Author Topic: Cyber False Flag Preparation: U.S. warns of more SCADA software holes!!  (Read 7508 times)

0 Members and 1 Guest are viewing this topic.

Offline lee51

  • Member
  • *****
  • Posts: 1,740
Hack Obtains 9 Bogus Certificates for Prominent Websites; Traced to Iran

In a fresh blow to the fundamental integrity of the internet, a hacker last week obtained legitimate web certificates that would have allowed him to impersonate some of the top sites on the internet, including the login pages used by Google, Microsoft and Yahoo e-mail customers.

The hacker, whose March 15 attack was traced to an IP address in Iran, compromised a partner account at the respected certificate authority Comodo Group, which he used to request eight SSL certificates for six domains: mail.google.com, www.google.com, login.yahoo.com, login.skype.com, addons.mozilla.org and login.live.com.

The certificates would have allowed the attacker to craft fake pages that would have been accepted by browsers as the legitimate websites. The certificates would have been most useful as part of an attack that redirected traffic intended for Skype, Google and Yahoo to a machine under the attacker’s control. Such an attack can range from small-scale Wi-Fi spoofing at a coffee shop all the way to global hijacking of internet routes.

At a minimum, the attacker would then be able to steal login credentials from anyone who entered a username and password into the fake page, or perform a “man in the middle” attack to eavesdrop on the user’s session.

Comodo CEO Melih Abdulhayoglu calls the breach the certificate authority’s version of the Sept. 11 terror attacks.

“Our own planes are being used against us in the C.A. [certificate authority] world,” Abdulhayoglu told Threat Level in an interview. “We have to up the bar and react to these new threat models. This untrusted DNS infrastructure cannot be what drives the internet going forward. If DNS was trusted, none of this would have been an issue.”

Comodo says the attacker was well prepared, and appeared to have a list of targets at the ready when he logged into the company’s system and began requesting certificates.

In addition to the bogus certificates, the attacker created a ninth certificate for a domain of his own under the name “Global Trustee,” according to Abdulhayoglu.

Abdulhayoglu says the attack has all the markings of a state-sponsored intrusion rather than a criminal attack.

“We deal with [cybercriminals] all day long,” he said. But “there are zero footprints of cybercriminals here.”

“If you look at all these domains, every single one of them are communications-related,” he continued. “My personal opinion is that someone is trying to read people’s e-mail communications. [But] the only way for this attack to work [on a large scale] is if you have access to the DNS infrastructure. The certificates on their own are no use, unless they have access to the DNS infrastructure itself, which a state would.”

Though he acknowledges that the attack could have originated anywhere, and been routed through Iranian servers as a proxy, he says Iranian president Mahmoud Ahmadinejad’s regime is the obvious suspect.

Out of the nine fraudulent certificates the hacker requested, only one — for Yahoo — was found to be active. Abdulhayoglu said Comodo tracked it, because the attackers had tried to test the certificate using a second Iranian IP address.

All of the fraudulent certificates have since been revoked, and Mozilla, Google and Microsoft have issued updates to their Firefox, Chrome and Internet Explorer browsers to block any websites from using the fraudulent certificates.

Comodo came clean about the breach this week, after security researcher Jacob Appelbaum noticed the updates to Chrome and Firefox and began poking around. Mozilla persuaded Appelbaum to withhold public disclosure of the information until the situation with the certificates could be resolved, which he agreed to do.

Abdulhayoglu told Threat Level that his company first learned of the breach from the partner that was compromised.

The attacker had compromised the username and password of a registration authority, or R.A., in southern Europe that had been a Comodo Trusted Partner for five or six years, he said. Registration authorities are entities that are authorized to issue certificates after conducting a due-diligence check to determine that the person or entity seeking the certificate is legitimate.

“We have certain checks and balances that alerted the R.A. [about the breach], which brought it to our attention,” he said. “Within hours we were alerted to it, and within hours we revoked everything.”

