Tag: Hacking

Proof of Concept

Reading about the meat processing that’s been attacked by ransomware, and thinking about the petrol pipeline … this really seems like proof of concept stuff to me. I’m sure there’s some ‘making money’ and more than a little ego stroking involved. Before we purchase and implement some major system at work (or spend a lot of time developing code), we run a proof of concept test. A quick, slimmed down implementation that runs on some virtual system that lets people see how it’ll work without sinking the time and money into a full-scale implementation. If the thing seems useful, then we buy it and have a capital budget for implementation. If it wasn’t useful … well, we lost some time, but not much.

Attacking small players in various industries to see what kind of impact you have have … seems a lot like a proof of concept series of attacks. How well secured was the company? What kind of incident response were they able to mount? How much access did you manage? What came offline? What was the public impact?

Censorship?

This may be a paranoid thought, but … a bunch of high-profile people’s Twitter accounts were hacked today, and the messages posted asked followers to send Bitcoin. Twitter shut down these accounts for a few hours.

There’s obviously a profit motive here — as of 11:30 today, they’ve garnered over 118k (and have been clearing the money out, so money isn’t just an unfortunate consequence of the hack).

The target list that is hyped includes a lot of big names, and it’s interesting to see which names seem to create the biggest bump in transactions to the wallet.

But the one that stands out to be is Joe Biden — and, yes, it looks like his account was hacked.

This looks like a proof of concept test to me. Now, it’s possible that Trump wasn’t hacked because it is so implausible that he’d be giving back to the community. But forcing the platform to shut down a bunch of accounts, including a number of your political opponents, is a brilliant approach to disrupting campaigning. Seems like a next level move from a government-sponsored intel group looking to interfere with elections after their troll accounts and advertising attempts get shut down.

Hack The Vote

There is a component to the ongoing story of Russian involvement in the 2016 election that seems to have gone missing from public discourse. The RNC was hacked too. Information from DNC hacks were released – embarrassing information that questioned the legitimacy of Clinton’s primary victory and that substantiated the worst view people have of her (and politicians in general). What was released from the RNC hack? Zilch.

One possibility is that the RNC hack yielded nothing embarrassing or subversive to release. But do you really think the RNC wasn’t trying to undermine Trump the same way the DNC undermined Sanders? Do you really think the entirety of the RNC is completely upfront about every facet of political discourse?

Immediately after the election, Russians were said to have a kompromat dossier on Trump. Whatever was gathered from the RNC hack is good insurance should Russia’s choice of American leaders backfire on them in some way. Personally damaging information on Trump and RNC information that compromises the integrity of the party.

Missing The Point

A security researcher used a modified cat6 cable and default creds on airline seat electronic boxes to compromise flight control systems on an aircraft. That’s really bad, and the FBI is investigating the crime. But why is it that no one seems to care that (1) SEB’s ride on the same network as flight control systems, (2) there’s a default password no one has bothered to change, and (3) no one on the aircraft was in any way bothered by some dude digging around under the seat and messing with cables?

Seriously – in the system design meetings for a million dollar aircraft, someone thought it would be a good idea to save, what, a grand by having a single open network for all electronic components on the aircraft?!

And I sincerely hope the WiFi networks they’re starting to put on the aircraft are on an isolated network that has nothing to do with any of the flight control equipment. It’s one thing to notice a guy plugging into some box under his seat … a guy using his computer mid-flight, nothing to see there.