Author Archives: Lila

An Open Letter To The 9-11 Commission

Posted on by

From: Ian Henshall and others
Hove BN3 7NQ

To Sir John Chilcot, The Iraq Inquiry,
35 Great Smith Street, London SW1P 3BG
Your ref Alastair Seaton, IE0054

27 September 2010

Dear Sir John Chilcot,

Thank you for your recent letter in which you state:

“Thank you for your further letter of 27 July, in which you urge the Committee to challenge the conclusion that the 911 bombings were perpetrated by Al Qaeda. The attribution of responsibility for the 9/11 bombings is out with the terms of reference for this Inquiry, except insofar as it impacts on the UK’s involvement in Iraq. We are nevertheless very grateful for the information and sources of further information provided in your letter and hope you will continue to follow the Inquiry’s progress on our website.”

We welcome your agreement that the attribution of responsibility for 9/11 is relevant insofar as it impacts the UK’s involvement in Iraq. Blair made clear that 9/11 was indeed a major factor in the invasion of Iraq while the official paper trail shows that the attribution of responsibility, which includes the failure to prevent the 9/11 attacks, is murkier than first appeared.

It is noteworthy that your terms of reference start in summer 2001 when, we now know, warnings of  the 9/11 attacks were flooding into Washington.

1. BLAIR’S EVIDENCE AND THE QUESTIONS IT RAISES

In case there can be any doubt as to the central role of the 9/11 attacks in the decision to invade Iraq, please recall that Blair made his “shoulder to shoulder” speech in the weeks after 9/11 and as we now know decided effectively to subordinate UK foreign policy to the Bush White House at that time. As he explained to you very clearly and repeatedly in his testimony, 9/11 was a major factor in the decision to invade Iraq because it changed the “calculus of risk”. This confirms what commentators across the political spectrum have been saying: that the invasion of Iraq was made politically possible by 9/11.

Assuming Al Qaeda carried out the attacks independently of any other organisation, an extremely important question remains: how were the attacks able to succeed and hence to change the “calculus of risk”?

2. DANGER OF PUBLIC DISSATISFACTION IF WASHINGTON’S EXPLANATION NOT EXAMINED

We accept it is not up to your Inquiry to determine what happened on 9/11, but we contend the public will not be satisfied unless you examine whether the explanation of the causes, offered to London by Washington, of this massive US defence failure was reliable. Given the anger that now exists in many quarters over the weapons of mass destruction allegations and the “dodgy dossiers” in the run-up to the Iraq invasion, we submit that the public will expect you to look into this with great concern and investigate whether the official 9/11 story is wrong, self-exculpatory, misleading, or simply not adequately substantiated.  If Washington’s explanation is unreliable we contend your report should state that further investigation is needed.

3. MISLEADING MEDIA REPORTS AND OFFICIAL STATEMENTS

A review of the media reports at the time confirms that the initial 9/11 account was indeed seriously wrong and that this is the version on which Tony Blair seems to have based his decision making. Politicians and commentators said that Al Qaeda succeeded in this unprecedented, audacious and well-planned attack because they had immense resources and, in the words of Condoleeza Rice, that in the US government “nobody could imagine” that such an attack might occur. Blair made similar comments.

However we now know that the main features of the 9/11 attacks had all been built into various Pentagon war games in the months before 9/11, that Rice had ignored multiple warnings from top officials and foreign governments, and that the failure of the CIA to co-operate with FBI investigations into the presumed 9/11 hijackers was a major factor in the success of the attacks. The 9/11 Commission chair said at one point that the attacks “could and should” have been prevented. There is much further evidence to support this view. It may be noteworthy too that the CIA’s Inspector General later gave George Tenet, CIA director at the time, a severe reprimand over 9/11 on grounds that remain secret.

4. INADEQUACY OF INFORMATION SUPPLIED TO LONDON

If you agree with the consensus view now, that failings of the US authorities, glossed over at the time, were a significant factor in the success of  the 9/11 attacks, and if London was trusting information supplied by Washington rather than carrying out their own checks, this has a major bearing on the UK decision to invade Iraq.

It would mean that the alternative policy to war was not properly evaluated. This would have been to avoid launching the invasions, deal with terrorism in the ways that had always been followed up to then, and deal with the causes of the intelligence failings at home.

5. WAS 9/11 ADEQUATELY INVESTIGATED PRIOR TO WAR?

We are not asking you to mount an entirely new investigation into the 9/11 attacks, but we hope you will agree that judgment by media acclamation and White House press release is not a sufficient basis to launch two wars. Therefore we submit that you should note in your final report that the 9/11 attacks have never been fully investigated by a well resourced and independent body prepared to consider a range of ideas on what the full story might be. Many people in the US, including many of the bereaved and members of the 9/11 Commission itself, emphasize the lack of a thorough investigation. The 9/11 Commission was starved of funds, given a very tight timescale and was refused access to key evidence. See note below for some more failings of the 9/11 Commission. The promised trial of alleged ringleader Khalid Sheikh Mohammed, the only person ever indicted for a central role in the 9/11 attacks, seems to have been postponed indefinitely.

