Global Governance The Digital Domain & The Death of Internet in 2022

Securing The Net: Global Governance in The Digital Domain was a White Paper written in September 2013. 

This report was produced within the framework of the Global Governance 2022 program, organized by the Global Public Policy Institute in Berlin, in collaboration with partner institutions in the United States (The Brookings Institution and Princeton University), China (Tsinghua University and Fudan University), and Germany (Hertie School of Governance). 

The Global Governance Futures Group symbiotic with the Global Public Policy Institute(GPPi) outlines Specific Methodologies and Scenarios on the Future of Cyber Risk and Governance. 

The 2013 Report Outlines The Following: 

"Could the Internet actually die? The path to this outcome might be precipitated by an inability to address growing mistrust, the continued existence and exploitation of major cyber vulnerabilities, and mass fear created by new kinds of cyber attacks. "


  • an “incubation period” during which steadily growing Sino-American [CHINA-AMERICAN] tensions, an interstate cyber incident as well as the continued militarization of cyberspace led to a gradual disconnection of various sectors of critical infrastructure from the Internet;

  • ›  an “outbreak phase,” in which a “tsunami” of cyber crime led to a collapse of e-commerce and forced governments, overwhelmed by the volume of crime in cyberspace, to develop secure, parallel network architectures that conformed to national and regional boundaries;

  • ›  finally, the “passing of the ‘old’ Internet,” initiated by Russia, China, and Germany following a global panic during a brief period of “cyber terror.” 

    The collapse of e-commerce, which threw the global economy into a recession, was paired with a global run on banks. The lack of confidence in banks led to the withdrawal of private savings at record levels. This near-immediate global collapse of the financial system spurred governments to action.

              'SCENARIO 2: “CYBER PARADISE"

  • ›  bilateral and multilateral efforts between states that ultimately led to a General Agreement on Confidence Building in Cyberspace (GACBC);

  • ›  the diffusion and increased sophistication of cyber security systems/infrastructure, in particular advanced cryptographic and “electric fence” systems;

  • ›  and lastly, the creation of a regime centering around the International Cyber Security Treaty.

As the Internet was expanded further into all aspects of daily economic and social interactions, attention to the topic by politicians and the media continued to grow. Henceforth, a conference program was initiated that included not only the US and China but also the European Union, India, Russia, and Brazil. The discussions in this “cyber club” carried over to G20 meetings, as cyber security became a priority issue in national defense.



 As 2021 now Comes to an End we heard the Echos within IT to Safeguard our Legacy Industrial Control SystemsUpdating ICS and the Electrical Grid is Something a lot of us have been Harping on way before 2021. Unfortunately, either from State Sponsored Actors or from Political Mismanagement, Gov'ts tend to wait for something to break before addressing issues. Perhaps destruction and Order out of Chaos is the fix for these Policy Makers? The Great Reset now Comes to Mind when thinking about the Future of the Internet as we know it. The Cyber Trends for 2022 will Include Attacks on our Legacy ICS. 2022 Will See Cyber Attacks now becoming Physical. Cyber War will No longer only affect Data or IT Systems. 2022 will see the Age where a Cyber Attacks Could Result whether We have Power in the Winter to Gas Shortages across the country just like what we saw with the Colonial Pipe Line Hack. There will be More Ransomware Along with, IoT, Block Chain/Crypto Currency Wallet Attacks and Deepfakes will be in the headlines in 2022. The Push for a New Global Internet like our now Global Economy will be at the Forefront of all Nations and the UN in 2022. The Internet has already become a vastly different place from when I grew up with it in the 90's. We already saw the Great Social Media Purge of Dissenting voices in 2018. Will we allow the Internet to just become another Policy for Gov'ts to ruin and a Topic for Do-Nothing Politicians to Campaign and Pass Laws on? Or will we say Government Failures in Protecting ICS or Cyberspace & Political Overreach Should Not Equate to Censorship and the Monopolization of the Once Free Internet.

Lets Bullet Point Some Additional Reading on These Trends.

