UNITED STATES
We have entered the computer networks of U.S. Government computers, large social media providers such as AOL, EBAY, Twitter, UTUBE, several large power companies including nuclear plants, very large department stores such as Wal-Mart, to gather I.P. addresses and location of hackers.
We discovered many, many hackers I.P.
addresses. We were able to determine their
approximate location. With this information were able to enter their cell-phones and subsequently enter their computers. We monitored their activity for
a few days to determine the exact computers involved. We then modified their source code to duplicate what we have done with the Chinese hacker network. We modified their source code to allow their I.P. address and location to display on the hacked systems. We also modified their source code to not allow any transmission of information. We obtained their bank accounts and extracted 15 million dollars from various hacker accounts. We also placed our logo:
on all of their written communications including email. Among the hackers we discovered and neutralized was the ComodoHacker who has been creating havoc with various digital signing sites. He is
no longer a threat in his current configuration. If he moves locations and uses his current software he will immediately be discovered. If he modifies his code he will also be caught by us.
We have also entered the computer systems of the following hackers and modified their code to display their I.P. address and location on the hacked computer screen with the instructions to notify the F.B.I. immediately. These hacker groups include:
Anonymous, Chaos Computer in Germany, Cult of the Dead Cow, CyberVor, Decocidio#, DERP, NCPH, just to name a few. We also removed a total of 44 million dollars from their bank accounts, put our icon in their system and warned these hacker groups that further hacker activity on their part would bring a more severe punishment to them, their friends, and their families. After
all, they all have computers and cell-phones.
Diversion total to date $1,100,000,000
Donation total to date $995,000,000
Computer Infection Definitions
Computer hacking is the act of modifying computer hardware or software, in order to cause damage to sensitive data on a computer or to simply steal confidential information. People who engage in computer hacking activities are called "Crackers". Crackers are out to steal personal information, change a corporation's financial data, break security codes to gain unauthorized network access, enter government websites or pentagon files, or conduct other destructive activities for financial gain or military superiority.
Computer crackers often target computers that are connected to the Internet. Information critical to national security, confidential government data, information related to national defense, security and crime, if exposed by means of
hacking, can have grave consequences on the welfare of the nation. Hacking of highly sensitive data can potentially risk the national security and threaten the overall well being of the country's citizens. Hacking can be used to convert computers into zombies i.e. Internet-enabled computers that are compromised by crackers or computer viruses.
Examples of hacking include:
SQL injections (attack on a database)
DDoS (attack on a website. denial of
service)
Script Injection (attack on any kind
of software)
Social engineering (tricks played on
people to get them to divulge
information)
Dumpster diving (raking through bins
to find information about a
companies computer systems)
Phone Phreaking (methods of by-
passing some automated systems
on telephones)
Keylogging (purposely installing
software that records keystrokes
of the user, to gain information
about them)
TROJANS:
Another unsavory breed of malicious code are Trojans or Trojan horses, which unlike viruses, do not reproduce by infecting other files, nor do they self-replicate like worms. In fact, it is a program that disguises itself as a useful program or application. Beware of the fact that these viruses copy files in your computer (when their carrier program is executed) that can damage your data, and
even delete it. The attacker can also
program the Trojans in such a manner that the information in your computer is accessible to them.
LOGIC BOMBS:
They are not considered viruses because they do not replicate. They are not even programs in their own right, but rather camouflaged segments of other programs. They are only executed when a certain predefined condition is met. Their objective is to destroy data on the computer once certain conditions have been met. Logic bombs go undetected until launched, the results can be destructive, and your entire data can be deleted! A "black hat" hacker violates computer security for little reason beyond
maliciousness or for personal gain. Black hat hackers form the stereotypical, illegal hacking groups often portrayed in popular
culture, and are the epitome of all that the public fears in a computer criminal. Black hat hackers break into secure networks to destroy data or make the network unusable for those who are authorized to use the network(DDoS). They choose their targets using a two-pronged process known as the "pre-hacking stage".