For more information at link below:

http://www.wired.com/threatlevel/2011/03/comodo-compromise/

Offline Satyagraha

  • Global Moderator
  • Member
  • *****
  • Posts: 8,939
Hack Obtains 9 Bogus Certificates for Prominent Websites; Traced to Iran

In a fresh blow to the fundamental integrity of the internet, a hacker last week obtained legitimate web certificates that would have allowed him to impersonate some of the top sites on the internet, including the login pages used by Google, Microsoft and Yahoo e-mail customers.

The hacker, whose March 15 attack was traced to an IP address in Iran, compromised a partner account at the respected certificate authority Comodo Group, which he used to request eight SSL certificates for six domains: mail.google.com, www.google.com, login.yahoo.com, login.skype.com, addons.mozilla.org and login.live.com.

The certificates would have allowed the attacker to craft fake pages that would have been accepted by browsers as the legitimate websites. The certificates would have been most useful as part of an attack that redirected traffic intended for Skype, Google and Yahoo to a machine under the attacker’s control. Such an attack can range from small-scale Wi-Fi spoofing at a coffee shop all the way to global hijacking of internet routes.

At a minimum, the attacker would then be able to steal login credentials from anyone who entered a username and password into the fake page, or perform a “man in the middle” attack to eavesdrop on the user’s session.

Comodo CEO Melih Abdulhayoglu calls the breach
the certificate authority’s version of the Sept. 11 terror attacks.


Our own planes are being used against us in the C.A. [certificate authority] world,” Abdulhayoglu told Threat Level in an interview. “We have to up the bar and react to these new threat models. This untrusted DNS infrastructure cannot be what drives the internet going forward. If DNS was trusted, none of this would have been an issue.”

Comodo says the attacker was well prepared, and appeared to have a list of targets at the ready when he logged into the company’s system and began requesting certificates.

In addition to the bogus certificates, the attacker created a ninth certificate for a domain of his own under the name “Global Trustee,” according to Abdulhayoglu.

Abdulhayoglu says the attack has all the markings of a state-sponsored intrusion rather than a criminal attack.

“We deal with [cybercriminals] all day long,” he said. But “there are zero footprints of cybercriminals here.”

“If you look at all these domains, every single one of them are communications-related,” he continued. “My personal opinion is that someone is trying to read people’s e-mail communications. [But] the only way for this attack to work [on a large scale] is if you have access to the DNS infrastructure. The certificates on their own are no use, unless they have access to the DNS infrastructure itself, which a state would.”

Though he acknowledges that the attack could have originated anywhere, and been routed through Iranian servers as a proxy, he says Iranian president Mahmoud Ahmadinejad’s regime is the obvious suspect.

Out of the nine fraudulent certificates the hacker requested, only one — for Yahoo — was found to be active. Abdulhayoglu said Comodo tracked it, because the attackers had tried to test the certificate using a second Iranian IP address.

All of the fraudulent certificates have since been revoked, and Mozilla, Google and Microsoft have issued updates to their Firefox, Chrome and Internet Explorer browsers to block any websites from using the fraudulent certificates.

Comodo came clean about the breach this week, after security researcher Jacob Appelbaum noticed the updates to Chrome and Firefox and began poking around. Mozilla persuaded Appelbaum to withhold public disclosure of the information until the situation with the certificates could be resolved, which he agreed to do.

Abdulhayoglu told Threat Level that his company first learned of the breach from the partner that was compromised.

The attacker had compromised the username and password of a registration authority, or R.A., in southern Europe that had been a Comodo Trusted Partner for five or six years, he said. Registration authorities are entities that are authorized to issue certificates after conducting a due-diligence check to determine that the person or entity seeking the certificate is legitimate.

“We have certain checks and balances that alerted the R.A. [about the breach], which brought it to our attention,” he said. “Within hours we were alerted to it, and within hours we revoked everything.”

For more information at link below:

http://www.wired.com/threatlevel/2011/03/comodo-compromise/

They always reference past false flags when reporting on a new one.
This is such a transparently obvious false flag! I wonder if Max Boot ordered it?

Hey Max... was that you?
http://forum.prisonplanet.com/index.php?topic=203835.msg1220651#msg1220651
And  the King shall answer and say unto them, Verily I say unto you, 
Inasmuch as ye have done it unto one of the least of these my brethren,  ye have done it unto me.

