A sophisticated attack on Microsoft’s ubiquitous email software is being laid at the Chinese’s feet. Many people ask whether the attack was a Chinese hack, a false flag, or something else. However, whatever it was, it is clear that the attack is now verging on the edge of a global crisis.
If you think a cyberattack is minor and wouldn’t affect you, check out this article on the Petya ransomware attack or this one on a Florida water supply. It’s actually shocking just how easily a massive cyberattack could happen to us, so you may want take some steps to be prepared for the possibility of a cyberattack.
Now let’s talk about how bad this Solar Winds attack almost was. It may make you wonder whether cyber warfare is the battleground of the future.
Microsoft says the attack has claimed at least 60,000 victims-many of them small businesses
This attack, which focused on email software, has become a global cybersecurity emergency, as hackers are racing to infect as many people as possible before companies can secure their computer systems.
Microsoft claims the attack started with a Chinese government-backed hacking group. The European Banking Authority was also attacked. The bank announced Sunday that access to personal data through emails held on the Microsoft server might well have been compromised. Other victims include banks, electricity providers, senior citizen homes, and the businesses mentioned above. Others report that hospitals have also been experiencing attacks.
So it’s important to note that a cyberattack doesn’t just mess up a few computers – it can throw our entire modern way of life into utter chaos.
What is not being made clear is just what information the hackers have taken
These attacks come after the SolarWinds Corp. breaches that were blamed on Russian hackers. In the final days of the SolarWinds attack, it appears that whoever was behind the hack was able to automate the process and thus pick up tens of thousands of new victims around the world in just a matter of days.
Washington is claiming to be preparing its retaliation. According to MSM “sources,” the US government is planning a series of covert actions against Russian networks as well as more economic sanctions against Russia, which is precisely what has so many people wondering if the attacks were actually false flag operations.
Microsoft claims that it knows the identity of the Chinese hacking group: Hafnium
March 2, Microsoft put out a statement on its website. In the statement Microsoft claims that Hafnium appears to have been breaking into private and government networks through the Exchange software and has been doing so for several months.
Thus, after the first allegedly Russian hacking, there is now a second cybersecurity crisis that breached nine federal agencies and at least 100 companies through “tampered updates” from SolarWinds LLC, an IT management software maker.
Today, we’re sharing information about a state-sponsored threat actor identified by the Microsoft Threat Intelligence Center (MSTIC) that we are calling Hafnium. Hafnium operates from China, and this is the first time we’re discussing its activity. It is a highly skilled and sophisticated actor.
Historically, Hafnium primarily targets entities in the United States for the purpose of exfiltrating information from a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs. While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (VPS) in the United States.
Recently, Hafnium has engaged in a number of attacks using previously unknown exploits targeting on-premises Exchange Server software. To date, Hafnium is the primary actor we’ve seen use these exploits, which are discussed in detail by MSTIC here. The attacks included three steps. First, it would gain access to an Exchange Server either with stolen passwords or by using the previously undiscovered vulnerabilities to disguise itself as someone who should have access. Second, it would create what’s called a web shell to control the compromised server remotely. Third, it would use that remote access – run from the U.S.-based private servers – to steal data from an organization’s network.
Cybersecurity experts are now expressing a growing sense of exhaustion and frustration
China has denied having anything to do with the attack. Chinese foreign ministry spokesman says the country “firmly opposes and combats cyber attacks and cyber theft in all forms” and pointed out that blaming a specific nation was a “highly sensitive political issue.”
Both of these incidents show just how fragile modern networks are. It also shows how sophisticated state-sponsored hackers are whenever they attempt to identify “hard-to-find vulnerabilities” or even create them themselves to conduct espionage operations. They both involve complex cyberattacks with an initial attack on many computers, which then narrowed as the attack was able to be more focused. Both took the organizations attacked weeks or months to resolve.
Applying the updates provided by Microsoft will not remove the attackers from the network
A review of affected systems is required, Carmakal said. And the White House emphasized the same thing, including tweets from the National Security Council urging the growing list of victims to carefully comb through their computers for signs of the attackers. Initially, the Chinese hackers appeared to be targeting high value intelligence targets in the U.S., Adair said. About a week ago, everything changed. Other unidentified hacking groups began hitting thousands of victims over a short period, inserting hidden software that could give them access later, he said.
“They went to town and started doing mass exploitation — indiscriminate attacks compromising exchange servers, literally around the world, with no regard to purpose or size or industry,” Adair said. “They were hitting any and every server that they could.”
