Saturday, May 20, 2017

Slow Saturday Special: Crying Myself to Sleep

It does no good to lock the door because “the government has the master key.”

Makes me WannaCry:

"WannaCry fades, but worries remain" by Hiawatha Bray Globe Staff  May 19, 2017

At least it is not the New York Times.

A week after it struck, the WannaCry ransomware attack appears to have been a financial bust for the hackers who launched it. But WannaCry left behind billions in losses for users and a deep sense of vulnerability among data security experts who fear that worse attacks are yet to come.

“It is not going to end,” said Israel Barak, chief information security officer of Boston-based Internet security firm Cybereason. “They are going to continue to be able to find vulnerabilities.”

WannaCry was first detected on Friday, May 12. Within hours it had ravaged thousands of computers in Europe and Asia, while leaving the US largely unscathed. The program encrypted all data on infected computers running Microsoft Corp.’s Windows operating system, locking users out of their own files. Then it displayed a message promising to provide the encryption unlock key in exchange for a ransom of $300 if paid within three days of the infection or $600 if paid later. If the ransom wasn’t paid within a week, the data would be lost forever.

The unknown criminals demanded that ransoms be paid in the digital currency bitcoin and provided three digital addresses for the payments. Bitcoin transactions are anonymous, but they’re also public, and security analysts have tracked the amounts being added to the accounts. As of Friday afternoon, only about 300 victims had paid up, and the total take was less than $100,000, according to a bitcoin tracker set up by the online magazine Quartz. The Finnish cybersecurity firm F-Secure said that at least some of those who paid received decryption keys and got their data back, according to the New York Times.

“I would definitely not refer to it as a sophisticated attack,” said Barak.

Even so, Cyence, which calculates cyber security risks for insurance companies, estimates that the attack could cost businesses worldwide as much as $8 billion in lost revenue due to business disruptions.


Yolonda Smith, director of product management at Boston data security company Pwnie Express, thinks the attack was a dry run. “This wasn’t about the money. This was a proof of concept,” she said. “Next time we expect they’re going to be much more insidious [and] it’s going to be much, much more impactful.” 

Prepare for a hack of the stock market and collapse to hide banker malfeasance and stealing of all the remaining loot.

WannaCry took advantage of a flaw found in many versions of Microsoft Windows. This bug was exploited by a spy tool stolen from the US National Security Agency and published on the Internet in April by an online activist group called the Shadow Brokers.

Microsoft issued a patch in March that would protect against the attack, but many computers were not upgraded. Also, Microsoft didn’t provide a patch for its obsolete but still popular Windows XP software. So when an unknown criminal combined the stolen NSA code with a ransomware program called WannaCry, as many as 200,000 computers worldwide were victimized.

Cyber security experts still don’t know who is behind the attack; they’re not even sure how they managed to carry it out. Early press reports claimed that computers were infected by tainted e-mail messages. But several security analysts have said they can find no trace of such messages.

OMG! The pre$$ lied to us again!

Instead, Barak believes that the criminals scanned millions of Internet-connected computers to remotely detect vulnerable Windows machines. About 15 years ago, computers using earlier versions of Windows were afflicted by a series of similar global attacks, and it’s unclear whether anything can be done to prevent future attacks.

So we come nowhere or worse after 15 years and $$$ and freedom spent?

“The government could take a stronger role,” said Stuart Madnick, professor of information technology at the MIT Sloan School of Management, who suggested that business might be required to quickly patch known security weaknesses in their software. “You could have certain regulations just like you do for nuclear power plants and so on,” Madnick said. But he admitted that such a law would be very difficult to enforce.

Good thing that stuff is on the way out, but why should government take a stronger role when they are the ones that loosed this upon the world?

Madnick also noted that WannaCry used software stolen from the federal government. That fact could scuttle proposals to build “back doors” into American software and hardware products, to help police and intelligence agencies track criminals and terrorists. “If the government has the master key,  how long before somebody gets the master key from the government?” Madnick said....



