Self styled activists and notorious online hacking group, Anonymous has once again targeted the Greek governnment websites. It is the third time since February this year that websites of Greek government have been hacked. As per the reports given by the police to Reuters, Anonymous is the prime suspect behind the attack on the government websites of Greece. The message left by the hackers on the hacked Finance Ministry website was as follows: “To them, you are just economic indicators, deficits and balance sheets – but there are no indicators for misery,”.

Damage Control After Online Hacking Attack

Online Hacking News: Anonymous Targets Greek Government Sites

The General Accounting Office has been assessing and gauging the extent to which the security of the site was breached. The reports confirm that damage caused to the site is minor. In addition to the hacking of government sites, the hacking of websites of three universities was also reported. This incident is however, an indicator of growing unrest amongst the people of Greece with respect to the nation’s economic policies.

Online Hacking Déjà vu

Earlier this year, i.e. at the end of February, a website that belonged to the Justice Ministry of Greece was hacked. In that particular event of hacking, the hackers had threatened to erase from the website, the debts faced by the people of Greece. These recent incidents of hacking have a backdrop of tax evasion, a commonly observed practice in Greece. The government had taken strict measures for fighting the menace of tax evasion. Obtaining information about the spending patterns of people by tapping into their credit card and bank transactions was one of the measures taken by the government. Steps like these could possibly have triggered a series of acts of hacking. Recently the government also announced spending cuts that are in line with the EU/IMF bailout program. These spending cuts have drawn the ire of the public.

There are few who believe that tax evasion is observed mainly due to the flawed system of tax collection. Drawing attention to the woes of the Greek people is speculated as the motive behind the hacking of goverment sites. The above mentioned incidents indicate that the Anonymous group has once again became active in the online hacking world.

Online hacking collective Lulzsec may have been taken down, but Hector Monsegur aka Sabu, the group’s hacker leader-turned- traitor to cause is an uneasy man. At least that’s what the official reason is for his no show at his arraignment for a misdemeanor charge on Thursday.

A Federal Spy Among Online Hacking Anarchists

As widely reported in the news media as well as this online hacking weblog, Monsegur had been working with the FBI, gathering evidence against his Lulzsec comrades-in-arms, for a better part of the previous year. While this was going on, he also did his best to keep the invective machine rolling, spitting venom against the ‘enemy’ i.e. the US Government as evidenced by his near incessant chirping on twitter. Can’t blame him hardly; wouldn’t have done to have aroused any suspicion now, would it?

Sabu’s Betrayal: An Idol for Hackers Turns Traitor

His involvement with federal agencies was finally revealed on March 6 2012 in what was a major egg-in-the-face moment for Lulzsec and closely associated online hacking collective Anonymous. The full extent of his cooperation would become evident over the next few days, as it slowly dawned on his former associated that Monsegur worked almost full time over this period over gathering incriminating evidence, all the while steering away (it is easier when you happen to be the leader) the group’s activities to attacks on high-profile targets that got them the maximum media attention.

Among the online hacking exponents ‘Sabu’ helped stitch up is Chicago based anarchists-hacker Jeremy Hammond, the alleged mastermind of the Stratfor leak. To his colleagues, as well as the many aspirants to the online hacking life who literally saw ‘Sabu’ as an online hacking demigod, it was a rude awakening that they were in store for.

Case Adjourned with View to Dismiss; Federal Online Hacking Case Still Looming

Monsegur now claims that he’s afraid for his life in the light of recent death threats; this is the cited cause behind his not showing up at his arraignment in Manhattan criminal court on Thursday. The arraignment was in connection to impersonation charges resulting from a confrontation with NYPD officers earlier this year in February, when he was already working for the FBI. While in reality he was simply an informant cooperating in hopes of a lighter sentence for his own offences), he allegedly told the policemen that he was a federal agent. His failure to produce any identity documents to back up the claim is what landed him in this soup. However, even not considering the host of other charges Sabu may be facing on account of his electronic crimes, it may seem that the impersonation charges may be the least of his worries. As reported by his legal counsel Peggy Cross-Goldenberg, Monsegur fears for his personal safety now that his ratting out has been made public, making vague references to physical threats. The Manhattan criminal court judge waived Monsegur’s appearance and agreed to dismiss the misdemeanor charges in six months time, subject to good behavior from the defendant.

