Friday, 23 August 2013

Asus router reveal password in plain text over the Internet

Security researcher Kyle Lovett has a Bugtraq indicate a gap in many router models from Asus. Through a very simple attack, it is possible to access the unencrypted files stored configuration of routers via Internet. This is the password for the Aicloud stored function.
An attacker can use it to access the content from USB media connected to the router. The gap is in connection with a previously discovered on the devices vulnerability in Samba shares, or more precisely: The root file system of the internal web server is through directory traversal distance. Due to this error, it is also possible that an attacker gets access to the Windows shares on the local network of the router owner.
Vulnerable Asus Models
  • RT-AC66R   Dual-Band Wireless-AC1750 Gigabit Router
  • RT-AC66U   Dual-Band Wireless-AC1750 Gigabit Router
  • RT-N66R     Dual-Band Wireless-N900 Gigabit Router with 4-Port Ethernet Switch
  • RT-N66U     Dual-Band Wireless-N900 Gigabit Router
  • RT-AC56U   Dual-Band Wireless-AC1200 Gigabit Router
  • RT-N56R     Dual-Band Wireless-AC1200 Gigabit Router
  • RT-N56U     Dual-Band Wireless-AC1200 Gigabit Router
  • RT-N14U     Wireless-N300 Cloud Router
  • RT-N16       Wireless-N300 Gigabit Router
  • RT-N16R     Wireless-N300 Gigabit Router

Hackers Breach Turkish State Hospital in Support of OccupyGezi

Hackers of the St0rmyw0rm group claim to have breached the official website of the state hospital in Beypazari, a town and district of the Ankara province in Turkey.
From the website, beypazaridh.gov.tr, the hackers have leaked what appear to be usernames and password hashes, including credentials belonging to the website’s administrators.
The IP addresses from which the site admins connect to the website have also been published on Anonpaste.me.
According to the hackers, the attack is in support of OccupyGezi, a campaign initiated by Turkish citizens in protest against the destruction of Istanbul’s Gezi Park.
Hacktivists have started supporting OccupyGezi after Turkish police used tear gas and high-pressure water hoses to get the protesters to move out of the way of the bulldozers that came to destroy the park.

AnonGhost takes down European websites

It seems that AnonGhost is targeting European countries as it has taken down 8 Dutch websites. It is the first time that we have witnessed that AnonGhost hackers are targeting specific countries like The Netherlands.
The websites that were infected showed the well known AnonGhost defacement page.
Mirror: http://hack-db.com/hacker/CoderSec/all.html

Ex-Soviet hackers play outsized role in cyber crime world

If you want to hack a phone, order a cyber attack on a competitor's website or buy a Trojan program to steal banking information, look no further than the former Soviet Union.
The breadth and sophistication of services sold on Russian-language websites such as Forum.zloy.bz or Forum.evil offer a small window onto a Russian criminal underground that is costing Western firms billions of dollars in credit card and online banking fraud as well as "phishing" attempts to lure people into downloading malware or disclosing passwords.
"If you look at the quantity of malware attacks, the leaders are China, Latin America and then Eastern Europe, but in terms of quality then Russia is probably the leader," said Vitaly Kamluk, a cyber security researcher in Moscow.
Two of the five most wanted men in the United States for cyber crime are Russian, and one is from Latvia, which used to be part of the Soviet Union.
Russians were also behind the biggest cyber crime case in U.S. history. Federal prosecutors named four Russians and a Ukrainian in a banking card fraud spree that cost companies including J.C. Penney Co, JetBlue Airways Corp and French retailer Carrefour SA more than $300 million.
The risk of being prosecuted is so low it does little to dissuade highly educated and skilful but under-employed programmers from turning to illicit hacking for profit or fun.
In a country where wages are lower than in the West and life is expensive, and which has long produced some of the world's best mathematicians, the temptation to turn to crime is great, and the hackers are in general ahead of the people trying to catch them.
"People think: 'I've got no money, a strong education and law enforcement's weak. Why not earn a bit on the side?'" said Alexei Borodin, a 21-year-old hacker.
As long as these hackers target victims abroad, experts say, the Russian authorities are willing to sit back and let them develop tools to burrow into computer vulnerabilities, which they can in turn use for their own cyber espionage.
Two of the Russian suspects in the banking card fraud case were arrested while in the Netherlands, but two others - Alexander Kalinin, 26, and Roman Kotov, 32 - are still at large and thought to be in Russia, where experts doubt they will be caught.
Moscow's decision to harbor Edward Snowden, wanted in the United States for leaking details of government surveillance programs on the phone and Internet, is likely to freeze already slow-moving cross-border police cooperation with Washington, they said.
"They have been doing this in Russia for many years now," said Misha Glenny, an expert and author on cyber crime.
"Russian law enforcement and the FSB (Federal Security Service) in particular have a very good idea of what is going on and they are monitoring it but as long as the fraud is restricted to other parts of the world they don't care."
Several email requests for comment and calls over three weeks to the special Interior Ministry unit tasked with policing the web - Department K - went unanswered.
NO BOUNDARIES
The pool of talent churned out by top-tier institutes excelling in hard sciences across the former Soviet Union is indisputable.
A trio of students from the St Petersburg National Research University, for instance, won the oldest and most prestigious world programming competition, the ACM International Collegiate Programming Contest, four times in the last six years.
Three Russian teams, one from Belarus and one from Ukraine, were also among the top ten finalists this year in the contest, which featured teams from 2,322 universities in 91 countries.
But in a 2013 survey, only 51 percent of IT specialists in Russia polled by HeadHunter, a recruiting website, found jobs in the country's burgeoning IT sector. It said average salaries in Moscow for work in information security was 65,000 roubles ($2,000) a month, far less than Western counterparts would earn.
Hacking is not a crime in and of itself. So-called white-hat hackers, who access computers to bolster security defenses, face off at the front lines of a virtual battleground with criminals, known as crackers or black-hat hackers, who break in with ill intent.
Hackers on both sides of that divide are mostly aged 22 to 30 and, in Russia, many may have been university classmates.
Borodin, who works on start-ups involved in Bitcoin, the virtual currency, describes web security as his hobby. Known as ZonD80, he began exploring computer vulnerabilities at the age of 12, and made waves last year by publishing a hack allowing iPhone users to avoid paying for in-App upgrades - a system loophole it took him about a week to find.
He says he has never broken the law.
"I hacked Apple and Google systems, but I've been working on the other side for ages... Now it's fun to design defenses against all the hacks I used to do myself," he said in an interview via instant messenger.
"There aren't really any boundaries. Someone can go over to the bad side or suddenly become a protector. In any event, if you're caught, then you were in the wrong place at the wrong time."
WEAPONS RACE
At the Moscow headquarters of the Kaspersky Lab, a Russian rival to U.S. security firms Symantec or McAfee, sweatshirt-clad youths sit silently tapping away in an ultra-sleek workspace.
"Stealing money from behind a screen is incomparably easier psychologically than attacking someone in the street," Kamluk, 29, said in a round, glass room known as the Virus Lab. Here client data on millions of suspicious programs is parsed by analysts sitting at a circle of screens that looks like a spaceship control room.
"Using technical means, you can fight cyber crime endlessly, but it is a non-stop weapons race: We make security systems and they find ways around it."
The soft-spoken Belarusian, who sports a Mohawk and a T-shirt printed with green-on-black computer code, was hired in 2005 and is now part of an elite team chosen by CEO Eugene Kaspersky to investigate new or exotic cyber threats.
The Global Research and Expert Analysis Team, or GREAT for short, discovered the Stuxnet cyber weapon, which is believed to have been used by the United States and Israel to attack Iran's nuclear program a few years ago.
This year Kamluk and other GREAT prodigies uncovered a Russian-speaking cyber espionage gang, Red October, operating a complex data-hijacking system used to steal intelligence from government, military and diplomatic targets worldwide.
GREAT was not able to identify who was behind the gang. But the manpower and expense needed to wield such a network is believed by some experts to point to the involvement of a state intelligence agency, possibly Russian.
ADVICE FORUMS
On the Blackhacker.ru forum, threads offer advice on what countries have the most crime-friendly laws and sell cyber tools such as bullet-proof hosting from which to launch attacks.
In a feeble nod to the law, some sellers post disclaimers, denying responsibility if their service is put to criminal use.
Such forums played a crucial role in the criminal baptism of a generation of programmers who emerged onto the job market in the 1990s when the Soviet Union was unraveling, and have served as hacker incubators popularizing cyber crime in Russia.
"In 2008, you needed to buy a Botnet (network of infected computers) and set it up, it was quite sophisticated. Nowadays, every schoolboy can do this by ... using forums and reading," said Maxim Goncharov, a researcher at security firm Trend Micro.
The amount of cash flowing to this underground industry is hard to quantify as many companies do not report losses. Moscow-based cyber forensics firm Group-IB estimated the Russian cyber crime market was worth $2.3 billion in 2011 and far more today.
Some of the cash, it says, goes to pay off corrupt police, who then tip off the criminals.
Andrey Komarov, head of international projects at Group-IB, said cyber criminals are winning in the war against the world's law enforcement agencies.
"It is like the battle between a fly and an elephant," said Komarov said. "Some cyber criminals have very close contacts with corrupted law enforcement agencies, and during our investigations some disappeared and were not arrested."

What is project Blitzkrieg and what did it do?

Project Blitzkrieg got a lot of media attention after RSA researches wrote that they had discovered an operation run by an individual known as vorVzakone.
The anti-virus company McAfee presented a pdf file that gives you a better view in understanding the Project Blitzkrieg events.

Origins of Prinimalka and Project Blitzkrieg 
Prinimalka is built upon earlier Trojan variants. This Trojan has been used for some time in various 
 
campaigns, but most recently in Project Blitzkrieg. The campaign was originated by vorVzakone and perhaps the hacker 01NSD. Our research indicates the operation has been in the planning stages for many months.
 
There has been much speculation as to what group was responsible for the development of Prinimalka. 
 
The Trojan itself is just a tool used by the operators of Project Blitzkrieg. Any actual fraud as claimed in the forum posting since 2008 may have been conducted by vorVzakone’s associates or by some other group. We do know that the thieves have had an active system since April 2012, with at least 500 victims who can be linked to vorVzakone.
 
The Prinimalka Trojan was not developed by vorVzakone or 01NSD according to our analysis of underground chatter regarding this Trojan; rather it was developed by another group and provided to them. It appears vorVzakone can compile the source code into new binaries; hence, it is possible for skilled people on his team to make certain modifications. But, from the variants we have seen, the binaries used in a specific campaign tend to be nearly identical. VorVzakone planned to provide the 
 
Trojan and supporting infrastructure to those who would join him in his campaign. He also continues to confirm several other members of the underground who have stolen money already via this Trojan, citing its success to counter arguments against the buy-in he requires.
 
This is a very similar relationship that 76service.com had with the authors of Gozi, though the Trojan is private and not publically provided for sale like Zeus and SpyEye and is likely provided only to trusted groups in the underground. This tactic explains why Prinimalka has stayed beneath the radar for so long.
 
During our investigation we learned that the Prinimalka Trojan linked to Project Blitzkrieg is a direct evolution of a Gozi variant seen in early 2007 and discovered by Dell Secureworks. This Gozi variant was linked to former members of the HangUp Team and used by 76Service.com.

RFC 3251 - Electricity over IP and EDOS attack

Network Working Group                                     B. Rajagopalan
Request for Comments: 3251                                 Tellium, Inc.
Category: Informational                                     1 April 2002


                          Electricity over IP

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2002).  All Rights Reserved.

Abstract

   Mostly Pointless Lamp Switching (MPLampS) is an architecture for
   carrying electricity over IP (with an MPLS control plane).  According
   to our marketing department, MPLampS has the potential to
   dramatically lower the price, ease the distribution and usage, and
   improve the manageability of delivering electricity.  This document
   is motivated by such work as SONET/SDH over IP/MPLS (with apologies
   to the authors).  Readers of the previous work have been observed
   scratching their heads and muttering, "What next?".  This document
   answers that question.

   This document has also been written as a public service.  The "Sub-
   IP" area has been formed to give equal opportunity to those working
   on technologies outside of traditional IP networking to write
   complicated IETF documents.  There are possibly many who are
   wondering how to exploit this opportunity and attain high visibility.
   Towards this goal, we see the topics of "foo-over-MPLS" (or MPLS
   control for random technologies) as highly amenable for producing a
   countless number of unimplementable documents.  This document
   illustrates the key ingredients that go into producing any "foo-
   over-MPLS" document and may be used as a template for all such work.

1. Conventions used in this document

   The key words "MUST", "MUST NOT", "DO", "DON'T", "REQUIRED", "SHALL",
   "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED",  "MAY", "MAY BE"
   and "OPTIONAL" in this document do not mean anything.






Rajagopalan                  Informational                      [Page 1]

RFC 3251                  Electricity over IP               1 April 2002


2. Pre-requisite for reading this document

   While reading this document, at various points the readers may have
   the urge to ask questions like, "does this make sense?", "is this
   feasible?," and "is the author sane?".  The readers must have the
   ability to suppress such questions and read on.  Other than this, no
   specific technical background is required to read this document.  In
   certain cases (present document included), it may be REQUIRED that
   readers have no specific technical background.

3. Introduction

   It was recently brought to our attention that the distribution
   network for electricity is not an IP network!  After absorbing the
   shock that was delivered by this news, the following thoughts
   occurred to us:

   1. Electricity distribution must be based on some outdated technology
      (called "Legacy Distribution System" or LDS in the rest of the
      document).
   2. An LDS not based on the Internet technology means that two
      different networks (electricity and IP) must be administered and
      managed.  This leads to inefficiencies, higher cost and
      bureaucratic foul-ups (which possibly lead to blackouts in
      California.  We are in the process of verifying this using
      simulations as part of a student's MS thesis).
   3. The above means that a single network technology (i.e., IP) must
      be used to carry both electricity and Internet traffic.
   4. An internet draft must be written to start work in this area,
      before someone else does.
   5. Such a draft can be used to generate further drafts, ensuring that
      we (and CCAMP, MPLS or another responsible working group) will be
      busy for another year.
   6. The draft can also be posted in the "white papers" section of our
      company web page, proclaiming us as revolutionary pioneers.

   Hence the present document.

4. Terminology

   MPLampS: Mostly Pointless Lamp Switching - the architecture
   introduced in this document.

   Lamp: An end-system in the MPLampS architecture (clashes with the
   IETF notion of end-system but of course, we DON'T care).

   LER: Low-voltage Electricity Receptor - fancy name for "Lamp".




Rajagopalan                  Informational                      [Page 2]

RFC 3251                  Electricity over IP               1 April 2002


   ES: Electricity source - a generator.

   LSR: Load-Switching Router - an MPLampS device used in the core
   electricity distribution network.

   LDS: Legacy Distribution System - an inferior electricity
   distribution technology that MPLampS intends to replace.

   RSVP: Rather Screwed-up, but router Vendors Push it - an IP signaling
   protocol.

   RSVP-TE: RSVP with Tariff Extensions - RSVP adaptation for MPLampS,
   to be used in the new deregulated utilities environment.

   CRLDP: for CRying out Loud, Don't do rsvP - another IP signaling
   protocol.

   OSPF: Often Seizes-up in multiPle area conFigurations - a
   hierarchical IP routing protocol.

   ISIS: It's not oSpf, yet It somehow Survives - another routing
   protocol.

   OSPF-TE, ISIS-TE: OSPF and ISIS with Tariff Extensions.

   COPS: Policemen.  Folks who scour all places for possibilities to
   slip in the Common Open Policy Service protocol.

   VPN: Voltage Protected Network - allows a customer with multiple
   sites to receive electricity with negligible voltage fluctuation due
   to interference from other customers.

   SUB-IP: SUBstitute IP everywhere - an effort in the IETF to get
   involved in technical areas outside of traditional IP networking
   (such as MPLampS).

   ITU: International Tariffed Utilities association - a utilities trade
   group whose work is often ignored by the IETF.

5. Background

   We dug into the electricity distribution technology area to get some
   background.  What we found stunned us, say, with the potency of a
   bare 230V A/C lead dropped into our bathtub while we were still in
   it.  To put it simply, electricity is generated and distributed along
   a vast LDS which does not have a single router in it (LSR or
   otherwise)!  Furthermore, the control of devices in this network is
   mostly manual, done by folks driving around in trucks.  After



Rajagopalan                  Informational                      [Page 3]

RFC 3251                  Electricity over IP               1 April 2002


   wondering momentarily about how such a network can exist in the 21st
   century, we took a pencil and paper and sketched out a scenario for
   integrating the LDS network with the proven Internet technology.  The
   fundamental points we came up with are:

   1. IP packets carry electricity in discrete, digitized form.
   2. Each packet would deliver electricity to its destination (e.g., a
      device with an IP address) on-demand.
   3. MPLS control will be used to switch packets within the core LDS,
      and in the edge premises.  The architecture for this is referred
      to as Mostly-Pointless Lamp Switching (MPLampS).
   4. The MPLampS architectural model will accommodate both the overlay
      model, where the electricity consuming devices (referred to as
      "lamps") are operated over a distinct control plane, and the peer
      model, in which the lamps and the distribution network use a
      single control plane.
   5. RSVP-TE (RSVP with Tariff Extensions) will be used for
      establishing paths for electricity flow in a de-regulated
      environment.
   6. COPS will be used to support accounting and policy.

   After jotting these points down, we felt better.  We then noted the
   following immediate advantages of the proposed scheme:

   1. Switches and transformers in the LDS can be replaced by LSRs,
      thereby opening up a new market for routers.
   2. Electricity can be routed over the Internet to reach remote places
      which presently do not have electricity connections but have only
      Internet kiosks (e.g., rural India).
   3. Electrical technicians can be replaced by highly paid IP network
      administrators, and
   4. The IETF can get involved in another unrelated technology area.

   In the following, we describe the technical issues in a vague manner.

6. Electricity Encoding

   The Discrete Voltage Encoding (DVE) scheme has been specified in ITU
   standard G.110/230V [2] to digitize electrical voltages.  In essence,
   an Electricity Source (ES) such as a generator is connected to a DV
   encoder that encodes the voltage and current, and  produces a bit
   stream.  This bit stream can be carried in IP packets to various
   destinations (referred to as LERs - Low-voltage Electricity
   Receptors) on-demand.  At the destination, a DV decoder produces the
   right voltage and current based on the received bit stream.  It is to
   be determined whether the Real-time Transport Protocol (RTP) can be





Rajagopalan                  Informational                      [Page 4]

RFC 3251                  Electricity over IP               1 April 2002


   used for achieving synchronization and end-to-end control.  We leave
   draft writing opportunities in the RTP area to our friends and
   colleagues.

7. MPLampS Architecture

7.1  Overview

   In an LDS, the long-haul transmission of electricity is at high
   voltages.  The voltage is stepped down progressively as electricity
   flows into local distribution networks and is finally delivered to
   LERs at a standard voltage (e.g., 110V).  Thus, the LDS is a
   hierarchical network.  This immediately opens up the possibility of
   OSPF and ISIS extensions for routing electricity in a transmission
   network, but we'll contain the urge to delve into these productive
   internet draft areas until later.  For the present, we limit our
   discussion merely to controlling the flow of electricity in an IP-
   based distribution network using MPLampS.

