+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Cyber Attack On Tor Could Contain A Secret Message From The NSA

Aug 6, 2013, 03:22 IST
There was a big cyber attack on anonymous online network Tor over the weekend that led to the bust of an alleged child pornography "facilitator" by the FBI. While many assumed that the attack came from the FBI, some hackers have found evidence that leads straight back to the National Security Agency — opening up all kinds of interesting questions. Here's what the hackers found:

Everyone's been assuming it's the FBI ... It's worth noting that nobody has taken public credit for this #torsploit malware yet, so attributing it to the FBI is a leap of assumptive logic.

via CryptoCloud

Advertisement

That IP address is part of IP space directly allocated to the NSA's Autonomous Systems (AS). It's not FBI; it's NSA.

Although this isn't proof that the NSA was involved in the hack, it certainly suggests that they were.

Of course, the reality could be even more complicated. One of the commenters, Pattern_Juggled — in a comment aptly titled "PsyOps" — pointed out that leaving evidence of an IP address inside a hack was "sub-amateur."

From the comment:

There's whole forms of artistry that have evolved around obfuscation of [Command and Control] infrastructures, cat-and-mouse games with malware researchers that have extended years, decades.

Advertisement

The issue of "attack attribution" is a big one when the big boys talk about nation-level cyber conflict. Tracking back who did what, uncovering false flags, and false-flagged false flags... these guys know that game very, very well. They've forgotten more than us mere mortals are likely to learn in a lifetime.

Basically, Pattern_Juggled is saying that attribution in the professional league of hackers is always a big game, and that someone — possibly the FBI — planted the IP address in the hack to make it look like it was the NSA.

Though, in Pattern_Juggled's analysis, the NSA probably did it on purpose to send a message to the encrypted world of communications:

It's psyops - a fear campaign. FUD [fear, uncertainty, doubt] on meth. They want to scare folks off Tor, scare folks off all privacy services. They want people to feel vulnerable, insecure, uncertain... they want them to doubt everything they think they know about online security. And sticking the three letters - NSA - on the whole thing does a great job at that, doesn't it?

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article