Category Archives: cybercrime

NSA officials worried about the day its potent hacking tool would get loose. Then it did

The Washington Post reports: When the National Security Agency began using a new hacking tool called EternalBlue, those entrusted with deploying it marveled at both its uncommon power and the widespread havoc it could wreak if it ever got loose.

Some officials even discussed whether the flaw was so dangerous they should reveal it to Microsoft, the company whose software the government was exploiting, according to former NSA employees who spoke on the condition of anonymity given the sensitivity of the issue.

But for more than five years, the NSA kept using it — through a time period that has seen several serious security breaches — and now the officials’ worst fears have been realized. The malicious code at the heart of the WannaCry virus that hit computer systems globally late last week was apparently stolen from the NSA, repackaged by cybercriminals and unleashed on the world for a cyberattack that now ranks as among the most disruptive in history. [Continue reading…]


Russian espionage piggybacks on a cybercriminal’s hacking

The New York Times reports: To the F.B.I., Evgeniy M. Bogachev is the most wanted cybercriminal in the world. The bureau has announced a $3 million bounty for his capture, the most ever for computer crimes, and has been trying to track his movements in hopes of grabbing him if he strays outside his home turf in Russia.

He has been indicted in the United States, accused of creating a sprawling network of virus-infected computers to siphon hundreds of millions of dollars from bank accounts around the world, targeting anyone with enough money worth stealing — from a pest control company in North Carolina to a police department in Massachusetts to a Native American tribe in Washington.

In December, the Obama administration announced sanctions against Mr. Bogachev and five others in response to intelligence agencies’ conclusions that Russia had meddled in the presidential election. Publicly, law enforcement officials said it was his criminal exploits that landed Mr. Bogachev on the sanctions list, not any specific role in the hacking of the Democratic National Committee.

But it is clear that for Russia, he is more than just a criminal. At one point, Mr. Bogachev had control over as many as a million computers in multiple countries, with possible access to everything from family vacation photographs and term papers to business proposals and highly confidential personal information. It is almost certain that computers belonging to government officials and contractors in a number of countries were among the infected devices. For Russia’s surveillance-obsessed intelligence community, Mr. Bogachev’s exploits may have created an irresistible opportunity for espionage. [Continue reading…]


Top Russian cybercrimes agent arrested on charges of treason

The New York Times reports: A senior official in the Russian cyberintelligence department that American officials say oversaw last year’s election hacking has been arrested in Moscow on charges of treason, a Russian newspaper reported Wednesday.

The arrest of Sergei Mikhailov, a senior officer of the Federal Security Service, or F.S.B., the main successor agency to the K.G.B., is a rare instance of turmoil in the country’s usually shadowy cybersecurity apparatus slipping into public view.

Mr. Mikhailov served in the F.S.B.’s Center for Information Security, the agency’s cyberintelligence branch, which has been implicated in the American election hacking. But it is not clear whether the arrest was related to those intrusions.

He was detained along with one of Russia’s leading private-sector cybersecurity experts, Ruslan Stoyanov, the head of computer incident response investigations at the Kaspersky Lab, which makes antivirus programs.

The company confirmed in a statement that Mr. Stoyanov had been arrested, but said his arrest “has nothing to do with Kaspersky Lab and its operations.”

Still, the arrests of the men, who had cooperated in Russia to prosecute cybercriminals, shed light on the intersection of cybercrime, private antivirus companies and the Russian security services. [Continue reading…]


Why the internet of things is the new magic ingredient for cyber criminals

John Naughton writes: Brian Krebs is one of the unsung heroes of tech journalism. He’s a former reporter for the Washington Post who decided to focus on cybercrime after his home network was hijacked by Chinese hackers in 2001. Since then, he has become one of the world’s foremost investigators of online crime. In the process, he has become an expert on the activities of the cybercrime groups that operate in eastern Europe and which have stolen millions of dollars from small- to medium-size businesses through online banking fraud. His reporting has identified the crooks behind specific scams and even led to the arrest of some of them.

Krebs runs a blog – Krebs on Security – which is a must-read for anyone interested in these matters. Sometimes, one fears for his safety, because he must have accumulated so many enemies in the dark underbelly of the net. And last Tuesday one of them struck back.

The attack began at 8pm US eastern time, when his site was suddenly hit by a distributed denial of service (DDoS) attack. This is a digital assault in which a computer server is swamped by trivial requests that make it impossible to serve legitimate ones. The attack is called a distributed one because the noxious pings come not from one location, but from computers located all over the world that have earlier been hacked and organised into a “botnet”, which can then direct thousands or millions of requests at a targeted server in order to bring it down. Think of it as a gigantic swarm of electronic hornets overwhelming a wildebeest.

DDoS attacks are a routine weapon in the cybercriminal’s armoury. They are regularly used, for example, to blackmail companies, which then pay a ransom to have the hornets called off. They’re a useful tool because it’s very difficult to pinpoint the individuals or groups that have assembled a particular botnet army. And in the past Krebs has had to deal with DDoS attacks that were probably launched by people who were not amused by the accuracy of his investigative reporting.

Last Tuesday’s attack was different, however – in two respects. The first was its sheer scale. It got so bad that even Akamai, the huge content delivery network that handles 15-30% of all web traffic, had to tell Krebs that it couldn’t continue to carry his blog because the attack was beginning to affect all its other customers. So he asked them to redirect all traffic heading for to the internet’s equivalent of a black hole. This meant that his site effectively disappeared from the web: a courageous and independent voice had been silenced. [Continue reading…]


How to run a Russian hacking ring

Kaveh Waddell writes: A man with intense eyes crouches over a laptop in a darkened room, his face and hands hidden by a black ski mask and gloves. The scene is lit only by the computer screen’s eerie glow.

Exaggerated portraits of malicious hackers just like this keep popping up in movies and TV, despite the best efforts of shows like Mr. Robot to depict hackers in a more realistic way. Add a cacophony of news about data breaches that have shaken the U.S. government, taken entire hospital systems hostage, and defrauded the international banking system, and hackers start to sound like omnipotent super-villains.

But the reality is, as usual, less dramatic. While some of the largest cyberattacks have been the work of state-sponsored hackers — the OPM data breach that affected millions of Americans last year, for example, or the Sony hack that revealed Hollywood’s intimate secrets​ — the vast majority of the world’s quotidian digital malice comes from garden-variety hackers.

And for many of those cybercriminals, hacking is as unglamorous as any other business. That’s what a group of security researchers found when they infiltrated a ring of hackers based in Russia earlier this year, and monitored its dealings over the course of five months.

The researchers were with Flashpoint, an American cybersecurity company that investigates threats on the dark and deep web. Their undercover operation began when they came across a post on a Russian hacker forum on the dark web — a part of the internet that’s inaccessible to regular browsers — that read very much like a get-rich-quick ad you might find on Facebook. [Continue reading…]


The human side of cybercrime

M. Mitchell Waldrop writes: Say what you will about cybercriminals, says Angela Sasse, “their victims rave about the customer service”.

Sasse is talking about ransomware: an extortion scheme in which hackers encrypt the data on a user’s computer, then demand money for the digital key to unlock them. Victims get detailed, easy-to-follow instructions for the payment process (all major credit cards accepted), and how to use the key. If they run into technical difficulties, there are 24/7 call centres.

“It’s better support than they get from their own Internet service providers,” says Sasse, a psychologist and computer scientist at University College London who heads the Research Institute in Science of Cyber Security. That, she adds, is today’s cybersecurity challenge in a nutshell: “The attackers are so far ahead of the defenders, it worries me quite a lot.”

