Cyber Attack on Multiple Countries…Again

Another massive cyber attack has made it to multiple countries. The attack is believed to have originated in Ukraine. The ransomware has affected an estimated 64 countries so far, and is mainly targeting businesses. Infected computers show a message saying that all files have been encrypted. And just like the earlier ransomware attack in May, these hackers demand ransom payments in the form of Bitcoin to unlock the owner’s data. According to cybersecurity experts, this type of ransomware has never been seen before.

However, experts reportedly found a “vaccine” against the ransomware early this morning, that could cure individual infected computers. But they still have not found a kill switch, which would stop the computers from spreading the virus to others. Now, everyone is wondering who is behind the latest hack, and why. Some say it could have political motivations or that the hackers just want to cause widespread disruption. But because Ukraine was hit the hardest and its main antagonist is Russia, many people suspect the Kremlin is behind it.

The fast-spreading Petrwrap/Petya ransomware sample we have was compiled on June 18, 2017 according to its PE timestamp. pic.twitter.com/CHUYvsiQ08

— Costin Raiu (@craiu) June 27, 2017

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post RantCrush Top 5: June 28, 2017 appeared first on Law Street.

Tesco Bank, the British retail bank run by the UK’s largest supermarket chain, lost approximately 2.5 million pounds this month after hackers broke into the accounts of more than 9,000 customers. The bank has pledged to reimburse customers who lost money and ultimately decided to suspend online banking for all of its 136,000 customers. Spokespeople claimed that personal data had not been compromised in the hack and that customers do not need to change their passwords, yet the sheer scope of the attack has made security experts uneasy.

The company first caught on to the breach on Saturday, November 5, and immediately began texting customers who had been affected. Many customers saw their money being moved out of Tesco accounts via overseas transactions to Spain and Brazil. Although there was initial concern that the hack was an inside job, aided by a bank employee, it is now being marked up to general human error and a failure to create a truly secure system.

This attack represents a major modern shift in cybercrime, from attacking individual customers to attacking an entire bank in one go. Perhaps the most troubling discovery in the wake of the hack was that Tesco had been warned by the security firms CyberInt and Codified Security about the weaknesses in its system, which the company did not respond to. No company can be expected to track every spam email about cybersecurity that floods its inbox, but in this case, if the reports from Codified Security truly were purposefully ignored, it reveals a dangerously cavalier attitude toward cybersecurity at the Tesco Bank headquarters.

Defenders of the bank have argued that the hack was successful because it took place during the weekend, when the technical staff were not at their desks, responding to customer reports and warning signs like they would during the work week. Regardless of the timing of the attack, the amount of money shifted from customer accounts is disturbing, especially as it is only the latest in a string of high profile hacks this year. Almost two years ago, the Bank of England highlighted cybercrime in the meetings of its financial policy committee, noting that banks were woefully unprepared for large scale attacks on their databases, but that warning came and went with very little impact.

It is not only smaller, less conventional banks like Tesco that have been targeted: in January of this year, HSBC shut down its mobile banking platform after a distributed denial of service attack. Tesco Bank is a relative mom and pop bank compared to the global behemoth that is HSBC, which explains why it did not have the same early warning notifications and success that HSBC did when shutting down the January hack. No bank, either electronic or brick and mortar, is definitively safe but when hundreds of accounts are being attacked, there is a clear issue with security. Tesco Bank will take a major hit in the wake of the attack but rather than lying back and celebrating the decline of a competitor, other UK banks–and banks around the globe–should be rushing to their own cybersecurity teams to repair the weaknesses that could be exploited in the next great hack.

Jillian Sequeira

Jillian Sequeira was a member of the College of William and Mary Class of 2016, with a double major in Government and Italian. When she’s not blogging, she’s photographing graffiti around the world and worshiping at the altar of Elon Musk and all things Tesla. Contact Jillian at Staff@LawStreetMedia.com

The post Startling Holes in Our Cybersecurity Network: The Tesco Bank Hack appeared first on Law Street.

The FBI secretly arrested a National Security Agency contractor suspected of stealing and leaking highly classified material that is used for hacking foreign governments’ networks. The suspect, Harold Thomas Martin, has been in custody since August and worked for the same firm as famous whistleblower Edward Snowden, Booz Allen Hamilton. This firm is responsible for some of the most secretive and sensitive operations of the NSA.

Maryland Man Charged With Removal of Classified Materials and Theft of Government Property https://t.co/fHMngJZQ6x

— Justice Department (@TheJusticeDept) October 5, 2016

Martin is suspected of stealing a “source code” that the NSA uses to break into the computer systems of hostile foreign countries like China, North Korea, and Russia. It is unclear if he has shared the code with anyone yet. If leaked, the documents could “cause exceptionally grave damage to the national security of the U.S.,” according to a statement from the U.S. Justice Department.

