Putin and the BLM verses the Power of the Internet

Vladimir Putin has been trying very hard to convince the world that he needs to intervene in Ukraine to “protect” Pro-Russian citizens. Half way around the world, the Bureau of Land Management has tried to convince the US that it is protecting endangered turtles from trespassing cattle in Nevada. Both causes have been undermined by the power of the internet.

Reports have been flooding out of Ukraine of captured Russian intelligence officers, troops operating inside Ukrainian borders with identifying unit patches and tags removed, and even of a Russian bank making $200 and $500 daily payments to Russian “terrorists” working to destabilize the Eastern region of Ukraine.

This video allegedly shows a Russian Army Lieutenant Colonel giving orders to police officers in the Ukrainian town of Horlivka:

Pro-Russian forces have stirred up riots, taken over police and government buildings and have even attacked an airport. All the while about 40,000 Russian combat troops are hanging near Ukraine’s border. This has put Ukraine in a catch-22, either they let the unrest continue and risk civil war, or move against the trouble areas with force risking an invasion by Putin to “protect” Russian citizens like he did in Crimea.

Other than what some call Putin’s propaganda machine, the Russian Times (RT.com), no one is really falling for Putin’s cause. The internet has been saturated with anti-Russian social media posts, revealing pictures of what appear to be Russian troops in Ukraine, and reports of captured Russian operatives.

The outcome has been dramatic. Tens of thousands are protesting in Moscow and the UN even released a report claiming ethnic Russians in eastern Ukraine falsely claimed assault.

Closer to home, the US Bureau of Land Management (BLM) sent a mini-army of a couple hundred enforcement agents, contract workers, K-9 units and snipers into Nevada to “protect” endangered desert turtles. BLM claimed trespassing free roaming cattle from Clive Bundy’s ranch was putting endangered animals at risk. So they sent a large force in to confiscate the cattle.

Within days the internet was filled with images like this:

 bundy ranch 1st amendment

Apparently the BLM set up fenced in areas for reporters. Well this didn’t go over very well – no one used them and pictures again flooded the internet of the “First Amendment Area” signs with another sign added underneath saying, “The First Amendment is not an Area”. The fenced in areas were removed shortly thereafter.

Report of abuse by Federal officers also flooded the internet. One scuffle ensued between BLM officers and Bundy family members & supporters. A statement to the press by the BLM stated that the scuffle started when a K-9 dog was kicked. But again, this video flooded the interwebs showing that the real story might be different:

You can see from the video that at 23 seconds, a federal agent tackles a 50 year old lady from behind and seems to throw her to the ground. At 1:04 a K-9 officer appears to give both verbal and visual command for his dog to bite, and then again at 1:06.

The protestor seems to kick the dog after he tried to bite him.

Social Media exploded comparing the events in Nevada with Waco Texas and Ruby Ridge. The effect was immediate. People from as far away as New Hampshire began flocking to Nevada to stand in the gap with Clive and his family. This included armed members of several state militia and veteran groups.

The BLM has since stood down and has decided to fight the battle out in court. But again more reports have surfaced via the internet that the BLM wants to remove the cattle so that a Solar Power plant can be installed by a Chinese company, and that it has nothing whatsoever to do with trying to save turtles.

Some websites are claiming that the solar power plant report isn’t true, but it is very odd that the Federal Government would send in such a strong force to protect some turtles from cows. Especially when our southern border which needs additional help seems to get none.

But the truth is that in both cases presented here, the conflict in Ukraine and the BLM’s actions in Nevada, social media has had a huge impact of both public opinion and public action.

Advertisements

Russian “Cyber” Snake attacking Ukrainian Systems

Snake BAE

Everyone is expecting Russia to attack Ukrainian computer systems, but the truth may be that they have been doing so right along. One alleged Russian based cyber espionage tool named “Snake” has been active in the Ukraine and other places (even the US) since 2005.

