The State Sponsored Podcast

Could Cyberwar Make the World Safer?Uhhhhh, no.But an alternative perspective sees cyberwar as an opportunity to decrease global violence. Could such tactics shift war’s focus away from human casualties?In other words, can nations settle for slugging it out online, rather than with guns and missiles?Fighting digitally offers a unique opportunity: the continuation of politics by other means, without the physical invasion of a sovereign territory or the inevitable sacrifice of lives. Tempered by responsible use and appropriate controls, cyberwarfare is a safer and more flexible strategic alternative, one critical step between sanctions and bombs.“The purpose of warfare is not to fight; it is to achieve a political objective,” said Nora Bensahel, a visiting professor of strategic studies at Johns Hopkins School of Advanced International Studies. “If you can achieve this objective without kinetic conflict, so much the better.”https://www.nytimes.com/2021/08/22/opinion/cyberwar-world-safety.html?smid=tw-share A secret SAS hacker squad was made public after defence officials accidentally published a job advert with full details of the role. “What is the colour of the boat house in hereford?”The secretive Computer Network Operations (CNO) Exploitation Unit had its cover blown on the MoD's external job ad website.Any "extraordinary talented electronics" engineers interested in the £33,000-a-year vacancy would have seen the address and phone number for SAS barracks.Based in Hereford, the £33k-per-year post was to be filled by an "extraordinary talented electronics engineer" [sic] to "work alongside some of the best scientists and engineers within defence and will be tasked with delivering prototype solutions directly to the soldiers and officers of a unique and specialised military unit."https://www.lbc.co.uk/news/sas-hacker-mab5-mod-online-job-advert/ Nigerian Threat Actors Solicit Employees to Deploy Ransomware for Cut of ProfitsThe insider threat is the biggest threat….Researchers have discovered a Nigerian threat actor trying to turn an organization’s employees into insider threats by soliciting them to deploy ransomware for a cut of the ransom profits.Researchers at Abnormal Security identified and blocked a number of emails sent earlier this month to some its customers that offered people $1 million in bitcoin to install DemonWare ransomware. The would-be attackers said they have ties to the DemonWare ransomware group, also known as Black Kingdom or DEMON, they said.“In this latest campaign, the sender tells the employee that if they’re able to deploy ransomware on a company computer or Windows server, then they would be paid $1 million in bitcoin, or 40% of the presumed $2.5 million ransom,” researchers wrote in a report published Thursday about the campaign. “The employee is told they can launch the ransomware physically or remotely.”https://threatpost.com/nigerian-solicits-employees-ransomware-profits/168849/ 

China’s nuclear reactorshttps://www.popularmechanics.com/science/energy/a36517874/china-mysterious-nuclear-reactors/ https://www.extremetech.com/extreme/323442-chinas-fusion-reactor-sets-world-record-by-running-for-101-secondsTHE CYBERWARS HAVE BEGUUUUUN!NYC's transit authority says it was breached by Chinese hacking grouphttps://www.upi.com/Top_News/US/2021/06/03/Metropolitan-Transporation-Autority-breached-by-cyberattack/1711622700273/?ur3=1FBI Blames Russian-Linked Hacker Group For Cyberattack On Meat Processing Companyhttps://www.rferl.org/a/31287885.htmlRansomware attack disrupts Massachusetts ferrieshttps://therecord.media/ransomware-attack-disrupts-massachusetts-ferries/ U.S. intelligence probing whether Putin testing Biden with Russian cyber hackshttps://justthenews.com/government/security/putin-testing-biden-cyber-hacks-white-house-says-no-intel-agencies-not Whitehouse Executive Orderhttps://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/ The Skills Gap in CYBERRRRRRRRRRRRRhttps://securityboulevard.com/2021/05/how-to-solve-the-cybersecurity-skills-gap/https://www.trainingzone.co.uk/develop/talent/six-ways-to-develop-a-sustainable-cyber-security-workforcehttps://www.tripwire.com/state-of-security/featured/survey-only-39-of-orgs-have-ability-to-retain-cyber-security-talent/ Alyssay Millers TED talk.https://www.ted.com/talks/alyssa_miller_solving_the_tech_skills_gap_at_your_local_coffee_shop https://www.cnn.com/2021/05/28/tech/cybersecurity-labor-shortage/index.htmlBezos to the moonhttps://www.bbc.co.uk/news/world-us-canada-57386049 