Stage 1: Targeting
The cracker determines what network to break into during this phase. The target may be of particular interest to the cracker, either politically or personally, or it may be picked at random. Next, they will port scan a network to determine if it is vulnerable to attacks, which is just testing all ports on a host machine for a response. Open ports-those that do respond will allow a cracker to access the system.
Stage 2: Research and Information Gathering
It is in this stage that the cracker will visit or contact the target in some way in hopes of finding out vital information that will help them access the system. Aside from social engineering, crackers can also use a technique called "dumpster diving". Dumpster diving is when a hacker will literally search through users' garbage in hopes of finding documents that have been thrown away, which may contain information a hacker can use directly or indirectly, to help them gain access to a network.
Stage 3: Finishing The Attack
This is the stage when the cracker will invade the primary target that he/she was planning to attack or steal from. Many "crackers" will be caught after this point, lured in or grabbed by any data also known
as a honeypot (a trap set up by computer security personnel). A typical approach in an attack on an Internet-connected system is:
Network enumeration:
Discovering information about the intended target.
Vulnerability analysis:
Identifying potential ways of attack.
Exploitation:
Attempting to compromise the system by
employing the vulnerabilities found through the vulnerability analysis. In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.
Vulnerability scanner
A vulnerability scanner is a tool used
to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number.
Password cracking
Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
Packet sniffer
A packet sniffer is an application that captures data packets, which can be
used to capture passwords and other data in transit over the ne
twork.
Spoofing attack (Phishing)
A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.
Rootkit
A rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs that work to subvert control of an operating system from its legitimate operators.
Usually, a rootkit will obscure its
installation and attempt to prevent its removal through a subversion of standard system security. Rootkits may include
replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.
Trojan horses
A Trojan horse is a program that seems to be doing one thing, but is actually doing another. A Trojan horse can be used to set up a back door in a computer system such that the intruder can gain access later.
Viruses
A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents.
Therefore, a computer virus behaves in a
way similar to a biological virus, which spreads by inserting itself into living cells.
Worms
Like a virus, a worm is also a self-replicating program. A worm differs from a
virus in that it propagates through computer networks without user intervention. Unlike a virus, it does not need to attach itself to an existing program.
Key loggers
A key logger is a tool designed to record ('log') every keystroke on an infected machine for later retrieval. Its purpose is usually to allow the user of this tool to gain access to confidential information typed on the affected machine, such as a user's password or other private
data. Some key loggers use virus, Trojan, and rootkit like methods to remain active and hidden. However, some key loggers are used in legitimate ways and sometimes to
even enhance computer security. As an example, a business might have a key logger on a computer used at a point of sale and data collected by the key logger could be used for catching employee fraud.
Diversion total to date $1,100,000,000
Donation total to date $995,000,000
Cyber Warfare Combat & Tactics
One of the major concerns of our government is the ability of foreign enemies to sabotage the US power grid, air traffic control systems, financial institutions, military defense systems, and other infrastructure.
Several power utilities say they face a barrage of cyber attacks on their critical systems. A report by two Democratic lawmakers found that foreign hackers were trying to bring down the US power grid. More than a dozen power companies said they experienced daily, constant or frequent attempted cyber attacks, according to a 35-page report summarizing their responses.
We have the unique ability with The Robin Hood Virus to reside in all of the
networks of major U.S. power companies, air
traffic control systems, military networks, and financial institutions waiting to ambush attempted cyber attacks.
We have developed a suite of programs we will call "Network Monitor Software" to detect, locate, and enter the offending intruder. We have a program for packet analysis, and also to look inside the packet headers. It is a memory forensic capture and analysis toolkit. It allows for the import of standard WinDD memory dumps which are then automatically reverse engineered and are forensically analyzed electronically using our pre-determined
formulas. The software monitors all packet
information to determine the source and destination IP addresses of the traffic. The software then will "DNS-ify" the IP address of the traffic which gives them a name such as "workstation1.iran.tr.com". Our system uses a combination of deep
packet inspection (DPI) and behavior analysis to identify applications and protocols in use across the network no matter if they are plain text or use advanced encryption and obfuscation techniques.
