Wow, look out, hackers: Trump to order 60-day cybersecurity probe US President Donald Trump will order a 60-day report on the state of the nation's cybersecurity, complete with recommendations on whether new legal powers are required. That's according to a draft executive order leaked to The Washington Post and posted online. For the most part, the draft [PDF] reflects the persistent …
I've found that the majority of brute force attempts against my ssh servers originate from the USA, so a great US firewall will be of benefit to me, here in the UK, as long as they filter outbound traffic.
It won't help the USA much against internal attacks though, will it?
Interesting, here in Norte America the majority come from Ukraine/Russia/China and then various temp Euro IP's which are more like single compromised PC's. There are some bad actors using temp accounts at AWS, DigOcean, OVH, Softlayer, etc, and little guys like DataShack out of KC, but once those DC ranges are blocked it quietens nicely domestically.
Wonder if it's the thought of impunity through distance or a matter of the reasons for targeting.
A bit of phish that I looked at recently traced back to hosts and companies in Samoa, Ukraine and Brazil, although the email address it forged was supposedly in the UK. It's pretty much to be expected that bad actors operate internationally, because it's the best way to obfuscate their true location and make investigation or prosecution difficult. And that's been the case for 30 years to my personal knowledge.
The Obama Administration recognized the fact that the vast majority of the internet lies in private hands...
In 2011 Chinese government hackers got into U.S. Steel's computer systems and stole trade secrets related to a new, lightweight, high strength steel process for automobiles, military vehicles, and ships. Chinese steel makers copied these techniques and started producing identical lightweight steel products. U.S. Steel lost contracts, market share, and jobs. Obama did nothing.
Chain has been attempting to hack U.S. and U.K aircraft carriers. Of course these ships use the same internet that we do.
The Internet is vital to any country's economy, as well as its national security. When these things happen it is vital that the government step in to protect its people. Trump is treating internet security as seriously as how the U.K and most other nations treat interest security.
"In 2011 Chinese government hackers got into U.S. Steel's computer systems and stole trade secrets"
Or else under the pretext of hacking of trade secrets U.S. Steel is looking to ban import of cheaper Chinese steel into the US.
Or else don't put your trade secrets on the Internet ..
Chain has been attempting to hack U.S. and U.K aircraft carriers. Of course these ships use the same internet that we do.
@BillG You might want to check your sources, the UK at present has no aircraft carriers and hasn't for a while.
Last was HMS Illustrious which since the Harrier was decommissioned in 2010 was nothing more than a helicopter transport until it's own decommission in 2014. The first of the 2 new carriers won't be ready till 2020.
Oh, and no, they don't "use the same internet as we do", they use dedicated encrypted satellite networks which while those "connect" to the internet at the endpoint, are heavily firewalled allowing access to only some email services and websites.
BTW about Obama doing nothing about US Steel. US Steel only filed their grievance in April 2016, and by May the US gov started an ITC investigation into the alleged hacks, by June they had given them the green light to seek sanctions and redress against China. That's quite a lot done in a very short period of time to describe as "nothing".
In 2011 Chinese government hackers got into U.S. Steel's computer systems and stole trade secrets related to a new, lightweight, high strength steel process for automobiles, military vehicles, and ships. Chinese steel makers copied these techniques and started producing identical lightweight steel products. U.S. Steel lost contracts, market share, and jobs
So, to recap, it was super cool when the US ignored international patent and copyright law to advance from an agrarian economy to an industrial one, but when China do it, it is intolerable?
Chain [sic] has been attempting to hack U.S. and U.K aircraft carriers. Of course these ships use the same internet that we do.
OHRLY? (You are wrong)
This post has been deleted by its author
"Pence's puppet is probably thinking that he can turn the Internet off so that only Christian Americans can use it. I expect the next executive order will be to remove support for Arabic character sets from the Internet."
How about also banning numerics written in arabic figures ? (;-))
This post has been deleted by its author
Speaking as an employee of one of the UK backbone providers, I agree that a cut-off switch is possible. Lets say that BT, Virgin and Level 3 turn off the power switches, at least 95% of the UKs internet will simply go off. Only the obscure routes will stay up, and even then it will probably be the university to university stuff that stays up.
it's time to keep an eye on regulators. watch them. scrutinize them. make sure they don't do anything crazy/stupid. And protect the privacy of the individual, above all else.
Make sure that the government OF THE PEOPLE, which Trump has said is getting the power BACK, isn't screwed over by "the kinds of things" that gummint has been trying to do 'the masses', like FOREVER.
The Trumpster has started with quite a flurry of executive orders being churned out like tweets, it looks as though this is going to be his style of government.
At some stage the house and senate who are theorectically on his side are going to get a bit snippy if he tries to exclude them and dictate to America via EOs.
From what I have seen so far, malware obfuscated into opensource code working with malware in the firmware of Add-on graphics card, HDD firmware with extra code stored in the unused sectors of harddrives, exploiting the Quick Format option seen with todays massive sized hard drives along with CPU virtualisation switched on by default in the bios, and bios malware makes much of the computer systems and controls systems already pwned. Even banks and supermarkets still using their old mainframes, but with PC access are vulnerable, and considering the UK only has between 3-7days of food in the supply chain, the ripple effect for food distribution centres when one goes down would be rendered useless.
