Tag Archives: New York Times

Real Mafia War Online; Could Crash the Global Internet

Last week econoTwist’s reported on what most likely was tha largest cyber attack on US banks, ever. Now, it turns out, that it was only the beginning of something much larger – and even more scarier – the largest computer attack in the history of the Internet. The biggest DDoS attack ever recorded is said to be  jamming crucial infrastructure all over the world and causing widespread congestion. But this has nothing to do with the Anonymous or other online activists – this is in fact the first full-blown real mafia war online we’ve ever seen. I’m afraid it won’t be the last.

“These guys are just mad.”

Patrick Gilmore

mafia-wars-wallpaper

According to BBC, five national cyber-police-forces are investigating the attacks. The attackers have used a well-known  tactic called “Distributed Denial of Service (DDoS),” which floods the intended target with large amounts of traffic in an attempt to render it unreachable. But they have also found a way to amplify the effect, creating a data-tsunami of 300 gigabyte per second – three times larger than any DDoS attack we’ve seen before.

The intended main target appears to be Spamhaus, a European organization that maintains a blacklist of ISPs that supposedly host “spam gangs” and who refuse to stop serving them as customers.

Spammers are – plain and simple – the marketeers of organized crime, making it possible for counterfeit products, medicine and illegal (child) pornography to reach potential customers worldwide. They are the “street pushers” of internet dope.

And the competition seems to have reached  a whole new level.

wp7As you can imagine, Spamhaus has no shortage of enemies, given its line of business. But most rumors point to the Dutch spammer CyberBunker who that prides in hosting anything –  except terrorist material and child pornography. Cyberbunker brags on its Web site that it has been a frequent target of law enforcement because of its “many controversial customers.” The company also claims that at one point it fended off a Dutch SWAT team“Dutch authorities and the police have made several attempts to enter the bunker by force,” the site says. “None of these attempts were successful.”

However, up until now these cyber cowboys have fought their internal battles mostly by blocking each others traffic. But this time the Dutch were really, really angry.

Sven Olaf Kamphuis, an Internet activist who claims he is a spokesman for the attackers, says in an online message to The New York Times that  Cyberbunker was retaliating against Spamhaus for “abusing their influence.” 

according to the NYT, they got help from Eastern European and Russian gangs.

“Nobody ever deputized Spamhaus to determine what goes and does not go on the Internet. They worked themselves into that position by pretending to fight spam,” Mr. Kamphuis says.

Spamhaus is pretty resilient, as its own network is distributed across many countries, but the attack was still enough to knock its site offline on March 18. A spokesman for Spamhaus says the attacks began on March 19, but have so far not stopped the group from distributing its blacklist.

Patrick Gilmore, chief architect at Akamai Technologies, confirms Spamhaus’s role as generator of Internet spammer lists.

Commenting on Cyberbunker, he says: “These guys are just mad. To be frank, they got caught. They think they should be allowed to spam.”

Mr. Gilmore also explains that the attacks consists of concentrate data streams that are larger than the Internet connections of entire countries.

He compares the technique to using a machine gun to spray an entire crowd when the intent is to kill one single person.

If you want to read what the involved parties have to say for themselves – here are some links:

Amplified Attack

What makes this case specially interesting (and disturbing) is that the cyber criminals seems to have found a way to amplify the attacks.

Professor Alan Woodward of the University of Surrey, one of the UK’s premier computer security experts, says that the attack “seems to be orders of magnitude larger than anything seen before,” and highlights the technique that’s been used.

“The thing that got people talking is that it’s a DNS amplification attack. The point is, if you’re targeting something and  the target has a 10 Gbps switch, you only have to throw 11 Gbps at it and you’ve pole-axed the system. If it is at 300 Gbps, then potentially some of the main infrastructure is being affected, though I’m not sure how much it’s really affecting it.”

The company that Spamhouse called for help, (Cloudflare), provides an even more detailed explanation:

“The largest source of attack traffic against Spamhaus came from DNS reflection… This method has become the source of the largest Layer 3 DDoS attacks we see (sometimes well exceeding 100Gbps). Open DNS resolvers are quickly becoming the scourge of the Internet and the size of these attacks will only continue to rise until all providers make a concerted effort to close them…”

“The basic technique of a DNS reflection attack is to send a request for a large DNS zone file with the source IP address spoofed to be the intended victim to a large number of open DNS resolvers. The resolvers then respond to the request, sending the large DNS zone answer to the intended victim. The attackers’ requests themselves are only a fraction of the size of the responses, meaning the attacker can effectively amplify their attack to many times the size of the bandwidth resources they themselves control.”

