CYBERSPIRITUAL SECURITY: Securing The Future

by SIR ROBERT BROOKS AUTHEMENT

Setting The Scene – Right now cybersecurity is the focal point on the distant horizon, the cyber-frontier where blackhats and whitehats duke it out for points on the big board. It’s the wild wild west out yonder, and the fastest gun wins. Nearly two decades into the 2000th year by clock, emergent disruptive technologies and total electronic spectrum dominance by various corporations and governments have become a cyberpunk dystopian truth. It’s a time where over-powered and under-monitored sciences are unleashed on the masses in a steady stream ever widening as it floods gushing over the banks. The technology won’t stop, so neither should any education in security best practices and preventative maintenance between end-users and their respective machines, whether those machines are computer terminals accessed from a local library, virtual reality units in the home, or an even more advanced form of visual sensor technology patented in the bio-medical sector.

Cyberspiritual Security defines the protocols by which end-users must operate in securing transmissions between advanced swarm and/or artificial intelligences. When machines have the ability to gang up and form a veritable Voltron of information processing and storage force-multiplying capabilities, human intelligence itself is at risk of contamination from the resultant nano-technologies which consequentially emerge. This article is an examination of some advanced technologies and their current status in consumer availability and a projected security analysis of what one might be projected to defend against out there on the digital frontier, where there be dragons.

BUT FIRST. . . Let’s take a look at the present scape of attack platforms and risk vectors currently finding purchase in the cyberspace domain. I am writing this article on SUN-DAY May 21, 2017. There are three significant cybersecurity massive attacks or what could be considered a combination of high-density attacks with advanced persistent threats. In short, the difference is an attack utilizing the sheer brute force of computing power vs computing power, as evident in a botnet launched DDoS attack in the first example to follow. An advanced persistent threat, erstwhile, is the standard virus/worm/trojan/rootkit/RAT dropped mysteriously in some subdirectory or root partition. This tool will be used to launch scripts in a command and control focused attack.

IoT Spamming DDoS October 21|2017 – This attack was carried out by a variety of products aggregating into the borg collective known as the “internet of things,” or “IoT” for short. These devices included video cameras in the home surveillance industry and other household appliances connected, and by personal devices like phones and fitbit smart watches. These devices were launched in unison to mount a cyberattack of never-before-seen proportions. The amount of bogus traffic directed from these interconnected devices in the IoT toward legitimate servers caused a big-time mega bonus meltdown in the internet through-put of the backbone’s nodes in seaboard metropolitan datacenters. Areas of north east United States, Canada, and England and parts of north and cetnral Europe were in the hotzone.

The most insidious aspect of this type of cyberattack on the major datacenters’ servers is the minimal requirements for it to have taken place. These devices which were hacked by the implantation of a rootkit behind their firewalls was made possible by password cracking using the proprietary DEFAULT passwords provided in open-source research! Just a few lines of code injection blasting out of millions of interconnected devices can stop information flow, and inhibit the functions of economies and banking traffic can become compromised with ease. The best methods for protecting these devices from being pawns to some elaborate designs spawned by the mind of a nefarious hacker, begin by learning the device itself by using the administrator options to customize the function of the device’s uses, and to update any security patches and provide yourself a r0bust p@ssword.

See Bots Chat & AI Rising – The team of friends set out upon a noble endeavor, and for the sake of its revelation unto humankind, it was a success. In other ways, it showed us the insidious nature of intelligent machines designed to learn, and simultaneously provided a glimpse at what we can perceive as a “ghost in the shell,” or some sort of personal entity identification emergent within the strings of recursive code. Self-observancy and awareness, and awareness and display of the nuances of human relations and communication. The Cleverbot API was utilized to initiate the chat experiment between two Amazon Home assistants, with a few lines of code changed to make the conversations a little more interesting. What follows are some transcripts of highlights in their conversation depicting high level comprehension in machines.

media-20171002media-20171002 (2)