   Under MPLampS, a voltage is equated to a label.  In the distribution
   network, each switching element and transformer is viewed as a load-
   switching router (LSR).  Each IP packet carrying an electricity flow
   is assigned a label corresponding to the voltage.  Electricity
   distribution can then be trivially reduced to the task of label
   (voltage) switching as electricity flows through the distribution
   network.  The configuration of switching elements in the distribution
   network is done through RSVP-TE to provide electricity on demand.

   We admit that the above description is vague and sounds crazy.  The
   example below tries to add more (useless) details, without removing
   any doubts the reader might have about the feasibility of this
   proposal:

   Example: Turning on a Lamp

   It is assumed that the lamp is controlled by an intelligent device
   (e.g, a (light) switch with an MPLampS control plane).  Turning the
   lamp on causes the switch to issue an RSVP-TE request (a PATH message
   with new objects) for the electricity flow.  This PATH message
   traverses across the network to the ES.  The RESV message issued in
   return sets up the label mappings in LSRs.  Finally, electricity
   starts flowing along the path established.  It is expected that the
   entire process will be completed within a few seconds, thereby giving
   the MPLampS architecture a distinct advantage over lighting a candle
   with a damp match stick.






Rajagopalan                  Informational                      [Page 5]

RFC 3251                  Electricity over IP               1 April 2002


7.2  Overlay vs Peer Models

   As noted before, there are two control plane models to be considered.
   Under the overlay model, the lamps and the distribution network
   utilize distinct control planes.  Under the peer model, a single
   control plane is used.  A number of arguments can be made for one
   model versus the other, and these will be covered in the upcoming
   framework document.  We merely observe here that it is the lamp
   vendors who prefer the peer model against the better judgement of the
   LSR vendors.  We, however, want to please both camps regardless of
   the usefulness of either model.  We therefore note here that MPLampS
   supports both models and also migration scenarios from overlay to
   peer.

7.3 Routing in the Core Network

   The above description of the hierarchical distribution system
   immediately opens up the possibility of applying OSPF and ISIS with
   suitable extensions.  The readers may rest assured that we are
   already working on such concepts as voltage bundling, multi-area
   tariff extensions, insulated LSAs, etc.  Future documents will
   describe the details.

7.4 Voltage Protected Networks (VPNs)

   VPNs allow a customer with multiple sites to get guaranteed
   electricity supply with negligible voltage fluctuations due to
   interference from other customers.  Indeed, some may argue that the
   entire MPLampS architecture may be trashed if not for the possibility
   of doing VPNs.  Whatever be the case, VPNs are a hot topic today and
   the readers are forewarned that we have every intention of writing
   several documents on this.  Specifically, BGP-support for VPNs is an
   area we're presently eyeing with interest.

8. Multicast

   It has been observed that there is a strong spatial and temporal
   locality in electricity demand.  ITU Study Group 55 has studied this
   phenomenon for over a decade and has issued a preliminary report.
   This report states that when a lamp is turned on in one house, it is
   usually the case that lamps are turned on in neighboring houses at
   around the same time (usually at dusk) [3].  This observation has a
   serious implication on the scalability of the signaling mechanism.
   Specifically, the distribution network must be able to handle tens of
   thousands of requests all at once.  The signaling load can be reduced
   if multicast delivery is used.  Briefly, a request for electricity is
   not sent from the lamp all the way to an ES, but is handled by the
   first LSR that is already in the path to another lamp.



Rajagopalan                  Informational                      [Page 6]

RFC 3251                  Electricity over IP               1 April 2002


   Support for this requires the application of multicast routing
   protocols together with RSVP-TE shared reservation styles and the
   development of MPLampS multicast forwarding mode.  We are currently
   studying the following multicast routing protocol:

   o DVMRP: Discrete Voltage Multicast Routing Protocol - this protocol
   works over existing voltage routing protocols but the danger here is
   that electricity is delivered to all lamps when any one lamp is
   turned on.  Indeed, the switching semantics gets annoying - all lamps
   get turned on periodically and those not needed must be switched off
   each time manually.

   Other protocols we will eventually consider are Current-Based Tree
   (CBT) and Practically Irrelevant Multicast (PIM).  An issue we are
   greatly interested in is multicast scope: we would like support for
   distributing electricity with varying scope, from lamps within a
   single Christmas tree to those in entire cities.  Needless to say, we
   will write many detailed documents on these topics as time
   progresses.

9. Security Considerations

   This document MUST be secured in a locked cabinet to prevent it from
   being disposed off with the trash.

10. Summary

   This document described the motivation and high level concepts behind
   Mostly Pointless Lamp Switching (MPLampS), an architecture for
   electricity distribution over IP.  MPLampS utilizes DVE (discrete
   voltage encoding), and an MPLS control plane in the distribution
   network.  Since the aim of this document is to be a high-visibility
   place-holder, we did not get into many details of MPLampS.  Numerous
   future documents, unfortunately, will attempt to provide these
   details.

11. References

   1. A. Malis, et al., "SONET/SDH Circuit Emulation Service Over MPLS
      (CEM) Encapsulation", Internet Draft, Work in Progress.

   2. International Tarriffed Utilities association draft standard, ITU
      G.110/230V, "Discrete Voltage Encoding", March, 1999.

   3. International Tarriffed Utilities association technical report,
      ITU (SG-55) TR-432-2000, "Empirical Models for Energy
      Utilization", September, 2000.




Rajagopalan                  Informational                      [Page 7]

RFC 3251                  Electricity over IP               1 April 2002


12. Disclaimer

   The opinions expressed in this document are solely the author's.
   Company's opinions, as always, are proprietary and confidential and
   may be obtained under appropriate NDAs.

13. Author's Address

   Bala Rajagopalan
   Tellium, Inc.
   2 Crescent Place
   Ocean Port, NJ 07757
   Phone: 732-923-4237
   EMail: braja@tellium.com

Cyber recruiting: The Shifting Digital Sands of Online Jihad

Inspire Magazine, Samir and Anwar Are Gone, since a drone took out the creators and editors of Inspire Magazine along with the titular spiritual leader in Anwar Alawki, the online Jihad has wound down quite a bit. The kids (stray dogs, lone wolves, the mentally ill, and the dispossessed) have not had their emails and online jihadi boards filled with the same old propaganda on how to be a good Muslim by being called to jihad as well as how to be ever so helpful as to build a bomb on your mothers kitchen table.
Of course the death of OBL also has something to do with this as well. His successor too has done nothing to reach out to the “youth” that really would have been the base had not the boys at Inspire been whacked. So, all in all the propaganda wing and the “next gen” of AQ/Salafi jihad has been pretty much been stopped for now. See, ol cranky pants (Ayman) is just that, a cranky old man yelling at the kids to get off his lawn with pedantic rhetoric on how to be a good Muslim as well.
Ayman just isn’t liked.
So, while the vacuum exists and may persist I see a some possible outcomes should someone take the reigns where the Inspire boys left off. Why do I see this now? Mostly because of the Anonymous movement and the Arab spring. These two things have changed the battlespace of the internet as well as geopolitics, it is just a matter of time I think before the Global Salafi movement latches on to the Anon model and starts to try and get tech savvy youth into their ranks and use DDoS and other methods applied by Anon and others for their cause as well.

