Trump Appears to Have a Fake News Problem

It appears that President Donald Trump doesn’t check the news himself but largely relies on what his staff members give him. The problem has become significant enough for White House Chief of Staff Reince Priebus to issue a warning during a senior staff meeting, telling people to stop putting things on Trump’s desk. Several times, his staff has reportedly left news stories on his desk that are completely false, such as a 1970’s “article” about a coming ice age, and one from fake news website GotNews.com that claimed deputy chief of staff Katie Walsh was the one leaking information from the White House.

Climate change is an existential threat and Trump’s 2nd most senior Nat Sec aide slips him fake news covers to minimize it. Let that sink in

— Ben Rhodes (@brhodes) May 15, 2017

According to administration officials, this practice can have tremendous consequences due to the president’s temper and mood. The wrong story can alter his agenda or lead to a tantrum. However, it seems like staff members think it’s worth the risk, as they know they can easily sway Trump’s opinion.

Priebus warns WH staff to stop slipping Trump Internet hoaxes, because he believes they’re real. https://t.co/lh4XfVBE69

— Steve Silberman (@stevesilberman) May 15, 2017

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post RantCrush Top 5: May 15, 2017 appeared first on Law Street.

On Friday, a massive cyber attack hit several nations in Europe and Asia, and disrupted the computer systems at multiple British hospitals. Patients were turned away as hospital staff couldn’t access the computers, and appointments had to be cancelled. The BBC reports that as many as 74 countries were affected, and security researchers believe all of the incidents are related.

The British public health system, National Health Service, advised people to only seek medical help at hospitals if it was an emergency. Ambulances were redirected to other hospitals. The screens on the hacked hospitals’ computers showed a message from the hackers each demanding $300 in Bitcoins within three days to unlock the information.

BREAKING: Multiple NHS trusts across UK under malware attack. Actual screenshot of the threat ppl are seeing: https://t.co/ZBm6a7ImwQ pic.twitter.com/7NVy8xvfyD

— Shaun Lintern (@ShaunLintern) May 12, 2017

The technique behind the attack is so-called “ransomware,” which basically is a type of software that infects a digital machine and locks its functions until a ransom has been paid. The name of this particular malware is “Wanna Cry,” also known as “Wanna Decryptor.”

36,000 detections of #WannaCry (aka #WanaCypt0r aka #WCry) #ransomware so far. Russia, Ukraine, and Taiwan leading. This is huge. pic.twitter.com/EaZcaxPta4

— Jakub Kroustek (@JakubKroustek) May 12, 2017

Several experts believe the cyber attack is linked to a hacker group called The Shadow Brokers–the same group that claimed in April that it had stolen and released malware created by the National Security Agency, NSA. It was not exactly clear what the groups’ motive was–it said it wanted to protest President Donald Trump, but also that it opposed the removal of Steve Bannon from the National Security Council.

The hackers also claimed they are “not fans of Russia or Putin,” but security experts said they could possibly be associated with the Russian government. One chief executive of a cyber-security firm, Jake Williams, said, “Russia is quickly responding to the missile attacks on Syria with the release of the dump file password that was previously withheld.”

Could we be seeing the largest cyber attack in history? Organisations in 74 countries now hit including FedEx and NHS #ransomware #WannaCry

— Lisa Forte (@lisaoncyber) May 12, 2017

Other companies that were affected include Spanish electric company Iberdrola, utility provider Gas Natural, University of Milano-Bicocca in Italy, Portuguese telecommunications provider Portugal Telecom, and FedEx. The largest telecommunications company, Telefonica, was also hit, but the attack reportedly didn’t affect any customers. It seemed to be a new kind of ransomware, and it spread fast. Some said it seemed to be a worm–a malware program that spreads by between computers, like a virus.

In Britain, the NHS is facing criticism for not doing enough to protect its computer systems against attacks like these. The hacker group became known two months ago, and Microsoft released a program that could protect against its malware. But not all NHS computers installed it. Ross Anderson from Cambridge University is one of the critics. “If large numbers of NHS organizations failed to act on a critical notice from Microsoft two months ago, then whose fault is that?” he said.

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post Global Cyber Attack Put British Hospitals Out of Commission appeared first on Law Street.

Snapchat’s CEO, Evan Spiegel, is at war with India. Spiegel supposedly said India was too poor for Snapchat and now #BoycottSnapchat is trending in the world’s second most populous country.

According to Anthony Pompliano, a former Snapchat employee, Spiegel dismissed his idea to expand in underutilized markets.

“This app is only for rich people,” said Spiegel, according to Pompliano. “I don’t want to expand into poor countries like India and Spain.”

The accusations were found in documents from a lawsuit between Pompliano and Snap Inc., Snapchat’s parent company.

In a statement to the public, a Snap Inc. spokesperson dismissed Pompliano’s claims as the words of a “disgruntled former employee,” adding: “Obviously Snapchat is for everyone! It’s available worldwide to download for free.”

“We are grateful for our Snapchat community in India and around the world,” the statement read.

In spite of the denial, angry Snapchat users took to the internet. As news of the alleged comments spread, #BoycottSnapchat and #Uninstall_Snapchat began trending in India and around the world.

Reportedly, almost 400,000 users in India deleted the Snapchat app from their phones between Saturday and Sunday.

Twitter users also used the hashtag #1star to encourage others to damage the app’s rating and write scathing reviews on both Android and iOS–as of today, Snapchat has a one star rating on the Indian App Store.

It was even rumored that Indian hackers retaliated by leaking 1.7 million Snapchat users’ data on the “dark web,” but these reports have not been verified.

But as Indians took to their respective app marketplaces in defense of their country’s honor, some locked onto the wrong target. Snapdeal, an e-commerce platform that actually happens to be based in India, received a number of one-star ratings and many uninstalled the unrelated “snap app.”

Snapdeal’s CEO took to twitter to express his surprise:

@thetanmay Thanks bud. Ppl asking us to make a statement that @snapdeal is not @snapchat was possibly the last thing I thought I would ever need to do.

— Kunal Bahl (@1kunalbahl) April 16, 2017

Pompliano’s lawsuit accuses executives of exaggerating user data to mislead advertisers. Funnily enough, it looks as though Snapchat’s user data will suffer a painful blow regardless of whether or not Pompliano’s accusations are found to be true.

Callum Cleary

Callum is an editorial intern at Law Street. He is from Portland OR by way of the United Kingdom. He is a senior at American University double majoring in International Studies and Philosophy with a focus on social justice in Latin America. Contact Callum at Staff@LawStreetMedia.com.

The post Why is #BoycottSnapchat Trending in India? appeared first on Law Street.