Biden Signs National Security Memo Addressing Industrial Control System Cybersecurity

White House: National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems

Cybersecurity & Infrastructure Security Agency  [GLOBAL]

Cyber-Attack on world’s largest meat processor highlights food system vulnerabilities June 2021

MITRE Framework on ICS Jan.2020

NIST: SolarWinds and Beyond: Improving the Cybersecurity of Software Supply Chains May 2021

ICANN and The United Nations 

Industrial Control Systems Joint Working Group (ICSJWG)


-Sodaghar 11/12/21

The Pandora Papers: World Leaders Offshore Accounts Global Conspiracy & Tax Evasion Exposed


ICIJ: The 150 news outlets that joined the investigative partnership include The Washington Post, the BBC, The Guardian, Radio France, OŇ°tro Croatia, the Indian Express, Zimbabwe’s The Standard, Morocco’s Le Desk and Ecuador’s Diario El Universo.


  The Pandora Papers investigation unmasks the covert owners of offshore companies, incognito bank accounts, private jets, yachts, mansions, even  artworks by Picasso, Banksy and other masters  providing more information than what’s usually available to law enforcement agencies and cash-strapped governments.

Millions of leaked documents and the biggest journalism partnership in history have uncovered financial secrets of 35 current and former world leaders, more than 330 politicians and public officials in 91 countries and territories, and a global lineup of fugitives, con artists and murderers.

The secret documents expose offshore dealings of the King of Jordan, the presidents of Ukraine, Kenya and Ecuador, the prime minister of the Czech Republic and former British Prime Minister Tony Blair. The files also detail  financial activities of Russian President Vladimir Putin’s “unofficial minister of propaganda” and more than 130 billionaires from Russia, the United States, Turkey and other nations.

The leaked records reveal that many of the power players who could help  bring an end to the offshore system instead benefit from it  stashing assets in covert companies and trusts while their governments do little to slow a global stream of illicit money that enriches criminals and impoverishes nations.

Among the hidden treasures revealed in the documents:

  • A $22 million chateau in the French Riviera  replete with a cinema and two swimming pools  purchased through offshore companies by the Czech Republic’s populist prime minister, a billionaire who has railed against the corruption of economic and political elites.
  • More than $13 million tucked in a secrecy-shaded trust in the Great Plains of the United States by a scion of one of Guatemala’s most powerful families, a dynasty that controls a soap and lipsticks conglomerate that’s been accused of harming workers and the earth.
  • Three beachfront mansions in Malibu purchased through three offshore companies for $68 million by the King of Jordan in the years after Jordanians filled the streets during Arab Spring to protest joblessness and corruption.

The secret records are known as the Pandora Papers.

The International Consortium of Investigative Journalists obtained the trove of more than 11.9 million confidential files and led a team of more than 600 journalists from 150 news outlets that spent two years sifting through them, tracking down hard-to-find sources and digging into court records and other public documents from dozens of countries.

The leaked records come from 14 offshore services firms from around the world that set up shell companies and other offshore nooks for clients often seeking to keep their financial activities in the shadows. The records include information about the dealings of nearly three times as many current and former country leaders as any previous leak of documents from offshore havens.

In an era of widening authoritarianism and inequality, the Pandora Papers investigation provides an unequaled perspective on how money and power operate in the 21st century  and how the rule of law has been bent and broken around the world by a system of financial secrecy enabled by the U.S. and other wealthy nations.

The findings by ICIJ and its media partners spotlight how deeply secretive finance has infiltrated global politics  and offer insights into why governments and global organizations have made little headway in ending offshore financial abuses.

An ICIJ analysis of the secret documents identified 956 companies in offshore havens tied to 336 high-level politicians and public officials, including country leaders, cabinet ministers, ambassadors and others. More than two-thirds of those companies were set up in the British Virgin Islands, a jurisdiction long known as a key cog in the offshore system.

At least $11.3 trillion is held “offshore,” according to a 2020 study by the Paris-based Organization for Economic Cooperation and Development. Because of the complexity and secrecy of the offshore system, it’s not possible to know how much of that wealth is tied to tax evasion and other crimes and how much of it involves funds that come from legitimate sources and have been reported to proper authorities.

Continue Reading 



CONFRIMED: Pentagon Documents Show Pandemic Planned in 2018



UPDATE* NIH admits Fauci Lied about Wuhan Funding


CONFIRMED: Scientists at the Wuhan Institute of Virology and their affiliated partners attempted to secure $14 million in funding from the Pentagon’s scientific arm DARPA to genetically alter viruses, including bat coronaviruses, and make them more infectious to humans, just eighteen months prior to the subsequent outbreak and pandemic.


Wuhan and US scientists were planning to release enhanced airborne coronavirus particles into Chinese bat populations to inoculate them against diseases that could jump to humans, leaked grant proposals dating from 2018 show....


The London Telegraph reports the findings revealed by Drastic, a web-based investigations team set up by scientists from across the world to look into the origins of Covid-19.

The documents they obtained, confirmed as genuine by former US government officials, show that DARPA turned down the request, saying the plans for yet more gain of function research were TOO DANGEROUS to the human population.


The Telegraph notes that the documents reveal the Wuhan scientists “submitted plans to release skin-penetrating nanoparticles containing ‘novel chimeric spike proteins’ of bat coronaviruses into cave bats in Yunnan, China.”


The documents also show that the plan involved genetically altering the bat coronaviruses to add “human-specific cleavage sites,” essentially making it easier for the virus to get into human cells.


This is EXACTLY what was discovered when Covid-19 was first genetically sequenced, prompting many scientists to suggest the virus had been genetically manipulated in a lab.


The documents reveal that the same cast of characters already under scrutiny regarding gain of function research in Wuhan submitted the plan to DARPA. Both British zoologist Peter Daszak of EcoHealth Alliance, who later attempted to shut down scientific debate on the possibility of a lab leak, and the “bat woman” Dr Shi Zhengli were intimately involved.

Angus Dalgleish, Professor of Oncology at St Georges, University of London, who maintains that the pandemic was likely a result of a genetically altered virus, said the research may have gone ahead even without the funding.


“This is clearly a gain of function, engineering the cleavage site and polishing the new viruses to enhance human cell infectibility in more than one cell line,” Dalgleish said.


The Telegraph notes that the plans were rejected by DARPA, with the agency noting “It is clear that the proposed project led by Peter Daszak could have put local communities at risk”, and further warning that proper consideration of the consequences of enhancing the viruses had not been undertaken.


Let that sink in. Even DARPA, the secretive military weapons development agency, the ones who have invented implantable microchips, cyborg dogs and drone killing machines said that the WIV gain of function plan was nuts.

The Telegraph also notes that a “Covid-19 researcher from the World Health Organisation (WHO), who wished to remain anonymous, said it was alarming that the grant proposal included plans to enhance the more deadly disease of Middle-East Respiratory Syndrome (MERS).”


“The scary part is they were making infectious chimeric MERS viruses,” the source warned.


Those findings dovetail with previous revelations in documents obtained under the FOIA showing that lab tampering was undertaken on MERS-like coronaviruses in several labs around Wuhan, including a level three biocontainment facility, which has lesser security that the level four labs previously mentioned in relation to the outbreak.


MERS viruses have 30-50 percent fatality rates, with the source noting “If one of their receptor replacements made MERS spread similarly (to COVID-19), while maintaining its lethality, this pandemic would be nearly apocalyptic.”


Drastic issued a statement on the latest findings urging “Given that we find in this proposal a discussion of the planned introduction of human-specific cleavage sites, a review by the wider scientific community of the plausibility of artificial insertion is warranted.”


The accumulating scientific evidence that points to a potential coronavirus lab leak, as well as China’s record on bio-security, and its constant stonewalling, warrants an adequate global independent investigation, which hasn’t happened.