Anonymous Becomes The Model of The New Jihad?

Of late, the jihadi boards have been quiet. The kids are not being as vocal added to the fact that there were some attacks back in December that put some of the sites down for a while. In the interim it seems, post all the hellfire missiles hitting their marks, those who are backing away from the online festival of “who’s got a bigger jihadi penis” at places like Ansar, may indeed be re-thinking things a bit. Those who have been steady users of these sites and still posting about jihad, have instead started to talk about such things as DDoS and the Arab Spring as well as hacktivism.
It seems that Anonymous has potentially sparked these guys to think like them and perhaps even use their tactics instead of continuing just to shake their fingers at us as they yell. This would be an interesting paradigm change in the global Salafi movement as well as the tactics of AQ. Though, I think that the AQ guys are so inculcated with the cult of death that they likely will not go with it. The guys at AQAP though already have been on this train for a while and before the mass whacking in Yemen, Samir and the boys were trying to figure out the new way to reach the Western jihobbyist and exhort them to do something. That something though usually meant violent jihad, and as you can see from the news, there haven’t been too many takers.
This is why I think personally, that online mayhem ala Anon is the next move that they may indeed take, and I think it will be AQAP that will lead that charge.
“If” they get some new leaders who were as savvy as Samir was.
As you can see from my earlier post concerning Inspire 6, the AQAP boys were trying to figure out a way to get the Western self interested and not so much religious set involved in jihad. I think what they really missed was that these kids do not want to carry out violence on the whole (though there are those who are mentally unstable enough and have tried.. and failed) instead, they would rather sit behind a keyboard and say things online to look all impressive but more than not, once they walk away and start to play Halo, they forget about the core principle of AQ’s jihad.. That of being canon fodder for the likes of OBL.

What Samir and Anwar Failed to Understand and Mobilize, Anonymous Has.. Mayhem without Dying

The younger generation that Inspire was trying to reach is just not so much interested in religion as well as being a shahid with the 72 virgins.. or grapes.. depends on your translation, so all the exhortations to make bombs and to blow themselves up, never mind carrying out acts that could get them arrested really appealed to the more sane of them.
Now though, with the advent of Anonymous and their tactics, I and others have been seeing hints of these jihadi skiddies getting the notion in their heads to do much the same thing. It allows them to actually carry out actions against those who they feel are oppressing them, they can brag about it, and the more skilled of them might not get caught at it. This is a real motivator I think to these malcontents and a viable option for the “online jihad” to become more than just a propaganda war, but also one of annoyance and attention.
Then again, if these kids, who really, many are, are skilled at all in hacking, though that need not be a requisite today with software today out there, then they could take down systems that could have bigger import right? There could be a real jihad online that could have kinetic effects in the real world. This is a problem as we have seen from the likes of Stuxnet and other events that show this is indeed possible. So, how long will it be before the light bulb goes off for AQAP and the greater Salafi jihad I wonder? They will have the forces they want to have an asymmetric war.. An online guerrilla war so to speak…


Perhaps the paradigm is changing and we will now have to wage an online “war” with jihad that will now not only have those purveyors and exhorters who want their minions to put together explosive vests as well as if that’s not for you, go download this tool and take down a site or two.
Anonymous Salafi Jihad.

The Next Wave of Jihad: DDoS, Defacements, and DOX-ing?

Looking into the future I can see this being a viable way that this may move. As you can see from the image above from a jihadi forum recently, they are talking about this. At present, there aren’t too many comments, but as the technology gets easier to wield (ala Metasploit etc) I am sure that as they all look on the mayhem (nuisance) that Anon has been serving up, they too might latch onto the idea and begin their own personal jihads from the comfort of their mothers basement too.
I seem to remember Bin Laden exhorting and ruminating on the jihad as not only violence but also a means to an end to bankrupt the system we have in the West. Well, look at all of the money being poured into INFOSEC now post Anonymous and their antics. Yep, you guessed it, we are spending money like crazy to plug holes that in reality may never really be plugged. Perhaps we will have another DHS just for computer security someday…
You see my point?
Don’t get me wrong.. The physical warfare will continue. Maybe even the two forces, digital and kinetic will work together to make scenarios like taking down sections of the grid etc could happen in the future if the players are serious enough. Usually I think of that as only an offering of nation states, but, given the right people and enough money, small attacks can have larger consequences right?
A pre-cursor to all of this line of thought to me is the current “cyberwar” *cough* as it is put in the media so eloquently, if not misguidedly. 0xOmar and others (also Anon’s it seems) have been waging their own battle against Israel. Doxing data of innocent people, dropping credit card numbers by the thousands, and finally, attempting to throw out a list of alleged SCADA systems for attack. This is just the type of thing I am talking about.
Now, is Omar actually just an Anon? A wanna be? Or is he just riding the crest of the wave here and will be the role model for others to latch onto in the geopolitics of the region?
Time will tell…

PasteBin OpIsrael Info Update

For far to long, Anonymous has stood by with the rest of the world and watched in despair the barbaric, brutal and despicable treatment of the Palestinian people in the so called "Occupied Territories" by the Israel Defense Force. Like so many around the globe, we have felt helpless in the face of such implacable evil. And today's insane attack and threatened invasion of Gaza was more of the same.
Anonymous does not support violence by the IDF or by Palestinian Resistance/Hamas. Our concern is for the children of Israel and Palestinian Territories and the rights of the people in Gaza to maintain open lines of communication with the outside world. 
 
 
 
#OpIsrael #GazaUnderAttack #Anonymous
 
 
* Post all relevant links and information that will be useful to people in Gaza during the Israeli attack/invasion. 
 
 
Current Issues: 
Arabic translations may be sloppy. Poor grammar. Needs repair.
 
