Hackers Hit Banks, Power Grids, Air Traffic Control Systems
Anything that is connected to the net is susceptible to being hacked — for purposes of espionage, theft, vandalism, or sheer deadly destruction.
Global Financial Network “SWIFT” Regularly Robbed of $Millions
… law enforcement authorities in Bangladesh and elsewhere investigated the February cyber theft of $81 million from the Bangladesh central bank account at the New York Federal Reserve Bank. SWIFT has acknowledged that the scheme involved altering SWIFT software on Bangladesh Bank’s computers to hide evidence of fraudulent transfers.
… the Bangladesh Bank attack was not an isolated incident but one of several recent criminal schemes that aimed to take advantage of the global messaging platform used by some 11,000 financial institutions.
“SWIFT is aware of a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions’ back-offices, PCs or workstations connected to their local interface to the SWIFT network,” the group warned customers on Monday in a notice seen by Reuters. ___ http://www.reuters.com/article/us-cyber-banking-swift-exclusive-idUSKCN0XM2DI
Cyber theft has become big criminal business. Who is behind it, and what other mischief are they up to?
Possible evidence linking recent hacking attacks on the U.S. government to the Russian state includes the digital signatures of a hacker group known as Advanced Persistent Threat 28 (or APT28, identified by the U.S.-based Internet security company FireEye) and a family of hackers labeled CozyDuke, CosmicDuke, MiniDuke and OnionDuke (spotted by Kaspersky Lab). These groups, which may or may not be related, have some giveaway signatures that tie them to Russia. “Indicators in APT28’s malware suggest that the group consists of Russian speakers operating during business hours in Russia’s major cities,” says a recent FireEye report. “More than half of the malware samples…attributed to APT28 included Russian-language settings.” __ Russia’s Greatest Weapon
The Russian government is certainly involved in malicious infrastructure cyber-attacks, just as the Russian mafia is involved in cyber-theft and cyber-coercion/blackmail. Sometimes it is impossible to distinguish government from mafia.
Sweden sent a message to NATO and released alert all over claiming that the country was under threat of a serious cyber-attack in November 2015. According to reports, the Swedish government claimed of receiving two separate warnings and passed them to various NATO allies including Denmark and Norway.
As per the Swedish claims, the cyber-attack was propelled by the APT group, which refers to Advanced Persistent Threat. The same group was linked to the GRU, a Russian military intelligence group. __ https://www.hackread.com/sweden-cyber-attacks-by-russian-hackers/
Sweden and the US are not the only countries to come under similar infrastructure attacks. The Ukrainian power grid was hit by hackers in what would seem to be a “trial run.”
At an Atlantic Council event Thursday, experts said the attack – the first known digital strike that helped trigger widespread outages – represents just one part of Russia’s strategy in the Ukraine conflict that has previously included the use of espionage and denial-of-service attacks.
… Despite concerns that the Ukraine grid attack, which shut power to 80,000 homes in three separate Ukrainian regions, is a harbinger of more spectacular strikes against critical infrastructure, hackers may not have that ability for some time, say experts.
Russian hackers have been involved in cyber-theft, cyber-vandalism, cyber-espionage, and other cyber-crime for many years — often as part of the Russian mafia, at other times connected to the Russian government itself.
In 2012, Iranian hackers struck Saudi Arabia’s national oil company, Saudi Aramco, nearly obliterating its corporate IT infrastructure, and bringing the company close to collapse. __ FT.com
Anything that is connected is at risk. That is just one reason why so-called “smart grids” are actually pretty stupid. The more connected a critical infrastructure becomes, the more vulnerable are the people who depend upon that infrastructure.
… the Russians and Chinese—are getting into the game of remotely using computer networks to destroy infrastructure and threaten human lives. Last year, according to a report by Germany’s Federal Office for Information Security, a blast furnace melted down in an unnamed industrial city in Germany after a digital attack on its control systems, causing “massive damage.”It nearly happened in the United States too, when unknown hackers succeeded in penetrating U.S. electrical, water and fuel distribution systems early in 2014. __ Russia’s Offensive Hackers
Reactive Deterrence Is Not Enough
Deterrence by itself is a fragile basis for strategic thinking. Thus, I start by placing deterrence within a broader framework of objectives and then discuss special features of the cyber attack challenge, distinguishing different classes and contexts of cyber threats.1 I then use a simple model to speculate about whether deterrence can be a significant part of dealing with those different threats. The model allows for very different degrees of “rationality” on the part of whoever is to be deterred. My discussion ends with suggestions for policymakers and scholars. My conclusion is that hoping for deterrence with today’s reality would be like grasping for straws. deterrent measures should definitely be part of a larger strategy, but the focus should be elsewhere. __ Paul Davis in International Law and Politics [Vol. 47:327
Just as in war or any other fight, defence and retaliation are not sufficient to prevent a devastating — even fatal — attack. Proactive deterrence involves the strategic use of preemptive actions on an ongoing basis.
