NSA does a big ol' oopsie
Today's look at war from the cheap seats
|War Editor||May 28, 2019|
Baltimore has been dealing with a ransomware attack for the last three weeks, to the point that the city’s website has a big ol’ “Sorry, can’t email, back soon,” sign on the front. Turns out it’s not alone, and it’s the NSA’s fault. Yes, that NSA.
Our story begins sometime in 2011, when the good folks at the National Security Agency started combing through Microsoft’s software so they could find a flaw. Probably so they could tell Microsoft and keep the rest of us safe from those who would do harm with such a thing.
Either that, or so they could find a flaw that they could then exploit for their own purposes. Which they managed to do sometime in 2012, developing a tool they called “EternalBlue,” which wasn’t the first name.
Initially, they referred to it as EternalBluescreen because it often crashed computers — a risk that could tip off their targets. But it went on to become a reliable tool used in countless intelligence-gathering and counterterrorism missions.
Since EternalBlue was something the NSA considered “NOBUS,” or “Nobody But Us” thanks to the level of sophistication involved to come up with it, they opted not to tell Microsoft about the vulnerability. Because it’s not like EternalBlue was ever going to get out into the wild.
Unless someone like the Shadow Brokers got hold of the code for EternalBlue and a lot of other nasty toys at the NSA’s disposal and decided it was time to share that with the world. Which they did in 2017, making Edward Snowden look like a rank amateur by comparison.
Mr. Snowden’s cascade of disclosures to journalists and his defiant public stance drew far more media coverage than this new breach. But Mr. Snowden released code words, while the Shadow Brokers have released the actual code; if he shared what might be described as battle plans, they have loosed the weapons themselves. Created at huge expense to American taxpayers, those cyberweapons have now been picked up by hackers from North Korea to Russia and shot back at the United States and its allies.
Once the NSA knew about the breach and that EternalBlue was about to hit the open market, it got in touch with Microsoft and other tech companies. But the fixes Microsoft would put in place only work for those companies that keep their systems updated regularly.
One month before the Shadow Brokers began dumping the agency’s tools online in 2017, the N.S.A. — aware of the breach — reached out to Microsoft and other tech companies to inform them of their software flaws. Microsoft released a patch, but hundreds of thousands of computers worldwide remain unprotected.
That’s because municipalities like Baltimore have procurement structures that make the Pentagon’s labyrinthine buying process look like it was drawn by a third grader on a bumpy bus with crayons. What I mean is: they don’t standardize for shit sometimes.
And that means spending a lot of money that cities don’t really have to clean up messes like the ransomware attack and then defend against future attacks. Because how EternalBlue is being exploited is pretty simple: someone gets hold of your computer system, and sends a super well worded message about what needs to happen next.
The Baltimore attack, on May 7, was a classic ransomware assault. City workers’ screens suddenly locked, and a message in flawed English demanded about $100,000 in Bitcoin to free their files: “We’ve watching you for days,” said the message, obtained by The Baltimore Sun. “We won’t talk more, all we know is MONEY! Hurry up!”
Cyber weapons are this generation’s nukes…along with the actual nukes…and that’s the problem with organizations like the NSA, that continue to push the envelope in the name of national security, on the assumption that everyone in the building’s on the same team. Which isn’t working all that well, because even after a multi-year investigation, the FBI still doesn’t know who’s really behind the Shadow Brokers, and if any of the leakers are still at the NSA.
And of course the NSA is owning up to their role in the attacks.
In an interview in March, Adm. Michael S. Rogers, who was director of the N.S.A. during the Shadow Brokers leak, suggested in unusually candid remarks that the agency should not be blamed for the long trail of damage.
“If Toyota makes pickup trucks and someone takes a pickup truck, welds an explosive device onto the front, crashes it through a perimeter and into a crowd of people, is that Toyota’s responsibility?” he asked. “The N.S.A. wrote an exploit that was never designed to do what was done.”
Yeah, but Microsoft? Doesn’t agree.
