H/t reader squodgy:
Someone agrees with me!
I’ve been saying it all along.”
* * *
Remember when North Korea “hackers” breached several firewall layers at Sony, exposing gigabytes of confidential data, only for it to eventually emerge that it was all the work of a disgruntled Sony employee?
Apparently not, because the same plot line is being re-run all over again.
What should we make of the global ransomware attacks which happened today?
We’ve documented that the intelligence services intentionally create digital vulnerabilities, then intentionally leave them open … leaving us exposed and insecure.
Washington’s Blog asked the highest level NSA whistleblower ever* – Bill Binney – what he thinks of the attacks.
Binney told us:
24 hours after it first emerged, it has been called the first global, coordinated ransomware attack using hacking tools developed by the NSA, crippling over a dozen hospitals across the UK, mass transit around Europe, car factories in France and the UK, universities in China, corporations in the US, banks in Russia and countless other mission-critical businesses and infrastructure.
According to experts, “this could be one of the worst-ever recorded attacks of its kind.” The security researcher who tweets and blogs as MalwareTech told The Intercept, “I’ve never seen anything like this with ransomware,” and “the last worm of this degree I can remember is Conficker.” Conficker was a notorious Windows worm first spotted in 2008; it went on to infect over 9 million computers in nearly 200 countries.
The ransomware has been identifed as WannaCry
* * *
Update 4: According to experts tracking and analyzing the worm and its spread, this could be one of the worst-ever recorded attacks of its kind. The security researcher who tweets and blogs as MalwareTech told The Intercept“I’ve never seen anything like this with ransomware,” and “the last worm of this degree I can remember is Conficker.” Conficker was a notorious Windows worm first spotted in 2008; it went on to infect over nine million computers in nearly 200 countries. As The Intercept details,
H/t reader squodgy:
“Now, this is serious, and could be a ruse by Bankster/Deep State to destroy Bitcoin etc, over which they currently have no control.
The banksters have been increasingly frustrated that they are unable to get a proper footing on crypto-currencies, of which Bitcoin is by far the most popular.
Creating a virus aimed specifically to blackmail Bitcoin users is a clever ploy.
They have to shed their anonimity…..”
* * *
Hacking group Shadow Brokers has released a data dump allegedly stolen from the NSA detailing the agency’s ability to hack international banks, including the SWIFT network, via Windows PCs and servers used for global financial transfers.
WikiLeaks’ latest Vault 7 release contains a batch of documents, named ‘Marble’, which detail CIA hacking tactics and how they can misdirect forensic investigators from attributing viruses, trojans and hacking attacks to their agency by inserted code fragments in foreign languages. The tool was in use as recently as 2016. Per the WikiLeaks release:
“The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, — but there are other possibilities, such as hiding fake error messages.”
— WikiLeaks (@wikileaks) March 31, 2017
The latest release is said to potentially allow for ‘thousands‘ of cyber attacks to be attributed to the CIA which were originally blamed on foreign governments.
Following Friday’s accusation by US “intelligence services” that Russia was behind the hacking of US political organizations – which took place just minutes before the first Wikileaks data dump of John Podesta emails – even though the US government did not directly accuse Putin of being the party responsible, today curious journalists demanded more information from White House spokesman Josh Earnest after Monday’s holiday.
What he told them is that, according to Reuters, Barack Obama will consider a variety of responses to Russia’s hacking of political party organizations and it is possible that any action may not be announced publicly, the White House said on Tuesday.
“There are a range of responses that are available to the president and he will consider a response that is proportional,” White House spokesman Josh Earnest told reporters on Air Force One. “It is certainly possible that the president can choose response options that we never announce,” he said.
The infamous Romanian hacker Marcel Lazar, better known by his nickname “Guccifer” and best known for helping expose the existence of the private email domain Hillary Clinton used when she was U.S. secretary of state was sentenced on Thursday to 52 months in prison by a federal court in Alexandria, Virginia. Lazar had pleaded guilty in May to charges including unauthorized access to a protected computer and aggravated identity theft after being extradited from Romania.
In an NBC interview in May, Guccifer claimed that he also gained access to the former Secretary of State’s “completely unsecured” server. “It was like an open orchid on the Internet,” Lazar told NBC News. “There were hundreds of folders.” What is curious is that according to Reuters, law enforcement and national security officials said that claim is meritless. Of course, the question arises: just how diligently did national security officials probe Guccifer’s claim: the reason to be skeptical is that if this allegation was confirmed, then the FBI’s entire case against Clinton would collapse, as it would be proven that her server was indeed hacked, something the FBI said there was no evidence ever happened, and lead to renewed questioning about the impartiality of the FBI’s probe.
The hacker known as “Guccifer 2.0” recently uploaded new material to his website which he claims to have received courtesy of Nancy Pelosi’s PC. The new release includes several internal memos from DCCC staff as well as talking points on various topics.
Among the most interesting of the new disclosures is a memo from Troy Perry with talking points on how candidates and campaign staff should address various topics related to the Black Lives Matter movement. The memo notes that “presidential candidates have struggled to respond to tactics of the Black Lives Matter movement” and refers to the group as a “radical movement to end “anti-black racism.” Perry also warns not to use “trigger” phrases like “all lives matter” or “black on black crime.” The memo goes on to offer the following “Background” and “Tactics” for “best practices” when dealing with Black Lives Matters members:
The files released by a hacker group that claims to have breached the NSA are authentic, whistleblower Edward Snowden has said, explaining the documents’ importance and potential impact on the US elections and relations with allies around the world.
Over the weekend, a mysterious group called Shadow Brokers posted “samples” of files purloined from the Equation Group – widely believed to be a front for the National Security Agency – and said it would sell the rest in exchange for bitcoin. The NSA has yet to comment on the authenticity of the files.
The latest hack revealed over the weekend has nothing to do with the Democratic Party or George Soros, and instead a mysterious hacker group by the name “The Shadow Brokers” claims to have hacked the Equation Group – a government cyberattack hacking group associated with the NSA, and released a bunch of the organization’s hacking tools. The hackers are also asking for 1 million bitcoin (around $568 million) in an auction to release more files.
“Attention government sponsors of cyber warfare and those who profit from it!!!!” the hackers wrote in a manifesto posted on Pastebin, on GitHub, and on a dedicated Tumblr.
The Twitter account of Guccifer 2.0, the hacker who claimed responsibility for leaking a trove of Democratic National Committee documents, was suspended less than 24 hours after dumping fresh sensitive DNC data.On Friday, the hacker wrote a blog post taking credit for a fresh leak from the Democratic Congressional Campaign Committee.
He published an excel spreadsheet containing the mobile phone numbers and email addresses of every Democrat in the House of Representatives, as well as passwords to DCCC files to substantiate his claim.
The hacker, who had actively been using Twitter to publicize his leaks, has since had his account suspended.
WikiLeaks claims that the suspension was related to the publication of the DCCC documents.