Category Archives: Cyber Issues

Bank hackers find haven in Putin’s Russia

The Hill reports: The diplomatic standoff between the United States and Russian President Vladimir Putin is hobbling efforts to prosecute cyber crime against American banks.

Russian hackers played a major role in the newly exposed worldwide cyber heist, where thieves learned how to imitate bank employees to withdraw more than $1 billion from 100 banks.

While analysts suspect the heist originated in Ukraine and Eastern Europe, that information is of little use to American law enforcement officials who are getting no help from Moscow when it comes to catching cyber thieves.

“Trying to get cooperation from law enforcement in that area is, in many cases, actively hampered by the Russian government,” said Stu Sjouwerman, CEO of cybersecurity training firm KnowBe4, which most often works with banks.

“Given the current relationship between the United States and Russia, [cooperation] does not seem likely,” added Peter Toren, a cyber crime attorney who was part of the Department of Justice’s original batch of computer crimes prosecutors.

Last August, Russian digital thieves were blamed for the cyber attack on JPMorgan that exposed sensitive data on over 83 million households. Reportedly, the same attack infiltrated up to nine other major banks.

“Harassment of U.S. financial firms is just part of the bigger picture and it is the price of business to some degree,” Sjouwerman said.

Experts believe much of the hacking occurs either at the behest of Putin’s government, or with its tacit approval. Some speculated the JPMorgan hit was retaliation for the new U.S. sanctions that were slapped on Russia as the country amassed troops on the Ukraine border. [Continue reading…]

Wade Williamson writes: For several years now, cybercrime in the financial sector was synonymous with banking botnets such as Zeus and Carberp. By and large, these malware families and their many descendants worked by infecting banking customer’s computers and either stealing passwords or manipulating online banking sessions to steal funds.

A recent report from Kaspersky Lab shows that criminals have significantly raised their game with a new strategy focused on infiltrating and stealing directly from more than 100 different banks. Kaspersky named the operation the Carbanak APT and early estimates put losses in the range of $1 billion USD.

As you might expect, robbing a bank can be more lucrative than stealing from its customers. Even highly successful Zeus operations would typically net in the range of $100 million USD or less. Carberp, the banking botnet progenitor of Carbanak, was estimated to have earned a total of $250 million over years of use in the wild. This makes the $1 billion dollar Carbanak heist one of the most successful financial cybercrimes in history. [Continue reading…]

Facebooktwittermail

Russian researchers expose breakthrough U.S. spying program

Reuters reports: The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world’s computers, according to cyber researchers and former operatives.

That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations.

Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists, Kaspersky said. (reut.rs/1L5knm0)

The firm declined to publicly name the country behind the spying campaign, but said it was closely linked to Stuxnet, the NSA-led cyberweapon that was used to attack Iran’s uranium enrichment facility. The NSA is the agency responsible for gathering electronic intelligence on behalf of the United States.

A former NSA employee told Reuters that Kaspersky’s analysis was correct, and that people still in the intelligence agency valued these spying programs as highly as Stuxnet. Another former intelligence operative confirmed that the NSA had developed the prized technique of concealing spyware in hard drives, but said he did not know which spy efforts relied on it. [Continue reading…]

Facebooktwittermail

Bank hackers steal millions via malware

The New York Times reports: In late 2013, an A.T.M. in Kiev started dispensing cash at seemingly random times of day. No one had put in a card or touched a button. Cameras showed that the piles of money had been swept up by customers who appeared lucky to be there at the right moment.

But when a Russian cybersecurity firm, Kaspersky Lab, was called to Ukraine to investigate, it discovered that the errant machine was the least of the bank’s problems.

The bank’s internal computers, used by employees who process daily transfers and conduct bookkeeping, had been penetrated by malware that allowed cybercriminals to record their every move. The malicious software lurked for months, sending back video feeds and images that told a criminal group — including Russians, Chinese and Europeans — how the bank conducted its daily routines, according to the investigators.

Then the group impersonated bank officers, not only turning on various cash machines, but also transferring millions of dollars from banks in Russia, Japan, Switzerland, the United States and the Netherlands into dummy accounts set up in other countries. [Continue reading…]

Facebooktwittermail

‘Cyber Caliphate’ unmasked as lone Algerian hacker

The Desk: A hacking collective calling itself the “Cyber Caliphate” that claims to be affiliated with the Islamic State militia is actually a lone hacker from Algeria with no connection to the terrorist group, The Desk has learned.

The revelation came following the compromise of a Twitter account used by Newsweek magazine on Tuesday. The attack was said to have been done in the name of the “Cyber Caliphate,” a group that has targeted other news organizations over the past few months in the name of the Islamic State.

But The Desk has learned the attacks are actually conducted by a lone Algeria-based hacker who goes by the alias “Poti Satz.” The hacker was once affiliated with a collective known as “Team System Dz,” which was active for a few months in 2014 before going dark in October.

Facebooktwittermail

‘CyberCaliphate’ hacks Newsweek Twitter account, threatens Obama

Reuters: Newsweek magazine’s Twitter account was the victim of hackers on Tuesday who posted a threat to U.S. President Barack Obama and his family and the words “CyberCaliphate” and “Je suis IS,” a reference to Islamic State and the French magazine Charlie Hebdo.

The group, which also took responsibility for hacking Pentagon social media accounts last month, tweeted “#CyberCaliphate Bloody Valentine’s Day #MichelleObama! We’re watching you, you girls and your husband!”

It also posted a message intended for the United States in retaliation for its actions in the Muslim world.

Facebooktwittermail

Privacy experts question Obama’s strategy to tackle cyber threats

The Guardian reports: Cybersecurity and digital privacy experts are questioning the need for Barack Obama’s latest bureaucratic initiative, a new agency spurred by the massive Sony hack that critics fear will expand the government’s role into monitoring online data networks on security grounds.

White House security adviser Lisa Monaco planned to unveil on Tuesday the Cyber Threat Intelligence Integration Center, the name of which speaks to its position within a US intelligence community whose ongoing, surreptitious reach over the internet has attracted global skepticism.

The remit of the new center, subordinate to the office of the director of national intelligence and modelled on the National Counterterrorism Center, is said to be the combination of the various intelligence, security and law enforcement agencies’ understanding and analysis of new or emerging malicious cyber-attacks.

Over the past five years, the administration has stood up new entities, such as the National Security Agency’s military twin US Cyber Command, or expanded the remit of others, like the Department of Homeland Security, to safeguard government – and increasingly civilian – networks.

“Given the number of other agencies that have cybersecurity threat integration responsibilities, it’s not clear that a new agency is needed,” said Greg Nojeim of the Center for Democracy and Technology. [Continue reading…]

Facebooktwittermail

How Assad’s hackers penetrate the Syrian opposition

FireEye reports: Cyber espionage is traditionally understood as a method aimed at achieving an information edge or a strategic goal. However, our research on malware activity related to the ongoing conflict in Syria indicates that such operations can provide actionable military intelligence for an immediate battlefield advantage. Today we release a new report “Behind the Syrian Conflict’s Digital Frontlines,” that documents a well-executed hacking operation that successfully breached the Syrian opposition.

Between at least November 2013 and January 2014, the hackers stole a cache of critical documents and Skype conversations revealing the Syrian opposition’s strategy, tactical battle plans, supply needs, and troves of personal information and chat sessions. This data belonged to the men fighting against Syrian President Bashar al-Assad’s forces, as well as media activists, humanitarian aid workers, and others within the opposition located in Syria, the region and beyond.