Here’s how the criminal complaint describes the NSA contractor’s response. pic.twitter.com/TCExbnoDPl

— Eric Geller (@ericgeller) October 5, 2016

The 52-year-old Maryland man now faces one year in prison if found guilty of removing the materials, and ten more for the theft. The FBI searched his home and car, where it found several documents and digital information marked as “top secret.” They also found unspecified “government material” up to a value of $1,000.

The formal charges are theft of government property and unauthorized removal and retention of classified materials by a government employee or contractor. This case is different from Snowden’s because of the material stolen and the purpose of it. Snowden was a whistleblower who acquired classified documents and leaked them for the public benefit. Martin stole the actual code software that is used in NSA operations and that can be sold and used for cyber warfare.

Edward Snowden, currently exiled in Russia, tweeted about the news.

This is huge. Did the FBI secretly arrest the person behind the reports NSA sat on huge flaws in US products? https://t.co/otgOwB5efm

— Edward Snowden (@Snowden) October 5, 2016

According to the Independent, the material in this case could be connected to the recent theft of secret material by the hacker group Shadow Brokers, which also included a source code that was traced to the NSA. The hackers also left a cryptic message in broken English, saying, “We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control.”

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post NSA Contractor Arrested For Stealing and Leaking Classified Codes appeared first on Law Street.

On Thursday, Apple released a new security update for iPhone users worldwide after the discovery of an attempted hack that was trying to take advantage of three huge vulnerabilities in the iOS operating system. Using these three factors, now called the “Trident” flaw, hackers could take complete control over someone’s phone remotely, without the owner knowing about it.

The group that is believed to be behind the hack is an American-owned, Israeli-based company called NSO. It was founded in late 2009 by two Israeli mass-entrepreneurs with ties to the Israeli government and defense forces. In 2014 a San Francisco-based equity firm bought a majority stake in the company for $120 million.

NSO says it specializes in tools fighting against crime and terrorism. Its LinkedIn page describes the company as in “the field of Internet security software solutions and security research.” But many security firms call the group a “cyber arms dealer.” An online document from NSO says it is “a leader in the field of cyber warfare” that utilizes its proprietary monitoring tool it calls “Pegasus,” which can monitor and extract all data from a target “via untraceable commands” which allow “remote and stealth.”

Human rights activist Ahmed Mansoor from the United Arab Emirates was the first one to report the suspected hack, after receiving a text message to his iPhone with a link promising to reveal details about torture in his country’s prisons. Instead of clicking the link he contacted the Toronto-based internet watchdog Citizen Lab.

Incredible: #UAE tries to hack democracy activist @Ahmed_Mansoor w/ Israeli-made… https://t.co/u9WQZFM2OQ by @salamah via @c0nvey

— Azza Youssri (@AzzaYoussri) August 26, 2016

Reports issued on Thursday by Citizen Lab and San Francisco mobile security company Lookout revealed how they discovered an advanced spyware that could take over the whole phone at the tap of a finger. If you click the link in a fake message like the one Mansoor received, it would activate spying software called “Pegasus” and hackers could listen in on your calls, collect text messages and personal information, and control your camera.

This advanced technique is so highly desirable in the cyber world that one spyware broker said in November that it had paid $1 million to programmers who said they had found a way to do it, according to the Telegraph.

On Thursday an Apple spokesperson said:

We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5. We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits.

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post Who are the Hackers Behind the Apple Spyware Problem? appeared first on Law Street.

America is dealing with a hacking crisis. It seems that every other day we are bombarded with the latest hacking stories from both the private and public sectors. We are told to be cautious with all of our online activity and to remember all uploaded material remains in cyberspace forever. Almost all of us personally know someone who has dealt with identity theft and all the hassles that ensue. Some of the biggest companies in the world with the means to access the most anti-hacking software available aren’t immune to the problem. Even the national government recently made headlines concerning Chinese cyber attacks. So what can be done? In his 2015 State of the Union, President Obama addressed cybercrime. The Obama administration proposed new legislation and amendments to the Computer Fraud and Abuse Act. Will these proposals better protect Americans from hackers?

Case Study: Ashley Madison

Just last week, a new team of hackers were at it again. People are already discreet about dating websites and apps. A level of anonymity is essential for a high volume of users. This is even truer when a dating website revolves around married men and women cheating. Ashley Madison’s slogan is “Life is short. Have an affair.” Some may chalk it up to karma, but the invasion of privacy for these members is real.

The hackers call themselves “The Impact Team.” According to Brian Krebs, the blogger who initially reported the hack, they threatened to release stolen information unless the website shut down entirely. Apparently, the team gathered users’ nude photos, sexual fantasies, names, and credit card information. It also claims to have addresses from credit card transactions.

Members of the website can post basic information and use limited features without charge. The company rakes in money when members exchange messages, photographs, and gifts. The website even offers a feature to “collect gifts” for women to send and men to pay for later. The website also has a $19 deactivation fee. This happens to be one of the major qualms of the hacker team, who claim that information is never truly deleted from the website. The hackers’ manifesto published by Krebs stated, “Full Delete netted $1.7 million in revenue in 2014. It’s also a complete lie…Users almost always pay with credit card; their purchase details are not removed as promised, and include real names and address, which is of course the most important information the users want removed.”

Ashley Madison boasts over 37 million members, making it the second largest dating website in the world, second to Match.com. Ashley Madison’s parent company, Avid Life Media, values itself at $1 billion and was looking to go public on the London market this year. Ashley Madison has done away with the deactivation fee, but has yet to comment on whether or not it will shut down.

Although the majority of people aren’t online dating in order to have an affair, the hack embodies everything scary about online interactions. Personal information and discreet activities on websites or social media applications can be made public in the blink of an eye. Just this past March, 3.5 million AdultFriendFinder users were hacked. The hackers exposed email addresses, usernames and passwords, birthdays, zip codes, and sexual preferences. Overall, the trend doesn’t look good.

Hacking Statistics

Verizon Data Breach Investigations Report

Verizon conducts an annual Data Breach Investigations Report (DBIR). The latest report shows that 96 percent of online security incidents fall into nine patterns: “miscellaneous errors, such as sending an email to the wrong person; crimeware (various malware aimed at gaining control of systems); insider/privilege misuse; physical theft/loss; web app attacks; denial-of-service attacks; cyberespionage; point-of-sale intrusions; and payment card skimmers.” The 2015 report investigates more than 2,100 data breaches and roughly 80,000 reported security incidents. Over 70 organizations around the world help contribute to the report.

The 2015 DBIA reports a $400 million loss from approximately 700 million compromised records in 61 countries. The report shows that in 70 percent of the cases where the hacker’s motivation is known, there is a secondary victim. This is exemplified in the Ashley Madison case. Although the hackers are targeting the owners of the company, the users are violated as well. And in 60 percent of cases, hackers are able to infiltrate a company in a matter of minutes. The time of discovery falls significantly below that level.

The method of tricking people into divulging their information, like credit card numbers, is still around but is a much less effective method. Now, phishing campaigns are a primary source of attacks. A hacker usually phishes by sending an email with malware, usually included as an attachment. Today 23 percent of recipients open these types of email and 11 percent open the attachments. For over two years, more than two-thirds of cyber-espionage included phishing.

In more uplifting news, malware on cellphones doesn’t even account for 1 percent of the problem. Mobile devices are not the preferred medium for data breaches. Only about 0.03 percent of cell phones contained malicious materials.

U.S. Companies Hacked

According to a study conducted by the Ponemon Institute, the financial loss by cybercrime doubled from 2013 to 2014. Retailers lost approximately $8.6 billion in 2014 due to cyber crime. Furthermore, successful cyber attacks resulted in a $20.8 million loss in financial services, $14.5 million loss in the technology sector, and $12.7 million loss in the communications industries.

Last year was plagued by cyber attacks. In January, Target announced 70 million customers had contact information compromised, while 40 million customers had credit and debit card information compromised. In the same month, Neiman Marcus announced that 350,000 customers had credit card information stolen, resulting in fraudulent charges on 9,000 customers’ credits cards. In April, an AT&T worker hacked the system for two weeks and accessed personal information including social security numbers. In May, EBay asked all its customers to switch their passwords after a cyber attack accessed over 233 million EBay customers’ personal information. In August, over 60 UPS stores around the country were hacked, compromising financial data. The list continues…

The Computer Fraud and Abuse Act

In order to combat these cyber attacks, Congress passed the 1986 Computer Fraud and Abuse Act (CFAA). The act made accessing a protected computer a federal crime. Although it was initially established to protect government organizations and a few financial institutions, over the course of time, it eventually broadened. It was first amended in 1994 to allow private citizens to file civil suits against cyber attacks that resulted in loss or damages. It was again broadened in 1996 to encompass any computer used in interstate commerce. After 9/11, the Patriot Act amended the CFAA to permit the search and seizure of records from any Internet Service Providers (ISPs). Later in 2008, the CFAA was again amended to allow companies to file suits when the loss and/or damages did not surpass $5,000.

