WANTED: Evgeniy Bogachev, Cyber Criminal

A $3 million dollar reward has been offered in exchange for information that leads to the arrest or conviction of Evgeniy Bogachev, a Russian national, believed to be the leader of the criminal organization responsible for the use of the malware “Gameover Zeus” (“GOZ”) and “Cryptolocker”, reported Reuters. Bogachev was named a defendant in the complaint, along with four other individuals whose real identities were not included, but who are known by “Temp Special”, “Ded”, “Chingiz 911″ aka “Chingiz”, and “Mr. Kykypyky”. The remaining four defendants are also believed to be Russian nationals who assisted Bogachev in the administration of GOZ.

The civil action was filed in the United States District Court for the Western District of Pennsylvania, and brought under 18 U.S.C. §§ 1345 and 2521. The government is seeking to enjoin all defendants from continuing to engage in wire fraud, bank fraud, and unauthorized interception of electronic communications, which are all in violation of 18 U.S.C. §§ 1343, 1344, and 2511. According to the complaint, all defendants are believed to be residing within Russia at this time. The FBI has also issued a “Wanted” poster for Bogachev.

Handout of Russian national Evengiy Bogachev is shown in this FBI Wanted Poster

Gameover Zeus (“GOZ”)

GOZ is a malware that infiltrates and turns computers into “bots”, which are then controlled by an unauthorized third-party unbeknownst to the owners. The third-party can then intercept, usually through “man-in-the-middle” attacks, sensitive information, such as banking credentials and social security numbers, being transmitted from those compromised computers. This is how GOZ is used to commit fraudulent financial activity. GOZ first emerged in September 2011, and has since been the cause of over $100 million in losses worldwide. In the US, victims include a bank in Florida, a composite materials company in the Western District of Pennsylvania, and an Indian tribe in Washington. Further, GOZ provides a vehicle for Cryptolocker to be installed in computers that have already been infected by GOZ.

Cryptolocker the “ransomware”

Cryptolocker is a malicious program that infects computers, and allows a third-party to encrypt files contained in the hard drives of infected computers. From there, the user of the computer that has been infected is prompted to pay a ransom in exchange for the key that will decrypt the encrypted files. The encryption algorithm is believed to be “effectively unbreakable”, accordingly refusing to pay the ransom could result in the loss of data. Since it emerged in 2013, Cryptolocker has infected over 230,000 computers, with over 120,000 victims residing in the US. Victims in the US include an insurance company in Pittsburg, Pennsylvania, a police department in Massachusetts, and a company in North Carolina.

What happens now that charges have been filed?

Last year the US Department of Justice also filed charges against five Chinese nationals accused of, among others, computer hacking and economic espionage. There are stark differences between these two cases though. First, unlike the Russian government, the Chinese government has not given any indication that it is even considering working with the US to combat cybercrimes, according to Reuters. The head of the FBI’s cyber crime division, Joseph Demarest, said that the FSB, Russia’s internal security agency, recently expressed “tentative interest” in working with the US on investigating cybercrimes, adds the report.  And secondly, the five charged individuals are known to be members of the Chinese military, whereas Bogachev and his associates are not known to be affiliated with the Russian government.

Despite the FSB’s recent statements regarding collaboration on cybercrime investigations, it remains unclear whether it will assist in Bogachev’s case, reports Reuters. Without Russia’s involvement, it will be difficult for the FBI to detain Bogachev as it cannot simply send agents into the country to extract him. Still, filing the charges can serve as more than a merely symbolic gesture. It will likely restrict Bogachev’s movement, considering entry into nations which have extradition treaties with the US could result in his detention and transfer to US custody.

The full complaint can be found here.

Share:

Tags: , , ,

Is the US Indirectly Supporting Cyber Vigilantism? A Look at The Jester…

Called a  “Patriotic Hacker”… “Cyber Vigilante” … “Cyber Patriot” … which only begs the question:

Who Is The Jester?

He has allegedly taken down more than 170 Jihadi websites since 2010.

He has over 66,000 Twitter followers.

He hacked Wikileaks.

He even hacked Anonymous.

