SECURITIES AND EXCHANGE COMMISSION HACKED
We've seen a spate of hacking lately that makes one wonder what is going on and who is behind it: indeed, are we dealing with just one "who"? or a multitude? And if a multitude, are their activities coordinated in any way? If one looks at all the stories in recent years, going all the way back to 9/11 (and indeed further), then the total picture looks grimly compelling. There was the Sony hack, of course, but since then, we've heard stories and allegations of the hacking of major banks: JP Morgan Chase, even the Federal Reserve, and, just yesterday I blogged about the implications of recently fired Vatican bank auditor Libero Milone, who's short statement implicates similar activity against (or by?) the Vatican bank. Then the Social Security administration, credit reporting agencies like Equifax, and so on.
On 9/11, as I outlined in my book Hidden Finance, Rogue Networks, and Secret Sorcery, there were reports from workers at Deutsche Bank in New York that their system had been invaded and non-responsive for about seven seconds, apparently trades were executed, just before the planes struck. As is known, during the following week, normal securities clearing regulations were suspended, which allowed securities to be substituted for other securities that were scheduled to clear. We'll get back to the SEC in a moment.
Decades before, of course, there was the Inslaw-PROMIS scandal. Inslaw was a corporation begun by former National Security agent William Hamilton, to create a software database management program called PROMIS - Prosecutors' Management Information System - to shepherd data from cases moving through the federal judicial system. The software, however, was quite powerful and able to read databases in several programing languages, and created its own huge database. The software was then stolen by the Reagan era justice department under Attorney General Ed Meece, and then, so the story goes, was modified by the Department of Justice, the CIA, and other agencies with "backdoors", and then sold to - or was permitted to be stolen by - foreign governments, allowing the US intelligence community to read and track their goings-on in real time. The stories weren't just stories: affidavits were sworn out by people allegedly involved in this activity - Michael Riconoscuito and others - and these appeared in the House Congressional committee investigating the matter. The matter was under investigation by investigative journalist Danny Casolaro, who turned up dead in his motel room in Martinsburg, West Virginia, the clear victim of a highly suspicious "suicide." A sort of Christian-fundamentalist novel was even published about the affair whose title I presently cannot recall, in which it was alleged that one of the original programmers for Inslaw, a character in the novel called Barry Kumnick, had himself surreptitiously programmed a personal back door into the program. This character, so the novel would have it, went into hiding in fear of his life and simply disappeared.
Why all the fuss over a computer program? Simply because of its multi-lingual power and ability to assemble databases of all sorts and track them in real time through systems using various computer languages; one could track virtually anything, from federal court cases through illegal drugs, arms trade and money-laundering. In my view, even the notorious "Farewell" spy case of the 1980s and 1990s of the French mole highly placed within the KGB's technical directorate - the directorate responsible for the theft of Western technology - might be related to the case, as I outlined in Hidden Finance, Rogue Networks, and Secret Sorcery, for the French mole provided France with the KGB's complete "shopping list." Careful review of this list, which the French shared with the Reagan administration, showed that Russia severely lagged in computer software and hardware, and a scheme was hatched to let them "steal" it, in its modified backdoor version. Some time later, a massive explosion of about 3 kilotons yield occurred in a Soviet pipeline that had been infected with some of the "modified software." The mole was, of course, eventually apprehended by the KGB, tried, and executed for treason.
All of which brings us to today's story shared by Mr. G.K.:
SEC Discloses hackers broke into system
There are a number of statements made here that deserve a little discussion. We'll start with this one:
The SEC's disclosure comes two weeks after credit-reporting firm Equifax announced the company had been a victim of a hack that resulted in the theft of personal data on over 143 million Americans.
Such incidents raise concerns about the security policies of these companies. (Emphasis added)
I submit that here the article misses the point entirely, namely, that the "concern" is not about the "security policies" of credit reporting companies, but about the security of cyber systems - all of them, without exception - themselves: no cyber system is completely nor permanently secure, and this should give everyone advocating for a cashless society, blockchain, and what have you, pause. Indeed, in my 9/11 book, I pointed out that the extension, modification and revision of the PROMIS software throughout the federal government may even have been the vehicle by which hackers rode into the system. Such was even admitted in one case of alleged Chinese espionage against secret US defense laboratories.
But then there's this:
On Wednesday, the SEC announced that its officials learnt(sic) last month that a previously detected 2016 cyber attack, which exploited a "software vulnerability" in the online EDGAR public-company filing system, may have "provided the basis for illicit gain through trading."
EDGAR, short for Electronic Data Gathering, Analysis, and Retrieval, is an online filing system where companies submit their financial filings, which processes around 1.7 million electronic filings a year.
The database lists millions of filings on corporate disclosures—ranging from quarterly earnings to sensitive and confidential information on mergers and acquisitions, which could be used for insider-trading or manipulating U.S. equity markets.The hackers exploited the flaw last year in the EDGAR system, which was "patched promptly" after its discovery, to gain access to its corporate disclosure database and stole nonpublic information, SEC chairman Jay Clayton said in a long statement on Wednesday evening. (Bold emphasis added)
5 Comments
Help the Community Grow
Please understand a donation is a gift and does not confer membership or license to audiobooks. To become a paid member, visit member registration.
Are you taking “harvey’s” way around the barn … to maybe saying that there is an op within an op within an op …within on Op(a.i.) maybe going on ? folks Doc wrote an White Paper “Artificial Intelligence and the Fall of Lucifer” …is this “a.i’s.” (L’s) …way of coming thru ? :)r
I remember Dr. Farrell had his reservations
about the Bitcoin phenomenon,
but specifically wouldn’t address it.
It looks like, as I suspected,
it’s Achilles Heel has been ever evolving within
the protocol/promise internet interface phenomenon?
Illicit gains though trading?!? What dastardly people would interfere with the white-as-driven-snow SEC?
Simply put, a look at tech journals such as TechCrunch CNet et cetera will show you there are many many articles discussing how the security POLICIES of all these companies are horribly lacking. In other words, once security gets fixed the Black Hats have and will have an easy time penetrating it again because the PROCESSES are so wrong.
My issue with these stock and cyber high-octane speculations is I think you woefully overestimate the level of sophistication and the size needed for players to game the system and underestimate the number doing so.
Put another way: the worst thing about the Snowden revelations (and I do think he’s a hero for publishing them) is that they show the NSA establishing a legal precedent for actions which make no technical sense as they will not present the information allegedly required in a wieldy and useable form, but rather in an unwieldy form which reduces facts to factoids.
Of course someone is ” reconnoitering the architecture of the entire internet, particularly with respect to major corporations and government agencies.” Haven’t you ever worked for a government? Many thousands of people are watching what they do online – usually more than government officials want them to. The Internet is public speech. Putting our information on the Cloud as Norway, I believe, did, puts it in the hands of every Skye Masterson and Nicely-Nicely Johnson. Having done clerical work for the Adminstration department of a state of COURSE I believe this kind of stupid stuff is not just normal but common.
Think of entropy as the guiding force between what is going on in the cyberworld and you won’t be too far off. Everything is so compromised, and becoming moreso, that control is compromised by the number and variety of inputs. The key word there is variety. ISIS and other groups who use the Dark Web and Smartphone networks to organize DO NOT HAVE to be sponsored to do it. Boko Haram in Nigeria is one of the largest of those users there but by no means the only one. I am aware of family groups doing everything from supporting their youth in college to plotting attacks on oil tankers (so are many people but there is not enough solid information out there to tell the government, though of course regardless of our level of cynicism about them – most of those I know would give the government reliable information about the oil tankers in a minute).
Put this another way: the utopian terms we have had this technology sold to us are true. The Powers that Be ARE doing everything in their power to restrict its use to authorized acts which they define. Perverse (that is inherently unauthorized) as opposed to perverted acts are inevitable given the technology, and all the efforts at control are doing is limiting what social good these unauthorized acts can accomplish. I really do believe that crime has become inherently more democratic worldwide over the last few decades and you underestimate this in your considerations.
Crime that pays
Is Crime that stays.