Balarus journalist arrestedhttps://apnews.com/article/belarus-plane-pratasevich-lukashenko-a9d32d02caea49c880ed1b7a5872e5f7Ryanair said Belarusian flight controllers told the crew there was a bomb threat against the plane as it was crossing through Belarus airspace on Sunday and ordered it to land. A Belarusian MiG-29 fighter jet was scrambled to escort the plane in a brazen show of force by President Alexander Lukashenko, who has ruled the country with an iron fist for over a quarter-century.(Note that there were two passengers who also disappeared and were likely FSB/SVR assets as well.)The Wuhan report?The RaTG13? Heh, nervous about getting involved… China fearFive Eyes network contradicts theory Covid-19 leaked from labBritish and other Five Eyes agencies do believe that Beijing has not necessarily been open about how coronavirus initially spread in Wuhan at the turn of the year. But they are nervous about getting involved in an escalating international situation.Honestly, I have to wonder what ASIO has to say over FVEYE’sWSJ… https://twitter.com/Anthony/status/1396544753194373121?s=20  (article)Story has more red flags than china on a national day paradehttps://www.ncbi.nlm.nih.gov/pmc/articles/PMC7346715/ ←- NIH on divergence being overstated between RaTG13 and SARS-CoV-2https://www.washingtonpost.com/opinions/2020/04/14/state-department-cables-warned-safety-issues-wuhan-lab-studying-bat-coronaviruses/ ←- Wuhan lab cited for lax security protocolshttps://www.washingtonpost.com/opinions/2020/04/14/state-department-cables-warned-safety-issues-wuhan-lab-studying-bat-coronaviruses/ ←- Leaked cables showing lax security protocolsThe lab itself says it is distressed by talk of leaks. Scientific American re-edited an interview with the virologist Shi Zhengli last week to address “the tenuous suggestion” of the lab theory, and noted the “genetic sequence” of Sars-CoV-2, the scholarly term for coronavirus, “does not match any her lab had previously studied”. ←- I checked and the variation of RaTG13 and SARS-CoV-2 is not that large, and that means likely only some genetic driftConclusion: Our results demonstrate that the divergence between SARS-CoV-2 and RaTG13 has been overestimated.https://www.ncbi.nlm.nih.gov/books/NBK285579/   ←-NIH on GoF researchhttps://twitter.com/ninaburleigh/status/1396809466016841734 ←- Nina just did a book on the pandemic and citations are not newOptional: The nexus of Russia in hacking both nation state and criminal (blurred lines) (pipeline) (ransomware) (RAAS) (Cartels)

The good doctors are back to discuss the most pressing issues. Stories in this episode (in addition to the usual banter)Has Biden actually won the election? Or was it stolen? Who will drag Trump out kicking and screaming and what damage will he do in the meantime? How did the million MAGA march go? https://www.npr.org/2020/11/15/935181031/a-march-without-millions-is-still-a-worrying-sign-of-a-nation-dividedFake news is here to stayAnd the networks that protect them https://www.reuters.com/article/idUSKBN27S35P Muslim pro, ain’t very pro muslimhttps://www.vice.com/en/article/jgqm5x/us-military-location-data-xmode-locate-xThe U.S. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned. The most popular app among a group Motherboard analyzed connected to this sort of data sale is a Muslim prayer and Quran app that has more than 98 million downloads worldwide. Others include a Muslim dating app, a popular Craigslist app, an app for following storms, and a "level" app that can be used to help, for example, install shelves in a bedroom.

We discuss Tik Tok, China, other social medias.And Scot depresses us all. 

