Archive
Drones used as Proxies to get around ISP blocking and law enforcement: Predator’s to add server payload?
Cross Posted from TheAviationist.
Nearly in contemporary with the breaking news that a judge in New Zealand’s High Court has declared that the order used to seize Kim Dotcom’s assets is “null and void”, writing another page inside the endless MegaUpload saga, The Pirate Bay, one of the world’s largest BitTorrent sites, made another clamorous announcement. Tired of countering the block attempts that forced, last month, to switch its top-level domain, possibly to avoid seizure by U.S. authorities, and in October 2011 to set up a new domain to get around ISP blocking in Belgium, the infamous BitTorrent site is considering the hypothesis to turn GPS-controlled aircraft drones into proxies, in order to avoid Law Enforcement controls (and censorship) and hence evade authorities who are looking to shut the site down.
A Predator drone carries a few servers…as tin cans would trail a newly married couple’s car
The drones, controlled by GPS and equipped with cheap radio equipment and small computers (such as Raspberry Pi), would act as proxies redirecting users’ traffic to a “secret location”. An unprecedented form of (literally) “Cloud Computing”, or better to say “Computing in the Clouds”, capable to transfer, thanks to modern radio transmitters, more than 100Mbps at over 50 kilometers away, more than enough for a proxy system.
This is essentially what MrSpock, one of the site’s administrators, stated in a Sunday blog post (apparently unavailable at the moment). Curiously the drones are called “Low Orbit Server Stations”, a name not surprisingly much similar to the “Low Orbit Ion Cannon”, the DDoS weapon used by the Anonymous collective, capable of evoking very familiar hacktivism echoes.
Actually this is not the first time that hackers try to use air communication to circumvent Law Enforcement controls. At the beginning of the year, a group of hackers unveiled their project to take the internet beyond the reach of censors by putting their own communication satellites into orbit.
What raised some doubts (at first glance this announcement looks like an anticipated April Fools), is not the the use of a Low Orbit Server Stations, but the fact that moving into an airspace would be enough to prevent Law Enforcement Controls (and reactions).
Drones are subject to specific rules and restrictions and can only fly along reserved corridors to deconflict them from civilian and military air traffic. And they have to land every now and then, unless someone thinks these pirate robots can be air-to-air refueled.
As a commenter of The Hacker News correctly pointed out: “There seems to be a lot of misunderstanding about who “owns” the airspace of a given country“: definitely a drone flying too high would be classified as a threat and forcibly removed by an air force, a drone tethered to ground would be subjected to local zoning laws, while a drone broadcasting from an “intermediate” height would probably violate a number of existing laws and forced to shut down.
At the end it is better to turn back to “Ground Computing” as opposed to “Cloud Drones”. As a matter of fact “it’s probably a lot easier to find a friendly government and host a normal server in that country“.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated) at hackmageddon.com. And follow the author of this article @pausparrows on Twitter for the latest updates.
The Italian Job
The Italian Anonymous did it again and today have attacked for the second time in few days the vatican.va website. Actually this time their attack has apparently been deeper since the infamous collective also posted a small portion of a database claimed to have been leaked from radiovaticana.org, the website of the official Vatican Radio.
The inevitable statement on pastebin (so far only in Italian) quotes Imperva, the Israeli Company Focused on Application Security which claimed, few days ago, to have prevented, in August, a summer attack against the Vatican, using the collected information to profile a typical Anonymous DDoS attack.
Of course the pastebin suggests that this attack has been a kind of retaliation against the information disclosed by Israeli Security Company in their detailed report, nevertheless this has been only the last DDoS attack in Italy in this troubled weekend that has seen several websites falling under the LOIC shots: Saturday the Italian Railways have been hit (three domains), and yesterday Equitalia, the company owning the concession, on behalf of the Government, to collect taxes.
This (un)expected revamp of DDoS activity in Italy comes approximately nearly a couple of months after the LOIC attacks unchained by the MegaUpload shutdown, and nearly nine months after the waves of attacks which made the Italian Summer a very hot season for Information Security.
Besides, so far the preferred targets of The Anonymous in Italy have been Government and Politician Websites, targeting the Vatican Site, looks like this time the Anonymous crossed the line.
As a matter of fact I have decided to write down in a table all the hacktivism-led attacks carried on Italy from the 2011 onwards. I have collected the information on the attacks during the gathering of the necessary material to prepare my timelines for 2011 and 2012. In reading the list, please consider that several DDoS attacks were only claimed by the attackers, so it is really difficult discriminate if they were succesful or not, nevertheless I thought it appropriate to insert them all to provide a global view.
So far, you will notice that the Hackvism in Italy has passed three main phases: the summer phase, maybe interrupted by the wave of arrests in July; the winter phase, as quoted above, immediately after the Megaupload shutdown on the wake of the anti-SOPA/PIPA/ACTA movements; and the current phase (may we define it a spring phase?) triggered by the delicate internal sociopolitical situation….