On Wednesday morning thousands of Twitter users, including verified accounts like BBC North America, Forbes, and tennis star Boris Becker, saw their accounts tweeting out a message in Turkish along with images of swastikas. Someone hacked Twitter and gained access to the accounts through the third-party app Twitter Counter, an analytics service.

The message that was sent out was propaganda in support of Turkish President Recep Tayyip Erdogan, and translated as “#NaziGermany #NaziNetherlands, a little #OTTOMAN SLAP for you, see you on #April16th.” The tweets also contained a link to a pro-Erdogan video on Youtube.

My twitter account was hacked !!! I never posted this as I obviously don’t speak Turkish…. pic.twitter.com/G7pNuH1UFj

— Boris Becker (@TheBorisBecker) March 15, 2017

The message was accompanied by emojis of swastikas and on some accounts the hackers had changed the user’s profile pictures into a Turkish flag or other Turkish symbols. April 16 is referendum day for Turkey–voters will be deciding whether or not to give the president even more power.

The Germany and Netherlands hashtags are referring to Erdogan’s recent beef with leaders of the two countries, he recently called them “Nazi remnants” and “fascists.” Erdogan had sent government officials to countries with large Turkish populations to rally support ahead of the referendum vote, which Germany and the Netherlands resisted.

Earlier this morning our Twitter account was hacked. We’ve now deleted the hacked tweet and investigating what happened. Apologies & thanks

— AmnestyInternational (@amnesty) March 15, 2017

Twitter Counter is based in Amsterdam and was also hacked in November, when some verified accounts like PlayStation and the New Yorker started sending out spam tweets telling users how to gain more followers. “We are aware of the situation and have started an investigation into the matter,” its chief executive, Omer Ginor, said. Twitter said in a statement that the hack was limited only to accounts that use Twitter Counter. “We removed its permissions immediately. No additional accounts are impacted,” the statement said.

We identified an issue affecting a small number of users. Source was a 3rd party app and it has been resolved. No action needed by users.

— Twitter Support (@Support) March 15, 2017

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post Hackers Tweeted Swastikas and Turkish Message From Thousands of Accounts appeared first on Law Street.

Hashtag of the day: #DeleteUber was trending over the weekend as the news was dominated by chaos and confusion over the Trump Administration travel ban. If you’re wondering what that hashtag stands for, check this out. Then read on for the latest rants.

Welcome to RantCrush Top 5, where we take you through today’s top five controversial stories in the world of law and policy. Who’s ranting and raving right now? Check it out below:

Trump’s Travel Ban Causes Chaos and Protests

On Friday, President Donald Trump issued an executive order, banning people from seven Muslim-majority countries from entering the United States. The order came abruptly and caused immense chaos at airports around the country, as people arriving from the affected countries were detained. Serious protests erupted, mainly at airports, and the move has been sharply condemned by, well, most people internationally.

It will probably have serious consequences in many ways. American academic institutions, hospitals, and businesses rely on experts and professionals from other countries. Iraq has already said it will retaliate. And an online petition in the U.K., aiming to keep Trump from making a state visit, quickly got over a million signatures.

IMAGE: Protests at airports across the United States pic.twitter.com/7OEqC9HtaT

— The Int’l Spectator (@spectatorindex) January 29, 2017

Initially, the ban also applied to green card holders and people with dual citizenship. Stories about students being stranded after a vacation or people unable to get home flooded the media over the weekend. An Iraqi man who worked as a translator for the U.S. military for a decade was detained for 18 hours at JFK Airport in New York.

As of now, it appears that no one is being detained or held at an airport anymore and there have been exemptions for 392 green card holders who have been allowed into the country. Fifteen attorneys general have issued a statement condemning Trump’s actions, calling it an “unconstitutional, un-American and unlawful Executive Order.” There is still confusion over what the order will actually mean, but the courts, big companies like Google and Facebook, celebrities, and ordinary citizens are all fighting back.

The synagogue where President Trump’s grandchild goes to preschool has condemned his travel ban https://t.co/jpunSV0ReA pic.twitter.com/0GbC3AM3ZG

— CNN International (@cnni) January 30, 2017

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post RantCrush Top 5: January 30, 2017 appeared first on Law Street.

Welcome to RantCrush Top 5, where we take you through today’s top five controversial stories in the world of law and policy. Who’s ranting and raving right now? Check it out below:

Talk Spanish To Me, Tim Kaine

As the election continues to make us groan, Tim Kaine continues to impress us. He can play the harmonica, he’s insanely charismatic and, get this…he can speak Spanish like a boss. Kaine made history by delivering a stump speech entirely in Spanish at a community center in Arizona.

After Trump’s “bad hombres” and constant alienation of bilingual and multilingual families, Tim Kaine sought to rally key voters by actually speaking their language and treating them with respect.

Rant Crush

RantCrush collects the top trending topics in the law and policy world each day just for you.

The post RantCrush Top 5: November 4, 2016 appeared first on Law Street.

The FBI secretly arrested a National Security Agency contractor suspected of stealing and leaking highly classified material that is used for hacking foreign governments’ networks. The suspect, Harold Thomas Martin, has been in custody since August and worked for the same firm as famous whistleblower Edward Snowden, Booz Allen Hamilton. This firm is responsible for some of the most secretive and sensitive operations of the NSA.

Maryland Man Charged With Removal of Classified Materials and Theft of Government Property https://t.co/fHMngJZQ6x

— Justice Department (@TheJusticeDept) October 5, 2016

Martin is suspected of stealing a “source code” that the NSA uses to break into the computer systems of hostile foreign countries like China, North Korea, and Russia. It is unclear if he has shared the code with anyone yet. If leaked, the documents could “cause exceptionally grave damage to the national security of the U.S.,” according to a statement from the U.S. Justice Department.

Here’s how the criminal complaint describes the NSA contractor’s response. pic.twitter.com/TCExbnoDPl

— Eric Geller (@ericgeller) October 5, 2016

The 52-year-old Maryland man now faces one year in prison if found guilty of removing the materials, and ten more for the theft. The FBI searched his home and car, where it found several documents and digital information marked as “top secret.” They also found unspecified “government material” up to a value of $1,000.

The formal charges are theft of government property and unauthorized removal and retention of classified materials by a government employee or contractor. This case is different from Snowden’s because of the material stolen and the purpose of it. Snowden was a whistleblower who acquired classified documents and leaked them for the public benefit. Martin stole the actual code software that is used in NSA operations and that can be sold and used for cyber warfare.

Edward Snowden, currently exiled in Russia, tweeted about the news.

