Forwarded from: Brooks Isoldi <bjisoldi@acsu.buffalo.edu>
One can only wonder *exactly* why TrustMatta performed this
"Counterintelligence excercise". Seriously, is this meant to wake
people up to the amount of information available or to give the CIA a
black eye? Or is it meant to draw attention to the courses/services
offered by Matta (i.e. a publicity stunt)? Did TrustMatta perform
this same CI excercise against their own organization? While Matta
mentioned several times that this information was gleaned strictly
from open sources, and I commend them for that and for the focus on
open sources, the information in this report is not really anything
special, nor is it something that isn't available for almost any
entity with a web presence. This report would have also greatly
benefited from a conclusion of the data, including the statement that
this information would only be the first steps of the initial phase of
a focused, dedicated attack on a target network. It also seems to
suffer from the two links (one at the top and one at the bottom) to
courses Matta offers on Information Security.
On another note, I did find the rather large list of names,
email address' and phone numbers surprising, however a quick search on
Google for some of those names reveal the following:
Steve Argubright, Dennis Taylor and Paul Vick are all PUBLIC
points of contact for the NCIX (National Counterintelligence
Executive). Their contact information is there, accessible by anyone
with a webrowser for a reason. They are most likely PR of some sort,
especially considering their names show up on the "Upcoming Events"
page for the NCIX. For those who don't know, in addition to running
counterintelligence ops, the NCIX also works with industry and
commercial entities (and perhaps the general public to a small extent)
on protecting themselves from corporate espionage. That alone means
they require publicly accessible "Points of Contact".
Richard Corliss happens to be the webmaster for the NCIX.
Enough said, I think...any web presence is going to provide contact
information for their webmaster.
I didn't bother doing this for all the names, I just skimmed a
few off the top, however I am sure that had I done the same for ALL of
the names, I would have found the same pattern for many more of the
names. This is not to say that there is no information out there on
the web that SHOULDNT be, all I am saying is this report seems to be
fluffed up with the use of names and information that is out there for
a reason. It seems like another FUD'ish report, with someone keeping
their finger on the *PANIC* button.
---
Brooks Isoldi
The Intelligence Network
http://www.intellnet.org
877-581-3724 [Voicemail/Fax]
"When in the Course of human Events, it
becomes necessary for one People to
dissolve the Political Bands which have
connected them with another..."
-Declaration of Independence (1776)
-----Original Message-----
From: owner-isn@attrition.org [mailto:owner-isn@attrition.org]On Behalf
Of InfoSec News
Sent: Wednesday, March 06, 2002 3:30 AM
To: isn@attrition.org
Subject: [ISN] Internet-based Counterintelligence against the CIA
Forwarded from: Matta Security <info@trustmatta.com>
Dear all,
Yesterday the consultants of the Matta Attack & Penetration Team
released a white paper documenting an entirely legal
counterintelligence exercise undertaken over 2 days against the CIA's
Internet points of presence, using open sources of information.
Our results can be found in PDF format at
http://www.trustmatta.com/services/docs/Matta_Counterintelligence.pdf
[...]
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@attrition.org with 'unsubscribe isn' in the BODY
of the mail.
Received on Thu Mar 7 05:32 CST 2002