Monday, August 11, 2014

China is striking again, this time using a new phone they developed

Xiaomi Phones Secretly Sending Users' Sensitive Data to Chinese Servers

Chinese Espionage is virtually everywhere these days.  My first real data came from a joint FBI DOD case where Cisco routers are being both cloned and altered to provide China's spy hackers back doors into sensitive actually very classified systems.  The Air Force was one of the first to notice the problem.

Not all the case has ever hit the papers, but enough that it can be talked about.  As I understand it two brothers both holding some version of Chinese and US dual citizenship set up separate firms on both coasts of the US.  It was developed to get around some DOD procurement policies.  One brother would bid on a DOD contract for IT equipment, they would buy US, IE from the bother on the other coast, and they sell to the DOD.  Depending on the version of the story you hear ,the brothers would buy valid Cisco equipment and make changes to it, or as another story goes would just use Chinese provided equipment.  In either case now the equipment would end up in DOD and other US Government systems.  There are at least two power points provided by the FBI on this case, one, for Sensitive release and another for Classified release. Most IT security types have seen one or the other.

Now for the bad news, we the public never have been protected from this, in other words we are still buying altered routers and other IT equipment.   One expert says it is so prevalent that it would be next to impossible to catch it all, and if they tried it would drive IT prices over the moon.  Another recounts a story of an IT chip level expert, analysed three chips and picked the altered one as the good valid chip.

Now add to this the IP v4 vs IP v6 transition.  The easy version is that so many IP addresses are in use now,that we have run out of numbers to assign of the IP v4 addresses anymore.  To solve the problem the IT powers that be developed IP v6 addressing model.  To make it work the IP v6 equipment had to understand the old IP v4 and translate it to the new IP v6.  In fact if you look at your computer right now it will show two IP Addresses, on is a v4 the other is a v6.

China, came to the IT game late, and the majority of the IP v4 addresses had been assigned, and the US had well over half of them, so China jumped on the IP v6 model faster than the rest of the world, in fact 60% of the IP v6 addresses assigned at this point are held by China.  It is said that every square foot of the planet could have it's own IP address under the IP v6 model and we would have some left over.  The US over 10 years ago developed a mandate to move the US Government to IP v6, and it should have happen by now.  It has not, some say it is because of the China spying problem.

The part of a router, or virtually every piece of equipment that may use an IP address, needs to stay relevant when the transition happens, or even during the transition.   Which we are fully in at the moment.  Since China is the leader in IP v6 they developed the most used translation IP v4 to IP v6 chips, which are in just about everything.  So as a story I covered a while ago the American Chamber of Commerce was hacked by China and a very respectable IT Security firm, I am told assisted by the FBI teams worked for a month of so to clean the Chamber's system.   A few months after this cleaning took place, the Chamber was found to be hacked again.  The teams took a wider view of the problem, and found on smart thermostat and one HP printer had chips in them that allowed for the system to be hacked again.

So lets think for a minutes, and figure out what we are using that has an IP address.  We already know of the printers, the smart thermostat, the routers, what else.  The Black Hat conference is just winding down, but has put some new hacks out there.   Smart Home and Business Alarm systems have been found almost universally vulnerable, as are IP addressable video cameras, water heaters, light controllers, cars, airplanes, access control systems, baby monitors, the list goes on an one, and grows day by day.

So are we vulnerable, yes, can we stop it, probably not, but that is a qualified not.  If we are aware of the problem(s) we can do checks on the systems at times.  We can make sure the CCTV cameras at our homes never show private areas.  We can keep reading articles like this to keep us up on some of the new stuff.

Let's go to the CCTV first as a espionage agent would look at it.  First they could just monitor the outside that the camera sees to understand your movements, so they can enter the house when you are not around.  Two they could see if you bought any Pan Tilt and Zoom cameras, so they can move the camera around to spy on areas you did not want seen.  Three they can sell the data from the cameras to folks that may find a use for it.

Now the alarm system in your home, first now they will know when you are home or not by monitoring the alarm system.  Two there are a lot of options you could buy for your alarm system, that you may not be using, but are still there.  One of the biggest is the ability to monitor the audio in your home, it is sold as a way for them to understand the problem as they send police.  IE, you are being beaten up or forced to do something, or they can hear the burglar going through the empty house.  All valid reasons to allow for this type of monitoring, but in any case in most systems the ability is there it is just not turned on by your reputable alarm company.  This is not true of the bad guys, they will turn these on almost at once.

Now this is not to say it is happening at your home or business now, but could be.  Now you  say what would China want with my conversations in my home.  I would answer that China want anything they can get, but you maybe right, the vulnerability is there, but not being exploited by them.  The bad news in that many others know of these vulnerabilities, and can develop or buy ways to exploit them.  For instance Hackers now days often do not have to know much about computers, they can buy on line everything they need.

