INNERSANCTUM VECTOR N360™©|CYBERSECURITY by professionalglobaloutreach.com

INNER SANCTUM INNER SANCTUM ANDY JENKINSON

S P E C I A L

VECTOR

E D I T I O N

Author Of:

STUXNET TO SUNBURST DIGITAL BLOOD ON THEIR HANDS

N360 1

©™

Summer 2022

INNER SANCTUM

VECTOR

N360 3

©™

“It’s the responsibility of a Technology Publication to share new ideas and challenge the status quo.

And when a Publication fails to include different experiences, beliefs, and ideas, they miss out on a true perspective of our Global Environment.”

Linda Restrepo Editor/Publisher

Thursday 24 February 2022,

coincidently, the same day of my sister’s birthday, Russia launched a comprehensive invasion of Ukraine. This attack followed weeks of Russian forces building on the Russian, Ukrainian border amidst dismissive rhetoric by Vladimir Vladimirovich Putin, Russia’s President of a ‘special operations exercise’ and weeks of Cyberwar attacks on critical digital infrastructure. What made this war markedly different from any other war in history was it’s use of Cyberwar as a precursor to the Kinetic war that followed some 5 weeks later. Russia launched a Cyberwar offensive against Ukraine and although the methods and attacks were nothing particularly new in their use and deployment, it was the sheer scale and debilitating nature of over 70 Ukraine Government websites and infrastructure that caused chaos across many normal Ukraine Government channels. Attacks such as Man in The Middle (MiTM) and no doubt code injections to enable Domain Admin Access and Domain Hijacking and Takeover were witnessed.

Although such attacks are nothing particularly new, as these followed closely in the fashion seen in 2020 when SolarWinds who had suffered similar digital intrusions, using near identical methods with the same outcomes, it was the scale and audacity that possibly was shocking and crippling. What is more, it also heralded a major milestone that other Governments’ own basic security negligence also left them highly exposed. That thin red line had undoubtedly been crossed and possibly would threaten every government and country globally as unlike a warhead with a limited range, cyberattacks have no boundaries or limits and due to security negligence, even gross negligence, every critical infrastructure globally could be targeted and infiltrated.

The

Modus Operandi had been

set over the last two decades or more however, although growing in frequency and scale, they had, until now, been confined to cyber criminals looking to sell data to anyone willing to pay. This has created an entire Black Market cyber eco system all the way up to and including Zero Days where no ‘Fix’ is yet known or developed.

I will explain more on this later, save to say, the data wasThursday not encrypted due to 24 February the PKI issue, an expired and invalid 2022,Certificate. coincidently, same day of my Digital Wethe identified dozens Russia launched a ofsisters other birthday, Ukraine Government websites comprehensive invasion of Ukraine. with the same errors rendering them This attack followed weeks of Russian forces also NOT SECURE and exploitable. building on the Russian, Ukrainian borderwe amidst dismissive rhetoric When started peeling back the by Vladimir Russia’s in layers, youVladimirovich will hear the Putin, term ‘Defence President ofaalot ‘special Depth’ quite and itoperations means exactly exercise’ and weeks of Cyberwar attacks that. You cannot, or certainly should not on critical digital infrastructure. rely on a single secure position, but multiple. In terms of defence, the What made this war markedly Ukraine Government, and their different technical from any other war in history was it’s partners failed the very basic security, use of of Perimeter Cyberwar as a precursor to the that Defence by making Kinetic warwould that followed weeks errors that nullify allsome other5levels oflater. security no matter how complex, how many $millions or even $billions were Russia launched a Cyberwar offensive spent and when these errors are made, against Ukraine and although the wasted. methods and attacks were nothing particularly new in their use and deployment, it was the sheer scale and debilitating nature of over 70 Ukraine basic security Government websites and infrastructure that caused chaos across many normal errors, as happened to SolarWinds in Ukraine Government channels. 2020, once infiltrated, nobody can see

Such

or notice them as metaphorically the Attacksare such Man in The Middle enemy nowasmasquerading as one of (MiTM) and no doubt code injections the internal team by wearing the sameto enable Domain Admin Accesserrors and are uniform. These basic security Domain Hijackingtoand wereof not only confined theTakeover visual errors witnessed.

