Anonops #12: Spy on the Spyers

quote:

Op vrijdag 9 maart 2012 18:17 schreef Papierversnipperaar het volgende:


Norton Antivirus all Platforms source code leaks to public

After PcAnywhere source code released Anonymous leaks Norton AntiVirus 2006 All Platform’s Source Code via PirateBay. The source code is available for download since 4:10PM today.

quote:

Curiosity Pwned the Cat

At the beginning of this week just hours before the news of Hector Monsegur’s arrest broke, many of you will have noticed that my twitter profile pic changed from the usual ‘Jester Mask’ to a QR-Code. The timing of this subtle change could not have been more favorable, as interest peaked with the news of @anonymousabu’s demise visits to my twitter profile rocketed. For posterity here’s a grab of said QR-Code:


Up until 30 minutes ago, anyone who scanned the QR-Code using their mobile device was taken to a jolly little greeting via their devices default browser hosted on some free webspace (I have since replaced all QR-Codes in the interests of opsec to point to the end of the internet website). The greeting featured my original profile pic and the word ‘BOO!‘ directly below it as per the screen grab below:


So whats up with that?

Well, the thing about QR-Codes is 99% of the time they will be accessed via a mobile device, and 99% of those will be iPhone or Android devices. This gives me a known and narrow vector to exploit.

Now before you all start freaking out it was a highly targeted and precise attack, against known bad guys, randoms were left totally unscathed. Allow me to explain further……

Embedded inside the webpage with the ‘BOO’ greeting was some UTF encrypted javascript, (I used this site to encrypt it) inside which was some code execution shellcode. When anyone hit the page the shellcode executed. The shellcode was a modified and updated version of the use-after-free remote code execution CVE-2010-1807, a known exploit for Webkit, which facilitated a reverse TCP shell connection to a ‘remote server’ which had an instance of netcat listening on port 37337.

I was going to leave it like this for a full week, however a keen eyed tweep going by the moniker @rootdial spotted the embedded code and asked about it via twitter (he wasn’t being malicious, just wondered if I knew about it.)

Webkit is an SDK component part used in both Safari for iPhone and also Chrome for Android.

quote:

A Long Time Ago, On an Imageboard Far, Far Away....

The idea of Anonymous is simple—freedom of speech and expression. Tracing the concept is a more complicated task. The embers started to glow on various imageboards. These were websites where people could post images and have discussion. No names were used and no registration was needed. There were no rules, only guidelines. Everyone was anonymous to everyone else. Some posts would grow and memes would form, while others would fade away and die, never to be heard from again. It is this open exchange of information that allowed ideas to flourish. You were no one, yet at the same time you were everyone. The only thing that mattered were the ideas.

When you’re allowed to have a name, it takes the focus away from the content itself and puts the focus on you as the creator of that content.

The users of these boards, united together by their views and thoughts, formed the first entity that can be called Anonymous. You have to understand the motivation behind what attracted people to imageboards like these, in order to understand the motivation of the current day Anonymous. Without a check on free speech, people could say and post whatever they wanted. This free marketplace of ideas grew and prospered as more and more people started posting and discussing topics openly. Soon the sense of "anonymous" was born. The idea that you don't have to be someone to be anyone.

It's anarchy at its most vibrant core.

Not a group, but a brand. Not a club, but a franchise. Just a group of people that have the same ideas. When they come together in a united cause...

Read more: http://null-byte.wonderho(...)33700/#ixzz1oj2QynOW

twitter:

torservers twitterde op zaterdag 10-03-2012 om 15:56:26 Monday is World Day Against Internet Censorship and comes with a great announcement. reageer retweet

quote:

Swedish Anonymous activists embark on bold trip to Syria

Activists within the Anonymous culture in Sweden headed to Syria this week amidst the chaos and inhumanity to bring much needed medical supplies and equipment to help the victims of the fragmented country.

#OpTripToSyria started trending on Twitter on Feb. 9 and has been gathering worldwide support very quickly. Supporters of the operation have had the chance to donate to the cause through a link on the triptosyria.wordpress.com web site the anons have established.

For nearly a year, constant protests have been flooding Syria's streets as citizens continue to relentlessly pressure current President Bashar al-Assad to step down. The protests have been hit with violence at the hands of al-Assad's military force. According to the UN, the conflict has claimed more than 7,500 lives.

Motivation for Anonymous's humanitarian mission to Syria had come from various factors, but most notably due to the attacks on the city of Homs.

“I think I had enough when I saw all the tweets from the Swedish activists @SyrienNyheter or more specifically of the babies who died when Assad's militia shut off the power to several incubators,” said an anon who currently goes by the handle TTS.

TTS also related a common creed of the Anonymous culture: that people shouldn't be afraid of their governments, governments should be afraid of their people.

Anonymous donations have come from all over the world and more than 50 people have contributed. “Donations have come from Swedes, Europeans, Asians, Russians, Americans – you name it,” said TTS.