Five months ago he agreed to take part in a rare interview with NBC 5 in an encrypted chat room.  The Jester told the NBC 5 investigators that he started hacking after realizing that there was a growing threat from Jihadis online using the internet to recruit, radicalize and even train homegrowners.  He told Homeland Security Today:

[I]nstead of endlessly talking about what we might do, or what we could do, I decided as a private citizen to get up and just do it . . . and, I also like to smite the bad guys. I guess that’s why I continue to do what I do.

What makes him unique, is that unlike hacktivist groups like Anonymous which are worldwide, and group-driven by various ideologies and rules, this lone wolf focuses on US enemies and views his work as patriotic.  According to US Army cyber-operations specialist T. J. O’Connor, the Jester has argued that the omnipotence and growth of the Internet has granted terrorists a safe haven, and stated his intentions to prevent such action.

O’Connor wrote a detailed paper on the Jester back in December 30, 2011.  Titled: “The Jester Dynamic: A Lesson in Asymmetric Unmanaged Cyber Warfare,” he “examine[d] the significant impact [this] lone-wolf patriot hacker has had over the course of the last two years, and what important lessons we can learn from him on how to wage a successful fight in this domain.”  O’Connor wrote that in the Jester’s first two years of hacking, he successfully attacked over 200 targets.  O’Connor also wrote that the Jester’s desire to deny Internet sanctuary to jihadists appears to stem from his military service.

So who exactly is this Jester? Ashlee Vance, reporting in The New York Times back on Dec. 3, 2010, quoted a Pentagon source as saying The Jester is “a former defense operative with knowledge of Special Forces activities” who “was a onetime military contractor who had worked on projects for Special Operations Command.” According to CNN Money, the Jester claims to currently hold a desk job in the cybersecurity and intelligence field.

How does the government view the work of the Jester? If one views actions more seriously than words, it is important to note that despite the fact that the Jester’s hacking is illegal under US laws, no criminal charges have been pursued against him.  The Jester told Homeland Security Today that he knew people inside the government.  In fact, according to Homeland Security Today, his Twitter followers include shadow operators in the US intelligence and counterterrorism communities.

More than a few told Homeland Security Today on background that The Jester has, at the very least, their tacit approval. From the shadows, he’s quietly applauded.

Is it true? Is the government acting under willful blindness of the illegal acts of this cyber Jester? Should they be? Is this alleged tacit approval a call for other lone wolfs to follow in his footsteps?

 

 

 

 

Share:

Tags: , , ,

NSA or Not, Equation Group is Recognized as the “Most Advanced” Threat Actor in Cyberspace

Another report has been released identifying widespread spyware breaches. This most recent report released by Kaspersky Lab, a cyberthreat firm, named the “Equation Group” the most advanced “threat actor” out of over 60 advanced attackers investigated by the firm over the past several years, reports Defense One. According to the report, the Equation Group has been active for “possibly” 20 years, and is thought to be affiliated with the NSA, although the Kaspersky report did not outright make that claim.

Kaspersky Equation Group Report Cover

Is Equation Group the NSA?

Kaspersky’s report implied that the Equation Group is associated with, or may even be the same group responsible for the Stuxnet virus. According to the report, a computer worm created by the group in 2008, known as Fanny, used two zero-day exploits also used by Stuxnet, and was spread throughout the Middle East and Asia. The report explained that the two exploits were used in Fanny even before the they were used in Stuxnet. Fanny and Stuxnet both used the LNK exploit to spread,  the report continued. Further, both Fanny and Stuxnet utilized a vulnerability in Microsoft’s software which was later patched by the Microsoft bulletin MS09-025, according to the report. Kaspersky asserted that this indicated that the Equation group had access to the exploits before the Stuxnet group did. Additionally, the delivery mechanism believed to be utilized by both Stuxnet and Fanny were USB sticks used to gain access to air-gapped networks, such as the Iranian network infected by Stuxnet. The similarities in the use of these exploits, and within the same timeframe, indicates that the group responsible for Fanny and Stuxnet are either working together or are the same, the report concluded.

Who does Equation Group Target?

