The Robin Hood Virus

Home > Other > The Robin Hood Virus > Page 8
The Robin Hood Virus Page 8

by robert nerbovig


  PRIVATE SECTOR

  Computer hacking represents a modern

  threat in ongoing industrial espionage and as such is presumed to widely occur. It is typical that this type of crime is underreported.

  CYBERWARFARE IN CHINA

  We have Identified China sites suspected of hacking as four large networks in Shanghai, two of which are allocated directly to the Pudong New Area. We uncovered the hackers attack infrastructure, command and control, and the tools, tactics, and procedures they use. We identified three key hactivists behind the hacking. These hackers are following orders given to them by others.

  We entered the four networks in China that we suspected of hacking U.S. Companies and the U.S. Government. We have installed various software programs to monitor the data they are stealing, what the data is

  and where they are sending it. We are also modifying the stolen data to set up bogus scenarios to confuse possible action against the U.S. Companies and the U.S. Government.

  "Police in central China have shut down a hacker training operation (Black Hawk Safety Net) that openly recruited thousands of members online and provided them with cyber attack lessons and malicious software..." "The crackdown comes amid growing concern that China is a center for Internet crime and industrial espionage."

  It is hard to know what proportion of hacking from China is the work of individuals and whether the government is involved. But some say the high skill level of some attacks suggests China's military or other agencies might have trained or directed the hackers."

  Diplomatic cables highlight US concerns that China is using access to Microsoft source code and 'harvesting the talents of its private sector' to boost its offensive and defensive capabilities. While China continues to be held responsible for a string of cyber-attacks on a number of public and private institutions in the United States, India, Russia, Canada, and France, the Chinese government denies any involvement in cyber-spying campaigns. The administration maintains the position that China is not the threat but rather the victim of an increasing number of cyber-attacks. We have entered the extensive network of APT1 who is likely government-sponsored and one of the most persistent of China's cyber threat hackers. We have discovered APT’s intrusions against nearly 150 victims over seven years. We tracked APT1 back to four

  large networks in Shanghai, two of which are allocated directly to the Pudong New Area. We uncovered APT1’s attack infrastructure, command and control, and modus operandi (tools, tactics, and procedures). We continue to occupy and monitor APT1's networks and activities and we have modified several of their communications to severely cripple their efforts.

  CYBERWARFARE IN GERMANY

  In 2013, Germany revealed the existence of their 60-person Computer Network Operation unit. The German intelligence agency, BND, announced it was seeking to hire 130 "hackers" for a new "cyber defense station" unit. In March 2013, the BND had observed up to five attacks a day on government authorities, thought mainly to originate in China.

  CYBERWARFARE IN INDIA

  The Department of Information Technology created the Indian Computer Emergency Response Team (CERT-In) in 2004 to thwart cyber attacks in India. That year, there were 23 reported cyber security breaches. In 2011, there were 13,301. That year, the government created a new subdivision, the National Critical

  Information Infrastructure Protection Center (NCIIPC) to thwart attacks against energy, transport, banking, telecom, defense, space and other sensitive areas.

  CYBERWARFARE IN IRAN

  In June 2010, Iran was the victim of a cyber attack when its nuclear facility in Natanz was infiltrated by the cyber-worm ‘Stuxnet’. Reportedly a combined effort by the United States and Israel Stuxnet destroyed perhaps over 1000 nuclear

  centrifuges and set Tehran's atomic program back by at least two years. The worm spread beyond the plant to allegedly infect over 60,000 computers, but the government of Iran indicates it caused no significant damage. Iran implemented solutions to the worm and is purportedly now better positioned in terms of cyber warfare technology. The Iranian government has been accused by western analysts of its own cyber-attacks against the United States, Israel and Gulf Arabs, but deny this, including specific allegations of 2012 involvement in hacking into American banks.

  CYBERWARFARE IN SOUTH KOREA

  With ongoing tensions on the Korean Peninsula, South Korea's defense ministry stated that South Korea was going to improve cyber-defense strategies in hopes

  of preparing itself from possible cyber

  attacks. In March 2013, South Korea's major banks – Shinhan Bank, Woori Bank and NongHyup Bank – as well as many

  broadcasting stations – KBS, YTN and MBC – were hacked and more than 30,000 computers were affected; it is one of the biggest attacks South Korea has faced in years. Although it remains uncertain as to who was involved in this incident, there has been immediate assertions that North Korea is connected, as it threatened to attack South Korea's government institutions, major national banks and traditional newspapers. North Korea's cyber warfare capabilities raise the alarm for South Korea, as North Korea is increasing its manpower through military academies specializing in hacking. Current figures state that South Korea only has 400 units of specialized personnel, while North Korea has more than 3,000

  highly trained hackers; this portrays a

  huge gap in cyber warfare capabilities and sends a message to South Korea that it has to step up and strengthen its Cyber

  Warfare Command forces. Therefore, in order to be prepared from future attacks, South Korea and the United States will discuss further about deterrence plans at the Security Consultative Meeting (SCM). At SCM they plan on developing strategies that focuses on accelerating the deployment of ballistic missiles as well as fostering its defense shield program, known as the Korean Air and Missile Defense.

