Rudy Giuliani is an absurd choice to defend the US from hackers

While it’s amusing to make fun of Giuliani, hiring people with little or no bona fide security experience to head up cybersecurity practices in government is sadly a tried and true pastime in Washington. Instead of tapping actual computer security experts, politicians in many cases continue to put their friends or people they know in charge of a monumental problem that requires expertise beyond having many political connections or relationships with donors.

Source: Rudy Giuliani is an absurd choice to defend the US from hackers | Trevor Timm | Opinion | The Guardian

From:  Trump’s cyber-guru Giuliani runs ancient ‘easily hackable website’

“You can probably break into Giuliani’s server,” said Robert Graham of Errata Security. “I know this because other FreeBSD servers in the same data center have already been broken into, tagged by hackers, or are now serving viruses.

“But that doesn’t matter. There’s nothing on Giuliani’s server worth hacking.”

Chinese hack compromised security-clearance database

Last week, the OPM announced that a database containing the personal information of about 4 million current and former federal employees was hacked. Privately, U.S. officials said the Chinese government was behind the breach. The administration has not publicly pointed a finger at Beijing.

Source: Chinese hack compromised security-clearance database – The Washington Post

I’m surprised the Washington Post continues with this Chinese narrative as there has been no official condemnation of China over this and determining the true source of an intrusion is extremely difficult if not impossible in many cases.  They still haven’t caught the culprits in the Target and Home Depot data breaches.  The list of suspects with motive to obtain this kind of data is probably quite long so it’s irresponsible to assume a guilty party before any evidence has been leaked.  No doubt consultants are working furiously tracing log records but at least wait until there is something concrete.  The Washington Post is an institution with top notch journalists so they should know better.

And here’s the blurb that made me laugh.

Offensive actions might include directing a U.S. agency to locate the servers holding the stolen data and deleting or altering the data, the former official said.

Haha.  Like whoever did this wouldn’t have backups 6 ways to Sunday of every bit gathered.  There’s no way to delete anything digital once it’s out in the ether.  Why would anyone publish a statement like that?  The only thing an offensive cyber attack can accomplish is making the US government behave like the criminals who they denounce.

You Can’t Backdoor a Platform

Cryptographic backdoors will not work. As a matter of technology, they are deeply incompatible with modern software platforms. And as a matter of policy and law, addressing those incompatibilities would require intolerable regulation of the technology sector. Any attempt to mandate backdoors will merely escalate an arms race, where usable and secure software stays a step ahead of the government.

The easiest way to understand the argument is to walk through a hypothetical. I’m going to use Android; much of the same analysis would apply to iOS or any other mobile platform.

Source: You Can’t Backdoor a Platform | Web Policy

Don’t Be Fodder for China’s ‘Great Cannon’

“It only intercepts traffic to a certain set of Internet addresses, and then only looks for specific script requests. About 98 percent of the time it sends the Web request straight on to Baidu, but about two percent of the time it says, ‘Okay, I’m going to drop the request going to Baidu,’ and instead it directly provides the malicious reply, replying with a bit of Javascript which causes the user’s browser to participate in a DOS attack, Weaver said.

via Don’t Be Fodder for China’s ‘Great Cannon’ — Krebs on Security.

Interestingly, this type of attack is not unprecedented. According to documents leaked by National Security Agency whistleblower Edward Snowden, the NSA and British intelligence services used a system dubbed “QUANTUM” to inject content and modify Web results for individual targets that appeared to be coming from a pre-selected range of Internet addresses.

U.S.: No alternate leads in Sony hack

Norse’s senior vice president of market development said that just the quickness of the FBI’s conclusion that North Korea was responsible was a red flag.

“When the FBI made the announcement so soon after the initial hack was unveiled, everyone in the [cyber] intelligence community kind of raised their eyebrows at it, because it’s really hard to pin this on anyone within days of the attack,” Kurt Stammberger said in an interview as his company briefed FBI investigators Monday afternoon.

via U.S.: No alternate leads in Sony hack – Tal Kopan – POLITICO.

