DriftingShadows and GravityTurn.

These are two products from the USA-based CIA/NSA labs for computer wiretapping, and data "exfiltration" - ie. hacking your computer and cellphone, wiretapping them without a warrant, and then removing copies of your private data without a search warrant. The current understanding (by me and many others, including the Supreme Court of Canada) is that these actions explicitly violate Canadian "black-letter" law.

As an analyst, I like to find out the origins of things.  There are a series of nasty ransomware exploits attacking internet-enabled machines around the world currently. This ransomware is really only the beginning, many fear.  Much of the base-level security of the internet, and of the various machines that run on it, appear to have been compromised.  And this has been by design.  It's not an accident, or the result of programming errors.

People should understand the risk this represents. Degrading the integrity of the internet will have economic consequences. It directly threatens global commerce. The software to do this, came from US labs that support the American spy agencies - the CIA and the NSA.   With global GDP, so goes global security.

I ran into this WikiLeaks document, which describes the success of  "process hollowing", while chasing down some information on something else.   It's a very interesting document.  These two utilities - DriftingShadow and GravityTurn - are specifically *not* detected by modern anti-virus software.   And rather than helping enhance and improve our security, the agents at the CIA and the NSA have worked with the vendors (Microsoft, especially, it appears) to degrade system and network security.  The American CIA has effectively increased the ease and the likelyhood that our modern, commerical world will be successfully hurt. Do these spy-guys not understand the damage they have done and are still doing?

If you trash the integrity of the internet you risk doing damage to global economic linkages, and the alternate reality that we might be facing is one of de-liberalization, and a return to a world of fortified, walled-off totalitarian nation-states that are suspicious and fearful of trading with each other.  (Many argue this is already happening in Turkey, for example.)

Do the 2030's have to look like the 1930's, but run at internet speed?  Imagine the liberalization of China run in reverse.  Imagine the Cold War, but fought with advanced nano-technology, false-flag "terrorist" attacks, and rapidly increasing levels of global poverty.  Wouldn't that outcome be the best breeding-ground for new terrorist entities?  Are we not just pre-programming war?

I've not seen the code for  "DriftingShadows" and "GravityTurn".   What can one really say? Perhaps: "Get off my lawn!"?   Except here in Canada, we have our own government in Ottawa, pushing a new law (Bill C-59) that will further exacerbate the risk, and enhance the damage being done. Bill C-59 specifically legalizes wiretapping activity that was previously unambiguously illegal, creates special legal status for the CSE, (the Canadian Security Establishment - essentially a wiretapping operation acting for the US government), and criminalizes various aspects of private communication.  It looks to be more questionable law and knee-jerk action, which may well serve to seriously reduce, not enhance, national and trans-national security.

Our own federally-funded research labs should be helping us harden and improve our security, and should not be cooperating with foreign agencies to degrade it and put internet operational integrity at risk.  The CSE should probably be shut down, and a new organization created with a specific mandate that benefits Canadians, not rogue foreign entities, as one might characterize the American CIA, given the overt hostility its weaponized software products demonstrate.

The foreign spy agencies and their hostile actions towards the necessary security of the internet may well be a more dangerous threat than anything "terrorists" are likely to do. The terrorist element may damage us. Those threats have always existed, and they will continue to exist. But continued successrful attacks against the internet and the commerical activity it supports - using these weapons developed in the CIA and NSA labs - will put global trade growth at risk, and encourage the re-establishment of the "fortified" nation-state economic model.  We are better to tear down walls between nations, than to build more of them.  To degrade our long-term future prosperity will hurt us all more than any terrorist action ever could.

The WikiLeaks page is reproduced below.  It is short and clear, and comes from a general discussion page discussing how to defeat PSPs - Personal Security Programs - also called "Anti-Virus" programs, such as AVG and Kaspersky.   Note this carefully.  The CIA is specifically working to develop monitoring systems - DriftingShadows and GravityTurn are specific examples - that degrade and compromise local computer system security.   This approach - and the actual weaponized code that supports these strategies - is how we got what we have now, an open-ended and growing slush-pile of ongoing system and network security failures that are hurting everyone everywhere. 😠😙