It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

GhostNet: Reconnaissance For Internet Doomsday

page: 4
120
<< 1  2  3   >>

log in

join
share:

posted on Apr, 1 2009 @ 12:35 PM
link   
it seems China is denying involvement and trying to alter the focus towards finding out who would blame china for this.

old.school, china would like to have a word with you


www.voanews.com...



posted on Apr, 1 2009 @ 12:56 PM
link   

Originally posted by MemoryShock
Or could that suggest (the conspiracy theorist in me makes this leap) that we are perhaps witnessing the beginnings of the foundation for a "Virtual Cold War"?



From Crakeurs Link
Qin says outside of China there is a "Cold War Ghost." He says people haunted by this ghost also suffer from a virus called "China threat," which he says makes people want to tarnish China with lies.


I'm just sayin'...

Though some of the examples of Chinese Government follow through regarding intercepted information is pretty damning...



posted on Apr, 1 2009 @ 01:36 PM
link   
As I mentioned earlier, with VPN tunneling and hidden servers running encrypted partitions, most of the tech discussion here is not relevant on the black-playing field. I'd call most ideas here, old and outdated.

Let's go people, get the real tech smarties on this thread quick like, m'kay?

But also, March 31st 2009 is the exact 50th anniversary of the Dali Lama getting asylum, right? So for China to play stupid is well, stupid. Spheres converging here, but when spheres converge and all of them are arguing, there is little time for the people to get their facts straight.

FACT: 1,200 servers as described, can be controlled with one computer anywhere on Earth if running enrypted partions and tunneling VPN with hand off functionality. The packets are wrapped, sliced, reassembled almost as much as US collateralize mortgage debt package!

Again: With black-hat tech, it is simple to hide a complete tunnel and also to hide the handlebars which control "Ghostnet". The public (and even IT people) are too ill-informed to be fighting cyberwar... Well, right now they are, but that could change quickly.

But won't both US and Chinese regular people just whine for more government control to resolve things? So I see no reason to be hopeful yet, really. I see a huge gulf between what people want their government to do for them (like web-surfing-children really, be they Chinese or American) and what they must do for themselves. How shall they know what part they must do for themselves if they are purposefully kept in the dark about how tech works? I suppose many do choose ignorance but I won't give up on humans as a whole, yet.

But the point is: World of Warcraft will probably do well with their new Legends of China expansion pack. Big market of computer owners and gamers over there.

[edit on 1-4-2009 by smallpeeps]



posted on Apr, 1 2009 @ 02:31 PM
link   

Originally posted by JohnJetson
government would thought it necessary to take precautionary measures (ie. reflashing the firmwares) before rolling them out for use in the states.


Another reason to only use Open Source code, even on the routers, because basically anyone can sneak in a back door. Maybe it is time for another open source project.

As a second thought, there is not reason to suspect that the Chinese government was behind this, even just some opportunists looking to get some data for corporate espionage. I would not put it past organized crime to try such a thing.

[edit on 1-4-2009 by SoulOrb]



posted on Apr, 1 2009 @ 03:14 PM
link   
Is this an April Fools? LOL, but it is an intriguing concept. If China wanted to they probably could slip things into their products. But the one flaw is that the most important network infrastructure is American made (all parts and software) under government contract for that exact reason. I am also sure that the NSA and other organizations use custom in-house software. You have to remember all of the slip-ups of secure information leaking in the past 10 years has been because of officials using their personal computers to store official files, and loosing their flash drives with info on it that shouldn't have been copied.



posted on Apr, 1 2009 @ 03:14 PM
link   
reply to post by mister.old.school
 


S&F~!

My question is, why did you have to go to the FEDs with this if your contact is already in the military?? Unless I completely missed something, shouldn't the Military already have contacted the gov on this??

The only thing I'm thinking is, the Military DID and the FEDs are dragging their feet or thinking that their just full of 'it' or...they're sitting us up for something again...which is what i'm leaning towards atm..

Not sure how clear this was in the OP ...




-Komodo



posted on Apr, 1 2009 @ 03:24 PM
link   
reply to post by smallpeeps
 


Star for ya on this post~!