Exactly, How Dangerous?

Steve Linford, chief executive for Spamhaus, says that this kind of attack power would be strong enough to take down government internet infrastructure.

“If you aimed this at Downing Street they would be down instantly, They would be completely off the internet.”

“They are targeting every part of the internet infrastructure that they feel can be brought down,” Mr Linford says.

“There’s certainly possibility for some collateral damage to other services along the way, depending on what that infrastructure looks like,” says Dan Holden,  director of security research at Arbor Networks.

“If it was done really seriously in a wider attack, then it could affect many users. Trying to take down the whole internet is impractical, but you could start to decapitate sections of it,” Professor Alan Woodward says, according to gigaom.com.

medium_complicated_censoredSo, just to summarize:

  • We now have local police trawling Facebook in search of gang activity.
  • The FBI is busy chasing trolls who mocks them by hacking their computers.
  • Governments are making laws to forbid people from speaking their mind on their personal blogs.
  • Meanwhile, the really dangerous cyber criminals are experimenting with new cyber weapons with unimaginable destruction power. 

4 Comments

Filed under Laws and Regulations, Technology

Fabrice Tourre: The Last (Gold)Man Standing

While most Goldman Sachs employes are busy starting new hedge funds or preparing for new jobs, like central bank president or chief economist for a major European bank, Fabrice Tourre stands as the only Goldman banker to face a trail.  However, something strange happened recently, something that may spin the case in an unexpected direction.

“It’s impossible that only one person was involved with fraudulent activities in connection to the sales of these mortgage securities.”

G. Oliver Koppell

Yeah, yeah…we know that… The “Fabulous Fab” is just a trader who carried out the order of his superiors. An order that was very simple and impossible to misunderstand: “Make money!” It is, however, harder to figure out how a newspaper accidentally gets hold of a laptop, accidentally found in the trash, accidentally containing crucial evidence.

I won’t waste any time speculation about something I’m sure I’ll never find out.

But that seems to be the case at moment – the mysterious laptop, that is.

The New York Times published recently a long article about Fabrice Tourre, who as of now stands as the only Goldman Sachs employee charged individually in the firm’s CDO follies.

Tourre appears to be keen on fighting the civil charges in court, something that, according to US financial media, has caused a little bit nervousness amongst the top Goldman Sachs executives.

Many have suggested that Tourre in fact has little choice but to engage in a  scorched earth defense in an attempt to make it clear that many people are to blame for the scandal, besides himself.

Fingers have been pointing at his boss, Jonathon Egol, and questions raised on why he was not charged.

But the article in NYT is built new information that arrived in a reporters hands in a rather odd way.

The article explain that a New York filmmaker was  given a laptop by a friend who claimed it had been found in the trash.

Amazingly, it had many email to Fabrice Tourre on it. Including several emails from Egol that suggest he had a dire view of the market, one that Tourre didn’t necessarily share.

And even more amazing – the emails continues to stream in.

Based on those emails, the NYT concludes that Tourre’s legal team will focus on the fact that he was in fact a small player, and cannot alone be held accountable for the entire ABACUS fiasco.

According to Fierce Finance, it is likely that others will be drawn into the center stage.

Indeed, it would be remarkable  if Tourre alone is found guilty. That would mean that one single trader is capable of taking down the whole global economy!

The NYT  indicates that Tourre has been made a scapegoat, and that other Goldman executives should be charged.

One interview suggests that Tourre was targeted because he was prone to logorrhea, unlike his colleagues.

Anyway, he has hired a legal team that (also amazing) do not have ties to Goldman Sachs.

Everything is set for a very interesting case. But a case built on email is not necessarily a strong one.

“Perhaps, the SEC should make one final push to settle,” Fierce Finance writes.

!?….

Of course! Now, I get it….

Related articles:
Why Goldman should be hoping that SEC drops Fab case
Fabrice Tourre, a minor player in larger CDO drama

 

Related by the EconoTwist’s:

2 Comments

Filed under Laws and Regulations, National Economic Politics, Philosophy

The Cyber War: Complete Coverage

The International Monetary Fund, IMF, is the latest high-profile organization to become a victim of network intrusion by hackers. According to several media reports, the IMF has suffered a substantial security breach, of which the full extent is not yet known. Over the last few months, cyber attacks have increased in both frequency and severity. The group of cyber activists, Anonymous, are currently involved in 9000 attacks on governments and corporations around the world. Check out the stunning details.

“You still have the power to stand up for good. Do NOT come between us and our freedom. You have been warned.”

The Anonymous

According to The New York Times, quoting an unnamed official, the IMF intrusion is a “very major” one, and has been going on for several months. The actual dimensions of the attack are still unknown. The IMF says that the Fund is “fully functional” and that the organization is investigating the incident. Sony, Citibank, Acer, Epsilon, RSA, NASA, Lockheed Martin – even Al-Qaeda and the FBI – everyone seems to get hacked these days!

The IMF declined to say who might be behind the intrusion, NYT reports.

A Bloomberg story, however, cited an unidentified security expert as saying that the attackers were believed to be connected to an unspecified foreign government and that e-mails and other documents had been taken.

Dealing with the global financial crises, international trade and other monetary matters, the IMF is privy to sensitive economic information regarding a number of countries data that could be extremely valuable to investors and of great interest to governments.

The organization has also been criticized for its policies and accused of being  responsible for crises.

The breach is the latest in a series of headline grabbing hacks that have involved the likes of computer security company RSA, several U.S. military contractors, search giant and Web-based e-mail purveyor Google, and Sony entertainment behemoth.

Shutting Down The World Bank

Cyberespionage and cyber warfare have been making headline news consistently for quite some time.

Bloomberg quotes a memo to IMF employees by the organization’s chief information officer, warning the staff to be vigilant:

“Last week we detected some suspicious file transfers, and the subsequent investigation established that a Fund desktop computer had been compromised and used to access some Fund systems. At this point, we have no reason to believe that any personal information was sought for fraud purposes.”

The memo also says that the IMF’s network connection to the World Bank (which is headquartered across the street from the Fund) have been shut down “as a precautionary measure.”

An earlier memo to employees has warned the IMF staff of phishing attacks, saying:

 “Staff is strongly requested NOT TO OPEN emails and video links without authenticating the source.”

Bloomberg writes that the recent network breach is not associated with the group Anonymous, which had earlier threatened an attack on the Fund in association with IMF activities involving the economically hobbled country of Greece.

On Saturday, law enforcement officials in Spain said they had arrested several members of Anonymous in connection with attacks on entertainment giant Sony, as well as on governments and financial institutions.

Hackers Go Wild

A wave of cyber attacks has left corporations and government organizations in a state of shock and confusion.

The Hacker News reports that they have received a message from the hacking group, Pakistan Cyber Army – PCA – claiming the group has hacked Acer Europe’s server and stolen sensitive information.

THN have posted a screenshot of the data reportedly collected, which included the personal information of 40,000 customers, including their names, addresses, phone numbers, e-mail addresses, and the names of products they had purchased.

According to The Hacker News, the PCA plans to release more data within the next 24 hours, and will follow that up with a press release discussing its reasons for hacking Acer’s Europe division.

Acer did not immediately respond to a request for comment, CNET.com reports.

The Anonymous, which made headlines last year by hacking financial institutions and other sites in defense of WikiLeaks founder Julian Assange, recently made public more than 10,000 e-mails it stole from Iran’s Ministry of Foreign Affairs.

According to the International Business Times, quote  a source who have viewed the documents, most of the files are passports and visas, relate to an “oil meeting.”

NATO Gets a Warning

The organization has also launched a new operation it’s calling Op NATO Black Fax/E-mail Bomb.

Users can surf to the OpNATO page and send a free prewritten fax to the North Atlantic Treaty Organization in defense of Anonymous. The organization has posted a list of fax numbers to the page, and has asked supporters to send “as many [faxes] as you can” to those numbers.

“It has come to our attention that you have classified Anonymous a ‘potential threat to the security of [your] member states,’ and that you seek retaliation against us,” reads the letter to NATO, which is made up of the U.S., Canada, and the U.K., among other countries. Anonymous goes on to ask the member nations to “retaliate against us in any manner you choose.” However, even if some of its members are jailed, the letter reads, the nations will find “that Anonymous continues to live on.”

Anonymous’ letter ends with the following threat:

“Think carefully before you continue from here,” the letter reads. “You still have the power to stand up for good. Do NOT come between us and our freedom. You have been warned.”

But there seems to be many busy hacking groups at the moment:

Earlier Sunday, a hacker known as “pr0f” posted the e-mails and passwords of more than a hundred United Arab Emirates government employees.

However, the hacker said the list was “historic” and that the e-mail passwords were not current.

Even British intelligence officials have gotten into the mix.

Hacking With Humor

According to a Daily Telegraph report yesterday, the British intelligence organization, MI6, hacked into an al-Qaeda online magazine recently and replaced a recipe on bomb-making with a recipes on making “The Best Cupcakes in America.”

