Protecting Your Online Communications There is going to be a boom in counterintelligence. With the advent of the NSA and other intel agencies overstepping their bounds the American people are going to change their motivations. The online presence of each individual is continuously growing. This means that security in the online world is becoming just …
WASHINGTON — Internet service providers will be able to store your browsing history and sell that data to advertisers and others under a bill that passed the U.S. House of Representatives Tuesday.
The House bill, passed 215-205, gives the Trump administration power to block Obama-era Federal Communications Commission (FCC) rules that were written, in part, to prevent companies from tracking and selling browsing history. The bill already passed the Senate.
President Trump intends to sign the bill, which is known as the Congressional Review Act (CRA) and is designed to keep the Obama-era rules from taking effect, The Guardian reported. Blocking the rules will allow companies like Verizon to sell advertising (based off consumers’ browsing history) in competition with Google and Facebook.
The FCC, during the Obama administration, had introduced a set of rules, the Broadband Consumer Privacy Proposal, which would have required broadband providers to get permission from customers before tracking them and selling the data.
“Give me one good reason why Comcast should know what my mother’s medical problems are,” said U.S. Representative Michael Capuano, a Democrat. “Just last week I bought underwear on the Internet. Why should you know what size I take? Or the color?”
Evan Greer of the non-profit group Fight for the Future said the new law will kill privacy.
“Gutting these privacy rules won’t just allow internet service providers to spy on us and sell our personal information. It will also enable more unconstitutional mass government surveillance, and fundamentally undermine our cybersecurity by making our sensitive personal information vulnerable to hackers, identity thieves, and foreign governments,” Greer said.
Said Carmen Scurato of the National Hispanic Media Coalition, “With the approval of the president, corporations will now be handed the ability to share the sensitive, personal information of millions of Americans without their consent and hinder the FCC’s role as a consumer watchdog far into the future.”
Supporters of the bill argued that the Obama regulations were an overreach and that oversight of the Internet should fall under the FTC, not the FCC.
AT&T, which owns DirecTV, was trying to sell such targeted advertising before the Obama-era FCC rules were proposed, The Guardian reported.
What do you think? Share your thoughts about the new law in the section below:
Prepper Website Founder Todd Sepulveda! Host: James Walton “I Am Liberty” Listen in player below. There is something about a man alone with his mic that really makes me excited to podcast. I cannot help but enjoy the journey we take each week together. Every so often though I happen upon a guest that is … Continue reading Prepper Website Founder Todd Sepulveda!
Imagine going an entire year without using the Internet – no Facebook, no Twitter, no YouTube, no email. Not even Google or Amazon.
Perhaps it is for some, but this week’s guest on Off The Grid Radio did just that – and she learned a lot from the experiment. Her name is Esther Emery, a modern-day homesteader who spent 365 ways away from the World Wide Web. She even got rid of her smartphone!
Emery discovered things that nearly all of us – those who spend regular time on the Internet — miss each day of the week.
Emery, whose book What Falls From The Sky details those 12 months, tells us:
- Why she decided to spend a year away from the Internet.
- How long it took before she no longer craved it.
- What traditional old-time activities she learned to love during those months.
- How the experiment dramatically changed how she views the Internet.
Finally, Emery shares with us what she discovered – lessons that can’t be learned while staring at a bright screen.
We were inspired by her story … and we think you will be, too!
There is plenty of information out there about how to physically move off the grid, but what about going off the grid in the digital world? For many off-gridders, a social media or digital presence is still necessary – to remain plugged into the world around us, at least socially. But as the ease with which the government – and landlords, potential employers, even strangers – can track our movements online increases, so too seems to be the interest in disappearing from the digital world and becoming truly invisible. But how do you vanish from the internet?
Bradley Shear, a lawyer who specialises in social media and privacy, warned that it wouldn’t be easy. He said if you really want to step away from the internet and leave no digital trace, it would mean giving up using all electronic devices.
“[To go the full off-grid route] it’s cash, barters,” Bradley said. “Do not use any electronic device that can lead back to your whereabouts.”
Social media backlog
Bradley suggests deleting your social media accounts, or at least cleaning them up. Social media accounts, more or less, ensure you actively participate in letting the internet learn more about you; Facebook, in particular, is very good at tracking what you do across the rest of the web – even when you aren’t actively using it. The site stores your search information to suggest particular webpages, news of interest and advertisements.
“You have to think about the digital accounts you currently have,” Bradley said. “You have a Facebook, LinkedIn, Amazon, old Myspace? Anything that has your name on it. You want to either delete content from them or delete the accounts altogether.”
Although when you delete your accounts many of the companies will still keep the data you previously gave them, at least it won’t be publicly shared.
Bradley pointed out that Gmail in particular has to go – and you can’t use Google or Yahoo, because these programs all track your access location.
“Every time you access [Gmail], they have your IP address,” he said.
If you want to make sure your activity isn’t tracked across the web, Bradley said to use a virtual private network, or VPN, every time you access the internet, unless you only login from public machines (such as those at a public library or internet café). To search, Bradley suggests using sites such as DuckDuckGo instead of the traditional engines that track you.
If all that sounds too painful to deal with, at the very least consider deleting unnecessary content from your social media accounts. Twitter and Facebook let you download an archive of your data on the platform, in case you’re worried about losing any of those utterly amazing early tweets. And beyond the in-account settings for each service, third-party tools such as TweetDelete allow you to erase years of content automatically. But even that, Bradley said, doesn’t provide perfect results – the government probably already has your tweets on file.