This is huge. Did the FBI secretly arrest the person behind the reports NSA sat on huge flaws in US products? https://t.co/otgOwB5efm

— Edward Snowden (@Snowden) October 5, 2016

According to the Independent, the material in this case could be connected to the recent theft of secret material by the hacker group Shadow Brokers, which also included a source code that was traced to the NSA. The hackers also left a cryptic message in broken English, saying, “We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control.”

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post NSA Contractor Arrested For Stealing and Leaking Classified Codes appeared first on Law Street.

Hackers have leaked personal emails from former Secretary of State Colin Powell, in which he describes Donald Trump as a “national disgrace” and an “international pariah,” Buzzfeed reported. The website DCLeaks.com obtained the emails, which include exchanges between journalist and former Powell aide Emily Miller as well as other Powell associates. The leaks also highlight disagreement between Powell and the Clinton campaign over the use of her private email server during her time as Secretary of State.

In one email to Miller, Powell wrote that Trump “is in the process of destroying himself, no need for Dems to attack him. [Speaker of the House] Paul Ryan is calibrating his position again.” Powell also said that the idea promoted by Trump and others that President Obama was not born in the United States is racist. He said:

Yup, the whole birther movement was racist. That’s what the 99% believe. When Trump couldn’t keep that up he said he also wanted to see if the certificate noted that he was a Muslim.

Powell is a self-described lifelong Republican but has endorsed President Obama twice, indicating that he has problems with the direction Republican Party of today is heading. In another email with “Racism” in the subject line, he wrote, “Or as I said before the 2012 election, ‘There is a level of intolerance in parts of the Republican Party.’” He went on to say he wouldn’t comment about Trump to the media, arguing that it would feed into his ego.

Colin Powell also said that having Roger Ailes, who resigned from Fox news over sexual harassment allegations, as an adviser won’t exactly help Trump win over women’s votes, Buzzfeed reported.

Shortly after the leak, Powell confirmed that the emails are authentic and said that the hackers “have a lot more.” The website, DNCLeaks.com, has links to Russian-backed hackers who were previously accused of breaking into the accounts of the Democratic National Committee and releasing emails that embarrassed the party.

#DCLeaks Powell in leaked email: ‘I didn’t tell Hillary to have a private server at home’ https://t.co/uxALVOi4CC

— DC Leaks (@DCleaks_) September 14, 2016

In other leaked emails, Powell talked about Hillary Clinton’s private email server, an issue he wished to stay far away from. In February he wrote to Kenneth Duberstein, a White House chief of staff under president Reagan, saying, “I didn’t tell Hillary to have a private server at home, connected to the Clinton Foundation, two contractors, took away 60,000 emails, had her own domain.”

And in September 2015 email to Lawrence Wilkerson, his former chief of staff, he wrote, “[Hillary Clinton] and her mishandling of this has really given her a major problem I do not wish to get involved in, despite the best efforts of her team to drag me in.”

Defenders of Hillary Clinton like Representative Elijah Cummings have tried to point to Powell and Rice as a precedent for the use of a private email account while serving as Secretary of State. In a press release, Representative Cummings noted that both Rice and Powell had “received classified national security information” on their personal accounts. But Powell took issue with the classified emails that many cited, claiming that they were not classified at the time. Both Powell and Rice expressed, over email, an increasing annoyance with the situation.

This also led Powell to email Duberstein. “Stupid State Department dragged me in and I had to take care of myself […] I warned them. Don’t say these unclassified messages are classified or should have been classified,” he wrote.

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post Colin Powell Calls Trump ‘International Pariah’ in Leaked Emails appeared first on Law Street.

On Thursday, Apple released a new security update for iPhone users worldwide after the discovery of an attempted hack that was trying to take advantage of three huge vulnerabilities in the iOS operating system. Using these three factors, now called the “Trident” flaw, hackers could take complete control over someone’s phone remotely, without the owner knowing about it.

The group that is believed to be behind the hack is an American-owned, Israeli-based company called NSO. It was founded in late 2009 by two Israeli mass-entrepreneurs with ties to the Israeli government and defense forces. In 2014 a San Francisco-based equity firm bought a majority stake in the company for $120 million.

NSO says it specializes in tools fighting against crime and terrorism. Its LinkedIn page describes the company as in “the field of Internet security software solutions and security research.” But many security firms call the group a “cyber arms dealer.” An online document from NSO says it is “a leader in the field of cyber warfare” that utilizes its proprietary monitoring tool it calls “Pegasus,” which can monitor and extract all data from a target “via untraceable commands” which allow “remote and stealth.”

Human rights activist Ahmed Mansoor from the United Arab Emirates was the first one to report the suspected hack, after receiving a text message to his iPhone with a link promising to reveal details about torture in his country’s prisons. Instead of clicking the link he contacted the Toronto-based internet watchdog Citizen Lab.

Incredible: #UAE tries to hack democracy activist @Ahmed_Mansoor w/ Israeli-made… https://t.co/u9WQZFM2OQ by @salamah via @c0nvey

— Azza Youssri (@AzzaYoussri) August 26, 2016

Reports issued on Thursday by Citizen Lab and San Francisco mobile security company Lookout revealed how they discovered an advanced spyware that could take over the whole phone at the tap of a finger. If you click the link in a fake message like the one Mansoor received, it would activate spying software called “Pegasus” and hackers could listen in on your calls, collect text messages and personal information, and control your camera.

This advanced technique is so highly desirable in the cyber world that one spyware broker said in November that it had paid $1 million to programmers who said they had found a way to do it, according to the Telegraph.

On Thursday an Apple spokesperson said:

We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5. We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits.

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post Who are the Hackers Behind the Apple Spyware Problem? appeared first on Law Street.

“Ghostbusters” actress and “SNL” comedian Leslie Jones was the victim of a vicious hacker attack on Wednesday. Online hackers published her personal information such as photos of her passport and driver’s license, as well as nude photos that seemed to be of her, on her own website. They also bizarrely posted a video of the gorilla Harambe that was killed at a zoo earlier this summer. Her website is now shut down.

Jones’ most recent movie, the remake of “Ghostbusters,” prompted a stream of racist comments and online attacks on Twitter in July. A tech editor at Breitbart named Milo Yiannopoulos even allegedly contributed some of the abuse; as a result Twitter shut down his account. He had received repeated warnings about similar issues.

After being banned from Twitter, Yiannopoulos said (instead of apologizing):

With the cowardly suspension of my account, Twitter has confirmed itself as a safe space for Muslim terrorists and Black Lives Matter extremists, but a no-go zone for conservatives.