I still wonder what the real reason was behind the massive 'router update' they did a few years back, stating that it was to place firmware(?) in the routers against major security flaw. (If I understand this correctly)



posted on Apr, 2 2009 @ 09:00 AM
link   
it's all very interesting and seems to make sense. however, if you gave me a dime for every supposed impending doom/attack/occurence that was discussed on ATS and never happened, then I would be a rich man. I'll believe it when it happens.



posted on Apr, 4 2009 @ 12:45 AM
link   

Originally posted by DraconianKing
I've been worried about all out cyberwar for a while now. The US is probably bottom of the list in terms of being ready for a true cyberwar. Our military brass have no clue just how powerful a weapon the computer can be. Right now if Russia or China had enough brilliant security experts and equipment they could practically destroy this country overnight.

I've been into the information security scene for over a decade and you might think that by now the government and corporations would be secure but it's just not the case. I will say that finding your own high value 0-day exploits has become quite a challenge for an individual but selling pre-exploited routers to the US sure makes life much easier.


This also makes it easier to get into closed networks(not connected to internet). Many of our key infrastructures are run on closed networks for security reasons but with pre-exploited hardware they become vulnerable. It would still be tricky to get data off the network but if destruction is your only goal then life is good. You would just need to figure out a practical way to trigger the event.

I can't say when a serous cyberwar could break out but I certainly have seen my fare share of interesting activity on the darknets. I've also seen some serious bits of code floating around that had to be written by true zen masters. Just sneak peaks but enough to show you the kind of minds that you are up against and working with. If the US is attacked then put your faith in the public sector of America's information security elite, the government will be useless. They will probably go straight into blame mode.

Just one genius could seriously give the US major problems now imagine a whole bunch of specially trained and well funded individuals with all sorts of toys and code to crush you with.


[edit on 4-4-2009 by sliznut]



posted on Apr, 4 2009 @ 12:57 AM
link   
reply to post by DraconianKing
 


This baffles me. I have seen people make these statements time and time again. While the Web is a dangerous tool in the wrong hands, did you all forget that WE created the Internet? What makes you think that we are at the bottom of the pile in terms of security? I am an IT professional with security focus. I have close friends that work for OUR military due to their skills in creating worms and viruses that destroy systems. Our country is not perfect by far, but do not forget that this playground we call the Web was invented right here in the USA.

As for the argument about Linux vs. Windows in security....forget about it. I can tell you from personal conversations with server admins within our government that we do not blindly trust proprietary software. In a few words "We run Linux on servers for a reason. If you look at all malware out there and call it 100%, that is what Windows is capable of getting. On a Mac it may be 5%. On Linux its less that half of that 5%."

Point being: we do not have dummies running this show here on the IT front.



posted on Apr, 4 2009 @ 09:58 AM
link   

Originally posted by sliznut
This baffles me. I have seen people make these statements time and time again. While the Web is a dangerous tool in the wrong hands, did you all forget that WE created the Internet? What makes you think that we are at the bottom of the pile in terms of security? I am an IT professional with security focus. I have close friends that work for OUR military due to their skills in creating worms and viruses that destroy systems. Our country is not perfect by far, but do not forget that this playground we call the Web was invented right here in the USA.

Are you comfortable with "the people" being furniture which your buddies need to exploit or workaround? You say you work with white/grey hatters who are good at making botnets work? That's heroism and good work on your front?

Hey, what's your opinion of the botnet which the BBC just recently rented, used, then scuttled?



"We run Linux on servers for a reason. If you look at all malware out there and call it 100%, that is what Windows is capable of getting. On a Mac it may be 5%. On Linux its less that half of that 5%."

Point being: we do not have dummies running this show here on the IT front.

Not dummies, but where is their knowledge of the word of computing as a battleground? Where's yours?

I guess what I am saying is that most if not all of these gummin'ts involved in this whoo-haa (China, US, UK, World, etc) see the people and their Windoze PCs as the same thing: soil for to grow their own bot-nets. --For national defense of course.