The CFAA has been subject to its fair share of criticism. Many believe the act to be too broad in scope. Opponents argue that computer policies are often “vague, confusing and arbitrary,” and breaking these policies shouldn’t be a federal violation. Institutions, like the Center for Democracy & Technology, Americans for Tax Reform, the Competitive Enterprise Institute, and the American Civil Liberties Union all have advocate against the CFFA.

The Ninth Circuit Court of Appeals agreed. In a 2012 case, United States vs. Nosal, the court ruled that “a person who violates an employer’s computer use policy is not criminally liable for federal penalties under the Act.” The court argued that the law was not enacted to federally punish smaller crimes. However, a strong dissent left the issue controversial, if not unresolved. The definition of “exceeds authorized access” left ample room for a Supreme Court review. The crime only becomes a felony if it is executed for profit, the gained information is worth over $5,000, and/or the act is committed to further a state or federal crime.

The White House’s New Proposals

The Cyber Security Legislative Proposals aim to enhance cybersecurity information sharing between the private sector and government, modernize law enforcement authorities to combat cyber crime with the appropriate tools and training, and streamline national data breach reporting requirements. Last December President Obama announced,

In this interconnected, digital world, there are going to be opportunities for hackers to engage in cyber assaults both in the private sector and the public sector. Now, our first order of business is making sure that we do everything to harden sites and prevent those kinds of attacks from taking place…But even as we get better, the hackers are going to get better, too. Some of them are going to be state actors; some of them are going to be non-state actors. All of them are going to be sophisticated and many of them can do some damage.

A main target of the proposal is a number of amendments to the already-controversial CFAA. First, the proposal would increase the penalty for “circumventing technical access barriers,” i.e. hacking into a computer by sidestepping security or guessing another’s password. Violators under the current law risk a misdemeanor to a three-year felony. The proposal advocates punishment to start as a three-year felony and maximize as a ten-year felony.

Second, for contract-based crimes, the proposal would officially end the aforementioned circuit split. It states that breaking written policies would be a federal crime and officially defines “exceeds authorized access.” A person would exceed authorized access if he or she accesses information “for a purpose that the accesser knows is not authorized by the computer owner.” Technically, this would include using a work computer for personal activities like Facebook; however, the government would limit criminal liability by requiring the violation fall under one of three conditions: the breach happened on a government computer, the breach results in over $5,000 worth of information, or “if the user violated the written condition in furtherance of a state or federal felony crime.” These changes, along with a variety of others, make up the administration’s proposal.

Conclusion

Whether these proposals will pass through Congress remains to be seen. Broadening the scope of hacking to allow more crimes to fall under federal jurisdiction has traditionally lacked support from the body. The proposals are controversial, with a lot of personal information and accessibility at stake. It will be interesting to see the reaction from the public if these proposals are enacted. Cyber crime is an ongoing problem that affects all citizens, regardless of demographics, and only seems to be exploding. If this isn’t the answer, then what is?

Resources

Primary

White House: Updated Administration Proposal

Additional

Verizon: The 2015 DBIR

CNN Money: Hackers threaten to release names from adultery website

The Heritage Foundation: Cyber Attacks on U.S. Companies in 2014

Jolt Digest: United States vs. Nosal

Tech Target: What is the Computer Fraud and Abuse Act?

The Washington Post: Obama’s proposed changes to the computer hacking statute

The White House: Securing Cyberspace

Verizon: Verizon 2015 Data Breach Investigations Report Finds Cyberthreats Are Increasing in Sophistication

Jessica McLaughlin

Jessica McLaughlin is a graduate of the University of Maryland with a degree in English Literature and Spanish. She works in the publishing industry and recently moved back to the DC area after living in NYC. Contact Jessica at staff@LawStreetMedia.com.

The post Combatting Cyber Attacks: Will Congress Adopt Obama’s Plans? appeared first on Law Street.

Dating websites are nothing new to our generation. Singles go online, make a profile, and meet people similar to them with hopes of finding their soulmate and happily ever after–or so we thought. A different kind of dating website with some taboo clientele is changing the matchmaking game, and hackers don’t like it.

AshleyMadison.com is a dating website for people who are not so single…in fact, they’re usually married. Millions (yes millions) of married people have gone to the site to have secret affairs. Although Ashley Madison claims to be discreet, users of the site are now nervously watching for news updates after hackers calling themselves the “Impact Team” stole their personal information from the site late Sunday, and are now threatening to expose it.

