Tag Archives: hacker

Update: Judge orders self-described hacker’s computer seized without warning

Update: Judge orders self-described hacker’s computer seized without warning

The court was worried developer Corey Thuen might erase evidence

Computer World
by Jaikumar Vijayan
October 23, 2013

 

The court was worried developer Corey Thuen might erase evidence
The court was worried developer Corey Thuen might erase evidence

 

Computerworld –

In a rare move, a federal court in Idaho recently ordered a software developer’s computer seized and its contents copied without prior notice because the developer described himself as a ‘hacker’ on his website.

Judge Lynn Winmill, of the U.S. District Court for the District of Idaho, issued the ruling even as he acknowledged it was “very rare” and “extraordinary.” Nonetheless, he maintained it was necessary under the circumstances. “The tipping point for the Court comes from evidence that the defendants – in their own words – are hackers,” Winmill wrote.

“By labeling themselves this way, they have essentially announced that they have the necessary computer skills and intent to simultaneously release the code publicly and conceal their role in that act.”

The ruling has potential Fourth Amendment implications against unreasonable search and seizure and involves Battelle Energy Alliance and Southfork Security, a software startup established this year by former Battelle employee Corey Thuen.

Battelle Energy Alliance is based in Idaho Falls. It manages and operates the Idaho National Laboratory (INL) on behalf of the U.S. Department of Energy.

In 2009, Battelle was commissioned to build a monitoring tool capable of detecting and stopping anomalous behavior on INL’s network. The result of that effort was a security tool dubbed Sophia. Thuen was part of the team that helped develop Sophia.

In 2012, after successful tests of the tool, Battelle decided to license Sophia out to other owners and operators of industrial control systems and Supervisory Control and Data Acquisition (SCADA) systems.

Since Battelle did not have the ability to commercialize the product on its own, it opened up a bidding process for companies interested in doing so. Thuen left Battelle and set up Southfork Security so his new company could bid for exclusive rights to the product.

Southfork submitted a proposal for licensing the product early this year but withdrew it shortly thereafter.

Battelle claims that a few months later, Southfork began marketing a tool called Visdom that was very similar to Sophia. Battelle also claimed that Southfork planned to offer Visdom as an open-source product available to all.

In a complaint, the company urged the court to issue a Temporary Restraining Order on Southfork preventing it from marketing Visdom or releasing it to the open-source community. Battelle claimed copyright infringement, trade secret theft, breach of contracts and other misdeeds by Southfork.

Battelle also asked the court to issue the restraining order without any notice, because it feared Thuen would release the software as open source if he were given notice.

In complying with that request, Winmill offered several explanations as to why Battelle’s numerous claims were strong enough to merit a restraining order. However, it was the judge’s reasons for issuing the order without notice to Southfork raised questions.

The ruling, for instance, pointed to hacking-related comments on Southfork’s website. “The court finds it significant that defendants are self-described hackers, who say, ‘We like hacking things and we don’t want to stop,'” Winmill wrote.

The court was also convinced that Southwork would wipe its hard drives clean if given the chance. “The defendants have identified themselves as hackers,” Winmill wrote. “A well-known characteristic of hackers is that they cover their tracks.”

The order requires a forensic expert retained by Battelle to image Thuen’s hard drive and then hand the image over to the court without examining the copy or image.

“The court has struggled over the issue of allowing copying of the hard drive,” Judge Winmill noted. “This is a serious invasion of privacy and certainly not a standard remedy.” But by labeling themselves hackers, Southwork has essentially announced that it has the “necessary computer skills and intent to simultaneously release the code publicly and conceal their role in act,” the judge wrote.

In an email Wednesday, Thuen said that three Southfork Security hard drives were imaged in compliance with court orders. The court is holding the data, he said. No analysis of the drives is yet permitted under the court order, he said.

“Needless to say, our small startup company has many disadvantages in this case but we intend to fight vigorously because we have the most important advantage: truth,” Thuen said.

Hanni Fakhoury, staff attorney with the Electronic Frontier Foundation said the decision is based on faulty reasoning.

“We’ve seen a sort of ‘hacker madness’ permeating across the courts recently,” Fakhoury said. “The court took a pretty extraordinary step by relying on stereotype and hyperbole rather than really digging into the facts.”

Courts need to look beyond the word “hacker” and assess whether a defendant is likely to cause the harm that a plaintiff claims is likely, Fakhoury said.

“Plus, the real question is, what exactly is ‘hacking?’ And who’s a white hat and a black hat?” he said. “The court seems to assume ‘hacker’ means black hat. That’s not necessarily the case. In the end, using these sort of subjective semantics to make important legal decisions is always a risky business.”

 

Direct Link:  http://www.computerworld.com/s/article/9243472/Update_Judge_orders_self_described_hacker_s_computer_seized_without_warning?taxonomyId=82&pageNumber=1

Anti-cyber threat centre launched

Anti-cyber threat centre launched


BBC News / UK

By Gordon Corera
Security correspondent, BBC News
March 26, 2013

Cyber attack can cost companies profits and value
Cyber attack can cost companies profits and value

A new initiative to share information on cyber threats between businesses and government is to be launched.

It will include experts from government communications body GCHQ, MI5, police and business and aims to better co-ordinate responses to the threats.

There will be a secure web-portal to allow access to shared information in real time, like a “secure Facebook”.

UK networks are attacked by other states, criminals and companies seeking secrets, costing billions of pounds.

In 2012, the head of MI5 Jonathan Evans said the scale of attacks was “astonishing”.

One major London listed company had incurred revenue losses of £800m as a result of cyber attack from a hostile state because of commercial disadvantage in contractual negotiations.

One government official told the BBC: “No one has full visibility on cyberspace threats. We see volumes of attack increase and we expect it to continue to rise.”

The plan – the Cyber Security Information Sharing Partnership (CISP) – has emerged out of a 2012 pilot scheme known as Project Auburn.

Eighty companies from five sectors of the economy – finance, defence, energy, telecommunications and pharmaceuticals – were encouraged to share information.

The pilot was expanded to 160 firms. A more permanent structure is being announced on Wednesday.

The kind of information shared includes technical details of an attack, methods used in planning it and how to mitigate and deal with one.

At a new London base, large screens will monitor attacks and provide details in real-time of who is being targeted.

A group of 12-15 analysts with security clearance will work mainly during office hours.

Companies previously have been nervous of revealing publicly when they have been attacked because of the potential impact on reputation and share price if they are seen as having lost valuable intellectual property or other information.

It is hoped further firms will join the initial 160.

Cabinet Office minister Francis Maude said: “We know cyber attacks are happening on an industrial scale and businesses are by far the biggest victims in terms of industrial espionage and intellectual property theft, with losses to the UK economy running into the billions of pounds annually.

“This innovative partnership is breaking new ground through a truly collaborative partnership for sharing information on threats and to protect UK interests in cyberspace.”

Government officials say they continue to be uncomfortable with an EU draft directive which would force companies to disclose when they have been attacked.

They hope a voluntary partnership will provide a more workable solution.
Direct Link:  http://www.bbc.co.uk/news/uk-21945702

Twitter: Hackers target 250,000 users

Twitter: Hackers target 250,000 users


B.B.C. News

by Rory Cellan-Jones
Technology correspondent

February 2, 2013

 

Twitter: Hackers target 250,000 users
Twitter: Hackers target 250,000 users

 

A quarter of a million Twitter users have had their accounts compromised in the latest of a string of high-profile internet security breaches.

Twitter’s information security director Bob Lord said about 250,000 users’ passwords had been stolen, as well as usernames, emails and other data.

Affected users have had passwords invalidated and have been sent emails informing them.

Mr Lord said the attack “was not the work of amateurs”.

He said it appeared similar to recent attacks on the New York Times and the Wall Street Journal.

The US newspapers reported that their computer systems had been breached by China-based hackers.

‘Not isolated’

Twitter has 200 million active users.

“There is still little information about the nature of the attack or why just one small section of users is in danger”

Mr Lord said in a blog post Twitter had discovered unauthorised attempts to access data held by the website, including one attack that was identified and stopped moments after it was detected.

“This attack was not the work of amateurs, and we do not believe it was an isolated incident,” he wrote.

Mr Lord did not say who had carried out the attack, but added: “The attackers were extremely sophisticated, and we believe other companies and organisations have also been recently similarly attacked.”

“For that reason we felt that it was important to publicise this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the internet safer for all users.”

Internet security specialist Graham Cluley warned Twitter’s announcement that emails would be sent to users may prompt a spate of spam emails “phishing” for sensitive information.

He says people should be cautious about opening emails which appear to be from Twitter.

 

“Analysis”

Philip Hampsheir
Business reporter

The biggest worry for most of Twitter’s 200 million active users is not this attack per se, but the additional new “phishing” scams the attack has already inspired.

Since Twitter users now know to be on the lookout for emails asking them to change their passwords, criminals are sending out very similar messages.

If users click on the links in those they risk – once again – having their account hacked.

Don’t click on links in emails asking you to change your password.

Go directly to the web site, log in normally, and change it using the instructions without clicking on email links.

“You have to be careful if you get hold of one of these emails because, of course, it could equally be a phishing attack – it could be someone pretending to be Twitter.

“So, log into the Twitter site as normal and try and log in to your account and, if there’s a problem, that’s when you actually have to try and reset your password.”

Another expert in online security, Professor Alan Woodward from the University of Surrey, warned users to be wary of messages sent them by the hackers via Twitter itself.

“They can then send what’s called direct messages,” he said. “They can put malicious links in those.”

“It really looks like it’s coming from someone you know and you might respond to it, you’d go to the site and all of a sudden you find that actually you’ve got some malware on your machine which is then stealing your bank details or whatever.”

On Thursday the New York Times linked the attack to a story it published alleging relatives of Premier Wen Jiabao controlled assets worth billions of dollars.

China’s foreign ministry dismissed the New York Times’ accusations as “groundless” and “totally irresponsible”.
Direct Link:  http://www.bbc.co.uk/news/technology-21304049

Don’t Call or Click… BEWARE: Hackers, Scammers, Trolls & Low Lifes are on Overdrive!!

PHISHING
PHISHING

Yes Virginia… It is getting worse out there!

I know, I know…. Washington D.C. keeps saying that “Everything Is Getting Better!” But, I wish Washington and our so called Leaders would tell that to the “Scumbag Trolls” on the internet that it is okay to stop ripping people off because the gravy train is back! Until then, you should BE AWARE that there are new phishing scams in the works that will not only put you, your family, your friends, co-workers financially at risk… But also cost you more money on your cellular bill in the way of unwanted text messages.

Very soon, if not already, you will begin getting text messages from somebody you don’t know telling you something like…

“Hey its Jennifer, and I just took some new pictures and wanted to know what you think”

Well, if you decide to look, YOU’RE AN IDIOT!

This is another popular one that goes like this….

“OMG, I can’t believe you let them get a picture of you like that. Check it out (with a link)”

Well, I you decide to look, YOU’RE AN EVEN BIGGER IDIOT!

Or how about these two texts…

From: 8008274203@vtext.com
Message: Call 8 0 0 8 5 1 7 2 6 8 Attention Required California C U

&

From: 2222817829@vtext.com
Message: Attention Required 802 851 7268 California CU

The point in a nutshell is that you should not click or call anything remotely like this nor should you trust the message because it came from what you believe to be a loved / trusted one because it could be they clicked or the information was “SPOOFED” to look legitimate.

We have been posting article on this time of “PHISHING” Schemes, Malware, Trojans, Viruses, etc for awhile now to keep you in the know and as safe as you can be, based on your own caution and habits online.

Surf Safe… Be Safe!

From Your Friends at:

G.E. Investigations, LLC

Toll Free: 866.347.7948

Website: www.GeInvestigations.com

Follow Us / Like Us for more updates and Postings to keep you aware!

** Twitter: http://www.Twitter.com/GeInvestigation

** Facebook: http://www.facebook.com/pages/Phoenix-AZ/GE-Investigations-LLC/125237851985