标签: 南京夜生活论坛网

Worms, spyware … What weapons are there in the US network arsenal?

  A few days after the ransomware "Want to Cry" raged around the world, the tracing behind the scenes finally got a little clue: Kaspersky Lab in Russia and Symantec in the United States said on the 15th that this ransomware may be related to a hacker organization called lazarus. In this cyber attack, they made malicious ransomware by using the hacking tool "Eternal Blue" leaked from the National Security Agency (NSA) network arsenal.

  Reuters once reported that 90% of the expenditure on network projects in the United States was used to develop hacker attack weapons, which could invade the "enemy’s" computer network, monitor people, and paralyze or block infrastructure. Cyber security experts accuse the United States of investing heavily in developing hacking tools instead of self-defense mechanisms, making the global network environment "more insecure".

  Compiled by Wen Junhua, all-media reporter of Guangzhou Daily

  "The ransomware is not developed by the US National Security Bureau, but by criminal gangs, which may be criminals or foreign governments." Bossert, Assistant to the US President for Homeland Security and Counter-Terrorism, said in response to the "Want to Cry" ransomware incident on 15th, but he evaded the question whether the hacking tools leaked by US intelligence agencies would lead to more cyber attacks in the future.

  In fact, the leak of the NSA network arsenal that caused the ransomware rampage was disclosed as early as last August. At that time, a hacker organization named "Shadow Intermediary" claimed to have broken into the "Formula Organization" hacker organization under the NSA and stolen its network arsenal. The "shadow middleman" leaked some of the hacking tools and data through social platforms, and publicly auctioned the complete data package at a high price of 1 million bitcoins (worth about 568 million US dollars), but the hawking did not attract response and widespread attention, and eventually it was auctioned.

  Since then, the "shadow middleman" has tried several times to sell the NSA network arsenal without success. Its latest exposure of NSA network weapons was released in mid-April this year. The organization said that NSA had invaded the international banking system to monitor the capital flow between some banks in the Middle East and Latin America. The hacking tool "Eternal Blue" of NSA network arsenal is believed to have been leaked by "shadow middleman".

  Although the profit-making purpose of the "shadow middleman" has not been realized, the statement that the hacking tools it stole originated from NSA is considered to be highly reliable. Last year, when the "shadow middleman" released some hacking tools and data, Snowden, the exposer of the "Prism Gate" incident, provided an NSA "malware implantation operation manual" to prove that the cyber weapons peddled by the "shadow middleman" carried NSA’s virtual fingerprints. For example, NSA’s "Malware Implantation Operation Manual" instructs operators to use a special 16-bit string "ace02468bdf13579" when using a malware program SECONDDATE. Among the dozens of hacking tools leaked by "Shadow Broker", the tool SECONDDATE is one of them, and its related code contains a large number of this string.

  When it comes to the NSA network arsenal, you can’t avoid the "equation organization". This hacking organization is considered to be a "unwilling to admit" department of NSA, similar to the "fantasy bear" hacking organization in Russia. Before being caught by Kaspersky Lab in 2015, Equation Organization was secretly active for 15 years. According to media reports, because the time and money spent on malware development, mobile technology breakthrough and target blockade are all funded by the state, the project resources are almost unlimited, and Equation Organization has become the "best" hacker organization in the world.

  Iran, Russia, Pakistan, Afghanistan, India, Syria, and Mali are among the top 500 infections in 42 countries made by Formula Organization previously announced by Kaspersky Lab. Due to the built-in self-destruction mechanism of malware, the attack of Equation Organization is difficult to be tracked. Therefore, the hacker tools leaked from this arsenal and some previously exposed attack methods can only represent the tip of the iceberg of the NSA network arsenal.

  Some NSA cyber weapons

  The "Equation Organization" under NSA was discovered and named by Kaspersky Lab. The name comes from their preference for using powerful encryption methods in cyber attacks. In the previous network attacks, they used various attack methods, such as worms, hard disk viruses, spyware, and network-based attacks.

