RFE/RL: Do you think that groups like Anonymous or LulzSec are hacking with ethics in mind?
Archive for July, 2011
Cyber activists associated with Anonymous have issued an official communiqué in response to an ongoing international crackdown against the collective.
The communiqué also addresses recent statements made by deputy assistant FBI director Steve Chabinsky.
“We want to send a message that chaos on the Internet is unacceptable,” Chabinsky told NPR on July 20th.
“[Even if] hackers can be believed to have social causes, it’s entirely unacceptable to break into websites and commit unlawful acts.”
Anonymous countered Chabinsky’s statements by listing what it found unacceptable, beginning with “governments lying to their citizens and inducing fear and terror” to keep them in control by dismantling their freedom piece by piece.
The hacker group also singled out corporations “aiding and conspiring with said governments,” while simultaneously lobbying and collecting billions of funds for federal contracts they can’t fulfill.
“These governments and corporations are our enemy. And we will continue to fight them, with all methods we have at our disposal, and that certainly includes breaking into their websites and exposing their lies,” the group continued.
“We are not scared any more. Your threats to arrest us are meaningless to us [because] you cannot arrest an idea. Any attempt to do so will make your citizens more angry until they will roar in one gigantic choir. It is our mission to help these people and there is nothing – absolutely nothing – you can possibly do to make us stop.”
Anonymous also noted that the Internet has always been the Wild Wild West, with the government exercising limited control over the digital frontier.
“[Still], that does not mean that everyone behaves like an outlaw. You see, most people do not behave like bandits if they have no reason to.
“We become bandits on the Internet because you have forced our hand. The Anonymous bitchslap rings through your ears like hacktivism movements of the 90s. We’re back – and we’re not going anywhere. Expect us.”
Hacker collectives LulzSec and Anonymous have sent a new message to the U.S. FBI after the law enforcement agency promised to increase the ferocity of its campaign against hacking.
The statement was directed at the comments made by FBI director Steve Chabinsky to NPR.
The comment: “We want to send a message that chaos on the Internet is unacceptable, [even if] hackers can be believed to have social causes, it’s entirely unacceptable to break into websites and commit unlawful acts,” was singled out in the two groups’ joint statement.
Responding to the comment, the joint LulzSec and Anonymous statement wrote: “Now let us be clear here, Mr. Chabinsky, while we understand that you and your colleagues may find breaking into websites unacceptable, let us tell you what WE find unacceptable.”
The statement went on to post three bullet points highlighting key practices the two hacktivists could not abide:
“Governments lying to their citizens and inducing fear and terror to keep them in control by dismantling their freedom piece by piece.
“Corporations aiding and conspiring with said governments while taking advantage at the same time by collecting billions of funds for federal contracts we all know they can’t fulfil.
“Lobby conglomerates who only follow their agenda to push the profits higher, while at the same time being deeply involved in governments around the world with the only goal to infiltrate and corrupt them enough so the status quo will never change.”
The three bullet points mirror those contained in Anonymous previous Operation Anti-Security — commonly referred to as AntiSec — campaign’s mission statement.
The campaign has already seen the two collectives mount ongoing assaults against numerous companies and governments. These include regular assaults on websites owned by the Turkish Government, a new ongoing campaign against oil companies damaging the American Heartland’s forests and numerous hacks on several big-name U.S. military contractors.
Departing from the groups usual policy of referring to its members as pirates or ninjas, the statement went on to refer to its members as modern day “outlaws”.
The point was addressed to Chabinsky’s comment: “The Internet has become so important to so many people that we have to ensure that the World Wide Web does not become the Wild Wild West.”
In response the group wrote: “Let me ask you, good sir, when was the Internet not the Wild Wild West? Do you really believe you were in control of it at any point? You were not.
“That does not mean that everyone behaves like an outlaw. You see, most people do not behave like bandits if they have no reason to. We become bandits.”
Anonymous followed the statement with a tweet linking to a video showing a law professor explaining why an individual should never voluntarily agree to be interviewed by the police.
