Subscribe

#AxisOfEasy 195: Major US Fuel Pipeline Shutdown By Cyber-Attack

by on May 11, 2021

Weekly Axis Of Easy #195


Last Week’s Quote was   “Most of the energy of political work is devoted to correcting the effects of mismanagement of government” was Milton Friedman, winner was Joe.

This Week’s Quote:  “The media’s the most powerful entity on earth.  They have the power to make the innocent guilty and to make the guilty innocent, and that’s power.  Because they control the minds of the masses”… by???

THE RULES: No searching up the answer, must be posted to the blog – the place to post the answer is at the bottom of the post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal is on us.

 


In this issue:
  • Major US pipeline shutdown by cyber-attack
  • New DNS bug targets authoritative nameservers
  • Network Solutions and Register.com experience major DNS outages
  • Researchers hack into a Tesla from an aerial drone
  • Qualcomm bug affects 40% of mobile phones, enables eavesdropping
  • Under-the-radar startup buys logins of tech company employees staff accounts
  • Aussie intel agency claims, without evidence, that encryption is for criminals only
  • Florida passes social media reform legislation that media isn’t reporting on
  • Facebook is throttling a WSJ book review on former Obama era Undersecretary of Science
  • WhatsApp will penalize users who won’t agree to new data sharing policy
  • Battle over Canada’s Internet Censorship Bill heats up
  • DOGE implodes after Elon Musk bombs on worse-than-usual SNL
  • It’s getting harder for the MSM to ignore the lab origin narrative
  • AoE Salon 43: Are we in a global cyber war and nobody told us?
Major US pipeline shutdown by cyber-attack

One of the themes we explored a bit in the most recent AxisOfEasy salon #43 was the idea that perhaps World War 3 has been underway for awhile, but it’s being fought in completely new theaters and nobody has told the public (it’s more of a thought exercise than a theory).

The next day the news broke that the largest pipeline in the US had been forced to shut down after a cyber-attack. Details were slow to emerge at first making me wonder if this could be thought of as a salvo in exactly what we were theorizing.

It then became known that it was a ransomware that shut down a 5,000 mile segment of Colonial Pipelines’ Texas to New Jersey segment that supplies a significant chunk of fuel to the United States East Coast. The attack has been attributed to the Darkside ransomware gang, a group that emerged last summer who specializes in attacking high profile corporate networks and demanding huge ransoms, in the millions, for the decryption keys.

As we head to press today, a regional state of emergency has been declared , and the Darkside group has taken the unprecedented action of issuing a statement that they are apolitical “only in it for the money”, and they will henceforth “vet” future targets before taking them down.

Read: https://www.rollingstone.com/politics/politics-news/cyber-attack-pipeline-shut-down-1167087/


New DNS bug targets authoritative nameservers

It’s been awhile since DNS reflection / amplification attacks were a major thing (and we were on the wrong side of our share of those). But a newly discovered flaw in the DNS dubbed “TsuNAME” by researchers may bring a resurgence in these types of attacks.

TsuNAME attacks DNS resolvers (the name server that answer queries for clients about all other domain names, think OpenDNS or Google’s 8.8.8.8) and uses a weakness in those to attack authoritative name servers (the ones that answer queries about specific domains, think easyDNS).

The attack appears to involve common configuration problems within the zones hosted on the authoritative nameservers, which may produce lookup loops. There is an open source tool called Cycle Hunter.

Read: https://www.bleepingcomputer.com/news/security/new-tsuname-dns-bug-allows-attackers-to-ddos-authoritative-dns-servers/

The advisory: https://tsuname.io/advisory.pdf

(We have been using Cloudflare and Voxility to mitigate DDoS at the anycast / nameserver level for years.)



Network Solutions and Register.com experience major DNS outages

Speaking of DNS outages, both Network Solutions and Register.com experienced outages at the same time last week. NetSol and Rcom are both owned by Web.com. The article said it wasn’t conclusive that the outage that affected them was the same incident but it seems that way to me.

