Jump to content

An Entire Country Was Taken Offline Last Month And No One Knows Why


tao

Recommended Posts

For years, countries have worried that a hostile foreign power might cut the undersea cables that supply the world with internet service.

 

Late last month, we got a taste of what that might be like. An entire country, Mauritania, was taken offline for two days because an undersea cable was cut.

 

The 17,000-kilometer African Coast to Europe submarine cable, which connects 22 countries from France to South Africa, was severed on March 30, cutting off web access partially or totally to the residents of Sierra Leone and Mauritania.

 

It also affected service in Ivory Coast, Senegal, Equatorial Guinea, Guinea, Guinea Bissau, Liberia, Gambia, and Benin, according to Dyn, a web-infrastructure company owned by Oracle.

 

ACE cable
(Oracle Dyn)

It is not clear how the cable was cut. But the government of Sierra Leone seems to have imposed an internet blackout on the night of March 31 in an attempt to influence an election there.

 

There had not been a significant outage along the cable in the past five years.

 

Loss of service to Mauritania was particularly severe, as the Dyn chart below shows.

 

"The most significant and longest-lasting disruption was seen in Mauritania, with a complete outage lasting for nearly 48 hours, followed by partial restoration of connectivity," David Belson wrote in a Dyn research blog on Thursday.

 

Ace cable
(Oracle Dyn)

 

The international cable system has several levels of built-in redundancy that allowed providers such as Africell, Orange, Sierra Leone Cable, and Sierratel to restore service.

 

But the break shows just how vulnerable the worldwide web is to the simple act of cutting a cable. About 97 percent of all international data is carried on such cables, according to the Asia-Pacific Economic Cooperation forum.

 

Here's a map from the telecom analytics company TeleGeography of the cables in Europe:

 

Undersea internet service cables map
(TeleGeography)

And those connecting the US:

 

Undersea internet cables map
(TeleGeography)

UK and US military intelligence officials have repeatedly warned that relatively little is done to guard the safety of the cables and that Russia's navy continually conducts activities near them.

 

In 2013, three divers were arrested in Egypt after attempting to cut submarine web cables.

 

"In the most severe scenario of an all-out attack upon undersea cable infrastructure by a hostile actor the impact of connectivity loss is potentially catastrophic, but even relatively limited sabotage has the potential to cause significant economic disruption and damage military communications," James Stavridis, a retired US Navy admiral, said in a 2017 report for the think tank Policy Exchange.

 

"Russian submarine forces have undertaken detailed monitoring and targeting activities in the vicinity of North Atlantic deep-sea cable infrastructure," he added.

 

There is no indication that Russia was involved in the ACE breakage. But military strategists are likely to study the Mauritania break as an example of the effect of knocking a country off the web by cutting its cables.

 

< Here >

Link to comment
Share on other sites

  • Replies 12
  • Views 769
  • Created
  • Last Reply

This is why countries should have their own Internal network infrastructure and relay the Important information (anything that is mission critical and none of the business of other countries) through that network and not be depended on an external server, be it a DNS server, IP etc.

Link to comment
Share on other sites

1 hour ago, knowledge said:

I think the russians did it ?

Russia Has Been Hacking Routers Worldwide; As UK Prepares For Cyber Strike

 

As tensions between the UK and Russia continue to rise, the UK are getting ready for a potential cyber-attack of large scale which may lead to the release of confidential government information. British Officials issued a statement about an attack on British infrastructure by the Russian government.

 

The nations Cyber Intelligence Agency and the Ministry of Defence said a complete retaliation for this attack is going to severely affect the relations between Russia and UK.

 

 

The UK Cyber intelligence agency NCSC, the FBI and the DHS have accused the Russian based attackers saying that the country is trying to sabotage the routers, switches and firewalls to hijack the internet infrastructure of the country.

 

In this effort, millions of the machines connected to the internet have been targeted to spy on organizations and government agencies. The main strategy of the attack is peer data passing through compromised computers on the network furthermore this these kinds of attacks also cripple the firewalls of the internal networks of the organizations.

