@...erdelix.net>
To: full-disclosure@...ts.grok.org.uk
Subject: (Fwd) <nettime> more on USG simulation attack by
	nettime

slightly dated, pls don't kill me

------- Forwarded message follows -------
From:           	t byfield <tbyfield@...ix.com>
Subject:        	<nettime> more on USG simulation attack by nettime
Date sent:      	Sun, 20 Aug 2006 10:32:39 -0400
To:             	nettime-l@....thing.net
Send reply to:  	t byfield <tbyfield@...ix.com>

Last February I pointed out the USG's simulation of, basically, 
nettime
and a bunch of bloggers attacking Our Precious Bodily Fluids:

     http://www.nettime.org/Lists-Archives/nettime-l-
0602/msg00029.html

There's more! Kevin Poulsen picks up on it for WiReD:

     < http://blog.wired.com/27BStroke6/index.blog?entry_id=1539952 >

     Last February the Department of Homeland Security
     oversaw a large-scale international cyber terror
     simulation involving 115 public and private
     organizations in the U.S., Canada, Britain,
     Australia, and New Zealand, all testing their
     ability to coordinate with one another and respond
     to computer-driven attacks. It was called Cyber
     Storm.

     Nobody's said much about the results, or the
     details of the exercise scenario. But a
     newly-published DHS PowerPoint presentation on the
     exercise reveals that the real terrorist threat in
     cyber space isn't from obvious suspects like al
     Qaida types or Connecticut voters; it's from
     anti-globalization radicals and peace activists.

     The attack scenario detailed in the presentation
     is a meticulously plotted parade of cyber
     horribles led by a "well financed" band of leftist
     radicals who object to U.S. imperialism, aided by
     sympathetic independent actors.

     At the top of the pyramid is the Worldwide
     Anti-Globalization Alliance, which sets things off
     by calling for cyber sit-ins and denial-of-service
     attacks against U.S. interests. WAGA's radical
     arm, the villainous Black Hood Society, ratchets
     up the tension on day one by probing SCADA
     computerized control systems and military
     networks, eventually (spoiler warning) claiming
     responsibility for a commuter rail outage and the
     heat going out in government buildings.

     The Black Hoods are a faction of Freedom Not
     Bombs, whose name is suspiciously similar to the
     real Food Not Bombs,[1] which provides vegan meals to
     the homeless.

          [1] http://www.foodnotbombs.net/

     Another allied lefty-group called the Peoples Pact
     joins in, crashing portions of the power grid.
     Things get confusing when the "Tricky Trio," three
     evil hax0rs who are 50 percent more devious than
     the Deceptive Duo,[2] hacks the FAA, issues false
     Amber Alerts, and manipulates the communications
     system of the U.S. Northern Command.

          [2] http://www.securityfocus.com/news/414

     Then someone posts the No-Fly List to a public
     website (third act shocker: it's all nuns and
     Massachusetts Democrats), and opportunistic cyber
     thieves raid a medical database looking for
     identity theft targets. Logic bombs explode,
     wireless communications devices are corrupted, DNS
     caches are poisoned.

     And on it goes, with over 800 scenario "injects"
     over four action-packed days.

     Apparently, no computers were harmed in the making
     of Cyber Storm. "There were no actual attacks on
     live networks, no Red Team," the presentation
     notes. "Players reacted to situation and incident
     reports according to their regular/normal SOPs."
     So it was more of a paper exercise. A referee
     points at someone and yells, "You! Your website is
     defaced. What do you do?" -- and the organization
     responds accordingly.

     According to the presentation, there were over 300
     players in the war game, generating more than
     21,000 e-mail messages. Among the commonsense
     lessons learned: "Communication paths, methods,
     means and protocols must be solidified in advance
     of crisis/incident response" and "Cooperation must
     include ability to link into or share info in all
     streams: e.g., Cyber, Physical, (Law Enforcement),
     Intelligence."

     The scenario is nicely laid out, and perhaps
     technically plausible -- some of the incidents are
     ripped from the headlines, kind of. And I'm
     frankly glad to see al Qaida wasn't behind it all,
     since it seems unlikely that real terrorist groups
     will ever move to computer attacks, while physical
     destruction and murder is easier and more
     terror-producing.

     But does the administration really see the far
     left as potential cyber terrorists ready to take
     down the power grid and air traffic control
     systems? This might explain why the U.S. keeps
     getting caught spying on peaceful war-protestors.

     Marked "For Official Use Only," the PowerPoint
     deck became public when government transparency
     purist John Young posted it on his website,
     Cryptome,[3] this week. I couldn't open it, but I
     located what appears to be the original on the
     website of the New York branch of the ISSA, a
     security organization, from a briefing given them
     last June 21.

          [3] http://www.cryptome.org/

A blogger, 'Digby,' elaborates:

     
http://digbysblog.blogspot.com/2006_08_01_digbysblog_archive.html#1155
79476831601893

Cheers,
T


#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@....thing.net and "info nettime-l" in the msg 
body
#  archive: http://www.nettime.org contact: nettime@....thing.net
------- End of forwarded message -------

---
Stuart Udall
stuart at@...erdelix.dot net - http://www.cyberdelix.net/

--- 
 * Origin: lsi: revolution through evolution (192:168/0.2)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