It’s purely conjecture to say if the outage was the result of the aforementioned new DNS vulnerability. Neither entity has been particularly forthcoming about the root cause of the outage and (as far as I know) neither has posted a Reason For Outage (RFO) notice to their websites.

All we do know is that anybody using NetSol or RCom for DNS was off the air for over a day, unless they took other actions to move onto other nameservers.

Read: https://www.bleepingcomputer.com/news/technology/network-solutions-and-registercom-hit-by-ongoing-dns-outage/

(Also recall our Proactive Nameservers automates DNS failover at the failover level. We espouse numerous methods for high availability DNS here.)


Researchers hack into a Tesla from an aerial drone

This one is material for a scene in a cyber-thriller: a Tesla speeds down the highway carrying “The MacGuffin” in the trunk…. suddenly a scary looking drone with spikes and a razor teeth paint job zooms out of the sky, falls into pace above the car, our hero takes evasive actions but no, the drone has put the vehicle into autonomous mode and veers it… off a cliff… the hero bailing out just in time (or a red-shirt unceremoniously disposed of)… an LED lights up on the drone and trunk pops open, it zooms in, scoops out The MacGuffin and soars away, as the Ian Fleming-esque music begins rolling….

Well we’re not there yet. But security researchers did hover a drone over a parked Tesla, and used a weakness in the vehicle’s WiFi to take control of the onboard infotainment center and make changes to the vehicle’s internal settings, including unlocking the doors and moving the seats (perhaps in our cyber-thriller the drone ejects the driver at accelerated force through the front windshield).

The duo of researchers work for a German cyber-security research firm called Comsecuris GmBH and they’ve dubbed the security flaws “TBONE”

Read: https://futurism.com/the-byte/hackers-tesla-drone

And: https://interestingengineering.com/researchers-hacked-into-parked-teslas-remotely-with-a-drone


Qualcomm bug affects 40% of mobile phones, enables eavesdropping

Researchers from Checkpoint Research have found a bug in Qualcomm chips used in Android phones which can enable hackers to access the authentication info on a phone’s SIM card.  They could also use the access to evade detection, and then load hostile code on the device that paves the way for accessing the contacts, text message history and even listen in on conversations.

The vulnerability is being tracked as CVE-2020-11292 and affects Qualcomm MSM chips on 2G, 3G, 4G and 5G capable phones, phone in devices manufactured by multiple vendors including Google, LG, Samsung and OnePlus.

Read: https://research.checkpoint.com/2021/security-probe-of-qualcomm-msm/


Under-the-radar startup buys logins of tech company employees staff accounts

A company called Argyle, which has raised a $20 million A round so far, seems to be sending emails to tech company employees and offering them money for their company intranet logins, and even pays them a monthly stipend for as long as those logins continue to work.

These emails come from what appear to be front organizations with names like Workplace Unite, whose websites make HTTPS url calls under the hood to Argyle’s domain.

Argyle’s stated mission is to build

“A gateway to access employment records… Argyle builds the underlying infrastructure that connects to every employer, maintains a live data feed to the systems these employers use to manage employment records, and provides a normalized data set so that businesses can make use of employment data in a way that is simple yet impactful.”

Whatever that means. What it sounds like is “Argyle is building a state-of-the-art corporate espionage dashboard, by mass harvesting the dumbest employees with the most access, we can acquire deep insight into proprietary corporate secrets that are worth zillions to our clients, which may or may not include foreign state or criminal actors.”

Through this approach they are garnering payroll data, comparative salary info of employees within an organization and across organizations and who knows what else a corporate intranet login could access.

Also interesting to note that in the US it is an offence to facilitate access to a past or present employer payroll system without authorization. A felony offence. It is also a felony to use those unauthorized logins to access those systems.

Read: https://www.vice.com/en/article/7kvvbb/argyle-payroll-login-phishing


Aussie intel agency claims, without evidence, that encryption is for criminals only

Paging Phil Zimmerman who said “in a society where crypto is outlawed, only outlaws will have crypto.”