He also said it would be the end for the social medium as it doesn’t welcome people who stand for free speech.

Leslie Jones then spoke out on “Late Night With Seth Meyers,” saying that hate speech and freedom of speech are two different things. She pointed out that cyber bullying is really common but many people don’t talk about it since it’s so hard to accomplish anything. But Jones took a strong stand–she publicly declared she was logging off from Twitter and called out her abusers, and then worked with Twitter CEO Jack Dorsey to identify all the accounts that had posted the comments.

Jones was back on Twitter in August, live reporting from the Olympics in Rio.

And after the most recent online attacks, many are standing up for Jones.

This @Lesdoggg attack is troubling. The rampant racism percolating in society right now is shameful and sad. She made a movie, that’s it!

— octavia spencer (@octaviaspencer) August 24, 2016

Sharing personal info & pics of women naked are classic cyberabuse tactics. WoC are disproportionately targeted. #solidarity to Leslie Jones

— End Online Misogyny (@misogyny_online) August 24, 2016

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post Following Twitter Racism, Hackers Expose Leslie Jones’ Info and Photos appeared first on Law Street.

Individuals who were using a website to cheat on their spouses and significant others will not remain anonymous if they choose to remain on the lawsuit against that website–Ashley Madison. This week a judge ruled that anyone who continues in the legal fight will not be allowed to use pseudonyms in the lawsuit.

Let’s start at the beginning of this whole mess: this lawsuit began in response to last summer’s hack of the Ashley Madison website, a service with the motto: “Life is short. Have an Affair.” The website, which purports to facilitate men and women in finding people to have affairs with, is used most predominantly by men. In the hack, 11 million account passwords were discovered because of improperly secured accounts. This led to the release of 32 million customers’ emails, sexual preferences, names, and addresses on the internet, which caused backlash in small communities, investigations of government employees found using the site, and even the blackmailing of some individuals whose information was released.

In response to the release of personal information, several Ashley Madison users have decided to sue the company for claiming to secure personal information and then failing to do so. While many of their identities have already been released, the plaintiffs petitioned to use pseudonyms in the case in order to protect themselves from judgment of the public.

Unfortunately for the roughly 50 people suing Ashley Madison, Judge John A. Ross, a United States District Judge, ruled on April 6th to deny the motion for plaintiffs in the case to use pseudonyms. Part of the judge’s ruling was based on the fact that:

The personal and financial information plaintiffs seek to protect has already been released on the Internet and made available to the public.

In addition, the judge acknowledged the fact that:

Only in extraordinary circumstances may civil litigation proceed under fake names, like in cases such as sex crimes and suits about juveniles.

What the judge did allow is for the members who are currently involved in the suit to dismiss their complaints and instead file as members of a class in a class-action suit. If it is certified they will not need to release their names individually in order to sue.

A lot of the people whose names were released in the hack have faced serious consequences because of the release of information. Some people have been blackmailed into paying bitcoin bribes in order to try to stop blackmailers from ousting the cheaters to their oblivious spouses. Town officials have been shamed by their local newspapers and publications.

While the huge breach in security was unexpected for the members of the Ashley Madison site and the people whose information was released may have legal standing to sue the company, it’s hard to have much sympathy for cheaters whose significant others found out about their infidelity. This is a good lesson for all of us to be a little more skeptical about the security of personal information online and the reality of bad karma. Next time you go online to find a hot date with whom to two-time your wife, maybe think twice before plugging in your government email address.

Alexandra Simone

Alex Simone is an Editorial Senior Fellow at Law Street and a student at The George Washington University, studying Political Science. She is passionate about law and government, but also enjoys the finer things in life like watching crime dramas and enjoying a nice DC brunch. Contact Alex at ASimone@LawStreetmedia.com

The post Judge Denies Cheaters’ Request to Remain Anonymous in Ashley Madison Suit appeared first on Law Street.

Last week’s top stories ran the gamut from cheating spouses to the best places to get a joint J.D./M.B.A degree. The top story of the week was a breakdown of the strangest arrests making the news, followed by a look at the Ashley Madison hack and the future of online privacy. The #3 story was the J.D./M.B.A. ranking for the University of California-Berkeley School of Law. ICYMI, check out the top posts from last week:

#1 Weird Arrests of the Week

It’s the end of the week, which means its time to relax and reflect on all the stupid things people have done this week. Specifically, some fantastically odd arrests. Check out the slideshow here.

#2 Ashley Madison Hack: The Future of Online Privacy Doesn’t Look Good

A few weeks ago, a group of hackers called the “Impact Team” threatened to expose the profiles of people who had accounts on Ashley Madison, a dating site specifically aimed at married people who are looking to cheat. The hackers threatened to “release customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails” if the site was not taken down. The parent company–Avid Life Media–did not comply, and now that data has been released to the public. Read the full story here.

#3 Top 10 Schools for J.D./M.B.A. Programs: #9 University of California-Berkeley School of Law

The legal industry is changing and law schools are no exception. Applications and enrollment are both down, and the value of the traditional legal education with its current price tag is the subject of continual debate. Law Street Specialty Rankings are a detailed resource for prospective law students as they consider the many law schools across the country. Law Street Specialty Rankings blend the quantitative and qualitative in a way that accurately highlights the top law schools based on specialty programs. Check out the University of California-Berkeley School of Law’s ranking here.

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post ICYMI: Best of the Week appeared first on Law Street.

A few weeks ago, a group of hackers called the “Impact Team” threatened to expose the profiles of people who had accounts on Ashley Madison, a dating site specifically aimed at married people who are looking to cheat. The hackers threatened to “release customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails” if the site was not taken down. The parent company–Avid Life Media–did not comply, and now that data has been released to the public. The Impact Team hackers have now shed a very personal light on cheating spouses around the globe–but the potential overall ramifications are significantly more jarring than the awkward conversations that some members are probably going to have with their spouses tonight.

Massive data hacks are nothing new–the Sony and Target hacks warranted significant news coverage for weeks, and the Office of Personnel Management hack earlier this summer compromised the data of over 20 million people. However, this Ashley Madison hack may rank among the largest yet. As Ars Technica points out:

Researchers are still poring over the unusually large dump, but already they say it includes user names, first and last names, and hashed passwords for 33 million accounts, partial credit card data, street names, and phone numbers for huge numbers of users, records documenting 9.6 million transactions, and 36 million e-mail addresses.

