Monday, July 30, 2018

The coming false flag cyber attack: When they say "Blame Iran," blame Russia

Before we talk about the coming cyber attack, let us smile at the latest amusement offered by the wittiest of administrations.

Wow! THAT was fast. Donald Trump, yesterday:
There is No Collusion! The Robert Mueller Rigged Witch Hunt, headed now by 17 (increased from 13, including an Obama White House lawyer) Angry Democrats, was started by a fraudulent Dossier, paid for by Crooked Hillary and the DNC. Therefore, the Witch Hunt is an illegal Scam!
He packed a lot of lies into one small tweet, and I can expose all of 'em if anyone out there is interested. The most important part of this message is the first sentence: "There is No Collusion!" Wow. That ungrammatical capital N means it must be true. Right?

Except:
The most notable portion of the interviews was when Giuliani rekindled the idea that collusion isn't even a crime.
He added on Fox: “I have been sitting here looking in the federal code trying to find collusion as a crime. Collusion is not a crime.”
What a difference a day makes. Even Orwell's Big Brother wasn't audacious enough to switch the Eurasia/Eastasia/Oceania alliance overnight.

And now, on to our main topic...

The grid.
We've heard a lot of talk recently about a strike on the US power grid. Take, for example, the following comment, which was inspired by the preceding Cannonfire post on Russia's mysterious hurry to dump US securities...
Whether Trump skates or goes down in flames, both guarantee further chaos, both work to Putin's advantage. The NY Times reports that Russian hackers seem to have shifted their focus from the upcoming elections to the US power grid. Much of the public will lose faith in Trump as more and more info is unveiled regarding The Russia Conspiracy. And Trump will become even more deranged.

If the power grid goes down on election day three months from now, the US will be plunged into strife and utter dysfunction... all while devoid of leadership, and during a time of political polarization not seen since the civil war. We'd never recover. The value of US treasuries could conceivably be affected by such a thing.
Although this scenario is hyperbolic (even by my standards), it's easy to see how a cyber attack launched at just the right moment could turn a "blue wave" red. But there's an aspect to this scenario that everyone has missed.

This story made a big splash ten days ago...
Iranian hackers have laid the groundwork to carry out extensive cyberattacks on U.S. and European infrastructure and on private companies, and the U.S. is warning allies, hardening its defenses and weighing a counterattack, say multiple senior U.S. officials.

Despite Iran having positioned cyber weapons to carry out attacks, there is no suggestion an offensive operation is imminent, according to the officials, who requested anonymity in order to speak.
Did you catch that last bit? Anonymous sources are psychologically prepping us to blame Iran if the juice goes down. Actually, it's more likely that our banking and transpo systems would be hit, or so I've read.

Iran has zero motive to initiate such an attack. How could they possibly benefit? Any attack on the US would be used to justify war on Iran -- a war that Trump-supporting neocons like Michael Ledeen have long demanded.

A sudden 9/11 event could also keep the Republicans in total power for years -- perhaps many years -- to come. The coming attack would differ from 9/11 in one key respect: Conspiracy Inc. would not cry "false flag," since Alex Jones -- the de facto leader of Conspiracy Inc. -- is on Team Trump.

(Conspiracy Inc. has far greater impact on popular opinion than educated folk will admit. Many American citizens consider themselves hip when they let AJ tell them what to think.)

Is a false flag operation technically possible? Could the Russians hit us while making it look as though the Iranians hit us?

Oh yes. Hell yes. In fact, the way has been prepared. Check out this analysis.
Vikram Thakur, senior manager on Symantec's security response team, says Olympic Destroyer scratched the surface for cloak-and-dagger attacks. "We think the future is going to get even more complicated with actors relying more and more on false flags, in some cases, throwing another group [under] the bus from an attribution standpoint."

"To say the waters are muddied would be such an understatement," he says. Not only are some nations teaming up outside of cyber, but others are happy to pilfer from one another's cyber domains as well: "We're aware of groups happy to steal others' information and sit on their command and control server. We're aware of false flag operations."
Here's an important wrinkle...
Kellermann says he believes Russia is providing North Korea and Iran with the technologies and tactics to advance their attacks. It may not be direct coordination, but there's some element of technology transfer from Russia to those nations, he maintains.
You don't hear about that from the right-wing Putin apologists, do you?

Here's Wired
on Russian false flag cyber attacks. Looks like they've been practicing.
Over the past weekend, The Washington Post reported that US intelligence agencies have concluded that Russian hackers not only attempted to disrupt the Winter Olympics in Pyeongchang, but sought to frame North Korea for that attack. That leaked confirmation of Russia's involvement in the operation, which planted destructive malware known as Olympic Destroyer on the network of the games' organizers, follows a week of speculation from the cybersecurity research community about attribution. While Russia had been the leading suspect for the Pyeongchang attack, cybersecurity firms had also seen Chinese or North Korean hackers as candidates.

Those attempts at misdirection, researchers warn, are a sign that the Kremlin's hackers have advanced their impersonation techniques beyond flimsy masks, to planting relatively convincing fake fingerprints from other countries' hacking teams.
Their code contained Chinese red herrings, too: Security firm Intezer also spotted that Olympic Destroyer shared nearly 20 percent of its code with a tool used by Chinese hacking group APT3—though possibly due to both pieces of malware integrating Mimikatz—as well sharing a far more unique function for generating encryption keys with another Chinese hacking group known as APT10.

"Attribution is hard. Rarely do analysts reach the level of evidence that would lead to a conviction in a courtroom," the Talos post reads. "Many were quick to jump to conclusions, and to attribute Olympic Destroyer to specific groups. However, the basis for such accusations are frequently weak. Now that we are potentially seeing malware authors placing multiple false flags, attribution based off malware samples alone has become even more difficult."
The Russians would not be developing this capability unless they planned to use it. Practice sessions indicate a plan, a goal. We are the ultimate target.

If we are hit -- when we are hit -- do not expect even well-meaning cyber experts to be able to determine the true authorship of the crime.

Perhaps your best indicator of Russian authorship is the fact that they have dumped US. Treasuries. Foreknowledge indicates guilt.

A final note: Remember, Russia is simply the leading state actor in an international fascist movement. Many modern fascists have developed extraordinary hacking skills, and some have wormed their way into positions where they can do much mischief. An attack from without will have aid from an enemy within.

1 comment:

joseph said...

It seems to me that an American war on Iran is Putin's wet dream. The price of oil would skyrocket and that might solve some Russian economic problems.