<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Which reminds me - I had a post on
Shamoon scheduled up and I might as well dump it here.<br>
<br>
I've read some of the analysis of it, and I think the story is a
bit more interesting (depending on your perspective) than the one
people appear to be writing about in the<a
href="http://www.nytimes.com/2012/08/27/technology/saudi-oil-producers-computers-restored-after-cyber-attack.html?_r=1">
New York Times</a> and <a
href="http://www.securelist.com/en/blog/208193786/Shamoon_the_Wiper_Copycats_at_Work">various
other places</a>. Of course, the Pastebin sources for comments
from the hackers in question (your unmask.py may come in handy
here) are as follows:<br>
<ul>
<li><a href="http://pastebin.com/HqAgaQRj">http://pastebin.com/HqAgaQRj</a></li>
<li><a href="http://pastebin.com/tztnRLQG">http://pastebin.com/tztnRLQG</a></li>
</ul>
And there's <a
href="http://www.huffingtonpost.com/2012/09/07/debora-plunkett-nsa_n_1866208.html?utm_hp_ref=technology">this
"reckless" claim</a>, which may or may not be related.<br>
<br>
I think it's clear that the Iranian nation-state team is ==
"Cutting Sword of Justice". It doesn't take a Palantir-loaded
analyst super-hero to see that they are sending the message of
"you attack our oil industry, and we will attack yours". They've
stopped short of doing anything that would actually damage
operations at Saudi Aramco, because that's a red line, but they've
demonstrated capability, which is all you need for the "mutual"
part of "mutually assured disruption".<br>
<br>
In any case, it's not "hacktivism" although it may be the shape of
future hacktivism. If you're studying cyber-war the way you
probably should be if you're in this industry, this is what it
looks like for now. The interesting corollary is that not only do
you have to <a
href="http://www.businessweek.com/news/2012-09-08/obama-weighs-executive-order-to-defend-against-cyber-attacks">extend
your information security umbrella over your own private
industry</a>, you have to extend it over your allies as
well...:><br>
<br>
-dave<br>
<br>
<br>
<br>
<br>
On 9/5/12 6:38 PM, DarkPassenger wrote:<br>
</div>
<blockquote cite="mid:3F296C986B554ECAB5CC653BFF846E91@inbox.ru"
type="cite">
<pre wrap=""> - Begin unsigned&friendly message , no 0day attached guaranteed -
Sleepless dders ,
take a look at the following list . first part is Public name of Root servers "managers" and the second part is osint-ed or -possibly- biased analysis of the "ownership" of that entity . Please offer your take as someone who is into "offense" and "infiltration" .
VeriSign, Inc -> runs most of the basic internet , in contract with U.S govt + FMR shadow , one of the wealthiest Jewish families with ties to D.C from 40's to now and history of Familial cult dedicated to praising Israeli ideas
University of Southern California (ISI) -> Deep ties with In-Q-Tel -> CIA
Cogent Communications - > Israeli Group
University of Maryland -> CIA is the biggest employer of grads , in bed with NSA and contractor of In-Q-Tel -> CIA
NASA (Ames Research Center) -> U.S Govt
US Department of Defence (NIC) -> U.S Govt
US Army (Research Lab) -> U.S Gov
Netnod -> in bed with various Western Govt or defense including DISA in addition to complying with Swedish SIGINT FRA and intelligence service SAPO maintaing primary services to NATO's intelligence services , including but not limited to "Stay Beyond" entities -> Western Blackops
RIPE NCC -> complying Netherlands police , contracting Netherlands intelligence services , some employees have worked for CERT , answers to U.S govt Commerce
ICANN -> element of U.S Govt Commerce
WIDE Project -> funded by Japanese Imperial Family , some members have worked in Hitachi Nuclear industries owned by Japanese Loyal family and the major Nuclear power utilities and waste exporter to U.S , contracting U.S defense contractors
- End unsigned&friendly message -
_______________________________________________
Dailydave mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Dailydave@lists.immunityinc.com">Dailydave@lists.immunityinc.com</a>
<a class="moz-txt-link-freetext" href="https://lists.immunityinc.com/mailman/listinfo/dailydave">https://lists.immunityinc.com/mailman/listinfo/dailydave</a>
</pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
INFILTRATE - the world's best offensive information security conference.
April 2013 in Miami Beach
<a class="moz-txt-link-abbreviated" href="http://www.infiltratecon.com">www.infiltratecon.com</a>
</pre>
</body>
</html>