Adair said that other hacking groups may have found the same flaws and began their own attacks — or that China may have wanted to capture as many victims as possible, then sort out which had intelligence value.
Either way, the attacks were so successful — and so rapid — that the hackers appear to have found a way to automate the process. “If you are running an Exchange server, you most likely are a victim,” he said.
Is the future of warfare cyber warfare?
The United States government has every reason to stage a false flag cyberattack to justify more sanctions against Russia and future action against China. But we also have to be realistic. Both Russia and China have every reason to gather as much information on American governmental and economic assets as possible.
So we stand between two possibilities knowing that both can and will be exploited by world powers for their own agendas.
Are you concerned about the possibility of a cyberattack?
Are you doing anything to prepare for a possible cyberattack? What are some considerations you’ve thought of besides just your personal or business systems? Let’s talk about it in the comments.
Robert Wheeler has been quietly researching world events for two decades. After witnessing the global network of NGOs and several ‘Revolutions’ they engineered in a number of different countries, Wheeler began analyzing current events through these lenses.
Absolutely. It will be used for terrorism, individual attacks, crime, and also transnational warfare. It will be used everywhere.
If it’s impossible to live totally outside The Grid (that’s for a few only and requires skills, dedication, abdication, etc.), I guess the most practical solution is to have some reserves outside of it. Something that’s not dependent on the system, on counterparties.
That works both for finances, information, personal data and perhaps other things too. Like unregistered (ghost) guns, stockpiles, some gold/silver/cash and other ghost tools too. Have all important stuff indelibly registered on ledgers, books, and certificated papers, safely stored.
I was going to say something similar about backups, cash, etc. but you covered it nicely, Ommar! (thumbs up)
Ted Koppel wrote an excellent book called Lights Out about possible cyber-attacks against the grid. An attack like that could be from overseas by a rival nation, or some yahoo on a lap top in a coffee shop down the street.
He also questioned what would the appropriate response to such an attack. At the time, there was no clear cut policy. A cyber-attack response? Kinetic?
Also how to prove or disprove who did the attacking?
Dont run Microsquish, run a *nix box, encrypt the HD, keep it updated with any and all security, use complex passwords.
“run a *nix box, encrypt the HD, keep it updated with any and all security, use complex passwords.”
the chips and hardware are all made in china. it’s all pre-hacked.
Ant7, gman, whatever you are, try a bit of research. https://csrc.nist.gov/Projects/cyber-supply-chain-risk-management
Also, for phones: https://www.cnbc.com/2018/12/13/inside-apple-iphone-where-parts-and-materials-come-from.html
The point is, indigenous production of ANYTHING is rare. Where we find your pre-hacks are in Lenovo-what box do you have?
Gman, you make a lot of blanket comments with absolutely nothing to back up your claims other than what you saw on TV.
“absolutely nothing to back up your claims other than what you saw on TV”
then you have nothing to worry about.
Yes, all China-made = pre-hacked. There are at least two partial defenses.
1. Older used equipment. You want stuff that was originally high-end. Even in peacetime, I have had better luck with quality used electronics than with cheaper new. Today’s hacks were not there in 2017, for example
2. Store computers, etc. in faraday cages so that you have a backup in case of grid down, major hack or anything else. Have offline data backups.
It is one front of battle but the ground must always be held by power.
It certainly is crippling to us when you don’t have fighters who can pass PT test, can’t operate without daily drugs and aren’t mentally tough and cry constantly.
Right about boots on the ground, controlling territory.
But as we saw with the Arctic blast into the deep south, prolonged power outage could create a humanitarian crisis, economic crisis and even political one.
May also require military assistance, diverting those personnel and supply/materials, allowing for a physical attack elsewhere.
Yeah, the PT issues (fat bodies) have been a issue for at least a decade now. Add in the drug (ADD) waivers, and this new woke military . . .
“fighters who can pass PT test, can’t operate without daily drugs and aren’t mentally tough and cry constantly”
and that was before the trannies were enlisted ….
of the present. the future has arrived
4th GEN warfare. Cyber is now just another front to exploit against your adversary. Red China years ago generated Trillions in fiat digital money and bought American stocks and bonds. All they have to do is hit the sell button and our economy crashes. Defeating your enemy can now be done electronically. All of our military bases run on public electric grids. Kill the grid and there goes our military capability. They don’t even need to use an EMP.
“All they have to do is hit the sell button and our economy crashes”
well theirs would crash too.
I’m changing all my passwords to 14 letters, numbers and symbols.
Check this out.
Pretty neat, Morris!
