#cyber threat investigations | Explore Tumblr Posts and Blogs

astroninaaa · 3 months

Text

wtf is going on with cellbit - by a brazilian law major student

hey besties ever since the day cellbit released that PDF i’ve been keeping up with his shit bc as a law student (only two years to go!!!!) in brazil it’s kinda really interesting to see how it goes, specially since i don’t think we’ve ever had this sort of judicial action taken by an internet celebrity, like, ever. so i’ve decided to kinda explain what’s going on. if anyone has any questions after this i’d be really up to talk about it i love talking about law 🫶 xoxo let’s start. also sorry if anything reads weird english is not my native language okay

for those who don’t know, very recently, a judicial action taken by cellbit has made public. in this action, he’s suing over 200 people for the crime of defamation.

the action was taken to court in january, but it was under what we call “secret of justice”, which means only cellbit himself and twitter’s lawyers had access to it. now that there have been decisions by the judge and everything, the process’s been made public.

basically, cellbit started an action against twitter (NOT THE PEOPLE WHO COMMITTED THE CRIME YET), citing a little over 200 tweets that accused him of crimes like SA, psychological abuse, pedophilia, and others. all of those are real crimes in brazil — and accusing someone of committing crimes (specially as awful crimes as those) without proof is a crime in itself (defamation). he claimed that the tweets were harmful to his honor, mental health, and reputation, besides categorizing as defamation, since there’s no investigation going on against him for all these infractions he’s being accused of.

with that, he asked twitter to delete all the tweets, and to provide him with the personal information of said twitter accounts so he can sue them directly for defamation. he did these requests through something called “tutela cautelar”, which means the judge gets to decide whether or not twitter has to do these things before proof production and proper investigation, since, if twitter doesn’t do those things, the damage to his honor and reputation will be ongoing + he won’t be able to sue the proper people in time.

the judge conceded to his requests, and twitter has already deleted all the tweets. the main discussion going right now is wtf do they do about the international accounts — does our law apply to them? what’s gonna happen? we don’t know yet. that’s being discussed in court for the moment and, considering brazilian courts, it might take quite a while.

so, yeah, all those people aren’t being sued YET. but they will, probably somewhat soon.

it’s also important to mention that this lawsuit is from january and was only now released to the public. there’s probably a lot more coming after the whole fiasco that led him to releasing his statement, including a lawsuit against his ex herself.

now, other topics — could he sue other twitter accounts for cyber bullying or death threats? probably, but my personal opinion is that suing for defamation and focusing on accounts that were accusing him of having committed crimes was a much better move because it’s a much stronger case.

there’s very little room for discussion when a person has outright said “cellbit committed this crime”. death threats have more room for discussion: “oh, but they’re hundreds of miles away, it wasn’t a serious threat”, “they didn’t mean it”, “it was a joke”. same thing goes for cyberbullying: it can get too subjective.

defamation isn’t subjective. you accuse someone of a crime they didn’t commit? boom, defamation, at least according to our laws. so, to me, personally, it makes a LOT of sense for his lawyers to focus on that: he’s a LOT more likely to win than if he was suing for cyberbullying, threatening, insult, or any of that. also, he’s a lot more likely to win FASTER.

when he gets to sue the actual people who committed the crime, that is. for now, he’s only requested twitter to give him the necessary information to get to these people, which i think they’ll very likely be obligated to do. there are digital data protection laws in brazil, but a crime is a crime. digital data protection isn’t gonna protect you from the court.

another thing: LGPD (brazil’s general law of personal data protection) forces all social media companies to keep records of all the content posted by their users for AT LEAST six months. many companies keep it for way longer. that’s a law created for judicial purposes, in case something published to twitter, facebook, or instagram needs to be analysed by a court. that’s why even tho twitter has deleted the tweets, they still have them, and why it doesn’t matter if the people responsible are deleting the tweets, the accounts, the fucking app itself. the records are still there, and they will be used judicially.

i think that’s the overall for the situation, but i’m willing to answer any questions and to discuss it if anyone wants to! i’m a big law enjoyer. also personally i think cellbit is so fucking right for this like YEAH people don’t get to commit fucking crimes on twitter and get away with it. really interested in how this is gonna go law-wise, but in general also really glad to see someone take action like this.

#cellbit #qsmp #cellbit qsmp

849 notes · View notes

hoshifighting · 6 months

Text

Code of temptation

Synopsis: When a series of cyber threats puts national security at risk, Y/N is assigned to lead the investigation. Her team is complemented by Vernon, a computer genius known for his dexterity in deciphering the most complex codes.

Words: +1k

Reader! SecretAgent x Vernon! Hacker

Warnings: Smut, oral (f. receiving), penetrative sex, exhibitionism, unprotected sex (wrap it up), dry humping, fingering, hair pulling, chocking, dirty talk and etc.

Your tight TechWear is starting to get uncomfortable, your fingers attached to the trigger, and your arms are already weak from holding the heavy gun, one wrong movement, everything is done. You wait for the sign from Mingyu, who is already in position to catch the target “1, 2, 3… Now!” he says in the little point of sound in your ear, and you do your shot.

The bullet hits the target directly in the head, and Mingyu runs in the middle of the basement to steal the small device that is the pivot of the mission you have been working on for the last few weeks. The both of you run to the back door, you enter the armored car that awaits you.

“Objective accomplished successfully, mission completed with distinction and mastery.” Your chief says on the other line. Body finally relaxing on the car seat, while you do a little weak punch on Mingyu’s hand.

[…]

“We did a great Job Mr. Lee, we trained for this, but it’s difficult ultimately, they are more attached to the systems day by day, so we need to take action, and ask for the Department Head to recruit a Technical Expert, so we can obtain coordinates during missions” you point your pencil on the map in front of you “Promise me that by the end of the month, we will have some ‘technology guru’ to help us, and I promise to complete another mission as always.” that said, you leave the meeting room slamming the door loudly.

[…]

You hold a cup of coffee while you try to decipher the nominal codes on the computer screen, you snort and immediately give up on understanding the logic of the system in front of you. The computer room doorbell rings, and you can see a young man with brown hair waiting for the door to be opened, showing his FBI badge. You put your fingerprint into the system, and the door is slowly opened, revealing the boy, holding the shoulder strap from his backpack, wearing a black uniform, just like yours.

“First off all, I am almost freaking the fuck out seeing all these algorithms with letters on the same screen” you point to the computer with raised eyebrows, and he closes the door behind him “and we should have met before the mission started, but since you're here now, we need to track them down as quickly as possible.” He agrees and sit on the chair in front of the desk.

“My name is Vernon by the way” the sarcasm is proliferated from his lips, while he maintains an extremely unbothered expression.

You snort incredulous at his audacity - even though the ironic tone in his voice may not have been intentional - you stop to look at him from top to bottom, analyzing his mannerisms until he actually starts doing something on the electronic device that hovers in front of him “very funny of you, but I would like more respect since I am leading this mission, and the hierarchy is very-“

“Oh come on don’t play like you’re 10 years older than me!” He says with the face still buried on the screen “and since you are leading the mission amidst so much cyber invasion, you should at least know how to clear your history, if I were your enemy, and found out that you listen to the same Backstreet Boys song for 9 hours straight, you would definitely no longer be my target, freaky ass girl”

The heels on your feet touches the cold ground towards him “This is an invasion of privacy!” You turn the chair, so now you make eye contact with him, pressing his shoulders on the chair.

“This is being on the verge of madness!” You let him go, sitting on the couch on the other corner of the room, drinking your coffee ashamed.

The clicks on the mouse and the sound of the keys were driving you crazy, until he lifted his back from the chair and widened his eyes towards the computer, you run to see the screen popping a map with a lot of red ropes interlinked “Fuck! they’re on the building!” You recognize the structure of the department you are hiding in, running to get your guns attached to your waist, while Vernon turns off the trackers “We need to run away right now, we don’t have time!” You hold his arm, and you run through the company halls, until you leave the building, running down the opposite street. You led the way, while Vernon, the shy hacker, tripped over his own legs. The sound of sirens echoed through the streets, mixing with the frenetic rhythm of your footsteps. The cobblestone streets made escape even more challenging.

"Y/N, I think they saw us!", Vernon exclaimed, breathing hard.

You threw a quick glance behind you, displaying a confident grin. "Don't worry, Vernon, I have a foolproof plan." you say with pure sarcasm, and with a quick gesture, you grabbed Vernon's hand and led you into a narrow alley. The space between the two of you is tiny, you can clearly feel Vernon's minty breath hitting your face, the space doesn't help either, as your breasts are pressed against Vernon's chest - he'd be lying if he said he wasn't starting to like it.

The tension in the air was palpable as your eyes met, breathing heavily, you shared a moment of complicity that transcended the imminent danger. You instinctively grabbed Vernon's forearm, running your fingers over the skin still warm from running his eyes revealed a mixture of surprise and expectation, an electrically charged silence filled the narrow alley as your proximity grew. You, who are normally focused and fearless, felt a unique vulnerability at that moment. Then, without words, but with a shared intensity, you leaned slightly towards Vernon. The world around him disappeared when his lips finally touched, an instant of defiant lust in the midst of chaos. The narrow alley became a stage for the beginning of an immense desire between the two of you.

