Tuesday, December 30, 2014
According to “cyber-forensic” eavesdropping, the “cyber-bullying” attack that targeted SONY and made public right before Christmas was not really initiated by North Korea looking to trespass! It is estimated that this rouge attack may cost SONY upwards a $Billion$ dollars when it is all said and done, from movie revenue loses to employee law suits – so to date the costliest attack on record and ushers in an entirely redefined “WAR” favoring the hi-tech drama stage. From independent analysis so far including my own, it just appeared to be orchestrated from the North Korean dysentery dynasty, but was instead a successfully planned “cyber-hook” maneuver and in reality the perpetrator doing the ultimate damage was “baited”. Like “Fool’s Gold”, thinking you hit it rich when…well foolish! Herein, the perpetrator is the individual or organization that intercepted the “Red Flag of Vulnerability” then entered into the SONY domain and commenced to wreak havoc, thinking it was actually attacking the Hung Phung Phooey infrastructure through a compromised cyber-network. To find the opportunity to sneak into North Korea’s industrial infrastructure and embed malicious destructive codes - a.k.a. malware, virus or Trojan - it could have paid out a handsome ransom – as that is what this “cyber-bullying” is all about, making money. See, this particular “cyber-bullying” was a “bait” attempt, wherein North Korea's network services allowed a World-Wide-Web “broadcast” of what appeared to be a security breach within its own information network - with links to industrial and government computers on the NK network that held critical financial information and possibly secret military data. SPY verses SPY today is performed from the comfort of an office environment, coffee shops and strip joints, with computers linked to open networks that allow for skipping and hopping all over the globe in search of the good and the bad. Data sent over the network has a DNA of sorts, and that “packet script” can be dis-ciphered and thus manipulated for that “good & bad” aspect. Modern day espionage “code” can do all kinds of nasty things once secretly embedded, like turning on a victimized desk top computer’s built in microphone, to record meetings, take screen shots of “Power Point” presentations, you name it and it can be accomplished remotely and unknowingly to those so affected. And when successful in infiltrating another's network, stolen data is streamed to many locations, depositories set-up to offer capture and then that data can be held hostage for ransom or outright destructive attempts. Ever wonder how many credit card or Social Security numbers have already been stolen through “cyber-spying”? You may not want to know, but some expert estimates place it at 25% with respect to how many Americans have at one time or another been “hacked” for personal data. We always hear of “Hackers”, but this is not limited to some punks hoping to prove something, as “Hacking” or “Cyber-Bullying” has become a necessity it appears, so it employs many professionals as it has become the ultimate “SPY verses SPY”. The “Stuxnet” was the famed eavesdropping virus designed by the United States and Israel that caused destruction upon Iran’s nuclear bomb making attempts and ushered in a whole new era in “cyber-bullying”. But when that virus got out of control, it also destroyed a giant blast furnace in Germany! Many industrial destructive attempts have been kept somewhat silent, as it can sour a company’s stock value. Right now as we speak, what is going on in your office could be listened in on. What you type, same thing, recorded. Basically speaking, just because you are surrounded by four walls and went through security this morning, well security today is but a façade with respect to computers and a network's vulnerability – maybe that cop keeps the disgruntled employees away, that’s about it! But the race for software that protects the computer from home to office against this modern day espionage affecting everyone, it is running on empty most of the time! We will live with “cyber-bullying” forever. Why? There is money to be made! A single attack like occurred at “SONY” becomes a money maker’s mark. Remember, its “WAR”! Just like we witnessed in the Iraq and Afghanistan conflicts, the longer such can be protracted, the more money is made for the defense contractors. Same thing is happening today, finding a weakness and allowing it it to be exploited then to the rescue – at a cost! How much do you think SONY will dish out now for network security? Best sell that stock, as when it buckled under pressure from this attack to release the “Interview” movie that seemed to be the catalyst of the “cyber-attack”, well it lost a whole lot of money! There exists today questionable legitimacy to spying and rogue like eavesdropping going on all the time across the web, it has become a big game to see what and how deep a “private” system may be infiltrated through such weaknesses, or back doors left open. Basically, there exists hardly any “privacy” when a business out of necessity must have an outside network connection - in this day and age to do without a link it's almost impossible to find bsuiness success. If something is linked, it can be hacked. Think of what it does to somebody working on a new patent, if eavesdropping is going on in the background? Or if testing a new this or that widget – why not spy? And when a destructive need exists, initiate that “code” that was embedded years ago. See, many experts believe that destructive code initiated by the “Stuxnet” has infiltrated a large percentage of the industrial infrastructure world-wide, just waiting for the call to come out of hibernation. In fact, this destructive virus is so stealth like that at times it is impossible to find at a glance, wherein some of the experts tell clients “buy a new computer”! At one test lab in Russia that actually infected an industrial computer with the “Stuxnet” for research purposes, it has spent over 3-years trying to find all the bits and pieces associated with embedding it in the hard drive! Said again, experts designed these “bombs”. And it could be a coded time-bomb, just waiting for a trigger point. And if so embedded already, it isn’t easy to detect as it takes years to decipher the code once it is found in efforts to learn what it can do when unleashed. In fact, one