Our surveillance of Stuxnet starting 2009
You remember the huge demonstration
in Iran in 2009, we were working with
Anonymous against Iran and had many
operations going on in Iran.
The year stuxnet deployed.
@JohnBumgarner
@Geraldanthro - the primary sabotage operations against
@JohnBumgarner
Project "Olympic Games" was underway for
in Iran in 2009, we were working with
Anonymous against Iran and had many
operations going on in Iran.
The year stuxnet deployed.
@JohnBumgarner
@Geraldanthro - the primary sabotage operations against
Iranian targets were green lighted in 2009.
Project "Olympic Games"
approx. 4 years, before President Obama took office in Jan 2009.
Anonymous had an Iranian spy in its ranks
causing problems and ask us to ferret him
out, it was a rocky relationship, we turned
up two spys embedding text in jpgs.
We tracked their IPs and the IPs of anonymous
members they were trying to recruit.
The Anonymous Commodore was furious
said we exceeded our authority and fired us.
All data deleted to NSA standards.
We continued operations against Iran
independently. And we ran into Stuxnet
on some servers in 2009, of course
we didn't know that.
"Server in Iran compromised.
Who is launching the scan? Is it a random script kiddie
@JohnBumgarner
President Obama Green Lighted the "Olympic Games"
project 5 months after taking office.
Launched downrange was Stuxnet ver. 1
Iran was accelerating nuclear operations,
Anonymous had an Iranian spy in its ranks
causing problems and ask us to ferret him
out, it was a rocky relationship, we turned
up two spys embedding text in jpgs.
We tracked their IPs and the IPs of anonymous
members they were trying to recruit.
The Anonymous Commodore was furious
said we exceeded our authority and fired us.
All data deleted to NSA standards.
We continued operations against Iran
independently. And we ran into Stuxnet
on some servers in 2009, of course
we didn't know that.
"Server in Iran compromised.
Who is launching the scan? Is it a random script kiddie
or maybe a bot farm, using the Iranian server?
A sophisticated attacker may actually use some simple
A sophisticated attacker may actually use some simple
"script kiddie" tools first, in order to hide out in the noise
of bot and kiddy probes. What computers are they taking over?
And port 5900 (VNC) appears to be the main attack method.
Discovered Targets: 1867
First Reported: xx.xx.xx
Most Recent Report: xx.xx.xx
.It is a "Ministry of Jahad" server...."
It was and suspected
it was Anonymous an ally and didn't
interfere or even investigate the penetration
as we had our hands full with our own
operations, using around 100,000 BSU's.
Bot Surveillance Units. 06/2009.
And documented the discovery here.
http://warintel.blogspot.com/2009/06/iran-regime-under-cyber-attack.html
The next month paradigm Intel and
BSUs indicated Iran was under cyber
attack from Israel.
And reported it.
http://warintel.blogspot.com/2009/07/israel-already-at-war-with-iran.html
Iran was so perplexed they fired top
nuclear scientist and knew their nuclear
PCs were in trouble, PC reported every thing
was OK, while centrifuges were spinning
out of control, self destructing. It got so bad
they had man with walkie-talkie setting watching
the centrifuges radioing just what he was seeing.
@JohnBumgarner
President Obama accelerated the "Olympic Games"
operation in Jan 2010, by deploying a more improved
And port 5900 (VNC) appears to be the main attack method.
Discovered Targets: 1867
First Reported: xx.xx.xx
Most Recent Report: xx.xx.xx
.It is a "Ministry of Jahad" server...."
It was and suspected
it was Anonymous an ally and didn't
interfere or even investigate the penetration
as we had our hands full with our own
operations, using around 100,000 BSU's.
Bot Surveillance Units. 06/2009.
And documented the discovery here.
http://warintel.blogspot.com/2009/06/iran-regime-under-cyber-attack.html
The next month paradigm Intel and
BSUs indicated Iran was under cyber
attack from Israel.