His right hand goes to your neck, pulling your hair, and the other, grab the meat of your ass, you moan in his mouth - you had even forgotten that you had a small beef with him earlier -, your hand goes down until you can fill your hand with his hardened cock, making him stop the kiss to bite his lip “Turn around” he orders. You hardly turn because of the compact space, and now your ass was pressed against his dick, as he pulls your skirt up, massaging your clit over the thin fabric of your panties “More, we don’t have time!” You whisper, and he slaps your cunt “Stop being hasty! Where's your 'foolproof' plan uh?” a high pitched moan leave your mouth, your hands holding on the little bricks of the wall so your face doesn't lie on them.

Vernon pulls your panties to the side, entering his fingers in your cunt, you hump your ass against him, feeling he hiss in your ear, the wet noises from your pussy and the sound of your panting breaths fills the alley, you moan feeling him going faster with his fingers. He suddenly stops the movement, opening his jeans, so he can slide his cock through your folds. “You are so hot, but fuck, you are so annoying!” he pulls your hair, slowly moving his hips finally diving into your heat, your eyes roll at the back of your head, his mouth kissing your neck.

The space was small, but he was doing wonder with his hips, circling his hips so his tip brushes against your g spot, making your legs go numb, you're lucky that he held you tight with an arm around your hip “Such a whore… Tsk”

You can hear footsteps approaching you, while a light from a flashlight approaches, Vernon pulls you to hide deeper in the alley.

“I think I heard something coming from here!"

He covers your mouth with one hand as he bites your shoulder, furrowing his eyebrows, still pounding deep inside of you, feeling your juices run down your thighs.

“It must be all in your head, come on, they must have gone that way!”

Vernon pulls you to rest your back against his chest, chocking you, while his hips are working faster “Afraid of being caught hm? So nervous that got you clenching so hard around my cock.” Your mouth opens, as you feel your orgasm approaching, his dirty talk between his moans was driving you crazy, squeezing him, while he throw his head back. “Fuck, I’m cumming” his cock twitches inside of your pussy, shooting ropes of cum inside of you, moaning low in your ear.

You can feel his cum running down your legs, he starts to rub your clit again, so slow it almost burns, his scent invading your nostrils, making your mind go blank, your body begins to tense, and an intense climax makes your legs shake, as he laughs proudly in your ear “Hmm… Thats it! Good girl..” He turns you around, so now you're face to face with him again, his kisses going down your jaw, as he fix your skirt.

“The night isn't over yet, we still have targets to catch” he gets dressed again “but first, let me clean you up” he bends down, licking your thighs, until he reaches your pussy, holding your leg up on his shoulder, while you tremble sensitive. He stands up, wiping his mouth with his thumb. Vernon steals a kiss from you, before pulling you to run through the streets once again.

#seventeen smut #seventeen x reader #vernon smut #seventeen imagines #svt smut #hansol vernon chwe #chwe vernon #chwe hansol x reader #seventeen reactions #seventeen headcanons #vernon x reader #vernon #vernon angst #hoshifighting writes

193 notes · View notes

matan4il · 6 months

Text

Daily update post:

The IDF has been releasing a lot of incriminating intel on the Shifa hospital in Gaza being used by Hamas. There's footage of a drone going into a terror tunnel underneath it.

youtube

There's pics of the weapons found there. There's the results of an investigation into the fate of 19 years old Noa Marziano, who was kidnapped by Hamas, lightly injured in an IDF strike, which killed the terrorist who was guarding her, another terrorist took her into the basement at the Shifa hospital, and killed her there, then Hamas tried to stage "evidence" that she was killed in the IDF strike. And most recently, there's CCTV footage showing Hamas bringing in hostages (one man from Nepal and one from Thailand) into Shifa, with the terrorists being armed, and all of this was done in broad daylight, and right in front of the medical staff.

Of course anti-Israelis, including the Hamas, said it was just bringing hostages in to get treatment.

But here's the thing, Shifa is on the Western side of Gaza, while Hamas breached the Israeli border in the east. On the way between the border and where this hospital is located, there are plenty of other medical facilities on the way. Any of them would be preferable if the goal was to give the hostages medical treatment as soon as possible. But they took these kidnapped men all the way to Shifa instead. Because that's Hamas' headquarters.

I've known for years, like most Israelis, that Hamas is using medical facilities like hospitals and ambulances for its terrorist activity. This evidence does not surprise me. But I think it didn't really sink in for me until yesterday, just how many people knew and kept silent. I'm not even talking about the Gazan medical staff. They live under the constant threat of Hamas, I don't blame them. But the UN, the Red Cross, all of those "noble" NGO's operating from Gaza (and getting a lot of donations to do so), all of those foreigners with access to Gaza, who knew the situation on the ground, and chose to lie, and continued to do so even after the Oct 7 massacre... WTF is wrong with these people? By keeping quiet, they endangered both Israeli civilians (who Hamas could continue to target with impunity when operating from inside medical facilities), and Palestinian ones that Hamas endangered by using them as human shields.

Who is going to hold these people accountable? Who is going to make them pay for their complicity in endangering so many people, millions altogether, on both sides of the border, so that they never dare do this again?

Have ANY of them come forward, apologized, taken responsibility for their long complicity? I've heard of no such thing. In fact, I assume that they will only raise the volume of their accusations against and vilification of Israel, to drown out the voices asking these questions.

In this tweet you can hear an interview (starting at around 35 seconds in) with one of the few foreign doctors, who had worked at the Shifa hospital, and who after Hamas' massacre, did not come forward with his testimony about what he'd seen and experienced while he was there, but did agree to have it recorded once he was asked to. If Hamas is finally taken down, we might get to hear more of these, and I guess... better late than never.

In the midst of all of this, Israel has helped evacuate babies from the Shifa hospital to ones in Egypt, and the equipment to established a second Jordanian field hospital has entered Gaza today.

Israel continues to be attacked by Iran-funded rockets from the south, from the north by Iran-funded Hezbollah, as well as from Syria, by the Iran-funded Houthis in Yemen, by independent terrorist attacks, and online from cyber attacks, by Iran-funded and even Iranian hackers. I kind of tend not to talk about these that much, because they're on going. It's happening every single day, and Israel, in the middle of the fight to destroy Hamas, has to also defend its people on these fronts.

The anger and hurt over the denial of rapes that happened as part of Hamas' massacre continues, and more people are trying to speak up against it:

youtube

This is 15 years old Itay Cohen.

He's a triathlete, and was in the middle of a training session, cycling in the south, when Hamas terrorists shot him. He was taken to a hospital without any family by his side, because his parents were locked inside a bomb shelter in their kibbutz. Itay took a bullet to the head, and lost his eyesight, but somehow survived. So did his parents. He vowed he won't stop training, despite his new disability. This terror attack has changed countless lives, from among the survivors as well.

(for all of my updates and ask replies regarding Israel, click here)

#israel #israeli #israel news #israel under attack #israel under fire #israelunderattack #terrorism #anti terrorism #antisemitism #hamas #antisemitic #antisemites #jews #jew #judaism #jumblr #frumblr #jewish

102 notes · View notes

brf-rumortrackinganon · 2 months

Note

Just curious...could this Sussex Squad thing turn into a legal investigation (if it's not already)? And what crimes would they be arrested for and what is the penalty?!??

The "general" stuff they do (for lack of a better word), like spread rumors about the Waleses and bully Kate's fans on social media, there's not a whole lot there. It's just seen as "coming with the territory" (also for lack of a better phrase).

Where the Sussex Squad could get into legal trouble is if or when they go after single accounts - doxxing them, dogpiling them, or escalating to death threats (or r*pe threats, threats of violence, etc.). All of that could qualify as stalking, intimidating, harassment, or incitement for violence for which there could be criminal charges levied. Depending on the severity and the jurisdiction, the penalty could range from slap-on-the-wrist fines to jail time.

Where it gets complicated is who reports these incidents and what kind of evidence or investigation there is to support the complaint. Usually the victim of a cyber crime has to report the incident (vs a bystander witness) and usually the onus on providing evidence to prove there's a case is on the victim - in most cases, the investigator (police, FBI, DHS, a lawyer) won't open a case unless the victim provides enough evidence to make it worth their time; screenshots of messages and usernames or phone numbers, IP addresses, voicemails, voice recordings. Which really sucks, but that's the grey area in a lot of cyber crime where the policies and practices are still being developed.

So for example, when Yankee Wally was doxxed and bullied off Twitter, only Yankee Wally could have reported the cyberbullying, the cyber harassment, the cyber stalking/intimidation and she would have had to provide evidence - e.g., screenshots of the tweets and the usernames/accounts who were harassing her. The rest of us wouldn't have been able to "call it in" for her. We could've helped take screenshots of any public messages she received or any posts/websites we saw where her PII published, but we most likely wouldn't have been able to report it to the FBI and have it taken seriously.

Which is why if you're ever the victim of a cyberbullying campaign, a doxxing, online harassment, it's super important you document everything. Take screenshots of all the messages you get (or see) and make sure all the identifying information is there like timestamps, usernames, account handles, and phone numbers. If you know how to get someone's IP address, grab that too. Save any voicemails or voice messages you get. If you answer a call that turns out to be harassment, document as much as you can; the number they called from, what time, what their voice sounded like, what they said. Have physical copies (printouts), electronic copies (screenshots), and backup copies.

