link to story:
Tagged: cyber Toggle Comment Threads | Keyboard Shortcuts
March 2, 2010
On March 1, Ryan Singel, writing for Wired, accused the government of plotting to destroy the open and freedom-loving internet. Readers of Infowars and Prison Planet have known this for some time, but it is nice to know a quasi-establishment publication is now telling the truth and warning its readers about the threat to liberty posed by the government.
Cyber ShockWave, a “war game” designed to hype the supposed threat to U.S. infrastructure.
“The biggest threat to the open internet is not Chinese government hackers or greedy anti-net-neutrality ISPs, it’s Michael McConnell, the former director of national intelligence,” writes Singel. “McConnell’s not dangerous because he knows anything about SQL injection hacks, but because he knows about social engineering. He’s the nice-seeming guy who’s willing and able to use fear-mongering to manipulate the federal bureaucracy for his own ends, while coming off like a straight shooter to those who are not in the know.”
The former intel boss, now vice president of the spooky Booz Allen Hamilton corporation (notorious for connections to 9/11 and a key DARPA client), has been trotted out to sell “Cybaremaggedon” (as Singel appropriately characterizes it) to the American people. McConnell insists the internet needs to be re-engineered:
We need to develop an early-warning system to monitor cyberspace, identify intrusions and locate the source of attacks with a trail of evidence that can support diplomatic, military and legal options — and we must be able to do this in milliseconds. More specifically, we need to re-engineer the Internet to make attribution, geo-location, intelligence analysis and impact assessment — who did it, from where, why and what was the result — more manageable. The technologies are already available from public and private sources and can be further developed if we have the will to build them into our systems and to work with our allies and trading partners so they will do the same.
“He’s talking about changing the internet to make everything anyone does on the net traceable and geo-located so the National Security Administration can pinpoint users and their computers for retaliation if the U.S. government doesn’t like what’s written in an e-mail, what search terms were used, what movies were downloaded,” writes Singel. “Or the tech could be useful if a computer got hijacked without your knowledge and used as part of a botnet.”
McConnell says the government needs to create a new Cold War, “one complete with the online equivalent of ICBMs and Eisenhower-era, secret-codenamed projects.”
Not directed against Muslims in remote backwater caves, mind you, but the real enemy — the American people who are increasingly aroused, thanks in large part to the internet.
Alex Jones talks about cybersecurity legislation on Russia TV.
The Bush era intel boss hyped the overblown Chinese hacker threat in “breathless” stories published in The Washington Post and The Wall Street Journal. The world’s largest security companies McAfee and Symantec have downplayed the story. Singel points out that such fear-mongering is almost completely void of facts.
The anti-open internet echo chamber includes a speech delivered by Lawrence E. Strickling, Assistant Commerce Secretary:
In fact, “leaving the Internet alone” has been the nation’s internet policy since the internet was first commercialized in the mid-1990s. The primary government imperative then was just to get out of the way to encourage its growth. And the policy set forth in the Telecommunications Act of 1996 was: “to preserve the vibrant and competitive free market that presently exists for the Internet and other interactive computer services, unfettered by Federal or State regulation.”
This was the right policy for the United States in the early stages of the Internet, and the right message to send to the rest of the world. But that was then and this is now.
Now? The Pentagon wants to take out enemies with the online equivalent of ICBMs in order to prevent cyberattacks, privacy intrusions and copyright violations (and, of course, take out the real threat — the alternative media overshadowing the staid establishment corporate media).
“As anyone slightly versed in the internet knows, the net has flourished because no government has control over it,” writes Singel. “But there are creeping signs of danger.”
The primary creeping sign is the cybersecurity bill now in the Senate under the direction of the renown internet hater, senator Jay Rockefeller. If passed, Obama would have the ability to initiate “network contingency plans to ensure key federal or private services did not go offline during a counterattack of unprecedented scope,” according to Tony Romm of The Hill.
“Too much is at stake for us to pretend that today’s outdated cybersecurity policies are up to the task of protecting our nation and economic infrastructure,” Rockefeller said. “We have to do better and that means it will take a level of coordination and sophistication to outmatch our adversaries and minimize this enormous threat.”
Rockefeller and the government have but one serious adversary — the American people who are circumventing establishment propaganda via the internet.
The recently passed House cybersecurity bill and the Senate’s version now under considered are peddled as urgent action against Russian and Chinese hackers hellbent on taking down the power grid and the smart phone network.