The latest string of hacks started in earnest in April when hackers launched a sophisticated attack against Sony’s PlayStation Network and Qriocity services. The hackers also breached Sony Online Entertainment.

After discovering the breach, Sony was forced to take the services down.

The company reported that the personal information of more than 100 million users had been exposed.

Sony reassured users at the time that credit card data was encrypted. It has also said no identity theft has been reported because of the breach.

So far, Sony hasn’t been able to pinpoint who overcame its defenses, but the company did find a file named “Anonymous” on its servers. The file contained part of the hacking organization’s slogan: “We are legion.”

The Anonymous says it is not responsible for the Sony attack. It did acknowledge, however, that some of its members might have acted independently to hack Sony.

Though Sony might have hoped it was out of the woods following the PlayStation Network breach, the company still faces attacks from hackers.

Yesterday, a hacking organization called LulzSec posted links on its Twitter account to data it had stolen from Sony’s internal networks, as well as from the networks of Sony Pictures, Sony Music Belgium, and Sony Music Netherlands.

“We recently broke into SonyPictures.com and compromised over 1 million users’ personal information, including passwords, e-mail addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts,” LulzSec wrote on Pastebin, the site where it posted some data. “Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 ‘music codes’ and 3.5 million ‘music coupons.’ “

The group claimed the data was not encrypted and had been left for the taking. Sony confirmed the attack this evening, saying it had contacted the FBI in an effort to track down the individuals who posted the data.

LulzSec’s attack on Sony was the second major hack the organization engaged in over the past week. This past weekend, the group showed off its hacking ability by engaging in what it called a “fun battle” with the Public Broadcasting Service.

LulzSec also posted a fake news story on the PBS site, saying that musical artist Tupac was still alive, and reportedly published log-in data for the PBS workforce.

The hack was a response to an airing of a PBS “Frontline” episode called “WikiSecrets” that presented WikiLeaks in a somewhat unfavorable light.

The LulzSec hack followed a statement earlier this week from Google claiming it had “detected and disrupted” a phishing attack that attempted to give the hackers access to hundreds of Gmail accounts belonging to senior U.S. government officials.

Google said it believed the attacks originated from Jinan, China, but stopped short of blaming the Chinese government.

The US government has denied that state-run e-mail accounts were hacked, but it has launched an investigation into the possibility of officials’ Gmail accounts being targeted.

“Speaking on behalf of the US government, we’re looking into these reports and seeking to gather the facts,” Caitlin Hayden, deputy spokesperson for the National Security Council, said in a statement to CNET yesterday.

“We have no reason to believe that any official US government e-mail accounts were accessed.”

Now, that’s waving a red flag in front of a raging bull.

Complete Coverage

Thanks to The Hackers News – who has been reporting on most incidents lately – here’s the list of registered highlights between April and June 2011 :

