Keeping nukes safe from cyber attack
In the wake of a 2010 incident in which the Air Force lost contact with 50 intercontinental ballistic missiles, the service is figuring out how to protect its command-and-control systems from cyber attack — a nonexistent threat when the missiles were designed decades ago.
“Our ability to keep our networks assured and protected and not vulnerable is really important, it’s something we have looked at hard,” Maj. Gen. William Chambers, head of Air Force Global Strike Command’s nuclear deterrence shop, told Killer Apps during a Sept. 18 interview. “It’s something that we build into all of our new nuclear weapons systems so that they remain cyber-secure.”
The Iranian Hacker that owns the world:
March 26, 2011 Iranian Hacker owns Yahoo, Skype, Google, Microsoft, and Comodo SSL!
A message from Comodo Hacker
I’m writing this to all the world, so you’ll know more about us..
At first I want to give some points, so you’ll be sure I’m the hacker:
I hacked Comodo from InstantSSL.it, their CEO’s e-mail address firstname.lastname@example.org
Their Comodo username/password was: user: gtadmin password: globaltrust
Their DB name was: globaltrust and instantsslcms
Enough said, huh? Yes, enough said, someone who should know already knows…
Anyway, at first I should mention we have no relation to Iranian Cyber Army, we don’t change DNSes, we just hack and own.
I see Comodo CEO and other wrote that it was a managed attack, it was a planned attack, a group of cyber criminals did it, etc.
Let me explain:
a) I’m not a group, I’m single hacker with experience of 1000 hacker, I’m single programmer with experience of 1000 programmer, I’m single planner/project manager with experience of 1000 project managers, so you are right, it’s managed by 1000 hackers, but it was only I with experience of 1000 hackers.
b) It was not really a managed hack. At first I decided to hack RSA algorithm, I did too much investigation on SSL protocol, tried to find an algorithm for factoring integer, for now I was not able to do so, at least not yet, but I know it’s not impossible and I’ll prove it, anyway… I saw that there is easier ways of doing it, like hacking a CA. I was looking to hack some CAs like Thawthe, Verisign, Comodo, etc. I found some small vulnerabilities in their servers, but it wasn’t enough to gain access to server to sign my CSRs. During my search about InstantSSL of Comodo, I found InstantSSL.it which was doing same thing under control of Comodo.
After a little try, easily I got FULL access on the server, after a little investigation on their
server, I found out that TrustDll.dll takes care of signing. It was coded in C#. Simply I decompiled it and I found username/password of their GeoTrust and Comodo reseller account. GeoTrust reseller URL was not working, it was in ADTP.cs. Then I found out their Comodo account works and Comodo URL is active. I logged into Comodo account and I saw I have right of signing using APIs. I had no idea of APIs and how it works. I wrote a code in C# for signing my CSRs using POST request to APIs, I learned their APIs so FAST and their TrustDLL.DLL was too old and was sending too little parameters, it wasn’t enough for signing a CSR. As I said, I rewrote the code for !AutoApplySSL and !
PickUpSSL APIs, first API returns OrderID of placed Order and second API returns entire signed certificate if you pass OrderID from previous call. I learned all these stuff, re-wrote the code and generated CSR for those sites all in about 10-15 minutes. I wasn’t ready for these type of APIs, these type of CSR generation, API calling, etc. But I did it very very fast.
Anyway, I know you are really shocked about my knowledge, my skill, my speed, my expertise, that’s all OK, all of it was so easy for me, I did more important things I can’t talk about, so if you have to worry, you can worry… I should mention my age is 21
Let’s back to reason of posting this message.
I’m telling this to the world, so listen carefully:
When USA and Israel write Stuxnet, nobody talks about it, nobody gots blamed, nothing happened at all, so when I sign certificates nothing happens, I say that, when I sign certificates nothing should happen. It’s a simple deal.
When USA and Isarel could read my emails in Yahoo, Hotmail, Skype, Gmail, etc. without any simple little problem, when they can spy using Echelon, I can do anything I can. It’s a simple rule. You do, I do, that’s all. You stop, I stop. It’s rule #1 (My Rules as I rule to internet, you should know it already…)
Rule#2: So why all the world got worried, internet shocked and all writers write about it, but nobody writes about Stuxnet anymore? Nobody writes about HAARP, nobody writes about Echelon (ed note: I do)… So nobody should write about SSL certificates.
