Cyber Espionage: A Buzzword-Term Often Overused

Monday, January 23, 2012

Infosec Island Admin

7fef78c47060974e0b8392e305f0daf0

Cyber Espionage: A Buzzword Of’t Overused and Now Reinvented by Certain Players

Ok, so recently I have had this story from Infosec Island sticking in my craw. I went to the source and told him he was misinformed and made a statement that was wrong.

His prevarications after my statement SHOULD have told me that he had no intention of even entertaining the idea that he was wrong, so, here I sit this morning post seeing a re-tweet of his slipshod reporting, writing this polemic.

Alright, first off, the use of the word CYBER in front of everything now-a-days has me nearly cataleptic with CYBER tourettes! This is all out of hand and it has to stop. Especially from the “INFOSEC COMMUNITY”.

I know there are many players within that category of people but sweet jeebus, we have to cull the herd a bit! There must be a CYBER culling…

So, at the heart of my current aneurysm-causing piece of media is a story claiming that the YamaTough hack (alleged) on systems that produced (alleged) documents that showed companies were allowing back doors into their software/hardware (i.e. apple and other companies) for countries like India.

Now first off, this is nothing new is it? I mean the claims have been made over and over by Anon but as yet only one real hit was made with BlueCoat on their proxy system. They indeed were helping Syria monitor their populace and in a bad way. For Christ’s sake, CISCO got caught too aiding China due to their contracts etc and they wanted to keep them.

So I ask you... What’s news here? Other than the sensationalism around the whole story that YamaTough has cooked up trying to sell a story about the ills of corporations that make software?

What’s more, WHY even bother to make a statement like the YamaTough incident is the “FIRST” case of documented “Cyber Espionage” ??????? Holy WTF? You mean it NEVER HAPPENED BEFORE!! All those reports in the news MUST HAVE BEEN WRONG HUH?

The Cuckoo’s Egg: Holy Crap! Computer Espionage In 1986! WHO KNEW!?!?

Which brings me to “The Cuckoo’s Egg”, which  I read this a long time ago (required reading for ALL OF YOU!). This happened in 1986 and I believe that this is the first “Documented” case of computer espionage that is out in the open (i.e. not classified).

Cliff Stoll, a UNIX (beardy man) was asked to look into an accounting error on a University system and ended up finding and tracking an asset for the KGB who was selling “DOCUMENTS” to said KGB from West Germany.

The Cuckoo’s Egg HERE and HERE.

I suggest you all at least read the Wiki article on this if not going out and buying the book. Suffice to say tough, that the title of the book says it all. “Computer Espionage” This asset was hacking into White Sands Missile Range and other places and stealing data which he then sold to the KGB.

I think this would be called “Cyber Espionage”. .. That is if one wanted to be douchey enough to use the term “Cyber” in front of everything.

Turd Shining by Those Who Should Know Better... I’m Lookin At You!

Right, well, there you have it… The YamaTough case could be said to be the first case of “Cyber Espionage” in 2012 perhaps, but certainly not of all time. In fact, I would suspect that as soon as computers had modems and were prevalent in government facilities (pre internet).

There were likely other cases like the Cuckoo’s Egg but let me digress a bit again… Let’s name some operations that we KNOW ABOUT ALREADY:

  • TITAN RAIN
  • AURORA
  • GHOSTNET
  • And... Just for merit.. the moniker APT itself...

Just to name a few. We KNOW documents were stolen AND that they likely ended up in Chinese hands... So really, why are you making this inane proclamation in your article?

Oh, I know you have painted yourself into a corner now with your illogical argument of “Show me the documents” to which I say, Uhh we know these all happened as well as we KNOW Stoll helped catch Markus Hess in 1986…

So what gives? Are you unable to admit when you are wrong? I mean, that seems to be the case to me…

Look, I am tired of getting tourrettes every time I look at some of this tripe out there being published by assumed authorities. This is out of hand and really, if you are wrong and someone calls you on it, think about it and cop to it. There is no harm in being wrong, we all are now and again.

Hell, I was corrected recently by someone about my post on “Cyberwar” as I had the wrong country being attacked (in the scenario and history) with cyberwarfare attacks as a prelude to physical incursions (it was not Estonia, it was Georgia that Russia hit)  I though, admitted I was wrong, corrected the information, and thanked the person who told me.

YamaTough’s data is subject to much scrutiny and it seems that he/they have an agenda here that leans more toward disinformation than anything else. Their release of the Symantec source code, while interesting, proves nothing of their claims (see articles about the 2006 hack on Symantec and the debacle thereof).

So really, as an “analyst” shouldn't one take a more jaundiced approach to reporting to the masses such things as this? Not making bellicose claims that this is the first of its kind.. Kinda reminds of a certain guy who released bad data about some SCADA systems in Illinois

Just sayin… Contrition is in order, not prevarication and inveigling.

K.

Cross-posted from Krypt3ia

Possibly Related Articles:
15202
Network->General
Information Security
China Hacking Symantec Cyberwar Network Security National Security Operation Aurora Source Code FUD Ghostnet Scot Terban Titan Rain India The Lords of Dharmaraja YamaTough RINOA SUR Cyber Espionage The Cuckoo’s Egg Cliff Stoll Markus Hess
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked