Tag Archive for: hackers

OUT OF GAS: What Does The Colonial Pipeline Shutdown Say About U.S. Defence Readiness?

On Friday, May 7, hackers attacked the computer systems of Colonial Pipeline, which operates a major gasoline pipeline that brings gasoline and jet fuel from Houston refineries up through the southeastern United States as far as New Jersey.  Out of concern that the hackers might have obtained data enabling them to do physical damage to their facilities, the pipeline operators shut the pipeline down while it was still under their control.

This may have saved the machinery from damage, but it produced a severe regional fuel shortage that affected everything from flights out of Atlanta to drivers’ vacation plans.  As of Sunday, May 16, the pipeline was fully restarted, but the ripple effects of the shutdown meant 88% of Washington, D. C. gas stations were out of gas at one point over the weekend.

This was a ransomware attack by a group calling itself DarkSide with reported links to Russia.  According to Bloomberg News, Colonial Pipeline paid DarkSide about $5 million in bitcoin for software to unlock their systems, only to find that it ran so slowly that they ended up restoring service without its help.

This is by far the most serious ransomware attack ever mounted on a U. S.-based facility, and should become a turning point in our response to this sort of attack.  Although I’ve stated the following position before in relation to other ransomware attacks, it bears repeating now that millions of people are going without gas, including many in Washington, D. C., and are presumably paying attention to the problem.

Article 4, Section 4 of the Constitution of the United States reads as follows, in full:

“The United States shall guarantee to every state in this Union a republican form of government, and shall protect each of them against invasion; and on application of the legislature, or of the executive (when the legislature cannot be convened) against domestic violence.”

The key word of present interest in this section is “invasion.”  An online law dictionary defines invasion as “[a]n encroachment upon the rights of another; the incursion of an army for conquest or plunder.”  The Constitution was written at a time when messages travelled fastest by horseback or sailing ship.  It is safe to say that the current technological facts of instant global Internet access to a domestic firm’s private infrastructure were not in the minds of the drafters of the Constitution.

But notions of justice and international relations were, and the drafters recognised that a federal government that could not successfully defend its constituent states against invasion, as defined above, was not worth organising.  So they put words in the Constitution that gave the federal government the responsibility of defending the states against invasion, and in Article 1, section 8, they also gave Congress the power to “provide for the calling forth the militia to execute the laws of the Union, suppress insurrections, and repel invasions.”  There’s that word “invasion” again.

Pardon what may look like a constitutional detour, but what happened to Colonial Pipeline this month amounts to invasion and plunder by agents of a foreign power.  The DarkSide criminals may not formally be agents of the Russian government, but they operate with its approval or at least without its hindrance.

Suppose a bunch of Canadians armed with tanks and machine guns charged across the Ambassador Bridge in Detroit and took over the headquarters of Ford Motor Company in Dearborn, Michigan, capturing their main computer centre and demanding $5 million in ransom to turn it loose.  This would quite properly be regarded as a foreign invasion, and no one would raise a finger to object to using whatever military force was necessary to repel such an invasion.

I submit that what happened to Colonial Pipeline is morally equivalent to my hypothetical invasion by Canadians.  The technological details are different, but the responsibility of the US government to defend those within its borders from invasion and plunder is something that the Founders intended it to do.

So what has the federal government in fact done?  Hardly anything — a few warnings not to try keeping gasoline in plastic bags, a few adjustments of shipping regulations to allow more ships to land gasoline from abroad, and that’s about it.

There is a well-known saying that generals always prepare for the last war, not the one they’re fighting now.  And that is certainly true in this case.  According to one source, the U. S. military has over 200,000 troops stationed abroad in over 170 countries.  The vast majority of these are conventional soldiers ready to shoot bullets and drop bombs, and certainly, bullets and bombs haven’t gone out of fashion.  But among the more advanced criminal element, it’s much more chic to keep your fingers clean while typing code that will shut down half of the gasoline going to the U. S. East Coast, and make $5 million in exchange for some software that doesn’t even work.

Congress is reportedly drafting legislation to do something about this sort of thing.  That is where the process should start, but it’s clear that a vast reorganisation and re-prioritising of the entire domestic and foreign military establishment is called for.  Cyberwarfare is where it’s at now.  Metaphorically speaking, the Canadians have been rioting through the entire country for years now, and all we have done is have vague discussions about the future of military combat.  Don’t people get it?  It’s happening now.  The fact that nobody was killed in the Colonial hack is due more to the foresight of the pipeline operators than to anyone else, as an out-of-control pipeline can do unimaginable amounts of damage.

