A major hacker group “Hacking Team” themselves got hacked. More than 500 GB of emails, financial and other data was leaked to the Internet. They revealed that the company had sold hacking tools to the FBI, DEA, and Department of Defense; as well as to the governments of Mexico, Australia, Russia, Saudi Arabia, Iraq, the UAE, Spain, and many others.
The Intercept published documents about the Hacking Team corporation that was selling its secrets to 3rd world despots, as well as G20 countries and alphabet agencies. They revealed Zero-Day Exploits in Windows and Flash, which could be a major vulnerability across the entire Internet.
The zero-day vulnerability affects all major web browsers, including Microsoft’s Internet Explorer, Google’s Chrome, Mozilla’s Firefox as well as Apple’s Safari.
Chinese equities have lost more than $3.5 trillion of value in less than a month as traders liquidated leveraged bets at an unprecedented pace. Foreign investors extended a record three-day exodus on Wednesday…On the Shanghai exchange, 365 companies suspended trading, equivalent to 33 percent of all listings. A further 992 were halted in Shenzhen, or 56 percent of the total.
Time magazine publishes a story How Real Is The Threat Of a Cyber Attack, warning that a “black swan” cyber attack could really destabilize the world economy over the next, ummm, year – and the government has been consistently surprised by cyber attacks recently. This blames the Chinese as the most sophisticated group of cyber hackers.
Just before midnight, Anonymous tweets “I wonder if tomorrow will be bad for Wall Street”
Wonder if tomorrow is going to be bad for Wall Street…. we can only hope.
Amazing how they can diagnose that so quickly. Especially given that by definition, “hacking” is intruding into internal technical systems.
A trader on the floor described the situation as unprecedented:
In my time in the capital markets or working on the floor of the New York Stock Exchange, I have never seen a complete halt of the markets due to technology problems. Even 9/11 cannot be considered a halt because the markets never opened that day. This is extraordinary. There was no clue, or early indication that this would happen. The music just simply stopped playing. There is no panic on the part of the trading community and right now we are just ensuring that we are prepared when the market re-opens… Most of the volume in this market (and most markets, for that matter) happens in the first half hour and last half hour, so the NYSE is scrambling to get us back on line for a close of the market.
The computer problem in the airline’s reservation system caused the FAA to impose what is known as a ground stop at 8:26 a.m. ET, meaning United flights were not allowed to take off. It lifted the stop for feeder airlines that fly under the name United Express about 15 minutes later, but it took until just before 9:47 a.m. for the ground stop to be lifted for United flights.
The computer problem had forced United to hand write tickets for passengers at multiple airports. But Record said the lack of a reservation system meant that the airline was not able to check to confirm that passengers were not on a no-fly list or that everyone on the flight was supposed to be there.
“Because of the safeguards and the backups built into the reservation system, once that goes down, everything has to stop,” Record said.
Was this just a one off, or has it been brewing for a while? How do we know “Anonymous” is really behind this, and not a state actor?
Going back a little earlier in the year, we can see the build up to this “First Cyber War” being seeded in the media. In particular, software pioneer, cyber-security expert, and hacker of entire countries John McAfee has been sounding the alarm.
A couple of months ago, seemingly out of the blue he started writing a column about hacking – his stories are excellent and he’s quite a character, follow him on Facebook. His most recent columns seem to have been “priming the pump” for today’s events. Prescience? Inside track? Or just a series of lucky guesses?
The first big event of the year was the infamous Sony hack – which led to racist emails between senior Sony Execs circulating.
Then we had the “next level” Sony hack – the one blamed on North Korea, timed to come out at the same time as a comedy film about assassinating the leader of North Korea.
McAfee’s next column Four Million Ways To Lose Your Secrets is about how the Office of Personnel Management got hacked, the intruders stole 4 million detailed records. This includes comprehensive and highly sensitive information that is collected as part of the application for Top Secret and other security clearances. This was blamed on the Chinese government.
