Iran’s Qassam Cyber Fighters Attack U.S. Banks

 @jl2l  @TomRyan  @Contagio It truly is a form of proliferation, right? It would be so incapacitating and the damage would be felt globally.

 @jl2l  @TomRyan  @Contagio Thats the impression I got from reading the report I read that was written 10+ years ago. The cyber Kill switch that can take out comms, etc. I wonder if we will get there. Iran Dark 030.

 @JHR  @TomRyan  @Contagio The US has a unplug switch, most of the internet is routed through us, but its not as simple as click on a icon of Iran and then clicking a off button, in switching it off we would most likely also shut off other countries/user in the region. The better option is to drop a e-bomb and fry out their network.

 @Contagio  @TomRyan Ditto Contagio. Its not my department, but I feel like I need to learn as much as possible in order to just keep up with the equipment, its full range of use and security.

 @Old PH2  @jeffreycarr  @Jaycel Adkins 

Yes i though that same thing, i mean i didn't think we loss capabilities or went backwards, but anything is possible today.I did remember reading that the RQ-170 program was very rushed into service ( 2-3 years vs 8+) and perhaps it was a oversight, I also have a theory that the RQ-170 model lost was in fact a flying camera with little to no secret sauce in it, ie the AESA SAR radar, if it was i think the US would have recovered it. If they did score a AESA SAR that would be a big deal for Iran.

 @Old PH2  @jeffreycarr Mirrors within mirrors within mirrors. 

I always figured if the Iranians did pull it off, they would have just landed the drone at Tehran International Airport to give Uncle Sam the finger. But maybe the mullahs don't have my sense of humor (or the red light was blinking on the gas gauge). 

Thank you for the reply and comment. 

 @TomRyan  @jl2l  @jeffreycarr Thats a very scary scenario you just described Tom. And, it happens in all fields of politics.  Legislation needs to be written by an authentic, progressive, well respected and expert on the subject matter be it Cyber Security, a Health Care Issue, etc. I think this system right there has flaws.Sometimes- Bills get passed that shouldn't and Good Bills don't get passed.

 @jl2l  I agree completely. In fact, I just finished writing a journal article in which I compare Iran to Star Trek's Borg. No matter what you send against Iran, it assimilates, reverse-engineers, and uses a version of it to attack its opponents. Iran just showcased a new UAV that's identical to one of Israel's that Iran captured in 2011. It's doing the same with our RQ-170. It most likely reverse-engineered the Wiper virus to create Shamoon and use it against Aramco. This is one of the most serious problems with creating cyber weapons. You spend a few million creating it, launch it, and the target reverse-engineers all of your hard work for a song and a dance.

 @TomRyan  @JHR  @jeffreycarr Yes consider how long it took them to handled the MP3/Streaming Video MPAA, RIAA, etcLets hope we don't wait for congress to legislate how to defend against a cyber attack.

 @jeffreycarr  @majrod Yes the Aramco attack is a window into what is to come. Cyber fits with Iran's MO, it's a asymmetric battle space which has a low entry in terms of cost(buying computers vs centrifuges) (compared to nuclear/chemical/bio) if you look at how they see it, nuclear guarantees the regime survivability as demonstrated by North Korea, gaining something like a credible cyber warfare capacity is view in Iran as a similar thing, you attack us we drag down all world commerce and the internet. (this runs with the theme of attack us we close the straits of Hormuz) Its prob viewed as a more happy middle ground in Iran if they are forced to stop there nuclear program, the IRG are not amateurs they understand the US has red lines and if they can't bully the world into letting them have breakout, then they will back down, they don't want a repeat of Gulf War I with them as the target, they world will rally around the US when the time comes as they will be the less of two evils, the nuclear arms race of the ME which would come quickly after Iran declares breakout if they do would not in the world opinion be better off.

If you think about cyber as a historical new weapon of war (like a-bomb/the airplane etc) which invokes a pivot in military doctrine, because of its related newness to the battlefield they(Iran) will most likely go all in for it, i would imagine for Iran its like how the major players of WW2 viewed the A bomb, they all wanted it its just a question of who spends the money and resources, if Iran wanted power in the 21st century without a nuclear program which will be sidelined via world politics, the ability to control and use the internet as a attack platform against its enemies is critical. it fits nicely with both the want to have North Korea's deterrent effect in order to enable the government to remain, and because cyber weapons are by their nature asymmetric weapons, which can be routed all over the world etc.As far as Iran abilities, its just a question of time, they have been exposed to dozens of highly sophisticated examples, its likely to assume that they are able to understand and reverse engineer them over time. Its also assumed that the US in its calculus of using such weapons would assume that at some point they would be discovered and as such planned for counter use. I would imagine the US is waiting for Iran to do such a thing to test how quickly they can turn around weaponized malware.

 @TomRyan  @jeffreycarr That was written in 2000, published in 2001.

 @TomRyan  @jeffreycarr seems to me that behavior signals fishing for vulnerabilities and/or possible weaknesses to utilize for diversionary tactics. I would take it seriously. Maybe because I've seen threats not taken seriously, and I've seen the negative consequences/results. I might be biased on this aspect.

