Self styled activists and notorious online hacking group, Anonymous has once again targeted the Greek governnment websites. It is the third time since February this year that websites of Greek government have been hacked. As per the reports given by the police to Reuters, Anonymous is the prime suspect behind the attack on the government websites of Greece. The message left by the hackers on the hacked Finance Ministry website was as follows: “To them, you are just economic indicators, deficits and balance sheets – but there are no indicators for misery,”.

Damage Control After Online Hacking Attack

Online Hacking News: Anonymous Targets Greek Government Sites

The General Accounting Office has been assessing and gauging the extent to which the security of the site was breached. The reports confirm that damage caused to the site is minor. In addition to the hacking of government sites, the hacking of websites of three universities was also reported. This incident is however, an indicator of growing unrest amongst the people of Greece with respect to the nation’s economic policies.

Online Hacking Déjà vu

Earlier this year, i.e. at the end of February, a website that belonged to the Justice Ministry of Greece was hacked. In that particular event of hacking, the hackers had threatened to erase from the website, the debts faced by the people of Greece. These recent incidents of hacking have a backdrop of tax evasion, a commonly observed practice in Greece. The government had taken strict measures for fighting the menace of tax evasion. Obtaining information about the spending patterns of people by tapping into their credit card and bank transactions was one of the measures taken by the government. Steps like these could possibly have triggered a series of acts of hacking. Recently the government also announced spending cuts that are in line with the EU/IMF bailout program. These spending cuts have drawn the ire of the public.

There are few who believe that tax evasion is observed mainly due to the flawed system of tax collection. Drawing attention to the woes of the Greek people is speculated as the motive behind the hacking of goverment sites. The above mentioned incidents indicate that the Anonymous group has once again became active in the online hacking world.

Online hacking collective Lulzsec may have been taken down, but Hector Monsegur aka Sabu, the group’s hacker leader-turned- traitor to cause is an uneasy man. At least that’s what the official reason is for his no show at his arraignment for a misdemeanor charge on Thursday.

A Federal Spy Among Online Hacking Anarchists

As widely reported in the news media as well as this online hacking weblog, Monsegur had been working with the FBI, gathering evidence against his Lulzsec comrades-in-arms, for a better part of the previous year. While this was going on, he also did his best to keep the invective machine rolling, spitting venom against the ‘enemy’ i.e. the US Government as evidenced by his near incessant chirping on twitter. Can’t blame him hardly; wouldn’t have done to have aroused any suspicion now, would it?

Sabu’s Betrayal: An Idol for Hackers Turns Traitor

His involvement with federal agencies was finally revealed on March 6 2012 in what was a major egg-in-the-face moment for Lulzsec and closely associated online hacking collective Anonymous. The full extent of his cooperation would become evident over the next few days, as it slowly dawned on his former associated that Monsegur worked almost full time over this period over gathering incriminating evidence, all the while steering away (it is easier when you happen to be the leader) the group’s activities to attacks on high-profile targets that got them the maximum media attention.

Among the online hacking exponents ‘Sabu’ helped stitch up is Chicago based anarchists-hacker Jeremy Hammond, the alleged mastermind of the Stratfor leak. To his colleagues, as well as the many aspirants to the online hacking life who literally saw ‘Sabu’ as an online hacking demigod, it was a rude awakening that they were in store for.

Case Adjourned with View to Dismiss; Federal Online Hacking Case Still Looming

Monsegur now claims that he’s afraid for his life in the light of recent death threats; this is the cited cause behind his not showing up at his arraignment in Manhattan criminal court on Thursday. The arraignment was in connection to impersonation charges resulting from a confrontation with NYPD officers earlier this year in February, when he was already working for the FBI. While in reality he was simply an informant cooperating in hopes of a lighter sentence for his own offences), he allegedly told the policemen that he was a federal agent. His failure to produce any identity documents to back up the claim is what landed him in this soup. However, even not considering the host of other charges Sabu may be facing on account of his electronic crimes, it may seem that the impersonation charges may be the least of his worries. As reported by his legal counsel Peggy Cross-Goldenberg, Monsegur fears for his personal safety now that his ratting out has been made public, making vague references to physical threats. The Manhattan criminal court judge waived Monsegur’s appearance and agreed to dismiss the misdemeanor charges in six months time, subject to good behavior from the defendant.