The Office of Personnel Management (OPM) hack has acted as a smokescreen to mask a far broader problem that has occurred in the past 30 days. Here’s the full story in headlines (those in italics are included for completeness only and are not counted in the 24 hacks.):
April 7th 2015 – Russians Hack White House Computers and Even Access President Obama’s Schedule – New York Post
June 22nd 2015 – U.S. National Archives Says It’s Data Was Hacked – NextGOV
June 22nd 2015 – The NSA Hacked Into Popular Antivirus Software To Track Users And Infiltrate Networks – TechTimes
June 22nd 2015 – Script.CC. Hacked, Large Number of Bitcoin Stolen – NewsBTC
June 23rd 2015 – Britain’s National Health Services Hacked – Mirror
What can we make of the above headlines?
The first thing that I noticed was the complete absence of the type of hacks that appeared in the news in the previous year. Nothing similar to the Target Corporation, Nordstrom Inc. and long string of other retail hacks; no mention of credit cards; no mention of individual financial loss. All the mentioned hacks had to do with Political and Government personnel, or with gaining access to the deeper layers of individual lives – going way beyond mere financial data which is in constant flux.
The data taken focused on the more permanent aspects people’s lives. For example, medical data was targeted in nearly 20 percent of the hacks (Japan’s Pension System, Indiana Healthcare Software, North Dakota Workers Comp, Britain’s National Health System). The OPM hack, by far the most devastating, focused on the intensely personal data collected during the process of vetting people for secret security clearances. This data included everything required to determine a person’s fundamental character.
Given the above, we can predict the following with a high degree of accuracy:
More hacks of medical data within multiple states (and countries) will soon be reported.
Reported hacks within the U.S. Government will spread to a number of other Government agencies.
As currently known hacks unfold, they will significantly worsen.
People may be astonished by the increasing frequency of the number of hacks
Nothing to see here, sheeple, move along. As long as CNN tells you everything’s fine, it’s fine.
Burners have always been preparing for a post-apocalyptic, post-economic civilization – that time might be coming sooner than we think.
I don’t want to give a spoiler alert for the end of the new season of Orange is the New Black, but for anyone who’s seen it, I’m kind of imagining that…if the system shut down, and no bank accounts were working, that would probably seem fine for a moment. Eventually, reality would set in.
Wonder what is going to happen tomorrow: will the markets just shrug and move on? Will The Powers That Be continue to deny vehemently that it was a hacker attack, without even investigating?
Officials have concluded that the larger breach, which targeted background investigation records kept by OPM, included Social Security numbers, information on family members and other contacts, as well as health and criminal records. The data haul also included an estimated 1.1 million fingerprint records.
In total, hackers are thought to have netted records on 19.7 million people who applied for background check investigations with the federal government, and another 1.8 million people including spouses who did not apply for a background check but whose information was included in the forms. Anyone who applied for a background check from 2000 on is likely to have had their information compromised…
Among the forms used in federal background checks is the Standard Form 86, an 127-page document that delves into intimate questions about prior brushes with the law, drug use, psychiatric health, and info on friends and family members. It requires the applicant to put his or her Social Security number on nearly every page of the document.
China was named as “the leading suspect” in the breach last month by Director of National Intelligence James Clapper…Officials did confirm on the call that both attacks were the work of “the same actor” who gained access to the OPM system probably starting in May or June of 2014 with a contractor’s stolen username and password.
It sure seems like a lot of hacker related stuff was launched yesterday. In the Washington Post, DARPA announced a “Cyber Grand Challenge”, noting that we’re losing the cybersecurity war.
DARPA initially started with more than 100 teams when it began the program a year ago, but the field was quickly whittled down. On Wednesday, it announced the seven finalists chosen to compete in the competition next year. They are an eclectic band of cyberwarriors, ranging from academics representing major university computer science programs to well-known hackers and defense industry heavyweights.
The White House and the FBI might be saying “no cyber attack”, but John McAfee thinks it was. I’m more inclined to go with the billionaire domain expert on this one, rather than the hasty diagnosis by political mouthpieces.
At around the same time that the NYSE went down, the Wall Street Journal’s website went offline, as did that of popular financial blog Zero Hedge. United Airlines also experienced a “network connectivity issue” which impacted almost 5,000 flights worldwide.
Given the criticality of technology to United Airlines, let’s assume for a moment it has a daily reliability rate of 99.9%, meaning it has a system failure once every 1,000 days – which equates to once every three years. Now, let’s assume the NYSE and the Wall Street Journal also have a daily reliability rate of 99.9%.
If these events were truly random and independent, then the frequency of all three of these events happening on the same day is once in a billion days (or if you prefer to count in years, almost 2.8 million years).
Coincidental failure is possible, sure, but it does seem highly unlikely. If you add Zero Hedge to the mix, then the probability of all four events happening on the same day rapidly approaches zero.
If we throw in the near simultaneity of the NYSE and the Wall Street Journal issues (happening within minutes of each other), then it is more likely that your car, using quantum probability effects, would leak out of your garage and show up instantly in my driveway an ocean away.
It is certainly possible, but no one in their right mind would bet on it.
The Financial Times commented on the attacks, and was rather dismissive of the official denials. They call for a new Agency to manage cyber defense, or just take it out of the hands of the USAF and give it to Homeland Security. That way, the same TSA goons groping you at the airport, can be looking up all your personal records in the Cyber databases too.
On paper, there is no shortage of resources; earlier this year, for example, President Barack Obama earmarked $14bn for the cyber fight. But the key problem now is not so much a lack of cash — but co-ordination: as fear spreads, a bewildering alphabet soup of different agencies and task forces is leaping into cyber battle, often with little collaboration. The institution that is supposed to be in charge of security threats is the Department of Homeland Security. But its skills are viewed with scepticism by military officials. The Pentagon has its own cyber warriors, as do America’s intelligence agencies.
The White House has tried to force these bodies to work together. Separately, civilian agencies such as Nuclear Regulatory Commission started holding discreet meetings with each other last autumn on cyber issues too. But collaboration across sectors is patchy. “The level of readiness in different agencies varies enormously,” admits a senior Washington figure at the centre of these efforts. Add in private sector bodies and the picture is even worse: not only is the Pentagon wary of sharing data with, say, the Chamber of Commerce, but companies are often terrified of revealing attacks to each other.
Is there a solution? One sensible response might be to create a new agency to provide a central focus for the cyber fight. There is precedent for that; most Washington regulators emerged in response to a new threat. The Securities and Exchange Commission, for example, was created after the 1929 stock market crash; the Food and Drug Administration appeared after scandals over dangerous medicines. A second option might be to relaunch the DHS to focus on the cyber fight. It could, for example, be named the Department of Cyber and Homeland Security.
The Chinese stock market surged again today, after the government threatened short sellers with arrest. This may merely be a “dead cat bounce”, a reflexive response from the market when technical indicators show it as massively oversold.
It raises the prospect that the motivation of the hackers may not have been to destroy, but in fact to profit from wild swings in the stock market. The use of derivative instruments like Put and Call options can create massive profits from swings of only a few percentage points. Certainly, Anonymous would have been in a position to take out such trading positions before making their threat – and, it looks like, executing their plan.
The sorry saga of the Sherpa and the Popsicle Camp has made it to Wall Street. Bloomberg BusinessWeek has published a lengthy article on the whole affair, titled Occupy Burning Man: Class Warfare Comes To The Desert Festival. Yes, we’re in it..the lone voice speaking out against this Class Warfare being at Burning Man. Larry Harvey’s shifted from “rich people are straw men”, to seeing Burning Man as an educational tool for the 1%…and apparently this was the thinking behind Caravancicle. Now they are promoting all types of ironic theatrical pranks being planned for the event by Burners as our response, like Commodification Camps are now some sort of art theme in the Carnival. Burners will jump to create another bingo item for the amusement of the safari selfie sherpas crowd. Have they read some of the comments on groups like Sherpa Liberation Front? Maybe the online feedback gets filtered before it is handed up the pyramid to the board.