The statement comes just after the U.S., U.K. and Dutch law enforcement agencies reported the arrest of as many as 20 suspected Anonymous members. The FBI accounted for 16 of these and has confiscated the computers of several other individuals for “further investigation.”
A leaked government report has revealed that police servers were only protected by cheap software, making a recent hack on databases much easier. Police were forced to shut down several servers with data on serious criminals.
This month’s attack on police servers by the “No Name Crew” hackers had much more serious consequences than previously thought, according to a report in news magazine Focus.
According to the magazine, the government’s newly founded cyber-defence department, the Federal Office for Information Security (BSI) reported internally on Friday that every single server of the police’s spy programme “Patras” had been infiltrated by hackers.
Patras is used to locate serious criminals and terrorist suspects by gathering information from GPS systems in cars and mobile phones. It is used by both state and federal police forces, as well as Germany’s customs officers.
Following the cyber-attack, which took place earlier this month, all of the relevant servers had to be shut down to prevent more data being stolen.
According to the internal BSI report to the German interior ministry, the “No Name Crew” even hacked the central database of the federal police, in Swisstal-Heimerzheim in North Rhine-Westphalia.
This could lead to hundreds of confidential police investigations appearing on the internet. “That is pretty much the worst thing that could happen,” an anonymous security officer told Focus.
The report said the hack came about because the police did not adequately protect its servers, using what was described as “cheap protection software.” It also said that “fundamental security measures” such as “dealing with passwords” had been ignored.
The No Name Crew had previously hacked the servers of the far-right National Democratic Party and published sensitive information including a list of its donors.
Hacking group claims to have 4GB of emails taken from an alleged hack on servers at the Sun, but won’t make them public for fear of jeopardising ongoing legal actions
The Lulzsec hacking group, which this week claimed to have obtained 4GB of emails taken from the Sun’s servers, has decided not to publish them for fear of jeopardising ongoing legal actions in the UK and US.
However, an expert in email security procedures has warned the Guardian that the hack itself could undermine ongoing legal cases.
In a tweet sent from the @anonymousIRC account, which has 124,000 followers, a spokesman for the group said: “We think, actually we may not release emails from the Sun, simply because it may compromise the court case.”
This may not be enough to prevent News Corporation, parent company of Sun publisher News International, challenging the admissibility of email evidence in future court cases, according to one information security professional.
“Post-Enron, new US laws were passed requiring all corporations to keep immutable email archives for legal compliance purposes. These are often provided by independent third parties,” he said.
“Depending on whether Lulzsec got their material from this archive, rather than an old News International server, it’s possible News Corporation will be able to argue their email archive can’t be trusted in court as it’s been compromised.”
The claimed email cache is said to have been obtained after a hacking attack against News International on Tuesday night during which members of LulzSec apparently broke into computer systems there and redirected readers of the Sun’s website to a faked page claiming News Corp chief executive Rupert Murdoch had been found dead.
Different members of the wider Anonymous hacking collective claimed the emails were taken from a seperate hack of News International’s offsite backup centre in India. Establishing from exactly which server – if any – emails were obtained could prove crucial to keeping email admissable in a future court case.
Some accounts belonging to Anonymous also began tweeting email addresses and passwords for staff at News International, including what seemed to be an email account and password for Rebekah Brooks under her previous married name of Wade while at the Sun.
The password appeared to be valid based on the contents of the tweet, which included the encrypted form of the password.
News International reacted by closing down all external access to its webmail systems and forcing users to reset their passwords.
The company declined to comment at the time on whether the hackers might have had external access to email accounts, but the fact that it shut down the access suggests that it feared they might.
Equally, the hackers almost certainly would not have begun tweeting details of their find without having first exploited it.
Contacts within Anonymous have told Guardian journalists that News International’s email systems were being probed last week and that downloads were being made then.
Lulzsec said they would now seek to release extracts of the emails they collected through media outlets.