The four-minute hearing resulted in Monsegur’s New York criminal case being adjourned in contemplation of dismissal.

As mentioned before, the case concerning his much more serious offenses relating to criminal online hacking activity continues, and he shall be tried in a federal court.

Websites of Indian government and Tibetan activists in the country are facing an online hacking attack campaign engineered by a Chinese hacker, working with one of the world’s largest e-tailers Tencent.

The Online Hacking Perpetrator

Online Hacking Vigilante or State Sponsored Spy?

It is currently a matter of speculation of the Luckycat Online Hacking attack was actually the work of an overzealous nationalist or funded by the government. At any rate, it seems more than merely coincidental that the hacker would randomly carry out an online hacking attack against a movement (Tibetan Freedom) that’s a regular eyesore for the Chinese government. The significance of the fact that the Indian government has provided asylum to several Tibetan spiritual leaders has also not been lost on this online hacking weblog in light of the fact that websites belonging to the Indian government have also been targeted.

The Luckycat cyber campaign, has been linked to 90 attacks in recent past against targets in India and Japan, as well as against Tibetan activists. ‘Luckycat’ has been able to compromise about 233 computers many of which are in India. A report on the campaign released by an Indian internet security organization shows that the Luckycat perpetrators began around June 2011.

The report mentions a set of campaign codes used to track compromised systems; the codes detail dates corresponding to the launch of each online hacking attack, providing an indicative measure of the frequency of the attacks.

The report did not directly implicate the Chinese government, but security researchers believed that the style of the attacks and the types of targets indicated state-sponsored spying.

For more news on cybercrime and internet security, keep watching this online hacking weblog.

In a coordinated move to crack down on online hacking and related computer crime activities, especially by cartel-like anarchic groups, police forces in two continents swooped down on the top leadership of the online hacking group that calls itself LulzSec. With arrests being made across UK and Ireland, and with the FBI carrying out raids and arrests in the USA, the final tally has come to three arrested and two charged with conspiracy. This could effectively spell doom for LulzSec, as the people in question are part of the top leadership.

Online Hacking News: The Enemy Within  LulzSec

The irony of the situation was not lost on this online hacking weblog when reports surfaced

Online Hacking leader turned FBI Informer, Hector Montsegur. (Image Courtesy: SecureNewsDaily)

that the forces were able to act so decisively only as a result of the cooperation extended by one Hector Xavier Montsegur aka ‘Sabu’. Yes, that’s the same ‘Sabu’ who’s familiar to many as the leader of LulzSec.

Targeting the Online Hacking Leadership

It is being widely reported that Montsegur has been working with the FBI over the past several months, gather and furnishing incriminating evidence on his accomplices to the federal law enforcement agency.

The FBI made one arrest on US soil, with four more coming in the UK and Ireland. The FBI, apparently leading decision making on this one, is hoping to kill the monster by cutting off the head(s). LulzSec had been in the news quite frequently since the last summer, in connection to their joining the hacker collective Anonymous and launching a series of high profile online hacking attacks.

The last strong tweet by sabu was “The federal government is run by a bunch of fucking cowards. Don’t give in to these people. Fight back. Stay strong.”

Sabu began working for the FBI in June last year after the FBI busted him. In a classic case of the good guys having the last laugh, Montsegur not only plead guilty to 12 hacking related charges on August 15, he also agreed to be a mole in his own organization. Information pertaining to the full extent of his admissions is to be unsealed in the court hearing on March 6.

 The Rogues Gallery

The five charged in the LulzSec conspiracy indictment were identified by sources as: Ryan Ackroyd, aka “Kayla” and Jake Davis, aka “Topiary,” both of London; Darren Martyn, aka “pwnsauce” and Donncha O’Cearrbhail, aka “palladium,” both of Ireland; and Jeremy Hammond aka “Anarchaos,” of Chicago.

For more news on this and other topics related to online hacking, keep watching this space.

 Online hacking, cybercrime, cyber terrorism… these words evoke images of credit card numbers and personal identity details  being stolen from massive electronic databases. At most, the imagination stretches to massive DDoS attacks by online hacking organizations such as Lulzsec and Anonymous.

Online Hacking DoS: Threat to our Basic Needs

Scary as those scenarios may be, they pale next to the actual possibilities. Picture how dependant your life is on electric power; from illumination and food storage, every basic amenity of modern life runs on power. The lay person has no idea just how vulnerable our daily water supply, power stations, and gas supply lines are to an online hacking attack. And these attacks are very much a real possibility.

Ill-prepared and Under-informed for an Online Hacking Armageddon

Figures reveal that the Homeland Security Department received and acted upon nearly 116 requestedIn 2010 the Homeland Security Department responded to only 116 requests for assistance from its Control System Security Program cyber experts. By September of 2011 there were 342. All of these attacks didn’t originate domestically, either. On Nov. 8 an IP address originating from Russia attacked an Illinois based water utility company, managing to control a Supervisory Control And Data Acquisition system, resulting in a burnout of the associated pump. These types of real world results to online hacking attacks are not unknown. In 2007 an online hacking attack on a diesel generator caused it so self destruct.

At this time, companies in the sights of these types of online hacking attacks can only prevent between 67% and 76% of these types of attacks. They could prevent more but there’s one thing holding them back: money. Right now these companies spend $5.3 billion on protection against online hacking and other cyber attacks. To reach a 95% prevention rate they would have to increase that amount to more than $46 billion, an increase they say their customers won’t approve.

With the very real and national threat posed by online hacking, some would like the government to step in and foot the bill for these improvements. Others may think that this is a private sector issue and the government need not intervene. However, the decisive battles of the next major war may very well be fought by cyber-warriors on computer screens rather than surgical commando strikes deep within enemy territory. The question is, are we up to countering the threat of online hacking that goes beyond mere pranks?

The term cyber terrorism is becoming increasingly common, which you’ll observe on reading any online hacking weblog. Still, a solid definition of the word seems hard to come by. While the phrase is loosely defined, there is a large amount of ambiguity in what exactly constitutes cyber terrorism. In the post September 11 world, this is somewhat disconcerting.

A New Weapon: Cyber Terrorism

In an attempt to define cyber terrorism more logically, a study is made of definitions and attributes of terrorism and terrorist events. From these attributes a list of attributes for traditional terrorism is developed. This attribute list is then examined in detail with the addition of the computer and the Internet considered for each attribute. Using this methodology, the online world and terrorism is synthesized to produce a broader but more useful assessment of the potential impact of computer savvy terrorists. Most importantly, the concept of ‘traditional’ cyber terrorism, which features the computer as the target or the tool is determined to be only a limited part of the true risk faced.

Cyber terrorism has been quite a game changer for the way we build our online defences. In particular, the breadth of the issue poses significant questions for those who argue for vertical solutions to what is certainly a horizontal problem. Thus, the validity of special cyber terrorism task forces that are disconnected or loosely connected with other agencies responsible for fighting the general problem of terrorism is questionable and a broader, more inclusive method more likely to be effective.

Defining Cyber Terrorism

It is difficult for people to come to a consensus regarding what exactly cyber terrorism is. When the people in question are computer security experts who’d be  the architects of our defenses against cyber terrorism, this discrepancy goes from mere annoying to worrisome. When these 10 people represent varied factions of the governmental agencies tasked with protecting our national infrastructure and assets, it becomes a critical issue. However, given the lack of documented scientific support to incorporate various aspects of computer-related crime into the genre ‘cyber terrorism’, this situation should not be surprising.

Despite copious media attention, there is no consensus methodology by which various actions may be placed under the nomenclature ‘cyber terrorism’, yet the term clearly exists in common usage.

However, the reality is that the reader, solution provider, or defender is often left to his own devices as to what the term actually means and thus what solutions should be created (or implemented). When a government’s or corporation’s entire infrastructure may be at stake, subjectivity is useful but may not be the best evaluative tool.

At the same time, research of this phenomenon shows that cyber terrorism cannot easily be defined. This creates a Catch-22 situation: the thing cannot be defined — yet without defining it, one cannot ‘know’ what it is one is fighting and hence come up with a good solution. Furthermore, even when there is an operational agreement on terms, if an attack/security event does not fit into one of the (often narrowly defined) categories, funding (and as a result investigation or technical remedy) may not be forthcoming.