DirtyCow identified in 2007 was never really patched properly until the end of last year, making it very easy to add malware. Throw in the fact that the US tech sector is just a public relations branch of the US military and you start to see the US Military's weaknesses in achieving global domination by 2020.
Any hardware where the firmware can be updated is a great place to hide malware. The USB bus is perfect for downloading compromised device drivers into systems, just check out how your OS's work to see how easy that one is. Consider who ever unplugs their USB mouse & keyboard, or printer from desktop's? Exploit the psychological and instinctive behaviour of humans in their comfort zones. CEO's are particulary vulnerable as their kids become valid attack vectors for corporate systems.
If you can take out the ferry ports and the channel tunnel, disrupte NATS's you could bring the UK as a country to its knees in under a fortnight, because theres nothing like hunger to cause problems, chatic problems, why else did David Cameron tell muslims fasting for Ramadan to observe Mecca's hours not UK Summer time as UK day time is longer than Mecca's and the military know all too well what a bit of hunger and testorone is like for creating violence.
Of course, neighbours like Eire & Europe in general, not to mention the occupying force known affectionately in stupid circles as the US woud come to the country's aid, so disrupting their runways would be on the cards as well. Disabling the ability to fly in tankers, leaving the Royal Navy somewhat up the creak without a paddle or should that be a ferry for container lorry's.
How many people would it take to achieve an act of terrorism like this?
Not many. In fact if you really wanted to go to war, the WW's are currently amatuer in comparison to what could be achieve today & all without having to drop a nuke, just to show up the stupidity of leaders.
You can use Amazon style drones to drop your IED onto runways both civilian and military. Find out what companies look after airport infrastrure, ege LPL/ECorr look's after Stansted Airports runway, other options include LSD (easily made) in water supplies, so targetting their equipment would be valid attack vectors. Even targetting & disrupting major telecom's infrastructure in built-up towns and cities to create panic would be valid attack vectors from a psychological perspective, ala a rerun of the London Riots.
Reading online literature from places like this http://www.dau.mil/pubscats/ATL%20Docs/Forms/AllItems.aspx identifying their strengths and weaknesses are also valid planning techniques to identify the strengths and weaknesses of the military industrial complex.
Can you spot the GCHQ & foreign agents working in collaboration by starting with Github account?
https://github.com/gchq/BoilingFrogs
You can learn alot by reading online. All you need to do is organise, plan and show up the UK Military & Nato for what is it really is.
Of course the same could be done to other countries as well, but it wont be as effective on major continents, like a European country, but could Mexico find a way for the US to tear down the wall Trump plans to build? Time will tell.
And it goes without saying, these are not the only tactics that could be used, there's plenty of low cost tricks one could employ to further get a population to turn on itself or have a revolution.
... it would be good indeed.
It's well known that many lawmakers (US and elsewhere) have a shaky understanding of computers, networking, and the internet. Not all are handicapped thus -- Senator Ron Wyden has an apparently good head for these matters. If he and the few like him were to receive a well-researched, pragmatic, and intelligent report on cybersecurity, much good might come of it.
Breath is not being held in anticipation of that happening. The wheels of government grind slow but wobbly, and bits fall off, and spokes are loose, and detours into ditches and hedgerows are de rigueur.
Predicted press announcement.
Journo: What are your Cybersecurity plans?
Trump: Well let me tell you about cybersecurity. Important. Very important. We're going to build a firewall the length of the southern internet. We're going to use Cisco kit, good American company.
Journo: But Cisco kit is made in Mexico. So does that mean Mexico is building it and America is paying for it? Will this happen before or after the Mexican wall is built?
Remember TPP ? Merkin goals were to legislate their control of trade via IP and multinational friendly clauses. Given these politicians are simple sons of the executive suite, (apologies to Blazing Saddles) they probably intend to effectively "nationalise" everyones hardware, from home routers up to big Telcos via previously mentioned malware preloaded into firmware, as well as "unbreakable" encryption with backdoors. Marketing and mouthpieces will explain the need for security updates and why the networks have suddenly got slower. If you don't co-operate, you must be current villain de-jure. The Chinese probably have sold them the code already. Obligatory Win10 references superfluous.
This might be the reason for the smokescreen on border control. Outrage can be exhausted. In case you think this has not had a dry run, it explains the Oz version of Attorney general demanding all telcos submit their network changes and plans to the lawyers ( and Oz TLAs) before making changes. Dont you love software defined networking now ?
<off-topic> What happens when the spyware in the drives and network cards of the TLA archives mirrors the contents to the TLA archives ? Automatic backup or I/O choke at Langely ? </off-topic>
Pedantry: Trump is definitely not Canute/Knut. Knut and the waves is Knut demonstrating to his sycophantic courtiers that he might be King of Denmark, England and Norway, but that his secular power is nothing compared to God/nature - he can command the tide to stop, but it will not. It is meant as a rebuke to those wielding power; even if you possess power, you cannot control events.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