The hackers targeted Ashley Madison in particular for a few reasons, but one of the biggest sticking points appeared to be that they didn’t agree with Ashley Madison’s business practices when it came to handling data. Specifically, they took issue with the fact that Ashley Madison charged users to delete their data, and then didn’t. Impact Team further explained about its hacking motives:

Avid Life Media has failed to take down Ashley Madison and Established Men. We have explained the fraud, deceit, and stupidity of ALM and their members. Now everyone gets to see their data. Find someone you know in here? Keep in mind the site is a scam with thousands of fake female profiles. See ashley madison fake profile lawsuit; 90-95 percent of actual users are male. Chances are your man signed up on the world’s biggest affair site, but never had one. He just tried to. If that distinction matters.

Find yourself in here? It was ALM that failed you and lied to you. Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you’ll get over it.

What is particularly concerning about this hack, however, is what it signals about any site where personal information is provided. This isn’t just about stealing individuals’ social security and credit card numbers, like so many hacks in the past. This involves private information, and while it’s easy to justify that this private information has been breached because the people who provided it did so willingly in the hopes of engaging in an affair, it’s not that simple.

Online privacy is something we’ve all taken for granted for so long–we probably shouldn’t have, but that ship has completely sailed. Things like our private communications, our medical records, and sometimes yes, our dating or sexual preferences, can be found online. It’s easy to ignore the Ashley Madison hack because it was aimed at people that are in a very moral gray area, but it can just as easily happen, and may happen, when it comes to other personal information. The Impact Team did show the power of hacking. Despite the nature of the hack, it’s time that we realize its seriousness when it comes to our expectations of online privacy.

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post Ashley Madison Hack: The Future of Online Privacy Doesn’t Look Good appeared first on Law Street.

Dating websites are nothing new to our generation. Singles go online, make a profile, and meet people similar to them with hopes of finding their soulmate and happily ever after–or so we thought. A different kind of dating website with some taboo clientele is changing the matchmaking game, and hackers don’t like it.

AshleyMadison.com is a dating website for people who are not so single…in fact, they’re usually married. Millions (yes millions) of married people have gone to the site to have secret affairs. Although Ashley Madison claims to be discreet, users of the site are now nervously watching for news updates after hackers calling themselves the “Impact Team” stole their personal information from the site late Sunday, and are now threatening to expose it.

AshleyMadison, a website for people seeking affairs, boasts 37 million users. It was hacked. http://t.co/lisUnFg839 pic.twitter.com/UIKaxIa0nC

— WSJD (@WSJD) July 20, 2015

The site, which has over 37 million users, prides itself on being the “world’s leading married dating service for discreet encounters.” It even offers users who want to erase their sneaky past a “full delete” feature (for a $19 fee) that promises to delete all of the user’s personal data from the server. However, the hackers are claiming that this feature is a complete scam and the data of those who paid for it was never deleted.

According to Brian Krebs, the blogger behind Krebs on Security, the hackers have warned that if Ashley Madison and its sister site, EstablishedMen.com, are not taken down for good they will “release customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.” Impact Team went on to mock the site and its users writing,

Too bad for those men, they’re cheating dirtbags and deserve no such discretion. Too bad for ALM [Avid Media Life, the parent company], you promised secrecy but didn’t deliver. We’ve got the complete set of profiles in our DB dumps, and we’ll release them soon if Ashley Madison stays online. And with over 37 million members, mostly from the US and Canada, a significant percentage of the population is about to have a very bad day, including many rich and powerful people.”

Unfortunately for Ashley Madison hack victims, sympathizers are few. Some people are even glad the site was hacked, and think the information being released would be a good thing.

I see the ‘Ashley Madison’ website has been hacked and they’re threatening to expose everyone on it. GOOD, cheating should not be condoned.

— Ashley (@Ashleyybrewer) July 20, 2015

In a statement responding to the hack Avid Media Life said,

We were recently made aware of an attempt by an unauthorized party to gain access to our systems…At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act.

CEO of Ashley Madison, Noel Biderman, believes that the attack was an inside job by someone who has worked with the company’s technical services before and that he is getting close to confirming who the culprit is. But was Ashley Madison cheating cheaters? If the company’s “full delete” feature is in fact a scam, it cheated users out of an estimated $1.7 million during 2014, and could be cause for some serious lawsuits against the company.

For now Ashley Madison is still up and running. The excerpts from the site that have been leaked by the hackers were taken down; however, this doesn’t get the cheaters off the hook. The Impact Team still reportedly has a copy of the full database so users might want to think twice before continuing their “discreet” affairs.

Taelor Bentley

Taelor is a member of the Hampton University Class of 2017 and was a Law Street Media Fellow for the Summer of 2015. Contact Taelor at staff@LawStreetMedia.com.

The post Ashley Madison May Have Cheated Cheaters appeared first on Law Street.

The infamous hacker group “Anonymous” reportedly conducted an attack against the Canadian government on Wednesday. This attack made multiple government websites go dark, including Canada.ca and the websites for the Department of Foreign Affairs, Transport Canada, Citizenship and Immigration Canada, and Justice Canada. This hack was supposedly in protest against the government’s controversial new security legislation. Bill C-51, or the Anti-terrorism Act, that would broaden the mandate of the Canadian Security Intelligence Service (CSIS). Exact ramifications of the attack are unknown, but it’s almost certainly the latest in a string of efforts by Anonymous to protest increased surveillance in various nations.

The act would give the agency new powers to disrupt perceived security threats and make it easier for federal agencies to increase surveillance and share information about individuals. Anonymous believes that this bill is not in its favor, stating as much in a video posted on YouTube. The video said the anti-terrorism law violated human rights and targeted people who disagree with the government, saying:

A bill which is a clear violation of the Universal Declaration of Human Rights, as well as removing our legal protections enshrined in the Magna Carta for 800 years. Perhaps it was fate that the day the Magna Carta arrived in our country to go on display to the populace that our corrupt government was symbolically pissing upon it and us all.

Soon after the hack,  Twitter user @Blakeando10 took credit for the cyberattack. He is pictured on his account as wearing a Guy Fawkes mask, which is usually associated with an act of this sort committed by Anonymous.

It was your move senators, now it’s ours. http://t.co/Fs67YrqOTH#cdnpoli#Opcyberprivacy#opC51 Huffpostcanada

— SplendidMass29 (@blakeando10) June 17, 2015

evasiv3 Your sites were not secure. A gov that can’t protect its own cyberspace can’t protect yours. Get it?

— SplendidMass29 (@blakeando10) June 17, 2015

Treasury Board President Tony Clement confirmed that the government’s servers were hit with a denial of service attack. “I can tell you, I’ve just been through a briefing on it. There has been an attack on Government of Canada servers, GC servers. It is as a result of a, of a — what we would call a cyberattack,” he said. By 3 PM, most of the websites were back online, although exact damage was still unknown. Liberal Defense critic, Joyce Murray, believes that this cyber attack should be a wake-up call for the Canadian government. Nadeem Douba, who has previously advised governments on security issues, told iPolitics the hack was not a very sophisticated one.

