Hacked companies fight back with controversial steps (Reuters)

June 20, 2012

Source: Reuters


Companies are calling for more active responses to hack attacks, because tinfoil hats are very poor firewalls.

More proof that our present is a cyberpunk future. Reuters reports that companies, frustrated with outdated laws against sophisticated hacking attacks, are now looking for more “active” forms of defense against hackers. Not content with react-and-repair plans, they are now looking for offensive responses:

Known in the cybersecurity industry as “active defense” or “strike-back” technology, the reprisals range from modest steps to distract and delay a hacker to more controversial measures. Security experts say they even know of some cases where companies have taken action that could violate laws in the United States or other countries, such as hiring contractors to hack the assailant’s own systems.

One such “contractor” is CrowdStrike, a “A Stealth-mode Security Start-up” that offer services such as “an on-demand retainer service that empowers your enterprise through experienced and professional tactical response teams” (what some may call “mercenaries”). They can also use more common tactics like honeypots (fake files to keep an intruder’s attention while he’s being traced).


One group seems to already have “active defense” in operation.


A slippery slope. With such security breaches becoming more commonplace, it would seem that an escalation in hacking countermeasures was inevitable. But such escalation is not without risks:

Henry (Shawn Henry, the former head of cybercrime investigations at the FBI who in April joined CrowdStrike) and CrowdStrike co-founder Dmitri Alperovich do not recommend that companies try to breach their opponent’s computers, but they say the private sector does need to fight back more boldly against cyber espionage.

Of course, that fight-back mentality can lead to mercenary groups who can go world-wide to track and “neutralize” a hacker with a “fuck your laws” mentality.

Other security experts say a more aggressive posture is unlikely to have a significant impact in the near term in the overall fight against cybercriminals and Internet espionage. Veteran government and private officials warn that much of the activity is too risky to make sense, citing the chances for escalation and collateral damage.


Who’s really to blame? Hackers are getting more aggressive with their attacks and more silent with their invasions, but are they the bored teen in his/her bedroom looking for lulz, or other corporations and governments looking for an advantage? To underscore the real threat, an example of the recently discovered to be American/Israeli made Flame rootkit is cited as a major failure:

Mikko Hypponen, the well-regarded chief research officer at Finland’s F-Secure Oyj, told the Reuters Summit his company had a sample of Flame in 2010 and classified it as clean and later missed another virus called Duqu that was suspected of being backed by Western governments.

“These are examples how we are failing” as an industry, Hypponen said. “Consumer-grade antivirus you buy from the store does not work too well trying to detect stuff created by the nation-states with nation-state budgets.”

Because some national governments are suspected in attacks on private Western companies, it is natural that some of the victims want to join their own governments to fight back.

Armed responses from corporate militias are more of a colorful afterthought for now, but with the Pentagon wanting to use military force on hackers and recent reports of Obama wanting to use drones for domestic surveillance, corporate militias may not be that far off.

This post has been filed under HackZ AttackZ!, News as Cyberpunk by Mr. Roboto.

British researcher becomes infected with computer virus

May 27, 2010

Source: TechNews Daily, then BBC News, now spreading like a virus…

Dr Mark Gasson explains to the BBC how he got infected.

Proof of concept. Yesterday, word was spreading around the nets about a man who infected himself with a computer virus. That man was Dr. Mark Gasson from the University of Reading (UK), who had an RFID chip in his hand. What he did with that RFID chip and virus should be cause for alarm…

(TechNews Daily) Gasson had a relatively simple chip implanted in the top of his left hand near his thumb last year. It emits a signal that is read by external sensors, allowing him access to the Reading laboratory and for his cell phone to operate.

He and his colleagues created a malicious code for the chip. When the lab’s sensors read the code, the code inserted itself into the building computer database that governs who has access to the premises.

“The virus replicates itself through the database and potentially could copy itself onto the access cards that people use,” Gasson said.

The experiment showed that implants which wirelessly communicate with other computers can infect them and vice versa.


Ammo for the anti-RFID crowd. As you might have figured, Dr. Gasson deliberately infected himself to prove a point :

Human-Computer Virus

(Physorg.com) “Our research shows that implantable technology has developed to the point where implants are capable of communicating, storing and manipulating data,” he said. “They are essentially mini computers. This means that, like mainstream computers, they can be infected by viruses and the technology will need to keep pace with this so that implants, including medical devices, can be safely used in the future.”

