Obama faces delicate decisions as cyberattack fears rise

President Barack Ob, ... ]

White House photo

At the height of the economic crisis in 2008, Saturday Night Live’s “Weekend Update” comedy news show rolled out the character Oscar Rogers as a faux financial commentator. His advice on how to restore the economy? “Fix it! It needs to be fixed! Now!”

Four years later, lawmakers are grappling with a cybercrisis, and despite rising concerns, legislative debates over how to secure U.S. networks and infrastructure have often resembled nothing so much as Oscar Rogers yelling “Fix it!”

Now, with Congress looking unlikely to act anytime soon to fix vulnerabilities in the nation’s computer systems that leave them open to cyberattacks, President Obama is weighing the pros and cons of using anexecutive order to do what Congress hasn’t.

Experts in government and industry alike report a tide of attacks aimed at stealing information from individuals, companies, and government agencies, potentially making a strong case for presidential action.

Further bolstering the case are warnings from top national-security officials that a catastrophic attack on a critical system like those that run energy grids or chemical plants could cause damage to the economy or even loss of life.

But Obama needs to consider his options carefully, because any unilateral steps could invite accusations from his critics of overstepping his authority. As the acrimonious debate over antipiracy legislation illustrated earlier this year, simmering Internet issues can easily explode.

In the final days before the August recess, the Senate hit an impasse on broad cybersecurity legislation that the White House and national-security and defense leaders support. The bill stalled after businesses and Republicans said the legislation would create burdensome regulations for industry without doing enough to shore up defenses against cyberattacks.

Top White House counterterrorism aide John Brennan said earlier this month that Obama was looking at the possibility of an executive order but that there is no decision yet.

Lee Hamilton, a Democratic former House member who sits on a board that advises the Homeland Security Department and who examined government security failures as cochair of the 9/11 Commission, said that Obama is right to consider moving forward on his own. He said the stalemate in Congress is a “serious breakdown” reminiscent of failures before the terrorist attacks on Sept. 11, 2001.

“The preference would be to work together with Congress, but the threat is serious enough that an executive order is in line,” he said. “There is certainly a lack of urgency in dealing with this, and it’s not a business-as-usual problem. Given the fact that Congress hasn’t acted, the president has the obligation to put together options to secure the country.”

While the debate in Congress largely broke down along party lines, some prominent Republicans support the cybersecurity standards backed by the White House.

Top national-security advisers for GOP presidential candidate Mitt Romney, such as former Homeland Security Secretary Michael Chertoff and former National Security Agency and Central Intelligence Agency chief Michal Hayden, differed with Republicans in Congress and publicly called for the Senate to pass provisions that have Obama’s support.

Romney campaign spokeswoman Andrea Saul declined to elaborate on the Republican candidate’s assertion that more needs to be done to secure American networks, or comment on whether he would favor using an executive order in the absence of legislation. But she reiterated Romney’s promise to make cybersecurity an early priority and didn’t rule out executive action. Romney’s plan would require agencies to begin developing a new national cybersecurity strategy within the first 100 days of his administration. “Once the strategy is formulated he will determine how best it can be implemented,” Saul said in an e-mail.

Polls show that while Americans express concerns over cyberattacks, they, too, are divided over what should be done.

Separate surveys published by United Technologies/National Journal and The Washington Post over the summer found that a majority of Americans prefer that the government either not create standards for private companies, or keep any standards voluntary.

Backers of the White House’s proposals, however, say an executive order could add clarity to the debate and prove to skeptics that the government can play a greater role in protecting American networks without violating privacy or burdening private businesses.

“I think it’s hard to make things any messier than it was politically,” said James Lewis, an expert at the Center for Strategic and International Studies. “If done right, an executive order could help critics reconsider their arguments.”

That’s an analysis echoed by University of California (Berkeley) professor Steven Weber who said many people seem to be “sleepwalking” when it comes to the threat of cyberattacks. An executive order, he said, could reform cybersecurity policies before a catastrophic attack galvanizes public opinion.

An executive order could give Obama the chance to take a strong stand on a rising national-security concern while portraying Republicans in Congress as ditherers.

But an order is unlikely to accomplish all of the White House’s aims. It couldn’t hand DHS wider authority to ensure that certain private networks are secure. Nor could it entirely ease legal restrictions that prevent businesses from sharing threat information. Even policy changes for some federal network-security policies would likely need congressional action. Additionally, any action would need to avoid inciting privacy watchdogs who fear cybersecurity could be used as an excuse to undermine civil liberties.