“Using a service that deletes old tweets is helpful,” he said. “However, the Library of Congress is cataloguing every single tweet ever.”
JustDelete.Me provides a good starting point for people who want straightforward links to the deletion pages of a ton of accounts, along with a bit of guidance on how easy or hard it is to delete each one.
For those who can’t stand to go completely off the grid – which is probably most of us – Bradley said one of the most valuable things to do is litter the internet with misinformation about yourself.
“Never have a real birthday,” he said. “Always use a throwaway birthday when signing up for social media accounts or pretty much any other service online. Use a throwaway email. If a site or an app is asking for a bunch of information that you think it doesn’t need from you to provide you with whatever service it is promising, don’t do it. If that personal information is required to use that service, then make up some stuff. You want to provide as many alternative facts as possible.”
Of course, most of us will have already provided a lot of the information to a bunch of sites – so try to change it. On many sites, you can change your birthday, your likes and dislikes, past employment experiences, place of residence and other personal details, although some have a limit on how many times you can alter information (like Facebook).
Bradley said he knows that he’s essentially advising people to ignore the terms of service for these sites, and he’s okay with that.
“Feel free to protect your privacy and violate their terms of service,” he said.
Anyone who’s ever self-Googled knows that there are a ton of “people search” sites out there that promise to host valuable information about individuals. Usually, this information – phone numbers, social media profiles, addresses, anything else available from public records or through data collection on the internet – is sold for a fee (but not always). These companies are known as data brokers, businesses that collect information to sell it to other businesses. Bradley warned that trying to fully disappear from their databases is like “whack-a-mole.”
“Look at the first five to 10 pages of your Google results and see who has your name,” Bradley said. Your information will probably be on sites such as Whitepages, Spokeo and Intelius, for example, and each of these sites should have a way to opt out – but Bradley warned that sometimes the opt-out process can be a scam. If the site requires users to verify their identity before opting out by giving more information or providing a government ID, get out of there.
The second part of keeping your information out of the hands of data brokers involves plugging any digital leaks. If you’ve ever signed up for an account by linking it to a Facebook, Google or Twitter account, you have a leak, and should undo it if possible.
The other thing to think about is your phone – and what permissions you have given your apps.
“Most apps ask for way too much information,” Bradley said. “If you want to keep your phone, go ahead and delete every single app you don’t actually need.”
Of course, even doing all of these things won’t completely disappear most of us from the internet – particularly those who are older or have been using it for all our lives so have an extensive digital trail. So, the question becomes: Can you really disappear from the internet?
Bradley said it doesn’t matter if it’s futile or not – it’s important to try as much as you can, and do it properly, as if it’s going to work.
“You might not get perfect results, but it’s always worth the effort to try.”
Winter project Build a computer Bob Howkins “APN Report” Audio in player below! Snow on the ground, snow on the roof, ice on the roads, winter’s set in. As Preppers, wintertime is a inconvenience, but it’s also downtime. Want something to do? As the desire to get out and about is tempered by the desire … Continue reading Winter project Build a computer
BOULDER, Colo. – A prominent American company that helps companies guard against cyber threats is predicting that the entire Internet will be shut down by hackers in 2017 – and that portions of the power grid will go down, too.
LogRhythm, headquartered in Boulder, Colo., released its seven predictions for 2017 just before the New Year and said it believes the “internet will be shut down for up to 24 hours.”
“We’ll see a rise in attacks on fundamental protocols of internet communications. We already started seeing it with DNS,” the company said, referencing a Domain Name System attack that brought down Amazon, Netflix and Twitter in 2016. “In 2017, we’re going to see it hit big sometime, somewhere. If the internet goes down, financial markets will tank.”
James Carder, LogRhythm’s chief information security officer and vice president, said the attacks that brought down Amazon “were really just tests.”
“If you can prove that you can take down massive sites and a large chunk of the US internet for a few hours, a 24-hour outage seems pretty easy to do,” Carder told Business Insider.
LogRhythm also predicted that “portions of the U.S. power grid will be shut down.”
“If portions of the power grid go down, there will be lack-of-confidence and trust issues with the government, which will have long-lasting ripple effects,” LogRhythm said.
The company has offices in the United Kingdom, Singapore, Mexico, France, Germany, Brazil, Australia, Hong Kong and the United Arab Emirates.
Following are LogRhythm’s seven predictions:
1. A decidedly overt attack from a nation-state will likely occur, in an effort to force an equally public retaliation.
– The public nature of this action will force the hand of NATO or the U.S. government to retaliate, whether they choose to do so publicly is not clear.
– This will lead to an increased focus on offensive cyber capabilities and bolster the demand for cyber weapons on the black market. Countries will covertly arm their allies with cyber weapons, and encourage disguised attacks on their enemy.
2. The internet will be shut down for up to 24 hours.
We’ll see a rise in attacks on fundamental protocols of internet communications. We already started seeing it with DNS. In 2017, we’re going to see it hit big sometime, somewhere. If the internet goes down, financial markets will tank.
3. Portions of the U.S. power grid will be shut down.
– We already saw hackers mobilise vulnerable IoT devices in the recent DDoS attack. Similarly, they could target and impact aspects of critical infrastructure.
– If portions of the power grid go down, there will be lack-of-confidence and trust issues with the government, which will have long-lasting ripple effects.
4. Hackers will target and silence major media sites — such as CNN, FOX News, etc. — to influence what is reported and attempt to keep people in the dark.
– There will be more focused IoT botnet attacks, like the largest DDoS attack ever committed (Oct. 2016), which was all done using embedded systems/IoT devices. We’ll see a larger botnet attack, powered by the hundreds of thousands of IoT devices that still have malware running on them.
5. Ransomware will get more personal, as 2017 will mark the rise of mobile ransomware.
Simon Howe, Director of Sales for ANZ at LogRhythm said, “Attackers will use pre-authenticated tokens to disseminate malware. Because so many Apple devices are interconnected, the malware could very quickly spread. Attackers will target consumers and hold their personal data hostage. For example, attackers will threaten to send out or delete a user’s photos unless a ransom is paid. Just think, how much would you pay to recover your photos?”
6. There will be an uptick in Psychological Operations (PSYOPs), where hackers will use social media platforms to manipulate messages and influence people.
– A study released by Stanford in late Nov. 2016 found that US students from 6th grade through college – presumably the savviest social media users – are unable to accurately evaluate the credibility of information presented in tweets, comments and articles.
– Malicious actors will use algorithms to gauge the effectiveness of their social media efforts, and refine their PSYOPs to further manipulate people of all ages.
7. Every country and region in modern nations will come up with their own cybersecurity governance, and start enforcing compliance with those mandates.
We initially saw this with GPG-13 (Cyber Security Framework) and GDPR (Data Security Framework) in the US. We’ll likely see an uptick in other countries establishing their own brand of cybersecurity and data security frameworks.
What is your reaction? Share your thoughts in the section below:
Data Storage for SHTF Emergency Bug Out Highlander “Survival & Tech Preps” Audio in player below! The thought of bugging out is a real threat. Have you thought of the data you have and how you would store it, take it with you or use it on the road? The world today offers us many … Continue reading Data Storage for SHTF Emergency Bug Out
The Benefits of Social Media in Prepping Highlander “Survival & Tech Preps” Listen in player below! In past shows I have talked about the dangers of social media and the internet. This episode I will flip the switch and talk about the benefits of social media in prepping. We often see the dangers of the … Continue reading The Benefits of Social Media in Prepping
The cyberattack that disrupted a number of major websites including Amazon, PayPal, Twitter and Netflix on Oct. 21 certainly was no accident. In fact, a renowned security guru thinks someone is learning how to take down the Internet.
That expert predicted several weeks earlier that it would happen.
“Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet,” Bruce Schneier wrote on September 13. “These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down.”
Internet infrastructure companies noticed a big upswing in attacks in recent months, Schneier wrote. Those attacks, in fact, were similar to the one that knocked out the company Dyn, which provides critical services to Amazon and the other companies that went down. On Oct. 21, hackers launched a massive distributed denial of service (DDOS) attack on Dyn, overwhelming the system and causing it to crash.
“If you want to take a network off the Internet, the easiest way to do it is with a distributed denial-of-service attack (DDoS),” Schneier wrote on his blog and at LawFareBlog.com. “… Basically it means blasting so much data at the site that it’s overwhelmed. These attacks are not new: hackers do this to sites they don’t like, and criminals have done it as a method of extortion. There is an entire industry, with an arsenal of technologies, devoted to DDoS defense. But largely it’s a matter of bandwidth. If the attacker has a bigger fire hose of data than the defender has, the attacker wins.”
Recently, “some of the major companies that provide the basic infrastructure that makes the Internet work” have seen an increase of such attacks, wrote Schneier, who is chief technology officer of IBM subsidiary Resilient Systems Inc., a fellow at Harvard Law School’s Berkman Center for Internet and Society, and a board member at the Electronic Frontier Foundation.
“These attacks are significantly larger than the ones they’re used to seeing,” Schneier wrote. “They last longer. They’re more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.”
The attacks, in fact, are so strong that the “companies have to use everything they’ve got to defend themselves.”
“They can’t hold anything back. They’re forced to demonstrate their defense capabilities for the attacker,” Schneier wrote.
One of those companies is Verisign, which is the registrar for many popular websites.
“If it goes down, there’s a global blackout of all websites and e-mail addresses in the most common top-level domains,” he wrote, referencing .com and net.
Verisign’s latest public report said that attacks have “continued to become more frequent, persistent, and complex.”
Who is doing the attacking? Schneier believes it is a nation.
“It feels like a nation’s military cybercommand trying to calibrate its weaponry in the case of cyberwar,” he wrote. “It reminds me of the U.S.’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities. … The data I see suggests China, an assessment shared by the people I spoke with. On the other hand, it’s possible to disguise the country of origin for these sorts of attacks.
“The NSA, which has more surveillance in the Internet backbone than everyone else combined, probably has a better idea, but unless the U.S. decides to make an international incident over this, we won’t see any attribution.”
What is your reaction? Share your thoughts in the section below:
NEW YORK — Americans’ right to free speech online might be threatened by the Obama administration’s decision to transfer U.S. authority over Internet addresses to an organization called the Internet Corporation for Assigned Names and Numbers (ICANN), critics say.
ICANN was set up by the Clinton Administration in 1998 to oversee the assignment of names and addresses on the World Wide Web. ICANN replaced the U.S. Defense Department, which created the Internet in the 1960s.
Until October 1 of this year, ICANN reported to the U.S. Commerce Department. But now it is only answerable to its stakeholders, according to The Washington Post. Those stakeholders consist of representatives of 164 national governments around the world in a set-up critics say is similar to the United Nations, with representatives from free countries but also from repressive regimes like China and Iran.
Under that arrangement, the repressive countries have the same amount of sway as does the United States.
“Our country faces a threat to the Internet as we know it,” U.S. Senator Ted Cruz (R-Texas) said last month, days prior to the transfer. “… If Congress fails to act, the Obama administration intends to give away the Internet to an international body akin to the United Nations.”
Cruz went further in a press release, stating that Obama “intends to give increased control of the Internet to authoritarian regimes like China, Russia and Iran.”
“Like Jimmy Carter gave away the Panama Canal, Obama is giving away the Internet.”
Critics like former Wall Street Journal publisher L. Gordon Crovitz charged in an August 28 op-ed that this means U.N. control of the Internet.
“But because of the administration’s naiveté or arrogance, U.N. control is the likely result if the U.S. gives up Internet stewardship,” Crovitz wrote.
U.S. Representative Marsha Blackburn (R-Tennessee) made similar arguments in a speech in the House, Politico reported.
“Think about this,” Blackburn said. “We cannot allow control for Russia or China over U.S. free speech.”
Threat to Freedom or Boon to Free Speech?
Others, though, say an independent ICANN would actually increase freedom online.
“This is not a handover of control of the Internet to some U.N. body, as much as he [Cruz] tries to make it sound like ICANN, which is an American corporation registered in California, is some international body,” U.S. Senator Chris Coons (D-Delaware) said. “It isn’t the U.N. or anything like it.”
Coons continued: “The way that China or Russia could have greater influence over the naming function of the Internet is if we delay this transition. Lose our credibility internationally that we do intend to privatize this function, and give them the leverage to make stronger arguments at the United Nations that the U.N. … should begin preparing to set up their own DNS function. I think there is a very small risk that this transition will lead to any increased role for any country, including those that censor the Internet in their own country.”
Still others fear that an independent ICANN would let giant companies like Alphabet, the owner of Google, dominate the net. Cybersecurity expert and ICANN advisor Garth Bruen told the Chicago Tribune that’s he afraid ICANN will be accountable to no one.
Attorneys General from Texas, Oklahoma, Nevada and Arizona filed suit to stop the transfer, but their effort ended when a federal judge in Galveston, Texas, threw out their request on September 30.
For better or worse, Uncle Sam has relinquished control of the Internet.
What is your reaction? Share it in the section below:
Internet Money! James Walton “I Am Liberty” Listen to this show in player below! Its very rare we take the time to talk about income but lately I have been looking for ways to change that. The motivation behind this is two fold. One is the fact that I am looking to take control of my world … Continue reading Internet Money on I Am Liberty!
4 Ways You Can Prepare For A World Without The Internet
Can you imagine a world without the internet? Consumer Affairs posed the question What goes up when the Internet goes down? In the infographic below they have some answer’s. I don’t think that the world will ever go without the internet for long. Humans like to be conceted. Many young adults have never known a time without the internet.
The internet we know today is based on APRAPNET and has been around since 1969. It was built to be resilient with redundancy. The info sent over the internet is broken into tiny pieces called packets that do not have to travel on the same route. At the end, they are reassembled. Not to geek out on my networking background. Not to even mention alternative networks like ServalMesh.
But it could be down in areas for periods of time. There are some takeaways you can learn from a world without the internet.
Work On Real Life Conversation
So you are casanova on Same plate and Tinder but can you talk to anyone in person? In a world without the internet, you are going to have to learn to socialize. Now is a great time to start doing. It doesn’t have to be profound. Try saying Hi. Work on making connections and growing your personal tribe offline. I’m not saying to unplug completely from the internet. There are great friends and communities online. Like the Survival Punks group. Just work on Balance.
Cash Is King. More so in a world without the internet. Many debit card terminals use the internet to process payments. So if the internet, or power, is down you ain’t buying a thing. That is just one of many reasons to carry at least some cash on you.
I have had several times where I was able to buy stuff in a power outage because I had cash on me.
Sometimes you just need to unplug from the internet. Whether it’s a few hours or a month detox from the net. I mean the internet has some really cool people. It also has a lot of assholes. All the negativity can get you down. So take a hike in the woods. Go play frisbee in the park. Go camping. Get off the internet and go outside.
Have Information On Hand
If the internet goes down you can’t google or Wikipedia information. Well in the case of this project you can actually have Wikipedia in your pocket. Which is definitely worth having. Having books on hand will be very important in a world without the internet. Both for entertainment and knowledge. How else will you prove your friends wrong?
Want to hear yourself on the podcast? Call in with your questions at (615) 657-9104 and leave us a voice mail.
Like this post Consider signing up for my email list here > Subscribe
Think this post was worth 20 cents? Consider joining The Survivalpunk Army and get access to exclusive
content and discounts!
The post 4 Ways You Can Prepare For A World Without The Internet appeared first on Survival Punk.
We rely on the Internet for nearly everything in life, but in the wake of a natural disaster or large-scale collapse of the power grid, it is possible that the Internet could become inaccessible.
Even a few days without it could cripple American society’s ability to manage money, practice commerce, and communicate.