Long gone are the days when computer hacking was the domain of thrill-seeking teenagers and college students: since the mid-2000s, cyberattacks have become dramatically more sophisticated. Today, shadowy, state-sponsored groups launch exploits such as the 2014 hack of Sony Pictures Entertainment and the 2015 theft of millions of records from the US Office of Personnel Management, allegedly sponsored by North Korea and China, respectively. ‘Hacktivist’ groups such as Anonymous carry out ideologically driven attacks on high-profile terrorists and celebrities. And a vast criminal underground traffics in everything from counterfeit Viagra to corporate espionage. By one estimate, cybercrime costs the global economy between US$375 billion and $575 billion each year. [Continue reading…]


Putin’s mafia statecraft

Brian Whitmore writes: In the past couple years, Russian hackers have launched attacks on a French television network, a German steelmaker, the Polish stock market, the White House, the U.S. House of Representatives, the U.S. State Department, and The New York Times.

And according to press reports citing Western intelligence officials, the perpetrators weren’t rogue cyber-pranksters. They were working for the Kremlin.

Cybercrime, it appears, has become a tool of Russian statecraft. And not just cybercrime.

Vladimir Putin’s regime has become increasingly adept at deploying a whole range of practices that are more common among crime syndicates than permanent members of the UN Security Council.

In some cases, as with the hacking, this involves the Kremlin subcontracting organized crime groups to do things the Russian state cannot do itself with plausible deniability. And in others, it involves the state itself engaging in kidnapping, extortion, blackmail, bribery, and fraud to advance its agenda. [Continue reading…]


Bank hackers find haven in Putin’s Russia

The Hill reports: The diplomatic standoff between the United States and Russian President Vladimir Putin is hobbling efforts to prosecute cyber crime against American banks.

Russian hackers played a major role in the newly exposed worldwide cyber heist, where thieves learned how to imitate bank employees to withdraw more than $1 billion from 100 banks.

While analysts suspect the heist originated in Ukraine and Eastern Europe, that information is of little use to American law enforcement officials who are getting no help from Moscow when it comes to catching cyber thieves.

“Trying to get cooperation from law enforcement in that area is, in many cases, actively hampered by the Russian government,” said Stu Sjouwerman, CEO of cybersecurity training firm KnowBe4, which most often works with banks.

“Given the current relationship between the United States and Russia, [cooperation] does not seem likely,” added Peter Toren, a cyber crime attorney who was part of the Department of Justice’s original batch of computer crimes prosecutors.

Last August, Russian digital thieves were blamed for the cyber attack on JPMorgan that exposed sensitive data on over 83 million households. Reportedly, the same attack infiltrated up to nine other major banks.

“Harassment of U.S. financial firms is just part of the bigger picture and it is the price of business to some degree,” Sjouwerman said.

Experts believe much of the hacking occurs either at the behest of Putin’s government, or with its tacit approval. Some speculated the JPMorgan hit was retaliation for the new U.S. sanctions that were slapped on Russia as the country amassed troops on the Ukraine border. [Continue reading…]

Wade Williamson writes: For several years now, cybercrime in the financial sector was synonymous with banking botnets such as Zeus and Carberp. By and large, these malware families and their many descendants worked by infecting banking customer’s computers and either stealing passwords or manipulating online banking sessions to steal funds.

A recent report from Kaspersky Lab shows that criminals have significantly raised their game with a new strategy focused on infiltrating and stealing directly from more than 100 different banks. Kaspersky named the operation the Carbanak APT and early estimates put losses in the range of $1 billion USD.

As you might expect, robbing a bank can be more lucrative than stealing from its customers. Even highly successful Zeus operations would typically net in the range of $100 million USD or less. Carberp, the banking botnet progenitor of Carbanak, was estimated to have earned a total of $250 million over years of use in the wild. This makes the $1 billion dollar Carbanak heist one of the most successful financial cybercrimes in history. [Continue reading…]


Bank hackers steal millions via malware

The New York Times reports: In late 2013, an A.T.M. in Kiev started dispensing cash at seemingly random times of day. No one had put in a card or touched a button. Cameras showed that the piles of money had been swept up by customers who appeared lucky to be there at the right moment.

But when a Russian cybersecurity firm, Kaspersky Lab, was called to Ukraine to investigate, it discovered that the errant machine was the least of the bank’s problems.

The bank’s internal computers, used by employees who process daily transfers and conduct bookkeeping, had been penetrated by malware that allowed cybercriminals to record their every move. The malicious software lurked for months, sending back video feeds and images that told a criminal group — including Russians, Chinese and Europeans — how the bank conducted its daily routines, according to the investigators.