Although such attacks are nothing particularly new, as these followed closely in the fashion seen in 2020 when SolarWinds whoinvalid had suffered Digital similar digital intrusions, using near Certificates identical methods by displaying with the thesame NOT SECURE outcomes, textiton was the the website, scale and butaudacity also the thatDomain possibly Name was shocking System (DNS) and which iscrippling. where the content is handed off to a Content Delivery Network (CDN) to distribute What is more, that data, it alsoglobally heralded if required. a major Itmilestone is imperative that that otherthis Governments’ is also SECURE. own basic security negligence also left them Inhighly the case exposed. of theThat Ukraine thin red Government line had websites undoubtedly that been were successfully crossed and possibly attacked would threaten as partevery of thegovernment Russian and Cyberwar country globally offensive as and unlike a precursor a warheadto the withkinetic a limited war,range, they were cyberattacks not only NOT have SECURE no boundaries for the or world limits to and see, due but also to their security SIDEnegligence, and BACKDOORS even gross were wide open negligence, to enable every andcritical even facilitate infrastructure infiltration globally could unbeknown be targeted to everyone and until the infiltrated. attack became known sometime later. That is of course unless it was planned.

PKI,

The

It is not beyond the realms of possibility, Operandi that this Cyberwar wasModus months, even years in theset planning parttwo of decades the had been over theaslast Russian reconnaissance to in or more overall however, although growing identify Insecure digitalthey targets. We have frequency and scale, had, until identified dated now, beenInsecure confinedpositions to cyberthat criminals from at least August 2019 thatwilling would to looking to sell data to anyone enable ‘Sleeper Digitalan Plants and Cells’ pay. This has created entire Black to have been ready forway up Market cyberimplanted eco system all the to and including Zero Days where no ‘Fix’ is yet known or developed.

Such

PKI,

The

On Just

Thursday 24 February

as in the 2022, coincidently, the Cold sameWar, day of my sisters had birthday, a Russia been Russia taught launched well by their comprehensive invasion of Ukraine. ‘opponents’ namely the United StatesThis of attack followed weeks of Russian forces America. The US invested $billions of building onmoney the Russian, taxpayers’ in their Ukrainian quest to border amidst dismissive ensure Digital Supremacy rhetoric knowingby full Vladimir Vladimirovich Putin, Russia’s well that whoever could control the President of awould ‘special operations Digital World, indeed have a exercise’ and weeks of Cyberwar attacks major advantage over the rest of the on critical digital infrastructure. world. Not only from a commercial, but also from a military perspective. Warfare What made this on warfrom markedly had now moved Land, different Air and from any other war in history was Sea to include Cyberwar, more on it’s that use of Cyberwar as a precursor to the later. On the 17 January 2022 Russia Kinetic war that followed some launched a bombardment of 5 weeks later. cyberattacks upon Insecure Ukraine Government websites and infiltrated at Russia Cyberwar offensive least 70launched of them. aThis included the against Ukraine and although the Ukraine Military and even Ukraine’s methods and attacks were cyber command centre. Butnothing how and particularly new in their use and To what was their desired outcome? deployment, was the scale and cause havoc, itchaos andsheer destabilize the debilitating nature of over 70 Ukraine entire country. Government websites and infrastructure thathad caused chaos across many normal We already commenced Threat Ukraine Government Intelligence gathering channels. on numerous Ukraine Government websites and had Attacks such as Man in The Middle tried to inform the various people there (MiTM) and no doubt code injections to eventually getting to directly enable Domain Admin communicate with one Access of their and ThirdDomain Hijacking and Takeover wereto Party US partners and alerting them witnessed. just some of the oversights and errors.

