Uncertain Future – Part VI – If the Feds Aren’t Safe, What Makes You?

Ok, so maybe various versions of making people look bad on the internet aren’t nearly as terrifying as legitimate terrorism, but what about the presence of true cybercrime, those who use the internet with no agenda for reform, no desire for publicity, and who 99% of the time, you never knew existed? What about when the threats aren’t out to make you think about some subjective moral wrongdoing, but steal your money and ruin your life. What’s really scary is that no one is safe – quite literally no one. Not even the director of the United States Central Intelligence Agency.

A group of young hackers, using rather unsophisticated methods, broke into the CIA Director John Brennan’s personal email. So that we are all aware, the director of the CIA is the guy in charge of all US spies and one would thing be well beyond the reach of hackers… especially a group of teenagers. Much to the chagrin of the US government, he really wasn’t. This one, however, wasn’t really his fault. The method the hackers used was to implement a tactic that predates modern computing by only a few thousand years. They pretended to be people they weren’t, tricked a Verizon worker and got Brennan’s email password changed the old fashioned way… by lying. The term they used is “social engineering”. While they didn’t find much, they did find were some documents important to him. Then they bragged about it on Wired. While all of us think this one is hilarious, if a story turns up about a few of these kids turning up missing in a couple of years when no one remembers their antics… don’t say this wasn’t foreseeable.

The same group were responsible for this breach also targeted the FBI… because they are just ballsy I guess… and broke into portals used by police and federal agents to share intel. The site is also used to book suspects, and while it isn’t known how much was taken, hundreds of thousands of users may be vulnerable, many already being leaked following the hack.

2015 saw attack after attack like these, and some of the most massive breaches to internet security the world has yet seen, all with little other incentive than stealing money, stealing information, and extortion. Like my fictional spy from the future, there are many who profit heavily from the information you keep secret. Over the course of the last year, it is estimated that some 70% of the US population experienced some form of cyber attack and over 2.1 billion internet users worldwide.   In a Verizon Study of 90 Security breaches, there were 285 million data exposures. Unsurprisingly, attacks are getting much more advanced, with hackers sometimes using multiple attacks simultaneously to succeed in a breach, such as malware, brute force, and SQL injection. Furthermore, 74% of the attacks were external, meaning that 26% were executed from within the companies we are trusting with our data.  [21]In a related vein, but just as disturbing, we are now seeing more breaches being discovered by employees than outsiders. Traditionally, these sorts of attacks were discovered by feds or other companies detecting the irregularities. [22] Now, it is much more likely that when you’re breached, you’ll be the first to know… which for some of us, isn’t that comforting.

Depending on how you look at this, it could either be welcome news or utterly terrifying. On the one hand, this means that internal security is at least able to grow to the point that they become aware of their own breaches. On the other hand, it means that the number of breaches, and all the possible avenues of failure have become so numerous, that no government agency can possibly be aware of the threats anymore, let alone protect us from them.

The next troubling discovery, this one from the 2014 report, was exactly how big the hacking business is. In spite of the whole last section of activities by groups such as Anonymous, malicious hackers working with financial motives still account for some 60% of cyber crime. Corporate spying, those seeking intellectual property and trade secrets accounted for some 25% (up from previous years). Those hackers who were not set on serious crimes (you know, for the lulz) or hacktivists with some ideological agenda, in spite of all the news, accounted for next to nothing. [23]That means that in spite of internet hacktivists publicised achievements, the vast majority of illicit attacks happen for no other reason than to rob of us of something precious.

Some of the biggest of these hits last year:

  • Excellus Blue Cross/Blue Shield – 10 million records lost including names, birth dates, social security numbers, mailing addresses, financial accounts, and claims information [24]
  • Anthem Health Insurance – Access to 80 million current and former customers names, Social Security numbers, birth dates, addresses, and income data [25]
  • Experian – 15 million T-Mobile customers names, addresses, birth dates, drivers’ license ID numbers, and passport numbers. Encrypted Social Security numbers were also stolen, which may provide some measure of safety, but the company warned that encryption may have been compromised [26]
  • Scottrade – 4-6 million customers contact details compromised [27]
  • CVS, Walgreens, Rite Aid, and Costco – millions of customers’ credit card, email, postal addresses, phone numbers, and passwords. [28]
  • Donald Trump’s hotel chain – many thousands of guests’ credit card data [29]

Several people probably noticed that last line and thought to themselves, “Ha, that will show the asshat.” Well, we need to think about that one again, don’t we? Who was hurt by the breach at Trump hotels? Innocent people. Really think about who these people are who are hurt; people who slept at a place. Imagine yourself, really just you, getting a hotel anywhere in the world, never really thinking about the guy whose name is on the side of the exterior wall and if one day he may potentially run for President of the United Freaking States. No, you just slept in a place and now your information is floating around the internet by people who are trading it for money. So to those who are getting their lulz right now from finding out that the “Orange carpeted clown” got pwned (“laughing hard at the misfortunes of Donald Trump” for those not accustomed to the vernacular of the lower internet), you’re real a-holes.