But sewing evil onto people's machines in the name of freedom? That's just lame. What IT gummint agent would believe that they were actually defending their country by infecting the world's PCs? Even tho it sounds stupid on even a basic level, many will hypnotize themselves to believe it, especially when they've worked to get their certs and eaten sh_t to get the job and are allowed to see into the darker corners of humans behaviors, etc. Only certain personality types (or people who are simply paid, very well) can be able to disconnect their brains from their hearts like that, but yeah, they can be found infecting botnets onto every machine on Earth in the name of "My Country".

We both know the solution for all the World will be more control (NWO via the courts) or else a totally grey-market world of zero-nation control over the grey internet. Those who say the Internet must be controlled, live very controlled, sad lives. They will only see it thrive even more, and the people will have to individually get smarter, which actually is counter-friendly to their own nation's efforts, most likely. If the opposite was true, you'd have nation campaigns to remove rootkits and bots ACTUALLY and not through fake-AV (but well-marketed) softwarez sold now at fine storez. If some gummint agent wanted their nation to actually be strong in a Cyber-posture, they'd enable every citizen to be more equipped from a tech perspective.

As it is, the black markets (ID theft, carding, illegal pron/snuff) are probably run by the best tech players who are (in my guess) morally ambiguous at best and when any person finds their gold mine and sets up the stuff it takes to produce gold, they will definitely want to control that gold mine/market.

IT employees are a dime a dozen and the managers in that industry are worse that evil, having sold their whole profession to India. The imported cheap-brains who've displaced the American computer professional work on software they don't care about in a country they don't really like. Is that safety, as a nation? I guess recruiting efforts for cyber warfare need to be willing to peer into the abyss so to speak so it's easier to have cross-national influence making it all happen.

If Google makes all their India and USA employees switch countries to keep their jobs, for example, the effect would surely be profitable because the sheer scale of such an upheaval would produce a more efficient worker maybe? Interesting to think about, but more importantly, would these two groups still be victimized by viruses even as their Google stock rises and splits? Yes, probably it would for a while. But Google has no interest in botnets, do they?

Free thinkers who are truly skilled with both tech and people know that you don't need much tech to ramshackle somebody or infect their machine: Hypnosis or crafted chat/IM messages will do. Once the user is hypnotized into that little mouseclick, it's all over.

[edit on 4-4-2009 by smallpeeps]



posted on Apr, 6 2009 @ 02:13 AM
link   
reply to post by smallpeeps
 

Only certain personality types (or people who are simply paid, very well) can be able to disconnect their brains from their hearts like that, but yeah, they can be found infecting botnets onto every machine on Earth in the name of "My Country".

Well bro, you missed the point. I was simply stating that I get annoyed with the conspiracy jackoffs that repeatedly post BS about the USA being unprepared for this stuff. My point was simply that we are more prepared than many think.

This is the only reason I like this site. You seem like an intelligent person and I like that. I don't get into the whole gloom and doom conspiracy crap that whackjobs post all the time.

Now back to your response. Would you rather I write a code to infiltrate a potentially threatening system to gain access and shut it down? Or would you rather I bomb a bunch of innocent people to stop a threat?

I 100% agree with you that the powers that be, including us, view weak systems as a simple spy tool. But what are the alternatives in a hostile world? And for the record the only blackhats I know that got military positions got those because of DEFENSE RESEARCH. They wanted to know how these people could crack systems like this and manipulate them to make our systems as impervious as possible. Blackhats generally work for their own profit, not the forward progression of anything but their bank accounts. Last I checked the military wasn't paying very well.

I come from a military family. My great grandfather, grandfather, father, and all my uncles actively fought in wars. Personal tragedies really. I work in the private sector doing basic IT work and making pretty good money. I do security systems. This is going to be the playground of the next battles, or the precursor and our military is completely aware of this. You make a pre-emptive attack on a power grid and follow it up with air strikes and a country/city is in trouble. Why do you think most universities now offer "Information Warfare" classes as part of an IT degree? How many other majors do you hear of involving any classes to do with warfare? We are fully aware of this and this was my simple point. I'm just sick of paranoid people talking # about our country when they don't even know what's going on.

On a good note, I do completely appreciate your intelligent response to my post. Good discussion will never hurt any of us.



posted on Apr, 6 2009 @ 02:53 AM
link   
I wonder if that is why Google runs on there own custom servers.

news.cnet.com...

I am making a guess that Google also has there own custom routers.

This would leave china with no back door into google.

And leave Google with the market control if there was a attack.



posted on Apr, 6 2009 @ 09:32 AM
link   

Originally posted by sliznut
Only certain personality types (or people who are simply paid, very well) can be able to disconnect their brains from their hearts like that, but yeah, they can be found infecting botnets onto every machine on Earth in the name of "My Country".


Actually I judge people mostly on their ongoing replies, not just one post, and your response clarifies and forwards the discussion in the correct direction: Thanks.

I did understand your point: We are prepared. But the preps are only as good as the brains in charge.



Now back to your response. Would you rather I write a code to infiltrate a potentially threatening system to gain access and shut it down? Or would you rather I bomb a bunch of innocent people to stop a threat?

I 100% agree with you that the powers that be, including us, view weak systems as a simple spy tool. But what are the alternatives in a hostile world? And for the record the only blackhats I know that got military positions got those because of DEFENSE RESEARCH. They wanted to know how these people could crack systems like this and manipulate them to make our systems as impervious as possible. Blackhats generally work for their own profit, not the forward progression of anything but their bank accounts. Last I checked the military wasn't paying very well.

Here is where the blackhats are kinda like Hessians, ya know? Like, if we coulda used Hessians to win the war of Independence, it wouldn't have meant as much. Do you know if the North actually used Hessian soldiers?

Well, I must say that so-called 'black hats' may just be materialists or morally-devoid humans OR they may just be illegal-pervs who want to hide their stuff, so controlling the servers of the world becomes more of a political freedom-cause in their own black-heads. Like, say a person believes P2P should exist and be free, well surely the MPAA and that army will see such a hacker as being 'black hat' but they may see themselves as being a hero like Han Solo or something.

So I see both sides of your point, but I happen to be 100% in the view that the situation is normal: All F'd Up. How can we be recruiting soldiers like that? What do we bribe/pay them with? I am sure most people do not want to know the truth.

Also, one would guess that the average soldier is feeling a little emotionally left-out-in-the-cold these days so I guess any kind of tech of 'kick ass' gear like having hackers in your crew and knowing that arty is up on the hill and AWACS is up in the heavens --One could imagine how having machines of mayhem backing you up would give a soldier some kind of good feeling. BUT, I am saying that controlling a botnet is very different than if that Hacker is sitting next to some dude controlling a Predator drone with a joystick.

One may argue that both men have their hands on a joystick, one controls the botnet which operates on victimized computers in their own countrymen's homes, and one controls a different item: A pilotless plane in the sky. It would be my argument that using Hessians to manipulate the computers of your countrymen, is treason. The military however, probably has their own current definition of treason and I'm guessing black hats in every country will be given a pass.



I come from a military family. My great grandfather, grandfather, father, and all my uncles actively fought in wars. Personal tragedies really. I work in the private sector doing basic IT work and making pretty good money. I do security systems. This is going to be the playground of the next battles, or the precursor and our military is completely aware of this. You make a preemptive attack on a power grid and follow it up with air strikes and a country/city is in trouble.


A friend of mine (I'm a hippie with long hair) asked me recently if he thought he should join the Air Force. I told him we need good people in our military so I said "Yeah, if that's what you want. But DON'T be a frikking bystander if you see evil going on. Speak the hell up!" ...I think my advice was good.

You say you make good money doing IT sec. That's cool. I've been in IT for years and I have less and less respect for the people in that industry simply due to observing how stupid and of low-intellect the people were. The workers I worked with just wanted a comfy IT job. The managers had to please the directors, the directors have to please the board, all of whom know NOTHING about the tech in their hands, and know nothing about philosophy in regard to tech.

Years ago I knew all this would collapse and I still think it will fully collapse. EMP combined with destructive viruses combined with citizens victimized by their own tech will cause it all to go away. I'm guessing you'll still be well employed tho. I respect the military but I find so few of these sorts who can actually think outside that camouflaged box.

In the future I see, the US military will be fighting against American county sheriff authorities who are tired of the Military machine and tired of the Fed. You'll win of course because all those county authorities don't have the money to hire Hessians.




Why do you think most universities now offer "Information Warfare" classes as part of an IT degree? How many other majors do you hear of involving any classes to do with warfare? We are fully aware of this and this was my simple point. I'm just sick of paranoid people talking # about our country when they don't even know what's going on.

Yeah, and you know what all the classes have been for the past ten or twenty years? Finance and Structure Derivative Analysis for Wealth! ...See how much that means? If your population goes to college and learns stupid sh_t free from any moral or ethical underpinnings, the result will be a disaster. Same in this case. US is going to educate the new Hessians in their own country? But what about when that new Devry grad goes to work as a blackhatter for India or South Ossetia? He won't even have to leave the US base he's stationed on, to do that.



On a good note, I do completely appreciate your intelligent response to my post. Good discussion will never hurt any of us.

Me too. A few of my uncles were also tragic military figures. My Pops went the peaceful route but I'm sort of in the middle of these two worlds, Military and Religious. I'm trying to find the middle ground. Thanks for meeting me halfway with this exchange here. I also think you are obviously intelligent and yes, talking it through will help our nation which we both love.


BTW, I am an unemployed IT worker. The last company I was at (till December) provided virus-removal to the US public over the phone and via remote desktop control. You paid a fee and a tech moves your mouse remotely and helps you over the phone to de-virus your computer. Yeah, well that company evaporated and all techs were laid off. Also I noticed consistently (like 100%) of the decisions from a true virus-fighting perspective, were totally wrong. It seemed like there was a conspiracy of dumbness and I just eventually couldn't fight it internally.

Now while I was on the phones day-after-day for the last year, helping Joe Public remove Smitfraud and Vundo, I grew more and more depressed at the level of tech knowledge across the US. Also, when the company went away in a flash of no-cash, I thought to myself, "Well, there goes one of the few viable ways for Americans to get help removing viruses."

I am telling this story for two reasons; 1: I wanted to point out how easy it would be to employ techs like me to help the home user to make their machine virus-proof (and that it's not being done!), and 2: To tell anyone who wants to hire me to send me a U2U. I only need a million dollars or so of the bailout money and I can singlehandedly organize a company which will reduce the number of infected machines in the US. But wait! Will I be disrupting national security if I interfere with the infection process?



posted on Apr, 8 2009 @ 08:44 AM
link   
Rather than a simple solution like XP open-source or Ubuntu, the government and the military must use every opportunity for pork, and for dreaming up new tech (at massive taxpayer cost).

Pentagon spends $100 million to fix cyber attacks


According to Army Brig. Gen. John Davis, deputy commander for network operations, the money was spent on manpower, computer technology and contractors hired to clean up after both external probes and internal mistakes. Strategic Command is responsible for protecting and monitoring the military's information grid, as well as coordinating any offensive cyber warfare on behalf of the U.S.

Officials would not say how much of the $100 million cost was due to outside attacks against the system, versus viruses and other problems triggered accidentally by Defense Department employees. And they declined to reveal any details about suspected cyber attacks against the Pentagon by other countries, such as China.

Speaking to reporters from a cyberspace conference in Omaha, Neb., the military leaders said the U.S. needs to invest more money in the military's computer capabilities, rather than pouring millions into repairs.

"You can either pay me now or you can pay me later," said Davis. "It would be nice to spend that money proactively ... rather than fixing things after the fact."

Officials said that while there has been a lot of anecdotal evidence on the spending estimate, they only began tracking it last year and are still not sure they are identifying all the costs related to taking computer networks down after a problem is noticed.

Actually we see how little the military knows because 'patching' software in the wild is the way things actually get done. The real race is the race to the bug and the race to patch that bug. Re-tooling is what people do when they want over-arching control.

I have said above that for one-million dollars I will personally create a cmpany that will actually and demonstatably reduce the number of infected systems. it wouldn't take much to defeat these botnets, just a little over-the-phone training for Americans. For example (since nobody has U2U'd me ...A person feels a little unappreciated ya know?) all you'd have to do it have an autodialer calling everyone in the US. When homebodies answer, there is a charming and comforting tone which sounds like the NBC or the Close Encounters tone, bing-bing-bing or something like that. What this does is immediately tell the home that the US virus removal corp is calling. They can hang up or they can press "1" to get on the line with an actual virus removal tech.

