A lot of reading there for me to be able to answer intelligently but I see what you're saying - how to walk out of the door with all that data on a Lady Gaga CD :D On 01/11/15 20:14, intelemetry wrote:
My question here is regarding the covert exfil of the hack.
Check out somebody like darktrace: https://www.darktrace.com/
https://en.wikipedia.org/wiki/Network_Behavior_Anomaly_Detection
That egress would be a monumental NOC IDS trigger, especially for an anomaly detection system. Have to imagine the database is big. Especially if you do anomaly detection on the SIEM collecting things like DNS, flow, etc.
Probably a pivot into the Oracle database. The coupling between PeopleSoft and the backend is weird.
The question is whether this is everybody because agencies sponsor clearance and may or may not partition their own records on the backend.
Something doesn't make sense here. If they can catch the white house non-classified penetration with low traffic and no exfil the OPM hack seems like it should have been detected easily. Moreover, there are automatic kill-chains in a lot of this infrastructure:
== begin white house == http://www.nytimes.com/2015/04/26/us/russian-hackers-read-obamas-unclass ified-emails-officials-say.html?_r=0
http://fortune.com/2015/04/07/russians-hacked-white-house/ == end white house ==
http://www.lockheedmartin.com/us/what-we-do/information-technology/cybe rsecurity/tradecraft/cyber-kill-chain.html
http://www.darkreading.com/attacks-breaches/deconstructing-the-cyber-ki ll-chain/a/d-id/1317542
I have to imagine they have a switch with inline and span analytics and IDS/IPS, anomaly detection, and logging from multiple telemetry sources. Grabbing that data from that network and running remotely seems like a hefty attack without compromising the actual reporting devices. Which has been done:
http://www.phenoelit.org/stuff/CiscoInTheSkyWithDiamonds.pdf
^^ virtual networking
It would be interesting to know how much is virtual networking out there these days in the government.
- intelemetry
oshwm:
On 01/11/15 19:33, intelemetry wrote:
It proves peoplesoft is a piece of shit.
ha ha, I'm not sure government uses any corps that actually know what they're doing :D
oshwm:
On 01/11/15 18:17, intelemetry wrote:
Where is the OPM link in .7z format?
Didn't Barrett Brown end up in Solitary Confinement for giving out links to data?
As for the real question, my ethical argument still stands:-
Those people in the OPM leak who were using personal resources to conduct government business got what they deserved (leaked).
Those who were being honest and kept business dealing to the appropriate and democratically accountable systems did not deserve their details to be leaked.
Then there is another group who work to deceive the public and preserve the state at any cost, those also deserve to be leaked (NSA, CIA, FBI etc etc).
The hack on OPM also proves another thing that Governments (or indeed anyone) should not create large databases of personal information because they become huge and irresistable targets for crackers.
- intelemetry
oshwm:
On 01/11/15 03:53, coderman wrote: > http://motherboard.vice.com/read/the-rise-of-political-doxing > > >
> Last week, CIA director John O. Brennan became the latest victim > of what's become a popular way to embarrass and harass > people on the internet. A hacker allegedly broke into his > AOL account and published emails and documents found > inside, many of them personal and sensitive. > > It's called doxing—sometimes doxxing—from the word > "documents." It emerged in the 1990s as a hacker revenge > tactic, and has since been as a tool to harass and > intimidate people on the internet. Someone would threaten > a woman with physical harm, or try to incite others to > harm her, and publish her personal information as a way > of saying "I know a lot about you—like where you live and > work." Victims of doxing talk about the fear that this > tactic instills. It's very effective, by which I mean > that it's horrible. > > Brennan's doxing was slightly different. Here, the > attacker had a more political motive. He wasn't out to > intimidate Brennan; he simply wanted to embarrass him. > His personal papers were dumped indiscriminately, fodder > for an eager press. This doxing was a political act, and > we're seeing this kind of thing more and more. > > Lots of people will have to face the publication of > personal correspondence, documents, and information they > would rather be private > > Last year, the government of North Korea allegedly did > this to Sony. Hackers the FBI believes were working for > North Korea broke into the company's networks, stole a > huge amount of corporate data, and published it. This > included unreleased movies, financial information, > company plans, and personal emails. The reputational > damage to the company was enormous; the company estimated > the cost at $41 million. > > In July, hackers stole and published sensitive documents > from the cyberweapons arms manufacturer Hacking Team. > That same month, different hackers did the same thing to > the infidelity website Ashley Madison. In 2014, hackers > broke into the iCloud accounts of over 100 celebrities > and published personal photographs, most containing some > nudity. In 2013, Edward Snowden doxed the NSA. > > These aren't the first instances of politically > motivated doxing, but there's a clear trend. As people > realize what an effective attack this can be, and how an > individual can use the tactic to do considerable damage > to powerful people and institutions, we're going to see a > lot more of it. > > On the internet, attack is easier than defense. We're > living in a world where a sufficiently skilled and > motivated attacker will circumvent network security. Even > worse, most internet security assumes it needs to defend > against an opportunistic attacker who will attack the > weakest network in order to get—for example—a pile of > credit card numbers. The notion of a targeted attacker, > who wants Sony or Ashley Madison or John Brennan because > of what they stand for, is still new. And it's even > harder to defend against. > > What this means is that we're going to see more > political doxing in the future, against both people and > institutions. It's going to be a factor in elections. > It's going to be a factor in anti-corporate activism. > More people will find their personal information exposed > to the world: politicians, corporate executives, > celebrities, divisive and outspoken individuals. > > Of course they won't all be doxed, but some of them > will. Some of them will be doxed directly, like Brennan. > Some of them will be inadvertent victims of a doxing > attack aimed at a company where their information is > stored, like those celebrities with iPhone accounts and > every customer of Ashley Madison. Regardless of the > method, lots of people will have to face the publication > of personal correspondence, documents, and information > they would rather be private. > > In the end, doxing is a tactic that the powerless can > effectively use against the powerful. It can be used for > whistleblowing. It can be used as a vehicle for social > change. And it can be used to embarrass, harass, and > intimidate. Its popularity will rise and fall on this > effectiveness, especially in a world where prosecuting > the doxers is so difficult. > > There's no good solution for this right now. We all have > the right to privacy, and we should be free from doxing. > But we're not, and those of us who are in the public eye > have no choice but to rethink our online data shadows. >
Political figures in most countries have been using their personal email accounts to conduct business 'under the radar' in order to avoid information being subject to oversight, most probably because its illegal, unconstitutional or at the very least not good for the image of governments.
When they started to do this, they threw the book on ethics in the bin and opened themselves up to any abuse of their personal life that may happen.
If people in power act properly in their professional dealings then their is an argument against d0xing their personal information but once they start to try to hide information then it's open season on every aspect of their life.