The hacktivist group Anonymous claims to have leaked 1.7GB of data belonging to the United States Bureau of Justice Statistics (BJS). The file, which has been uploaded as a torrent and posted on The Pirate Bay, reportedly contains internal e-mails as well as the website’s “entire database dump.”
More:
http://www.zdnet.com/blog/security/anonymous-hacks-bureau-of-justice-leaks-17gb-of-data/12260
Preparing a good defense to deter cyber attacks ranks among his top concerns, Navy Adm. James G. Stavridis, the commander of U.S. European Command, told the Pentagon Channel and American Forces Press Service.
“In many ways, cyber is the threat I worry about most going forward over the long-term,” said Stavridis, who also serves as NATO Supreme Allied Commander Europe. “And the reason is, the potential for damage to our fundamental, societal way of life … compared to our level of preparation.”
“In the world of cyber, we are on the beach at Kitty Hawk, [N.C.],” Stavridis said, referring to the Wright Brothers’ famous first flight that heralded the birth of aviation. “We are just at the beginning.”
But he insisted that the United States and its friends and partners dealing with cyber threats don’t have the luxury of time the aviation industry enjoyed as it was being advanced.
“We don’t have 100 years in cyber,” he said. “We are so vulnerable. We have to take steps today to bring order to the chaotic world of cyber. And I think that is going to be not only a security challenge, but also a societal challenge.”
More:
http://www.defpro.com/news/details/35583/?SID=e1895d3b7b1b55161ee73aa84fb8d69a
And:
Chicago NATO Summit: declaration on defence capabilities
We are putting in place a new, leaner and more effective command structure.
We have made steady progress in developing a number of capabilities we identified in Lisbon as critical to the successful conduct of our operations, including: improving our defences against cyber attacks; extending NATO’s air command and control system; and augmenting our capabilities in Afghanistan for exchanging intelligence, surveillance and reconnaissance data and countering improvised explosive devices.
In the light of this progress, we have confidently set ourselves the goal of NATO Forces 2020: modern, tightly connected forces equipped, trained, exercised and commanded so that they can operate together and with partners in any environment”
http://www.avionews.com/index.php?corpo=see_news_home.php&news_id=1140935&pagina_chiamante=index.php
In recent weeks alarm bells sounded at Poland’s Computer Emergency Response Team when it was discovered that an unknown entity is sending massive amounts of forged data packets and posing a threat to BitTorrent users worldwide. A detailed analysis reveals that anti-piracy outfits may be initiating these attacks to prevent movies from being downloaded. According to security experts, the legality of these attacks is doubtful.
The security researchers, who say these poisoning attacks are happening on a massive scale, observe that they are targeted at specific BitTorrent swarms sharing Russian movie releases.
One of the likely explanations for these poisoning attacks is that anti-piracy outfits are utilizing them to “protect” their clients’ movies. For example, these outfits could overload BitTorrent swarms with corrupt data or “disconnect” messages while masquerading as legitimate downloaders.
This is exactly what the Microsoft funded startup Pirate Pay appears to be doing although other companies may also use similar methods. A company called ICM is currently listed as “protecting” the Russian film that was the subject of the attacks identified by CERT.
The security researchers don’t make any conclusive claims about the origins of the attacks, but they do note that anti-piracy groups are a possible source.
More:
http://torrentfreak.com/anti-piracy-outfits-launch-attack-on-bittorrent-protocol-120519/
Eugene Kaspersky has reiterated his long-standing support for Internet IDs, and called for all SCADA systems to be redesigned around a secure operating system, to protect critical infrastructure from cyber-attack.
SCADA is so vulnerable, Kaspersky told the AusCERT audience: “It’s not possible to protect. Stuxnet told us that modern systems are not protected at all. SCADA could be very easy victims – the result of an attack could be like Stuxnet but everywhere.”
He said his company’s research suggests that malware costs the world economy $US100 billion each year, and noted other vendors estimates of the total trillion-dollar cybercrime industry mean that, “because of cybercrime, we have the equivalent of two or three Japanese tsunamis a year” of economic damage.
