TwitterFacebook

Report: NSA Breached North Korean Networks Before Sony Attack

Not a fairy tale
Technology • Views: 26,091

Apparently the FBI and President Obama actually did have good reason to implicate North Korea in the Sony hack. Imagine that: N.S.A. Breached North Korean Networks Before Sony Attack, Officials Say.

WASHINGTON — The trail that led American officials to blame North Korea for the destructive cyberattack on Sony Pictures Entertainment in November winds back to 2010, when the National Security Agency scrambled to break into the computer systems of a country considered one of the most impenetrable targets on earth.

Spurred by growing concern about North Korea’s maturing capabilities, the American spy agency drilled into the Chinese networks that connect North Korea to the outside world, picked through connections in Malaysia favored by North Korean hackers and penetrated directly into the North with the help of South Korea and other American allies, according to former United States and foreign officials, computer experts later briefed on the operations and a newly disclosed N.S.A. document.

A classified security agency program expanded into an ambitious effort, officials said, to place malware that could track the internal workings of many of the computers and networks used by the North’s hackers, a force that South Korea’s military recently said numbers roughly 6,000 people. Most are commanded by the country’s main intelligence service, called the Reconnaissance General Bureau, and Bureau 121, its secretive hacking unit, with a large outpost in China.

The evidence gathered by the “early warning radar” of software painstakingly hidden to monitor North Korea’s activities proved critical in persuading President Obama to accuse the government of Kim Jong-un of ordering the Sony attack, according to the officials and experts, who spoke on the condition of anonymity about the classified N.S.A. operation.

Video: President Obama Announces New Steps to Create Affordable High-Speed Broadband

Treating the Internet like a public utility
Technology • Views: 22,980

YouTube

The state of Internet broadband access in the US is a national disgrace, and the big providers have very little incentive to change it because they have de facto monopolies and are able to charge exorbitant prices for sub-par service. It’s good to see the President working on solutions to this very important problem. Treating the Internet as a locally-owned public utility is a great place to start.

President Obama speaks on the need for affordable high-speed broadband for all Americans, and how certain small cities and towns are taking steps to lay a foundation for broadband access that rivals the most connected cites in the world.

UPDATE at 1/14/15 6:06:24 pm by Charles Johnson

Here’s a related audio segment from NPR’s All Things Considered:

MP3 Audio

CENTCOM Social Media Accounts Hacked by Apparent ISIS Supporters

Embarrassing
Technology • Views: 24,903

A major embarrassment for the Pentagon today, as apparent ISIS supporters took over the YouTube and Twitter accounts of CENTCOM.

A group describing themselves as the “CyberCaliphate” apparently gained control of the official Twitter and YouTube pages of U.S. Central Command (CENTCOM) on Monday and began posting messages supportive of the jihadist group Islamic State (also known as ISIS).

The hack occurred at the same time as President Barack Obama was giving a speech on cybersecurity at the offices of the Federal Trade Commission in Washington, D.C.

On Twitter, the group posted a message that declared “Pentagon networks hacked” where they indicated they broke into military “networks and personal devices.” In the message the “CyberCaliphate” identified themselves as being “under the auspices of ISIS.” They also included links to what they described as leaked military files. They then began posting screenshots they described as “China scenarios.”

The @CENTCOM accounts on Twitter and YouTube are now suspended.

UPDATE at 1/12/15 2:09:47 pm by Charles Johnson

NPR: FBI Offers New Evidence Connecting North Korea to Sony Hack

Proxy fail
Technology • Views: 23,470

MP3 Audio

NPR’s All Things Considered has a report on the Sony hack, and the FBI’s new evidence that North Korea was responsible for the cyber attack. According to FBI director James Comey, the attackers screwed up and occasionally used IP addresses to send email that were “exclusively used by the North Koreans.”

North Korea’s Internet Access Is “Toast”

Denial of service
Technology • Views: 31,610
Image via Shutterstock

Even if the US had something to do with this, the government would probably never admit it, but I think it’s doubtful. North Korea’s network is very small by world standards, and it wouldn’t require a nation state to take it offline with a simple brute force DDoS attack; it seems more like something Anonymous would do: Attack Is Suspected as North Korean Internet Collapses.

