Read on Twitter
1. Brace yourselves, America. New Zealand & Australia are often used for "trial runs" of what is later rolled out in the U.S. & around the world.
We've been hit by nation-level cyber-attacks, using crude "brute force" DDoS technology - NOT ransomware. https://www.stuff.co.nz/business/122652265/experts-confident-ddos-attacks-will-fizzle-out-and-attackers-will-be-left-outofpocket
We've been hit by nation-level cyber-attacks, using crude "brute force" DDoS technology - NOT ransomware. https://www.stuff.co.nz/business/122652265/experts-confident-ddos-attacks-will-fizzle-out-and-attackers-will-be-left-outofpocket
2. Using such an old attack method may lull sophisticated countries into a false sense of security. "Oh we have systems to prevent that, it could never happen to us".
They are not necessarily testing the attack weapons so much as the social effect & public/gov response.
They are not necessarily testing the attack weapons so much as the social effect & public/gov response.
3. New York Stock Exchange & Chicago Mercantile Exchange may have tech to prevent DDoS attacks. But these attackers in NZ also went after ski fields, car parking garages, all kinds. There was no financial motive & seems more than just "kids playing" or LOLsec
4. In March 2019 John Podesta visited NZ & warned the 2020 election here was a "juicy target" for cyberattacks. Days later "lone gunman" streamed mosque massacre live on Facebook which was used to shutdown zerohedge 4chan 8chan & pass draconian legislation https://www.newshub.co.nz/home/politics/2019/03/2020-new-zealand-election-a-juicy-target-for-major-hack-john-podesta.html
5. In June 2020, Nord VPN (which sources tell me is NSA) issued for the first time their "Cyber Risk Index" identifying the most vulnerable countries. NZ and America both made the list, as well as UAE, UK, Singapore, Scandinavia https://securitybrief.co.nz/story/new-zealand-named-amongst-most-vulnerable-countries-at-risk-of-cyber-attack
6. Although Nord rates US cybersecurity highly (#2), its vulnerability score puts it at greater risk than New Zealand. 1 in 4 Americans have been a victim of cybercrime already - seeding the idea with the public.
You can download their full report here
https://nordvpn.com/cri/#get-full-report-here
You can download their full report here
https://nordvpn.com/cri/#get-full-report-here
7. A cyber-attack on stock exchanges, traffic lights, and the energy grid was the plot of Live Free or Die Hard (2007) with Bruce Willis
Similar storylines have appeared in entertainment for decades, since Wargames (1983) with Matthew Broderick
"Is it a game, or is it real?"
Similar storylines have appeared in entertainment for decades, since Wargames (1983) with Matthew Broderick
"Is it a game, or is it real?"
8. QAnon, arguably itself a new form of cyber-weapon with a distributed "digital army" has frequently referenced the Wargames movie. A search at qmap for the exact phrase "shall we play a game" returns 15 posts
9. Live Free or Die Hard, aka Die Hard 4, was based on this 1997 WIRED magazine article by John Carlin.
Note "weaponry by CNN"
In 2020, it seems that the mainstream media has already been weaponized & used for political destabilization/regime change
https://www.wired.com/1997/05/netizen-2/
Note "weaponry by CNN"
In 2020, it seems that the mainstream media has already been weaponized & used for political destabilization/regime change