Snake is named after Ouroboros in Ancient Greek mythology, and it was usually displayed as a snake or a dragon eating its own tail. The inference is that of something that is constantly re-creating itself.

Snake infections have been located in several countries – the US Department of Defense have been breached by an earlier version of the program. But as of 2013, the espionage tool usage seems to be aggressively targeting systems in the Ukraine:

Snake samples

BAE systems have recently released a report on Snake. According to the report, the tool seems to have originated from a nation that could fund sophisticated and expensive attack tools.

Martin Sutherland, Managing Director, BAE Systems Applied Intelligence said, “What this research once more demonstrates, is how organised and well-funded adversaries are using highly sophisticated tools and techniques to target legitimate organisations on a massive scale.”

And, “Although there has been some awareness of the Snake malware for some years, until now the full scale of its capabilities could not be revealed, and the threat it presents is clearly something that needs to be taken much more seriously.”

Snake allows remote access to an infected system, can hide and ex-filtrate pilfered data, seeks to infect other systems, uses stealthy communication techniques, has a rootkit section and can even bypass security features of 64 bit Windows systems.

A couple tell tail clues found during analysis, including time zone information and the language used in some lines of code seem to point to Russia as the tool creator. And with he increased attacks on the Ukraine within the last year makes Russia look even more the culprit.

BAE System’s report covers:

  • How the malware communicates,
  • The distinctive architectures which have evolved over the years,
  • The use of novel tricks to by-pass Windows security,
  • How it hides from traditional defensive tools.

Check out the full report on BAE’s website.

Obama’s Facebook and Twitter Compromised by Syrian Hackers

Barack Obama

The Syrian Electronic Army (SEA), a Syrian based hacker group known for redirection and denial of service attacks on media and political targets, briefly altered links from Obama’s social media sites to point to videos created by the SEA.

The attack was made possible not by hacking the websites, but by compromising the link shortening service that the President’s campaign team used on several websites.

According to the SEA’s twitter feed, for a while Twitter eventually blocked the links all together and visitors saw this:

Barack Obama 2

In a series of e-mails to news site Mashable, allegedly the SEA hackers claimed they compromised BarackObama.com by attacking one of the site’s administrators:

“In a follow-up email, the SEA provided screenshots that show how it altered the links in Obama’s social media posts. The group appears to have hacked the email address of Suzanne Snurpus, one of the administrators of BarackObama.com, and it gained access to a control panel for the site.”

For more information see the Mashable website.

The SEA takes a swipe at the US Marines, or was it the Russians?

As things continue to heat up in Syria and Obama waits to hear from congress as to whether or not to launch a missile strike, looks like the Syrian Electronic Army (SEA) has struck first. And what a target.

The SEA, known for website defacement and infiltrating social media and news sites, apparently have set their sites quite a bit higher. Yesterday they temporarily redirected the US Marine recruiting website Marines.com to one that contained the message in the image above.

The webpage contained images of people in (most likely bogus) American uniforms holding up signs saying that they would not fight for Al-Qaeda in Syria.

A lot about this doesn’t sit very well with me.

First up, and to clear the air, no it wasn’t the official US Marines military site (marines.mil) that was redirected. Marines.com is a recruiting site owned by the marketing company J Walter Thompson. And the site was only redirected for a short period of time.

bogus Syria Supporter

Secondly, the SEA had to have the mugshots of those bogus American Syrian Army supporters before they redirected the page.

Quite a coincidence, unless…

Russia is involved.

Remember Russia is backing the Syrian government and does not want America there. How hard would it be for them to work with the SEA and create a little Psy-Ops propaganda?

Russia has a very capable cyber team and if they were not involved with this little fiasco, chances are they will be if America directly attacks Syria.

But no matter how you slice it, messing with US military sites (especially the Marines!) is a whole different ballpark than just hacking newspaper sites. Expect America cyber teams to respond, if they aren’t all ready.

And I doubt they will respond with web defacements and redirections…