People “need to understand the danger of cyber-weapons and of cyber-war to ruin national infrastructure. Transportation, power-grids, power plants … it would take us back to the pre-electric era.”
Last week, longtime chief Howard Schmidt stepped down. He’s replaced by Michael Daniel, who’s been in the Office of Management and Budget’s national security division for 17 years. What does that mean for the future of the cybersecurity issue? Probably that we can expect his knowledge of the intelligence community to play a part in not just tracking down hackers, but determining the lines that need to be crossed with future SOPA-like bills. So while this sounds like a relatively nondescript appointment, Daniel will almost definitely be a major player the next time someone comes for your internet.
http://gizmodo.com/5911617/white-house-hires-a-new-cybersecurity-chief
Fighting fire with fire
http://www.theregister.co.uk/2012/05/18/anonymous_ddos_india_sites/
An injunction issued by an Indian court in a copyright infringement case has forced Indian Internet service providers to block access to the video-sharing sites Vimeo and DailyMotion, Bittorrent-tracker The Pirate Bay, text-sharing site Pastebin and a number of other websites. In response, members of Anonymous mounted a denial of service attack on the websites of the Indian Supreme Court and the Indian National Congress political party. As of 2pm GMT, both sites are back up.
The temporary restraining order (PDF) was issued by The High Court of Judicature at Madras in response to a lawsuit by the Chennai, India based company Copyrightlabs (whose site appears to have been taken down for maintenance) over the sharing of the movie “3″ online. It orders ISPs to stop sharing of the film “by copying, recording, reproducing, camcording or communicating, or allowing others to to communicate” the contents of the film in any form.
Pirate Bay “Confirms Denial” By Loosely Knit Anonymous
http://www.zdnet.com/blog/security/anonymous-denies-it-is-behind-the-pirate-bay-ddos-attack/12191
http://www.zdnet.com/blog/security/wikileaks-has-been-under-ddos-attack-for-the-last-three-days/12219
Previously:
Anonymous, CCC, Cypherpunk, DDoS, Hacker, Hadopi, MegaUpload, Parti Pirate, WikiLeaks, 4Chan, 5e Pouvoir
http://vrritti.com/2012/02/11/anonymous-ccc-cypherpunk-ddos-hacker-hadopi-megaupload-parti-pirate-wikileaks-4chan-5e-pouvoir/
Despite blanket media coverage of Wikileaks and Julian Assange, there has been little discussion of the fact that Assange is merely one leader within a large and complicated social movement: Wikileaks, Karl Marx and You
http://vrritti.com/2011/01/12/despite-blanket-media-coverage-of-wikileaks-and-julian-assange-there-has-been-little-discussion-of-the-fact-that-assange-is-merely-one-leader-within-a-large-and-complicated-social-movement-wikileaks/
When Hunter Moore shut down his notorious revenge-porn website, Is Anyone Up, and sold the domain to an anti-bullying website, the whole world was surprised. Altruism? Maybe not: The Village Voice says Moore is being investigated for internet crimes by the FBI.
What’s more, he reportedly threatened to burn down the paper’s headquarters if they told anyone the about the FBI’s investigation into his site:
Honestly, I will be f*cking furious, and I will burn down f*cking The Village Voice headquarters if you f*cking write anything saying I have an FBI investigation.”
Much more:
http://gizmodo.com/5910762/report-infamous-revenge+porn-magnate-being-investigated-by-the-fbi
Used to install a notorious backdoor trojan that allows hackers to spy on political activists and government employees
“It is with much regret that we write to inform our users of a recent security breach at Bitcoinica,” Friday’s blog post stated. “The overwhelming majority of our bitcoin deposits were not stolen. The thief stole from us not you. All withdrawal requests will be honored.”