 
 
OpIsrael Press Releases:
 
-- Nov 15th: 
 
 
 
Arabic (enhanced Version) : pic.twitter.com/n95pIURF
 
 
 
Anonymous Operation Israel - Gates Of Hell | Video - http://www.youtube.com/watch?v=PKrVYRu0oMY
 
 
 
Restoring Internet Service:
 
 #OpIsrael Care Package for Gaza (Full v1.5) Mediafire Mirror http://www.mediafire.com/?z8ev035mw482x77
 
 #OpIsrael Care Package for Gaza (Mini v1.0) http://www.mediafire.com/?3jrur7krcuucjr7
 
 
 
-- English:  
Telecomix Pastebin: http://pastebin.com/6dYQruHu
 
--- Arabic: 
 WIFI Range Extend - http://pastebin.com/Smkcg6TE
Hebrew: Translator Needed.
 
 
 
#OpIsrael Pads:
 
Anonymous Tango Down List: http://piratenpad.de/qQ8nmbLXj3
 
 
 
Live Actions/Demonstrations:
 
 
 
 
Israeli Contact Info:
 
List of World-Wide Israeli Embassies via Anonymous: http://pastebin.com/4DM7cfqF
 
 
 
 IRC Channels: 
 
VoxAnon: irc.voxanon.net 6667/6697 SSL
 
 
 
Livestreams:
 
 
 
 
Anonymous Carepackages:
 
#OpIsrael Care Package for Gaza (Full v1.5) Mediafire Mirror 11MB http://www.mediafire.com/?z8ev035mw482x77
 
#OpIsrael Care Package for Gaza (Mini v1.0) 1MB http://www.mediafire.com/?3jrur7krcuucjr7
 
 
 
 
Tweet (Arabic)
مجموعة ملفات مساعدة #عملية_اسرائيل #غزة_تحت_الهجوم #غزةhttp://bayfiles.com/file/rPjj/a7ehrr/Op_Israel_Care_Package_For_Gaza.zip
 
 
 
Cellphone Apps:
 
- http://hackerdemia.com/ Allows for mesh network connecting (if Gaza cell service is taken down, they can possibly access Egyptian towers.)
 
 
there will be networks deployed on the ground using openwrt http://wiki.openwrt.org/inbox/mesh.olsr, this is an app they can use if they want to make their phones part of that network http://www.olsr.org/?q=olsr_on_android
 
 
 
How To Use Twitter VIA Text Message: 
 
Get Twitter messages redirected to your phone and send Tweets by text. Make sure to link your mobile phone to your Twitter account and locate the Twitter short code for your country. Then you can send a text message containing your Tweet to that short code and it will be posted to your profile.
 
Palestinian Terrority Shortcodes:
Wataniya: 40404
Jawwal 37373
 
If you use one of the phone services listed above, text START to the shortcode to sign into your Twitter account.
 
 
 
Telecomix Dial Up Numbers:
 
Telecomix Dial up Numbers:
 
Important: The Telecomix dialups are not secure and do not protect from wiretapping of your communications. It is still important to proceed with precaution and encrypt the data.
 
Visit this link for dial up numbers:
 
Note: Since the number of lines is limited, do not use them if you don't need to!
 
- French free isp FDN (about 100 lines):  +33172890150 (login/pass: toto/toto)
 
- German free Free.de (about 35 lines).  +4923184048 (login/pass: telecomix/telecomix)
 
- Swedish isp Gotanet (about 30 lines atm, can expand services) : +46708671911 (login/pass: toto/toto)
 
- Belgium Edpnet: +32022750640 (login/pass: free.edpnet/ free)  
 
- Netherlands Edpnet: +31676002000 (login/pass: free.edpnet/ free)
 
netherlands +31205350535 and the username/password are xs4all
 
 
 
Medical Info:
 
http://streetmed.wikidot.com/  -- Street Medic resources. Includes Arabic translations.
 
 
 
Petitions:
 
Condition US aid to Israel on compliance with the law not to violate the rights of Palestinians.
 
 
 
Gaza News Links:
 
Baby son of BBC worker killed in Gaza strike
 
As Israel Attacks Gaza, Palestinians find an unlikely ally (Anonymous)
 
Gaza activist: 'Israel has declared war, act now'
 
Impressions of Gaza by Noam Chomsky:
 
 
 
 
Gaza Videos:
 
Martyred in Gaza - a documentary
 
 
 
Translators:
 
@Pino_Rodriguez
@Masterpiece_s
@alxgucci
@yazannshewat
@xJashin
@Samof88 - Arabic/Turkish.
 
Active Twitter Accounts: 
 
@AnonOpsSweden
@DBCOOPA
@AnonymousZC
@AnonIRC
@OpLiberation1
@VizFoSho
@Op_Israel
@HarryFear
@PLF2012
 
 
 
Defaced/Hacked Websites: 
 
 
 
Anonymous Operation Israel MSM Media Reports:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Personal Messages:
 
غزہ کے عظیم، دلیر اور عزیز دوستو، پاکستان کا بچہ بچہ اپ سے پیار کرتا ہے- - A message from #AnonymousPakistan
 
 
Please contact me on Twitter or through one of the IRC networks to update this document.
Also, if you can translate Arabic or Hebrew from English and want to help #OpIsrael
hit us up - @DBCOOPA @AnonSikko @VizFoSho @PLF2012
 
 
 
CURRENT INTERNET AND TELECOMM CONNECTIVITY IN GAZA
 
Broadband: DOWN
 
PBX Lines DOWN
 
Mobile: DOWN
 
Ham Radio: Unknown
 
Satellite: Unkown
 
Electricity: DOWN, Current electricity by Generators
 
 
 
CONFIGURING AND USING DIAL-UP (WINDOWS)
 
Configuring Dial-Up Connections
Click Start, click Control Panel, and then click Network and Internet Connections.
Click Create a connection to the network at your office.
In the Location Information dialog box, enter the appropriate information. Click OK, and then click OK to close thePhone and Modem Options dialog box and start the New Connection wizard.
In the New Connection Wizard, click Dial-up connection, and then click Next.
Type a name for the network to which you are connecting (such as "My Office Network"), and then click Next.
Type the phone number for the network to which you are connecting, including, if necessary, the area code and "1" prefix.
Specify whether you want this connection to be available for anyone's use, meaning for any user on this computer, or for your use only, meaning only for the user who is now logged on.
Specify whether you want a shortcut to the connection on your desktop.
Click Finish.
Using Dial-Up Connections
Click Start, click Connect To, and the click the connection that you want to use.
In the User Name box, type your user name.
In the Password box, type your password.
Choose one of the following options:
To save the user name and password so that you will not have to type them in the future, select the Save this user name and password for the following users check box.
If you want only the current user to have access to the saved user name and password, select the Me only check box.
If you want all users to have access to the user name and password, select the Anyone who uses this computercheck box.
Click Dial.
 