Stuxnet is believed to be the product of a joint venture between the NSA and the Israelis, leading to the belief that the Equation Group is actually the NSA or at least closely affiliated with it. Defense One reported that the group’s operations seem to target the “appropriate” people, “enemies foreign.” This indicates that the group operates under predetermined parameters, using usernames and network addresses to pick out specific targets, the article added. Targets resided in about 30 countries including Iran, Russia, Syria, and Afghanistan, according to the article. The article also reported that in addition to thousands of individuals, the group has infected entities within governments, telecommunications, and energy sectors, among others. This method of using existing vulnerabilities is “much less disruptive” than inserting vulnerabilities “that leave everyone insecure,” Bruce Schneier explained on the Lawfare Blog. Just as Stuxnet specifically targeted the Iranian network controlling its nuclear centrifuges, the Equation Group also conducts its activities carefully and precisely, targeting specific actors worldwide.

How does the release of this report affect current operations?

Experts claim this exposure may prove problematic for intelligence-gathering operations against Islamic extremists, Defense One added. However, according to the article, experts also admitted that the revelation will not likely end intelligence gathering operations. Further, even though its operations have been publicized, the group may still continue using the same methods because those breached may not have the capability to “detect, remediate, and mitigate” the risk posed by the group, the article reported. Furthermore, it is unknown how long it would take to develop the capability to do just that, adds the article. The NSA released a statement refusing to comment directly on the assertions made in Kaspersky’s report, however, it was admitted that allegations such as this always pose a risk to the nation’s security, reports Defense One.

Kaspersky’s full report can be found here.

Share:

Tags: , ,

Cyber Round Up: Iran Learns from West; Auto-Hacking Risks on the Rise; Facebook’s Cyber Security Network; Traps over Firewalls

  • NSA: Iran Learns from Western Cyberattacks: The Intercept reports that by studying and replicating Western cyber tactics, a NSA document warns that Iran has been able to create increasingly sophisticated cyberattacks.  According to the article, Iran’s destructive cyber attack against Saudi Aramco in August 2012 is questionably similar to a cyberattacks against Iran’s own oil industry in April 2012.  The article notes the findings of a recent NSA document which suggests that Iran has become “a much more formidable cyberforce by learning from the viruses injected into its systems – attacks which have been linked back to the United States and Israel.”  The article makes an interesting point: that offensive cyberattacks on other states do not merely provoke counterattacks – those attacks can teach adversaries how to launch their own.  Read the full article by clicking here.
  • Auto-Hacking Increasing Concern: According to a new congressional report called “Tracking and Hacking,” as vehicles become more connected to the Internet, automakers are failing to take the necessary measures to protect them against cyber-attacks.  Not only can hackers control your steering, brakes, and accelerator, but they can also use the new auto technology to listen into your conversations while on your phone in your car (another reason not to use your cell while driving!). According to the report, the following wireless entry points to the 50 electronic control units that are a part of a car’s network include: tire pressure monitoring systems, Bluetooth, Internet access, keyless entry, remote start, navigation systems, WiFi, anti-theft systems and cellular-telematics.  How to make automakers take on more responsibility to prevent these cyber harms? According to U.S. Senator Edward Markey, the industry should consider adopting a rating system similar to the Insurance Institute for Highway’s Safety’s crash test ratings.  Read full articles on the report: by the Detroit Free Press here, and by 680news.com here.
  • Facebook Launches Cyber Security Network: As the US Government and companies continue to search for new ways to coordinate their defenses against cyberattacks, Facebook teams up with Yahoo and Pinterest to launch a social network for cyber security professionals to share clues about how hackers are behaving in the hope of preventing security breaches. According to Financial Times, Facebook’s new detection system called “ThreatExchange” is different than the others already out there for at least one significant reason: it is FREE. Capitalizing off of a business model which has worked for them in the past, the free social networking model, the new launch hopes to take advantage of the current number of members to direct this threat project.  Read the full report on the launch by Financial Times here.
  • Experts Say Traps More Effective Than Firewalls: The saying goes as follows: insanity is defined as doing the same thing over and over and expecting different results. Many cybersecurity experts are sending a similar message by pushing companies and governments to stop thinking about preventing cyberattacks with firewalls, and start thinking about trapping the enemy once they get inside.  In the past, firewalls have been the routine cybersecurity tactic for prevention, however, according to a report by the Dallas Morning News, cybersecurity experts are calling that method “old and outmoded.”  Instead, according to the article, we need to neutralize attackers once they’re inside networks rather than fixating on trying to keep them out.  Read the full article here.
Share:

Tags: , , , , ,

Draft AUMF from White House

On February 11, 2015, the President of the United States sent a letter to Congress “submitting a draft AUMF that would authorize the continued use of military force to degrade and defeat ISIL.”  Recall that past Authorizations for Military Force (AUMF) have been cited by the White House as authority for electronic surveillance as “signals intelligence” and for other operations in cyberspace.  So, this one, too, might be of significance to cyber security law and policy.

Here is the President’s draft language:

JOINT RESOLUTION

To authorize the limited use of the United States Armed Forces against the Islamic State of Iraq and the Levant.

***

Whereas the terrorist organization that has referred to itself as the Islamic State of Iraq and the Levant and various other names (in this resolution referred to as ‘‘ISIL’’) poses a grave threat to the people and territorial integrity of Iraq and Syria, regional stability, and the national security interests of the United States and its allies and partners;

Whereas ISIL holds significant territory in Iraq and Syria and has stated its intention to seize more territory and demonstrated the capability to do so;

Whereas ISIL leaders have stated that they intend to conduct terrorist attacks internationally, including against the United States, its citizens, and interests;

Whereas ISIL has committed despicable acts of violence and mass executions against Muslims, regardless of sect, who do not subscribe to ISIL’s depraved, violent, and oppressive ideology;

Whereas ISIL has threatened genocide and committed vicious acts of violence against religious and ethnic minority groups, including Iraqi Christian, Yezidi, and Turkmen populations;

Whereas ISIL has targeted innocent women and girls with horrific acts of violence, including abduction, enslavement, torture, rape, and forced marriage;

Whereas ISIL is responsible for the deaths of innocent United States citizens, including James Foley, Steven Sotloff, Abdul – Rahman Peter Kassig, and Kayla Mueller;

Whereas the United States is working with regional and global allies and partners to degrade and defeat ISIL, to cut off its funding, to stop the flow of foreign fighters to its ranks, and to support local communities as they reject ISIL;

Whereas the announcement of the anti-ISIL Coalition on September 5, 2014, during the NATO Summit in Wales, stated that ISIL poses a serious threat and should be countered by a broad international coalition;

Whereas the United States calls on its allies and partners, particularly in the Middle East and North Africa, that have not already done so to join and participate in the anti-ISIL Coalition;

Whereas the United States has taken military action against ISIL in accordance with its inherent right of individual and collective self-defense;

Whereas President Obama has repeatedly expressed his commitment to working with Congress to pass a bipartisan authorization for the use of military force for the anti-ISIL military campaign; and

Whereas President Obama has made clear that in this campaign it is more effective to use our unique capabilities in support of partners on the ground instead of large-scale deployments of U.S. ground forces: Now, therefore, be it

Resolved by the Senate and House of Representatives of the United States of America in Congress assembled, That

SECTION 1. SHORT TITLE.

This joint resolution may be cited as the “Authorization for Use of Military Force against the Islamic State of Iraq and the Levant.”

SEC. 2. AUTHORIZATION FOR USE OF UNITED STATES ARMED FORCES.

(a) AUTHORIZATION. — The President is authorized, subject to the limitations in subsection (c), to use the Armed Forces of the United States as the President determines to be necessary and appropriate against ISIL or associated persons or forces as defined in section 5.

(b) WAR POWERS RESOLUTION REQUIREMENTS. —

(1) SPECIFIC STATUTORY AUTHORIZATION. — Consistent with section 8(a)(1) of the War Powers Resolution (50 U.S.C. 1547(a)(1)), Congress declares that this section is intended to constitute specific statutory authorization within the meaning of section 5(b) of the War Powers Resolution (50 U.S.C. 1544(b)).

(2) APPLICABILITY OF OTHER REQUIREMENTS. — Nothing in this resolution supersedes any requirement of the War Powers Resolution (50

U.S.C. 1541 et seq.).

