Cyber crime fighters September 26, 2008Posted by cyberpatrol in cybercrime.
Tags: Anonymous, cybercrime
add a comment
In the spring of 2007, the government of Estonia, a small independent Baltic state and former Soviet republic, made the decision to remove a Soviet war memorial from the city of Tallinn. The Russian government expressed its disapproval of the action.
Shortly thereafter, Estonia’s national IT network was subject to a cyber attack so intense and prolonged that it impacted the government’s ability to function. Web sites and servers of banks, broadcasters, newspapers and telecoms were also assaulted. The situation was so dire, that – after three weeks – NATO experts were called in to help.
While this type of cyber warfare is the extreme of cyber crime, there is no doubt that as people, business and the public sector have increased their online presence, so have criminals.
Over a year ago, Mourad Debbabi (Concordia Institute for Information Systems Engineering and Concordia University Research Chair Tier I in Information Systems Security) was invited to a meeting that included Canadian law enforcement officials, as well representatives of the banking, telecommunications, financial and public sectors.
“I was the only academic present,” he said.
The purpose of the meeting was to develop a national organisation to fight cyber crime. One of the speakers, an agent from the FBI, described a relatively new organization in the US called the National Cyber Forensics Training Alliance (NCFTA).
The NCFTA is neutral collaborative venue where critical confidential information about cyber incidents can be shared discreetly among industry, academia and law enforcement. The Alliance facilitates advanced training, promotes security awareness to reduce cyber-vulnerability, and conducts research in cyber forensics.
At the end of the meeting, participants asked themselves if such an organization was required in Canada.
“The answer was a resounding, unanimous yes,” said Debbabi.
NCFTA Canada was formally launched in July 2008 with Concordia as its primary host. While the legalities of the collaborative effort are still in negotiation among the partners – which include Bell Canada, the Competition Bureau of Canada, Rogers Communications, and Microsoft Canada – technical operations are starting this fall.
Debbabi, whose research focuses on cyber forensics, explained that the mandate of the organization is quite broad.
“Cyber crime includes any criminal activity where computers or computer systems are either the tool or the target – child porn and exploitation, identity theft, hacking, fraud, and any kind illegal digital transaction.”
Partners will target reductions in and improved defense against activities such as SPAMming, phishing and denial of service attacks like those launched against organizations such as the Church of Scientology earlier this year.
Debbabi underlined that these types of attacks account for billions of lost dollars and uncountable hours of lost productivity each year.
He is currently serving as NCFTA Canada’s Vice-President and a member of the Board of Directors, where his role is to, “ oversee establishment of the organization, its operation and management, and student and research project supervision.”
He is pleased Concordia was chosen as the host institution because, “we have the largest concentration of researchers focused on IT Security and cyber forensics in Canada.”
CIISE offers a master’s degree in the area, which currently has more than 150 students.
Debbabi believes the partnership created through NCTFA will expand students’ access to real world training opportunities and industry’s access to emerging means of dealing with threats.
“As a researcher, I know when I give a forensic toolkit to cyber investigators for testing and evaluation, I will receive significant feedback which will help in the development of better tools. NCFTA Canada is really all about increasing our efficiency at fighting cyber crime. Alone, none of us can achieve much, together we are very much better.”
Jeremie Dalin: Teen convicted after threat August 22, 2008Posted by cyberpatrol in 4chan.org, Anonymous, cybercrime, cyberterrorism.
Tags: cybercrime, cyberterrorism, jeremie dalin
add a comment
A teen convicted of falsely making a terrorist threat against Stevenson High School will serve 24 months of probation and must meet other conditions of his sentencing.
Jeremie Dalin, 17, of the 200 block of Bridle Path, Fox River Grove, was sentenced Aug. 15 in Lake County Circuit Court by Judge Christopher Stride. (more)
Barrington-Courier Review: Teen on probation after posting threats online
Buffalo Grove Countryside: Teen put on probation for posting threatening messages online
Cary Grove Countryside : Teen put on probation for posting threatening messages online
Tags: 4chan, Anonymous, cybercrime, Hacking
The story of the 4chan hack against SOHH.com and others.
In the early hours of June 27, 2008, two very popular Hip-Hop musical websites were attacked by individuals calling themselves “Anonymous”. MTV News reported that: “Both companies’ sites were hacked, and instead of the usual hip-hop related news articles and feature stories, readers were shocked to find fake headlines and obviously photoshopped pictures saturated with racial slurs and other offensive terms; the hackers also stole personal information about employees of SOHH.com. A group or individual going by the name “Anonymous” has claimed responsibility.”
