Commission suggests hacking and hijacking the computers of suspected IP pirates

Commission suggests hacking and hijacking the computers of suspected IP pirates

PC World
by John P. Mello, Jr
May 27, 2013

Commission suggests hacking and hijacking the computers of suspected IP pirates
Commission suggests hacking and hijacking the computers of suspected IP pirates


Should owners of intellectual property be allowed to attack anyone they suspect of pirating their goodies? That’s a question that was raised last week by the Commission on the Theft of American Intellectual Property.

While the commission’s observation’s about IP thieving by China grabbed most of the headlines when it released its 90-page report last week, buried in the document was a disturbing analysis of the merits of offensive cyber operations by rights holders that, if given legal life, could do some serious harm to the digital lives of many consumers.

The commission—made up of former U.S. government officials and military men—is interested in protecting corporate and government networks from IP thieves, but some of their action points, if they became legal, could easily be used by groups like the protecting corporate and government networks from IP thieves to bully consumers.

2013 IP Commission Report
2013 IP Commission Report


A slippery, dangerous slope

At issue is something in cyber security circles known as “active network defense,” which has more to do with offense than defense.

“When theft of valuable information, including intellectual property, occurs at network speed, sometimes merely containing a situation until law enforcement can become involved is not an entirely satisfactory course of action,” the commission report [PDF] noted.

“While not currently permitted under U.S. law,” the report continued, “there are increasing calls for creating a more permissive environment for active network defense that allows companies not only to stabilize a situation but to take further steps, including actively retrieving stolen information, altering it within the intruder’s networks, or even destroying the information within an unauthorized network.”

One example given is writing software designed to lock down the computer if run by unauthorized users. If you want to access your computer again, you’d have to call the cops for an unlock code. Legalized ransomware, in other words.

Corporate vigilantes need not stop there, according to the commission. They could photograph hackers using the cameras built-in to the miscreant’s computer, infect the hacker with malware, or physically disable the suspected IP thief’s computer.

No doubt, some rights holders would salivate at the thought of launching cyber attacks on outfits they say are online paradises for IP thieves and their clientele.

If counterattacks against hackers were legal, the commission said, there are many techniques that companies could employ that would cause severe damage to the capability of those conducting IP theft.

“These attacks would raise the cost to IP thieves of their actions, potentially deterring them from undertaking these activities in the first place,” it maintained.

Keep in mind, if you have some pirated movies or songs on your computer, you could be deemed an IP thief and have nasty things done to your system by rights holders if counterattacks were legalized.


Slow your roll

Nevertheless, the commission pulled up short of putting its stamp of approval on online vigilantism.

“The Commission is not ready to endorse this recommendation because of the larger questions of collateral damage caused by computer attacks, the dangers of misuse of legal hacking authorities, and the potential for nondestructive countermeasures such as beaconing, tagging, and self-destructing that are currently in development to stymie hackers without the potential for destructive collateral damage,” it said.

The panel didn’t entirely shut the door on the issue, though.

“[C]urrent law and law-enforcement procedures simply have not kept pace with the technology of hacking and the speed of the Internet,” the commission said. “Almost all the advantages are on the side of the hacker; the current situation is not sustainable.”

Direct Link:

Homeland Security database leaks employee information

Homeland Security database leaks employee information

PC World

by Ellen Messmer
May 26, 2013

Homeland Security database leaks employee information
Homeland Security database leaks employee information


The Department of Homeland Security (DHS) said lat week it has notified employees and others with DHS clearance to be on alert for potential fraud due to a vulnerability discovered in software used by a vendor to process personally identifiable information (PII) for background investigations. The software hole in had been there since July 2009.

“During the week of May 20, 2013, DHS is alerting employees of the potential vulnerability and outlining ways that they can protect themselves, including requesting fraud alerts and credit reports,” the DHS said in its statement “Privacy Response to Potential PII Incident.” DHS says a vulnerability in software that an unnamed vendor uses to maintain a database of background investigations had a hole in it that left open to potential unauthorized access information that includes name, Social Security number, and date of birth.

