Monday, 21 December 2020

Russia and Hacking: The Question We Should be Asking

(The following is a personal opinion piece)

As of this writing there has been a ton of news articles about Russia hacking major American infrastructure and government agencies.  Not to mention top ten telecommunications providers along with a plethora of fortune 500 companies in the states.  This is massive. [1]

It is not an overnight task launching an attack as expansive as this.  No doubt about it, this was something long in the making.  In this article I am not going to go into depth about the attack, likely you are already aware of it and have read a technical analysis of the attack.  The attack raises an important question though:

Why Now?

If you spend any amount of time in the cyber security world you will know that nation state attacks have been going on for along time.  America to Russia, Russia to America, every once and awhile throw a little bit of China in their for flavour. etc. etc etc.

I am going on an assumption here that America and Russia have known for years that they have been resident in each others networks.  

Stay with me here.  We haven't boarded the one way train ride to crazy town just yet ;)

The digital space, the cyber-space. Is this wonderful, strange, for the most part unregulated entity that people from across the planet can access and reach out and touch one another.

It's a dangerous place where you can get hurt as well.  It is loaded with bad actors....and good actors.  For the most part cyber-space is held together by people(volunteers) with sound moral compasses keeping this digital world in check.  Currently the internet exists in this idyllic bubble where information is free and available.  It is this innocence that has paved the way for nations to try to volley for control. 

America birthed the internet and big players (Russia/China) have been playing catch up.  America has been a/the dominant controller of the internet since it's conception.

Indeed Russia and friends have been in a virtual race with America since the beginning *cough *cough *cold war.

So lets go back the the question: Why now?

They (R and A) know they are hacking each other, why is this news now?  Why is this public now?  What is happening in history right now that warrants it being released to the masses?

There are a couple pieces that need to be weighed here.  Was America truly caught with it's proverbial pants down?  Did they really not have any idea how bad it was?  Because if that is true, we should all be scared.  

There is a secret war for cyber-space waging every day. 

I think that we are living in a time where R and C are finally catching up to A.  

America has lost it's dominance in the cyber realm.  Or at least a portion of the pie.

The cause of why America lost it's dominance is a topic that is just to expansive for the scope of this article, even this blog.  Long story short though, it is hard for a house to stand when it's foundation is crumbling.

So Why Now?  The conspiratorial side of me is showing his face a bit here, but I don't think any of this was a accident.  I think that these hacks did happen.  I think that when it was revealed to the public it was no accident though.  What a curious coincidence that this news is revealed as Biden begins taking office.  Also take note that a few short days before this was published the Trump administrations closed the last remaining American consulates in Russia [2].

The fallout from the hack is something that people should be watching.

I know I will.

Always ask questions.

Andrew Campbell



[1] https://www.theguardian.com/world/2020/dec/14/suspected-russian-hackers-spied-on-us-federal-agencies

[2] https://www.cnn.com/2020/12/18/politics/us-consulates-russia-closures/index.html

Sunday, 13 December 2020

Top 10 Since the Beginning

 Hi All,

I thought it would be fun to start a tradition for my blog.  Sharing the top ten visited articles over the past year.  This blog was started in May 2020, so It has only been going for about 7ish months at this point, but I think Christmas time is a good time to start this.  Next year I will have 12 months to get data from.  I will be taking a writing break during Christmas and getting back to it January 11, 2021.

I included a blurb with each of the ten about how I came up with the idea for the particular article.

10. Route out IP Origin with Free Tools

I love python and getting the language to automate tasks for me is great.  I had been working on a python script that scraped a website for geolocations so that I could show my students in class.  In my research I stumbled across a few tools that did similar things.  Weird part about these tools is that they didn't all produce the same result!

9. Who Attacked Czechia in April 2020?

This was one of my favourite to write.  In Blogger you can see where people are accessing your site from (country).  At the time of writing this my blog was still fairly new.  Curiously, other than Canada, my largest fan base was Czechia.  I thought it would be fun to write an article geared towards them.  During my research I found out that two Czech hospitals (top covid research facilities) had been "hacked."  I dug deeper and it turns out there was strong evidence that the Russian hacker group APT 28 were behind the attack.  Also curious, that a few months after this attack Russia announced they had found the "cure" for Covid. Coincidence?

8. An Introduction DNS SinkHoles (Pi-Hole)

I love open source tools that are versatile and simple to setup.  Also it is extremely powerful.  A friend had pi-hole set up at his house and he was protecting his entire network.  I read up on it and decided it would be an awesome thing to include in my home environment.  My friend was using a raspberry pi, I decided to use a desktop server and virtualize the pihole.  Both solutions work!

7. Data Stealing: The Next Logical Step for Adblockers

One thing that is likely going to last for a long time is the fact that people will download things that look good but actually have nefarious purposes.  This article takes a look at the basic functionality of adblockers and how it is not a surprise that someone succumbed to the temptation to steal data with these "free" software packages.

6. Why are Guest Networks Important?

Attacks on wireless networks are happening all the time.  For a person who wants to circumvent network security you can be sure they have a reasonable idea of how port scanning works.  Combine that with the fact that generally people have terrible home network security, people's home networks are prime targets.

I have been preaching guest networks for years, I thought it would be fun to demonstrate visually the difference between the two.  I used port scanning to show what is visible on a guest network and a primary network.

5. How to Hide a Root User (activity) in Linux

I was part of a conversation with a student and we were talking about hiding users on systems.  We got talking about zero width characters and how they can mess things up.  In this blog I do a quick demo of how you can make two users on a linux system look exactly the same and really mess with your system logs!

4. The Good the Bad and the Proxy

This was very early blog.  I was engaged in a portscanning module at work and so the topic was on my mind.  This blog has routinely been getting hits week after week.  Thanks again!!

The topic for the blog surrounded the ethics of portscanning.

3. A Walking Tour of Calgary Internet Exchange Points

When I finished writing this one I honestly thought it would get my lowest number of hits.  I was surprised that it got so many visits.  Thanks!!!

I had recently taught a class where I mentioned IXPs and the students generally were unaware of the technology.  I did a little research about my city and learned that we actually have 6 IXPs.  Funny thing is I took my kids on a driving tour of these facilities and explained how the internet works.  I was pumped!  But it didn't really resonate with them.

2. "No Log" VPNs Not Safe for Much longer

This one has been popular as well.  I was doing research on VPN for a different article and during my research I saw an article about Pirate Bay.  Now I have mixed opinions on torrenting, which I won't get into here but the article regarding Pirate Bay was about some legal situations that the company was facing.  In the article the primary take away I got was that there is a risk that "No Log" VPNs may no longer exist in the future.

1. Bleedingtooth, Russians, and Penguins

This is a great one and I didn't write it!  This was a guest article written by a former student of mine.  He did great and it was a very interesting read!


Thanks Everyone!  More too come in January 2021

Andrew Campbell