The FBI did a presentation a week or so ago that showed how some exploits are now free on line, you just down load them and then use them on unsuspecting friends, or enemies at will.  They downloaded, installed and then sent an email to a computer they had me sit at, I opened it, and they had everything I was doing, as well as everything that was on the computer, turned on the camera and microphone, and then just to cap it off sent from the computer I was on emails to people on my contact list (theirs actually) I read the whole email header, it came from the computer I was using,  They then had me send an IM to another computer, during the IM they changed what I wrote, and wrote their own, yet I never saw the changes.

This was all at no cost, just using available free hack software.  So the hack to turn on your alarm system, or monitor your CCTV system are out there, you may have to pay for them, but they are passed around so much probably not for long.

So you all be careful out there, but I will have to read this on someone else's computer to make sure it has not been hacked as I wrote it.

Sunday, August 3, 2014

'Hungary’s Prime Minister, Pushing a new Political system Putinism

'Hungary’s Mussolini' Vows to Make the EU Member an 'Illiberal State'

In what should be one of the more disturbing moves in the last year, Hungary's Prime Minister Victor Orban has declared that traditional capitalism has failed.  That the democracy of US, England, and in fact the EU at large has proven to be a failed system based on the Economic problems of the last few years.  He points to Putin as the new leadership model going forward.  He also gives a nod to China, and has taken a far stricter control of the Press, and of any outside funds being spent in Hungary.  A lot of EU aid funds are drying up over the fact that Orban has taken funds supplied by the EU as aid, and has redistributed it to Government Projects he approves of.

Pointing to the USA in his speech he shows what he believes to be the perceived  weakness of our political system next to what Putin has accomplished in Russia.

There are a lot of inconsistencies in his speech, and really for this "illiberal state",  pointing to liberalism as a proven to be a failed system, that the Russia and China Governments have gotten it right. He brings none of the negatives of Russia or China into the mix, just the points those areas he says has failed in the USA system.

If some form of this new political systems gains hold, and it is almost sure to gain the approval of Russia, since it holds Putin up as the world as the new strong leader, it would point to Communism's resurgence in the world.  The EU has decided not to even talk about this speech, trying to make it go away.  The bad news is this is the second term for Orban, and he is rapidly taking control of the countries different areas of Government to insure his power and policies will be hard to turn back.

Prime Minister Orban's background and formal schooling was in communism, and this new political model looks more like an altered communism approach vs a democracy.   We and our Government leaders really need to pay attention here.  It has been said that the only way the USA can be brought down is from within, and this certainly would be a model that attempts to do that.

Now here is a real threat to the Security of the Free World that we all need to understand, and deal with.

Friday, August 1, 2014

Ebola Outbreak, Security Implications of Victims Here in the USA

Ebola Outbreak “Worsening” in West Africa - Scientific American

We are all reading about the tragedy of the Americans that have comedown with the dreaded Ebola Virus.  Now some are coming to the US for both treatment and in one case burial. Both come with some very important security implications to all of us in the US.

I think the living patients are going to be well treated and secured, the question always becomes what happens to items and or bodies of patients with Ebola.  One family want's the body sent home, and is quoting religions grounds.  This can be a problem, the body will have the virus still associated with it and researchers are still not certain of the life of the virus in a body.  The family waiting for it's body will or has gotten the news that the body was cremated last Sunday.

The reasons for all this is a security issue we have dealt with before.  The only Anthrax terrorist attempt in the US that did not use weaponized Anthrax spoors developed in a lab, was by two disgruntled American's that wanted to bring down our Government.  They had researched and found where a number of animals had been buried that had died of anthrax and had dug them up and used the spoors they found to concoct their weapon.

Now Anthrax has an almost unlimited shelf life, and often needs only the moisture from you body to bring it into an active state. In this case the men, mixed it with a hand cream so it would penetrate the hands of people touching it.  The plan was to smear the concoction on the hand rails of a transportation hub, and as people grabbed the rails the anthrax would enter the body.  From what we know it quite possible that it would have worked.  Unfortunately for the two, a girlfriend got wind of the plan, and used it to get back at her boyfriend for some indiscretion.  She went to the police, who did find the mixture and it was disposed of.

So back to Ebola, in Africa they are trying to meet the religious and community needs, and are trying to disinfect the bodies for burial, there is no understanding if this will eliminate the problem, so they are also trying to find a separate burial site for the bodies.   This brings into the situation an issue with the security of the burial site.

Now bring the same situation to the US, the CDC and our Government is I think well versed in disposing of contaminated medical supplies, the issue will be the bodies.  If they are allowed to be buried they bring a risk of someone recovering the body or even a part of, our even fluids from it.  All could well be deadly in the wrong hands, actually any hands, but we are more worried about terrorist events.

This has been a threat vector the US has been worried about for years, almost any deadly biological incident that has happen in our past is a possible danger to our futures.  One worry has been that families do not want to disclose the sickness and death of a loved one due to a possible biological incident, due to religious or even civil liability grounds.

Our planning for this has always been from the health side, and is reactive to known events, with the enhanced turmoil in the world and the advent of the suicide bomber, the  suicide carrier of an infectious biological has to be part of our game plan.

So as you are dusting off those pandemic event plans, please add this to your planning.