To undertake this operation, the threat group employed a familiar tactic: ensnaring its victims through conversations with seemingly sympathetic and attractive women. A female avatar would strike up a conversation on Skype and share a personal photo with her target. The photo was not only malware-laden but likely tailored to the victim’s device—an Android phone or a computer. Once the target downloaded the malware, the threat group accessed his device, rifled through files and selected and stole data identifying opposition members, their Skype chat logs and contacts, and scores of documents that shed valuable insight into the opposition. [Continue reading…]

Facebooktwittermail

NSA on and off the trail of the Sony hackers

After cybersleuth Barack Obama saw the evidence pointing at North Korea’s responsibility for the cyberattacks against Sony, “he had no doubt,” the New York Times melodramatically reports.

He had no doubt about what? That his intelligence analysts knew what they were talking about? Or that he too when presented with the same evidence was forced to reach the same conclusion?

I have no doubt that had Obama been told by those same advisers that North Korea was not behind the attacks, he would have accepted that conclusion. In other words, on matters about which he lacks the expertise to reach any conclusion, he relies on the expertise of others.

A journalist who tells us about the president having “no doubt” in such as situation is merely dressing up his narrative with some Hollywood-style commander-in-chief gravitas.

When one of the reporters in this case, David Sanger, is someone whose cozy ties to government extend to being “an old friend of many, many years” of Ashton Carter, whose nomination as the next Secretary of Defense is almost certain to be approved, you have to wonder whose interests he really serves. Those of his readership or those of the government?

Since Obama and the FBI went out on a limb by asserting that they had no doubt about North Korea’s role in the attacks, they have been under considerable pressure to provide some compelling evidence to back up their claim.

That evidence now comes courtesy of anonymous officials briefing the New York Times and another document from the Snowden trove of NSA documents.

Maybe the evidence really is conclusive, but there are still important unanswered questions.

For instance, as Arik Hesseldahl asks:

why, if the NSA had so fully penetrated North Korea’s cyber operations, did it not warn Sony that an attack of this magnitude was underway, one that apparently began as early as September.

Officials with the NSA and the White House did not immediately respond to requests for comment about the report. A Sony spokeswoman had no comment.

On the one hand we’re being told that the U.S. knew exactly who was behind the Sony attacks because the hackers were under close surveillance by the NSA, and yet at the same time we’re being told that although the NSA was watching the hackers it didn’t figure out what they were doing.

If Hollywood everyone decides to create a satire out of this, they’ll need to come up with a modern-day reworking of the kind of scene that would come straight out of Get Smart — the kind where Maxwell Smart, Agent 86, would be eavesdropping on conversation between his North Korean counterparts, the only problem being, that he doesn’t understand Korean.

The Times report refers to the North Korean hackers using an “attack base” in Shenyang, in north east China. This has been widely reported with the somewhat less cyber-sexy name of the Chilbosan Hotel whose use for these purposes has been known since 2004.

If the attackers wanted to avoid detection, it’s hard to understand why they would have operated out of a location that had been known about for that long and that could so easily be linked to North Korea.

It’s also hard to fathom that having developed its cyberattack capabilities over such an extended period, North Korea would want to risk so much just to try and prevent the release of The Interview.

Michael Daly claims that the regime “recognizes that Hollywood and American popular culture in general constitute a dire threat” — a threat that has apparently penetrated the Hermit Kingdom in the “especially popular” form of Desperate Housewives.

Daly goes on to assert:

a glimpse of Wisteria Lane is enough to give lie to the regime’s propaganda that North Koreans live in a worker’s paradise while its enemies suffer in grinding poverty, driven by envy to plot against Dear Leader.

Of course, as every American who has watched the show knows, Wisteria Lane represents anytown America and the cast could blend in unnoticed at any Walmart or shopping mall.

OK. I won’t deny that American propaganda is much more sophisticated than North Korea’s, but when an American journalist implies that Desperate Housewives offers ordinary North Koreans a glimpse into the lives of ordinary Americans, you have to ask: which population has been more perfectly been brainwashed?

In reality, the dire threat to the North Korean regime in terms of social impact comes not from American popular culture but from much closer: South Korean soap operas.