“We’re currently working with certain media outlets who have been granted exclusive access to some of the News of the World emails we have,” said a tweet from the official @Lulzsec feed.
The notorious LulzSec hacking outfit is preparing to release a batch of emails stolen from the accounts of News International journalists after breaking into the company’s computer network.
LulzSec surprised everyone on Monday when it suddenly came out of retirement with a defacement The Sun’s website.
The hacking group also claimed that it obtained access to the email accounts of several journalists, including News International’s former CEO Rebekah Brooks.
Sabu, one of LulzSec’s members, said at the time that the group planned to dump the emails on the Internet the following day and called onto journalists to sift through them and expose the dirt.
However, it seems the group has since changed its mind and opted for an approach similar to the one used by WikiLeaks.
“We’re currently working with certain media outlets who have been granted exclusive access to some of the News of the World emails we have,” LulzSec announced on Twitter hours ago.
It remains to be seen if the emails, if released, will expose more unethical behavior inside News International. They won’t probably reveal anything new about the News of the World phone hacking scandal, but plenty of questionable things are to be expected in any company’s internal email.
Meanwhile, LulzSec seems to be back in full force. According to Sabu, News International emails are not the only data the group has in its possession. “We are working on: 4GB of Sun mails, SCADA, Royal Family dumps, Federal Contractors (4), Foreign banks (2) and others. Busy, busy, busy,” he said.
The outfit’s members remain as cocky as ever. In an open letter published today together with Anonymous, the group says there’s nothing law enforcement agencies can do to stop them or their movement.
LulzSec has abandoned plans to release a cache of News International emails it claimed to have acquired during a redirection attack on The Sun website earlier this week. Instead the group says it plans to release select batches of the emails via a “partnership” with select media outlets, an approach akin to that applied by WikiLeaks to its controversial US diplomatic cable and war log releases last year.
The activist collective returned to action after disbanding last month in order to launch an attack on the Murdoch empire that resulted in surfers visiting The Sun being redirected towards a fake story on the supposed death of media mogul Rupert Murdoch. The group repeatedly said it had also extracted email archives during this hack, but uncharacteristically delayed their release. This distinguishes the hack from earlier Anonymous hacks on HBGary and ACS:Law, where email archives were uploaded by the hacktivists around the same time as the websites were defaced.
Sabu, a prominent affiliate of LulzSec, has repeatedly said the promised dump of emails from News International was imminent, most recently in a series of Twitter updates (here and here) on Thursday lunchtime, which claimed the group was sitting on an 4GB archive.
However, minutes later, Anonymous – the hacktivist organisation that re-absorded LulzSec after the latter group disbanded earlier this month – said it had abandoned plans to release these emails. “We think, actually we may not release emails from The Sun, simply because it may compromise the court case,” it said.
LulzSec later said that it planned to release select extracts of the email batch via selected media outlets. “We’re currently working with certain media outlets who have been granted exclusive access to some of the News of the World emails we have,” it said.
The names of the “media outlets” concerned have yet to be revealed. Any mainstream media outlet that published the information may have some ethical qualms about dealing with the anarchic hacking collective, whose previous targets have most controversially included the Arizona Police Department and SOCA, the UK policing agency.
Neither LulzSec or Anonymous, whose stock in trade has been denial of service attacks and information extraction against numerous targeted organisations, has shown any respect for legal niceties or possible collateral damage from its releases before.
Thus far, LulzSec has only posted email hashes of a small number of NI workers, along with the supposed email password of Rebekah Brooks dating from the time she edited The Sun.
News International responded to the attack by suspending access to its webmail and remote access systems and applying a forced password reset.
In what initially appeared as an attempt to divert attention away from the topic of the NI international hack, Anonymous posted various low-value NATO documents.
The “NATO Restricted” documents posted may sound impressive but this is in fact the lowest possible level of protective marking/classification.
“We are sitting on about one Gigabyte of data from NATO now, most of which we cannot publish as it would be irresponsible,” the group said.