  CYBERWARFARE IN THE UK

  MI6 reportedly infiltrated an Al Qaeda web site and replaced the recipe for a pipe bomb with the recipe for making cupcakes. On 12 November 2013, financial organizations in London conducted cyber war games dubbed 'Walking Shark 2' to simulate

  massive internet-based attacks against bank and other financial organizations.

  CYBERWARFARE IN THE UNITED STATES

  Cyber warfare in the United States is a part of the American military strategy of Proactive Cyber Defense and the use of cyber warfare as a platform for attack. The new United States military strategy makes explicit that a cyber attack is an act of war. In 2013 Cyber warfare was, for the first time, considered a larger threat than Al Qaeda or terrorism, by many U.S. intelligence officials. China has plans of "winning informationised wars by the mid-21st century". They note that other countries are likewise organizing for cyber war, among them Russia, Israel and North Korea. Iran boasts of having the world's second-largest cyber-army.

  The United States Department of

  Defense sees the use of computers and the Internet to conduct warfare in cyberspace as a threat to national security. The United States Joint Forces Command describes some of its attributes:

  Cyberspace technology is emerging as an "instrument of power" in societies, and is becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. With low barriers to entry, coupled with the anonymous nature of activities in cyberspace, the list of potential adversaries is broad. The United States has used cyber attacks for tactical advantage in Afghanistan.

  CYBER COUNTERINTELLIGENCE

  Cyber counter-intelligence are measures to identify, penetrate, or neutralize foreign operations that use

  cyber means as the primary trade craft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions. The NSA knew about a flaw in the way that many web sites send sensitive information and regularly used it to gather critical intelligence. This flaw appears to be one of the biggest in Internet history, affecting t
he basic security of as many as two-thirds of the worlds web sites. Its discovery and the creation of a fix by researchers prompted consumers to change their passwords, and very large computer companies to provide patches for their systems. With this flaw the NSA was able to obtain passwords and other basic data that are the building blocks of the sophisticated hacking operations at the core of its mission, but

  at a cost. Millions of ordinary users were

  left vulnerable to attack from other nations’ intelligence arms and criminal hackers.

  Hunting Flaws

  The NSA and other elite intelligence agencies devote millions of dollars to hunt for common software flaws that are critical to stealing data from secure computers. Open-source protocols like Open SSL, where the flaw was found, are primary targets.

  NSA Spying

  The revelations have created a clearer picture of the two roles, sometimes contradictory, played by the U.S.’s largest spy agency. The NSA protects the computers of the government and critical industry from cyber-attacks, while gathering troves of intelligence attacking the computers of others, including terrorist organizations,

  nuclear smugglers and other governments. The potential stems from a flawed implementation of protocol used to encrypt communications between users and websites protected by Open SSL, making those supposedly secure sites an open book. The damage could be done with relatively simple scans, so that millions of machines could be hit by a single attacker.

  Exploiting Flaw

  Questions remain about whether anyone other than the U.S. government might have exploited the flaw before the public disclosure. Sophisticated intelligence agencies in other countries are one possibility. Our team discovered the flaw in Open SSL over 2 years go and instituted a patch preventing cyber attacks by those who would take advantage of the flaw. If

  criminals found the flaw before our patch

  they could have scooped up troves of passwords for bank accounts, e-commerce sites and email accounts worldwide.

  Diversion total to date $1,100,000,000

  Donation total to date $995,000,000

  Major Oil Cartel Price-Fixing

  Oil giants are suspected of “fixing prices” in the crude oil market, which may have resulted in retail prices for gasoline being artificially increased around the world.

  Price-fixing behavior refers to a group of dominant firms agreeing to the prices they will charge customers in a certain country. The recent alleged cartel between oil firms has made the headlines due to the high cost of fuel in the UK, and worries over fuel poverty. But such behavior by major corporations is by no means a new phenomenon in the UK or the EU.

  It is estimated that cartels of this type have affected in excess of $400 billion of trade in countries in North America and the EU since the 1990s, distorting and harming free-market competition. In some markets, the

  economic impact of cartels has resulted in artificial price increases of up to 25% on what customers would normally expect to pay for some products.

  Three of the world’s largest oil companies conspired with a very large wall street trading firm to manipulate the closely watched spot prices for Brent crude oil. We entered the cell-phones and computer networks of Offshore Oil, Livetel Group, District Oil Corporation, and Tower Trading to determine the methods they used to fix oil prices.

