Our country is just one nation that makes up the rest of the world. And considering how many countries there are coexisting with us (albeit not always peacefully), it’s hard to maintain law and order all the time. It’s what governments are for. Well, aside from collecting taxes, the government is tasked to maintain peace and order and manage the affairs of the state. It’s a lot of work actually and can’t be done by a single individual. It’s why there are different agencies that enforce the law and some who act like Sherlock Holmes and try to put a stop to criminals before they even strike.
Technology keeps on progressing and it makes perfect sense for the government to invest in foreign intelligence service. In the US, it’s the CIA’s job to gather, process, and analyze data that may affect national security on a global scale. CIA is actually a civilian service that taps on human intelligence and is expected to report their findings to the Cabinet and the President of the United States of America. The law allows them to perform covert operations and gather foreign intelligence at the request of the president but not take part in enforcing the law because it is the FBI’s jurisdiction.
Wikileaks on Thursday published more than 150 pages of materials that explain how the CIA used USB drives to sneak malware to the air-gapped machines. After all, even these computers need to exchange data, and the only way to do it is using USB drives or external hard drives.
A platform called Brutal Kangaroo contains tools that can be used to target computer systems not connected to the internet, Ars Technica explains. Drifting Deadline is a tool installed on a computer of interest. When a USB drive is connected to it, the tool will infect it with malware that would then be passed to the air-gapped computer.
These advanced malware versions would be able to infect air-gapped computer immediately after the USB drive is plugged in. Some of them required no user interaction and could be activated by default behaviors in Windows, such as Windows Explorer displaying icons, or the letter corresponding to the thumb drive that was just inserted.
Given that the CIA’s work is based on gathering foreign intelligence, it’s a given that they have to be computer-savvy because the world is more digital than ever. They have to be crafty and resourceful in gathering foreign data that may be of value to the government especially when it’s the national security on the line.
Terror attacks happen more often today than it did in the past and we don’t want more Americans to die in the hands of heartless terrorists who only want to cause chaos and disrupt the natural order of the world. Wikileaks just enlightened the world how smart CIA agents are because they can even hack computers that are offline, meaning these PCs aren’t even turned on in the first place.
The latest documents are 150 pages in length, and they describe a CIA malware toolkit named Brutal Kangaroo for taking control of air-gapped computers by using specialized USB drives. According to WikiLeaks, the components of Brutal Kangaroo create a covert network within the target network, which makes the job easier.
It should be noted that Brutal Kangaroo contains 4 chief components — Drifting Deadline (thumb drive infection tool), Shattered Assurance (server tools for handling thumb drive infection), Broken Promise (postprocessor to take care of the collected information), Shadow (primary persistence mechanism).
Brutal Kangaroo is able to infect USB thumb drives using a Windows operating system flaw which can be exploited by hand-crafted link files. In the next step, when an infected drive is inserted in the target computer using Windows 7 and .Net 4.5, Drifting Deadline component deploys the malware.
While the rest of innocent and law-abiding Americans citizens don’t have anything to worry about this computer hacking ability of the Central Intelligence Agency, foreign individuals who have evil plans for anyone living in America or any American citizen should be very afraid because the CIA will find a way to get you and you can count on them to hack your computer first before they apprehend you, because they will.
The CIA hacks offline systems through the malware, Brutal Kangaroo. You may not have to worry about Brutal Kangaroo if you are not a terrorist or a criminal yourself but you aren’t immune to malware that is spreading all over the web today. When you get hit by this bug, you lose access to important data and you don’t want that to happen. Data recovery may be your last resort although having backup data is a good precaution. Learn more about data recovery here: http://www.harddriverecovery.org/clean_room.html. For an older system like RAID, this http://www.harddriverecovery.org/server-recovery/ may come in handy.