Anonymous, NSA, Power Grids and False Flags

Wednesday, February 22, 2012

Infosec Island Admin


So… Anonymous Is Going To Attack The Grid Huh?

Ok so Anonymous, or those claiming to be “Anonymous” have put out the word that they plan on attacking the internet’s root DNS servers.

This unqualified threat left on Pastebin somehow has translated in the minds at NSA (Gen. Keith Alexander) that Anonymous will eventually attack the power grid (America’s in this instance) and drop the power for “limited” areas of the country…

Maybe… Someday… BOOGA BOOGA BOOGA! You scared yet?… Cuz this works great at the kids birthday parties. *peers with slit eyes while making magic hands*

Seriously, Anonymous has never officially made a statement (as if they really could given their model of operation) about attacking the power infrastructure at all. Sure, there were some drops of IP addresses in the recent past that they claimed were SCADA systems (they were, but they were really only HVAC systems in various places across the country)

So where is the NSA getting this all from? Surely they are projecting a little bit here huh? Such an imagination on these guys!  Wait... What’s that? There was a movie about something like this? Oh yeah… “Live Free Or Die Hard” THAT’s where they saw this! They think Anonymous is gonna have a big FIRE SALE!

Well, it’s a logical conclusion I guess... That is until you let logic actually cloud your thinking and decide that it would not be in their best interest to do such things as a group.

Damn, there goes the screenplay I was thinking of!


Down to brass tacks here... Dear NSA… Really? How about this, how about instead of worrying about it, you maybe force the PLC makers and their interface third party contractors into actually securing their shit?

Maybe re-design and re-tool everything a bit and re-mediate the issues in the first place so there won’t be this great ability to attack such systems as they sit on the internet?

This whole line of dialog that the Anon’s are gonna attack the grid is a bit premature and really does a disservice to us all. This is especially the case when you talk to journalists hungry for a cutline that will make the wires buzz and get their byline in big print. This is plainly just FUD of the worst kind Kieth and you should be ashamed of yourself.

First off, you are gonna tell me that Anonymous or for that matter Antisec is going to be stupid enough to attempt such a thing. This would be a death blow to the group. I mean, if they did this kind of action, then they would be the most hunted of all the problem children online.

Secondly, you are giving them WAAAAAAAAY to much credit in the technical skill department here. Look at the attacks these guys have been pulling off! They have all been quick hits at low hanging SQLi fruit and you seem to think this implies great skill?

Kieth, do you even know how to run a computer? Do you have a working knowledge of hacking? Cuz, I am telling you right here and now, I don’t think you know what you think you know... If you know what I mean.

To date, the hacks that the skiddies have pulled off have been embarrassing abd surely a pain in the ass, but they have not been 3l337 as they say in the biz, nor have they really shown any cohesive ability to plan larger and more complex operations at all. In short, and I know you have heard the term I am about to use...

Anonymous is not synonymous with APT. Please do listen to what Bejtlich said in the WSJ piece (finally he and I agree on something.. Shouldn’t the forces of gravity and magnetism stop now and implode?) This is not an issue now and I really doubt that it will be an issue later.

Unless you take into account that Anonymous may in fact not be the ones that do it… They just use the convenience of the name and their poor operational model…

Say, Is That A FALSE FLAG In Your Pocket Or Are You Just Glad To See Me?

So, this brings be to a conversation I had earlier about all of this on Twitter. I spoke of this very thing at DEFCON last summer and I would hasten you all to consider what I am saying again.

IF Anonymous does in fact attack the grid, I would put to you that it is not in fact “Anonymous” whatever that may be, but instead those nation states using the nome de plume of the collective as a cover for their actions against a sovereign nation. This is called a “False Flag” operation and it would be used to attack while having the perfect cover (thanks anonymous!) for the operation to be pinned on others.

Say China (the usual suspect) wants to test our ability to deflect such an attack and decides maybe to hit a small power grid in podunk Iowa. They could just as easily post a Pastebin saying AH HA! ANONYMOUS IS GONNA HIT THIS FACILITY! and then just do it.

Alternatively, they could claim it after the fact as Anonymous and no matter how much the Anon core would say “WE DIDN’T DO IT” no one would really believe them would they? Especially now that Keith is out of the NSA closet here huh? This is a win/win for the nation states and a lose/lose for the Anon’s really.

I warned you…. So, now the stage is set and we anxiously await the curtain to drop… *pops popcorn*

Satire Aside…

Anyway, I just wanted to re-iterate that once again we have the media running with a story that seems to have legs, and even if you read into it “This won’t happen now, but soon” it still does the trick for the government.

After all, I am sure many out there are now worried that Anonymous is after their power systems. That one day their lights will go off and a large shadow of a Guy Fawkes mask will hang in the air like some plot device from a James Bond film..

Or... wait... Like the capitol blowing up in that last Die Hard film… So, which one of you Anon’s is Thomas Jane? Sabu? Meh.

Look, see through this WSJ story as either one of two things depending on your bent and jaded nature.

1) NSA is really worried about this and not so much Anonymous but nation states using their name… (this I can get behind)

2) NSA/Keith et al. Are using this as a means to an end to get what they want… They want complicity on the part of the people to enact more laws and oversight on their part of the internet… And by proxy control over all our privacy.

Up to you guys what you think…

Either way though, I would say that Anonymous has let the genie out and they did not account for this... You all could be in some deep shit here.. Let the games begin!


Cross-posted from Krypt3ia

Possibly Related Articles:
Industrial Control Systems
SCADA Government Utilities Attacks Anonymous Hacktivist NSA FUD Keith Alexander Cyberterrorism AntiSec Scot Terban Industrial Control Systems Krypt3ia Power Grid
Post Rating I Like this!
Andrea Zapparoli Manzoni Scot, I really enjoyed this post :)

My feeling is that this NSA boutade is going to become a boomerang, and that in the end the Anons will gain from it...

...unless there's a real false flag attack being prepared behind the scenes, which would be of course A Bad Thing(tm) for everyone.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.