Friday, January 13, 2017

Why Did a Major PR Company Do Work for a Mob Planning to Hack the White House Web site?


[We are awaiting comment from PRNewsire; its owner Cision, Protester.io; and the FBI. We'll update if we get anything.]

"Um...this came over PR Newswire...not sure this is legal?" Tweeted well-known conservative editor and writer John Podhoretz, with a screen grab, on Thursday morning, Jan. 12th

um...this came over PR Newswire...not sure this is legal?

The screen grab, seen below, stated that "Protester.io Launches Campaign to Take Down WhiteHouse.gov on Inauguration Day." It called on people across the country to help by "occupying whitehouse.gov online."

This call to hack a federal Web site certainly raises several questions, the first being whether it represents a conspiracy to violate federal cyber crime laws. It sounds like a classic Distributed Denial of Service (DDOS) attack, in which hackers overwhelm a Web site so it can't be used by others (in this case, the American people). This technique is often used by criminals trying to extort the owner of the Web site, or countries like Russia and North Korea trying to shut down Web sites they don't like. Such attacks have sometimes been declared crimes under the federal Computer Fraud and Abuse Act (CFAA); violators can face years in prison and stiff fines. A Wisconsin man was reportedly fined $183,000 for using a DDOS attack to take down a company Web site for one minute.

But perhaps most surprising was the company publicizing the campaign, PRNewswire, one of the largest PR services in the world. Bought for nearly a billion dollars in 2015 by private equity-backed Cision, PRNewswire is a go-to choice for those seeking publicity for things like product launches, policy studies and required financial and legal disclosures. Now they were generating publicity for a group planning what might a federal crime.


According to the company: "PR Newswire, a Cision company, is the premier global provider of multimedia platforms and distribution." The service operates 35 offices in 18 countries. "Our network reaches nearly 3,000 newsrooms, like The New York Times, ABC News, BuzzFeed and more. We send content to more than 550 news content systems like Moody’s, SmartBriefs, LexisNexis and McGraw-Hill."

Why would PRNewswire, a company serving thousands of Web sites, want to help a protest group shut down perhaps the best known government site in the country?

We immediately went to the PRNewswire feed and found the following. PRNewswire had "corrected" the initial release to remove the parts about "taking down" WhiteHouse.gov.



But PRNewswire was still directing traffic to the Protester.io site -- where there were instructions on how people could "automate" the hack of WhiteHouse.gov. [We blacked out the specific instructions.]


Based on this, we started Tweeting questions to PRNewswire, Cision and Cision's CEO, Kevin Akeroyd, ex-GM of Oracle Marketing Cloud. 

They never responded. But something interesting was happening: The whole press release appeared to disappear from the PRNewswire system.


Has someone at Cision or PRNewswire realized they were providing publicity for what could be a federal crime? We've emailed them and the organizers of the "take down" campaign against WhiteHouse.gov, but have not yet heard back. We're also contacted the FBI to see they know about this campaign and whether it, and the technique it's promoting, are legal.

As for us, Need to Share News, we're left with several questions:

  • Why would PRNewswire, a company ostensibly devoted to the free exchange of ideas, apparently take money to help promote a campaign to "take down" a legal Web site?
  • Why do the people at Protester.io think they have the right to hack a public Web site other Americans want to use? Why not just put up their own Web site?
  • Do the FBI and other federal cyber crime agencies read PRNewswire? Or Twitter?
  • Will the authorities consider this campaign a lawful protest or a violation of cyber crime laws by "mob DDOSing?" Imagine if Moscow used this tactic to take down the White House site?
#

Saturday, January 7, 2017

Navy's Secret Underwater Code Revealed: Whale Songs for "Covert By Disguise" Cold War Communications

The U.S. government has now declassified files on years of ingenious secret experiments to use "coded pilot whale sounds" for covert communications between American Navy ships and submarines during the Cold War.

Excited Navy researchers concluded: "Covert communication by natural disguise is a psychologically confounding alternative approach that can convey considerable advantage to the adversary employing the technique."



"Project Combo" -- according to declassified files from the Naval Sea Systems and Electronic Systems Commands -- developed, tested and evaluated the systems on land and at sea from 1965 through at least 1980.  We received the declassified files from our friend independent researcher Mike Ravnitzky and the governmentattic.org. We at Need to Share News have a long interest in Navy detection of undersea noises while searching for enemy submarines, plus the government's use of dolphins and other animals in military operations.

The declassified report includes fascinating discussion of the noises made by different kinds of whales, porpoises, seals and sea lions, along with their potential suitability for use as coded messages. The Navy chose pilot whales for many of the tests.



The system, composed of recording/transmission and reception/processing equipment, proved successful in sending usable signals up to 50 nautical miles.  Maintaining secret communication at sea has been a critical goal of major naval powers for decades, especially when involved with the high-stakes underwater "cat and mouse" ("killer whale and seal?") game between nuclear submarines.

The declassified documents do not mention deployment of the technology for actual operations. However, one page seems to imply concerns the Soviets could be paying attention to the technique.

Also not discussed: The potential impact on whales if warring forces started interpreting their songs as transmissions from enemy vessels.



And what if some of the those relaxing new-age whale songs sold online actually include secret messages from U.S. sailors?




See the "Project Combo" files here.