particular eavesdropping method utilizes “Big Bad Wolfgang”, a series of commands that tries to “blow the house down”, as a means to enter restricted areas. Some nations, like Russia and US, have produced some very powerful “codus operandi” for both destructive and information collecting interests and unfortunately due lack of security that “code” is available on the web – which means it can be duplicated and morphed into performing all kinds of illegal activity. Look, you could piss someone off and then find your house or office PC downloaded with “child pornography” then a knock at the door – guilty! So if there exists a breach, either through a planned infiltration or from stupidity, the attacks progress. Now with the SONY attack, once the eavesdropping spies realized this “weakness” and celebrated a bonanza, that is when the infiltration into this vulnerability commenced. Said again, it was “Fool’s Gold” as there came a “cross-pollination-algorithm” embedded into the command center servers that were used by North Korea - called “mirrored bits” that acts as a mirage - that re-directed that vulnerability to “SONY” and possibly other industrial and financial computers in the United States. What happened to “SONY” was a wake-up call from a “cyber-bully” and has become a wake-up call for all, as it has now morphed itself into a business opportunity. Hackers live for the thrill, to exploit. It is not complicated, I can easily use this “cross-pollination” routine to spy on my neighbor! That is wherein the money to be made exists, by “cyber-bullying” police. With respect to the “SONY” attack, the “CPA” – Cross-Pollination-Algorithm – was so stealth like, when the infiltrators were successful in gaining access created by the “Red Flag Vulnerability” they thought it was North Korea’s network that had been penetrated when all the time the “hook” was directed at “SONY” and concealing the true identity. Thus the reason it is called “Captain Hook”, as all the time critical data was being collected and sent to the hackers depositories then erased off the “SONY” data base, all the time it appeared to be an attack on the North Korean infrastructure. Said again, with the “hook” in effect poor old “SONY” was mirrored into looking like North Korea. So who done it? Probably some kid came up with the steering code, the mirroring effect and that opened “Pandora’s” box when it fooled the “$multi-million$ dollar eavesdropping police – nations spying on other nations and taking advantage of such “vulnerabilities”. Yes, it could have been us or them infiltrating what was believed to be a North Korean vulnerability when all the time it was the “SONY” network under attack - yes kind of like shooting yourself in the foot. This is why the FBI remains pretty aloof in providing information it has collected upon this “cyber-attack”. See, today’s “cyber-bullying” doesn’t leave a single blood stained hands' trail, but many trails as a confusing element of surprise. So, this could be an entirely new hassle, this “hooking”. If somebody can re-direct data away from intended receivers – with a “Fool’s Gold” baiting attempt – it basically makes espionage...well if you don’t know who you are attacking, what good is it? So now when a “cyber-spy” enters another’s domain, you have to make sure you are at the right address! As industrial and administrative networks become more and more complicated, there is also room for human error and costly mistakes. It is not always the “hackers” that are trying to raise havoc on our privacy, but they are eavesdropping and looking for that opportunity. I witnessed a “cyber-attack” at a major military installation a few years ago. The private contractor under contract with the ARMY had spent over a $million$ on securing a network, a dedicated network for the industrial side of the “mission critical” operation and a completely separate network for the administrative side of things – like for phones and company e-mailing. Now the system was safe and secure due separation of the two networks and equipped with “sniffer” technology to “sniff” out illegal equipment hooked up to the network, say like a personal PC used by an employee. Now this “sniffer” technology is good but has its limitations, and with the administrative network - even though equipped with a firewall for protection - by using that network for phone traffic with outside access, it made that network vulnerable to hacking. All was secure until a maintenance worker hooked a laptop into both networks in a shop area, as he was working on an industrial component problem at the same time he was trying to update his personal data in the company data base, as he had just become a new father and needed to re-enter some medical data. So with that said, being a company laptop computer that didn't alert the “sniffer” and now engaged in communicating on both the industrial and administrative networks, the “cross-pollination” allowed a link to the outside. So when this was going on, with a laptop that was “hardened”, well with two cables at $2.50 a whack cross-connecting the networks, the outsiders were now looking in and a virus was unleashed into the industrial network - the perpetrator most likely a disgruntled IT technician that once worked at the plant and knew where the target was and commenced to cause damage that could have reached into the $billions$ but was in the last minutes before doom rescued. So “Who to Blame” has taken on an entirely different face, as today we have no idea. This is why the FBI is so quiet on the SONY “cyber-bullying” attempt as well as many other past breaches as we have no idea who did it, what else was affected and in time we may see what the ultimate damage goal “mission accomplished” amounts to. Bottom-line with the “SONY” attack, most likely it was the Israelites or a contractor acting on that nation's behalf as a “cyber-police” that went baited by the North Korean broadcast of a “vulnerability”, took that bait and commenced to do what it gets paid for, data collecting followed by sabotage - but with the “hook” designed by some kid board with snow-ball fights and stuck in his room with a $200 laptop and a connection to the outside world – that's how it goes! The reason we call it a virus...as it starts with a mind of destruction and carried over into reality, and we thought “classroom” bullying was a problem!
Posted by Green Mountain Boy at 8:22 AM