In a more-depressing-than-usual episode, we try to talk about APT's (well, they're password spraying so there's nothing advanced about it).Chat a bit about the VDBIR.Inevitably we go down the dark dark hole where everything is burning. 

We return after a seasonal break to a very different world which has thrown us off balance. So, there is a lot of pontification. Talk about COVID19, phishing scams, what organisations can do in this time to beef up their security, what organised criminals are doing, and of course, the most important issue of all... Tiger King! 

CYBER!: Iran’s Military Response May Be ‘Concluded,’ but Cyberwarfare Threat GrowsCybersecurity experts are seeing malicious activity from pro-Iranian forces, and warning that Iran has the capacity to do real damage to American computer systems.https://www.nytimes.com/2020/01/08/us/politics/iran-attack-cyber.html CYBER CYBER CYBERRRR!: DISINFORMATION: The Middle East Was Already a Powder Keg of Misinformation. Trump Just Lit the Match.Thousands of shady social media accounts have been pumping out a crossfire of propaganda and misinformation across the Middle East.https://www.vice.com/en_us/article/dygvv7/the-middle-east-was-already-a-powder-keg-of-misinformation-trump-just-lit-the-match The Weaponization of Nostalgia: How Afghan Miniskirts Became the Latest Salvo in the War on Terrorhttps://ajammc.com/2017/09/06/weaponization-nostalgia-afghan-miniskirts/ In the 1979 – at the end of Afghanistan’s “Golden Age“ – only 18% of Afghans were literate – and average life expectancy was only just above 40, meaning that half of Afghans died before that age.The average Afghan was certainly not wearing miniskirts and attending Kabul University, nor were they taking fashionably-dressed vacations to the mountains in imported cars. This was a very small urban elite and middle-class segment of society shown in the pictures of Kabul in the 1970s, and one that did not reflect the conditions of the majority of Afghans.CYBERING INTENSIFIES!: How Iran Can Still Use Cyber and Drone Technology to Attack the U.S.What are precision-guided weapons such as ballistic missiles and drones capable of?https://www.scientificamerican.com/article/how-iran-can-still-use-cyber-and-drone-technology-to-attack-the-u-s1/ *breathe*CYBERRRRRR!: Texas Says Attempted Cyber Infiltration Surges: Iran UpdateTexas Reports Surge in Cyber Interference (10:18 p.m.) ERMEGERD A PING SWEEEEP!https://finance.yahoo.com/news/texas-says-attempted-cyber-infiltration-031847377.html?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAACKWXIJtKof0WjZKGhMaOg_3oRzRAfSrvWFBPeQViWuWU4ul75MtLQR_AyFpncATIjAMd2AYTHfesLmjYq0uzksOH5u6De41McHCAUaLQb0g8HXis0UcDPu74_Y_v2evbNLEImPZjXVVZNf1tegNyJwZp44fsQEMfN8drzHq34Hb Zomg cyber graffiti! A government website was ‘defaced’ with pro-Iran messaging and an image of a bloodied Trump. Hackers claimed responsibility.Blood runs in rivulets down President Trump’s chin as a fist punches his left cheek. Two golden missiles, each emblazoned with the Iranian flag, shoot across the bottom of the illustration.“This is message from Islamic Republic Of Iran,” reads text in English.https://www.washingtonpost.com/nation/2020/01/06/american-government-website-defaced-iran-hackers-bloodied-trump/ A happy hotel with a sad endinghttps://blog.knowbe4.com/happy-hotel-with-a-sad-ending Related Now you can send pictures of your GENITALS to get a doctor's advice on embarrassing lumps and bumps for £160 https://www.dailymail.co.uk/health/article-7861521/Now-send-PICTURES-genitals-doctors-advice-embarrassing-symptoms.html 

