Friday’s Web Outage, Gonna Be Worse due to Selling Access

Hackers Sell $7,500 IoT Cannon To Bring Down The Web Again

Forbes: Think Friday’s massive outage was bad? Worse is expected, as hackers are selling access to a huge army of hacked Internet of Things (IoT) devices designed to launch attacks capable of severely disrupting web connections, FORBES has learned. The finding was revealed just days after compromised cameras and other IoT machines were used in an attack that took down Twitter, Amazon Web Services, Netflix, Spotify and other major web companies.

In what is a first for the security company, RSA discovered in early October hackers advertising access to a huge IoT botnet on an underground criminal forum, though the company declined to say which one. (F-Secure chief research officer Mikko Hypponen said on Twitter after publication that it was the Tor-based Alpha Bay market). “This is the first time we’ve seen an IoT botnet up for rent or sale, especially one boasting that amount of firepower. It’s definitely a worrying trend seeing the DDoS capabilities grow,” said Daniel Cohen, head of RSA’s FraudAction business unit.

The seller claimed they could generate 1 terabit per second of traffic. That would almost equal the world record DDoS attack, which hit French hosting provider OVH earlier this month at just over 1 terabit. For $4,600, anyone could buy 50,000 bots (hacked computers under the control of hackers), whilst 100,000 cost $7,500. Together, those bots can combine resources to overwhelm targets with data, in what’s known as a distributed denial of service (DDoS) attack.

Cohen said he didn’t know if the botnet for hire was related to Mirai, the epic network of weaponized IoT computers used to swamp DYN – a domain name system (DNS) provider and the chief target of Friday’s attack – with traffic. But FORBES was able to find a forum post on Alpha Bay from the seller, who went by the name loldongs, which noted they had created a Mirai-based botnet. The original post was on 4 October, just a few days after the Mirai source code was made available to everyone. In a later post, in response to another user’s request, loldongs claimed: “I can take down OVH easily.”

Internet of Things botnet sold on undeground hacker forum

RSA uncovered a botnet for hire, made up of IoT devices like connected cameras and fridges. It could generate an astonishing amount of power, the company warned.

Statement By Secretary Johnson On Recent Cyber Incident

Release Date:
October 24, 2016

For Immediate Release
Office of the Press Secretary
Contact: 202-282-8010

The Department of Homeland Security is closely monitoring events arising from the distributed denial of service attack on Dyn on Friday, October 21. Later that day, the Department convened a conference call of about 18 major communication service providers to share information about the incident. At this time, we believe the attack has been mitigated. We have shared relevant information with our partners and through our Automated Indicator Sharing program.

We are aware of one type of malware potentially used in this incident. This malware is referred to as Mirai and compromises Internet of Things devices, such as surveillance cameras and entertainment systems connected to the Internet. The NCCIC is working with law enforcement, the private sector and the research community to develop ways to mitigate against this and other related malware.

The Department has also been working to develop a set of strategic principles for securing the Internet of Things, which we plan to release in the coming weeks.

Obama Announced the Obamacare Doom for Next Year

Obama administration confirms double-digit premium hikes

 

WASHINGTON (AP)— Premiums will go up sharply next year under President Barack Obama’s health care law, and many consumers will be down to just one insurer, the administration confirmed Monday. That will stoke another “Obamacare” controversy days before a presidential election.

Related reading: Click this link to see increases by State.

Before taxpayer-provided subsidies, premiums for a midlevel benchmark plan will increase an average of 25 percent across the 39 states served by the federally run online market, according to a report from the Department of Health and Human Services. Some states will see much bigger jumps, others less.

Moreover, about 1 in 5 consumers will only have plans from a single insurer to pick from, after major national carriers such as UnitedHealth Group, Humana and Aetna scaled back their roles.

“Consumers will be faced this year with not only big premium increases but also with a declining number of insurers participating, and that will lead to a tumultuous open enrollment period,” said Larry Levitt, who tracks the health care law for the nonpartisan Kaiser Family Foundation.

Republicans will pounce on the numbers as confirmation that insurance markets created by the 2010 health overhaul are on the verge of collapsing in a “death spiral.” Sign-up season starts Nov. 1, about a week before national elections in which the GOP remains committed to a full repeal. Window shopping for plans and premiums is already available through HealthCare.gov.