“changing all my passwords”
doesn’t matter, all the chips and hardware are made in china and are all hard-wired pre-hacked. if it’s on the net then it’s all databased for use against you later.
I see the concept of a cyber attack as one part of a larger range of bad-guy threats. A cyber attack like the Stuxnet malware that messed over Iran’s nuclear capabilities didn’t shut down any local or nationwide power grids. But such an attack designed to shut down local, regional, or national power grids could have far more reaching and long lasting effects. There is some overlapping of of threats to the power grids. (In the US there are three: The western, the eastern and the Texas grid.) Bad guy attacks could come from 1) terrorist use of weapons or explosives, 2) malware use from possibly unidentifiable sources, or 3) bad guy caused EMP attacks, some of which might be difficult to ID the source. The worst case might be repetitive EMPs — after the first one, everyone breathes a sign of relief and brings out their non-hardened gadgetry from Faraday-style protection to try to live as normal as possible. That would be the perfect opportunity for bad guys to follow with additional EMP strikes to really shut down the economy.
As a relevant observation, the Sol-Ark solar generator is the only one I know of that has an EMP-hardened option (at extra cost). Think through the implications of that.
There are some nature-origin EMP threats such as the 1859 Carrington event (a solar electronic vomit event that shut down even telegraph communications before our unCivil War). Today such events are acronym described as CME (Coronal Mass Ejection) as this wiki article addresses:
In assigning priorities to defending against such threats, there are likely lots more immediate bad-guy threats to worry about than CME events.
Even if the power grid you depend on either remains intact (or can be restored quickly enough), there’s still the cyber threats to your use of the centrally controlled internet. It was never designed for security of your data … or to prevent the present day bullying by Big Tech (or government) to monopolize as much business and communication as possible while squashing anyone they view as either competitive threats or political opponents. In response there are efforts underway to build a thoroughly decentralized internet that governments or big money bullies can’t spy on or shut down. To watch the progress of such efforts, run this search phrase regularly on some non-Google search engine (like DuckDuckGo.com, eg):
decentralized internet news
I’ve read that emp builds up damaging voltages only in very large inductor systems such as long-distance power lines. this sounds reasonable to me, but I read doom porn about emp destroying batteries and personal radios and watches. is there some reason to take the doom porn seriously?
Do a little research. Look in several places. Taking info from any A: doomsday or B: im such a badass site is , at face value, ill advised. A Faraday cage can protect your stuff somewhat. Batteries, mainly the lithium ones have BMS, battery management systems built into them, ie electronics that may get fried in an EMP and trip out the battery. EMP can wipe out many sensitive electronics, not just the grid and transformer / distribution items. Not to mention, your stuff is plugged into that system, so don’t you think if it hits the transformer, you being connected to it, it’d get you too? Don’t worry though, with the internet gone (thank god) you won’t have much need for all that fancy electronic crap anyways. Oh an BTW your car is toast too unless you have an old fashioned one that is carburated with a coil and condenser, tho those might take a hit too, but can be easily fixed.
Wow, people actually having to talk face to face again, and work together .. OMG the Humanities !!!
“Do a little research. Look in several places.”
I have. all I’ve seen so far is “it’s an issue for large systems” backed by technical explanations – convincing- and assertions that “emp will destroy anything that carries a current!” with no technical explanations – not convincing. just looking for some reference to an actual explanation for thinking emp will destroy every circuit throughout an entire region, that’s all.
Cyber hacking is one thing. How about brainwave hacking (think Inception) and DNA hacking (think CRISPR).
already implemented in the public schools.
nah. be easier just to kill all the free cattle and start over with ones bred to be slaves from the very beginning.
Ted Koppel has a book called “Light’s Out” that addresses a cyber attack that takes down the power grid.
It is only a matter of a short time that our internet will crash as well as the grid from foreign attack.
Eugenics already is as well, through tech like CRISPR and everything it spawns. All the governments are doing human experiments, none nearly to the scale of the CCP in Xinjaing province with the Uighars in the camp system.
Didn’t the original StarTrek have an episode about something like this? Two warring factions, the computers run simulations and the sheeple just blindly step into death chambers because the govt said to? Get your covid shots yet?
some of you are saying to have stockpiles of cash, while it sounds wise, what when the money becomes useless? The Zimbabwe dollar as an example. The US is heading there mighty fast. Metals? ok but trade for what? the worthless paper money? Having the cash in hand may be handy to attempt to avoid the several rounds of theft by taxation that is surely coming to you in the very near future. Might want to have a police report too, to report the break-in and theft of your cash stockpile too. What money? It got stolen, the same day that terrible fishing accident and I lost all my guns. If you are going to stock metals, you’d be best to pay the extra premium up front for the smaller bars, ie the 1 oz the 10 oz etc, because trying to cash a 100 oz bar of silver for a few ears of coin is going to be like trying to use a 100 dollar bill to buy a soda with.