And some analysts said the politics of an executive order could cut both ways for Obama. Presidents often win political debates that pit them against an unpopular Congress, especially one perceived as unable to do anything substantive, said Peter Feaver, a former National Security Council staffer during the Clinton and George W. Bush administrations. But if Obama were to take unilateral action, it would give his critics on the right an opening to paint him as an “imperial” president and to accuse him of saddling business with new regulations, Feaver said.

“In general, White Houses win in these fights with Congress, but this White House has played this card many times,” Feaver said. “This is an issue where there are bound to be unintended consequences and any cybersecurity measures will need a system to fix and update the provisions down the road. This administration has a hard sell assuring people to trust them to fix things later.”

Paul Rosenzweig, a consultant and visiting fellow at the conservative Heritage Foundation, said a cybersecurity executive order could play into both the “imperial presidency and do-nothing-Congress” narratives, but said he thinks there is a genuine possibility for a future compromise and unilateral action by Obama would do little to actually help secure private networks

http://m.nextgov.com/cio-briefing/2012/08/obama-faces-delicate-decisions-cybe…

Obama faces delicate decisions as cyberattack fears rise

President Barack Ob, ... ]

White House photo

At the height of the economic crisis in 2008, Saturday Night Live’s “Weekend Update” comedy news show rolled out the character Oscar Rogers as a faux financial commentator. His advice on how to restore the economy? “Fix it! It needs to be fixed! Now!”

Four years later, lawmakers are grappling with a cybercrisis, and despite rising concerns, legislative debates over how to secure U.S. networks and infrastructure have often resembled nothing so much as Oscar Rogers yelling “Fix it!”

Now, with Congress looking unlikely to act anytime soon to fix vulnerabilities in the nation’s computer systems that leave them open to cyberattacks, President Obama is weighing the pros and cons of using anexecutive order to do what Congress hasn’t.

Experts in government and industry alike report a tide of attacks aimed at stealing information from individuals, companies, and government agencies, potentially making a strong case for presidential action.

Further bolstering the case are warnings from top national-security officials that a catastrophic attack on a critical system like those that run energy grids or chemical plants could cause damage to the economy or even loss of life.

But Obama needs to consider his options carefully, because any unilateral steps could invite accusations from his critics of overstepping his authority. As the acrimonious debate over antipiracy legislation illustrated earlier this year, simmering Internet issues can easily explode.

In the final days before the August recess, the Senate hit an impasse on broad cybersecurity legislation that the White House and national-security and defense leaders support. The bill stalled after businesses and Republicans said the legislation would create burdensome regulations for industry without doing enough to shore up defenses against cyberattacks.

Top White House counterterrorism aide John Brennan said earlier this month that Obama was looking at the possibility of an executive order but that there is no decision yet.

Lee Hamilton, a Democratic former House member who sits on a board that advises the Homeland Security Department and who examined government security failures as cochair of the 9/11 Commission, said that Obama is right to consider moving forward on his own. He said the stalemate in Congress is a “serious breakdown” reminiscent of failures before the terrorist attacks on Sept. 11, 2001.

“The preference would be to work together with Congress, but the threat is serious enough that an executive order is in line,” he said. “There is certainly a lack of urgency in dealing with this, and it’s not a business-as-usual problem. Given the fact that Congress hasn’t acted, the president has the obligation to put together options to secure the country.”

While the debate in Congress largely broke down along party lines, some prominent Republicans support the cybersecurity standards backed by the White House.

Top national-security advisers for GOP presidential candidate Mitt Romney, such as former Homeland Security Secretary Michael Chertoff and former National Security Agency and Central Intelligence Agency chief Michal Hayden, differed with Republicans in Congress and publicly called for the Senate to pass provisions that have Obama’s support.

Romney campaign spokeswoman Andrea Saul declined to elaborate on the Republican candidate’s assertion that more needs to be done to secure American networks, or comment on whether he would favor using an executive order in the absence of legislation. But she reiterated Romney’s promise to make cybersecurity an early priority and didn’t rule out executive action. Romney’s plan would require agencies to begin developing a new national cybersecurity strategy within the first 100 days of his administration. “Once the strategy is formulated he will determine how best it can be implemented,” Saul said in an e-mail.

Polls show that while Americans express concerns over cyberattacks, they, too, are divided over what should be done.

Separate surveys published by United Technologies/National Journal and The Washington Post over the summer found that a majority of Americans prefer that the government either not create standards for private companies, or keep any standards voluntary.

Backers of the White House’s proposals, however, say an executive order could add clarity to the debate and prove to skeptics that the government can play a greater role in protecting American networks without violating privacy or burdening private businesses.

“I think it’s hard to make things any messier than it was politically,” said James Lewis, an expert at the Center for Strategic and International Studies. “If done right, an executive order could help critics reconsider their arguments.”

That’s an analysis echoed by University of California (Berkeley) professor Steven Weber who said many people seem to be “sleepwalking” when it comes to the threat of cyberattacks. An executive order, he said, could reform cybersecurity policies before a catastrophic attack galvanizes public opinion.

An executive order could give Obama the chance to take a strong stand on a rising national-security concern while portraying Republicans in Congress as ditherers.

But an order is unlikely to accomplish all of the White House’s aims. It couldn’t hand DHS wider authority to ensure that certain private networks are secure. Nor could it entirely ease legal restrictions that prevent businesses from sharing threat information. Even policy changes for some federal network-security policies would likely need congressional action. Additionally, any action would need to avoid inciting privacy watchdogs who fear cybersecurity could be used as an excuse to undermine civil liberties.

And some analysts said the politics of an executive order could cut both ways for Obama. Presidents often win political debates that pit them against an unpopular Congress, especially one perceived as unable to do anything substantive, said Peter Feaver, a former National Security Council staffer during the Clinton and George W. Bush administrations. But if Obama were to take unilateral action, it would give his critics on the right an opening to paint him as an “imperial” president and to accuse him of saddling business with new regulations, Feaver said.

“In general, White Houses win in these fights with Congress, but this White House has played this card many times,” Feaver said. “This is an issue where there are bound to be unintended consequences and any cybersecurity measures will need a system to fix and update the provisions down the road. This administration has a hard sell assuring people to trust them to fix things later.”

Paul Rosenzweig, a consultant and visiting fellow at the conservative Heritage Foundation, said a cybersecurity executive order could play into both the “imperial presidency and do-nothing-Congress” narratives, but said he thinks there is a genuine possibility for a future compromise and unilateral action by Obama would do little to actually help secure private networks

http://m.nextgov.com/cio-briefing/2012/08/obama-faces-delicate-decisions-cybe…

Stuxnet thwarted by control code update

Stuxnet thwarted by control code update

Iranian nuclear plant workers

Iran’s nuclear enrichment efforts have been targeted by sophisticated cyber attacks

Related Stories

German engineering giant Siemens has issued a fix for the software loopholes used by the notorious Stuxnet worm.

Stuxnet was discovered in 2010 after investigations into malfunctions at many industrial plants and factories.

Iran’s nuclear enrichment efforts were hit hard by Stuxnet which targeted the devices that control delicate industrial processes.

The fix comes as reports circulate of a fresh cyber attack on Iranian nuclear enrichment project.

Burn out

Stuxnet exploited loopholes in the software Siemens wrote to oversee the running of its programmable logic controllers – devices used in many industrial facilities to automate a production process.

When a controller was infected with Stuxnet it made the motors it was typically connected to run out of control and burn out. This is believed to have been behind Iran’s need to replace many of the centrifuges it was using in its Natanz uranium enrichment plant.

Siemens has issued advisories saying it has updated the Simatic code in the controllers to remove the loopholes.

It is not yet clear who created Stuxnet, but security researchers say it is so complex and tightly targeted that only a nation would be able to marshal the resources to put it together.

Stuxnet is just one of several similar malicious programs created to attack industrial control systems.

Experts speculate that many were made to slow down and disrupt Iran’s nuclear production processes.

Iran has regularly denied that the viruses have hit its nuclear programme.

The Siemens update comes as security firm F-Secure received an email believed to have been sent by a scientist working at Iran’s Atomic Energy Organization.

In the message, the scientist said its plants at Natanz and Qom have been hit again by a worm.

Top F Secure security researcher Mikko Hypponen said it had not been able to confirm any of the details in the message. However, digital detective work did reveal that the message had come from within the Atomic Energy agency.

On 23 July, Iran issued a statement saying it had successfully “confronted” sophisticated malware and thwarted all the cyber attacks against the nation’s infrastructure.

Reza Taqipur, Iran’s minister of communication and information technology, said it was sometimes hit by as many as two million cyber attacks a day, but its ability to deal with them was growing daily.