6. NEED FOR A NEW INVESTIGATION

A new 9/11 investigation, and particularly a sharing of the mountain of still secret evidence with the public, is all the more important in the light of the many details which still have not been satisfactorily explained. For instance there is so far no official explanation for the recent discovery by associate Professor Niels Harrit of uncombusted high energy artificial nanothermite particles in the dust at Ground Zero, which indicate the possibility that the collapse of the buildings was some sort of a controlled demolition which could explain the rapid and symmetrical downward collapse of the three (sic) multistorey WTC buildings. Official sources insist the collapses all happened spontaneously in a way unforeseen by any expert before the event, but independent experts have not been given access to the evidence or the computer models which government scientists rely on. Hundreds of architects, engineers and demolition experts have spoken out publicly calling for a new investigation.

Another reason for a further investigation is that the 9/11 Commission discovered the CIA had a top secret 80 strong Osama Bin Laden unit working on projects in the months before 9/11. This contrasts with the explanation proffered by many politicians and commentators that Washington had lost interest in Afghanistan. The CIA reportedly refused to talk to the 9/11 Commission about vast areas of what the OBL unit was up to.

Similarly no details have been given of the Pentagon’s anti-hijack exercise running, apparently by sheer coincidence, at the exact time of the 9/11 attacks and which we now know interfered with the response from air traffic control and the Pentagon. Even the flight manifests for the hijacked planes are still secret.

7. QUESTIONS THAT NEED TO BE ASKED

As well as the more general recommendations mentioned above concerning the preventabilty of the 9/11 attacks and the failure to investigate the whole affair in any depth, we submit that you should ask some specific questions to Tony Blair. Before he gave his almost unconditional support to the Bush White House, did he task MI6 or any other UK agency to make an independent assessment of the 9/11 attacks, of who was behind them, and of how they came to be carried out so successfully? Did anyone mention to him that the Oklahoma bomb was at first wrongly blamed by Washington on Islamic extremists? Did he and his advisors discuss the possibility the attacks were successful as a result of failings in the US? Did they inquire if 9/11 resulted, as now seems possible, from a CIA sting operation gone wrong?

8. WHAT WE CAN OFFER

Finally we submit that you should take adequate evidence from us and make appropriate recommendations in your report, not only because the decision to invade Iraq is at the heart of your inquiry but also out of respect for the rights of the bereaved and other victims of many nationalities in both the 9/11 attacks and the subsequent wars in Afghanistan and Iraq.

Please take public testimony from Paul Warburton on the general legal issues, Niels Harrit on the nanothermite at the World Trade Centre, and Ian Henshall for an overview on how the official 9/11 story has changed and whether it is reliable. Other experts could probably be made available including retired FBI and CIA officers.

Ian Henshall (co-ordinator Reinvestigate 911, author 911 The New Evidence)
Paul Warburton (barrister)
Niels Harrit (associate professor of Chemistry University of Copenhagen, nanotechnology specialist)
Noel Glynn (Convenor Quakers for Truth on Terrorism)

NOTE

The only official attempts to investigate 9/11 were the FBI probe that was ended prematurely and run by Bush appointee Michael Chertoff (later Homeland security chief in charge of the Hurricane Katrina disaster), and the 9/11 Commission. The latter was severely underfunded, short of time, and stuffed with Washington insiders. It never considered any scenario other than the official story. Its executive Director Phillip Zelikow was caught reporting regularly in secret to the White House, while Senator Max Cleland resigned angrily denouncing the process as a whitewash. Later the chief investigator John Farmer wrote that there was an agreement in the White House or the Pentagon to lie to investigators. The Commission failed to clarify the role of the CIA’s top secret Osama Bin Laden unit and its refusal to pass on important information to the FBI prior to the attacks. It failed to investigate the collapse of the three World Trade Center buildings one of which was not struck by a plane and which we now know fell at free fall speed. For the chaos and manipulation of the 911 Commission by Zelikow and the Bush White House, see the book The Commission by Phil Shenon the New York Times specialist on the subject.

————————————————————————————————–
“9/11 THE NEW EVIDENCE”
pub Sept 2007 Constable (UK) ISBN 978-1-84529-514-1
http://www.amazon.co.uk/11-New-Evidence-Ian-Henshall/dp/1845295145/

“9/11 Revealed: The New Evidence”
pub Oct 2007 Carroll & Graf (US) ISBN-10: 0786720417
http://www.amazon.com/9-11-Revealed-New-Evidence/dp/0786720417/

Ian Henshall is also proprietor of Coffee Plant ( www.coffee.uk.com)
and chair of INK, trade organisation for UK alternative print media (www.ink.uk.com)
Ian Henshall’s email is crisisnewsletter@pro-net.co.uk

Peace Is More Than The Absence Of War

Posted on by

“I propose to return to Gandhi’s wisdom. It is impossible to move masses of people without a vision. Peace is not just an absence of hostilities, not the product of a labyrinth of walls and fences. Neither is it a utopia of “the wolf dwelling with the lamb”. It is a real state of reconciliation, of partnership between peoples and between human beings, who respect each other, who are ready to satisfy each other’s interests, to trade with each other, to create social relationships and – who knows – here and there even to like each other.”

–   Uri Avery

Millionaire Bums…JOIN THEM! (Updated)

Posted on by

Update

On waking up this morning, I rethink this post.  True, the people below aren’t people I’d normally want to emulate. But these aren’t normal times.  So the right reaction to this is yes, but what else do you expect? Can’t expect people to leave all the legal looting to the government…

The Atlantic

“If you were making $1 million per year or more, but lost your job, would you file an unemployment claim? Nearly 3,000 American millionaires would have answered “yes” to this question in 2008, according to an article by Ryan J. Donmoyer at Bloomberg. IRS data shows that a whopping 2,840 households earning at least $1 million in 2008 also filed for government unemployment payments that year. There are two sort of immediate questions that arise from this fact: what were they thinking, and should this be allowed?”

What They Were Thinking?

To non-millionaires it might seem absurd that people who had such a staggering income recently would turn to the government for help after losing their jobs. But it shouldn’t. First, most wealthy people didn’t become that way by accident. They tend to be pretty savvy about money. So if the law entitles them to collect unemployment when laid off, then they aren’t the type to turn down free money. Only a fool would do that.”

My Comment:

If it’s foolish for millionaires to turn down government benefits, I suppose it’s insane for school teachers to.

Ah. And I thought there was something about honor in it.  Silly me. Time to make a trip to the government trough and see what I’m due for.

Well, it only confirms what I’ve said before.

Except for the rural poor and some pockets of ghetto poverty, except for children, the elderly, the sick, and some unfortunates, the rest of the people who are on the dole now are there because they aren’t willing to work at the part-time jobs out there, they’re not willing to make do with makeshift work.  and they’re not willing to change their spendthrift ways. The more they’re given, the more they’ll take.

[I rethought this. I think anger at abuse of the system shouldn’t make us forget that people really are suffering].

The Extremists Who Founded America….

Posted on by

Right Wing Extremists: Saving America Since 1776

With the 233rd Independence Day celebration on it’s way in America, we thought it would be a good idea to honor the radical extremists that founded this country.
Now, it might be true that calling Washington, Jefferson, and Franklin “right wing” is a bit historically questionable within the original context of the old Left-Right paradigm laid out in the French Assembly in the late 18th Century. We understand that technically the founders had more in common with what would historically be deemed the “left” than anything. ……”

Joe Sobran On Christianity and History

Posted on by

The great conservative writer Joseph Sobran passed away on Sept. 30 2010.

I republish here one of his many fine essays on religion and culture, “Christianity and History,” Dec. 2. 2008:

Ignorance is often hidden behind an urbane surface. Many otherwise educated people lack the most elementary understanding of certain subjects. One of these is religion.

When I was an aspiring Shakespeare scholar during my college days, I was surprised to find that most commentators on Hamlet missed the play’s religious aspect. Prince Hamlet is evidently a Catholic, but he has been a student at Wittenberg, home of the Reformation. He puns on the Diet of Worms. His father’s ghost laments that he was murdered without a chance to receive the sacraments, a fact Hamlet recalls when he hesitates to kill his uncle at prayer; Hamlet later sends two former friends to their deaths without confession. Ophelia, an apparent suicide, is given a Christian burial, to the scandal of her gravediggers.

None of this would have been lost on the ordinary Elizabethan playgoer. Whether the ghost comes from purgatory or hell, whether the old sacraments are efficacious, whether Ophelia is damned — these are questions that would have occurred to everyone in the audience, Catholic, Anglican, or Protestant. Modern scholars consign them to footnotes. But Elizabethans would have agreed with the Anglican Samuel Johnson (writing two centuries later) that Hamlet has descended to a diabolical level by seeking the damnation of his enemies.

