Saturday, July 19, 2014

Red Sky Weekly: Flight MH-17 shot down over the Ukraine

It is a sad day for all of us when a civilian airliner is shot down.  It is not as if a commercial airliner is trying to sneak across borders at 33,000 feet emitting a code that identifies the carrier and the flight number to all air traffic controllers.  The first question we all asked was, “Who shot down Flight MH-17?”  We wanted immediate proof of who did it.

Let’s back track to the recent articles of the abuses of the NSA and our intelligence officers who are working abroad collecting information.  Without intelligence gathering, who would we turn to for answers?  We know that our former friends in Russia will likely not tell us the truth.  They are fighting to take over a neighboring country, they will use this as an excuse to blame the Ukrainian government and perhaps justify their actions.  Wasn’t it nice for all of us watching the evening news last night that we were able to see/hear the radio transmissions of the guilty parties explaining that they had shot down a civilian airliner.  This was the same crew that was bragging about shooting down a Ukrainian cargo plane, also with no survivors.  These radio transmissions were recorded too.

How do you suppose our government came by these radio transmissions?  Well, they were collecting intelligence and did not know what may or may not be important.  They did collect these radio transmissions and a lot of other chatter, but these turned out to be the proof that the world needed.  It makes me glad that all of the bad press about the Snowden incident did not cause our country to cease all intelligence gathering.

At Wapack Labs, we collect intelligence on state sponsored cyber terrorists, hackers, hacker groups and the tools that they use.  Not everything we collect has value, but we do our best to collect that information which will help our customers and Red Sky members best protect themselves. By collecting information --hopefully the right information, we could, and often do, have the pieces of information that could very well protect your business when you really need it.

BT BT

For those of you who follow our blog, we have been talking about our new product, ThreatRecon.  We have one more week of load testing and a number of Red Sky Alliance members and others are hitting it hard and are happy with the results.  The feedback to date has been amazing. 

On the analysis side, earlier this week we published a report detailing what we believe to be the first piece of malware (a banking trojan) embedded on mobile phones at the factory. We broke down the malware and identified the author.

We added to the Ukraine | Russia discussion. Our Eurasia team is watching intently, adding this week to the discussion of Russian involvement in the break-in at NASDAQ several years ago.

Last, the alliance is growing slowly and nicely. We're not as much worried about having hundreds (thousands?) of members as much as we are a small group of really good ones. So this week we did an orientation session with a new member from an Icelandic bank, and will soon be bringing in our first Austrian company. I'm very much looking forward to visiting both locations.. fly rod in hand for one, and skis over my shoulder for the other!

Until next time,
Have a great week!
Jim McKee