Good article on Kiwi Farms shut down, some thoughts

Think about Exoo or someone, but with no computer? He’s not dangerous at all. With one? Holy hell. And that’s what makes him a cyber terrorist.

Yes, technology is a force multiplier, not disagreeing there.

EDIT: I had to google Excoo, just read the first few lines that came back.

Take whatever Gonzo posts with a pinch of salt

He’s an awful bullshitter

Stuxnet is a good example of a cyber attack targeting physical assets for physical destruction.

Not the only example, certainly.

But a classic one.

No, you are merely a liar, that again creates noise in the line, thus making it more difficult for other readers to get good signal.

Case in point, I am the program director and senior faculty for a university Cybersecurity degree program,

And I have three active government contracts to provide Cybersecurity services.

But, here you go again, seeking attention, and creating noise in the line for the other readers.

You are also generally ignorant, and a dummy, to boot.

You have to remember they have the support of the state. Many of the most prominent “antifascist” activists and personalities are assets or CIs of our IC or foreign IC (especially UK). They can afford to lack sophistication when they aren’t being looked for or at too hard.

US government might disagree with you. A few years ago the Office of the Secretary of Defense was looking for an actual cyber defense strategy (they didn’t consider US Army Cyber Command’s Persistent Engagement to be a strategy, and it isn’t). They wanted whole of government and they considered online information operations as part of the cyber picture.

Yeah, but they targeted digital assets to cause the damage, messing with the monitoring and the cycles the reactors were running at. In the same way kinetic warfare needs to know the terrain, enemy positions, situation intelligence, etc. in order to respond to troop movements, cyber warfare is the same. You need to know your terrain, what your digital footprint is, what services you have exposed, etc. When you are attacked you have cyber response teams that will use tools and techniques to “fight that war” and mitigate the threat (take down servers, block accounts, etc.)

In the event that there is a kinetic and cyber war, they would essentially be fought on different terrains using different people. There will be overlap, like cyber attacks giving advantages to ground units, but they essential exist in different places.

I’m not 100% sure what you mean by online information operations. Cyber teams would typically compromise servers, breach networks, and have a series of objectives to perform. If they need to get access to social media, messaging platforms, home pc’s, whatever the case may be, that would be done by them as well. I think in the US it would be the NSA that gets access to everything, then passes that intelligence onto who ever needs to deal with it, or who needs it (CIA, Military, etc.). The point was just, confusing communications used during what is basically, for lack of a better word, a kinetic action, is really not what a cyber attack is about. It comes down to where the threat exists and how that threat is mitigated.

Stepping away from the stuxnet example,

When one can make powerplants explode physically, with resulting destructive energies that rival dynamite, and thereby bring down power grids for extended periods of time, by means of an electronic attack, that is just another form of bomb.

I hate to reference him, because he is kind of a real world Sith Lord, but General Michael Hayden, former head of both the CIA and NSA, likened their destructive potential to that of nuclear bombs.

And, he’s not wrong on that point.

Of course, with nukes, we have established multinational accords, but not so with Cyber weapons.

Propaganda, memes, support of radical political movements and groups on social media by sockpuppet accounts, ad buys etc. This was considered part of the whole package.

This was the line they were trying to determine and part of the strategy we came up with: How do you determine what crosses the line where military reaction is appropriate? As part of that project we had a relatively difficult time coming up with one and justifying it. Of course loss of American life due to a cyber attack is a reasonable place to put that line. But how indirect can that loss of life be? Traffic system gets shut down and causes a fatal accident? Ransomware attack on a hospital leads to the wrong medicine being dispensed and someone dies?

And then you need to be able to irrefutably attribute it to a state actor.

IIRC the idea is (I forget the name of the guy, he did a lot of work with Army cyber command when Nakasone was there and I actually got to sit down with him and talk to him a few years ago) setting norms for what is considered Below the Threshold for Military Action. So while there is no formal agreement per se, the idea was the set up informal norms.

I think the my response is the same to both of your responses.

You are looking at the outcome. The battle is lost in cyber space, the impact is felt in the world.

If a nuke or a reactor is hacked and it explodes, it means the preventative, detective and response mechanisms on networks, servers, etc. were not successful. The red team of one group beat the blue team of another. There can be many outcomes of a cyber attack, loss of life, damage to infrastructure, reputational damage, financial loss, etc. The point is where that battle is fought and how.

We are kind of arguing semantics.

Going back to the example of stuxnet, yeah, the virus was the way the physical PLCs were compromised, and the PLCs were the cause of a shit load of nuclear centrifuges self-destructing spread over months.

The payload was a physical reaction, of destruction.

The delivery mechanism for the payload, was cyber.

But just as a biological delivery mechanism, or a chemical delivery mechanism, or a physical delivery mechanism can cause a physical system to fail, ie be destroyed, so can a cyber delivery mechanism.

Cause a power plant to explode, you can kill power plant workers, and deprive an area of power for weeks or months.

Cause brakes to engage or fail, you can cause traffic accidents, with loss of life.

Cause a defibrillator or pacemaker to misbehave, that device can stop a heart as sure as restart or positively regulate a heart.

Self-driving cars, plane systems, etc.

For that matter, because of the IoT, and “smart” devices where security is often an after thought, or a nod, and, and, and…

Not to mention, simple economic harms, with a volume knob, that goes all the way up to 11.

It’s not just about the delivery mechanism. I’m probably not making a clear point. I understand your point of view as well as osiris. In the context of OP it probably doesn’t matter, more of a personal information/PII/free speech conversation originally. I just didn’t agree with how cyber attack was being used because it doesn’t meet the classification of what would be considered a cyber attack. Thought i could help clarify the confusion, but happy to agree to disagree, starting to feel like i’m making a lot of noise about nothing. :slight_smile:

No, this is false. I know this for a fact to be false, despite how many on the right feel.

We know of at least one online personality who was recruited to create online propaganda (and it’s likely way beyond that) due to a leak in the UK.

Look not specific to Antifa which i know little about, but propaganda is rife at the moment, it’s absolutely everywhere. People are too lazy to think for themselves, nobody fact checks anything anymore. It’s just perfect, you can feed people anything these days. I mean that ministry of truth they were talking about not too long ago … if you aren’t worried, you just aren’t thinking. Cancel culture, social media deciding what is truth, we are not in a good place …

2 Likes

Certainly. There are some online content creator movements that are wholesale state propaganda. Breadtube (leftist Youtubers) are one known one.

You mean like Putin’s troll farms that got 45 into the White House?

Do you really think $100k in Facebook ads is enough to get someone elected in the US?