“

That thin red line had undoubtedly been crossed

What is more, it also heralded a major milestone that other Governments’ own basic security negligence also left them highly exposed. That thin red line had undoubtedly been crossed and possibly would threaten every government and country globally as unlike a warhead with a 18 limited range, cyberattacks have On the January 2022 we exchanged very no boundaries concerningor information limits and on due to numerous security negligence, Ukraine Government even gross websites. negligence, One every example critical was infrastructure globally could bewhich targeted and www.mfa.gov.ua is the Ministry of infiltrated. Defense for Ukraine and connected, as you would expect, to numerous other Government websites.

The

The MFA Government website was Modus displaying a NOT SECURE textOperandi in the URL due a PKI and had Address been setbar over thetolast twoerror decades issue. This meant italthough was not growing only easily or more however, in identified as being NOT SECURE, but frequency and scale, they had, until it also basic to security was now,confirmed been confined cyber criminals lacking therefore only could lookingand to sell data tonot anyone willingitto be easily but itan also confirmed pay. Thisabused, has created entire Black data was being sent to and from Market cyber eco system all the the way up server in Plain Text (Unencrypted). to and including Zero Days where no ‘Fix’ is yet known or developed.

Thursday February I will explain more on this 24 later, save to say, the data was not encrypted due to 2022, the same day of my the PKI coincidently, issue, an expired and invalid sistersCertificate. birthday, Russia launched a Digital We identified dozens of Ukraine. This ofcomprehensive other Ukraine invasion Government websites attack weeks of Russian forces with thefollowed same errors rendering them building the Russian, Ukrainian also NOT on SECURE and exploitable. border amidst dismissive rhetoric by Vladimir Putin, When we Vladimirovich started peeling backRussia’s the President of a ‘special operations layers, you will hear the term ‘Defence in exercise’ anda weeks attacks Depth’ quite lot andof it Cyberwar means exactly on critical digital or infrastructure. that. You cannot, certainly should not rely on a single secure position, but What made this war markedlythe different multiple. In terms of defence, from any other war inand history it’s Ukraine Government, theirwas technical use of Cyberwar a precursor to the partners failed theasvery basic security, Kinetic war that followed 5 weeks that of Perimeter Defence some by making later. that would nullify all other levels errors of security no matter how complex, how Russia launched Cyberwar offensive many $millions or aeven $billions were against Ukraine and although the spent and when these errors are made, methods and attacks were nothing wasted. particularly new in their use and deployment, it was the sheer scale and debilitating nature of over 70 Ukraine Government websites and infrastructure that caused chaos across many normal basic security errors, as Ukraine Government channels. happened to SolarWinds in 2020, once infiltrated, nobody caninsee notice Attacks such as Man TheorMiddle them as and metaphorically the injections enemy areto (MiTM) no doubt code now masquerading as one of the enable Domain Admin Access and internal team by wearing the same Domain Hijacking and Takeover were uniform. These basic security errors are witnessed. not only confined to the visual errors of

Suc h

Although such attacks are nothing particularly new, as these followed closely in the fashion seen in 2020 when SolarWinds who had suffered invalid Digital similar digital intrusions, using near identical methods with the same Certificates displaying theand NOTaudacity outcomes, itbywas the scale SECURE text on theshocking website,and but also that possibly was the Domain Name System (DNS) which crippling. is where the content is handed off to a Content (CDN)ato What is Delivery more, it Network also heralded major distribute that data, globally if required. milestone that other Governments’ own Itbasic is imperative that this is also security negligence also SECURE. left them

PKI,

highly exposed. That thin red line had Inundoubtedly the case of been the Ukraine crossedGovernment and possibly websites that were successfully would threaten every government and attacked as part of Russian country globally as the unlike a warhead Cyberwar offensive and a precursor to with a limited range, cyberattacks have the war, or they wereand notdue onlytoNOT no kinetic boundaries limits SECURE the worldeven to see, but also security for negligence, gross their SIDE and BACKDOORS were wide negligence, every critical infrastructure open to enable and even facilitate globally could be targeted and infiltration unbeknown to everyone until infiltrated. the attack became known sometime later. That is of course unless it was planned.

The

It is not beyond the realms possibility, ModusofOperandi that this Cyberwar was months, even had been over theaslast years in theset planning parttwo of decades the or more however, although growing Russian overall reconnaissance to in frequency and scale, had, until identify Insecure digitalthey targets. We have now, been confined to cyber criminals identified Insecure positions that dated looking to sell data to anyone from at least August 2019 thatwilling would to pay. This has created entire Black enable ‘Sleeper Digitalan Plants and Cells’ Market cyber eco system all the way up to have been implanted ready for to and including Zero Days where no activity. ‘Fix’ is yet known or developed.

Thursday 24 February

2022, coincidently, the same day of my sisters birthday, Russia launched a comprehensive invasion of Ukraine. This attack followed weeks of Russian forces building on the Russian, Ukrainian border amidst dismissive rhetoric by Vladimir Vladimirovich Putin, Russia’s President of a ‘special operations exercise’ and weeks of Cyberwar attacks on critical digital infrastructure. What made this war markedly different from any other war in history was it’s use of Cyberwar as a precursor to the Kinetic war that followed some 5 weeks later. Russia launched a Cyberwar offensive against Ukraine and although the methods and attacks were nothing particularly new in their use and deployment, it was the sheer scale and debilitating nature of over 70 Ukraine Government websites and infrastructure that caused chaos across many normal Ukraine Government channels. Attacks such as Man in The Middle (MiTM) and no doubt code injections to enable Domain Admin Access and Domain Hijacking and Takeover were witnessed.

The

Modus Operandi

had been set over the last two decades or more however, although growing in frequency and scale, they had, until now, been confined to cyber criminals looking to sell data to anyone willing to pay. This has created an entire Black Market cyber eco system all the way up to and including Zero Days where no ‘Fix’ is yet known or developed.

It On

is also not beyond the realms of

possibility that data was being captured, Thursday for 24 several February controlled, and amended years to these basic security 2022,due coincidently, the same dayerrors. of my sisters birthday, Russia launched a As I write this preface on the 23 March comprehensive invasion of Ukraine. This 2022, basic security areforces attackthe followed weeks oferrors Russian STILL in place and the USUkrainian Tech Thirdbuilding on the Russian, Party insists on dismissive going via Attorney’s border amidst rhetoric by instead of directly engaging toRussia’s address Vladimir Vladimirovich Putin, their security and gross President of aoversights ‘special operations negligence. Doweeks they have something to exercise’ and of Cyberwar attacks hide? Quitedigital possibly. Are they complicit on critical infrastructure. by being complacent? What made this war markedly different We cannot speculate this point; all we from any other war inathistory was it’s can is that Ukrainianto the useconfirm of Cyberwar asthe a precursor Government and followed thousands of other Kinetic war that some 5 weeks organizations are highly exposed due to later. their basic security errors. Russia launched a Cyberwar offensive against Ukraine and although the methods and attacks were nothing particularly new in their use and can confirm that finally on the 16 deployment, it was the sheer scale and debilitating nature of over 70 Ukraine March, the Ukraine website Government websites www.mfa.gov.ua had a and validinfrastructure Digital that caused chaosupon across normal Certificate placed it atmany 00:00 UTC. Ukraine Government channels. This is some 8 weeks after we first informed them of the basic security Attacks such asthe Man in The Middle error. However, DNS is still (MiTM) andexposed. no doubtThis code injections completely situation, asto enable Domain Admin Access and mentioned, nullifies all other security Domain Hijacking and measures, including thisTakeover Digital were witnessed. Certificate.

On Wednesday 26 January The Although such attacks are 2022 nothing White Housenew, released theirfollowed paper titled: particularly as these ‘Moving thethe USfashion Government a Zero closely in seen into2020 Trust It is awho veryhad useful and whenModel’. SolarWinds suffered insightful document and was published similar digital intrusions, using near only 9 days after thewith Russian Cyberwar identical methods the same attacks commenced and outcomes, it was theupon scaleUkraine and audacity cites no less 47 times. that DNS possibly was than shocking and A coincidence, crippling. maybe, however with years of experience we have become a tad battle rarely subscribe What hardened is more, it and alsowe heralded a major to coincidences in theGovernments’ Cyber Securityown milestone that other world. basic security negligence also left them highly exposed. That thin red line had undoubtedly been crossed and possibly would threaten every government and ongoing country globally asUkraine unlike aCyberwar warhead withWar, a limited range, cyberattacks and both are currently raging, have has no boundaries andofdue to seen the exodusoroflimits millions Ukraine security predominantly negligence, even grossand citizens, women negligence, every critical children as men under 60infrastructure are forced to globally could be targeted stay and fight. The war has and so far infiltrated. claimed the needless loss of lives on both the Russian and Ukraine sides in their tens of thousands and with predicted losses of as many of 1 million people due to the war and lack of food Modus Operandi and water. had been set over the last two decades or more however, although growing in frequency and scale, they had, until now, been confined to cyber criminals looking to sell data to anyone willing to pay. This has created an entire Black Market cyber eco system all the way up to and including Zero Days where no ‘Fix’ is yet known or developed.

The

This On

war, no matter how it Thursday 24 February started, or who is culpable, time will 2022, coincidently, the same aided, day of my show basic security measures sisters birthday,this Russia launched even facilitated war and that a comprehensive invasion of Ukraine. marked the beginning of what we all This attackdoes followed weeks oftoRussian hope, not escalate becomeforces building on Chemical or the evenRussian, NuclearUkrainian war. border amidst dismissive rhetoric by Vladimir Vladimirovich Putin, Russia’s President of a ‘special operations exercise’ and weeks of Cyberwar attacks on critical digital infrastructure.

I would personally like to applaud the Citizens of Ukraine for their What made this war markedly different andwas it’s from anycourage other war in history use of Cyberwar as a precursor to the Kineticdetermination war that followed some .5 weeks later.

Russia launched a Cyberwar offensive against Ukraine and although the methods and attacks were nothing particularly new in their use and fact that far too many leaders deployment, it was the sheer scale and nature of oversuch 70 Ukraine ofdebilitating the world have allowed a situation Government to manifest websites itself andisinfrastructure an utter that caused across many normal disgrace and chaos eventually, those Ukraine Government channels. responsible MUST be held to account.

The

Attacks such as Man in The Middle (MiTM) and no doubt code injections to enable Domain Admin Access and Domain Hijacking and Takeover were witnessed.

Digital Blood on Their Hands fills in the Although such attacks are nothing blanks. It will inform and enlighten particularly new, as these followed everyone of how we got here, and where closely in the fashion seen in 2020 we will hopefully go and what we need when SolarWinds who had suffered to do to alter the destructive course we similar digital intrusions, using near are currently on. You will no doubt have identical methods with the same heard the term, I hope it was not all in outcomes, it was the scale and audacity vain, this I truly hope by my addressing that possibly was shocking and and bringing the real world of crippling. clandestine cyberwar and cyberattacks to be openly discussed and addressed, What is more, it also heralded a major not just by ignorant politicians looking to milestone that other Governments’ own achieve their next vote so they basic security negligence also left them manipulate their view of the world and highly exposed. That thin red line had vastly increase their personal Bank undoubtedly been crossed and possibly Balances, but to serve the citizens of the would threaten every government and world congruently and as a collective. country globally as unlike a warhead Less me, and more us. with a limited range, cyberattacks have no boundaries or limits and due to security negligence, even gross negligence, every critical infrastructure Governments, the Intelligence globally could be targeted and Community including the Alphabet infiltrated. Agencies are at a major crossroads. Do they continue manipulating the Cyber realm without any defence by focusing on purely Offense, the same Offensive capabilities as we areModus witnessing Operandi against Ukraine and now Russia, or do hadstart been set over the last twosecurity decades we taking security, basic or more however, although growing in seriously? frequency and scale, they had, until now, been confined to cyber criminals looking to sell data to anyone willing to pay. This has created an entire Black Market cyber eco system all the way up to and including Zero Days where no ‘Fix’ is yet known or developed.

