Blogs about: Hbgary
Featured Blog
ChamberLeaks Investigation Continues
RT’s Thom Hartmann interview, Lee Fang, reporter and blogger for ThinkProgress, and the person who broke the ChamberLeaks story. CLICK HERE TO READ ALL OF LEE FANG’S ARTICLES Related Link:… more →
LeakSource
FBI Warns Top Firms Of Anonymous Protest Hacks on May 25 | threatpost
wrote 1 week ago: The FBI Cyber Division has sent a warning to some of the world’s top corporations about a coor … more →
wrote 3 months ago: Rise of the #Hacktivist #infographic #OccupyLulz (Source: https://www.facebook.com/OccupyLulz) … more →
Culture of Rape
— 1 comment
wrote 3 months ago: Forgetting for a moment that it was rape that lead to Anthony Burgess writing A Clockwork Orange in … more →
HBGary Federal and Aaron Barr get slapped by Anonymous
wrote 3 months ago: On the first weekend of February 2011, Chief executive Aaron Barr of Security firm HBGary Federal a … more →
The HBGary Federal Hack
wrote 4 months ago: In February 2011, the loosely knit collective of hacktivists known as Anonymous successfully comprom … more →
whitedork:
2011 is the Year of the Hacktivist, Verizon Report Suggests
By Robert McMillan
December 21, 2011 |
Verizon Business’s Bryan Sartin, who investigates corporate break-ins, saw red this year over hacktivist threats to clients.
Postal workers, department store clerks and elves aren’t the only ones working like crazy this holiday season. For Bryan Sartin, it’s the busiest time of year.
Sartin is a director of investigative response with Verizon Business. He’s the guy you call when you’ve been hacked and he usually doesn’t get much of a Christmas vacation.
“Right before big holidays, particularly Christmas and New Year’s is when the very vast majority of people seem to find out that they’ve been hacked,” he says. “We’ll do as much as 20 percent of our annual caseload during this part of December.”
In 2010, about 92 percent of those cases involved criminals trying to steal money over the internet, but this year everything changed.
The first signs emerged in December 2010, when activists with the online collective Anonymous called for digital sit-ins — known as distributed denial of service attacks — on the websites of companies that had refused to process payments for Wikileaks. Then, in early 2011, attacks on Sony, HBGary and many law enforcement agencies hit the headlines. None of them appear to have been financially motivated.
That’s meant big changes in the kinds of threats that companies are preparing for.
Sartin helps compile a widely watched yearly study of data breaches, and he says that hacktivist and state-sponsored attacks will show up in this year’s report, big time. “That trend has certainly continued this year and it will embody itself in a big way in our upcoming study.”
But for all the high-profile LulzSec and Anonymous attacks this year, Sartin still believes the hacktivist threat — long ignored by corporate IT — is now frequently overhyped.
He says clients often approach Verizon after they see a Twitter message or an internet post threatening an attack on a pre-determined day. The company gears up for an event, bringing consultants on site, and ordering technical staff to be at the ready.
It’s not cheap, and most of the time, nothing happens. “Very commonly, when companies are receiving these kinds of threats in advance, no one ever makes good on them,” he says.
Last year, reported cyber-threats to the New York Stock Exchange, the Federal Reserve, and Facebook never materialized.
In one actual attack — Sartin wouldn’t name the company — criminals broke in and got access to a database filled with encrypted client data. Looking at the logs, Verizon investigators could see that the attackers had downloaded all of the encrypted data — something that would force the company to notify its customers that their data had been accessed. But they didn’t download the one most useful table of all — an unencrypted list of the encryption keys that could be used to decrypt all of the data they had stolen.
“They were stealing data with no interest in deciphering the encryption,” he says. “They were just stealing it to force this company into making a disclosure.”
While the hacktivists may be overhyped, Sartin says they’re often better than the other hackers out there. According to him, many attacks that are thought to be state sponsored, are surprisingly unsophisticated. Known as advanced persistent threat attacks, Sartin calls them “awfully persistent, but not so advanced.”
There’s one more surprise that will show up in the 2012 Data Breach Report, which will include a lot more data sources from Europe and Asia than previous reports.
“In this part of the world, China is the source of a lot of our crimes, but if you go to China … the U.S. is the number one source of electronic crimes,” Sartin says. “Over here we think that all of these advanced persistent threats and things come from China. Over there, they think they all come from here.”