https://www.wired.com/1997/05/netizen-2/
10. In 2017 a new type of cyberattack was launched that no anti-DDoS system (eg Cloudflare, Akamai) could prevent.
Using YouTube & Twitter, LARPers attacked the Maersk shipping line with a fake "dirty bomb" hoax & shut down the 8th busiest port in the US https://money.cnn.com/2017/06/16/media/port-of-charleston-dirty-bomb-conspiracy-theory-shutdown/index.html
Using YouTube & Twitter, LARPers attacked the Maersk shipping line with a fake "dirty bomb" hoax & shut down the 8th busiest port in the US https://money.cnn.com/2017/06/16/media/port-of-charleston-dirty-bomb-conspiracy-theory-shutdown/index.html
11. Two weeks later the Maersk shipping line was hit with another, more serious ("crippling") cyber-attack that was traced to #Ukraine
It shut down radiation monitoring systems at the Chernobyl nuclear plant, dormant since a 1986 disaster but still deadly
https://en.wikipedia.org/wiki/2017_cyberattacks_on_Ukraine
It shut down radiation monitoring systems at the Chernobyl nuclear plant, dormant since a 1986 disaster but still deadly
https://en.wikipedia.org/wiki/2017_cyberattacks_on_Ukraine
12. Port of Charleston attacker George Webb claims Mossad ties. Co-host Jason Goodman says "nobody has ever shown evidence I'm paid by Mossad". He was CEO of Aerocine, who flew HD surveillance drone over Chernobyl at time of 2014 #Ukraine Maidan revolution https://burners.me/2018/12/03/insane-in-the-ukraine-j-go-like-youve-never-seen-him-before/
13. Recently CNN featured another George Webb information warfare cyber-attack, using weaponized conspiracy theory. This was seemingly designed to aggravate tensions between the U.S. & China over COVID-19 https://edition.cnn.com/2020/04/27/tech/coronavirus-conspiracy-theory/index.html
14. George Webb's brother "Dave Acton" is an expert in cyber-security. He has written several books since the 2017 attack using it as an example to warn of the vulnerability of our critical infrastructure. Sadly, few seem to have been paying attention. https://www.amazon.com/Avoiding-Digital-Maginot-Line-Modernizing/dp/1701824825
15. Industrial control systems are particularly vulnerable. These were targeted by the "StuxNet worm", a cyber-weapon allegedly jointly developed by 
& 
, with devastating effects on Iran's nuclear program and widespread global collateral damage https://control.com/technical-articles/cyber-resilience-in-control-systems/
& , with devastating effects on Iran's nuclear program and widespread global collateral damage https://control.com/technical-articles/cyber-resilience-in-control-systems/
16. Thanks to ZDNet's @campuscodi for pointing out that similar attacks have been happening in the US, India, Austria & Turkey. There IS a ransomware element "DDoS for BTC
Re-using name FANCY BEAR from Guccifer 2.0 LARP https://twitter.com/campuscodi/status/1303438218361286656?s=20
Re-using name FANCY BEAR from Guccifer 2.0 LARP https://twitter.com/campuscodi/status/1303438218361286656?s=20
17. The attacks have been quite sophisticated, using 200 Gb/s of DDoS power & targeting vulnerable points like APIs & DNS servers. The attackers claim to have capabilities of 2 Tb/s
https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
18. In February this year Amazon Web Services defended against the biggest DDoS attack in history, 2.3 Tb/s
https://www.zdnet.com/article/aws-said-it-mitigated-a-2-3-tbps-ddos-attack-the-largest-ever/
https://www.zdnet.com/article/aws-said-it-mitigated-a-2-3-tbps-ddos-attack-the-largest-ever/
19. In military tactics a feint is creating the impression of an attack in one direction to disguise sneaking in from somewhere unexpected
In 2014 "low tech" attacks exposed major vulnerabilities in electrical infrastructure. AFAIK nothing's changed since https://www.latimes.com/nation/la-na-grid-attack-20140211-story.html
In 2014 "low tech" attacks exposed major vulnerabilities in electrical infrastructure. AFAIK nothing's changed since https://www.latimes.com/nation/la-na-grid-attack-20140211-story.html
20. There are many ways to attack a Stock Exchange electronically. DDoS is a direct attack. The Port of Charleston was an indirect attack: asymmetrical warfare. It showed how weaponized social media influencers can create chaos & panic.A run on banks & stocks could cost trillions
21. NZ's Government Communications Security Bureau has issued a "be prepared" advisory warning to ALL businesses in the country.
Australian Prime Minister Scott Morrison in July dedicated $1.4 billion to put the country on a cyber-security "War Footing" https://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=12360876
Australian Prime Minister Scott Morrison in July dedicated $1.4 billion to put the country on a cyber-security "War Footing" https://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=12360876