Then the group impersonated bank officers, not only turning on various cash machines, but also transferring millions of dollars from banks in Russia, Japan, Switzerland, the United States and the Netherlands into dummy accounts set up in other countries. [Continue reading…]


Lessons from the Sony hack

Peter W. Singer and Allan Friedman write: The hack of Sony has often been lumped in with stories ranging from run of the mill online credit card theft to the Target, Home Depot and JP Morgan breaches to the time that Iranian-linked hackers allegedly “erased data on three-quarters of Aramco’s corporate PCs.” In fact, most of these crimes have little more in common than the fact that they were committed using computers. It’s a lot like lumping together every incident in New York that involves a gun, whether it’s a bank robbery, a murder or a football player accidentally shooting himself.

What made the Sony hack distinct is that it mixed an evidently organized effort, using advanced tools (what is known as an “advanced persistent threat”) that some have linked to the North Korean state, but with the goal of maximizing attention and embarrassment for the target. That is, they weren’t a few hackers phishing after any target, nor were they trying to keep quiet, so that they could continue to secretly exfiltrate data. Rather, they appear to have wanted to cause havoc — and make sure everyone knew.

Differentiating between these kinds of threats is critical, because different risks require different types of responses. The claims some have made that the Sony hack is an act of “cyberterrorism” are a case in point. The FBI definition of cyberterrorism requires “an act that results in violence,” which stealing scripts about James Bond carrying out acts of violence wouldn’t meet. This also applies to the recent threats by the hackers to create 9/11 style events at any movie theater that shows the film. Rapidly becoming an illustration on how not to handle online threats, virtually all the major U.S. theater companies have now said they won’t show the movie. Yet the ability to steal gossipy celebrity emails is clearly not the same as having the capacity to undertake physical attacks at thousands of movie theaters across the country. So, at least based on their actions so far, the “bitter fate” the hackers promised moviegoers is most likely to be the price they pay for popcorn. [Continue reading…]


Who hacked Sony? It probably wasn’t North Korea

Regardless of who is responsible, the president views this as a serious national security matter — that is a very close paraphrase of White House Press Secretary Josh Earnest answering questions this afternoon about the Sony hacking.

OK. That’s it. The United States can now be declared certifiably insane!

The hacking may well have nothing to do with North Korea — it may indeed involve disgruntled Sony employees — and yet this is a serious national security matter?!

The only way that claim could marginally make sense would be if one fudged the definition of national security and said that it should include cybercrime committed by Americans targeting Americans — though by that definition, all crime would thence become an issue of national security.

Hollywood, the media, and the public all like stories. Narratives convey meaning in its most easily digestible form: a plot.

Sony Pictures made a movie, The Interview — a political action comedy which ends with the assassination of North Korean leader Kim Jong-un — and the North Koreans didn’t think it was funny. Indeed, they were so outraged they set about trying to make sure the movie would never be released. By yesterday afternoon they seemed to have succeeded.

The problem with this story is it’s probably a work of fiction — and maybe that shouldn’t be any surprise, given its source.

There’s one compelling reason to believe that the real story here has nothing to do with North Korea: in all likelihood the hackers were busy at work before anyone in the Democratic People’s Republic had even heard of Seth Rogen and James Franco.

Sebastian Anthony writes:

The hackers managed to exfiltrate around 100 terabytes of data from Sony’s network — an arduous task that, to avoid detection, probably took months. Given how long it would’ve taken to gain access to Sony Pictures, plus the time to exfiltrate the data, I think the wheels started turning long before North Korea heard about The Interview.

Even if we take the movie out of the equation, the hack just doesn’t feel like something that would be perpetrated by a nation state. The original warnings and demands feel like the attacker has a much more personal axe to grind — a disenfranchized ex employee, perhaps, or some kind of hacktivist group makes more sense, in my eyes.

