{"id":76224,"date":"2017-11-28T10:00:59","date_gmt":"2017-11-28T15:00:59","guid":{"rendered":"http:\/\/valorguardians.com\/blog\/?p=76224"},"modified":"2017-11-28T09:57:20","modified_gmt":"2017-11-28T14:57:20","slug":"guest-post-sometimes-you-hack-the-bear-sometimes-the-bear-hacks-you","status":"publish","type":"post","link":"https:\/\/www.azuse.cloud\/?p=76224","title":{"rendered":"Guest Post; Sometimes You Hack the Bear; Sometimes the Bear Hacks You"},"content":{"rendered":"<p><em>Our buddy and homeboy, <a href=\"http:\/\/johnsready.com\/\">John Ready<\/a> sends us this guest post;<\/em><\/p>\n<p>OK, so now we\u2019ve got another country hacking into the federal government\u2019s so-called \u201csecure\u201d information systems. This time it\u2019s apparently individuals allied with Russia, and the target was the National Security Agency itself. The juggernaut that is supposed to protect us, and which receives stupid amounts of our tax money to accomplish that, has had its secrets pilfered.<\/p>\n<p>Nice job\u2026      <\/p>\n<p>As if the theft of Personally Identifiable Information (PII) from the Office of Personnel Management-the government\u2019s Human Resources department-wasn\u2019t catastrophic enough. I mean, it\u2019s not like 23 million past, present, and future government employees (like Yours Truly), had their sensitive information extracted by the Chinese military. Approximately 5 million of those individuals had their digitized fingerprints stolen; many of those are intelligence operatives and undercover officers. Now, they risk being unmasked by whomever buys their prints on the black market. Worse, they could be targeted with assassination, you know from the bad guys they are trying to fight.<\/p>\n<p>With all of that still fresh in our memories, you\u2019d think that those tasked with protecting our secrets would be more vigilant. Sadly, that\u2019s what I get for trusting people to do the right thing.<\/p>\n<p>Back in 2010, the first digital weapon was unleashed. It came to be known as Stuxnet. It was brilliant in its sophistication, and how it targeted its victim-the uranium enrichment facility at Natanz, Iran-with laser-like focus. It took a while for security experts to determine its origin, but it was finally traced to a joint NSA-Israeli partnership.<\/p>\n<p>Stuxnet was the digital equivalent of a pre-emptive airstrike. It was developed solely for the purpose of causing physical damage to Iran\u2019s centrifuges, while allowing the US and Israel the ability to deny their involvement. You see, Israel doesn\u2019t take kindly to its neighbors building anything remotely nuclear, whether it\u2019s weapons or reactors. I can\u2019t say I blame them; you don\u2019t know what a nuclear facility\u2019s true purpose is until there\u2019s a mushroom cloud over Tel Aviv.<\/p>\n<p>In the past, the Israelis bombed reactors in Iraq and Syria. This time, President Obama convinced Benjamin Netanyahu that the strike should be more discreet, so as not to cause more unrest in the Middle East. So, the two nations collaborated on the weaponized worm we now know as Stuxnet.<\/p>\n<p>However, the department within NSA, dubbed Tailored Access Operations (TAO: Oh, how very clever!) responsible for developing Stuxnet has now been hacked itself, and a good chunk of its digital weaponry pilfered, this time by some folks in Russia. The perpetrators call themselves \u201cThe Shadow Brokers.\u201d The NSA is supposed to be the brain trust, staffed with brilliant technicians and programmers.<\/p>\n<p>Here\u2019s an example of just how \u201cbrilliant\u201d these folks are. An NSA employee took a number of documents home with him. He copied them to his \u201cpersonal home computer, so that he could refer to them while he tweaked his resume.\u201d Besides being a violation of agency rules, it was also against the law. The employee\u2019s PC was running Kaspersky Lab, antivirus software developed in Russia, and installed on computers across the globe. Investigators have long supposed that this software company was in collusion with Russian hackers, and that there was a back-door installed, through which they could directly access his data&#8230;sorry, OUR data.<\/p>\n<p>You\u2019d think that there would be increased vigilance, knowing that the rest of the world understands that we are capable of developing Stuxnet and its variants.<\/p>\n<p>The Shadow Brokers are now selling these digital weapons-paid for with our tax dollars-on the Black Market. The prices on some of these weapons are very high. This means that only parties which have that large amounts of capital, such as a rogue nation like North Korea, could unleash them on the United States, all the while claiming innocence, since the origin of the attack could be masked.<\/p>\n<p>Some of these digital weapons have now been turned on two of our country\u2019s allies: Britain and the Ukraine. The implications of this theft are dire. Instead of the Ukraine having its power grid taken down for long periods, it could be us. Such an attack could mimic the Northeast Power Outage in August 2003, which lasted for three days. What\u2019s more, if the attack took out certain sections of the grid, it could cause an even more widespread outage.<\/p>\n<p>Bad, see also: Not good.<\/p>\n<p>As for the NSA employee who took the family jewels off the reservation, he won\u2019t need a resume for his next job. He just needs to practice his new spiel:<\/p>\n<p>\u201cWould you like fries with that?\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Our buddy and homeboy, John Ready sends us this guest post; OK, so now we\u2019ve got &hellip; <a title=\"Guest Post; Sometimes You Hack the Bear; Sometimes the Bear Hacks You\" class=\"hm-read-more\" href=\"https:\/\/www.azuse.cloud\/?p=76224\"><span class=\"screen-reader-text\">Guest Post; Sometimes You Hack the Bear; Sometimes the Bear Hacks You<\/span>Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-76224","post","type-post","status-publish","format-standard","hentry","category-foreign-policy"],"_links":{"self":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/posts\/76224","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=76224"}],"version-history":[{"count":0,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/posts\/76224\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=76224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=76224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=76224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}