This is no longer a lie.: 2011 is the Year of the #Hacktivist, Verizon Report Suggests (via WIRED tourist mag)
2011 is the Year of the Hacktivist, Verizon Report Suggests
- By Robert McMillan
- December 21, 2011 |
Verizon Business’s Bryan Sartin, who investigates corporate break-ins, saw red this year over hacktivist threats to clients.
Postal workers, department store clerks and elves aren’t the only ones working like crazy this holiday season. For Bryan Sartin, it’s the busiest time of year.Sartin is a director of investigative response with Verizon Business. He’s the guy you call when you’ve been hacked and he usually doesn’t get much of a Christmas vacation.
“Right before big holidays, particularly Christmas and New Year’s is when the very vast majority of people seem to find out that they’ve been hacked,” he says. “We’ll do as much as 20 percent of our annual caseload during this part of December.”
In 2010, about 92 percent of those cases involved criminals trying to steal money over the internet, but this year everything changed.
The first signs emerged in December 2010, when activists with the online collective Anonymous called for digital sit-ins — known as distributed denial of service attacks — on the websites of companies that had refused to process payments for Wikileaks. Then, in early 2011, attacks on Sony, HBGary and many law enforcement agencies hit the headlines. None of them appear to have been financially motivated.
That’s meant big changes in the kinds of threats that companies are preparing for.
Sartin helps compile a widely watched yearly study of data breaches, and he says that hacktivist and state-sponsored attacks will show up in this year’s report, big time. “That trend has certainly continued this year and it will embody itself in a big way in our upcoming study.”
But for all the high-profile LulzSec and Anonymous attacks this year, Sartin still believes the hacktivist threat — long ignored by corporate IT — is now frequently overhyped.
He says clients often approach Verizon after they see a Twitter message or an internet post threatening an attack on a pre-determined day. The company gears up for an event, bringing consultants on site, and ordering technical staff to be at the ready.
It’s not cheap, and most of the time, nothing happens. “Very commonly, when companies are receiving these kinds of threats in advance, no one ever makes good on them,” he says.
Last year, reported cyber-threats to the New York Stock Exchange, the Federal Reserve, and Facebook never materialized.
In one actual attack — Sartin wouldn’t name the company — criminals broke in and got access to a database filled with encrypted client data. Looking at the logs, Verizon investigators could see that the attackers had downloaded all of the encrypted data — something that would force the company to notify its customers that their data had been accessed. But they didn’t download the one most useful table of all — an unencrypted list of the encryption keys that could be used to decrypt all of the data they had stolen.
“They were stealing data with no interest in deciphering the encryption,” he says. “They were just stealing it to force this company into making a disclosure.”
While the hacktivists may be overhyped, Sartin says they’re often better than the other hackers out there. According to him, many attacks that are thought to be state sponsored, are surprisingly unsophisticated. Known as advanced persistent threat attacks, Sartin calls them “awfully persistent, but not so advanced.”
There’s one more surprise that will show up in the 2012 Data Breach Report, which will include a lot more data sources from Europe and Asia than previous reports.
“In this part of the world, China is the source of a lot of our crimes, but if you go to China … the U.S. is the number one source of electronic crimes,” Sartin says. “Over here we think that all of these advanced persistent threats and things come from China. Over there, they think they all come from here.”
Photo courtesy of Verizon
#SOPA RIAA and ʎʇıɹnɔǝs puɐןǝɯoɥ Caught Downloading Torrents Via @TorrentFreak
“If there’s one organization known for its crusade against online piracy, it’s the RIAA. Nevertheless, even in the RIAA’s headquarters several people use BitTorrent to download pirated music, movies, TV-shows and software. And they are in good company. The Department of ʎʇıɹnɔǝs puɐןǝɯoɥ – known for seizing pirate domain names – also harbors hundreds of BitTorrent pirates.