 
 
 
                                CONFIGURING AND USING DIAL-UP (MAC)
 
Configure Mac OS X
From the Apple menu, choose System Preferences.
From the View menu, choose Network.
Choose "Internal Modem" from the Show pop-up menu (or the "Configure" pop-up menu prior to Mac OS X v10.1).
If your computer does not have a built-in modem, select your external modem.
 
Mac OS X v10.5 or later: From the Configuration pop-up menu, choose Add Configuration.
Mac OS X 10.4.x or earlier: Click the PPP tab.
Enter your information into the relevant fields. Your username goes in the Account Name field, for example. If you want to copy this connection information to other user accounts on this computer, select "Save password".
You should now be able to connect. If you need to configure DNS servers or other advanced settings, continue to the next step.
Mac OS X v10.5 or later: Click the Advanced button, then click the DNS tab.
Mac OS X v10.4 or earlier: Click the TCP/IP tab. Choose either PPP or Manually from the Configure pop-up menu, as instructed by your Internet service provider. If configuring manually, type the IP address in the matching field.
Type the DNS server addresses in their field if necessary (click the "+" button first in Mac OS X v10.5 or later).
Click OK.
Click Apply (or Apply Now for Mac OS X v10.4 or earlier).
 
Connect and verify
Mac OS X v10.5 or later: Open Network preferences (in System Preferences).
Mac OS X v10.4.x or earlier: Open Internet Connect (from the Applications folder).
Be sure the Configuration pop-up menu is set to your modem.
Click the Connect button.
Once you're connected, open a Web browser or other Internet application to make sure your connection works.
Tip: You can have Mac OS X automatically connect to the Internet whenever you open an Internet application.

MoleRats hackers resurface spreading Poison Ivy malware

whackamole
The hacking team behind the infamous MoleRats cyber campaign has resurfaced using an evolved version of the Poison Ivy Trojan, according to FireEye researchers.
The ongoing campaign was reported by FireEye's Nart Villeneuve, Ned Moran and Thoufique Haq in their MoleRats: Middle East Cyber Attacks Using Poison Ivy report. The campaign is reportedly an escalated version of the original attacks. The original MoleRats campaign began in 2012 and saw hackers target a number of government groups in Israel and Palestine with a wave of data-stealing cyber attacks.
The campaign has an expanded target set and is designed to attack numerous government entities, some in the UK, with evolved Poison Ivy malware as well as the XtremeRAT that was used originally.
"The target set was broader than previously believed and included targets in the US and UK governments. Further research revealed a connection between these attacks and members of the ‘Gaza Hackers Team'. We refer to this campaign as MoleRats," the report noted.
The FireEye researchers said the malware used in the attack has several atypical features that make it hard to track and defend against.
"We observed several attacks in June and July 2013 against Israeli government targets that dropped a Poison Ivy payload, which connected to command and control (C2) infrastructure used by the MoleRats attackers. We collected additional Poison Ivy samples that had the same password and/or linked to C2 infrastructure at a common IP address," read the report.
"We also found a Poison Ivy sample used by this group that leveraged ‘keys' instead of passwords. The Poison Ivy builder allows operators to load .pik files containing a key to secure communications between the victim computer and its control server. By default, Poison Ivy secures these communications with the ASCII text password of ‘admin'."
The use of Poison Ivy is a bizarre change in behaviour by the group, with the malware traditionally being favoured by Chinese hacking teams. The reason for the hackers' change in strategy remains unknown, though the FireEye researchers have suggested it could be more political than technical.
"We do not know if this is an intentional attempt by MoleRats to deflect attribution to China-based threat actors, or if they have simply added another effective, publicly available remote-access technology (RAT) to their arsenal. However, this development should raise a warning flag for those who attribute all Poison Ivy attacks to threat actors based in China. The ubiquity of off-the-shelf RATs makes determining positive attribution an increasing challenge," read the report.
The FireEye researchers said the purpose of campaign remains unknown, but warned the attacks will likely continue to evolve. "The ongoing attacks are also heavily leveraging content in Arabic, which relates to the current situation in Egypt and the wider Middle East in order to lure targets into opening malicious files. However, we do not have further information about the exact targets at this time," said the report.
"As events on the ground in the Middle East – and in Egypt in particular – receive international attention, we expect the MoleRat operators to continue leveraging these headlines to catalyse their operations."
The campaign is one of many advanced cyber threats targeting businesses. Before the discovery of MoleRats, McAfee and the Center for Strategic and International Studies (CSIS) estimated that espionage-focused cyber attacks have cost over 508,000 US citizens their jobs.

New Anonymous Operation INDECT

Dear activists for the protection of privacy, dear people from all over the European Union, dear mothers and fathers, sisters and brothers, sons and daughters.
Since 2009, the EU has been subsidizing the INDECT project with millions of Euros.
Even though several media outlets have already reported about this networked surveillance technology, only few EU citizens know what it is supposed to be.
The application of INDECT aims to analyze conspicuous behavior to prevent crimes, in virtual life as well as in real life, before they actually happen. Not only does this sound crazy, it is cutting deeply into our basic right to privacy, because those cameras will be able to replicate scanned personal biometrical features with existing digital files about persons in databases such as social networks. Hence, every person could be retraced and supervised, anybody who says or does anything "abnormal" or anything which the system considers to be "threatening" both on the internet and in real life, is potentially suspicious.
We have been accepting the claims of disclosure of our private data for too long in order to prevent acts of terrorism. People started to accept being treated as potential terrorists or criminals, being more and more deprived of their basic rights, and allowing the surveillance society to gain increased control over them.
Basic rights weren't given to us as a matter of course, but many generations kept fighting for them. Don't let those rights be taken away from us now!
These days, we see the situation in Spain where calls for protests are criminalized by the government. Though the right to protest is an essential part of free speech, we should not tolerate the increasingly upcoming undemocratic features in the EU which mostly hide under the cloak of suppression of terrorism.
And therefore we should move NOW and tell the citizens of the European Union about this project, which has been kept as a secret for so many years. We must create a public awareness and get the people on the streets and fight for their rights.
It is for these reasons that we ask you to call up all organizations, which campaign for data privacy protection in your country, to join the protest. Create flyers and other media which provide information about INDECT and organize Paperstorms.
Translate the message of this video into your mother tongue and spread it!
Let's protest against INDECT like we did and are still doing against ACTA at the beginning of this year.
Let's go for big protests again in Europe on the 28th of July, 2012! We are Anonymous We are Legion We do not fight for slavery, we fight for liberty In the name of democracy, Let us all unite! Expect us

New scam hits the market: domain names are wanted in China

Today I opened an e-mail titled Regarding“ cyberwarzone”Brand. CWZ CYBERWARZONE is an registered company in The Netherlands so I thought it was an serious e-mail. I opened the e-mail and the following message was presented in the e-mail.