The Australian Criminal Intelligence Commission (ACIC) is that country’s federal level law enforcement and investigative agency. They’re sort of like the US FBI or Canada’s RCMP, except my understanding is that their role is more specifically research, collecting data, analyzing information and then equipping and coordinating other law enforcement agencies (in that sense, closer to an INTERPOL than gun toting enforcement agents. I’m sure our Aussie readers will correct me if I’m wrong in that).

In any case, ACIC has deemed encryption and encrypted communications platforms (like Signal, Keybase or Telegram) are things that no law abiding citizen has a legitimate requirement for.

The claim was made in an ACIC submission “to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) as part of its inquiry into the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020.”

Specifically:

“ACIC observation shows there is no legitimate reason for a law-abiding member of the community to own or use an encrypted communication platform.”

The ACIC has been granted additional surveillance powers and told the committee it intends to use them to monitor groups who are using encryption “to further criminal activities.”

Read: https://www.zdnet.com/article/acic-believes-theres-no-legitimate-reason-to-use-an-encrypted-communication-platform/

The submission: https://www.aph.gov.au/DocumentStore.ashx?id=0cfd0e34-ae76-42e4-9438-d8218c70b760&subId=706935 [PDF]


Florida tries to cancel Big Tech deplatforming with social media legislation

The Free State of Florida has passed SB 7072 “The Technology Transparency Act” which makes it unlawful for a social media platform to knowingly deplatform a political candidate. It implements fines up to $250K per day.

The EFF article cited thinks the law is mostly symbolic and would fail a constitutional test. It also notes that SB 7072 specifically exempts theme parks, like Disney and Universal who are a HUGE part of the state economy. EFF muses that should one of the Big Tech behemoths get hit with this law it would simply be easier and cheaper for them to acquire a theme park than to comply with or fight the law.

Gotta love politics.

Read: https://www.eff.org/deeplinks/2021/05/florida-deplatforming-law-unconstitutional-always-has-been

I found out about this one via Tom Woods show episode 1891 
“The Demonization of Non-Leftists,” which had Mises Institute’s Tho Bishop on to discuss the quandary of privately owned Big Tech companies acquiring asymmetrical power in shaping narratives.


Facebook is throttling a WSJ book review on former Obama era Undersecretary of Science

Speaking of Big Tech shaping the narrative, the Wall Street Journal is taking exception to one of their book reviews apparently being attenuated by Facebook, which they assert is being done because it goes against the (fast emerging) climate alarmism narrative.

The book in question is by former Undersecretary for Energy and Science under Barack Obama, Steven Koonin, who’s “Unsettled: What Climate Science Tells Us, What It Doesn’t, and Why It Matters” endeavours to tease out the nuances between what the IPCC reports actually say vs how those narratives are reported by the media.

The review, by WSJ was “fact checked” by Facebook, which WSJ then goes on to show aren’t actually “facts” but opinions, even going so far as to agree with at least a couple of “facts” in the review, but then attached their own meaning to what those meant, and called that “fact checked,” per the WSJ:

“Facebook doesn’t sell books, but it can suppress their distribution when they conflict with a political agenda. The social-media giant now appears to be throttling a Wall Street Journal review of a book on climate science by physicist Steven Koonin, the former top scientist at the Obama Energy Department and provost of the California Institute of Technology.

Facebook uses so-called fact-checkers to tell it which news articles to suppress. The project has gone far beyond curbing viral hoaxes or dangerous misinformation and aims to limit scientific debate.”

We’re not talking about an Alex Jones’ interview of David Icke here. We’re talking about a Wall Street Journal review of a book written by the former Obama-era government Undersecretary.

Read: https://www.wsj.com/articles/facebooks-book-banning-blueprint-11620426021

The Review: https://www.wsj.com/articles/unsettled-review-theconsensus-on-climate-11619383653

I ordered this book a few weeks ago but it hasn’t arrived yet. In the meantime I highly recommend this interview with Steven Koonin by Hidden Force’s Demetri Kofinas.


WhatsApp will penalize users who won’t agree to new data sharing policy

Popular messaging app WhatsApp is implementing a new “privacy” policy (anything but) which gives the company permission to share data with all Facebook owned operations (WhatsApp was acquired by Facebook in 2014 for $16 Billion). WhatsApp initially told users that they had to agree to the new privacy policy or their accounts will be terminated.

