FBI Hackers, Deepfakers, and Mythbusters

FBI Hackers, Deepfakers, and Mythbusters

This week we explore thoughts around the FBI’s “hacking the hackers” news, and it’s clear deepfake is here to stay, so what’s next? Dark web drug store markets in the real world, while code breakers crack a Queen’s letters. And my take on security myths; not surprisingly a different perspective.


Hack Back

I'm sure you saw on the news the FBI saying they've "hacked the hackers" referring to the taking down the systems of a notorious ransomware gang called Hive, essentially nullifying a reported $130m in ransom, but no one was arrested (yet, I presume). I have mixed thoughts on this. Attribution is the big elephant in the room. With grade school knowledge you can build quite a sophisticated network of systems that are owned and operated by others to perpetrate your crime, so who are you really hacking? Also, what message is this sending to others concerning interpretations of "active defense"? Of course, the FBI is protected from laws that are intended to define crime for others, much like permission to carry firearms where firearms are illegal for citizens –within the context of policing. But how will this translate into cyberspace? I've raised the question of a cyberspace police force before… and at what point does the criminal element in cyberspace warrant such an organization?


Article - https://www.theverge.com/2023/1/27/23574257/fbi-us-justice-department-seizes-hive-ransomware-network-servers

DOJ press release - https://www.justice.gov/opa/pr/us-department-justice-disrupts-hive-ransomware-variant


Deepfake it Till You Make it

A recent report by Graphika highlighted that a pro-Chinese influence operation is promoting the interests of the Chinese Communist Party through the use of AI-generated news anchors. A new media outlet called "Wolf News" first to have been believed to be using paid actors is actually AI, confirmed by British company Synthesia. This is not necessarily new… the concept of fake news, AI, deepfake, it's been around for a while now. However, it is definitely picking up pace and you can expect these technologies – including ChatGPT, VALL-E, quantum computing, SIM swapping, crypto, cookie stealing, etc. – to start synthesizing. Do you think not patching ESXi for a year is your biggest problem? You're in for a big surprise.


Report - https://public-assets.graphika.com/reports/graphika-report-deepfake-it-till-you-make-it.pdf

Deepfake news - https://www.vice.com/en/article/v7vw3a/ai-generated-video-burkino-faso-coup

Article - https://therecord.media/deepfake-news-anchors-spread-chinese-propaganda-on-social-media/

Covert influanc operations - https://about.fb.com/news/2022/12/metas-2022-coordinated-inauthentic-behavior-enforcements/

Article from last year - https://www.bbc.com/news/technology-60780142

FBI ESXi Recovery Guidance - https://www.ic3.gov/Media/News/2023/230208.pdf


From Russia with Love

I can't help but conjure images from the movie Blade Runner (1982) when I read this article. Considered one of the largest darknet drug market operators, BlackSprut is apparently advertising on giant digital billboards throughout Moscow. Empowered by millions earned through crypto and primarily through Bitzlato, who is currently trying to be dismantled by law enforcement, BlackSprut is advertising, "Come to me if you're looking for the best." It's unclear if the sign owner was hacked or isn't aware of who their customer is, but nevertheless, pretty brazen.


Article - https://therecord.media/blacksprut-darknet-drug-market-billboards-moscow/

Bitzlato arrests - https://www.europol.europa.eu/media-press/newsroom/news/bitzlato-senior-management-arrested

Updated arrests - https://news.bitcoin.com/bitzlato-co-founder-anton-shkurenko-arrested-in-russia-report/


Queen of Encryption

A group of codebreakers came across a cache of letters written by Mary Stuart, Queen of Scots (1542–1587) between the years of 1578 to 1584 while imprisoned by her cousin Queen Elizabeth I that was fully encrypted resulting in a collection of symbols. Using a combination of very clever approaches, they deciphered 57 handwritten letters. There are two points I'd like to make. First, it's amazing she was able to do this without the assistance of a key or code book, but apparently by memory. Clearly, very intelligent and highly capable. Second, it goes to show you that virtually all encryption can be decrypted at some point. But, what really matters is will the information exposed still be useful to the attacker. Well, I think governments around the world think yes because they're gobbling up encrypted data like it was a Wonka bar because with quantum computing there's a chance for a golden ticket.


