Brussels terrorists kept their plans in an unencrypted folder called "TARGET"


#1

[Read the post]


#2

They need to check out that REALLY secret folder ASAP.


#3

It just contains a folder titled PRON


#4

We’d better be ready for them to up their game to “New Folder” soon…


#5

Unencrypted? Shows how much they know… that’s clearly double-ROT13 encryption!


#6

I’d like to know what moron released this information to the public about the unencrypted folder. Telling specific terrorist groups what and how to fix their operational security is just really stupid.


#7

Or it is their wishlist for the next time they do shopping at a certain store whose logo is a big red bullseye


#8

I would actually not be that surprised to find out that all these information collecting apparatuses our governments have come up with don’t actually do a simple text search on regular un-encripted documents.

They all got excited about finding hidden messages in images, searching for hidden encrypted partitions, looking for any non-dictionary word and trying to figure out what it could mean, collating everyone’s contacts, all that crap. But, they don’t actually run a simple text search for basic things like target, attack, bomb, etc.


#9

No “Seriously guys not porn” folder? C’mon.

In all seriousness, are terrorists really that interested in covering their involvement after the fact? Isn’t part of the point to let everybody know you were responsible?


#10

Just one question was it saved to desktop?


#11

I was watching a news story years ago about how the cops found drugs in a shipment of food cans in the middle of a pallet. They went on to explain how the broke the pallet down and weighed the individual cases until they found a case that was light. They then removed all the cans from that case and weighed them untill they found the light cans. They opened these cans a guess what they found. They were able to find the one or two cans with drugs in a pallet of maybe 3000 cans pretty easily.

I sat there thinking, why are they telling us this. In the next shipment they will be placing drugs and fishing weights until all the cans weighed the same.

The British in World War 2 did not tell the press, we are making great progress in our attempt to break the Enigma code.


#12

The terrorists don’t need to encrypt their stuff; just put it in a folder labeled “Panamanian off-shore tax shelter” and the feds will take one look at it and say “huh, guess there’s nothing here that warrants our attention…”


#13


#14

Be very careful about that line of reasoning:

Yes, it is conceivable that this might serve as a reminder to some future terrorist to be less of a total moron about information security.

However, consider the context of the whole ‘zOMG “Going Dark” is an existential threat and stuff; and cryptography must be destroyed before the terrorists use it to detonate a number theory bomb!’ push being made by law enforcement: If we hear absolutely nothing about any counterexamples(since that would provide infosec advice to the terrorists) and only hear about (potentially in vague terms, also because detail would aid the terrorists) cases where good information security practices are making the feds sad; what kind of ‘debate’ can we seriously even pretend to have?

Sure, there are potential risks to transparency; but there are known, relatively dire, risks to letting people with substantial power, and their own agendas, control access to information, because “security”, and then pretend that ‘a debate’ is being had, or ‘a balance’ is being struck; when that is simply false because the sample set is precisely as biased as they wish it to be.

Personally, I’ll take the risk of providing some fairly obvious advice over the risk of being deprived of useful information by people are actively attempting to make legislative changes based on claims about that very information.


#15

You’re missing the point that the data was secure without needing cryptography. No-one read it, or knew about it outside the Brussels terrorists until after the event. Their op-sec was fit for purpose, regretably.

Besides, who needs to be told that you don’t get rid of sensitive data by throwing your laptop in the trash? Rebekah Brooks’ husband excepted, that is.


#16

wair a moment !! that THAT !! is no clock !!!


and , please to see also

and , yes , everything , EVERYTHING !! is about arduinos !!
or , raspberry pis !! or , kdenlive ! or , kittens or unicorns or ahhh ,
rock’n’roll , or pinball ~ { all likely available soon in a package deal in the house shoppe }


#17

This just goes to show that regardless of there being encryption or not, governments need to step up their game and increase their efforts on the ground (infiltration, subversion of these groups, phishing, social engineering, posing as potential recruits, etc).

Most of these crazies don’t even use encryption for communications or to guard their files, and parsing all of this to informaiton to any actionable or preventative action is clearly impossible with todays computing power.

Nice piece!


#18

True terrorists are dumb as excrement. Like concrete is strong.


#19

What, like, “Have some operational security”? Because what this shows is how totally unconcerned they were about the issue, when it came to their data. And they were quite correct to be unconcerned, as mentioned, because this only came to light after the fact. So, if anything, this actually tells would-be terrorists that they can go ahead and not bother to encrypt or hide anything, they can actually write things out in English, and then not even bother to dispose of the data or hardware properly because it won’t make a difference to their plans.


#20

If they did, it probably looks like this (random GIS image, not mine)

Only a terrorist would have a desktop like this. It sure terrorizes me.