Public discussion of three current topics shows how ignorant most Americans have become about religious questions that would have electrified their ancestors. Pope Pius XII and Patrick Buchanan were accused of pro-Hitler sympathies because their critics didn’t realize that Communist persecution of Christians would take precedence, for them, over all other considerations. And in New York, a tax-supported art show stirred controversy because it featured a blasphemous picture of the Virgin Mary, splattered with elephant dung; for liberals, as usual, the only issue at stake was “artistic expression.”

The great vice of liberal thinking is its failure of imagination with respect to Christians. For all their preaching of “sensitivity” and “multiculturalism,” they are belligerently ignorant of Christian culture and Christians’ feelings. In fact they seem to think that there is something specially “artistic” about offending Christians. Offending blacks, Jews, feminists, or homosexuals is “insensitive,” while offending Christians is “irreverent” — a word that has come to suggest a rather cute sassiness.

Yet the whole history of Western Civilization is rooted in religion. Unless you understand Judaism, Catholicism, and Protestantism, along with the rise of Islam, you don’t understand the events that shaped the modern world. The issues of the Reformation were still alive when the United States was founded, when slavery was debated, when the Civil War tore the country apart, when Prohibition was adopted, when Joe McCarthy assailed “godless Communism,” when John Kennedy became the first Catholic American president.

The Christian Right is closer to its own historic roots than most Americans, yet the media and the history textbooks treat it as a marginal, virtually un-American movement. This isn’t “multicultural”; it’s anti-cultural. It refuses to take America’s real origins seriously, adopting the Supreme Court’s shallow and ahistorical interpretation of the separation of church and state.

Liberal diatribes against “McCarthyism” leave out the crucial fact that American Christians felt deeply betrayed by the outcome of World War II, when our “Soviet ally” won control of a huge section of Christian Europe, just as Pius XII had feared it would. The war began when the Soviets and Germans had invaded Catholic Poland; it ended with Roosevelt’s turning Poland over to “Uncle Joe” Stalin’s tender mercies. It took the leadership of a Polish Pope, John Paul II, to win back Poland’s freedom.

Yet the young pass through our entire educational system without being taught what the Christian perspective was, and is, or how it has shaped the great events of history. Few of them know that many of the authors of the Constitution were clergymen; fewer still realize that the separation of church and state applied only to the federal government, not to the states. (The First Amendment says that “Congress shall make no law respecting an establishment of religion,” leaving the states free to do so.)

Like Soviet history, American history has been rewritten, with inconvenient facts deleted. In both countries, the “progressive” forces have subverted their subjects’ sense of the past.”

Stuxnet: A Chronology (Ongoing)

Posted on by

October 2, 2010

The NY Times now backtracks, claiming that Israeli cyber warfare experts are “too smart” to leave a clue behind. Thus..by inference…it must be a country that wants to implicate Israel, which..by inference…is Iran (surprise).  Too clever by half, these folks. Another reason I believe Israel or an Israeli-backed team is behind Stuxnet is the fact that Wikileaks apparently had a reference to a possible nuclear “accident” in Iran in July 2009. That is around the time when some researchers argue Stuxnet infections first began.

October 2, 2010

Jeffrey Carr backs off from the allegation that Israel is the culprit, claiming that Ralph Langner was the sole source of the allegation and was irresponsible in posting it on his blog as though it were the opinion of the intelligence community. Carr quotes an earlier piece of his, along with these words:

“Last week I wrote about how the Israel-Iran conspiracy theory around the Stuxnet worm was built entirely on one security engineer’s personal conjecture (Ralph Langner) with absolutely no weighing of alternative possibilities for attribution, nor any objective assessment of the evidence.”

However, if you click on the earlier piece he cites, he wrote nothing of the sort in it. Nowhere in that piece did Carr claim that Langner was the sole source of the allegation; he quotes the NY Times as noting several people who’d reached the same conclusion. Also, there is no hint in the piece that he considered Langner’s allegation speculative or poorly founded. He cited it instead as a likely possibility. This is clear back-pedaling, probably provoked by the fear that the story might lead to a crackdown on Iranian dissidents and foreigners. Well, of course it will. But that’s not the fault of journalists reporting on the story. Or of Ralph Langner, who clearly states on his blog that he is “speculating” (see previous link).

The fault lies with the unknown cybercriminal/s who came up with Stuxnet.

“Stuxnet Speculation Fuels Crackdown By Iranian Intelligence,” Jeffrey Carr, The Firewall, Forbes, October 2, 2010/

*October 1, 2010

[See “Clues Emerge About Genesis Of Stuxnet Worm,” CS Monitor, October 1, 2010]

*October 1, 2010

[“Israel: Smart Enough To Create Stuxnet; Stupid Enough To Use It” War In Context, Oct. 1, 2010]

*October 1, 2010

Cryptome is arguing that Israel would never have done anything so sloppy as what’s alleged. Could it be that some group is deliberately playing off one side against the other, that is, playing divide-and-conquer? Or is this more “plausible deniability”?

On looking back, I notice that one of the first people to launch the “Israel did it” allegation is one Richard Falkenrath, who works for the Chertoff Group (my emphasis).

That makes me wonder.

Here’s Cryptome:

“Really? Personally I’d be surprised if a crack team of Israeli software engineers were so sloppy that they relied on outdated rootkit technology (e.g. hooking the Nt*() calls used by Kernel32.LoadLibrary() and using UPX to pack code). Most of the Israeli developers I’ve met are pretty sharp. Just ask Erez Metula.

http://www.blackhat.com/presentations/bh-usa-09/METULA/BHUSA09-Metula-ManagedCodeRootkits-
PAPER.pdf

“It may be that the “myrtus” string from the recovered Stuxnet file path

“b:\myrtus\src\objfre_w2k_x86\i386\guava.pdb” stands for “My-RTUs”

as in Remote Terminal Unit. See the following white paper from Motorola, it examines RTUs and PICs in SCADA systems. Who knows? The guava-myrtus connection may actually hold water.

http://www.motorola.com/web/Business/Products/SCADA%20Products/_Documents/Static%20Files/SCADA_
Sys_Wht_Ppr-2a_New.pdf

As you can see, the media’s propaganda machine is alive and well.”

I am completely out of my depth in the technical part of this. But not in the propaganda part.

As an instance of the way group conflicts can be set off, think of how during the financial crisis there were an inordinate number of Indians being trotted out to do the explaining…and taking the brunt of the public’s anger, although last I looked, despite a respectable number of Indian billionaires, the head honchos of the major banks (with one exception) and the biggest and most important speculators, managers, and  international officials were not Indian, to phrase it as politely as possible.

Setting race and nation each against other is of course the modus operandi of the power elite, and both Kashmir and Israel have played that divisive role in the past….and continue to do so.

*October 1, 2010

A link to an Examiner piece is coming up right at the top of a Google search of Stuxnet and Israel. With all due respect to the author, who probably thinks he/she is on the side of the angels and simply preempting an outburst of anti-Semitism by this effort, the piece is quite misleading….and, apparently, deliberately so, as an examination of the other links listed here, from a variety of  sources in the West (see this NY Times pieces) will prove.

For instance, the Examiner piece doesn’t cite the reports from many western security companies and research teams (see links below) that have extensively researched the issue, nor does it acknowledge that it was these sites that first advanced the claim that Israel/Israeli hackers were likely responsible. Instead, it cites a Times of India piece that republishes the claims.

The attempt, apparently, is to mislead the public into thinking that the allegation of Israeli involvement is one mainly advanced by untrustworthy foreigners with axes to grind (note the description “Iran’s friend, India”).

“Another of Iran’s friends, India, is pushing the notion that Israel did it. According to an http://timesofindia.indiatimes.com on Friday, “A Biblical reference has been detected in the code of the computer virus that points to Israel as the origin of the cyber attack.” It’s further explained that the word “myrtus” is in the code, and that this is a “reference to the myrtle tree”

In point of fact, it was western security companies and western researchers who came to that conclusion.  Moreover, the targets of the worm fit very well with Anglo-Zionist imperial objectives – covering as they do the largest Muslim populations in Asia.

[See “German Firm Employee May Have Created Stuxnet; Israel Blames.” Examiner.com, October 1, 2010

*September 30, 2010

Quote:

“Buried in Stuxnet’s code is a marker with the digits “19790509” that the researchers believe is a “do-not infect” indicator. If the marker equals that value, Stuxnet stops in its tracks, and does not infect the targeted PC. The researchers — Nicolas Falliere, Liam O Murchu and Eric Chen — speculated that the marker represents a date: May 9, 1979. While on May 9, 1979, a variety of historical events occurred, according to WikipediaHabib Elghanian was executed by a firing squad in Tehran sending shock waves through the closely knit Iranian Jewish community,” the researchers wrote. Elghanian, a prominent Jewish-Iranian businessman, was charged with spying for Israel by the then-new revolutionary government of Iran, and executed May 9, 1979.”

Quote:

“Last weekend, Iranian officials confirmed that tens of thousands of PCs in their country had been infected by Stuxnet, including some used at a nuclear power plant in southwestern Iran that’s planned to go online next month. The Symantec researchers also revealed a host of other Stuxnet details in their paper, including a “kill date” of June 24, 2012, after which the worm will refuse to execute.”

[See “Stuxnet Code Hints At Possible Israeli Origin, Researchers Say,” by Gregg Keizer, Symantec, Sept. 30, 2010]

*September 30, 2010

Symantec puts out a dossier of information on Stuxnet that includes the following:- attack scenario and timeline, infection statistics, malware architecture, description of all the exported routines, injection techniques and anti-AV, the RPC component, propagation methods, command and control feature, and the PLC infector.

Eric Chien summarizes findings about the worm:

“Only more recently did the general public realize Stuxnet’s ultimate goal was to sabotage an industrial control system.

Analyzing Stuxnet has been one of the most challenging issues we have worked on. The code is sophisticated, incredibly large, required numerous experts in different fields, and mostly bug-free, which is rare for your average piece of malware. Stuxnet is clearly not average. We estimate the core team was five to ten people and they developed Stuxnet over six months. The development was in all likelihood highly organized and thus this estimate doesn’t include the quality assurance and management resources needed to organize the development as well as a probable host of other resources required, such as people to setup test systems to mirror the target environment and maintain the command and control server.”

[See W32.Stuxnet Dossier, Eric Chien, Sept. 30, 2010]

*September 25, 2010

Quote:

The director of the Information Technology Council of the Industries and Mines Ministry has announced that the IP addresses of 30,000 industrial computer systems infected by this malware have been detected, the Mehr New Agency reported on Saturday. An electronic war has been launched against Iran,” Mahmoud Liaii added.“This computer worm is designed to transfer data about production lines from our industrial plants to (locations) outside of the country,” he said.

[See “Iran Successfully Battling Cyber Attack,” Mehr News, Sept. 25, 2010]

*September 24, 2010

A piece in the Guardian suggests that a government agency is most likely behind the worm but warns against leaping to conclusions. It notes that many hackers/criminals might have become sophisticated enough to create a worm of this type. The piece notes that attacks against Iran have increased and that the identification of the worm was originally made by a Belarus security firm for an Iranian client and that Iran had been experiencing problems with their nuclear facility at Bushehr for months. It notes that the worm uses a stolen cryptographic key from the Taiwanese semiconductor manufacturer Realtek.

[See “Stuxnet Worm Is The Work Of A National Government Agency,” Josh Halliday, Guardian, Sept. 24, 2010]

“Stuxnet: The Trinity Test Of Cyberwarfare,” War In Context, Sept. 23, 2010

*September 16, 2010

Symantec researchers say that Stuxnet had to be created by a state, because it was the most devious and sophisticated malware they’d come across.

Quote:

“I don’t think it was a private group,” said O Murchu. “They weren’t just after information, so a competitor is out. They wanted to reprogram the PLCs and operate the machinery in a way unintended by the real operators. That points to something more than industrial espionage.”

The necessary resources, and the money to finance the attack, puts it out the realm of a private hacking team, O Murchu said.

“This threat was specifically targeting Iran,” he continued. “It’s unique in that it was able to control machinery in the real world.”

“All the different circumstances, from the multiple zero-days to stolen certificates to its distribution, the most plausible scenario is a nation-state-backed group,” said Schouwenberg, who acknowledged that some people might think he was wearing a tin foil hat when he says such things. But the fact that Iran was the No. 1 target is telling.”

[See “Is Stuxnet the Best Malware Ever?” Gregg Keizer, Symantec Security Response, Sept. 16, 2010]

*September 13, 2010

German computer security research Ralph Langner speculates that Stuxnet is part of cyberwar:

Ralph’s theory — completely speculative from here

“It is hard to ignore the fact that the highest number of infections seems to be in Iran. Can we think of any reasonable target that would match the scenario? Yes, we can. Look at the Iranian nuclear program. Strange — they are presently having some technical difficulties down there in Bushehr. There also seem to be indications that the people in Bushehr don’t seem to be overly concerned about cyber security. When I saw this screenshot last year (http://www.upi.com/News_Photos/Features/The-Nuclear-Issue-in-Iran/1581/2/) I thought, these guys seem to be begging to be attacked. If the picture is authentic, which I have no means of verifying, it suggests that approximately one and a half year before scheduled going operational of a nuke plant they’re playing around with software that is not properly licensed and configured. I have never seen anything like that even in the smallest cookie plant. The pure fact that the relevant authorities did not seem to make efforts to get this off the web suggests to me that they don’t understand (and therefore don’t worry about) the deeper message that this tells.

Now you may ask, what about the many other infections in India, Indonesia, Pakistan etc. Strange for such a directed attack. Than, on the other hand, probably not. Check who comissions the Bushehr plant. It’s a Russian integrator that also has business in some of the countries where we see high infection rates. What we also see is that this company too doesn’t seem to be overly concerned about IT security. As I am writing this, they’re having a compromised web site (http://www.atomstroyexport.com/index-e.htm) that tries to download stuff from a malware site that had been shut down more than two years ago (www.bubamubaches.info). So we’re talking about a company in nukes that seems to be running a compromised web presence for over two years? Strange.
I could give some other hints that have a smell for me but I think other researchers may be able to do a much better job on checking the validity of all this completely non-technical stuff. The one last bit of information that makes some sense for me is the clue that the attackers left in the code, as the fellows from Symantec pointed out — use your own imagination because you will think I’m completely nuts when I tell you my idea.

