Monday, December 26, 2011

I predicted the Anonymous/Lulzsec attacks 6 days ago

For those of you keeping score (my prediction of 12/20 based based upon Twitter "data exhaust"), I suggested that those zany folks at Anonymous/Lulzsec need to quickly up their game and do something before the new year. Yesterday, I got an email from George Friedman announcing that the Stratfor Global Intelligence think tank had been hit. Here is the email:
My Quantum Leap Buzz "Anarchist Dashboard" confirmed today that Anonymous/Lulzsec were taking credit for this attack, threatening to make "charitable contributions" from Stratfor customer credit cards. This was rather brilliant of them, because those zany anarchists forced Stratfor to notify the world. Of course, my question to Stratfor's George Friedman: "Given the number of government-sized entities you've gotten the better of over the years, didn't you think to get some rock-solid security in place?"

My next prediction (I'm on a roll, now):  A similar groundswell of cyber warfare will soon take place against supporters of the Software and Online Piracy Act (SOPA). I strongly suggest that supporters of that idiotic legislation (see the list here that my Buzz dashboard gave me) circle their cyber wagons and get set for some awful retaliation. Almost a year ago, I wrote about one "righteous hack" of Hollywood. My preference, of course, is to beat SOPA in court and via legal means. Unfortunately, the world does not turn upon my whim, and I therefore predict some serious mischief against the above referenced organizations. One of the best tweets unearthed as strongly trending by Quantum Leap Buzz: 
"Under SOPA, you cd get 5 yrs for uploading a Michael Jackson song- one yr more than the doc who killed him."
Stay tuned.


Saturday, December 24, 2011

"Zombieland" meets "Person of Interest"

As I've pontificated before, "data exhaust" from Twitter can be used to gain all kinds of actionable intelligence. The Derwent Capital hedge fund is using their own Twitter data feed to beat the market. So, my budding cyber privateers, you can download the free (until Leap Day, 2/29/2012) Quantum Leap Buzz analytics program to set up your own predictive analytics dashboard. Not only can you get news the major news organizations dare not bring you (like real arguments against SOPA, because people like CBS and Disney have been complicit in selling "entrapment" software that they are now suing people for using), but you can get one heck of a good laugh (download Buzz and then type "bird flu zombie" for a real knee slapper). Everybody with a Web-connected computer ought to have this running continually. Here's a video about Quantum Leap Buzz:
To get your copy of Quantum Leap Buzz, go to…yep…www.QuantumLeapBuzz.com.

Tuesday, December 20, 2011

"Actionable" BUZZ from Twitter "data exhaust"

I thought I'd share my Quantum Leap Buzz dashboard as it periodically analyzes and sends me telephone text message alerts from my personal Twitter feed.  Here's the dashboard as of this morning:

Through "Leap Day 2012" (February 29th), anyone anywhere can download the free beta copy of Quantum Leap Buzz from (duh) www.QuantumLeapBuzz.com. After March 1st, all bets are off. This is my own text-me-immediately dashboard for actionable data that gets sent to my cell phone, wherever I am. Unlike mere Twitter searches (or anything else, anwhere else), this little gem runs on my always-on Mac (as well as on my PC when I get really curious about a lot of stuff), so some cloud aggregator can't spot and market my unique insights. Here are some notes on my key dashboards, top to bottom:
  1. Breaking news from Twitter is a jumble without Buzz analytics. But using the same Pattern Based Analytics for which the Department of Defense has paid them tens of millions of dollars, it's really easy to spot trending BIG NEWS even before the major news organizations get their biased little hands on it.
  2. Naturally, for the purposes of this blog, my International Cyber Dashboard will tell me when the next Duqu (or response to it) hits. Things have been relatively silent for a few days, but expect something to hit this weekend, when everybody in our command structure is trying to take some family time.
  3. This is my "Romney" dashboard, and…
  4. …this is my "Huntsman" dashboard. Okay, I live in Utah and find the mutual animosity between my two "brethren" somewhat disconcerting. And the antics of Huntsman's daughters on the social networks almost prove Pastor Jeffress' case. Almost (Huntsman is right: Jeffress is a moron).
  5. I'm sensing that India is the vortex for events in Asia, and I'm closely following trends in that part of the world.
  6. My "Anarchist Dashboard" is a great predictor of those zany guys at Anonymous and Lulzsec. They're not getting a lot of traction over the last four days, so I would expect (soon) another high-profile temper tantrum. Certainly before the new year.
  7. "Waiting for bad stuff" is a sorrowful list of text messages. But I need to know where to send my charitable donations. As one of my favorite late mentors once said, "You can't do everything you must, but you must do everything you can."
Since I've put my proverbial neck on the line by making a few predictions, my next post will be a summary of my batting average. Have a Merry Christmas, a Happy Hanukkah, a festive Kwanzaa, a…well forget it if your into human sacrifice, as I've got to draw the line somewhere…and a safe/fulfilling 2012, even if you are an Aztec.

Tuesday, December 13, 2011

Ultimate "Twitterverse" analytics breakthrough now public

Back in August, I reported that Twitter is the new cyberwar dashboard (click here). It turns out, analytics on what I call the "data exhaust" from Twitter could be extended to a phenomenal number of areas. Heck, CNN reported that one UK-based hedge fund (click here) is actually beating the market using a Twitter data feed to predict market movement. I've been pushing Quantum Leap Analytics (Full Disclosure: I sit on their board of directors) to deliver Twitter-pattern based analytics for every man. I contend that this "throw-away" (ie; ugly, but low-cost or even free) application would give non-technical consumers a whole new look at the world and the power of Pattern Based Analytics for higher-end business products from Quantum Leap. How about these capabilities for a mere proof-of-concept utility?
  1. Get emerging news stories before the press reports on them.
  2. Strip off the news bias to find out which reports are getting traction by the public.
  3. Set up your own dashboard for emerging trends.
  4. Get actionable intelligence before your competition even knows something is "afoot."
  5. Set trending-development NOTIFICATION on your dashboard, so a triggering threshold prompts YOUR COMPUTER to send a private text message to YOUR CELL PHONE.
  6. Keep YOUR UNIQUE INSIGHTS private to YOUR COMPUTER, not to be mined and aggregated by some cloud service provider.
  7. Find out who is "gaming the system" to artificially inflate sentiment scores.
  8. Discover criminal behavior in your neighborhood (a former high-level intelligence professional pointed out one set of tweets that appear to be a drug dealer's coded set of messages for customers to make pickups).
Sound interesting? Well, you can download the beta version of this product free of charge to your very own computer by going to www.quantumleapbuzz.com/trial. Calling this a kind of "Google for Twitter" almost undervalues the product. It's much more valuable than either Google or Twitter. One thing is certain: Quantum Leap Buzz should be an essential part of a cyber privateer's tool kit.

Try it. Let me know what you think.

Monday, November 21, 2011

Treasure hunt needs legwork in St. Louis, MO

I reported on November 16th that JOSEPH from SPAIN solved the coded message that the FBI's "best and brightest" couldn't (click here). Since JOSEPH from SPAIN lives in, duh, Spain, he has determined that the coded document is the last will and testament of Ricky McCormick, a street-wise fellow who came up with a secret way of writing when he was but a boy. So congrats to Joseph, who kind of made monkeys out of the FBI (certainly more effectively than the anarchists from Anonymous have been able to do). But Joseph needs some legwork in and around the St. Louis area, and I offered to set him up with one of my readers who wants to finish the job the FBI couldn't even start. Obviously, the FBI will probably want the treasure, not to mention (eventually) Ricky McCormick's heirs. So all that's in this for you is bragging rights. So drop me a line (please, no AOL or Hotmail-like accounts, as I really need to do some due diligence on you before I connect you with JOSEPH from SPAIN). Cheers!

Wednesday, November 16, 2011

FBI's "best & brightest" blow one for the gipper

Congratulations to "JOSEPH from SPAIN" who solved the crypto puzzle publicly posted by the FBI and about which I wrote on April 1, 2011 (see link here). As reported by Network World, the FBI asked for help in decrypting "this encyphered note" left by a street-wise man three days before his death. Quoting from the Network World article:
The FBI says that despite extensive work by its Cryptanalysis and Racketeering Records Unit (CRRU), and the American Cryptogram Association, the meanings of those two coded notes remain a mystery and McCormick's murderer has never been found. One has to wonder though, if the FBI can't figure this out, who can?
Thank you JOSEPH from SPAIN, who posted his comment last night. Bottom line, 41-year old Ricky McCormick used one of the oldest and least secure cyphers called The Caesar Cypher (here's the Wikipedia article here).  Master cryptographer Ricky McCormick simply shifted his letters by a mere one position. Sure, he replaced all "C" or "Mc" sounding words with an "X" in his home-grown code (along with some other "tweaks"), a system by the way that he came up with as a child, but egads! The FBI Cryptanalysis and Racketeering Records Unit (CRRU) along with the American Cryptogram Association, couldn't crack this? I'll bet you thought the geniuses in the federal government have our protection well under control. Here's JOSEPH from SPAIN's note:

JOSEPH from SPAIN said...
Is Shorthand and Cesar Code B
Look note 2, last line, said:
"O-W-m-4 H8L XORLX"
Can you see what letters are repetead?
Can you remember HAL 9000?
--If X= Variations of letter C (MC, C, CK)
--If L= M, m= N and H= I
--If O=O, W=W and R=R
--If 4= for and 8= A by phonetic solution
Then: OWN FOR I AM MCCORM(i)CK.
--It is the signature, testament and last will of Mccormick.
bye
The Solution for FBI and the treasure map: http://prophecyexperimentalzone.blogspot.com/
If you've seen the Paul Newman movie Buffalo Bill and the Indians, there's a scene when Sitting Bull seems to have escaped. Buffalo Bill (Paul Newman) says something to the effect, "We've got the best trackers, the best Indian fighters, and the best horsemen in the world. We'll go out and find 'em." Then, as you see the wild west show troop sail off over a hill on their trek, one of "the best horsemen" in the world fall off his galloping horse. I can't get that scene out of my mind every time I think about the FBI's "best and brightest" cryptanalysis geniuses.

So congratulations are in order to JOSEPH from SPAIN. He has a blog which goes into great detail (click here). I'm sure you'll forgive Joseph's presentation, as English is not his native language. And rather than dismissing his thoughts about "Obama, Nostradamus and Jeane Dixon," you might just cut some slack to someone who has spent his life looking for patterns. In fact, he's been doing pattern-based analytics the hard way: with his noggin.

Joseph, drop me a line. I'll see to it that you get an early release of a currently top-secret Pattern Based Analytics (PBA) product that I've been testing for a Department of Defense contractor who is about to release a public product that will be a real game changer. I figure we turn a guy like you loose with a PBA that's the software equivalent of U.S. Navy SEAL Team 6, you could…well…bag some big game.

Again, congrats to JOSEPH from SPAIN. And thanks for your note.

Friday, October 28, 2011

Duqu is one step closer to The Perfect Virus

I've been using my "top secret" Twitter analytics feed to track down technical analyses of the Duqu virus which some call "Son of Stuxnet." Based upon that information, I have upgraded my Stuxnet-Zeus/SpyEye report card to include all that I can now "grok" about Duqu (click here). The full 22 principles that I postulate for The Perfect Virus are found HERE. To summarize where Duqu trumps Stuxnet:

  1. It looks like Duqu has a decent command and control system that allows more complete oversight.
  2. Duqu appears to trump Stuxnet in Feral Fertility (Perfect Virus principle #2).
  3. Seamless migration partial-kudos to Duqu, since no one can figure out how it propagates. 
  4. Duqu is at least stealthy enough to evade capture and dissection of the initial infection module. Stuxnet got partial credit for stealth, but Duqu is still a mystery. Hence, it gets full credit as of today's date.
A number of Duqu's partial-credit scores could well get them full credit, especially in Self Awareness (TPV principle #3). Guaranteed, though, nobody knows anything about Black Box Portability (TVP principle 7), which is just jim cracking dandy, since that is the characteristic that turns a virus into the truly Perfect Virus. And Black Box Portability is the technology driving my next novel, currently in progress.

Monday, October 17, 2011

Secret weapon no longer a secret

As I indicated in my last posting, I will only use this blog for major announcements. Today qualifies. I have previously talked about a "secret weapon" I was using. In this morning's USA TODAY newspaper, Quantum Leap Innovations has come out of the dark with a full-page ad (see the full PDF yourself by clicking here).

I've been experimenting with a social media analytics dashboard that I keep running on my desktop. Not only does it give me trending data long before even the online news organizations get their teeth into a story, but it quickly flags posers who are "gaming" the system in their attempts to sway sentiment analysis or to trigger a viral movement. IMHO, every desktop in the world should have their own social media analytics dashboard customized with the topics of interest to each user. I'll keep you posted on the availability of such a product. In the meantime, I predict that pattern based analytics will be an indispensable tool to anyone interested in…well…predicting the next big surprise in their lives.

Friday, October 14, 2011

One-year cyber privateering readership analytics

Today is the Morgan Doctrine one-year anniversary. One year. Six days a week. Every single day. This has been a tremendous learning experience for me, exploring the legal and technical implications of…in the fictional words of Iron Man Tony Stark, "…privatizing  world peace." So at this Morgan Doctrine birthday party, I've decided to analyze the top-ten most popular topics and then the top-ten geographical readership areas. First, the most popular topics as judged by readers:

  1. Japan, I have a solution for you and Sony Almost three-times the readership of the number-two blog.
  2. Stuxnet response from Iranian hacker? A most telling theme, given that Stuxnet is a state-sponsored investment in this brave new world of cyberwar.
  3. Privateer analytics: high-reward/high-risk numbers... Obviously, other people are interested in these analytics.
  4. Frank Herbert clearly foresaw our day  This clearly validates my assertion that military science fiction is way ahead of the game. More to the point, Frank Herbert was a good friend and mentor and, if I want to be truly honest, is the person to whom I owe credit for this idea. He certainly deserves that my next book be dedicated to his memory. By now, most of the philosophical questions Frank and I discussed late into the evenings have been answered for him.
  5. Draft 01: The Cyber Privateer Code  I love this! I intended my equivalent of "The Pirate Code" to go through many drafts. So far, this one draft seems to hold water. Quite amazing. Which is why I set up a separate URL domain: www.CyberPrivateer.com to feature THE CODE.
  6. The Perfect Virus principle #14: Stealth  My single biggest breakthrough was forcing myself to coin the 22 principles of The Perfect Virus. And guess what? Today, Stealth is the number-one theme. But wait a year, or two. I predict that Black Box Portability will be the big issue. It certainly is in my novel.
  7. How China/Russia can make (are making?) billions b...  Oh yeah. The "usual suspects."  Russia and China. Read 'em and weep.
  8. Federal judge keeps 1-800CONTACTS from hijacking t...  Now this is really surprising. My analysis of a legal opinion, and I'm not even an attorney. Okay, so I watch a lot of television.
  9. Stuxnet about to cause an "Iranian Chernobyl"  Again, the cyberwar implications of the #2 most-popular topic.
  10. Yahoo email gets an "F" in security  I've had a grudge against Yahoo after getting email from my dead friend, whose Yahoo account got roached. Looks like others have a similar grudge, given Yahoo's market problems. Amen. This is, after all, a reputation economy.


WHERE are the readers? Here's a map and the top-ten demographics:
  1. USA, by ten-to-one over #2
  2. United Kingdom
  3. France
  4. Ukraine
  5. Germany
  6. China
  7. Russia
  8. Canada
  9. India
  10. Netherlands
Several surprises pop up. Why are the UK, France, Ukraine and Germany ahead of China and Russia? What the heck is Ukraine doing so high on the list. And what the heck is Netherlands doing on the list at all? Several "data exhaust" guesses: 
  • Netherlands may be an Anonymous hotbed.
  • Ukraine must be pretty high on the list of cybercriminals.
  • UK and France are governments making big investments in cyberwarfare capabilities.
  • I'm surprised that Canada, India and Netherlands are higher on the list than Israel, with whom I've had some most interesting dialogues. If I were to rank cyberwar capabilities of the developed nations, I'd place Israel right after the United States and ahead of the U.K., France, Germany, Russia, and China.
A year ago I made a commitment to write every single day except Sundays. I achieved that goal. Today marks a change in strategy and tactics. Simply, these posting will become far less frequent. Why? Because I'm going into the next phase of research with some pretty spectacular new tools that have become available to me. Don't worry, they're totally legal tools. But they are top secret and will assist me in finishing my sequel novel. Here's a hint: Black Box Portability is the real Holy Grail of The Perfect Virus. Black Box Portabiity could also be called "infecting an alien architecture." Check it out in the search box to the left. And stay tuned for interesting albeit less-frequent announcements. 


Thursday, October 13, 2011

Microsoft says zero-day bugs are overrated?

According to Microsoft Jeff Jones, director of security with Microsoft's Trustworthy Computing Group, "…zero-days are not the most prevalent, and thus not the most dangerous, threats facing users." The Microsoft SIR (Security Information Report) published on October 11th states that "…exploits of zero-day vulnerabilities accounted for just 0.12% of all exploit activity during the first half of 2011." In Alfred E. Newman's (Mad Magazine) words, "What, me worry?"


Not to put too fine a point on it, but Mr. Jones should tell that to surviving families of the 12 Ford minivans full of children who were massacred in the pile up on the San Diego Freeway because some hacker decided to pull the pin on the virus he planted in the Microsoft-embedded operating system on those cars. Their mid-freeway stall was triggered by the Sponge Bob Square Pants DVD download. The other 988 minivans just had a be-glad-we-didn't-kill-you-today message appear on the navigation screen.


Way to "take one for the team, Jeff." Did your manager tell you to get out front and put zero-day bugs into perspective? Convince the world that Microsoft's security policies are rational after all? 


Just over one tenth of one percent. A mere twelve out of 1000. What, me worry?


Yeah, I think I'll worry.

Wednesday, October 12, 2011

Huawei walks into a Beltway bar…

And the joke for the day begins along the lines of Liam Neeson's popping out of the crematorium oven in The A-Team movie and saying, "So Satan walks into a bar…" which causes the furnace operator to faint. I always wondered what the rest of the joke was. Today's similar knee slapper has Huawei asking the Department of Commerce why they were excluded from bidding on a wireless network for emergency responders. Well gosh, guys. Let me see here. Oh, yeah. Maybe it's because you are part of the Chinese cyberwar machine, and you've done jack squat to disabuse the world of your nefarious connections? You could have taken my February 22nd advice and had this problem long behind you. Now, however, you actually ask this question with a straight face? Get serious!

So, Huawei walks into a Beltway bar…

I'll pay $10 for the best shot at the rest of the joke.

