Page 1 of 1

U.S. cyberattacker goes omitted because???

Posted: Sat May 08, 2021 11:37 pm
by JASpup

They don't know?
The truth raises threats?

In a statement late Friday, Colonial Pipeline said it was "the victim of a cybersecurity attack" though the company didn't say who launched the attack or what the motives were.

https://text.npr.org/995040240


Re: U.S. cyberattacker goes omitted because???

Posted: Sun May 09, 2021 2:36 am
by 8Geee

Very concerning. I heard this tonite while U/L of AtomicPup Family. Prices WILL go up in these parts (New England, NY, NJ, DE DC etc). Already warned friends and neighbors to top off/fill up early this week. Evidently reopen is unknown.

8Geee


Re: U.S. cyberattacker goes omitted because???

Posted: Sun May 09, 2021 3:04 am
by Flash

JASpup, the title of your post does not seem to match the contents of the post at all. It makes no sense to me. :?


Re: U.S. cyberattacker goes omitted because???

Posted: Sun May 09, 2021 4:34 pm
by 8Geee

Flash:
Its whats MISSING from the article. Evidently, no one knows the ransomware author(s).

8Geee


Re: U.S. cyberattacker goes omitted because???

Posted: Sun May 09, 2021 4:45 pm
by Jafadmin

It is believed, "that the attack was carried out by a ransomware criminal enterprise called Darkside, not a nation-state."

This is what happens when MBA CFO's make the IT decisions. Slash labor costs in the IT group! :mrgreen:


Re: U.S. cyberattacker goes omitted because???

Posted: Mon May 10, 2021 3:12 am
by Grey
Jafadmin wrote: Sun May 09, 2021 4:45 pm

It is believed, "that the attack was carried out by a ransomware criminal enterprise called Darkside, not a nation-state."

Come on. Of course, Russia is to blame for everything :) CNN knows https://edition.cnn.com/2021/05/09/poli ... index.html
DarkSide typically targets non-Russian speaking countries, the source said.
VERY LOGICAL CONCLUSION. Maybe DarkSide simply cannot attack Russian-speaking countries, technically, due to a different control system. But CNN knows better.
Better to use ancient taps and valves rather than stuffing computers in every corner.

In America, it is necessary to somehow justify and explain the rise in fuel prices to the population. In Russia, everything is simpler - they just raised the prices and promised to "figure it out" :)


Re: U.S. cyberattacker goes omitted because???

Posted: Mon May 10, 2021 12:21 pm
by rockedge

@Grey

In America, it is necessary to somehow justify and explain the rise in fuel prices to the population

The corporations have it down.....blame the government, who blames....... #1 Democrats or Republicans, #2 the weather, #3 The Russians, #4 the Chinese, #5 the Germans, #6 the Japanese and the catchall "Terrorists". Then if those choices seem too insane just blame the "illegal immigrants" and the Democrats together and that nobody in America wants to work anymore.

Best one of all is the "it costs more to make Summer time gasoline"..... just love that one....really a utility tool excuse that just works....

For a minute they might try to blame Iran but how would that look if you don't include the Saudi's?


Re: U.S. cyberattacker goes omitted because???

Posted: Mon May 10, 2021 1:21 pm
by Jafadmin

Having been involved in the recovery and analysis of several ransomware "attacks", here are a couple of things to keep in mind:

Ransomware doesn't target specific companies. It targets idiots in general. The big payday is when an "idiot" who will click on anything happens to have elevated permissions across a poorly managed corporate network. This is usually a "charlie" level executive. They insist on having permissions to access everything, for "damn good reasons" :roll: .

That company's IT management SOP's made it low hanging fruit for a ransomware attack. You would be stunned how often this happens.

I will happily guarantee that this company has a longstanding policy of "not wasting money" on IT.

Competent IT professionals have known how to protect against ransomware infestations for at least a decade.


Re: U.S. cyberattacker goes omitted because???

Posted: Mon May 10, 2021 4:24 pm
by Grey
rockedge wrote:

AKADO - DARKSIDE
The corporations have it down.....blame the government, who blames....... #1 Democrats or Republicans, #2 the weather, #3 The Russians, #4 the Chinese, #5 the Germans, #6 the Japanese and the catchall "Terrorists".