But private companies should not have to shoulder by themselves the burden of protecting their facilities against foreign invasion and plunder.  That’s one of the most basic services of the federal government, and so far it is failing miserably in its job.

The gasoline shortage Washington now enjoys has fallen equally on Republicans and Democrats.  We can only hope that they will unite to make major lasting changes in the structure and priorities of the U. S. military so that we can once more be secure in our persons and property against the depredations of foreign invasion, including ransomware attacks.

This article has been republished with permission from Engineering Ethics.

COLUMN BY

Karl D. Stephan

Karl D. Stephan received the B. S. in Engineering from the California Institute of Technology in 1976. Following a year of graduate study at Cornell, he received the Master of Engineering degree in 1977… More by Karl D. Stephan

EDITORS NOTE: This MercatorNet column is republished with permission. ©All rights reserved.

VIDEO: FBI fails to inform some Americans they were on Islamic State kill list

Perhaps to do so would have been “Islamophobic,” or Obamoid FBI agents were too busy conducting outreach at the local mosque to get around to informing these people.

“FBI didn’t inform some Americans they were on ISIS kill list,” by Sara Carter, Circa News, June 27, 2016:

The FBI did not alert numerous Americans that they were placed on secret Islamic State kill lists or notify their local police about the potential dangers, a lapse in the government’s efforts to combat the terrorist group’s evolving strategy to target everyday citizens.

To date, the terror group that goes by the acronym ISIS has published on encrypted web sites several hit lists naming more than 15,000 people it would like to see killed by sleeper cells or lone wolves in New York, Texas, Florida and California.

The lists aren’t public but Circa News obtained copies of some and made sample calls to the everyday Americans who appeared on them, from college professors and military personnel to art collectors and homemakers.

In Texas alone, Circa identified 22 people in a sampling of 24 names who did not receive any notification that they were in ISIS’s crosshairs. It also identified two local police departments whose citizens were on the list that also got no alert from the FBI.

“I was terrified. We live in a different world and the Jewish community is a number one target of these radicals,” said a woman in Austin who found out from Circa that she and several of her friends in the Jewish community were on a list. The woman agreed to be interviewed only on condition of anonymity, fearing using her name would only increase her risk.

“I’m very upset that I was not notified by the FBI or local law enforcement,” she said.

Since the hit lists began emerging more frequently earlier this year, FBI officials have said they intended to notify all Americans threatened by ISIS and to work with their local police departments.

FBI officials said they are confident most American on the lists were alerted in some manner but it was possible some people may have fallen through the cracks. They stressed to date no one on the list has actually been attacked.

“The FBI routinely notifies individuals and organizations of potential threat information. We perform these notifications so potential victims are aware of possible threats and take appropriate steps,” the bureau said. “Those measures may include paying close attention to your surroundings at all times, protecting personally identifiable information, and immediately calling the local authorities if you observe something suspicious. The FBI will continue to work closely with federal, state, and local partners to keep the public informed of potential threats.”…

RELATED ARTICLES:

Ramadan in Baghdad: Muslim murders 12 in jihad attack on mosque

Hizballah top dog: “As long as Iran has money, we will have money”

Islamic State Hackers Publish Names, Addresses of New Jersey Police

A file containing the information on 55 officers was uploaded to an Arabic-language, file-sharing site. It was downloaded 300 times in under 24 hrs.

The Islamic State’s ‘Caliphate Cyber Army’ (CCA) released the names, addresses and cell phone numbers of 55 New Jersey police officers, after hacking into a uniform laundry list.

The officers’ ranks, employee numbers and working locations were disclosed, as well as some home addresses.

A file containing the information on the officers, who all work for the transit police, was uploaded to an Arabic-language, file-sharing site, which showed that in less than 24 hours, the file had been downloaded 300 times.

Announcing the upload on the secure messaging service Telegram, the CCA described the file as “Personal information of the US police stations including Leaders and officers.”

In response, the New Jersey Transit System issued a statement which read, “The NJ Transit Information System was not compromised, however some information was breached from an outside vendor. The New Jersey Transit police are working the Department of Homeland Security and the FBI on this matter.”

