The deeper story behind CIA's attempt to 'impersonate' Russian cybersecurity company using hacking tool Hive

In 9 November 2017, WikiLeaks published the source code and development logs to Hive, a major component of the CIA infrastructure to control its malware.

According to WikiLeaks, Hive uses the uncommon Optional Client Authentication so that the user browsing the website is not required to authenticate - it is optional. But implants talking to Hive do authenticate themselves and can therefore be detected by the Blot server. Traffic from implants is sent to an implant operator management gateway called Honeycomb (see graphic above) while all other traffic go to a cover server that delivers the insuspicious content for all other users.

Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated.

This CIA cybertool could be proven very useful for accusing foreign agencies and organizations for hacking US facilities and processes, but beyond that, there is a deeper reason for which CIA has targeted the specific Russian company and it is related to the first discovered malware that spies on and subverts industrial systems.

Former British intelligence officer and Whistleblower, Annie Machon, reveals why CIA has targeted Kaspersky Lab:

Obviously, the CIA will be interested in a very successful Russian-based company that offers protection on the Internet. But it goes back a bit further because, it was 2010 the very first proven cyberwarfare weapon was deployed. And this was against the Iranian domestic civilian nuclear development capability. And this was at the time when the Americans were drumming up the war against Iran.

There was an attack made against their civilian nuclear capability, and in this case, this virus, which was called Stuxnet, was deployed against the centrifuges that enriched the Uranium. Nobody knew where it came from. It seemed to be very weaponized, a state level. And it was actually Kaspersky that unveiled who had developed it. It was the Americans and the Israeli intelligence agencies. So, Kaspersky has been very much in the cross-chairs of both the American and the Israeli intelligence agencies.

From Wikipedia, Stuxnet is a malicious computer worm, first uncovered in 2010 by Kaspersky Labs, the antivirus company. Thought to have been in development since at least 2005, stuxnet targets SCADA systems and was responsible for causing substantial damage to Iran's nuclear program. Although neither country has admitted responsibility, since 2012 the worm is frequently described as a jointly built American/Israeli cyberweapon.

Stuxnet, discovered by Sergey Ulasen, initially spread via Microsoft Windows, and targeted Siemens industrial control systems. While it is not the first time that hackers have targeted industrial systems, nor the first publicly known intentional act of cyberwarfare to be implemented, it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit.

Comments

The wounded US imperialist beast becomes more dangerous than ever as desperately seeks to start a WWIII

globinfo freexchange It seems that the declining Western superpower is losing ground and tries hardly to avoid the inevitable. The US imperialist beast, despite all the destruction that causes, is failing to fulfill its utter objectives. Which in short, are the dissolution of Russia and China, looting their vast resources, as well as the full expansion of the destructive neoliberal model throughout these areas and other countries allied with the Sino-Russian bloc. Most importantly, the wounded beast is loosing much of its strength due to the rapid de-dollarization that has started approximately ten years ago, as dollar had become the front line of the US imperialist sweeping force since the early 70s. As if nothing has changed, the beast insists on using the same tools to prevail in the global geopolitical field, ignoring the unprecedented changes and complexities under current circumstances. In a move (as it seems) of desperation, the United States House of Representative

Atlanta Police Violently Arrest Emory Students & Faculty to Clear Gaza Solidarity Encampment

Democracy Now! As a wave of student protests against Israel’s war on Gaza continues to spread from coast to coast, schools and law enforcement have responded with increasing brutality to campus encampments. One of the most violent police crackdowns took place at Emory University in Atlanta on Thursday, when local and state police swept onto the campus just hours after students had set up tents on the quad in protest against Israel’s war on Gaza as well as the planned police training center known as Cop City. Police used tear gas and stun guns to break up the encampment as they wrestled people to the ground, and are accused of using rubber bullets. Among those arrested were a few faculty members. Democracy Now! spoke with two of the arrested professors: Noëlle McAfee, chair of the philosophy department, and Emil’ Keme, professor of English and Indigenous studies. Also with Palestinian American organizer and medical student Umaymah Mohammad, who describes how Emory has repeat

Indiana University Brings In SNIPERS & Then LIES About It

Katie Halper Katie Halper talks to Aidan Khamis and Bryce Greene, who was arrested at Indiana University where snipers have been brought in. Bryce Greene is a student, writer, organizer and media critic based in Indianapolis. He is a contributor to Fairness and Accuracy In Reporting. He was arrested and banned from Indiana University's campus for participating in the Gaza solidarity encampment at Indiana University. Aidan Khamis is an organizer for Palestine Solidarity Committee IU and IU divestment coalition.