Thursday morning the notorious Internet hacktivist collective known as Anonymous announced via Twitter successfully hacking into NATO’s online security, and in so doing obtaining a vast amount of restricted information.
Anonymous reports they managed to obtain a gigabyte of restricted information from NATO (North Atlantic Treaty Organisation). However, they have only published a tiny fraction of the information, claiming it would be “irresponsible” to publish much of the sensitive and restricted information.
In response to news of the online security breach, NATO announced they are beginning a full scale investigation:
NATO security experts are investigating these claims. We strongly condemn any leak of classified documents, which can potentially endanger the security of NATO allies, armed forces and citizens.
Welcome to Operation Anti-Security (#AntiSec) – we encourage any vessel, large or small, to open fire on any government or agency that crosses their path. To increase efforts, we are now teaming up with the Anonymous collective and all affiliated battleships.
Top priority is to steal and leak any classified government information, including email spools and documentation. Prime targets are banks and other high-ranking establishments. If they try to censor our progress, we will obliterate the censor with cannonfire anointed with lizard blood.
In June, The Tech Herald reported on information given to us by Ryan Cleary shortly before his arrest. The story centered on an AT&T insider who handed sensitive information and a bootable USB disk over to Anonymous. On Tuesday, the FBI arrested an AT&T employee connected to the leak, during a nationwide sweep targeting Anonymous.
An indictment unsealed in the District of New Jersey charges Lance Moore, 21, of Las Cruces, N.M., with the alleged theft of confidential business information stored on AT&T’s servers. The indictment goes on to mention that he uploaded the information to a public file hosting service, which The Tech Herald can confirm to be fileape.com.
The public first learned of the AT&T files from a Torrent release by LulzSec. The documents were included in the group’s final release before they disappeared from the public eye. The release also marked the second major data leak under the AntiSec movement, which has targeted both government and private sector organizations since its founding. In addition to documents, the insider leak also included a bootable USB drive used by AT&T.
In May, while interviewing Cleary for a separate story, he bragged about the AT&T leak, and the fact an insider delivered the information and software to Anonymous. “…an employee of AT&T gave us loads of shit…,” he said.
Cleary’s comments were confirmed by two additional sources. One of them, a person linked to LulzSec itself, and the other an associate of Anonymous familiar with the data. On Tuesday, these two additional sources were raided and arrested, as law enforcement in the U.S., U.K., and the Netherlands, coordinated in sweeps against Anonymous.
At the time of the original story, AT&T had no comment on the data leak. Phone calls and emails seeking comments on the arrest have not been returned.
As mentioned previously, the leaked documents include more than 60,000 phone numbers, each one linked to an iPhone 3G, 3GS, or iPhone 4. Each of them was assigned to IBM employee at one point. The leaked data also included server names and IP addresses, with a corresponding username and password, for both development and production usage on AT&T’s internal network.
Moreover, other leaked documents, such as the various meeting notes, emails, AT&T’s 4G/LTE testing data, internal presentations, and a random assortment of technical documentation, were included in the data delivered to Anonymous and the public as a whole.
At the time our story first ran, we highlighted the risks that insiders can pose. Given all of the information in the AT&T files, and the fact they are in the public domain, there is plenty of detail to launch a targeted Phishing attack. Such attacks have been linked to security incidents targeting government contractors as well as Fortune 100 and 500 companies.
According to the New Jersey complaint, Moore used his access as a customer support contractor to access all of the information he is charged with leaking. When he uploaded the files, only a select few had access to it. Then just over a month later, they were released by LulzSec.
More details on the nationwide sweep by the FBI can be seen here.
Note: For those who want to read the court documents related to the FBI raids, redacted copies are published on publicintelligence.net
If the charges prove correct, Moore faces 10 years in prison and a $250,000 USD fine for his actions.
The federal government plans to shut 40 percent of its computer centers over the next four years to reduce its hefty technology budget and modernize the way it uses computers to manage data and provide services to citizens.