The sobering numbers confirmed state-by-state reports that have been coming in for months. Administration officials are stressing that subsidies provided under the law, which are designed to rise alongside premiums, will insulate most customers from sticker shock. They add that consumers who are willing to switch to cheaper plans will still be able to find bargains.

“Headline rates are generally rising faster than in previous years,” acknowledged HHS spokesman Kevin Griffis. But he added that for most consumers, “headline rates are not what they pay.”

The vast majority of the more than 10 million customers who purchase through HealthCare.gov and its state-run counterparts do receive generous financial assistance. “Enrollment is concentrated among very low-income individuals who receive significant government subsidies to reduce premiums and cost-sharing,” said Caroline Pearson of the consulting firm Avalere Health

But an estimated 5 million to 7 million people are either not eligible for the income-based assistance, or they buy individual policies outside of the health law’s markets, where the subsidies are not available. The administration is urging the latter group to check out HealthCare.gov. The spike in premiums generally does not affect the employer-provided plans that most workers and their families rely on.

In some states, the premium increases are striking. In Arizona, unsubsidized premiums for a 27-year-old buying a benchmark “second-lowest cost silver plan” will jump by 116 percent, from $196 to $422, according to the administration report. Oklahoma has the next biggest increase for a similarly situated customer, 69 percent.

Dwindling choice is another problem factor.

The total number of HealthCare.gov insurers will drop from 232 this year to 167 in 2017, a loss of 28 percent. (Insurers are counted multiple times if they offer coverage in more than one state. So Aetna, for example, would count once in each state that it participated in.)

Switching insurers may not be simple for patients with chronic conditions.

While many carriers are offering a choice of plan designs, most use a single prescription formulary and physician network across all their products, explained Pearson. “So, enrollees may need to change doctors or drugs when they switch insurers,” he said.

FBI Assignments for November 2016 Elections

There was a time this would have been a good thing, but given recent history, events, collusion and more…one must question this…right?

Of particular note in this announcement:

U.S. Attorney Oberly said, “Every citizen must be able to vote without interference or discrimination and to have that vote counted without it being stolen because of fraud.  The Department of Justice will act promptly and aggressively to protect the integrity of the election process.”

****Related Reading: Election officials in three states say they’ve received and rejected requests to have Russian diplomats present at polling places when U.S. voters cast ballots for their next president Nov. 8.
Russia’s consul general in Houston, Alexander K. Zakharov, outlined the requests in letters sent to election officials in Oklahoma, Texas and Louisiana that said he wished to deploy representatives “for a short period of time, when convenient,” with the “goal of studying the U.S. experience in organization of voting process.”
The requests were refused by all three states and addressed by the Obama administration Friday during press briefings at both the White House and Foggy Bottom.
“I think it is unclear exactly what the Russians were intending to do in this case. I think it’s appropriate that people might be suspicious of their motives, or at least their motives might be different than what they have publicly stated, given the nefarious activities that they’ve engaged in in cyberspace,” White House spokesman Josh Earnest said Friday.
“There’s nothing for us to fear from having Russian observers observing our election,” State Department spokesman John Kirby said at a separate briefing. “But those requests that go to the states are for the states to decide. We’ve got nothing to fear and nothing to hide from that.” More here from the WashingtonTimes.

Back to the FBI announcement:

November 2016 Elections

WILMINGTON, Del. – United States Attorney Charles M. Oberly, III announced today that Assistant United States Attorney (AUSA) Patricia C. Hannigan will lead the efforts of his Office in connection with the Justice Department’s nationwide Election Day Program for the upcoming November 8, 2016 general elections.  AUSA Hannigan has been appointed to serve as the District Election Officer for the District of Delaware, and in that capacity is responsible for overseeing the District’s handling of complaints of election fraud and voting rights abuses in consultation with Justice Department Headquarters in Washington.

 

U.S. Attorney Oberly said, “Every citizen must be able to vote without interference or discrimination and to have that vote counted without it being stolen because of fraud.  The Department of Justice will act promptly and aggressively to protect the integrity of the election process.”