The Caliphate Cyber Army is comprised of hackers sympathetic to the Islamic State (ISIS/ISIL) and has mainly been successful in taking down small, unsecure websites and substituting its own propaganda.

However, last November, the “army” hacked into 54,000 Twitter accounts, posting the accounts’ passwords online. The group also posted the cell phone numbers of the CIA, the FBI and the National Security Agency.

The army was able to briefly control a Pentagon Twitter account in January.

RELATED ARTICLES:

Meatpackers and Somali workers (again) disrupt small town life in America

Police Officer Stabbed by 15-Year Old Girl In Islamic State Inspired Palestine-Style Kitchen Knife Attack

Disturbing ISIS Video: We Will Attack America ‘Very Soon’

UK Police Chief : Islamic State Planning ‘Spectacular’ Attack

Meet an ISIS Defector

Hear from Two Kids, 10 & 8, Who Escaped the Clutches of ISIS

Anonymous’ hackers being used by Russian Intelligence?

Jeffrey Roman from Data Breach Today reported on the 2012 cyber attack against the Sheriff of Lake County, Florida computers. Roman wrote, “Hacktivists associated with Anonymous have reportedly released sensitive information from the Lake County Sheriff’s Office in Florida. According to WKMG Local 6, hackers who came from an Internet server in Russia posted 16,000 files online, which include 911 calls, witness and victim statements, names of young crime victims, and names of Central Florida SWAT team members and their personal phone numbers, as well as the SWAT unit’s operating guide, the number of team members and number of snipers.”

“The hacking group LulzKnightz, which associates itself with AntiSec and Anonymous, has claimed responsibility, and took to a Pastebin page to post the data online, which equals 4.7 gigabytes of information,” notes Roman.

In a statement posted to that page, LulzKnightz explained its justification for the attack, saying, “More evidence that the illegitimate justice system protects their own, who get away with rampant corruption and theft, while the police apply unconstitutional profiling and pressure in their efforts to raise their arrest quotas and keep homeland security money rolling in.”

But is this attack about exposing an “illegitimate justice system”, “rampant corruption and theft” or something else?

Russian_Foreign_Intelligence_Agency

Seal of the Russian Foreign Intelligence Service – Служба Внешней Разведки

Who was really behind this attack on a Florida sheriff’s computers and why? The who: The Russian Foreign Intelligence Service – Служба Внешней Разведки. The why: International espionage.

The Lake County Sheriff’s computers were targeted, as are tens of thousands of other law enforcement computers, by a foreign government – Russia. The purpose is to gather intelligence. Russia monitors groups like LulzKnighz, AntiSec and Anonymous. In some cases, Russia embeds its own people into these and other hacker organizations to gather needed intelligence. These groups become a cover for Russian intelligence operations. As one expert in cyber warfare put it, “Some of these hackers may be ignorant of the fact they are being used, but they are not innocent.”

In this particular case the data traveled to an Adidas server in Romania and then to servers in Moscow. Foreign intelligence services monitor hacker groups daily and when they detect a breach, such as what happened in the Lake County Sheriff case, they tag along and take what they really want. Who gets the blame? Not the Russians, of course, but Anonymous who is more than happy to take the credit. The consequences of these attacks have a direct impact on US national security.

The Russians wanted the Joint Terrorism Task Force (JTTF) usernames and passwords  on the Lake County Sheriff’s computers. Why? Because many of the members of the JTTF use the same username and password for their own department computers. This gives Russia access to a variety of federal computer systems like that of the FBI.

Anonymous is being used by Russian intelligence. Some members of Anonymous, and other groups, are actually plants. Others do it as proxies, a.k.a. spies, being paid by the Russians in Bitcoins for their work. Some just do it for the fun of exposing an “illegitimate justice system” and unknowingly are aiding and abetting treason against the United States.

Perhaps Anonymous needs to vett who their members really are? Some of them are part of Russia’s “illegitimate justice system”.

EDITORS NOTE: The feature photo is of members of the ‘Anonymous’ group travel on the London Underground system between Scientology’s Queen Victoria Street and Tottenham Court Road offices. The masks are those of everyman ‘V’ from the film ‘V for Vendetta’. It is courtesy of James Harrison.

RELATED COLUMN: Panicked Shoppers Fight Over Food Amid ‘Snowpocalypse’