Computer centers typically do not employ many people to tend the machines, but analysts estimate that tens of thousands of jobs will most likely be eliminated.
The federal government is the largest buyer of information technology in the world, spending about $80 billion a year. The Obama administration, in plans detailed Wednesday, is taking aim at some of that by closing 800 of its sprawling collection of 2,000 data centers. The savings, analysts say, will translate into billions of dollars a year and acres of freed-up real estate.
The government is following the lead of private business. For years, companies have been using software that shares computing tasks across several machines in a data center. The task-juggling technology enables computers to run at far higher levels of efficiency and utilization than in the past, doing more computing chores with fewer computers and fewer data centers.
In an interview, Vivek Kundra, chief information officer for the federal government, explained that the data center consolidation was part of a broader strategy to embrace more efficient, Internet-era computing. In particular, the government is shifting to cloud computing, in which users use online applications like e-mail remotely, over the Internet. These cloud services can be provided by the government to many agencies or by outside technology companies.
Tapping cloud computing services, Mr. Kundra said, could save the government an additional $5 billion a year, reducing the need for individual government agencies to buy their own software and hardware.
Shawn McCarthy, an analyst at IDC, a research firm, said, “The data consolidation is really part of a much larger reworking of information technology by the government. You start with the technology plumbing, but the goal is more responsive and efficient government services.”
This week’s announcement, analysts say, is a significant step along that path, naming 178 data centers to be closed in 2012. It is the second step in the program. In April, 137 computer centers were singled out to be shut down by the end of this year.
But government officials say the federal agencies are moving faster than the initial plans, with a total of 195 closings now scheduled by the end of 2011. That would help lift the total to 373 data centers by the end of 2012.
The government, though late in starting, is on track for a particularly aggressive winnowing of its data centers, encouraged by the need for budgetary belt-tightening. “It is ambitious,” said Darrell M. West, an expert in government and technology policy at the Brookings Institution. “In an era of massive deficits, the federal government has to figure out ways to get more efficient. The data center consolidation is part of that process.”
The cost savings simply from running fewer data centers is estimated at more than $3 billion a year. There is an environmental impact too, since data centers are power-hungry. By one estimate, an average data center consumes the energy equivalent of 200 residential homes.
The data centers to be shut down are varied in size. One facility run by the Department of Homeland Security in Alabama covers 195,000 square feet, the size of more than three football fields. But some of the data centers to be eliminated are less than 1,000 square feet in size.
The total opportunity for savings is so large, Mr. Kundra explained, because for years each government agency tended to buy and build its own technology systems. Across the federal government, he noted, hundreds of different software programs are used for financial accounting and hundreds of different ones for human resources management. The population of federal data centers swelled from 432 in 1998 to more than 2,000 by last year.
“Redundant systems and applications sprouted like weeds,” Mr. Kundra said. “We need to shift resources away from duplicative systems and use them to improve the citizen experience.”
More and more services will go online, said Mr. Kundra, so the focus should be less on overall technology spending by government than on using technology more efficiently to deliver government services, especially collecting and presenting data in useful ways.
As one example, he pointed to the Web site Healthcare.gov. It enables people to compare health insurance coverage and pricing options offered by private companies and the government, and to compare quality scores for hospitals and nursing homes, based on government data.
The shift to modernized computer services has already started. For example, nearly 140,000 employees at the General Services Administration and Department of Agriculture have moved to cloud-based e-mail, Mr. Kundra said, saving about $42 million a year. Google provides the cloud e-mail for the G.S.A, while a Microsoft cloud service is used by the Agriculture Department.
Mr. Kundra declined to estimate the job impact of eliminating hundreds of data centers. The closings are determined by technology managers in the federal agencies. Data centers are not huge employers, as military bases are, for example. Yet even in the first wave of closings, Mr. Kundra said, “We have had some pushback from members of Congress, but tough decisions have to be made.”
None so far, he said, have been reversed.