March 2011
| 04/03/2011 | finmeccanica.it | DDOS | Military Industry |
| 04/03/2011 | eni.it | DDOS | Energy |
| 04/03/2011 | unicredit.it | DDOS | Finance |
June 2011
| 21/06/2011 | ilpopolodellalibertà.it | DDoS | Political Parties |
| 21/06/2011 | governoberlusconi.it | DDoS | Political Parties |
| 21/06/2011 | pdl.it | DDoS | Political Parties |
| 21/06/2011 | governoberlusconi.it | DDoS | Political Parties |
| 21/06/2011 | silvioberlusconifansclub.org | DDoS | Political Parties |
| 21/06/2011 | forzasilvio.it | DDoS | Political Parties |
| 22/06/2011 | governo.it | DDoS | Government |
| 22/06/2011 | camera.it | DDoS | Government |
| 22/06/2011 | senato.it | DDoS | Government |
| 22/06/2011 | interno.it | DDoS | Government |
| 22/06/2011 | regione.campania.it | DDoS | Government |
| 22/06/2011 | pdl.it | DDoS | Political Parties |
| 22/06/2011 | renatobrunetta.it | DDoS | Political Parties |
| 22/06/2011 | innovazionepa.gov.it | DDoS | Government |
| 23/06/2011 | governo.it | DDoS | Government |
| 23/06/2011 | agcom.it | DDoS | Government |
| 23/06/2011 | leganord.org | DDoS | Political Parties |
| 24/06/2011 | governo.it | DDoS | Government |
| 24/06/2011 | giustizia.it | DDoS | Government |
| 28/06/2011 | agcom.it | DDOS | Government |
| 29/06/2011 | camera.it | DDoS | Government |
| 29/06/2011 | pdl.it | DDoS | Government |
| 29/06/2011 | mediaset.it | DDoS | Entertainment |
| 30/06/2011 | telecomitalia.it | DDoS | ISP |
| 30/06/2011 | poste.it | DDoS | |
| 30/06/2011 | borsaitaliana.it | DDoS | Finance |
July 2011
| 01/07/2011 | leganord.org | DDoS | Political Parties |
| 01/07/2011 | agcom.it | DDoS | Government |
| 02/07/2011 | innovazionepa.gov.it | DDoS | Government |
| 02/07/2011 | governo.it | DDoS | Government |
| 03/07/2011 | agcom.it | DDoS | Government |
| 04/07/2011 | agcom.it | DDoS | Government |
| 06/07/2011 | 19 Universities: unisi.it unisa.it uniroma1.it anotonianum.eu econoca.it uniba.it unibocconi.it unifg.it unime.it unimib.it uniurb.it unibo.it unipv.it unina2.it unile.it polimi.it unito.it unimo.it |
SQLi? | Education |
| 31/07/2011 | vitrociset.it | Defacement | Contractor |
August 2011
| 03/08/2011 | vitrociset.it | Defacement | Contractor |
| 06/08/2011 | sappe.it | Defacement | Law Enforcement Agencies |
September 2011
| 02/09/2011 | Undisclosed Bank | ? | Finance |
November 2011
| 29/11/2011 | fiocchigfl.it | Defacement | Military Industry |
December 2011
| 06/12/2011 | torino-lione.it | Defacement | Transportation |
| 06/12/2011 | ghiglia.it | Defacement | Political Parties |
| 19/12/2011 | fabriziocorona.it | Defacement | Entertainment |
| 19/12/2011 | costantinovitaliano.it | Defacement | Entertainment |
January 2012
| 10/01/2012 | leganord.org | Defacement | Political Parties |
| 13/01/2012 | italia.gov.it | DDoS | Political Parties |
| 22/01/2012 | siae.it | DDoS | Entertainment |
| 22/01/2012 | universalmusic.it | DDoS | Entertainment |
| 22/01/2012 | copyright.it | DDoS | Entertainment |
| 22/01/2012 | giannifava.org | DDoS | Political Parties |
| 22/01/2012 | leganord.org | DDoS | Political Parties |
| 24/01/2012 | giustizia.it | DDoS | Government |
| 26/01/2012 | italia.gov.it | DDoS | Government |
February 2012
| 11/02/2012 | circondarialetorino.it | Defacement | Law Enforcement Agencies |
| 17/02/2012 | rivagroup.com | DDoS | Military Industry |
| 17/02/2012 | enel.it | DDoS | Energy |
| 18/02/2012 | mauriziopaniz.it | Defacement | Political Parties |
| 22/02/2012 | binetti.it | Defacement | Political Parties |
| 27/02/2012 | polizia.it | DDoS | Law Enforcement Agencies |
| 27/02/2012 | carabinieri.it | DDoS | Law Enforcement Agencies |
March 2012
| 07/03/2012 | vatican.va | DDoS | Religion |
| 10/03/2012 | trenitalia.it | DDoS | Transportation |
| 10/03/2012 | RFI.it | DDoS | Transportation |
| 10/03/2012 | viaggaintreno.it | DDoS | Transportation |
| 11/03/2012 | equitalia.it | DDoS | Services |
| 12/03/2012 | vatican.va | DDoS | Religion |
| 12/03/2012 | radiovaticana.org | Defacement | Religion |
Related articles
- DDoS: When Size Matters… Or Not? (hackmageddon.com)
- Anonymous hacks Vatican again (zdnet.com)
- Reviewing HOIC: A New Anonymous DDoS Tool (imperva.com)
January 2012 Cyber Attacks Timeline (Part 2)
Click here for part 1.