 

The main target is ISP firms running critical infrastructure, government departments and big financial companies. The alert outlined that an erratic behaviour from the device should indicate that device on the network may have been compromised.

 

In a detailed technical alert published after the call, the joint warning said that Russian hackers took advantage of outdated devices, as well as routers with weak defences. That combined routers with default passwords, as well as devices no longer carried by security patches.

“The purpose of these attacks could be espionage, it could be theft of intellectual property, it could be prepositioning for use in times of tension,” NCSC Director Ciaran Martin said.

 

“The attribution of this malicious activity sends a clear message to Russia — we know what you are doing and you will not succeed,” said a spokesperson for the UK government.

< Here >

Link to comment
Share on other sites

7 hours ago, knowledge said:

I think the russians did it ?

What a good confession :)

Link to comment
Share on other sites

12 minutes ago, mclaren85 said:

What a good confession :)

Is joke as it said

Russian submarine forces have undertaken detailed monitoring and targeting activities in the vicinity of North Atlantic deep-sea cable infrastructure," he added.

 

There is no indication that Russia was involved in the ACE breakage. But military strategists are likely to study the Mauritania break as an example of the effect of knocking a country off the web by cutting its cables.

Link to comment
Share on other sites

Russian Hackers Warning: Here’s How To Stay Protected

 

We recently talked about how Russian hackers are trying to hack routers to own the internet. This is a major concern not just for the US, but for users around the globe as hackers seem to be attacking people everywhere.

 

The DHS, the FBI and the NCSC issued a joint warning on this which has left many users scrambling as they worry for the safety of their data. While there is no concrete information on the motive behind these attacks, it is believed that the aim of the attacks is to gain access to personal data and steal information.

 

 

While it is a serious concern, there is no need to worry because the solution is here. According to the warning, all devices that use the Simple Network Management Protocol, Generic Routing Encapsulation system or the Cisco Smart Install platform are vulnerable. Sadly, such devices are very common and are used all around the world.

 

The manufacturers have released manuals on how to protect devices against such attacks. Check out here to know more about protecting TFTP, SMI, SNMP and Telnet. Cisco has also released a blog talking about the same.

 

According to Cisco, users should disable the feature using the no vstack command, however if this feature is of importance to you, then you can block incoming traffic by access control lists. Cisco may also release some additional patches for better security.

 

A lack of proper security is one of the main reasons why it is so easy to hack such devices. Make sure to update yours today and stay abreast with the latest news in the hacking world.

 

< Here >

Link to comment
Share on other sites

On 4/17/2018 at 10:34 AM, knowledge said:

I think the russians did it ?

Russia raises questions on Skripal poisoning

Moscow says it has proof that the agent used in the UK attack is a chemical weapon patented in the US

 

The sensational case of the poisoning of the ex-MI6 agent and former Russian military intelligence colonel, Sergei Skripal on March 4 in Salisbury, UK, is becoming curiouser and curiouser. Moscow is strongly refuting British allegations of Russian involvement in the poisoning of Skripal. An engrossing plot in big-power politics is also unfolding. There is stuff here for a Le Carre novel.

 

Are we witnessing a replay of the false flag Gulf of Tonkin attack of August 1964, the imaginary “incident” concocted by the US military to provide legal and political justification for deploying American forces in South Vietnam and for commencing open warfare against North Vietnam?

 

To recap, Britain alleged a military grade nerve agent of a type known as Novichok was used in Salisbury. It was originally developed in the former Soviet Union, and, therefore, Moscow’s hand – possibly, even President Vladimir Putin’s hand – was “highly likely”.

 

Moscow has maintained, on the other hand, that it had destroyed all its chemical weapons and said the Organization for the Prohibition of Chemical Weapons (OPCW) investigation verified this.

 

The British allegation quickly morphed into a large-scale expulsion of Russian diplomats (over 100 of them) by western capitals, under heavy pressure from Washington and London. The US alone expelled 60 Russian diplomats, while Britain expelled 23.

 

Britain is studiously ignoring the Russian requests for samples of the chemical agent used in the Salisbury attack and for giving consular access to the ex-spy’s daughter Yulia. Meanwhile, Britain instead approached the OPCW to investigate.

 

The OPCW has refused to confirm or deny the country of origin of the chemical agent used in the Salisbury attack.

 

There is egg on PM Theresa May’s face.

 

On April 18, Moscow disclosed that it has handed over to the OPCW alleged proof that the Novichok agent purportedly used in the Salisbury attack actually happens to be patented as a chemical weapon in 2015 in the US and produced in that country. (By the way, unlike Russia, the US is yet to destroy its chemical weapon stockpiles, as required under the Chemical Weapons Convention of 1997.)

 

Now, not only the British government but Washington too has some explaining to do. Participating in the BBC’s Hard Talk program this week with Stephen Sacker, Russian Foreign Minister Sergey Lavrov punched hard, saying “‘highly likely’ is a new invention of British diplomacy to describe why they punish people – because these people are ‘highly likely’ guilty. Like in ‘Alice in Wonderland’ by Lewis Carroll when he described a trial… and the King said: ‘Let’s ask the jury’ and the Queen shouted: ‘No jury! Sentence first! Verdict afterwards!’ That’s the logic of ‘highly likely.’”

 

Britain is steadily edging away from the Skripal case, hoping, perhaps, that the matter will die down. But will Moscow let Britain off the hook? The Russians also seem to be holding back on some explosive information pointing toward alleged complicity by the US in this affair.

 

Simply put, could the Salisbury attack have been an Anglo-American joint covert operation undertaken with the ulterior motive to ratchet up tensions between the West and Russia? Indeed, it meshed well with the Russia-collusion campaign against Trump.

 

The Washington Post reported on Monday that the former National Security Advisor HR McMaster might have hoodwinked President Donald Trump into approving the expulsion under the wrong notion that similar numbers of expulsions by European allies was in the pipeline. In the event though, the Europeans made only token expulsions.

 

Earlier, McMaster tried to stop Trump from congratulating Putin on his big victory in the Russian election on March 18 in a phone conversation (where they discussed a possible summit meeting in a near future).

 

If the Skripal incident was McMaster’s swan song, the indefatigable Russophobe probably hoped to kill two birds with one stone – push Russia’s relations with the West to a crisis point and second, scotch the prospects of an early US-Russia presidential summit.

 

How far all this is linked to Trump’s decision on March 22, finally, to sack McMaster as National Security Advisor is a moot question. By the standards of military people, McMaster has the reputation of being an “intellectual” but the man proved to be a Cold Warrior fit for a museum. The one-star general who was overlooked for promotion by the Pentagon was Trump’s default choice following the abrupt departure of Michael Flynn as National Security Advisor.

 

Michael Wolff narrates a hilarious episode in his book Fire and Fury that during the job interview for National Security Advisor, McMaster tried to impress Trump when he showed up wearing a uniform with his silver star and launched into a wide-ranging lecture on global strategy. Afterward, Trump reportedly remarked, “That guy bores the shit out of me.”

 

< Here >

Link to comment
Share on other sites

proof who need proof as the people did not die is proof russia did not do it  uk and more lied if russia did them people will have died by now

Plus it was not Novichok but something like it its y noone died

Link to comment
Share on other sites

https://www.rt.com/news/422030-pentagon-cyberespionage-burned-kaspersky/

 Pentagon cyber-espionage op’: US reportedly behind Slingshot malware targeting Mid East & Africa

 

Cybersecurity firm Kaspersky Lab reportedly busted a major US military asset when it exposed a sophisticated cyber-espionage operation that targeted computer networks in the Middle East.

On March 9, the leading Russia-based cybersecurity company reported their research on a program it called Slingshot, which used a highly sophisticated approach to infect computers with malware through infected routers. The operation had targeted computers throughout the Middle East and some parts of Africa since at least 2012, and required a lot of money and expertise from its creators. A report by an industry news publication, CyberScoop, claims Slingshot was run by the Special Operations Command (SOCOM).