Facebooktwittermail

John McAfee: ‘I know who hacked Sony Pictures – and it wasn’t North Korea’

IBT: Anti-virus pioneer John McAfee claims to have been in contact with the group of hackers behind the devastating cyber-attack against Sony Pictures and guarantees they are not from North Korea.

Speaking to IBTimes UK about his current roster of security startups under his Future Tense brand – including secure messaging app Chadder – McAfee spoke about working with the FBI previously but said that, in this case, the agency was “wrong”.

“I can guarantee they are wrong. It has to do with a group of hackers – I will not name them – who are civil libertarians and who hate the confinement the restrictions the music industry and the movie industry has placed on art and so they are behind it.”

Sounds plausible — even more so if it was coming from a different source.

Facebooktwittermail

France: 19,000 websites hacked since Charlie Hebdo attack

Mashable: Hackers have attacked 19,000 French websites in the aftermath of the raid on the office of Charlie Hebdo, according to France’s cyberdefense chief.

The attacks were carried out by “more or less structured” groups, including some well-known Islamic hacking groups, Adm. Arnaud Coustilliere, head of the French Army’s cybersecurity department, told reporters on Thursday.

Coustilliere defined them as “defacement,” referring to common attacks in which hackers take control of a site and replace its content.

“That’s never been seen before.

It’s the first time that a country has been faced with such a large wave,” he said.

Facebooktwittermail

‘ISIS’ hackers love American folk-punk, don’t know the name of their own terror group

The Daily Beast: A group calling itself the Cyber Caliphate hacked the Twitter and YouTube accounts for the U.S. military’s Central Command on Monday. “I Love you ISIS,” the group posted atop CENTCOM’s Twitter page, along with threats to American soldiers and a cache of documents it claimed to have hacked.

But all is not what it seems with the cyber jihadis. Privately, defense officials told The Daily Beast they were skeptical that the hacking was conducted by ISIS but said it was too early to say who carried out the attack.

And there are early signs that the Cyber Caliphate may be more of a ruse than a group of hardline Islamic extremists. One of the seven Twitter accounts it followed was “Andrew Jackson Jihad,” a folk punk bank from the American Southwest.

Facebooktwittermail

Obama gives speech on cybersecurity… @CENTCOM gets hacked

The Guardian reports: Barack Obama on Monday unveiled a slew of initiatives to improve Americans’ data security.

In a speech at the Federal Trade Commission, the president outlined proposals aimed at improving student data protection and protecting Americans’ financial health. They will, however, require approval from the Republican-majority Congress, which has already received three veto threats from the White House in less than a week in session.

“As we’ve all been reminded over the past year, including the hack of Sony, this extraordinary interconnection creates enormous opportunities but also creates enormous vulnerabilities for us as a nation,” Obama said.

Wired reports: Twitter and YouTube accounts belonging to the military’s US Central Command were hacked on Monday. Hackers supportive of the terrorist group Islamic State, also known as ISIS, took credit and issued a warning to the US military.

“AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK. ISIS,” the hackers tweeted through the account for the US Central Command, which is the military command for the Middle East, North Africa, and Central Asia. The tweet included a link to a statement that read in part:

“While the US and its satellites kill our brothers in Syria, Iraq and Afghanistan we broke into your networks and personal devices and know everything about you,” it read. “You’ll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base. With Allah’s permission we are in CENTCOM now. We won’t stop! We know everything about you, your wives and children. U.S. soldiers! We’re watching you!”

The group also replaced the Twitter profile image with an image of a person wearing a black and white keffiyeh, and the text CyberCaliphate and “i love you isis.”

Forty minutes after the first hacked tweet, Twitter suspended the account.