Tuesday, October 11, 2011

Where will you be on 11/11/11@ 11:11 AM

Last November in my first "If I were a jihadist" posting, I opined about 11/11/11at 11:11 AM in NYC. Well, we're a month away. While I have absolutely no hard evidence, nor even "data exhaust" from my top-secret Twitter analytics alpha test feed, I think that date and time is a pretty inviting target for everybody from jihadists to Anonymous to crazies of all colors (red, blue or green). Am I paranoid enough to do anything differently on that day? Probably not. But I may be a bit more vigilant then. How about you?

Monday, October 10, 2011

Predator infected; SCADA hacked; NYSE still standing

Two seemingly unrelated contrails triggered my analytics warning system:
  1. AP reported Sunday (from Wired Magazine and finally picked up by CNN) that a computer virus has hit the military drone program.
  2. Italian researcher has disclosed "several zero-day vulnerabilities in SCADA (Supervisory Control And Data Acquisition) systems."
Combine this "data exhaust" with my July 28th assertion that "Stuxnet payback will be a b*tch!" and you might start battening down the hatches. Conclusion: No longer will you hear you child say, "Momma, why is the car doing this?" as the new family minivan stops dead in the middle of a busy freeway due to a virus-infected CD in your audio player. The following out-of-the-mouths-of-babes statements might now become relevant:
  • "Momma, this elevator seems to be stuck, and I'm having trouble breathing."
  • "Momma, why did that airplane blow up the car ahead of us?"
You think the whacky clowns at Anonymous infected the military drone program? Get serious. A bunch of low-tech anarchists whose top tricks are DDoD or SQL-injection attacks are not up to this one. They couldn't even blitz all the DNS (Domain Name Servers) hardware to make good on their threat to erase the NYSE today (see my story here). Yep, all pants and no leg.

It takes government-level resources and something more closely approximating The Perfect Virus to hack our Predator program. One of last week's headlines is that U.S. lawmakers question cloud security. How about real clouds? The ones over the capitol? 

Saturday, October 8, 2011

Steve Jobs & Larry Ellison "data exhaust"

I've been using a "top secret" Twitter analytical tool to "grok" the historical musings around Steve Jobs. Quite a few people are looking for patterns between Steve and other contemporary "great men" of technology, from birth dates to education to family status. My feeling is that Steve could go down in history as the Leonardo Da Vinci of our time, but few of us really have a sense of history as it is happening. So I will not presume to make a historical pronouncement, other than to say that both Steve Jobs (who I did not know personally) and Larry Ellison (with whom I had a close association over six years) did seem to have a sense of history even as they were making it.

In the mid 1980s, Larry Ellison's house in Atherton, CA backed up to Steve Jobs' home. The two weren't particularly friendly. In fact, Larry was greatly irritated that Steve's peacocks kept crapping in his back yard. Those who follow current tree-trimming disputes between Larry and his San Francisco neighbors might get a sense that you don't want to irritate your neighbor if he happens to be Larry Ellison. Somehow though, unlike parties in the current real estate conflict, Larry and Steve became best friends. Over the years since, they've each taken their divots out of the historical landscape, perhaps even mentoring each other along the way.

Consider the historical "data exhaust" contrails left by these two men. Steve Jobs literally invented several major industries as he changed our lives. Larry Ellison became one of the richest men in the world by projecting his intellect through Oracle. He won The America's Cup. I've chronicled all of these things. But how will history summarize his life when Larry Ellison breathes his last?

Forgetting the public personae and self-promoted apocryphal legends, Larry Ellison is a profoundly sensitive and caring individual. This so-called "bad boy" tycoon once didn't come to work for a week after his cat died. I can only imagine the anguish he's feeling at the loss of his friend, since I watched my own friend—Judge Pat Brian—also lose his fight with pancreatic cancer. My own humble nod to Pat Brian has been to dedicate my latest novel to his memory (my literary agent is currently trying to find a NYC publisher for Daddy's Little Felons). Given Larry's resources and his genius, I predict his remembrance of Steve Jobs will be somewhat more spectacular.

So what do my predictive analytics forecast for the head of my Cyber Privateering Fantasy League leader? First, I believe Larry will eventually own an NBA-championship basketball team. Secondly, I predict that Larry will win an academy award as a movie producer. Of course, recognizing his own mortality, he could achieve that goal through his son David, who is executive producer of the next Tom Cruse mission impossible movie. Finally, just as the fictional Iron Man Tony Stark (whose character I am convinced was modeled after Larry), I predict that Ellison will somehow take the reins and eventually strut down the halls of Congress proclaiming that he has "…successfully privatized world peace." And somewhere in that dialogue, Larry will most certainly find a way to memorialize his best friend Steve Jobs.

Sit back, grab some popcorn and your favorite soft drink, and enjoy the real…History Channel.

Friday, October 7, 2011

Ellison/Benioff smackdown "data exhaust"

Oh boy. The first two members of my Cyber Privateer Fantasy League team are taking public shots at each other. Larry Ellison is calling Marc Benioff's cloud solution the "roach motel" of software, saying you can "check in but you can't check out." Benioff countered in a sally that TechCrunch describes as "beating Ellison at his own game." This is truly great theatre from two of my favorite people in the world. So let me go out on a limb here and make a prediction, based upon "data exhaust" available to me.

Sometime in the next two years, three at the most, Oracle will acquire Salesforce.com. These two masters of PR really are friends and mutual admirers. In one of my long-ago conversations with Larry Ellison, we talked of Kurt Vonnegut's novel Cat's Cradle. In it, the emperor and his best friend have a stagnate society. To get things jump started again, the emperor (Ellison in this analogy) suggests to his best friend (Benioff) that the friend start a "religion of meaningless lies." The emperor will declare practice of the new religion a crime punishable by death (wink, wink). The friend agrees, starts the religion, and Voila! Suddenly they don't have a stagnate society anymore.

I bring up this analogy, because two masters of the game are having some very public fun. So get some popcorn and enjoy the show.

Thursday, October 6, 2011

Military sci-fi: Weber hits another home run

If you search my previous articles for "sci-fi" or "military science fiction" (enter your search on the left), you'll see a consistent theme throughout. Namely, The Perfect Virus is rather uncannily anticipated by David Drake, David Weber, John Ringo, Piers Anthony, Jerry Pournelle, Larry Niven, and my old friend Frank Herbert.  I highly recommend David Weber's Out of the Dark (from Tor and Tom Doherty), a novel about an alien invasion. This book should earn this prolific sci-fi author his PhD in anthropology, because it's a flawless doctoral dissertation on the nature of mankind.

