Brazilian Army Gets Hacked After Allegations of Cheating In Security Cyber-Games

← Back to Stories (view on slashdot.org)

Brazilian Army Gets Hacked After Allegations of Cheating In Security Cyber-Games

Posted by timothy on Saturday November 14, 2015 @04:50AM from the whole-lotta-semantics-goin'-on dept.

An anonymous reader writes: Anonymous hackers breached the servers of the Brazilian Army, and later leaked the personal details of around 7,000 officers. The incident seems to stem from CTF games where security teams try to hack each other. Apparently the Brazilian Army team used forbidden tactics to win its games, and the hackers responded by doxxing some of their officers. A snippet: According to the hackers' statement, the Brazilian Army team used a forbidden technique to win their CTF matches in a local CTF tournament. The technique they used is WiFi deauth, a simplistic attack that jams WiFi traffic, incapacitating the other team. The hackers also seemed upset at the fact that the Brazilian army was bragging about their accomplishments, being particularly angry at the usage of the word "elite."

34 comments

Min score:

Reason:

Sort:

oh slashdot by Anonymous Coward · 2015-11-14 04:59 · Score: 0

Things are sleepy here nowadays...
"forbidden tactics" ? by YrWrstNtmr · 2015-11-14 05:14 · Score: 1

No, you use whatever you can. An actual enemy would.
If you are constrained by 'rules' of how you can operate and what tools you can use, you are deluded and have already lost. The 'exercise' is simply a dog and pony show.
1. Re:"forbidden tactics" ? by ShanghaiBill · 2015-11-14 05:19 · Score: 5, Informative
  
  No, you use whatever you can. An actual enemy would.
  No. An actual enemy would not jam your WiFi because they would not be on your local network. That rule existed in the game because it was an attack that would not be available in an actual conflict.
2. Re:"forbidden tactics" ? by TWX · 2015-11-14 05:24 · Score: 2
  
  I have a very simple solution to prevent this kind of thing from being a problem in a hacker get-together. It's called a cable.
  
  --
  Do not look into laser with remaining eye.
3. Re:"forbidden tactics" ? by Anonymous Coward · 2015-11-14 05:24 · Score: 1
  
  CTFs have two rules: control the system, and keep the system online. Maximizing up-time is the entire point of a CTF.
  The army couldn't beat the hackers so they jammed the connection with a wireless DoS. That defeats the purpose of the exercise. They might as well have turned off the computers.
  Turning around and claiming victory after essentially admitting defeat was a lamer move. I'm not surprised bragging about their "elite" response triggered retribution.
4. Re:"forbidden tactics" ? by YrWrstNtmr · 2015-11-14 05:30 · Score: 2
  
  Really? A small drone flying around, saturating/jamming your WiFi freq. Even if it only lives for 5 minutes before being shot down, that may be enough
  You want realistic games? Nothing is off limits.
5. Re: "forbidden tactics" ? by Anonymous Coward · 2015-11-14 05:33 · Score: 2, Funny
  
  So just kill your opponents and you win the game. The other countries would probably not want to participate in games after that...
6. Re:"forbidden tactics" ? by Antique+Geekmeister · 2015-11-14 05:35 · Score: 1
  
  > No. An actual enemy would not jam your WiFi because they would not be on your local network
  Except when they've rootkitted a laptop near you, or used an antenna or a locally planted repeater to access your network from slightly offsite, or planted a wifi gateway inside your network. This is the difficulty of setting up defenses based what you think an "actual enemy" would do, rather than based on what real attackers do. Real attackers use the cheaper, simpler attack methods because they work, but they also try sophisticated techniques when simple methods _don't_ work or even because they happen to have them available.
7. Re:"forbidden tactics" ? by ShanghaiBill · 2015-11-14 05:51 · Score: 4, Insightful
  
  Really? A small drone flying around, saturating/jamming your WiFi freq.
  Except they didn't use a drone. They used a stationary jammer inside the facility, which is not realistic. They were also jamming WiFi, but a real military comm center would have cabled connections. WiFi was only being used because it was easier to run the game that way.
  
  You want realistic games? Nothing is off limits.
  The everyone would bring a shotgun to a chess tournament. Games are designed to test and exercise specific capabilities. There are always compromises that make them different from a real war, and rules to prevent participants from exploiting those compromises to "win" in unrealistic ways that would not work in a real conflict. Cheating to win doesn't make you better. It just corrupts the process, and then game is no longer an effective tool for improvement. So in a real war, you lose.
8. Re:"forbidden tactics" ? by Anonymous Coward · 2015-11-14 06:16 · Score: 0
  
  Establishing "rules" like that defeats the purpose of the exercise.
9. Re:"forbidden tactics" ? by Anonymous Coward · 2015-11-14 07:16 · Score: 1
  