According to news reports, the hackers also posted images of spreadsheets that purported to contain the home addresses and other contact information for retired US Army generals and other images purporting to be US military maps and plans. The Pentagon appeared to confirm the authenticity of the information, telling reporters that the exposed information was not classified and that the images came not from the government but from the Massachusetts Institute of Technology. [Continue reading…]

The Washington Post adds: It is not clear whether the hackers are actually with the Islamic State, sympathizers with the militants, or simply pulling a prank on the Pentagon. But J.M. Berger, an analyst and non-resident fellow with the Brookings Institution, said there is reason to believe it could be someone affiliated directly with the Islamic State.

“ISIS has a team of hackers who are very deeply involved in ISIS the organization,” said Berger, author of the forthcoming book “ISIS: The State of Terror.”

“They have been practicing and recruiting for a while, and this has been going on for months and months,” Berger said.

But analysts added that just because the Islamic State hacked two social media accounts, it does not mean they threatened classified computer networks. Other hacker organizations, like the Syrian Electronic Army, have seized control of websites, and a group using the same “CyberCaliphate” name and photo seen in the hack against Centcom on Monday hacked the Twitter accounts of the Albuquerque Journal in New Mexico and the WBOC TV station in Salisbury, Md., last week.

“Let’s remember this is a social media account,” said Peter Singer, a strategist and analyst with the New American Foundation in Washington, of the attacks on Monday. “This is not a military command and control network. This is not a network that moves classified or even non-classified internal information back and forth. Essentially what they did is for several minutes take control of the megaphone.”

But Singer said the incident does amount to a public relations victory for the Islamic State, even if they were not directly involved. Embarrassing the U.S. government “is a feather in their cap in terms of pulling off something that other groups have not been able to do, no matter how silly it is at the end of the day.”

Whoever hacked the @CENTCOM account, there’s reason to doubt they are closely tied to ISIS — even though ISIS and its supporters will view this as a propaganda victory and make hyperbolic claims like “the landscape of jihad has changed.”

It turns out that the hackers posted pornographic photos:

Facebooktwittermail

Former CBS News reporter sues U.S. government over computer intrusions

The Washington Post reports: For months and months, former CBS News investigative correspondent Sharyl Attkisson played an agonizing game of brinkmanship regarding her privacy: She strongly suggested that the federal government was behind a series of intrusions into her personal and work computers, though she has consistently hedged her wording to allow some wiggle room. In May 2013, for example, she told a Philadelphia radio host that there could be “some relationship” between her technology intrusions and the government snooping on Fox News reporter James Rosen. And in her book “Stonewalled,” she cites a source as saying that the breaches originated from a “sophisticated entity that used commercial, nonattributable spyware that’s proprietary to a government agency: either the CIA, FBI, the Defense Intelligence Agency, or the National Security Agency (NSA).”

No more wiggling around. Attkisson has filed a lawsuit in D.C. Superior Court, alleging the U.S. government’s “unauthorized and illegal surveillance of the Plaintiff’s laptop computers and telephones from 2011-2013.” The suit lists as plaintiffs Attkisson, who resigned from CBS last year, her husband, James Attkisson, and daughter Sarah Judith Starr Attkisson. Defendants include Attorney General Eric Holder and Postmaster General Patrick Donahoe as well as “UNKNOWN NAMED AGENTS OF the UNITED STATES, in their individual capacities.” Those folks, the suit alleges, violated several constitutional rights, including freedom of the press, freedom of expression and freedom from “unreasonable searches and seizures.”

The complaint lays out a narrative familiar to close readers of “Stonewalled.” It speaks of Attkisson’s work for CBS throughout 2011 in uncovering facts about the U.S. government’s “Fast and Furious” gun-walking operation. Roundabout mid- to late-2011, notes the complaint, the Attkissons “began to notice anomalies” in how various electronic devices were operating in the household. “These anomalies included a work Toshiba laptop computer and a family Apple desktop computer turning on and off at night without input from anyone in the household, the house alarm chirping daily at difference times, often indicating ‘phone line trouble,’ and television problems, including interference,” notes the complaint. [Continue reading…]

Facebooktwittermail

We still don’t know who hacked Sony

Bruce Schneier writes: If anything should disturb you about the Sony hacking incidents and subsequent denial-of-service attack against North Korea, it’s that we still don’t know who’s behind any of it. The FBI said in December that North Korea attacked Sony. I and others have serious doubts. There’s countervailing evidence to suggest that the culprit may have been a Sony insider or perhaps Russian nationals.

No one has admitted taking down North Korea’s Internet. It could have been an act of retaliation by the U.S. government, but it could just as well have been an ordinary DDoS attack. The follow-on attack against Sony PlayStation definitely seems to be the work of hackers unaffiliated with a government.

Not knowing who did what isn’t new. It’s called the “attribution problem,” and it plagues Internet security. But as governments increasingly get involved in cyberspace attacks, it has policy implications as well. [Continue reading…]

Facebooktwittermail

U.S. imposes sanctions on North Korea while ‘FBI continues its investigation’ into Sony attack

“Ongoing investigation” is a stock phrase frequently used by government officials when they want to duck awkward questions.

“I can’t really comment on that while there is an ongoing investigation …” etc, etc.

When it comes to the Sony hacking however, we’ve entered new political and legal territory.

Secretary of the Treasury Jacob J. Lew announced today that, “Even as the FBI continues its investigation into the cyber-attack against Sony Pictures Entertainment,” the U.S. has already decided to impose sanctions on North Korea.

This is like a trial in which midway through the proceedings, the judge interrupts the prosecution and defense and says, “I still intend to complete the trial but first I’ll pass sentence on the accused and then we can continue.”

The New York Times reports: The Obama administration doubled down on Friday on its allegation that North Korea’s leadership was behind the hacking of Sony Pictures as it announced new sanctions on 10 senior North Korean officials and several organizations. Administration officials said the action was part of what President Obama promised would be a “proportional response” against the country.

But White House officials said there was no evidence that the 10 officials took part in ordering or planning the Sony attack, although they described them as central to a number of provocative actions against the United States.

“It’s a first step,” one of the officials said. “The administration felt that it had to do something to stay on point. This is certainly not the end for them.”

I guess the rationale here is that the North Koreans deserve to be punished, because even if it turns out they didn’t commit the crime, this is the kind of thing they would do if they could.

Facebooktwittermail

Is Glenn Greenwald still in bed with Sony?

Five weeks after the Sony hacking story broke, Glenn Greenwald has leapt into the fray with this: “North Korea/Sony Story Shows How Eagerly U.S. Media Still Regurgitate Government Claims.

Wow! American journalists still haven’t broken their habit of mindlessly repeating what U.S. government officials tell them.

Thanks for pointing that out Glenn. Who would have imagined that this still happens in America today?

I guess I missed how media coverage of this story has been so corrupt because I was relying on reporting from hard-hitting alternative investigative news organizations like CBS News, the Los Angeles Times, and the Daily Beast, all of who showed why there were lots of reasons to doubt the official story.

The reason I’ve eagerly awaited Greenwald’s angle on this story is because he has a personal interest in how this all plays out.

The Intercept reported that Sony has scheduled to send a screenwriter to Brazil to meet with Greenwald this month.

Last March, Sony optioned the rights to turn Greenwald’s book, No Place to Hide, into a movie. But emails leaked from the November hacking revealed that Sony executives along with George Clooney — a champion of the project — have concluded they can’t successfully compete with Oliver Stone whose own movie based on Luke Harding’s The Snowden Files: The Inside Story of the World’s Most Wanted Man will get released sooner than anything Sony can produce.

Clooney wrote:

Stone will do a hatchet job on the movie but it will still be the film of Snowdon….and even if we made a kick ass version it would be using all the same story points…

If Stone’s movie — hatchet job or not — turns out to be commercial success, Luke Harding will presumably be reaping some of the rewards even though he had a rather modest stake among those who have tried to own the Snowden story.