 

The Department of Justice has an important role in deterring election fraud and discrimination at the polls, and combating these violations whenever and wherever they occur.  The Department’s long-standing Election Day Program furthers these goals, and also seeks to ensure public confidence in the integrity of the election process by providing local points of contact within the Department for the public to report possible election fraud and voting rights violations while the polls are open on election day.

 

Federal law protects against such crimes as intimidating or bribing voters, buying and selling votes, impersonating voters, altering vote tallies, stuffing ballot boxes, and marking ballots for voters against their wishes or without their input.  It also contains special protections for the rights of voters and provides that they can vote free from acts that intimidate or harass them.  For example, actions of persons designed to interrupt or intimidate voters at polling places by questioning or challenging them, or by photographing or videotaping them, under the pretext that these are actions to uncover illegal voting may violate federal voting rights law.  Further, federal law protects the right of voters to mark their own ballot or to be assisted by a person of their choice.

 

The franchise is the cornerstone of American democracy.  We all must ensure that those who are entitled to the franchise exercise it if they choose, and that those who seek to corrupt it are brought to justice.  In order to respond to complaints of election fraud or voting rights abuses on November 8, 2016, and to ensure that such complaints are directed to the appropriate authorities, United States Attorney Oberly stated that AUSA Hannigan will be on duty in this District while the polls are open.  She can be reached by the public at the following telephone numbers: (O) 302-573-6117 or (C) 302-507-1607.

 

In addition, the FBI will have special agents available in each field office and resident agency throughout the country to receive allegations of election fraud and other election abuses on election day.  The local FBI field office can be reached at 302-658-4391.

 

Complaints about possible violations of the federal voting rights laws can be made directly to the Civil Rights Division’s Voting Section in Washington, DC by phone at 1-800-253-3931 or (202) 307-2767, by fax at (202) 307-3961, by email to [email protected]

Email links icon

or by complaint form at http://www.justice.gov/crt/complaint/votintake/index.php.

 

U.S. Attorney Oberly said, “Ensuring free and fair elections depends in large part on the cooperation of the American electorate.  It is imperative that those who have specific information about discrimination or election fraud make that information available immediately to my Office, the FBI, or the Civil Rights Division.”

The New Drug Cartel Generation and Weapons

Northwest Mexico Erupts in Violence in Next Generation Cartel Wars

InSight: A bloody cartel war raging in the state of Baja California Sur hints at the new strategies and alliances forming as Mexico‘s fragmented underworld reorganizes.

A Zeta magazine investigation into drug war violence in the city of La Paz, the capital of Baja California Sur, has revealed how a spate of macabre murders is connected to a campaign waged by a new alliance between the Jalisco Cartel– New Generation (CJNG) and the remnants of the Tijuana Cartel against Los Dámaso, a network connected to the Sinaloa Cartel.

According to Zeta, the CJNG and Tijuana Cartel factions are operating under the name the Tijuana Cartel– New Generation (CTNG) and have been kidnapping, torturing and murdering rivals in an attempt to seize control of local drug sales and distribution.

Their targets, according to a Zeta source from the local Public Security Coordination Group (Grupo de Coordinación de Seguridad Pública), are rival hitmen, operatives that have switched sides, plaza chiefs linked to the Sinaloa Cartel and local drug distributors. Their aim is not only to remove these people but also to obtain information on the large scale Sinaloa distributors that continue providing drugs to the region.

However, the source said, identifying the relationship between the local criminal cells and larger cartels is difficult due to the fragmented nature of the current underworld and the constantly shifting allegiences of local networks.

InSight Crime Analysis

The battle for La Paz reflects a new dynamic in the Mexican underworld, as fragmented remains of once all-powerful cartels confront or ally themselves with new players as they compete for control of local as well as transnational criminal markets.

The relatively new CJNG has been one of the most expansionist groups in Mexico in recent years, and it is little surprise that it has now moved into Bajo California Sur. It was once believed to be in alliance with the Sinaloa Cartel, but there are now growing signs the organization is looking to capitalize on what appears to be a fragmentation of the Sinaloa Cartel in the wake of the capture of the cartel’s most prominent leader, Joaquin “El Chapo” Guzman.