Doug Madory, the director of Internet analysis at Dyn Research, an Internet performance management company, said that North Korean Internet access first became unstable late Friday. The situation worsened over the weekend, and by Monday, North Korea’s Internet was completely offline.

“Their networks are under duress,” Mr. Madory said. “This is consistent with a DDoS attack on their routers,” he said, referring to a distributed denial of service attack, in which attackers flood a network with traffic until it collapses under the load.

North Korea does very little commercial or government business over the Internet. The country officially has 1,024 Internet protocol addresses, though the actual number may be somewhat higher. By comparison, the United States has billions of addresses.

[…]

CloudFlare, an Internet company based in San Francisco, confirmed Monday that North Korea’s Internet access was “toast.” A large number of connections had been withdrawn, “showing that the North Korean network has gone away,” Matthew Prince, CloudFlare’s founder, wrote in an email.

Although the failure might have been caused by maintenance problems, Mr. Madory and others said that such problems most likely would not have caused such a prolonged, widespread loss.

Watch: President Obama Learns to Code

As Angry Birds plays in the background
Technology • Views: 28,743

YouTube

On December 8, 2014, President Obama met with students participating in an “Hour of Code” event at the White House, which is really cool and all that, but somebody in the room is playing Angry Birds and the sound effects are louder than the people’s voices, and I have to admit I cracked up every time the birds won a round.

About Former CBS News Reporter Sharyl Attkisson’s Ridiculous “Hacking” Video

Oh please
Technology • Views: 30,973

YouTube

There are so many deranged stories coming out of the right wing these days that it’s hard to keep up; so I just caught up on the latest ridiculous allegations by former CBS News reporter Sharyl Attkisson.

Attkisson released a video that she says shows her computer being “hacked” by super-secret government agents, trying to stop her courageous reporting on Benghazi. There’s her video, up above.

Attkisson’s claims are utterly ludicrous, folks. If some unknown entities actually had access to this computer, they’d simply wipe her files — not simulate the Delete key right in front of her eyes while she was working. In fact, this is such a brain-dead claim that I’m amazed anyone actually takes it seriously.

What’s probably happening in this video is a stuck Delete key. Maybe she was eating too many potato chips and crumbs got lodged in her keyboard. Or maybe there’s some kind of software conflict. Or maybe she outright faked this video; it wouldn’t be difficult. But this is not how “hacking” works.

Related
Also see

Apple Releases Statement on Celebrity Hacking: iCloud Was Not Breached

“A very targeted attack on user names, passwords and security questions”
Technology • Views: 30,866

Here’s the statement just released by Apple on the theft of celebrities’ photos from their iCloud accounts.

Apple Media Advisory

Update to Celebrity Photo Investigation

We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. Our customers’ privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud(r) or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.

To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification. Both of these are addressed on our website at support.apple.com.

Is the XKeyScore Code Released in Germany Faked?

Expert analysis uncovers serious misrepresentations and possible fakery
Technology • Views: 26,317

Following up on our post about the wildly exaggerated claims made about the purported XKeyScore source code released in Germany this week by hacker Jacob Applebaum, here’s a very interesting post by cybersecurity expert Robert Graham with evidence that the code may have been at least partly faked: Errata Security: Validating XKeyScore Code.

The burning questions about the XKeyScore “source code” is whether it’s real, and whether it come from Snowden. The Grugq (@thegrugq) has some smart insight into this, and I have my own expertise with deep-packet-inspection code. I thought I’d write up our expert analysis to the questions.

TL;DR: we believe the code partly fake and that it came from the Snowden treasure trove.

A slightly longer summary is:

  1. The signatures are old (2011 to 2012), so it fits within the Snowden timeframe, and is unlikely to be a recent leak.
  2. The code is weird, as if they are snippets combined from training manuals rather than operational code. That would mean it is "fake".
  3. The story makes claims about the source that are verifiably false, leading us to believe that they may have falsified the origin of this source code.
  4. The code is so domain specific that it probably is, in some fashion, related to real XKeyScore code - if fake, it's not completely so.

Here’s a point that jumped out at me immediately upon looking at the code: all over the Internet, people are claiming that the code identifies linuxjournal.com as an “exremist forum” — but that’s simply false. As I tweeted two days ago:

Graham’s post agrees with this evaluation:

Another misrepresentation in the story is that the source calls the Linux Journal an extremist forum. That’s not true.