And reported it.
http://warintel.blogspot.com/2009/07/israel-already-at-war-with-iran.html
Iran was so perplexed they fired top
nuclear scientist and knew their nuclear
PCs were in trouble, PC reported every thing
was OK, while centrifuges were spinning
out of control, self destructing. It got so bad
they had man with walkie-talkie setting watching
the centrifuges radioing just what he was seeing.
@JohnBumgarner
President Obama accelerated the "Olympic Games"
operation in Jan 2010, by deploying a more improved
version of Stuxnet
@JohnBumgarner
President Obama Green Lighted the "Olympic Games"
project 5 months after taking office.
Launched downrange was Stuxnet ver. 1
Iran was accelerating nuclear operations,
Obama needed more.G
@JohnBumgarner
Two month later the U.S. released an untested version
@JohnBumgarner
Two month later the U.S. released an untested version
of stuxnet and that is when the operation began to have problems.
@JohnBumgarner
Pres. Bush 5 years "Olympic Games" zero known
Pres. Bush 5 years "Olympic Games" zero known
compromises Pres. Obama 3 years "Olympic Games"
at least 3 known compromises.#stuxnet
Compromises serve as warning to Iran.
discovered trying to get back into Natanz,
We provided some cover for the Israel
cyber attacks revealing the Green movements
cyber activities.
http://warintel.blogspot.com/2009/06/iran-regime-under-cyber-attack.html
The next year we flushed out the stuxnet paradigm.
Stuxnet 1.0 as of yet undiscovered, a recon program.
Stuxnet 2,0 the one that was discovered that we
all know and love. How it functions is Art.
http://warintel.blogspot.com/2010/09/stuxnet-development-paradigm-intel.html
@JohnBumgarner
RT @craiu: Microsoft's reaction to Flame shows
seriousness of 'Holy Grail' hack - http://bit.ly/KO4hkT
And stuxnet family, all by same group,
how they fit together.
And document our discoveries. 2010
http://warintel.blogspot.com/2010/10/stuxnet-10-20-30.html
Stuxnet 3,0 or flame as Kasperty calls it.
we discovered, documented and calculated
its capabilities, 2 yrs before Kaspersky did.
http://warintel.blogspot.com/2010/10/stuxnet-30-most-powerful-weapon-ever.html
Stuxnet/flame puts USA in same position
cyber attacks revealing the Green movements
cyber activities.
http://warintel.blogspot.com/2009/06/iran-regime-under-cyber-attack.html
The next year we flushed out the stuxnet paradigm.
Stuxnet 1.0 as of yet undiscovered, a recon program.
Stuxnet 2,0 the one that was discovered that we
all know and love. How it functions is Art.
http://warintel.blogspot.com/2010/09/stuxnet-development-paradigm-intel.html
@JohnBumgarner
RT @craiu: Microsoft's reaction to Flame shows
seriousness of 'Holy Grail' hack - http://bit.ly/KO4hkT
And stuxnet family, all by same group,
how they fit together.
And document our discoveries. 2010
http://warintel.blogspot.com/2010/10/stuxnet-10-20-30.html
Stuxnet 3,0 or flame as Kasperty calls it.
we discovered, documented and calculated
its capabilities, 2 yrs before Kaspersky did.
http://warintel.blogspot.com/2010/10/stuxnet-30-most-powerful-weapon-ever.html
Stuxnet/flame puts USA in same position
as when US was only one with atom bomb,
MAD NOT APPLICABLE, first strike
can take out everything, leaving enemy nothing
to retaliate WITH.
Stuxnet is so deeply embedded in Iran
their counterstrike plans are already known.
Flame and Stuxnet were elements of a
Flame and Stuxnet were elements of a
broader assault that continues today.
Stuxnet and Flame infections can be
countered, other tools in play .
OPSEC PREVENTS MORE.
@JohnBumgarner
His book (@SangerNYT) also says that Stuxnet was
OPSEC PREVENTS MORE.
This powerful weapon is so comprehensive
it is a deterrent in and of its self,
You don't slap someone who has you
by the balls like stuxnet has Iran.
The flip side of the suicide function,
as the press calls it, isn't suicide at all.
Its artificial intelligence, if you start looking
for Flame it knows and disappears.
Flip side is its so easy to penetrate PCs
dumping all traces of its self isn't a problem
it will revisit later.
@JohnBumgarner
Flame authors use old anti-forensic technique to destroy potential
@JohnBumgarner
Flame authors use old anti-forensic technique to destroy potential
Stuxnet is a demonstration of the total
failure of anti-virus security companies.
Stuxnet and sons were written to walk
through all known security programs,
around 100 security programs.
@JohnBumgarner
His book (@SangerNYT) also says that Stuxnet was
discovered because it escaped Natanz. RED FLAG on
this play. That's not what happened.
Kaspersky and Symantec are two years
Kaspersky and Symantec are two years
behind us in understanding Stuxnet.
But we are pleased they were able to confirm our
research from two yrs ago.
research from two yrs ago.
http://www.warintel.blogspot.com/2012/01/nsa-cyber-muscle-on-steriods.html
@JohnBumgarner
How many @Microsoft zero-days will be discovered
@JohnBumgarner
How many @Microsoft zero-days will be discovered
in the Flame malware? #stuxnet #iran #nsa #cia
@JohnBumgarner
RT @mikko: I'm afraid we've seen only the very
The next evolution will be Invisible Persistent
Threats IPT we have been using them
since 1997.
@JohnBumgarner
RT @mikko: I'm afraid we've seen only the very
beginning of the Stuxnet / Duqu / Flame saga. ->
What else is hiding in your database?
An extension of stuxnet paradigm is the
We have seen in action cyber weapons
that turn your PC into a paper weight,
others change all login PW and block
safe boots.
An extension of stuxnet paradigm is the
capability to see an Iranian cyber strike
as they plan it.
http://warintel.blogspot.com/2010/10/stuxnet-30-most-powerful-weapon-ever.html
"Why a "kill date" of June 24, 2012, for
stuxnet?" date of attack on Iran? G
"Why a "kill date" of June 24, 2012, for
stuxnet?" date of attack on Iran? G
Our BSU's found the smoking gun:
Stuxnet architect:
Internet Anthropologist Think Tank:
Smoking Gun, Stuxnet architect.
Our key to proof of Israel involvement:
Our index of our research into stuxnet
index:
https://www.google.com/search?sugexp=chrome,mod=5&sourceid=chrome&ie=UTF-8&q=warintel+stuxnet
Gerald
War Anthropologist
Tactical Internet Systems analyst.
Ad Magnum
Internet Anthropologist Think Tank:
Smoking Gun, Stuxnet architect.
Our key to proof of Israel involvement:
Please give us attribution for sharing the key.
" 6b2221dad51dd04938ee19e46c6f4c7f26a061be "
Flame's Authenticode signature:
Flame's Authenticode signature:
I added it as a base64 dump to the end of my post http://bit.ly/KEKyEj
If stuxnet etal have penetrated so deep
and comprehensively in to Irans IT
network then to Russia and China
are also an open book.
Even we grossly underestimated US
cyber offensive capabilities so to
may the world be grossly underestimating US
If stuxnet etal have penetrated so deep
and comprehensively in to Irans IT
network then to Russia and China
are also an open book.
Even we grossly underestimated US
cyber offensive capabilities so to
may the world be grossly underestimating US
cyber defensive capabilities.
http://www.defensenews.com/article/20120606/DEFREG02/30606001
0/Panetta-Green-Lights-First-Cyber-Operations-Plan
http://www.defensenews.com/article/20120606/DEFREG02/30606001
0/Panetta-Green-Lights-First-Cyber-Operations-Plan
Our index of our research into stuxnet
index:
https://www.google.com/search?sugexp=chrome,mod=5&sourceid=chrome&ie=UTF-8&q=warintel+stuxnet
Gerald
War Anthropologist
Tactical Internet Systems analyst.
Ad Magnum
posted by gerald at
6/13/2012 12:47:00 AM
READ MORE
READ OR SUBSCRIBE, Our WAR OSINT on Twitter
Tweet
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home