To illustrate this point, as shown already, some the biggest breaches didn’t steal money directly. The big payoff was information. Hackers who can get access to data about real people, not just one, but millions of people at a time, are the biggest scores in the illicit industry of online invasion. Stealing a whole database with customer or employee names, birthdays, SSNs, or any other useful private information can open the door for those people to be targeted later for individual attacks. These attacks may be for money, or they can be for more information, perhaps even national secrets, incriminating information for blackmail, or worse. Often, this information is collected and merged into larger databases, where users are profiled and where that which is stolen can be used against them in some of the most terrifying ways imaginable later… like a hack on the Internal Revenue Service.

The IRS is a common target of hacking. As the central collection agency for all taxes of all people of the United States, it is one of the largest gold mines ever created. In 2015 it suffered the largest breach in its history. It acknowledged that hackers had gained access to view more than 300,000 previous tax returns. They did this through a tool made available by the IRS called “Get Transcript”. Get Transcript allows users to view old returns. The safety in this system is that it requires numerous layers of identifying information to access Get Transcript and view those old returns. The types of information needed: names, social security numbers, birthdates, addresses – the very same items stolen from the other hacks mentioned above. This means that the hackers were able to make one of the largest internet heists in history, only through access of stolen information, gathered, collected, and organized by other hackers in a cyber black market where your information is the most valuable and most traded commodity there is.

Relying on personal information — like Social Security numbers, birth dates and street addresses — the hackers got through a multistep authentication process. They then used information from the returns to file fraudulent ones, generating nearly $50 million in refunds. [30]

That means that each of the victims were hacked not once, but twice. The big takeaway from the 2015 IRS Hack is that there is growing evidence of the existence of something we are all afraid of. Databases out there that are growing day by day, where cells of each of our data are collected and merged without our permission or our knowledge, and that these databases are being traded by people across the world, with no good intention for us. This leads many to believe in a future decades from now which has no secrets, where all of our information is direct and open to the public. For those of us with bank accounts, street addresses, or children, that’s not the idealistic image of an open society that some would paint. The fact is, we live in a state of danger everyday because of the secrets we entrust to others. In the next few decades, for companies to remain viable, they are going to have to prove they can be trusted with our information. More so than this, if we ever want to feel safe again, perhaps the most valuable enterprise in the future of internet security might not be the next guy who is able to steal our information, but the first guys who figure out how to get it back.

To what extent is Al-Qaeda a creation of the CIA?

There was a conflict between the Soviet Union and the United States which spanned the globe and affected the lives of billions of people. For the Soviets, this conflict reached its low point in Afghanistan in the late 70’s and throughout the 80’s.

Mujahideen, Islamist warriors, were discovered who were willing to fight the Soviets. They were poor peasants and local warlords ruling small rural regions in Afghanistan. They had the advantage of terrain and local support, but little else.

The CIA made efforts to support the Mujahideen against the Soviets in a proxy war in which it could not be proven that the Americans were involved. The way that the CIA did this was by aiding those who wanted to see the Mujahideen succeed against the Soviets. This included wealthy Saudi individuals which had the ability to channel millions, and eventually billions through charity organizations. It also included intelligence resources from the Pakistani intelligence agency, the ISI, since the Americans had almost no one with links and intelligence resources in the country.

Once brought together to the same table, these very different groups were able to come together to give rise to a movement which channelled a great deal of resources in the form of men, money, and weapons, against the Soviets.

The conflict was unique in that thousands, tens of thousands of Islamic fighters flooded into the various fighting factions of Afghanistan from around the world. Many came from as far away as Libya, Somalia, and even the Philippines. Never before had such an organization been created and few could have even realized that it was even happening, besides the Mujaheed themselves. A military organization unlike any other, truly international and joined by a single purpose began to form, that purpose being ridding the Islamic world of outside influences. These were new Mujahideen of Afghanistan fighting what we now understand to be Jihadists.

The Saudis in particular were influential. Their money brought them great power and sway within the new military alliance. Along with their money they brought with them Wahhabi religious zealotry. These fundamentalists practiced an orthodox interpretation of Sunni Islam, calling themselves Salafis, which sought to abolish “newer” practices of other sects of the faith. They branded those didn’t practice Islam in their way as apostates (takfir), thus paving the way for their conversion to a more feudal form of the religion or even their execution. While not obvious, especially to the CIA, this had the effect of gathering thousands of warriors of divergent branches of Sunni Islam and unifying them, through forced uniformity to a central philosophical model and belief system, repressing and reforming all others. This was necessary for such an international contingent and had the effect of bringing together all of these different warriors into one single, highly motivated, highly unified, and highly organized fighting force, even if their organizational structure was nothing like any force seen up to that point in history.