DHS says the software vulnerability has now been fixed and there’s no evidence that this PII released to DHS clearances has been stolen from the vendor-maintained database. (See also “Ten Best Practices to Prevent Data and Privacy Breaches.”)

* Follow-up resources offered

DHS has set up a call center to address any employee concerns related to the notifications and is advising affected individuals concerned about potential fraud to consider taking certain measures, such as letting potential creditors know to contact them before opening a new account in their name. DHS also listed the three credit reporting firms, Equifax, Experian, and TransUnion, saying an individual can place a fraud alert.

DHS also indicated it’s in a legal confrontation with the unnamed vendor with this background investigations database and has raised a “stop work request” while engaging with the “vendor’s leadership to pursue all costs incurred mitigating the damages.” DHS is in talks with this unspecified vendor on “notification requirements for current contractors, inactive applicants and former employees and contractors.”

DHS was alerted by a law enforcement partner of the potential vulnerability, and says it took immediate steps to address the problem with the vendor. Though DHS does not know that PII related to this security hole has been stolen, it’s investigating the matter.

Employees who submitted background investigation information, and individuals who received a DHS clearance between July 2009 and May 2013, primarily for positions at the DHS headquarters, Customs and Border Protection (CBP), and Immigration and Customs Enforcement, may be affected.

* Spreading word to former contacts

DHS also says it is making “every possible effort” to reach out to former employees, applicants, former contractors, and “similar individuals who received a DHS clearance that may be impacted.”

In its privacy notification alert, DHS sought to address concerns, such as whether employees should alert the contacts they provided for the background investigation. DHS says it has no reason to believe that kind of step is needed.

As to whether DHS will continue to work with the unnamed vendor whose software had the security hole, the Department indicated the CBP has put the brakes on work at this time while DHS is “evaluating all legal options.”


Direct Link:

Phoenix Police arrest the “Illegal Alien” Owner of the SUV that Killed a U.S. Navy Iraq War Veteran & Phoenix Police Officer in a HIT & RUN!

Police arrest owner of SUV in hit-and-run that killed officer

KPHO News 5
by Steve Stout
May 21, 2013

Daryl Raetz, 29, was a six-year veteran of the Phoenix Police Department. (Source: Phoenix police)
Daryl Raetz, 29, was a six-year veteran of the Phoenix Police Department. (Source: Phoenix police)



Phoenix police arrested an undocumented immigrant in connection with the hit-and-run that killed a Phoenix police officer early Sunday morning.

A Phoenix police officer and a city firefighter have been killed in two separate incidents, city officials said a news briefing Sunday morning.

Jesus Cabrera Molina, 24, is the registered owner of green Ford SUV that was tied to the scene where Officer Daryl Raetz was struck and killed early Sunday morning.

Raetz was assisting other officers in processing a DUI suspect about 3:30 a.m. Sunday near 51st and Cambridge Avenues when he was hit by the dark green SUV.


Surprise police found the suspected hit-and-run vehicle on Sunday.
Surprise police found the suspected hit-and-run vehicle on Sunday.


Surprise police later stopped the SUV with Molina at the wheel and found damage to the hood and grill consistent with that described by Phoenix police after it left the scene.

Police said Molina consented to a search and while he removed items from his pockets, they noticed a small plastic bag of white powder, later identified as cocaine, fall to the ground.

Phoenix police later arrived at the scene were able to match vehicle parts at the scene of the hit-and-run to the Ford.

Molina was taken to Maricopa County Jail and later identified by an off-duty police officer as the driver of the vehicle that left the fatal scene.

Molina was booked into jail on one count of felony drug possession.

Molina told investigators he was in the U.S. illegally, according to his initial court paperwork.


****   VIDEO from CBS 5 – KPHO


The investigation continues.

The Arizona Department of Occupational Safety and Health said in a statement on Tuesday, “At this time ADOSH is evaluating whether or not to open an investigation.”

Raetz, 29, was assigned to the 81K squad in the Maryvale Precinct. He was an Iraqi war veteran. He leaves behind a wife and young child.

People wishing to help the family can make online donations at the 100 Club of Arizona.


