Incident(s) of the Week: February A Tough Month For Hackers

Posted on February 19, 2010 by Gabriel M. Helmer

1.  Arrested: Russian Hacker Responsible for Two Minutes of Roadside Porn 

The hacker who managed to compromise computer servers controlling a large commercial advertising screen in Moscow was arrested recently by Russian authorities.  On January 14, 2010, commuters on Moscow's Garden Ring Road passed a large-scale video screen and instead of the normal commercial advertisements saw two minutes of hard-core pornography.  The video, as well as the resulting traffic problems, was thanks to a hacker who is described as a 40 year old, unemployed man living in Novorossiisk.  Apparently, the hacker directed his attack from computers in Chechnya believing that Russian authorities would not bother to track him down.  A month later, the hacker is pleading guilty to criminal charges, insisting that  "he only wanted to entertain people."

2. China Shuts Down Largest Hacker Training Site

Last week, Chinese officials arrested three individuals allegedly responsible for running the Black Hawk Safety Net, a website that was known as the largest hacker training site in China.  The site apparently disseminated training materials and offered users the ability to download virus software, trojan programs and other hacker tools.  According to China Daily, Black Hawk Safety Net had more than 170,000 users and collected more than 7 million yuan in membership fees by the time authorities shut it down.  Authorities seized $1.7 million yuan, 9 servers and one automobile in the raid.

 

Tags: , , , , , ,

Incident(s) of the Week: Double Feature

Posted on October 1, 2009 by Jeff Bone

Incident 1: UNC Data Breach Exposes Information On Over 100,000 Women Listed In Mammogram Registry

The University of North Carolina at Chapel Hill recently disclosed a data breach that exposed information on 160,000 women, including the Social Security Numbers of 114,000.  Original reports estimated that more than 200,000 women were affected.  The source of the breach was a computer intrusion into a server housing the Carolina Mammography Registry, which is "a 14-year-old project that compiles and analyzes mammography data submitted by radiologists across North Carolina."

Evidently, the breach was discovered in July, but it may have occurred over two years ago.  According to Matt Mauro, chairman of the UNC Department of Radiology, traces of computer viruses were found on a UNC School of computer server dating back to 2007 were found on the server.  The school delayed in notifying those affected while it conducted a forensic investigation to determine exactly who was affected.  To this point, however, the school still does not know who committed the breach or where the attack originated from, how the server (which had all required security measures) was breached, or whether any data was actually downloaded.

Links:

Incident 2: Massachusetts Inmate Pleads Guilty to Charges that He Hacked Prison Computer While Incarcerated, Accessed Personal Information On 1,100 Correctional Officers

On September 14, 2009, Francis G. Janosko pled guilty to charges that he hacked a legal research computer provided to inmates in the Plymouth County Correctional Facility.  A highly restricted computer terminal was provided to inmates for the sole purpose of allowing them access to legal research resources.  Janosko apparently circumvented security measures restricting the computer to legal research tools and obtained accessed the administrator's username and password, the prison's internal network, and a report listing the names, birthdays, Social Security Numbers and contact information for 1,100 current and former prison personnel.  He also used the computer to send email and download publicly-available photographs and videos.

A grand jury in Boston indicted Janosko for these activities about a year ago in a sealed indictment (.pdf).  In the plea agreement (.pdf) recently reached with the U.S. Attorney's Office in Boston, federal prosecutors have agreed to dismiss the original charge of aggravated identity theft in exchange for Janosko's guilty plea to charges under the Computer Fraud and Abuse Act.  Janosko has agreed to accept an additional incarceration of 18 months for the hack.  Sentencing in the case is scheduled for December 15th.

Tags: , , , , , , , , , , , ,