So far, the sole purpose behind the Sony Pictures hack appears to be destruction — the destruction of privacy for thousands of employees, and the destruction of Sony’s reputation. Much in the same way that murder is a crime of passion, so was the hack on Sony Pictures. Bear in mind that the hackers gained access to almost every single piece of data stored on Sony’s network, including the passwords to bank accounts and other bits of information and intellectual property that could’ve been sold to the highest bidder. The hackers could’ve made an absolute fortune, but instead opted for complete annihilation. This all feels awfully like revenge.

Really, though, the biggest indicator that it was an inside job is that the malware used during the attack used hard-set paths and passwords — the attacker knew the exact layout of the Sony Pictures network, and had already done enough legwork to discover the necessary passwords. This isn’t to say that North Korea (or another nation state) couldn’t have done the legwork, but it would’ve taken a lot of time and effort — perhaps months or even years. A far more likely option is that the attack was carried out by someone who already had access to (or at least knowledge of) the internal network — an employee, a contractor, a friend of an employee, etc.

Before the hacking became public, Sony executives received what looked like a fairly straightforward extortion demand — a demand that made no reference to The Interview.

In the digital variant of a note pasted together from letters cut out of a newspaper, the extortion note came in broken English.

We’ve got great damage by Sony Pictures.
The compensation for it, monetary compensation we want.
Pay the damage, or Sony Pictures will be bombarded as a whole.
You know us very well. We never wait long.
You’d better behave wisely.
From God’sApstls

Maybe there are indeed some telltale signs in the syntax or maybe the author took advantage of Google and Bing’s translation-mangling capabilities by writing in English, translating in Korean (or any other language) and then translating back into English.

If the story here is really about extortion, then to recast it as political probably serves the interests of all parties — including North Korea.

No corporation wants to be publicly exposed as having capitulated to extortion demands — it would much rather hand over the money in secret while portraying itself as a political victim of the hostile foreign government. The North Koreans get the double reward of being credited with a hugely successful act of cyberwar while also getting removed from Hollywood’s list of favorite countries to target. And the Obama administration is able to sidestep a much larger a thornier issue: how to protect the American economy from the relentlessly growing threat of from global cybercrime whose points of origin are notoriously difficult to trace.

Finally, there is another theory about the real identity and motive of the hackers: they are Sony employees begging that no more Adam Sandler movies be made.


U.S. links North Korea to Sony hacking

The New York Times reports: American officials have concluded that North Korea ordered the attacks on Sony Pictures’s computers, a determination reached as the studio decided Wednesday to cancel the release of a comedy movie about the assassination of Kim Jong-un that is believed to have led to the hacking.

Senior administration officials, who would not speak on the record about the intelligence findings, said the White House was still debating whether to publicly accuse North Korea of what amounts to a cyberterrorism campaign. Sony’s decision to cancel release of “The Interview” amounted to a capitulation to the threats sent out by hackers this week that they would launch attacks, perhaps on theaters themselves, if the movie was released.

Officials said it was not clear how the White House would decide to respond to North Korea. Some within the Obama administration argue that the government of Mr. Kim must be directly confronted, but that raises the question of what consequences the administration would threaten — or how much of its evidence it could make public without revealing details of how the United States was able to penetrate North Korean computer networks to trace the source of the hacking.

Others argue that a direct confrontation with the North over the threats to Sony and moviegoers might result in escalation, and give North Korea the kind of confrontation it often covets. Japan, for which Sony is an iconic corporate name, has argued that a public accusation could interfere with delicate diplomatic negotiations underway for the return of Japanese nationals kidnapped years ago.

The sudden urgency inside the administration over the Sony issue came after a new threat was delivered this week to desktop computers at Sony’s offices that if “The Interview” was released on Dec. 25, “the world will be full of fear.” It continued: “Remember the 11th of September 2001. We recommend you to keep yourself distant from the places at that time.”

Sony dropped its plan to release the film after the four largest theater chains in the United States — Regal Entertainment, AMC Theaters, Cinemark and Carmike Cinemas — and several smaller chains said they would not show the film. The cancellations virtually killed “The Interview” as a theatrical enterprise, at least in the near term, one of the first known instances of a threat from another nation pre-empting the release of a movie.