Bradley Harper, 23, was a two-year veteran of the Phoenix Fire Department. (Source: Phoenix fire)
Bradley Harper, 23, was a two-year veteran of the Phoenix Fire Department. (Source: Phoenix fire)


Raetz died hours after Phoenix Firefighter Bradley Harper was killed while battling a mulch fire near Lower Buckeye Road and 35th Avenue.


** Related: Vehicle that struck, killed Phoenix officer found


Click here to donate to the 100 Club’s Survivor Fund in memory of Harper and Raetz.

Direct Link:

Chinese hackers said to have accessed law enforcement targets

Chinese hackers said to have accessed law enforcement targets

Cyber marauders sought more than just information on activists — they wanted access to FBI, DOJ investigations on spies in the U.S.

Computer World
by John P. Mello Jr
May 21, 2013


Chinese hackers said to have accessed law enforcement targets
Chinese hackers said to have accessed law enforcement targets



In January 2010, Google shocked the cyber world by confessing it had been the target of an advanced persistent threat lasting months and mounted by hackers connected to China’s People Liberation Army.

“[We] have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists,” Google Senior Vice President and Chief Legal Officer David Drummond wrote in blog post at the time.

Now, more that three years after that posting on what came to be known as Operation Aurora, it appears that the cyber marauders were after more than just information on activists. They were also after information on investigations on Chinese spies in the United States being conducted by the FBI and U.S. Department of Justice.

The Aurora hackers gained access on Google’s servers to a database that contained information on U.S. surveillance targets, the Washington Post reported on Monday, citing former and current government officials as sources for the story.

Such information would be invaluable to China because it would allow its intelligence operatives to destroy information before counter intelligence agents got their hands on it and allow the spies to evade capture and prosecution.

The database included years of surveillance information, including thousands of court orders issued to law enforcement officials around the nation seeking to monitor suspects’ email, as well as classified orders targeting foreign subjects and issued under the Foreign Intelligence Surveillance Act.

The incident set off a tiff between Google, the DOJ and FBI, the Post reported, because the federal agencies wanted to access the company’s technical logs and other information about the breach to assess the potential damage done to its counter espionage efforts.
** Also see: Opinion varies on action against Chinese cyberattacks

Google representative Jay Nancarrow said in an email that the company is not commenting on the matter at this time.

Google wasn’t a lone target in Operation Aurora. More than 20 companies were attacked, including Adobe Systems, Juniper Networks, Rackspace, Yahoo, Symantec, Northrop Grumman, Morgan Stanley and Dow Chemical.

Last month, a Microsoft executive said that the Aurora bandits had also breached his company’s servers snooping for accounts it had lawful wiretap orders on. Since that time, the executive has recanted those remarks.

“I was referring to statements in the media from the January 2010 timeframe,” Dave Aucsmith, senior director for Microsoft’s Institute for Advanced Technology, said in a statement.

“My comments were not meant to cite any specific Microsoft analysis or findings about motive or attacks, but I recognize that my language was imprecise,” he added.

Matt Thomlinson, Microsoft’s general manager for trustworthy computing and security added in an email, “The so-called ‘Aurora’ attacks did not breach the MS network.”

The Chinese government has denied being behind Aurora. It has noted that cyber attacks and espionage are against Chinese law and has done all it can to combat such online activities.

While an attack on the database is feasible, because of the breadth of Aurora, it’s unlikely it was a specific target, reasoned Jeffrey Carr, CEO of Taia Global and author of  “Inside Cyber Warfare: Mapping the Cyber Underworld.”

“Google was only one of 20-plus companies attacked at the same time by the same group,” he said in an interview. “So I would be surprised if the database was the objective of the attack. It was likely a crime of opportunity.”

It’s also an object lesson for organizations dealing with cloud storage that’s operated by a third party, added Alan Brill, senior managing director for Kroll Advisory Solutions.

 “There’s more trust being given to cloud services than some of them deserve,” he said in an interview. “It has become so easy [to store data somewhere else] that you might store something somewhere without thinking whether or not you really ought to do that.”

Direct Link: