A lot of reading there for me to be able to answer intelligently but I see what you're saying - how to walk out of the door with all that data on a Lady Gaga CD :D
On 01/11/15 20:14, intelemetry wrote: > My question here is regarding the covert exfil of the hack. > > Check out somebody like darktrace: https://www.darktrace.com/ > > https://en.wikipedia.org/wiki/Network_Behavior_Anomaly_Detection > > That egress would be a monumental NOC IDS trigger, especially for an > anomaly detection system. Have to imagine the database is big. > Especially if you do anomaly detection on the SIEM collecting things > like DNS, flow, etc. > > Probably a pivot into the Oracle database. The coupling between > PeopleSoft and the backend is weird. > > The question is whether this is everybody because agencies sponsor > clearance and may or may not partition their own records on the backend. > > Something doesn't make sense here. If they can catch the white house > non-classified penetration with low traffic and no exfil the OPM hack > seems like it should have been detected easily. Moreover, there are > automatic kill-chains in a lot of this infrastructure: > > > == begin white house == > http://www.nytimes.com/2015/04/26/us/russian-hackers-read-obamas-unclass > ified-emails-officials-say.html?_r=0 > > http://fortune.com/2015/04/07/russians-hacked-white-house/ > == end white house == > > > http://www.lockheedmartin.com/us/what-we-do/information-technology/cybe > rsecurity/tradecraft/cyber-kill-chain.html > > http://www.darkreading.com/attacks-breaches/deconstructing-the-cyber-ki > ll-chain/a/d-id/1317542 > > I have to imagine they have a switch with inline and span analytics > and IDS/IPS, anomaly detection, and logging from multiple telemetry > sources. Grabbing that data from that network and running remotely > seems like a hefty attack without compromising the actual reporting > devices. Which has been done: > > http://www.phenoelit.org/stuff/CiscoInTheSkyWithDiamonds.pdf > > ^^ virtual networking > > It would be interesting to know how much is virtual networking out > there these days in the government. > > - intelemetry > > oshwm: > > >> On 01/11/15 19:33, intelemetry wrote: >>> It proves peoplesoft is a piece of shit. >>> > >> ha ha, I'm not sure government uses any corps that actually know >> what they're doing :D > >>> oshwm: >>> >>> >>>> On 01/11/15 18:17, intelemetry wrote: >>>>> Where is the OPM link in .7z format? >>>>> >>> >>>> Didn't Barrett Brown end up in Solitary Confinement for giving >>>> out links to data? >>> >>>> As for the real question, my ethical argument still stands:- >>> >>>> Those people in the OPM leak who were using personal resources >>>> to conduct government business got what they deserved >>>> (leaked). >>> >>>> Those who were being honest and kept business dealing to the >>>> appropriate and democratically accountable systems did not >>>> deserve their details to be leaked. >>> >>>> Then there is another group who work to deceive the public and >>>> preserve the state at any cost, those also deserve to be >>>> leaked (NSA, CIA, FBI etc etc). >>> >>>> The hack on OPM also proves another thing that Governments (or >>>> indeed anyone) should not create large databases of personal >>>> information because they become huge and irresistable targets >>>> for crackers. >>> >>> >>>>> - intelemetry >>>>> >>>>> oshwm: >>>>> >>>>> >>>>>> On 01/11/15 03:53, coderman wrote: >>>>>>> http://motherboard.vice.com/read/the-rise-of-political-doxing >>>>>>> >>>>>>> >>>>>>> >>> >>>>>>> > Last week, CIA director John O. Brennan became the latest victim >>>>>>> of what's become a popular way to embarrass and harass >>>>>>> people on the internet. A hacker allegedly broke into his >>>>>>> AOL account and published emails and documents found >>>>>>> inside, many of them personal and sensitive. >>>>>>> >>>>>>> It's called doxing—sometimes doxxing—from the word >>>>>>> "documents." It emerged in the 1990s as a hacker revenge >>>>>>> tactic, and has since been as a tool to harass and >>>>>>> intimidate people on the internet. Someone would threaten >>>>>>> a woman with physical harm, or try to incite others to >>>>>>> harm her, and publish her personal information as a way >>>>>>> of saying "I know a lot about you—like where you live and >>>>>>> work." Victims of doxing talk about the fear that this >>>>>>> tactic instills. It's very effective, by which I mean >>>>>>> that it's horrible. >>>>>>> >>>>>>> Brennan's doxing was slightly different. Here, the >>>>>>> attacker had a more political motive. He wasn't out to >>>>>>> intimidate Brennan; he simply wanted to embarrass him. >>>>>>> His personal papers were dumped indiscriminately, fodder >>>>>>> for an eager press. This doxing was a political act, and >>>>>>> we're seeing this kind of thing more and more. >>>>>>> >>>>>>> Lots of people will have to face the publication of >>>>>>> personal correspondence, documents, and information they >>>>>>> would rather be private >>>>>>> >>>>>>> Last year, the government of North Korea allegedly did >>>>>>> this to Sony. Hackers the FBI believes were working for >>>>>>> North Korea broke into the company's networks, stole a >>>>>>> huge amount of corporate data, and published it. This >>>>>>> included unreleased movies, financial information, >>>>>>> company plans, and personal emails. The reputational >>>>>>> damage to the company was enormous; the company estimated >>>>>>> the cost at $41 million. >>>>>>> >>>>>>> In July, hackers stole and published sensitive documents >>>>>>> from the cyberweapons arms manufacturer Hacking Team. >>>>>>> That same month, different hackers did the same thing to >>>>>>> the infidelity website Ashley Madison. In 2014, hackers >>>>>>> broke into the iCloud accounts of over 100 celebrities >>>>>>> and published personal photographs, most containing some >>>>>>> nudity. In 2013, Edward Snowden doxed the NSA. >>>>>>> >>>>>>> These aren't the first instances of politically >>>>>>> motivated doxing, but there's a clear trend. As people >>>>>>> realize what an effective attack this can be, and how an >>>>>>> individual can use the tactic to do considerable damage >>>>>>> to powerful people and institutions, we're going to see a >>>>>>> lot more of it. >>>>>>> >>>>>>> On the internet, attack is easier than defense. We're >>>>>>> living in a world where a sufficiently skilled and >>>>>>> motivated attacker will circumvent network security. Even >>>>>>> worse, most internet security assumes it needs to defend >>>>>>> against an opportunistic attacker who will attack the >>>>>>> weakest network in order to get—for example—a pile of >>>>>>> credit card numbers. The notion of a targeted attacker, >>>>>>> who wants Sony or Ashley Madison or John Brennan because >>>>>>> of what they stand for, is still new. And it's even >>>>>>> harder to defend against. >>>>>>> >>>>>>> What this means is that we're going to see more >>>>>>> political doxing in the future, against both people and >>>>>>> institutions. It's going to be a factor in elections. >>>>>>> It's going to be a factor in anti-corporate activism. >>>>>>> More people will find their personal information exposed >>>>>>> to the world: politicians, corporate executives, >>>>>>> celebrities, divisive and outspoken individuals. >>>>>>> >>>>>>> Of course they won't all be doxed, but some of them >>>>>>> will. Some of them will be doxed directly, like Brennan. >>>>>>> Some of them will be inadvertent victims of a doxing >>>>>>> attack aimed at a company where their information is >>>>>>> stored, like those celebrities with iPhone accounts and >>>>>>> every customer of Ashley Madison. Regardless of the >>>>>>> method, lots of people will have to face the publication >>>>>>> of personal correspondence, documents, and information >>>>>>> they would rather be private. >>>>>>> >>>>>>> In the end, doxing is a tactic that the powerless can >>>>>>> effectively use against the powerful. It can be used for >>>>>>> whistleblowing. It can be used as a vehicle for social >>>>>>> change. And it can be used to embarrass, harass, and >>>>>>> intimidate. Its popularity will rise and fall on this >>>>>>> effectiveness, especially in a world where prosecuting >>>>>>> the doxers is so difficult. >>>>>>> >>>>>>> There's no good solution for this right now. We all have >>>>>>> the right to privacy, and we should be free from doxing. >>>>>>> But we're not, and those of us who are in the public eye >>>>>>> have no choice but to rethink our online data shadows. >>>>>>> >>>>> >>>>>> Political figures in most countries have been using their >>>>>> personal email accounts to conduct business 'under the >>>>>> radar' in order to avoid information being subject to >>>>>> oversight, most probably because its illegal, >>>>>> unconstitutional or at the very least not good for the >>>>>> image of governments. >>>>> >>>>>> When they started to do this, they threw the book on ethics >>>>>> in the bin and opened themselves up to any abuse of their >>>>>> personal life that may happen. >>>>> >>>>>> If people in power act properly in their professional >>>>>> dealings then their is an argument against d0xing their >>>>>> personal information but once they start to try to hide >>>>>> information then it's open season on every aspect of their >>>>>> life. >>>>> >>>>> >>>>> >>> >>> > >
signature.asc
Description: OpenPGP digital signature
