[HOME] [DOWNLOAD] [DOCS] [BLOG] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

WannaCry's story


#1

WannaCry started its short and brilliant life as an 0day in Fort Meade, then was leaked by Ivan only to be picked up by the democratic paradise of North Korea to stage in their international mandatory donation campaign.

https://www.schneier.com/blog/archives/2017/05/did_north_korea_1.html

Many organizations have bawled their eyes out over their records being encrypted thanks to being stuck in ancient proprietary ecosystems. So the victims either pay MS with their new-born to support XP or opt to pay the cheaper ransom. So much for the intrusion detection systems on steroids hooked up to the internet’s backbone to protect vital infrastructure, we’ve been hearing about…


#2

Agree with all this, except Schneier’s claim “it’s the North Koreans”. Even his readers regularly cast doubt on his claims around Russians etc. Yes, he’s an expert cryptographer, but he’s politically naive.

Since Wikileaks docs prove the agencies routinely fake signatures of hacks to look like it comes from Russian, Chinese and other sources, the fact is no one will ever know where it originated, even though the source software is no doubt made in the USA.

The whole “the Russians did it”, “Russians hacked the elections”, the “starving North Koreans with their whole several thousand computers did it” is just new-age McCarthyism to distract from the biggest hackers in the room and their illegal methods, global surveillance and so on.


#3

Actually its not him that makes the claim but the NYTimes and they are pretty close with “anonymous” leaks within the IC. Everytime the NSA wants to make public an attribution claim they use them.

So what if they did? Is there anything surprising about any of it? All sigint organizations use the same methods globally. The media’s moralizing to stir up normies is pretty silly by now.


#4

Pure propaganda examples from Schneier:

https://www.schneier.com/blog/archives/2017/03/defense_against.html

The other way hackers can get at your personal stuff is by breaking in to the computers the information is stored on. This is how the Russians got into the Democratic National Committee’s network and how a lone hacker got into the Panamanian law firm Mossack Fonseca.

Wrong Bruce, zero evidence this actually was the Russians (unless we call this “evidence”: http://constitution.com/wikileaks-cia-can-make-cyberattacks-look-like-theyre-coming-russia-china/)

Sometimes the whole network is the target, and individuals are inadvertent victims, as when thousands of Sony employees had their e-mails published by North Korea in 2014.

Wrong Bruce, zero evidence this was the North Koreans (see original Wikileaks info re: faking signatures again).

More pure propaganda around Russians hacking the elections, with Schneier listed as the co-author on the paper:

https://www.schneier.com/blog/archives/2017/01/should_election.html

Abstract: With the Russian government hack of the Democratic National Convention email servers, and further leaks expected over the coming months that could influence an election, the drama of the 2016 U.S. presidential race highlights an important point: Nefarious hackers do not just pose a risk to vulnerable companies, cyber attacks can potentially impact the trajectory of democracies.

Wrong Bruce, zero evidence the Russians hacked the elections.

So, the reason Schneier is getting published in the New York Times propaganda mill is because he playing the role of a useful idiot concerning his political views, and helps to whip up “reds under the beds” hysteria that is gripping the Paranoid States of America.

Schneier should know better and actually be stating that all the news coming out of these organisations is BS, because they toe the government line, which is fed by the intelligence actors because it suits their agenda re: funding and control of the masses.


#5

You can think what you want about Schneier but for the record he was skeptical about the North Korea Sony hack:

https://www.schneier.com/essays/archives/2014/12/did_north_korea_real.html

until this series of articles came out:

https://www.schneier.com/blog/archives/2015/09/good_article_on.html

Apparently Sony’s movie about Kim Jong-un started this.

The NSA was actually on NK’s hacker networks when it happened:

It’s anybody’s guess how this happened on their watch. Maybe the knowledge hat the NSA had penetrated NK was more valuable than stopping Sony getting railed.

As for the DNC hack here is the official report by a private infosec company staffed and founded by ex-NSA employees who were hired to investigate the breaches:

There was a bunch of other nation-states on the DNC networks because they are apparently made from swiss cheese.


While I agree that the USG propaganda has caused trust in what they say to be non-existent, I think its naive to think that there are no other capable adversaries who go up against them. The MSS and GRU are not paid to jerk off in front of their computers.

Does this justify fucking everybody’s privacy just so the NSA can get at them? Of course not.


#6

Interesting.

On that we can agree. :wink:


#7

I think Bruce needs us to read between the lines sometimes because he writes on such hot topics. So when he writes something about who is publishing NSA secrets, he’ll give you the info you need, but won’t spell it out for you.