So all you Anonymous guys dreaming about erasing the NYSE on October 10th, read Out of the Dark and then waltz on down to the bat cave and attack the job with new creativity. Not that I'm advocating this as a worthy goal, but if a few anarchists from around the world start doing the inevitable, maybe Congress will seriously consider a coherent cybercrime strategy.

Back to David Weber. Out of the Dark is an absolute knee-slapper, depicting a pack-oriented alien race absolutely breaking their picks trying to get human beings to surrender. In a final frustration, their fleet commander muses to himself, "Anybody who ever met a human would understand the galaxy could only be an enormously better place without any of them in it." Take heart, my Anonymous anarchists. You're having the same general effect on the establishment as the humans had on Weber's aliens.

So it is with profound pleasure that I award David Weber his Doctor of Anthropology degree from MDU (that's Morgan Doctrine University). May you…live long and prosper…and only use your power for good.

Selah.

Wednesday, October 5, 2011

NYSE to be "erased" on October 10th?

Adolescent hubris tends to cheapen your "brand" when you fail to deliver on promises/threats. Simply put, no way in Hell is Anonymous going to "erase" the NYSE on October 10th (see PC Mag story). Alas, anarchists are like proverbial women: "Ya can't live with 'em; ya can't live without 'em."

My advice to Anonymous: Never EVER make threats you don't have locked and loaded (ie; already installed trojans, data bombs and other malware). I once debated the head of the New York chapter of the ACLU on the McNeil-Lehrer report (a national nightly news program). I'd invented a voice stress analyzer, and the ACLU claimed my product was an invasion of privacy. I actually agreed with them on the air. Stunned, everyone just blinked at me, incredulous that I'd make their case. So I subsequently added, "But if my device is declared illegal, I'll simply place an ad in a national newspaper and show how anyone can a voice stress analyzer from about $300 of Radio Shack parts). Several viewers subsequently commented to me that they could actually see the rush of pus hit the ACLU flack's brain. In short, my threat was specific and credible.

But to erase the NYSE? Come on, guys! Go take a bicycle ride. You're spending WAY too much time in the bat cave.

Tuesday, October 4, 2011

Lockheed should be pushing the White House petition

The more I think about it, Lockheed and all the defense contractors should be pushing the White House "Morgan Doctrine" petition, as only the larger companies have the horsepower to put together a The Perfect Virus. The reason I mention Lockheed specifically is that they should be especially interested in some…payback.

Monday, October 3, 2011

FBI will come "directly to your home"

I'll let the following phishing/spam/extortion email speak for itself. Call it a lighter moment, courtesy of the guy bringing you the White House "Morgan Doctrine" cybercrime petition (click here). Enjoy. Note, I added the red highlight in the last paragraph of this humorously illiterate scam.

From: FBI <office_updatefile0@att.net>

Subject: Good Day,
Date: October 3, 2011 9:48:01 AM MDT
To: undisclosed recipients: ;
Reply-To: officestate29@yahoo.com

Good Day,

We have been watching every single transaction you made since last year until this 2011 and you have to know that we are also working to make sure your funds which are suppose to be delivered to you, and also bear in mind that what ever you emailing us will be forward to the court. Also we are hereby to notify by the federal bureau of investigation Cotonou department of the insult you imposed on them by failing to comply by their requirements.Your full residential address has been forwarded to us for your immediate arrest to face your charge but I deemed it fit to give you one more chance to save yourself from this mess.

We have been told that you have failed to dance by the rule of the FBI which will warrant 2 years jail sentence. Now I john Francis Pikus the special agent in charge of the FBI Albany department I am giving you 24 working hours to effect the payment of the $70.00 usd. To the FBI in Lagos Nigeria, (fbisecurity) with the information written below:
Receiver: larry ijeh
Country: Lagos Nigeria,
City: Cotonou
TestQ: warning?
Answer: now
Amount: $70.dollars
Mtcn number.........
You have to try as much as you can and make this payment so that your funds will be delivered immediately to your destination.You have to stop every transaction you are communicating with other organization to avoid delay on the processing of your funds.

Note that you? if you fail to stick with my advice or any delay will lead to us coming directly to your home address at any time, so try and dance by the rule and get back to me with good understanding ASAP. Special Agent in Charge;

DR UCHEAMAKA HOSEPH Pikus

Oh, and did I mention that Yahoo! gets a "F" in security. Still. I'd actually like to run Yahoo! I'll bet I could turn them around.

Saturday, October 1, 2011

Twitter "Data Exhaust" and "The Anonymous Rule"

On August 5th, I opined that Twitter is the new cyberwar dashboard. Yesterday, I began playing with an as yet top secret Twitter analytics tool, and promised to focus on an hourly Anonymous analytics exercise. Two things about Anonymous tweets stand out:

  1. The Anonymous war against Mexican drug cartels completely dropped out of sight, replaced by
  2. The Anonymous #occupywallstreet  and #antisec initiatives.
The above indicates that saner minds are prevailing. Anarchists may be crazy, but they're not stupid. You don't fool with guys who will mutilate you and your whole family.

Another interesting piece of "data exhaust" is that (surprise) people are "gaming" Twitter to achieve other goals (mostly marketing products). I'm intrigued with the ability of this particular analytics technology to quickly identify people who are indeed gaming the system. Since we live in an essentially "reputation based" economy, it makes some sense to "out" such individuals. Public shame can quickly cause our community to self organize and self police. 

Which brings me back to Anonymous. I often counsel with teenagers to follow the "Mother Rule," which is that you shouldn't do or say anything in which you wouldn't involve yourself with your mother watching. I now coin the "Anonymous Rule" as a corollary: "Do not do or say anything in your professional life that you wouldn't want broadcast by an Anonymous whistle blower."

Religious people tend to believe there will be a "Judgement Day" wherein all the secret acts of mankind will be shown to all of creation. Anonymous may have accelerated a kind of judgement day for people trying to skulk around in our world, today. In our reputation based economy, we should all keep "The Anonymouse Rule" in mind. Or be prepared to accept the consequences.

Based upon one more piece of "data exhaust" I'll share—namely the unlikelihood my White House "Morgan Doctrine" petition will ever enable licensed and bonded cyber privateers to keep the world honest—it's looking more and more like Anonymous will perform a less-just/fewer-checks-and-balances but nevertheless effective policing operation. Get set for a wild ride.

Friday, September 30, 2011

Drudge Report for anarchists: AnonymousAnalytics.com

The PR-savvy anarchists who may have thought twice about being tried as adults have made a positive evolutionary step, semi-legitimizing themselves as investigative journalists. Check out the Anonymous news page.

