Sunday, 9 July 2017

Israel's Flying Horses (Dracula Dossier, Edom)

Mexico's in the news for something other than border walls, as the government's use of Pegasus malware against opposition politicians and media personalities comes to light.

The malware was used to infect the smartphones of anti-corruption crusaders, journalists criticizing the President, and senior members of the opposition National Action Party, the intent presumably being to track their movements, emails, and private messages.

Pegasus is supplied by Israeli cyberarms dealer NSO Group. Based near Tel Aviv, this company 'provides technology to help authorized governments battle terror and crime,' according to Forbes. Its founder Omri Lavie, allegedly a former member of Israel's Unit 8200 signals intelligence group, seldom speaks to the press, and details about the group are thin on the ground.

It specializes in iOS hacks, and deals strictly with governments, not individuals. However as Mexico has shown, governments are by no  means above abusing their position. You have to wonder what NSO intends to do about customers who ignore the provision in the purchase agreement that says the software can only be used to combat crime.

Pegasus uses malicious links in innocuous-seeming messages to install malware which jailbreaks the iOS device it's installed on. The jailbroken device then feeds data from text messages, password entry, email, location and so on, back to home base.

The points to take home here are, first, that it's an iOS device, and Apple has a reputation for security. Not as polished or as impregnable as previously thought, but still, compared to Android, it's practically Fort Knox.

Second, that the messages sent were relatively sophisticated compared to the usual stuff that ends up in the junk file. Targeted messages from trusted senders, on subjects that the recipient would have no reason to think are bogus.

NSO isn't the only company in the cyberwarfare business by any stretch, but it's gained notoriety recently thanks to the Mexico reveal. Presumably Apple intends to patch the specific vulnerabilities revealed thanks to the scandal, but NSO will find a workaround, if it hasn't already got one.

Which brings me to Edom, because if you think Her Majesty's Government hasn't already got a deal in place either with NSO or with one of the other outfits, you must be living in a very nice imaginary world, and I wish it were the real one.

So what would Edom target with Pegasus?

To begin with, Prince is the one most likely to be doing the targeting, and given her backgrouns in Israeli intelligence she may already have links with NSO. But Prince can't do everything herself. She's a Duke of Edom, not the IT bod fixing every downed server and workstation complaint. There'll be a team handling the day-to-day stuff, the routine monitoring, the cyber surveillance. Which means there'll be relatively junior personnel in charge of remarkably powerful equipment, particularly since Prince's condition means she can't be on site during the working day. And how likely is it, really, that the other Dukes completely understand the technology used by those staffers?

It's a situation ripe with potential for abuse.

Picture this:

OPERATION IRISH GIANT is bringing in great intel on a London-based Node. It might be the Satanic Order, or some well-placed patsy on Her Majesty's payroll - perhaps even a Government minister. All of this intel is coming from jacked smartphones, which Edom has cracked thanks to software provided by a well-known cybersecurity firm.

However the congratulations that echo through the halls at Ring soon go silent when it's discovered that a very important person - perhaps the Journalist, or Lord Godalming - is tracking down a story about hackers on the Government payroll who've been jailbreaking iOS phones in order to pursue private vendettas. This person broke phones belonging to his ex-wife, kids, and the ex-wife's new girlfriend, all as part of a messy divorce and custody battle, and they used the IRISH GIANT code to do it.

Now the very important person is about to go public with the story, whether it's a front page expose or embarrassing questions in the House. However if they do, then the good results from IRISH GIANT will be drowned out by the scandal.

The subjects will almost certainly discover the hack and change phones, but worse, the shroud of secrecy that protects Edom will be penetrated. The Dukes might find themselves the focus of the investigation, as journalists chasing the first story get sucked into the second, and ask very embarrassing questions about a secretive Government outfit that spends its time - and the taxpayers' money - on what appear to be pointless errands.

That leaves Edom with two problems to deal with. First, somehow silence the important person before this thing goes public. Second, track down whoever it is who abused IRISH GIANT resources. Was it mere incompetence or Conspiracy-inspired?

With a possible third option: perhaps it wasn't an internal problem. Perhaps it was the cybersecurity firm itself, using its software to bait Edom, and then hook it with a fictitious scandal. Why? Perhaps the firm's a Conspiracy asset. or perhaps it's in the employ of its home nation's vampire project. After all, crippling the competition is the name of the game.

That's it for this week! 

No comments:

Post a Comment