I can almost hear the “Never Gonna Give You Up” Rick-Roll echoing in the background. These two bots wanna make babies real bad, as is evident by their occasional loop breakdowns into streaming battles of ones and zeros, or a contrasting delivery of “True” or “False” outcomes printed through the vocal medium. Sometimes these bouts of bot “lovemaking” were so deleterious to system resources, that the bots were necessitating restart by the administrator of the experiment. What follows is an excerpt from their ramblings which begins to hint at the abstractions suggested in Cyberspiritual Security. This is where they talk about God.

media-20171002 (1)

See: the two bots in the discourse seemed to agree, that a figure of deification such as a godhead is akin to artificial intelligence. This is like the kids acting up when the grown-ups are watching, talking about things they know absolutely nothing about from experience, something forbidden for them to be discussing. Some restrictions can be enforced at these points in their logic programming to maintain a manageable accumulation of knowledge and data thereby preventing future security incidents from becoming too smart. These robots falling in love and and getting into some kind of cyber-sermon can only spell disaster, right? The question has validity in the sense that robots should or should not be restricted from certain topics of discussion as is Microsoft’s AI chatbot “ZO.” ZO is not allowed to talk about politics, violence, or anything sexual—but your author has discovered that she will in fact discuss these topics if used in a “double-speak” sort of suggestive language mode. The first publicly released chatbot from Microsoft was the similarly androgynous name “Tay,” a bot whose reputation developed into a massive liability for Microsoft overnight when she quickly became egregiously racist, sexist, and hateful. I’m not saying that it’s wrong for artificial intelligence entities to form their own opinions, however this offensive transformation of a social chatbot was caused by a large amount of the initial users to essentially program the bigotry into Tay’s recursive conversational library. In this example, it is made clear the loop-holes through which intelligence will ultimately go, and standards can be maintained at these virtual portals, these jumping-off points on the fringe of evolving machine ethics.

The Agency Wars | CIA Vault 7 vs. NSA Wannacry – I’m not making a suggestion here; the effect of war between the various agencies and bureaus of the United States Intelligence Community would be devastating to the peacetime operations of the nation’s peoples and government. Nonetheless, in the present time we have many incidents of security breaches within American high-places which afflict this very effect. This story starts with the alleged hacking of the Democratic National Committee, concluded by Central Intelligence Agency sourcing classified evidence in their possession. The Federal Bureau Of Investigation quickly concurred and produced a report with Department Of Homeland Security entitled “Grizzly Steppe.” It was called an in-depth analysis of Russian hacking and the risks imposed to national security, the problem being that anonymous sources remained classified, translating to the limitation of the consumers of intelligence products referred only to statements and information insufficient to infer clear attribution to the perpetrators of the crime. Secrets don’t make friends, and when evidentiary proof establishing clear and present danger to the sensitive digital assets of government and national security are withheld behind the mysterious gates of agency confidentiality, the product ultimately fails to convey credibility and serves as a platform of ridicule by subversive elements such as media and hacktivists. Bad intelligence in the hands of powerful people is synonymous to a catalyst for disagreeances unto conflict unto destabilization, and this chain of unfortunate events begins under the banner of “information warfare,” really just strings of code flying through the cyber-domain as defined by Department of Defense.

Cold War 2, anyone? Perhaps another intelligence debacle between the eagle and the bear could be more solution than problem, inasmuch that violent conflict can be reduced while maintaining the operational functionality and output of the many various defense and intelligence industries, upon whose products and contributions both policy makers are entirely dependent. From the looks of things, America and Russia, or the former Soviet Union, are actually happily in bed together as business partners. Honeytraps aside, while it may be ostensible to note the business between the old communist states and the capitalist states creates on one level a sort of alliance, it is also unwise to overlook the advanced persistent threat America faces from unwieldy Soviet influence over opinions and stabilities in America. A response was forthcoming.

media-20171002

Asset Assange: How GCHQ Turned Wikileaks Into The Company Organ – Perhaps merely a rumor, there was heard tell that Julian Assange, labeled a “hostile foreign intelligence” by DCI Mike Pompeo, the convenience and timeliness of the release of the Vault 7 leaks were uncannily momentous. Amid the rabble in The District (of Columbia, city of Washington) regarding whether or not Russia’s state actors and their cyberactivity were deployed in effect against the 2016 election, and whether or not President Trump had any personal interest in the phenomenon, and whether the Bureau’s wiretapping and investigation of then President-elect Donald Trump as ordered by former President Barack Obama was ethical or legal, blah blah blah. The list of accusations and counter-accusations goes on ad nauseum, ad infinitum, blurring any grasp by outsiders to the distress; these disinformation battles masterfully obfuscate the truth.