While intelligence officials have concluded that the cyberattack on Sony was both state sponsored and far more destructive than any seen before on American soil, there are still differences of opinion over whether North Korea was aided by Sony insiders with an intimate knowledge of the company’s computer systems. [Continue reading…]

Jason Koebler reports: North Korea has denied playing a role in the hack, but called it a “righteous deed.” There’s nothing, really, beyond hatred of The Interview, to tie Guardians of Peace [as the hackers have dubbed themselves] to North Korea, but it’s still a narrative that has played out in the media.

And it’s a narrative that both sides are happy to embrace, [cybersecurity expert Bruce] Schneier speculated in an interview with me. Sony execs can say they’ve been targeted by a dictatorship, and the hackers get to have some fun.

“It’s really a phenomenally awesome hack — they completely owned this company,” Schneier, who is regularly consulted by the federal government on security issues, said. “But, I think this is just a regular hack. All the talk, it’s hyperbole and a joke. They’re [threatening violence] because it’s fun for them — why the hell not? They’re doing it because they actually hit Sony, because they’re acting like they’re 12, they’re doing it for the lulz, no one knows why.”

“Everyone at Sony right now is trying not to get fired,” he added. “There are going to be a lot of firings for Sony at the end of this.” [Continue reading…]

A TMZ headline on Sony Pictures Chief Amy Pascal says ambiguously, “I’m going nowhere” — she’s staying or she’s finished?

Underlining her conviction that everyone inside Sony is blameless, Pascal told Bloomberg News: “I think continuity and support and going forward is what’s important now.” Continuity = no one gets fired. Support = no criticism. Going forward = don’t look back.

But screenwriter Aaron Sorkin is in no doubt about who deserves blame: the press.

If you close your eyes you can imagine the hackers sitting in a room, combing through the documents to find the ones that will draw the most blood. And in a room next door are American journalists doing the same thing. As demented and criminal as it is, at least the hackers are doing it for a cause. The press is doing it for a nickel.

The cause of the hackers being? To defend the image of Kim Jong-un?

I don’t buy it. Much more likely this is an ongoing test of power with the hackers flexing their muscles and now demonstrating that they have the power to torpedo the release of a movie that cost $44 million to produce.

What next?


Google’s Global Fishing Watch is using ‘manipulated data’

Unfortunately, data analysis is only as good as the data. Wired reports: Last week, Google, Oceana and SkyTruth announced they were launching a battle against overfishing everywhere. A noble pursuit, Global Fishing Watch combines interactive mapping technology and satellite data with the all-important Automatic Identification System (AIS) transmissions every tanker, passenger ship and commercial vessel above a certain size is mandated by the UN to send. Global Fishing Watch then visualises the routes taken, to show when a fishing boat strays into or lingers in waters it shouldn’t.

The only problem, maritime analytics company Windward tells us, is that any vessel engaging in illegal activities is gaming the system and manipulating AIS data. We can’t rely on what we’re seeing.

“Until 2012, AIS data was super reliable because it wasn’t commoditised. Nobody had it, so no one needed to clean the data or check it,” Ami Daniel, a former naval officer and cofounder of Windward, tells “Two years, there was suddenly so much data out there, so many open source portals like providing free access to [vessel positions] for everybody. People understood they were being looked at. Once that happened, spontaneously different industries started to manipulate the data.”

According to a report by Windward that looked at AIS data from mid-2013 to mid-2014, there has been a 59 percent increase in GPS manipulations. From July 2012 to August 2014, that data also showed: [Continue reading…]


‘You’re not anonymous anymore when you’re using Tor’

The Wall Street Journal reports: Law enforcement authorities across Europe and the U.S. shut dozens of illegal websites and arrested some operators, employing new and as yet unknown techniques to unmask those using an anonymity network.

Authorities said on Friday they made the arrests by piercing the anonymity offered by Tor, a network that relies on encryption tools and 1,000s of servers to mask online activities. Tor, which is partly funded by the U.S. government, is used by dissidents in authoritarian countries such as Iran, China and Saudi Arabia to access the Internet, but people operating and visiting websites that sell contraband also use it to conceal their identities.

