Security Researcher Hit

While we were being distracted by the Yahoo half-billion-user data breach, within the last few days, Krebs On Security, a blog which I often reference here was slammed with a distributed denial-of-service (DDoS) attack of gargantuan proportions, literally silencing the blog. This was after the venerable Brian Krebs published papers on the vDOS owners. vDOS is an attack-for-hire service hosted in Israel.

Hey, what a surprise, after Krebs, a well-known security blogger (and researcher) made the people behind the attack-for-hire service also well-known, he was himself targeted by the world's largest DDoS attack! These are rich teenagers - they earned more than $600,000 (well, in Bitcoin!) in two years. Apparently their service is in great demand.

How do we know this? Oh it figures - vDOS got hacked and their client base was fully extracted and published (this is known as being "doxed", a term which I sometimes use). And Krebs obtained the information in July. This, and the fact that the FBI took notice, is why those cyber-criminal-teenagers Itay Huri and Yarden Bidani (known as AppleJ4ck) were arrested in Israel.

It's possible that these teenagers, after being arrested in Israel, were simply drafted into the Israeli Defense Forces (IDF), because they are both 18 years old (my speculation). Now they can't use the internet for 30 days.

Wow! I was sure it was just going to be a slap on the hand for these two.

Seriously, I hope they can be extradited to the US for prosecution.

The curious thing is that the documents Krebs found indicated that vDOS was literally responsible for the majority of the DDoS attacks on the web, and that the number of packets and data sent might indeed have been Internet-crippling. Apparently DDoS attackers are now taking over personal home routers and using them to accomplish their attacks, which can result on a MUCH larger number of packets being sent because literally anybody can be sending them.

When a security blog gets hit and you are temporarily in the dark about a current threat, you will need to refer to some other security blogs. Here is a decent list.

If you get hacked, you can find out if your data was included in a recent massive breach at haveibeenpwned.com.

If you have more serious concerns, there is a company, terbiumlabs.com, that can persistently search the dark web for your personal info. The info you enter is encrypted on the client side (open your computer) so even they don't know what you are searching for. This is particularly useful for corporate customers, when they're breached, and also for companies monitoring their information security (infoSec).

Transparency: the Way of the Future?

Is full transparency in government a good thing?

Disruption

I believe the ascendence of wikipedia.org as a collaborative knowledge base has had a significant positive effect on the general access to knowledge. But it has also had a significant negative effect on existing encyclopedias. Recently, the venerable Encyclopedia Brittanica announced their final print edition. Really, it is no great surprise that an online knowledge base can be disruptive in this way. This is really quite similar to the disruption of printed news media (such as newspapers) by online new sources. But there are other ways that wikis can disrupt.

Wikileaks

The concept of a wiki is a compendium of material with contributions from several authors. There is a specific wiki called wikileaks.org that amasses secret material and publishes it, run by Julian Assange and his associates. The contributors are whistleblowers everywhere. Many of the contributions are centered on the secret doings of governments.

The interest in such wikis is fed by the conspiracy theorist and the popularization of the idea that governments are bad. That they are doing bad things. But weighing individual privacy against the common security is not a simple black-and-white issue.

That being said, I do believe that governments should not act unchecked. Doing evil "in the national interest" is wrong.

Wikileaks has the potential of disrupting a government's ability to operate. Perhaps they believe they can level the playing field between governments by rendering every government transparent. Perhaps they naïvely believe they are only seeking the truth. Unfortunately, they have done little to render Russia transparent, or Iran, or North Korea. Or even China. They have primarily been concentrating on the United States. Indeed, in some countries, if journalists attempt to render those countries transparent they will simply be murdered. Witness, for example, the purported state-supported murders of Anna Politovskaya and Alexander Litvinenko. Some countries simply have a history of dissuading whistleblowers by making sad examples of them.

It is doubtful wikileaks has the balls to assail any of these countries.

