Sorry if I got you alarmed yesterday. After I wrote about the Chinese weaponizing the personal data they stole on you and me and all my friends and family, it turns out that particular shoe has not dropped yet.
A few minutes after mashing the button on my trusty lap-top the word began to spread- from NBC and The Daily Beast that Pentagon sources were saying the attack- the “sophisticated spearphising” that gained access to the DoD unclassified (but sensitive) network connected to the internet actually came from the Russians.
I have always contended that attribution is the toughest part of the cyber game, since hackers can jump around and coopt other people’s machines to do their dirty work, and then hide behind yet another server with tools to render them anonymous.
They can cover their tracks well, and even lead investigators to suspicious entities that we would blame any way.
So the fact that this may have originated as a Kremlin plot doesn’t mean that the stolen data in China hasn’t also be compromised as thoroughly as Hillary’s private server was.
It is a mess, and despite the gravity of the situation, there doesn’t appear much alarm. Too hard to understand, I suppose, and people might begin to not trust anything.
I got there a long time ago.
The latest version of the story is that the Russians attacked the emails of 4,000 military and civilian personnel, and as of yesterday the system was down for eleven days.
Senior government officials claimed the hack represents the “‘most sophisticated’ cyberbreach in U.S. military history.”
The attack occurred only 16 days after Marine General Joe Dunford, nominee to be the next Chairman (and first Marine) of the Joint Chiefs of Staff. He testified before the Senate Armed Services that he considered Russia to be the greatest threat to American national security, ahead of the PRC, North Korea and ISIS.
Looks like Joe ticked off the Bear. Oh well. I think the price of oil at $45 a barrel is enough for Mr. Putin to worry about, since at those prices he will be bankrupt soon enough. But bankrupt people with nuclear weapons still concern me.
What is the Joint Staff doing about it? They are “creating mock hacking scenarios” that must be completed before personnel can again access the system. As I said yesterday, if the adversary already knows your spouse, kids, duty stations and addresses for your entire life, I don’t think it would be very difficult to fool you into thinking you are communicating with someone you know.
Just like this email. Wait, don’t click on the link!
Welcome to the brave new world. I just don’t know to whom we can attribute it’s creation.
Copyright 2015 Vic Socotra
www.vicsocotra.com
Twitter: @jayare303