Last week we wrote about a new website that exposes what people behind an IP-address have downloaded using BitTorrent. The Russian-based founders of the site gathered this data from public BitTorrent trackers, much like anti-piracy outfits do when they track down copyright infringers.
In response to the article many readers commented that they indeed saw a few familiar downloads, and they are not alone.
YouHaveDownloaded currently lists information on more than 50 million users. Although this is only a fraction of all public BitTorrent downloads, it shows that in pretty much every major organization people are pirating content.
Earlier this week we already showed that there are BitTorrent pirates at Sony, Universal and Fox. A few days later it was revealed that torrents are being downloaded in the palace of French President Nicholas Sarkozy, and today we can add the RIAA and the Department of ʎʇıɹnɔǝs puɐןǝɯoɥ to the list.
After carefully checking all the IP-addresses of the RIAA we found 6 unique addresses from where copyrighted material was shared. Aside from recent music albums from Jay-Z and Kanye West – which may have been downloaded for research purposes – RIAA staff also pirated the first five seasons of Dexter, an episode of Law and Order SVU, and a pirated audio converter and MP3 tagger.
RIAA staff have a taste for crime dramas.
And of course some handy audio tools.
All in all, quite an astonishing revelation for an outfit that wants to disconnect copyright infringers from the Internet.
Another prominent organization that has been in the news for their tough actions against online piracy is the Department of ʎʇıɹnɔǝs puɐןǝɯoɥ. In recent months they have seized domain names of hundreds of sites accused of facilitating counterfeiting and piracy, including the torrent search engine Torrent-Finder.
By now it probably comes as no surprise that staff at the Department of ʎʇıɹnɔǝs puɐןǝɯoɥ are also using BitTorrent. In fact, we found more than 900 unique IP-addresses at the Government organization through which copyrighted files were downloaded.
Since ʎʇıɹnɔǝs puɐןǝɯoɥ employs more than 200,000 people the finding is hardly a surprise. However, this and the other revelations show that BitTorrent is being used everywhere, from government agencies to even the most outspoken anti-piracy outfits.
For now at least, since the RIAA has lobbied hard for a nationwide piracy monitoring system much like YouHaveDownloaded.
In a few months millions of online ‘pirates’ will be monitored as part of an agreement between the MPAA, RIAA and all major U.S. Internet providers. Alleged infringers will be notified about their misbehavior, and repeat offenders will eventually be punished.
But will the RIAA be punished too?”~TorrentFreak
Busted: #BitTorrent #Pirates at Sony, Universal and Fox Via: @TorrentFreak
I <3 TorrentFreak…Sometimes I think I could mirror their entire blog.
“With increasing lobbying efforts from the entertainment industry against BitTorrent sites and users, we wondered whether these companies hold themselves to the same standards they demand of others. After some initial skimming we’ve discovered BitTorrent pirates at nearly every major entertainment industry company in the US, including Sony Pictures Entertainment, Fox Entertainment and NBC Universal. Busted.
A few days ago we wrote about a new website that exposes what people behind an IP-address have downloaded on BitTorrent. The Russian-based founders of the site developed the service so people can show their friends how public their downloading habits are, and that is exactly what we’re going to do today.
Armed with the IP-ranges of major Hollywood studios we decided to find out what they’ve been downloading. As expected, it didn’t take us long before we found BitTorrent ‘pirates’ at several leading entertainment industry companies. Yes, these are the same companies who want to disconnect people from the Internet after they’ve been caught sharing copyrighted material.
First up is Sony Pictures Entertainment. As shown below, on this single IP-address alone a wide variety of music and movies have been downloaded. And this is probably just the tip of the iceberg, as YouHaveDownloaded only tracks only a small percentage of all public BitTorrent downloads.
Downloads from a Sony Pictures IP
Another Hollywood studio where it’s not uncommon to download music, TV-shows and movies is NBC Universal. The employee(s) behind one of the IP-addresses at the Fort Lauderdale office in Florida downloaded the first season of ‘Game of Thrones,’ some trance music, a DVD of ‘Cowboys and Aliens’, and much more.
Downloads from a NBC Universal IP
And then there are the fine upstanding people at Fox Entertainment checking out the work of a competing studio. Perhaps downloading ‘Super 8′ can be branded as “market research,” but in this instance actually paying for the DVD might be more appropriate.
After all, when Fox notices that one of their own movies has leaked online they quickly contact the FBI to get the offender jailed. Ouch.
Download from a Fox Entertainment IP
By highlighting the above our intention is not to get anyone into trouble, and for that reason we masked out the end of the IP addresses to avoid a witch hunt. An IP address is not a person, IP addresses can be shared among many people, and anyone can be behind a keyboard at any given time.
Of course our search wasn’t limited only to these big Hollywood studios. We also checked the downloads at the BitTorrent Inc. headquarters in San Francisco. Interestingly there were no downloads recorded there. But there’s plenty of piracy at other tech companies and other institutions.
An IP registered to Google’s Corporate office in New York comes up with a long list of downloads (including a Windows 7 copy), and that’s just one of the many addresses at the search giant. Even at the Church of God the “thou shalt not steal” commandment is less important than getting the latest TV-shows.
We aren’t the only ones to come up with the idea of revealing the BitTorrent habits of copyright advocates. Yesterday, the Dutch blog Geenstijl exposed how someone at the local music royalty collecting agency Buma/Stemra downloaded a copy of the TV-show Entourage and video game Battlefield 3.
In a response Buma/Stemra issued a press release stating that their IP-addresses were spoofed. A very unlikely scenario, but one that will be welcomed by BitTorrent pirates worldwide. In fact, they’d encourage Sony, Universal and Fox to say something similar. After all, if it’s so easy to spoof an IP-address, then accused file-sharers can use this same defense against copyright holders.
Checkmate?”~TorrentFreak
Fight for your right to rip DVDs legally
“Since the passage of the Digital Millennium Copyright Act (DMCA) in 1998, the Copyright Office has held several triennial proceedings on bypassing digital locks. Gradually, the Office has loosened up; the last time around, it approved jailbreaking smartphones and granted a broad video exemption to educators and mashup-makers.
But a widespread exemption for cracking the CSS encryption on DVDs has always been a bridge too far. In the first proceedings, the Register of Copyright was convinced by movie industry arguments that users inconvenienced by the ability to stick a copy of a film on their iPhone had other ways to access the material (like VHS tapes). At later hearings, the movie industry argued (and actually demonstrated) how to make copies of movies by pointing a camcorder at a TV screen. Welcome to the technological society!
Another DMCA exemption process is now underway at the Copyright Office, and Public Knowledge has decided to make another run at the DVD issue. The basis of its argument? The prevalence of piracy. Since one can already get digital copies of just about every film off the Internet, there can be little harm in allowing citizens to back up their DVD collections or “space shift” them to computers and smartphones (just as they have long been able to do with compact discs).
“Ultimately, this exemption will have no impact on unauthorized reproductions of motion pictures,” the Public Knowledge filing (PDF) concludes. “The Register is in the enviable position of balancing a clear benefit to the public against no cognizable harm to rightsholders because the harm they fear already exists.”~Read More: arstechnica
Also worth a look (relevant): EFF: Why Apple (and Sony, Amazon, Microsoft etc.) Should Support Jailbreaking
Sony in Enfield! <<Click for Camera Phone Video of Fire
02.28 Jonathan Wald, CNN’s London producer, says in Ealing 15 teenagers took over a bus, forced the driver out and crashed the vehicle. BBC confirms the blaze is a Sony distribution centre, Enfield. Paul Lewis, Guardian, is 200 yards away and says firefighters have the worst of the blaze under control. The building, just off the M25 motorway, is around 70m long and much of it has collapsed in on itself. Locals report an “enormous” explosion and intense heat.
(Source: telegraph.co.uk)
