The deeper story behind CIA's attempt to 'impersonate' Russian cybersecurity company using hacking tool Hive

In 9 November 2017, WikiLeaks published the source code and development logs to Hive, a major component of the CIA infrastructure to control its malware.

According to WikiLeaks, Hive uses the uncommon Optional Client Authentication so that the user browsing the website is not required to authenticate - it is optional. But implants talking to Hive do authenticate themselves and can therefore be detected by the Blot server. Traffic from implants is sent to an implant operator management gateway called Honeycomb (see graphic above) while all other traffic go to a cover server that delivers the insuspicious content for all other users.

Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated.

This CIA cybertool could be proven very useful for accusing foreign agencies and organizations for hacking US facilities and processes, but beyond that, there is a deeper reason for which CIA has targeted the specific Russian company and it is related to the first discovered malware that spies on and subverts industrial systems.

Former British intelligence officer and Whistleblower, Annie Machon, reveals why CIA has targeted Kaspersky Lab:

Obviously, the CIA will be interested in a very successful Russian-based company that offers protection on the Internet. But it goes back a bit further because, it was 2010 the very first proven cyberwarfare weapon was deployed. And this was against the Iranian domestic civilian nuclear development capability. And this was at the time when the Americans were drumming up the war against Iran.

There was an attack made against their civilian nuclear capability, and in this case, this virus, which was called Stuxnet, was deployed against the centrifuges that enriched the Uranium. Nobody knew where it came from. It seemed to be very weaponized, a state level. And it was actually Kaspersky that unveiled who had developed it. It was the Americans and the Israeli intelligence agencies. So, Kaspersky has been very much in the cross-chairs of both the American and the Israeli intelligence agencies.

From Wikipedia, Stuxnet is a malicious computer worm, first uncovered in 2010 by Kaspersky Labs, the antivirus company. Thought to have been in development since at least 2005, stuxnet targets SCADA systems and was responsible for causing substantial damage to Iran's nuclear program. Although neither country has admitted responsibility, since 2012 the worm is frequently described as a jointly built American/Israeli cyberweapon.

Stuxnet, discovered by Sergey Ulasen, initially spread via Microsoft Windows, and targeted Siemens industrial control systems. While it is not the first time that hackers have targeted industrial systems, nor the first publicly known intentional act of cyberwarfare to be implemented, it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit.

Comments

GAME OVER, Trump: Putin, China & BRICS Just CRUSHED US Dollar

Danny Haiphong Donald Trump's war on BRICS is backfiring as the Russia & China-led Global South moves to dump the US dollar and build a new order independent of its dictates. Journalist and geopolitical analyst Ben Norton breaks it all down. Related: Trump's tariffs: A unique opportunity for BRICS and the Global South to fully escape from dollar tyranny

WikiLeaks reveals that literally every router in America has been compromised

The latest Wikileaks Vault7 release reveals details of the CIA’s alleged Cherry Blossom project, a scheme that uses wireless devices to access users’ internet activity. globinfo freexchange As cyber security expert John McAfee told to RT and Natasha Sweatte: Virtually, every router that's in use in the American home are accessible to hackers, to the CIA, that they can take over the control of the router, they can monitor all of the traffic, and worse, they can download malware into any device that is connected to that router. I personally, never connect to any Wi-Fi system, I use the LTE on my phone. That's the only way that I can be secure because every router in America has been compromised. We've been warning about it for years, nobody pays attention until something like WikiLeaks comes up and says 'look, this is what's happening'. And it is devastating in terms of the impact on American privacy because once the router...

Confirmed: Alex Jones' popularity rises after Infowars banning from social media

globinfo freexchange We wouldn't expect to be confirmed so fast on this. A few days ago in the article IT and social media supergiants have just made Alex Jones a hero in the eyes of the ultra-conservative audience , we wrote that Alex Jones' wet dream has just become reality thanks to the combined move by Facebook, Apple, YouTube and Spotify to ban Infowars. These private IT and social media companies couldn't give a better gift to him right now. At a time where Infowars was going through a saturated period according to the best scenario, the corporate giants actually saved it with that stupid(?) strategy. Suddenly, a corporate branch of the liberal establishment gave real value to Alex Jones' awful performance, pretending to be the 'anti-establishment' hero - just like Donald Trump - and made him a real hero in the eyes of the ultra-conservative audience that has been brainwashed by his absurd conspiracy theories. Only a couple of days later...

Stephen Hawking confirms: The problem is Capitalism, not robots!

globinfo freexchange According to world famous physicist Stephen Hawking, the rising use of automated machines may mean the end of human rights – not just jobs. But he’s not talking about robots with artificial intelligence taking over the world, he’s talking about the current capitalist political system and its major players. On Reddit, Hawking said that the economic gap between the rich and the poor will continue to grow as more jobs are automated by machines, and the owners of said machines hoard them to create more wealth for themselves. The insatiable thirst for capitalist accumulation bestowed upon humans by years of lies and terrible economic policy has affected technology in such a way that one of its major goals has become to replace human jobs. If we do not take this warning seriously, we may face unfathomable corporate domination. If we let the same people who buy and sell our political system and resources maintain control of automated technology, the...

CIA had an agent at a newspaper in every world capital at least since 1977

Joel Whitney is a co-founder of the magazine Guernica, a magazine of global arts and politics, and has written for many publications, including the New York Times and Wall Street Journal. His book Finks: How the C.I.A. Tricked the World's Best Writers describes how the CIA contributed funds to numerous respected magazines during the Cold War, including the Paris Review, to subtly promote anti-communist views. In their conversation, Whitney tells Robert Scheer about the ties the CIA’s Congress for Cultural Freedom had with literary magazines. He talks about the CIA's attempt during the Cold War to have at least one agent in every major news organization in order to get stories killed if they were too critical or get them to run if they were favorable to the agency. And they discuss the overstatement of the immediate risks and dangers of communist regimes during the Cold War, which, initially, led many people to support the Vietnam War. globinfo freexchange...

How normal human behavior became a false mental disorder epidemic

globinfo freexchange In the early nineties, an epidemic of mental disorder was sweeping America and Britain. It had been uncovered by a new system for identifying disorders. Psychiatry had been attacked for relying on the personal and fallible judgement of psychiatrists. But instead, a new objective method based on checklists had been invented. These listed only the objective symptoms, and deliberately did not enquire into why the individuals felt an anxiety. In the late 80s, nationwide surveys had revealed an incredible picture: more than 50% of Americans suffered from mental disorders. But at the very same, the drug companies had announced that they had created a new type of drug, called an SSRI, which they claimed, targeted the circuits inside the brain that were causing these malfunctions. The SSRIs were marketed under names like "Prozac". What they did was alter the amounts of serotonin that flowed across the circuit connections within the brain, and they...

Confirmed: US imperialists wanted to drag Russia into a war with Ukraine since at least 2019

globinfo freexchange As we wrote in our previous article, after almost eight years, the US imperialists and the NATO criminals got what they wanted. They finally managed to drag Russia into a war with Ukraine. We now have indisputable evidence for that, through a document by the top US think tank, RAND Corporation. In the preface of a 2019 report under the title Extending Russia, Competing from Advantageous Ground we read: [emphasis added] The purpose of the project was to examine a range of possible means to extend Russia. By this, we mean nonviolent measures that could stress Russia’s military or economy or the regime’s political standing at home and abroad. The steps we posit would not have either defense or deterrence as their prime purpose, although they might contribute to both. Rather, these steps ar...

the unbalanced evolution of homo sapiens

Search This Blog