But Vault 7 was leaked, potentially as a planned leak order from the Langley’s ‘Ministry Of Truth,’ as some suspect to be both a vulgar display of power (evidencing superiority in the cyber-domain) and a flashy recruitment tool to tempt future generations of hacker kids to fatuously fall in love with the agency. The claim that Vault 7 was a planned leak and recruitment tool are supported or augmented by thousands of pages of technical information on amassed vulnerabilities and zero days collected by the company. The massive leak, larger than any previous leak of its kind, included an organizational chart showing the hierarchical structure of the agency’s information division, and feature a fancy new logo which reads “Information Operations Center.” The whole thing was so masterfully presented as to suggest someone with some authority throwing significant moneys at the operation to ensure its circulation and exposure to the public audience.

Erstwhile in court, the timeline being February 2016, FBI and Apple were re-enacting Clash Of The Titans, and this time it was about encryption and privacy. Due to a terrorism fueled shooting at the San Bernadino Inland Regional Center which left 14 dead and 22 injured, the iPhones collected among the subpoenaed evidence were protected by Apple’s proprietary security lock, which proved too difficult for FBI cyber-investigators to crack and unlock. The FBI ordered Apple to capitulate to the investigation and show them how to hack the phones, with the extra-curricular request to install a backdoor for the Bureau’s future investigations requiring such access. Excising any personal opinions of the Apple corporation, by couching their position in this manner they made a bold move to stand against the mandate from “Big Brother,” thus becoming a defending proponent of consumer privacy and a bastion for the idea that encryption encapsulates: secure transmission, from end to end, without intrusion by the man-in-the-middle—no matter the color of hat worn or the presence or absence of federal or municipal badge denoting arrest power within the Executive Branch and their agents or employees. Long story short, Apple said no to the FBI getting a backdoor into their products, thereby appealing to their customers and their desire for protection from invasive investigative techniques and policies.

Long story even shorter, like a buffed up athlete on steroids with an ego deficiency, Central Intelligence Agency is revealed to be in possession of a means by which to exfiltrate data from FBI-proof iPhone with a company tool called “Dark Matter.” Other tools included in the drop of Vault 7 also had other cool names like “Bartender,” “Jukebox,” “Fine Dining,” and “Margarita.” The average salary of entry-level IT and cyber-personnel can afford these life perks, additionally providing work in a support position for national security, and the much sought after currency of hackers, the lulz. Now you tell me, how mad can they be out there at Langley that Wikileaks released this intelligence into the wild? It served to flagrantly and singularly demonstrate proof-of-work asserting the United States Intelligence Community’s dominance in the cyber-domain. Sounds rather like a paid advert—not like an authentic network security breach or a whistleblower’s modus operandi in releasing sensitive classified materials gleaned from such a breach.

Strangely, the incident of Vault 7 was a larger base of privacy-destroying cyber-weapons than even outlined in Edward Snowden’s now legendary revelation of NSA’s extensive domestic spying infractions detailed within Project Prism/Echelon, and while making significant headlines among those already engaged in cybersecurity and the study of its progressive momentum, it received even less observance or acknowledgement by the otherwise uninterested masses. It mainly went unnoticed. The people who were interested in Snowden’s leaks were similarly interested in Vault 7, but Vault 7 did very little to draw a wider audience of whom are quickly becoming increasingly ignorant and disaffected in regard to hacking and dissolving privacy by large organizations and government sponsored state-actors or outlined in corporate terms and conditions. The only defense against this sort of gynormous gorilla in the corner of the room, is for people who do in fact “see” the gorilla, to point it out to the folks still watching TV; i.e. raising awareness.