The CEO of SOHH.com, one of the attacked sites with over 1.5 million visitors per month, issued a statement, saying:
“It appears that hackers are specifically targeting Black, Hispanic, Asian and Jewish youth who ascribe to hip-hop culture. … Other websites, including AllHipHop and DatPiff forums have also been compromised or threatened this week. … Also, as this is an international issue, it is being addressed by the FBI and the Strategic Alliance Cyber Crime Working Group.”
The sites were defaced with Nazi symbols and targeted the Black community whose members regularly frequent the site for news.
Fake headlines (“JEWS DID 9/11 – Enjoy This White Wimmens, N*gger”)
Fake headlines (“DEAD BEAT NIGRA ORDERED TO PAY 40K IN NIGLET SUPPORT) and racist pictures.
Racist comments and pictures
Early research found that the attack had been planned and promoted on 411chan.org where a “Call to Arms” was published on 411chan.org on 23 June 2008:
(nao : slang for now. irc: Internet Relay Chat. A real-time communication system on the internet used for chatting or live coordination of events).
The call for support was posted on a website called 411chan.org, a meeting place of the internet group “Anonymous” especially targeting Black people and minorities.
The systems of SOHH.com were damaged sufficiently to leave the site inaccessible for a week. Also the other attacked sites stayed partially disconnected from the internet.
EncyclopediaDramatica.com, a primary site of Anonymous chronicling the online activities of internet hackers on 4chan.org and 411chan.org, announced on 30 June 2008 that they will continue their “fight against niggers”:
“SOHH.com is a place for gay wiggers [slang: wanna-be niggers] to talk about cRap music using their native tounge of nigger language. Sohh.com is one of the highest-ranked online hip-Hop communities ….
“However, Anonymous has no regard for one’s material gains or how “nannified” a racial demographic is — Anonymous only exists to destroy. That lesson has been made abundantly clear to SOHH.com. …
“As SOHH is down, the leader of the Pro-Nigger Faction started a secondary ‘instead-of-SOHH’ site … The registrations are currently closed, but many of our soldiers managed to get in before the closing. As a result of this, there are currently operations underway to make sure this site does not achieve any sort of prosperity.” (Source: http://encyclopediadramatica.com/SOHH)
(What Anonymous thinks of Black people. Source: http://www.encyclopediadramatice.com/Nigga)
Atheists’ MySpace page restored after hacking incident February 8, 2008Posted by cyberpatrol in cybercrime, myspace.
Tags: cybercrime, myspace
add a comment
The “Atheist and Agnostic Group” MySpace page has been reactivated, a month after the page was deleted following a November 2007 hacking incident where unauthorised users renamed it “Jesus is Love.”
The incident is the second reported high profile cyberattack in recent months on a religion-oriented webpage. Last month, the Church of Scientology’s website experienced disruptions after it was threatened by a hacker group.
Bryan Pesta, a Cleveland State University assistant professor and the atheist group’s founder, told the Cleveland Plain Dealer last week that his 35,000-member webpage had been shut down twice by the social networking site since its 2004 founding.
More than 830 MySpace members have signed an online petition calling for the page to be reestablished and protected by the networking site, which is owned by international media conglomerate News Corp.
A MySpace spokeswoman confirmed Wednesday that the site was accidentally deleted in January, but restored this month following its November 2007 defacement by a hacker.
The restored page on Wednesday carried a statement thanking MySpace for reinstating the group.
The page also linked to a petition seeking an agreement “with MySpace to ensure that groups attacked by hackers, phishers, spammers and pinheads can be fixed quickly and effectively.”
Pesta could not be immediately reached for comment.
Last month, a hacker group calling itself “Anonymous” said in a video posted on YouTube that it would “systematically dismantle the Church of Scientology in its present form.” The church’s official website could not be accessed at various times in the days following the threat.
Jose Nazario, senior security and software engineer at Arbor Networks, said last month on his blog that researchers had detected nearly 500 DDoS attacks against the church, with an average size of 15,000 packets per second.
The incident followed the church’s copyright infringement claims following the spread of edited clips from a 2004 promotional video featuring actor Tom Cruise.
Anonymous also claimed that the church filtered anti-Scientology comments posted on YouTube, Digg.com and other websites.
Ken Pappas, security strategist at Top Layer Networks, an intrusion-prevention provider, told SCMagazineUS.com at the time that cyberattackers were likely using botnets to attack the church.