It is not only cyberwar, cybercrime, and cybermischief that represent near-existential threats to the modern system of existence. It is getting to the point where global devastation can be wrought on cheaper and cheaper scales.
Anyone with a billion dollars, a serious grudge, and a high-end sociopathy profile could enter into a global biowarfare-threat game within a year. Everything could be put together in secret garages. Negotiations could be conducted in secure anonymity. Carving sovereignty out of the game would require only resources, ruthlessness, brilliance, and nerves. Once you can credibly threaten to kill 100,000,000 people all kinds of strategic opportunities are open. The fact no one has tried this yet is mostly down to billionaires being fat and happy. It only takes one Doctor Gno to break the pattern.
This is the shadow cast over the 21st century. Radically hardcore, massively decentralized deterrence games are simply inevitable. Anyone who thinks the status quo state holds some kind of long-term winning hand under these circumstances isn’t seeing anything.
___ Nick Land
China, Russia, Iran, North Korea, and other members of the League employ entire blocks of cyber-espionage and cyber-attack hackmen with their militaries and intelligence branches. The difference between the League hackmen and those of Europe, the Anglosphere, and free East Asia, is that the League hackmen aim to bring the entire global system down if they cannot prevail through intimidation and bluff. The hackmen of governments, corporations, and other institutions of the advanced world are largely in the business of preserving the global system.
Cyber forensics firms such as Kaspersky, Mandiant and iSight have published a bevy of reports on Chinese and Russian cyber battalions that have waged deep-rooted cyberespionage campaigns. __ http://www.defenseone.com/technology/2015/02/cyber-firm-nsa-out-hacking-chinese-and-russians/105498/
The US and other parts of the Anglosphere — as well as Europe and free Asia — conduct similar cyber-exercises in the attempt to stay in the game before it runs away from them.
At the Al Fin Institutes for Disruptive Technologies, we work with many systems and approaches which have the potential to either make the human future more robustly resilient and anti-fragile, or more vulnerable to attack. That is the double edged sword of disruptive technology. We focus on resilience and anti-fragility, but the sharp edges and tip of the sword are not ignored.
It is certain that if one chooses “not to dirty himself,” that he will eventually be caught completely by surprise, by those who have no such qualms.
A Few Disruptive Technologies that are Maturing
Precise gene editing of microbes and delivery vehicles (target crops, people, entire ecosystems)
“Smart” stealthy nano-weapons and nano-assassins (target minds and powers behind-the-scenes)
Mind control technologies (mass influence of elections, markets, mobs, and armies)
Effective life extension (meant primarily for leadership elite and “indispensables”)
Sleep compression systems (for mental and physical special operatives)
Autonomous computing devices applied to a broad range of actuators
…. and many more.
Members of the League are Being Pressed by their own Stupidity
Capital outflows from Russia, China, and other League members threaten stability. Russia, China, and other League mischief-makers derived a great deal of their clout from the massive levels of foreign capital which flowed through their markets in the 1990s and 2000s. But as capital flows reversed, League tyrants began to feel the pinch.
When Mischief-Making Tyrants Feel Threatened, They Will Turn to Whatever Weapons They May Have
Disruptive technologies — both constructive and destructive — are becoming more affordable to the average millionaire and petty tyrant. Although the nations of the League are not particularly innovative, they generally have enough credit on international markets — and between themselves — to purchase disruptive innovations from private manufacturers and distributors in the west and the free east. It seems that capitalists will indeed sell the rope from which their necks will hang.
The difference this time around is that there are a lot of non-government persons who can afford world-altering disruptive innovations — and the prices are dropping while the range and effectiveness of the innovations are growing.
Offensive cyber operations are a high-return, high-risk coercive option. They may be regarded as a nonphysical form of warfare, thus as much hard power as P2C. Still, if skillfully targeted and calibrated, with collateral damage avoided, they could be very effective. The risks and costs of retaliation and escalation are considerable if the target country is a “cyber power,” as China and Russia are. Iran is more susceptible to cyber coercion. __ http://www.rand.org/pubs/research_reports/RR1000.html
The Need for Dangerous Children and Networked Dangerous Communities Increases
Among peace-loving independents, Dangerous Children are most familiar with and best equipped to deal with disruptive innovations capable of altering entire societies, cultures, and global systems. Deadly brushfire applications of such innovations in the wider world will need to be put out by someone, to limit collateral damage. Distributed networks of Dangerous Communities as well as Dangerous Child field operatives will always be watching for the tell-tale signs, ready to call in an ad hoc specialist team when necessary. That is how it should be, since when seconds count . . . help is always hours or days away. And be assured that your authority “elite” probably does not care whether you live or die, as individuals.
On a more personal level: https://www.the-parallax.com/2016/04/25/how-to-avoid-ransomware-or-remove-it/
Malicious hackers occupy all levels and niches of the cybercrime ecosystem. Some of them may take a personal interest in you. Consider your options.
Proactive planning: Hacker Camps for Kids