Archive for the ‘National Security’ Category

Spain Detains 3 in PlayStation Cyberattacks

The Spanish police said on Friday that they had apprehended three men suspected of computer hacking in connection with recent attacks on Sony’s PlayStation Network as well as corporate and government Web sites around the world.

The National Police identified the three as the local leadership of the shadowy international network of computer hackers known as Anonymous, which has claimed responsibility for a wide variety of attacks.

Anonymous is composed of people from various countries organized into cells that share common goals, the police said, with activists operating anonymously in a coordinated fashion.

One of the three suspects, a 31-year-old Spaniard, was detained in the southern Spanish city of Almería sometime after May 18, the police said. He had a computer server in his apartment in the northern Spanish port city of Gijón, where the group is believed to have attacked the Web sites of the Sony PlayStation online gaming store.

The same computer server was also believed to have been used in coordinated attacks against two Spanish banks, BBVA and Bankia; the Italian energy company Enel; and government sites in Algeria, Chile, Colombia, Egypt, Libya, Iran, Spain and New Zealand, the police said.

The two other men, both also Spaniards in their early 30s, were picked up in Barcelona and Valencia. The police statement did not make clear the timing of those detentions, but a police spokeswoman said all had occurred recently.

The spokeswoman, who did not want to be identified in accordance with department policy, said all three were subsequently released, without bail, pending formal charges.

They were expected to be charged with forming an illegal association to attack public and corporate Web sites, a charge that carries a potential sentence of up to three years in prison.

The police opened their investigation last October, after hackers overwhelmed the Spanish Ministry of Culture’s Web site to protest legislation increasing punishments for illegal downloads.

It was not immediately clear how much of a role the group may have played in the recent attacks on Sony. About a dozen Sony Web sites and services around the world have been hacked; the biggest breaches forced the company, which is based in Tokyo, to shut down its popular PlayStation Network for a month beginning in April.

The Japanese company has acknowledged that hackers compromised the personal data of tens of millions of user accounts. Earlier this month, a separate hacker collective called Lulz Security, or LulzSec, said it had breached a Sony Pictures site and released vital source code.

Sony has estimated that the hacker attacks will cost it at least 14 billion yen ($175 million), in damages, including spending on information technology, legal costs, lower sales and free offers to lure back customers.

Mami Imada, a Sony spokeswoman in Tokyo, said she had no information on the detentions and declined to comment.

The police said that they had analyzed more than two million lines of chat logs since October, as well as Web pages used by the group to identify the leadership in Spain “with the capacity to make decisions and direct attacks.” Members of Anonymous used a computer program called L.O.I.C. to crash Web sites with denial-of-service attacks, the police said.

Among recent attacks, the hackers also brought down the site of the Spanish National Electoral Commission last month before regional and municipal elections. It was that attack, on May 18, that led to the detention of the suspect in Almería.

The movement against the antipiracy law has been closely linked to the broader youth-led political movements that have occurred in Puerta del Sol, the central square in Madrid, and in other city squares since May 15.

These protests have called for a complete overhaul of Spain’s political system and laws aimed at stopping illegal downloading.

Hiroko Tabuchi contributed reporting.


Satellites Spot Illegal Logging of Uncontacted Tribes’ Home

Some of the world’s most sophisticated technology is being used to protect indigenous people who’ve entirely avoided the industrial world.

By studying satellite photographs of Paraguayan forests inhabited by still-uncontacted aboriginal tribes, activists have spotted evidence of illegal deforestation carried out between October and December of last year.

The deforestation violated a logging moratorium on land claimed by both ranchers and the Ayoreo, a tribe that lives on the Gran Chaco, a vast arid plain of scrub forest and seasonal waterways.

Prolonged contact between the nomadic Ayoreo and outsiders began only in the mid-20th century, when Mennonites fleeing religious persecution and compulsory military service in Russia and Eastern Europe settled in the Paraguayan Chaco. Several hundred members of an Ayoreo subgroup known as the Ayoreo-Totobiegosode have almost completely avoided contact, but it’s not easy.

The Mennonites have since become a major agro-industrial force, joined by Brazilian ranchers evading that country’s crackdown on Amazon deforestation. Between 2006 and 2010 they cleared a full one-tenth of the Paraguayan Chaco’s forest for ranches, a practice with disastrous long-term consequences for Chaco ecology and short-term consequences for Ayoreo still living in the forests. Much of that deforestation occurred on contested and ostensibly off-limits land, but government enforcement of the moratorium is inconsistent.

In 2009, tribal-advocacy group Survival International published satellite photographs documenting illegal logging by Brazilian company Yaguarete Pora, which was subsequently fined and delicensed. The clearing seen in the latest photographs was was conducted by the companies River Plate and BBC S.A., and has been verified by government officials, said Rebecca Spooner, who works on Survival International’s Latin America campaign.

According to Spooner, the image analysis was conducted by an Ayoreo supporter from Canada whose work involves satellite imagery. There is, however, no systematic tracking of Gran Chaco deforestation. Much of the clearing visible in the new photographs — not just the latest activity — was illegal.

“The new deforestation may not be big in itself, but it simply adds to the massive deforestation going on in the Chaco that is, bit by bit, removing the very life source of the Ayoreo,” said Spooner. “This is going on illegally and nothing is being done to prevent it.”

An abandoned Ayoreo dwelling. Photo: Survival International

December 14, 2010 | By Paul Mauldin

Here’s a frightening scenario – thousands of teenage hackers sitting in their rooms after school trying to break into utility databases or spread a virus – all through the Home Area Network (HAN)! Could it happen? Recent events are certain to make the power industry sit up and blink.

We could call the last few months the Semester of Cyber-security panic. As the WikiLeaks fiasco continues to boil, herds of hackers are apparently engaged in a global cyber-war against nations and corporations that threaten WikiLeak’s continued operations. There doesn’t seem to be any real moral or patriotic issues involved in the attacks. It’s almost as though a globally connected bunch of teenaged hackers just took on a new challenge. Sort of a “Revenge of the Nerds” cyber sequel. In fact, at the time of this writing a Dutch teenager is being held as a suspected ringleader of the “Operation Payback” attacks on financial institutions that refuse to service WikiLeaks donations.

All that bizarre chaos will go where it will – but the big question is: How did so much info get acquired through one entry point? It’s hard to believe that a young soldier might have done something as simple as plugging into a USB port and downloading over 6 million documents.

Then there’s STUXNET, the cyber virus that entered via the Internet and infected Iran’s uranium processing center in Natanz and their new nuclear reactor in Bashehr. The STUXNET worm specifically targets certain Siemens control systems used in power plants and in the power grid itself. Apparently it was a targeted infection intended to show off the virus’ capabilities. So far the virus hasn’t caused much damage. But it could have, with the right payload.

The biggest problem is getting rid of the darn thing. Ralph Langner, a German cyber security expert on STUXNET, describes the Iranian’s conundrum:

“They should throw out every personal computer involved with the nuclear program and start over, but they can’t do that. Moreover, they are completely dependent on outside companies for the construction and maintenance of their nuclear facilities. They should throw out their computers as well. But they can’t,” he explained. “They will just continually re-infect themselves.” Sort of like a bubonic plague epidemic without antibiotics.

Apparently the virus came in through the internet and, just like the WikiLeaks gusher, it only takes one open cyber door. You can bet we’ll keep that in mind when considering Smart Grid vulnerabilities.

In any case it looks like smart grid security is headed to be more complex and exacting than we had considered. We’ll see more than a few state and federal agencies involved so we can only hope that the solutions won’t be so user-unfriendly that they make the customer interface useless.


U should Fear The Government Instead Of Hackers

I think this post will interest the people who thought that they are save be’cos they have passwords to login into their Social Networking Sites. Well U are dead wrong. Hackers are the least u should worry about. Those u need to fear are the United States Government. To me They have control over Everything that goes on on the internet. There is no privacy with Computers now a days so stop worrying about computer hackers breaking into ur accounts rather worry about the damed fucking government. leave the Hackers alone be’cos one day u will need their help. Belife me when i say one day. Be’cos that day is almost near.
Guss u’have been watching those tech movies, u see wht the governments do in this movies. Well this movies are not just made they are messages and i think we should all try to listen other than criticize Hackers be’cos when that day comes u will be rashing to learn how to hack to be able to protect ur self. When we come to security hackers have the tight security be’cos they beak them so they make sure that theirs is unbreakable.

Social Network Analysis

One common form of surveillance is to create maps of social networks based on data from social networking sites such as Facebook, MySpace, Twitter as well as from traffic analysis information from phone call records such as those in the NSA call database[38], and others. These social network “maps” are then data mined to extract useful information such as personal interests, friendships & affiliations, wants, beliefs, thoughts, and activities.

Many U.S. government agencies such as the Defense Advanced Research Projects Agency (DARPA), the National Security Agency (NSA), and the Department of Homeland Security (DHS) are currently investing heavily in research involving social network analysis.[43][44] The intelligence community believes that the biggest threat to U.S. power comes from decentralized, leaderless, geographically dispersed groups of terrorists, subversives, extremists, and dissidents . These types of threats are most easily countered by finding important nodes in the network, and removing them. To do this requires a detailed map of the network.

Jason Ethier of Northeastern University, in his study of modern social network analysis, said the following of the Scalable Social Network Analysis Program developed by the Information Awareness Office:
The purpose of the SSNA algorithms program is to extend techniques of social network analysis to assist with distinguishing potential terrorist cells from legitimate groups of people … In order to be successful SSNA will require information on the social interactions of the majority of people around the globe. Since the Defense Department cannot easily distinguish between peaceful citizens and terrorists, it will be necessary for them to gather data on innocent civilians as well as on potential terrorists.
—Jason Ethier[41]

AT&T developed a programming language called “Hancock” which is able to sift through enormous databases of phone call and Internet traffic records, such as the NSA call database and extract “communities of interest” — groups of people who call each other regularly, or groups that regularly visit certain sites on the Internet. AT&T originally built the system to develop “marketing leads”[47], but the FBI has regularly requested such information from phone companies such as AT&T without a warrant,[47] and after using the data stores all information received in its own databases, regardless of whether or not the information was ever useful in an investigation.[48]

Some people believe that the use of social networking sites is a form of “participatory surveillance”, where users of these sites are essentially performing surveillance on themselves, putting detailed personal information on public websites where it can be viewed by corporations and governments.[39] About 20% of employers have reported using social networking sites to collect personal data on prospective or current employees.[49]