A reminder that if you're designing computer security systems in 2017, the following threat profiles are actually all the same threat actor:

* 4chan
* neo-Nazis
* Twitter trolls
* radical theocrats
* the Russian Mob
* the Russian President
* the Florida casino mafia
* the New York real estate mafia
* armed conspiracy theorists
* some Silicon Valley billionaire CEOs and venture capitalists
* The Senate, Congress and President of the United States

Not even joking. This is where we are.

@natecull At least you only have to test against one of them to have tested against the rest, then.

@natecull I don't really want to get into this discussion but I'd just like to point out that just because someone has a different view point to you, doesn't automatically make them a 'threat’. We as a race have quickly lost tolerance and how to properly deal with those differences..

@sati This is not about 'different viewpoints'. This is about deep and proven links between all of these previously thought to be separate communities.

This is a new thing to me. Prior to 2016, I didn't think these groups were connected.

But it's become apparent in the last 18 months that they are, very closely.

@natecull @sati Whether they are politically/ideologically or however connected is utterly irrelevant to the question of threat actors and threat modelling in a computer security sense.

So, say that they are all connected instead of spouting nonsense about something you have no idea about.

@kwanre @sati

These groups are *literally connected*, as in, they share key people.

Information and tactical planning flows between these groups.

Therefore, they are the same threat actor from an information security perspective.

Information flows from the Russian President to Stormfront to 4chan to the United States President; money flows from Russian oligarchs to US casinos and real estate to the United States President.

If you ignore this, you are not modelling the threat.

@natecull @kwanre I'm not ignoring what you posted, it's just that you seem to be pretty one-sided in your concerns. Modelling the threat would also require a much larger list than the one provided. The whole world is corrupt, regardless of which 'side' you're on, the system is broken.

Unless we can look at our sociological & political issues objectively then we are likely to never solve them.

@kwanre @natecull @sati False. If the actors are themselves acting in a coordinated and concerted manner, are sharing methods, aims, goals, and coordination, it's exceedingly useful to recognise that when tackling (or being confronted) by one, you're being confronted by all. And that they represent state-level-actor levels of advanced persistent threat.

@dredmorbius @kwanre @sati For what it's worth, it started to become apparent for me circa 2014 - with Gamergate - that there was some more than casual level of organisation behind what I previously had thought of as 'Internet troll culture'. The level of organised hate gave me 1930s paramilitary vibes.

This was right about the time that Andrew Auernheimer was released from prison and announced his actual neo-Nazi connections.

@natecull @kwanre @sati This is something I've been keeping low-level tabs on for a while, if only because it's annoying as get-out to me. But I'd started seeing more structured issues as well sometime in the early '10s, and becoming more flagrant. There's a large and interconnected network, plus a lot of induced action. Not being able to take anyone at their word (especially apologists) is another problem.

Other quarters' responses hurt too.

@sati @kwanre @natecull There's a whole culture of various forms of signaling, bonding, identification, etc., largely around what's termed "the left" (though it doesn't fully overlap) which IMO gets in the way. @Elizafox is tooting about part of that right now. The HC / BS ongoing circular firing squads are a huge part of that.

@sati @kwanre @natecull There's a reason I copied out the first paragraphs of A.H.M. Jones, "Augustus", describing the politics of ~40 BCE. *** BECAUSE IT'S EXACTLY THE FUCKING SAME AS RIGHT NOW. ***

Please. Fucking read it. Optimates vs. populares. Property vs. land. Rule of gold vs. rule of law. Who controls the courts? Living wage. Distribution of capital.

2,060 years ago.

6 paragraphs.

@natecull @kwanre @sati As for Gamergate itself -- I ignored the whole thing as long as I possibly could. I'm not a gamer, and wasn't particularly interested in either side of the story. Each seemed to be at least in part instigating. The fact that people I generally respect were getting exercised on it, and then death threats and guns showing up ... seemed to change things.

The whole affair still strikes me as profoundly odd.