In fact, all the fear-mongering is a smoke screen for the real purpose of this legislation — to close down the free and open internet and viciously attack those who dare tell the truth and organize opposition to a predatory and dictatorial government.
The Electronic Frontier Foundation
September 3, 2009
In April, we voiced serious concerns about the Cybersecurity Act of 2009, a bill by Senators Jay Rockefeller (D-WV) and Olympia Snowe (R-ME), that sought to give the federal government unprecedented power over the Internet. For months, the bill has been redrafted behind closed doors and has recently been circulated, but by all accounts, the changes are cosmetic and it’s sadly more of the same.
Like the original bill, the new version appears to give the President carte blanche to decide which networks and systems, private or public, count as “critical infrastructure information systems or networks.” And alongside that authority, there still appears to be murky language that would permit the President to shut down the Internet. Note the troubling provision in the original bill, which said:
The President […] may order the disconnection of any Federal Government or United States critical infrastructure information systems or networks in the interest of national security;
The new bill says:
The President […] in the event of an immediate threat […] may declare a cybersecurity emergency; and may, if the President finds it necessary for the national defense and security, and in coordination with relevant industry sectors, direct the national response to the cyber threat and the timely restoration of the affected critical infrastructure information system or network;
In other words, they appear to have packaged Presidential authority to shut down the Internet and other private networks behind a ribbon of red tape, and the words “national response.”
In addition, a CNET article by Declan McCullagh indicates that many of the early concerns about privacy, authority, and security effectiveness have gone unsolved: there is vague language about mapping federal and private networks; there is an unexplained scheme to certify cybersecurity professionals at the federal level; and the mandated implementation of a “cybersecurity strategy” before the completion of a legal review that could protect against inadvertent privacy violations or inefficiency.
Despite the many questionable provisions, the bill may snake its way through the lawmaking process by virtue of having been produced in large part by Sen. Rockefeller, who is chairman of the committee in charge of reviewing and approving the bill. Stay tuned to EFF Deeplinks for news as the bill progresses — we’ll be watching it carefully.
The Corbett Report
July 17, 2009
Government sources immediately began blaming North Korea for the recent cyberterror attacks on South Korea and the U.S., despite having no evidence to back up those claims. Now, an examination of the evidence by independent computer experts show that the attack seems to have been coordinated from the UK. The hysterical media coverage in the attack’s wake, however, echoing the government line that it was likely the work of North Korea, served to cement in the minds of many that this was an act of cyberwarfare.
Back in 2003, Mike McConnell, the ex-director of the National Security Agency (NSA), was fearmongering over the possibility of a cyber attack “equivalent to the attack on the World Trade Center” if a new institution were not created to oversee cyber security.
The idea that this surprisingly unsophisticated attack could have come from a well-organized, hostile state or terrorist group comes as a blessing in disguise to those groups, agencies and advisors who have been calling for greater and greater federal snooping powers in the name of stopping a “cyber 9/11″ from happening.
The “cyber 9/11″ meme stretches back almost to 9/11 itself. Back in 2003, Mike McConnell, the ex-director of the National Security Agency (NSA), was fearmongering over the possibility of a cyber attack “equivalent to the attack on the World Trade Center” if a new institution were not created to oversee cyber security. Since then, report after report has continued to use the horror of 9/11 as a way of raising public hysteria over “cyber terrorism,” a subject more often associated with juvenile hackers and lone misfits than radical terrorist organizations.
The real reason behind the invocation of 9/11 in the context of “cyber terror” was revealed last year by Harvard law professor Lawrence Lessig. He told a technology conference that former counterterrorism czar Richard Clarke admits there is a cyber equivalent of the constitution-destroying Patriot Act ready to be rubber stamped into law; all it requires is a “cyber 9/11″ to make such legislation politically viable. In effect, the cyber security establishment—the advisors, agents and experts in the newly-minted multi-billion dollar cyber security industry—are waiting for a spectacular cyber terrorist attack to go ahead with plans for ‘identity management’ schemes like fingerprinting for internet access which would put an end to the free Internet as we have known it.
What the cyber security establishment does not want you to know is that the most incredible cyber terrorist story of all time began 15 years ago. And it centers on 9/11. The establishment is interested in suppressing this story because it demonstrates that the very investigative bodies that are clamoring for more power on the pretext of the “cyber terror” hysteria are the exact same bodies that failed to investigate the documentable links between government-designated terrorists and a software company with direct access to some of the most sensitive computer systems in the United States. FBI agents whose investigation into this story were suppressed have even said that these investigations could have prevented 9/11.
