Internet Anthropologist Think Tank: Our surveillance of Stuxnet starting 2009

  • Search our BLOG


  • HOME
    Terrorist Names SEARCH:
    Loading

    Wednesday, June 13, 2012

    Our surveillance of Stuxnet starting 2009

    You remember the huge demonstration
    in Iran in 2009, we were working with
    Anonymous against Iran and had many
    operations going on in Iran.
    The year stuxnet deployed.

    @JohnBumgarner
    @Geraldanthro - the primary sabotage operations against
    Iranian targets were green lighted in 2009.

    @JohnBumgarner
    Project "Olympic Games" was underway for 
    approx. 4 years, before President Obama took office in Jan 2009.






    Anonymous had an Iranian spy in its ranks
    causing problems and ask us to ferret him 
    out, it was a rocky relationship, we turned 
    up two spys embedding text in jpgs.


    We tracked their IPs and the IPs of anonymous
    members they were trying to recruit.
    The Anonymous Commodore was furious
    said we exceeded our authority and fired us.
    All data deleted to NSA standards.


    We continued operations against Iran 
    independently. And we ran into Stuxnet
    on some servers in 2009, of course
    we didn't know that.

    "Server in Iran compromised.
    Who is launching the scan? Is it a random script kiddie
    or maybe a bot farm, using the Iranian server?
    A sophisticated attacker may actually use some simple 
    "script kiddie" tools first, in order to hide out in the noise 
    of bot and kiddy probes. What computers are they taking over?
    And port 5900 (VNC) appears to be the main attack method.

    Discovered Targets: 1867
    First Reported: xx.xx.xx
    Most Recent Report: xx.xx.xx

    .It is a "Ministry of Jahad" server...."



    It was and suspected
    it was Anonymous an ally and didn't
    interfere or even investigate the penetration
    as we had our hands full with our own 
    operations, using around 100,000 BSU's.
    Bot Surveillance Units. 06/2009.
    And documented the discovery here.
     http://warintel.blogspot.com/2009/06/iran-regime-under-cyber-attack.html 





    The next month paradigm Intel and 
    BSUs indicated Iran was under cyber 
    attack from Israel.
    And reported it.
    http://warintel.blogspot.com/2009/07/israel-already-at-war-with-iran.html
    Iran was so perplexed they fired top 
    nuclear scientist and knew their nuclear
    PCs were in trouble, PC reported every thing
    was OK, while centrifuges were spinning
    out of control, self destructing. It got so bad
    they had man with walkie-talkie setting watching
    the centrifuges radioing just what he was seeing. 







    @JohnBumgarner
    President Obama accelerated the "Olympic Games"
    operation in Jan 2010, by deploying a more improved 
    version of Stuxnet

    @JohnBumgarner
    President Obama Green Lighted the "Olympic Games"
    project 5 months after taking office.
    Launched downrange was Stuxnet ver. 1

    Iran was accelerating nuclear operations, 
    Obama needed more.G
    @JohnBumgarner
    Two month later the U.S. released an untested version
    of stuxnet and that is when the operation began to have problems.

    @JohnBumgarner
    Pres. Bush 5 years "Olympic Games" zero known 
    compromises Pres. Obama 3 years "Olympic Games" 
    at least 3 known compromises.#stuxnet

    Compromises serve as warning to Iran.
    Pressure to capitulate.

    @JohnBumgarner
    Stuxnet (juiced up version Mar/Apr 2010) was 
    discovered trying to get back into Natanz,


    We provided some cover for the Israel
    cyber attacks revealing the Green movements
    cyber activities.
    http://warintel.blogspot.com/2009/06/iran-regime-under-cyber-attack.html

    The next year we flushed out the stuxnet paradigm.
    Stuxnet 1.0 as of yet undiscovered, a recon program.