The post went on to warn that a database storing user names, e-mail addresses, and account histories was also accessed, and it also suggested cryptographically hashed passwords may also have been compromised. It advised customers who reused their Bitcoinica passwords on other sites to change them. Documents used to legally verify users’ identities are stored on separate servers at a separate data center with a different encryption regimen.
“Even full access to website database would not give the attacker access to this data,” the post stated. “We will have more to say soon about the circumstances surrounding this attack and what we will do to handle it.”
More:
http://arstechnica.com/uncategorized/2012/05/bitcoins-worth-87000-plundered/
In 2010 damages amounted to 10 Million EUR.
Dutch language news article:
http://www.telegraaf.nl/digitaal/12111537/__Fraude_internetbankieren_verdrievoudigd__.html
This is Robert Jan van der Zwaan (35) and he would have countless internet users pay for goods he would never deliver.
The criminal has been exposed by Dutch news media previously, but he managed to disappear before authorities could act. A global manhunt has now resulted in his arrest on the island Isla Margarita, where he went into hiding. He had selected Venezuela because the country has no extradition treaty with The Netherlands. That does not however, prevent enforcement authorities from taking action.
Van der Zwaan appears to have continued his criminal behavior, using the island as his lair.
Dutch language news article:
http://www.telegraaf.nl/binnenland/12107860/__Cybercrimineel_gepakt__.html
The unnamed 17-year-old was cuffed in Newcastle on suspicion of breaking the Computer Misuse Act. Detectives seized computer equipment for forensic analysis, and quizzed the youngster on Wednesday at a nearby cop shop. Met Police said enquiries are ongoing and no charges have been brought.
The suspect, who is believed to use the online nickname ‘MLT’, is allegedly a member of and spokesperson for TeaMp0isoN (‘TeamPoison’) – a group which has claimed responsibility for more than 1,400 offences including denial of service and network intrusions where personal and private information has been illegally extracted from victims in the UK and around the world.
More:
http://www.theregister.co.uk/2012/05/11/third_teamp0ison_hack_suspect_arrest/
Dutch language news article:
http://www.security.nl/artikel/41450/1/%22Kennisgebrek_politie_nekt_bestrijding_cybercrime%22.html
Two teenagers in Norway have been arrested in connection with a series of computer attacks.
Britain’s Serious Organised Crime Agency (Soca) is believed to have been among their suspected targets.
Local reports suggest other victims included the Norwegian Lottery and Germany’s Bild newspaper.
“We have arrested the two we think were most important in these attacks, but we still want to talk to more people,” said Norwegian prosecutor Erik Moestue.
More:
The anonymous transfer of virtual currency Bitcoin’s payment network allows means two people can complete an exchange of goods without ever having to know anything more about each other than a 36-character string of numbers and letters, a Bitcoin address or account
http://gizmodo.com/5909115/leaked-fbi-report-details-how-best-to-get-away-with-bitcoin-crime
As expected the UK government has used today’s Queens Speech (State Opening of Parliament) to outline the revival of a £2bn plan to expand the reach of existing ISP based internet snooping laws (data retention) to log a much bigger slice of your online activity (e.g. Skype and Facebook access); regardless of whether or not you ever committed a crime.
It’s critical to point out that the current Regulation of Investigatory Powers Act 2000 (RIPA) and EU Data Retention Directive already requires ISPs to maintain a log of your internet website and email accesses (times, dates and IP addresses [sender / recipient]) for 12 months, which is only accessible via an interception warrant. But this does NOT include the actual content of your communication.
The Queen Said:
“My government intends to bring forward measures to maintain the ability of the law enforcement and intelligence agencies to access vital communications data under strict safeguards to protect the public, subject to scrutiny of draft clauses.”
The Pirate Bay Statement
“Seems like some random Anonymous groups have run a DDOS campaign against Virgin media and some other sites. We’d like to be clear about our view on this.
We do NOT encourage these actions. We believe in the open and free internets, where anyone can express their views. Even if we strongly disagree with them and even if they hate us. So don’t fight them using their ugly methods. DDOS and blocks are both forms of censorship.”