They’ve since walked that back, saying users who do not accept the new policy will have their account features limited.

Read: https://www.bleepingcomputer.com/news/technology/whatsapp-to-restrict-features-if-you-refuse-facebook-data-sharing/


Battle over Canada’s Internet Censorship Bill heats up

The battle over Canada’s Internet Censorship Bill is heating up. Bill C-10 would give the CRTC authority to regulate the internet as if it were a “broadcast undertaking” and includes provisions for regulating user generated content posted to social media platforms, and possibly even websites and blogs.

Last week Guilbeault put in such a disastrous showing in an interview with David Common that Michael Geist said was so bad he should lose his job over it. Undaunted, Guilbeault went on TV with Evan Solomon and put in an even worse showing, citing wrong sections of his own act when trying to deflect that C-10 would in fact provide a pathway for the CRTC to regulate user generated content (because they removed the one clause that specifically exempted this). Now the story is user generated content will not be regulated… that is unless… somebody has a lot of followers. Which is how many followers? Mr. Guilbeault? His answer to that was, in effect “it isn’t up to us, it’s the CRTCs problem.”

Guilbeault limped out of the interview stammering that “this isn’t the government taking over the internet,” although he has said, quite recently that he wanted to censor insulting content directed at politicians (especially imbeciles like himself) and even posited the implementation of “an internet kill switch” to make it so.

In a Toronto Sun editorial Warren Kinsella summed it up as:

“Justin Trudeau’s Bill C-10 isn’t about censoring things that we all agree are harmful, it’s about censoring you, and what you say online — in a tweet, a Facebook post, on a blog.

It’s about limiting your ability to express yourself in a democracy.

It’s a constitutional abomination. It needs to be stopped.”

Also remarking on Canada’s so-called “opposition party” doing anything but lately,

“The Conservatives, naturally, never miss an opportunity to miss an opportunity.”

Trudeau the 2nd, for his part, called opponents of Bill C-10 “Tin Foil Hats”, in Parliament.

Total shitshow.

BREAKING: Another update as we go to press, Bill C-10 is officially on ice pending a Constitutional review from the Department of Justice.

Read: https://www.michaelgeist.ca/2021/05/guilbeaultc10regulationusers/


DOGE implodes after Elon Musk bombs on worse-than-usual SNL

The dream is over for Dogecoin HODL-ers who were convinced that Elon Musk’s hosting Saturday Night Live over the weekend would push the meme coin over $1 and cement its place within the pantheon real serious crypto-currencies.
 
Alas, it was not to be, as it turned out to be a “buy-the-rumor / sell the news” dynamic and DOGE entered free fall once Musk’s comedically flat monologue was barely underway.
 
The train wreck accelerated throughout the episode as Musk proved you can’t make a mediocre, past-its-prime comedy show less of a train wreck by adding an unfunny self-promoter to the mix.
 
For a brutal play by play of the show (which I didn’t watch, because SNL hasn’t been funny since the mid-80’s), see the Tyler Durden review.
 
Read: https://www.zerohedge.com/markets/dogecoin-demolished-after-musks-snl-snafu 

More on Dogecoin: https://www.cnet.com/news/dogecoin-the-origin-story-of-the-elon-musk-supported-cryptocurrency/ 
 
It’s true we started taking DOGE 
a few weeks ago, we got a lot of social media lols for the announcement, but so far, not a single Dogecoin payment. That tells you something right there (we do get BTC, ETH and LTC payments all day, every day).


It’s getting harder for the MSM to ignore the narrative around COVID lab origin

Some readers took exception to the item last week about the possibility that COVID-19 came out of a Wuhan Lab that was conducting gain-on-function experiments on Coronaviruses instead of a naturally occurring zoonotic transfer from bats at a wet market a few hundred meters away from that lab. It’s still very much verboten to bring this up in polite company (meaning social media platforms or mainstream media) and anybody who does so is subjected to ridicule and condemnation.

