I read about the alleged cyber-operations against Iran in the New York Times and the Wall Street Journal …


The U.S. covertly launched offensive cyber operations against an Iranian intelligence group’s computer systems on Thursday, the same day President Trump pulled back on using more traditional methods of military force, according to U.S. officials familiar with the matter.

[OCS: By its very nature, a cyberattack is not a spectator sport – virtually nothing dramatic to see unless you are looking over the shoulder of the initiator – and even then, there is not much action. So how does the United States launch a "covert" cyberattack when the news is splashed across the front page of the New York Times or the Wall Street Journal?

And who are these former or current “U.S. officials who are so willing to sell out their nation’s defense operations to the media? Which leads one to the unescapable conclusion that the leaks could be “fake news,” released for political  face-saving reasons or an attempt to further psychological operations.]

The cyberstrikes, which were approved by Mr. Trump, targeted computer systems used to control missile and rocket launches that were chosen months ago for potential disruption, the officials said. The strikes were carried out by U.S. Cyber Command and in coordination with U.S. Central Command.

[OCS: Unless it is your goal to force an enemy to spend large amounts of time, energy, and money verifying their systems, why would anyone reveal target classes?] 

The officials declined to provide specific details about the cyberattacks, but one said they didn’t involve loss of life and were deemed “very” effective. They came during the peak of tensions this week between the U.S. and Iran over a series of incidents across the Middle East, including Tehran’s shooting down of an American reconnaissance drone.

[OCS: Sounds like an administration leak to shore-up President Trump’s comments when he declined a kinetic strike because 150 people might lose their lives in an attack – and after all, the drone was unmanned. Or, alternatively, to portray the President as being weak on national defences.]

The attacks also came as U.S. fears have grown that Iran may seek to lash out with cyberattacks of its own, as multiple cybersecurity firms said they had already seen signs Tehran is targeting relevant computer networks for intrusion and appeared particularly focused on the U.S. government and the American energy sector, including oil and gas providers.

[OCS: Lash out? It is assumed that cyberattacks against military and commercial targets are ongoing as a matter of policy. Especially those aimed at financial institutions. And, Iran is not alone as China, Russia, North Korea all have state-sponsored anti-U.S. cyberprograms – not to mention the criminal hackers that appear to form its own cottage industry.]

While little was known about Thursday’s digital attacks, they were the latest indication that the U.S. has ramped up its willingness to use disruptive or destructive cyber weapons under President Trump after years of caution and drawn-out interagency deliberations that often led to inaction in previous administrations.

[OCS: This is blatant bullsh*t because Stuxnet, the malicious worm designed to infect process controllers and destroy Iran’s nuclear industry was launched under President George W. Bush and continued under Barack Obama.

And, if one considers the damage caused by the release of NSA programs to the general public by a disaffected and treasonous contractor, the idea that cybersecurity is not an ongoing attack-counterattack affair is unbelievable.]

<WSJ: Source> U.S. Launched Cyberattacks on Iran

<NYT: Source> U.S. Carried Out Cyberattacks on Iran

… but I am more worried about the computers that run popular commercial software …

How many people know that you can purchase a simple utility for a few dollars that will decrypt the majority of user names and passwords used to login to banking, medical, and other sensitive internet sites? Or that you can quickly recover the program key for the most popular, and sometimes expensive software? And, that some of these utilities can be placed on a USB-thumb drive and grab information from disks remotely or even from a dead computer with an intact hard drive.

Most computer gurus have their personal stash of utilities that, when viewed from the outside by a layman, make even a mediocre guru appear to be a genius and capable of performing magic. Or as we are wont to say in IT, “In the valley of the blind, the one-eyed man is king.”

If you want to drive yourself crazy …

While all of the security professionals are chattering about China’s telecommunications giant, Huawei Technologies and the potential inclusion of backdoors and malicious software in their products used to support critical U.S. infrastructure, many Americans are using a Chinese product to back-up their computer systems – including programs, links, passwords, and sensitive data. And, that, according to Tech Radar, it is the second-ranked backup program in the United States.


Bottom line …


When it comes to the “Internet of Things,” most users are willing to trade security and privacy for convenience. Thus rendering much more than our military and critical infrastructure at risk from crippling cyber attacks.

We are so screwed.

-- steve

“Nullius in verba.”-- take nobody's word for it!

“Beware of false knowledge; it is more dangerous than ignorance.”-- George Bernard Shaw

“Progressive, liberal, Socialist, Marxist, Democratic Socialist -- they are all COMMUNISTS.”

“The key to fighting the craziness of the progressives is to hold them responsible for their actions, not their intentions.” – OCS

"The object in life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." -- Marcus Aurelius

“A people that elect corrupt politicians, imposters, thieves, and traitors are not victims... but accomplices” -- George Orwell