Good. Marches from the old game Command & Conquer: Red Alert 2 are also good. Westwood Studios did their best.
There is also North Korea. But it is more difficult for them to disguise themselves.

Jafadmin wrote:

I will happily guarantee that this company has a longstanding policy of "not wasting money" on IT.

I totally agree. With a slight amendment. "The crime has no nationality." But it is much cheaper to blame everything on the good old "enemy" than to invest in development.

Proverbs and sayings even appeared in Russia. For example. Why is the entrance of the house dirty? Obama has done it. Or another one. Why hasn't the fence been painted yet? Because the sneaky Trump didn't come and did it.


New "adventures" of "Russian" hackers

Posted: Wed Jun 02, 2021 10:03 am
by Grey

Another "adventures" of "Russian" hackers.
https://www.reuters.com/world/us/some-u ... 021-06-01/
The fuel was not enough for them, now they are encroaching on something sacred - meatImage Nobody gathered proofs, there was no investigation yet, but why they are needed :)
The article forgot to mention how many russian-speaking employees work at Microsoft. That's where the real gang is :)


Re: U.S. cyberattacker goes omitted because???

Posted: Wed Jun 02, 2021 1:19 pm
by rockedge

@Grey not going into any details but once I helped a guy with some paper work in English and German. Did the guy a solid, next week I received substantial compensation out of the blue. Turns out the guy was a big shot in the Russian underworld. And I just thought it was an older Russian gentleman who needed some help with paperwork in languages he was not familiar with. Good "friend" to have later down the road it turned out. Judging by the paperwork and who that paperwork came from kind of tipped off some things.

Nobody gathered proofs, there was no investigation yet, but why they are needed

The point is I don't need an investigation. I already am fully aware of what some of these groups are capable of and the mind sets behind it.

I could always tell something was up when my friend Alexei would say my name all drawn out like a drawl.....like "ahhhh EEEEEriiiiiiiiiikkkkkkkk"....... which reminded me that quote above sounds just like that.


Re: New "adventures" of "Russian" hackers

Posted: Wed Jun 02, 2021 1:30 pm
by puppy_apprentice
Grey wrote: Wed Jun 02, 2021 10:03 am

Nobody gathered proofs, there was no investigation yet, but why they are needed :)

The NSA boys could thing that: we have knowledge how to do similar things to Russians and Chinese, so Russians and Chinese aren't stupid and know how to do same things to us ;)


Re: U.S. cyberattacker goes omitted because???

Posted: Wed Jun 02, 2021 1:59 pm
by Grey
rockedge wrote: Wed Jun 02, 2021 1:19 pm

Turns out the guy was a big shot in the Russian underworld. And I just thought it was an older Russian gentleman who needed some help with paperwork in languages he was not familiar with.

He simply had to look inconspicuous so as not to stand out.
I remembered an old anecdote :)
"Tell me, your dog looks friendly. Will she let me in?"Image
"Of course. Otherwise how can she bite you."


Instructive(or cautionary) tale

Posted: Wed Jun 02, 2021 2:39 pm
by Grey

Oh, since we're talking about hackers and deceiving looks.
Xatab died on March 6, 2021. He was known in Russian-speaking countries for making repacks of games, which included all the add-ons, a convenient installer, and cut out all unnecessary parts for the game. Hacked versions with 'crack', of course.
So, most of the people thought that this was a young man, well, 30 years maximum.
But after his death, it turned out that the legendary hero and idol of the youth is a noble pensioner. Yes. Appearances can be deceiving - as well as public expectations:

xatab.jpg
xatab.jpg (167.11 KiB) Viewed 648 times

Re: U.S. cyberattacker goes omitted because???

Posted: Wed Jun 02, 2021 3:39 pm
by rockedge

The NSA boys could thing that: we have knowledge how to do similar things to Russians and Chinese, so Russians and Chinese aren't stupid and know how to do same things to us

I know 12 year olds who could code ransomware. I guess the social engineering aspect of getting someone to click something that triggers that code is the trick. Because the code itself and the methods of infiltration is usually like throwing boiling spaghetti noodles against the wall.....some will stick and some will fall. Knowing which noddle does what, is the difficult part

It feels like a good backup and decent network isolation configuration beats this ransomware move.


