{"id":33867,"date":"2018-10-06T02:35:34","date_gmt":"2018-10-06T09:35:34","guid":{"rendered":"http:\/\/www.politicsplus.org\/blog\/?p=33867"},"modified":"2018-10-06T02:35:34","modified_gmt":"2018-10-06T09:35:34","slug":"everyday-erinyes-139","status":"publish","type":"post","link":"https:\/\/www.politicsplus.org\/blog\/2018\/10\/06\/everyday-erinyes-139\/","title":{"rendered":"Everyday Erinyes #139"},"content":{"rendered":"

Experts in autocracies have pointed out that it is, unfortunately, easy to slip into normalizing the tyrant, hence it is important to hang on to outrage. These incidents which seem to call for the efforts of the Greek Furies (Erinyes) to come and deal with them will, I hope, help with that. As a reminder, though no one really knows how many there were supposed to be, the three names we have are Alecto<\/strong><\/span>, Megaera<\/strong><\/span>, and Tisiphone<\/strong><\/span>. These roughly translate as “unceasing,” “grudging,” and “vengeful destruction.”<\/p>\n

While we have all been concentrating on Kavanazi (and rightly so), and getting out the vote (also rightly so), Mother Jones (also rightly) decided that this week is the week to re-link to an article from the May-June issue<\/a> … regarding hacking.\"\"<\/p>\n

We had a taste in 2016 about what Russian hacking can do; not of course, that we really know what was actually done by Russian hacking, because there was so much more hanky-panky it hasn’t been sorted out yet (and I for one am happy not taking a look if keeping it quiet will result in convictions and imprisonments.) But that was 2016. If we take a look at what Russia has been doing in other nations since, we will definitely see that whatever they did then, they are definitely capable of more now.<\/p>\n

[Ukraine, June, 2017] Across Ukraine that day, cash registers suddenly shut down. People trying to withdraw money saw ransom demands appear on ATM screens. Lawmakers in the country\u2019s parliament could not access their laptops. Turnstiles in Kiev\u2019s subway stopped working, and departure boards at the airport went down. Technicians at Chernobyl, the site of the deadly nuclear disaster in 1986, had to manually check radiation levels after their computers failed.\u00a0<\/em><\/p><\/blockquote>\n

Does that scare you? It should. Because any kind of attack that Russia makes on any other nation could be used against the United States too.<\/p>\n

Terrell Jermaine Starr, who wrote this article, The Russian Hacking of 2016 Was Just a Taste. Here\u2019s What We Could Be In For.<\/a>, spent much time speaking with many experts – too much and too many for fair use to do it justice. There are descriptions of what our current regime is not doing to prepare for attack – despite the fact that money has been appropriated for preparation. There’s a brief but chilling introduction to the “NotPetya” tool, so named because it makes an older tool, “Petya,” look like “Pong.” Plus, there is a podcast embedded.<\/p>\n

\"\"There is also a link to a newer Mother Jones article – The Midterm Elections Are in Serious Danger of Being Hacked, Thanks to Trump<\/a> – which goes more deeply into what happened here in 2016, and it also has an embedded podcast.<\/p>\n

To top off the scariness, Wired recently put up an article<\/a> which describes a new tool that Fancy Bear (you remember that, right? The GRU code name for the international cyberwar project which spawned, among other things, all the troll farms?) has acquired.<\/p>\n

THE FANCY BEAR hacking group has plenty of tools at its disposal, as evidenced by its attacks against the Democratic National Committee, the Pyeongchang Olympics, and plenty more. But cybersecurity firm ESET appears to have caught the elite Russian team using a technique so advanced, it hadn\u2019t ever been seen in the wild until now.<\/em><\/p>\n

ESET found what\u2019s known as a UEFI rootkit, which is a way to gain persistent access to a computer that\u2019s hard to detect and even harder to clean up, on an unidentified victim\u2019s machine. The technique isn\u2019t unheard of; researchers have explored proofs of concept in the past, and leaked files have indicated that both the CIA and the independent exploit-focused company Hacking Team have had the capability. But evidence that it has happened, in the form of malware called LoJax, represents a significant escalation in the Fancy Bear \u2014 which ESET calls Sednit \u2014 toolkit.\"\"<\/em><\/p><\/blockquote>\n

If that second quoted paragraph reads like mostly nonsense syllables to you, you’re not alone; I feel the same. But if there’s one thing I have learned, it’s that, if tech people say something is dangerous, it’s dangerous, and you don’t want to find out exactly how dangerous – through experience – if you can help it.<\/p>\n

So what can we do? If we aren’t in the government and are just ordinary people? Besides scream our heads off (constructively, through letters and petitions)? Actually, i love to know what we can do. But there is one thing I do know that we can do, if we are volunteering on a campaign or know someone who is. We can find out who is in charge of IT for the campaign, and we can do whatever we have to do to make sure that person read this story from Daily Kos: Russian army hackers are attacking our elections now. Defend yourself with MFA<\/a>. And that is true even if the only thing the candidate is running for is City Council. Or Dogcatcher, if that is still an elected position anywhere.<\/p>\n

MFA stands for Multi-Factor Authentication, not that most of us need to know that, but of course IT people do.\u00a0 Not all the details are in the story, but there is some interesting, if scary, background on why it’s needed.\u00a0 And it’s not a cure-all, but it is a bare minimum security need for a campaign.<\/p>\n

Dear Furies<\/span><\/strong>, I don’t know which Democratic campaigns are more protected and which are less protected. But I’ll bet you can find out which, and find out who is responsible for the IT. And then you can pursue them with all your strength and bedevil them until they put in the protection they need. And we will help where we can.<\/p>\n

The Furies and I will be back.<\/p>\n

Cross posted to Care2 HERE<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Experts in autocracies have pointed out that it is, unfortunately, easy to slip into normalizing the tyrant, hence it is important to hang on to outrage. These incidents which seem to call for the efforts of the Greek Furies (Erinyes) to come and deal with them will, I hope, help with that. As a reminder, […]<\/a><\/p>\n","protected":false},"author":8,"featured_media":32899,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-33867","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-politics","category-5-id","post-seq-1","post-parity-odd","meta-position-corners","fix"],"_links":{"self":[{"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/posts\/33867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/comments?post=33867"}],"version-history":[{"count":0,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/posts\/33867\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/media\/32899"}],"wp:attachment":[{"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/media?parent=33867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/categories?post=33867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.politicsplus.org\/blog\/wp-json\/wp\/v2\/tags?post=33867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}