If this is happening to you and you receive packages or letters in the mail from addresses you don't recognize, that are unusually heavy, or are leaking some kind of fluid/grease, don't open them, don't bring them inside, don't let children or pets near. Call the police to report it and follow their instructions about what to do.

#ask

40 notes · View notes

mariacallous · 7 days

Text

The need for good intelligence has never been more visible. The failure of the Israeli security services to anticipate the brutal surprise attack carried out by Hamas on Oct. 7, 2023 reveals what happens when intelligence goes wrong.

In contrast, in late February 2022, Russian President Vladimir Putin’s planned three-day “special military operation” to invade Ukraine and topple the government was pushed onto the back foot by the U.S. and U.K. intelligence communities. While Putin’s rapid seizure of Crimea by a flood of “little green men” in 2014 was a fait accompli, by the time of the 2022 invasion, anticipatory moves including the public declassification of sensitive intelligence ensured that both the intelligence community and Ukraine remained a step ahead of Putin’s plans.

Yet, despite the clear and enduring need for good intelligence to support effective statecraft, national security, and military operations, U.S. intelligence agencies and practitioners are undermined by a crisis of legitimacy. Recent research investigating public attitudes toward the U.S. intelligence community offers some sobering trends.

A May 2023 poll conducted by the Harvard University Center for American Political Studies and Harris Poll found that an eye-watering 70 percent of Americans surveyed were either “very” or “somewhat” concerned about “interference by the FBI and intelligence agencies in a future presidential election.”

A separate study, conducted in 2021 and 2022 by the Intelligence Studies Project at the University of Texas at Austin and the Chicago Council on Global Affairs, found that only 56 percent of Americans thought that the intelligence community “plays a vital role in warning against foreign threats and contributes to our national security.” That number is down 10 points from a previous high—if it can even be called that—of 66 percent in 2019, and the downward trend does not give us cause for optimism. Reframed, that statistic means that in 2022, an alarming (in our view) 44 percent of Americans did not believe that the intelligence community keeps them safe from foreign threats or contributes to U.S. national security.

Worse, despite abundant examples of authoritarian aggression and worldwide terror attacks, nearly 1 in 5 Americans seem to be confused about where the real threats to their liberty are actually emanating from. According to the UT Austin study, a growing number of Americans thought that the intelligence community represented a threat to civil liberties: 17 percent in 2022, up from 12 percent in 2021. A nontrivial percentage of Americans feel that the intelligence community is an insidious threat instead of a valuable protector in a dangerous world—a perspective that jeopardizes the security and prosperity of the United States and its allies.

The most obvious recent example of the repercussions of the corrosion of trust in the intelligence community is the recent drama over reauthorizing Section 702 of the Foreign Intelligence Surveillance Act (FISA). First introduced in the FISA Amendments Act of 2008, Section 702 is an important legal authority for the U.S. intelligence community to conduct targeted surveillance of foreign persons located outside the United States, with the compelled assistance of electronic communication service providers. According to a report published by Office of the U.S. Director of National Intelligence (DNI), 702 is “extremely valuable” and “provides intelligence on activities of terrorist organizations, weapons proliferators, spies, malicious cyber actors, and other foreign adversaries.”

Section 702 was scheduled to “sunset” at the end of 2023 if not reauthorized. Yet Congress failed to reauthorize 702 by the end of 2023, electing to punt the decision—as is so often the case—to this spring, when it was finally reauthorized (with some important reforms) in late April 2024, but it was only extended for two years instead of the customary five. An unusual alliance of the far right and the far left squeezed centrists and the Biden administration, which was strongly pushing for a renewal that would protect the civil liberties of U.S. citizens and not needlessly hobble the intelligence community in protecting the United States itself.

But the frantic down-to-the-wire negotiations about reauthorizing some recognizable form of 702 obscured a deeper problem at the heart of the contemporary Americans’ relationship with intelligence that has been brewing over the last decade: The fundamental legitimacy of a strong intelligence community—and the integrity of its practitioners—has been questioned by U.S. lawmakers on the far left and the far right, perhaps reflecting a misguided but increasing consensus of tens of millions of Americans.

This trend is now a crisis.

Section 702’s troubled journey faced queries from the privacy-oriented left, where those with overblown concerns about potential abuse by the intelligence community viewed reauthorizing 702 is tantamount to “turning cable installers into spies,” in the words of one opinion contributor published in The Hill. The intelligence community’s revised authorities (some adjustments were required given the 15 years of communications technology development since the amendment was first passed) were called “terrifying” and predictably—the most hackneyed description for intelligence tools—“Orwellian.” On the power-skeptical right, Section 702 is perceived as but another powerful surveillance tool of the so-called deep state.

In response to legitimate concerns about past mistakes, the intelligence community has adopted procedural reforms and enhanced training that it says would account for the overwhelming majority of the (self-reported) mistakes in querying 702 collection. According to a report from the Justice Department’s National Security Division, the FBI achieved a 98 percent compliance rate in 2023 after receiving better training. Further, the Justice Department and the DNI have gone to unprecedented lengths to publicly show—through declassified success stories—the real dangers that allowing 702 to lapse would bring to the United States and its allies.

Never before has an intelligence community begged, cajoled, and pleaded with lawmakers to enable it to do its job. After all, a hobbled intelligence community would still be held responsible should a war warning be missed, or should a terrorist attack occur.

For instance, Gen. Eric Vidaud, the French military intelligence chief, was promptly fired over intelligence failings related to Putin’s (re)invasion of Ukraine despite the Elysée’s criticisms of the warnings made by the United States and United Kingdom as “alarmist.” And Maj. Gen. Aharon Haliva, director of Israeli military intelligence, recently resigned over the Oct. 7 attacks despite the fault probably lying across Israel’s political landscape as well. Intelligence professionals pay more than their share of the bill when their crystal ball stays cloudy.

The hullabaloo over 702 is not the only recent instance painting the actions of the U.S. national security apparatus as questionable state activity conducted by dishonest bureaucrats, and some recent history helps put the recent events into a broader downward trend in trust.

In 2013, National Security Agency (NSA) mass-leaker Edward Snowden, a junior network IT specialist with a Walter Mitty complex, sparked a needed but distorted global conversation about the legitimacy of intelligence collection when he stole more than 1.5 million NSA documents and fled to China and ultimately Russia. The mischaracterization of NSA programs conveyed by Snowden and his allies (painting them as more intrusive and less subject to legal scrutiny than they were) led to popular misunderstandings about the intelligence community’s methods and oversight.

It was not only junior leakers whose unfounded criticism helped to corrode public faith in intelligence; it has also been a bipartisan political effort. In 2009, then-U.S. House of Representatives Speaker Nancy Pelosi claimed that the CIA had lied to her after she wished to distance herself from the agency’s “enhanced interrogation techniques”—which critics call torture. But Pelosi’s comments earned a “false” rating from Politifact’s “truth-o-meter.” Then-CIA Director Leon Panetta countered that “CIA officers briefed truthfully.”

Some suspicion of a powerful intelligence community stems from genuine failings of the past, especially the CIA’s activities in the early and middle stages of the Cold War, which included some distasteful assassination plots, the illegal collection of intelligence domestically (such as surveillance of Americans on political grounds, including illegally opening their mail), and the LSD experimentation on unwitting Americans as part of its infamous MKULTRA program.

Most of these excesses—characterized as the CIA’s “Family Jewels”—were reported to Congress, which held explosive hearings in 1975 to publicize these activities, bringing the intelligence agencies into the public realm like never before. Images of Sen. Frank Church holding aloft a poison dart gun, designed by the CIA to incapacitate and induce a heart attack in foreign leaders, became front page news. These serious failings in accountability were the dawn of rigorous intelligence oversight.

Public trust in government was already sinking when, in 1971, the Pentagon Papers revealed that politicians had lied about US activities in the deeply unpopular Vietnam war. The Watergate scandal the following year added fuel to fire. Although the CIA was not directly involved in Watergate, the involvement of former agency employees led to a wider belief that the agency was tainted. And in the late 1970s, CIA morale sank to an all-time low when then-President Jimmy Carter began the process of sharply reducing its staff, attributing the decision to its “shocking” activities.

In response to congressional findings and mountains of bad press, subsequent directors of the CIA considered the criticisms and made numerous changes to how the intelligence community operates. While the intelligence community (and its leaders) made good-faith efforts to operate strictly within its legal boundaries, be more responsive to congressional oversight, and embrace some level of transparency, the public image of the CIA and the broader intelligence community didn’t change. After the Cold War ended, the preeminent vice chairman of the Senate Select Committee on Intelligence, Daniel Patrick Moynihan, called twice for the disbanding of the CIA. Such political pummeling of the role of intelligence and the integrity of its practitioners was bound to leave a mark.

The politics of distrust are back to the bad old days. By 2016, distrust of the intelligence community had returned with a vengeance: then-presidential candidate Donald Trump claimed that NSA was circumventing domestic legal constructs to spy on his campaign through its close partnership with the Government Communications headquarters (GCHQ), the British signals intelligence agency. (The NSA said those claims were false and GCHQ called them “utterly ridiculous”.) As president-elect, Trump also compared U.S. intelligence to “living in Nazi Germany.” Once Trump entered the Oval Office, the FBI was a frequent target for his invective thanks to the investigation into possible Russian interference in the 2016 election.