As of March 4, the anons had raised $2,257 US that they will use to purchase the medical supplies they will be bringing. The supplies will include medical kits, water purification tablets, washcloths and antibiotics and painkillers.

Many followers of the twitter account @TriptoSyria have expressed concern about the safety of the individuals who are embarking on the trip.

“There are a lot of concerns that things might go wrong; we could be killed, captured, arrested or robbed, but we can only aim for success," said TTS. "Hopefully, our actions will inspire other people to do the same thing. Risking everything for what we believe is the right thing to do. And we know that our operation will have some kind of impact whatever happens.”

The team of activists is also well trained. Some of them have gone through military training, and have experience in first aid, trauma handling and CPR. However, they have emphasized that the mission is strictly non-violent.

This mission is still a bold endeavour as the United States and other Western embassies have suspended their actions in Syria, due to the elevated security risk.

On the international scale, Russia and China, two countries that initially vetoed the military intervention, seem to be waning in their support of Assad's regime. Both countries have decried the violence in Syria and have dispatched diplomats to the region this week. Victims of conflict in Syria can only hope that this will help bring direct action from the international community to end the loss of innocents.

quote:

Op zaterdag 10 maart 2012 18:06 schreef Ebbao het volgende:

[..]

Ik weet niet of ik op je link wil klikken na het lezen van deze intro..

quote:

Something Stinks in the Story of Sabu

SPOILER

Om spoilers te kunnen lezen moet je zijn ingelogd. Je moet je daarvoor eerst gratis Registreren. Ook kun je spoilers niet lezen als je een ban hebt.

Apparently it has not occurred to anyone that all information in the case of Sabu and the LulzSec arrests, originates from either the FBI itself, or Fox News (through some kind of ‘inside source’). Think about this for a second. What was the law enforcement organization that Anons appear to almost universally hate? The FBI. What was the news outlet known for it’s shoddy reporting and unreliable reports, despised by many Anons? Fox News.

Is it really a good idea to blindly trust information coming from these two, at best questionable, sources? Does anyone really believe that “Fox News would never make this up” or “the FBI would never issue false documents”? There does not seem to be any information whatsoever from any source other than these two, so is it really a good idea to assume the ‘official story’ is what happened?

Yet, never before have Anons and other internet creatures been seen so quickly turning on someone they idolized only days before. The #FuckSabu hashtag is widely used, people are calling for the release of all Anons ‘except for Sabu’, articles are being written detailing how he personally ratted out LulzSec, lured Anons into traps, and in the meantime killed kittens erryday.

Really, guys?

For another interesting turn of the plot: does anyone remember how Sabu was initially ‘doxed’? According to this Ars Technica article, his personal information was found when his WHOIS protection dropped after renewing the prvt.org domain, which was known to belong to Sabu.

Wait a second. Who owns Domains By Proxy?

Yes, Domains By Proxy, the WHOIS protection service used by Sabu, is part of GoDaddy. Remember how GoDaddy spoke out in support of SOPA, and was caught in backfire from ‘the internet’? Remember how they have a history of shutting down controversial domains? Remember how they are in US jurisdiction and appear to consider US law enforcement to be important, no matter how bad it may turn out for other people?

Hey, wait a second, GoDaddy has of course always had Sabu’s contact information on file, despite the WHOIS protection! Yet it’s claimed that Sabu was found because he connected to an Anonymous-related IRC network without using appropriate protection – a claim that, considering Sabu’s IRC habits, sounds quite unrealistic.

Something to think about.

Update: Peter Bright from Ars Technica clarified that the WHOIS exposure was not the source for the initial doxing of Sabu. This does not change the above conclusion that GoDaddy has always had Sabu’s contact details (even before the exposure), but it is still worth pointing out.

quote:

Hacker: The FBI Used Our “Dox” to Arrest Sabu (Exclusive)

quote:

A large part of the hacking community was shocked earlier this week to find out that one of the more vocal supporters of the Anonymous movement, Sabu, had been working with the FBI ever since the summer of 2011 when he was arrested.

Few internauts expected that Sabu, now known as Hector Xavier Montsegur from New York, would rat out so many hackers. However, there were some of them, such as the members of the respected TeaMp0isoN group who suspected that something was out of place with the LulzSec crew and this Sabu character.

As a result, in June 2011, TeaMp0isoN made public the true identities of the members of the LulzSec gang. At the time no one gave the incident much attention, because there was a lot of doxing going on and due to the large quantity of incorrect information many of the releases were simply ignored.

While many ignored this release, federal authorities took it very seriously, which ultimately led to the arrest of Sabu and the rest of the story as we know it.

The FBI and other involved law enforcement agencies would have a hard time admitting to have used the data provided by the hackers, but a former TeaMp0isoN member came forward with details that prove how they were able to identify the LulzSecs and how the government got into the possession of that information.