(c) LIMITATIONS.—

The authority granted in subsection (a) does not authorize the use of the United States Armed Forces in enduring offensive ground combat operations.

SEC. 3. DURATION OF THIS AUTHORIZATION.

This authorization for the use of military force shall terminate three years after the date of the enactment of this joint resolution, unless reauthorized.

SEC. 4. REPORTS

The President shall report to Congress at least once every six months on specific actions taken pursuant to this authorization.

SEC. 5. ASSOCIATED PERSONS OR FORCES DEFINED.

In this joint resolution, the term ‘‘associated persons or forces’’ means individuals and organizations fighting for, on behalf of, or alongside ISIL or any closely-related successor entity in hostilities against the United States or its coalition partners.

SEC. 6. REPEAL OF AUTHORIZATION FOR USE OF MILITARY FORCE AGAINST IRAQ.

The Authorization for Use of Military Force Against Iraq Resolution of 2002 (Public Law 107–243; 116 Stat. 1498; 50 U.S.C. 1541 note) is hereby repealed.

Share:

Tags: , , ,

New Center Being Created to Streamline Cybersecurity Strategy

The increasing threat posed by cyberattacks has prompted the US government to establish a new agency called the Cyber Threat Intelligence Integration Center (“CTIIC”), the Washington Post reported. The  Office of the Director of National Intelligence (“ODNI”) will oversee the new department along with other centers including the National Counterterrorism Center (“NCTC”), adds the report. The CTIIC is modeled after the NCTC, Fortune reported, for that reason, it is unlikely that this new department will actually conduct any intelligence gathering operations of its own.

Instead, the new department is designed to streamline the government’s cybersecurity strategy and will likely bring together information gathered by other agencies, as well as the private sector, Motherboard reported. Several agencies already have cyber-operations centers, including the FBI, CIA, NSA, and DHS, reported the Washington Post. The CTIIC will likely serve as a hub where cyber intelligence from these various agencies will be integrated, analyzed and processed in order to form one cohesive response to cyberthreats and attacks, just as the NCTC does with intelligence pertaining to terrorism.

But the move is already being criticized by some who see it as just another layer of bureaucracy, the Washington Post reported. The NCTC was received by similar criticism and was initially opposed by agencies, according to the report. However, the NCTC was designed to provide agencies with vital analysis allowing the agencies to focus on their own missions, as with the FBI and its investigations, the article reported.

Another criticism comes from Motherboard, which reported that the new department will just create another surveillance regime that may implicate civil liberties. It is unclear whether the CTIIC will have maintain an international cyberthreats or domestic threats as well, Motherboard reported. Further, Motherboard reported that it is likely that an information sharing regime between private companies and the government will be needed for the new department to conduct its planned activities. The Cybersecurity Information Sharing and Protection Act (“CISPA”) is an example of a bill that will allow this kind of information sharing. However, it has not been passed yet, and was just recently reintroduced in January, after failing to pass in the Senate in the past, the report added.

An executive order outlining the CTIIC’s duties will be signed by President Obama on Friday, February 13, during the White House Cyber Summit being held at Stanford University, according to Motherboard.

Lisa Monaco’s remarks can be found here: http://www.whitehouse.gov/the-press-office/2015/02/11/remarks-prepared-delivery-assistant-president-homeland-security-and-coun

 

 

Share:

Tags: , , ,

Nation-State Cyberattacks are NOT Terrorism, asserts RAND expert

According to Martin C. Libicki, even when backed by nation-states, cyberattacks are not terrorism and should not be considered a national-security concern.  Do you agree?

Libicki is a senior management scientist at the nonprofit, nonpartisan RAND corporation.  In an article on the topic for Newsweek, Libicki defines terrorism as “the use of attacks to create visceral fear,” and he claims that cyberattacks do not fit that definition.  Merriam-Webster Dictionary defines “visceral” as “coming from strong emotions and not from logic or reason.” Do cyberattacks cause visceral fear? Below is a breakdown of Libicki’s argument that they do not.