@natecull there's deep and proven links in practically all establishments, governments & corporations. Nothing really changes apart from the players. Who shall we hate on this week/month/year? Democrats? Republicans? Honestly, the system is broken and until people realise that then you'll be played left for right, red for blue, black for white.

@sati @natecull Honestly, linking a bunch of morons in an image board to the Trafficante family seems a little farfetched

@natecull @sati This is similar to 1980s Evangelical world views that lumped everything from Dungeons and Dragons to the Dalai Lama into a single entity called "the Occult."

Everybody you don't like is NOT "the same threat actor."

@sati @natecull If you don't want to get into the discussion, then don't.

If you do, I'd strongly advise discerning whether or not you're capable of grasping and holding the facts of the matter. Evidence to date portends poorly.

@natecull I had a finding with a client about 2 months ago that I described an abuse of functionality for stalking via follows and auto-joining folks to groups. They were pretty shocked I would mention that as a security finding, but then agreed when I explained trolling and the like via Group subscription

@natecull I am super amused by the notion of Mitch McConnell trying to figure out 4chan

@natecull I'm going to print this and post it on our conference room door

@natecull At one time, I thought this was tinfoil hat paranoia such that, if I used it in a Delta Green game, my players would throw popcorn at me and say they'd agreed to suspend disbelief and not hang it from the neck until dead.

Now, it's just another Sunday.

@natecull Add to your list the GOP and the Libertarian -- Cato / Heritage / Atlas Network / Mont Pelerin Society -- network.

It's intimately connected with the above through several routes.

@natecull I'm also strongly inclined, though not fully convinced, Wikileaks should be added to the list, along with Julian Assange.

That's something which disappoints me greatly.

Fox News, Breitbart, Alex Jones, and a bunch of other nutjob "journalist" media types.

Oh, and I strongly recommend Sourcewatch for this sort of thing:

@dredmorbius Yes! Wikileaks tilting hard right was a big surprise for me too.



but but but

but if every shithead who claimed the Russia stuff was "Dem propaganda" was WRONG about it

that would be incovfefeable O_O

Everything was going so well until those last four D:
.. c-can you... can you rearrange them so they don't break the pyramid?

@natecull Fancy Bear is 4chan. This explains why all the memes in Russia are so dank.

@VacuumForest There's sure a whole lot of SuperPatrioticAmerican Twitter accounts that were created a couple years ago and also tweet in Cyrillic.

They aren't especially subtle, and yet.

@VacuumForest But yes, a lot of the very driven organisation behind anonymous image boards appears to be actually military cyber command based in Moscow.

These boards are anonymous; you don't know *who* is behind the screen. Who's running 'ops'.

But when they start acting in a military manner, and fit the profile of military, and promote stories that originate on Russia state media, it gets hard to deny.

The US channers are just being used as biological meme robots basically.

@VacuumForest The point of a good meme, of course, is precisely that it's *infectious*. So all handlers need to do is promote the meme as hard as possible (using bots to amplify) and eventually, if it's sticky enough, actual humans will pick it up and rebroadcast to their particular spheres of activity.

Same principle as cyberwarfare, just using human minds as the vulnerable system.

In fact we're seeing a blended cyber-plus-human threat landscape.

@VacuumForest It's more than just Russia, of course - there's an international fascist-conservative to Russian-nationalist-fascist alliance. So meme attacks are coming from within the US, UK and European conservative political media system AS WELL as from actual Russian cyber-command teams.

But Russia is acting as a major networking hub.

@natecull There are obviously people pulling strings everywhere, but there is no one "Death Star" you can shoot down to deal with it. The best bet is to understand that this too will pass. We get caught up in some kind of game and the only game is "their" game. I suggest we find other ways to deal with life and leave the fight to people who will fade away regardless as they all do. The only answer is to survive, IMHO. 🙁

@natecull what the fuck does this even mean? All twitter trolls are neonazis? All mafia members are theocrats? I'm so confused

Sign in to participate in the conversation

The original server operated by the Mastodon gGmbH non-profit