Russia vs Georgia, the online front


While we’re sure that just about everyone has heard about the conflict between Russia and Georgia, few have probably heard about the role of cyber attacks in the conflict. Shortly before Russia’s armed response, Georgian state web servers were attacked by individuals assumed to be Russian hackers. This attack almost completely obliterated Georgia’s online presence by shutting down the website for the Ministry of Defense, and the Central Government’s main site. The Russian attackers seem to be using some form of sustained DDoS to keep many Georgian sites offline. In an effort to preserve some web presence, the Georgian Government transferred [President Mikheil Saakashvili]’s site to a US hosting provider in Atlanta. The Ministry of Foreign Affairs even created a BlogSpot page after their website initially went down. While politically motivated DDoS attacks have not been rare in past months, this seems to be the first time where the attacking party can be clearly identified. This seems to be the start of a trend where the unconventional methods of cyber warfare are used to gain an advantage over the enemy.

[photo: somefool]

Possible entrapment scenario in hacking case

[Brian Salcedo] made headlines a few years ago as a hacker who attempted to break into Lowe’s corporate network. He is currently serving a nine-year prison sentence, one of the longest sentences for a computer hacking offense. Recent events surrounding a different hacking case have revealed that the buyer he worked for, [Albert “Segvec” Gonzalez], was a Secret Service informant. [Salcedo] claims that were it not for [Gonzalez]’s threats, he would not have committed the hacking offense. While the Secret Service may not have even been aware of [Gonzalez’s] activity with other hackers, [Salcedo] could make a case of entrapment by arguing that [Gonzalez] threatened him as a government agent in order to make him plant the sniffer in Lowe’s network.

British hacker to be extradited to U.S.

British computer hacker [Gary McKinnon] lost his final appeal to block his extradition to the U.S. He stands accused of hacking into almost 100 U.S. military and NASA computers from his girlfriend’s aunt’s house in London over a four year period by the U.S. government. If convicted of the crimes in a U.S. court, he could face up to 70 years imprisonment. [Gary McKinnon] freely admitted to hacking into the computers, but claimed that he did it out of curiosity, not out of malice or any terroristic aims. He was looking for information on UFOs. The U.S. government claimed that in addition to hacking into the computers, he also stole 950 passwords and erased important files. [McKinnon’s] next move will be to appeal to the European Court, and if unsuccessful, he will have no other option but to stand trial in the U.S. court system.

Techie Hall of Shame


In the aftermath of [Terry Childs], the jailed disgruntled software engineer who created a God password and effectively locked San Francisco officials out of their own computer system, IT Grind unveils its Techie Hall of Shame. The Hall of Shame highlights figures who give computer professionals a bad name. From [Roger Duronio], the systems administrator who wasn’t satisfied with his raise, to [Kenneth Kwak], who installed spyware on his boss’ computer in order to gossip, the wrath of the IT professional can wreak thousands to millions of dollars of damages for companies and corporations to clean up. As much as these figures seem to be singular figures, we think they also serve as cautionary tales. Always have backup. If you suspect you’ve got a disgruntled employee, you should probably at the very least keep another expert eye on him. And hire more than one person to manage your systems. [Deb Perelman] asks her readers who else they think would be worthy of the Hall of Shame. We’re curious to know what you think, too.

[via digg]

High profile hackers get their day in court


The court cases against high profile hackers [Gary McKinnon], [Gregory King], and [Robert Matthew Bentley] all had major developments last week, with [King] and [Bentley] sentenced to time in prison and [McKinnon] in a tenuous
state fighting extradition.

Both [King] (aka Silenz) and [Bentley] (aka LSDigital) will serve time for crimes related to botnets, but where [King] used one to stage DDOS attacks, [Bentley] used them to create spam. [King]’s botnet had 7,000 nodes, and though the court did not release the size of [Bentley]’s botnet, all of his bots were computers in the Rubbermaid company. [King] agreed to a two-year sentence, while [Bentley] was sentenced to 41 months.

[McKinnon] (aka Solo) who is of British origin, may serve up to 60 years in prison for mounting the “biggest military hack ever” on U.S. government computers. Between 2001 and 2002, he allegedly hacked into 97 computers in U.S. military and NASA networks. To be charged in American courts, though, he would have to be extradited first, and his extradition appeal to British courts is currently pending.