Stuxnet thwarted by control code update

Stuxnet thwarted by control code update

Iranian nuclear plant workers

Iran’s nuclear enrichment efforts have been targeted by sophisticated cyber attacks

Related Stories

German engineering giant Siemens has issued a fix for the software loopholes used by the notorious Stuxnet worm.

Stuxnet was discovered in 2010 after investigations into malfunctions at many industrial plants and factories.

Iran’s nuclear enrichment efforts were hit hard by Stuxnet which targeted the devices that control delicate industrial processes.

The fix comes as reports circulate of a fresh cyber attack on Iranian nuclear enrichment project.

Burn out

Stuxnet exploited loopholes in the software Siemens wrote to oversee the running of its programmable logic controllers – devices used in many industrial facilities to automate a production process.

When a controller was infected with Stuxnet it made the motors it was typically connected to run out of control and burn out. This is believed to have been behind Iran’s need to replace many of the centrifuges it was using in its Natanz uranium enrichment plant.

Siemens has issued advisories saying it has updated the Simatic code in the controllers to remove the loopholes.

It is not yet clear who created Stuxnet, but security researchers say it is so complex and tightly targeted that only a nation would be able to marshal the resources to put it together.

Stuxnet is just one of several similar malicious programs created to attack industrial control systems.

Experts speculate that many were made to slow down and disrupt Iran’s nuclear production processes.

Iran has regularly denied that the viruses have hit its nuclear programme.

The Siemens update comes as security firm F-Secure received an email believed to have been sent by a scientist working at Iran’s Atomic Energy Organization.

In the message, the scientist said its plants at Natanz and Qom have been hit again by a worm.

Top F Secure security researcher Mikko Hypponen said it had not been able to confirm any of the details in the message. However, digital detective work did reveal that the message had come from within the Atomic Energy agency.

On 23 July, Iran issued a statement saying it had successfully “confronted” sophisticated malware and thwarted all the cyber attacks against the nation’s infrastructure.

Reza Taqipur, Iran’s minister of communication and information technology, said it was sometimes hit by as many as two million cyber attacks a day, but its ability to deal with them was growing daily.

TwitterGate Current Status of certifcate authorization

Richard Clarke: China’s Cyberassault on …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 3 minutes
2 minutes ago
Failed
The end result? Here you go. “Dead”
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 6 minutes
11 minutes ago
Failed
“Just because it cracks me up” shitty de …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 7 minutes
12 minutes ago
Failed
And here’s JDenjgma w CHINA & Pakistan
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 9 minutes
14 minutes ago
Failed
In case anyone cares? Here’s China.
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 10 minutes
15 minutes ago
Failed
Another one of his “friends”
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 11 minutes
16 minutes ago
Failed
Look how much fun “we” are having
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 13 minutes
18 minutes ago
Failed
Get off my network!
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 16 minutes
21 minutes ago
Failed
Psychopath NOT hero! So who is crazy now …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 22 minutes
27 minutes ago
Failed
This is NOT one of “those” stories!
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 24 minutes
29 minutes ago
Failed
Another stalker. Two. Gross.
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 30 minutes
35 minutes ago
Failed
Hacker by association? #CIA #Black&Berg …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 33 minutes
38 minutes ago
Failed
Jewish Internet Defense Force
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 36 minutes
41 minutes ago
Failed
Bigger Problems: Pakistan
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 37 minutes
42 minutes ago
Failed
“he’ll grow on you” Like a wart!
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 38 minutes
43 minutes ago
Failed
From #stalking to #hacking
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 41 minutes
about 1 hour ago
Failed
Too much traffic. #CyberStalking
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
I won’t get daddy lawyer! I’ll get mommy …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Chat with Mike Firetown Sat, Mar 19, 201 …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
#GangStalking needs help to stalk me? Da …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Chat with Mike Firetown Thu, Apr 14, 201 …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Harassing my friends!
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Chat with Mike Firetown Sat, Mar 19, 201 …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Officially #GangStalking Jdenigma needs …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Chat with Mike Firetown
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Chat with Mike Firetown
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Persistent little fucker! #CyberStalker
Reason: Not a valid private key.
Next attempt in about 1 hour
about 1 hour ago
Failed
“Crazy Bitch” or Crazy CyberStalker? You …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
CyberStalker at large
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
What Should I Do? || “Get me out of here …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Posted

BITCH!

