Which reminds me - I had a post on Shamoon scheduled up and I might as well dump it here.
I've read some of the analysis of it, and I think the story is a bit more interesting (depending on your perspective) than the one people appear to be writing about in theNew York Times <http://www.nytimes.com/2012/08/27/technology/saudi-oil-producers-computers-restored-after-cyber-attack.html?_r=1> and various other places <http://www.securelist.com/en/blog/208193786/Shamoon_the_Wiper_Copycats_at_Work>. Of course, the Pastebin sources for comments from the hackers in question (your unmask.py may come in handy here) are as follows: * http://pastebin.com/HqAgaQRj * http://pastebin.com/tztnRLQG And there's this "reckless" claim <http://www.huffingtonpost.com/2012/09/07/debora-plunkett-nsa_n_1866208.html?utm_hp_ref=technology>, which may or may not be related. I think it's clear that the Iranian nation-state team is == "Cutting Sword of Justice". It doesn't take a Palantir-loaded analyst super-hero to see that they are sending the message of "you attack our oil industry, and we will attack yours". They've stopped short of doing anything that would actually damage operations at Saudi Aramco, because that's a red line, but they've demonstrated capability, which is all you need for the "mutual" part of "mutually assured disruption". In any case, it's not "hacktivism" although it may be the shape of future hacktivism. If you're studying cyber-war the way you probably should be if you're in this industry, this is what it looks like for now. The interesting corollary is that not only do you have to extend your information security umbrella over your own private industry <http://www.businessweek.com/news/2012-09-08/obama-weighs-executive-order-to-defend-against-cyber-attacks>, you have to extend it over your allies as well...:> -dave On 9/5/12 6:38 PM, DarkPassenger wrote: > - Begin unsigned&friendly message , no 0day attached guaranteed - > > Sleepless dders , > > take a look at the following list . first part is Public name of Root servers > "managers" and the second part is osint-ed or -possibly- biased analysis of > the "ownership" of that entity . Please offer your take as someone who is > into "offense" and "infiltration" . > > > VeriSign, Inc -> runs most of the basic internet , in contract with U.S govt > + FMR shadow , one of the wealthiest Jewish families with ties to D.C from > 40's to now and history of Familial cult dedicated to praising Israeli ideas > > University of Southern California (ISI) -> Deep ties with In-Q-Tel -> CIA > > Cogent Communications - > Israeli Group > > University of Maryland -> CIA is the biggest employer of grads , in bed with > NSA and contractor of In-Q-Tel -> CIA > > NASA (Ames Research Center) -> U.S Govt > > US Department of Defence (NIC) -> U.S Govt > > US Army (Research Lab) -> U.S Gov > > Netnod -> in bed with various Western Govt or defense including DISA in > addition to complying with Swedish SIGINT FRA and intelligence service SAPO > maintaing primary services to NATO's intelligence services , including but > not limited to "Stay Beyond" entities -> Western Blackops > > RIPE NCC -> complying Netherlands police , contracting Netherlands > intelligence services , some employees have worked for CERT , answers to U.S > govt Commerce > > ICANN -> element of U.S Govt Commerce > > WIDE Project -> funded by Japanese Imperial Family , some members have worked > in Hitachi Nuclear industries owned by Japanese Loyal family and the major > Nuclear power utilities and waste exporter to U.S , contracting U.S defense > contractors > > - End unsigned&friendly message - > > > _______________________________________________ > Dailydave mailing list > [email protected] > https://lists.immunityinc.com/mailman/listinfo/dailydave -- INFILTRATE - the world's best offensive information security conference. April 2013 in Miami Beach www.infiltratecon.com
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
