Russia hacked hundreds of Western, Asian companies: security firm

A U.S. cybersecurity firm says it has gathered evidence that the Russian government spied on hundreds of American, European and Asian companies, the first time Moscow has been linked to cyber attacks for alleged economic – rather than political – gains.

According to the firm, CrowdStrike, the victims of the previously unreported cyber espionage campaign include energy and technology firms, some of which have lost valuable intellectual property.

CrowdStrike declined to go into detail about those losses or to name any victims, citing confidentiality agreements related to its investigation.

Officials with the Russian Interior Ministry could not be reached for comment early on Wednesday in Moscow.

“These attacks appear to have been motivated by the Russian government’s interest in helping its industry maintain competitiveness in key areas of national importance,” Dmitri Alperovitch, chief technology officer of CrowdStrike, told Reuters on Tuesday evening.

Cybersecurity researchers have in the past said that China’s government was behind cyber espionage campaigns against various corporations dating back as far as 2005, but China has vehemently denied those allegations. Alperovitch said this is the first time the Russian government has been linked to cyber intrusions on companies.

Governments have been using computer networks to spy on each other for more than 30 years in the type of surveillance programs conducted by virtually every nation, according to CrowdStrike. It is only in the past decade that some nations have started using cyber espionage as a platform for gaining data to help promote their national economic interests, according to Alperovitch.

CrowdStrike has been following the activities of the Russian group of hackers, which it dubbed “Energetic Bear,” for two years. The firm believes the Russian government is behind the campaign because of technical indicators, as well as analysis of the targets chosen and the data stolen, according to Alperovitch.

“We are very confident about this,” he said. Victims include European energy companies, defense contractors, technology companies and government agencies, according to the CrowdStrike report.

Manufacturing and construction firms in the United States, Europe and Middle East as well as U.S. healthcare providers were also cited as targets in the report that was posted on the web early on Wednesday morning, here

CrowdStrike described the activities of the Energetic Bear hackers in its annual cyber threat report, released on Wednesday. It also documented attacks by hacking groups in China and Iran and described the activities of the activist Syrian Electronic Army.

Alperovitch, who is of Russian ethnic origin and now lives in the Washington, D.C., area, is an expert on cyber espionage who rose to prominence while working for McAfee Inc. While there he managed a team of researchers who produced a landmark January 2010 report that described how Chinese hackers had launched an unprecedented series of attacks known as “Operation Aurora” on Google Inc and dozens of other companies.

In 2012, he co-founded CrowdStrike, which collects intelligence about the activities of hacking groups around the world and sells software to thwart such attacks.

He told Reuters that the data his firm has obtained about Energetic Bear suggests that authorities in Moscow have decided to start using cyber espionage to promote Russia’s national economic interests.

“They are copying the Chinese play book,” he said. “Cyber espionage is very lucrative for economic benefit to a nation.”

Source : Reuters

About these ads

FBI warns that Anonymous has hacked US government sites for a year

Activist hackers linked to the collective known as Anonymous have secretly accessed U.S. government computers in multiple agencies and stolen sensitive information in a campaign that began almost a year ago, the FBI warned this week.

The hackers exploited a flaw in Adobe Systems Inc’s software to launch a rash of electronic break-ins that began last December, then left “back doors” to return to many of the machines as recently as last month, the Federal Bureau of Investigation said in a memo seen by Reuters.

FBI Warns Anonymous

FBI Warns Anonymous

The memo, distributed on Thursday, described the attacks as “a widespread problem that should be addressed.” It said the breach affected the U.S. Army, Department of Energy, Department of Health and Human Services, and perhaps many more agencies.

Investigators are still gathering information on the scope of the cyber campaign, which the authorities believe is continuing. The FBI document tells system administrators what to look for to determine if their systems are compromised.

An FBI spokeswoman declined to elaborate.

According to an internal email from Energy Secretary Ernest Moniz’ chief of staff, Kevin Knobloch, the stolen data included personal information on at least 104,000 employees, contractors, family members and others associated with the Department of Energy, along with information on almost 2,0000 bank accounts.

The email, dated October 11, said officials were “very concerned” that loss of the banking information could lead to thieving attempts.

Officials said the hacking was linked to the case of Lauri Love, a British resident indicted on October 28 for allegedly hacking into computers at the Department of Energy, Army, Department of Health and Human Services, the U.S. Sentencing Commission and elsewhere.

Investigators believe the attacks began when Love and others took advantage of a security flaw in Adobe’s ColdFusion software, which is used to build websites.

Adobe spokeswoman Heather Edell said she was not familiar with the FBI report. She added that the company has found that the majority of attacks involving its software have exploited programs that were not updated with the latest security patches.

