OpEd on OpSec N00bs ;)

I have read too many bunk scare tactics and all-out ridiculous articles that are all hype with no facts about the Mirai DDOS Hack. It’s time to step up to set things proper.

Now sit down and shut up as I explain a few things to ensure you completely understand all that has happened and what will be happening if we don’t stop it. I need to bring some up to speed as not all of my readership is at the same level of understanding, so read deeply or skim as necessary.

A Chinese security camera maker has admitted that it was its products that were used to launch the recent cyber-attack which caused that massive internet disruption for millions of users. The CCTV cameras were made by Hangzhou Xiongmai Technology Co.. While Xiongmai didn’t say how many of its products had been infiltrated, all cameras made before September 2015 were potentially vulnerable. This has highlighted the threat of connected devices in regard of the botnet, if not overall how reliant society is upon our devices. It puts the very real threat of an EMP into perspective, don’t you think? It’s made me realize that I will be finishing my faraday cage sooner than later!

What is referred to as the “Internet of Things” (IoT) includes CCTV cameras, DVRs, vehicles, Environmental monitoring, Infrastructure management, Manufacturing, Energy management, Medical and healthcare, Building and home automation, Transportation, Metropolitan scale deployments, Consumer application, and Unique addressability of things (i.e. RFID chips, Unique addressability of things, IP address or URI). It all started with a Coke machine at Carnegie Melon in the 1980’s, believe it or not.
hacktivistswithanoblecause

The Operation of Mirai is well understood because its source code has been published. It takes a collective working together as a finely tuned orchestra to pull off such a complicated and multitiered hack such as this. No fly by night effort, this was planned, truly a labor of love… as I see it done for the citizens of the US, began by New World Hackers (NWH).

 

They said they organized networks of connected “zombie” computers called botnets that threw a staggering 1.2 terabits per second of data at the Dyn-managed servers.

“We didn’t do this to attract federal agents, only test power,” two collective members who identified themselves as “Prophet” and “Zain” told an AP reporter via Twitter direct message exchange. They said more than 10 member participated in the attack. It was not immediately possible to verify the claim.
https://apnews.com/420f59d82ee942d6bd23101b7902411b

Hacktivists are an intricate part of fighting back against our corrupt government. You all have been able to bear witness to what the contractors who have been hired to “work security” turn to do to peaceful protesters in our nation. Tear gas and dogs with gnashing teeth set upon children and even pregnant women who dare to exercise their civil liberties against big money corporations. Who cares if we have fought for those liberties generationally by serving in the military? NOT the corporatocracy that our government has  systematically devolved into… of that, I can assure.
I’m totally heartbroken (NWH) retired from the hacking scene, but I understand and respect their reasons. If I were them, I’d have done the very same.

img_0389

img_0390
CLICK -> Scroll down past the face to read the Q&A


Don’t get your knickers in a twist, just keep reading, continue to LEARN. As always, I try to be a light unto your path on this journey of education.

The Denial of Service Attack (DDOS) hijacked CCTV cameras run through Dyn Inc. using malware known as “Mirai.” The beautiful simplicity of this malware is what makes it so infinitely dangerous. Mirai is malware that turns computer systems running Linux into remotely controlled botnets that can be used in large-scale network attacks. Mirai continuously scans the internet for “Internet of Things” (IoT) devices and infects them by using a table of common factory default usernames and passwords to log into them. A device remains infected until it is rebooted. After a reboot, unless the login password is changed immediately, the device will be reinfected within minutes. Mirai includes a table of subnet masks that it will not infect; private networks, United States Postal Service, and Department of Defense.

DontWorryIf these hackers wanted to do damage, they COULD.Obviously, they don’t, given their specific exclusions.

HOWEVER, this hack wasn’t about shutting down that which was essential to the lives & wellbeing of American lives. While far too many lazy Americans are too busy being lazy and “techtarded” to bother changing the default username and password this ensures that their (IoT) devices were infected. As the day wore on, the attack spread across the country taking out numerous large websites including Twitter, Spotify, Reddit, Netflix, Amazon, eBay, GitHub, TAirbnb, and the New York Times. But, you didn’t hear me whining about it… unlike so many. Probably the very same individuals who were too lazy to change their usernames and passwords! #Techtards

RULE 41 of the Federal Rules of Criminal Procedure

This hack was about exposing a vast & dark expansion of government hacking before it’s too late. Beneath these new laws bestowed upon the FBI, they would have unilateral authority to secretly use pestiferous malware to hack into hundreds of thousands of personal devices that belong to innocent third parties, even the victims of those very crimes. The consequences be they unintended would be unthinkable. For instance, it will massacre the civil liberties of American citizens, rendering the 4th amendment rights to be prevued only in historical documents. Our constitution is a living document, one they are endeavoring to murder outright.

