The End of Facebook?

Anonymous has posted an interesting message to the world that they plan to take down Facebook on November 5th, 2011.

Interestingly, November 5th is also Guy Fawkes Day. "Wintour introduced Fawkes to Robert Catesby, who planned to assassinate King James I and restore a Catholic monarch to the throne. The plotters secured the lease to an undercroft beneath the House of Lords, and Fawkes was placed in charge of the gunpowder they stockpiled there. Prompted by the receipt of an anonymous letter, the authorities searched Westminster Palace during the early hours of 5 November, and found Fawkes guarding the explosives. Over the next few days, he was questioned and tortured, and eventually he broke. Immediately before his execution on 31 January, Fawkes jumped from the scaffold where he was to be hanged and broke his neck, thus avoiding the agony of the drawing and quartering that followed.

Fawkes became synonymous with the Gunpowder Plot, which has been commemorated in England since 5 November 1605. His effigy is burned on a bonfire, often accompanied by a firework display." (wikipedia)

Google Threatens To Pull Out Of China

After cyber attacks on the gmail accounts of Chinese human rights activists and other Chinese dissidents, Google has raised the stakes threatening to pull it's operations from China. The attacks were "very organized" and "clearly targeted" according to Google spokesman David Drummond, chief legal officer at Google.

Drummond Says that the means of the attack where not Google related but rather phishing schemes that obtained user information and originated in December from China. Being careful not to implicate the Chinese government Drummond says "we simply cannot continue to operate a filtered or censored search engine..."

Check out the CNBC interview.

Gaza Fight Goes Online

Apparent supporters on both sides of the Israeli - Gaza conflict have taken to the internet to extend the fight online. "On 7 January, pro-Palestinian hackers defaced several high-profile websites, including a US Army website, and the Nato Parliamentary Assembly's website." according to the BBC. A battle has also been waged on Facebook where a group using the logo of the Jewish Internet Defence Force (JIDF) removed content from Facebook Groups and replaced it with statements supporting Israeli policy and criticising the Palestinian militant group Hamas. It seems that both sides of the battle are trying to get their messages out by any means possible.

More at BBC News.

Famous Twitter-ers Have Accounts Hacked

Twitter discovered yesterday that 33 prominent users of the service had their accounts compromised by an individual "who hacked into some of the tools our support team uses to help people do things like edit the email address associated with their Twitter account when they can't remember or get stuck." Those hacked included Rick Sanchez and Barack Obama. The tools were immediately taken offline to prevent further hacking and the company says they will only go live again when the security issue has been addressed. In addition, many users were also the target of a Phishing scam on the weekend. There can be no doubt now... Twitter is a hit!

Source: Twitter Blog

UK Hacker Facing Extradition To The US To Face Charges

Gary McKinnon aka "Solo", a Glasgow-born systems analyst is facing extradition to the United States to face charges that he gained access to 97 US military and Nasa computers from his London home in 2001 and 2002. Lawyers working on McKinnon's behalf say that US authorities had warned McKinnon that he faced a life sentence rather than a couple of years in jail unless he agreed to plead guilty and to extradition. McKinnon has never denied accessing the networks saying he was motivated by curiosity. I guess it's not really a question of guilt but rather can he receive a fair trial in a US court? BBC story here.

US Congressman Claims Computers Hacked By Chinese

Representative Frank Wolf, a Republican from Virginia, said Wednesday that the FBI found that four of his government computers have been hacked by sources working in China. Wolf is a long-time critic of China's human rights record and a spokesman for the congressman said the four computers were being used by staff members working on human rights issues. “I think this is very bad because you have the Chinese compromising and gaining access to computers of any number of members of the House and a major committee of the House,” Wolf told The Associated Press. “We don't know how many others.”

The Chinese Ministry of Foreign Affairs had no immediate comment. Last week, China denied accusations that it's officials had secretly copied the contents of a US government laptop during a visit to China by Commerce Secretary Carlos Gutierrez and used the information to try to hack into Commerce Department computers.

Globe and Mail story here.

Spanish Police Arrest Hackers

Five hackers being described as "being among the most active on the internet" have been arrested by Spanish police. The BBC is reporting that "Police say they co-ordinated attacks over the internet and hacked into 21,000 web pages over two years." Two of those arrested are said to be 16 years of age. The arrests took place in Barcelona, Burgos, Malaga and Valencia, the result of an inquiry that began in March after a Spanish political party's site was disabled.

Hackers Warn Big Business That Attacks Are Imminent

A "Hackers Panel" which convened in London this week at the InfoSecurity Europe conference is warning big business that denial of service attacks, the likes of which shut down the websites of banks, governments and political parties in Estonia, are imminent. Big business is seen as definite targets "If someone wants to have a pop at the UK, they are unlikely to go for the government web servers. They will go for the lower hanging fruit - companies which are seen as good representatives of the country." said panelist Steve Armstrong from the SANS Institute for information security training. Some believe that these attacks can be thwarted if ISP's take a more active roll in policing their networks and identifying machines that are compromised and participating in bot-nets, while others say it is not the place of the ISP and that more money needs to be spent by businesses to defend against such attacks. Seems rather obvious that the white hat hackers and security firms would want to support the later... The BBC has more here.

A Simple Solution To Compromise Encrypted Data

A group of researchers lead by a Princeton University scientist have developed a simple solution to hacking sophisticated encryption techniques and stealing data that, by many, would normally be considered to be secured. Rather than what you might expect to be a room full of powerful computing devices or highly complex computer code, the team describes the system in the following YouTube video, with further documentation on their website. Scary! Detailed story at the NYTimes.com website.

Quebec Police Break Up Hacking Ring

Quebec Provincial Police made arrests on Wednesday breaking up a hacking ring that is said to be responsible for $45 million in damages to computer systems. The 17 arrested where from about a dozen different communities and included 3 minors. According to this InfoWorld article, the ring installed "botnet" software on unsuspecting victims' computers in order to run phishing and spamming operations, said Capt. Frederick Gaudreau, of the Surete du Quebec. The botnet network infected 39,000 computers in Poland, 28,000 in Brazil, and 26,000 in Mexico, and over 100,000 computers in all were affected. I'm curious... why Poland, Brazil, and Mexico? Were the hackers of Spanish and Polish decent or did they acquire e-mail addresses from these countries? Did they create websites that would be of interest to people who come from these countries?

Military Labs fall victim to hackers

An InfoWorld news article describes a couple of "sophisticated" hacker attacks on computer networks at Oak Ridge National Laboratory (ORNL) in Tennessee and Los Alamos National Laboratory in New Mexico. The article says "it appears that intruders accessed a database of visitors to the Tennessee lab between 1990 and 2004, which included their social security numbers and dates of birth." There is further speculation that the personal data could be a bit of a smoke screen for a more serious intrusion by "a rival government". Of course we've heard a lot this fall about apparent intrusions by Chinese sponsored hackers, doesn't appear as though anyone is throwing another volley in that direction just yet but it will be interesting to see how this develops. Seems to me if the labs were compromised by "several waves of phishing e-mails with malicious attachments" then there is a serious lack of education at these sites... my kids know not to open attachments or provide sensitive info via e-mail!

New Zealand teen alleged botnet kingpin

Police in New Zealand questioned an 18 year old Hamilton resident and seized a number of computers in an international investigation aided by police in the Netherlands and the FBI. The teen who was later released is alleged to be a ring leader in a group of hackers that the FBI estimates controls more than 1 million computers and has caused combined economic losses of more than $20-million. “He is very bright and very skilled in what he's doing,” said Martin Kleintjes, head of the police electronic crime centre, “He hires his services out to others.”

The Globe and Mail has more.

Hackers go large scale to hijack search results and take over machines

An attempt by hijackers to manipulate search results and steer searchers to sites containing malicious code bent on exploiting an Internet Explorer flaw has apparently been thwarted. The BBC is reporting that the large scale attack, which involved tens of thousands of domains being set up to convince search index software they were serious sources of information, and was likely the works of Russian hackers (pure speculation). The domain names were registered in China and the sites hosted in the US, but were apparently only live for a couple of days before Google started to strip them from search results. Why can't we all just use Firefox?

Hacking passwords getting a lot easier!

Engadget is reporting that a Russian software company has filed for a US patent which leverages the power of modern graphics cards to crack passwords! According to the article "An NTLM-hashed Microsoft Vista password, for example, can now be cracked in 3 to 5 days (instead of two months) using a simple, off-the-shelf, $150 graphics card -- less complicated passwords can take just minutes." Sounds like it might be time to invest in finger print and retinal scanners!

More government hacking but no name calling this time

New Zealand government computers have been the most recent target according the countries top intelligence officer and confirmed by the Prime Minister. Security Intelligence Service head Warren Tucker said “strong evidence” was found to link the hacking activities to foreign governments and referred to comments by Canada's security service about Chinese spying activities. Prime Minister Helen Clark said she knew which government was responsible but declined to name names. The Globe and Mail has more here.

Pfizer machines spewing spam about Viagra?

Wired is reporting that a San Fransisco based security firm, Support Intelligence, is claiming that drug giant Pfizer has fallen victim to zombie networks operating within it's infrastructure and appears to be oblivious to the situation. Interestingly enough the spam that the zombies are serving up are largely for products that the company produces! According to Wired, Support Intelligence says "Pfizer computers have been spamming inboxes for the last six months... 138 different Pfizer IP addresses have been blacklisted by various groups". Wired reports that Pfizer has had a recent history of security related woes, "In one breach, a Pfizer employee exposed personal information on 17,000 employees after installing peer-to-peer software on a laptop. In another breach, confirmed Tuesday, a former employee downloaded sensitive data, including social security numbers and credit-card information for about 34,000 Pfizer employees."

Sounds like its time for some changes in the IT department!

China denies accusations

In a move that should come as no shock to anyone, the Chinese government is denying accusations that it was involved in a cyber attack on the Pentagon. A Chinese Foreign Ministry official is quoted in this BBC report as saying "Some people are making wild accusations against China ... These are totally groundless and also reflect a Cold War mentality," Interestingly, President Bush and China's Hu Jintao are preparing to meet at the Apec summit in Sydney, Australia. I wonder what the agenda will be?

China believed to be behind high level hacks of German and US government sites

The Financial Times is reporting that "a senior US official" is quoted as saying the Pentagon had pinpointed the China's People's Liberation Army (PLA) as responsible for a computer infiltration at the US Defence Department. This on the heals of German accusations that China had hacked it's systems... seems China and the US exchange these probes all the time but this time “The PLA has demonstrated the ability to conduct attacks that disable our system...and the ability in a conflict situation to re-enter and disrupt on a very large scale,”

Money talks.... hackers should choose words carefully

It seems the New Jersey teen who cracked the iPhone has changed his mind about people profiting from his hack. In this Globe and Mail article that I linked to last week, George Holtz was quoted as saying "That's exactly, like, what I don't want,... I don't want people making money off this." however today on his blog he has announced "I traded it for a sweet Nissan 350Z and 3 8GB iPhones." Best of all he traded it to a Kentucky-based mobile phone repair company, that has apparently also offered him employment! You can't blame the kid for wanting to secure employment but perhaps he should have chosen his words more carefully.

UN website hacked

The BBC is reporting that a group of hackers has defaced the United Nations (UN) website in what is being called a "cyberprotest". The group placed slogans on the site in a place reserved for statements from UN Secretary General Ban Ki-Moon. The slogans accused Israel and the United States of killing children and urged that they make peace not war. The site was taken down for repair.