TwitterGate Current Status of certifcate authorization

Richard Clarke: China’s Cyberassault on …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 3 minutes
2 minutes ago
Failed
The end result? Here you go. “Dead”
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 6 minutes
11 minutes ago
Failed
“Just because it cracks me up” shitty de …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 7 minutes
12 minutes ago
Failed
And here’s JDenjgma w CHINA & Pakistan
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 9 minutes
14 minutes ago
Failed
In case anyone cares? Here’s China.
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 10 minutes
15 minutes ago
Failed
Another one of his “friends”
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 11 minutes
16 minutes ago
Failed
Look how much fun “we” are having
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 13 minutes
18 minutes ago
Failed
Get off my network!
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 16 minutes
21 minutes ago
Failed
Psychopath NOT hero! So who is crazy now …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 22 minutes
27 minutes ago
Failed
This is NOT one of “those” stories!
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 24 minutes
29 minutes ago
Failed
Another stalker. Two. Gross.
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 30 minutes
35 minutes ago
Failed
Hacker by association? #CIA #Black&Berg …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 33 minutes
38 minutes ago
Failed
Jewish Internet Defense Force
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 36 minutes
41 minutes ago
Failed
Bigger Problems: Pakistan
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 37 minutes
42 minutes ago
Failed
“he’ll grow on you” Like a wart!
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 38 minutes
43 minutes ago
Failed
From #stalking to #hacking
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in 41 minutes
about 1 hour ago
Failed
Too much traffic. #CyberStalking
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
I won’t get daddy lawyer! I’ll get mommy …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Chat with Mike Firetown Sat, Mar 19, 201 …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
#GangStalking needs help to stalk me? Da …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Chat with Mike Firetown Thu, Apr 14, 201 …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Harassing my friends!
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Chat with Mike Firetown Sat, Mar 19, 201 …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Officially #GangStalking Jdenigma needs …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Chat with Mike Firetown
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Chat with Mike Firetown
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
Persistent little fucker! #CyberStalker
Reason: Not a valid private key.
Next attempt in about 1 hour
about 1 hour ago
Failed
“Crazy Bitch” or Crazy CyberStalker? You …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
CyberStalker at large
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Failed
What Should I Do? || “Get me out of here …
Reason: request error 403: Invalid AuthSub token. Invalid AuthSub token. Error 403
Next attempt in about 1 hour
about 1 hour ago
Posted

BITCH!

‘Flame’ Spread Via Rogue Microsoft Security Certificates

Analysis of the massive ‘Flame’ cyber attack code has revealed that rogue Microsoft security certificates were used to make the malware appear as if it was officially signed by Microsoft. Microsoft has issued a security advisory, revoked trust in the rogue certificates, and provided steps to help IT admins and users prevent attacks that rely on the spoofed Microsoft certificates.

A post on the Microsoft Security Response Center blog states plainly, “We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft.”

Malware‘Flame’ slipped under network defenses by appearing as legitimate Microsoft code.Andrew Storms, director of security operations for nCircle, declares, “The discovery of a bug that’s been used to circumvent Microsoft’s secure code certificate hierarchy is a major breach of trust, and it’s a big deal for every Microsoft user. It also underscores the delicate and problematic nature of the trust models behind every Internet transaction.”

The Microsoft blog post explains that a vulnerability in an old cryptography algorithm is exploited by some elements of Flame to make them appear as if they originated from Microsoft. Most systems around the world accept officially-signed Microsoft code as safe by default, so the malware would enter unnoticed.

The weak algorithm is a function of the Terminal Server Licensing Service, which allowed IT admins to authorize Remote Desktop services on Windows-based networks. The algorithm in question was used to generate security certificates with the ability to sign code so that it is accepted as legitimate Microsoft code.

Microsoft is taking steps to deal with this issue. First, it released the security advisory which explains the issue in detail and provides steps IT admins can use to block software signed by the rogue security certificates. Microsoft also released an update, which automatically implements those same steps to make it easier for customers to prevent malware using the spoofed certificates from slipping through.

Microsoft adds that the Terminal Server Licensing Service is no longer capable of issuing certificates that can be used to sign code. With these steps in place, organizations can ensure that any malware that depends on the rogue security certificates will no longer be recognized as being from Microsoft.

Storms provides some further insight about the rogue Microsoft certificate revelation. He points out that the stealthy use of rogue Microsoft security certificates supports the theory that ‘Flame’ is part of a grander state-sponsored espionage effort. “A bug that can identify a piece of malware as legitimate is not something an average malware writer would have been able to sit on for long–it’s worth far too much on the black market.”

Storms adds, “The fact that this bug has been kept secret for at least 18 months, and quite possibly longer, is pretty clear evidence that there is a nation state behind Flame.”