Cybersecurity Roundup: July 24, 2018
 
This week: Hackers On Planet Earth pwned by MAGA creeps [updated], Russian spy Maria Butina: cyber expert, cybersecurity officials bail from the FBI, a hacker honeypot for murderers, and more…


HOPE it's not too late

The 12th Hackers On Planet Earth (HOPE) conference happened this past weekend in New York. There were some truly fantastic talks ... and the conference got pwned by MAGA-hat trolls who harassed and hassled speakers and attendees alike. The conference appears to have totally pulled a Facebook on dealing with it; the social media backlash is fierce. Unicorn Riot reported it first, writing:

Since Friday night, numerous attendees and presenters at the conference, including our reporters, noticed the presence of men with far-right paraphernalia, including Trump hats and Pepe frog patches. One man wearing a white ‘Make America Great Again’ hat bragged during a talk’s Q & A session about how he had participated in the neo-nazi ‘Unite The Right’ rally in Charlottesville, Virginia last summer.
The next day, the same man with the white MAGA hat further agitated conference-goers by loudly proclaiming himself a proud “nationalist” and voicing support for an accused child molester, John Draper (aka “Captain Crunch”), who has been banned from HOPE and other conferences.

They wore MAGA hats and Pepe schwag and defended Captain Crunch … so it’s pretty easy to diagram who they are and where they came from. It’s not hard at all to figure out what they wanted — their factions are right now bragging about going out with the aim of "taking scalps."

What boggles the mind is how HOPE failed to get this, or managed to miss the glaring, painful lessons of Facebook making “free speech” room for Holocaust deniers. I’m sure the trolls all left HOPE and reported to weev or whatever, laughed it up, and made a plan to a) come back next year, and b) visit the next hacker conference. It reminds me how easy it is for people with knowingly bad intentions to exploit a code of conduct. Especially in the presence of people who are afraid of confrontation (which is perhaps what happened with the security staff, unless they were complicit) -- or management who foolishly thinks that being “Switzerland” absolves them of having made a choice. “We respect all viewpoints” is just going to get you more Nazis until your con is a Nazi con,” tweeted researcher rabbit.

Anyway. “In a joint statement released late Saturday,” explained Unicorn Riot, “numerous groups present for the conference, including the Tor Project and Riseup.net, as well as a list of people including main event speakers Chelsea Manning and Barrett Brown, stated that “on Saturday, 2600 and HOPE Conference organizers refused to remove fascist and white nationalist disruptors from HOPE 2018.”” Micah Lee led that effort quickly and efficiently, though I hope he forgives me for having doubts of its efficacy after watching Jake Appelbaum pwn HOPE year after year.

I guess we’ll see how it gets handled at DEF CON 26 in August, because it is sure to happen.

Update July 24 1:51pm PST: 

More details have emerged about multiple incidents at HOPE 12. It appears that a HOPE speaker worked in concert with the trolls, who where there multiple days. The trolls attacked and serially harassed researcher Matt Blaze, who gave a presentation on securing the vote. One of the trolls also reportedly rushed the stage at the conclusion of Chelsea Manning's onstage interview. This is in addition to multiple in-person threats and verbal abuse to speakers and attendees over the course of the conference.

Meanwhile, a discussion has emerged on Twitter about DEF CON and this issue, as well as concerns about other, smaller hacker conferences who could be vulnerable to this type of attack.

I spy with my little eye

Fans of TV show The Americans got a reprieve after the recent series ending when feds nabbed cold-as-ice Russian spy Maria Butina on July 15th. Trading sex for favors at the Prayer Breakfast, posing like Patty Hearst for Republican yearbook (Facebook) pics, and providing a critical link to the NRA — it was all too garish, too obvious, and yet oh so gloriously camp and lurid that I might've named a popcorn jar after her.

Turns out, I’ll be putting the Very Special Popcorn in it. Because after all that, fans of the cybers got an exciting and wonderful surprise when it was revealed that, among other things like superlative social engineering skills, we learned that Ms. Butina was also a cybersecurity expert.