A comment does say that TAILS is “a comsec mechanism advocated by extremists on extremist forums”. This is true, as the picture (from the Grugq) demonstrates on the right: it’s a picture from an ISIS/jihad forum advocating the use of TAILS. But nowhere does it claim that the Linux Journal is one of those extremists — that’s something willfully made up by the authors of the story.

That the story already misrepresents the meaning of this source code hints that it may already be misrepresenting the provenance.

Exactly. Something smells very fishy here. Read the whole thing. And for those interested in the highly technical details, here’s Graham’s post going through the code line by line.

This Is Bad: Heartbleed Attack Targets VPN Service

Bad craziness
Technology • Views: 17,357
Image via snoopsmaus

Most of the coverage of the Heartbleed bug has focused on the security problems for websites, but there’s another avenue of attack now being exploited by hackers: the Virtual Private Network (VPN) systems used by many large and small businesses.

Security firm Mandiant reports that it is has observed a Heartbleed attack occurring “in the wild.” The attack targeted a Virtual Private Network service at an unnamed organization, gaining access to its internal corporate network — and it shows that hackers are finding the parts of the internet are least likely to have been updated to protect against Heartbleed.

The attack worked like this. When a user logs into a VPN service, it issues a “session token,” a temporary credential that is supposed to prove that a user has already been authenticated. By stealing the authentication token from the server’s memory, the attacker can impersonate the legitimate user and hijack her connection to the server, gaining access to the organization’s internal network.

This disastrous security hole in OpenSSL may have more effect on these kinds of semi-closed systems than on easily upgraded web servers, because the people who use VPNs and other types of networking applications and devices may not even realize they’re relying on the buggy versions of OpenSSL, and it may be difficult (or even impossible in some cases) to update the software.

But web servers are still a big problem as well; the Washington Post’s Brian Fung points out that we may be seeing some large scale disruptions of the Internet in the not too distant future: Heartbleed Is About to Get Worse, and It Will Slow the Internet to a Crawl.

Estimates of the severity of the bug’s damage have mounted almost daily since researchers announced the discovery of Heartbleed last week. What initially seemed like an inconvenient matter of changing passwords for protection now appears much more serious. New revelations suggest that skilled hackers can use the bug to create fake Web sites that mimic legitimate ones to trick consumers into handing over valuable personal information.

The sheer scale of the work required to fix this aspect of the bug — which makes it possible to steal the “security certificates” that verify that a Web site is authentic — could overwhelm the systems designed to keep the Internet trustworthy.

“Imagine if we found out all at once that all the doors everybody uses are all vulnerable — they can all get broken into,” said Jason Healey, a cybersecurity scholar at the Washington-based Atlantic Council. “The kinds of bad things it enables is largely limited only by the imagination of the bad guys.”

UPDATE at 4/18/14 6:22:46 pm

Please note! We got out in front of the rush to revoke/reissue our SSL certificates right away, the day the bug was announced, so Little Green Footballs is not vulnerable to the problem described in the Washington Post article.

^ back to top ^

TwitterFacebook

Turn off all ads for a full year by subscribing!
Take advantage of our New Year subscription special, and save 25% off the normal subscription price! For a limited time, one-year ad-free subscriptions are just $59.95. Turn off all ads for a full year by subscribing now and save!
Read more...

► LGF Headlines

  • Loading...

► Tweeted Articles

  • Loading...

► Tweeted Pages

  • Loading...

► Top 10 Comments

  • Loading...

► Bottom Comments

  • Loading...

► Recent Comments

  • Loading...

► Tools/Info

► Tag Cloud

► Contact

You must have Javascript enabled to use the contact form.
Your email:

Subject:

Message:


Messages may be published unless you request otherwise.
Tech Note:
Using the Contact Form
LGF Pages

This button leads to the main index of LGF Pages, our user-submitted articles. You can post your own LGF Pages simply by registering a free account with us.

Create a Page

This is the LGF Pages posting bookmarklet. To use it, drag this button to your browser's bookmark bar, and title it 'LGF Pages' (or whatever you like). Then browse to a site you want to post, select some text on the page to use for a quote, click the bookmarklet, and the Pages posting window will appear with the title, text, and any embedded video or audio files already filled in, ready to go.