It's almost our anniversary episode, who is keeping count? We are back, episode number 17 where we discuss all things state sponsored in the cyber world. Alleged Russian Hacker Behind $100 Million Evil Corp Indictedhttps://www.wired.com/story/alleged-russian-hacker-evil-corp-indicted/Data center provider CyrusOne hit with REvil ransomware https://www.scmagazine.com/home/security-news/ransomware/data-center-provider-cyrusone-hit-with-revil-ransomware-report/ Facebook Sues Company For Hijacking Accounts to Run Bad Ads https://www.bleepingcomputer.com/news/security/facebook-sues-company-for-hijacking-accounts-to-run-bad-ads/  The AI film that took Scot to a dark dark place https://t.co/7JQrLgEoed?amp=1 

Hackers Plundered Israeli Defense Firms that Built ‘Iron Dome’ Missile Defense System https://krebsonsecurity.com/2014/07/hackers-plundered-israeli-defense-firms-that-built-iron-dome-missile-defense-system/Weaponized Information: One Possible Vignettehttps://madsciblog.tradoc.army.mil/190-weaponized-information-one-possible-vignette/System bug gives Facebook access to iPhone camerashttps://www.scmagazine.com/home/security-news/vulnerabilities/system-bug-gives-facebook-access-to-iphone-cameras/ Scottish Widows in ‘data breach’ over wrong lettershttps://www.ftadviser.com/pensions/2019/11/14/scottish-widows-in-data-breach-over-wrong-letters/Twitter:@Krypt3ia@J4vv4D

FBI softens stance on ransomware: it's (sort of) okay to pay off crims to get your data backFBI warns about high-impact Ransomware attacks on U.S. OrganizationsUS hospitals turn away patients as ransomware strikesZendesk Security Breach May Impact Orgs Like Uber, Slack, and FCCContext categorises AVIVORE as a previously unknown and untracked nation-state level adversaryComodo Forums Breached, Data of Over 170,000 Users Up for Grabs20M Russians' Personal Tax Records Exposed in Data LeakElectronic Billboards in Detroit Played Porn for 30 Minutes After Being HackedGerman police seize “bulletproof” hosting data center in former NATO  bunkerCrowdStrike and the Impeachment Frenzy

Blood and destruction shall be so in useAnd dreadful objects so familiarThat mothers shall but smile when they beholdTheir infants quarter'd with the hands of war;All pity choked with custom of fell deeds:And Caesar's spirit, ranging for revenge,With Ate by his side come hot from hell,Shall in these confines with a monarch's voiceCry 'Havoc,' and let slip the dogs of war;That this foul deed shall smell above the earthWith carrion men, groaning for burial.~Julius Caeasar Act III Scene I The Saudi oil attacks could be a precursor to widespread cyberwarfare — with collateral damage for companies in the regionA recent attack against Saudi Aramco damaged the world’s largest oil producer and delayed oil production, roiling oil and gas markets. The Saudi government and U.S. intelligence officials have claimed the incident is the work of Iran, while Iran blamed Yemeni rebels.This is a real-world continuation of a long-simmering cyberwar between the two countries, which has spilled over into other global powers.In recent years, Iran has deployed destructive computer viruses against Saudi Arabia. The Kingdom and oil and gas industry have been slow to shore up their defenses, raising red flags about the possibility of longer term fal-out in the region, experts said. Investors should expect long-term cyber espionage and flare-ups of malicious activity, including the potential for destructive attacks that hurt companies in the region beyond Aramco.https://www.cnbc.com/2019/09/21/saudi-aramco-attacks-could-predict-cyber-warfare-from-iran.html  The Urgent Search for a Cyber Silver Bullet Against Iran PEW PEW PEW!President Trump is considering a range of options to punish Iran for this month’s attack on Saudi oil facilities, and has toughened sanctions on Iran and ordered the deployment of additional troops to the region. But a second cyberstrike — after one launched against Iran just three months ago — has emerged as the most appealing course of action for Mr. Trump, who is reluctant to widen the conflict in a region he has said the United States should leave, according to senior American officials.But even as the Pentagon considers specific targets — an attempt to shut down Iran’s oil fields and refineries has been one of the “proportionate responses” under review — a broader debate is taking place inside and outside the administration over whether a cyberattack alone will be enough to alter Iran’s calculations, and what kind of retaliation a particularly damaging cyberstrike might provoke.https://www.nytimes.com/2019/09/23/world/middleeast/iran-cyberattack-us.htmlPhishing Attack Targets The Guardian's Whistleblowing Site"Once the attackers gain access to a source's codename, they can thenlogin with it on The Guardian's real SecureDrop site and impersonate thesource and steal information and communications.Sh1ttyKids told BleepingComputer that soon after he tweeted about thephishing site it was taken offline. He did not know, though, whether thesite was taken offline by The Guardian's security team, who werenotified, or the attackers.BleepingComputer has reached out to The Guardian with questions relatedto the page being taken down.Even though the page is now down, unfortunately the harm may havealready been done as not only was this phishing site harvestingSecureDrop codenames, but was also pushing a malicious Android app thatcould allow the attackers to monitor anyone who installed it."https://www.bleepingcomputer.com/news/security/phishing-attack-targets-the-guardians-whistleblowing-site/ Tortoiseshell Group Targets IT Providers in Saudi Arabia"The targeting of IT providers points strongly to these attacks beingsupply chain attacks, with the