“I disagree completely,” said Tom Burt, the corporate vice president of consumer trust, insisting that cyberweapons could not be compared to pickup trucks. “These exploits are developed and kept secret by governments for the express purpose of using them as weapons or espionage tools. They’re inherently dangerous. When someone takes that, they’re not strapping a bomb to it. It’s already a bomb.”
Now, if you’ll excuse me, I have a favorite lawnchair to pick out. Because I’m getting super close to saying that all tech is evil. It’s not, inherently, and the NSA probably meant well. So much as an agency whose main mandate is to listen to the rest of us can mean well.
We live in a world where tech is king, and not enough people are asking, “Sure, we can. But should we?” That’s everything from Twitter to EternalBlue, and at some point our own creativity will be our downfall.
Nimitz Sailors prepare for a foreign object debris walkdown on the flight deck of the aircraft carrier USS Nimitz (CVN 68). (U.S. Navy photo by Mass Communication Specialist 3rd Class Christopher Jahnke)
In case we’d forgotten that the US government is still up to some fairly shady shit in Africa, recommend this read on how private military companies (PMCs) are being used to train the Danab, a local force of light infantry that will probably be used to topple the government in Mogadishu someday.
And probably, maybe, US forces are shooting people there, too.
“Somalia is an area of authorized hostilities. Our intention for U.S. forces is to have the Somali partners conduct the operations. Occasionally, as we’re accompanying Somalis into the field, U.S. forces find themselves in situations where they have to either defend themselves or assist a partner in defending themselves. Those happen occasionally, but the intention of U.S. forces when they take to the field is to advise and accompany the partner where the partner conducts the actions.” — Marine Maj. Gen. Olson, from AFRICOM, trying super hard to make it sound like what the US is doing in Somalia is just okey dokey
All of which means we’re a long way from Osprey Down the inevitable sequel in Mogadishu. But not all that far away from training another paramilitary arm that’s probably going to end up destabilizing the government.
Besides ignoring child rape by peacekeeping forces, the United Nations also worries about how the Taliban are treating prisoners. This would be the same Taliban that used to decorate football goals (that’s “soccer” to you ‘murcans) with the body parts of folks they’d just executed, so naturally anyone who’s in Taliban detention probably has some legit causes for concern.
Sounds like their work release program sucks.
The UN mission said the freed prisoners were held underground and forced to work at seven hours a day, including “making improvised explosive devices” for the Taliban that were used against Afghan and international coalition forces.
So they avoid skin cancer and only work seven hours a day?
Sounds like they detained a bunch of millenials.
Looks like they’re wrapping up the next season of Narcos.
Luis Eduardo Carvajal, alias Rambo, was an influential leader among the Revolutionary Armed Forces of Colombia (Fuerzas Armadas Revolucionarias de Colombia – FARC) prior to his capture in July 2018.
He is known to have charged millions of dollars to drug traffickers in order to register them as former FARC members with the Colombian Special Jurisdiction for Peace (Jurisdicción Especial para la Paz – JEP).
Because the Colombian government looks more kindly on a rebel group coming in from the cold than a cocaine hustling drug dealer, since making peace with an armed group that makes its money from the drug trade is somehow more respectable.
Y’all probably remember this happening last year.
Turns out that the pilot didn’t know that the general public could see the dick he drew. In the vicinity of the Chocolate Mountains. Which is a security problem.
The investigation into the sky penis pattern recommended that an investigation be launched into the security risks of civilians being able to track military aircraft with the ADS-B transponder before the 2020 mandatory compliance.
The fact that the investigation drew any conclusion other than “don’t draw a sky penis” is the best thing I’ve read in a while.
The pilot told investigators that he “elected to conduct a holding pattern in a phallic shape,” but had no intention of posting it publicly online. He said that he only planned to show a few friends because he thought it was comical.
So it’s a good opportunity for some re-training of your pilots and explaining to them that their new transponder can be seen by the public.
Still the best excuse for sending a sky-sized dick pic yet.