 @TomRyan  @jeffreycarr I am NOT a cyber person. But I do get called in for projects out of my realm for out of the box problem solving ideas. Some of those ideas "fly" and are integrated. Perhaps we need some brains in on these equations, not the super cyber brains, but the opposite. Analytical vs. Creative Thinkers. Just an idea.

 @TomRyan   @jeffreycarr "hacktavist"? what next?

 @TomRyan  @jeffreycarr Tom, here is an exerpt out of the book link I posted to you and Mr. Carr. Is this along the lines you are thinking? (Sea,Land,Air, etc....)

"The most devastating weapons will be those that target an enemy's infrastructure -- air-control systems, electrical grids, and communication networks, to name just a few potential targets. "Trojan horse" chips or viruses designed to accept and respond to commands from U.S. military intelligence can be installed in computers being sold overseas, making them vulnerable to attack. By hacking into computer systems, the United States could override programmed commands and thus shut down air traffic control systems, and open floodgates and bridges. Misinformation could even be broadcast, for example, by using imaging technology to simulate a television appearance by an enemy nation's leaders. This type of combat puts civilians at more risk than ever, as financial, communication, transportation, and other infrastructure systems become prime military targets. And information warfare puts the United States -- a nation increasingly dependent on technology -- in a position of both definite advantage and extreme vulnerability. In The Next World War, James Adams draws on impressive research as well as his lifetime of reporting on intelligence and military affairs to give us a chilling scenario of how wars will be fought in the new millennium -- and how much closer to home they might strike."

 @jeffreycarr  @TomRyan I am a fan of James, but have not read his books. I did read a brief report on cyber security he wrote and it scared the crap out of me. I believe it was acted on. Corialanus cited one of James books on another thread, Inside Delta, SAS, one of the other books he wrote. I do not believe he suggests an all-cyber form of warfare. You would need to have a one on one with him on any security subject. Nice Man, as you are.

Here is one that possibly pertains to this thread.

http://books.simonandschuster.com/Next-World-War/James-Adams/9780743223805

 @TomRyan  @jeffreycarr I lean towards your opinion as well, only because of classified security measures in place within all technology. However, if that it circumvented, I believe (my opinion only) its a real threat. I also think many corps. are just plain vulnerable.I'd like to see this arena tightened up.

 @JHR  @TomRyan  I'm not familiar with James Adams' book but if he suggests an all-cyber form of warfare, then no. I don't believe that we'll ever see a "pure" form of cyber war.

 @jeffreycarr   @TomRyan Do you think we are getting closer to the "i War" scenario that James Adams talks about?

 @majrod Sounds good to me. :-)

 @jeffreycarr  I'm not attached to my theory.  It's as speculative as anything else out there.  I was more interested in finding evidence of my belief that the Stuxnet story published in the NYT did not enhance our security.

As for the DOS attack, the attack may have not been the goal of the op.  Training of the individuals, procuring talented individuals, sources of "deniable" resources are all benefits of even the simplest attacks.  When the Iranians were supplying the first EFP's to Iraqi insurgents I'm sure they were looking to find who was the most effective before commiting more resources.  Any casualties they produced was just a benny.

 @majrod  If we accept your theory as true and Iran wanted to retaliate for Stuxnet, why would it decide that the best way to retaliate for losing about 1000 centrifuges would be to inconvenience U.S. bank customers for a few hours? When it didn't want Saudi Arabia to increase its oil production, Iranian hackers destroyed the hard drives of 2000 servers and 30000 work stations at Saudi Aramco. When Iran needed a digital certificate to spy on its own Internet users, an Iranian hacker raided a Dutch certificate authority and stole one. Iran may be run by crazy people but when it comes to cyber attacks, it acts w/ authority. This just doesn't fit the pattern of state-sponsored attacks. This is clearly a low-tech hacktivist run op. And as such, if they wanted to say it was for Stuxnet instead of the film, they easily could have. No reason to hide it.

 @jeffreycarr  I don't know about that Jeff.  After the opening salvo of a "cyberwar" not every attack has to be with one's most devestating weapon.  These could be attempts to mobilize the populace or develop other conduits for attack.  I agree with you this isn't equitable but assymetric warfare applies to cyberwarfare also huh?

  @TomRyan  Thanks!

 @majrod  @TomRyan Iranian hackers have performed much more damaging hacks than this one so it makes no sense that such a relatively weak attack like a DDoS would be in response to something as sophisticated as Stuxnet. 

 @TomRyan  @jeffreycarr  @LauraWalkerKC WE have security apparatuses in place installed within al/mostl technology post 9/11 (maybe instituted around 2004?). How much of this is public information?

 @TomRyan  @LauraWalkerKC Tom, those credentials could get you a reality TV show!

 @TomRyan  @jeffreycarr I'm not evil . .  ]=)

 @TomRyan  @jeffreycarr Come on over to my house to borrow a cup of sugar. I'll be vacuuming in my pearls ;)

 @TomRyan  @jeffreycarr A theory + social media games + a target + google does not = tradecraft.

 @TomRyan  @jeffreycarr Credentials, credentials, credentials