Sony Attack

According to Libicki, the Sony attack was not decisive until there was a threat of actual terror: the threats made on the physical theaters that showed the film.  To support this claim, Libicki points out that Sony did not withdraw the film until the threats transitioned from threats of cyberattacks to threats of 9/11 style attacks on theaters showing the film.

Following a discussion on the Sony Attacks, Libicki commentated on various cyberattacks reported throughout the years.  Libicki seems to minimalize these attacks by continually referring to them as merely “trashing computers.”  Libicki appears again to minimalize these attacks by pointing out that “most computers are rendered inoperable from criminal not terrorist reasons.”

Attacks on Critical Infrastructure

Libicki points out that the number one fear when it comes to cyberattacks is that an attack will shut down critical infrastructure or confound a network-centric militaryAccording to Libicki, these are “hard targets” and the chance they will be hit is rare essentially because it has not yet been accomplished.  Libicki focuses on the fact that most cyberattacks, like physical terrorist attacks, have been focused on “soft targets” in which “security may have been an afterthought.”  In the cyberworld, the soft targets are corporations such as those involved in the entertainment industry, and in the physical world, the soft targets are undefended places where people congregate such as coffee shops, food markets, and trains.

Cyberattacks are Weapons of…the weak?

If either Iran or North Korea were strong and influential, they might have been able to head off being treated with what they regarded as such disrespect by tried-and-true methods of pressure and financial leverage.  But they are weak players and had to use other, more disruptive methods.

Are cyberattacks weapons of the weak?  Libicki argues that even conventional terrorism is a weapon by those without the ability to carry out conventional military tasks such as defending populations, or attacking the other side’s military.  However, given the advancement of technology, is it really fair to say that strong nation-states will always defer to conventional military tasks?  Even the United States has the ability to use hacking operations to go on the offensive.

Continue reading

Share:

Tags: , , , ,

SATSA’s Conference on The Global Threat: Emerging Issues in National Security

Just calling your attention to what promises to be a very good event…

SATSA Conference

 

Keynote speakers include:

  • Col. Bill Smullen (Ret.), Former Chief of Staff, US Secretary of State Colin Powell
  • Rear Adm. James E. McPherson (Ret.), 39th Judge Advocate General, US Navy
  • Mohammed Albasha, Spokesperson, Yemen Embassy to the US
  • Vice Adm. Robert B. Murret (Ret.), Former Director, US National Geospatial Intelligence Agency
  • J. Michael Haywire, Executive Director & Founder, Institute for Veterans & Military Families, Syracuse University
  • Col. Richard M. Whitaker (Ret.), US Army JAG Corps & Director, Sensitive Activities Oversight, US Special Operations Command
  • Col. Jeffrey S. Johnson (Ret.), Former Operations Group Commander of US Air Force Personnel, US National Security Agency

 

Share:

Tags: , , ,

Crowdsourcing National Cybersecurity?

When a project is just too big or too complex, the crowd can play an important role, and according to an article by The Washington Post, national cybersecurity might just be the type of project in need of a crowd.

According to the article, cyber networks are best viewed as an asset that we all have a shared responsibility to protect.  When thinking of the cyber world in that light, the core ideas from Silicon Valley, “crowdsourcing, open source software, social networking, and the creative commons” make sense.

A number of venture capitalists have already applied these ideas to fund companies that recruit “white hat hackers” that are then available for a fee to find and repair any security risks in client networks.  But can the same crowdsourcing idea work for national cybersecurity?

The article addresses the pros and cons of applying this concept for national cybersecurity.  One positive would be the free and transparent sharing of computer code used to detect cyber threats between the government and private sector.  Additionally, open sourcing of cyber defense would allow for an increase in the number of “white hat hacker” recruits.  Most importantly, crowdsourcing for national cybersecurity would lead to the crowdsourcing of intelligence threats, which is essential given that one organization or agency seems to no longer have the capability to deal with all the threats emergency in cyberspace.

However, the article also discussed the negatives to this approach.  Crowdsourcing would open the door to government cyber defenses being infiltrated by the enemy, and once inside the enemy could download the code, reverse engineer it, and then use it to insert “Trojan Horses” intended for military targets.  Another issue would be the cut in potential recruits due to the backlash from the NSA spying scandal.  While “white hat hackers” may be willing to help companies like Sony, they may not be as willing to join forces with the NSA.