[interview]

quote:

LulzSec's Sabu: 'ask me about the CIA'

When the Guardian spoke to the hacker last year, he was keen to discuss claims he worked for the authorities

Last July the Guardian was investigating the elusive, mysterious individuals behind LulzSec and Anonymous – the loose hacker groups who had suddenly become front page news, as they led a wave of cyber attacks against a range major corporations and law enforcement. One individual, or one hacker name, stood out: Sabu, a proflic hacker often referred to as the leader of the groups.

Getting to Sabu was not easy; he was well aware of the illegal nature of his activities. But that month, the Guardian had a stroke of luck. Sabu objected violently to a piece we had carried, examining – and shooting down – allegations from a rival pro-US hacker that Sabu was using Anonymous and Lulzsec to push an extreme Islamic agenda.

He asked me to join him in an off-the-record internet chat – a conversation that happened seven weeks after Sabu, now unmasked as Hector Xavier Monsegur, had already been picked up by the FBI.

Given the latest revelations about Sabu's activities, that he worked as an informer from after his arrest on 7 June until just a few days ago, I think it is appropriate to publish a few extracts from our conversation.

Sabu – and we cannot even be sure that our correspondant was the real Monsegur and not a US agent – was not representing himself accurately to the newspaper. If anything, he was testing the Guardian out, openly flirting with the notion that he worked for the CIA – and then inviting me to knock him down.

Less than three weeks later, Monsegur pleaded guilty to 12 counts relating to computer hacking in secret, which carry a maximum sentence of 124 years and six months. But there is no sign in the logs of a man under pressure.

Sabu began by denouncing the Guardian's publication of the vague allegations of the supposed Islamic links of the hacker community. Then he switched tack, asking why the paper hadn't published rumours linking him to the CIA, arguing that would amount to an equivalent and equally inaccurate allegation. Given what we know now, the swerve is particularly noteworthy.

In case it is not obvious, my online name is <jamesrbuk>.

<SABU> OK. I'm waiting for the article discussing the potential of me being the leader of a CIA blackops operation and me denying it.

<SABU> can we work on it now?

<SABU> I'll begin my message

<SABU> <jamesrbuk> : I thank you for brining up this serious allegation but I deny being part of the CIA or any black operations unit/organization.

<SABU> I am an activist and security researcher. Not a CIA operative

Moments later, I strayed even closer to what had become Sabu's emerging double life (remember, the indictments released yesterday refer to Monsegur only being a member of Anonymous until 7 June 2011, the day of his arrest). I linked a recent Guardian story – unaware of any ironies – suggesting the FBI had managed to recruit a full quarter of all US hackers as informants:

<SABU> The CIA has done more blackops and terror operations than al-qaeda could ever do

<SABU> so, lets be realistic

<jamesrbuk> Something we covered: http://www.guardian.co.uk(...)hackers-fbi-informer

<SABU> That has literally nothing to do with what I'm talking about

<SABU> and I must say if your article is correct - the FBI is doin a very bad job at recruiting informants.

<jamesrbuk> Well, you were mentioning CIA blackops/etc. It's related.

<SABU> No it is not

At the time, I was bemused if not baffled by our exchange – and totally unable to see any motivation for Sabu's keenness that we start publishing what seemed to amount to little more than conspiracy theories about the operations of Anonymous and Lulzsec.

With hindsight, I wonder whether Sabu was trying in some way to set out a warning, or red flag to other hackers. Or perhaps he was goading me to see if I actually believed he might be a turncoat. Either way, these were signals I missed at that the time.

My other thought, looking back on the logs, is whether Sabu was thinking aloud as to why he was being asked to become an FBI informant rather than being publicly prosecuted. Here's more; here Sabu says some are claiming he had been working "with the CIA" although having closely followed the debate at the time this is not an allegation I can recall having seen aired:

<SABU> When can I expect an article discussing the idea of me being with the CIA and my denial?

<SABU> I'm eager to see this happen.

<jamesrbuk> So I see. May I ask why?

<SABU> Hmm...? is it not obvious?

<jamesrbuk> Not totally. And I'd prefer to hear rather than jump to wrong conclusions

<SABU> There is no wrong conclusion if you have been a part of this conversation

<SABU> You just said there was a claim that I may be a terrorist. You "researched" it and wrote the article

<SABU> There re claims I am with the CIA pushing to get tighter / stricter cyber-laws passed

<SABU> its literally the same shit, two different extremes.

Then, intriguingly, he goes onto say that UK and US goverments have been involved in covert operations, before going to say that he could not be linked to terrorism. Anonymous or LulzSec would not carry out their operations so publicly if they had an ulterior motive.

<SABU> The people are aware that our governments in the UK and the US have involved themselves in black operations in the past. it makes a lot of sense if lets say a rogue group of hackers suddenly began attaking national interests -- spawning a massive overhaul of internet security, theoretically.