AshleyMadison, a website for people seeking affairs, boasts 37 million users. It was hacked. http://t.co/lisUnFg839 pic.twitter.com/UIKaxIa0nC

— WSJD (@WSJD) July 20, 2015

The site, which has over 37 million users, prides itself on being the “world’s leading married dating service for discreet encounters.” It even offers users who want to erase their sneaky past a “full delete” feature (for a $19 fee) that promises to delete all of the user’s personal data from the server. However, the hackers are claiming that this feature is a complete scam and the data of those who paid for it was never deleted.

According to Brian Krebs, the blogger behind Krebs on Security, the hackers have warned that if Ashley Madison and its sister site, EstablishedMen.com, are not taken down for good they will “release customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.” Impact Team went on to mock the site and its users writing,

Too bad for those men, they’re cheating dirtbags and deserve no such discretion. Too bad for ALM [Avid Media Life, the parent company], you promised secrecy but didn’t deliver. We’ve got the complete set of profiles in our DB dumps, and we’ll release them soon if Ashley Madison stays online. And with over 37 million members, mostly from the US and Canada, a significant percentage of the population is about to have a very bad day, including many rich and powerful people.”

Unfortunately for Ashley Madison hack victims, sympathizers are few. Some people are even glad the site was hacked, and think the information being released would be a good thing.

I see the ‘Ashley Madison’ website has been hacked and they’re threatening to expose everyone on it. GOOD, cheating should not be condoned.

— Ashley (@Ashleyybrewer) July 20, 2015

In a statement responding to the hack Avid Media Life said,

We were recently made aware of an attempt by an unauthorized party to gain access to our systems…At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act.

CEO of Ashley Madison, Noel Biderman, believes that the attack was an inside job by someone who has worked with the company’s technical services before and that he is getting close to confirming who the culprit is. But was Ashley Madison cheating cheaters? If the company’s “full delete” feature is in fact a scam, it cheated users out of an estimated $1.7 million during 2014, and could be cause for some serious lawsuits against the company.

For now Ashley Madison is still up and running. The excerpts from the site that have been leaked by the hackers were taken down; however, this doesn’t get the cheaters off the hook. The Impact Team still reportedly has a copy of the full database so users might want to think twice before continuing their “discreet” affairs.

Taelor Bentley

Taelor is a member of the Hampton University Class of 2017 and was a Law Street Media Fellow for the Summer of 2015. Contact Taelor at staff@LawStreetMedia.com.

The post Ashley Madison May Have Cheated Cheaters appeared first on Law Street.

Following the recent fiasco at Sony, hacking has been catapulted squarely into the spotlight. But hackers are doing more than just delaying movie premieres–they are causing serious damage and have the capability to cause much more. Before we get too scared of these anonymous boogeymen, however, it is important to understand what hacking is and who the hackers are.

What are hackers and what do they do?

So, first of all, what is a hacker? While the answer to that question is very complicated, for clarity’s sake a succinct and clear explanation of a computer hacker and computer hacking is this:

Computer hackers are unauthorized users who break into computer systems in order to steal, change or destroy information, often by installing dangerous malware without your knowledge or consent.

This definition is of course limited, as hacking is not relegated solely to computers and is not always a negative thing. Below is a video that offers a fuller picture.

While not all hacking is negative, much of it is, and it is important to understand specifically what the intentions of many hackers are and how they operate. Hackers often lure their unsuspecting victims with bogus scams sent through emails or websites. Some hackers also prefer the approach of directly attacking a computer if it does not have the requisite protection in place, such as a firewall; however, while hacking may appear as simple as pressing a button in a movie, it is more complicated than that. More specifically, what a hacker does is infect another person’s computer with malicious software or malware. Once the unsuspecting user has activated the malware, either by clicking on a link or opening an email, his computer can then become infected with a virus. If a computer does become infected the hacker essentially has unlimited access to the operating system. This then enables him to have virtual control over the user’s computer and internet activity. Normally the hacker will try to maintain a low enough profile so the user is not alerted; in the meantime he will attempt to obtain sensitive information. Whatever way hackers choose to attack, they often try to steal things like passwords, account numbers, and means of identification such as a social security number.

The purpose behind all of this is nefarious; stealing an individual’s money, abusing their credit, or even turning a profit by selling the acquired information to a third party is often the end goal. Two prime examples of this are the major hack of Target’s credit card system in 2013 and the similar hack of EBay this year. Nonetheless, while hackers seem to have similar motives, the group is in fact quite heterogeneous and can vary from countries to individuals.

