So I just saw this;
(https://i.imgur.com/Q6wdLFQ.png)
(https://i.imgur.com/KaAR4Zh.png)
(https://i.imgur.com/HHbEuXv.png)
(https://i.imgur.com/js6FSeq.png)
(https://i.imgur.com/cUqCv4K.png)
(https://i.imgur.com/UrH3bRp.png)
Has anyone here seen more reporting on this? As someone who's been on the business end of this kind of attack, the possibility of these hackers getting fucked up a bit fills my heart with glee. Though personally, I would also like to see some serious cyber attacks on Russian infrastructure, to give them a bit of a taste of their own medicine.
I did think it was an interesting "oh shit" moment when Darkside, apparently, released a statement saying they were "apolitical" and didn't want to "attack infrastructure"... which is a bit rich coming from a group that frequently attacks hospitals and public transportation systems and the like.
Here's the BBC article where they said they "didn't mean to create problems": https://www.bbc.com/news/business-57050690 :lol:
Yeah - as someone who's also worked on this sort of attack I would be happy to see them fucked up :lol:
I think the threat of ransomware is one of the biggest low key risks we live with (and it's enabled by crypto-currencies) because it is not taken as seriously as it should be and there's not enough investment on good security, especially if someone gets in to your systems. We've seen the impact in the UK where an accidental ransomware attack literally shut down huge chunks of the NHS's systems for several days - and just today there's been a similar thing hit Ireland's healthcare system.
Having said that - and obviously I'll trust US intelligence - but I can believe these guys are just apolitical criminals. My limited understanding is that there are some nation state backed groups that do this type of attack, but that most nation state groupd tend not to be focused on shutting systems down (or extracting financial information). Again I've got limited knowledge and there's lots of different state sponsored groups, but from my understanding their aim is more typically to establish a permanent presence within your network that may be dormant most of the time - just occasionally communicating out of the network to keep the connection - and to extract other possibly more benign (so less protected) seeming information than, say, credit card details.
Edit: And actually from what I understand - the low-key stuff hitting normal non-key infrastructure companies is huge. There's a lot of money being paid to these groups. On the one hand this might deter them from infrastructure which is good, but I imagine they'd just try and hit more less essential companies to make up their income that way.
appartently, this group does not attack hospitals and other public civil services like schools. I do not know if they attack police stations, or even if their claims are true.
We've had a few ransomware attacks on utilities and transport companies over the years. By all accounts most of them seem largely apolitical, hackers saw a way in and wanted money, and given those are key companies they are most likely to buckle.
So, it indeed is a serious threat and I'm happy Uncle Sam is fucking them over.
https://www.youtube.com/watch?v=G56VgsLfKY4&ab_channel=RaminDjawadi-TopicRaminDjawadi-Topic
Great piece on this whole situation:
QuoteWelcome to DarkSide – and the inexorable rise of ransomware
John Naughton
The hacking of a US gas pipeline is proof that cybercrime is now a major industry – with its own trading markets and even CSR
Sat 15 May 2021 16.00 BST
On Friday 7 May, Colonial, the quaintly named operator of the pipeline that brings 45% of the US east coast's gasoline and jet fuel from Texas to New York, announced that it had been hacked. My initial assumption was that this was Russian retaliation for the Biden administration's punitive cyber-attacks on Russia in response to the SolarWinds hack. After all, if a pipeline like this isn't "critical infrastructure", what is? If so, were we not witnessing a significant escalation in information warfare between two nuclear-armed powers?
Fortunately, my overheated imagination turned out to be wrong, but the reality – in a way – is almost as interesting. On 10 May, the FBI announced that the attack on Colonial was caused by an outfit called DarkSide, which specialises in ransomware, and that the bureau had forced the company to halt its pipeline's operations so that it could carry out a full investigation into the breach.
So who or what is DarkSide? According to Intel 471, a security company that surveys the teeming cybercriminal ecosystem of the internet, DarkSide was first spotted in November 2020 on a Russian-language hacker forum, advertising for partners for a ransomware service. What it was pitching was a platform that "approved" cybercriminals could use to infect companies with ransomware and carry out negotiations and payments with victims. "We are a new product on the market," it burbled, "but that does not mean that we have no experience and came from nowhere. We received millions of dollars profit by partnering with other well-known cryptolockers. We created DarkSide because we didn't find the perfect product for us. Now we have it." Not long afterwards, its software was found to be behind several ransomware attacks on manufacturers and legal firms in Europe and the US.
According to Intel 471, in March 2021, DarkSide "rolled out a number of new features in an effort to attract new affiliates. These included versions for targeting Microsoft Windows- and Linux-based systems, enhanced encryption settings, a fully fledged and integrated feature built directly into the management panel that enabled affiliates to arrange calls meant to pressure victims into paying ransoms and a way to launch a distributed denial of service (DDoS)."
Note the reference to a "management panel". In conventional software packages, this would be called a "dashboard", a visual tool to enable non-technical managers to run a complex program without knowing anything about the code. The panel also seems to provide scripts for conducting negotiations with victims. Intel 471 monitored one of these conversations. "This is a lot of money," the victim writes. "My management needs a better understanding of what data you may have taken. Can you provide proof that you have our data?" Answer: "Yes will provide a sample for you." The victim continues: "When you receive payment you will not publish the attack or sell exfiltrated data?" Answer: "Of course not, you will get access to a server with data and will delete it yourself. Also we can provide you with a pentest [penetration test] report how you have been breached and what [you] need to improve."
You get the picture. This is awfully like the kind of dialogue you would see in a conventional business negotiation. What it shows is what the security expert Ross Anderson has been pointing out for years: that cybercrime has been industrialised and that one can analyse it using the methods and economic concepts that one would use if studying any burgeoning line of business.
In that sense, public discourse about cybercrime and its practitioners is way behind the curve. As Ross and his colleagues have shown, criminals are rational actors, not lone hackers with poor hygiene and a penchant for pizza. They see what they do as a low-risk activity with very high profit margins. And they operate in a networked world in which even large and wealthy companies are still failing to take computer security seriously. The significance of the Colonial hack is its confirmation of cybercrime as a major new industry.
Many years ago, I got my first insight into this underworld when a senior police officer took me on a virtual tour of this netherworld. We looked at the online markets in which stolen personal details were traded and the different prices at which various "products" were bought and sold. (PayPal logins attracted premium prices at the time; maybe they still do.) What it looked like was eBay for crooks. And the most striking thing was that in these marketplaces the traders seemed as anxious as you or I would be to establish reputations for reliability and quality. In some cases, there were even star rating systems like you'd see on Uber or, for that matter, on eBay. There may be honour among thieves, as the saying goes, but they still fretted about their online reputations. And DarkSide's claim that it has occasionally donated some of its profits to charity suggests an interesting new interpretation of "corporate responsibility". It's time we wised up to this new reality.
On the last point I've seen stats from cyber-security experts on the reliability of different groups, so whether you get your data back if you pay the ransom - and, in general, most of them are pretty reliable. It is weird because these are criminals, but they rely on building a market reputation to get the money.
Quite similar to the beginnings of feudalism.
Quote from: Oexmelin on May 15, 2021, 10:27:30 PM
Quite similar to the beginnings of feudalism.
I'm not well versed on the beginnings of feudalism. Could you elaborate on that?
Quote from: dane on May 15, 2021, 11:39:15 PM
Quote from: Oexmelin on May 15, 2021, 10:27:30 PM
Quite similar to the beginnings of feudalism.
I'm not well versed on the beginnings of feudalism. Could you elaborate on that?
Uh... who are you?
Says right there: a dane. :)
I'm actually an American, but my name is Dane. :lol:
I've lurked here for a while but never really have anything to contribute. <_<
Quote from: article on May 15, 2021, 09:39:46 PM
And DarkSide's claim that it has occasionally donated some of its profits to charity suggests an interesting new interpretation of "corporate responsibility".
that's hardly new: criminal organisations have been doing that for quite a while. Even terrorist organisations engage in charity
Quote from: dane on May 16, 2021, 01:44:10 AM
I'm actually an American, but my name is Dane. :lol:
I've lurked here for a while but never really have anything to contribute. <_<
Twelve years, according to your profile info. But now's the time. Welcome aboard. What brought you out of your bubble? Who are the five biggest jerks on languish?
It's not a competition.
Quote from: Sheilbh on May 14, 2021, 07:01:38 PM
YHaving said that - and obviously I'll trust US intelligence - but I can believe these guys are just apolitical criminals.
The claim made was not they were an arm of GRU but that there was an understanding from the Russian authorities that they would be allowed to operate without harassment if they confined their activity to Western targets.
Quote from: The Brain on May 16, 2021, 10:29:39 AM
It's not a competition.
The 4 biggest, after The Brain?
Quote from: Jacob on May 16, 2021, 10:01:23 AM
Quote from: dane on May 16, 2021, 01:44:10 AM
I'm actually an American, but my name is Dane. :lol:
I've lurked here for a while but never really have anything to contribute. <_<
Twelve years, according to your profile info. But now's the time. Welcome aboard. What brought you out of your bubble? Who are the five biggest jerks on languish?
Mostly I wanted to hear more about how Oex thinks this is similar to the beginnings of feudalism. As for the biggest jerks, I think most people can get a little insensitive when they're arguing about something they really care about. So that means...everyone? :secret:
That's a nice and diplomatic but not very entertaining answer :hug:
So who are the top 5 people who argue most about things they care about?
Mommy loves you all equally. :hug:
Quote from: DGuller on May 17, 2021, 06:19:16 AM
So who are the top 5 people who argue most about things they care about?
We'll need to discuss the semantics of 'argue', 'things' and 'care' first.
Quote from: Maladict on May 17, 2021, 09:19:51 AM
Quote from: DGuller on May 17, 2021, 06:19:16 AM
So who are the top 5 people who argue most about things they care about?
