Dailydave mailing list archives

Re: Roots Ownership ?

From: Dave Aitel <dave () immunityinc com>
Date: Mon, 10 Sep 2012 12:54:11 -0400

Which reminds me - I had a post on Shamoon scheduled up and I might as
well dump it here.

I've read some of the analysis of it, and I think the story is a bit
more interesting (depending on your perspective) than the one people
appear to be writing about in theNew York Times
<http://www.nytimes.com/2012/08/27/technology/saudi-oil-producers-computers-restored-after-cyber-attack.html?_r=1>
and various other places
<http://www.securelist.com/en/blog/208193786/Shamoon_the_Wiper_Copycats_at_Work>.
Of course, the Pastebin sources for comments from the hackers in
question (your unmask.py may come in handy here) are as follows:

  * http://pastebin.com/HqAgaQRj
  * http://pastebin.com/tztnRLQG

And there's this "reckless" claim
<http://www.huffingtonpost.com/2012/09/07/debora-plunkett-nsa_n_1866208.html?utm_hp_ref=technology>,
which may or may not be related.

I think it's clear that the Iranian nation-state team is == "Cutting
Sword of Justice". It doesn't take a Palantir-loaded analyst super-hero
to see that they are sending the message of "you attack our oil
industry, and we will attack yours". They've stopped short of doing
anything that would actually damage operations at Saudi Aramco, because
that's a red line, but they've demonstrated capability, which is all you
need for the "mutual" part of "mutually assured disruption".

In any case, it's not "hacktivism" although it may be the shape of
future hacktivism. If you're studying cyber-war the way you probably
should be if you're in this industry, this is what it looks like for
now. The interesting corollary is that not only do you have to extend
your information security umbrella over your own private industry
<http://www.businessweek.com/news/2012-09-08/obama-weighs-executive-order-to-defend-against-cyber-attacks>,
you have to extend it over your allies as well...:>

-dave




On 9/5/12 6:38 PM, DarkPassenger wrote:

 - Begin unsigned&friendly message , no 0day attached guaranteed -

Sleepless dders ,

take a look at the following list . first part is Public name of Root servers "managers" and the second part is 
osint-ed or -possibly- biased analysis of the "ownership" of that entity . Please offer your take as someone who is 
into "offense" and "infiltration" .  


VeriSign, Inc -> runs most of the basic internet , in contract with U.S govt + FMR shadow , one of the wealthiest 
Jewish families with ties to D.C from 40's to now and history of Familial cult dedicated to praising Israeli ideas

University of Southern California (ISI) -> Deep ties with In-Q-Tel -> CIA

Cogent Communications - > Israeli Group
 
University of Maryland -> CIA is the biggest employer of grads , in bed with NSA and contractor of In-Q-Tel -> CIA

NASA (Ames Research Center) -> U.S Govt

US Department of Defence (NIC) -> U.S Govt

US Army (Research Lab) -> U.S Gov

Netnod -> in bed with various Western Govt or defense including DISA in addition to complying with Swedish SIGINT FRA 
and intelligence service SAPO maintaing primary services to NATO's intelligence services , including but not limited 
to "Stay Beyond" entities -> Western Blackops

RIPE NCC -> complying Netherlands police , contracting Netherlands intelligence services , some employees have worked 
for CERT , answers to U.S govt Commerce
 
ICANN -> element of U.S Govt Commerce

WIDE Project -> funded by Japanese Imperial Family , some members have worked in Hitachi Nuclear industries owned by 
Japanese Loyal family and the major Nuclear power utilities and waste exporter to U.S , contracting U.S defense 
contractors 

- End unsigned&friendly message - 


_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave



-- 
INFILTRATE - the world's best offensive information security conference.
April 2013 in Miami Beach
www.infiltratecon.com

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave

Current thread:

Roots Ownership ? DarkPassenger (Sep 10)
- Re: Roots Ownership ? Dave Aitel (Sep 10)
  - Re: Roots Ownership ? Kristian Erik Hermansen (Sep 10)
- Message not available
  - Re: Roots Ownership ? DarkPassenger (Sep 10)