2013-05-19

US Government Now The Single Largest Buyer Of Malware In The World

Vatic Note:  Its truly ironic that this below includes what the Government "SHOULD" be doing when it "knows" of a vulnerability that can be exploited.  It says then its obligation is to tell U.S. users.  I almost fell out of my chair laughing.  I realized at that point, just how far down we have gone and how huge the divide is between the government and its people.  

Its been so long since I have trusted anything out of our government, that when I read that, it seemed like it was talking about ancient history, not recent history.  We have not depended on Government anymore, for anything in the way of protection or defending us from anything, in a very long time, in fact, its been the opposite,  we now assume they will harm us for their political agenda.  It started with the USS Liberty and has gone down hill from there.  You have to be heartless to attack the elderly and the babies... and they have and do.

In fact, we see the Dept of Homeland Security as totally controlled by a foreign government that then uses "Our taxpayer paid" resources to conduct false flags and kill Americans.  That is how far of a divide that now exists and its like they are oblivious to that fact.  So either our leaders are so far removed from the people's pulse that they can't see the change, or they just don't even care, and that makes it even more clear that something must change and soon.    

A commenter made a good suggestion.  The cyber worm can turn both ways.  Yes, it can do things to us, but then again, we can do things to them. After all, their selection of cyber warriors comes from within the people whose kids are becoming experts on the cyber world.  

For instance,  don't corporations sell products on the net?  What is the first thing that will happen if they shut us down or harm our computers?  No Cyber buying and profit making.  Then who says that some genius computer nerd can't hack their computers and turn the tables on them?  Its been done before, it can be done again, only worse.   

Aren't oil pipelines run by computers for pumping oil, and the same with natural gas delivery?  Hmmm,  that makes them vulnerable, doesn't it?  I believe the commenter brought up several other examples that were definitely encouraging.  

I happened to wonder what they are doing underground for communications between their little rat holes they are going to inhabit?  I bet they will use computers through satellites or fibre optics and they are vulnerable in both.  We have very creative people among us, and I look forward to seeing that creativity at work.  LOL  As the commenter said "Bring it on".  Let the games begin.

US Government Now The Single Largest Buyer Of Malware In The World
http://12160.info/forum/topics/us-government-now-the-single-largest-buyer-of-malware-in-the
Posted by Ria, 12160.info, on May 14, 2013

                                                        
According to a new report, the United States government is now in fact the single largest buyer of malware in the world thanks to the shift to “offensive” cybersecurity and is leaving us all vulnerable in the process.

Speaking of the government’s new focus on offensive cyber-security, former White House cyber-security advisors Howard Schmidt and Richard Clarke both told Reuters that the government is putting so much emphasis on offensive measures that it ultimately leaves people in the U.S. at risk.
"If the U.S. government knows of a vulnerability that can be exploited, under normal circumstances, its first obligation is to tell U.S. users. There is supposed to be some mechanism for deciding how they use the information, for offense or defense. But there isn't."
In order for the government to exploit vulnerabilities discovered in major software, they cannot disclose those vulnerabilities to the manufacturers or the public, lest the exploit be fixed.

According to the Verge, the pursuit of those vulnerabilities is quite costly, “zero-day exploits (those which are unknown to software developers at the time of discovery) have been known to sell for as much as $50,000 – $100,000 each.”

These zero-day exploits are then packaged into weaponized malware and sold to anyone from cyber-criminals to repressive governments.

The entities can then use that malware for spying on their own citizens – though you can always get a nice sleek package like FinFisher which was marketed directly to the United States – or even sabotage a nuclear facility as was the case with the US/Israeli-developed Stuxnet.

“My job was to have 25 zero-days on a USB stick, ready to go,” one former executive at a defense contractor told Reuters. The defense contractor would purchase vulnerabilities from independent hackers and then turn them into exploits for the government to use as an offensive cyber-weapon.

While the U.S. government is unsurprisingly silent when it comes to their cyber-warfare program, much has been revealed by former defense contractors and vendors.

These individuals have revealed that the U.S. is dominating the so-called “gray market” – which is really a completely illegal black market – where so much money is to be made that some researchers are lured towards helping an offensive cyber-war.

“The only people paying are on the offensive side,” said Charlie Miller, who formerly worked at the National Security Agency and now works for Twitter as a security researcher.

Even more troubling is that “tax dollars may end up flowing to skilled hackers simultaneously supplying criminal groups,” according to Reuters.

Most of all, this approach ensures that the U.S. government has a vested interest in keeping as many security vulnerabilities open in the most popular software available so those vulnerabilities can be exploited and even weaponized.

If this is the future of war, there very well might be more collateral damage than ever.

The article is reproduced in accordance with Section 107 of title 17 of the Copyright Law of the United States relating to fair-use and is for the purposes of criticism, comment, news reporting, teaching, scholarship, and research.

No comments: