Spying on a Spy? |
For instance only three weeks after I started posting on this blog, I put up an article on cyberwarfare in which the names of some enigmatic security agencies in Israel were included (Mossad, Shin Bet, the elite cyberwarfare squad Unit 8200, Matztov - unit responsible for Israeli high priority encryption and network security, as well as the IDF the Israeli army and the brand new C4I Directorate).
Wonders from Hades! I had almost instantaneous traffic -- ostensibly from sleepy Saudi Arabia. There wasn't even a single mention or reference of Saudi Arabia on that article. My blog post apparently had too many sensitive words, and some curious people in Israel using proxy zombie servers in Saudi Arabia (I would suppose) paid my blog a courtesy call to see what exactly I was up to.
That was nothing in comparison to the reaction from Russia on the same day. It was in this very same blog post that there was mention of Russia's cyber attacks on Estonia, Georgia and Kyrgyzstan with the help of a criminal ring that controls massive botnets (180 million zombie computers), the so called Russian Business Network (RBN). I had ten times as much traffic as the one I think was initiated by Israeli cyber snoops. This time from a curious url from Russia and another one in Ukraine. Moscow and RBN were also not taking blogs lightly it seems.
It must be remembered at this time no one, even my close friends or family knew I was blogging so traffic was non-existent, but here I had sudden outrageous spikes practically from zero pageviews (excluding mine) after one single posting. Traffic that in real terms was specifically and intentionally probing what amounted to a virtually non-existent or inactive url in the blogosphere!
That was also the first time I had traffic from the US. I didn't know America's NSA (National Security Agency) agents were even literate in English anymore. With all their focus on learning and reading Arabic so as to intercept and decipher terror messages, I thought they wouldn't bother to set their powerful crawlers and snooping software to pick up the words of some cocky dimwit in Kenya. Yet again I was wrong.
So you can imagine how dumbstruck I was in early January to go through the stats only to see that some nefarious characters in the intelligence community across the world (or their cyber-robots) were probably the only people skimming through my blog! Ever since I have been monitoring these traffic movements very keenly and am glad to say things look ordinary now.
Yet I have this nagging feeling there are silent bugs monitoring any further 'strange' activity from my computer. Am good, but not that good - I can't analyze all changes in the registry for curious modifications in my system files, it would be easier to just format the damn thing, but they would probably plug in some fresh code as soon as I access my blog dashboard (there are a hundred different ways in which they can bait code to be picked up by a target machine or user). So it isn't worth the bother -- I really have nothing to hide.
Why this long-winded tale now? Well, that article has enjoyed little interest, until last week -- when yet again it trumped the homepage pageviews (which on a single page blog means the latest blog posts). The article is deeply buried in the archive and not quite an easy read. The IP addresses? Russian again. What is the beef Mr.Putin? I have no quarrel with Russian thugs and ego-maniacal autocrats, I don't know a word of Russian and neither do I write satire in Russian.
I can only hope it is some of my compatriots in the diaspora, but if so they have picked up some pretty weird habits in Russia. {How can hordes of people -- specifically from one location in Russia -- directly zoom in (no search engines, no referring urls, nothing) on an obscure article, buried in an obscure blog without even going through the homepage and still be normal?}
For the sceptical non-IT geeks and bloggers, you already know I readily have information about the ISPs and service providers. So I can cross-check my attributions of traffic sources.
By monitoring a set of related activities, I can even discount the errors in attribution that may result from dhcp pooling, which in effect shields the identity of the service provider and the relevant IP address. The ISPs might inadvertently or deliberately muddle things but the user systems and browsers tell me all I need to know. OS, timezone, language settings that kind of thing. Pining down the country of origin is not so hard, which is good enough for me. Although more specific positioning is possible with an even more aggressive third party software or service than the one I use, I have no reason or interest in wasting time and money to track individual users.
Why tell you all these? Well it is the reality in the 'real' Internet, all sorts of people track your actions all the time. If you don't like it start by resetting your cookies all to be deleted when you close the browser. Also enable prompts so that you would know who is installing what on your computer while you gleefully browse the Internet. If you are really paranoid install an IP masking software (e.g. Hide IP Easy etc most of the free ones are malware themselves -- viruses and trojans -- so beware), this might make your connection slower though.
Then install a really good anti-virus (Avast isn't perfect but it is efficient, light on the system, credible and free -- it works well once you register it online -- no lengthy processes), most also monitor fishy Internet traffic on the various ports that Internet protocols use. Finally get the latest version of a good browser. Google is a big snooper (Chrome), so is Microsoft (Internet Explorer) , Mozilla is only as good as you yourself are, if you are lax it will oblige and let everybody in on your business. (Make it a habit not to flippantly click nice looking buttons on suspicious websites that urge you to click). As for the right browser just browse around and try out the different ones, am sure by reading online reviews and complaints on places like forums you'll find something suitable.
Just to lessen the creepy nature of you my readers and generally all visitors to this blog, yes you do freak me out (which is something I have been ranting about in previous posts) I have reset (and deliberately lowered) the comments requirements and anybody can now 'anonymously' post comments on this blog on what it is that is driving them nuts. Abuse, vulgar language and immaturity should be reserved for teething rascals and confused teenagers in the social networks -- i.e. no one wants them here and consequently they will not be tolerated. Comments from Vladmir Putin are not welcome.
M. Wycliff,
Nairobi.
FYI:
twerp:
· n. informal a silly or annoying person.
- ORIGIN C19: of unknown origin.
No comments:
Post a Comment