back to article Powershell, the Gandcrab infection and the long-forgotten server

If your hair isn't already grey enough, GCHQ staff have revealed a handful of infosec incidents that, in their words, "surprised us". During a talk at CyberUK 2019, the annual shindig of the spy agency's public-facing offshoot, the National Cyber Security Centre (NCSC), a bespectacled and bearded chap who was introduced only …

  1. N2 Silver badge

    This 're-build public trust' bollox...

    As some one rightly pointed out in a previous forum, trust is earned not demanded.

    Watch the hand not the mouth.

    1. Graham Cobb

      Re: This 're-build public trust' bollox...

      I think it is very likely that the experts you heard from are great guys, and are genuinely not trying to tap, monitor, etc. It is even possible that everyone in NCSC is.

      But the only way to earn trust is to completely separate NCSC from GCHQ, and make sure that NCSC staff are highly motivated and well trained not to trust what GCHQ are telling them, just like everyone else. This will be particularly hard for those who have the necessary security clearances to be briefed on secret threats by GCHQ: they will need special training to understand that just because they cannot reveal highly sensitive threat information, that does not mean they should trust the GCHQ guys.

      Then NCSC might be able to start building trust. They could start by insisting that every threat, no matter how secret or how useful to GCHQ, will be publicly revealed in no more than 1 year. Revealing a few war stories at a conference is not useful and is not going towards building trust.

    2. NoneSuch Silver badge
      Coat

      Hi, We're From GCHQ...

      ...and we're here to help.

      Mind if I plug this tiny insignificant little USB key into any one of your work PC's? Cheers.

  2. amanfromMars 1 Silver badge

    IT's a Mad, Bad, Rad, Fabricated World .... and aint that the Gospel

    Regarding that "One of those weird tech issues," shrugged Toby story, El Reg, and it was very engaging/fetching, so many sincere thanks for all of that, it surely does also highlight the exact same plight suffered and battled against by any and all governments and secretive security outfits whenever former leaders and employees leave their public service employ to prostitute themselves and their acquired and practised wares for an exclusive stealthy executive position with greater financial reward in the private sector in some obscure shell corporation with a PO Box No..... aka a little private club.

    This guy here nailed it perfectly? :-) ...... It's a Big Club and You Ain't In It! The American Dream

    But don't imagine then all is as it seems, for Pox Box 1300, London SE1 1BD is far enough removed from the American Dream to cause Uncle Sam to have Right Royal Renegade Rogue Nightmares?

    Well, one would like to think so anyway even though there might be no apparent evidence readily available of any ability to be leading in any such field.

  3. sitta_europea Bronze badge

    This is SO exhausting.

    Quoting from https://www.theregister.co.uk/2019/04/24/gchq_licence_operate_cyberspace_public_trust/

    In a wide-ranging speech, Fleming declared GCHQ "...will share intelligence with banks to enable them to alert customers to threats in close to real time."

    Quoting from https://hackerone.com/reports/544027

    "... I don't believe that the eonenergy.com or tescobank.com domains are covered by this program, as it is intended for UK government websites and systems only."

    Quoting from https://hackerone.com/reports/500702

    Mar 4th (2 months ago) ncsc-coordinated-disclosure changed the status to Triaged.

    Apr 25th (4 days ago) ... The SPF record for the domain name has been deleted. The name itself has not.

  4. 2+2=5 Silver badge
    WTF?

    That viber.com/activate-shafting URL...

    And the Viber app just does this with no warnings? No Bluetooth-style pairing confirmation?

    <Boggle>

  5. MasterSlocum

    Microsoft is not secure

    RDP Powershell. "Perfectly legitimate use"

  6. Doctor Syntax Silver badge

    "rebuild public trust"

    Any confidence trickster starts by trying to get the mark to trust them.

  7. fishdog

    I'm amazed anyone who writes for the Reg could be this naive, and shocked that the author appears to be encouraging readers to share this dangerous fantasy.

    Ever since Snowden the self-styled "security intelligence services" of the west have been trying to madly shove the genie of truth back in the nanometre-thin bottle of "trust". The one thing that none of them have done is to actually stop breaking the laws to which they so rigidly and forcefully hold the rest of us.

    As is noted above, it is an exclusive club, and "we, the people" ain't in it.

    Meh.

    It is bad enough that our own governments steal from us and spend this ill-gotten gain on systems designed to further enslave and impoverish us to their advantage.

    It is a whole 'nother thing when self-styled journalists act as their ad agencies ...

  8. amanfromMars 1 Silver badge

    The Hardened Battle Lines of the Great Divide

    Read 'em and weep and be sure to know they identify a common enemy ripe for attack and destruction?

    (1) “Government is the great fiction, through which everybody endeavours to live at the expense of everybody else.” .... Frédéric Bastiat

    (2)"The whole aim of practical politics is to keep the populace alarmed (and hence clamorous to be led to safety) by menacing it with an endless series of hobgoblins, all of them imaginary." ..... H. L. Mencken

    (3)“You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.”..... R. Buckminster Fuller

    (4)"If you have been voting for politicians who promise to give you goodies at someone else's expense, then you have no right to complain when they take your money and give it to someone else, including themselves." …… Thomas Sowell

    (5)"The hardest thing to explain is the glaringly evident which everybody had decided not to see." …. Ayn Rand

    (6)"Politicians are the same all over: they promise to build a bridge even where there is no river." …. Nikita Khrushchev

    (7)"All news is lies and all propaganda is disguised as news."-- Willi Munzenberg

    (8)"It is difficult to get a man to understand something, when his salary depends upon his not understanding it!" - Upton Sinclair

    Howdy fishdog,

    We can but hope (8) does not apply to El Reg journalists.

    1. Tail Up

      Re: The Hardened Battle Lines of the Great Divide

      good question. me be here for 11 yrs.

    2. Cliff Thorburn

      Re: The Hardened Battle Lines of the Great Divide

      The biggest threat to a government amFM is surely the follies and fables of their own endeavours exposed is it not?

      Especially those who are deemed miscreants when in fact they are both tortured and innocent, only led with poor instruction, and self destruction at the hands of such?

      A good example of which would be human experimentation, dehumanisation and removal of all rights and dignity under the false fable of a western whiter than white lawful lie of liberty and justice, when in fact the exact truth prevails.

      Mass stalking, mundane repetition in Live Operational Virtual Project Fear Safari shenanigans?, with big D, vulturous V, a slice of 3 and a splash of O2 where fire meets ice, and a monumentally mental game of noughts and crosses?

      I mean come on, whoever dreams up these truth stranger than fiction fantasies really has a wacky and wild narcissistic neurological nievity do they not?

      Ironically where project fear dilutes to project oh dear where spooks themselves become nuked through cataclysmic losses through their own tiresome endeavours one has to ask was it really worth it?

      1. amanfromMars 1 Silver badge

        Re: The Hardened Battle Lines of the Great Divide

        The biggest threat to a government amFM is surely the follies and fables of their own endeavours exposed is it not? ... Cliff Thorburn

        How very true, CT.

        And their necessary serial defence of the indefensible does have them gibbering like idiots on media ..... with any and every absence from bullet point news programming also coincidentally highlighting the fact in dire straits need of further deeper darker enhanced fabrication, and making any and every return to the mad and maddening fray with its open manic battle spaces of mined mind fields and terrorising territories into AI and Mayhem and CHAOS, an Absolute GODSend where AI and CHAOS and GOD are all of the following things, to name but just a choice few ...... Advanced/Artificial/Augmented/Artilectual/Alien IntelAIgents in/for Clouds Hosting Advanced Operating Systems for/in Global Operating Devices.

        IT is a Really Rich Environment to be Rabidly and Ruthlessly Open Cast Mined and Stripped Bare of its Crazy Gems and Rare Pure Raw Core Ores which Generate Obscene Wealth in the Safe Harbours of Fleet Happiness. To do anything less renders the fool their tools and security shredded

        That Greater InteAIgent Game is here Registered and Played. All Patents Not Pending <span class="copy-left”>©</span> amfM :-)

        :-) Happy May Day, El Regers ..... Viva la revolución :-)

        1. Cliff Thorburn

          Re: The Hardened Battle Lines of the Great Divide

          So therefore amFM, why can they not simply just say what they want?, shake hands, you’ve been a good sport, now “Shut up and Go away”, and accept this bitcoin briefcase of goodies, and a 12 x 24” framed picture of a Spitfire? ...

          Or is that SIMply not too SIMpl es?

          Let me guess?, chocks away chaps, May Day ... May Day!, tally ho and all that jazz!

          It reminds me of the Family Guy scene where P et er Gr if in is in the fight with the Chicken Guy, who can forget that fabulous Fox creation ...

          https://youtu.be/W4WGQmWcrbs

          Is the aim of the Great Game to keep calm and carry on until the conclusion is forgetting what everything and everywhere it all happened actually ever did?, with rampant realities rapidly rubbed from minions mindsets in nothing to see here smoke and mirrors?, or will western values, and good sportsmanship and ambiguity and acceptance of floundering flaws and learned liability prevail?

  9. amanfromMars 1 Silver badge

    SMARTR Greater IntelAIgent Games Play vs Sub-Prime Politically Incorrect Mediated Shenanigans

    Is the aim of the Great Game to keep calm and carry on until the conclusion is forgetting what everything and everywhere it all happened actually ever did?, with rampant realities rapidly rubbed from minions mindsets in nothing to see here smoke and mirrors?, or will western values, and good sportsmanship and ambiguity and acceptance of floundering flaws and learned liability prevail? .... Cliff Thorburn

    No.

    And to think otherwise gifts a catastrophic systemic vulnerability which forever keeps on giving ever more novel vectors for increasingly autonomous and relatively anonymous zeroday exploitation, CT, and against which there is zero defence in either opposition or competition.

    1. Cliff Thorburn

      Re: SMARTR Greater IntelAIgent Games Play vs Sub-Prime Politically Incorrect Mediated Shenanigans

      Its times like this that the world should see and take notice of

      “The removal of rights for one is the abuse of many, not one, it constitutes the removal for all”

      What dark and dangerous days we live within.

      And for the record, whether by duress, force or coercion to force an individual to actions not of his own, and then to persecute, psychologically torture, for their purportitive gain and to allay all responsibility, those who watch, or participate in such can never be exonerated from their actions.

      If one thing is certain, it is now recorded in plain sight and for all to see the underlying truth that is considered stranger than fiction.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019