Re: U.S. cyberattacker goes omitted because???

Posted: Wed Jun 02, 2021 6:05 pm
by Jafadmin
rockedge wrote: Wed Jun 02, 2021 3:39 pm

The NSA boys could thing that: we have knowledge how to do similar things to Russians and Chinese, so Russians and Chinese aren't stupid and know how to do same things to us

I know 12 year olds who could code ransomware. I guess the social engineering aspect of getting someone to click something that triggers that code is the trick. Because the code itself and the methods of infiltration is usually like throwing boiling spaghetti noodles against the wall.....some will stick and some will fall. Knowing which noddle does what, is the difficult part

It feels like a good backup and decent network isolation configuration beats this ransomware move.

On a corporate level the servers don't run on metal. They are VM's running on big iron. The VM's block changes are updated to a SAN every 15 minutes or so using tech like ShadowProtect, AppAssure, etc .. Restoring the VM back to a point before the infestation, is relatively simple.

Obviously, there are corps out there that steadfastly refuse to use best practices.


Re: U.S. cyberattacker goes omitted because???

Posted: Wed Jun 02, 2021 6:29 pm
by rockedge

exactly. I just blew up a Puppy Linux trying out some stuff and I had it back in about 3 minutes fully restored. Virtual machines run for this very reason.

Wonder sometimes if some of these corporations are really so inept or so frugal in their IT departments. Or is it something else and exaggerating the damage?

Me personally, would be horrified and embarrassed if I had to announce to the world I suffered a successful ransomware attack.


Re: U.S. cyberattacker goes omitted because???

Posted: Wed Jun 02, 2021 7:41 pm
by puppy_apprentice
rockedge wrote: Wed Jun 02, 2021 3:39 pm

I know 12 year olds who could code ransomware. I guess the social engineering aspect of getting someone to click something that triggers that code is the trick. Because the code itself and the methods of infiltration is usually like throwing boiling spaghetti noodles against the wall.....some will stick and some will fall. Knowing which noddle does what, is the difficult part

It feels like a good backup and decent network isolation configuration beats this ransomware move.

I didn't wanna say that Russians or Chinese are responsible for that mess (I'm not expert in this topic). I only wanted notice like spies and 3-letter agencies think and they let go of newspaper leaks.


Re: Instructive(or cautionary) tale

Posted: Thu Jun 03, 2021 7:33 am
by greengeek
Grey wrote: Wed Jun 02, 2021 2:39 pm

Oh, since we're talking about hackers and deceiving looks.
Xatab died on March 6, 2021. He was known in Russian-speaking countries for making repacks of games....

Not only a great coder - but by the looks of it also invented a new kind of Foosball

xatab.jpg
xatab.jpg (44.07 KiB) Viewed 589 times

Re: Instructive(or cautionary) tale

Posted: Thu Jun 03, 2021 10:42 am
by Grey
greengeek wrote: Thu Jun 03, 2021 7:33 am

a new kind of Foosball

Yes, from a distance it looks like foosball. This kind of "meat foosball" can be seen in the courtyards every year on May 1 and 9, because these are holidays.


Re: U.S. cyberattacker goes omitted because???

Posted: Thu Jun 03, 2021 12:44 pm
by Grey

@puppy_apprentice In the 1980s, cassettes with games for ZX Spectrum were smuggled from Poland to USSR. Smuggling flourished :) First, cassettes were transported across the border, and then train conductors delivered cassettes throughout the country, and in the cities they were met by people who told them the password. These were adventures, not like on the Internet :)

I still have cassettes with games that were hacked by Bill Gilbert, the legendary hacker and programmer who has been cracking the protection of branded versions of games since the mid-1980s. If I am not mistaken, he lived in Warsaw on Filtrowa Street and sometimes appeared at the market on Grzybowska Street.

Bill_Gilbert.png
Bill_Gilbert.png (1.76 KiB) Viewed 765 times

Also from Poland I remember Mat & Ziutek aka Maciej Wołoszyk and Andrzej Siuda. They were from the city of Torun. After hacking the games, they made their own Logo game and Lyra 2 demo. The authors did not like very much if this demo was called Lyra. Its name is The Lyra, and in Polish it is a slang name for Delirium Tremens :) During their work, the authors used a lot of alcohol and were even called Ethanol Soft. I still occasionally play Logo:

Logo_0.png
Logo_0.png (288.35 KiB) Viewed 765 times

Re: U.S. cyberattacker goes omitted because???

Posted: Thu Jun 03, 2021 2:07 pm
by puppy_apprentice

My favorite Polish game from those times was Blockout and Street Rod

And i think that those men you mentioned were crackers (see software cracking) not hackers.

And Polish hackers are the best ;). At least at competitions ;)


Re: U.S. cyberattacker goes omitted because???

Posted: Thu Jun 03, 2021 4:12 pm
by Grey
puppy_apprentice wrote: Thu Jun 03, 2021 2:07 pm

(see software cracking)

Wikipedia itself does not really know. This page contains both terms :) :

One of the primary routes to hacking these early copy protections was to run a program that simulates the normal CPU operation. The CPU simulator provides a number of extra features to the hacker


Re: U.S. cyberattacker goes omitted because???

Posted: Thu Jun 03, 2021 4:19 pm
by puppy_apprentice

Yep the definition is fluid. But i remember from Amiga times that little demos loaded before games were called cracktros = cracked software + intros. And member of the group who took off security code from games was called cracker.


Re: U.S. cyberattacker goes omitted because???

Posted: Thu Jun 03, 2021 4:25 pm
by Grey
puppy_apprentice wrote: Thu Jun 03, 2021 4:19 pm

Yep the definition is fluid. But i remember from Amiga times that little demos loaded before games were called cracktros = cracked software + intros. And member of the group who took off security code from games was called cracker.

Hacker is a general broad term and cracker is highly specialized. Whoever I ask, everyone says a hacker sounds more solid :)


Re: U.S. cyberattacker goes omitted because???

Posted: Thu Jun 03, 2021 7:24 pm
by some1

Hacker or Cracker?

Posted: Sat Jun 05, 2021 3:13 pm
by Grey

hacker or cracker

I remembered an anecdote :)
Lesson at the School of Hackers:
"We take a sledgehammer and a laptop, go to the ATM(cash machine) and hit it with a sledgehammer with all our might..."
"Teacher, why do we need a laptop?"
"What kind of hacker are you without a laptop?!"


Re: U.S. cyberattacker goes omitted because???

Posted: Sat Jun 05, 2021 10:39 pm
by Clarity

Most Corporations are a part/division of a "Holding company".

In Business school ethics, years ago, some are asked in classroom debate: "As an owner, if you could benefit, financially, by orchestrating a disruption within your company, is it business appropriate?"

In today's world, are we seeing any of this?


Re: U.S. cyberattacker goes omitted because???

Posted: Sun Jun 06, 2021 2:42 pm
by user1111
Clarity wrote: Sat Jun 05, 2021 10:39 pm

Most Corporations are a part/division of a "Holding company".

In Business school ethics, years ago, some are asked in classroom debate: "As an owner, if you could benefit, financially, by orchestrating a disruption within your company, is it business appropriate?"

In today's world, are we seeing any of this?

Directors share options may conflict with shareholders best interests, maximise (or minimise) share price at certain dates/times over that of the better mid/longer term shareholders best interests.

More often large scale illegality is overlooked (bankers theft of billions from the taxpayers purse) whilst small scale crime especially financial based is more punitively punished than that of other social crimes. Ultimately its what one/few consider to be "inappropriate" or not.


Re: U.S. cyberattacker goes omitted because???

Posted: Mon Jun 07, 2021 2:57 am
by Clarity

Holding companies of corporations are either a family or an individual.

Suppose for a moment, that any Holding company could "secretly" orchestra a data heist or a data ransom on any of its corporations.

Is that free money? Think of the benefits of such actions when you look at the international currency of today.

We may be looking at power and greed, unchecked while supported. The enemy you are told may not be the enemy at all.