  It is unclear, however, who exactly in Offshore Oil may have been involved with any price-fixing, and party to any agreements.

  Marketing and sales managers possess certain skills that allow them to act as potential cartel “brokers”. Most notably,

  they know about prices and costs across

  markets, and they are experts in the assembly and use of market and competitor intelligence.

  Major investigations into alleged cartels can take 12 to 18 months until a decision is reached.

  If found guilty of artificially raising prices, the EU could impose a fine of up to 10% of a company’s annual global turnover – huge sums in the oil industry.

  We installed our monitoring software to determine if price-fixing is occurring. We will determine purchase and sales prices and compare them with other UK and EU Oil companies we are occupying. If price-fixing is occurring we will be able to determine it. We have also entered the personal computers of all of the officers and marketers of those oil companies to read all emails. We have found a conspiracy between Offshore Oil and 4 of

  the other oil companies in the cartel to artificially keep the price of oil high. We have instituted a $20,000,000 wire transfer to our off-shore accounts. We have notified them that we have proof they are price-fixing and warned them to stop the illegal practice. If they do not, the assessment will be repeated. We will continue to monitor all of their activities.

  We have also entered the member networks of the largest oil cartel in the world, OOPE. The Organization of Oil Producing Entities (OOPE) consists of the largest oil exporters in the world. We have also entered all personal computers of their marketers and have determined that they have a schedule for coordinated prices to increase profits dramatically. The prices increase modestly and after a few weeks they come down slowly so a not to

  alarm the world and invite an investigation. We also discovered a group of marketers who have banded together to funnel money from the oil cartel. They have created an independent consulting company to advise the cartel on price-fixing issues.

  We have instituted a $20,000,000 wire transfer to our off-shore accounts from 8 of these offending oil companies and issued a warning that unless they cease the inappropriate price fixing this penalty

  will re-occur. We understand by reading their communications that they are very upset. They have not realized that there is nothing they can do about our network occupation or the transfer of money.

  We have suspected large U.S. oil companies of manipulating gasoline prices by raising the price of crude oil without reason other than profit.

  We entered the cell phones and computer networks of 4 of the largest oil companies in the United States. We discovered conversations between 2 of these companies that centered on the price of crude oil. They were discussing the price of crude and they were exchanging ideas on why the price was so low and why it should be higher. They discussed their marketers and how they influenced the price of

  crude. We discovered, in their computer networks, their current crude prices for both of these companies and set flags to notify us when their price changed. It only took 2 days for the price of crude to rise in both companies. The price rose 7% in both companies and we believe this was a organized effort by these 2 companies to raise prices. The other oil companies raised their price of crude accordingly. This is illegal and these companies are too

  large to fight. We extracted 25 million dollars each from these 4 oil companies sent it to our off-shore accounts. We also issued them a warning. If they continue to raise crude prices beyond a cost + 15% price, we will continue to extract large amounts of money as a retaliation. We also placed our logo:

  on all of their written communications including email.

  We also entered the cell phones and

  computer networks of the marketers of the 4 largest oil companies in America. We uncovered a very large oil cartel. The marketers were setting selling prices, purchase prices, reducing production, and establishing common sales agencies. All of

  these actions were to increase profit for the oil companies. We examined their financial statements and their personal bank records and assessed a penalty of 5 million each. We also issued them a warning to stop this practice immediately or we will assess a greater penalty. We also placed our logo:

  on all of their written communications including email. We expect that they will contact their respective oil companies to

  report our intrusion and try to discover who we are and how we discovered their illegal activities. The oil companies have put together a team of cyber sleuths to try and find us. They never will. They will attempt to find out what our I.P.
Addresses

  are, our location, etc. The way we operate is not in their playbook. They will waste a great amount of time and money to no avail. We will continue to search for illegal and anti-business practices and severely penalize the offenders. They have no idea that we are watching them. We will invade their cell phones and their computer systems. We are looking for price-fixing, coordinating the reduction of oil output, illegal methods to co-market their oil products, and embezzlement by trusted members of the oil corporations.

  We have discovered thru cell phone and computer network monitoring that money was being embezzled from one of the major American oil companies. Money was being diverted to a dummy corporation that was set-up by the Chief Financial Officer. She would authorize large payments to this corporation for drilling activities. She

  would also submit false drilling records showing bogus production statistics. We have determined that she has stolen approximately 3.4 million dollars with this scheme. We have created an off-shore transfer of 2 million dollars from her dummy corporation in her name. We also sent an email to the president of the oil company divulging her illegal practices and her dummy company. We expect the corporation to investigate these charges and take appropriate action. If they

  sweep it under the carpet we will re-visit the corporation and take appropriate action.

  Another cell phone conversation surrounding one of the large oil companies involved the term “coerce” and the term “low-prices”. These terms caused us to enter the oil company’s computer network to see what we could find. Sure enough we

 

‹ Prev