  Fanny worm virus

  Fanny worm is the most powerful worm, which can invade the network isolated by the gateway. Fanny worm virus uses a unique USB-based control mechanism, which is mainly realized by USB disk infection.

  There is a hidden storage area in the U disk to collect basic system information from the isolated network. When the U disk infected with worms is inserted, the collected information can be immediately sent to the attacker in the networked state. If attackers want to run instructions on the network environment isolated by the gateway, they can store the instructions in the hidden space of the U disk through a worm. When the U disk is inserted into the target computer, the worm will automatically recognize and run the instructions.

  "Shenzhen" virus

  It is reported that "Shenzhen" is the first destructive virus specially written for industrial control system, which contains the vulnerability intrusion technology of Fanny worm virus, and can attack Windows system and Siemens SIMATIC WinCC system by using seven vulnerabilities. It is said that it was jointly developed by the United States and the Israeli government.

  The structure of "Shenzhen" virus is extremely complicated and its concealment is super strong. After the computer operator inserts the infected U disk into the USB interface, this virus will gain control of the industrial computer system without any operation.

  During the attack on Iran’s nuclear facilities, the virus suddenly changed the engine speed in the centrifuge. This sudden change was enough to destroy the centrifuge’s operation ability and could not be repaired. After the centrifuge was out of control, the virus still sent a report of "working normally" to the control room, so that the centrifuge was destroyed without anyone knowing. spyware

  Regin spyware is an advanced stealth malware discovered by Symantec in 2014, which can avoid the detection of conventional anti-virus software. The malware has been accused of being used to monitor the government, companies and individuals since 2008 and is considered to be associated with the NSA.

  Symantec pointed out that Regin spy tool uses a number of stealth technologies, which requires a lot of time and resources, indirectly indicating that it is a product developed by a "country". Regin malware allows hackers to launch a series of remote Trojan attacks, including stealing users’ passwords and data, intercepting users’ mouse clicks, capturing screenshots from infected computers, monitoring network traffic, and analyzing emails from Exchange databases. Hard disk virus

  A report by Kaspersky Lab has revealed that NSA may have implanted a virus in the hard disk firmware to rewrite the hard disk firmware of the infected computer.

  According to the report, because the virus is written into firmware, it can be activated after the hard disk is powered on. This malicious firmware creates a secret information repository, which can effectively prevent military-level disk erasure and reformatting, so that sensitive data stolen from victims can still be used even after reformatting the driver and reinstalling the operating system.

  PHP intrusion code

  Equation organization has been found to use malicious PHP intrusion code to attack loopholes in Oracle’s Java software framework or IE browser, ranging from scientific and technological product evaluation to various websites of Islamic Jihad forum. This invasion is as precise as surgery, which can ensure that only one specific target is infected. In an invasion case, the PHP script of Equation Organization also paid special attention to avoid infecting the IP addresses of Jordan, Turkey and Egypt.

What is the United States fighting for with a history of 240 years and more than 200 wars?

  From Vietnam to North Korea

  From Afghanistan to Syria

  The United States often hits

  "Humanitarian intervention"

  "Combating terrorism"

  Wait for the banner to use force against foreign countries

  For more than two centuries

  War and force

  The DNA that has been integrated into this country

  Historically speaking,

  The United States is the most combative country in the world.

  Since the declaration of independence in 1776, in the history of more than 240 years, the United States has launched and participated in more than 200 wars, and has not participated in wars for less than 20 years.

  For hundreds of years, in order to plunder land and resources, the United States has violently expelled and killed aborigines. From the end of the 15th century to the beginning of the 20th century, the population of Native Americans dropped sharply from 5 million to 250,000. The history of American development is the history of aboriginal blood and tears.

  More than 170 years ago, the United States forced Mexico to sign an unequal treaty through the US-Mexico War and other means, and plundered large areas of territory that originally belonged to Mexico, including Texas, California and Arizona.