Matthew 25:40

Offline Satyagraha

  • Global Moderator
  • Member
  • *****
  • Posts: 8,939
This is a cyber False flag.
They are gearing up for the BIG Cyber False Flag.

These are preparations steps...

How can we tell?
Well... look at the connections.


================================

U.S. agencies respond to cyberattack on information security firm
http://www.washingtonpost.com/world/us-agencies-respond-to-cyberattack-on-information-security-firm/2011/03/23/ABDhjoKB_story.html?wpisrc=nl_tech
By Ellen Nakashima, Wednesday, March 23, 6:21 PM

Federal agencies are confronting possible repercussions from a cyberattack disclosed late last week on one of the nation’s largest information security companies.

RSA Security, a division of EMC, has contracts throughout the federal government for its SecurID system, which uses a token to generate a random six-digit number every 60 seconds. That number, when used with a user’s password, provides access to unclassified systems throughout government agencies.

In a filing Thursday to the Securities and Exchange Commission, EMC reported “an extremely sophisticated” cyberattack that targeted its RSA business unit and resulted in “certain information” about its products “being extracted.” Although there were no reports of lost customer data as a result of the breach, the risk is that the stolen information could enable a successful attack later, company officials said.

“We do not believe that either customer or employee personally identifiable information was compromised as a result of this incident,” RSA Executive Chairman Art Coviello said in a letter to customers accompanying the filing.

================================

RSA is connected to Verisign:

================================

http://www.cscic.state.ny.us/security/conferences/security/2006/presenters.cfm

John Weinschenk
Cenzic

Prior to Cenzic, John was the VP of the Enterprise Services Group at VeriSign, the largest provider of digital trust services in the world. In that role, he held worldwide responsibility for marketing VeriSign's authentication, digital trust, and wireless services to Global 1000 companies. He forged several alliances with strategic partners, including IBM, where he drove the effort to embed VeriSign's public key infrastructure technology in network access devices. Before VeriSign, John was CEO at TransIndigo.

While growing that company from six to more than 50 employees, he shaped it into one of the leading developers of real-time transactional authority, and then oversaw the successful acquisition of the company by RSA. John has established numerous pivotal deals and relationships while holding executive positions at Entegrity Solutions (VP of Business Development and Alliances, Product Operations, and Worldwide Marketing), HAL Computer Systems (Director of Business Strategy), and Unisys Corporation (Director of Engineering).

================================

Now, Verisign's connection to Amit Yoran:

================================

More on George Tenet:


http://nationalcorruptionindex.com/pages/profile.php?profile_id=208


George Tenet
Last Updated: May 01, 2008

... Tenet also serves on the boards of American Online (AOL) and Guidance Software, the self-proclaimed “world leader in computer investigations.” Guidance added Tenet to its board on March 22, 2006. In 2003, Guidance entered a strategic alliance to provide computer forensics to the government, with I2 Inc., a British technology firm with FBI contracts that was acquired by ChoicePoint in early 2005. Guidance also has strategic alliances with Computer Sciences Corporation (CSC) and Verisign. Amit Yoran joined Guidance Software’s board on September 14, 2005. (Yoran started cybersecurity firm RipTech, which Symantec bought in 2002 for $145 million. After serving as head of cybersecurity for DHS, Yoran was appointed as CEO of CIA-created In-Q-Tel on January 4, 2006. Yoran resigned after three months, shortly after hiring old friend and Carlyle Venture Partners veteran and Secure Elements director Mark Frantz....


================================

And Amit Yoran connects to Ptech:

================================

Source


Amit Yoran on DHS, federal cybersecurity, enterprise security

December 5th, 2008 by Dennis Fisher

Amit Yoran, the former cybersecurity czar at the Department of Homeland Security and a veteran security executive, joins Dennis Fisher to discuss the state of enterprise security, the Obama administration’s cybersecurity priorities and why information sharing between the government and private sector hasn’t worked.

http://securitywireweekly.blogs.techtarget.com/podpress_trac/web/239/0/Yoran12042008.mp3
__________________________________________________________
From 2008 (this was NOT specified in 2007's Northcom Document, which shows their progression toward toward EVISCERATION of freedom and vicious attack now underway against the web.)

"Homeland Defense and Security scenario vignettes cover a broad range of significant terrorist activities, to include cyber attacks directed at Canada and the U.S. as a result of CTF (Coalition Task Force) operations as well as several natural disasters."

- NORAD-USNORTHCOM
__________________________________________________________
From 2005 (Applies hugely moreso now because they've been planning this for years, and as you can see from above, only starting in 2008 did NORTHCOM/Booz Allen Hamilton ramp up their attack plans on this.)

See: PROMIS/Ptech/Choicepoint/Infragard/DIEBOLD=World ID/Carbon Tax/IP v6  http://forum.prisonplanet.com/index.php?topic=79634.0

Below excerpt sourced from:
Source
Feb. 22, 2005

SAN FRANCISCO -- The federal government and several international partners will hold a cyber preparedness exercise in November, Homeland Security Department officials said here at the RSA Conference.  Its purpose is to give federal agencies an opportunity to test their plans for responding to a direct or indirect attack on the computer networks that control the nation's critical infrastructure such as power plants and oil pipelines. The exercise will be unclassified, and the public will be informed, said Hun Kim, deputy director of the National Cyber Security Division at DHS.

Instead, Wilson said he suspects that sophisticated intruders would
quietly try to wreak havoc, causing a loss of confidence in the
interconnected system of networks and information systems on which the nation's economy and security now depends. "Somebody's going to figure out how to get across a low wall and get on the inside, and they're not going to go in a chat room and talk about it," Wilson said. "We're talking about a sophisticated adversary."

Finding a hidden enemy and cleaning up the damage in such a scenario would be extremely difficult, Wilson said. "You're going to have not only national security issues; you're going to have privacy issues.
 
I'll leave it at that," he said.
__________________________________________________________
Source
Europe to get cybercrime alert system
 

Europe is getting a cybercrime alert system as part of a European Union drive to fight online criminals. According to plans, European law enforcement body Europol will receive 300,000 euros ($386,430) to build an alert system that pools reports of cybercrime, such as online identification and financial theft, from across the 27 member states.

Police will launch more remote searches of suspects' hard drives over the Internet, as well as cyberpatrols to spot and track illegal activity, under the strategy adopted by the European Union's council of ministers Thursday. The strategy, a blueprint for fighting cybercrime in the EU over the next five years, also introduces measures to encourage businesses and police to share information on investigations and cybercrime trends.

"The strategy encourages the much-needed operational cooperation and information exchange between the member states," said Jacques Barrot, vice president of the European Commission. "If the strategy is to make the fight against cybercrime more efficient, all stakeholders have to be fully committed to its implementation. We are ready to support them, also financially, in their efforts." Plans for the EU alert system follow the recent establishments of the Police Central E-crime Unit and National Fraud Strategic Authority, which aim to fight cybercrime in the United Kingdom.
__________________________________________________________
How might Obama's appointment to head the DHS turn things around for the department? Experts weigh in.

Source

Cyber Threats Await Next Homeland Security Chief

Janet Napolitano

Though it is charged with keeping America safe, the Department of Homeland Security (DHS) has also run up a record of high-profile failures during its short history.  Its role in the response to Hurricane Katrina, followed by a series of cyber security breaches, led to Congressional criticism of DHS Secretary Michael Chertoff and its CIO, Scott Charbo. And several of its proposed programs have stalled.

It's a legacy that Arizona Gov. Janet Napolitano is poised to inherit, having been named on Monday as President-elect Barack Obama's pick for DHS secretary.  And as a result of the DHS's troubles, information security experts have a laundry list of suggestions for Napolitano once she's confirmed.

First off, she should speed up the hiring process to better protect against future cyber security threats, according to Shannon Kellogg, director of information security policy at EMC (NYSE: EMC). Kellogg pointed out that the DHS has lost several employees involved in information security, including Greg Garcia, assistant secretary for cyber security and communications, who announced his departure this week.

Getting new people in quickly and retaining them will be important because US-CERT, the operational arm of the department's National Cyber Security Division and a key player in national and private sector Internet security, is building out broader capabilities and expanding quickly, Kellogg told InternetNews.com.

"That requires you hire people very quickly, but this is counter to how government hiring processes work," he added. US-CERT coordinates defenses against and responses to cyber attacks nationwide and issues security threat warnings. It developed software for the Einstein Program, an intrusion detection system in the federal government that is the result of the 2002 Homeland Security Act, the 2003 Federal Information Security Management Act (FISMA) and the Homeland Security Presidential Directive/Hspd-12, issued in August 2004. The first two versions of Einstein have been implemented in the Federal government.

EMC's Kellogg said that Einstein III is in the works. The project -- in which Kellogg called on Napolitano to continue investing -- will add real-time reporting capabilities to the system.

Clean up your own house

Napolitano should also make sure DHS deals with its own security vulnerabilities. The department suffered 844 security breaches during its fiscal 2005 and 2006, leading a House subcommittee on tech and cyber security to DHS CIO Scott Charbo of not doing his job, during a June 2007 hearing. The breaches also led to charges from a congressman that the IT vendor DHS contracted to build its networks, Unisys, bore partial responsibility for the breaches. The company quickly denied the accusations' validity, but the incident later led to an FBI probe of Unisys (NYSE: UIS).

"I hope the new secretary will continue to emphasize the importance of information security in this environment," EMC's Kellogg said. "DHS should be an example for information security within the federal government." As a result, the DHS should take a proactive approach to security, Scott Crawford, research director at Enterprise Management Associates, told InternetNews.com.

"There is no national agenda for taking cyber security all that seriously at this point," he said. "The DHS is left to reacting to events as they occur and leaving events to the private sector." Also at issue is how the next director of homeland security will work with the tech czar that Obama has promised to appoint -- a position commonly thought of as a national CTO. While details are scant on Obama's plans for the position, analyst Charles King of Pund-IT said he believes Napolitano should fight the idea of creating a single CTO position.

Instead, he thinks she should suggest a national council of CTOs, he told InternetNews.com in an e-mail. A long list of rumored candidates Obama's tech czar post has included names like that of Google CEO Eric Schmidt -- who later signaled his interest in remaining at the search giant -- as well as former FCC chair Reed Hundt, Apple CEO Steve Jobs, Amazon CEO Jeff Bezos and Julius Genachowski, an economic adviser to Obama and cofounder of venture capital firm Rock Creek Ventures.

But King thinks that's a bad idea. Napolitano should appoint working CTOs who have actually been involved in developing successful commercial projects, he said. He added that Napolitano ought to keep the national CTO on a tight leash, giving them three months to develop one-, two- and three-year plans for modernizing the nation's IT resources -- and refusing to extend the deadline.

All these suggestions will take time to flesh out. But one of the things Napolitano can do to score points quickly with the new administration is to have DHS establish a methodology to rate how well companies and agencies are communicating securely, one observer noted. "The DHS should enable agencies and the U.S. government to use a unified architecture to communicate securely, and a rating system will motivate people to use best practices for secure communication," said Kelly Mackin, president and COO of DataMotion, told InternetNews.com.

According to Mackin, whose firm handles secure e-mail for a U.K. government department, there are 4.7 terabytes of e-mail data for every 1,000 employees in a company -- data that could pose a danger if not properly locked down. "Although 93 percent of employees think e-mail is a critical piece of how they do business, most of that e-mail is not secured, and DHS must address this problem," she said.
__________________________________________________________
Voter Fraud Recount Revealed: AIPAC/Rockefeller!!!!!!!!!!!!
http://forum.prisonplanet.com/index.php?topic=21681.msg83959#msg83959


"FBI INFRAGARD - Kill your neighbors with FBI/CACI intelligence!
Infragard--Join now and get your own license to kill!!!
"

InfowarCon Advisory Board:  Dr. Dan Kuehl, National Defense University; Amit Yoran, NetWitness; Mark Rasch, FTI; Dorothy Denning, DoD; Richard Forno, Infowarrior.org; Lars Nicander, CATS; Bruce Brody, CACI.