We'll need to discuss the semantics of 'argue', 'things' and 'care' first.
What do you mean by "semantics?"
Quote from: dane on May 15, 2021, 11:39:15 PM
I'm not well versed on the beginnings of feudalism. Could you elaborate on that?
Disclaimer: I am going to paint with very broad strokes.
Aristocrats of the early Middle Ages established their rural supremacy on the control of resources - chiefly territory, weapons, and dependents. Theirs was a power that was continuously tested (and therefore ranked) in limited engagements, the main objective of which was to hold other powerful people (but not only them) as ransom. The relationship of protection / threat worked only insofar was it was codified in some ways, and that there was proof that it was at least somewhat reliable - either as threat, or protection. Otherwise, early vilains would have settled on someone else's lands, and arrangements between aristocrats wouldn't have been reliable. Obviously some oaths were broken, and some peasants got murdered... but that is the case in any normative regime. By the 11th century (chronology varies a lot depending on where you are in Europe), settlements were a lot more permanent, some aristocrats were becoming a lot more powerful, and the possibilities of change eventually narrowed.
Nowadays, the main analog we have is that of organized crime (or terrorist groups), and that's usually what we evoke when we wish to describe the situation. And it may indeed be more appropriate - these are groups that are often, in fact, intimately connected with existing organized groups. But I think reflecting on the early years of feudalism brings into the forefront 1) the past normalcy of ransom (which is no longer the main source of revenue of organized crime) and 2) that decentralized consolidation of power into all sorts of hands can be quite accomodating of law, norms, and can easily be entrenched so deeply as to become an incontrovertible feature of society.
I have been thinking a lot more about feudalism in the past few years.
Quote from: grumbler on May 17, 2021, 10:16:39 AM
Quote from: Maladict on May 17, 2021, 09:19:51 AM
Quote from: DGuller on May 17, 2021, 06:19:16 AM
So who are the top 5 people who argue most about things they care about?
We'll need to discuss the semantics of 'argue', 'things' and 'care' first.
What do you mean by "semantics?"
Yes, that will do as well.
Anti-semants. <_<
Interesting parallels, thanks!
On neo-feudal society - I thought this (long) piece on the Brazilianisation of the world is really interesting:
https://americanaffairsjournal.org/2021/05/the-brazilianization-of-the-world/
The latest in neo-feudalism - just read about the COO of a European cybersecurity firm describe companies in their sector as the "new condottieri" and I think there's something to it :hmm:
Quote from: Oexmelin on May 17, 2021, 10:45:26 AM
Quote from: dane on May 15, 2021, 11:39:15 PM
I'm not well versed on the beginnings of feudalism. Could you elaborate on that?
Disclaimer: I am going to paint with very broad strokes.
Aristocrats of the early Middle Ages established their rural supremacy on the control of resources - chiefly territory, weapons, and dependents. Theirs was a power that was continuously tested (and therefore ranked) in limited engagements, the main objective of which was to hold other powerful people (but not only them) as ransom. The relationship of protection / threat worked only insofar was it was codified in some ways, and that there was proof that it was at least somewhat reliable - either as threat, or protection. Otherwise, early vilains would have settled on someone else's lands, and arrangements between aristocrats wouldn't have been reliable. Obviously some oaths were broken, and some peasants got murdered... but that is the case in any normative regime. By the 11th century (chronology varies a lot depending on where you are in Europe), settlements were a lot more permanent, some aristocrats were becoming a lot more powerful, and the possibilities of change eventually narrowed.
Nowadays, the main analog we have is that of organized crime (or terrorist groups), and that's usually what we evoke when we wish to describe the situation. And it may indeed be more appropriate - these are groups that are often, in fact, intimately connected with existing organized groups. But I think reflecting on the early years of feudalism brings into the forefront 1) the past normalcy of ransom (which is no longer the main source of revenue of organized crime) and 2) that decentralized consolidation of power into all sorts of hands can be quite accomodating of law, norms, and can easily be entrenched so deeply as to become an incontrovertible feature of society.
I have been thinking a lot more about feudalism in the past few years.
I want to live in a new corporate feudal society, but I'm scared I'm too old to live to see it. :(
Imagine corporations establish monopolies in their respective fields, and raise additional funds by launching ransomware attacks on each other's IT systems. It will be highly entertaining until people starve after the attack on McDonalds (in the future will have the monopoly on our food supply).
Any student of the archives knows Taco Bell wins the fast food wars.
Quote from: Admiral Yi on June 02, 2021, 04:51:53 PM
Any student of the archives knows Taco Bell wins the fast food wars.
Fun fact: the archives outside the US say it was Pizza Hut. :P
Quote from: Tonitrus on June 02, 2021, 05:08:47 PM
Fun fact: the archives outside the US say it was Pizza Hut. :P
Funky.
We're talking about the same thing, jah? Demolition Man?
https://www.youtube.com/watch?v=b8Zm4r4bT_g
FBI recovers 69 of 75 bitcoin paid in ransom, won't tell how they did it.
Whatever it was, I hope it was painful.