What this has done is to make it less possible for the United States (and some other target countries) to operate in the diplomatic arena, and consequently it lends a strong an advantage to their competitors. This is inevitable. And the trend is to only publish material from countries that are relatively easily penetrated: free countries. This disadvantage is coming soon to your country.

Competition between countries is not just political, or concerned with human rights. It also is about economic prevalence. Countries such as Russia, with its oil and natural gas pipeline that nearly controls Europe economically, and China, with its control over cheaply-made electronics (due to their singular labor policies compared with other countries) and its near-monopoly on rare earth elements, owes its prosperity to the influx of currency from other countries. It is a strong motivation these days: perhaps the only motivation that actually counts to China.

Transparency is not good for negotiation. Without it, countries can operate in secret. Keeping their agenda secret while they strive to achieve their goals is actually key to success. A level playing field would make things better for negotiation. Ironically, the playing field is being made less level by wikileaks.

The kind of transparency that wikileaks.org offers is total transparency. They constantly work to reveal everything they can: entire full sets of diplomatic dispatches, even full sets of military communiques. This will naturally reveal plenty of stuff that could be necessary for a country's economic survival.

Indeed, it would be to a competitor's advantage to extract such information and provide it to wikileaks. Whether this has actually happened is something I can't really verify, because wikileaks scrupulously seeks to anonymize the information, scrubbing away email MIME headers (so you can't be sure the emails were genuine in the first place!), zeroing empty blocks, and redacting content that could reveal their source.

If the publishing of the information is a crime, then they are accomplices and co-conspirators. But how do you prove that the information is true? You can't. They have scrubbed away all that can be used to prove it true. And if you independently verify one piece of information, can you trust the rest if you can't say where it actually came from? I doubt that wikileaks even knows whether the information they post is true or not. They may not even know for certain where it came from. Which makes the publishing of the information an incredibly questionable activity.

Wikileaks has also revealed information about companies as well, such as Bank of America. I am sure it would love to reveal information about people as well.

So, when Julian Assange commits a sexually predatory act in Sweden, for instance, he should be glad that such things can be transparent. And he should be glad to participate in a transparent legal process there, right? No. He is a hypocrite. It's OK to reveal other people's secrets. But when his secrets get revealed, then he objects! And fails to own his actions.

Hacktivism

Hacktivism, hacking for the purposes of vigilante social justice, has been on the rise. The Anonymous group is famous for hacking in retaliation for the removal of credit card support in wikileaks. Really, anything they set their collective minds to, if they think it represents an injustice, is cause for a retaliatory hack. This makes them judge, jury, and executioner for their brand of justice.

Many of the Anonymous crowd also perpetrate hacks that simply reveal lists of credit card numbers and email accounts and passwords. Don't they know that the rogue and state-supported Chinese and Eastern European hack squads are going to exploit these? They disrupt businesses like Sony's Playstation accounts. These acts are essentially criminal acts. And if they aren't criminal acts, they almost certainly lead to them.

In some ways, hacktivism can also produce effects that may be useful, such as making us aware that we should change our passwords. But these are secondary, reactive effects, and not the ones that they were seeking to accomplish. Not by a long shot.

Really, such lawless acts are indefensible. In this day and age where so much is constantly being attacked by Chinese hack squads, why don't these hackers join the good guys and help to build better defenses against the barrage of cyberattacks? There is a real need, and they have the talent. Please, Anonymous, step forwards and help. And I'm not talking about defacing Chinese government web sites.

Perhaps the FBI will have to bust these hackers and conscript them, like they did Sabu.

Either way, we need to get organized to fight cyberattacks and cyberterrorism.

Even if laws could keep up with technology, there are still Chinese state-supported hack squads to deal with. Maybe wikileaks will try to keep them accountable. Sure.

The Moral

Those interested in transparency and who are eager to reveal things must own their actions and practice what they preach. An anonymous hack is an asymmetric form of warfare. Not exactly transparent, is it?