While the intelligence community is a long way away from the excesses of the 1970s, it is not perfect. Intelligence is an art, not a science. It is not prediction so much as narrowing the cone of uncertainty for decision-makers to act in a complex world. Even when acting strictly within the law and under the scrutiny of Congress and multiple inspectors general, the intelligence community has been wrong on several important occasions. It failed to stop the 9/11 attacks, got the assessment that Iraq possessed weapons of mass destruction spectacularly wrong, and was made to look impotent by Osama bin Laden for nearly a decade before the U.S. Navy SEALs caught up with him on a CIA mission in Pakistan in May 2011.

Errors still happen because intelligence is hard, and the occasional failure to warn, to stop every attack, or to prevent every incorrect search query is inevitable. Today, mistakes are self-reported to Congress; they are no longer hidden away as they sometimes were in the past. Yet the intelligence community has done a poor job telling its own story and self-censors due to widespread over-classification—a problem that the DNI has acknowledged, if not yet remedied. It has only belatedly begun to embrace the transparency required for a modern intelligence apparatus in a democratic state, and there is much work yet to be done.

It is the job of the intelligence agencies to keep a calm and measured eye on dark developments. In a world in which the panoply of threats is increasing, the role of the intelligence community and its responsibilities within democratic states has never been greater. If the community cannot be trusted by its political masters in the White House and Congress, much less the American people, then it will not be given the ability to “play to the edge,” and the risk is that the United States and its allies will be blind to the threats facing them. Given the adversaries, the consequences could be severe.

U.S. intelligence has had a rebirth of confidence since 9/11 and the incorrect judgments of the Iraqi weapons program. It was intelligence and special operations that hunted and killed bin Laden, U.S. law enforcement that has kept the U.S. homeland safe from another massive terror attack, and the intelligence community correctly predicted the Russian invasion of Ukraine.

That increased sense of purpose and morale is moot if the U.S. people, Congress, or the president (sitting or future) do not trust them. This crisis of legitimacy is a trend that may soon hamper the intelligence community, and the results could be unthinkable. Getting the balance between civil liberties and security right isn’t an easy task, but the intelligence community must have the tools, trust, and oversight required to simultaneously keep faith with the American people while serving as their first line of defense.

18 notes · View notes

dontmeantobepoliticalbut · 8 months

Text

Maryland’s top utility regulator was watching the news one February morning when a headline blindsided him: Two suspects with neo-Nazi ties had been charged with plotting to take down Baltimore’s power grid.

Jason Stanek, the then-chair of the state’s Public Service Commission, said Maryland regulators were “caught flat-footed,” not hearing a word from law enforcement before the news broke — or in the months afterward. Federal prosecutors have alleged the defendants were driven by “racially motivated hatred” to try to cut power to hundreds of thousands of people in the state’s largest city, which has a predominantly Black population.

The FBI declined to comment on its communications with the Maryland commission. But Stanek’s experience is not uncommon.

A POLITICO analysis of federal data and interviews with a dozen security, extremism and electricity experts revealed that despite a record surge in attacks on the grid nationwide, communication gaps between law enforcement and state and federal regulators have left many officials largely in the dark about the extent of the threat. They have also hampered efforts to safeguard the power network.

Adding to the difficulties, no single agency keeps a complete record of all such incidents. But the attacks they know about have regulators and other power experts alarmed:

— Utilities reported 60 incidents they characterized as physical threats or attacks on major grid infrastructure, in addition to two cyberattacks, during the first three months of 2023 alone, according to mandatory disclosures they filed with the Department of Energy. That’s more than double the number from the same period last year. DOE has not yet released data past March.

— Nine of this year’s attacks led to power disruptions, the DOE records indicate.

— The U.S. is on pace to meet or exceed last year’s record of 164 major cyber and physical attacks.

— And additional analyses imply that the true number of incidents for both 2022 and 2023 is probably even higher. POLITICO’s analysis found several incidents that utilities had reported to homeland security officials but did not show up in DOE data.

According to a report on grid security compiled by a power industry cyber clearinghouse, obtained by POLITICO, a total of 1,665 security incidents involving the U.S. and Canadian power grids occurred last year. That count included 60 incidents that led to outages, 71% more than in 2021.

While that report does not break down how many of those incidents occurred in which country, the U.S. has a significantly larger grid, serving 145 million homes and businesses, with nearly seven times Canada’s power-generating capacity.

Law enforcement officials have blamed much of the rise in grid assaults on white nationalist and far-right extremists, who they say are using online forums to spread tactical advice on how to shut down the power supply.

Concerns about the attacks have continued in recent months, with incidents including a June indictment of an Idaho man accused of shooting two hydroelectric stations in the state.

But law enforcement officers investigating alleged plots against the grid don’t necessarily alert the Energy Department or other regulatory bodies.

“We have no idea” how many attacks on the grid are occurring, said Jon Wellinghoff, a former chair of the Federal Energy Regulatory Commission, which regulates the U.S. electric grid. “It looks like they’re escalating if you look at the data. But if you don’t have enough data, you can’t discern patterns and proactively work to stop these things from happening.”

Wellinghoff was FERC’s chair when an unknown sniper attacked a Pacific Gas and Electric substation in San Jose, Calif., in 2013 — an incident regulators have described as a “wake-up call” on the electricity supply’s vulnerability to sabotage.

Last year’s record number of physical and cyber disruptions to the U.S. power system included several incidents that captured public attention, such as a December shooting attack against two North Carolina substations that left 45,000 people without power for four days. The state’s medical examiner has blamed the attack for the death of an 87-year-old woman who died after her oxygen machine failed, ruling it a homicide. Nobody has been charged.

“There is no doubt there’s been an uptick over the last three years in the amount of incidents and also the severity of the incidents,” said Manny Cancel, senior vice president at the North American Electric Reliability Corp., the nonprofit body in charge of setting reliability standards for the bulk power system. He is also CEO of its Electricity Information Sharing and Analysis Center, which gathers and analyzes data from power companies.

Cancel said NERC has “seen two pretty substantial increases” in incidents coinciding with the 2020 and 2022 election cycles.

Grid attacks that led to power outages increased 71% from 2021 to 2022, totaling 55 incidents in 2022, according to a NERC briefing to utilities that POLITICO obtained. That increase was primarily due to a rise in gunfire assaults against critical infrastructure.

The largest outage reported from a physical attack early this year — which occurred in March in Clark County, Nev. — affected more than 11,000 people, according to DOE data.

But the state Public Utilities Commission was not aware of any outage due to an attack occurring that day, spokesperson Peter Kostes told POLITICO by email. That’s even though state regulations require utilities to contact the commission within four hours of a significant outage.

The state’s largest utility, NV Energy, said in a statement that it had reported the incident to local law enforcement “as soon as we learned about this incident ... so we can continue to increase our resilience against ongoing threats to the energy industry.” A spokesperson for the utility did not respond to multiple requests for comment on whether it had informed the commission.

Federal regulations also require utilities to report cyber or physical attacks to DOE, including physical attacks that cause “major interruptions or impacts” to operations.

They must also tell the department about disruptions from weather or other causes that meet certain criteria, such as those that cut off service to more than 50,000 customers for at least an hour, an uncontrolled loss of more than 200 megawatts of power, or a utility voluntarily shutting more than 100 megawatts, according to an Energy Department spokesperson. The spokesperson provided the information on the condition that they not be identified by name.

The Energy Department’s records don’t include at least seven reported physical assaults last year and this year that the Department of Homeland Security and the affected utilities said caused substantive economic damage or cut off power to thousands of customers. POLITICO found these incidents by cross-checking the department’s data against warnings issued by DHS and the FBI’s Office of the Private Sector.

DOE said the incidents may not meet its reporting thresholds.

Several of the incidents missing from DOE’s data involved clear physical attacks, based on other agencies’ descriptions. But the utilities involved said they did not report the incidents to the department because the attacks did not affect the kind of major equipment that could lead to widespread, regional power failures.

One of the incidents not found in DOE’s records cut off power to about 12,000 people for roughly two hours in Maysville, N.C., after a shooting damaged a substation in November, according to a DHS report. The FBI’s investigation into the incident is ongoing, according to the intelligence agency.

The utility affected by the incident, Carteret-Craven Electric Cooperative, reported the incident to NERC’s Electricity Information Sharing and Analysis Center, but didn’t report the attack to DOE because it was a “distribution-level” incident, said Melissa Glenn, a spokesperson for the utility. That means the outages caused by the damage would have been limited to local power customers and not lead to the wider blackouts federal regulators are most concerned with.

In another case unreported to the Energy Department, a substation owned by the East River Electric Cooperative serving the Keystone oil pipeline in South Dakota was attacked by gunfire late at night in July 2022, according to DHS. The incident caused more than $1 million in damage and forced the pipeline to reduce operations while repairs were underway.

East River co-op spokesperson Chris Studer said the utility reported the incident to local law enforcement, which brought in the FBI. East River also reported the incident to NERC and its E-ISAC, along with regional grid agencies, but said it did not report it to DOE because the attack did not affect the bulk power system.

Brian Harrell, a former assistant secretary for infrastructure protection at DHS, said in an email that utilities have too many competing agencies to report to, and suggested reporting be streamlined to NERC’s E-ISAC.