"Student Intifada": Stanford, University of Michigan, Indiana University, & more

The Real News Network Seven months into Israel’s genocidal war on Gaza, a student-led grassroots movement is spreading across the US and beyond, hearkening back to the student protests of the ‘60s that played a pivotal role in ending the US war in Vietnam. In what is being called the “student intifada,” with over 100 encampments going up at different college and university campuses, students, faculty, grad students, and other campus community members are exercising civil disobedience, occupying space on campuses, defying brutal repression from administrators and police, combatting skewed and wildly lopsided narratives in corporate media, and pressuring their universities to “disclose and divest” their investments in companies and financial institutions connected to Israel. TRNN speaks with encampment organizers/participants from the University of Michigan, the Indiana University, and Stanford University, and gets updates from encampments from New York to California.

Yanis Varoufakis Banned from Germany as Berlin Police Raid & Shut Down Palestinian Conference

Democracy Now! As Germany intensifies its crackdown on pro-Palestinian voices, Democracy Now! spoke with Greek economist and politician Yanis Varoufakis, one of the planned speakers at a conference in Berlin last weekend that was forcibly shut down by police. The Palestine Congress was scheduled to be held for three days, but police stormed the venue as the first panelist spoke. Germany's Interior Ministry had also banned some conference speakers from even entering the country, including Varoufakis, the Palestinian British surgeon Ghassan Abu-Sittah and the Palestinian researcher Salman Abu Sitta. " This is not about protecting Jewish lives and Jews from antisemitism. It's all about protecting the right of Israel to commit any war crime of its choice, " says Varoufakis. Varoufakis speaks also about freeing Julian Assange and his new book Technofeudalism . Related: Germany again on a dark path towards fascism

Pro-Palestinian Campus Encampments Spread Nationwide Amid Mass Arrests at Columbia, NYU & Yale

Democracy Now! Palestinian solidarity protests and encampments are appearing on college campuses from Massachusetts to California to protest Israel's attacks on Gaza and to call for divestment from Israeli apartheid. This week, police have raided encampments and arrested students at Yale and New York University. Palestinian American scholar and New York University professor Helga Tawil-Souri describes forming a faculty buffer to protect students, negotiating with police, and the ensuing crackdown that led to over 100 arrests Monday night. Uptown in New York City, the encampment at Columbia University is entering its seventh day despite mass arrests of protesters last week. "In my opinion, the NYPD were called in under false pretenses by the president of the university," says Joseph Slaughter, professor at Columbia University. "The university is being run as a sort of ad-hocracy at this point, the senior administration making up policies and procedures and pro

'Make no mistake, the full-scale assault on Rafah would be a human catastrophe': Guterres

Al Jazeera English United Nations Secretary-General Antonio Guterres has appealed for an end to the bloodshed in Gaza. He says the Middle East is at risk of explosion if the fighting continues. In his speech, Guterres urged Israel’s allies to press its leadership to stop the war on Gaza. “ I appeal to all those with influence over Israel to do everything in their power to help avert even more tragedy. The international community has a shared responsibility to promote a humanitarian ceasefire, the unconditional release of all hostages, and a massive surge in life-saving aid, ” he said. “ It is time for the parties to seize the opportunity and secure a deal for the sake of their own people. ”

Biden PANICS Over Israel's Genocide

Owen Jones Biden's latest move tells us one thing: they're panicking.

Day 1846: Julian Assange still in prison and under slow-motion execution by the Anglo-American imperialist criminals

failed evolution On 11 April 2019, the Ecuadorian government of traitor Lenin Moreno, invited the Metropolitan Police into the Ecuadorian embassy in London, and they arrested Julian Assange . Since then, Assange is kept in Belmarsh high security prison in London, without actual charges. The real reason world's number one political prisoner is still kept in this high security prison, is because he exposed horrendous war crimes carried out by the US imperialists and their allies. The ruthless Western imperialist regime wants to punish the No1 real journalist in the world and make him an example for any Whistleblower or real journalist who will attempt to expose its big crimes in the future. And the Anglo-American axis has now become officially a fascist coalition , framed by the rest of its Western pets. UK's Home Secretary Priti Patel, one of the most ruthless ever, decided to extradite Julian Assange to US. No surprise of course. The only question we had in mind is

the unbalanced evolution of homo sapiens

Search This Blog