The four-minute hearing resulted in Monsegur’s New York criminal case being adjourned in contemplation of dismissal.

As mentioned before, the case concerning his much more serious offenses relating to criminal online hacking activity continues, and he shall be tried in a federal court.

Websites of Indian government and Tibetan activists in the country are facing an online hacking attack campaign engineered by a Chinese hacker, working with one of the world’s largest e-tailers Tencent.

The Online Hacking Perpetrator

Online Hacking Vigilante or State Sponsored Spy?

It is currently a matter of speculation of the Luckycat Online Hacking attack was actually the work of an overzealous nationalist or funded by the government. At any rate, it seems more than merely coincidental that the hacker would randomly carry out an online hacking attack against a movement (Tibetan Freedom) that’s a regular eyesore for the Chinese government. The significance of the fact that the Indian government has provided asylum to several Tibetan spiritual leaders has also not been lost on this online hacking weblog in light of the fact that websites belonging to the Indian government have also been targeted.

The Luckycat cyber campaign, has been linked to 90 attacks in recent past against targets in India and Japan, as well as against Tibetan activists. ‘Luckycat’ has been able to compromise about 233 computers many of which are in India. A report on the campaign released by an Indian internet security organization shows that the Luckycat perpetrators began around June 2011.

The report mentions a set of campaign codes used to track compromised systems; the codes detail dates corresponding to the launch of each online hacking attack, providing an indicative measure of the frequency of the attacks.

The report did not directly implicate the Chinese government, but security researchers believed that the style of the attacks and the types of targets indicated state-sponsored spying.

For more news on cybercrime and internet security, keep watching this online hacking weblog.

In a coordinated move to crack down on online hacking and related computer crime activities, especially by cartel-like anarchic groups, police forces in two continents swooped down on the top leadership of the online hacking group that calls itself LulzSec. With arrests being made across UK and Ireland, and with the FBI carrying out raids and arrests in the USA, the final tally has come to three arrested and two charged with conspiracy. This could effectively spell doom for LulzSec, as the people in question are part of the top leadership.

Online Hacking News: The Enemy Within  LulzSec

The irony of the situation was not lost on this online hacking weblog when reports surfaced

Online Hacking leader turned FBI Informer, Hector Montsegur. (Image Courtesy: SecureNewsDaily)

that the forces were able to act so decisively only as a result of the cooperation extended by one Hector Xavier Montsegur aka ‘Sabu’. Yes, that’s the same ‘Sabu’ who’s familiar to many as the leader of LulzSec.

Targeting the Online Hacking Leadership

It is being widely reported that Montsegur has been working with the FBI over the past several months, gather and furnishing incriminating evidence on his accomplices to the federal law enforcement agency.

The FBI made one arrest on US soil, with four more coming in the UK and Ireland. The FBI, apparently leading decision making on this one, is hoping to kill the monster by cutting off the head(s). LulzSec had been in the news quite frequently since the last summer, in connection to their joining the hacker collective Anonymous and launching a series of high profile online hacking attacks.

The last strong tweet by sabu was “The federal government is run by a bunch of fucking cowards. Don’t give in to these people. Fight back. Stay strong.”

Sabu began working for the FBI in June last year after the FBI busted him. In a classic case of the good guys having the last laugh, Montsegur not only plead guilty to 12 hacking related charges on August 15, he also agreed to be a mole in his own organization. Information pertaining to the full extent of his admissions is to be unsealed in the court hearing on March 6.

 The Rogues Gallery

The five charged in the LulzSec conspiracy indictment were identified by sources as: Ryan Ackroyd, aka “Kayla” and Jake Davis, aka “Topiary,” both of London; Darren Martyn, aka “pwnsauce” and Donncha O’Cearrbhail, aka “palladium,” both of Ireland; and Jeremy Hammond aka “Anarchaos,” of Chicago.

For more news on this and other topics related to online hacking, keep watching this space.

As many an online hacking weblog has reported, this past year provided many important lessons in online security and malware protection. Based on these lessons and because of the numerous online hacking attacks and threats in 2011, online security guidelines and systems all over the world are being beefed up in an effort to improve authentication compliance and abide by authentication best practices.

FFIEC Introduces Strong Authentication Compliance Guidelines for Financial Institutions

In January, the Federal Financial Institutions Examination Council (FFIEC) recent updates to its Authentication Guidelines went into effect, requiring up-to-date and strong authentication compliance for financial institutions. The purpose of the guidelines is to “provide a risk management framework for financial institutions offering Internet-based products and services to their customers. Institutions should use effective methods to authenticate the identity of customers and that the techniques employed should be commensurate with the risks associated with the products and services offered and the protection of sensitive customer information” (See BankInfoSecurity for more information).

DoD Beefs Up Security against Online Hacking with new Updates

The Department of Defense (DoD) has also made updates to its authentication program, the Joint Personnel Adjudication System (JPAS). JPAS is a centralized security program that helps protect against unauthorized access to its networks and applications, comply with data protection regulations and enforce security best practices. As of January 21, 2012, non-DoD individuals in the JPAS program must use a digital certificate stored on a USB token or smartcard that has been issued by a DoD-approved External Certificate Authority (ECA).

Both the FFIEC and the DoD took note of the cyberthreat and attack lessons learned in 2011. In order for corporations to follow suit, they must implement authentication best practices that will more effectively keep their data and customer data secure. One of the most important solutions of identity authentication available to corporations today is two-factor authentication or risk-based authentication. Two-factor authentication helps corporations better protect themselves against hackers by requiring two methods of identity verification: a password (something the user knows) and an authentication token (something the user has). Risk-based authentication profiles a user’s device and their behavior to assess the risk associated with their activity and invoke secondary authentication when that activity appears to be unusual.

The popularity of smartphones and tablet devices represents a security opportunity for organizations – more users already have a device that could function as an authentication token to provide a stronger assertion of their identity to a wide variety of parties. Unlike traditional two-factor authentication token solutions, approaches that enable re-use of existing mobile devices are faster and easier to deploy, and more cost-effective to maintain. And, unlike traditional hardware tokens, users are far less likely to forget their mobile device at home. And using risk-based authentication mechanisms that profile a user’s device and behavior can provide similar protection, without any impact to a legitimate user’s experience.

Like this last year, 2012 will be full of cyberthreats and attacks. We can expect hackers will only increase the number and intensity of their attacks. Among the current threats to users of financial institutions is the Zeus Trojan, which the FBI is calling “Gameover” because once the hackers get a user’s financial information, it’s game over. In fact, so far in 2012 Symantec has seen over 200,000 attacks each day from criminals using the Zeus tool kit. The Zeus Trojan, as well as the recent DreamHost attack, prove the urgency corporations should feel about stronger authentication.

As corporations and organizations implement these and other authentication best practices, they’ll not only be keeping theirs and user data more secure, but they’ll also be better equipped to avoid finding themselves the subject of the latest online hacking incident.

 Online hacking, cybercrime, cyber terrorism… these words evoke images of credit card numbers and personal identity details  being stolen from massive electronic databases. At most, the imagination stretches to massive DDoS attacks by online hacking organizations such as Lulzsec and Anonymous.

Online Hacking DoS: Threat to our Basic Needs

Scary as those scenarios may be, they pale next to the actual possibilities. Picture how dependant your life is on electric power; from illumination and food storage, every basic amenity of modern life runs on power. The lay person has no idea just how vulnerable our daily water supply, power stations, and gas supply lines are to an online hacking attack. And these attacks are very much a real possibility.

Ill-prepared and Under-informed for an Online Hacking Armageddon

Figures reveal that the Homeland Security Department received and acted upon nearly 116 requestedIn 2010 the Homeland Security Department responded to only 116 requests for assistance from its Control System Security Program cyber experts. By September of 2011 there were 342. All of these attacks didn’t originate domestically, either. On Nov. 8 an IP address originating from Russia attacked an Illinois based water utility company, managing to control a Supervisory Control And Data Acquisition system, resulting in a burnout of the associated pump. These types of real world results to online hacking attacks are not unknown. In 2007 an online hacking attack on a diesel generator caused it so self destruct.

At this time, companies in the sights of these types of online hacking attacks can only prevent between 67% and 76% of these types of attacks. They could prevent more but there’s one thing holding them back: money. Right now these companies spend $5.3 billion on protection against online hacking and other cyber attacks. To reach a 95% prevention rate they would have to increase that amount to more than $46 billion, an increase they say their customers won’t approve.

With the very real and national threat posed by online hacking, some would like the government to step in and foot the bill for these improvements. Others may think that this is a private sector issue and the government need not intervene. However, the decisive battles of the next major war may very well be fought by cyber-warriors on computer screens rather than surgical commando strikes deep within enemy territory. The question is, are we up to countering the threat of online hacking that goes beyond mere pranks?

You must be familiar with the term phishing, or phishing scam. It is an online hacking attack where an individual involved in online hacking tricks a victim into giving away secret information such as log-in details, financial data and so on, without the latter realizing the true nature of the scam.

So you can understand the potential use of phishing to online hacking criminals who wish to perpetrate identity theft. The term itself originates from phone phreaking, a word that traces its way to early hacking incidents reported in the media and identity theft cases. Though based on a simple underlying concept, perpetrators can weave an elaborate con aimed at ‘phishing’ the identity details of a target. These may then be used to mail bomb another target, other online hacking activity or even to access the target’s financial data.

Online Hacking: How Phishing Scammers Operate

Phishers try to con you into providing them with sensitive info such as email/ login data, which they can then put into their nefarious online hacking skills and use it to make money out of the system.

One very vulnerable target for phishers is your PayPal account. PayPal is a web-based payment processing system that lets you transfer money to and from your PayPal account with your credit or debit card, thus avoiding the risk of revealing your credit card details to every e-commerce website you shop at.

This does make PayPal a particularly meaty target for online hacking. If you wanted to take money out of other people’s PayPal accounts, all you would really need is their email address and password. Then you sign in to their account, and send the money to an account you have set up.

What phishers will do is email PayPal customers with an email that looks like an official email from PayPal. It will have the PayPal logo and format and will look exactly like official PayPal emails to customers. It may even come from an address that looks like PayPal’s official website. It will go on to say it is a random security check or some other technical procedure and that you are required to type in your user name and password. It will then thank you and say the check or whatever other scheme it claims to be is complete. In the meantime, the phisher will have your password and can clear out your account.

While this is a basic example, there are countless variations of increasing complexity that will be used to try and entice customers to give out bank account details, credit card details or other sensitive information. It can often be next to impossible for the average customer to detect that the email or website is not the official one of the company it is supposed to be from and they are therefore very dangerous.

Any suspect email that has even a remote possibility of being a phishing attempt must be immediately notified to the concerned party that is being mimicked; often your bank or credit card company or PayPal account. You need not be a Sherlock Holmes to spot such a scam: no bank or payment processor would ask for your password in an email, so if a purported bank or bank employee requests such information then its time to hit the panic button.

Keep watching this online hacking weblog for the  latest online hacking news.

You don’t need refer to an online hacking weblog to know that it makes sense to invest in malware protection software. The information superhighway that is the internet is a Wild West unto itself in more ways than one; users have always come out chased by hounds.

To begin with, a wide variety of threats, namely online hacking, virus infection, malware infestation etc. stalk any computer user connected to the internet. Most new computer systems are accompanied by bundled anti-virus and malware protection software applications. An alarming trend, however, is that a large number of users choose to neglect the very importance aspect of malware protection and end up exposing their computers to the risk of infection once these bundled applications exceed their validity period and need renewal.