Even though the basis of Greenwald’s confidence is now hard to understand, on December 22, The Intercept reported that “he believes the movie is still going forward…”.

As the hacking story has played out in Hollywood, stars including some of those embarrassed by the revelations, have lined up to express their support for Sony’s management. One doesn’t have to be a cynic to perceive this as a shamelessly self-serving exercise designed to shore up future working relations. Even those who spoke out in defense of free speech, accusing Sony of a cowardly capitulation, clearly also had a commercial interest in defending their own movie projects.

In this context, it seems important to understand where Greenwald’s own commercial relationship with Sony currently stands.

This is what his latest post reveals:

[Blank space]

Sometimes, silence can say more than 2,000 words.

The Sony hacking story is a story about Sony and hacking, but for executives who have been doing all they could to ride this out without getting fired, welcome support can come in the form of stories that turn this into something else — a story, for instance, which casts this as yet another episode in the never-ending saga of corrupt journalism subservient to the national security state.

Facebooktwittermail

The Intercept and others fall for a hoax Sony hacker ‘threat’

The Daily Mail reports: A hacking threat against CNN that rose to the FBI attention is actually a hoax, claims a freelance writer from Tennessee who is claiming responsibility for the post.

David Garrett Jr., from Nashville, says he we the one who posted to the anonymous site ‘pastebin’ claiming to be Sony hackers the ‘Guardians of Peace.’ It included the bizarre demand that CNN should turn over anchor Wolf Blitzer.

It is believed that the FBI issued a Joint Intelligence Bulletin based on that post that warned CNN and other media companies that hack attacks could be in the works.

Mr Garrett, who rights[sic] about security issues for Examiner.com, revealed himself on Twitter today after news media organizations, including Daily Mail Online, picked up the story about the FBI warning.

‘My fake pastbin post is being investigated by the FBI. I wrote for CNN to “give us the Wolf” and the FBI is actually taking it as a threat,’ he tweeted.

‘It was a joke. And to show that no one investigates anything. Everything is rumors. I had no idea it would be taken seriously.’

Judith Miller applauded The Intercept:


At this time The Intercept has so far failed to correct or update its original report:

intercept-hoaxed

Facebooktwittermail

Sony insider — not North Korea — likely involved in hack, experts say

The Los Angeles Times reports: Federal authorities insist that the North Korean government is behind the cyberattack on Sony Pictures Entertainment.

Cybersecurity experts? Many are not convinced.

From the time the hack became public Nov. 24, many of these experts have voiced their suspicions that a disgruntled Sony Pictures insider was involved.

Respected voices in the online security and anti-hacking community say the evidence presented publicly by the FBI is not enough to draw firm conclusions.

They argue that the connections between the Sony hack and the North Korean government amount to circumstantial evidence. Further, they say the level of the breach indicates an intimate knowledge of Sony’s computer systems that could have come from someone on the inside.

This week, prominent San Mateo, Calif., cybersecurity firm Norse Corp. — whose clients include government agencies, financial institutions and technology companies — briefed law enforcement officials on evidence it collected that pointed toward an inside job.

“We can’t find any indication that North Korea either ordered, masterminded or funded this attack,” Kurt Stammberger, a senior vice president at Norse, said in an interview with The Times. Although conceding that his findings were not conclusive, Stammberger added: “Nobody has been able to find a credible connection to the North Korean government.”

Stammberger said a team of nine analysts dug through data including Norse’s worldwide network of millions of Web sensors, internal Sony documents and underground hacker chat rooms. Leads suggesting North Korea as the culprit turned out to be red herrings and dead ends, he said.

Instead, the data pointed to a former employee who may have collaborated with outside hackers. The employee, who left the studio in a May restructuring, had the qualifications and access necessary to carry out the crime, according to Stammberger.

Moreover, names of company servers and passwords were programmed into the malware that infiltrated the studio’s network, suggesting hackers had inside knowledge of the studio’s systems, Stammberger said. [Continue reading…]

Facebooktwittermail