http://www.usatoday.com/tech/news/surveillance/2008-10-26-cia-gadgets_N.htm
By Peter Eisler, USA TODAY
http://www.usatoday.com/tech/news/surveillance/2008-10-26-cia-gadgets_N.htm
By Peter Eisler, USA TODAY
http://online.wsj.com/article/SB123318475748226305.html
The bear economy is creating a bull market for cyber-crooks.
Experts and law-enforcement officials who track Internet crime say scams have intensified in the past six months, as fraudsters take advantage of economic confusion and anxiety to target both consumers and businesses.
Thieves are sending out phony emails and putting up fake Web sites pretending to be banks, mortgage-service providers or even government agencies like the Federal Bureau of Investigation or the Federal Deposit Insurance Corp. Cellphones and Internet-based phone services have also been used to seek out victims. The object: to drain customer accounts of money or to gain information for identity theft.
Avivah Litan, vice president with Internet-technology research company Gartner Inc., said clients are telling her that cyber-assaults on many banks have doubled in the past six months in the U.S. and other parts of the world, including the U.K., Canada, Mexico and Brazil. Though most are thwarted by computer-security defenses, such as spam filters and fraud-detection systems, that still leaves potentially millions of victims.
“They are all experiencing a lot more attacks, and a lot more ATM fraud” aimed at depositors’ accounts, Ms. Litan said.
More than 800 complaints have been logged by the National White Collar Crime Center in Richmond, Va., so far this year from checking-account customers in the U.S. about mysterious, unauthorized transactions of $10 to $40 that appear on monthly statements. Craig Butterworth, a spokesman for the center, a federally funded group that assists police agencies, said investigators suspect a data breach or “phishing” campaign, where deceptive emails and text messages are used to acquire personal information, such as Social Security numbers, user names and passwords. Separately, a “penny” scam of phantom credit- and debit-card charges from 21 cents to 48 cents has generated 300 complaints, Mr. Butterworth said.
The FBI’s Internet Crime Complaint Center confirms a increase in cyber-attacks. In its most recent Internet Crime Report, the FBI said it received 207,000 complaints about crimes perpetrated over the Internet in 2007, the latest year for which data are available, amounting to nearly $240 million in reported losses, or $40 million more than a year earlier. Organized groups in the U.S. and elsewhere are behind many of the crimes, experts say.
Until recently, most attacks were scattershot, with spam emails blasted randomly to thousands of computer users at once. Now crooks are starting to single out specific targets identified through prior research, a tactic called “spear phishing.” In these attacks, emails are sent to the offices of wealthy families or to corporate money managers, for example. They address potential victims by name and company or appear to come from an acquaintance.
http://articles.cnn.com/2008-08-05/justice/card.fraud.charges_1_card-numbers-debit-magnetic-strips?_s=PM:CRIME
Eleven people were indicted Tuesday for allegedly stealing more than 40 million credit and debit card numbers, federal authorities said.
The indictments, which alleged that at least nine major U.S. retailers were hacked, were unsealed Tuesday in Boston, Massachusetts, and San Diego, California, prosecutors said.
It is believed to be the largest hacking case that the Justice Department has ever tried to prosecute.
Three of the defendants are from the United States; three are from Estonia; three are from Ukraine, two are from China and one is from Belarus.
The remaining individual is known only by an alias and authorities do not know where that person is.
Under the indictments, three Miami, Florida, men — Albert “Segvec” Gonzalez, Christopher Scott and Damon Patrick Toey — are accused of hacking into the wireless computer networks of retailers including TJX Companies, whose stores include Marshall’s and T.J. Maxx, BJ’s Wholesale Club, OfficeMax, Barnes and Noble and Sports Authority, among others.
The three men installed “sniffer” programs designed to capture credit card numbers, passwords and account information as they moved through the retailers’ card processing networks, said Michael Sullivan, the U.S. attorney in Boston.
“This has other personal numbers that could give them access to credit or debit cards that have already been issued and are active,” Sullivan told CNN. iReport.com: Have you been a victim of identity theft?
The probe began in late 2006, Sullivan said. In addition to the Justice Department, the Secret Service has been conducting an undercover investigation for more than three years through the U.S. attorney’s office in San Diego, he said.
http://articles.cnn.com/2008-08-18/tech/cyber.warfare_1_hackers-internet-assault-web-sites?_s=PM:TECH
The next large-scale military or terrorist attack on the United States, if and when it happens, may not involve airplanes or bombs or even intruders breaching American borders.
Instead, such an assault may be carried out in cyberspace by shadowy hackers half a world away. And Internet security experts believe that it could be just as devastating to the U.S.’s economy and infrastructure as a deadly bombing.
Experts say last week’s attack on the former Soviet republic of Georgia, in which a Russian military offensive was preceded by an Internet assault that overwhelmed Georgian government Web sites, signals a new kind of cyberwar, one for which the United States is not fully prepared.
“Nobody’s come up with a way to prevent this from happening, even here in the U.S.,” said Tom Burling, acting chief executive of Tulip Systems, an Atlanta, Georgia, Web-hosting firm that volunteered its Internet servers to protect the nation of Georgia’s Web sites from malicious traffic.
“The U.S. is probably more Internet-dependent than any place in the world. So to that extent, we’re more vulnerable than any place in the world to this kind of attack,” Burling added. “So much of what we’re doing [in the United States] is out there on the Internet, and all of that can be taken down at once.”
“This is such a crucial issue. At every level, our security now is dependent on computers,” said Scott Borg, director of the United States Cyber Consequences Unit, a nonprofit research institute. “It’s a whole new era. Political and military conflicts now will almost always have a cyber component. The chief targets will be critical infrastructure, and the attacks will emerge from within our own computer systems.”
http://articles.cnn.com/2008-05-08/tech/digitalbiz.cybercrime_1_malware-hackers-phishing-sites?_s=PM:TECH
Back in the good old days of the Internet, the hacker was a teenager motivated by high-tech pranks and bragging rights. Today, the online thief could be anyone with ‘Net access after a quick buck.
“Hacking has escalated from a destructive nature to financial gain through phishing, targeting people for bank account details, and siphoning accounts from there,” says Derek Manky, security researcher at Fortinet.
“It’s a very sophisticated ecosystem, with organizations and services for hire,” he continues.
“There’s a lot of money floating around, a lot of people involved. Once the infrastructure and networks are in place, you start building that foundation, which can be further leveraged and taken to next level: denial of services, cyber warfare, espionage.”
In the Web 2.0 world of ubiquitous, seamless, horizontal communication, information wants to be free. But just as easily as it can be uploaded, downloaded and shared, it can be accessed and exploited by individuals with a different agenda.
While online communities in particular continue to grow through friendly social networking sites, underground cybercrime syndicates continue to thrive on these on-screen relationships based on sharing and trust.
And with social engineering the hottest commodity on the phishing market, it’s a question of knowing what literally what makes people click.
http://articles.cnn.com/2008-08-21/tech/internet.filtering_1_web-sites-great-firewall-block-access?_s=PM:TECH
http://www.wired.com/techbiz/people/magazine/17-01/ff_max_butler
http://articles.cnn.com/2009-02-05/tech/facebook.impostors_1_facebook-spokesman-barry-schnitt-cnn-friends-track?_s=PM:TECH
http://www.wired.com/wired/archive/15.01/cybercop.html
http://online.wsj.com/article/SB123412824916961127.html