InfowarCon Sponsors & Partners Include: The Department of Homeland Security (DHS), Mandiant, Netwitness, Purifile, Secure Computing, Lincoln Group, White Wolf Security, Department of Defense Cyber Crime Center (DC3), (ISC)2; Homeland Defense Journal, Government Security News, Homeland Defense Week, Officer.com, Continuity Insights, InfraGard National Members Alliance, ISSA NOVA, Terrorism Research Center and National Defense University.



Source

Mossad: RSA Security & Ptech Run US Govt Computers
Posted in the database on Monday, June 19th, 2006 @ 12:41:33 MST (818 views)
by Christopher Bollyn    American Free Press

The most critical computer and communication networks used by the U.S. government and military are secured by encryption software written by an Israeli "code breaker" tied to an Israeli state-run scientific institution.

The National Security Agency (NSA), the U.S. intelligence agency with the mandate to protect government and military computer networks and provide secure communications for all branches of the U.S. government uses security software written by an Israeli code breaker whose home office is located at the Weizmann Institute in Israel.

A Bedford, Massachusetts-based company called RSA Security, Inc. issued a press release on March 28, 2006, which revealed that the NSA would be using its security software:

"U.S. Department of Defense Agency Selects RSA Security Encryption Software" was the headline of the company's press release which announced that the National Security Agency had selected its encryption software to be used in the agency's "classified communications project.

RSA stands for the names of the founders of the company: Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. Adi Shamir, the lead theoretician, is an Israeli citizen and a professor at the Weizmann Institute, a scientific institution tied to the Israeli defense establishment.

"My main area of research is cryptography – making and breaking codes," Shamir's webpage at the Weizmann Institute says. "It is motivated by the explosive growth of computer networks and wireless communication. Without cryptographic protection, confidential information can be exposed to eavesdroppers, modified by hackers, or forged by criminals."

The NSA/Central Security Service defines itself as America’s cryptologic organization, which "coordinates, directs, and performs highly specialized activities to protect U.S. government information systems and produce foreign signals intelligence information."

The fact that the federal intelligence agency responsible for protecting the most critical computer systems and communications networks used by all branches of the U.S. government and military is using Israeli-made encryption software should come as no surprise. The RSA press release is just the icing on the cake; the keys to the most critical computer networks in the United States have long been held in Israeli hands.

AFP inquired with the NSA about its use of Israeli-made security software for classified communications projects and asked why such outsourcing was not seen as a national security threat. Why is "America’s cryptologic organization" using Israeli encryption codes?

NSA spokesman Ken White said that the agency is "researching" the matter and would respond in the coming week.

American Free Press has previously revealed that scores of "security software" companies – spawned and funded by the Mossad, the Israeli military intelligence agency – have proliferated in the United States.

The "security" software products of many of these usually short-lived Israeli-run companies have been integrated into the computer products which are provided to the U.S. government by leading suppliers such as Unisys.

Unisys integrated Israeli security software, provided by the Israel-based Check Point Software Technologies and Eurekify, into its own software, so that Israeli software, written by Mossad-linked companies, now "secures" the most sensitive computers in the U.S. government and commercial sector.

The Mossad-spawned computer security firms typically have a main office based in the U.S. while their research and development is done in Israel.

The Mossad start-up firms usually have short lives before they are acquired for exaggerated sums of money by a larger company, enriching their Israeli owners in the process and integrating the Israeli directors and their Mossad-produced software into the parent company.

RSA, for example, an older security software company, acquired an Israeli-run security software company, named Cyota, at the end of 2005 for $145 million.

In January 2005, Cyota, "the leading provider of online security and anti-fraud solutions for financial institutions" had announced that "security expert" Amit Yoran, had joined the company's board of directors.

Prior to becoming a director at Cyota, Yoran, a 34-year old Israeli, had already been the national "Cyber Czar," having served as director of the Department of Homeland Security's National Cyber Security Division.

Yoran had been appointed "Cyber Czar" at age 32 by President George W. Bush in September 2003.

Before joining DHS, Yoran had been vice president for worldwide managed security services at Symantec. Prior to that, he had been the founder, president and CEO of Riptech, Inc., an information security management and monitoring firm, which Symantec acquired in 2002 for $145 million.

Yoran and his brother Naftali Elad Yoran are graduates of the U.S. Military Academy at Westpoint. Elad graduated in 1991 and Amit in 1993. Along with their brother Dov, the Yoran brothers are key players in the security software market. Amit has also held critical positions in the U.S. government overseeing computer security for the very systems that apparently failed on 9/11.

Before founding Riptech in 1998, Yoran directed the vulnerability- assessment program within the computer emergency response team at the US Department of Defense.

Yoran previously served as an officer in the United States Air Force as the Director of Vulnerability Programs for the Department of Defense's Computer Emergency Response Team and in support of the Assistant Secretary of Defense's Office.

In June 2005, Yoran joined the board of directors of Guardium, Inc., another Mossad-spawned "provider of database security solutions" based in Waltham, Massachusetts.

Guardium is linked with Ptech, an apparent Mossad "cut out" computer security company linked with the 9/11 attacks. Ptech, a computer software company in Quincy, Mass., was supposedly a small start-up company founded by a Lebanese Muslim and funded by a Saudi millionaire.

Yet Ptech's clients included all the key federal governmental agencies, including the U.S. Army, the U.S. Air Force, the U.S. Naval Air Command, Congress, the Department of Energy, the Federal Aviation Administration, the Internal Revenue Service, NATO, the Federal Bureau of Investigation, the Secret Service and even the White House.

The marketing manager at Ptech, Inc. when the company started in the mid-1990s, however, was not a Muslim or an Arab, but an American Jewish lawyer named Michael S. Goff who had suddenly quit his law firm for no apparent reason and joined the Arab-run start-up company.

Goff was the company's information systems manager and had single-handedly managed the company's marketing and "all procurement" of software, systems and peripherals. He also trained the employees. Goff was obviously the key person at Ptech.

In the wake of 9/11, during the Citizens' Commission hearings in New York, Indira Singh, a consultant who had worked on a Defense Advanced Research Project, pointed to Ptech and MITRE Corp. being involved in computer "interoperability issues" between the FAA and NORAD. At this time Ptech's ties to Arabs was the focus, and Goff was out of the picture.

"Ptech was with MITRE Corporation in the basement of the FAA for two years prior to 9/11," Singh said. "Their specific job is to look at interoperability issues the FAA had with NORAD and the Air Force in the case of an emergency. If anyone was in a position to know that the FAA – that there was a window of opportunity or to insert software or to change anything – it would have been Ptech along with MITRE."

The Mossad-run Guardium company is linked with Ptech through Goff Communications, the Holliston, Mass.-based public relations firm previously run by Michael S. Goff and his wife Marcia, which represents Guardium. Since being exposed in AFP in 2005, however, Michael's name no longer appears on the company website.

Although he and his brother reportedly grew up in Pound Ridge, New York during the 1970s and 1980s, the heads of the Jewish community told AFP that they had never heard of him. One said that she had conducted a survey of the Jews living in the small village of Pound Ridge in the 1970s and she would have remembered if a wealthy Israeli family named Yoran had been found. Why did the locals in Pound Ridge NOT remember the Yorans?

Probably because they were NOT in Pound Ridge - but in Israel. The Pound Ridge address was used to give the appearance that the Yorans were Americans. I spoke with Elad and he has a distinctive Israeli accent - not what you would expect for a guy who grew up in a posh Yankee village.

So who are the Yorans? Who are their parents and why did they come to the United States? To raise a couple high-level moles to infiltrate the most sensitive U.S. computer networks? How could they have lived for 20 years in Pound Ridge and NOT be remembered.


GET READY FOR THE NEW AMERIKA!! A BETTER INFORMED SOCIETY WILL RESULT IN A FREER ONE WITH OUR MACHINE GUNS AND CYBER POLICE THAT CAN'T GET ANY OTHER TYPE OF JOBS BECAUSE THAT'S THE ONLY JOBS WE'VE LEFT FOR YOU IN THE NAU!!!  YOU PASS OUT ANTI-NWO MATERIAL, & PROTEST CLOUD COMPUTING?  YOU'LL BE SHOT ON SIGHT!!!  YOU WON'T EVEN HAVE TO GET ON THE TRAIN, BECAUSE THE SECRET THAT NO ONE HAS TOLD YOU IS THAT THE PUBLIC TRANSPORTATION, BUSES, ET.AL. WILL TAKE YOU TO THE FEMA CAMPS UNDER USTRANSCOM!  NOW SHUT UP SLAVES!!!!