That’s all for now, but keep reading as we’ll continue to update you with more details on online hacking in future posts, with a particular focus on cyber terrorism.

According to an August 2011 study on online hacking by cyber security software company McAfee, networks of nearly 72 organizations including the UN, governments and companies across the world have fallen victim to online hacking attacks since 2006. Besides making this sensational revelation on online hacking, McAfee has also stated that there was a “state factor” behind the online hacking attacks. However, the company shied away from identifying that factor more concretely, leaving a lot of gaps to be filled in by the wild imaginings of online hacking conspiracy theorists.

Online Hacking Weblog: The Victim Parade

McAfee says in a release that a number of organizations which includes the governments of the US, India, South Korea, Vietnam, Canada and Taiwan, as well as groups such as ASEAN, IOC, WADA and several high-tech enterprises have fallen prey to a concerted, coordinated five-year online hacking campaign that was far from random, and was orchestrated as part of a larger, deeper strategy targeted at these governments.

McAfee had notified all 72 victims of the attacks, which are under investigation by law enforcement agencies around the world.

McAfee revealed in its report that the hackers managed to steal data from the computer networks of the UN Secretariat in Geneva for nearly two years. McAfee learned of the extent of the online hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a “command and control” server that they had discovered in 2009 as part of an investigation into security breaches at defense companies.

Discovering Operation Shady RAT

McAfee discovered what it calls as Operation Shady RAT, which was used by the intruders for hacking into the online systems. The company then collected logs that revealed the huge volume of cyber attacks since mid-2006.

According to sources within McAfee, the enormous diversity of the victim organizations and the audacity of the perpetrators was disconcerting even for the seasoned cyber security professionals who’re part of McAfee’s threat research team.

McAfee says in its report that as many as eight organizations were victims of online hacking in 2006. The number increased to 29 by 2007. The number of victimized organized continued to increase in following years as it peaked at 38 in 2009 before a slump in online hacking activity. The slump was perhaps due to the widespread availability of the online hacking countermeasures for the specific intrusion indicators used by this specific perpetrator.

What is happening to all this data obtained through online hacking is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook through online hacking), the loss represents a massive economic threat.

Some of the attacks lasted just a month, but the longest—on  the Olympic Committee of an unidentified Asian nation—went on and off for 28 months, according to McAfee. A McAfee spokesperson further made an as yet unsubstantiated claim that this was the biggest transfer of wealth in terms of intellectual property in history. There’s certainly no doubt that the scale at which this is occurring is disturbing.

Is China Behind the Online Hacking Attacks?

Responding the report, cyber security experts with the Center for Strategic and International Studies stated their belief that it is China that is behind the online hacking campaign, which they claim is indicated by the fact that most of the stolen information was of particular interest to China.

The systems of the IOC and several national Olympic Committees were breached before the 2008 Beijing Games. And China views Taiwan as a renegade province, and political issues between them remain contentious even as economic ties have strengthened in recent years.

This claim was not commented on either by McAfee, or any representatives of the Chinese government. Concerns regarding the report and its potential effects have been escalated to a level where they have come to the attention of UNO, which has started as investigation into the matter.

A Pentagon spokesperson, Air Force Lieutenant Colonel April Cunningham stuck to the official version that the attackers are as yet unidentified. However, Cunningham has also stated that the Department of Defense has already reported to the Congress in 2010 regarding the active pursuit of cyber capabilities initiated by China, with an aim to ex-filtrate sensitive information of a strategic or military utility.

McAfee had published this report earlier this year to coincide with the commencement of the annual Black hat conference in Las Vegas, a confluence of cyber security professionals with a focus to fighting online hacking and cyber crime.

Imagine this online hacking scenario: someone stealing information from your computer while you are uploading an image on Facebook. Scary, yes. Implausible? Think again; it may sound like its coming from a cyberpunk tale, but it’s quite possible with the latest online hacking techniques.

A collaborative effort between researchers from the University of Illinois at Urbana-Champaign and the Indraprastha Institute of Information Technology in New Delhi, India have come up with “Steganobot”, a new generation botnet, which attaches itself to Facebook profiles and gains access to the user’s confidential data such as e-mail passwords while uploading Facebook pictures. The researchers said that Stegobot was developed to show how easy it could be for a hacker to exploit Facebook photos upload feature to sneak into the user’s computer.

Botnet Malware: Online Hacking Evolution

Malware is an extremely serious threat to modern networks. In recent years, anew form of general-purpose malware known as bots has arisen. Bots are unique in that they collectively maintain communication structures across nodes to resiliently distribute commands and data through a command and control (C&C) channel. The ability to coordinate and upload new commands to bots gives the botnet owner vast power when performing online hacking activities of a criminal nature, including the ability to orchestrate surveillance attacks, perform DDoS extortion, sending spam for pay, and phishing.

The evolution of botnets for online hacking has primarily been driven by the principle of `whatever-works’. Early botnets followed a centralized architecture. However, the growing size of botnets led to scalability problems. Additionally, the development of online hacking defense mechanisms that detect centralized command-and-control servers further accelerated their demise. This led to the development of a second generation of decentralized botnets.

Meet Steganobot: New Botnet developed to Study Future Online Hacking Threats

Stegobot initially gains access to computers through the usual channels such as infected attachments or directs to malware-laden content. After gaining access, Stegobot applies a technique called “steganography” to conceal data in the image files without affecting the picture’s appearance.

Topological Diagram of Steganobot

The botnet incorporates the information into any image you are uploading on Facebook. And then it waits for one of your friends to see your profile. Stegobot can then infect your computer even if your friend has not clicked on the corrupted image. In case your friend is also infected with the botnet, then any photo they upload will also pass on the stolen data. And the relaying of the data can eventually land into the hands of a botmaster, who will be then able to access your identity.

The study focuses on the development of a decentralized botnet based on a model of covert communication where the nodes of the network only communicate along the edges of a social network. This is made possible by recent advances in malware technologies. Social malware refers to the class of malware that propagate through the social network of its victims by hijacking social trust. Instances include targeted surveillance attacks on the Tibetan Movement and the non-targeted attack by the Koobface worm on a number of online social networks including Facebook.

By adopting such a communication model, a malicious network such as a botnet can make its traffic significantly more difficult to be differentiated from legitimate traffic solely on the basis of communication end-points. Additionally, to frustrate defense efforts based on traffic flow classification, Steganobot’s development team intends to explore the use of covert channels based on data concealment techniques. What if criminals used steganographic data hiding techniques which exploit human social behavior patterns in designing botnets? Would it be possible to design such a botnet? How would it be superior to existing botnets, and where would it be inferior to the same? These are some of the questions this study hopes to answer in this paper.

The research related to Stegobot is quite significant as this online hacking threat is virtually undetectable. Of late we have seen a spate of online hacking across the world. Whether it has been a government website or the IMF network, everything online seems vulnerable. Online hacking techniques such as botnets have only strengthened the contemporary need for more secure and foolproof methods to safeguard online identity. For continued updates about malware protection and safe web behavior, keep reading our online hacking weblog.

If you regularly follow any online hacking weblog, the name Anonymous wouldn’t be unfamiliar. They’ve been in the news for all the wrong reasons, even though they are wont to justify their actions by citing certain motivating factors.

There has been some online hacking activity recently, however, that has put even this daring group of civil disobedience activists in the denial mode. Recently, hackers claiming to be from the infamous activist group Anonymous (known for several online hacking attacks) hacked into a Government of  India, GoI for short, website to express their support the ‘India Against Corruption” movement in the country. Obviously, this misguided group claiming to be the Indian chapter of Anonymous seem to believe that their actions are somehow contributing positively to the movement. It is hard to understand how targeting the government websites with online hacking attacks will help the cause. Now, after having seen a spate of attacks on Indian websites, and promises for more, India seems to be a big target on the hit-list of hackers of global notoriety. Though none of the hacks have so far proved to be too damaging, concerns on level of Internet security in the country have grown sharply.

Online Hacking Weblog: The Attack Backfires

The ‘Anonymous’ hackers group also hacked the Indian Army website but quickly retracted after a lot of outraged Indians flooded the Facebook and Twitter pages of Operation India with angry responses to the online hacking attack. Soon after the event, the Facebook and Twitter pages for Anonymous India were removed – a move that took everyone by surprise. It is also not clear whether the move was taken by the online hacking group or the social networking sites were too involved into it.

Things became more confusing after a message, purportedly from the ‘real’ Anonymous, posted on PasteBin said that Anonymous did not launch any online hacking attacks against the government sites but that it was someone else misusing its name.

Here’s excerpt of the message:

“It has come to our notice that some of the Indian hackers and their groups are taking the undue advantage of the situation and the name and platform of Anonymous” “You targeted organizations and other Indian Government properties to settle your own issues and you used the name Anonymous for personal benefits. By doing all this activities, you have not only hampered the image of Anonymous but you all are responsible for the damage caused to #OpIndia.”

Other Online Hacking Attacks

Other than the blame game and discussing who is responsible for the menace, focus should remain on the factors leading to such events. The recent breach of computer networks of International Monetary Fund (IMF) apparently shows the vulnerability of Internet communication across the world. Even after intensification of security, such hacking events are the on rise. Famously, companies like Sony and Citigroup were not spared either. Many will agree increasing online hacking attacks have raised the risks of critical and private data getting out in public. Anonymous India or whosoever it was justified hacking the government website in the name of the anti-graft movement. And then it follows that up with the online hacking attack on the Indian Army website. It is very hard to relate the two acts of online hacking, as they don’t seem to have been done with the same intentions.

The need for better education on online hacking and cybersecurity on all levels is now acknowledged by many IT security experts and even government officials, but it seems that nobody quite knows where to begin.

A paper published by Chatham House last month found that “there was considered to be an absence of an authoritative ‘rich picture’ that could help to develop a more comprehensive and urgent sense of the online hacking threats that need to be tackled.”

The UK Cyber Security Strategy has recently been put back to later this month, in order to attempt to create links between government and law enforcement groups.

Online Hacking Weblog: Tackling Hacking with Education

Virtually everyone acknowledges the dangers of online hacking and related cybercrime, but few, if any, have a clear idea of what to do.

There exists a need to educate from the bottom up and a strategy must be reached to protect the national infrastructure.

With online hacking crimes against individuals still on the rise, there is also an ongoing danger to corporations and government, especially from botnets.

However, it is a mammoth task to change the surfing habits of users and the gaps in the understanding of company leaders and their ICT departments.

Although awareness of the affects of cyber crime is growing, “there is still limited understanding of the nuances of the debate”.

Governments all over the world recognize that they can’t change things by themselves and so there is a need for private and IT security companies to get involved too.

However, research and funding in the area of cyber security to counter online hacking is still sadly lacking in both the public and private sector, although it is recognized that more is needed.

This can be addressed within organizations by identifying future threats and budgeting accordingly.

It is more important now than ever that corporations understand the risks and allocate funds and implement plans in order to tackle the problem.

Online Hacking Weblog: Re-engineering Social Web Behavior

On a societal level, greater public awareness about online hacking needs to be achieved and this can be done by first of all ensuring more understandable terminology.

The problem with addressing society as a whole is that it is made up of such a diverse mix of people.

Not only does information have to be accessible to everyone, but it needs to be put across in such a way that gives it “value” to people.

One of the key areas to address is modifying human behavior, because humans, not computers, can be the weakest link in defense against online hacking, say cyber crime experts.

The cyber crime industry has thrown posters, mug mats and beseeching hope at a problem that needs, what behavioral scientists call, ‘choice engineering’. The difficulty in getting both companies and individuals to adopt good security practices is recognized. A more fundamental cultural change may be necessary to drive large-scale transformation in cyber security outreach and online hacking awareness. Whilst awareness surrounding the issues is improving in both government and organizations, this isn’t in any uniform manner and there still exists a basic lack of understanding about the threats of online hacking and in many cases, inadequate response measures are being put in place. Additional work is also needed on improving the culture of cyber security at the societal level, with clearer guidance on what it means to be a ‘good netizen’.

Progress towards improving this culture would serve to establish a kind of immunity to the most widespread and common threats, while also educating a broad group of users about emerging online hacking threats.