Rule#3: Anyone inside Iran with problems, from fake green movement to all MKO members and two faced terrorist, should afraid of me personally. I won’t let anyone inside Iran, harm people of Iran, harm my country’s Nuclear Scientists, harm my Leader (which nobody can), harm my President, as I live, you won’t be able to do so. as I live, you don’t have privacy in internet, you don’t have security in digital world, just wait and see…
Rule#4: Comodo and other CAs in the world: Never think you are safe, never think you can rule the internet, rule the world with a 256 digit number which nobody can find it’s 2 prime factors, I’ll show you how someone in my age can rule the digital world.
Rule#5: To microsoft, mozilla and chrome who updated their softwares as soon as instructions came from CIA. You are my targets too. Why Stuxnet’s Printer vulnerability patched after 2 years? Because it was need in Stuxnet? So you’ll learn sometimes you have to close your eyes on some stuff in internet, you’ll learn… You’ll learn… I’ll bring equality in internet. My orders will equal to CIA orders, lol =)
Rule#6: I’m a GHOST
Rule#7: I’m unstoppable, so afraid if you should afraid, worry if you should worry.
A message in Persian: Janam Fadaye Rahbar
[Proof Of Hack 1]: http://pastebin.com/DBDqm6Km
[Proof of Hack 2]: http://pastebin.com/X8znzPWH
[UPDATE 1]: http://pastebin.com/CvGXyfiJ
[UPDATE 2]: http://pastebin.com/kkPzzGKW (response to all comments)
- END OF MESSAGE -
More comments from ComodoHacker
Another proof of Hack from Comodo Hacker Mar 27th, 2011
Just Another proof from Comodo Hacker Mar 28th, 2011
Comodo Hacker: Mozilla Cert Released Mar 28th, 2011
Response to comments from ComodoHacker Mar 29th, 2011
PROBLEM OF WORLD: MISSING EQUALITY Mar 31st, 2011
Striking Back… Sep 5th, 2011
Another status update message Sep 6th, 2011
Two more little points Sep 6th, 2011
Response to some comments Sep 7th, 2011
“When USA and Israel can read all emails they want in Gmail, in Yahoo, data in Facebook, Twitter, etc. How my country should control those services? I’ll help my own country for it as I did and you saw it. If my country get equal right as USA in controlling emails, I may share my brilliant unbreakable encryption system for replacement of SSL and CA system.”
So what did this guy hack? Only the basis of all internet security, SSL issuers:
Independent Iranian Hacker Claims Responsibility for Comodo Hack
Comodo hack may reshape browser security
A Post Mortem on the Iranian DigiNotar Attack
https://www.eff.org/deeplinks/2011/09/p … tar-attack
Comodo, DigiNotar Attacks Expose Crumbling Foundation of CA System
http://threatpost.com/en_us/blogs/comod … tem-090211
This line is not secure.
Did the ComodoHacker hack US drones over Iran and Pakistan?
Infographic: how the U.S. top secret stealth drone was captured by Iran December 17, 2011
[Updated] U.S. Stealthy RQ-170 model on display at Tehran in Feb.11 Rallies. With extracted landing gear. February 11, 2012
Iran to return the captured stealthy RQ-170 Sentinel drone to the U.S. As a scale model. January 17, 2012
http://theaviationist.com/category/capt … lth-drone/
How Iran hacked super-secret CIA stealth drone December 16, 2011
Captured U.S. stealthy drone was hijacked exploiting GPS vulnerability. But hack description does not solve the mystery December 15, 2011
“Three U.S. and four Israeli drones captured in Iran to be put on display soon”: Tehran Times says. “Downed” RQ-170 saga continues December 15, 2011
Chinese delegation currently in Iran to copy the U.S. stealthy RQ-170 drone captured in 2011.
http://theaviationist.com/2012/08/16/ch … ion-rq170/
So to recap, SSL is screwed and so are our drones. The US can’t even keep in contact with their nuclear arsenal, and the head of US cyber security changes daily due to their inability to overcome contracts for shitty firewalls that don’t work and need replacing.
U.S. cybersecurity head quits, citing growing role of spy agencies March 11, 2009
In a letter to Homeland Security Secretary Janet Napolitano last week, Beckstrom said the NSA “dominates most national cyber efforts” and “effectively controls DHS cyber efforts through detailees, technology insertions and the proposed move” of the NCSC to an NSA facility at the agency’s Fort Meade, Md., headquarters.
“I believe this is a bad strategy on multiple grounds,” wrote Beckstrom in the letter, a copy of which was obtained by UPI. “The intelligence culture is very different than a network operations or security culture. In addition, threats to our democratic processes are significant if all top-level government network security and monitoring are handled by any one organization.”
