Category: Archive

LANGLEY, Va. — The CIA has more than doubled the number of science and technology officers sent overseas to support foreign spy operations since the terrorist attacks of Sept. 11, 2001.

“Hundreds” of the specially trained officers have moved abroad to provide eavesdropping and communications devices, disguises and other high-tech support for field agents as the CIA has re-emphasized intelligence collection from human sources, according to agency information provided in response to a USA TODAY inquiry.

The CIA said the increase represents a 150% hike in overseas staffing for its Directorate of Science and Technology (DS&T), which fills the role made famous by “Q” in James Bond films. The agency won’t disclose the exact number of officers involved because its budget and staffing are classified, but the figures represent a rare public acknowledgement of the heightened pace of its foreign operations. The shift also reflects an increased emphasis on “close access” programs, in which information is collected directly from sources on the ground, as opposed to remotely via satellite or aircraft.

The intelligence community’s needs for high-tech equipment have “changed fundamentally” since the start of the war on terrorism and “demand … has increased dramatically,” says Stephanie O’Sullivan, the deputy CIA director who heads the Directorate of Science and Technology. For example, she adds, “there was a big explosion after 9/11 in the need for tracking and locating technology” to hunt leaders of al-Qa

Eleven people were indicted Tuesday for allegedly stealing more than 40 million credit and debit card numbers, federal authorities said.

The indictments, which alleged that at least nine major U.S. retailers were hacked, were unsealed Tuesday in Boston, Massachusetts, and San Diego, California, prosecutors said.

It is believed to be the largest hacking case that the Justice Department has ever tried to prosecute.

Three of the defendants are from the United States; three are from Estonia; three are from Ukraine, two are from China and one is from Belarus.

The remaining individual is known only by an alias and authorities do not know where that person is.

Under the indictments, three Miami, Florida, men — Albert “Segvec” Gonzalez, Christopher Scott and Damon Patrick Toey — are accused of hacking into the wireless computer networks of retailers including TJX Companies, whose stores include Marshall’s and T.J. Maxx, BJ’s Wholesale Club, OfficeMax, Barnes and Noble and Sports Authority, among others.

The three men installed “sniffer” programs designed to capture credit card numbers, passwords and account information as they moved through the retailers’ card processing networks, said Michael Sullivan, the U.S. attorney in Boston.

“This has other personal numbers that could give them access to credit or debit cards that have already been issued and are active,” Sullivan told CNN. iReport.com: Have you been a victim of identity theft?

The probe began in late 2006, Sullivan said. In addition to the Justice Department, the Secret Service has been conducting an undercover investigation for more than three years through the U.S. attorney’s office in San Diego, he said.

The next large-scale military or terrorist attack on the United States, if and when it happens, may not involve airplanes or bombs or even intruders breaching American borders.

Instead, such an assault may be carried out in cyberspace by shadowy hackers half a world away. And Internet security experts believe that it could be just as devastating to the U.S.’s economy and infrastructure as a deadly bombing.

Experts say last week’s attack on the former Soviet republic of Georgia, in which a Russian military offensive was preceded by an Internet assault that overwhelmed Georgian government Web sites, signals a new kind of cyberwar, one for which the United States is not fully prepared.

“Nobody’s come up with a way to prevent this from happening, even here in the U.S.,” said Tom Burling, acting chief executive of Tulip Systems, an Atlanta, Georgia, Web-hosting firm that volunteered its Internet servers to protect the nation of Georgia’s Web sites from malicious traffic.

“The U.S. is probably more Internet-dependent than any place in the world. So to that extent, we’re more vulnerable than any place in the world to this kind of attack,” Burling added. “So much of what we’re doing [in the United States] is out there on the Internet, and all of that can be taken down at once.”

“This is such a crucial issue. At every level, our security now is dependent on computers,” said Scott Borg, director of the United States Cyber Consequences Unit, a nonprofit research institute. “It’s a whole new era. Political and military conflicts now will almost always have a cyber component. The chief targets will be critical infrastructure, and the attacks will emerge from within our own computer systems.”

Back in the good old days of the Internet, the hacker was a teenager motivated by high-tech pranks and bragging rights. Today, the online thief could be anyone with ‘Net access after a quick buck.

“Hacking has escalated from a destructive nature to financial gain through phishing, targeting people for bank account details, and siphoning accounts from there,” says Derek Manky, security researcher at Fortinet.

“It’s a very sophisticated ecosystem, with organizations and services for hire,” he continues.

“There’s a lot of money floating around, a lot of people involved. Once the infrastructure and networks are in place, you start building that foundation, which can be further leveraged and taken to next level: denial of services, cyber warfare, espionage.”

In the Web 2.0 world of ubiquitous, seamless, horizontal communication, information wants to be free. But just as easily as it can be uploaded, downloaded and shared, it can be accessed and exploited by individuals with a different agenda.

While online communities in particular continue to grow through friendly social networking sites, underground cybercrime syndicates continue to thrive on these on-screen relationships based on sharing and trust.

And with social engineering the hottest commodity on the phishing market, it’s a question of knowing what literally what makes people click.

Believe the conspiracy theories: Out of sight and without your knowledge, governments truly are filtering what you see on the Internet.

The recent conflict between Georgia and Russia has highlighted many of the issues at play with Internet filtering, as its increasing use by governments raises serious doubts about the freedom of the Web.

Georgian authorities blocked most access to Russian news broadcasters and Web sites after the outbreak of the conflict, and both sides reported Web sites being blocked, removed or attacked as the situation unfolded.

The heat in Max Butler’s safe house was nearly unbearable. It was the equipment’s fault. Butler had crammed several servers and laptops into the studio apartment high above San Francisco’s Tenderloin neighborhood, and the mass of processors and displays produced a swelter that pulsed through the room. Butler brought in some fans, but they didn’t provide much relief. The electric bill was so high that the apartment manager suspected Butler of operating a hydroponic dope farm.

But if Butler was going to control the online underworld, he was going to have to take the heat. For nearly two decades, he had honed his skills as a hacker. He had swiped free calls from local telephone companies and sneaked onto the machines of the US Air Force. Now, in August 2006, he was about to pull off his most audacious gambit yet, taking over the online black markets where cybercriminals bought and sold everything from stolen identities to counterfeiting equipment. Together, these sites accounted for millions of dollars in commerce every year, and Butler had a plan to take control of it all.

February 05, 2009|From John Sutter and Jason Carroll CNN

Fears of impostors are increasing as Facebook’s membership grows.

Without his input, Bryan Rutberg’s Facebook status update — the way friends track each other — suddenly changed on January 21 to this frightening alert:

“Bryan NEEDS HELP URGENTLY!!!”

His online friends saw the message and came to his aid. Some posted concerned messages on his public profile — “What’s happening????? What do you need?” one wrote. Another friend, Beny Rubinstein, got a direct message saying Rutberg had been robbed at gunpoint in London and needed money to get back to the United States.

Keep your friends close and your enemies closer. Why the Pentagon’s toughest Internet crime fighter likes hanging out with blackhat hackers.

By Robin Mejia

LOCATED ON THE LESS FASHIONABLE north end of the Las Vegas strip, the Riviera Hotel and Casino has seen better days. Even the girls in posters for the hotel’s topless revue could use a makeover. But hey, it’s cheap. Which is why 6,000 hackers have descended upon it for DefCon, billed as the “largest underground hacking event in the world.” So while the hotel is no doubt happy for the business, it’s also – in classic Vegas fashion – hedging its bet. Employees received a memo warning them to be on the lookout for people skimming guests’ card numbers. Credit card processing has been suspended in the food court. The Riviera doesn’t need the grief.

Yet the Riviera’s conference facilities are strangely tranquil. In the “chill-out room,” a bored-looking cashier is selling burgers, chicken sandwiches, and salads to people too focused or too lazy to walk across the hotel to the Quizno’s. On the wall next to the bar, someone is projecting usernames and the first few letters of the associated passwords – noobs sent that info unencrypted over the conference’s wireless network. At the front of the room, a middle-aged man in khaki shorts sits with a small group having a beer. He’s graying, a little thick around the middle. Across the back of his polo shirt are the words dod cyber crime response team – as in US Department of Defense.

A big guy with a shaved head walks up. “You’re Jim Christy,” he says, smiling. He has a hint of an accent.

Christy smiles back: “What’s your handle?”

“Oh, I don’t really have a handle.”

All hackers have handles. Christy pushes it. “But really,” he says, “what’s your handle?”

“Most guys go through that phase for a while, but for me, it was really just a couple of days. Not enough time for a handle.” They’re both smiling. Neither has broken eye contact.

By SIOBHAN GORMAN

WASHINGTON — President Barack Obama will tap a top aide to President George W. Bush’s intelligence director to head his cybersecurity effort, according to government officials familiar with the decision. An announcement is expected as early as Monday.

The appointment of Melissa Hathaway, a former consultant at Booz Allen Hamilton, is the president’s first major decision on cybersecurity. She will lead a review of the government’s efforts to secure computer networks against spies, terrorists and economic criminals and is expected to then head a new White House office of cybersecurity.

Ms. Hathaway helped develop a Bush administration cybersecurity initiative, which was expected to cost around $30 billion over five years, with spending this year of about $6 billion. Ms. Hathaway’s new job is to carry out a 60-day review of the initiative and recommend a path forward.

On the campaign trail, Mr. Obama criticized the Bush administration for being too slow to address cyber threats and said he would create a “national cyber adviser” who would report directly to the president. “As president, I’ll make cyber security the top priority that it should be in the 21st century,” he said in a speech in July. He equated cyber threats with those of nuclear and biological weapons in a campaign ad he ran at the time.?