While she spied, flashed funbags, and infiltrated the begging-for-it Republican party, she also worked as a research assistant at American University. Where she co-authored “Cybersecurity Knowledge Networks” — as pure a tour-de-force in cyber buzzword bingo as ever left the word processor of the most desperate denizen of cyber’s Beltway feeding-frenzy of fake experts. Needless to say, the paper begs for dramatic readings wherever alcoholic beverages are served to hackers.

Hell yes I read it in bed. It characterized cybersecurity as a “critical issue for organizations seeking to protect vulnerable data.” And they wrote this in March 2018, so it’s clearly based on post-Trump-election expertise. 

“Back doors in cyber represent a large list of dangers from data theft and ransom to real-time surveillance or even remote control of an entire network,” Butina and her co-authors wrote, not at all describing exactly what 12 of her colleagues exploited in 2016 and baby-birded to WikiLeaks/Assange. 

In fact, Butina’s paper on cyber advice focuses heavily on teamwork — something she knows, er, intimately. “In this article, we argue that effective cybersecurity practices require well organized collaboration rooted in knowledge sharing and social interaction,” it states. Evoking shades of Facebook and Cambridge Analytica, it explains “we use social network analytics to capture team knowledge across multiple dimensions, persons, and teams.”

Indeed.


Bits and pieces:


Three top FBI officials quit as US cybersecurity threats mount (Engadget)

”Looming cybersecurity threats are reportedly behind the departure of several cybersecurity officials at the Federal Bureau of Investigation … Assistant FBI director Scott Smith is set to resign this month, and will be joined by David Resch, the FBI’s executive assistant director of the cyber, response and services office.”


Marin County man snags would-be killers on fake hitman-for-hire site (SF Gate)

RentAHitman.com. “Rent” implied hire. “Hit” referred to website clicks. And “man” implied the team of professionals behind the site, a few buddies who’d recently graduated from a California business school with IT degrees. “We wanted to do risk analysis, network penetration testing, basically white-hat hacking,” said Bob Innes … In 10 years, he says he’s turned about two dozen potential solicitation-for-murder cases over to authorities and fully converted the site into a “honey pot” intended to catch potential criminals.”


The Republicans’ defensiveness about Russian hacking is revealing (Economist)

”No doubt right-minded Republicans, among the many who privately abhor Mr Trump, would otherwise speak up. Yet it also seems notable that their unwillingness to do so is consistent with their party’s acceptance of a different sort of illegitimacy. That is the tyranny of minority rule, enabled by the quirks of an electoral system that gives its white, rural supporters more power for fewer votes than the more diverse, clustered Democrats—almost 3m fewer …”


Microsoft reveals first known midterm campaign hacking attempts (Politico)

”Microsoft detected and helped block hacking attempts against three congressional candidates this year, a company executive said Thursday, marking the first known example of cyber interference in the midterm elections. [It] declined to name the targets but said they were “people who, because of their positions, might have been interesting targets from an espionage standpoint as well as an election disruption standpoint.””


Router Crapfest: Malware Author Builds 18,000-Strong Botnet in a Day (Bleeping Computer)

”A malware author has built a huge botnet comprised of over 18,000 routers in the span of only one day … Anubhav told Bleeping Computer the botnet author reached out to him to brag about his actions, even sharing a list with the IP addresses of all of the botnet’s victims.”


Lawmakers call on Amazon and Google to reconsider domain fronting ban (Cyberscoop)

”Amazon and Google faced sharp questions from a bipartisan pair of U.S. senators over the tech giants’ decisions to ban domain fronting, a technique used to circumvent censorship and surveillance around the world.”


Thank you

Become a patron and get all my Patreon posts sent to your inbox the minute I hit “publish” — and know that you’re supporting an indie writer working hard to make a difference. Your contribution supports all of my work, from security writing and reporting to my work on privacy, human sexuality and human rights, homeless youth, and harm reduction across the spectrum of these issues. If you’re already a patron — thank you! I’m glad you’re along for the ride, and I hope you know that your status as a patron makes me feel better when the haters come out.


Main post image: tweet by @J4vv4D.