“This lack of consistency, by no fault of the utility, suggests that the numbers may not paint a complete picture,” he said.

Grid experts said these data gaps clearly indicate a lack of understanding about which agencies utilities need to report to and when.

Utilities may be using a “loophole” based on definitions of what constitutes “critical infrastructure,” said Jonathon Monken, a grid security expert with the consulting firm Converge Strategies. He was previously senior director of system resilience and strategic coordination for the PJM Interconnection, the nation’s largest power market.

There are “lots of ways” to work around DOE requirements, Monken added, but as he reads the regulation, utilities are required to report any operational disruptions caused by a physical attack.

“[I]t appears the information you collected shows that companies are still missing the boat when it comes to mandatory reporting,” he said. “Not good.”

One former FERC official who was granted anonymity to speak about a sensitive security issue said the commission also received no alerts from law enforcement officials about the planned and actual attacks that took place last year. That omission hinders agencies’ ability to respond to these kinds of events, the person said.

A spokesperson for FERC declined to comment on the commission’s communications with law enforcement.

But Cancel defended government agencies’ response to these incidents, and said federal investigators may have had specific intelligence reasons for keeping FERC and state utility agencies out of the loop.

“I’m not a lawyer or a law enforcement professional, but you had an active criminal investigation going on,” he said. “I don’t think they wanted to sort of blow the horn on that and compromise the integrity of the investigation.”

An FBI spokesperson offered no direct response to these criticisms in an email, but said the agency “views cybersecurity as a team sport.” The person commented on the condition that the remark be attributed to the bureau.

The FBI urged utility executives last month to attend security training hosted by intelligence agents in order to ensure they are up to speed on the threats posed by bad actors.

“We can’t do it without you,” Matthew Fodor, deputy assistant director of the FBI’s counterterrorism division, said during an all-day FERC technical conference on Aug. 10. “The challenges that we have — and DOE can probably speak to this better than anybody — is limited resources.”

People attacking the electricity supply have thousands of potential targets, including power substations and smaller but critical pieces of utility infrastructure. The smaller pieces often go unprotected because federal standards do not require utilities to secure them.

Nearly half of the 4,493 attacks from 2020 to 2022 targeted substations, according to the NERC briefing from February, making them the most frequent targets for perpetrators over that period.

Details on how to carry out these kinds of attacks are available from extremist messaging boards and other online content, researchers and federal security officials say. These include maps of critical entry points to the grid, along with advice that extremists have gleaned from incidents like the assault in North Carolina.

Stanek, the Maryland electricity regulator, said he was “disappointed with the level of coordination and communication” that federal and state law enforcement displayed in handling the alleged plot in Baltimore. No trial date has been announced for the case, which is in U.S. District Court in Maryland.

Maryland’s Public Service Commission is in charge of ensuring that the state’s power system keeps the lights on. Regulators need to be kept informed of threats to the system so they can coordinate with other agencies in case an attack succeeds, Stanek said.

At the same time, he quipped, maybe he was better off in the dark after all.

“There’s a lot of colorful details in [the FBI report],” Stanek said. He paused, thinking. “And honestly, as a regulator, had I received these details in advance and shared the information with trusted sources within state government, I would have had sleepless nights.”

“So perhaps the feds did a favor by only sharing this information after everything was all said and done,” he added.

75 notes · View notes

helioleti · 10 days

Text

Summary:

When he was seventeen, after his mother took her own life, Butters disappeared from the town of South Park. No one has seen or heard from him since.

Five years later, Mysterion gets a job offer from Detective Harris in exchange for an unrefusable amount of money; He is to investigate and catch the criminal behind the latest cyber attack on the town residents’ bank accounts— one who calls himself Chaos. Dropped out, desperate and stuck in South Park, Kenny is willing to do anything to make ends meet until Karen’s graduation, and with Kyle’s help he might be able to pull it off. But the deeper they get into the case, the more Kenny’s identity and Karen’s future are under threat— and the less Kenny is sure he really wants to know who is behind Chaos’ mask.

Rating: M

Status: 3/25 (ongoing)

Words: 11.902

(Anyone willing to beta feel free to dm me! I’m grateful for any help :3)

#south park #butters stotch #kenny mccormick #mysterion #professor chaos #sp bunny #mystechaos #south park fanfiction #fic #fanfic #sp fanfiction #sp kenny #sp butters

11 notes · View notes

allthecanadianpolitics · 1 year

Text

"Anti-feminist blogger Jean-Claude Rochefort, who was convicted of fomenting hatred against women, has been sentenced to 12 months in jail.

The 74-year-old had been arrested in December 2019 in connection with posts and doctored images he had posted to his blog, in which he praised Marc Lépine, who murdered 14 women at Montreal's École Polytechnique on Dec. 6, 1989 in an anti-feminist attack.

Charged in 2010 for making death threats against women on his website, Rochefort was writing under a pseudonym. Montreal police's cyber investigation team nevertheless managed to find him and charge him again in December 2019.

He was found guilty of wilfully promoting hatred against women last August.

In his ruling, Quebec Superior Court Justice Pierre Labrie rejected Rochefort's claims that his publications constituted satire, exaggeration or self-deprecation.

Noting the use of the word kill and the use of images of firearms and decapitated women in the accused's posts, the judge found that Rochefort could not have been unaware that he was deliberately promoting hatred against women."

Full article

Tagging: @politicsofcanada

#cdnpoli #canada #canadian politics #canadian news #canadian #jean-claude rochefort #misogyny #sexism #violence #violence against women #misogyny tw #sexism tw #violence tw #violence against women tw #montréal #québec #montreal #quebec

137 notes · View notes

loser-female · 4 months

Text

The job of a SOC Analyst

The #1 thing people ask me about is what I do for a job.

I'm a tier 1 SOC Analyst and I'm currently training to do some Cyber Threat Intelligence.

I will explain in detail what I do on a daily basis and why I've decided to do this job... And the negatives.

First of all, what's a SOC. SOC stands for "security operations center". It's a place (in my case virtual as I'm full remote) where a group of people, divided by experience and area of expertise, do the following:

Monitor the activities going on the customer's network or endpoints(= every device connected to the network);

Assess and mitigate alerts coming from the network and/or the endpoint of the client -> These tools send alerts that need to be evaluated and mitigated/responded in a certain amount of time (it depends on the SOC and the type of alert, generally I can assume an amount of time from 15 to 30 minutes per alert. Which is not that much;

Investigate cybersecurity incidents -> the SOC also analyses the kind of "incident" that happens in deep detail by analysing malware, spam emails, the behaviour of users and so on;

If the SOC is big/mature enough there could be some sort of prevention of cybersecurity issues, generally we talk about threat hunting (here for more information on that) and cyber threat intelligence (gathering information from various sources to produce a report about the potential attackers considering also the characteristic of the customer's company such as the size, the geographical area of operations, media exposure, geopolitical issues and what they do - doing this for a bank is different than doing it for a industry)

There are also other functions (such as we have a Security Architect that prepares a personalised solution for each client).

I know what you're thinking. But the AI...

No, they cannot do my job, as the ability of a human to notice patterns and correlate the information among various sources is unique. I memorised, with time, the usual activities my customers do, therefore I can interpret the user actions even with limited sources. And this is just one example.

Soc analysts are roughly divided in three "categories", always keep in mind that every SOC is different and has its own internal rules, that are not to be divulged. This is the rough division I've learned studying cybersecurity and NOT my organisation division.

Tier 1 Analysts are the one that monitors the traffic and activities I've mentioned before. They triage the alerts and if something deserves more investigation or can be discarded. They often perform simple actions of remediation of incidents.

Tier 2 Analysts are the ones that go deeper - they collect malware samples from the incident and analyse it, investigate and remediate more complex security incidents.

Tier 3 Analysts perform more active prevention duties like threat hunting and vulnerability assessments.

Some sources put intelligence activity on the tier 3, others consider it a different activity from the scenario I've described. If a SOC is big enough they might have their own intelligence team separated from the "regular" soc analysts. The rigidity of these roles can vary, as you probably got from my own duties.

On the top we have a SOC manager to coordinate the activities I've described and security architects that design the solution (although the deployment of these solutions can be delegated to the analysts, since we also have to monitor how well these perform).

All these people are usually referred as "blue teamers" btw, which are the ones that perform defensive actions.

A company can have a red team (basically they attack the customer to gain information that the blue team will use to improve their activities). I actually wanted to be a red teamer at first, since it's considered the "cooler" job.

Ok, got it. Now explain to me how you got there since I've never heard anything about this before.

I have a friend that's a system engineer and recommended this job to me.

I studies physics at university but I failed (in my country physics include some computer science classes btw) and I had some related experience I won't share for privacy reasons. No I'm not a criminal lol.

I then started studying - did a bootcamp and got a couple of certifications. Then I got my job.

However. Generally you get a degree in computer science or software engineering, and some universities offer cybersecurity degrees. Unfortunately I cannot tell you what to pick as every university has its own program and I cannot help you with that.

Certifications are a big part of my job unfortunately - mostly because due to how fast it goes you absolutely need to be "on top". It's annoying, yes, I hate it.

However. Consider that once you're hired you definitely will get them paid by your employer - at least in Europe this is on them(idk about the US), but you need some knowledge of cybersecurity to start.

Since some of them are stupid expensive I 100% recommend the compTIA ones. They're basics and respected worldwide. A+, Network+ and Security+ are basics, vendor neutral (which doesn't tie you to a particular "source", as every company works differently), and is relatively cheap (~300€).

Remember that I had previous experience so no one cares that I don't have a degree - I do however and I hope that in the future I will be able to "fix" this.

Great. How do I know if I'm good for this job?

This is on you. However:

One important thing if you don't live in an English speaking country is a good attitude towards foreign languages. I speak 5 for example, but it's an hobby I do since I was a teen;

Can you manage stress? A SOC is a fast paced environment, and you have a limited time to deal with whatever gets thrown at you. You have 15 to 30 minutes to deal with an alert and make a decision. Can you do that without panicking, crying or throwing a tantrum?

Are you a fast learner? You need to learn quickly how to do things, since the tools we use are quite complicated.

Are you willing to work on shifts, Saturdays, Sundays, festivities included? A lot of people can't cope with this and it's fine because it's a massacre. The job is so stressful to the point a lot of people leave cybersecurity because of it. Do not underestimate it, please.

How good are you at remembering random information and making correlations? Because I can remember random bits of information that no one ever thinks of it and it's one of my greatest strengths.

You need to do teamwork and be good with people, customers and so on - you have to explain complicated things you probably read in another language to people that don't know anything about what you do. It's more difficult than most people think.

Procedures are everything here - and for good reasons.

I think this is it.

Money.

USA avg salary: 74 307$ (Glassdoor)

France avg salary: 42 000€ (Glassdoor)

UK avg salary: 28 809 £ (Glassdoor)

There are random numbers I've found online(and with a lot of discrepancies). Consider that you MUST negotiate your salary, and that in certain places you get paid more if you work out of the usual 8-19 work shift. Obv since I live in a different place I cannot tell you if it's worth it - you do your own calculations.

But that's beyond the purpose of this post.

#ada.txt #cybersecurity #resources

11 notes · View notes

international-writing · 1 year

Note

Hi sorry if this is a bother but i really loved (and needed) that most about MI6, do you think you can make one about MI5 too? I've been trying to find stuff about it but can't find any information as in depth as your post :)

I’m really glad the MI6 post was helpful! And it's no bother! I'll do it gladly!

Ready to jump back into the murky world of intelligence?

Alright, so we've talked about MI6 and how it gathers intelligence to aid the UK in its decision-making, but what about MI5?

Let's start with the basics.

Intelligence agencies 101: MI5

1.- What even?

Whereas MI6 is in charge of gathering intelligence overseas in order to support the government's security, defense, foreign and economic policies, according to the 1989 Security Service Act, MI5 is tasked with "the protection of national security and in particular its protection against threats such as terrorism, espionage and sabotage, the activities of agents of foreign powers, and from actions intended to overthrow or undermine parliamentary democracy by political, industrial or violent means". Such threats may come from abroad or from within.

MI5’s headquarters are found at Thames House, a Grade II (of special interest, warranting every effort to preserve it) building close to the Houses of Parliament in London. In addition to this, there are 8 regional offices in Luton, Wales, Bristol, Glasgow, Manchester, Liverpool, Leeds and Birmingham, as well as another headquarters in Northern Ireland.

2.- Who is who?

I'm sorry to be the bearer of bad news, but there is no M or C here.

The agency is under the authority of the Home Secretary, even though it does not form part of the Home Office.

The Director General (or DG) is the head of MI5, and is responsible for overseeing its operations and efficiency, reporting back to the Home Secretary and the Prime Minister, as well as ensuring the agency remains politically impartial.

There are 10 branches in MI5, and several entities that support its work, like the National Protective Security Authority (NPSA: providing organizations with security advice) and the Joint Terrorism Analysis Centre (JTAC: handles intelligence relating to international terrorism).

It is worth mentioning that in 2011, His Majesty, King Charles III became the Royal Patron of the Intelligence Services (including MI5, SIS and GCHQ). This means that he receives regular security briefings, as well as a daily ‘red box’ which includes intelligence reports, Cabinet papers, and confidential reports from Commonwealth countries.

There are over 5,000 employees in the organization and their roles include, investigations, technology, languages, surveillance, communications, information, protective security, administrations, building services and catering. As in MI6, all employees must be British, over the age of 18, and UK residents. They aren't allowed to discuss their application or job either.

3.- Operational Areas

MI5 mainly focuses on 4 areas: Terrorism, Espionage, Cyber Threats and the Proliferation of Weapons of Mass Destruction.

Counter-Terrorism

The agency focuses on different types of terrorism:

International terrorism: Groups such as ISIL and Al Qaeda.

Northern Ireland related: Dissident republican groups.

Right Wing Terrorism (RWT)/ Left, Anarchist and Single-Issue Terrorism (LASIT): This issue took primacy in 2020 and are handled just like international terrorism.

Counter-Espionage

Seeks to stop foreign intelligence agents from obtaining information and provides security advice to companies and organizations while working closely with MI6, GCHQ, Scotland Yard, as well as security and intelligence organizations abroad.

Cyber

Focuses on hostile actors, such as criminals, "hacktivist" groups, terrorists and foreign states, which are generally well equipped for cyber espionage and computer network attacks. These actors can target the government, the military, businesses, individuals and large volumes of sensitive data.

Cyber Espionage is called Computer Network Exploitation (CNS), while the use of malicious software against cyber infrastructure is denominated Computer Network Attack (CNA).

Counter-Proliferation

The UK is obliged by several international treaties and conventions to work against the threat that weapons of mass destruction pose. MI5 focuses on regimes and states that pursue clandestine weaponization programmes. To do this, the agency works with both private institutions and government agencies such as: The Department for Business, the Innovation and Skills (BIS), the Foreign and Commonwealth Office (FCO), the Ministry of Defence (MOD), His Majesty's Revenue and Customs (HMRC), the Home Office and the National Crime Agency (NCA).

4.- Tale as old as time...

We have talked about the “armed peace” period and how crazy the world was getting back in 1909, basically racing towards THE war everyone thought would put an end to all wars. It was back then that, fearing the German imperialistic ambitions, Great Britain established the Secret Service Bureau through Prime Minister Asquith’s Committee of Imperial Defence.

Initially, this agency handled both national and foreign affairs, under the leadership of 50 year-old Royal Navy Commander Mansfield Cumming and 36 year-old Army captain Vernon Kell.

However, down the road, our dear Commander Cumming advocated for the splitting of these branches and thus, the Secret Intelligence Service (MI6) and the Security Service (MI5) were born.

Right off the bat MI5 was tasked with dealing with a massive German espionage network that, according to “official” reports, had infiltrated Britain, causing widespread paranoia. The agency barely had 16 employees back then, but that, along with Churchill’s support (Home Secretary back then) was enough to find out about the existence of a German Naval Intelligence spy network. By the end of WWI, more than half the spies sent to Britain were caught by MI5.

However, the agency barely made it through the post-war cuts, not to mention its rivalry with Scotland Yard’s Special Branch and MI6 (the line between espionage and counter-espionage was REEEEEEAAAALLY thin and they were stepping on each other's toes).

Thankfully, the Soviet Union came to save the day when one of MI5’s surveillance operations revealed that Scotland Yard had been infiltrated by Soviet intelligence. By 1931, MI5 was completely in charge of counter-subversion operations, a responsibility that the agency would continue to hold until 1991.

In the 1970s, terrorism became a priority for MI5, especially those threats coming from Northern Ireland and Qadhafi's Libya, and after the 9/11 attacks, the agency changed its modus operandi entirely.

As you can see, the agency has had a very long history, however, its existence was only officially acknowledged in 1992.

5-. A rose by any other name...

The agency, just like MI6, has taken on many names throughout the years, starting with the Home Section of the Secret Service Bureau in 1909, the Directorate of Military Operations section 5 “MO5(g)” in 1914, Military Intelligence section 5 (MI5) in 1916, the Defence Security Service in 1929, and finally, the Security Service in 1931. And although the latter has remained its official name, the agency is most commonly referred to as MI5, even by those in it.

6.- Technicalities

As it turns out, MI5 shares its funding with MI6 and the GCHQ (no wonder they’re rivals...). According to a report from the 2018/19 period, MI5 used 67% of its budget for international counter-terrorism, 20% for Northern Ireland-related terrorism, and 13% for counter-espionage, counter-proliferation and protective security.

Also worth mentioning, while MI5 agents have plenty of powers, they are not authorized to make arrests, and that is why they work with the Metropolitan Police AKA Scotland Yard, providing them with the necessary intelligence.

Recently, reforms have been made within the agency, and people now have the right to find out the kind of information that MI5 has on them, as well as ask if a deceased relative used to work for the agency. If the relative is still alive, however, MI5 definitely won’t spill the beans. So uhm... you might want to wait a little before trying to find out what that weird uncle does.

7.- Intelligence

MI5 makes use of several techniques to gather intelligence, such as:

Covert Human Intelligence Sources: Also known as “agents”, these people provide secret information during investigations and are NOT MI5 employees.

Directed surveillance: Following and/or observing targets.

Interception of communications: Monitoring emails or phone calls.

Bulk personal data: information about a large number of people used to identify a subject of interest.

Intrusive surveillance: Eavesdropping devices in homes or cars.

Equipment interference: Covertly accessing computers or other devices.