Paper - https://www.tandfonline.com/doi/full/10.1080/01611194.2022.2160677

Article - https://www.theregister.com/2023/02/09/codebreakers_mary_queen_of_scots/


Security Mythbuster

Not sure why, but there has been an explosion of articles, videos, and posts about cybersecurity myths. Honestly, google it… you'll get a ton of hits. Maybe it's the phase the industry is in now, I dunno. Anyway, many are a bit silly, but should get you thinking, like "strong passwords are safe".?Well, what do you consider a strong password and if you click on a malicious link the strength of your password is irrelevant. Nevertheless, I find most of these "myths" to be potentially damaging. For example, a commonly found myth among these collections is "it's a matter of 'when', not 'if' you'll be attacked" is a myth.


Ok… hold on for a moment. I made my career in security starting about 30 years ago… I started hacking stuff for pay and never looked back. I can say confidently there was a time that the probability of getting hacked was exceedingly low… it was an "if" condition. It all depended on 'IF' what you had could be of value or more importantly, if could it be monetized. It was also, based on the level of effort required to hack you. Fast forward from the dark ages to today and we have crypto that makes everything monetizable and at the heart is ransomware. There is so much drive-by ransomware that most victims are having to wait extended periods of time to pay a ransom because the bad guys are overloaded, so the probability of getting attacked is akin to getting wet in the rain.


On a more serious note, surprisingly most learned the hard way about supply chain risk from the SolarWinds debacle. Given the complexity of systems, hackers find it far easier to attack an "edge" environment that practices very little security but is a provider to a complex system owned and operated by a company that has made huge investments in security. So, the odds of getting hacked are increased because you represent a potential value as part of a larger objective. Getting hacked/attacked is definitely a matter of when… you ran out of "if's" decades ago.


Supply chain article - https://www.theregister.com/2023/02/05/supply_chain_security_efforts/

OSC&R, a MITRE ATT&CK-like framework for supply chain - https://pbom.dev/

要查看或添加评论,请登录

Jim Tiller的更多文章

  • Ethics and Too Big to Fail

    Ethics and Too Big to Fail

    Ethics is the New Frontier At birth of the Internet it was all about access to information – the information…

    3 条评论
  • Hamburgers, TSA, and TPM

    Hamburgers, TSA, and TPM

    What Does This Say There are a lot of stories this week – the week of International Women’s Day - being shared about…

  • What's Old is Old and I Quit

    What's Old is Old and I Quit

    That’s Rough One of the roles the CISA has taken on is notifying the industry of vulnerabilities that are known to…

  • Lizard Brains, Xray Vision and Master Keys

    Lizard Brains, Xray Vision and Master Keys

    I decided I would once again try to keep this short and sweet. But, alas, the news cycle was far too generous.

    2 条评论
  • All Eggs in One Basket and Airline Peanuts

    All Eggs in One Basket and Airline Peanuts

    So much to talk about..

  • 12 Billion, Spying Inc. and Rudolf the red nosed reindeer

    12 Billion, Spying Inc. and Rudolf the red nosed reindeer

    A bit late with this one, but better late than never :P Happy holidays! Good News Cyber Story I know this newsletter is…

    2 条评论
  • (De)Central Intelligence and Two Bucks

    (De)Central Intelligence and Two Bucks

    This week I offer a quick news snippet about data privacy in the UK based on a report from the ICO. However, this week…

  • Phreaking Cars and Killer Robots

    Phreaking Cars and Killer Robots

    This week we have some repeat business from vulnerabilities in cars that are a bit unsettling and even more news around…

  • Tank and EVs to Ransome and Crypto

    Tank and EVs to Ransome and Crypto

    This week we see the beginning of the end of a long-standing hacker group. We explore the evolution of cyber as it…

  • Nation Scanning to 43 Trillion Events

    Nation Scanning to 43 Trillion Events

    This week we look at how the UK's NCSC is scanning every Internet facing system in the country - could be interesting…

社区洞察

其他会员也浏览了