I’m sure that at this point, many were trained directly by American as well as other nations’ military forces in the fighting of unconventional warfare. It would just be logical given what the Americans understood at the time and considering that, by our understanding, the militant Islamists wanted to get rid of the Soviets from Afghanistan, not all Western influences from the Islamic World. Our abilities and understanding of unconventional warfare through years in Vietnam and other conflicts meant that it was probably considered logical to aid the Mujaheedin in their fight against our existential enemy for more than thirty years. So it wouldn’t surprise me and it shouldn’t surprise you that it could be proved, though no one likes to admit or accept it, that American forces likely directly trained those who would one day fight against us in the War on Terror. If not directly, this knowledge found its way to the front lines via Pakistani intelligence agents who had established training camps all along the Northern Pakistani border with Afghanistan.

The combination of Afghanistani and international militants, Saudi funding, Wahhabi philosophy, and Pakistani intelligence, in many ways brought to the same table by American intervention against the Soviet Union were a force that reached critical mass over the 80’s and eventually brought about the humiliating defeat of the Soviets and was part of the eventual collapse of the Soviet Union.

This is when American involvement ended. It was no longer a concern for the Americans what happened in Afghanistan. Their enemy, after all, were the Soviets. The war was won, what left was there to do? Those who the war’s end affected the most were the Mujahideen that remained after the dust settled. They were the Islamic warriors who had fought the Soviets, brought from across the Islamic world and with the goal of rebuilding Afghanistan in their ideal Islamic image. Once the war was over, all those who were involved seemingly abandoned them. Many of these people had no avenue to return home. They were now stranded in Afghanistan, a devastated nation with little hope. Many came together to form alliances around their strongest leaders, those who still maintained their funding sources and intelligence networks abroad. These leaders included influencers such as the Saudi elite Osama bin Laden.

Bin Laden and others like him, veteran officers of the Mujahideen forces were idealists, invigorated by the belief that a pure Islamic state could one day be built from the ashes of Afghanistan, one which reflected their Wahhabi interpretations of the religion. They would rebuild Afghanistan to serve as the example of the perfect Islamic state, a beacon to other Islamic nations across the world. The organization they created was built from extremely die hard adherents to their movement, vetted through tight bonds of tribal relationships and personal battlefield shared hardship going back years. This organization would serve as the base of the future Islamic state. “The Base” as it is translated in Arabic, is “Al Qaeda.”

Al Qaeda became a powerful organization very quickly. They reorganized the channel of funds from their Saudi religious leaders and family members, as well as rebuilt atrophied information sharing networks with the Pakistani ISI. They spread their beliefs, influence, and knowledge through veterans and comrades who returned as conquering heroes across the Islamic world. These heroes led in revivals of “traditional” Islamic philosophy that saw the repression of the now branded apostates and fed the movement further. They installed a new government in Afghanistan which was made up of allied students of acceptable Islamic teachings. “The Students” or Taliban, puppets of the reclusive leadership of al Qaeda, became the ruling regime in Afghanistan.

The Americans’ great folly in the matter of al Qaeda was the belief that once something is created it merely goes away. The Mujahideen were a fanatical group which served our purposes temporarily, but which had motivations and capabilities far exceeding our wildest expectations, or even their own. We may have brought together the means for their rise, but I honestly think it is wrong to imagine that anyone could have rationally predicted what would arise from it or that anyone, save for Osama bin Laden and his followers could have knowingly designed it. That said, yes the CIA and the Americans at large, had a role to play in the creation of Al Qaeda, as small and unforeseeable as that role may have been. In our time of fear against the greater enemy that was the Soviet Union, we brought all the necessary pieces that were needed to create such an organization to one table. Our failure, was that we underestimated the strength of Islamic fanaticism. We failed in that we assumed that once we, the only world’s lone superpower left the table, that all the others would as well. We failed again to oversee what took place at the table once we were no longer there. We did not create Al Qaeda, but we did create the situation in which it would be built.


Thanks for reading!

Everything I write is completely independent research. I am supported completely by fan and follower assistance. If you enjoyed this post and would like to see more like it, please follow Jon’s Deep Thoughts. Please also show your support by visiting my fan donation page here: Support Jon Davis creating Short Stories and Essays in Military, Science Fiction and Life. Once again, thanks for reading and supporting independent research.