State Actors

The first type includes hackers utilized by a country’s government or military. In this way, hackers are used like other weapons such as tanks or missiles. In this regard, perhaps no country employs hackers and hacking more than China. According to a 2013 article from Bloomberg, China accounted for 41 percent of hacking assaults in 2012–four times that of the second place country on the list. While there’s no way to say definitively whether those hacks came from the Chinese government, the idea comes as no surprise to those familiar with the United States’ claims that China has long hacked American corporations in order to steal trade secrets and then passed them along to Chinese companies. For example, there were hacking accusations against China earlier this year by American corporate icons such as U.S. Steel and Alcoa.

However, the United States is far from an unwitting victim of these attacks. In fact the number two country from the same list of top hacking nations was the United States. In 2012, for example, ten percent of hacking attacks originated from within the United States. In addition, the United States military has increased the portion of its budget focused on cyber warfare. In 2015, the U.S. Cyber Command plans to spend $5.1 billion on cyber combat. The video below explains the threat of cyber warfare.

There is already evidence of suspected U.S. cyber warfare at work. Aside from unpublicized U.S. attacks against the Taliban in Afghanistan, there’s the more notable example of the Stuxnet virus that infected the Iranian nuclear infrastructure and severely damaged its nuclear program. There is also the recent shutdown of North Korean internet access that many suspect was American retaliation for the suspected North Korean hack of Sony.

Along with the United States and China, other countries where hacking is a major weapon include Taiwan, Turkey, and Russia.

Non-State Actors

Indeed non-state actor hackers may pose an even bigger threat to global systems than government operations. One reason why is while government operations are generally strictly military or defensive in nature, non-state operations run the gamut.

Patriotic Hacking

One example is something known as patriotic hacking. In essence, these groups are self-appointed to represent a particular country and will respond in kind to any perceived slight against the nation they represent. One such group formed in China in response to the accidental bombing of a Chinese embassy in Belgrade by the United States during the war in Kosovo. Similar groups have also formed in many countries such as Israel, India, Pakistan, and the United States.

An example of a patriotic hacker–or “red hacker” as they are known in China–is Wan Tao. Wan Tao hacked everything from the U.S. government to Japanese political email accounts. While it is believed they he was never explicitly ordered to do so, the hacker’s targeted attacks fell in line with Chinese Governmental actions. As if to emphasize the underlying nationalism in his attacks, Wan Tao even had a name for his group, the China Eagles.

Hacktivists

Another type of non-state hacking group is known as hacktivists, which are people who use both legal and illegal means to achieve some political goal. Perhaps the best example is the group known collectively as Anonymous. Known for dawning the Guy Fawkes mask, Anonymous has been involved in hacking cases related to social issues ranging from the Occupy Wall Street movement to the shooting death of Michael Brown that set off the protests in Ferguson, Missouri. A more expansive definition of hacktivism is provided in the video below.

Other Non-State Actors

There are countless other non-state hacking groups at play today. One example is the massive hack of JP Morgan Chase in October 2014. In this case, the personal information of 83 million bank customers was stolen.  While Chase was quick to deny any information such as account numbers was taken, experts in the field remain more skeptical.  Regardless of what exactly was stolen, the culprits were again believed to be Russian hackers who stole personal information with the intent to sell it or profit off of it through other means such as fraud. There is also the persistent fear of terrorist hackers, although little has yet to come of this.

Putting Up a Firewall

While governments and individuals swarm to the attack there are also efforts to fight back against hackers, and like hackers and hacking these efforts take many forms. At the highest level are government efforts like those of the United States government. Specifically, as touched upon earlier, the United States has created a cyber command capable of launching retaliatory strikes against its enemies through cyber space if the U.S. were attacked. In essence then the United States is creating a deterrent through cyber space much like it already has through both conventional and nuclear means.

There are also altruistic attempts such as the ones being undertaken by organizations like I Am the Cavalry, which allows researchers to share their findings and help improve the security of four major sectors: medical devices, automobiles, home services, and public infrastructure.

In addition, there are more classical capitalist efforts employed by corporations. Several major corporations such as Apple, Facebook, Google, and Microsoft are actively courting hackers, often holding competitions with prizes like lucrative job offers. The goal of this approach is to pick up where traditional IT efforts leave off. Traditional efforts are geared at creating defensive measures so hackers cannot break into a system; however, this new approach utilizes hackers themselves specifically because they have the opposite mindset and are looking for the vulnerabilities to attack. By harnessing hackers’ aggressive skill sets and playing off their competitive mentalities these companies and many more are, in essence, using hackers to prevent hacking.

Conclusion

As the world becomes more digital and connected the threat of hacking will increase. In the future everything from cars to even toasters can and will be vulnerable to hacking and misuse. Furthermore, this threat will not necessarily come from other countries, but also non-state actors and even individuals. The motivations and allegiances of these people and groups vary widely and make the problem infinitely more complex.

Nonetheless, while efforts to prevent hacking can seem hopeless, like trying to keep a ship with a million leaks afloat, all is not lost. Indeed there are already efforts underway to fight back, which vary as much as those of the hackers themselves. As history has shown, no ship is unsinkable. Thus hacking is always likely to be a problem and an increasingly dangerous one; however, it can also offer an avenue for improvement and a channel to voice social concerns. While hacking may be the next great threat, like previous scourges it may also present unique opportunities for change and improvement for society as a whole.

Resources

Primary

Center for A New American Security: Non-State Actors and Cyber Conflict

Additional

Bloomberg: Top Ten Hacking Countries

CNN World: North Korea Denies Sony hack

Forbes: The Top 5 Most Brutal Cyber Attacks of 2014

Time: Here’s What Chinese Hackers Actually Stole From U.S. Companies

Time: China’s Red Hackers

WebRoot: Computer Hackers and Predators

Bloomberg Business Week: Target Missed Alarms

Washington Times: Cyber Command Investment Ensures Hackers Targeting US Face Retribution

The New York Times: North Korea Loses its LInk to the Internet

New York Post : Hackers Steal 83 Million Chase Customers’ Info

Mashable: Hacktivism

International Business Times: What is Anonymous?

CDR Global Inc: Hacking for Good

Guardian: There are real and present dangers around the internet of things

I Am the Cavalry: Homepage

Michael Sliwinski

Michael Sliwinski (@MoneyMike4289) is a 2011 graduate of Ohio University in Athens with a Bachelor’s in History, as well as a 2014 graduate of the University of Georgia with a Master’s in International Policy. In his free time he enjoys writing, reading, and outdoor activites, particularly basketball. Contact Michael at staff@LawStreetMedia.com.

The post Hacking: The New Kind of Warfare appeared first on Law Street.

An international operation led by the United States caught a group of cyber criminals spearheading the largest cyber crime ring yet, one that infected approximately 500,000 to one million PCs globally. The group of cyber criminals, allegedly led by Russian national Evgeniy Mikhaylovich Bogachev who went by the aliases “lucky12345” and “slavic,” stole approximately $100 million from individuals and businesses worldwide starting in 2007. The botnet, which is a group of infected computers under the control of someone other than their owners, went by the name GOZ, short for Gameover Zeus, and mainly targeted bank accounts and credentials. A couple of notable targeted by GOZ are Bank of Georgetown and Capital One.

Their main goal was to monetize the investment they made into getting into your machine, they were absolutely after dollars, pounds and euros.

-Dell Employee Don Smith

How did Gameover Zeus do it?

Generally, the GOZ hackers ensnared targets and obtained secure information by using infected emails via a process known as “phishing.” Computer users would receive legitimate-looking email messages claiming to be from a trusted bank stating that there was a problem with one of their prior financial transactions. Once the computer owner unknowingly downloaded the malware after opening the email and clicking a link, it began a targeted search for financial information stored on the machine. The Gameover Zeus virus was initially spread by one of the largest botnets known called Cutwail, which popped up on the cybercrime scene in 2007 and is mostly involved with sending email messages containing viruses. In 2009, the Cutwail botnet contained the largest known number of infected machines.

The cyber crime ring also distributed malware called CryptoLocker, a form of what is known as ransomware, which makes data of a computer inaccessible to its user, claiming to only unlock their machine after receiving payment of as much as $700. The GOZ botnet in particular was so tricky to take down due to various components- namely, its advanced ability to hide the location of its servers via data encryption.

The Demise of the Crime Ring

Members of several organizations worldwide including the U.S. Department of Homeland Security, Intel Corp, Carnegie Mellon University and Microsoft Corp had been tracking the activity of GOZ since it first appeared on the scene in 2007, well before they were able to take action and put an end to their criminal operations. The monitoring of the cybercrime ring was completely secretive until they commenced “Operation Tovar,” which shut down the operations of the computers involved in spreading the viruses. United States organizations, mainly the FBI and the aforementioned companies, collaborated with Europol and the UK’s National Crime Agency to initiate a virtual ambush on Gameover Zeus. Authorities ended the cybercrime ring’s operations by shutting down the servers they were using to control the computers infected with its viruses.