Because of that, it is a good idea to reduce your dependence on the Internet by moving more of your needs offline.
Here’s five areas to get your started:
1. Banking. Out of convenience, most Americans do at least a portion of their banking online. There’s no harm in using an online account to manage some of your bill payments and financial transactions. Just don’t rely on it to maintain your records. Monthly or quarterly, download a paper statement from your bank, print it, and file it away. Additionally, make sure you have paper records for all of the accounts you hold. Do the same thing for any stocks or important records of assets; record them on paper. Better still, do most of your bank transactions in person, at a local bank; you’ll have greater security and get better customer service.
2. Maps. Relying on GPS or Google Maps to tell you how to get around your local area is foolishness. Purchase or download updated local maps and keep them where they can be easily referenced or found in case of emergency. GPS won’t be a reliable source of navigation if the power grid is compromised.
3. Reference materials. Whether you read books on a Kindle or tablet, follow websites relevant to your interests, or just get the news delivered digitally, it is important to keep a paper trail for the information you’ll need in the future.
You may not always be able to Google your way to an answer. Buy reference books relevant to setting up and maintaining a homestead, including home improvement encyclopedias and farming manuals. Printing information from often-referenced websites and filing it appropriately will ensure you’ll have the knowledge at your fingertips long after you can’t get it online. Best of all, develop your skills now so you will not need as many reference materials to accomplish tasks around the homestead.
4. Email. Discussing plans and making decisions by email has become commonplace. Create a personal file of email correspondence for each family member and for your business activities. When agreements are solidified by email, print the message and file it accordingly. In addition to backing up your knowledge of what was decided, the written correspondence is an important record in your family. Just as our prior generations preserved old letters, so we must preserve meaningful emails in order to tell the story of our families.
5. Contacts. Many people scarcely know their phone numbers, let alone those of their families and other close contacts. Maintain an address book containing all the contact information and locations of anyone you care about, as well as resourceful peers and acquaintances.
Knowing where to find someone important to you is the first step to reconnecting, and you don’t want to be left high and dry by an inability to access your contacts.
Bonus – Unplug These, Too
Photos. Of course, this is a little sentimental, but there’s more to life than practicality. Don’t simply store precious family heirlooms “in the cloud.” Kids today are being raised with very few printed photos documenting their lives. What a shame if all of those digital photos were lost! Create a photo album for each member of your family, or a family album documenting your lives together. The small investment of time and money could reap rewards for the rest of your life and become an important piece of your family’s heritage.
Entertainment. Learn to amuse yourself without surfing the web, clicking through Facebook, or playing online games. Part of being resourceful is being able to find and create entertainment with ready supplies — paper and pencil, card, and dice games are a great way to connect with your family and have a great time without plugging in. Invest in a book of activities and start gathering around the table more often, and you won’t miss the Internet so much in times of outage.
What would you add to this list? Share your tips in the section below:
News and Finding What Matters! James Walton “I Am Liberty” Can we have a moment of complete and total honesty? There is too much news. There is simply too much. No one is capable of the input. Much of the news out there isn’t much at all. In many cases it’s a collection of stories … Continue reading News and Finding What Matters!
Try this and see what happens in your household… pull the plug on your internet router. How long will it take before there are inconveniences or upset people (especially the younger ones) … I have been having issues with my internet service all week, and this morning it went ‘belly up’ – no internet. Having […]
Hackers wanting to sabotage the US power grid or other critical infrastructure can do so with a simple Internet search, primarily because some critical systems are outdated and lack even password protection, an NBC News investigation has found.
The shocking findings mean that dams, traffic controls, stadiums and America’s electricity are in far greater peril than previously thought.
The weakness was underscored when it was discovered that Hamid Firoozi, an Iranian hacker working for the Islamic Revolution Guard Corps, was able to gain access to a dam in New York with a legal search engine, the network found. Firoozi has been charged with hacking the Bowman Avenue Dam in New York in 2013.
It is believed he and his fellow hackers were experimenting with the system to plan for something far bigger.
“This stuff has been happening undetected for years, and now this is one of the first times that it’s surfaced publicly,” former F.B.I. computer crime investigator Mike Bazzel said. “We’re getting close to a threshold where something must be done. The more this type of activity becomes popular and well-known, it will get worse before it gets better.”
Private cybersecurity experts have been able to take control of traffic lights, police license plate reader networks and water plants.
Additionally, former Google cybersecurity expert Billy Rios found that control systems at a dozen major stadiums in the US were vulnerable to hackers – meaning they could create panic and stampedes in the venues.
So, how do the hackers do it? In a practice called Google dorking, hackers use Internet searches to find unsecured ports that can let them into critical infrastructure. The biggest problem is that much of the computer systems behind America’s infrastructure was built long ago, before cybersecurity was a need – and those systems are now going online.
Some of the infrastructure still contains the default username and password – such as “admin” and “admin.” And some of it has no password at all.
The water sector, which includes dams, tunnels, bridges and water supply systems, is one of the most vulnerable to hacking.
Experts estimate that around 6.4 billion devices will be connected to the Internet by the end of this year. By 2020, 21 billion devices could be connected.
Last month, Apple CEO Tim Cook said a simple iPhone could be used to hack and shut down the electric power grid.
“You have these big control systems that have a straight shot to the Internet – that’s the fundamental security flaw,” security researcher Tod Beardsley told NBC.
Some of the current cybercrime laws actually make it illegal for the good guys, or white-hat hackers, to search for and expose security flaws.
“Fear of civil or criminal prosecution under these vague laws can have a chilling effect on the kind of services we could provide,” security researcher Joshua Corman told NBC.
Do you believe America is prepared for a major cyberattack? Share your thoughts in the section below:
Cyber security, preventing attacks!
Highlander “Survival and Prep Techs”
In the program below we revisit the need for cyber security not only on your devices but in the real world. I discuss what measures we need to take in our everyday lives that we should and must put in place if we want to maintain security within our lives.
There is so much to consider when it comes to security, every prepper preps for security in some way but most of us neglect the computer/device side of things. We will discuss what security measures you need to use on your pc such as antivirus, popup blockers, basic operating skills that will protect you from intruders that want to get your information and use it for nefarious purposes. I will discuss the absolute need for opsec (operational security) when you are online. What we want is to not share your details on social media, in emails, or in forms you fill out.
The biggest causes of identity theft and infections are caused because of poor security practices. I will give you a few tips on what to look for, what to do in case you think you are compromised and how to prevent it in the first place. With the looming threat of cyber terrorism just over the horizon our own technology can be used against us if we are not careful. Routine maintenance and common sense is what will protect you from attacks.
Hopefully I give some pointers and make your lives a bit easier and less worrisome over this, even though it is on a lot of our minds. We hear of china posing a larger threat when it comes to cyber-attacks. Don’t let your devices be used to attack another, this may sound crazy but I will explain during the show what this entails and what to do about it. So enjoy the show and as always questions are welcome!
Join us for Survival & Tech Preps “LIVE SHOW” every Monday 9:00/Et 8:00Ct 6:00/Pt Go To Listen and Chat
Listen to this broadcast or download “Cyber security, preventing attacks!” in player below!
The Survival Place Blog – Staff Writer
The Internet. As boundless and infinite as space. Or is it? Though spending time online has become one of America’s favorite past times — nearly 75 percent of U.S. homes have Internet access, according to the U.S. Census Bureau — it has also become the backbone of countless businesses, organizations and government agencies. Since the dawn of dial-up, the main goal of providers and the main demand of users has been faster, faster, faster. However, that horizonless hub of information may now be facing some very real limitations.
The World Wide Web may be intangible, but users still require very tangible methods of connecting to it. Analysts in the U.K. warn that the fiber optics and cables necessary to send data to our devices are rapidly approaching their limits. Data handling is not the only issue at hand, either — there also exists a power problem. With Internet accessibility and usage increasing everyday, in the country of the Britain alone, internet usage has the potential In just 20 years to consume all of the U.K.’s power supply. These troubles have many expressing very real concerns about Internet usage caps and even the possibility of collapse.
At the risk of such devastating consequences, backing up one’s data and protecting sensitive information from security breaches in the wake of an Internet collapse is more important than ever. Here are a few tips:
Create a partition
For Windows users, by default, the files you create are stored in your My Documents folder. This folder then categorizes the files based on the kind of files they are. This is great for an organization, but the My Documents and all of its subfolders inhabit the most vulnerable area of your hard drive: the Windows partition. If you create a different partition to store these files, when it is time to reinstall Windows, you do not overwrite the files, making it easier and safer to back up data.
Use an external hard drive
Naturally, as handy and convenient as cloud storage is, it will do you no good if you cannot reach the cloud. For your most sensitive information, like tax documents and identity data, or for your most treasured files, like family photos and videos, maintaining a separate hard drive allows you to have digital copies that aren’t “plugged in” to the Web. It is basically a catalog of your files that you can hold on to for safekeeping but hook up to a computer if you need access, no online transmission required. So if the Web unravels, you still have your data.
In 1998, a group of hackers known as LOpht attempted to warn a panel of senators of the threats that lurked in the shadows of the Web. LOpht spoke of the vulnerabilities within programs and software and encouraged the statesmen to take action, yet nothing was done to ensure the safety of Internet users, and the burden of security falls on the shoulders of the users even today. Cybercrime is constantly evolving. With every security measure businesses and individuals take, the black hats seem to find new ways around. Being educated on cybersecurity vulnerabilities is your first line of defense in online security.
As engineers scramble to find solutions for the limitations of optic fibers, and as countries begin to understand the power demands swelling internet usage requires, it’s time to begin your own line of defense against the consequences of finding the end of the Internet frontier.
ISIS could be in the middle of trying to take down the Internet – and it may have tried doing so last year.
According to International Business Times, a major attack took place late last year on 13 root name servers – considered the backbone of the worldwide Internet – and it apparently came from the “IS Amaq Agency” app that is used by ISIS to spread its propaganda around the world. The app would have created a botnet to perform a massive “distributed denial of service” (DDos) on the servers.
At the peak of the attack, the servers were receiving 5 million queries per second. It would have taken as few as 18,000 smartphones using the app to conduct the attack. Users would not have known their phones were being used that way, IBT reported. The app is not available in the iPhone App Store or in Google Play.
“I feel certain that the IS news app was the source of the DDoS attack,” cybersecurity expert John McAfee told IBT. “One of my researchers has discovered encrypted packets being sent to the Amaq Agency news app.