As you can imagine, there are some serious implications for such human-computer infections, and even possibilities of human to human transmissions via infected RFID chips. Anti-RFID groups can use this as a weapon against the RFIDs themselves. Instead of getting spam in your inbox, it will arrive directly to your cortex. How about a DDoS attack on your pacemaker? Even worse, a zombie apocalypse courtesy of Conficker using infected PEOPLE!

This post has been filed under HackZ AttackZ!, Cyberpunked living, News as Cyberpunk by Mr. Roboto.

Ghostnet: China’s massive spynet uncovered

April 1, 2009

Source: Canada’s National Post as referred by Kovacs in our Techy News Pics thread.


It looks like the NSA(T&T) has some competition in the domestic spying game… and they may be targets themselves.

The Biggest Brother. While the UK is well on its way to being a security-surveillance police-state, and America’s plans are apparently “on hold” for now, it would seem hard to imagine another nation attempting to lay claim to the “Big Brother” title. But China has been doing just that, according to a recently released report from researchers at the University of Toronto. A ten-month investigation has turned up some 1300 infected systems worldwide, including high-value government computers like those of the exiled Tibetan government and the Dali Lama. A full report can be downloaded from here.


Vulnerability detected between keyboard and chair. The way the infection was spread sounds typical: e-mails were sent with a trojan attached, the user unwittingly opens the attachment and infects his system, and the infected system uploads sensitive files to China and spreads even more e-mails where the user unwittingly opens the attachment…

What happens after the initial infection:

“The GhostNet system directs infected computers to download a Trojan (horse) known as ghOst RAT that allows attackers to gain complete, real-time control,” the authors write in Tracking GhostNet: Investigating a Cyber Espionage Network.

“Our investigation reveals that GhostNet is capable of taking full control of infected computers, including searching and downloading specific files, and covertly operating attached devices, including microphones and web cameras.”

Dalai Lama (Associated Press photo)

The Dalai Lama expresses how he feels about China’s regime

Other Ghosts on The Net? While the Ghostnet is concentrated more on Asia, there’s a possibility that American systems have also been infected, though no reports about such infections have surfaced… yet.

Americans being spied on by foreign nations may not be new, but The Student Operated Press raises concerns about the US cybersecurity scheme, and even worse, that a post-9/11 paranoia-infected Department of Homeland (in)Security has its own Ghostnet:

Robert Paul Reyes (S.O.P.):

I hope that the CIA is taking serious precautions to safeguard our military and intelligence computer systems. I`m confident that they are running their own GhostNet operations to keep track of our many enemies throughout the world.

But what I fear the most is that the Department of Homeland Security has a GhostNet operation to keep track of Americans. Under the guise of fighting terrorism the Bush administration wiretapped the phones of Americans without obtaining a warrant from the courts.

What Ghostnet is about may be scary, but it’s small fries compared the what Conficker may have to offer…

This post has been filed under HackZ AttackZ!, News as Cyberpunk by Mr. Roboto.

BBC Builds a Botnet.

March 14, 2009

Source: BBC Click

The BBC News’ program CLICK built a botnet to show what damage they can do.

You got spammed! We’ve had to deal with it, spam in our emails, and while filtering has gotten better at removing the crap, the spammers have devised even more powerful ways of insuring that your inbox chokes. The most sinister of them all is the botnet, innocent home computers that have been infected to make remote use possible.

This week, the BBC’s tech news program Click built their own botnet of 22,000 computers to perform two tasks. First, they had the net spam a couple of email addresses they set up for the test. Next, they use the net to launch a DDoS attach on a security site owned by Prevx.

The results: The inboxes choked while the site ground to a halt.

To give you an idea of what botnets are out there and the potential damage they can do, check out this list of the top spam botnets.


Is this even LEGAL? To build the botnet, the BBC posed as “customers” to purchase the software that infects computers to make the botnet. That would seem to be no different than an undercover agent looking to gather evidence of hacking, only the BBC didn’t need a warrant. The attack on the Prevx was done with the company’s approval on a backup site. This would like a “test” for a tiger-team to see if they are able to do a bigger hack. Companies hire hackers (”white hats”) to regularly test their security, or ethical hackers will do so while leaving messages of possible weaknesses.

What the BBC did may border on journalism and legality, but they do had a good reason for doing this:

A lot of the debate has been about whether we did the right thing digging into the murky world of hackers and organised cybercrime. In seeking to demonstrate the threat, had we put ourselves in the position of those we wanted to expose?