And  the King shall answer and say unto them, Verily I say unto you, 
Inasmuch as ye have done it unto one of the least of these my brethren,  ye have done it unto me.

Matthew 25:40

Offline Geolibertarian

  • Global Moderator
  • Member
  • *****
  • Posts: 13,240
  • 9/11 WAS AN INSIDE JOB! www.911truth.org
This is a cyber False flag.
They are gearing up for the BIG Cyber False Flag.

http://www.youtube.com/watch?v=29C_KNZ7RNs (Problem-Reaction-Solution)

"Abolish all taxation save that upon land values." -- Henry George

"If our nation can issue a dollar bond, it can issue a dollar bill." -- Thomas Edison

http://schalkenbach.org
http://www.monetary.org
http://forum.prisonplanet.com/index.php?topic=203330.0

Offline Satyagraha

  • Global Moderator
  • Member
  • *****
  • Posts: 8,939
SCADA - STUXNET - See a pattern here?

March 24, 2011 1:36 PM PDT
U.S. warns of more SCADA software holes
Read more: http://news.cnet.com/8301-27080_3-20046912-245.html#ixzz1Ha2QQcG1

Flaws in SCADA software, used to monitor and control sensors and operations at utilities and other critical infrastructure facilities, seem to keep coming out of the woodwork:

• Last week, the U.S. ICS-CERT (Industrial Control System Computer Emergency Response Team) issued several advisories about vulnerabilities exposed in SCADA (supervisory control and data acquisition) software. One was in an ActiveXcontrol in WellinTech KingView V6.53 human machine interface (HMI) software used in power, water, and aerospace industries, mostly in China. The researcher publicly released exploit code for the hole and the vendor released an update that resolves the problem. The second vulnerability was reported in Progea's Movicon 11 HMI product, used primarily in Italy. It too has been patched.

• Also last week, a Russian firm released exploits targeting 11 unpatched, or zero-day, holes in SCADA software, which The Register was first to report.

• Three days ago, an Italian researcher publicly released information on dozens of unpatched holes in four different products and released exploits for targeting them. The move prompted an ICS-CERT warning.

• On Tuesday, Spanish researcher Ruben Santamarta told the BugTraq e-mail list that he had found flaws in BroadWin WebAccess, a Web browser-based HMI product from Advantech that ICS-CERT says is used in energy and other industries in North America, Asia, North Africa and the Middle East. Santamarta released details of the vulnerability and exploit code and ICS-CERT issued an alert.

• And yesterday, ICS-CERT released yet another advisory, this one warning about a SQL (Structured Query Language) vulnerability in the Ecava IntegraX or HMI product that could allow data leakage or manipulation as well as remote code execution on the backend host running the database service. Ecava has developed a patch for the hole.
Security problems with software used to monitor and control systems in the electric grid, refineries, gas pipelines, and other critical operations are moving to the forefront as the industries adopt Web-based technologies and connect previously isolated networks to the Internet.

"What is the acceptable tolerable level for security with industrial control systems? We don't know," Mike Ahmadi, co-founder of consultancy GraniteKey told CNET. "Systems have been isolated from the outside world...It's a very significant change we're going through right now."

While the SCADA bug reports appear to be accelerating, it's unclear if any of the vulnerabilities have been used in attacks on working plants or systems.

However, last year the threat became reality with Stuxnet, sophisticated and multipronged attack targeting specific Siemens software used in industrial control operations that experts said appeared to be directed at nuclear facilities in Iran.



Read more: http://news.cnet.com/8301-27080_3-20046912-245.html#ixzz1Ha2c6CNO
And  the King shall answer and say unto them, Verily I say unto you, 
Inasmuch as ye have done it unto one of the least of these my brethren,  ye have done it unto me.

Matthew 25:40