Originally published at: https://boingboing.net/2020/06/04/google-says-china-and-iran-bac.html
Google official says “no sign of compromise” of either campaign
Originally published at: https://boingboing.net/2020/06/04/google-says-china-and-iran-bac.html
Not fucking helpful… but this is likely in retaliation for some black-ops cyber operation that we did.
maybe nation-states just aren’t working for humanity? maybe we need something new?
Is that just a statement of exasperation? While I agree there is a risk of cyclical escalation with nation states hacking each other, Iran and China haven’t exactly ever required it to go on the offensive.
Reading through the post, it’s a phishing campaign, that got noticed. So “hackers hit” is even a bit strong. This is Nation State espionage background noise.
Doesn’t it give you a warm feeling, knowing that Iranian intelligence services are out there, doing what’s best for America?
I’m an idiot, what do I know.
That wasn’t meant as a personal attack. I’m asking why Iran and China probing an election campaign would likely be retaliatory for, as you said: “some black-ops cyber operation”.
Isn’t it equally likely to come from past grievances, and be reinforced by the notion that they simply can get away with it now? China and Iran are both quite good at playing the long game. Obama’s effort to punish Russia for Interference was dismantled by Trump. I don’t see any reason why it simply wouldn’t just be open season on meddling with the US at this point.
They don’t even need to succeed at hacking. They just need to make people in the US question the results of the next election.
You’re not wrong, but it is hard to say precisely how right you are.
I am not a cybersecurity professional, but I have some exposure to the field. Certainly a lot of what I write below has been covered by tech blogs the last 20 years. I have a few personal connections in the field as well. Also, I have looked at server logs on and off for a couple decades, which gives some clue.
It is really hard to say who started it… Unless you’re Iran, in which case there is a somewhat more clear case we started it.
Russia and China have been the most unashamed attackers since the 90’s. Russian Mafia first for adware, Chinese for stealing trade secrets during a time in which our own offensive cybersecurity capabilites were well publicized to be lacking (because the Gov’t refused to hire hackers who had ever smoked weed).
At some point we scaled up our offensive capabilities. By most accounts, this was just before Stuxnet showed up to destroy the Iranian centrifuge facilities. This is generally considered to be a Bush Jr. Initiative which Obama continued. I am sure we play just as dirty as anyone these days.
I am pretty sure Iran got into the cyberwarfare biz after Stuxnet. (They would be dumb not to)
Hence, if Iran, it is as you say. China, by most accounts they started it by targeting US businesses. These hacking groups generally have always had government ties, or outright are government hackers. Server logs for years and years now have shown a lot of attacks originating fron state run universities–military hacking schools. By the way, I am aware of one such military hacking school run by the US Navy in Monterey. They do not practice on live targets though…
Russia…? It is unclear to me at which point state sponsored hacking eclipsed Mafia run organizations, partly because of the cozy nature of those two areas of society in Russia. When I was younger, we did not see a lot of attacks originate from Russian government buildings at least like you saw for a while before botnets came into vogue.
To the extent that we didn’t start more cyber conflicts, it is probably because we didn’t have our shit together at the time. Just my personal feeling. I think I more or less come down on your side of the issue, despite China and Russia likely enough starting the cyber conflicts, I am sure we started many more we never hear about.
Are there sides here? I was asking the good doctor what the speculation about this being retaliatory for something the US “has done” (specifically in the hacking domain)was adding, beyond speculation.
None of what you added is really new either. The US has its pants down. People are going to take shots.
There is no evidence that this needs to be a continuation of anything, within the realm of strictly online activity.
The “attacks”, which were phishing attempts, and were “unsuccessful”, were on political campaigns. It smells a lot more like active measures to try to convince citizens their election system is unsound, than retaliation for hacking.
Not fucking helpful
This part I agree with.
Buddy. If you are just now noticing someone with an APT designation phishing you, odds are they are already in. These groups are scary.
If you are lucky, they don’t have much access and have only been there a few weeks.
No more than regular warfare. So maybe leave the good doctor alone. It is true enough as a sentiment that it is not worth quibbling over.
ETA: It means “Advanced Persistant Threat”. They are not trying to steal your paypal account, they are trying to steal everything of value. See: China’s F35 lookalike.
Okay. I was a bit miffed that a difference in opinion was met with “what do I know”.
I’m going to try not be miffed at “buddy” as well, or you completely missing my point. I don’t need the “cybers” explained to me.
One more time for clarity. Google, who discovered the phishing, also stated they didn’t get in. True, they may have, but your lack of following my comment on active measures tells me you really didn’t get my point. You already think they are likely in the campaign. Active measure success.
Anyway, I thought this could be rounded out into a conversation with a little more depth.
Oh for fuck sake, you edited to tell me what an APT is. fuck all. I’m out of here.
the internet is the new front for nation-states to swing their dicks around and out do each other. the extent of that will not be know until things are released to the public. It’s not much more complicated than that, whatever the specifics.
the internet was developed in the US first.
Kind of my point. We were the preeminent power in the world since the end of the Cold War. We largely developed the modern internet infrastructure, and we have far more nuclear weapons than any other nuclear armed nation. It’s a bit naive for anyone to think we aren’t the aggressors, for the most part.
We had a great many hackers, arguably the best in the world and the most per capita. But they did not work for the government back the in the day because:
Still an issue:
But they are coming around:
For good measure, fitness requirements were also a factor, which I remember reading back in the day, but not since maybe 2005ish:
Really, seriously. The word on the street in the aughts was that the US Government was behind in cybersecurity. Yes, we invented the internet. It doesn’t mean we had our shit together when it comes to cybersecurity, at least at the government level. Some other light reading, which I guess hasn’t been taken down from way back:
If I am wrong on this count, by all means my deepest apologies, somebody please correct me. Articles like the above were posted on various tech news sites for years, starting when I was in college onwards. It took a while for the feds to get their shit together, from everything I’ve read and heard anecdotally.
I know that no one cares about history. But there are reams of documents that none of us can have access to for another 30, 40, 50 years.
What am I missing? I would be happy to be wrong on this count, that Uncle Sam has had the the world’s best cybersecurity capabilities all along. It just doesn’t jive with the state of things under Clinton/Bush-Term1.
We don’t know that, considering there are plenty of documents that are classified.
I agree with you entirely that there is a long history of the US being the aggressor. That was entirely my point too. You initially made a hypothetical statement about the attack being retaliatory for “some black ops cyber operation” which is a bit more specific and in the current parlance. That’s not helpful, unless you actually know of a specific recent attack that you can point to. The history is something you can, and should, often.
Not true at all. There are a good many people that care about history. Also, FOIA that shit.
As someone who has actually been in the National archive, there is STILL stuff you can’t get, even with a FOIA request, due to national security concerns. Hence, my comment about not being able to get documents for a few decades some times.
You don’t always have access to documents you want or need, especially from the alphabet soups, during ongoing tensions, such as we have with many countries, given that we have a tendency to overthrow their governments.
It is almost NEVER as simple as “file a FOIA” and the documents magically appear in short order, even for things that should not be classified, such as when they are legally supposed to be released to the public (which can vary depending on the time the documents were created, who created them, and how uncomfortable they make people in power).
We’d be incredibly naive, given the history of the CIA, that the US is merely being victimized by cyber-crimes rather than going on the offensive. And most of whatever they are doing is likely highly classified and you’re unlikely to be able to get them for another generation, if ever.
This topic was automatically closed after 5 days. New replies are no longer allowed.