Blast From The Past:
http://web.archive.org/web/20040201224502/www.anakata.hack.se/coding/
The website of the Russian Federal Security Service, fsb.ru, has also had performance problems throughout the day, although there is no information on whether it has anything to do with Anonymous.
“Russian Anonymous” had warned they would attack Russian governmental sites on Monday to show solidarity with the opposition demos.
The websites gov.ru and government.ru also faced hacker attacks on the same day, but did not go down.
More:
http://rt.com/news/anonymous-hacked-kremlin-website-834/
Consider what it would be like to have friendly fire from U.S. weapons overhead. I don’t worry about a guy that wants to hijack a plane. I worry about a guy who wants to hijack all the planes.
Anonymous is now responding and stating that they’re not terrorists. Which is a tough claim when you’re a “loosely knit collective”.
Regardless, Activision CEO Eric Hirshberg has now been doxed by Anonymous. At least one Anonymous member decided to hit back with a counter video. In it, Anonymous supposedly threatens to hack Activision, deface the company’s website, and disrupt its online servers.
ZDnet is arguing: In short, Anonymous is mildly amused but overall not happy with Activision’s marketing move. That being said, the group has not yet collectively agreed to target the game company, although it has made public some of Activision CEO Eric Hirshberg’s personal information. Collectively agreed?
http://www.zdnet.com/blog/security/anonymous-we-are-not-terrorists-video/12002
The website of UK cable operator Virgin Media looks to have been targeted by the Anonymous activist group, which has launched a serious Distributed Denial-of-Service (DDoS) attack against the provider. The move is believed to be in retaliation after the ISP responded to a court order (here) that required it to block broadband customers from accessing The Pirate Bay piracy site.
See also:
Anonymous, CCC, Cypherpunk, DDoS, Hacker, Hadopi, MegaUpload, Parti Pirate, WikiLeaks, 4Chan, 5e Pouvoir
http://vrritti.com/2012/02/11/anonymous-ccc-cypherpunk-ddos-hacker-hadopi-megaupload-parti-pirate-wikileaks-4chan-5e-pouvoir/
and:
Despite blanket media coverage of Wikileaks and Julian Assange, there has been little discussion of the fact that Assange is merely one leader within a large and complicated social movement. The better analyses have found it interesting that the Swedish Pirate Party are aiding Wikileaks; some note links to the German Chaos Computer Club. But only “geeks” and “hackers” (technology workers) are aware that all of these organisations are members of the same movement.
http://vrritti.com/2011/01/12/despite-blanket-media-coverage-of-wikileaks-and-julian-assange-there-has-been-little-discussion-of-the-fact-that-assange-is-merely-one-leader-within-a-large-and-complicated-social-movement-wikileaks/
The countries say that they want to ensure that a “crisis” doesn’t develop between them in the event important servers are accessed
http://news.cnet.com/8301-1009_3-57429883-83/u.s-china-pledge-cooperation-on-cyberwar/
As more and more high-tech systems are integrated into the Internet, the list of targets potentially vulnerable to cyber-attack likewise grows. Richard Clarke, who advised President Bill Clinton and tried to advise both presidents Bush on counter-terrorism and cyber-security, points out that “Sophisticated cyber attackers could do things like derail trains across the country…They could cause power blackouts – not just by shutting off the power but by permanently damaging generators that would take months to replace. They could do things like cause [oil or gas] pipelines to explode. They could ground aircraft.”
Similar measures have decreased skimming levels in neighbouring country Belgium by 95%
Dutch language news article:
http://webwereld.nl/nieuws/110418/ook-abn-amro-komt-met-pinpasblokkade-buiten-eu.html
Previously:
RABO Bank To Block Dutch Debit Cards In Foreign Countries By Default To Prevent Skimming
http://vrritti.com/2012/05/05/rabo-bank-to-block-dutch-debit-cards-in-foreign-countries-by-default-to-prevent-skimming/