Maybe these kid did it:

"A Carnegie Mellon University student who admitted developing and selling malicious software that allowed others to remotely control Google Android smartphones has been sentenced to three years’ probation. A federal judge in Pittsburgh also Monday ordered Morgan Culbertson to perform 300 hours of community service. He pleaded guilty in 2015 to conspiracy for his role in the malware distribution, which enabled those who bought the software to use the phones’ cameras to spy on their owners. He is one of 12 people living in the United States who were charged by federal prosecutors in the takedown of the cybercriminal marketplace. The online forum was a place where authorities say computer hackers bought and sold malicious software. Culbertson is currently on leave from Carnegie Mellon."

I'm thinking he was working for you-know-who:

"Killing CIA informants, China stifled US spying" by Mark Mazzetti New York Times  May 20, 2017

WASHINGTON —The Chinese government systematically dismantled CIA spying operations in the country starting in 2010, killing or imprisoning more than a dozen sources over two years and crippling intelligence gathering there for years afterward.

Current and former US officials described the intelligence breach as one of the worst in decades. It set off a scramble in Washington’s intelligence and law enforcement agencies to contain the fallout, but investigators were bitterly divided over the cause.

Some were convinced that a mole within the CIA had betrayed the United States. Others believed that the Chinese had hacked the covert system the CIA used to communicate with its foreign sources. Years later, that debate remains unresolved.

But there was no disagreement about the damage. From the final weeks of 2010 through the end of 2012, according to former US officials, the Chinese killed at least a dozen of the CIA’s sources.

According to three of the officials, one was shot in front of his colleagues in the courtyard of a government building — a message to others who might have been working for the CIA.

Still others were put in jail. All told, the Chinese killed or imprisoned 18 to 20 of the CIA’s sources in China, according to two former senior US officials, unraveling a network that had taken years to build.


So he lost the Philippines, lost Turkey, and his CIA was rolled up in China. 


Assessing the fallout from an exposed spy operation can be difficult, but the episode was considered particularly damaging. The number of US assets lost in China, officials said, rivaled those lost in the Soviet Union and Russia during the betrayals of both Aldrich Ames and Robert Hanssen, formerly of the CIA and the FBI, who divulged intelligence operations to Moscow for years.

Or Jonathan Pollard, for that matter.

The previously unreported episode shows how successful the Chinese were in disrupting US spying efforts and stealing secrets years before a well-publicized breach in 2015 gave Beijing access to thousands of personnel records, including intelligence contractors.

Does this mean war?

The CIA considers spying in China one of its top priorities, but the country’s extensive security apparatus makes it exceptionally hard for Western spy services to develop sources there.

The unsettled nature of the China investigation demonstrates the difficulty of conducting counterespionage investigations into sophisticated spy services like those in Russia and China.

The CIA and the FBI both declined to comment. Ten current and former US officials described the investigation on the condition of anonymity because they did not want to be identified discussing the information.

The first signs of trouble emerged in 2010. At the time, the quality of the CIA’s information about the inner workings of the Chinese government was the best it had been for years, the result of recruiting sources deep inside the bureaucracy in Beijing, four former officials said.

But by early 2011, senior officers realized they had a problem. The FBI and the CIA opened a joint inquiry run by top counterintelligence officials at both agencies, and the CIA has been working to rebuild its network of informants.


Maybe I'll wait for the book:

"Holly Davenport of Norfolk said she wanted to dislike the store because Amazon founder Jeff Bezos has an “unfair advantage” as a retailer, but she said she liked the choices she saw Saturday and said she was considering a purchase. “I feel terrible,” Davenport joked, comparing Bezos to Genghis Khan for Amazon’s effect on small stores. “I may feel guilty when I go home, and may not be able to read this book.”

Also seePolice believe they’ve found missing Franklin student’s body

That will leave a tear on my pillow.