The Anonymous group is an amorphous collective that conducts multiple hacking campaigns at any time, some with a few participants and some with hundreds. In the past, its members have disrupted eBay’s Inc PayPal after it stopped processing donations to the anti-secrecy site Wikileaks. Anonymous has also launched technically more sophisticated attacks against Sony Corp and security firm HBGary Federal.

Some of the breaches and pilfered data in the latest campaign had previously been publicized by people who identify with Anonymous, as part of what the group dubbed “Operation Last Resort.”

Among other things, the campaigners said the operation was in retaliation for overzealous prosecution of hackers, including the lengthy penalties sought for Aaron Swartz, a well-known computer programmer and Internet activist who killed himself before a trial over charges that he illegally downloaded academic journal articles from a digital library known as JSTOR.

Despite the earlier disclosures, “the majority of the intrusions have not yet been made publicly known,” the FBI wrote. “It is unknown exactly how many systems have been compromised, but it is a widespread problem that should be addressed.”

12-year-old boy admits to hacking government sites for Anonymous

  • The boy, from Montreal, Canada, gained access to multiple sites, including that of the Chilean government, and ‘bombarded them with requests to consume so much of its resources that they become unusable’, court was told

  • He was working for hacking group Anonymous during the Quebec student uprising of 2012

  • Lawyers say the boy was not politically motivated but saw it ‘as a challenge’

  • He also taught others how to hack

A 12-year-old Canadian boy has pleaded guilty to hacking government and police websites during the 2012 student uprising in Quebec under affiliation with the Anonymous brand of hacktivists.

According to the Toronto Sun, the fifth grader, who lives in the Montreal suburb of Notre-Dame-de-Grâce, appeared in youth court on Thursday, accompanied by his father.

12 year old anonymous

12 year old anonymous

The boy pleaded guilty to three charges related to hacking websites that included those of Montreal police, the Quebec Institute of Public Health, the Chilean government and some non-public sites.

The attacks took some of the sites offline for up to two days, at what police estimated as a cost of $60,000 in damages. A more detailed report will be handed over next month when the boy is sentenced, according to the Toronto Sun.

The student uprising of spring 2012, which lasted into that fall, was sparked by outrage at a proposed tuition hike and spiraled into a have v. have-nots version of Occupy Wall Street, marked by the use of Molotov cocktails on one occasion, police use of rubber bullets and tear gas, and serious injuries to both police and protesters.

Be that as it may, the boy’s lawyer told the court that the 12-year-old’s actions in hacking the sites weren’t politically motivated:

He saw it as a challenge, he was only 12 years old. … There was no political purpose.

The paper reports that the young hacker has been involved with computers since he was 9.

The court was told that the targeted sites suffered three types of attack:

  • Distributed denial of service (DDoS) attack: An attack wherein the aggressors bombard a target with requests designed to consume so much of its resources that it becomes unusable.
  • Defacement of pages. See Pastebin for a message posted on the Montreal police’s website in French and English.
  • Exploiting security holes in order to access database servers.

Others have reportedly been arrested for the attacks, but it was the boy who opened the door to enable them, the court was told.

The young hacker reportedly managed to get at personal information belonging to the sites’ users and administrators.

According to the Toronto Sun, he traded the pirated information to Anonymous in exchange for video games.

He also taught others how to hack, police experts told the court, though he reportedly warned them against going overboard, lest they get caught.

The Toronto Sun says that the court heard testimony from somebody who said that the tween put it this way:

It's easy to hack but do not go there too much, they will track you down.

I guess he went there too much, because they certainly did track him down.

Is he the youngest hacker ever to be caught?

Mafiaboy – the Canadian hacker who DOS’ed Yahoo, eBay and E*TRADE wound up in jail at the tender age of 15.

Canada: they grow more than maple trees up there!

Michael Calce – Mafiaboy’s real name – would go on to write in his book – “Mafiaboy: A Portrait of the Hacker as a Young Man” – that the attacks he unleashed in 2000 were “illegal, reckless and, in many ways, simply stupid.”

He wrote:

At the time, I didn't realize the consequences of what I was doing.

Calce wound up pleading guilty to 56 counts stemming from hacking and attacking the sites and was sentenced to eight months in “open custody” at a rehabilitation home for youths, with another year spent on probation.

Parents, are your kids extremely talented with computers?

What are you doing to ensure they’re chatting rather than DDoSing? Programming for good instead of draining databases like some kind of cyber Dracula?

Please feel free to share with us how, exactly, you’re managing to rein in technical talent so you and your child stay out of court.

Colombian Government Website Hacked in Support of Boyaca Protests

Hundreds of thousands of farmers from eleven of Colombia’s departments are protesting these days against the government. The protesters are unhappy that the government has failed to help the farming and agricultural sector.

Colombian Government Website Hacked

Colombian Government Website Hacked

Hacktivists of the Anonymous movement have joined the protests in Boyaca, which, according to the BBC, is one of the most affected provinces. They’ve hacked and defaced the official website of Santander’s General Comptroller of North Department (contraloriands.gov.co).

