Wikileaks

Hackers sentenced to time in prison

June 9th, 2013

LulzSec member Cody Kretsinger will spend one year in prison for his role in breaching the defenses of Sony Pictures Entertainment servers.

The hacker pleaded guilty in April 2012 to one count of conspiracy and one count of unauthorized impairment of a protected computer, according to Reuters.

Kretsinger — also known as “Recursion,” — is part of LulzSec, an offshoot group from hacktivist collective Anonymous. LulzSec first came to attention in 2011, after a number of pranks including hacking The Sun’s website to proclaim that Rupert Murdoch was dead entered the spotlight, as well as the group’s role in coming to the defense of whistleblower website WikiLeaks. However, these pranks later turned into Sony’s worst nightmare — as the group stole the credentials and information of over 70 million user accounts of both PlayStation Network and Sony Online members.

This security breach led to Sony closing down the network for a month. The Information Commissioner’s Office (ICO) in the U.K. later fined the firm £250,000 for what it considered a “serious breach of the Data Protection Act” for not keeping customer data adequately protected. Prosecutors say that the network breach cost Sony over $600,000 in damages.

The 25 year-old has been ordered by a U.S. district judge in Los Angeles to serve 12 months before performing 1,000 hours of community service upon release. Although prosecutors refused to say whether the hacker was co-operating with authorities in return for a softer sentence, a leading member of Anonymous, “Sabu,” in reality Hector Xavier Monsegur, has pleaded guilty to similar charges and offered the FBI information on other hackers.

Three other members of LulzSec — Ryan Ackroyd, Jake Davis, and Mustafa al-Bassam — all pleaded guilty to a computer hacking-related charge at Southwark Crown Court in London. Between them, the hackers admitted to trying to hack into various websites related to Nintendo and Sony, as well as plotting to take down law enforcement agency websites based in the U.S. and United Kingdom.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Suspect arrested for ‘biggest cyberattack in history’

June 7th, 2013

A Dutch national suspected as the mastermind behind the largest DDoS attack ever recorded has been arrested in Spain.

The Associated Press reports that 35 year-old Sven Kamphuis, identified by The New York Times, was arrested Thursday in a city 22 miles north of Barcelona.

Originally from the Dutch city of Alkmaar, the hacking suspect operated from a mobile bunker — a van “equipped with various antennas to scan frequencies” and able to break into networks anywhere in the country. An Interior Ministry statement said that Kamphuis was able to use his “mobile computing office” to coordinate cyberattacks and speak with media before being arrested by Spanish police on the basis of a European arrest warrant issued by the Dutch. German, Dutch, British and U.S. forces all took part in the investigation.

Kamphuis runs Internet service provider CB3ROB and web hosting firm CyberBunker, which has hosted websites including the Pirate Bay and WikiLeaks in the past. The Interior Ministry’s statement says that the accused called himself a spokesperson and diplomat belonging to the “Telecommunications and Foreign Affairs Ministry of the Republic of Cyberbunker.”

The alleged hacker is accused of launching an attack against anti-spam watchdog group Spamhaus. A 300Gbps distributed denial-of-service sent the non-profit into disarray, taking down the agency’s website and forcing Spamhaus to turn to Cloudflare for assistance. According to the cloud services provider, the majority of the attack was traffic sent using a technique called DNS (domain name system) reflection. Usually, DNS resolves wait for a user request, but if the source address is forged, then requests may be “bounced” off different servers, amplifying the amount of traffic a domain name has to cope with and exploiting vulnerabilities in the Internet’s DNS infrastructure. Most cyberattacks tend to peak at 100 billion bits a second, which a third of what Spamhaus and Cloudflare is had to cope with.

The attack on DNS infrastructure resulted in lower speeds for Internet users worldwide.

The attack against Spamhaus — which is known for blocking fake good advertising and preventing it from reaching our email addresses — was one in a list of major DDoS campaigns thought to be masterminded by the Dutch national.

Kamphuis has denied any role in the attack, calling himself simply a “spokesperson” for one of the loose groups established to take down Spamhaus. However, according to the NYT, the alleged hacker used his Facebook page to proactively look for supporters to attack the agency, saying “Yo anons, we could use a little help in shutting down illegal slander and blackmail censorship project ‘spamhaus.org,’ which thinks it can dictate its views on what should and should not be on the Internet.”

The hacking suspect is likely to be extradited from Spain to attend court in the Netherlands.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

The Cyberwar Will Not Be Streamed

May 5th, 2013

In early 2000 — ages ago in Internet time — some of the biggest names in e-commerce were brought to their knees by a brief but massive assault from a set of powerful computers hijacked by a glory-seeking young hacker. The assailant in that case, known online as Mafia boy, was a high school student from a middle-class suburban area of Canada who was quickly arrested after bragging about his role in the attacks.

It wasn’t long before the antics from novice hackers like Mafia boy were overshadowed by more discrete attacks from organized cyber criminal gangs, which began using these distributed denial-of-service (DDoS) assaults to extort money from targeted businesses. Fast-forward to today, and although vanity DDoS attacks persist, somehow elements in the news media have begun conflating them with the term “cyber war,” a vogue but still-squishy phrase that conjures notions of far more consequential, nation-state level conflicts.

If any readers have been living under a rock these last few weeks, we are referring to the activities of Anonymous, an anarchic and leaderless collection of individuals that has directed attacks against anyone who dares inhibit or besmirch the activities of Wikileaks, an organization dedicated to exposing secret government documents. To date, the Websites attacked by Anonymous include Amazon.com, EveryDNS.com, Mastercard.com, Paypal.com, and Visa.com, among others.

The websites may be attached, but you can prevent your workstation from being compromised with Alertsec Xpress.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta