Public arrests of 56 hackers sends a clear message – but will the hackers listen?

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://theconversation.com/public-arrests-of-56-hackers-sends-a-clear-message-but-will-the-hackers-listen-38527

In a public show of force against cyber crime, 56 suspected hackers were
arrested in the UK by the National Crime Agency. The list of those arrested
included a 23-year-old man (those arrested were all men) suspected of
breaking into the US Department of Defence in 2014. The rest of the arrests
were people involved in fraud and money laundering and members of “hacking
collectives” the Lizard Squad and D33DS. The Lizard Squad was involved in
wide-spread distributed denial of service attacks on gaming sites and D33DS
stole 450,000 user details from Yahoo!.

The arrests come hot on the heels of an announcement of the FREAK security
vulnerability leaving thousands of sites using SSL unprotected as a result
of the flaw. The UK’s National Cyber Crime Unit, amongst a large range of
cyber security agencies are especially keen to drive the message home that
taking advantage of these vulnerabilities would lead to a high probability
of arrest. A BBC reporter was even “invited” to attend one of the arrests
carried out by the National Crime Agency. In this case, the suspect was a
21-year-old student.

It is believed that the man arrested for the attack on the US Department of
Defense did not obtain sensitive data but when posting about the attack,
claimed to be speaking on behalf of a group called ISISD0M3RS. A post from
the hacker(s) claimed that they were in control of DoD satellites and that
they would send missiles if the allied air-strikes against ISIS were not
stopped. However, the message also involved a bizarre implication that the
Lizard Squad were somehow involved and so it is actually hard to tell how
much of the “bragging” was actually just that and how much was actually
really related to serious threats aligned to the terrorist group.

The problem of the largely young male hacker group that get involved in
these types of hacks is that it essentially acts as a type of “social
denial of service” attack on law enforcement agencies. The hacking of sites
for bragging is a part of the culture to prove the level of skill of a
hacker, often as a means of earning the right to access secretive hacker
groups, or the secret hacking information they hold. Whilst the attacks are
potentially damaging, they are not necessarily done with that as the prime
objective.

This culture is not just the preserve of so-called “black hat” hackers,
hackers working for the secret services can sometimes be little different.
The recent report of the UK secret service agency GCHQ’s hack of SIM card
manufacturer Gemalto, highlights the GCHQ staff boasting about getting
control of Gemalto’s network and what they could now do with that access.

Cyber-Anthropologist Gabriella Coleman has characterised the many faces of
the typical hacker belonging to groups such as Anonymous and LulzSec. This
included the FBI informant Hector Xavier Monsegur aka “Sabu” who had to
prove his hacking credentials to be accepted back into the trust of the
group LulzSec. The impact of the revelations that Sabu was an FBI informant
was the realisation that everything that he had done and said - especially
through a very high profile Twitter account - was a lie.

In amongst all of the cyber crime, of which there is a great deal of
damaging criminal activity, there is the equally active world of the cyber
fantasist who is drawn to the world of hacking as a proof of technological
prowess and the ability to wield power over powerful entities. The
justification, whether it is an affiliation to a civil activist group like
“Anonymous” tackling “issues” or to nation states as is the case of the
Syrian Electronic Army may in part be an attempt to legitimise their
actions.

The large scale of the arrests last week in the UK are clearly being staged
for a show of force. The nature and psychological profiles of the hackers
involved suggest that highlighting the risks involved in undertaking this
type of activity may not serve to deter them for long, if at all.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!