Only a couple of days after the post dealing with the impact of Internet Connectivity and Social Networks for propaganda (and more in general for PsyOps Operation) my dear friend and Colleague David Cenciotti reported to me an interesting article dealing with the use of Twitter for psyops campaign (after the tweets of war for aleged military operations I already talked about)… Only a few hours and it happened exactly what I had theorized (even if in a quite sophisticated manner).
As a matter of fact, as reported in the above quoted article, it looks like a patriot hacker, named The Jester (th3j35t3r) used Twitter to send specific messages to erode the morale of the loyalist enemy troops. For sure no one ever before today had never thought of taking so literally the well-known twetter motto “Follow me”, which sounds much better as “Follow My Thoughts”.
This occurrence confirms the need of keeping the internet connections up and running during military operations. Next prophecy? Will we soon see wi-fi drones in the Unified Protector Operation? And Maybe Loyalist hackers performing wardriving against them?
In this post I explained that, what I called the mobile warfare (that is social protest driven by mobile technologies and social networks), is rapidly spreading all over the Middle East, apparently with a systematic time scale (so far events in Tunisia, Egypt and Libya have been separated by approximately a month).
Many observers claim that, in the shorter term, Syria and Bahrain could be the next targets of internal protests (last week 150 people were killed in Syria and today the government led by PM Naji Otri has resigned, apparently a quantum shift).
But the wave coming from Maghreb, led by the mobile warfare, seems unstoppable and in the longer term, also Iran and Iraq, the main barriers of fundamentalism, could be affected as well.
Of course, one of the most exciting things of Infosec, is the fact that the reality is always one step ahead of the imagination. As a matter of fact I tried to imagine different ways in which bad guys from totalitarian regimes could prevent mobile technologies and social networks from achieving their scope to encourage citizens to join the protests, including DDoS, Internet connectivity disruption and so on… I could not imagine, however, that one could think to issue rogue certificates for some high profile websites used for email and chat in order, maybe, to intercept cumbersome and subversive communications.
That is exactly what happened with the Comodo Affaire in which some fraudulent certificates were issued by the Comodo Certificate Authority, exploiting a vulnerability of a couple of Italian affiliates (sigh!) globaltrust.it and instantssl.it allowing to issue a legitimate signed certificate on behalf of any requesting entity. This vulnerability was used in order to issue rogue Certificate Signing Request (CSR), that is false request to obtain legitimate SSL certificates for the following web sites:
For those of you, who are not too much practical with Public Key infrastructure and Cryptography, this means that, in simple words, once obtained a rogue certificate one may build a false web site (for instance a false mail.google.com website) to capture precious information normally “traveling” on the web encrypted, for instance username and password of private email. This is called a man-in-the-middle attack.
Since it was discovered that the rogue Certificate Signing Request originated from an ISP located in Iran, an alleged political origin for the attack was proposed, motivating it with the attempt of the Iranian government (enforced by a Cyber Army), to intercept communications and more in general emails and chats belonging to political leaders not “too close” to the positions of Mr. Mahmoud Ahmadinejad (mmhh.. at least for the alleged purpose, to me it reminds Operation Aurora, doesn’t it?)
Now, it looks like that a lonely ranger Iranian hacker, not belonging to any army, claimed the to be the only author of hack (at this link the complete history and a detailed analysis of the event). Probably a real Iranian involvement will not ever been confirmed, but to me, the doubt that this action was planned to stop the mobile warfare remains intact. Otherwise I would not be able to understand why only certificates related to secure communication methods were affected, often used by dissidents to organize protests and share news with the world.
- 457,661 hits since November 2010
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
About This Blog
In this blog I express my personal opinion, which does not necessarily reflects the opinion of my organization, about events and news or interest, concerning information security, winking to mobile world and, why not, to some curious personal event.
Every information is reported with its source.
Anyone intending to use information contained in my post is free to do so, provided that mention my blog in your article.
Top Posts & Pages
- List Of Hacked Celebrities Who Had (Nude) Photos Leaked
- 2012 Cyber Attacks Statistics
- 2012 Cyber Attacks Timeline Master Index
- 16-30 April 2013 Cyber Attacks Timeline
- 2013 Cyber Attacks Timeline Master Index
- April 2013 Cyber Attacks Statistics
- March 2013 Cyber Attacks Statistics
- One Year Of Android Malware (Full List)
- A (Graphical) World of Botnets and Cyber Attacks
- May I Be Arrested For Using LOIC?
- RT @LastlineLabs: Marco Cova from Lastline talking about hacktivism on Italian TV ow.ly/l8Az6 - 1 day ago
- RT @lastlineinc: Malware can make itself invisible: in the case of RSA security's breach, malware went undetected for 1/2 year http://t.co/… - 1 day ago
- RT @gianlucaSB: SMS-based command and control protocols are here ow.ly/l47Ye - 3 days ago
- Skype with care Microsoft is reading everything you write h-online.com/security/news/… - 4 days ago
- How the Syrian Electronic Army Hacked The Onion - Onion Inc.'s Tech Blog theonion.github.com/blog/2013/05/0… - 1 week ago
- @Xyri3 sorry I forgot :) Done! - 1 week ago
- @Xyri3 sure when you want. - 1 week ago
- RT @LastlineLabs: NPR story about new Pentagon report on Chinese intellectual property theft ow.ly/kNdew - 1 week ago
- An interesting novel approach to detect compromised accounts on Social Networks: seclab.cs.ucsb.edu/media/uploads/… - 1 week ago
- 16-30 April 2013 Cyber Attacks Timeline wp.me/p14J6X-2oH - 1 week ago