    Stuxnet 2,0 the one that was discovered that we
    all know and love. How it functions is Art.
    http://warintel.blogspot.com/2010/09/stuxnet-development-paradigm-intel.html

    @JohnBumgarner
    RT @craiu: Microsoft's reaction to Flame shows
    seriousness of 'Holy Grail' hack - http://bit.ly/KO4hkT

    And stuxnet family, all by same group,
    how they fit together.
    And document our discoveries. 2010
    http://warintel.blogspot.com/2010/10/stuxnet-10-20-30.html


    Stuxnet 3,0 or flame as Kasperty calls it.
    we discovered, documented and calculated
    its capabilities, 2 yrs before Kaspersky did.
    http://warintel.blogspot.com/2010/10/stuxnet-30-most-powerful-weapon-ever.html



    Stuxnet/flame puts USA in same position 
    as when US was only one with atom bomb, 
    MAD NOT APPLICABLE, first strike 
    can take out everything, leaving enemy nothing 
    to retaliate WITH.

    Stuxnet is so deeply embedded in Iran
    their counterstrike plans are already known.

    Flame and Stuxnet were elements of a 
    broader assault that continues today. 
    Stuxnet and Flame infections can be 
    countered, other tools in play .
    OPSEC PREVENTS MORE.

    This powerful weapon is so comprehensive
    it is a deterrent in and of its self,
    You don't slap someone who has you
    by the balls like stuxnet has Iran.
    The flip side of the suicide function,
    as the press calls it, isn't suicide at all.
    Its artificial intelligence, if you start looking
    for Flame it knows and disappears.
    Flip side is its so easy to penetrate PCs
    dumping all traces of its self isn't a problem
    it will revisit later.


    @JohnBumgarner
    Flame authors use old anti-forensic technique to destroy potential 

    Stuxnet is a demonstration of the total
    failure of anti-virus security companies.
    Stuxnet and sons were written to walk 
    through all known security programs, 
    around 100 security programs.
    Computer security doesn't exist.


    @JohnBumgarner
    How did anti-virus vendors miss identifying a 20 Mb 
    piece of malware for several years? #flame #stuxnet #duqu

    @JohnBumgarner
    His book (@SangerNYT) also says that Stuxnet was 
    discovered because it escaped Natanz. RED FLAG on 
    this play. That's not what happened.

    Kaspersky and Symantec are two years 
    behind us in understanding Stuxnet. 
    But we are pleased they were able to confirm our
    research from two yrs ago.
    in the Flame malware? #stuxnet #iran #nsa #cia

    The next evolution will be Invisible Persistent 
    Threats IPT we have been using them 
    since 1997.


    @JohnBumgarner
    RT @mikko: I'm afraid we've seen only the very 
    beginning of the Stuxnet / Duqu / Flame saga. ->
    What else is hiding in your database?

    We have seen in action cyber weapons 
    that turn your PC into a paper weight, 
    others change all login PW and block 
    safe boots.

    An extension of stuxnet paradigm is the
    capability to see an Iranian cyber strike 
    as they plan it.
    http://warintel.blogspot.com/2010/10/stuxnet-30-most-powerful-weapon-ever.html

    "Why a "kill date" of June 24, 2012, for 
    stuxnet?" date of attack on Iran? G

    Our BSU's found the smoking gun:
    Stuxnet architect:
    Internet Anthropologist Think Tank: 
    Smoking Gun, Stuxnet architect.

    Our key to proof of Israel involvement:
    Please give us attribution for sharing the key.
    " 6b2221dad51dd04938ee19e46c6f4c7f26a061be "


    Flame's Authenticode signature: 
    I added it as a base64 dump to the end of my post http://bit.ly/KEKyEj

    If stuxnet etal have penetrated so deep
    and comprehensively in to Irans IT
    network then to Russia and China
    are also an open book.  


    Even we grossly underestimated US
    cyber offensive capabilities so to
    may the world be grossly underestimating US  
     

    Our index of our research into stuxnet
    index:


    https://www.google.com/search?sugexp=chrome,mod=5&sourceid=chrome&ie=UTF-8&q=warintel+stuxnet




    Gerald
    War Anthropologist
    Tactical Internet Systems analyst.
    Ad Magnum


     

    0 Comments:

    Post a Comment

    Subscribe to Post Comments [Atom]

    << Home