  After the end of World War II, the United States intervened in or launched many wars overseas, which claimed a lot of lives, especially caused extremely serious civilian casualties and brought eye-catching humanitarian disasters. According to incomplete statistics, from the end of World War II in 1945 to 2001, there were 248 armed conflicts in 153 regions of the world, of which 201 were initiated by the United States, accounting for about 81%. From the Korean War to the Vietnam War, millions of civilians were killed in the war. However, the United States used "Agent Orange" on a large scale in the Vietnam War, and used depleted uranium bombs on a large scale in the Gulf War and the bombing of Yugoslavia in 1999, causing local people to suffer from cancer or other diseases.

  After 2001, under the banner of "anti-terrorism", the United States continued to fight militarily and launched wars and military operations in 85 countries around the world. The war claimed more than 900,000 lives, including 387,000 civilians. Tens of millions of refugees have been displaced in Afghanistan, Iraq, Libya, Syria and other places most devastated by war.

  The reasons why the United States launched these wars are high-sounding, often under the banner of so-called humanitarian intervention and combating terrorism. But in fact, what are the reasons behind the frequent use of force by the United States?

  Plunder oil under the guise of human rights and democracy

  US Vice President Harris:You know, in the past many years, generations have been fighting for oil.

  Harris let slip that the so-called human rights and democracy are just a cover for waging war, and the real purpose is to rob oil and control other countries by controlling global oil resources. Syria, Iraq, Libya and other countries are victims of American oil ambitions.

  American historian Peter Kuznik:As former Federal Reserve Chairman Alan Greenspan said, unfortunately, Americans are unwilling to admit that we invaded Iraq for oil.

  Israeli political analyst Ariel Ben Solomon:The fact is that Libya has relatively large oil reserves, which is an important reason for western military intervention.

  Venezuelan President Maduro:Our country has the richest oil reserves in the world, and American imperialist rulers are looking at it and trying to get their hands on our oil, just as they did in Iraq and Libya.

  Syrian President Bashar al-Assad:The United States harms the interests of other people, undermines international law, destroys the foundation of humanity, and so on, all for the sake of oil.

  The military-industrial complex issued a "war windfall"

  American military enterprises are closely related to the US government and Congress, forming a powerful military industry interest group. According to the survey report released by the Institute of Security Policy Reform, an independent think tank in the United States, from October 2001 to August 2021,Lockheed — Martin, Raytheon, General Dynamics, Boeing and northrop — Grumman Corp.The five American military giants received a total of $2.02 trillion from Congress. These arms dealers have also spent huge sums of money lobbying Washington politicians. As a result, not only have the US military spending been rising year after year, but they have also taken advantage of the intensification of various foreign policies and regional situations to promote arms around the world.

  Andrew Hunter, Director of the Defense Industry Initiative Group of the Center for Strategic and International Studies in the United States:For most defense industries, their biggest source of business is the Pentagon, so their fate follows the defense budget.

  Control other countries and safeguard global hegemony

  These interests, such as oil and arms, are only superficial reasons. What the United States has shown behind its years of belligerence is actually a hegemonic mentality of "giving priority to the United States and taking all the strong" and a unilateral thinking of "being the only one who cares about the world". Kurt Ritter, a former US Marine Corps intelligence officer, published an article on the website of Russian TV today on the 11th, saying, "The United States is trying to reshape the world according to its own ideas. The United States feels that it is the most important country, and other countries should act in the direction guided by the United States, otherwise it will be the enemy of the United States. "

  International political expert Giger:Since 1945, the foreign policy of the United States has always been to maintain hegemony at all costs in areas they consider strategic.

  Iranian political analyst Huszcza Shm:This is the embodiment of (American) hegemony. The United States doesn’t care about other countries at all, and it doesn’t care about the United Nations. It thinks it is superior to other countries, so it dares to bully, invade and plunder the people of other countries. The attitude and behavior of the United States in the past 20 years can explain the fact that the United States simply doesn’t care about the values it preaches, such as democracy, the rule of law, and counter-terrorism. The United States only uses these as tools.