The

On We

Thursday 24 February

2022, coincidently, the same day of my sisters birthday, Russia launched a comprehensive invasion of Ukraine. This have frequently been attack followed weeks of Russian forces marginalized because of our views, building on the Russian, Ukrainian beliefs, knowledge. It is often by border and amidst dismissive rhetoric considered ‘Dirty little Secrets’ that are Vladimir Vladimirovich Putin, Russia’s best left unsaid due to fear of reprisals President of a ‘special operations to Politicians Tech Giants signing the exercise’ andorweeks of Cyberwar attacks next multi $billion deal which provides on critical digital infrastructure. no more security, and instead of mitigating, adds to the different already What madeactually this war markedly woefully positions. from anyexposed other war in history was it’s use of Cyberwar as a precursor to the Kinetic war that followed some 5 weeks later.

Smoke,

andoffensive sleight of Russia launched mirrors, a Cyberwar against Ukraine and the hand is being used byalthough Wall Street methodssecurity and attacks werenot nothing building Unicorns, to better particularly new in their use and protect the citizens of the world, but to deployment, it was thepockets sheer scale and line their bulging, dirty further. debilitating nature of over 70 Ukraine Government websites infrastructure Personally, I am sick to and my stomach of that caused chaos across many normal the Tech Giant forcing our hand to use Ukraine Government channels. upon Attorneys as literally thousands thousands of people are dying either Attacks or such as Manquite in The Middledue directly, indirectly possibly (MiTM) and noThe doubt injections to their errors. titlecode of this book, to enableBlood Domain Admin Access andnot Digital on their Hands could Domain Hijacking and Takeover were be more apt. witnessed.

The

Modus Operandi

Andy Jenkinson is the Group CEO, Cyber Innovation Partners. Group and Member of the International Advisory Council Human Health Education and Research Foundation. He is a senior and seasoned innovative executive with over 25 years of experience as a hands-on lateral thinking CEO/COS coach and leader. Recognized as one of top global Cybersecurity experts. He is also a big business accelerator, having created and been responsible for £100 millions in revenues within the technical, risk and compliance markets. Masters in NLP/NAC. Jenkinson is also the author of “Stuxnet To Sunburst 20 Years of Digital Exploitation and Cyber Warfare”.

117 21

PUBLISHER | EDITOR

EXPONENTIAL TECHNOLOGIES CYBERSECURITY

Linda Restrepo is Director of Education and Innovation Human Health Education and Research Foundation. She has been a recognized Women in Technology Leader Cybersecurity and Artificial Intelligence. Restrepo's expertise also includes Exponential Technologies Management, Computer Algorithms, Research, Implementation Management of Complex Humanmachine Systems. Interstellar exploration and Mars Human Habitats; Global Economic Impacts Research. Restrepo is President of a global government and military defense multidisciplinary research and strategic development firm.

She has directed Corporate Technology Commercialization through the US National Laboratories. Emerging Infectious Diseases, Restrepo is also the Chief Executive Officer of Professional Global Outreach. Restrepo has advanced degrees from The University of Texas and New Mexico State University.

TECHNOLOGY IN THE MAKING

PUBLISHER - EDITOR

TECHNOLOGY IN THE MAKING DISCLAIMER: This Magazine is designed to provide information, entertainment and motivation to our readers. It does not render any type of political, cybersecurity, computer programming, defense strategy, ethical, legal or any other type of professional advice. It is not intended to, neither should it be construed as a comprehensive evaluation of any topic. The content of this Presentation is the sole expression and opinion of the authors. No warranties or guarantees are expressed or implied by the authors or the Editor. Neither the authors nor the Editor are liable for any physical, psychological, emotional, financial, or commercial damages, including, but not limited to, special, incidental, consequential or other damages. You are responsible for your own choices, actions, and results.

LINDA RESTREPO

PUBLISHER - EDITOR