It definitely is more about optics than anything else. If we were looking at a denial of service attack similar in nature to StuxNet, where critical infrastructure was impacted, then I would consider it more of a security threat. The same could be said if the attack were able to create any kind of political unrest or economic instability. However, as far as we know now, this attack is more of a nuisance than anything else.

Government websites should be some of the most secure in the world. There is no reason why a group of people should be capable of hacking into them, especially if these sites hold valuable information. Steven Blaney, the public safety minister, criticized the cyber-attackers, telling reporters that there were many other more democratic ways for Canadians to express their views. Blaney also said the government is implementing efforts to improve its cyber security. Hopefully that’s not too little, too late.

Taelor Bentley

Taelor is a member of the Hampton University Class of 2017 and was a Law Street Media Fellow for the Summer of 2015. Contact Taelor at staff@LawStreetMedia.com.

The post Anonymous Strikes Again: Canadian Government Experiences Security Breach appeared first on Law Street.

I’m an avid backpacker. While shopping for a new, sturdy backpack to travel across Southeast Asia, I asked my military friend for an old duffel bag or something similar to use. He responded, “No, it’s too dangerous. Wearing military gear through airports, or anywhere abroad can make you a target. Anyone with anti-American ideologies could rob you, heckle you, or kill you. So, no. Besides, we’re not supposed to.”

My friend is referencing the physical presence, but what about on social media? We might avoid posting our political views in fear of them affecting job prospects sure, but have you ever considered your online affiliations affecting your safety–your life?

This may be something the U.S. Government and Military personnel will have to consider in the digital age, especially since terrorist organizations all have social media pages.

A group calling itself the Islamic State Hacking Division posted the names, photos, and addresses of about 100 U.S. troops online, calling for attacks against them. Those most likely to respond will be lone wolves. A term given to individual terrorists who carry out attacks alone in the name of a greater cause…whatever that may be.

Investigations are underway to understand the validity of the post, the methodology the group used to attain the names, and the credibility of the group itself.

In theory, ISIS or any terrorist group could see a military car decal, a Facebook profile picture, an online entry to a military spouse support group, or even see you open your wallet with a military I.D. After that they could find you, stalk you…and then what?

That’s an extreme. Let’s say no attack is ever carried out. At the very least, these terrorists are inciting fear in our military families, pressuring them to limit their online presence–the pride they have in their careers and country–and effectively go into hiding. That’s an issue in itself.

One such Twitter account posted, “We won’t stop! We know everything about you, your wives and children. U.S. soldiers! We’re watching you!” The account has since been deleted. Twitter has been pretty adamant about suspending and deleting ISIS content. As a result, the group has sought refuge in Diaspora, a social site that consists of a group of independently owned pods, which makes it difficult for administrators to remove content.

It’s unfortunate we have to be vigilant against what’s exposed on social networks in the name of terrorism. We must continue to report graphic and hateful messages, and protect the honor of those like Steven Sotloff, James Foley, Kayla Jean Mueller–the list goes on.

Jasmine Shelton

Jasmine Shelton is an American University Alumna, Alabamian at heart, and Washington D.C. city girl for now. She loves hiking, second-hand clothes, and flying far away. Contact Jasmine at staff@LawStreetMedia.com.

The post ISIS Uses Twitter to Publish Hit List of U.S. Military Personnel appeared first on Law Street.

Following the recent fiasco at Sony, hacking has been catapulted squarely into the spotlight. But hackers are doing more than just delaying movie premieres–they are causing serious damage and have the capability to cause much more. Before we get too scared of these anonymous boogeymen, however, it is important to understand what hacking is and who the hackers are.

What are hackers and what do they do?

So, first of all, what is a hacker? While the answer to that question is very complicated, for clarity’s sake a succinct and clear explanation of a computer hacker and computer hacking is this:

Computer hackers are unauthorized users who break into computer systems in order to steal, change or destroy information, often by installing dangerous malware without your knowledge or consent.

This definition is of course limited, as hacking is not relegated solely to computers and is not always a negative thing. Below is a video that offers a fuller picture.

While not all hacking is negative, much of it is, and it is important to understand specifically what the intentions of many hackers are and how they operate. Hackers often lure their unsuspecting victims with bogus scams sent through emails or websites. Some hackers also prefer the approach of directly attacking a computer if it does not have the requisite protection in place, such as a firewall; however, while hacking may appear as simple as pressing a button in a movie, it is more complicated than that. More specifically, what a hacker does is infect another person’s computer with malicious software or malware. Once the unsuspecting user has activated the malware, either by clicking on a link or opening an email, his computer can then become infected with a virus. If a computer does become infected the hacker essentially has unlimited access to the operating system. This then enables him to have virtual control over the user’s computer and internet activity. Normally the hacker will try to maintain a low enough profile so the user is not alerted; in the meantime he will attempt to obtain sensitive information. Whatever way hackers choose to attack, they often try to steal things like passwords, account numbers, and means of identification such as a social security number.

The purpose behind all of this is nefarious; stealing an individual’s money, abusing their credit, or even turning a profit by selling the acquired information to a third party is often the end goal. Two prime examples of this are the major hack of Target’s credit card system in 2013 and the similar hack of EBay this year. Nonetheless, while hackers seem to have similar motives, the group is in fact quite heterogeneous and can vary from countries to individuals.

State Actors

The first type includes hackers utilized by a country’s government or military. In this way, hackers are used like other weapons such as tanks or missiles. In this regard, perhaps no country employs hackers and hacking more than China. According to a 2013 article from Bloomberg, China accounted for 41 percent of hacking assaults in 2012–four times that of the second place country on the list. While there’s no way to say definitively whether those hacks came from the Chinese government, the idea comes as no surprise to those familiar with the United States’ claims that China has long hacked American corporations in order to steal trade secrets and then passed them along to Chinese companies. For example, there were hacking accusations against China earlier this year by American corporate icons such as U.S. Steel and Alcoa.

However, the United States is far from an unwitting victim of these attacks. In fact the number two country from the same list of top hacking nations was the United States. In 2012, for example, ten percent of hacking attacks originated from within the United States. In addition, the United States military has increased the portion of its budget focused on cyber warfare. In 2015, the U.S. Cyber Command plans to spend $5.1 billion on cyber combat. The video below explains the threat of cyber warfare.