  No it doesn't, it ensures the legitimacy of the exercise. Uptime matters. If hackers deprive you of up-time: they've already won. That's why Anonymous is always using DDoS attacks: there are a lot of them an it is a cheap/easy victory.
  Taking down your network and calling it a "victory" is like using scorched earth tactics against your own capital and calling your retreat a victory.
  The "up-time" stipulation shouldn't even need to be said, but it deters retards from pulling the plug and knocking over the chess table when they start to lose.
  Call me back when Amazon AWS or the GPS network just hits the "off switch" in response to hacking attempts. Until then: the Brazilian Army were no-talent sore losers who had the nerve to claim they won.
10. Re:"forbidden tactics" ? by Anonymous Coward · 2015-11-14 07:18 · Score: 0
  
  No, you use whatever you can. An actual enemy would.
  No. An actual enemy would not jam your WiFi because they would not be on your local network. That rule existed in the game because it was an attack that would not be available in an actual conflict.
  An actual enemy would use whatever resources are available eo them, up to and including nuclear weapons. I think you are perhaps complaining about the fact that the simulation environment wasn't constrained, and that the exercise used WiFi "because it was easy".
  I will point out that actual military installations tend to also use WiFi "because it is easy", despite the fact that it's also stupid, because people tend to take stupid shortcuts.
  If they had hacked a particular enemy laptop in the "enemy side" and used its SDR to accomplish the jamming, would this have still been considered "cheating" under the established rules of engagement?
  This is sour grapes from a group that does not understand the concept of "Total War", which, among other things, involves salting the fields of the enemy so that they can not grow food in order to feed their army, and the army starves to death. Cruel tactics, like General Sherman's "march to the sea", but if the alternative is losing, you do anything.
  France has just demonstrated that the other side is not going to "play by the rules", and dress in red coats and march in straight lines, like the British did during the U.S. war of independence; it's stupid to "play by the rules" and handicap yourself under such circumstances, and is in fact a recipe for failure.
11. Re:"forbidden tactics" ? by ShanghaiBill · 2015-11-14 07:25 · Score: 2
  
  Except when they've rootkitted a laptop near you, or used an antenna
  Defending against these attacks is not the responsibility of the participants in this exercise, and is not the point of these games. The defense against these attacks includes physical security, and better background checks. Those are not skills that are important in a penetration specialist, nor could they be realistically tested in this game scenario. To find a rootkitted laptop, you would walk around disabling wifi on each laptop until you found the offender. Do you think this exercise could work if any team could walk up and physically disable another teams equipment?
  If breaking the rules is allowed, then you are better off simply smashing your competitors' equipment. Soon your "cyber warriors" would all be large muscle men with IQs of 80, because that was the winning strategy in the game. Do you think they would win in a real war?
12. Re:"forbidden tactics" ? by HiThere · 2015-11-14 07:32 · Score: 1
  
  And intelligent actual enemy would not jam your wifi after rooting one of your laptops, but rather use that laptop to forward information to them that you believed them ignorant of. And then, of course, if you detect it you feed in false, but believable information. And then...
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
13. Re:"forbidden tactics" ? by Anonymous Coward · 2015-11-14 07:46 · Score: 0, Insightful
  
  Except they didn't use a drone. They used a stationary jammer inside the facility, which is not realistic. They were also jamming WiFi, but a real military comm center would have cabled connections. WiFi was only being used because it was easier to run the game that way.
  Seriously?
  It is too difficult for the event organisers to run CAT-5/6 cables connected to a switch or router or concentrator and the computers used for these simulated attacks? What have geeks and hackers become these days? Pablum-fed infants?
14. Re:"forbidden tactics" ? by DarkOx · 2015-11-14 08:34 · Score: 1
  
  Except when they've rootkitted a laptop near you
  Now why in hells name after you have successful root a laptop in the enemies defense services would go and do a stupid thing like that. You might as well pop up a dialog that says, "HEY THIS MACHINE IS PROBABLY COMPROMISED LOOK HERE". No thank you if I was an attacker I rather keep my compromised box to help me ensure persistence rather than sacrifice it on what will be at most a minor disruption of a small number of people for a few moments.
  
  --
  Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
15. Re:"forbidden tactics" ? by Antique+Geekmeister · 2015-11-14 08:54 · Score: 1
  
  > Defending against these attacks is not the responsibility of the participants in this exercise,
  I agree. The rules test certain types of defined attack vectors. But the concept that "No. An actual enemy would not jam your WiFi because they would not be on your local network" is not a well founded one, and it's what I meant to object to. Many attackers can, and will, gain access to your local network. Many successful or partially successful attackers can, and will brag about or exchange details on exactly how to enter your local network once it's penetrated, so it's very, very poor security policy to say claim an attacker would never be on your local network. And "attackers on your local network" was exactly what the exercise was designed to test.
  > To find a rootkitted laptop, you would walk around disabling wifi on each laptop until you found the offender.
  You first have to be able to detect whether it is, or is not, misbehaving on your network to be able to tell when it's turned off. If you can do that, you can probably already identify its MAC address and tie it to a particular access point. That's useful if you have such control, but most security attacks involving local network access are less blatant and detectable. Those kinds of attack seem to be what these "capture the flag" exercises involve.
16. Re:"forbidden tactics" ? by Anonymous Coward · 2015-11-14 09:22 · Score: 0
  
  You don't have to be on someones local network to deauth them from wifi. As a matter of fact, de-auth attacks are usually used in order to get the WPA handshake of the wifi network you are trying to breach. It's a very simplistic tool, and it should be banned from CTF's since there's really no skill involved in it.
17. Re:"forbidden tactics" ? by Gravis+Zero · 2015-11-14 09:22 · Score: 1
  
  You want realistic games? Nothing is off limits.
  Then everyone would bring a shotgun to a chess tournament.
  now that's my kind of chess tournament!
  