Malware Protection : Nip the Risk in the Bud

Failing to install a firewall, forgetting to update the anti-virus software and clicking on suspicious links, apart from poor malware protection efforts, are among the many unhealthy surfing habits of a majority of netizens. Some are not even aware of the nuisance of adware, or the threat posed by spyware.

Not every site you visit will be a safe place. Not every email you receive will contain safe information. Many viruses enter a website when users visit certain websites (predominately pornographic sites). These viruses can also come from certain emails. Keeping these things in mind and ensuring correct surfing habits are the best malware protection you can get; the software applications come in only as a second line of defense.

Programmers of viruses and other malware have written extremely destructive and devious code; some can even disengage the anti-virus software. This may happen even with paid anit0virus software. What’s important is, that the malware virtually has the run of the system now and can wreak havoc on your files.

This was a very rare case, but if you want adequate malware protection, then you must ensure that you check regularly for updates and scan your computer for viruses everyday, which is something that you can tell your anti-virus software to do automatically by scheduling it in advance.

Other Methods of Malware Protection

The use of a spyware extractor like Ad-Aware can help alleviate chances of browser hijacking and to remove all data-mining files from your hard drive. Many sites will add these features to your computer when you visit their website, they gather data on your personal site visitation and apparent preferences.

Not only can this be personally intrusive but it can also slow your computer down and may result in a significant amount of unwanted emails.

Your hard drive is more important that just a hunk of silicon and electronic boards, especially more so if you use it for business; the data is priceless. You can’t afford to have your computer offline while you deal with the devastating effects of a computer virus, online hacking or deleted files? Hence, if you use your computer to store office files, or if you’re a freelancer using the computer as a workstation, you should know how vital malware protection software and other security measures are.

Keep watching this online hacking weblog for more information on malware protection.

The term cyber terrorism is becoming increasingly common, which you’ll observe on reading any online hacking weblog. Still, a solid definition of the word seems hard to come by. While the phrase is loosely defined, there is a large amount of ambiguity in what exactly constitutes cyber terrorism. In the post September 11 world, this is somewhat disconcerting.

A New Weapon: Cyber Terrorism

In an attempt to define cyber terrorism more logically, a study is made of definitions and attributes of terrorism and terrorist events. From these attributes a list of attributes for traditional terrorism is developed. This attribute list is then examined in detail with the addition of the computer and the Internet considered for each attribute. Using this methodology, the online world and terrorism is synthesized to produce a broader but more useful assessment of the potential impact of computer savvy terrorists. Most importantly, the concept of ‘traditional’ cyber terrorism, which features the computer as the target or the tool is determined to be only a limited part of the true risk faced.

Cyber terrorism has been quite a game changer for the way we build our online defences. In particular, the breadth of the issue poses significant questions for those who argue for vertical solutions to what is certainly a horizontal problem. Thus, the validity of special cyber terrorism task forces that are disconnected or loosely connected with other agencies responsible for fighting the general problem of terrorism is questionable and a broader, more inclusive method more likely to be effective.

Defining Cyber Terrorism

It is difficult for people to come to a consensus regarding what exactly cyber terrorism is. When the people in question are computer security experts who’d be  the architects of our defenses against cyber terrorism, this discrepancy goes from mere annoying to worrisome. When these 10 people represent varied factions of the governmental agencies tasked with protecting our national infrastructure and assets, it becomes a critical issue. However, given the lack of documented scientific support to incorporate various aspects of computer-related crime into the genre ‘cyber terrorism’, this situation should not be surprising.

Despite copious media attention, there is no consensus methodology by which various actions may be placed under the nomenclature ‘cyber terrorism’, yet the term clearly exists in common usage.

However, the reality is that the reader, solution provider, or defender is often left to his own devices as to what the term actually means and thus what solutions should be created (or implemented). When a government’s or corporation’s entire infrastructure may be at stake, subjectivity is useful but may not be the best evaluative tool.

At the same time, research of this phenomenon shows that cyber terrorism cannot easily be defined. This creates a Catch-22 situation: the thing cannot be defined — yet without defining it, one cannot ‘know’ what it is one is fighting and hence come up with a good solution. Furthermore, even when there is an operational agreement on terms, if an attack/security event does not fit into one of the (often narrowly defined) categories, funding (and as a result investigation or technical remedy) may not be forthcoming.

That’s all for now, but keep reading as we’ll continue to update you with more details on online hacking in future posts, with a particular focus on cyber terrorism.

According to an August 2011 study on online hacking by cyber security software company McAfee, networks of nearly 72 organizations including the UN, governments and companies across the world have fallen victim to online hacking attacks since 2006. Besides making this sensational revelation on online hacking, McAfee has also stated that there was a “state factor” behind the online hacking attacks. However, the company shied away from identifying that factor more concretely, leaving a lot of gaps to be filled in by the wild imaginings of online hacking conspiracy theorists.

Online Hacking Weblog: The Victim Parade

McAfee says in a release that a number of organizations which includes the governments of the US, India, South Korea, Vietnam, Canada and Taiwan, as well as groups such as ASEAN, IOC, WADA and several high-tech enterprises have fallen prey to a concerted, coordinated five-year online hacking campaign that was far from random, and was orchestrated as part of a larger, deeper strategy targeted at these governments.

McAfee had notified all 72 victims of the attacks, which are under investigation by law enforcement agencies around the world.

McAfee revealed in its report that the hackers managed to steal data from the computer networks of the UN Secretariat in Geneva for nearly two years. McAfee learned of the extent of the online hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a “command and control” server that they had discovered in 2009 as part of an investigation into security breaches at defense companies.

Discovering Operation Shady RAT

McAfee discovered what it calls as Operation Shady RAT, which was used by the intruders for hacking into the online systems. The company then collected logs that revealed the huge volume of cyber attacks since mid-2006.

According to sources within McAfee, the enormous diversity of the victim organizations and the audacity of the perpetrators was disconcerting even for the seasoned cyber security professionals who’re part of McAfee’s threat research team.

McAfee says in its report that as many as eight organizations were victims of online hacking in 2006. The number increased to 29 by 2007. The number of victimized organized continued to increase in following years as it peaked at 38 in 2009 before a slump in online hacking activity. The slump was perhaps due to the widespread availability of the online hacking countermeasures for the specific intrusion indicators used by this specific perpetrator.

What is happening to all this data obtained through online hacking is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook through online hacking), the loss represents a massive economic threat.

Some of the attacks lasted just a month, but the longest—on  the Olympic Committee of an unidentified Asian nation—went on and off for 28 months, according to McAfee. A McAfee spokesperson further made an as yet unsubstantiated claim that this was the biggest transfer of wealth in terms of intellectual property in history. There’s certainly no doubt that the scale at which this is occurring is disturbing.

Is China Behind the Online Hacking Attacks?

Responding the report, cyber security experts with the Center for Strategic and International Studies stated their belief that it is China that is behind the online hacking campaign, which they claim is indicated by the fact that most of the stolen information was of particular interest to China.

The systems of the IOC and several national Olympic Committees were breached before the 2008 Beijing Games. And China views Taiwan as a renegade province, and political issues between them remain contentious even as economic ties have strengthened in recent years.

This claim was not commented on either by McAfee, or any representatives of the Chinese government. Concerns regarding the report and its potential effects have been escalated to a level where they have come to the attention of UNO, which has started as investigation into the matter.

A Pentagon spokesperson, Air Force Lieutenant Colonel April Cunningham stuck to the official version that the attackers are as yet unidentified. However, Cunningham has also stated that the Department of Defense has already reported to the Congress in 2010 regarding the active pursuit of cyber capabilities initiated by China, with an aim to ex-filtrate sensitive information of a strategic or military utility.

McAfee had published this report earlier this year to coincide with the commencement of the annual Black hat conference in Las Vegas, a confluence of cyber security professionals with a focus to fighting online hacking and cyber crime.