Weighing the pros and cons, is crowdsourcing America’s cybersecurity an idea so crazy it might just work?  Well, that’s the title of the article by The Washington Post.  Read the full article by clicking here.

 

Share:

Tags: , , ,

A Hacktivist View of US Cybersecurity

When those in power break their own laws then there is no law and no moral authority; there are just competing factions in an international power struggle to control resources. – Jeremy Hammond, Anonymous hacktivist.

Following the SONY and CENTCOM cyber attacks, there has been a lot of discussion about the difference between nation-state and individual hackers, large-scale hacks and smaller breaches.  Most of the articles describing and analyzing these cyber trends have been written by cybersecurity experts or journalists relying on their expertise.  The Guardian published an article that provides a unique and perhaps controversial stance: the viewpoint of a well-known hacktivist member of Anonymous.  Writing for The Guardian from his current home at a federal correctional institution in Kentucky, Jeremy Hammond, member of the hacktivist network Anonymous, accuses the U.S. government of “blatant hypocrisy” for their cybersecurity policies.

Using the recent Sony hack as an example, Hammond claims that the hack was not fundamentally different from the many Anonymous operations with the only real exception being the source: North Korea. Hammond goes on to question the attribution, discussing the common claim made by many InfoSec figures that attribution of cyber attacks is difficult if not impossible due to the ability of the attackers to use proxies to make the attacks appear to originate elsewhere. So why would the US treat this allegedly common attack seriously despite the potential for a falsely attributed source? According to Hammond, “[i]t is…the perfect pretext for the US to launch their own hacking operations.”

Hammond goes on to criticize the US for framing their cybersecurity retaliation strategies aimed at North Korea as a means to protect “free speech.”  Not only does Hammond provide a lengthy list of actions by Sony which place their own financial interests against notions of free speech, including recent lawsuits attempting to prevent discussion of their now-public internet emails, but Hammond goes on to emphasize the real issues of free speech in cyberspace.  Hammond views hacktivist like himself as the true advocates for free speech, lamenting that “seeking the truth, voicing our dissent . . . we are criminalized and treated like terrorists.”

According to Hammond, invoking the “threat of terrorism” is “the biggest smoke-and-mirrors mechanism to deny citizens both due process and free speech in the 21st century.”  Hammond claims that the US is more interested in hacking targets of their own than preventing attacks on US targets.  To support this claim, he discusses his involvement with US cyber informant Hector Monsegur, aka Sabu, who asked Hammond to hack hundreds of foreign government websites rather than attempt to prevent him from following through with dozens of high profile hacks.

And that’s what this hype of ‘cyber-terrorism’ is all about: establishing pretexts for our ongoing offensive hacking operations. . . . Our unparalleled efforts to assert military-style dominance over the internet is forcing other countries to develop their own hacking units, leading to a digital arms race which makes us all less safe. If the US truly wanted to stop the proliferation of nation-state hacking, they would push for UN conferences to establish guidelines defining and prohibiting “cyber-warfare.”

Hammond argues that the US is seeking a “monopoly” on the use of hacking.  Congress continues to add sentencing enhancements to existing laws and pass new legislation in order to punish hackers all the while recruiting those same hackers to work for the government to commit the same hacks against sovereign countries.  According to Hammond, we should not be surprised when as a result foreign countries start using the same tactics on us.

Hammond is not against cyber-war, however his idea of cyber-war would involve different sides:  a war between people and their governments.  Hammond believes that the internet’s natural state is anarchy and that people should fight against any attempt to militarize or corporatize it.

To read the full article, click here.

 

Share:

Tags: , , , , , ,

Next Page »

Authors

Untitled Document
Jennifer A. CamilloJennifer A. Camillo

is a third year student at Syracuse College of Law. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She is a member of the Syracuse National Trial Team and was recently awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She has served as a law clerk in the United States Attorney's Office for the Western District of New York and the Public Defender Service for the District of Columbia and as an extern in the United States District Court for the Western District of Washington. Full biography

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography

Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Categories