The report about the program was the biggest part of the Kaspersky Security Analyst Summit (SAS) this month. The firm’s researchers identified an advanced persistent threat (APT) – a term that usually describes a well-organized and trained group of hackers operating on a regular basis and possibly on behalf of a state government – that found a way to compromise various devises through routers. The attack was described as “remarkable and, to the best of our knowledge, unique” by Kaspersky researchers.

The company failed to identify how the routers themselves were infected. But they were used to inject malware into computers. The attack replaced one of the Windows libraries with a malicious one, and then used it to download and install two distinct pieces of malware called Cahnadr and GollumApp, which Kaspersky described as “masterpieces of cyberespionage art.” Combined, the two gave virtually unrestricted access to an attacked computer, harvesting screenshots, key strokes, network traffic, USB connections, clipboard content, and many other things.

The people behind Slingshot also took serious measures to protect their malware from being detected. For example, it can shut down its own components before being exposed by anti-viral software. It also runs its own file system to remain hidden from the computer-operating system, and blocks disc defragmentation to avoid being damaged by the process.

Kaspersky Lab said it has found around 100 victims of Slingshot and its related modules in Kenya, Yemen, Afghanistan, Libya, Congo, Jordan, Turkey, Iraq, Sudan, Somalia and Tanzania. Kenya and Yemen accounted for the majority of the cases. Most of the victims were individuals rather than organizations.

The company said they could not attribute the threat to a particular actor, but believed the people behind it to be “highly organized and professional and probably state-sponsored.” Text clues in the code suggested they were “English-speaking”.

The news report quotes unnamed former and current US intelligence officials, who said that Slingshot was an operation of the Joint Special Operations Command (JSOC), a component of SOCOM. Kaspersky Lab “burned” the program, which is believed to have been an anti-terrorist operation, leaving the American military without a valuable tool and potentially putting American lives at risk, the officials claimed.

SOP [standard operating procedure] is to kill it all with fire once you get caught,” CyberScoop quoted a former intelligence official as saying. “It happens sometimes and we’re accustomed to dealing with it. But it still sucks… I can tell you this didn’t help anyone.”

CyberScoop says that Cahnadr and GollumApp are associated with hacker groups widely believed to be the NSA and the CIA respectively in the cybersecurity community. The report implies that Kaspersky Lab should have expected Slingshot to be a US operation.

“It’s clear by the way they wrote about this that they knew what it was being used for,” a senior official told the news service. “GReAT [Kaspersky’s Global Research & Analysis Team] is extremely adept at understanding the information needs of different actors out there on the internet. They take into considering the geopolitical circumstances, they’ve shown that time and time again. It would be a stretch for me to believe they didn’t know what they’re dealing with here.”

When asked about the claim that it damaged a US military operation, Kaspersky Lab denied knowing who the Slingshot APT was.

“As a result of anonymized data, it's impossible for us to tell who the specific targets are. All the company can state is that our users are protected against malicious software that can spy, steal or sabotage data from their computers,” they told RT in a statement.

Kaspersky Lab added that their software does not differentiate between malware based on who created it and for what purpose, as any malware is potentially dangerous, even if created by state actors, because it can always fall into the wrong hands.

Kaspersky Lab is currently in the middle of court battle with the US government over the company’s expulsion from part of the American market. US government entities were banned from purchasing services from Kaspersky after the US intelligence accused the company of providing a backdoor for their Russian counterparts through its anti-virus software. Kaspersky denies the allegations and claimed in its lawsuit that the government’s decision was based largely on uncorroborated news media reports as evidence.

Link to comment
Share on other sites

Quote

This forum revolves around topics of a technical nature, which happen to be discussed by people from many nationalities, etnicities and political backgrounds. In order to focus on what unities us all, rather than what divides us, cultural, national and/or political issues are not to be discussed. Members engaging in such discussions will receive a warning.

 

Thread closed...

Link to comment
Share on other sites

  • Reefa locked this topic

Archived

This topic is now archived and is closed to further replies.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...