We have entered and installed our "Network Monitor Software" in most major power grids, air traffic control systems, and financial institutions to monitor all packet activity for intrusion attempts. When our software alerts us that an attack has been attempted we will log the critical specifics of the intruder. We then transmit that data back to our local office. With that data we enter the intruders network, create havoc within that network and all of its' nodes, and give notice that further attempts to hack into U.S. computer systems will cause catastrophic damage to the offending
systems. With this plan we will stop critical cyber attacks to U.S. installations. We will explain how we will utilize this plan to stop cyber attacks to the industrial infrastructure, large industries and distribution centers in a further chapter.
METHODS OF ATTACK
Cyber warfare consists of many different threats:
Cyber espionage and Cyber attacks, the latter of which is the top security threat to the United States.
ESPIONAGE AND NATIONAL SECURITY BREACHES
Cyber espionage is the act or practice of obtaining secrets (sensitive, proprietary or classified information) from individuals, competitors, rivals, groups, governments and enemies also for military,
political, or economic advantage using illegal exploitation methods on the Internet, networks, software and or computers. Classified information that is not handled securely can be intercepted and even modified, making espionage possible from the other side of the world. Specific attacks on the United States have been given codename's like Titan Rain and Moonlight Maze. The recently established Cyber Command is currently trying to determine whether such activities as
commercial espionage or theft of intellectual property are criminal activities or actual "breaches of national security".
SABOTAGE
Computers and satellites that coordinate other activities are vulnerable components of a system and could lead to
the disruption of equipment. Compromise of military systems, such as C4ISTAR components that are responsible for orders and communications could lead to their interception or malicious replacement. Power, water, fuel, communications, and transportation infrastructure all may be vulnerable to disruption.
The civilian realm is also at risk, noting that the security breaches have already gone beyond stolen credit card numbers, and that potential targets can also include the electric power grid, trains, or the stock market.
In mid July 2010, security experts discovered a malicious software program called Stuxnet that had infiltrated factory computers and had spread to plants around the world. It is considered "the first attack on critical industrial infrastructure that sits at the foundation of modern economies".
DENIAL-OF-SERVICE ATTACK
In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root name servers. DoS attacks may not be limited to
computer-based methods, as strategic physical attacks against infrastructure can be just as devastating. For example, cutting undersea communication cables may severely cripple some regions and countries with regards to their information warfare ability.
ELECTRICAL POWER GRID
The federal government of the United
States admits that the electric power grid is susceptible to cyber warfare. The United States Department of Homeland Security works with industry to identify vulnerabilities and to help industry enhance the security of control system networks, the federal government is also working to ensure that security is
buil
t in as the next generation of "smart grid" networks are developed. In April 2009, reports surfaced that China and Russia had infiltrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national security officials. The North American Electric Reliability Corporation (NERC) has issued a public notice that warns that the electrical grid is not adequately
protected from cyber attack. China denies intruding into the U.S. electrical grid.
One countermeasure would be to disconnect the power grid from the Internet and run the net with droop speed control only. Massive power outages caused by a cyber attack could disrupt the economy, distract from a simultaneous military attack, or create a national trauma.
MOTIVATIONS
MILITARY
Cyber Command is the newest global
combatant and its sole mission is cyberspace, outside the traditional battlefields of land, sea, air and space. It will attempt to find and, when necessary, neutralize cyber attacks and to defend military computer networks. The distributed nature of Internet based attacks means that it is difficult to determine motivation and attacking party,
meaning that it is unclear when a specific act should be considered an act of war.
CIVIL
Potential targets in Internet sabotage include all aspects of the Internet from the backbones of the web, to the Internet Service Providers, to the varying types of data communication mediums and network equipment. This would include: web servers, enterprise information systems, client server systems, communication links, network equipment, and the desktops and laptops in businesses and homes. Electrical grids and telecommunication systems are also deemed vulnerable, especially due to current trends in automation.
The Robin Hood Virus Page 7