From:  The FBI’s North Korea evidence is nonsense 

The reason it’s nonsense is that the hacker underground shares code. They share everything: tools, techniques, exploits, owned-systems, botnets, and infrastructure. Different groups even share members. It is implausible that North Korea would develop it’s own malware from scratch.

Above article dated 12/19/2014.  It appears the FBI may be doubling down on their theories to save face.  Their conclusions got POTUS to make a speech about this and if it turns out it was all nonsense that makes him look bad too.

As a fan of author Tom Clancy’s early works I found this quote funny.  From: Researcher: Sony Hack Was Likely an Inside Job by a Woman Named “Lena”

This sounds much more plausible to me than a crack North Korean cyber-commando squad, or whichever Tom Clancy wet dream has been floating between the White House and the New York Times.

Clues In Sony Hack Point To Insiders

Researchers from the security firm Norse allege that their investigation of the hack of Sony has uncovered evidence that leads, decisively, away from North Korea as the source of the attack. Instead, the company alleges that a group of six individuals is behind the hack, at least one a former Sony Pictures Entertainment employee who worked in a technical role and had extensive knowledge of the company’s network and operations.

via A New Script: Clues In Sony Hack Point To Insiders | The Security Ledger.

Sony Hackers ‘Completely Owned This Company’

“It’s really a phenomenally awesome hack—they completely owned this company,” Schneier, who is regularly consulted by the federal government on security issues, said. “But, I think this is just a regular hack. All the talk, it’s hyperbole and a joke. They’re [threatening violence] because it’s fun for them—why the hell not? They’re doing it because they actually hit Sony, because they’re acting like they’re 12, they’re doing it for the lulz, no one knows why.”

via Bruce Schneier: Sony Hackers ‘Completely Owned This Company’ | Motherboard.

Unless you know how infiltrators got into Sony’s system there is no way figuring out the who behind the hack.  So far details of this has been lacking and as far as potential culprits targeting Sony, North Korea is probably least capable from an education standpoint and logistics.  Social engineering, getting people inside Sony to cooperate is usually behind successful infiltrations.  Sony’s Playstation network was taken down awhile ago.  I suspect whoever did that probably is behind this despite what movie is about to be released soon.

A Close Look at the NSA’s Most Powerful Internet Attack Tool

Rather than go through the bureaucratic fight to move the attack logic into “system low” (and co-located on the wiretap), the NSA sought to work around it in the case of QUANTUMHAND. Instead of targeting just any web connection for exploitation, it targeted persistent “push” connections from Facebook, where a user’s browser would leave an idle connection open, waiting for a command from the server.

This way, even the slow, broken, classified architecture could exploit Facebook users. Sadly for NSA and GCHQ (and FSB, and DGSE, and every other spy agency), Facebook turned on encryption a few months ago, which should thwart this attack.

via A Close Look at the NSA’s Most Powerful Internet Attack Tool | Wired Opinion |

The biggest limitation on QUANTUM is location: The attacker must be able to see a request which identifies the target. Since the same techniques can work on a Wi-Fi network, a $50 Raspberry Pi, located in a Foggy Bottom Starbucks, can provide any country, big and small, with a little window of QUANTUM exploitation. A foreign government can perform the QUANTUM attack NSA-style wherever your traffic passes through their country.

‘What does ISP mean?’ – how government officials are flunking security challenges

Singer added that another US official about to negotiate cybersecurity with China asked him to explain what “ISP” meant. “That’s like going to negotiate with the Soviets and not knowing what ‘ICBM’ means. And I’ve had similar experiences with officials from the UK, China and Abu Dhabi.

At the G20 conference diplomats were spearfished by an email with a link to nude photos of former French first lady Carla Bruni-Sarkozy, and many clicked – downloading spyware onto their computers.

via ‘What does ISP mean?’ – how government officials are flunking security challenges | Technology |

Confessions of a cyber warrior

I’ve been a longtime friend to one cyber warrior. On condition of anonymity, he agreed to be interviewed about what he does for a living and allowed me to record our conversation on a device he controlled, from which I transcribed our conversation. I was able to ask clarifying questions the next day.

via In his own words: Confessions of a cyber warrior | Security – InfoWorld.