P0wn3d

A couple of weeks ago the NHS – amongst others was hit by a malware that spread like wildfire through its systems. Windows machines and their shares become both conduits and centrepieces for the infection. However after a few days of fuss – a very lucky break by a researcher WannaCry was placed in the bin of historical events that really didn’t mean a bunch.

No one stopped to ask “what if?”

What if – like some ransomware – the contents were leaked off site, and the host encrypted? Your medical records now out for tender?

What if – backdoors were secreted for future use?

What if – this was a distraction from the main event stage left?

What if – this was just a warm up event?

No.

Nothing.

Silence.

We pat ourselves on the back and a mixture of comments about luck and how great we are and move on.

Move on to the end of June 2017.

I read a worrisome article on Russia using the Ukraine as a sand-pit for its modern warfare end of one week (their power grid, or larger play), and the beginning of the next crypto malware slips under the radar once again spewing out from the Ukraine once again to infect machines across Europe.

First of all you get the postings from the NCSC, then from the likes of Talos, and all of this after the press and social media.

Then – 4pm – Chernobyl switches to manual radiation monitoring after its systems are infected.

Nice.

Stuxnet was a warm up act. A state testing its toe in the water. This… oh my.

[Deep Breath]

If you have not seen Mr Robot – then shame on you. In short, a group of well meaning, socially spirited, talented people motivate themselves for the greater good, neuter banking, and their ability to recover, and then wipe out debt. Sounds fun right? Alas society as we know it would go into free-fall.

As a child growing up in the Cold War era – I was as much fearful of that as I was of holding my thumb at arms length up to a growing cloud to find it bigger…. things get desperate… things change. Rules go out the window. A state turns on its own people in the name of keeping order.

This current wave of attacks have had the appear, or at the very least want to appear as if they are financially motivated.

This is not just the tool of the nation state.

This is the tool of Citizen Smith. You, and I.

What would you do?

The gloves are off – Pandoras Box has been opened, and there is no putting this back now, no un-inventing. I see this going bad, very quickly, as people who are not motivated by money get their hands on these kinds of tools. These are the guerrilla fighters of the next generation… and quite frankly there are little to no defences against armies that don’t wear a uniform… let alone armies of three of four around the globe… hiding… in plain sight.

But hey – the real evil is end-to-end encryption right, if you would believe our heads of state? All of this irrespective if you can compromise the end points. So says Five Eyes – so it *must* be true. Think of the share value. Think of the children. You MUST be a sympathiser (etc.).

I wonder what the REAL agenda is there.

“LOOK! A BEAR!”

These, my pedigree chums, are interesting times.

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this:
Skip to toolbar