In fact, I'm interested enough in this unfolding story that I've turned on a top-secret analytics tool in my possession and tasked it to do an hourly Twitter-feed analysis on Anonymous. I think these guys have no fear (typical for the under-twenty-five crowd), as they've just declared war on the Mexican drug cartels. Frankly, I'd rather face an embarrassed and irate U.S. government any day than publicly disrespect and then even moderately inconvenience the Mexican drug cartels.

I ran a trial batch last night, doing hourly analytics on feeds from 7:00pm until midnight. At the time of this writing, I'll fire it up and do the same thing all day today. My conclusion so far:
  1. Anonymous has some seriously gifted PR minds at work.
  2. Quite a few people are seriously worried about the wisdom of "their buddies" taking on the Mexican drug cartels.
  3. Just before midnight, the Sony arrests suddenly transcended the "noise" level in Anonymous tweets.
  4. Attention span of Anonymous tweets/re-tweets/followers quickly shifts, probably due to boredom in the old "Bat Caves" and another shot of Red Bull.
  5. Anonymous is still schizophrenic, as they promise illegal activity based upon the Wall Street protest arrests but in their PR site promise that "All information presented in our reports is acquired through legal channels, fact-checked, and vetted thoroughly before release."
Thus, a "statement of direction" from anarchists is an impossible promise. Because however well meaning one individual or group appears, his compatriots can (and definitely will) go another direction altogether.

BTW, don't forget to review and sign the White House "Morgan Doctrine" petition (click here).

Thursday, September 29, 2011

Next Great Hack: the 2012 presidential election

Just so you know what the stakes are if we don't get a coherent cybercrime national doctrine, you might want to check out the vulnerabilities of e-voting machines. And then sign the White House "Morgan Doctrine" cybercrime petition (by clicking here).

Wednesday, September 28, 2011

Cyberspy attacks on Russia

I've been pondering this story for a week: Cyberspy attacks targeting Russians traced back to UK and US. If you read the story, it's clear the security professionals on the case are bending over backwards NOT to suggest China is the culprit. Attribution is nearly impossible given the Cybersecurity Act of 2009. Yet another good reason for anyone serious about empowering companies to back-trace and cripple attacking servers to sign my White House "Morgan Doctrine" petition (by clicking here). Because we cannot achieve attribution under the current legal framework.

Tuesday, September 27, 2011

4980 signatures still needed on Cyber Doctrine petition

The first 20 signatures have come in for "The Morgan Doctrine" petition on the White House "We The People" website (click here to add your signature). We have until October 22 to hit that magic 5,000 mark. Still looking for a hockey stick in the signature curve.

Monday, September 26, 2011

No "Day of Vengeance" from Anonymous?

The zany folk at Anonymous promised that Saturday the 24th would be a "Day of Vengeance" for them in several cities. Maybe the weather was too nice for someone to spend on the Bat Cave terminal, eh? If something did happen, perhaps the victims haven't discovered it yet? Maybe they can't even access their systems to determine the extent of the damages? Stay tuned.

And in the meantime, please sign The Morgan Doctrine White House petition (click here).

Saturday, September 24, 2011

White House petition takes patience to sign

Patience, my friends. Patience! Turns out, my White House cyber security petition takes more patience to wade through than most expect. The site itself is hellishly slow, and you are required to sign up and then wait for an email confirmation before you can click through and vote. The 5,000 signature threshold is gigantic under these circumstances. Pass the link (http://wh.gov/gki) onto your friends and social communities with an admonition to…BE PATIENT! 

Friday, September 23, 2011

Sign this White House petition TODAY!

As I wrote on September 2nd (just 20 days ago), the White House has initiated an online petition system whereby if a petition gets enough support (right now it's 5,000 signatures), White House staff will review it, ensure it’s sent to the appropriate policy experts, and issue an official response. So what are you waiting for? CLICK HERE to go to the petition site, sign it, and then pass the link onto your friends. Here is how the page looks with just one signature (uh, that would be mine):
Lack of response to my petition may mean I'm smoking my lunch and nobody really thinks that licensed and bonded cyber privateers are a very good idea. Of course, the current petition just sets forth the first phase of cyber privateer authorization. Namely, we need a well-articulated "Morgan Doctrine" similar to "The Monroe Doctrine" to get the ball rolling. Then we get the cyber privateering ordinance locked and loaded.

Thursday, September 22, 2011

"Spies like U.S."

Sorry, but this isn't a Chase/Akroid comedy. Some real families have been put in harm's way.


Imagine that you are part of a network of intelligence professionals, getting together for TGG (The Greater Good). You've done everything right. You've anonymized your Web surfing. You run the latest private-label sandboxed browser. You never reuse passwords, and you change those passwords frequently. You NEVER open documents sent to you online, even if they are from trusted associates. You don't even run a commercially available operating system. You do all that, and then wake up one morning to see your name, email address, and (for some of you) even your home address publicized for the whole world. How did this happen?


Ask Intelligence and National Security Alliance (INSA), whose entire 3,000-name membership list got published by Cryptome (click here to see the list). I would imagine the next organizational banquet dinner will be served on shingles.


My question to you 3,000 who awoke to a NIGHTMARE ON SPOOK STREET is, "Are you sure you want to keep our status quo cyber security laws, or would you REALLY TRULY rather have some licensed and bonded HOUNDS OF HELL going after the people who have put your families at risk?"


Got a better solution? I'd love to hear it. This blog started out as a method to flesh out fictional "suspension of disbelief" for a series of novels I'm writing. It's been almost a year, and I have yet to see a reasonable alternative. Frank Herbert turned out to be your prophet of doom. It is time to deal with reality.

Wednesday, September 21, 2011

Awh, China again? No "Lie!"

China's denial of complicity in the attacks on Japan's major defense contractor (I reported on the attack yesterday) is ridiculous. Even if I didn't think before that China was involved, the wording of their denial puts them back into a list of "the usual suspects" on which I've previously written. The Computerworld story quotes Foreign Ministry spokesman Hong Lei (I wonder if any news broadcasters have pronounced his name with an emphasis on the last vowel in his name—making it Hong "Lie"?) as saying:
"The Chinese government has consistently opposed hacking attack activities. Relevant laws strictly prohibit this," Hong told reporters for Reuters, the Associated Press, and other outlets, during a regular press briefing Tuesday.
"Criticism that China initiated a cyberattack is not only groundless, it goes against development of international cooperation on cybersecurity," Hong said.
I raised my eyebrows yesterday that Time Magazine would use Aljazeera as their source on this story. Now it's making more sense. Time editors may have wanted to point the finger at anyone but China. Who better than jihadists?