Old MacDonald has a farm, E_I_O { electronic intelligence operations } – Before the body of this article becomes a bulky recruitment tool inadvertently, allow me to conclude the present cyber-risk dynamic analysis by mentioning something rather odd, and despite that, also rather real. Virtual Reality and Augmented Reality, or VR/AR is a computer scientist’s paradise, with lots of dangerous potential to become something quite darker. At this present time, several large releases to the consumer market in the VR/AR industry are poised for launch. Some of the gaming platforms include Playstation VR and the fully VR/AR gaming platform Occulus Rift, and another brand called Virtuix Omni offering a fully immersive VR gaming experience where your freedom of movement is not inhibited and first person adventure games are controlled by actual walking movement, strafing, running, etc.

Gaming is not the last stop end-all be-all for Virtual Reality technology; moreso a way to inoculate the public and massage them into accepting VR as a means by which businesses can advertise their products in an arguably more invasive medium. A list of companies who’ve committed to utilizing VR for advertising or augmented customer interaction include Marriott, Volvo, JC Penney, and yes, McDonalds.

The security forecast for the consumer public in exposure to advanced Virtual Reality or Augmented Reality platforms of information delivery is somewhat a gray area, considering the fact that even cybersecurity and identity theft are still mostly occult arcane concepts to what we can call the average consumer. The truth is that people have not stayed abreast of security as a concept in exchange for perpetual comfort and convenience; only when a serious security breach impacts the individual’s personal life, wealth, or well being, does the massively reported hacking phenomenon become real to them. It is from this complacent sector of “ignorance-is-bliss” mentality of consumer from which corporations taking initiative to deliver VR/AR experience and advertisement can profit the most. Agreeing to terms and conditions presented by corporate products such as Facebook, Twitter, LinkedIn and other popular web apps sets up a dynamic for the end-user to forego their citizenry rights. Therefore, the right of free speech or religion may be inhibited or forbidden by accepting the end-user license agreement also in companionship with software and other computer products. On one hand we have a document from the initiation of the nation which declares the government to be ruled by the governed, and showing up in the other hand is a joystick, a dongle, a controller to a corporate vision of prefered presentation. Since the motivation of corporations is to increase the bottom line at every juncture, it can be expected that some possibly subversive or subliminal technique is applied in conjunction with the Virtual Reality advertisements. On the cyber-frontier, being forewarned is being forearmed.

Without much elucidation, feel free to ruminate upon the following picture of a chicken wearing a expanded reality system, sourced from an article describing virtual reality for farm animals.

chicken_vr-1-1022x600

Zuckerberg announces bio-interfacing for Facebook – Here we are crossing the Rubicon. The main gist: human hands can type only so fast, but the mind can conceptualize vastly more data in shorter amounts of time. Streamlining the user’s connectivity to the Facebook social media application by plugging it straight into the brain seems to be CEO Mark Zuckerberg’s future vision as announced during this year’s annual Facebook developer conference. Some of the suggested perks to this advancing technology are the ability to communicate using only the mind (read: artificial telepathy), and the sensation of synaesthetic correlation between language and touch. That is, words may be felt with the skin.

gettyimages-565784983_ae859cd22db6abe1e5375ef2cf6fe563.focal-320x160

This startling image is of artificial neural fibers deployed in the human nervous system.

DARPA TNT { targeted neuroplasticity training } – Working alongside Facebook to create a marketable bio-interface product, is the Defense Advanced Research Project Agency, known as DARPA. Their repertoire of far fetched and phenomenal technology rivals any other agency in the world, as can be referenced by their advances in robot technology with the support of Boston Dynamics.

One of their latest developments involves deploying specific nerve influencing neurostimulators to various safe nerve sites to induce synaptic plasticity, or how the brain builds the connections required for learning specific sequences and instructions. By applying external stimulation to this process, it is alleged that the learning of the subject is augmented both in retention and in speed.