In the past week The Bulletin of Atomic Scientists reprinted an article by New York Times science correspondent Nicholas Wade on the lab origin theory of COVID (The Bulletin are the folks who maintain the Doomsday Clock that’s been estimating how close the world is to ‘midnight’, which their shorthand for a global thermonuclear exchange. They’ve been doing this since 1945 and right now they put us at 100 seconds to midnight).

 Wade’s piece  looked at the two theories of the origin, and found both scenarios to be plausible. He also added that statements favouring the first scenario, espousing zoonotic transfer, which was heavily amplified by the mainstream media and Big Tech “were not at first examined as critically as they should have been.”

Which is understandable, because anybody who questioned that narrative was deplatformed. Wade specifically calls into question the statement in the Lancet by a group of virologists that said “We stand together to strongly condemn conspiracy theories suggesting that COVID-19 does not have a natural origin,” as being too soon to call.

Indeed it was, given what later emerged was that statement was organized and drafted by a member of an organization who funded coronavirus research at the Wuhan Institute of Virology, which is the very same lab that everybody who suspects lab origin believes COVID-19 escaped from (not intentionally, it is important to note).

The important excerpt from Wade’s article was:

“It’s documented that researchers at the Wuhan Institute of Virology were doing gain-of-function experiments designed to make coronaviruses infect human cells and humanized mice. This is exactly the kind of experiment from which a SARS2-like virus could have emerged. The researchers were not vaccinated against the viruses under study, and they were working in the minimal safety conditions of a BSL2 laboratory. So escape of a virus would not be at all surprising. In all of China, the pandemic broke out on the doorstep of the Wuhan institute. The virus was already well adapted to humans, as expected for a virus grown in humanized mice. It possessed an unusual enhancement, a furin cleavage site, which is not possessed by any other known SARS-related beta-coronavirus, and this site included a double arginine codon also unknown among beta-coronaviruses. What more evidence could you want, aside from the presently unobtainable lab records documenting SARS2’s creation?”

Even World Health Organization (WHO) head Dr. Tedros Adhanom Ghebreyesus admitted that the WHO had not been able to investigate the Wuhan Labs adequately enough to be able to rule out the lab origin theory, and that “as far as the WHO is concerned, all hypotheses remain on the table.

For now, the Nicholas Wade piece is being picked up in more places, but the mainstream press is either avoiding it, or waiting until they have their hit pieces crafted to debunk it.

Read: https://thebulletin.org/2021/05/the-origin-of-covid-did-people-or-nature-open-pandoras-box-at-wuhan/

And: https://www.nationalreview.com/corner/wade-on-the-lab-leak-theory-of-covid/


AoE Salon 43: Are we in a global cyber war and nobody told us?
   
As I mentioned in the lead item, In the AoE Salon #43 we wondered out loud if we were in a global cyber war but missed the memo, and then we also looked at holistic, organic approaches vs. mechanical centralized organization of things (everything from farming to community organizing).

Watch: https://axisofeasy.com/podcast/salon-43-history-shows-again-and-again-how-nature-points-out-the-folly-of-men/

Also, a market commentator I’ve been following for a long time, Mike Swanson, wrote up his experiences of dealing with Facebook and Twitter when it came to running his business (Mike is also an avid historian and has written two books on US military history: The War State: The Cold War Origins of the Military Industrial Complex and Why The Vietnam War.)

In his article he mentioned the approach I advocate in my book, Unassailable.

Read: https://wallstreetwindow.com/2021/05/my-take-on-cancel-culture-parler-and-dealing-with-social-media-parasites-mike-swanson-04-30-2021/
 

4 responses to “#AxisOfEasy 195: Major US Fuel Pipeline Shutdown By Cyber-Attack”

  1. Timothy Condon says:

    Curtis Yarvin.

  2. lee kidd says:

    marshall mcluhan

  3. Anthony Edwards says:

    Goebbels

Leave a Reply

Your email address will not be published. Required fields are marked *

#AxisOfEasy is brought to you by....

easyDNS

Power & Freedom™ since 1998


Ledger Nano X - The secure hardware wallet easyDNS