It is a story of international terror and terrorist financiers. It stretches from New England to Saudi Arabia and involves businessmen, politicians and terror networks. And it begins in the most unlikely of places: the offices of an enterprise architecture software firm in Quincy, Massachusetts.
Enterprise Architecture: The God’s-Eye View of Systems and Infrastructure
“Enterprise architecture software” refers to a computer program that allows someone to look at all of the data produced throughout an organization’s structure in real time. This effectively gives the program user a god’s-eye view of an enterprise, allowing for the mapping, visualization and analysis of all transactions, interactions, systems, processes and personnel in the entirety of a business or agency. This type of software could, for example, be used for robust business modeling, allowing for extremely detailed and accurate projections of how changes in an organization’s structure or processes would effect a business’ bottom line. What would happen if two departments were merged, for example, or if a business were to outsource one of its processes.
As this software began to mature in the 1990s, however, it went from a merely useful tool to something truly incredible. Sophisticated enterprise architecture software could, for example, examine all of the transactions taking place across a financial institution in real time and examine that data for possible money laundering operations or rogue traders. Such software could even have potentially detected and identified the insider trading leading up to 9/11. Combined with rudimentary a.i. capabilities, such a program would not only be able to alert the appropriate personnel about such transactions, but even stop them as they are happening. If the software were sophisticated enough, it may even be able to identify the possibility of such transactions before they happen.
The utility of such software for organizations of all stripes should be obvious enough. It is unsurprising, then, that numerous government agencies and powerful corporations were hungry for this software in the 1990s. A surprising number of them, including DARPA, the FBI, the Secret Service, the White House, the Navy, the Air Force, the FAA, NATO, IBM, Booz Allen Hamilton and Price Waterhouse Coopers (amongst many others) turned to a small New England-based software firm called Ptech.
Ptech: Not Your Average Software Firm
Ptech was founded in Quincy, Mass. in 1994 and by 1996 had secured a contract with DARPA to help transfer commercial software methodologies to the defense sector. In 1997, it gained security clearance to bid on sensitive military contracts and bid on work for a range of other government agencies. Within four years Ptech had built up a stable of clients that would make any third-party software vendor green with envy. From the inner sanctum of the White House to the headquarters of the FBI, from the basement of the FAA to the boardroom of IBM, some of the best-secured organizations in the world running on some of the most protected servers housing the most sensitive data welcomed Ptech into their midst. Ptech was given the keys to the cyber kingdom to build detailed pictures of these organizations, their weaknesses and vulnerabilities, and to show how these problems could be exploited by those of ill intent. For all of its incredible success, however, many of the firm’s top investors and employees were men with backgrounds that should have been raising red flags at all levels of the government.
The firm was founded on $20 million of startup money, $5 million of which was provided by Yassin al-Qadi, a wealthy and well-connected Saudi businessman who liked to brag about his acquaintance with Dick Cheney. He also had connections to various Muslim charities suspected of funding international terrorism. In the wake of 9/11 he was officially declared a Specially Designated Global Terrorist by the U.S. government and his assets were frozen. At the time, Ptech’s owners and senior management denied that al-Qadi had any involvement with the company other than his initial investment, but the FBI now maintains they were lying and that in fact al-Qadi continued investing millions of dollars in the company through various fronts and investment vehicles. Company insiders told FBI officials that they were flown to Saudi Arabia to meet Ptech’s investors in 1999 and that al-Qadi was introduced as one of the owners. It has also been reported that Hussein Ibrahim, Ptech’s chief scientist, was al-Qadi’s representative at Ptech and al-Qadi’s lawyers have admitted that al-Qadi’s representative may have continued to sit on Ptech’s board even after 9/11.
Ibrahim himself was a former president of BMI, a New Jersey-based real estate investment firm that was also one of the initial investors in Ptech and provided financing for Ptech’s founding loan. Ptech leased office space and computer equipment from BMI and BMI shared office space in New Jersey with Kadi International, owned and operated by none other than Ptech’s sweetheart investor and Specially Designated Global Terrorist, Yassin al-Qadi. In 2003, counterterrorism czar Richard Clarke said: “BMI held itself out publicly as a financial services provider for Muslims in the United States, its investor list suggests the possibility this facade was just a cover to conceal terrorist support.”