<SABU> you're telling me thats not worse than some random jihadist who barely knows how to use a computer in the first place, "hacking"/

<SABU> Also heres where your entire point is flawed into oblivion

<SABU> why would a terrorist release and dump 90,000 INTELLIGENCE COMMUNITY MILITARY PERSONELL PASSWORDS AND EMAILS when they can just intercept military intelligence communications for the next year using this data ?

<SABU> Why would osama bin laden go through all the work of hacking booz allan [a US government and defence consultancy], just to post a pastebin with an ascii art mocking the security of federal contractors.

<SABU> Be realistic.

<SABU> Think.

Even as an FBI informer, Sabu would not be in a position to have evidence to back up his theories that the CIA were angling for a tightening of US cyber laws. Those co-operating with the authorities to mitigate their sentancing are rarely handed US government secrets. Instead, what's interesting is Sabu's internal reasoning for why – hypothetically at least – a compromised organisation (as we know now LulzSec was) might be allowed to continue.

One factor in the decision to make some of this public was an unusual comment towards the end of the conversation, in which Sabu advised me to make sure I kept a log, or transcript, of the chat for later use:

<SABU> AS FOR THE LOG I don't do interviews or usually paste chatlogs so I'm keeping it privately

<SABU> so I suggest you do the same

At this stage, surely Sabu would have known, or at least suspected, that his agreement to turn evidence against other members of Lulzsec would eventually become public. Re-reading this now, one wonders if he was hoping that some of our conversation would eventually become public too - an interview, in effect, at the point when he couldn't speak for himself.

Just over a fortnight after these published exchanges, we now know that Monsegur – aka Sabu – secretly pleaded guilty to 12 counts of computer hacking.

From June to March this year, he – and his FBI handlers – were party to details, often in advance, of hacking attacks including the interception of an FBI conference call, and the seizure of 5m emails from the servers of UK intelligence firm Stratfor, which are currently being published by WikiLeaks.

On Tuesday, charges were lain against five individuals alleged to be core members of Anonymous and Lulzsec – and the man behind Sabu was finally publicly unmasked as a 28-year-old unemployed Puerto Rican living in New York.

quote:

PM Project: Endgame systems

quote:

People who have seen the company pitch its technology—and who asked not to be named because the presentations were private—say Endgame executives will bring up maps of airports, parliament buildings, and corporate offices. The executives then create a list of the computers running inside the facilities, including what software the computers run, and a menu of attacks that could work against those particular systems. Endgame weaponry comes customized by region—the Middle East, Russia, Latin America, and China—with manuals, testing software, and “demo instructions.” There are even target packs for democratic countries in Europe and other U.S. allies. Maui (product names tend toward alluring warm-weather locales) is a package of 25 zero-day exploits that runs clients $2.5 million a year. The Cayman botnet-analytics package gets you access to a database of Internet addresses, organization names, and worm types for hundreds of millions of infected computers, and costs $1.5 million. A government or other entity could launch sophisticated attacks against just about any adversary anywhere in the world for a grand total of $6 million...

Endgame’s price list may be the most important document in the collection. If the company were offering those products only to American military and intelligence agencies, such a list would be classified and would never have shown up in the HBGary e-mails, according to security experts. The fact that a nonclassified list exists at all—as well as an Endgame statement in the uncovered e-mails that it will not provide vulnerability maps of the U.S.—suggests that the company is pitching governments or other entities outside the U.S. Endgame declined to discuss the specifics of any part of the e-mails, including who its clients might be. Richard A. Clarke, former Assistant Secretary of State and special adviser to President George W. Bush on network security, calls the price list “disturbing” and says Endgame would be “insane” to sell to enemies of the U.S.

quote:

'Censuur internet in China en Iran neemt toe'

Burgers in China en Iran hebben in toenemende mate last van censuur op internet, signaleert Reporters Zonder Grenzen. De organisatie, die zich inzet voor persvrijheid, heeft vandaag een lijst uitgebracht met 'Vijanden van het internet'. Daarop staan twaalf landen, waaronder China en Iran.

Terwijl het regime in Peking internetbedrijven dwingt mee te werken aan de digitale censuur, gaat Iran nog een stapje verder met de ontwikkeling van een eigen 'nationaal internet', dat is afgesloten van de rest van de wereld.

Gevangen
Minstens 199 bloggers en journalisten werden in 2011 gevangengezet vanwege hun activiteiten op internet, stelt Reporters Zonder Grenzen. China, Vietnam en Iran namen volgens de organisatie de meeste mensen gevangen wegens ongewenste meningen. Nieuw op de lijst van 'internetvijanden' zijn Bahrein en Wit-Rusland.

In Libië is het na de val van dictator Muammar Kaddafi juist veiliger geworden om je mening te verkondigen op internet, aldus de organisatie.