Welcome to cyberwar.”

[See “Stuxnet is a directed attack: hack of the century,” Ralph Langner]

*September 8, 2010

German computer security expert Ralph Langner writes to a friend:

Historical document: Ralph informs Joe Weiss what Stuxnet is. Note the date of the email.

*July 22, 2010

Symantec analyzed W32.Stuxnet as a worm that uses a  hitherto unknown Windows bug to attack and then searches the target for SCADA systems and design documents. SCADA is a network used to control utilities, transportation and other critical infrastructure. The worm then contacted Command &Control servers that control the infected machines and retrieved the stolen information. The servers were located in Malaysia and Symantec redirected traffic away from them to prevent the take-over of the information.

Within a 72 hours period Symantec identified close to 14,000 IP addresses infected with W32.Stuxnet trying to contact the C&C server. 58.85 % came from Iran, with the rest coming from Indonesia (18.22%), India (8.31%), with the Azerbaijan, US, and Pakistan making up the other affected countries, with under 2% each (this information is also provided at the Microsoft website).

[See Symantec Security Response,W32.Stuxnet – Network Information, Vikram Thakur, July 22, 2010]

*July 21, 2010

Quote:

“The zero-day vulnerability, rootkit, main binaries, stolen digital certificates, and in-depth knowledge of SCADA software are all high-quality attack assets. The combination of these factors makes this threat extremely rare, if not completely novel.

Quote:

The complexity and quality of the attack assets lead some to believe only a state would have the resources to conduct such an attack. However, the usage of the second digital certificate is a bit odd. One could make the case that once the first attack succeeded, a state would take cover and not waste the second digital certificate. Instead, by signing a very similar binary, security companies were immediately able to detect the second stolen certificate, making it useless in further compromises…..

Quote:

.. Hackers bound by a common cause may target another country, organization, or company that they feel are their enemies. Such hacking groups often have the patience and expertise to gather such attack assets. Further, their goals of continued attack may lead them to continue to refine their attack as they are thwarted or discovered, such as resigning their driver files with a newly stolen digital certificate, modifying their binaries to avoid security product detection, and moving their command-and-control hosts as they are decommissioned…..

Quote:

…..This scenario [terrorism] is like something out of movie and, while for most attacks we’d immediately dismiss this as a possibility, given the amount and quality of the attack assets, terrorism even seems within the realms of possibility in this case.

[See “The Hackers Behind Stuxnet” by Patrick Fitzgerald, Symantec Security Response,  July 21, 2010]

*July 17, 2010

Researchers find that Stuxnet targets industrial control systems of the kind that control manufacturing and utility companies. It targets Siemens management software called Simatic WinCC, which runs on the Windows operating system.

The systems that run the Siemens software, called SCADA (supervisory control and data acquisition) systems, aren’t usually connected to the Internet, but the virus spreads when an infected USB stick is inserted. If it detects the Siemens software, the virus logs in using a default password.

[See “New Virus Targets Industrial Secrets,” Robert McMillan, Computer World, July 17, 2010]

*July 16, 2010

Symantec starts a blog series on the Stuxnet infection that continues through the summer and into September

[See also Microsoft Security Advisory, July 16, 2010 and Krebson Security, July 16, 2010]

*July 7, 2010

Stuxnet could well have caused the glitch in the solar panels of India’s Insat-4B satellite on July 7, 2010. That led to the shutting down of 12 out of 24 of the transponders and 70% of the customers dependent on Direct to Home (DTH) including those using Doordarshan (Indian TV), Sun TV and Tata’s VSNL. The customers were redirected to point to the Chinese satellite  ASIASAT-5, owned and operated by Asia Satellite Telecommunications Co., Ltd (AsiaSat) whose two main shareholders are General Electric (GE) and China International Trust and Investment Co. (CITIC), a state-owned company

[See “Did The Stuxnet Worm Kill India’s INSAT-4B Satellite?” by Jeffrey Carr, The Firewall, Forbes.com, Sept. 29, 2010]

*June 16, 2010

Symantec Security Response Team begins its investigation into the Stuxnet worm. The first sample dates from June 2010, but the team believes the worm dates back a year, or maybe even earlier.

*June 2010

The malware is first identified by a Belarus security company, Virusblokada, for its Iranian client.

[See Symantec Security Response, webpage, Sept 30, 2010]

*January 2010

Stuxnet infection begins, according to Symantec

*July 2009

Stuxnet infection begins, according to to Kasperksy

Rahm Goes Back To Chicago..

Posted on by

Rahm Emanuel is being  reported as stepping down as White House Chief of Staff tomorrow.  Two close associates said that Emmanuel would be making an announcement over the weekend that he would be making a bid for Mayor of Chicago, now that Mayor Richard Daley will not be seeking reelection.

A piece at Slate sums up the reactions from the establishment and the “professional left.” To the former and to the media, Emanuel was a “fixer” who made things work. To such outlets as Daily Kos he was a Rasputin who sabotaged the progressive agenda.

But with no Rahm around, it’s not clear whom the left will have to blame for the failures of this administration.

Benazir Bhutto And The Accidental Death Of Ron Brown

Posted on by

Jack Cashill on the death of former Commerce Secretary Ron Brown and its connection to a BCCI official and extraordinary corruption at the highest levels of the Pakistani and the US government.

“The story begins in 1987, when Benzahir Bhutto, the eldest daughter of a former Pakistani prime minister, married a polo-playing idler by the name of Asif Ali Zardari.

Educated at Harvard and Oxford, the pretend populist Bhutto denounced the greed she saw around her, especially the “avaricious politicians” who were destroying her country.

Among the greediest was the nation’s strongman ruler, Gen. Mohammed Zia ul-Haq, who was not about to share what he had so brutally acquired.

Eight months after Bhutto’s marriage to Zardari, however, Zia died in what The New York Times called “a mysterious plane crash.” This unexpected tragedy, added the Times, “opened the way for Bhutto to win a narrow election victory.”

Although there were no subsequent arrests, few in Pakistan believe this crash to have been an accident.

Bhutto’s new husband, Zardari, quickly proved to be more avaricious a politician than Zia. His conspicuous gift for extortion as Bhutto’s Minister for Investment earned him the honorific “Mr. Ten Percent.”

In 1990, Zardari allegedly attached a bomb to a Pakistani businessman and forced him to withdraw money from his bank account. He was arrested for blackmail and convicted.

Largely because of Zardari, the President of Pakistan dismissed Bhutto in August 1990 for corruption and inability to maintain law and order. In 1993, however, Bhutto was elected Prime Minister once again, and Zardari’s conviction was overturned.

Brown likely met Bhutto and Zardari for the first time in South Africa in May 1994, where all three had gone to witness the inauguration of Nelson Mandela as the country’s first black president.

At about this same time, back in Washington, according to Dresch, Brown made the acquaintance of a Bhutto protegee, Pakistani’s new ambassador, the glamorous Maleeha Lodhi.

With a Ph.D. in politics from the London School of Economics and her movie star looks, Lodhi, a single mom, took Brown and Washington by storm.

In November 1994, although Pakistan already had an official lobbyist, Lodhi chose to give some of her business to Patton Boggs, Brown’s former employer.

Signing the contract for Patton Boggs was none other than Lanny Davis, a partner who would soon earn his fifteen minutes of fame by flakking on nightly cable shows for Clinton during the Monica fiasco.

Lodhi and her lobbyists had one overriding mission: to kill or suppress the so-called Pressler amendment and close the books on a deal for American F-16 fighter bombers that had been initiated years before.

In brief, the amendment declared that no American military or technology aid could go to Pakistan unless it would “reduce significantly the risk that Pakistan will possess a nuclear explosive device.”

Pakistan was understandably miffed that George Bush applied the amendment in 1990 after Pakistan had already paid General Dynamics $658 million for 28 F-16s.

Amer Lodhi, Maleeha’s brother, saw an opportunity in the F-16 imbroglio. A former executive with the infamously corrupt Bank of Commerce and Credit International (BCCI), Amer got to know Brown through his sister. When in D.C., Zardari joined the party.

Inevitably, Amer Lodhi and Zardari came up with a scheme. Not surprisingly, it involved the always pliable Brown. Brown was to use his influence not to secure the F-16s, but to get Pakistan its money back.

Incredibly, Zardari and Amer Lohdi planned to pocket at least $400 million of the returned money minus an 8%, or $32 million, cut for Brown. For Brown, this was to be the mother of all insider deals.

Although Brown’s pull was scarcely worth $32 million, the Pakistani investment in Brown had an insidious intelligence about it. By involving Brown the Pakistanis were by extension implicating the White House in their scheme.

With the 1996 election at stake, exposure could damage the Clinton administration almost as much it would Bhutto’s. The best way to avoid exposure would be to keep Bhutto in power. If push came to shove, everyone would have an interest in doing just that..”

Read the entire article at the website of Jack Cashill.