Suheil Laheir was Ptech’s chief architect. When he wasn’t writing the software that would provide Ptech with detailed operational blueprints of the most sensitive agencies in the U.S. government, he was writing articles in praise of Islamic holy war. He was also fond of quoting Abdullah Azzam, Osama Bin Laden’s mentor and the head of Maktab al-Khidamat, which was the precursor to Al-Qaeda.
That such an unlikely cast of characters were given access to some of the most sensitive agencies in the U.S. federal government is startling enough. That they were operating software that allowed them to map, analyze and access every process and operation within these agencies for the purpose of finding systemic weak points is equally startling. Most disturbing of all, though, is the connection between Ptech and the very agencies that so remarkably failed in their duty to protect the American public on September 11, 2001.
Ptech on 9/11: The Basement of the FAA
For two years prior to 9/11, Ptech was working to identify potential problems or weaknesses in the FAA’s response plans to events like a terrorist hijacking of a plane over U.S. airspace. According to their own business plan for their contract with the FAA, Ptech was given access to every process and system in the FAA dealing with their crisis response protocols. This included examining key systems and infrastructure to analyze the FAA’s “network management, network security, configuration management, fault management, performance management, application administration, network management and user desk help operations.” In short, Ptech had free reign to examine every FAA system and process for dealing with the exact type of event that was to occur on 9/11. Even more incredible, researcher Indira Singh points out that Ptech was specifically analyzing the potential interoperability problems between the FAA, NORAD and the Pentagon in the event of an emergency over U.S. airspace.
Ptech also presumably had operational information about the systems that the FAA, NORAD and others employed during crisis response exercises like Vigilant Guardian, the NORAD exercise that was taking place on 9/11 and included simulations of hijacked jets being flown into New York and hijacked jets being flown into government buildings. This is significant because there is every indication that just such drills were confusing NORAD’s response to the real hijackings that were taking place that day. As researcher Michael Ruppert points out, a rogue agent with access to a Ptech backdoor into the FAA’s systems could have been deliberately inserting fake blips onto the FAA’s radars on 9/11. That scenario would explain the source of the phantom Flight 11 that the FAA reported to NORAD at 9:24 a.m. (well after Flight 11 had already hit the World Trade Center), a report whose source the 9/11 Commission claims they were unable to find.
In short, Ptech’s software was running on the critical systems responding to the attacks of 9/11 on 9/11 itself. The software was designed for the express purpose of giving its users a complete overview of all the data flowing through an organization in real time. The father of enterprise architecture himself, John Zachman, explained that with Ptech-type software installed on a sensitive server “You would know where the access points are, you’d know how to get in, you would know where the weaknesses are, you’d know how to destroy it.”
In the late 1990s, Robert Wright—an FBI special agent in the Chicago field office—was running an investigation into terrorist financing called Vulgar Betrayal. From the very start, the investigation was hampered by higher-ups; the investigation was not even allocated adequate computers to carry out its work. Through Wright’s foresight and perseverance, however, the investigation managed to score some victories, including seizing $1.4 million in U.S. funds that traced back to Yassin al-Qadi. Wright was pleased when a senior agent was assigned to help investigate “the founder and the financier of Ptech“, but the agent did no work and merely pushed papers during his entire time on the case.
Shortly after the 1998 African embassy bombings, Vulgar Betrayal began to uncover a money trail linking al-Qadi to the attack. According to Wright, when he proposed a criminal investigation into the links, his supervisor flew into a rage, saying “‘You will not open criminal investigations. I forbid any of you. You will not open criminal investigations against any of these intelligence subjects.” Wright was taken off the Vulgar Betrayal investigation one year later and the investigation itself was shut down the following year.
In the aftermath of 9/11, Indira Singh—a risk management conultant for JP Morgan—was looking for enterprise architecture software to implement the next generation of risk management at the financial juggernaut. Impressed by their client list, Singh invited Ptech to demonstrate their software. It wasn’t long before she began discovering the connections between Ptech and international terrorist financing. She worked exhaustively to document and uncover these links in an effort to persuade the FBI in Boston to open their own investigation into Ptech, but she was told by one agent that she was in a better position to investigate this than someone inside the FBI. Despite the persistent efforts of Singh and the testimony of company insiders, the FBI did not inform any of the agencies contracting with Ptech that there were concerns about the company or its software.