The new plan to drastically expand the government’s hacking and surveillance authorities is known formally as amendments to “Rule 41 of the Federal Rules of Criminal Procedure, and the proposal would allow the government to hack a million computers or more with a single warrant. If Congress doesn’t pass legislation blocking this proposal, the new rules go into effect on December 1. With just six work weeks remaining on the Senate schedule and a long Congressional to-do list, time is running out.” –Wired
https://www.wired.com/2016/09/government-will-soon-able-legally-hack-anyone

I hope this explains why Op Mirai the mass DDOS was truly done in the hope of waking the American people up by education. Telling them to educate themselves before it was too late, just this December.  Entirely dismantling the Mirai Botnet could be a “white hat” hack, if the hacker was given unilateral government permission, as it would break the law in 90% of the world’s nations – states individual ethics and strategy are consequent to collective determinants, of course. Removing malware & chance default credentials would be the entire purpose of this hack. They’re primarily being used for their intended purpose (although many are sold as ‘security’ appliances, laughably) Difficulty remains in how to notify device owners which tend to vary more by device. Given the corporate media are all presstitutes who are trying to SELL you the botnet rather than tell you the facts behind it. This upcoming law I described above is hinged upon the people going along with it, no muss – no fuss. It passes, we lose more of our rights and they get to rob of more of our constitutional liberties.

It has become painfully obvious to me in the past year that our system is more broken now than EVER before. What really began opening my eyes was the Brock Turner case. Lately it continued with 18-year-old David Becker was charged with sexually assaulting two unconscious women at a house party gets two years of probation & no conviction will appear on his record so longs as he doesn’t violate that probation. Ongoing a father ‘repeatedly raped his 12-year old daughter and only gets a 60-day sentence, and I learn this is NORMAL? God help us all… our society has failed our children. Continue past the sources, I’m making a point!

http://www.kspr.com/content/news/Babysitter-gets-30-days-for-child-molestation-390991671.html
https://www.washingtonpost.com/news/morning-mix/wp/2016/10/19/father-who-repeatedly-raped-his-12-year-old-daughter-gets-60-day-sentence-fury-erupts/
http://www.indystar.com/story/news/crime/2016/03/01/indianapolis-man-wont-serve-time-prison-molesting-daughter-cancer/81161376/
http://video.wgntv.com/?ndn.trackingGroup=91046&ndn.siteSection=WGN&ndn.videoId=31300870

Yet, when it comes to hackers the US judicial system downright throws the book at them. Regardless of them using their abilities to help cases or not. If your daughter was gang raped and the police were dragging their feet, part of an old boys club and refused to do what needed to be done, would you not be thankful to those with such skills? I know I would. Things need to change… be the sentences rolled back from ridiculous for those with zero compassion or logic. Or these individuals to be praised as the heroes as so many perceive them to be – Myself included! So you all realize, Deric Lostutter is one of my personal heroes.

Less than a week before Lostutter’s arraignment, Brock Turner was given early release after serving three months in jail. Turner was a Stanford athlete who was sentenced to only six months for sexually assaulting an unconscious woman behind a dumpster. And in February, a student from Indiana in spent just one single day in prison after pleading guilty to violent rape.

https://mic.com/articles/153632/anonymous-activist-who-helped-expose-steubenville-rape-pleads-not-guilty-to-hacking#.tJWcnsDwP

This is a conversation that needs to be discussed with those who appreciate we, the people far more than investing in sports athletes. Not everything is about money!

https://www.wired.com/2013/11/hammond-sentence/
https://www.rt.com/usa/229379-hammond-hacktivist-cyber-hypocrisy/
http://motherboard.vice.com/blog/inside-anonymous-operation-to-out-rehtaeh
https://www.washingtonpost.com/local/public-safety/guccifer-hacker-who-revealed-clintons-use-of-a-private-email-address-sentenced-to-52-months/2016/09/01/4f42dc62-6f91-11e6-8365-b19e428a975e_story.html

If any of you need clarification in the upcoming months as things proceed, you need only ask. If I don’t know, I will find someone who does. The world is a cruel place, full of people who are only out for themselves… I think we need to look out for one another!! We are in this together!!

Advertisements

2 thoughts on “OpEd on OpSec N00bs ;)

  1. Ill be the first to admit that when it comes to programming and cyber warfare, Im only slightly more knowledable than Fred Flintstone but, reading this article, even I realize that we are at the tipping point in this country (and in many other countries I fear) where our Rights and Freedoms will be systematically and irrevocably stripped from us by the governement. Sadly, most people wont even know its has happened and wouldnt believe you if you told them! Panem et Circensis has already had too much of a damaging effect on the sheeple . Great article!

  2. You wrote a great article that should open people’s eyes to what hacking can and will do to our lives. The US is so far behind in protecting the citizen’s rights to privacy and security it’s scary. I’ve been saying that for years, long before social media (Facebook, etc.). We are always the last to implement the highest security for our credit cards and even when we do we don’t update the most important place we use them the ATM machines. Those machines and gas station machines can be hacked in less the 10 seconds according to hackers interviewed on 60 Minutes. They still work properly but at the same time the hacker gets all your information and can even make a brand new card with it. That wouldn’t be possible with chip enabled machines. Using your PIN number at a register is the same it defeats the purpose of the chip. But how many retailers have mandated we do that since our debit cards have become chip enabled. Could you imagine someone getting information about your money management account just because a retailer made you use your PIN number instead of charging it to your account which is safer and recommended? There goes someone’s retirement or nest egg. Also hackers getting into computers or our homes. A simple fix is electrical tape. Cover up the web cams when you’re not using them and make sure you’re using a secure private wifi not anything public. The problem is no one ever tells the general public these things not even after it’s too late. Things like this are common knowledge in places like England and Australia.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s