How to Not be Hunter Biden: A Guide to Securing Data

BREAKING: Rudy Giuliani has handed over the Hard Drive to Delaware State Police Stating: "There's a sexual depravity to this that's disgusting," and "This is a really very, very sensitive one," We now know that the Computer and Hard Drive of Hunter Biden, the Bombshell Story by The New York Post is Confirmed and Being Investigated by Multiple Agencies including the FBI and Senate Homeland Security Committee  Director of National Intelligence John Ratcliffe also said: "Let me be clear: the intelligence community doesn't believe that [the Laptop being Russian Dis-info] because there is no intelligence that supports that. And we have shared no intelligence with Adam Schiff, or any member of Congress." on FBN 

We might hear the echoes of Conspiracy around this data however, those with InfoSec/OpSec backgrounds know this data can easily be verified through metadata and forensic software like EnCase or DEFT. Also, IMO I believe that Chain of Custody was followed by the Shop Owner once this became his property after 90 Days. He is quoted: 'I think that it's not the government as an entire entity but I think there's a history in this country of people with political motives doing horrible things. I don't want to be on the receiving end of that.'



Both Windows 10 and MacOS have built in File Encryption Software for Data

  • Both FileVault & DiskUtility for MacOS allow you to encrypt Files, Folders and Disk Drives.
  • BitLocker for Windows also lets you Encrypt Data at Rest and Disk Drives.
  • Set a BIOS Password - This is an easy quick option which won't let any Drives start unless a Password is entered. Less Secure because the BIOS can be flashed and reset but this requires time and physical access inside of the Computer. Also, a Disk Drive with no Encryption can just be removed and have it's Disk Image cloned.
  • Don't store any actual data on your physical devices. Use Cloud Services like iCloud, DropBox, Google Drive 

Remember unless you write and rewrite over data numerous times files and meta data can still be recovered from a device. The Dept of Defense Standard for wiping Data recommends rewriting over data at least 3 times while being the most secure at 7 times.

Extra Reading:

- Sodaghar 10/20/20

ICANN and the United Nations

  The US has confirmed it is finally ready to cede power of the internet’s naming system, ending the almost 20-year process to hand over a crucial part of the internet's governance.

In an earlier post this year I wrote a little tidbit on how there is a DATA ESCROW AGENT Program. Anyone who followed that trail will know this is run by ICANN which stands for the Internet Corporation for Assigned Names and Numbers. Basically they are in charge of issuing your IP address. They control numbers, all numbers on the internet. Without an IP you don't exist on the web. In basic terms your IP links to their DNS (Domain Name System). They run the gTLD and this gives your place on the web(if they allow it). ICANN has the power to revoke your IP, NS, and DNS. In the previous article I said "There is also a DATA ESCROW AGENT program which is Big Brother in the realm of Internet Protocol." And this is now more solidified through the Alliance with the UN. But lets not kid ourselves, ICANN has always been a 501(c) Non-Profit who has had a board of directors and members filled with technocrats over the years. In their first draft from ICANN on the DATA ESCROW AGENT program back in the late nineties it was something out of a sci-fi film giving AGENTS god-like powers over IP, Spying, and Data Mining. Into other things like 'How handwritten Encryption needs to be sent back to ICANN.'

  DATA AGENT third parties have the data, hold the data and send the data.

                    All data...

 In the mid 2000's ICANN and IRON MOUNTAIN formed the agreement on the new DATA ESCROW AGENT PROGRAM which used less tyrannical language but still held it's core belief, control. It's bad enough to know that a handful of people in the United States hold the Keys to the Internet but now it will be the UN and all their round tables.

Below is a link to these DATA ESCROW AGENT contracts and agreements along with ICANN's full archive of data.


                                                                                            -SODAGHAR 8/19/16


The Open Source Intelligence Framework

Open Source Intelligence (OSINT) is defined as intelligence collected from publicly available sources. In the intelligence community, the term "open" refers to overt, publicly available sources; it is not related to open-source software or public intelligence. This form of gathering and analysis of information is crucial to understand for both cyber and physical security professionals. Today I want to look at some concepts and tools used in OSINT. I'd have to write a book to cover it all so I'll touch on some basics. First, being able to gain all the knowledge on a target or organization without having the daunting task of penetrating networks and finding vulnerabilities in the machines to then exploit those machines could prove to be priceless. Using OSINT and Social Engineering tactics such as NLP and Pretexting can literally give you any information desired. Mix in lock picking, disguise and stealth; soon you're on the way to a road less traveled in the cyber security field. I mention Cyber Security because with The Internet of Things and billions of devices online there are countless exploits and vulnerabilities. Companies hire technical auditors called Pentesters or Ethical Hackers to find vulnerabilities within their intranet and networks, however this only covers the technical aspect not the physical. Let's say for instance I was contracted to find the network vulnerabilities of the corporation. They are well secured with Web Application Firewalls, Mod_Security on their Apache servers to prevent SQL Injects, Reverse Proxies Load Balancers and it's just something on this given day I don't feel like spending my time on or getting the team together so what do I do? Well using OSINT I join their LinkedIn group and find out they hire a Third Party overnight Security. I also find out that there is overnight construction tasked with the new building add on set to complete next year BINGO! Now when I get to the gate I already know the names and details of the security team, their bosses, the construction crew and the foreman. "Hey sorry I'm not in the company truck today my wife is expecting any minute now, we're having a boy I'm so excited! So I'll need to be able to leave whenever. Mr. Smith (the construction foreman) is aware and they should be right behind me." This situation could of gone a million ways, I could of just used stealth and jumped the wall in a construction outfit disguise that matches the logo and design of the crew doing the work(which I found using OSINT). I could of called the Security Officer at the entrance gate on his cell phone with a spoofed number from his wife's cell phone all obtained online using OSINT told him I was a Doctor and she is critical condition and we need you to come to the hospital to sign off on surgery. Unethical, yes but you gotta be able to have the balls to do what needs to be done and a corporation like this should have protocols in place for any situation. Plus who knows once he leaves the entrance gate and finds out his wife is alive it might be the best day of his life! The point is I needed access to not only set up a router for a Man in The Middle attack(as Plan B) but because I know OSINT is greater than IT I just want to stick to my roots and dumpster dive(Plan A). Not only do I find their financial reports from last quarter. I also find the names of their internal staff, routers, ISP and other information that I'll use to eventually exploit their internal network. At the end of the day information like this can fetch a pretty penny to competitors or on the black market so don't call yourself a security professional if you only conduct audits behind a screen, you're far from it.

Some basic technical skills are needed however to understand the concepts of foot printing and finger printing. If a simple search can find your mother's maiden name, your social media profile lists your favorite things, your birthday and your children's name one can probably deduce your credit card PIN, and passwords without having to spend days using a brute force attack. Instead an attacker with this information could use a dictionary type attack giving the program being used clues and phrases that suit a specific target. These are all examples of using OSINT information that is readily available and in Open Sight. For the interest of time I'll now bullet point a list of tools and resources and you can take it from there.

Remember if your attack targets in the right area, is executed properly a simple punch can be deadly. This is the power of OSINT!

*Search Engines and Social Media: Sometimes a simple Google or Facebook search can give you all the information you need to hijack a company mixer and gain further intel.

*The Social Engineering Framework: Provides an outstanding collection of modern concepts and books and is really a one stop shop for all the tools you need.

*Shodan: The Worlds first search engine that lets you find anything connected to the internet. Instead of searching for words or people you can basically search IP tables. This is an amazing resource but be warned you may be tempted by the dark side once you go there.

*Video: The basics of Locking Picking DEFCon 13

*Google Dorking: Inputting Commands into your search to reap its benefits

*Dradis Framework: Provides a centralized repository of info that you can use and share

*Maltego: Focuses on providing a library of transforms for discovery of data from open sources, and visualizing that information in a graph format, suitable for link analysis and data mining.

*Tineye: Reverse Image lookup that crawls the web to find all online locations of an image

We covered a lot in this one article and I know there is a ton of things missing but I hope this can provide you with a starting point and give you an understanding into the power Open Source Intelligence and how it impacts security in all aspects. Feel free to comment or contact me with any questions or if you have something to add.

How to open locks with a Nut-wrench old school technique

                       -SODAGHAR 1/18/16

Hotspot Hotwar

The sad fact is that most end users keep their Wi-Fi on at all times. With most devices the standard operation is to auto connect, or connect when the request is asked of it. I noticed a strange occurrence in my area; in which there are 8 xfinity hotspots within a block radius. I know COMCAST provides these to their users for the ability to connect when abroad. However seeing more than 2 in a given area seemed odd. Having curiosity I began to investigate. Before I connected I did some footprinting and noticed these 8 seemingly innocent hotspots all shared the same MAC ADDRESSES of only 3 ACCESS POINTS. One of the more odd facts is that two of the three AP's had routers which belong to AT&T. With certain tools I was able to pinpoint with precise detail the location and physical address of said Access Points. These 8 "xfinity" hotspots are all coming from the exact location and sharing the same MAC ADDRESSES of the 3 AP's there in.
  The security risk happens when a device connects. Immediately the device is flooded with packets which hold PAYLOADS linking to APPSFLYER.COM. These payloads are designed to to change the device DNS, backdoor the device and use it as a slave/botnet for PAY PER CLICK and other AD REVENUE AFFILIATE PROGRAMS as shown in this snippet of the payload

00f0  20 42 75 69 6c 64 2f 4a  5a 4f 35 34 4b 29 0d 0a    Build/J ZO54K)..
0100  48 6f 73 74 3a 20 74 72  61 63 6b 2e 61 70 70 73   Host: tr ack.apps
0110  66 6c 79 65 72 2e 63 6f  6d 0d 0a 41 63 63 65 70 m..Accep
0120  74 2d 45 6e 63 6f 64 69  6e 67 3a 20 67 7a 69 70   t-Encodi ng: gzip ...

 Further investigations shows of my DEVICE and ANY NETWORK I connected to; after receiving the PAYLOAD, would have it's DNS changed and credentials spoofed to serve the benefit of those generating ad revenue. In the simplest of terms what this means is; if the infected device or network was go to the traffic is rerouted and web traffic is then falsely represented generating ad and pay per click revenue for affiliates.

 Additionally the "xfinity" hotspot login page is SSL STRIPPED and a XSRF meaning it is an illusion of the actual site and anyone who enters their login info would have it and all data on the device compromised.
//this is know as Drive by Pharming and confirmed through use of the Metasploit Framework//

 I don't blame these low level, affiliate, PPC criminals for this operation, heck I haven't even told proper authorities of these actions with the hard evidence I have. Most people with newer, faster phones wouldn't notice these payloads being unleashed upon their system. The broadcast strength is so powerful these 8 "xfinity" hotspots stretch for about 1 kilometer so even driving by, having Wi-Fi on within a few seconds you'll have connected, received the payloads and by the time you've gone up the block the signal drops and none the wiser. Even if you take certain basic security measures within system settings there is still risk.

 These routers are sending out ARP and WoL packets that will trick a less secure device into connecting as soon as it enters its sphere of influence. Now, by the time we're home we've ingested megabytes of payloads, trojans and any other types of Malware from operations like this or by any malicious person/s.

These payloads, Cross Site Scripting and SSL exploits reach all the way to the top through allowance and negligence. Corporations, ISPs and even ICANN from a top down approach are all responsible for web crawlers, botnets and fake internet traffic.

 Only through education of threats and being aware of the technology around us we can be more secure in not just our own lives but of those around us.

*Keep Wi-Fi off
*Be cautious of any open networks
*Be security minded
*Be Aware


Below you will find a link to my google drive which has the full packet captures for you to analyze of this specific event.

                                                                                                             -SODAGHAR 11/20/15