Internet security experts said it was unlikely authorities had cracked Tor’s sophisticated encryption protocols. “If that were the case, the implications would be huge,” said an official with Welund Horizon, a London firm that provides intelligence on cybercrime to law-enforcement agencies and large corporations.

That law enforcement was able to locate Tor users is “a game changer,” said Ulf Bergstrom, a spokesman for Eurojust, the European Union’s legal coordination agency. “You’re not anonymous anymore when you’re using Tor.” [Continue reading…]


Maybe better if you don’t read this story on public WiFi

Maurits Martijn writes: The idea that public WiFi networks are not secure is not exactly news. It is, however, news that can’t be repeated often enough. There are currently more than 1.43 billion smartphone users worldwide and more than 150 million smartphone owners in the U.S. More than 92 million American adults own a tablet and more than 155 million own a laptop. Each year the worldwide demand for more laptops and tablets increases. In 2013, an estimated 206 million tablets and 180 million laptops were sold worldwide. Probably everyone with a portable device has once been connected to a public WiFi network: while having a coffee, on the train, or at a hotel.

The good news is that some networks are better protected than others; some email and social media services use encryption methods that are more secure than their competitors. But spend a day walking in the city with Wouter Slotboom, and you’ll find that almost everything and everyone connected to a WiFi network can be hacked. A study from threat intelligence consultancy Risk Based Security estimates that more than 822 million records were exposed worldwide in 2013, including credit card numbers, birth dates, medical information, phone numbers, social security numbers, addresses, user names, emails, names, and passwords. Sixty-five percent of those records came from the U.S. According to IT security firm Kaspersky Lab, in 2013 an estimated 37.3 million users worldwide and 4.5 million Americans were the victim of phishing — or pharming — attempts, meaning payment details were stolen from hacked computers, smartphones, or website users.

Report after report shows that digital identity fraud is an increasingly common problem. Hackers and cybercriminals currently have many different tricks at their disposal. But the prevalence of open, unprotected WiFi networks does make it extremely easy for them. The Netherlands National Cyber ​​Security Center, a division of the Ministry of Security and Justice, did not issue the following advice in vain: “It is not advisable to use open WiFi networks in public places. If these networks are used, work or financial related activities should better be avoided.”

Slotboom calls himself an “ethical hacker,” or one of the good guys; a technology buff who wants to reveal the potential dangers of the internet and technology. He advises individuals and companies on how to better protect themselves and their information. He does this, as he did today, usually by demonstrating how easy it is to inflict damage. Because really, it’s child’s play: The device is cheap, and the software for intercepting traffic is very easy to use and is readily available for download. “All you need is 70 Euros, an average IQ, and a little patience,” he says. I will refrain from elaborating on some of the more technical aspects, such as equipment, software, and apps needed to go about hacking people. [Continue reading…]


Most of top 100 cybercriminal programmers based in Russian-speaking world says Europol

BBC News reports: There are only “around 100” cybercriminal kingpins behind global cybercrime, according to the head of Europol’s Cybercrime Centre.

Speaking to the BBC’s Tech Tent radio show, Troels Oerting said that law enforcers needed to target the “rather limited group of good programmers”.

“We roughly know who they are. If we can take them out of the equation then the rest will fall down,” he said.

Although, he added, fighting cybercrime remained an uphill battle.

“This is not a static number, it will increase unfortunately,” he said.

“We can still cope but the criminals have more resources and they do not have obstacles. They are driven by greed and profit and they produce malware at a speed that we have difficulties catching up with.”

The biggest issue facing cybercrime fighters at the moment was the fact that it was borderless, he told the BBC.

“Criminals no longer come to our countries, they commit their crimes from a distance and because of this I cannot use the normal tools to catch them.

“I have to work with countries I am not used to working with and that scares me a bit,” he said.

The majority of the cybercrime “kingpins” were located in the Russian-speaking world, he said. [Continue reading…]