SEE ALSO: Jalisco Cartel – New Generation Profile

In contrast, the Tijuana Cartel has been in long term decline, and so an alliance with an up-and-coming group such as the CJNG represents the remaining cartel factions’ best chance of clinging on to some level of criminal power.

Los Dámaso, meanwhile, have long been operatives for the Sinaloa Cartel. However, there have been numerous reports suggesting the network has been in conflict with other Sinaloan factions.

As highlighted by Zeta’s source, these national actors are increasingly dependent on alliances with local criminal cells that have more autonomy and less loyalty to larger organizations than in the past. This makes for a much more complex and often chaotic dynamic in this latest generation of Mexico‘s cartel wars.

*** Improvised armored vehicle captured from the Zetas cartel.

Juan Cedillo : Improvised armored vehicle captured from the Zetas cartel.

Time Magazine has provided more information:

As Mexican gangsters shot it out with troops in the border city of Reynosa this month, residents posted warnings on social media of where not to drive. Not only was the gunfire itself a problem but cartel gunmen had covered some roads with perilous spikes that they call ponchallantas or “tire punchers.” The hazard can appear suddenly as the cartels have customized vans with tubes that eject the spikes. If a car drives into them too fast, it can spin into a lethal crash. Gangsters also set grounded vehicles on fire, creating more debris in the way of security forces.

The tire punchers used in the April 17 firefight, in which soldiers arrested an alleged kingpin called José Tiburcio Hernández, are the latest example of the homemade battle technology developed by Mexico’s cartels. Gangsters have also built fighting vehicles with four inch-thick armor, sometimes referred to as “monsters” or “narco tanks.” And in October, police in the western state of Jalisco even busted a clandestine factory where traffickers assembled their own assault rifles.

The development of this narco technology south of the Rio Grande has grabbed the attention of U.S. security thinkers such as Robert Bunker, an external researcher for the U.S. Army War College. He compares it to the homemade war tools used by insurgent forces round the world. “Each battle technology has been adapted to both the conflict environment and the ideological and illicit economic motivations of the irregular forces,” Bunker says. “Caltrops and spike traps have been a component of warfare going back to the ancient Greeks. In many ways, we can think of them as pre-modern landmines.”

While there is no declared war in Mexico, fighting between rival cartels and the security forces has claimed more than 83,000 lives since 2007, according to a count by Mexico’s federal intelligence agency. Gangsters use traditional weapons, including Kalashnikovs, which are often smuggled from the United Sates. The Bureau of Alcohol Tobacco and Firearms has traced 73,684 guns seized in Mexico to U.S. gun sellers since 2009. Cartels also have rocket-propelled grenades, which may be stolen from Central American military caches.

However, it is harder for them to buy actual military vehicles leading to them inventing their own. The Zetas cartel, which was led by former soldiers, first developed its own armored vehicles, both converting regular trucks and building others from scratch. Their “monsters” resemble machines from the fantasy road wars of Mad Max, with gun turrets, battering rams and walls of armor.

The Mexican army has taken many of these makeshift tanks off the road, holding more than 40 of them in its base in Reynosa. But some are still at large and causing havoc. Last year, a Zeta monster attacked a hotel in the border town of Ciudad Mier, where executives from the oil services multinational Weatherford were staying. (The executives were shaken but unscathed).

Furthermore, vigilante groups that formed to fight cartels also built their own armored vehicles. “We were going into heavy gunfire and we needed protection. So we made these monsters of our own, based on the vehicles that the Zetas had built,” said Francisco Espinosa, a cattle rancher turned vigilante. With the help of local metal workers, they also used thick layers of armor, and added some of their own features such as mobile sand trenches.

The gun factory busted in October belonged to rising gang called the Jalisco New Generation Cartel. The cartel has gained infamy for a series of attacks on Mexican officials, including an ambush on April 7 that killed 15 policemen. Hidden in two farm houses in the tequila-producing region, the factory used industrial metal cutters and blow torches to assemble AR15 rifles from components. “It’s highly sophisticated machinery with very precise software that allows them to make the cuts to finish the guns, which work perfectly,” Jalisco Attorney General Luis Carlos Najera said.

The factory likely uses gun parts that are sold on line, producing untraceable AR15’s, says Bunker, the security scholar. “I consider it conceptually sophisticated but not technologically sophisticated. The next step in this process will be the addition of a 3D metal printer. I’m sure this will come in time as more of these improvised arms factories spring up, metal printer technology matures, and prices for them drop.”

The cartels’ ability to make their own guns, customized vehicles and spike ejectors make them difficult for Mexico’s government to wipe out. Under President Enrique Pena Nieto, troops have arrested a string of cartel leaders, including the head of the Zetas and Sinaloan chief Joaquin “Chapo” Guzman. This has helped reduce the total number of homicides, which went down from a peak of more than 22,000 in 2011 to 15,649 last year, according to a police count. But incidents such as the chaos in Reynosa and ambushes in Jalisco continue to shake the nation.

Bunker warns that cartels may keep on developing their battle tech. They could use drones for surveillance in the near future, giving them a fighting edge. Mexican gangsters have also used small car bombs, and could potentially harness bigger improvised explosive devices like those in the Middle East. “One area that we should keep an eye on is car bomb and IED use potentials,” Bunker says. “I could envision IEDs being placed in a city or town under certain circumstances.”

Mosul Iraq now (Satellite) and in the Future

These satellite photos reveal the scorched Earth that ISIS is leaving behind in the battle for Mosul

BusinessInsider: As a crucial battle continues over the control of Mosul, Iraq — one of the last Islamic State (ISIS) strongholds in the country — militants are taking a play from the “scorched Earth” playbook.

Photos released Wednesday by UrtheCast reveal the extent of oil fires and infrastructure damage inflicted by ISIS followers.

The satellite imaging company used its Deimos-2 spacecraft to take the image below, though it also operates an ultra-high-definition video camera on a Russian module of the space station.

Below is an infrared view of the Mosul District taken by UrtheCast on October 18:

D2_20161018_Oil_Fires_Full_Med UrtheCast

A zoomed-in view shows how militants are lighting the large fires inside populated areas and destroying nearby buildings:

mosul oil fires close up urthecast UrtheCast

This is how UrtheCast described the scence in an emailed press release:

“The smoke covers part of the city Qayyarah, about 35 miles south of the city of Mosul, along the West Bank of the Tigris River. Mosul is the last stronghold of the extremist group ISIS in Iraq — and it’s here in Qayyarah where people flee to from Mosul, and where military forces are staged.”

For reference, this is where the fires in this image are happening, and where the main city of Mosul is located:

mosul oil fires urthecast Google Maps/Business Insider

According to a New York Times dispatch from Mosul by Bryan Denton and Michael R. Gordon, the intention of the oil fires is to provide a screen:

“Thick funnels of black smoke began rising from the towns — a past tactic used by the Islamic State militants, setting oil barrels aflame to try to screen them from American airstrikes. The strikes came anyway, sending shock waves through the haze.”

UrtheCast’s new photos also show how ISIS militants are destroying infrastructure in the area.

The view below shows a bridge that was recently demolished to slow the advance of Kurdish and Iraqi security forces:

mosul destroyed bridge urthecast UrtheCast

The international coalition that is fighting ISIS hopes to secure villages surrounding Mosul and reach the city’s center in weeks.

But soldiers face roadside bombs, networks of secret tunnels, suicide bombers, civilians being used as human shields, and other grave threats.

Shi’a Militias in Mosul and Beyond

Bottom Line Up Front: 

• Shi’a militias are a significant component of the forces attempting to recapture Mosul from the Islamic State, but the Iraqi government seeks to keep their role limited.

• The U.S. has insisted that Shi’a militias not enter the city of Mosul because of their sectarian impulses, linkages to Iran, and the likelihood of adverse reaction from the city’s mostly Sunni inhabitants.

• The commanders of the Iraqi Shi’a militias will likely have substantial influence over which coalition forces remain in Iraq over the longer term.

• After the Islamic State is militarily defeated in Iraq, the Iraqi government will likely work to demobilize the Shi’a militias by integrating them into the Iraqi Security Forces.

SoufanGroup: As with many other cities in Iraq previously liberated from the so-called Islamic State, Shi’a militia forces comprise a substantial portion of the Iraqi forces fighting to retake the city of Mosul. The Shi’a militias, which operate under an umbrella known as the ‘Popular Mobilization Units’ (PMUs), account for around 25,000 fighters of the total Iraqi force—which numbers nearly 100,000. In the prior battles, Shi’a militias entered the mostly Sunni cities, such as Tikrit, Ramadi, and Fallujah, and conducted many abuses against the local population as retribution for alleged ‘collaboration’ with the Islamic State. While Shi’a militia involvement perhaps sped up Iraqi military advances, it set back the longer term political reconciliation that is vital to permanently defeating the Islamic State. To prevent a recurrence of such actions, Iraqi Prime Minister Haider al-Abadi—with strong backing of U.S. military commanders in Iraq—is requiring the PMUs to only advance on Mosul from the west and help capture the city of Tal Afar, and to refrain from advancing into Mosul itself. This requirement builds on the U.S. policy of providing minimal help to the PMUs, and then only to those militias that are not advised or armed by Iran.  

The political strength of the largest Shi’a militias—which are backed by Iran—raises the question of whether they will comply with Abadi’s directive. In mid-October, one key Iran-backed Shi’a militia leader, Asa’ib Ahl al Haq’s Qais Khazali, vowed that his forces would enter Mosul ‘in vengeance against the slayers of Hussein’—a reference to the original Sunni-Shi’a split in the early Islamic community. An area that Shi’a militia commanders and Abadi do agree, however, is in opposing the U.S. position of giving Turkey—a Sunni power—a combat role in the battle for Mosul. The broad Iraqi opposition to Turkish involvement in the Mosul fight goes beyond sectarian differences to longstanding Iraqi fears about Turkey’s territorial ambitions in northern Iraq, particularly Mosul. Iraq’s Kurds—in an uneasy partnership with Baghdad to fight the Islamic State—are also wary that Turkey may seek to maintain a military presence in Iraq after Mosul is liberated, perhaps for no other reason than to intimidate Iraqi Kurdish leaders from pursuing a planned referendum on full independence for Iraqi Kurdistan.     

Abadi’s opposition to the U.S. stance on a Turkish contribution to the battle for Mosul illustrates the significant political influence the Shi’a militia commanders and their allies enjoy. Many Shi’a militia commanders have close ties to the Islamic Revolutionary Guard Corps – Qods Force (IRGC-QF) from their time in the Iran-backed struggle against Saddam Hussein. IRGC-QF commander-in-chief Qasem Soleimani is in overall command of the Shi’a militia units in the Mosul battle, and has substantial influence inside the Iraqi government.

Soleimani and the Shi’a commanders will undoubtedly play a major role in determining whether foreign forces remain in Iraq after the Islamic State is expelled from Iraqi territory. Consistent with Iran’s position, these figures have insisted that no U.S. troops remain in Iraq after the Islamic State is defeated. Further, these commanders have support from another powerful Iraqi Shi’a leader, Muqtada al-Sadr, who responded to the U.S. intervention in Iraq in 2003 by organizing the militia precursor from which many of the current militias split off. Sadr displayed his power over the summer of 2016 by twice sending his followers to storm the Iraqi parliament building in the heavily-fortified ‘Green Zone’ to demand government reform and efforts against official corruption. Although Sadr no longer enjoys Tehran’s unquestioned support and many Shi’a militia commanders are no longer loyal to him, his ability to determine outcomes in Iraq should not be underestimated.  

Poised against the Shi’a hardliners is Abadi, who appears to recognize that a U.S. military presence will be needed in Iraq for some time after the Islamic State is defeated. To tamp down hardline Shi’a opposition to a continuing U.S. presence, Abadi plans to weaken the hardliners’ base of support by disbanding the PMUs as a separate force. Over the summer, Abadi advanced a plan to integrate the PMUs into the Iraqi Security Forces (ISF) directly, although his plan attracted skeptics who argue that doing so would simply move factionalism into the ISF, rather than eliminate it entirely. That plan would also entail expenditures that Iraq can ill afford with oil prices at current levels. The more likely option is that Abadi will seek to demobilize the PMUs and encourage militia leaders to return to participating in the political process. Should he take that route, Abadi’s success in doing so will likely determine the long-term stability of Iraq.