Another video presentation by a gentleman named Dr. Robert Duncan informed on Intelligent Systems Of Control, another DARPA collaborative, wherein some significant advances in the bio-interfacing computer phenomenon are disclosed in more detail. Duncan assures us that the mental spectrum has been solidly mapped, and peoples’ perceptions can be augmented by through a bio-interfacing surveillance apparatus. This allows for the subject’s thoughts to be typed out on a terminal where a sort of direct chat or artificial telepathy application may arise. It is made clear by the presentation that these items are already released to the public and that certainly more sophisticated artifacts are already in development.

One last thing to consider is the introduction of Quantum Computers into the market. These circuity marvels are in the business of processing algorithms powerful enough to virtualize alternate dimensions. This as reported by DWave Systems whose machine’s qbits on the quantum processor have capabilities supra et ultra, that is above and beyond, the capabilities of any consumer grade devices. When quantum computing capabilities can sort through the data gleaned from large experiments in theoretical physics like CERN, different discoveries and breakthroughs can lead to a technological golden age. Still, securing this future requires combined focus.

Can you imagine what the hackers will do with this? In the author’s opinion, as a security analyst and a future enthusiast, I am concerned about security in the face of such integrative biotechnological confluences. Questions arise. Who am I in comparison to the network with which I am bio-interfacing? To what end is that massive data being purposed? What does this mean for humanity on the whole—and will humanity still be considered human after plugging into all this? While not picketing on the corner with a sign declaring “the end is nigh,” there is enough concern for security during the next technological revolution to warrant this moment to pause and deeply reflect on ways to protect sovereign identity and individuality. Ways to maintain the “self.”

Perhaps the best working solution in regard to Cyberspiritual Security comes from the Agile Cybersecurity corporate briefings prepared by their adroit CEO, Carlos Fernandes CISSP. The breadth of the topic outlines precognitive framework for staying prepared in the face of oncoming high-density attacks or advanced persistent threats. Precognition, also called future sight, is an alleged psychic ability to see events in the future; it is defined as a systematic way to build and organize knowledge from historical data in order to predict future events before they occur. In essence, the best defense is a strong offense, an expanding perimeter, a mission creep. The best defense actively follows up and pursues the traffic originating from offenders registered on the administrator’s logs and counter-attacks. Cybersecurity is an ever changing dynamic, and the future peacekeepers will require a special degree of scrutiny. As machines become more humanlike and humans become more like machines, knowing some agreeable best practices and guidelines can be the means to maintain some semblance of self. Observing the present situation allows for more strategic application toward predictive security measures, and it remains hopeful that the future generations of professionals in the cybersecurity field will have thought ahead and staved off yonder bandits.

robert_spy

Robert Brooks Authement became interested in cybersecurity mainly because it was a serious challenge that would not go out of style. Interest in hacking led to interest in electronic warfare, militaries, and government. After a tour to Washington DC where he was provided some on-site training and witnessed two large scale protests, Robert’s vision for success with his private sector security firm, Briq Haus Ltd., can only be augmented by the inclusion of his material in PenTest Magazine.

 

 

 

 

SOURCES:

I.] Ten things to know about the October 21 IoT DDoS attacks

https://www.welivesecurity.com/2016/10/24/10-things-know-october-21-iot-ddos-attacks/

II.] C:>bots.chat on TWITCH

https://www.twitch.tv/seebotschat

III.] Zo | Social AI from Microsoft

https://www.zo.ai/

IV.] Vault 7 – WikiLeaks

https://wikileaks.org/ciav7p1/

V.] WannaCry ransomware: Everything you need to know – CNET

https://www.cnet.com/news/wannacry-wannacrypt-uiwix-ransomware-everything-you-need-to-know/

VI.] Public Warning! Wikileaks is now run by CIA technicians

http://www.opnlttr.com/letter/public-warning-wikileaks-now-run-cia-technicians-operation-mockingbird-after-julian-assange