And in case you were wondering, yep, these are all legal because guess what? Individual rights can often be voided when it comes to national security.

Well...

That was all on my behalf. I hope this turned out to be useful for you, and if you happen to have any more doubts on this or any other related topic, my ask is always open!

Yours truly,

-The Internationalist

#writing advice #writing help #creative writing #spies #writing community #writing resources #writing tips #MI5 #spooks #writing spies

41 notes · View notes

dzthenerd490 · 2 months

Text

File: The Wyoming Incident

SCP#: AEJ

Code Name: The Wyoming Incident

Object Class: Neutralized

Special Containment Procedures: SCP-AEJ has not been reported since its manifestation. Furthermore, those responsible were apprehended but eventually died as a result of the incident. As such, the chances of it happening again and low, but just to be safe, the Telecommunications Monitoring Office - Internet Division and Broadcast Division are to alert Foundation administrative staff in the event of SCP-AEJ or something similar happening again.

Description: SCP-AEJ was an incident where several TV stations were hacked by cyber terrorists determined to cause chaos for laughs. However, what they displayed was not disgusting or disturbing imagery, though it did appear as such, but in reality, was much worse. It's unknown exactly how, but the hackers were able to obtain rejected memetic images created by Group of Interest: PENTAGRAM.

For those that don't know, PENTAGRAM is a division of the United States Department of Defense. While the FBI: UIU was created to investigate anomalous threats within the US, PENTAGRAN was made specifically to combat anomalous threats to the ALL of the US. It has been approved of existence by the SCP Foundation and is funded by the Global Occult Coalition. Unfortunately, PENTAGRAM is not as protected as either organization and thus, was how this situation happened.

The hackers obtained the memetics which were rejected because they failed to do as PENTAGRAM wanted. Instead of proper brainwashing or memory wipe; they often causing seizers, headaches, stroke, nausea, and other forms of mental deterioration. These symptoms easily got worse as time went on often leading to their bodies flying in the air while they entered a comatose state, their eyes glowing in a blinding light, their skin suddenly rotting out of nowhere, or their heads just bloating until they explode. It should be noted that anomalous symptoms are always a risk with exposure to multiple memetics in a short period of time. It's for this reason why memetic training and therapy, though effective, is considered dangerous as it can overload the brain and damage it beyond repair.

SCP-AEJ was discovered in 2006 within [data expunged], [data expunged], [data expunged], and a few other cities, all of which are in Wyoming. The event nearly led to an MK Class Broken Masquerade Scenario had the Foundation not reacted in time.

Mobile Task Force Dionysus-1 "Fake News" was entrusted to feed the media a story of a sudden outbreak of a new pathogen within the state of Wyoming. Afterwards Mobile Task Force Gamma-5 "Red Herrings" was deployed to distribute amnestics to anyone who wasn't affected but witness the incident. Meanwhile Foundation agents and MTF units disguised as CDC agents found those who were affected and used amnestic treatment on those that could be saved and quarantined the rest. The hackers involved in the incident suffered the same fate as those who saw the broadcasting of the amnestics. They were used as test subjects to see how to properly subside and even reverse the effects before actual treatment was taken to the affected public. This action was approved by the Ethics Committee, "A fitting punishment" in their own words.

The cover story worked with the public believing those that could be saved were cured and those that were mutated were killed by the plague. The incident was unfortunately known forever in history as "The Wyoming Ghost Plague" or as "The Wyoming Incident". Though the Foundation can take pride in knowing that no civilian will ever know the true nature of the SCP-AEJ incident.

Side Note: PENTAGRAM vouched to the ACPA council to take responsibility for the SCP-AEJ incident. However, the ACPA did not listen with Foundation representatives even claiming, "a lesser organization cannot be expected to handle such consequences". Just words but considered quite the insult to those in the anomalous world that desire to protect the interests and innocence of the public.

SCP: Horror Movie Files Hub

5 notes · View notes

hoshifighting · 5 months

Text

Vernon

One Shots

Code of Temptation - When a series of cyber threats puts national security at risk, Y/N is assigned to lead the investigation. Her team is complemented by Vernon, a computer genius known for his dexterity in deciphering the most complex codes. (WC: +1k) - Smut

Concepts

#vernon masterlist

11 notes · View notes

mariacallous · 5 months

Text

The man charged with administering Arizona’s elections isn’t concerned about the state’s ability to securely hold elections. But he’s going to have to persuade millions of other people to feel the same way.

Adrian Fontes, a Democrat, was elected Arizona’s secretary of state in 2022. A lawyer who previously worked as a prosecutor in Colorado and Arizona, and served as the Maricopa County Recorder before taking office, Fontes must now take on the role of convincing the state’s voters that its elections are legitimate.

Arizona is possibly the market leader in ridiculous election conspiracies and deniers. After former president Donald Trump falsely claimed fraud following the 2020 election, a sham audit to investigate claims of election fraud was conducted by Cyber Ninjas, the cybersecurity firm hired by the Arizona state Senate. Cyber Ninjas falsely claimed that 300 dead people voted; the firm shut down after refusing to release public records to comply with a court order.

In 2022, Arizona election workers faced violent threats, and Trump used technical glitches to stoke fear about the legitimacy of election results. Kari Lake, a prominent election denier who received Trump’s endorsement for governor, refused to concede after losing the election, and made multiple attempts to get the courts to overturn the result. (Lake is now running for Senate.)

Fontes already has his hands full in the lead-up to the 2024 election. In November, two Republican Arizona county officials, Peggy Judd and Terry Crosby, were indicted by the Arizona attorney general on felony charges of conspiracy and interference with an election officer. The charges stemmed from their alleged efforts to delay the certification of votes in the 2022 general election, citing unsubstantiated conspiracy theories. (An attorney for Crosby told Reuters there was no crime and that his client will be vindicated. Judd did not immediately respond to a request for comment.)

In an interview with WIRED, Fontes spoke about his plans to protect election workers in 2024, his thoughts on generative AI and deepfakes, and what he thinks of conservative political activist Charlie Kirk’s knowledge of Arizona’s elections.

This interview has been edited and condensed for length and clarity.

WIRED: What is keeping you up at night?

Fontes: Well, the most critical things that are keeping me up at night don't have anything to do with the technology. It has to do with a lot of the unknowns out there. Human error being blown up by election denialists, by social media.

That's what's bothering me more than anything else. Our systems are quite good, we've got lots of checks and balances, we have a relatively decent grasp on what [threats] AI could pose. We're gonna stick with the basics in our trainings. We're gonna keep it as simple as possible for our voters so they can follow the instructions as easily and cleanly as possible.

At the end of the day, we've got to be ready for just about anything. So there's no one particular thing that's really keeping me up. It's sort of the universe of concerns that are kind of bouncing off of each other.

WIRED: I was at the Turning Point USA event this weekend, and Charlie Kirk [the founder of Turning Point USA] said onstage that elections in Arizona had become less secure. I'm wondering what you'd say to that?

Fontes: Charlie Kirk doesn't know shit about Arizona's election. So I don't know what he's talking about. Our elections are far more secure than they even were in 2020, which were the most secure elections that we've had. I'd like to hear why he thinks that. Where does he get his information from? What facts does he have to support that statement? Who has he actually spoken to in the election administration world? And why does he think that by increasing our security profile, working more closely with federal, state, and local law enforcement and technology officials, how that all makes our elections less secure?

Charlie Kirk is a grifter, who only stirs the pot for his own profit. And what he's doing is eroding the trust that Americans have in one another. That's his MO and he's free to do that under the First Amendment. But he's not paying any of the price and the consequences. He personally is shielded in his privilege, from the erosion of our democracy, from the lack of trust, and the fact that we've lost a lot of people because of the threats that his rhetoric brings to bear. So I think he should reconsider. Maybe potentially just supporting his assertions with some facts, that might be a good start.

WIRED: Can you explain why Arizona in particular attracted so many election conspiracy theories?

Fontes: One of the things that is important [to] realize about Arizona is that we are historically a place where, I will kindly say, free thinking is kind of a normal thing. You know, we don't have generations-long institutions that have really locked themselves into power for long periods of time. We don't have any royal families who made millions and millions of dollars here locally, and then invested locally. We are an amalgam of people from all over the country and all over the world. And when you have this really diverse soup of different ways of thinking and looking at things, folks might gravitate toward one space or another. And that free thinking sometimes becomes, you know, a good breeding ground for some of these conspiracy theories. It can go off the rails a little bit, once in a while. But that's okay. American democracy requires a diversity of thought. And it's our intellectual freedom that is one of our biggest strengths.

Now, we still have to agree on the outcomes of elections. That's the golden thread that holds the entire fabric of our society together. And that's the one piece of our civic culture that is now being attacked. That's different than what we've seen in the past and the conflicts that we've seen issue by issue, whether it's immigration, or abortion, or the economy or gas prices, or whatever.

WIRED: Talk to me about the relationships you have with your peers in the Arizona state government. How cooperative are they with you? And do you have any fear that they may try to undermine the results of the election?