  • Sony Online Entertainment announce that it has lost 12 700 customer credit cards as a result of an attack, and about 24,6 million accounts may have been breached. LINK
  • The Anonymous performs Operation Iran, attacking the governmental websites responsible for oppressing the freedom of speech, information or ideas. LINK
  • The information and review site on high-speed internet, DSLReport.com, gets hit with a blind SQL injection attack, resulting in a compromise of at least 9000 accounts. LINK
  • Hackers gain access to famous pop star Lady Gaga’s Twitter account and began posting spam messages. LINK
  • The social network site Buddie.me gets hacked, about 15 809 emails/passwords published on the net. LINK
  • Pakistan Cyber Army – PCA – hacks into the Indian railway’s email system and downloads all confidential material, including email addresses and matching passwords. LINK
  • A 26-year-old hacker is charged with 13 cases of felony after hacking into Facebook accounts, stealing photos of young women and posting them on porn sites. LINK
  • A Turkish hackers group hacks the website of Cyberhackers.org. LINK
  • Indian hackers/codebreakers breaks into the servers of Pakistan Air Force. LINK
  • An employee claiming illegitimate firing claims he was able to break into, and take down, a 200 megawatt wind turbine system owned by NextEra Energy Resources. LINK
  • Media reports of growing threat to Western governments and corporations as they are under attack from hackers based in China. LINK
  • The European Space Agency – ESA – gets hacked by someone called TinKode. LINK
  • The server’s of the world’s largest blog community WordPress.com gets hacked. LINK
  • Epsilon’s Customer Lists of major Brands gets compromised. LINK
  • Hackers manage to infiltrate one of the world’s top computer-security companies, RSA. The company has about 40 million users/customers. LINK
  • A Pakistani hacker called KhantastiC hacks into the website thehackersparadise.com and adds his own page. LINK
  • The official website of the President of Pakistan gets hacked. LINK
  • The database of Spanish Escuela Universitaria Diseno gets hacked and dumped on the file sharing site rapidshare.com. LINK
  • An Indian hacker called Lionaneesh hacks and exposes the aviation website Planespotters.net. LINK
  • A Turkish hacker called OldChildz hacks the web portal of several famous Israeli companies. LINK
  • The British Cambridge Networks gets hacked by the Pakistani hacker Shak. LINK
  • An Indian hacking crew claims to have broken into 253 different websites. LINK
  • The website of The Film and Publication Board – FPB – gets hacked by someone called Dr.KroOoz. LINK
  • An Indian hacker called Angel 4k4 4d0r4b13 hacks the Pakistani railway’s database. LINK
  • The Oak Ridge National Laboratory gets hacked. LINK
  • A hacker called The 077 breaks into 20 websites run by the Chinese government. LINK
  • The website of CEH – Centennial Media Training – gets hacked. LINK
  • 70 Indian websites gets hacked by Shadow008 who is a part of the Pakistani Cyber Army. LINK
  • All websites run by the Security Firm & News Company is breached by Indian hacker called I33t Haxors. LINK
  • Hackers break into The Hartford insurance company and install password-stealing software on several of the company’s windows servers. LINK
  • Computer producer ACER gets hacked by Pakistan Cyber Army. LINK
  • The British intelligence service MI6 hacks an Al-Qaeda website and replace a bomb making recipe with a cupcake recipe. LINK
  • The hacker group Lulzsec hacks the systems of Infragard Atlanta Members Alliance, a FBI affiliate and blows their cover. LINK
  • The Anonymous leaks more than 10 000 emails, stolen from the Iranian government. LINK
  • Chinese hackers cracks hundreds of US and Asian Gmail accounts. LINK
  • The website of PBS.org gets hit by a zero-day exploit. LINK
  • The official website of the upcoming movie Ra One – gets hacked and the defaced. LINK
  • The network of Television Company GMA-7 – including Twitter and Facebook – gets hacked by someone called D4RKB1T. LINK
  • A 14 year old hacker gets hired by Microsoft after doing phishing via Call of Duty Server. LINK
  • Hackers break into the servers of Lockheed Martin networks and US defense contractors. LINK
  • PC game company Comodo gets hacked, resellers private data exposed. LINK
  • The Anonymous takes down the website of US Chamber of Commerce after the Chamber approved the new Protect IP Act. LINK
  • More than 200 Indian official websites are reported hacked by someone called XtReMiSt. LINK
  • Another report on stealing and selling credit card information says the use of hacking techniques is increasing. LINK
  • Facebook prepares to launch a so-called Bug Bounty Program. LINK
  • NASA Goddard Space Flight Center gets hacked – again – by the hacker called TinKode. LINK
  • Another Facebook scam are reported. LINK
  • The website of famous football star Ronaldinho gets hacked by Osama bin Laden supporters. LINK
  • The Information Security and Ethical Hacing Training organization, Appin, gets hacked – once again. LINK
  • The hacker group Lulzsec hacks and release ATM information. LINK
  • Official report questions the security of US institutions like Department of Defense, Pentagon, NASA and NSA. LINK
  • Pakistan Cyber Army gets hacked by the Indian Cyber Army, Indishell. LINK
  • The website of Indian TV Channel V hacked by someone called MaDnI, a member of Pakistan Cyber Army. LINK
  • The Anonymous’ IRC networks – irc.anonops.net and irc.anonops.ru – gets hacked. LINK
  • India’s leading IT companies TCS – Tata Consu;tancy Services – and Tech Mahindra reports security breaches. LINK
  • The database of contestants in the popular TV show, X Factor, gets hacked and published on the net – available for download. LINK
  • Pakistani news site, Paktribune.com, is hacked and more than 800 emails/passwords stolen. LINK
  • Credit card Company, CCAvenue, hacked. LINK
  • Citibank reports theft of 200 000 credit card accounts. LINK
  • The International Monetary Fund confirms a major security breach. LINK

Download The Hackers News Magazine here:

Issue June 2011 : Rar File | PDF file

Issue May 2011: RAR Format | PDF Format

 

Related by the Econotwist’s:

11 Comments

Filed under International Econnomic Politics, Laws and Regulations, Technology