In late 2002, Operation Green Quest—a Customs Department-led multi-agency investigation into terrorist financing—raided Ptech’s offices due to its ties to al-Qadi and others. The very same day of the raid White House Press Secretary Ari Fleischer declared the company and its software safe. Mainstream news articles defending Ptech after the story broke, however, blithely admit that the company was informed of the raid weeks in advance, hoping perhaps that readers will not notice that his completely defeats the purpose of such a raid or calls into question its results. Eventually, Michael Chertoff led an effort to give the FBI total control over Greenquest, leading to Customs officials accusing him of sabotaging the investigation. No indictments were laid in the immediate aftermath of the Ptech raid against al-Qadi or anyone else related to the company. Chertoff went on to become the head of Homeland Security.
The 9/11 Commission Report, obviously, does not mention Ptech. Given the incredible information about this company and its links to Specially Designated Global Terrorist Yassin al-Qadi, this is perhaps surprising. This startling omission becomes more ominous however, when it is understood that the 9/11 Commission co-chair, Thomas Kean, made $24 million dollars off a land deal with al-Qadi linked organization BMI.
For over a decade, investigations into Ptech, its employees and its investors have been stifled, suppressed or derailed by people in key positions. But all of that finally changed this week.
A Break in the Case
On Wednesday the Boston Field Office of the FBI unsealed a 2007 indictment of Oussama Ziade, Ptech’s former CEO, and Buford George Peterson, the former CFO and COO. The indictment charges that the pair knowingly lied to investigators about the extent of al-Qadi’s investments and ties with Ptech. Another unsealed indictment, this one from 2005, alleges Ziade attempted to engage in transactions involving al-Qadi’s property, a federal offence as al-Qadi was a Specially Designated Global Terrorist at the time. If the pair are convicted on the charges, they face 30 years in prison and a $1 million fine.
Whether this represents a significant breakthrough in the case and the beginning of the official unraveling of the Ptech story will likely depend on whether political pressure is brought to bear by an informed public who are concerned with this story. Given that the public has been whipped into cyber-hysteria over the North Korean figments of the government’s imagination, it will require the media to stop parroting the government’s talking points and begin informing the public about the very real, documentable links between terrorist financiers and the technological capability to override key emergency response systems on 9/11.
Two questions remain to be answered: Did the real “cyber 9/11″ happen on 9/11? And will the public care enough to demand the answer to that question? If the answer to either question is ‘yes,’ concerned readers are advised to download the mp3 file of Episode 045 of The Corbett Report podcast, “Ptech and the 9/11 software,” and begin distributing it to others to bring awareness to this incredible story.
July 10, 2009
Earlier this week South Korean intelligence (a creation of U.S. military intelligence) blamed the enfeebled Stalinist regime in North Korea for a series of cyber attacks on the U.S. government and commercial websites. As numerous observers have noted since the attacks, it is unlikely North Korea was behind the attacks. “Some analysts have questioned the North’s involvement, saying it may be the work of industrial spies or pranksters,” reports Reuters.
Instead of North Korea, the Korea Communications Commission now claims the original attacks were based in Germany, Austria, Georgia, the United States and South Korea. The location of the hackers behind the attacks is still unknown, according to the KCC.
The cyber attacks will now enter a new phase by attacking personal computers and wiping out hard disks, South Korea claims. South Korean web security firm Ahnlab, which has closely examined the attacks, said the new phase would target data on tens of thousands of infected personal computers. Ahnlab sells antivirus software, online security solutions, and network security appliances such as firewalls.
The new alleged threat and accompanying propaganda comes as Senate Commerce Chairman John (Jay) Rockefeller prepares for a July committee vote on cybersecurity legislation he introduced in April with Sen. Olympia Snowe, R-Maine. One of the bill’s most controversial provisions would give the president the power to effectively shut off the Internet during a cyber crisis similar to the one now threatening PCs, according to South Korea and its U.S. created intelligence agency.
July 9, 2009
The US State Department said Thursday its website came under cyberattack for a fourth day running as it tried to prevent further attacks.
“I’m just going to speak about our website, the state.gov website. There’s not a high volume of attacks. But we’re still concerned about it. They are continuing,” State Department spokesman Ian Kelly told reporters.
According to computer security experts, a dozen US government websites, including those of the White House, Pentagon and State Department, were targeted in a coordinated cyberattack which also struck sites in South Korea.
South Korean lawmakers were quoted as saying Wednesday that South Korea’s intelligence service believes North Korea or its sympathizers may have staged the attack.