On the defacement page, the hackers wrote the following message: “President Santos is lying! Boyaca is in crisis, these are it’s leaders orders.”

The message is accompanied by several videos and a link that points to an article regarding the human rights violations in Boyaca.

At the time of writing, the website still hosts the defacement page added by the hackers.

Dalai Lama’s China website hacked, infects others: Kaspersky

The Chinese-language website of the Tibetan government-in-exile, whose spiritual head is the Dalai Lama, has been hacked and infected with viruses.

Experts at computer security company Kaspersky Lab warned that the Central Tibetan Administration (CTA) site had been compromised.

It is believed the malicious software could be used to spy on visitors.

Technical evidence suggests the hackers carried out previous cyber-attacks on human rights groups in Asia.

Dalai Lama's Chinese website hacked and infected

Dalai Lama’s Chinese website hacked and infected

Tibet.net is the official website of the CTA, which is based in Dharamshala, northern India.

The organisation’s spiritual leader is the 14th Dalai Lama, who fled Tibet in 1959 after a failed anti-Chinese uprising, and set up a government-in-exile. China considers the Dalai Lama a separatist threat.

Constant threat

Kaspersky says the CTA website has been under constant attack from the same group of hackers since 2011, but previous breaches have been quietly identified and repaired before attracting significant attention.

Other Tibetan organisations, such as the International Campaign for Tibet, have also been targeted.

Kaspersky Lab researcher Kurt Baumgartner says the hackers used a method known as a “watering-hole attack”.

A security bug in Oracle’s Java software might have been exploited, giving hackers a “back door” into browsers’ computers.

“This is the initial foothold,” Mr Baumgartner said. “From there they can download arbitrary files and execute them on the system.”

Kaspersky’s education manager Ram Herkanaidu said the discovery of the attack came after an “email account of a prominent Tibetan activist was hacked“.

Mr Herkanaidu added: “The likely actors behind the sustained campaign against Tibetan sites are Chinese speaking, as in many cases we have seen log files written in Chinese.”

Anonymous hackers launch massive cyber assault on Israel Cyberspace, #OpIsrael

Anonymous perpetrated a widespread attack on Israel for the second time and have threatened to wipe Israel from the cyberspace. The attacks are supposedly retaliation for the inhumane treatment of Palestinians at the hand of Israeli government. In fact a lot of the websites operated by the Israeli government were not accessible on Sunday.

Anonymous hackers launch massive cyber assault on Israel Cyberspace

Anonymous hackers launch massive cyber assault on Israel Cyberspace

The group had warned of the attack in a video pasted on YouTube and gave a message to the Israel government that “You have NOT stopped your endless human right violations. You have NOT stopped illegal settlements. You have NOT respected the ceasefire. You have shown that you do NOT respect international law.”

Moreover, the collective warned that on the 7th of April, “elite cyber-squadrons from around the world have decided to unite in solidarity with the Palestinian people against Israel as one entity to disrupt and erase Israel from cyberspace.” A group affiliated with the Anonymous calling themselves the N4m3le55 cr3w had stated on stated on Saturday that they have made all the preparations for a massive attack and that they “have gathered 600 websites and 100 plus servers we will be attacking” throughout Israel. The list includes banks, schools, businesses and a host of prominent government websites. “That is just our targets,”  and added that “We cannot speak on what the rest of Anonymous will be attacking but we can guarantee it will be in the 1000′s.”

The attacks fall on the eve of Holocaust Memorial day in Israel and Anonymous has accused the Israeli state of human rights violations, and ill treatment of its own people and neighboring countries.

Apparently the group claimed on Saturday to have brought down the sites of the Prime Minister’s office, the Central Bureau of Statistics, Israel Securities Authority, and other sites such as the Education ministry and the defense ministry seem to have been affected as well though the government is ardently denying these claims.

The expert opinion on these attacks seems to be divided as some of them are taking these attacks as a serious threat and have advised preventive steps. But there are others who believe that the worst that the hackers can do is to carry out DDoS attacks, which are not really a big threat as such.

However, more than 700 websites have been affected and defaced in the cyber attacks.

Yitzhak ben Yisrael, of the National Cyber Bureau is of the opinion that the hackers have failed in their attempt to bring down major sites. He said that “So far it is as was expected, there is hardly any real damage,”. He also added that “Anonymous doesn’t have the skills to damage the country’s vital infrastructure. And if that was its intention, then it wouldn’t have announced the attack ahead of time. It wants to create noise in the media about issues that are close to its heart,”

Well, this is the second instance that Israel has been attacked by the Anonymous and even if the government is downplaying the damage done by the attack, it is commendable on part of Anonymous to have brought down a country which is well known for launching cyber attacks on other countries.