That’s always a good question. After all, we could have simply described what we believe happens and given some warning advice, couldn’t we? We’ve done this in the past. So have many others…

But hacking has gone professional. Today, your PC can be doing bad things to other people without you even knowing. It’s a major growth area for organised crime: it’s global, and very local to all of us who work, communicate and play on the world wide web.

So we felt that there was the strongest public interest in not just describing what malware can do, but actually showing it in action. A real demonstration of the power of today’s botnets – to infect, disrupt and damage our digital lives – is the most powerful way to alert our audiences to the dangers that they face. It’s a wake-up call to switch on that firewall and improve our security on the internet.

We think that what we did was a first for broadcast journalism. We were amazed by the ease of use of the botnet, and the power of its disruptive capacity.

They have since disabled the botnet.


Was this power trip really necessary? People will question whether the BBC’s use of a botnet was required, but there’s no question that there will always be security holes in the system. Linux and Windows users have known this, and OS X users will soon learn this lesson the hard way.

Remember: No amount of software patching will ever close the security hole between the keyboard and the chair.

This post has been filed under HackZ AttackZ!, News as Cyberpunk by Mr. Roboto.

The Freehacker’s Union, because “Business Is Killing The Art Of The Hack”

August 26, 2008

Source: Zed Shaw’s blog, The Freehacker’s Union

When Zed Shaw lost his V.P. job because Bear Stearns went FUBAR, he found himself with more free time (and severance $$$$$) than he can handle. So now he wants to start a special group for hackers:

This rant is about an idea I have for a group of geeks who fight to keep the art of hacking and invention alive. I want to call it The Freehacker’s Union. I want it to be against business, against the coopting and destruction of geek culture, and for preserving hacking and invention as methods of personal artistic expression.

His profile does make him sound like a dick, but he seems to have the tech ability to back it up. Plus his idea of a hacking group devoid of the co-opting that businesses and crime groups are now doing has to be good news for old-school hacker purists.


Really, what’s his motivation? “This town needs an enema,” proclaims Zed as he describes the New York City hacking scene being co-opted and corrupted. He remembers when hacking was for the adventurous, not venture capitalists:

Then it hit me, it’s the business that’s killing tech in this city. The business of technology in New York values douchebag asswipes and “idea guys” over the real people who built this world. Their ideas are shit, but because they have an MBA from Columbia (they didn’t do much to earn) they are listened to and valuable. Me and the other hackers are just tools, cogs, and slave labor designed to be subservient to a real man’s passions.

The problem is, because none of these dicks do anything they don’t know what’s a real technically challenging innovation. They would rather try to make a little bit of money making a slightly better version of whatever everyone else is making. They want the lottery tickets and the fast payout where they take all the fucking money and trade the geeks over to Google or Microsoft like some fucking slave exchange.

Zed’s rules of The Freehacker’s Union:

I want the rules of The Freehacker’s Union to be:

1. If it’s art, wires, or code you can bring it. This will be our triad: art/wires/code. Remember it.
2. NO FUCKING BUSINESS ASSHOLES This isn’t your personal fucking recruiting station. Take your “game changing” ideas and fuck the hell off.
3. If you can’t sling at least one of the three in the A/W/C triad then you can’t come. No exceptions.
4. Everyone who attends has to eventually show something. If it’s your first night, you have to present something. It can be anything, but you gotta show that you belong. If you can’t then you can’t come back until you can. For those who absolutely can’t talk in front of people, you can get someone to show your stuff on your behalf.
5. No girlfriends or boyfriends unless they’re hardcore too. Keep your fucking groupies at home.
6. Organized using simple software that’s open. No special hidden jabber servers, no yahoo groups, no fucking evite or someone’s favorite latest startup website. Just a simple mailing list, a website anyone can manage, and maybe a channel on IRC.
7. Frequent meetings at a regular time and spot. I like twice a month, but hell if people can handle more then I want to do it.
8. Clear guidelines on how to become a member, including the benefits and responsibilities.

Other than that, I’m open to suggestions. I’m going to be doing more writing on this subject, and coming up with ideas with friends, and then I’ll announce our first meeting. If you have thoughts, or you want to attend, then let me know.

If you’re an Alpha Biz Guy then fuck off. I don’t want to hear about how you can kick my ass and how I’m never going to get hired again.

I don’t give a fuck about you, I just want to hack and you’re fucking that up for me.

Let the games begin!


The Freehacker’s Union now has a site where you can check to see if you want to join a local or possibly start one.

Sounds like this could be fun…

This post has been filed under HackZ AttackZ!, Internet Find by Mr. Roboto.