Or... you can just click this button to open the Pages posting window right away.

Last updated: 2014-12-15 2:06 pm PST

LGF User's Guide
Recent Pages
SteveMcGaziBolaGate
Sign this petition
Please click on this link and sign the petition if you think this might help:wh.gov we petition the obama administration to:appoint the First Lady to lead the effort to increase vaccination rates for children to 100%. In light of the ...

4 hours, 8 minutes ago
Views: 36 • Comments: 0
Tweets: 0 • Rating: 0
Souliren
Frank Sanatra and Sammy Davis Jr.
More: This is Great Art.Disclaimer: it's an a few still photos of Sinatra and Sammy Davis with an audio track singing Me and my Shadow. Ignore the video. Close your eyes. Everone who participated in this has been a part ...

7 hours, 15 minutes ago
Views: 56 • Comments: 0
Tweets: 0 • Rating: 1
Thanos
State Officials Examine N.Y. School District Run by Orthodox Jews
For years, a New York community's public school system has been drained of resources by school board members who are more interested in assisting sectarian institutions than in improving public education. But thanks to complaints from angry residents, the ...

9 hours, 45 minutes ago
Views: 246 • Comments: 0
Tweets: 39 • Rating: 0
Rightwingconspirator
Tighten the Rules on E-Cigarettes? Is This Good Oversight?
The state report is not, however, an objective assessment. It obviously includes only the most damaging information about e-cigarettes. For example, some other studies have found potentially encouraging signs that vaping might help some smokers quit. In other words, ...

1 day, 13 hours ago
Views: 252 • Comments: 3
Tweets: 0 • Rating: 5
FemNaziBitch
Mississippi Wouldn’t Allow This Teacher to Show Kids How to Use a Condom. His Simple Solution Is Brilliant.
More: Mississippi Wouldn't Allow This Teacher to Show Kids How to Use a Condom. His Simple Solution Is Brilliant.

1 day, 21 hours ago
Views: 200 • Comments: 1
Tweets: 0 • Rating: 1
Khal Wimpo
Chuck C. Johnson boosting Twitter via fake followers
...in related news, water found to be wet. It's become common for politicians and companies looking to puff up their social profiles to "buy" followers from shady-ass sploggers. Which works when you're starting up, but after you start to get ...

3 days, 5 hours ago
Views: 731 • Comments: 2
Tweets: 149 • Rating: 6
aagcobb
The Average American Household Was Poorer in 2013 Than It Was in 1983 - Vox
Matthew Yglesias, Vox: The Average American Household Was Poorer in 2013 Than It Was in 1983 - Vox US net worth rose considerably over that period, which is what you would expect to see. Technology has improved and productivity increased, ...

3 days, 6 hours ago
Views: 268 • Comments: 0
Tweets: 0 • Rating: 4
Lumberhead
Scott Walker’s Divisive Message
If any candidate could run a rigid campaign of polarization--aimed at winning as many white voters as possible--it's Walker. His language is already there. In his Iowa speech, he touted voter-identification laws and portrayed disadvantage as a pure product ...

3 days, 6 hours ago
Views: 420 • Comments: 1
Tweets: 5 • Rating: 4
Rocky-in-Connecticut
Republican Governor’s State-Run Media Outlet
I guess Republicans are against state-run enterprises except when they are for it. Indiana Governor (R) to start up State-Run official mouthpiece news outlet.indystar.com Hey- If a nice guy Republican/Tea Party favorite like Putin can have his own state-run mouthpiece, ...

3 days, 12 hours ago
Views: 293 • Comments: 1
Tweets: 0 • Rating: 4
Skip Intro
Republican Net Neutrality Bill Would Gut FCC’s Authority Over Broadband
The party of pure evil strikes again. Net neutrality legislation unveiled by Republicans today would gut the ability of the Federal Communications Commission to regulate the broadband industry. As expected, the bill forbids the FCC from reclassifying broadband as a ...

1 week, 5 days ago
Views: 702 • Comments: 2
Tweets: 2 • Rating: 6
 Frank says:

Ladies and gentleman, watch Ruth. All through the show, Ruth has been thinking...Ruth has been thinking? ALL THROUGH THE SHOW??? -- 17 November 1974, Philadelphia