How The U.S. Hacked ISIS (1 Viewer)

[Andrus]

Interesting read from NPR...

How The U.S. Hacked ISIS

In 2016, the U.S. launched a classified military cyberattack against ISIS to bring down its media operation. NPR interviewed nearly a dozen people who lived it.

www.npr.org

 

[Ayo]

Fascinating article - and the idea materializing in the mind of a 30-something Marine reservist. And other young minds, who are more tech- and hack-savvy being included in high level discussions because they understand it in a way that their superiors/elders can't - thought that was interesting

There was something else about Task Force ARES that was different: Young operators like Neil were briefing generals directly. "A lot of [ideas] come up that way, like somebody says, 'Well, we could gain access and do this to the files.' Really? You can do that? 'Oh yeah.' Would anyone notice? 'Well, maybe, but the chances are low.' It's like, hmmm, that's interesting, put that on the list."

Cardon said young operators on Joint Task Force ARES understood hacking in a visceral way and, in many respects, understood what was possible in cyberspace better than commanding officers did, so having a direct line to the people making the decisions was key.

Another theater of war for the digital age:

The one thing on which everyone seemed to agree is that ISIS had found a way to do something other terrorist organizations had not: It had turned the Web into a weapon. ISIS routinely used encrypted apps, social media and splashy online magazines and videos to spread its message, find recruits and launch attacks.

A response to ISIS required a new kind of warfare, and so the NSA and U.S. Cyber Command created a secret task force, a special mission, and an operation that would become one of the largest and longest offensive cyber operations in U.S. military history. Few details about Joint Task Force ARES and Operation Glowing Symphony have been made public.

thought this part was cool - they got to a "What is your pet?" question and they were stumped, until one voice at the back of the room yells out the correct answer. And it was a number.

They began moving through the ISIS networks they had mapped for months. Participants describe it like watching a raid team clearing a house, except it was all online. Logging into accounts they had followed. Using passwords they discovered. Then, just as their move through targets started to accelerate, a roadblock: a security question. A standard, "what was your high school mascot"-type security question.

The question: "What is the name of your pet?"

The room quieted down.

"And we're stuck dead in our tracks," Neil said. "We all look to each other and we're like, what can we do? There's no way we're going to get in. This is going to stop the 20 or 30 targets after this."

Then an analyst stood up in the back of the room.

"Sir, 1-2-5-7," he said.

"We're like, what?" Neil says.

"Sir, 1-2-5-7."

"How do you know that? [And he said] 'I've been looking at this guy for a year. He does it for everything.' And we're like, all right ... your favorite pet. 1-2-5-7.

"And boom, we're in."

and the various ideas they considered were quite varied - to make the errors and problems seem like ordinary tech problems instead of signs of infiltration from the US:

"We had to understand, how did all of that work?" Buckner said. "And so, what is the best way to cause confusion online?"

The ideas that flowed up from operators like Neil were endless. Let's drain their cellphone batteries; or insert photographs into videos that weren't supposed to be there. Task Force ARES would watch, react and adjust its plans. It would change passwords, or buy domain names, delete content, all in a way that made it (mostly) look like it was just run-of-the mill IT problems.

It's also worth pointing out, that there are obviously two sides to this war - this comment from right-down-the-road University of Toronto's Munk Center (one of the pre-eminent institutions when it comes to global policies and affairs, btw):

But there is a dark side to this new arsenal. The U.S. isn't the only country that has turned to cyber. Consider the case of Washington Post journalist Jamal Khashoggi, who was murdered in a Saudi embassy late last year; cybertools are thought to have been part of that case too. "A lot of the preparation for that and the lead-up to it had to do with Saudi Arabia using offensive weapons," said Ron Deibert, the director of the Citizen Lab at the University of Toronto's Munk School of Global Affairs.

 

[SystemShock]

This is possible because the majority of the people don't realize exactly how is it that all of this webz thing works. Things like VPNs and encrypted networks make things harder nowadays, but not impossible, just more tedious. And in many cases there is no need to break the encryption.

It used to be that you could run a script to try to break a login : password, most famously John the Ripper. It would run for hours and hours, days, months, even years but eventually it'd find the right combination. Nowadays, few tries lock and account, but back in the day, you could try an infinite number of times.

Now you got the police/government putting up nodes/honeypots all over the place... waiting for someone to bite, and/or watching packets.