[Update: 2/6/15 8:47pm] Bloomberg TV delves further into this story.
Move over, Google Bus. There’s a new symbolic fight over tech money, class, and privilege
by Felix Gillette
For his 50th birthday, Jim Tananbaum, chief executive officer of Foresite Capital, threw himself an extravagant party at Burning Man, the annual sybaritic arts festival and all-hours rave that attracts 60,000-plus to the Black Rock Desert in Nevada over the week before Labor Day. Tananbaum’s bash went so well, he decided to host an even more elaborate one the following year. In 2014 he’d invite up to 120 people to join him at a camp that would make the Burning Man experience feel something like staying at a pop-up W Hotel. To fund his grand venture, he’d charge $16,500 per head…
The mission of the new organization is to propagate the Burning Man culture throughout the world, in part by launching a series of smaller, regional festivals. In theory, the beefed-up board will use its far-reaching professional connections to help accelerate the global spread. “It’s not a thoughtless amassing of rich folks,” says Harvey of the expanded board. “But if you want to change the world, you’d better get some people who have real muscular power.”
…Outtrim points out that for years there have been wealthy people at Burning Man. In the past it wasn’t in people’s faces. “What’s really been an issue with the Caravancicle camp,” Outtrim says, “isthe involvement of someone from the Burning Man Project’s board of directors.”
Historically, he adds, Burning Man was “a great leveler”—nobody in Black Rock City cared who you were. The prevalence of costumes allowed the rich and famous to mingle with the masses. “For a lot of captains of industry and the celebrities, it was a chance for them to go and be a normal person at the party like anybody else,” says Outtrim. “But bringing in servants is where it’s become a bit of a problem. It’s pushing buttons related to class war in San Francisco.”
…Lillie liked the idea of using Burning Man as a crucible to re-educate the 1 Percent. She signed on to work as a bartender and server. Her pay would be a flat rate of $180 per day…The only employees who appeared to be enjoying themselves, Lillie wrote, were the attractive models, a posse dubbed the “mistresses of merriment,” who had traveled from L.A. ostensibly to flirt with and help entertain the male guests. During the telephone interview, Lillie concedes that she never saw any harassment of workers take place. But she says the introduction of paid laborers like her into the libertine atmosphere of Burning Man created an awkward dynamic. “It was like a bunch of old, married men expecting a freaky sex party at Burning Man. The girls were all kind of looked at as though we were going to be a part of that.”
…For his part, Harvey, who personally invited Grover Norquist last year, continues to see the arrival of the ultrawealthy as a good thing for Burning Man. “I want to convince people that it isn’t as if the 1 Percent represents an evil bacillus that like Ebola will sweep through our city,” he says. “That’s not possible. Much of the anger is because of a feeling of impotency. The whole issue of the 1 Percent has been a matter of public discourse for some time now, and nothing has changed. People are frustrated. … My mission is to reform the 1 Percent.”
Invoking ebola here seems to be the ultimate use of the straw man rhetorical diversion tactic. People want to be convinced that the Board are going to uphold the Tin Principles, instead of coming up with new ways to run ever-more lavish and high dollar Commodification Camps with Exclusive wrist-band only Gifting. That’s the issue Larry, not Ebola.
I must commend Sherpa Beth Lillie for everything she has done for the community in being the whistleblower on this story, as well as thanks to all the other sources who have also come forward. And we should thank the OS “Original Sherpa” Tyler Hanson, who first raised the alarm about ridiculous gentrification replacing radical self-reliance in the New York Times the week before the last Burning Man. Perhaps from now on the Commodification Camps will fund more (and better) art, or culturally indoctrinate their wealthy clients more thoroughly. Free the sherpas!
Will some fresh LSD Billionaire Burgins arrive as a result of this article, lining up for Larry & Co to re-educate them with a life-changing experience, and pulling out their checkbooks to donate to the Burning Man Project’s global colonizing mission? Stay tuned.