  --
  Anons need not reply. Questions end with a question mark.
18. Re:"forbidden tactics" ? by cavreader · 2015-11-14 09:38 · Score: 1
  
  We are not talking about a chess game here. It was a game of cyber-warfare and there are no rules in a game like this. The only possible rule would be try not to kill anybody but other than that anything goes. In the real world a drone could be used to take down the Wi-Fi or someone could infiltrate the facility and place a device inside the facility. I am sure the Iranians thought their nuclear centrifuges were safe from outside interference until someone infiltrated one of their most secure facilities in the country and released Stuxnext using a thumb drive.
19. Re:"forbidden tactics" ? by phantomfive · 2015-11-14 09:40 · Score: 1
  
  You want realistic games?
  
  CTF is not realistic. It's lots of fun, but plenty of "realism" has been cut so you can test skills in realtime. It can take several months to find a zero-day exploit in real life, but in a CTF contest, you might find several of them in a single day.
  
  --
  "First they came for the slanderers and i said nothing."
20. Re: "forbidden tactics" ? by Anonymous Coward · 2015-11-14 10:05 · Score: 1
  
  I used to organize that kind of tournament and we had basically three contest specific rules, teams are forbidden to go to the other teams area, keep your malicious traffic inside (no hacking on the real internet) and don't hack our infrastructure (the score keeping machine, the firewal/gateway to the net, the free wifi,the jukebox). We also had a code of conduct we evident rules like no fighting, no vandalism, no stealing etc....
21. Re:"forbidden tactics" ? by DRJlaw · 2015-11-14 10:39 · Score: 2
  
  It was a game of cyber-warfare and there are no rules in a game like this. The only possible rule would be try not to kill anybody but other than that anything goes.
  But you just said there are no rules. In the real world once I knew where you were I could bomb you and/or the computer hosting your link. Therefore I should be able to walk over to you in the tournament and shoot you in the head. Your poor opsec is your problem, not mine.
  You're not saying that there's no rules, you're saying that you'll only obey the rules that you believe should exist. The problem is, I do not have to believe in same rules, or in fact any at all.
  You can either agree to mutual rules, cheat, or admit that there are absolutely no rules. What you can't do is agree to rules, violate those rules, and then claim that you're not a cheat.
22. Re:"forbidden tactics" ? by Anonymous Coward · 2015-11-14 12:29 · Score: 1
  
  Of course they can. But why bother if that's not what they are attempting to test?
23. Re: "forbidden tactics" ? by KGIII · 2015-11-14 15:57 · Score: 1
  
  So you could say that their enemies 'got waxed?'
  
  --
  "So long and thanks for all the fish."
24. Re:"forbidden tactics" ? by Hognoxious · 2015-11-15 00:41 · Score: 1
  
  If breaking the rules is allowed, then you are better off simply smashing your competitors' equipment.
  
  Or their heads. I doubt the fine upstanding South American military chaps would ever do anything like that though.
  
  --
  Confucius say, "Find worm in apple - bad. Find half a worm - worse."
25. Re:"forbidden tactics" ? by Anonymous Coward · 2015-11-16 15:16 · Score: 0
  
  The more rules you impose the more useless the entire exercise becomes when trying to protect your systems in the real world. The people trying to infiltrate your systems certainly don't play by the rules. Less rules encourages thinking outside the box which the worlds best hackers use to keep the computer security experts two steps behind.
Forbidden by Anonymous Coward · 2015-11-14 05:30 · Score: 1

They went full cyber. Never go full cyber.
"Elite?" by Anonymous Coward · 2015-11-14 05:50 · Score: 0

elite, adj. : see 'l337'
Is this by defininition an irony? by Anonymous Coward · 2015-11-14 10:18 · Score: 0

Talk about cry babies!
Ah the Kobayashi Maru technique by presidenteloco · 2015-11-14 12:44 · Score: 1

All's fair in love and war.

--

Where are we going and why are we in a handbasket?
Isn't that the whole point? by RichZellich · 2015-11-14 16:47 · Score: 1

If you're doing cyber-security hacking, the _whole point_ is cheating.
1. Re:Isn't that the whole point? by Anonymous Coward · 2015-11-17 22:27 · Score: 0
  
  Actually since there are no rules in real life, winning by cheating is already unrealistic.
  I mean you could set up both teams in bunkers separated by several 100kms and each protected by an company of mechanised infantry.
  But that would just cost a lot of money and not add much to the purpose of an exercise witch is about cyber security, so you just have a rule instead that basically says both parties have to act like that would be actually the situation.
Kobayashi Maru by Gibgezr · 2015-11-16 03:38 · Score: 1

So they pulled a Kobayashi Maru and Slashdotters are upset? I did not expect that.