The second half of January is gone, and it is undoubtely clear that this month has been characterized by hacktivism and will be remembered for the Mega Upload shutdown. Its direct and indirect aftermaths led to an unprecedented wave of cyber attacks in terms of LOIC-Based DDoS (with a brand new self service approach we will need to get used to), defacements and more hacking initiatives against several Governments and the EU Parliament, all perpetrated under the common umbrella of the opposition to SOPA, PIPA and ACTA. These attacks overshadowed another important Cyber Event: the Middle East Cyberwar (which for the sake of clarity deserved a dedicated series of posts, here Part I and Part II) and several other major breaches (above all Dreamhost and New York State Electric & Gas and Rochester Gas & Electric).
Chronicles also reports a cyber attack to railways, several cyber attacks to universities, a preferred target, and also of a bank robbery in South Africa which allowed the attackers to steal $6.7 million.
Do you think that cyber attacks in this month crossed the line and the Cyber Chessboard will not be the same anymore? It may be, meanwhile do not forget to follow @paulsparrows to get the latest timelines and feel free to support and improve my work with suggeastions and other meaningful events I eventually forgot to mention.
May I Be Arrested For Using LOIC?
As you will probably know, as a consequence of the takedown of the famous storage site Megaupload and the consequent indictment and arrest of seven people (all accused of online piracy), the Anonymous have launched #OpMegaUpload, a giant DDoS attack defined “The biggest Internet attack ever” targeting, among the others: The White House, the FBI, Viacom and DoJ, (at this link a complete list of the targets). As a consequence, last night the LOIC cannons have shot once again, leading to a global fluctuation of the global Internet traffic is between 13 percent and 14 percent above normal.
Unfortunately it looks like that many habitual Megaupload users turned themselves into extemporaneous wannabe hackers, giving their contribution to this questionable cause: equipped with the Low Orbit Ion Cannon they started to fire against the designated targets. By midnight on January 20th, @AnonOps declared the operation a success with over 5,635 people using the Low Orbit Ion Cannon to bring down the targeted sites:
Curiously the night of January the 20th, my blog was flooded with an unusual number of requests coming from search engines looking for several strings with a common pattern. Scrolling down the Search engine terms list directed to my blog (ordered in rigorous ascending order), you may easily guess the common pattern:
using loic arrested
loic arrested
arrested for using loic
loic fbi
is using loic dangerous
can we be arrested for loic
risk of using loic
using loic
arrested loic
loic precautions
may i be arrested for using loic
arresting people for using loic
how to safely use loic
being arrested because of loic
can you be arrested for useing loic
anonymous loic safe
can i be arrested for using loic
loic not safe
danger of using loic
may i be arrested for using #loic
use loic
Yes, unfortunately it looks like that too many people have decided to use the Megaupload shutdown as the trigger for an improvised career of hackers, considering LOIC as a kind of magic wand capable of turning anyone into a hacker in few minutes. Maybe Several of these “wannabe hackers” were not that stupid and wondered if their action might have legal consequences. For those, the fundamental question and age-old dilemma is: “Is LOIC dangerous?”
Since I already dealt with this topic in a couple of posts during the hot summer of the Lulz Boat, their googling brought them to my blog. For sure this morning, before understanding what had happened during the night (in Italy) I was surprised by the unusual number of clicks for the two articles concerning LOIC, which you may read (No One has ever been arrested for using LOIC and Someone has been arrested for using LOIC), if you just need an answer (or maybe you do not need since the title of the latter is meaningful enough).
But please consider the fact that the fundamental question is not if using LOIC is dangerous or not, but rather “if I should play to be a hacker or not”, and the answer is quite straightforward…
BTW, I gave my humble contribution to the #SOPAblackout but, whether or not I agree with the Megaupload shutdown, I absolutely do not agree and do not support similar methods of protest.
Related articles
- Anonymous Launches Largest Attack Ever Following Megaupload Closure (techfleece.com)
About The Author
Support My Work!
Share:
News
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
Visitors from…