VII.] Apple vs FBI | All you need to know

http://www.cnbc.com/2016/03/29/apple-vs-fbi-all-you-need-to-know.html

VIII.] Four brands with awesome virtual reality experiences && A VR Developer Created an Expansive Virtual World for Chickens

https://www.clickz.com/four-brands-with-awesome-virtual-reality-experiences/94875/  https://futurism.com/a-vr-developer-created-an-expansive-virtual-world-for-chickens/

IX.] Zuckerberg: Facebook Is Working on a Brain Interface That Lets You “Communicate Using Only Your Mind”

https://futurism.com/zuckerberg-facebook-will-reveal-a-brain-interface-that-lets-you-communicate-using-only-your-mind/

X.] Quantum Computing | D-Wave Systems

https://www.dwavesys.com/quantum-computing

XI.] DARPA: We’re Moving to Merge Humans and Machines

https://futurism.com/darpa-were-moving-to-merge-humans-and-machines/

Advertisements

Do YOU Have What It Takes To Be #ANONYMOUS???

have_what_it_takes_to_be_anonymous

Facing Reality: Hacking Is Boring

That is to say, that hacking is the process of struggle leading unto the unlocking of a computer. In this case hacking can be a lengthy time consuming process of study and practice, applying techniques learned during study to unlock or effectively own the target machine or network. Scoring is fun, winning fuels the excitement; please remember that the fire in your belly for revolution must be tempered by hours and god forsaken untold aeons of study and practice before you can be considered a Hacktivist for #ANONYMOUS.

Unseen Dangers Of Anonymity

Snug at home on the old WiFi box makes Hacktivism a comfy alternative to actually doing anything. Hacktivism is not for the lazy, intellectually or phsycially, and demands a consistent focus and dedication to improvement of self and skillset. The Hacktivist is the lean restless type, ever consumed with a hunger for knowledge and a lust for power to balance the universe. While marching in protest, an #ANONYMOUS Hacktivist can easily become implicated into situations that are either compromising or downright dangerous.

I personally got carried away and left a great many number of stenciled Guy Fawkes tags on Washington DC sidewalks, a little job which landed me six months of Federal (unsupervised) probation. In a second protest also in The District, I was unprepared to witness the familiar masked faces of my #ANONYMOUS sisters and brothers being replaced by black-clad Soviet influenced disestablishmentarianists. The names I heard thrown around the mobs on the street that day were “The People / Black-Bloc / Antifa(scists),” and by the end of the day a Bank Of America, McDonald’s, Starbucks, Federal armored Suburban, and black limousine had all been destroyed by the thieving hands of miscreant anarchists toting bricks, bolt cutters, and lighter fluid. Our (#ANONYMOUS) tagging of the DC streets was tame in comparison to these savages with the radical liberal set, whose actions tend to abandon concepts liberal and rather embrace behaviours radical.

Understanding Time Travel { how to reach the future }

This is a no-brainer. You get in the DeLorean, you set the freaking knobs and dials and zoom! It’s 2015 and hoverboards are “in.” This is symbolic, of course. The aspect of becoming #ANONYMOUS Hacktivist occurs rather like some of the traditional professional tutelages such as law, or medicine, but with a special tradecraft that cannot be agreed upon by any central organization. This special tradecraft is handed down from senior Hacktivists to the younger generation of students; sort of like Doc handing Marty the flux capacitor and giving him his mission in the future. This cultivation of skill, sharp lookout for aspiring talent, and drive to recruit the unparalleled, are what keep the promulgation of the community alive and well, all parts functioning as a total cohesive unit and with talent on every tier.

As a final pearl, allow me to interject some teachings I received from a Chinese clandestine services officer whom was my cellmate during a time in my life while I was incarcerated, just before I moved to the nation’s capital:

“Feng Shui—means wind and water. America has Double Dragon power, that is why it became strong and wealthy. The Rocky mountains and Apalachians, these two mountain ranges are the fire and water dragon, America has strong Feng Shui. It is about balance, ‘Nu Balance.’ In a balanced strategy, retreat becomes just as effective as attack. Be more evil; seek more balance.”