Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Image source:@DFRLab source of Record: Facebook

Atlantic Council Discovers Likely Russian Federation Information Operation

June 25, 2019 by Marc Handelman in Information Warfare, Information Security, Information Operations

via @DFRLab - Digital Forensics Research Lab, writing at the Atlantic Council's Medium blog, reports the discovery of a Russian Federation (Rossiyskaya Federatsiya) information operation of 'immense proportions'...

June 25, 2019 /Marc Handelman
Information Warfare, Information Security, Information Operations

ICS Attacks, The Real National Emergency

June 20, 2019 by Marc Handelman in ICS/SCADA, ICS, Information Warfare, Information Technology, Information Security, Network Security, Network Protocols, ICS Protocols

News, via the astonishingly prolific security writer Dan Goodin, editing, and reporting at Ars Technica, tells the tale of oil and gas network attacks in the United States, by a group monikered Xenotime. Think we're protected? Think again. Read the Dragos security researcher's post for truly concerning national security relevance.

"The group, now dubbed Xenotime by Dragos, quickly gained international attention in 2017 when researchers from Dragos and the Mandiant division of security firm FireEye independently reported Xenotime had recently triggered a dangerous operational outage at a critical-infrastructure site in the Middle East." via Dan Goodin, Security Editor reporting at Ars Technica

##

"Ultimately, XENOTIME’s expansion to an additional ICS vertical is deeply concerning given this entity’s willingness to undermine fundamental process safety in ICS environments placing lives and environments at great risk. - via Dragos

June 20, 2019 /Marc Handelman
ICS/SCADA, ICS, Information Warfare, Information Technology, Information Security, Network Security, Network Protocols, ICS Protocols

We Are Now On The Offensive... The Target? The Russian Power Grid

June 17, 2019 by Marc Handelman in Cyber Statecraft, Cyberwar, Information Warfare, Information Security

via Paul Szoldra writing at Task And Purpose, comes a superlative piece on the United States Cyber Command's cible du jour: The Russian Power Grid. This news, arrives via outstanding reporting of two of the The New York Times' highly respected correspondents and authors, namely - David E. Sanger and Nicole Perlroth.

"In interviews over the past three months, the officials described the previously unreported deployment of American computer code inside Russia’s grid and other targets as a classified companion to more publicly discussed action directed at Moscow’s disinformation and hacking units around the 2018 midterm elections." - via correspondents David E. Sanger and Nicole Perlroth reporting for The New York Times'

June 17, 2019 /Marc Handelman
Cyber Statecraft, Cyberwar, Information Warfare, Information Security

Tracking Illegal Terrorist Funding Campaigns Via Cryptographic Currencies Tools

April 02, 2019 by Marc Handelman in Anti-Terrorism, Behavioral Security, Information Warfare, Information Security

With superb research efforts, and the equally fascinating tutorials available for researchers targeting the problematic of illegality in terrorist funding, Brenna Smith divulges what it takes to discover, and subsequently track ill-gotten gains and the funding thereof, through the utilization of BitCoin transactions. Certainly today's MustRead, via Bellingcat. To effectively analyze any bitcoin address, I rely on four main tools:

"A bitcoin blockexplorer — which gives you access to the bitcoin blockchain... BitcoinWhosWho — which is a tool that allows you to look up certain BTC addresses... WalletExplorer — though similar to a block explorer in reporting transaction history... Good ole’ Google search — simply googling BTC addresses can lead you to blog posts..." - via Brenna Smith, writing at Bellingcat

April 02, 2019 /Marc Handelman
Anti-Terrorism, Behavioral Security, Information Warfare, Information Security

Latest Chinese BGP Redirect: Your Bits Are In Beijing

November 14, 2018 by Marc Handelman in BGP Routing Insecurity, Network Insecurity, Information Security, Information Warfare

News, via Ars Technica's Dan Goodin, detailing another BGP SNAFU - with the end result being the re-route of legit traffic - and this time - it's Googles' (Nasdaq: GOOG) bits-in-question. Included in the particularly bad-news-for-the-interwebs, is the belief that this redirect was not malicious - this, of course, remains to be proven. Stay Tuned.

November 14, 2018 /Marc Handelman
BGP Routing Insecurity, Network Insecurity, Information Security, Information Warfare

Cybering the Rus

October 24, 2018 by Marc Handelman in Information Warfare, Information Security, Information Operations

Yup. A new information operation - this time, from our Cyber Command, turning their attention to The Rus, and their own operatives. Via Julian E. Barnes, writing at the venerable New York Times, comes this piece, ostensibly discussing a sanctioned military-run information operation targeting the Russian apparatchiks running their own information operation against the world, as they have for years...

October 24, 2018 /Marc Handelman
Information Warfare, Information Security, Information Operations

The Best Strategy for Cyber-Conflict May Not Be a Cyber-Strategy →

May 01, 2018 by Marc Handelman in Electronic Warfare, Information Security, Information Warfare, Information Operations, Cyber Cyber Cyber Cyber, Cyber Cyber Cyber, Cyberwar, Cyberthis Cyberthat

Terrific post at War On The Rocks, with an intriguing theory: The Best Strategy for Cyber-Conflict May Not Be A Cyber-Strategy, via Benjamin Runkle, . There's that pesky 'Cyber' thing again... At any rate, the discussion in this case, revolves around the leveraging of electronic, computational information warfare (perhaps also known as cyberwar) by the previous administration (President Obama). Elected (of course) - as today's Must Read, and watch out for 'them cybers'!

'We will respond in a time and place and manner of our choosing, and when we do so, we will consider a full range of tools, economic, diplomatic, criminal law enforcement, military, and some of those responses may be public, some of them may not be. One analyst derided the vice president’s pronouncements on the topic as “Biden threatening to threaten Russia.”' - via Benjamin Runkle at War On The Rocks

May 01, 2018 /Marc Handelman
Electronic Warfare, Information Security, Information Warfare, Information Operations, Cyber Cyber Cyber Cyber, Cyber Cyber Cyber, Cyberwar, Cyberthis Cyberthat

GRU'd →

March 25, 2018 by Marc Handelman in Espionage, Russia, Intelligence, Information Warfare, Information Security, Agitprop

via The Daily Beast's Spencer Ackerman and Kevin Poulsen, comes the tale of Guccifer 2.0, an officer of the GRU, Russia’s Main Intelligence Directorate (also known as, the Russian Military Intelligence Directorate); and, of course, there's this and this.. H/T

March 25, 2018 /Marc Handelman
Espionage, Russia, Intelligence, Information Warfare, Information Security, Agitprop

DerbyCon 2016, Carlos Perez' 'Thinking Purple' →

January 14, 2018 by Marc Handelman in DerbyCon, Conferences, Blue Team, Red Team, Education, Information Security Jobs, Information Warfare

One and a half year old video - yet highly relevant to blue and red teamers. - mh

From the video description: Breaking with the adversarial approach of Red vs Blue, look at how the current system and approaches may be broken in some organizations and provide recommendation not only for the mature organization with a large structure but also how small businesses can take a more purple strategy in the way they operate their teams including how they acquire pentest services. Presentation will cover an approach beyond the red and blue team and more of a organizational and strategic approach to change the paradigm of thinking and action to more symbiotic approach to security.

Carlos Perez is a Director at a Security Vendor working on reverse engineering, security research and integration projects. Carlos also works as a trainer providing training both to government and private organizations across the world in security technologies and also provides consulting in his spare time on infrastructure and security. His work and thoughts can be found on his webpage www.darkoperator.com. He has presented at several security conferences and is a co-host of the Security Weekly podcast.

January 14, 2018 /Marc Handelman
DerbyCon, Conferences, Blue Team, Red Team, Education, Information Security Jobs, Information Warfare

Do Not Confuse Dissent With Disloyalty

December 01, 2017 by Marc Handelman in Inherent Power of Freedom, Information Warfare, United States of America, US Marine Corps, US Navy

Captain William R. Bray's (USN RET) outstanding thought piece (via the USNI's November 2017 Proceedings Magazine issue) detailing the necessity to NOT confuse dissent with disloyalty; this, wrapped up within the Information Warfare genre. Capt. Bray is also the author of the superlative essay Intelligence Is Not Warfare! (both documents are Must Read's).

"Captain Bray was a career naval intelligence officer who retired in September (2017 - ed.). His last operational tour was Director for Intelligence at Naval Forces Europe/Naval Forces Africa/Sixth Fleet." - via the United States Naval Institue

December 01, 2017 /Marc Handelman
Inherent Power of Freedom, Information Warfare, United States of America, US Marine Corps, US Navy

Shmoocon 2017, Mark Kuhr - Disinformation Campaigns vs. Attribution Claims →

March 03, 2017 by Marc Handelman in All is Information, Conferences, Information Warfare, Information Security, Disinformation, Repudiation, Attribution
March 03, 2017 /Marc Handelman
All is Information, Conferences, Information Warfare, Information Security, Disinformation, Repudiation, Attribution

'He Is (As A Matter Of Course) Correct'

February 28, 2017 by Marc Handelman in All is Information, USNSA, US Armed Forces, Information Security, Information Warfare, Cyberthis Cyberthat, Cyber Cyber

Michael Rogers ADM USN, Director of the National Security Agency and Commander of the United States Cyber Command sums up 'cyber' quite nicely, indeed:

"Cyber is an operational domain in which we do a variety of missions and functions, many of which are very traditional,” Adm. Rogers said. “We do reconnaissance, we do fires, we do maneuvers. The same things I was used to as a surface [warfare] officer … I’m constantly going back to that.”

"Don’t make this thing so specialized, so unique, so different that it just gets pushed to the side. That will sub-optimize our ability to execute cyber operations, and quite frankly it will minimize or at least negatively impact, in my view, the operational outcomes, which is the whole reason we’re doing this in the first place.”

February 28, 2017 /Marc Handelman
All is Information, USNSA, US Armed Forces, Information Security, Information Warfare, Cyberthis Cyberthat, Cyber Cyber

Information Warfare - Entertainment Industry Targeted →

November 16, 2016 by Marc Handelman in Accountability, All is Information, Information Security, Information Warfare

Apparently, The Peoples Republic of China's wealthiest individual is attempting to crack the 'Hollywood Code' via acquisition... Read Judicial Watch's take.

'A one-time commander in China’s Communist Red Army has launched information warfare with an aggressive plan to invest billions in all six major Hollywood studios, a show business trade publication reports, describing the foreign deal as an unprecedented push into the U.S. entertainment sector. The former People’s Liberation Army (PLA) regimental commander, Wang Jianlin, is China’s richest man and he’s aggressively pursuing a big chunk of one of the world’s most influential industries.' - via Judicial Watch's post 'Information Warfare: Communist Takeover of U.S. Entertainment Industry'.
November 16, 2016 /Marc Handelman
Accountability, All is Information, Information Security, Information Warfare