“We found the 13 Root Server Addresses in the app memory while the app was running. The addresses did not appear inside the static app. The addresses therefore had to be decrypted at run time. Why would they encrypt the addresses inside the app unless they were trying to hide the true purpose of the app? This is the smoking gun we were looking for.”
The attack, which took place between November 30 and December 1, wasn’t successful, although experts caution that a much larger attack could do damage – even taking down the Internet worldwide.
Cyber security expert Eddie Mize said a downed Internet also could impact the power grid.
“Imagine if the Internet went down for several days. I believe we would see significant power grid failure and potentially loss of emergency services,” Mize told IBT. “This could mean the failure of dams and flood controls, power and water distribution, natural gas distribution and control failure, and more.
“Perhaps the most alarming aspect would be to the financial sector. I believe that loss of the Internet for even a two-week period could cause enough disruption to financial institutions that consumers would lose confidence and this could be catastrophic to the markets. All of this could set up a chain reaction that could send the public in to a panicked tailspin.”
Does ISIS’ plan concern you? Share your thoughts in the section below:
You could search the ‘Net for weeks and not find half of the expert survival sites in this unique guide, which comes with its own Web site to put all this information just a click away. The book, The Internet Guide to Survival and Self-Reliance teaches you how to supply your own food, power and […]
Simply using certain encryption services or investigating alternatives to Microsoft Windows could get you placed under surveillance by the National Security Agency (NSA) and other intelligence organizations, according to a new report.
Utilizing encryption solutions such as TOR could result in monitoring by the NSA and its allies, including Britain’s Government Communications Headquarters (GCHQ), according to the report in the German media outlet Tagesschau.
The NSA tracks people with a surveillance tool called XKeyscore.
“Anyone who is determined to be using Tor is also targeted for long-term surveillance and retention,” Corey Doctorow wrote at the BoingBoing.net blog.
The German outlet said computer experts watched the XKeyscore code and found that the NSA was constantly monitoring TOR users on servers at MIT’s Computer Science and Artificial Intelligence Laboratory, the National Journal reported.
TOR is a program that lets a person stay private by routing communications through computers and servers all over the world. It makes it much harder for the NSA and other agencies to track.
Other Behaviors the NSA Regards as Dangerous
The German report listed a number of seemingly innocent and harmless behaviors that can trigger NSA surveillance, the National Journal said. They include:
- Going to Linux Journal, a popular forum for the open-sourced operating system Linux. The NSA apparently regards Linux Journal as an extremist forum.
- Searching for information about Tails, a popular operating system used by human rights advocates.
- Searching for information about any Windows alternative.
- Searching for information about online privacy.
“The better able you are at protecting your privacy online, the more suspicious you become,” National Journal’s Paul Tucker wrote.
“Tor and Tails have been part of the mainstream discussion of online security, surveillance and privacy for years,” Doctorow wrote. “It’s nothing short of bizarre to place people under suspicion for searching for these terms.”
The NSA, he added, isn’t being honest about its surveillance.
“It’s a dead certainty that people who heard the NSA’s reassurances about ‘targeting’ its surveillance on people who were doing something suspicious didn’t understand that the NSA meant people who’d looked up technical details about systems that are routinely discussed on the front page of every newspaper in the world,” Doctorow wrote.
One expert Doctorow spoke with “suggested that the NSA’s intention here was to separate the sheep from the goats” – that is, to separate people who don’t care about their privacy from people “who have the technical know-how to be private.”
XKeyscore apparently tracks individuals online by using fingerprint triggers that activate whenever certain information is detected.
Do you believe the NSA is constantly monitoring our Internet behavior? Do you support NSA surveillance? Share your thoughts in the section below:
Russia’s navy may be plotting a secret submarine attack that would shut down the world’s financial markets, disrupt the global economy and paralyze communications by cutting cables deep underneath the sea, Pentagon and intelligence officials say.
As reported by The New York Times, officials are worried because Russian spy ships and submarines are operating near undersea fiber-optic cables that carry much of the world’s data. In a sea thousands of miles wide, such maneuvers are rarely coincidental.
The cables carry business transactions worth more than $10 trillion a day, the newspaper said. Additionally, more than 95 percent of communications each day takes place on the cables.
“I’m worried every day about what the Russians may be doing,” Rear Admiral Frederick J. Roegge, the commander of the US submarine fleet in the Pacific, told The Times.
The data going through such cables includes stock and commodities transactions, banking information, news, financial data, and email.
If the cables were to be cut, major financial markets including those in New York, London, Tokyo and Shanghai would shut down. Major banking transactions, including credit card purchases, would be severed.
During World War I, one of the first actions of Britain’s Royal Navy was to cut undersea cables that connected Germany with the United States, Africa, and South America. The British cut the cables so they could control the flow of information in and out of Germany.
In September of this year, a Russian spy ship, the Yantar, cruised off the East Coast of the United States on its way to Cuba, where one major cable resides, The Times reported. The ship carries two deep-sea submersible craft.
“The risk here is that any country could cause damage to the system and do it in a way that is completely covert, without having a warship with a cable-cutting equipment right in the area,” Michael Sechrist, a former researcher at Harvard and MIT, told The Times.
He believes that the Russians could cut the cables with undersea drones and nobody would notice.
Naval officers are concerned because the Russians appear to be searching for vulnerabilities in the cables deep below the surface of the ocean. Cables get cut “all the time,” Sechrist said, although those accidents take place close to the shore and are easier to repair. A cable cut deep in the middle of the ocean would be different.