One of the wisest things I heard in a long time was an individual stating something to the lines of, American’s greatest threat is they do not know how to live poorly. I have a feeling they are about to learn very quickly. Now you know why billy boy is buying up all that land, to put the 300 story housing projects on that they will force everyone into after they default on their home loans and the banks seize their property.
The Euro weenies / Nato have a seething hatred of America, mainly out of jealousy of what once was, they will gleefully march on our soils to help the government destroy what’s left of our once great nation. The ignorance you seen during the covid with the TP shortages and other utter nonsense, get ready to see that kind of thing 10 fold once the real famine / hardships start in earnest.
“Now you know why billy boy is buying up all that land, to put the 300 story housing projects on that they will force everyone into after they default on their home loans and the banks seize their property.”
yep, they’re gonna do it all again. in every generation.
genesis 41:25 “Now Joseph said to Pharaoh, ‘Pharaoh’s dreams are one and the same; God has told to Pharaoh what He is about to do. 26 The seven good cows are seven years; and the seven good ears are seven years; the dreams are one and the same. 27 The seven lean and ugly cows that came up after them are seven years, and the seven thin ears scorched by the east wind will be seven years of famine. 28 It is as I have spoken to Pharaoh: God has shown to Pharaoh what He is about to do. 29 Behold, seven years of great abundance are coming in all the land of Egypt; 30 and after them seven years of famine will come, and all the abundance will be forgotten in the land of Egypt, and the famine will ravage the land. 31 So the abundance will be unknown in the land because of that subsequent famine; for it will be very severe. 32 Now as for the repeating of the dream to Pharaoh twice, it means that the matter is determined by God, and God will quickly bring it about. 33 Now let Pharaoh look for a man discerning and wise, and set him over the land of Egypt. 34 Let Pharaoh take action to appoint overseers in charge of the land, and let him exact a fifth of the produce of the land of Egypt in the seven years of abundance. 35 Then let them gather all the food of these good years that are coming, and store up the grain for food in the cities under Pharaoh’s authority, and let them guard it. 36 Let the food become as a reserve for the land for the seven years of famine which will occur in the land of Egypt, so that the land will not perish during the famine …’ 53 When the seven years of plenty which had been in the land of Egypt came to an end, 54 and the seven years of famine began to come, just as Joseph had said, then there was famine in all the lands, but in all the land of Egypt there was bread. 55 So when all the land of Egypt was famished, the people cried out to Pharaoh for bread; and Pharaoh said to all the Egyptians, ‘Go to Joseph; whatever he says to you, you shall do.’ 56 When the famine was spread over all the face of the earth, then Joseph opened all the storehouses, and sold to the Egyptians; and the famine was severe in the land of Egypt. 57 The people of all the earth came to Egypt to buy grain from Joseph, because the famine was severe in all the earth …”
genesis 47:13 “Now there was no food in all the land, because the famine was very severe, so that the land of Egypt and the land of Canaan languished because of the famine. 14 Joseph gathered all the money that was found in the land of Egypt and in the land of Canaan for the grain which they bought, and Joseph brought the money into Pharaoh’s house. 15 When the money was all spent in the land of Egypt and in the land of Canaan, all the Egyptians came to Joseph and said, ‘Give us food, for why should we die in your presence? For our money is gone.’ 16 Then Joseph said, ‘Give up your livestock, and I will give you food for your livestock, since your money is gone.’ 17 So they brought their livestock to Joseph, and Joseph gave them food in exchange for the horses and the flocks and the herds and the donkeys; and he fed them with food in exchange for all their livestock that year. 18 When that year was ended, they came to him the next year and said to him, ‘We will not hide from my lord that our money is all spent, and the cattle are my lord’s. There is nothing left for my lord except our bodies and our lands. 19 Why should we die before your eyes, both we and our land? Buy us and our land for food, and we and our land will be slaves to Pharaoh. So give us seed, that we may live and not die, and that the land may not be desolate.’ 20 So Joseph bought all the land of Egypt for Pharaoh, for every Egyptian sold his field, because the famine was severe upon them. Thus the land became Pharaoh’s. 21 As for the people, he removed them to the cities from one end of Egypt’s border to the other.”
it’s all of god, doncha know ….
im not shure