Behind The US’s Use of Hacktivists Groups As Cover for Cyber Campaigns Targeting Brasil

As someone whom has covered hacking news and hacktivists quite heavily for the last 5 years now, I found many events which took place between the later half of 2018 and beginning of 2019 particularly interesting. For those of you whom might not have been paying attention, over this time period the country of Brasil came under heavy fire from seemingly every direction – with many local, state and federal political/Government agencies and organizations getting hacked/leaked.

However, as a hacking news journalists whom got many exclusives over this time period, what was particularly interesting to note were the people whom were behind at least some of these attacks. While some were Brasilians, such as Pryzraky, the longer all of the hacks went on, the more different groups began outing themselves as internationals – particularly Americans. Such as was the case of the group known as “Shadow Squad Hackers” whom were Americans and claimed they were targeting Brasil because they were “disgusting and dirty people.” They claimed they were targeting Brasil for know other reason that they “hate Brasil and Brasilians.” Many also claimed to the be former members of the US Department of Defense at the same time.

While those are just some examples, they were far from alone. As you can see by following the tag below, the number of new or previously unknown hacktivists groups targeting Brasil in 2018/2019 were almost too many to count.

Read More – Brasil Tag on Rogue Media: https://roguemedia.co/tag/brasil/

Why Is This Happening?

This is a two part answer. The first is the fact that Brasilian Government and political websites are far behind the rest of the world when it comes to sound cyber security practices. For example, the vast majority of hacks were all pulled off via SQL injection (SQLi) – because their website’s IT staff apparently doesn’t know how to block bad query strings. Upon further investigation, many political websites leave their login pages out in the open, on the front end landing page, making themselves an easy target for brute force attacks. Still even further, many of the smaller, local government websites don’t even utilize a Secured Socket Layer (SSL) – making them easier targets for DDoS attacks and defacement campaigns, of which there were many.

https://twitter.com/geekwiresec/status/1148940713167663106

However, the second reason is far more interesting – geopolitics. What you may not know is that Brasil is a member/signatory the the BRICS Alliance. Built by an international outreach campaign by Russian President Vladimir Putin over the years, what you should know is that BRICS is built on a long term economic/military strategy to lock the United States out of South Pacific and South Atlantic trading routes, opening up trade routes for developing countries and emerging economies – such as Brasil, Russia, India, China and South Africa (BRICS).

If you think about it logistically or tactically it makes sense, Brasil has potential for the largest economy in South America and sticks the furthest out into the South Atlantic, which gives them the best chance at controlling the South Atlantic and sealing out countries from doing business in those waters. South Africa, for example, can control the Cape of Good Hope – the only route for Western Countries to cross over the African continent and reach Eastern markets by sea. Moving further East, India could have full control over the Indian ocean and has already begun sealing out the US from shipping rubbage to their country. And still yet, further East, Russian and China have the military power necessary to completely lock out the US from reaching all Eastern countries if they really wanted – with an all out attack on Japan not withstanding (RIP).

With that established and with countless coverage of all the Brasilian attacks, along with interviews with each of the hackers and hacking groups behind the hacks, it is my firm belief that the United States Government was using “hacktivist” groups as a cover for the hacks of major political parties and Government websites across Brasil, as revenge for the Brasilians having signed new alliances with Vladimir Putin and the Russian Government. Moreover, do you believe that all of these cyber attacks targeting Brasil occurring over the same exact timeline of the US’s attacks against Venezuela were any coincidence?

It is my firm belief that the US Government used these groups and these tactics not only to expose information on the Brasilian Government and its members, but also to show them how weak their cyber security practices were. As we already know, the USA does also have a long and extensive history of “meddling” in South America as well. Many of these attacks were no different, they just didn’t have computers in the 60s and 70’s.

Read More – Declassified Documents from CIA Reveal US Political Interference Throughout South America During Cold War: https://roguemedia.co/2019/04/20/newly-declassified-documents-from-cia-depict-interesting-timeline-of-us-political-interference-meddling-in-south-america-throughout-the-cold-war/

97% of American Failed This Basic Cyber Security Test, Myself Included

For the first time in my life, I am actually a part of the majority. What I’m referring to are results from a new cyber security test launched by Google developers designed to see how well Americans are able to pick up on subtle security warnings/threats online. While I didn’t necessarily take the test seriously at the time and rushed through them just to see how it was structured, I did fail it nonetheless – despite writing extensive tutorials on phishing attacks, email security and website security. Maybe that explains why Rogue Security Labs doesn’t have a single customer, but who whom knows – right?

Conduced throughout the course of March 2019 and consisting of over 2,000 American adults over the age of 16, Google discovered that….

– Despite 55% of Americans saying they would grade themselves as A level experience in cyber security, 97% got at least one question wrong on a basic, six-question security test
48% of Americans say they would like to build their own websites in the future
45% say their websites would be designed around business, while 43% say their websites would be for hobby
– Only 20% of Americans have actually built a website at one point or another in the past
64% of internet users never realized they could be re-directed to a false website without their knowledge/consent simply by clicking on a link
42% of internet users didn’t realize there is a security difference between websites with http and https
29% of internet users have no idea what the “s” in https stands for, nevermind look for it

See Full Results & Take The Test: https://safe.page/survey

McAfee Exposes Critical Website Vulnerabilities In 20 Important US Swing States

Over the course of the last several weeks and months leading up the November 2018 Mid-Term Elections, McAfee, a US based anti-virus software provider, has been analyzing various Government website in several important “Swing States” and state counties across the country. More specifically, “McAfee surveyed the security measures of county websites in 20 states.” What researchers have found is that there is an alarmingly large number of Government run websites that remain unprotected by even some of the most basic and fundamental security measures, presenting an easy target for hackers ahead of important election dates.

Due to these critical vulnerabilities, in a blog post publishing their finding earlier this week, McAfee researchers were primarily concerned with 2 major issues. First, the spamming of unprotected email subscriber/voter registration lists tied to state owned websites allowing for phishing attacks to spread and second, the spoofing of websites, domain names and/or vulnerability to DNS poisoning attacks leading potential voters to fake or spoofed versions of state/election/Government websites.

Full Release from McAfee: https://securingtomorrow.mcafee.com/executive-perspectives/state-county-authorities-fail-at-midterm-election-internet-security/

To their surprise, what McAfee uncovered is that there is an unusually large number of of US Government websites not running on .gov Top Level Domains (TLD), instead using .com or .net. This is important to understand because .com domains are far less secure and much easier to obtain than .gov TLD’s, which require far more authentication/investigation to register. However, because of this, McAfee concludes that state employed website administrators simply didn’t want to go through the “hassle” or “red tap” to obtain .gov TLD’s – deliberately choosing to make their websites less secure for the sake of convenience. Moreover, according to McAfee‘s press release, “Our findings essentially revealed that there is no official U.S. governing body validating whether the majority of county websites are legitimately owned by actual legitimate county entities” – therefore making it easier for malicious actors to spoof or set up fake election web pages to fool the voting public.

For some perspective on this, McAfee notes how “Minnesota and Texas had the largest percentage of non-.gov domain names with 95.4% and 95% respectively.” Adding that “They were followed by Michigan (91.2%), New Hampshire (90%), Mississippi (86.6%) and Ohio (85.9%).” On the other end, “Arizona had the largest percentage of .gov domain names, but even this state could only confirm 66.7% of county sites as using the validated addresses.

On top of this, McAfee discovered that several state owned websites didn’t even utilize some of the simplest, most basic and easy to install security measures – such as SSL’s. This means that there are Government owned websites across different states that actively refuse to protect/encrypt any information their constituents enter onto them – something with is absolutely unacceptable in 2018, especially given all the state-wide voter registration data dumps throughout 2015/2016. For example, the study found that “Maine had the highest number of county websites protected by SSL,” but even then only 56.2% of them utilized one. On the other end of the spectrum, “West Virginia had the greatest number of websites lacking SSL security,” with approximately 92.6% of their sites lacking SSL certificates. This was followed by Texas (91%), Montana (90%), Mississippi (85.1%) and New Jersey (81%). Highlighting just how pathetic this is, most SSL certificates can be obtained for $2-$5 and come standard, for free, on most website hosting platforms.

Influencing the electorate through false communications is more practical, efficient and simpler than attempting to successfully hack into hundreds of thousands of voting machines. Such a scenario is much easier to execute than tampering with voting machines themselves,” notes McAfee CTO Steve Grobman. “Given how important the democratic process of voting is to our society and way of life, we must work to better secure these critical information systems.

Safe & Secure Voting Registration Websites To Utilize for November:

  1. Alabama
  2. Alaska
  3. Arizona
  4. Arkansas
  5. California
  6. Colorado
  7. Connecticut
  8. DC
  9. Delaware
  10. Florida
  11. Georgia
  12. Hawaii
  13. Idaho
  14. Illinois
  15. Indiana
  16. Iowa
  17. Kansas
  18. Kentucky
  19. Louisiana
  20. Maine
  21. Maryland
  22. Massachusetts
  23. Michigan
  24. Minnesota
  25. Missouri
  26. Montana
  27. Nebraska
  28. Nevada
  29. New Hampshire
  30. New Jersey
  31. New Mexico
  32. New York
  33. North Carolina
  34. North Dakota
  35. Ohio
  36. Oklahoma
  37. Oregon
  38. Pennsylvania
  39. Rhode Island
  40. South Carolina
  41. South Dakota
  42. Tennessee
  43. Texas
  44. Utah
  45. Vermont
  46. Virginia
  47. Washington
  48. West Virginia
  49. Wisconsin
  50. Wyoming