“Undersea cables tend to follow the similar path since they were laid in the 1860s,” Sechrist said.
What do you believe the Russians are doing? Share your thoughts in the section below:
I’ve been dinking around with electronic encryption for about 30 years. In spite of the fact that secure communications would be useful to me professionally for more than one reason, up until now I’ve never gone beyond “dinking around” to “using” encryption.
One reason encryption hasn’t become part of my every-day experience–and I’m guessing this applies to millions of others as well–is that it’s just too much hassle for too little reward. My favorite tool up until now has been some variation of Pretty Good Privacy. It’s robust: the NSA could crack it, but it would take way more resources and cost way more than it would likely be worth. It’s open source: any geniuses out there who want to inspect the encryption algorithms or software implementation are able to do so, and if they can’t find any real problems, then I’m not going to complain. And it’s free; I like cheap. Unfortunately, it is just complicated enough (with all its talk of public keys, private keys, trusted keyrings, etc.) that the “where can I find the file I just downloaded” crowd won’t use it unless their really mean boss absolutely forces them to. In other words, I can’t use PGP to send encrypted messages because nobody else I know uses PGP (which also explains why I’ve never received an encrypted message).
Encryption technology is not exactly a growth industry, unless you’re working for The Man. Governments really don’t like not being able to snoop on the things we say to one another, so often when somebody comes out with encryption in some sort of useful form, the government makes them an offer they can’t refuse: Put in a back door that lets us read that stuff, or don’t do business in this country. Apparently it’s not just people wanting to protect trade secrets or exchange naked pictures of Marty Feldman who use encryption, but also international terrorists and drug dealers. This government arm-twisting might be no problem if it came only from Tonga, but when it comes from places like China or the USA, well, problem. So encryption start-ups typically end up spending a lot of their time trying to fly under the radar, to justify why their secure applications should be legal, or building back doors.
A lot of us think of encryption algorithms when we start thinking about communications security. But it turns out that hackers don’t bother actually trying to crack encryption so much as intercepting our private keys and using that to decrypt our information, or they might simply grab our information directly before it’s encrypted or by reading ghost data left on our hard drives or in memory. And if even that is too tricky, there’s always the time-proven expedients of blackmail or coercion to make us just give over the information free and clear.
Well, recently a need arose for me to communicate securely with a person in a very insecure country, and I looked into things some more. I found an app that I’m really starting to warm up to: Peerio. Peerio looks like a cute little chat application. One must login to the app using a longish pass phrase (this can be shortened to a password, but the password is only good for that specific device), then simply message or e-mail in what appears to be clear text. One may also upload files and share them, in which case they go out as attachments to a message. Attachments received can be dragged to a local folder and opened, viewed, edited, etc. In other words, anybody that can chat or drag-and-drop files can communicate and share files with Peerio.
What’s going on in the background–that users don’t need to be educated about or see–is some pretty strong encryption and decryption. When a contact is added to one’s address book, so is that contact’s public key. Peerio uses the pass phrase to generate a user’s private key each session, then when a message is sent it is encrypted before sending; the private key is not stored anywhere, and disappears when the user logs out. No clear-text messages or files ever hit Peerio’s servers. When the message is received, the recipient’s app decrypts it using the public key found in the address book, and presents the message in clear text. Shared files are likewise encrypted on the sender’s computer and decrypted on the receiver’s computer.
Here are some things that drew me to Peerio:
- It’s so simple. Unlike every other encryption application I’ve ever used before, I already have people I know in my contact list and I’ve already used Peerio to communicate with them and share files. This is the biggie for me.
- It uses end-to-end encryption rather than server-based encryption; if a Peerio server ever gets breached (accidentally or by a disgruntled employee), all people get is a bunch of encrypted data.
- The encryption algorithm and software is open-source and peer reviewed. I can’t tell good encryption from bad, so it comforts me that those who can tell are able to check what Peerio’s doing. If you want to check it out for yourself, you can. Peerio actually hires third-party experts to check it out every so often, just in case.
- Peerio will actually pay you $1,000 if you find a bug or exploit in their software.
- This one I’m not really counting on so much, but Peerio claims that if the government ever asks them for my data (they’ll know the name and e-mail I supplied when I signed up, though they don’t check to see if they’re real), they’ll require due process and will notify me before releasing the information in case I want to challenge the request.
- Peerio is portable, meaning I can run it under Windows or Mac from the USB thumb drive that’s part of my everyday carry (EDC).
Ultimately, there’s no such thing as complete electronic security. If someone carries Federal ID in their pocket, assume all your data are belong to them. If someone who knows what they’re doing gets their hands on your actual computer, assume they have access to all your data. If someone doesn’t know what they’re doing, but can sneak this USB keylogger into a slot on the back of your computer, they’ll have all your passwords, pass phrases, and anything else you type e-mailed to them on schedule. And of course there’s always the aforementioned blackmail, drugs, and threats of violence.
I’m totally happy to have found Peerio. Are there other apps out there I may have missed? Security concerns I need to be aware of? Let me know in your comments below.
- 16 Defenses Against Identity Theft
- 8 Ways VPNs Make You More Secure Online
- Conceal Your Location: Use a Cutout Phone
- Keyloggers: A Risk Assessment
- Protect Your Electronic Privacy
If you appreciated this article, please help me by voting for Still Getting Ready! at topprepperwebsites.com.