XKCD Forum Hacked – Over 562,000 Users’ Account Details Leaked"XKCD—one of the most popular webcomic platforms known for its geekytech humor and other science-laden comic strips on romance, sarcasm,math, and language—has suffered a data breach exposing data of its forumusers.https://thehackernews.com/2019/09/xkcd-forum-hacked.html A Chinese APT is now going after Pulse Secure and Fortinet VPN servershttps://www.zdnet.com/article/a-chinese-apt-is-now-going-after-pulse-secure-and-fortinet-vpn-servers/ Deepfakes being used in Vishinghttps://gizmodo.com/scammer-successfully-deepfaked-ceos-voice-to-fool-under-1837835066 Digital Crackdown: Large Scale Surveillance and Exploitation ofUyghurshttps://www.volexity.com/blog/2019/09/02/digital-crackdown-large-scale-surveillance-and-exploitation-of-uyghurs/Nemty Ransomware Gets Distribution from RIG Exploit Kithttps://www.bleepingcomputer.com/news/security/nemty-ransomware-gets-distribution-from-rig-exploit-kit/The Extortion Economy: How Insurance Companies Are Fueling a Rise in Ransomware Attackshttps://www.propublica.org/article/the-extortion-economy-how-insurance-companies-are-fueling-a-rise-in-ransomware-attacks US cyberattack temporarily paralyzed the ability of Iran totarget oil tankers in the Gulfhttps://securityaffairs.co/wordpress/90678/cyber-warfare-2/us-cyberattack-iran.htmlKey and Peele hat upmanshiphttps://youtu.be/5pKt4gaErvU How Hong Kong protesters are embracing ‘offline’ messaging appsto avoid being snooped onhttps://thenextweb.com/socialmedia/2019/09/03/how-hong-kong-protesters-are-embracing-offline-messaging-apps-to-avoid-being-snooped-on/Some of Russia's surveillance tech leaked data for more than a yearhttps://www.zdnet.com/article/some-of-russias-surveillance-tech-leaked-data-for-more-than-a-year/#ftag=RSSbaffb68Hackers Hit Twitter C.E.O. Jack Dorsey in a ‘SIM Swap.’ You’re at Risk, Toohttps://www.nytimes.com/2019/09/05/technology/sim-swap-jack-dorsey-hack.html?emc=rss&partner=rss Charlie Miller’s tweetshttps://twitter.com/0xcharlie/status/1169587298754686976?s=20 

Scott is back from Las Vegas, having survived Blackhat and Defcon... and boy, does he have some stories for us! 

Locusts, breaches, blue team village, and John McAfee's bath salts... what do these have in common with this episode? Well, Scott is off to Blackhat 2019, and we don't know if we'll see him back. 

We're back from the mid-season break and gently easing back into things.League of legends blockedhttps://www.bbc.co.uk/news/newsbeat-48750608  APT against telcos?https://www.computerweekly.com/news/252465671/APT-attack-on-telcos-highlights-need-for-comprehensive-defence https://www.forbes.com/sites/zakdoffman/2019/06/25/chinese-government-suspected-of-major-hack-on-10-global-phone-companies-reports/#d47d84032dab https://www.infosecurity-magazine.com/news/china-blamed-for-apt-attacks-on-1-1/ Kelly's 5 why'shttps://twitter.com/swagitda_/status/1143223035891265543  Electroboom's view of the USB killerhttps://youtu.be/y_bbX_Ch1Z8

Trunk Monkey advertshttps://youtu.be/XW8iAVwt_Yc Bitcoin phisher steals $365,000 and 10,000 passwords from dark web usershttps://thenextweb.com/hardfork/2019/04/10/bitcoin-phisher-steals-365000-and-10000-passwords-from-dark-web-users/   A UK hacker has been jailed for 6 years for extorting more than $915,000 from porn site users by using a sophisticated virus that tricked them into thinking they were being investigated by the FBIhttps://www.thisisinsider.com/zain-qaiser-hacker-jailed-6-years-blackmailing-porn-site-users-2019-4 DHS, FBI say election systems in 50 states were targeted in 2016https://arstechnica.com/information-technology/2019/04/dhs-fbi-say-election-systems-in-50-states-were-targeted-in-2016/ Darkode: The Most Notorious Hacking Forum On The Web Is Back Onlinehttps://www.forbes.com/sites/kateoflahertyuk/2019/04/10/darkode-the-most-notorious-hacking-forum-on-the-web-is-back-online/#143e79fc3fac Mysterious operative haunted Kaspersky critics https://apnews.com/a3144f4ef5ab4588af7aba789e9892ed Busting Ghost Firmshttps://medium.com/@rsatter/busting-ghost-firms-d0eaaf113910

5:25 | RSA Presentationshttps://www.rsaconference.com/events/us19/presentations23:00 | Shamir blocked from Entry into the country where his conference is being held https://forums.theregister.co.uk/forum/all/2019/03/05/rsa_cofounder_us_visa_row/ 25:30 | Ransomware as act if warfare, LockerGogahttps://www.bleepingcomputer.com/news/security/new-lockergoga-ransomware-allegedly-used-in-altran-attack/ https://motherboard.vice.com/en_us/article/8xyj7g/ransomware-forces-two-chemical-companies-to-order-hundreds-of-new-computers 32:30 | Cyber insurancehttps://www.lawfareblog.com/moment-truth-cyber-insurance 40:00 | Scott to apologise For this post, https://krypt3ia.wordpress.com/2015/12/04/the-2015-full-spectrum-cyber-douchery-krampus-list/ 1:05:00 |  Rise of child pron phishhttps://blog.knowbe4.com/heads-up-this-evil-new-child-porn-phishing-attack-could-absolutely-ruin-your-life 1:18:00 | Kid hacked teacher and made hit listhttps://www.bleepingcomputer.com/news/security/13-year-old-allegedly-hacked-teacher-account-to-create-student-hit-list/ 

In this action-packed episode, our brave hosts discuss Defcon ChinaYes, China - and hacking... blows the mind https://www.youtube.com/watch?v=Ad-YqwhUsTE A story of a CISO that nearly killed himself. Drowning not wavingand finallyGoogle Sorry It Forgot to Mention Nest Security Systems Have Secret Microphones

Def Con 27 themehttps://www.defcon.org/html/defcon-27/dc-27-cfp.htmlTechnological Utopianismhttps://en.wikipedia.org/wiki/Technological_utopianismHypoerNormalisation Documentaryhttps://youtu.be/fh2cDKyFdyU Fear and Loathing in Las Vegas ending scenehttps://youtu.be/jrd-sfoAv9A