Tuesday, September 20, 2011

Aljazeera reports Japan defense hack?

Does it strike anyone as odd that Aljazeera should be one of the first to report the hack of Japanese defense contractor Mitsubishi Heavy Industries (MHI)? Heck, even Time Magazine used Aljazeera as their source for the story! This is a piece of "data exhaust" that deserves some pondering. Don't 'cha think?

Admittedly, one day earlier, the very first report of the attack came from Japanese newspaper Yomiuri. You'll want to hit "translate" on your browser.

But Aljazeera? Quoted by Time? Go figure. Something is going on here.

Monday, September 19, 2011

Low-bidder SCADA systems have doomed U.S.

SCADA (supervisory control and data acquisition) systems run everything from the power grid to sewers and public water supplies (in addition to, heh heh, Iranian nuclear centrifuges). If somebody wants to cause some really bad things to happen in SCADA-dense countries (like the United States), the job doesn't appear to be extremely hard. Today's SCADA-bug story is making the rounds. Don't think of it as an interesting story with distant relevance to your personal life. Think of it as an exclamation point on the need for privatizing national cyber security with licensed and bonded cyber privateers.

Saturday, September 17, 2011

My lunch with "The Godfather of Science Fiction"

I have written repeatedly about the importance of science fiction to both my world view and to our planet in general. I have shared how precient my late friend Frank Herbert (who wrote Dune) was about predicting our day and age. Thursday while in New York City, I was able to spend three hours with the single most influential publisher in the history of science fiction: Tom Doherty (of Tor Books, among many other imprints). We talked about my manuscript for THE MORGAN DOCTRINE novel depicting cyber privateering evolution. We then had a delightful lunch hosted by the daughter of my literary agent and her husband (the Israeli naval commando who gave me the U. S. Navy SEAL Team 6 baseball cap about which I wrote yesterday). To be sure, my novel will have to stand on its own in today's incredibly competitive publishing world.

Interestingly, I don't believe Mr. Doherty has the slightest concept of how much our world owes to his efforts on behalf of the science fiction community (and all the other genres for which he has been the guiding light).  He is gracious. He has no guile. He's a straight shooter. And whether or not he and his team elect to risk an investment in publishing my novel, it was a pleasure to shake his hand and to do the kind of Vulcan mind meld that can only take place in a face-to-face meeting.

Friday, September 16, 2011

Former Israeli naval commando

Yesterday, I had the pleasure to spend the day in New York City with a former Israeli naval commando and his wife. Not only did we visit the World Trade Center site, but he somehow managed to score three U. S. Navy SEAL Team 6 baseball hats, one of which is now in my possession. I am in admiration of the real warriors, and more fully realize that as a writer, I am merely the Ned Buntline reporting on the true Buffalo Bill Codys of the world. Admittedly, the analogy is flawed, because Buffalo Bill was a showman, and the men I idolize today are absolute-real-McCoy heroes who willingly put everything on the line, not for money and not for fame. As nearly as I can tell, they were simply foreordained and put on this earth to keep the lights on for the rest of us. Ooh-rah you guys.

If you see a fellow in the airport tomorrow who is wearing a SEAL Team 6 hat, it could be me.

Thursday, September 15, 2011

Legal defense of Anonymous

Predictably, the legal defense of Anonymous is the modern-day equivalent of 60's political protesters. They haven't played the try-em-as-minors card, so good luck in the prison general population. Cybercrime laws have a lot more teeth than the laws against blocking my college dean's office in 1965.

Wednesday, September 14, 2011

DHS "data exhaust" (spoilers)

I'm on the East Coast this week, among other things doing my annual pilgrimage to attend the technology advisory board meeting of a NYSE-listed company. I had the occasion to take a limo ride for an hour and a half with an executive-protection contractor who'd worked for presidential protection details, corporate surveillance operations, and who'd travelled to Iraq and Afghanistan for the DHS. I couldn't resist asking him the million-dollar question:
"Is it really possible that the terrorists are so incompetent that they haven't been able to mount a successful operation on US soil in the ten years since 9/11?" His answer rather took me aback. Paraphrasing a ninety-minute discussion:
"That's because there is no threat. And if there were a threat, these guys would never uncover it in time to thwart it. All the billions spent on airport security and such are just a way for the old-boy network to get government contracts."

You see why I was taken aback? I did NOT expect this answer. Period. I rather hoped he'd explain that our intelligence capability was so superior that we nipped the bad guys in some unpublic ways and did so with extreme prejudice. Do I believe the above assessment of DHS incompetence? Not entirely. But there's enough "grain of truth" in this data exhaust to give it some credibility.

You might ask, "So, what does this have to do with your cyber privateering initiative?" I owe you an unambiguous answer. There IS a real cyber threat. Unfortunately, the federal government's business-as-usual attitude, of letting the defense contractors line up at the trough, is counter productive to getting the real job done. Not impossible, but the economics are staggering. A reasonable balance to federal largess is to have self-funding monetization of cyberwar and cybercrime threats through licensed and bonded…you guessed it…cyber privateers.

Yeah, we need a real-life Tony Stark strutting down the halls of congress boasting that he's successfully privatized national cyber security.

Tuesday, September 13, 2011

Who'd want to pwn Linux?

Yesterday's Register story about the continuing troubles of Linux.com begs the question, "Who'd benefit the most by roaching the Linux supply chain?" IMHO, the culprit is likely not Anonymous or LulzSec, since Linus Torvalds is the patron saint of anti-establishment forces in the cyberverse. It's more likely that a nation-state is making a concerted effort to sneak their stuff into Linux for their own cyber-domination projection of power. Insert your stuff early enough in the food chain, you own the world.

Given that cyber privateering is not legal anywhere, the above-mentioned nation-state had better beware of well and truly honking off a bunch of open-source acolytes. Again, IMHO, this is the second-best line of defense the world has to cyber criminals and rogue governments: an army of zealous penguins defending their pristine antarctic preserve. Until now, they've had to direct their anger at opponents of WikiLeaks. But give them a government to bring down? Now you're talking!

Be careful, China.

Monday, September 12, 2011

Attribution in cyberwar; advice to China

I've been mulling a recent headline attributing the RSA hack to China, based upon the fact that a virus upload spreadsheet used a Chinese version of Excel. While I'm not convinced that it wasn't China, given that country's bad reputation for cyber citizenship, I might want to point the finger at China if I were another entity who wanted to remain…no pun intended…anonymous. I have previously posted some advice to China on how they might "get ahead" of the international dog pile. I reiterate that with the same kind of advice I gave to LulzSec: Do a Dick Morris. Admit to previous bad acts, indicate a change in national policy, and beg forgiveness. There really is a way to turn your liabilities into assets of equal magnitude. Especially if some outside force is setting you up to take their fall.

Or you can wait for cyber privateers to publicly and profoundly b*tchsl*p you. Your choice. Do it the easy way or do it the hard way.

Saturday, September 10, 2011

Good thing I'm not a bookie

Yesterday's prediction of the BYU vs. Texas outcome based upon "Twitter analytics" was…flawed. BYU lost by one point, BYU's 16 to 17 for Texas. So I shouldn't quit my day job?

Friday, September 9, 2011

BYU/Texas "Twitter data exhaust" prediction

On August 29th I covered the Hedge Fund that uses Twitter to predict the market. I also hinted that some major new analytics tools are in the pipeline. Well sports fans, I have my hands on a pre-Alpha version of one such tool. And just for laughs, I wanted to spike proverbial ball BEFORE Saturday's BYU/Texas football game. "Twitter data exhaust," suggests BYU will win the game. Which would actually surprise the bejeebies out of me, even though I'm a BYU fan (all four of my children went to BYU). Everything I know about football would suggest that Texas will resoundingly spank BYU. But what do I know?

So I'll post this a day in advance of the game, beginning a record of successes and failures using "Twitter data exhaust" to forecast the future. Maybe after the game I'll try my hand at handicapping the terrorist threat level, or ferreting out money laundering activity. That's right. After the game. And as two notes of full disclosure:

  1. I did not look at any other sources of game prediction (Google, ESPN, etc.). This had to be a Twitter-only data feed; and
  2. I am doing some work for the company that created the Twitter-analytics product (full disclosure is always important as you consider the source of any information).

On August 5th I opined that Twitter is the new Cyberwar Dashboard. Let's see if I can use some pretty freaky analytics to see who is tweaking those dials. Heck, on August 2nd I reported that the DoD is spending up to $42 million on Twitter analytics. All I'm spending is a few entertaining minutes with some swell new toys. If they work well, maybe I can convince the creators of this tool to make it available to everyone, free of charge.

POSTSCRIPT:  I just checked the College Football News prediction, and they think Texas will win:
CFN Prediction: Texas 24 … BYU 13

Thursday, September 8, 2011

Wikileaks and anarchists, Part II

Once again, the friendly little gang of anarchists is eating their own.  Wikileaks, the patron saint-site of the modern anarchist movement, is on the receiving end of fellow anarchists who don't agree with their…well…rebels with a cause. The trouble with no constitution and no enforceable laws is kind of obvious. Whereas licensed and bonded cyber privateers could become rich because they follow a strictly enforced code of conduct. In which world—Anarchy99's world in Vin Diesel's movie XXX or our own arguably imperfect smattering of incompetents—would you rather be a citizen?

Wednesday, September 7, 2011

Dmitri Minaev offers Russian Oracle insight

Two great comments today from Dmitri Minaev about the story behind Oracle and Russia. On January 29th of this year, I verified one source for a Larry Ellison quote:
"The only way the ORACLE RDBMS will ever be delivered to Russia is in the nuclear warhead of an ICBM."
Today, Dmitri Minaev posted the following two notes on that January 29th story:
Mr. Ellison didn't know that somewhere in 1987 or 1988 Bulgarian institute Interprogramma together with Soviet company NPO Informatika "developed" a RDBMS called KARS, the exact copy of Oracle. My part in this job was to translate original Oracle manuals (Pro*C, SQL*Plus, SQL*Calc, etc) into Russian.  
BTW, you know what was my worst headache? I didn't know whether the Bulgarian programmers had renamed Oracle's library calls like `ofetch' and `oclose' to `kfetch' and `kclose' correspondingly. No, they didn't :)  
Thanks, Dmitri. Just to let you know that "what goes around comes around," back in 1984 when we were "out-IBMing IBM" at Oracle, we copied the IBM SQL/DS and DB2 manuals for the Oracle product. I mean we LITERALLY copied them. Larry Ellison insisted we even keep the same page numbers.

Anyhow Dmitri, thanks for another little slice of history.

Tuesday, September 6, 2011

CIA, MI6 & Mossad compromised since 2009?

Today's big story is NOT that CIA, MI6 or Mossad SSL certificates were hacked. Nor is it that the same SSL certificate hack opened up 300,000 Iranians to have their Gmail accounts spied upon. The news, buried at the end of the first story referenced above is:
Last week, Helsinki-based antivirus company F-Secure said it had found signs that DigiNotar's network had been compromised as early as May 2009.
The implications might appear too far-removed and esoteric for most of us. So below is a list of other fake certificates that were obtained. Check it out. Maybe you have a stake in this after all. Maybe you should become a proponent of legalized cyber privateering.  You use any of the following services?
*.*.com*.*.org*.10million.org*.android.com*.aol.com*.azadegi.com*.balatarin.com*.comodo.com*.digicert.com*.globalsign.com*.google.com*.JanamFadayeRahbar.com*.logmein.com*.microsoft.com*.mossad.gov.il*.mozilla.org*.RamzShekaneBozorg.com*.SahebeDonyayeDigital.com*.skype.com*.startssl.com*.thawte.com*.torproject.org*.walla.co.il*.windowsupdate.com*.wordpress.comaddons.mozilla.orgazadegi.comfriends.walla.co.illogin.live.comlogin.yahoo.commy.screenname.aol.comsecure.logmein.comtwitter.comwordpress.comwww.10million.orgwww.balatarin.comwww.cia.govwww.cybertrust.comwww.Equifax.comwww.facebook.comwww.globalsign.comwww.google.comwww.hamdami.comwww.mossad.gov.ilwww.sis.gov.ukwww.update.microsoft.com 

In addition, the attacker created rogue certificates for these names:
Comodo Root CACyberTrust Root CADigiCert Root CADigiCert Root CAEquifax Root CAEquifax Root CAGlobalSign Root CAThawte Root CAVeriSign Root CA