Bogachev, believed to be the ringleader of the GOZ operation, is thought to be residing in Russia and has been added to the FBI’s Cyber Most Wanted List. Various publications including the International Business Times warned residents of the UK that despite the ending of the operations of the cybercrime ring, they may be able to regroup within two weeks and begin infecting machines once again. To keep their machines safe from future cyber attacks, experts urge computer users to install or update their security software and change passwords on important accounts.

—

Marisa Mostek (@MarisaJ44) loves globetrotting and writing, so she is living the dream by writing while living abroad in Japan and working as an English teacher. Marisa received her undergraduate degree from the University of Colorado in Boulder and a certificate in journalism from UCLA. Contact Marisa at staff@LawStreetMedia.com.

Featured Image Courtesy of [geralt via Pixabay]

Marisa Mostek

Marisa Mostek loves globetrotting and writing, so she is living the dream by writing while living abroad in Japan and working as an English teacher. Marisa received her undergraduate degree from the University of Colorado in Boulder and a certificate in journalism from UCLA. Contact Marisa at staff@LawStreetMedia.com.

The post World’s Largest Cyber Crime Ring Disbanded appeared first on Law Street.

Security breaches among major companies such as Target, eBay, and Neiman Marcus dominated news headlines this past year and led many to wonder about the safety of the information stored with organizations throughout the United States. The statistics from the May 2014 US State of Cybercrime Survey are far from reassuring.

The survey, a combined effort of PwC, CSO magazine, the CERT Division of the Software Engineering Institute at Carnegie Mellon University, and the US Secret Service, states that the number of cybercrime incidents and the fiscal losses they incur are rapidly rising. The findings reveal that this is mainly because the companies could not adequately defend themselves from cyber-attacks. According to the 2014 survey, the top five methods for cyber-attacks involve malware, phishing (the attempt to acquire sensitive information such as usernames or passwords), network interruption, spyware, and denial-of-services attacks.

The report covered information from 500 different corporations and government agencies, including law enforcement, and stated that “three out of four had had some kind of security breach just in the last year, and the average number of incidents per organization was 135.”

Fourteen percent of those surveyed reported that monetary losses attributed to cybercrime have increased in the past year. The actual costs are generally not known, as the majority of those who reported a cyber attack were unable to estimate the associated financial costs. Of the few survey respondents that could, the average yearly loss was around $415,000. Businesses are beginning to feel that cyber security is an issue that is out of their control and that cyber attacks are costing them an increasing amount of money.

 Why the Rising Rate?

One of the major problems associated with the rising rate of cybercrime is that few companies, only 38% according to the survey, are adequately prepared to combat cybercrime. These rising rates are not simply due to inadequate defenses, but also increasingly sophisticated techniques used by cyber criminals. According to an article on Time.com, the most pertinent threats to cyber security in the United States come from Syria, Iran, China and Russia.

There are two kinds of big companies in the United States: those who’ve been hacked by the Chinese and those who don’t yet know that they’ve been hacked by the Chinese.

-FBI Director James Comey

The 2014 report lists major reasons why these attacks are on the rise. It claims that a few reasons are that most organizations do not spend enough on cybersecurity and do not properly understand cyber security risks. According to the survey, there is also a lack of collaboration among companies that have experienced a breach or other form of cyber attack, specifically that “82% of companies with strong protection against cybercrime collaborate with others to strengthen their defenses.” Other pertinent issues leading to increased cybercrime are insufficient security of mobile devices and lack of proper evaluation of attacks within organizations.

What can be Done to Lower the Rate of Cyber Attacks?

According to the 2014 survey, one major way for corporations and agencies to prevent cybercrime is through company-wide employee training which has been shown to be effective but is no currently used frequently enough. According to an article on CSO’s website, many organizations aren’t running information security training programs that are up to date. The 2014 survey recommends that the main focus of companies should be protecting the private financial information of their consumers. Perhaps as companies continue to strengthen the efforts of their cybersecurities, the rate of attacks from online adversaries will begin to lower, causing the 2015 report to reflect a decrease in cybercrime.

—

Marisa Mostek (@MarisaJ44) loves globetrotting and writing, so she is living the dream by writing while living abroad in Japan and working as an English teacher. Marisa received her undergraduate degree from the University of Colorado in Boulder and a certificate in journalism from UCLA. Contact Marisa at staff@LawStreetMedia.com.

Featured image courtesy of [geralt via Pixabay]

Marisa Mostek

Marisa Mostek loves globetrotting and writing, so she is living the dream by writing while living abroad in Japan and working as an English teacher. Marisa received her undergraduate degree from the University of Colorado in Boulder and a certificate in journalism from UCLA. Contact Marisa at staff@LawStreetMedia.com.

The post Criminals Availing in Cyberspace appeared first on Law Street.