Mighty Fine Buckeyes, Folks. Mighty Fine.

Buckeye'd

May 08, 2019 by Marc Handelman in Espionage, Information Operations, Information Security, Information Technology, Government, Intelligence

Astounding flaws, reported by both Symantec and Ars Technica... What happended to OpSec? As importantly: The true ramifications for our country are yet unknown... Unless of course, this and other 'leaks' of the same or similar ilk - are, in fact - structured information operations of the highest caliber. Crafted to ensnare the miscreant espionage bounders wandering amongst us... You be the judge.

Key Findings

The Buckeye attack group was using Equation Group tools to gain persistent access to target organizations at least a year prior to the Shadow Brokers leak.

Variants of Equation Group tools used by Buckeye appear to be different from those released by Shadow Brokers, potentially indicating that they didn't originate from that leak.

Buckeye's use of Equation Group tools also involved the exploit of a previously unknown Windows zero-day vulnerability. This zero day was reported by Symantec to Microsoft in September 2018 and patched in March 2019.

While Buckeye appeared to cease operations in mid-2017, the Equation Group tools it used continued to be used in attacks until late 2018. It is unknown who continued to use the tools. They may have been passed to another group or Buckeye may have continued operating longer than supposed. - via Symantec Corporation's Threat Intelligence Blog

Cybering the Rus

October 24, 2018 by Marc Handelman in Information Warfare, Information Security, Information Operations

Yup. A new information operation - this time, from our Cyber Command, turning their attention to The Rus, and their own operatives. Via Julian E. Barnes, writing at the venerable New York Times, comes this piece, ostensibly discussing a sanctioned military-run information operation targeting the Russian apparatchiks running their own information operation against the world, as they have for years...

US National Counterintelligence and Security Center Releases 2018 Foreign Economic Espionage in Cyberspace Report

August 05, 2018 by Marc Handelman in US NCSC, Cyber Cyber Cyber, Information Operations, Information Security

National Counterintelligence and Security Center has released the Center's 2018 espionage report detailing foreign spying within the confines of 'cyberspace'. Both present and a modicum of future possibilities are covered. Enjoy!

The Sanger Attestation, 'The Age of Cyberwar is Here...' →

August 03, 2018 by Marc Handelman in Cyberwar, Electronic Warfare, Information Operations, Information Security

via David E. Sanger (author of 'The Perfect Weapon') comes this frank discussion of the true nature of war - in this case, cyber-war) and the effect (some might say 'affectation') of certain population groups (whether dis- or en- franchised) therein. Certainly, this week's Must Read.

"In my national security reporting for the New York Times, I’ve often been struck by the absence of the kind of grand strategic debates surrounding cyber that dominated the first nuclear age. Partly that is because there are so many more players than there were during the cold war. Partly it is because the United States is so politically divided. Partly it is because cyberweapons were created by the US intelligence apparatus, instinctively secretive institutions that always err on the side of overclassification and often argue that public discussion of how we might want to use or control these weapons imperils their utility." - via The Perfect Weapon by David E. Sanger

The Best Strategy for Cyber-Conflict May Not Be a Cyber-Strategy →

May 01, 2018 by Marc Handelman in Electronic Warfare, Information Security, Information Warfare, Information Operations, Cyber Cyber Cyber Cyber, Cyber Cyber Cyber, Cyberwar, Cyberthis Cyberthat

Terrific post at War On The Rocks, with an intriguing theory: The Best Strategy for Cyber-Conflict May Not Be A Cyber-Strategy, via Benjamin Runkle, . There's that pesky 'Cyber' thing again... At any rate, the discussion in this case, revolves around the leveraging of electronic, computational information warfare (perhaps also known as cyberwar) by the previous administration (President Obama). Elected (of course) - as today's Must Read, and watch out for 'them cybers'!

'We will respond in a time and place and manner of our choosing, and when we do so, we will consider a full range of tools, economic, diplomatic, criminal law enforcement, military, and some of those responses may be public, some of them may not be. One analyst derided the vice president’s pronouncements on the topic as “Biden threatening to threaten Russia.”' - via Benjamin Runkle at War On The Rocks