Now in under ten minutes, I can tell (by asking simple questions) if the person is ready to take back their computer. So when the US home user presses 1 and then I am on the line, I ask them simple questions like, "When was your computer last working right?" and "Do you have your restoration discs?" etc. If they didn't have their resto discs, I would coach them on what to expect when they call HP or Dell and pre-load them for disappointment and tell them that perseverance will get them their resto DVDs if such are available from the manufacturer. ...So after about ten minutes, I know if it's a reload which is needed or maybe they just have some little adware infection. In any case, from the telephone all that is needed is for them to browse to a particular website and they enter the www address for the program (website contains white-bot-code) and click "YES" when it asks for desktop control, and BAM I can then move their mouse, clicking around, seeing what's in the usual directories, etc. I have found that when people are getting their mouse moved by someone who cares, their response is that of being completely charmed. This would serve national unity also though nobody speaks about uniting Americans these days. In fact, it's not really part of the plan from a conspiracy POV.

Now why would people allow a gummint anti-virus-agent to call them and work in their PC? I'd say that although most people do not trust their government, the assumption would be that a gummint anti-virus telemarketer would have a serious impetus to just do the removal job and not place a gummint-bot in there secretly afterward. --Yes, it's a sad day when a helpful program like what I am describing can't be initiated because the citizen has so much distrust for their government that even a free cleaning of viruses would be turned down on paranoia alone. No, I think a lot of Americans would be grateful for that automated phone call and if gummint agents try to drop their packages onto the home machine, they'll be caught by the more techie customers so the risk-versus-reward says that the product would actually work and be trusted.


But no, none of that will be done. The modus operandi here is for the military to place their figures up around the million-bajillion dollar level, because why not? Everybody's doing it.

Also, the military solution is to see the citizens as furniture and debris, which they must navigate to 'get the bad guys' so in such a demonstrative world as that, there really is no value from the military perspective, in enabling the home users to be safer. This is the real clincher here: The military will be able to move more easily through the furniture of urban actions if the people remain stupid and infected. Also, if we just upgrade the whole thing (Internet I mean) like they are floating here with this newsbyte or if we even leave DNS for some new schema, well that gives us (the military) way more control over the game.

I am of the opinion that gummint and military are both of the opinion that arming or enabling the citizens is the wrong thing to do in all cases. I think the US would be the one to challenge that policy if we had actual leaders instead of what we've got now (non-leaders, obfuscators). Their dreams are more easily realized if the people remain simple, and unlearned.



posted on Apr, 18 2009 @ 09:29 AM
link   
Just like I said, hiring Hessians is the new cool thing.

But Hessians can switch their loyalties quickly, so its a dangerous tactic to use them. But then, flexible ethics (or none) is irresistable in warfare, right?

But don't wars get won on high ground? Specifically, the moral high ground?




WASHINGTON (AP) -- Wanted: Computer hackers.


Buffeted by millions of digital scans and attacks each day, federal authorities are looking for hackers -- not to prosecute them, but to pay them to secure the nation's networks.

General Dynamics Information Technology put out an ad last month on behalf of the Homeland Security Department seeking someone who could "think like the bad guy." Applicants, it said, must understand hackers' tools and tactics and be able to analyze Internet traffic and identify vulnerabilities in the federal systems.


Can you be pretend-bad, for the fight against bad? That is the question. Duality and split personalities seems almost to be a cool new thing. Me, I'm just trying to keep my integrity. In this world, it ain't easy!

Still waiting for that U2U and the seed capital so I can start the national company that will reduce viruses in America. As I have stated, I know how to do it. ...But then, I sound like a prison warden offering to break up a fight between inmates who want to fight. The fact is, both sides want to play this game, and so my advice for the folks caught in the crossfire is to back up your data and prepare for a complete and total loss of all Internet. I'm saying it'll be nice if the Internet survives as a free and wonderful thing (like it is now) but probably, that won't happen.




top topics



 
120
<< 1  2  3   >>

log in

join