A security startup with close links to the CIA is touting a system to the UK government that monitors every IP address on the internet for malware, as part of its declared aim of improving cyber war capabilities. Endgame Systems helps US intelligence identify and hack into vulnerable networks, and is targeting a similar role in …
Real Dumb, Even Dumber and Starring Dumbest.
"Company representatives told The Register recently it would only sell such services to the US and UK governments, whose intelligence agencies have a close working relationship. Endgame Systems' advisory board includes former CIA technology officials Alan Wade and Bob Flores."
Which obviously has them competing against the Rest of the World Players for CyberSpace Control ..... and Disaffected Rogue Home Team Players who want to make IT Pay and who would think to Play Better on their Own or in Marauding Occasional Groups ..... Mercenary Soldiers of Virtual Fortune.
Buying Big Bot Boss...
...domains might provide a future takeover capability.
Imagine a "dead" botnet; thousands of compromised machines unable to get instructions because Endgame owns the command and control domains.
In an appropriate situation, Endgame could activate one or more of these, and suddenly have control over vast resources. Since it already has a database of infected mcahines, it could target attacks against specific countries or organizations.
Of course since they are wearing white hats, we have nothing to fear.
RE: Buying Big Bot Boss...
..and since they're not part of any government, China can't accuse our governments when they retaliate against recent Chinese hacking/botnets...
Control of Internet?
I don't like this "IP Confidence System" idea. Imagine that it takes off and they have lots of clients continually asking them "can I trust this IP address?". Now imagine that you are a small commercial website that has somehow been marked as "not trustable". If things have gotten sufficiently far that browsers are asking the trust question, then you are doomed to fail. Mechanisms to get an "untrustable" marking removed will likely be as difficult as getting website ratings changed at Google.
And it also raises the question of how they track systems in environments that use dynamic assigned IP addresses.
If my broadband connection gets reset and the last user of that IP address had a malware ridden computer, will that mean that no online store will accept orders from me?
There is too much scope for completely malware free systems from being marked as untrustworthy for this scheme to be effective methinks.
As for the ISS engineers... the ISS software sounds unbelievably great in the sales pitch, but a recent evaluation resulted in a less than acceptable result showing their software engineers are no more infallible than any other software engineers.
The Big Players...
...most likely maintain an IP address threat profile database. I once suggested that Google had the resources to maintain it.
The war for territory is won with boots on the ground, but the hearts and minds of the population are in cyberspace.
"Simple web page"
Endgame Systems doesn't inform infected users and doesn't shut down botnets because it believes such approaches would be unwelcome. So how is that compatible with their declared aim of 'improving cyber war capabilities' unless their real rationale is to wage cyber warfare on citizens of the US and UK? This proposal sounds like the biggest piece of malware ever to be inflicted on the internet, outdoing the government sponsored Phorm scandal by a country mile.
I'm, not sure how original their software is...
...but their logo certainly looks familiar to this bunch:
People with 'security clearance' working as sniffers on Secure networks linked in with MI6 and CIA are little more than 'establishment &*&^ suckers'. How we tolerate this growing militaristic complex depends on your personal interpretation of the word 'terrorist'. I know this sprawling net of Industry driven monitoring systems is directly connected to the Military Industrial Complex, which is a colossus protecting trillions worth of ill gotten assets. 'They' , the hidden asset moguls and their fawning politicians, academics and security execs, think 'they' can operate a global system of control beyond the reach of an oppressed and enslaved under class. These systems they are preparing are more sinister than you dare to think..