Fontes: We have very good relationships, even with people who find themselves in the election denialism space. There are some things that we very much agree on. For example, Representative Alex Kolodin—one of the biggest election denialists, who has actually sued me several times and who was just recently disciplined by the state bar—he and I have actually worked very closely together on some issues. We disagree on a lot of stuff, but he's going to be sponsoring one of the bills that we're bringing forward to help us better and more frequently train our election officials here in Arizona. But you know, when we're sitting in a conference room behind closed doors, and the lights and cameras are not on us, generally speaking, we can find common ground when it comes to the pragmatic application of skillsets regarding the operation and administration of our elections. It's when the cameras get turned on that people sometimes go astray a little bit.

WIRED: How do you plan to protect election workers? And do you have any fears of violence at the polls or other places?

Fontes: Political violence has become a part of the regular conversation here in America. And I think that's shameful. At the end of the day, if you're threatening violence or committing acts of violence to achieve a political end, that's terrorism. To protect our election workers, we're working very closely with state, local, and federal officials. We've been increasing our security funding. We've been hardening our physical security, personnel security, information technology security, networking security across the board, working closely with CISA [Cybersecurity and Infrastructure Security Agency].

We are sending folks from that agency to every one of our counties, and they are doing surveys, they're looking at the counties to advise them. We're working with the National Guard day in and day out, to help monitor the circumstances online and in other spaces. We now have four security personnel working in different spaces in the secretary of state's office to monitor and alert when we see activities out there that might be problematic or might need further investigation. At this stage, we're doing everything we can to bring as much information to law enforcement as possible. God willing, the violence and threats of violence will go away soon, so that we can get back to the notion of just running elections as we have done for the past several generations.

WIRED: Are you personally prepared to become a target of Donald Trump and his supporters?

Fontes: Well, I'm already a target. I've already been threatened, my family's already been threatened. We are already struggling to meet my personal security needs and the security needs of my own family. This is already a reality for me, but our democracy is worth it.

When I volunteered to give my life to be a United States Marine, I didn't think that after being honorably discharged, I would continue to have to live under threat. And it's a sad day in America, where civilian officials doing civilian jobs have to suffer these kinds of threats and these kinds of violence. Is this the country that we want to live in? Do we want regular civilian activities to be the target of threats of violence or actual violence? These are Americans who were bringing it here and that's embarrassing.

WIRED: What has it been like to experience the attacks on your family and safety?

Fontes: Well, thankfully, so far, it's just been threats. And we really are grateful to law enforcement, who continue to monitor the internet and other communication channels to make sure that we stay safe. It's not pleasant. And you know, my partner, my children, we're all very cognizant of it. And it's not something that I would wish on anybody else.

WIRED: You ran a tabletop exercise [a simulation of potential scenarios in the upcoming elections] over the past few days. Was there anything that stuck out to you or surprised you?

Fontes: I think the advancing technology and generative AI really was brought home for a lot of folks in the room. One of the deepfakes [at the exercise] was created with only base information from the internet and then some free tools. They created a deepfake of me and of another elected official in Arizona, using that person's permission and some footage that they took. And that one was strikingly better. And they actually had that official speaking German, speaking Chinese, in what appeared to be really, really well-placed lip movements, eye movements, all that stuff. In another six to eight months, those technologies are going to improve.

People have always been able to lie, but the effectiveness of those lies is now augmented and significantly increased. So AI doesn't present new threats. It presents broader and deeper threats that we're already working to deal with.

WIRED: The Colorado Supreme Court ruled yesterday that Trump can't be on the ballot. Can you talk about why you have defended Trump's right to be on the ballot and what you make of the Colorado decision?

Fontes: My position is that Arizona statute obliges me to put Donald Trump on the ballot where he has already qualified for the ballot in two other states. So my position is in defense of Arizona state law and our order under the rule of law, and whether or not I think Mr. Trump ought to be on the ballot is irrelevant. I have a duty to execute the law. As for Colorado, that's a Colorado question. And I have a feeling that the United States Supreme Court will have to step in at some point.

WIRED: What would you say to an average voter who believes that elections in America and elections in Arizona are rigged?

Fontes: I would ask them if they're hearing that from elected officials who were elected in the same system that they're questioning. If you're hearing it from someone who is currently in office, they got there because they got elected, because people voted for them. And those votes actually counted. The burden has been shifted to the defender of the system instead of the person trying to accuse the system of being problematic. I want to know why. I want to see the facts that have allegedly been kept from public view, I want to see the actual evidence that has never surfaced in any state anywhere, to show that there's some kind of widespread fraud or that elections are fickle.

I want to see the facts just like [speaker of the Arizona House of Representatives] Rusty Bowers wanted to see the facts. Just like [Georgia secretary of state] Brad Raffensperger wanted to see the facts. Just like sensible Republicans and Democrats across the country have wanted to see the facts. The burden should rest on the accuser. And if someone is accusing our systems of being corrupted, they need to show us the facts that they're using to come to that conclusion. Otherwise, their accusations are empty.

15 notes · View notes

zerosecurity · 8 days

Text

How Many Times Has the PlayStation Network Been Hacked?

Sony, the renowned multinational conglomerate, has grappled with a series of high-profile data breaches and security incidents over the years, leaving a trail of compromised user data and significant financial repercussions. From state-sponsored cyber attacks to defiant hacker groups, Sony's digital fortresses have been repeatedly breached, exposing the vulnerabilities of even the most prominent corporations in the digital age.

The Most Recent Incidents

In October 2023, Sony notified 6,791 current and former employees that their data had been compromised in a breach that occurred earlier in the year. The intrusion, which took place in late May, was part of the widespread MOVEit attacks that targeted hundreds of companies and government agencies. Sony stated that it detected the breach on June 2 and promptly addressed the situation, asserting that no customer data was implicated. Just a month prior, in September 2023, Sony found itself investigating another alleged hack. The hacker group RansomedVC claimed to have stolen a staggering 260 GB of proprietary data from Sony's systems, including a PowerPoint presentation and source code files. However, the credibility of this claim was challenged by another hacker, MajorNelson, who accused RansomedVC of being "scammers" attempting to gain influence. Sony affirmed that it was investigating the matter but refrained from providing further details, stating that no customer data appeared to be implicated in this incident.

The Infamous 2014 Sony Pictures Hack

One of the most notorious cyber-attacks against Sony occurred in 2014 when state-affiliated North Korean hackers, known as the "Guardians of Peace," infiltrated Sony Pictures' networks. This audacious breach resulted in the theft of a staggering 100 terabytes of data, including unreleased films, personal employee information, internal emails, salary details, and a wealth of other sensitive information. The hackers not only purloined the data but also employed the Shamoon virus to wipe data from Sony's systems, compounding the damage. As the studio grappled with the aftermath, the hackers began leaking portions of the stolen data, including unreleased movies and confidential communications that revealed embarrassing exchanges between employees. The attack was believed to be retaliation for the planned release of the comedy film "The Interview," which satirized North Korean leader Kim Jong-un. The hackers issued threats, warning of a "bitter fate" for those who watched the movie and ominously referencing the 9/11 terrorist attacks. Initially, Sony capitulated and pulled the movie, but later reversed course following public pressure, including from then-President Barack Obama, and released the film in a limited theatrical and online format. The repercussions of the 2014 hack were far-reaching. Employees filed a lawsuit against Sony, alleging economic harm due to the exposure of their personal data. The studio agreed to pay up to $8 million in compensation, fraud protection services, and legal fees. Additionally, the cost of repairing Sony's systems was estimated to be around $35 million.

Earlier Breaches and Security Incidents

Sony's history of data breaches and security incidents extends back over a decade. In 2011, the company faced a series of attacks that exposed the personal details of millions of customers. In April of that year, hackers accessed the personal data of 77 million Sony PlayStation Network (PSN) users, including names, emails, addresses, birthdates, usernames, and passwords. The incident resulted in a several-week service outage for the PlayStation Network, causing frustration among gamers. A month later, in May 2011, Sony announced that personal details of 25 million Sony Online Entertainment customers had been stolen, including information about PC games purchased through the system. Additionally, in June 2011, hackers targeted several Sony Pictures-associated websites, compromising over one million user accounts and exposing music codes and coupons. Beyond data breaches, Sony has also faced denial-of-service (DDoS) attacks and website defacements. In December 2014, a group called Lizard Squad claimed responsibility for a DDoS attack that took down the PlayStation Network, preventing up to 160 million gamers from accessing the service during the Christmas holiday season. In August 2017, the hacker group OurMine gained access to Sony PlayStation social media accounts and claimed to have accessed the PlayStation Network database, collecting registration information. While the group positioned itself as a security firm attempting to reach PlayStation employees, its tactics were questionable.

The Road Ahead

Sony's tumultuous history of data breaches and security incidents serves as a sobering reminder of the ever-present cyber threats facing corporations and the need for robust cybersecurity measures. As technology continues to evolve, companies must remain vigilant and proactive in safeguarding their digital assets and protecting the privacy of their customers and employees. While the financial and reputational costs of these incidents have been substantial, the lessons learned from Sony's experiences could prove invaluable in fortifying the defenses of not only Sony but also other organizations against the relentless onslaught of cybercriminals and state-sponsored actors. As the digital landscape becomes increasingly complex, Sony's path forward must be paved with heightened security protocols, comprehensive risk assessments, and an unwavering commitment to data protection. Only by learning from the past and embracing a culture of cybersecurity can Sony and other corporations hope to navigate the treacherous waters of the digital age with confidence and resilience. Read the full article

3 notes · View notes