There is already evidence of suspected U.S. cyber warfare at work. Aside from unpublicized U.S. attacks against the Taliban in Afghanistan, there’s the more notable example of the Stuxnet virus that infected the Iranian nuclear infrastructure and severely damaged its nuclear program. There is also the recent shutdown of North Korean internet access that many suspect was American retaliation for the suspected North Korean hack of Sony.

Along with the United States and China, other countries where hacking is a major weapon include Taiwan, Turkey, and Russia.

Non-State Actors

Indeed non-state actor hackers may pose an even bigger threat to global systems than government operations. One reason why is while government operations are generally strictly military or defensive in nature, non-state operations run the gamut.

Patriotic Hacking

One example is something known as patriotic hacking. In essence, these groups are self-appointed to represent a particular country and will respond in kind to any perceived slight against the nation they represent. One such group formed in China in response to the accidental bombing of a Chinese embassy in Belgrade by the United States during the war in Kosovo. Similar groups have also formed in many countries such as Israel, India, Pakistan, and the United States.

An example of a patriotic hacker–or “red hacker” as they are known in China–is Wan Tao. Wan Tao hacked everything from the U.S. government to Japanese political email accounts. While it is believed they he was never explicitly ordered to do so, the hacker’s targeted attacks fell in line with Chinese Governmental actions. As if to emphasize the underlying nationalism in his attacks, Wan Tao even had a name for his group, the China Eagles.

Hacktivists

Another type of non-state hacking group is known as hacktivists, which are people who use both legal and illegal means to achieve some political goal. Perhaps the best example is the group known collectively as Anonymous. Known for dawning the Guy Fawkes mask, Anonymous has been involved in hacking cases related to social issues ranging from the Occupy Wall Street movement to the shooting death of Michael Brown that set off the protests in Ferguson, Missouri. A more expansive definition of hacktivism is provided in the video below.

Other Non-State Actors

There are countless other non-state hacking groups at play today. One example is the massive hack of JP Morgan Chase in October 2014. In this case, the personal information of 83 million bank customers was stolen.  While Chase was quick to deny any information such as account numbers was taken, experts in the field remain more skeptical.  Regardless of what exactly was stolen, the culprits were again believed to be Russian hackers who stole personal information with the intent to sell it or profit off of it through other means such as fraud. There is also the persistent fear of terrorist hackers, although little has yet to come of this.

Putting Up a Firewall

While governments and individuals swarm to the attack there are also efforts to fight back against hackers, and like hackers and hacking these efforts take many forms. At the highest level are government efforts like those of the United States government. Specifically, as touched upon earlier, the United States has created a cyber command capable of launching retaliatory strikes against its enemies through cyber space if the U.S. were attacked. In essence then the United States is creating a deterrent through cyber space much like it already has through both conventional and nuclear means.

There are also altruistic attempts such as the ones being undertaken by organizations like I Am the Cavalry, which allows researchers to share their findings and help improve the security of four major sectors: medical devices, automobiles, home services, and public infrastructure.

In addition, there are more classical capitalist efforts employed by corporations. Several major corporations such as Apple, Facebook, Google, and Microsoft are actively courting hackers, often holding competitions with prizes like lucrative job offers. The goal of this approach is to pick up where traditional IT efforts leave off. Traditional efforts are geared at creating defensive measures so hackers cannot break into a system; however, this new approach utilizes hackers themselves specifically because they have the opposite mindset and are looking for the vulnerabilities to attack. By harnessing hackers’ aggressive skill sets and playing off their competitive mentalities these companies and many more are, in essence, using hackers to prevent hacking.

Conclusion

As the world becomes more digital and connected the threat of hacking will increase. In the future everything from cars to even toasters can and will be vulnerable to hacking and misuse. Furthermore, this threat will not necessarily come from other countries, but also non-state actors and even individuals. The motivations and allegiances of these people and groups vary widely and make the problem infinitely more complex.

Nonetheless, while efforts to prevent hacking can seem hopeless, like trying to keep a ship with a million leaks afloat, all is not lost. Indeed there are already efforts underway to fight back, which vary as much as those of the hackers themselves. As history has shown, no ship is unsinkable. Thus hacking is always likely to be a problem and an increasingly dangerous one; however, it can also offer an avenue for improvement and a channel to voice social concerns. While hacking may be the next great threat, like previous scourges it may also present unique opportunities for change and improvement for society as a whole.

Resources

Primary

Center for A New American Security: Non-State Actors and Cyber Conflict

Additional

Bloomberg: Top Ten Hacking Countries

CNN World: North Korea Denies Sony hack

Forbes: The Top 5 Most Brutal Cyber Attacks of 2014

Time: Here’s What Chinese Hackers Actually Stole From U.S. Companies

Time: China’s Red Hackers

WebRoot: Computer Hackers and Predators

Bloomberg Business Week: Target Missed Alarms

Washington Times: Cyber Command Investment Ensures Hackers Targeting US Face Retribution

The New York Times: North Korea Loses its LInk to the Internet

New York Post : Hackers Steal 83 Million Chase Customers’ Info

Mashable: Hacktivism

International Business Times: What is Anonymous?

CDR Global Inc: Hacking for Good

Guardian: There are real and present dangers around the internet of things

I Am the Cavalry: Homepage

Michael Sliwinski

Michael Sliwinski (@MoneyMike4289) is a 2011 graduate of Ohio University in Athens with a Bachelor’s in History, as well as a 2014 graduate of the University of Georgia with a Master’s in International Policy. In his free time he enjoys writing, reading, and outdoor activites, particularly basketball. Contact Michael at staff@LawStreetMedia.com.

The post Hacking: The New Kind of Warfare appeared first on Law Street.

An international operation led by the United States caught a group of cyber criminals spearheading the largest cyber crime ring yet, one that infected approximately 500,000 to one million PCs globally. The group of cyber criminals, allegedly led by Russian national Evgeniy Mikhaylovich Bogachev who went by the aliases “lucky12345” and “slavic,” stole approximately $100 million from individuals and businesses worldwide starting in 2007. The botnet, which is a group of infected computers under the control of someone other than their owners, went by the name GOZ, short for Gameover Zeus, and mainly targeted bank accounts and credentials. A couple of notable targeted by GOZ are Bank of Georgetown and Capital One.

Their main goal was to monetize the investment they made into getting into your machine, they were absolutely after dollars, pounds and euros.

-Dell Employee Don Smith

How did Gameover Zeus do it?