Dag tegen censuur
Hier het verslag van Reporters Zonder Grenzen op de eigen website, vandaag uitgebracht ter gelegenheid van World Day Against Cybercensorship, de 'Werelddag tegen Internetcensuur'.

quote:

Canada's Parliament summons Anonymous to testify

Idlepigeon sez, "Canada's government has moved to call Anonyomous to testify before the House Affairs Comitte, over threats made to a minister who's been pushing to pass Bill C30---online surveillance legislation. In this very funny piece from the Globe and Mail's Tabatha Southey, the entire Internet shows up to testify."

Anonymous is so nebulous that for the federal government to call Anonymous to testify is almost to call the Internet itself – something the government may regret.

“I'd to thank the committee for the opportunity to speak today,” the first witness might say. “The threats against the minister are grave and on the advice of my consul, Mr. Fry, I'd just like to assure the minister that I … am never gonna give you up, never gonna let you down, never gonna … ”

quote:

Chinezen verdacht van Facebook-aanval op topman NAVO

Chinese cyberspionnen worden ervan beschuldigd via Facebook militaire geheimen te hebben proberen ontfutselen aan NAVO-topman admiraal James Stavridis.

De militaire topman blijkt herhaaldelijk het doelwit te zijn geweest in een oplichtingszaak via Facebook die zou georganiseerd zijn door cyberspionnen in China, zo meldt The Observer. De spionnen maakten valse accounts in Stavridis' naam in de hoop dat zijn intimi hem daarop zouden contacteren of antwoorden op privé-berichten.

Dit soort van vervalsing op sociale media komt steeds vaker voor. Volgens de NAVO is het niet duidelijk wie verantwoordelijk is voor de webfraude, maar andere veiligheidsbronnen wijzen met de vinger naar China.

Ook bedrijven geviseerd
Vorig jaar werden Chinese criminelen nog beschuldigd van een gelijkaardige operatie met codenaam Night Dragon. Daarbij gaven hackers zich uit voor CEO's van bedrijven in de Verenigde Staten, Taiwan en Griekenland met het oogmerk bedrijfsgeheimen te stelen.

De fraude met Facebook doet de vrees groeien dat de schaal waarop China aan cyberspionage doet groter is dan totnogtoe werd vermoed. Naast hoogeplaatste militairen zou de tactiek ook toegepast worden om op grote schaal interne informatie te verwerven van bedrijven die voor de NAVO werken.

42 miljoen voor beveiliging
De verfijning en de meedogenloosheid waarmee dergelijke cyberaanvallen worden uitgevoerd, doen geheime diensten aan beide kanten van de Atlantische Oceaan vermoeden dat die door staten worden gesponsord.

De NAVO heeft al zijn toplui gewezen op de gevaren van dergelijke impersonaties op socialenetwerksites. Een gespecialiseerd bedrijf krijgt van de NAVO 42 miljoen euro om de veiligheid van het NAVO-hoofdkwartier en 50 andere militaire sites in Europa op te drijven.

Samenwerking met Facebook
Een woordvoerder van de NAVO bevestigt dat Stavridis, die topcommandant van de NAVO voor Europa is, in de voorbije twee jaar verscheidene keren doelwit is geweest. Facebook werkte mee aan het blokkeren van de valse accounts. De NAVO houdt inmiddels regelmatig contact met de account managers bij Facebook, de valse pagina's werden doorgaans binnen de 24 uur verwijderd. Het is echter extreem moeilijk de bron van dergelijke valse accounts te traceren.

Stavridis, die ook de leiding heeft over de Amerikaanse troepen in Europa, is een fervent gebruiker van sociale media. Hij heeft ook een échte Facebookpagina die hij vaak gebruikt om te melden wat hij doet en waar. Vorig jaar meldde hij op Facebook het einde van de militaire campagne in Libië.

quote:

Op maandag 12 maart 2012 14:43 schreef Yuri_Boyka het volgende:

[..]

Nee gewoon informatie waar je hele regeringen, grote machtige duivelse corporaties etc. etc. opdoekt en dat dat een werkelijke grote impact heeft waardoor je serieus de wereld verbetert.

quote:

http://www.thesmokinggun.com/buster/fbi/sabu-still-hiding-857902

The hacker-turned-informant whose undercover work resulted last week in criminal charges against several of his alleged “Anonymous” cohorts remained in hiding today, avoiding an appearance in a New York courthouse to answer a misdemeanor criminal charge.

When Hector Monsegur’s case was called this morning at Manhattan Criminal Court, the 28-year-old snitch was nowhere to be found. Instead, his lawyer approached the bench for an off-the-record conversation with the judge and an assistant district attorney.

At the parley's conclusion, the jurist announced that, due to “extraordinary circumstances,” Monsegur’s case was being adjourned for an arraignment next month. Outside the courtroom, Peggy Cross-Goldenberg, Monsegur’s lawyer, declined to discuss what transpired at the bench, and politely deflected other TSG questions about her client, including whether he was currently under protection by federal officials.

Last month, during the course of his vigorous cooperation with agents, Monsegur--who is known online as “Sabu”--was arrested by the NYPD outside his apartment building in the Jacob Riis housing project on Manhattan’s Lower East Side. According to a criminal complaint, when a cop asked him for ID, Monsegur reportedly said, “Relax. I’m a federal agent. I am an agent of the federal government.”

Monsegur--a federal informant, not a federal agent--was subsequently busted on a misdemeanor criminal impersonation charge.

quote:

Onderzoek: bedrijven slecht voorbereid op cybercriminaliteit

Nederlandse bedrijven en instellingen zijn slecht voorbereid op aanvallen door cybercriminelen. Uit maandag gepubliceerd onderzoek van adviesbureau KPMG onder ruim 170 bestuurders blijkt dat slechts één op de vijf organisaties zichzelf in staat acht om met succes een digitale aanval af te slaan.

De afgelopen maanden zijn diverse incidenten naar buiten gekomen. Zo waren onder meer de websites van Philips, KPN en Bavaria doelwit van hackers, die vele persoonsgegevens buit wisten te maken. Het overgrote merendeel van de cybercriminaliteit wordt echter niet naar buiten gebracht.

Van de door KPMG onderzochte bedrijven was bijna de helft het afgelopen jaar slachtoffer van cybercriminelen. Ruim 60 procent geeft aan dat de schade zich jaarlijks beperkt tot een bedrag van 100.000 euro. Bij ruim 10 procent overstijgt de schade een bedrag van 1,5 miljoen euro. Phishing (met misleidende e-mails proberen gegevens te ontfutselen) blijkt de belangrijkste vorm van cybercriminaliteit. De financiële sector is het populairste doelwit, hier vindt 75 procent van de aanvallen plaats.

'De werkelijke omvang van cybercrime is moeilijk te achterhalen omdat de detectieprocedures mogelijk niet alles in kaart brengen', zegt John Hermans, partner bij KPMGRiskConsulting. 'De complexe IT-omgeving maakt het vrijwel onmogelijk om incidenten volledig uit te bannen. Het doel is dan ook vooral te voorkomen dat een aanval uit de hand loopt. De focus moet dus met name liggen op het beschermen van de belangrijkste bezittingen en het zeker stellen van mechanismen waarmee organisaties goed en snel op incidenten kunnen reageren.'

quote:

How I learned to stop worrying and love Anonymous

I am 25 year veteran of the Internet as a profitable concern and today, I would like to add my voice in support of #Anonymous.

This is a strange and perhaps career-limiting admission to make. But I no longer believe Anonymous is some gang of cyber terrorists, nor is it a Mafia-like criminal organization or a pack of cowards hiding in their parents’ basement. Those who publicly claim otherwise are, in my opinion, being alarmist and intellectually lazy to the point of negligence or duplicity.

Yes, the Anonymous movement is made up of a broad International coalition of online communities spanning the sometimes dark corners of AntiSec hackers, the wider world of DDoS (distributed denial of service) activists and even some prominent human rights and freedom of information advocates like Julian Assange.

That said, sometimes “Anonymous” is just a single person with a cellphone camera or a YouTube account making sure evil does not go unwitnessed.

There are divergences within this coalition of ideologies, but I can agree with one basic tenet of the movement: It posits that, as worldwide connectivity tops 2 billion, the Internet has evolved into something new and greater than the sum of its parts, with rights, rules, obligations and a culture unique unto itself.

It also believes action is needed to defend those rights.

Last month – eSentire's Travis Barlow invited me to host a session at the Atlantic Security Conference regarding Anonymous and its implications for both the security community and small business.

I stood up in front of 200 of my peers, some of the finest security minds this country has to offer, and suggested to them this so-called hacktivist fringe has the power to be a force for great good.

Hactivism, as undertaken by Anonymous, sees no buildings burned, no kids are clubbed and no officers pelted with rocks. It is non-violent protest that deliberately targets nothing more, and nothing less, than reputation.

The most dangerous outcome of the Anonymous movement, perhaps the most important thing it can do, is the embarrassment of people unaccustomed to being embarrassed.

Given the grandstanding around Bill C-30, it is easy to forget that it was an Anonymous crew that executed a campaign called #OpDarkNet in which it publicly released e-mail accounts and server locations for some of the largest child porn operations on the Internet. Clearly, that operation was not “with the child pornographers” and you may have read about several actual arrests in Canada around that time.

Because the Anonymous movement is not just a gang of credit-card-stealing thugs it was not “beheaded” by the arrest of a crew within the LulzSec community. That said, the infiltration and arrests may have radicalized the vast centre of the movement.

Another example of the kind of non-violent action Anonymous takes came in response to SOPA/ACTA/TPP/C-11 and C-30 and Occupy Wall Street evictions worldwide.

Several Anonymous communities undertook an educational campaign to distribute simple tool sets and basic information to activist communities both here and abroad. This campaign was aimed at re-empowering people driven from streets by the rubber bullet and the tear gas gun while exercising their right to protest.

As a result – thousands of Anonymous DDoS activists set up digital picket lines to shut down kukluxklan.bz, ufc.com, americannaziparty.com, eolas.com, heritagefront.com, monsanto.com and godhatesfags.com.

In response to government assurances that warrantless retention of private Internet data was completely safe, Anons opened several almost completely unsecured police sites world wide to make the point that it wasn't.

While it remains to be seen if Anonymous will manage to wield their power more wisely than other revolutionaries who have come before them, there can be no argument that the stakes are small or insignificant.

I can think of one monstrous example that overwhelmingly argues that thinking people everywhere need to try to listen to Anonymous (even if you can not participate in or support its actions): The death of a 26-year-old Syrian dad named Rami Ahmad al-Sayeed.

On Feb 21, 2012 Mr. al-Sayeed was killed in a mortar attack as the Assad forces shelled BabaAmr.

Mr. al-Sayeed spent the last eight months of his remarkable life bypassing Syrian Internet censorship – with the direct technical assistance of a lot of so-called “Anonymous Cyber Terrorists” here and abroad – in order to upload video to YouTube as the shells rained down around him in Homs.

He, and Anonymous, were making sure the world could see how it ends when governments no longer serve or protect the people they govern.

His final post makes for a chilling epitaph: “I expect this will be my last message and no one will forgive you who talked but didn't act.”

Following a 20 year career pioneering digital publications, B2C/B2G/B2B e-commerce and high security mobile solutions both in Canada and abroad – Jon Blanchard spent the last 6 years as Webmaster with the Halifax Herald family of companies.

quote:

Flying Swarm Of Robots Gives Protesters And Activists Free Wi-Fi, On The Go

quote:

During the 2011 Egyptian revolution, the government unplugged the Internet. Protesters were left without Internet, and thereby the ability to communicate even locally, instantly.

Electronic Countermeasures is a project by Liam Young of think tank Tomorrow’s Thoughts Today and Unknown Fields Division, with assistance from Eleanor Saitta, Oliviu Lugojan-Ghenciu, and Superflux. The project is essentially an autonomous, roaming Internet swarm, constructed from repurposed UAVs.

quote:

Flycatcher computer chip could soon connect fridges and forests to internet

Arm Holdings, UK firm whose designs feature in all smartphones and tablets, unveils new chip to enable 'internet of things'

Arm Holdings, the British technology group, has produced a low-power computer chip capable of connecting traffic lights, parking meters, fridges and even forests to the internet.

Codenamed Flycatcher, the tiny semiconductor is Arm's bid to expand its empire from smartphones and tablet computers, where its designs already feature in 100% of the devices on sale today, to the "internet of things", the 50bn everyday objects which it is predicted will be connected to the internet by the end of the decade.

With connected parking meters, on trial in San Francisco, motorists can identify free spaces from their mobile phone, reserve the spot, and pay over the internet without having to scramble for loose change.

Internet-controlled traffic lights could be co-ordinated to ease congestion after accidents, or change to green to allow emergency vehicles and VIP motorcades fast passage through city centres.

Arm hopes its chip, which measures less than a millimetre square, will find its way into white goods and motors, as well as wireless sensors for home and office lighting, heating and burglar alarms.

Medical devices, such as stethoscopes or blood pressure and glucose monitors, could also use it to transmit information to the doctor's surgery.

Flycatcher, whose official name is the Cortex-M0+, is designed for devices which cannot be attached to an electricity supply and must run off batteries.

It could be attached to sensors on trees in the Amazon to monitor rainfall, or to irrigation pipes on African farms to reduce water wastage.

"By enabling the connection of everyday devices we are pushing the edge of the internet out," said Arm director Gary Atkinson. "By connecting rooms or motors to the internet, you could significantly reduce the amount of energy consumed worldwide." Atkinson said around half of the world's electricity is used by motors, many of which have an efficiency rating of between 40% and 85%.

Arm, which designs rather than manufactures chips, already produces micro-processors for washing machines, street lights and motors. But the new product is 50% less power-hungry, cheaper and faster at processing information. It is one of a new generation of 32-bit micro-processors, also produced by Renesas Electronics Corporation in Japan and Microchip Technology in the US, which can run for years at a time without needing a change of battery.

Inhabiting devices which automatically switch power off when not being used, the speed at which they process and transmit information, via Wi-Fi or a mobile phone signal, is crucial. To save energy, power can be switched off many times a second, or for hours at a time.

Today, there are an estimated 12.5bn internet connected devices, an average of two per person, and many of these are phones or computers. In 2025, according to IT firm Cisco, there will be 1 trillion such devices.

Arm has been producing 8 and 16-bit micro-processors since 2007, but they were slower and much of the internet now communicates using 32-bit protocol. This means code for operating Flycatcher is easier to write or use off-the-shelf. While earlier Arm micro-processors cost half a dollar each, the new design will be closer to 20 cents (13 pence).

The product will see Arm pitching for a share of the entire $15bn micro-controller market, Atkinson said, rather than the third it addresses today. The group's royalty revenues from such units totalled $16m in 2010, out of total royalties of $335m, but Morgan Stanley forecasts this will more than double to $37m by the end of 2012.

quote:

Inside the Stratfor Attack

Last December, a group of hackers quietly orchestrated an attack on Stratfor Global Intelligence Service, a company based in Austin, Tex., that analyzes geopolitical risk and publishes a newsletter for various clients, among them the Departments of Homeland Security and Defense. The hackers breached the company’s network and, once inside, confided in their fellow hacker, Hector Xavier Monsegur, and, as it turns out, the Federal Bureau of Investigation.

Six months earlier, in June, the F.B.I. had arrested Mr. Monsegur and turned him into an informant. With his help, four hackers in Britain and Ireland were charged last Tuesday with computer crimes; a fifth man was arrested Monday in Chicago. Using the information he passed along, F.B.I. officials said it was able to thwart attacks on roughly 300 private companies and government agencies.

But with Stratfor, they were not so lucky.

Conspiracy theorists across the Internet surmise that federal agents sat back and let the Stratfor attack occur to collect evidence, or perhaps net a juicier target — say, Julian Assange, the founder of WikiLeaks, which later released the five million internal e-mails that hackers obtained in the Stratfor hack.

“That’s patently false,” said one F.B.I. official, who would speak only on anonymity because the investigation was continuing. “We would not have let this attack happen for the purpose of collecting more evidence.”

F.B.I. officials said they learned of the Stratfor breach on Dec. 6, after hackers had already infiltrated the company’s network and were knee-deep in Stratfor’s confidential files. On that date, F.B.I. officials said, Jeremy Hammond, suspected as the attack’s ringleader, informed Mr. Monsegur he had found a way into Stratfor’s network and was already working to decrypt its data.

The F.B.I. said that it immediately notified Stratfor, but said that at that point it was too late. Over the next several weeks, hackers rummaged through Stratfor’s financial information, e-mail correspondence and subscribers’ personal and financial information, occasionally deleting its most valuable data — all in full view of F.B.I. agents.

In addition to monitoring hackers’ chat logs, the F.B.I. managed, with Mr. Monsegur’s help, to persuade Mr. Hammond and Stratfor’s other attackers to use one of the agency’s own computers to store data stolen from Stratfor. The hackers complied and transferred “multiple gigabytes of confidential data,” including 60,000 credit card numbers, records for 860,000 Stratfor clients, employees’ e-mails and financial data, to the F.B.I.’s computers, according to the complaint against Mr. Hammond.

The F.B.I. said it told Stratfor to delay notifying customers while it completed its investigation — a demand that later made Stratfor the target of a class-action lawsuit from subscribers who complained the company did not inform them of the breach until it was too late. Stratfor had little choice but to go public with the breach on Dec. 24, when hackers defaced its Web site and began posting receipts online for donations they had made with customers’ stolen credit card information.

Over the following days, hackers released credit card details for thousands of Stratfor clients, made at least $700,000 in fraudulent purchases using their credit cards, and exploited their e-mail addresses for malware attacks. Stratfor was forced to stop charging for subscriptions to its newsletter — its principal source of revenue. All told, Stratfor estimates the breach cost it $2 million in damages and lost revenue, according to the complaint.

And that’s just the financial cost. Two weeks ago, the company suffered further embarrassment when, three months after the breach, hackers funneled its internal e-mails to WikiLeaks, for widespread publication.

Conspiracy theorists wonder why, with ample evidence, the F.B.I. waited three months to arrest Mr. Hammond after the Stratfor breach. Some suggest that the F.B.I. purposely waited to net a bigger target: Mr. Assange.

But F.B.I. officials said it simply took that long to collect the evidence to support their case. Cybercrime investigators and former federal prosecutors say that this makes sense, and that the time frame between Stratfor’s attack and subsequent arrests is not unusual.

“It’s not surprising it would take them that long to make arrests,” said Mark Seiden, a cybercrime investigator. “They have to collect evidence, and the paperwork takes between three and six months. If you don’t know exactly how hackers attacked a site, it’s difficult to bring them to justice. There’s no point in picking an unripe fruit.”

That news might disappoint the conspiracy theorists, but not nearly as much as it does Stratfor and its subscribers, whose personal and financial information was compromised as a result of the attack.

“It’s extremely frustrating,” said David White, a subscriber. Mr. White said he and his company were debating whether to renew their subscription. “At this point, it’s up in the air.”