March 7, 2017

CIA Imitates Russian Hackers

And now we go a little bit further down the rabbit hole. I need to lose some weight so I'm looking for the pill that makes me smaller. If only the government could find the pill that makes them honest.

Wikileaks now uncovers more of the CIA's possible culpability in the 2016 elections mess.  
The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.

With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the "fingerprints" of the groups that the attack techniques were stolen from.
So the so-called evidence that the Russians hacked the election could have been the CIA hacking our own elections. This is a Rooskie source but what the hell, more here and WikiLeaks here.

Zero Hedge also has something to say about the WikiLeaks leaks and the CIA's use of Russian malware to imitate cyber attacks:
WikiLeaks said that ‘Year Zero’ revealed details of the CIA’s “global covert hacking program,” including “weaponized exploits” used against company products including “Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphones.”

WikiLeaks tweeted the leak, which it claims came from a network inside the CIA’s Center for Cyber Intelligence in Langley, Virginia.

Among the more notable disclosures which, if confirmed, "would rock the technology world", the CIA had managed to bypass encryption on popular phone and messaging services such as Signal, WhatsApp and Telegram. According to the statement from WikiLeaks, government hackers can penetrate Android phones and collect “audio and message traffic before encryption is applied.”

Another profound revelation is that the CIA can engage in "false flag" cyberattacks which portray Russia as the assailant. Discussing the CIA's Remote Devices Branch's UMBRAGE group, Wikileaks' source notes that it "collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.
Well, apparently everyone in the US intelligence community got into the act. The DHS tried to hack the State of Georgia's election servers last year. The only difference between them and the CIA is that they suck at it.
The Georgia Secretary of State's Office now confirms 10 separate cyberattacks on its network were all traced back to U.S. Department of Homeland Security addresses.

In an exclusive interview, a visibly frustrated Secretary of State Brian Kemp confirmed the attacks of different levels on his agency's network over the last 10 months. He says they all traced back to DHS internet provider addresses.

"We're being told something that they think they have it figured out, yet nobody's really showed us how this happened,” Kemp said. "We need to know."
This isn't a swamp, it's a lake. Drain the damn thing.


LL said...

Then again, John Podesta's password was "password". How tough is that to use to grab the keys to the kingdom?

sig94 said...

LL - So many users stay with that too. It's a wonder that more hacking doesn't take place. Then again, maybe it does...

LindaG said...

Nothing more to add except thanks for the post.

Kid said...

fwiw. Yes hackers often or always use languages and tactics of other countries to hide their tracks. Which of course makes the democrat/media claims that much more pathetic.

Also the Intelligence community often pays or coerces the people who write network access code to place specific exploitable bugs into their code so that NSA/CIA/FBI can exploit.

Nothing is secure. Believe me, believe me. If it's important keep it off of the net and don't ever have a smart internet connected device in your home that you cannot secure.
I'll personally never have more than a webcam which is pointed at the wall unless I'm using it. No home controlling devices at all. Ever.

Kid said...

NSA paid whomever to create the Heartbleed bug. as an example.