US cyber security chief Randy Vickers quits after hacker attacks July 26, 2011
Vickers’s resignation follows a number of online attacks on government websites including the Senate, the CIA and the FBI. William Lynn, the US deputy defence secretary, revealed earlier this month that a foreign intelligence service had stolen up to 24,000 computer files from a Pentagon supplier in March – one of the largest successful cyber-attacks on a US government agency.
The hacker collectives Anonymous and LulzSec targeted state websites after US intelligence agencies vowed to clamp down on the groups, resulting in a string of arrests worldwide.
US cyber czar Howard Schmidt resigns May 21, 2012
The White House’s cybersecurity coordinator said Thursday that he is stepping down at the end of this month after a 2 1 / 2-year tenure in which the administration has increased its focus on cyber issues but struggled to reach agreement with lawmakers on the best way to protect the nation’s key computer networks from attack.
With all the defense contractors getting owned by hackers, our nations secrets are not secure. If sixteen year old kids can violate these guys, you know the Iranians, Chinese, and Russians are playing hell with our protected networks:
Anonymous speaks: the inside story of the HBGary hack Feb 16, 2011
Barrett Brown (self claimed Anonymous member) did extensive research on the emails released during this hack, here is his findings:
Project PM http://wiki.echelon2.org/wiki/Main_Page
Basically, government lawyers paid this team to create sock-puppets to discredit Wikileaks activists. These fake online accounts were used to track, attack, and slander anyone associated with Wikileaks, and you the tax payer paid for these attacks.
Don’t believe me?
YOU MUST READ THIS!!!!
U.S. Chamber of Commerce & HBGary Spying
Spy games: Inside the convoluted plot to bring down WikiLeaks
What we have learned from this hack should have changed the world. Knowing your government is paying guys to fake accounts online and post disinfo and discredit reporters should have been shocking enough to motivate people to do something, unfortunately nobody knows about this story.
More details here:
Anonymous and New York Times E-mail Leak #OpNYT
Next to fall was Stratfor:
STRATFOR Hacked Update 7 February 27, 2012.
Anonymous allegedly releases “5 million” (not substantiated) Stratfor emails through WikiLeaks: http://www.cryptome.org/0005/stratfor-hack.htm
All of the emails from the Stratfor hack can be found here: http://www.wikileaks.ch/the-gifiles.html
If this wasn’t scary enough:
The Google Aurora Hack
Operation Aurora http://en.wikipedia.org/wiki/Operation_Aurora
They have also tracked the attack back to its point of origin, which seems to be two Chinese schools, Shanghai Jiao Tong University and Lanxiang Vocational School. As highlighted by The New York Times, both of these schools have ties with the Chinese search engine Baidu, a rival of Google China.
Google Hack Attack Was Ultra Sophisticated, New Details Show
China’s Hacker Army
Chinese hackers have control of US power grid
The company whose software and services remotely administers and monitor large sections of the US energy industry began warning customers about a sophisticated hacker attack.
Telvent Canada said that digital fingerprints left behind by attackers point to a Chinese hacking group tied to repeated cyber-espionage campaigns against key Western interests.
It looks like the hackers managed to get past the company firewall and security systems.
In letters sent to customers last week, Telvent Canada said the attack happened on September the 10th.
The attackers installed malicious software and stole project files related to one of its core offerings — OASyS SCADA — a product that helps energy firms mesh older IT assets with more advanced “smart grid” technologies.
The company said it was disconnecting the usual data links between clients and affected portions of its internal networks.
Meanwhile it is looking for virus or malware files.
According to KrebsOnSecurity.com, the company does not think that the intruders got any information that would enable them to gain access to a customer system or that any of the compromised computers have been connected to a customer system.
Telvent said it was working with law enforcement and a task force of representatives from its parent firm, Schneider Electric.
Joe Stewart, director of malware research at Dell SecureWorks said the Web site and malware names cited in the Telvent report map back to a Chinese hacking team known as the “Comment Group.”
Comment Group has been involved in sophisticated attacks to harvest intellectual property and trade secrets from energy companies, patent law firms and investment banks.
We are fucked, and none of you have a clue.
As I stated in my article Alone in the Dark, the Heritage foundation concluded that 2/3 of Americans would die after a loss of power due to EMP. This finding is relevant due to the fact that the Chinese can literally type something into a computer and kill the power all the same.
If we do end up in a world war, it is paramount that you acquire the necessary tools to collect water, purify it, and have an alternative source of food (stored or growing in your yard). Don’t end up in the dark with no plan.
The media isn’t telling you any of this, they are too busy covering Election 2012, the choice between the Lesser of Two Evils.
If there is a World War 3, the use of hacking/cyberwarfare will play a vital role, and we, the USA, are grossly unprepared.