Generally, the GOZ hackers ensnared targets and obtained secure information by using infected emails via a process known as “phishing.” Computer users would receive legitimate-looking email messages claiming to be from a trusted bank stating that there was a problem with one of their prior financial transactions. Once the computer owner unknowingly downloaded the malware after opening the email and clicking a link, it began a targeted search for financial information stored on the machine. The Gameover Zeus virus was initially spread by one of the largest botnets known called Cutwail, which popped up on the cybercrime scene in 2007 and is mostly involved with sending email messages containing viruses. In 2009, the Cutwail botnet contained the largest known number of infected machines.

The cyber crime ring also distributed malware called CryptoLocker, a form of what is known as ransomware, which makes data of a computer inaccessible to its user, claiming to only unlock their machine after receiving payment of as much as $700. The GOZ botnet in particular was so tricky to take down due to various components- namely, its advanced ability to hide the location of its servers via data encryption.

The Demise of the Crime Ring

Members of several organizations worldwide including the U.S. Department of Homeland Security, Intel Corp, Carnegie Mellon University and Microsoft Corp had been tracking the activity of GOZ since it first appeared on the scene in 2007, well before they were able to take action and put an end to their criminal operations. The monitoring of the cybercrime ring was completely secretive until they commenced “Operation Tovar,” which shut down the operations of the computers involved in spreading the viruses. United States organizations, mainly the FBI and the aforementioned companies, collaborated with Europol and the UK’s National Crime Agency to initiate a virtual ambush on Gameover Zeus. Authorities ended the cybercrime ring’s operations by shutting down the servers they were using to control the computers infected with its viruses.

Bogachev, believed to be the ringleader of the GOZ operation, is thought to be residing in Russia and has been added to the FBI’s Cyber Most Wanted List. Various publications including the International Business Times warned residents of the UK that despite the ending of the operations of the cybercrime ring, they may be able to regroup within two weeks and begin infecting machines once again. To keep their machines safe from future cyber attacks, experts urge computer users to install or update their security software and change passwords on important accounts.

—

Marisa Mostek (@MarisaJ44) loves globetrotting and writing, so she is living the dream by writing while living abroad in Japan and working as an English teacher. Marisa received her undergraduate degree from the University of Colorado in Boulder and a certificate in journalism from UCLA. Contact Marisa at staff@LawStreetMedia.com.

Featured Image Courtesy of [geralt via Pixabay]

Marisa Mostek

Marisa Mostek loves globetrotting and writing, so she is living the dream by writing while living abroad in Japan and working as an English teacher. Marisa received her undergraduate degree from the University of Colorado in Boulder and a certificate in journalism from UCLA. Contact Marisa at staff@LawStreetMedia.com.

The post World’s Largest Cyber Crime Ring Disbanded appeared first on Law Street.

I was watching television recently when I saw an awesome AT&T commercial that summed up the greatness that is technology. Take a look.

The dad literally turned off all the appliances and locked the door with a press of a button on his smartphone. Mind… Blown… I’m not easily impressed, but after seeing this I had to know more. How could all of these different things be turned off remotely with one app? Are they connected to the internet? What did I just see?

After some research, I found out that everything in that mind-blowing commercial will probably be common in about seven years. Household appliances like toasters, refrigerators, ovens, and coffee pots are being enabled to communicate with each other and with your applications — technology referred to as IoT, or the Internet of Things. We know about smart TVs, but say hello to smart thermostats. These devices have the ability to connect wirelessly via router signals, and some can even connect to the internet on their own. Not only that, but these appliances are able to connect, control, and share resources over different operating systems. This is so cool that even Google wants a piece of the action — which explains their $3.2 billion purchase of Nest, creator of smart thermostats and smoke alarms.

Last year 10 billion of these devices were connected to the internet, and there are estimates that up to 212 billion devices will be connected by 2020. The Internet of Things is slated to be an $8.9 trillion market by 2020, and will include many more things than just household devices. State, local, and federal governments are preparing to expand on these kinds of technologies and use them to create entire smart cities, as well as tech-supported infrastructure and energy sources such as wind turbines. These will all fall under the category of IoT and therefore could have some of the same vulnerabilities.

Proofpoint, a new tech security firm, has found evidence that smart appliances have the ability to be cyberattacked. In a study conducted from December 23, 2013 to January 6, 2014, Proofpoint found that more than 100,000 common appliances like multimedia centers, TVs, routers, and refrigerators were able to send 750,000 malicious emails in bursts of 100,000, three times a day. While some people may not be frightened by the prospect of their toaster sending out spam, we should note that this implies a bigger problem.

Proofpoint was not the first entity to point out these security issues, as there have been reports dating back to 2009 of concerns with the ability to hack routers. However, Proofpoint is the first to show supporting evidence that these security breaches can, will, and have happened to appliances. So what is happening? First, these devices are mass produced without much antivirus software to protect against security breaches. Because the devices have internet connectivity, hackers are able to exploit some of the known software vulnerabilities of the devices and apps that are used to control them. By exploiting these vulnerabilities, these devices become spam-sending machines capable of conducting denial of service attacks used to steal usernames and passwords. Another problem is that hackers may gain the ability to control the functions of the devices. What’s even more frightening is that many consumers won’t even know their networks and devices have been compromised.

The reason these vulnerabilities have not been dealt with is the lack of security standards for these gadgets. Not only have companies not produced universal security standards, there has been no government intervention to set security standards. With technology changing so rapidly, government officials have not been able to keep up with the changes and pass laws accordingly. Until such time as these standards are created, either by companies or by the government, we’re on our own folks.

On the bright side, I’m sure companies don’t want their products to be responsible for spreading viruses and spamming people. For that reason, I believe companies will develop more robust antivirus software as smart appliances become more common. However, if you already have one of these devices, you may want to take some precautions to protect them. Some suggestions are to screen your internet connections and bar devices that aren’t email servers from being able to send email. Another suggestion is to encrypt your devices. While my mind is still completely blown by the commercial I saw, I think that’s where I’ll let my interest pique…for now.

—

Teerah Goodrum (@AisleNotes), is a graduate student at Howard University with a concentration in Public Administration and Public Policy.  Her time on Capitol Hill as a Science and Technology Legislative Assistant has given her insight into the tech community.  In her spare time she enjoys visiting her favorite city, Seattle, and playing fantasy football!

Featured image courtesy of [James Nash via Flickr]

Teerah Goodrum

Teerah Goodrum is a Graduate of Howard University with a Masters degree in Public Administration and Public Policy. Her time on Capitol Hill as a Science and Technology Legislative Assistant has given her insight into the tech community. In her spare time she enjoys visiting her favorite city, Seattle, and playing fantasy football. Contact Teerah at staff@LawStreetMedia.com.

The post Did Your Toaster Just Spam Me? appeared first on Law Street.