Photo courtesy of Verizon
wrote 5 months ago: This is no longer a lie.: 2011 is the Year of the #Hacktivist, Verizon Report Suggests (via WIRED to … more →
whitedork:
‘Cybergate’
Credit: Anonymous
In February, Aaron Barr, CEO of the cybersecurity firm HBGary Federal, announced that his firm had successfully infiltrated the Anonymous group and planned to unveil information about its members at an upcoming conference. Anonymous fought back…Read more
Arab Spring
Credit: Anonymous
Anonymous has played an ongoing role in the Arab uprisings over the past year. The group has orchestrated a series of illegal “denial of service” attacks against the websites of the governments of Egypt , Tunisia and Iran. These are attacks that use simple software to overwhelm a website with high volumes of traffic, crashing it.
The hackers also released the email addresses and passwords of Middle Eastern governmental officials who opposed the Arab Spring protests, including officials from Bahrain, Egypt, Jordan, and Morocco…Read More
Dark discovery
Credit: sxc.hu
In October, Anonymous gained attention and praise for taking down more than 40 illegal child pornography websites. Members of the group discovered a cache of the sites on Oct. 14 while browsing a secret website called the Hidden Wiki, a guide to hundreds of underground websites that are invisible to search engines. The hackers specifically targeted Lolita City, a file-sharing site used by pedophiles, and leaked the names of the site’s 1,589 active members to the public on Oct. 18.
Not only did this hacking campaign, called “Operation Darknet,” go where law enforcement agencies had been unable to go, it also exposed a very dark side of the Internet. The “darknet,” as it’s called, is not just hard to reach for regular users, it is actually deliberately concealed through data encryption. [More about Operation Darknet] Via WhiteDork
BART bash
Credit: Anonymous
On Aug. 11, the San Francisco Bay Area Rapid Transit system (BART) shut down subterranean cellular phone service, stifling protests that had been set to take place on its train platforms that day. Demonstrators had planned to stop trains from running in response to the fatal shooting of an unarmed passenger by the BART police one month earlier, but without the ability to coordinate their efforts via cellphones, the acts of civil disobedience never crystallized. [How BART Killed Cell Phone Service ]
BART’s censorship met with an immediate media hailstorm, and Anonymous swiftly responded with a series of attacks. First, they cracked into the user database of BART’s consumer-outreach website, MyBART.org, and posted the names, email addresses, ZIP codes and account passwords of thousands of MyBART.org users, along with a manifesto explaining that BART had violated the peoples’ right to assemble…Read More
wrote 5 months ago: This is no longer a lie.: Best Hacks by the #Hacktivist Group ‘#Anonymous’ … more →
Shiny Junk For Retards
— 47 comments
wrote 5 months ago: “It is vitally important to recognize that cellular telephony is a surveillance technology, an … more →
Microsoft's Watching?
wrote 6 months ago: Wikileaks, Anonymous, HBGary, StuxNet, zero-day exploits. All hot-button topics/words in the world … more →
Hackers break into a lucrative career
wrote 7 months ago: Hackers break into a lucrative career Joseph Menn, FT, 19 October 2011 …a potentially lucrativ … more →
The Military-Industrial Complex 2.0
wrote 7 months ago: By Barrett Brown (Guardian UK) | Reader Supported News 09 October 11 A virtual secret state: the mil … more →
Two More LulzSec, Anonymous Suspects Picked Up in U.K.
wrote 9 months ago: The noose appears to be tightening around hacktivist groups LulzSec and Anonymous: Two men, aged 24 … more →
HBGary linked *Palantir* employee planning counter-protest to #OpBART #Anonymous
wrote 9 months ago: It seems there is a counter-protest in the works for OpBART-3 August 29th 2011. One of the main supp … more →
wrote 9 months ago: Who is Anonymous? (Source: http://www.youtube.com/) … more →
Antisec hacks another Defense Contractor
— 12 comments
wrote 9 months ago: Update August 19: As part of #FFF IV Antisec has released full torrent for Vanguard Defense Industri … more →
They Shot the Sheriff. Anonymous leak 10Gb of Police Data
wrote 10 months ago: They shot the sheriff, and they claim it was in self defence…….. In what Anonymous and A … more →
The Corporate Internet Based Reconnaissance Operations
wrote 11 months ago: United States government contractors partner to spy on everything to “keep us safe”. In … more →
U.S. Government Software Creates "Fake People" on Social Networks
wrote 1 year ago: (Examiner) – The US government is offering private intelligence companies contracts to create softwa … more →
Barrett Brown is Anonymous
wrote 1 year ago: Barrett Brown is Anonymous Tim Brown, D Magazine, April 2011 … more →