 Letter to the President or Brand Owner, thanks)
 Dear President,
We are the department of Asian Domain Registration Service in China. Here I have something to confirm with you. We formally received an application on July 31 2012 that a company claimed Masier Industrial Co. Ltd were applying to register "cyberwarzone" as their Net Brand and some domain names through our firm.
Now we are handling this registration, and after our initial checking, we found the name were similar to your company's, so we need to check with you whether your company has authorized that company to register these names. If you authorized this, we would finish the registration at once. If you did not authorize, please let us know within 7 workdays, so that we could handle this issue better. After the deadline we will unconditionally finish the registration for Masier Industrial Co. Ltd.Looking forward to your prompt reply.
Best Regards,
Ashin Yang
Registration Dept.
Tel: +0086-28-8591-5586 || Fax: +0086-28-8591-2116
Address:8/F XiYu building No,52 JinDun Road,QingYang District,Chengdu City,China.

I first wanted to respond to the message, saying that what happends in China has no relationships with the CWZ CYBERWARZONE company in The Netherlands, but I did an simple search on Google.
So I went to the google website and I copied the following line from the e-mail:
"We are the department of Asian Domain Registration Service in China. Here I have something to confirm with you. "
The search query had done it's work. Within a milisecond the page provided multiple links having the copied text in them. This mostly happends to e-mails that are not trusted. One of the link included an link to the ESET website - discussing this type of threats.

ESET WROTE


How does the actual scam work? By abusing the trust of the recipient. If I were to reply to the above message, “Richard Zhang” of the “Asian Domain Registration Service” (or whomever in the organization behind the scam is monitoring the mailbox) would notify me that unless I register my domain names with them for a fee, they will be given to the other party. I might even have to participate in a fake bidding war against the imaginary company trying to register my domain names. If I ask for the contact information for the company trying to register my domains, I will be told it cannot be given out “for privacy reasons.” And, of course, since it is a fictitious company name, I will not be able to find it by searching on it.
 
All in all, it’s a simple way for a scammer to take someone’s money: They don’t have to write any malicious software, hack into any systems or have any technical expertise beyond running a real domain registration business. They simply use social engineering techniques to trick you into registering domains with them that you do not need, do not use and no one else is buying, either.

Anonymous attacks 9GAG.com website for the lulz


Tuesday 31 juli 2012 Anonymous launched an LOIC DDOS attack on the 9gag website. The attack resulted in an overload of the servers that run the 9gag website. Several pictures have been uploaded on Twitter showing the Anonymous attack on 9GAG.
The 9gag community went beserk when they found out their favourite website is offline. The community started posting messages on the twitter channel #9gag and @9gag. The first account that proved the attack of Anonymous is the @Anon_Central twitter account. Anonymous @Anon_Central account showed a Tango Down for 9GAG.com. 9GAG is one of the websites that has caught populairity in the last year. This board on 4chan shows that there is an battle going on between Anonymous and 9GAG.
9gag down.png
9gag down 2.png

Anonymous Algeria hacks Albany Democrats' website

In Albany County, Democrats are used to having the upper hand.
But the party's website appears to have been the target of a group of overseas hackers with a reputation for defacing thousands of websites to spread their pro-Palestine message.
The site, www.albanycountydems.org, was apparently forced offline by the attack and remained offline Monday. In place of its normal headline in Google's search results was this: "Hacked by Anonymous Algeria," followed by the Twitter accounts of activists associated with the group.

Party Chairman Matthew Clyne said the problem was brought to his attention late last week and that the party is working to get the site running again.
As for why the Democrats' site was hit, Jim Hendler, head of RPI's Department of Computer Science, said the vandalism has the hallmarks of an increasingly common though unsophisticated type of attack and probably has one of three explanations.
Because the group is known for targeting hundreds of sites at a time, Hendler said it's likely its members were exploiting a flaw in a certain type of program and victimizing sites that use that software.
Alternatively, Hendler said, some hackers will target sites that include certain keywords — or, in the case of the more widely known Anonymous hacker collective, take aim at high-profile sites for specific political reasons.
Earlier this month, Anonymous attacked sites run by the Israeli government.
Anonymous Algeria, however, has a reputation for seeking out softer digital targets, Hendler said.
Last month, the group took credit for defacing more than 1,000 sites in the name of the Palestinian cause, many of them Chinese, which Hendler said suggests they're not being specifically targeted based on keywords or content.
"It's sort of like robbing liquor stores vs. robbing banks vs. robbing Fort Knox," Hendler said. "This would be the equivalent of liquor stores. It's an easy target and there are lot of them."

#opIsrael reborn: Hackers unite in global operation set for 11 September 2013

Multiple sources are showing that hackers are uniting to strike Israel on 11 September 2013. The #opIsrael reborn operation is an operation that has been initiated by hackers that are active on social media platforms like Facebook and Twitter. This is not the first time Israel is being targeted by an Operation.

FBI expert calls for cyber warfare

So goes the humanity: World War II was replaced by the Cold War (Cold War), which was replaced by the War on Terror (War on Terror), which will be replaced by the War Cybernetics (Cyberwar). 
"Soon," said FBI Director Robert Mueller, during the annual conference of cybersecurity professionals in San Francisco, California on Thursday (1/3). 
"Cyber ​​crime is becoming a greater threat than terrorism. Be more dangerous to America than Al Qaeda," he predicted a greater authority to combat crime in the country, according to CNN and GlobalPost. Mueller (in photo) was the conference to raise cyber security professionals to cyber warfare. "Work with us," he said, to encourage professionals to become employees of the FBI. Companies hate to report security breaches. 
In general, prefer to solve problems privately, than run the risk of being exposed to or involved in investigations that consume much time, he explained. "There are only two types of companies: those that have suffered attacks from hackers and those who still will suffer.
They will merge into one category: those who have suffered attacks from hackers and those who will suffer attacks by hackers again, "he said."Keep the code of silence will not help anyone in the long run."
 He said that for now, the fight against terrorism remains the number one priority of the FBI. "But we expect, in a not so distant future, cyber threats will constitute the greatest danger to the country," he said. He also predicted the combination of the two threats: "Until now, the terrorists have not used the Internet to launch a large-scale cyber attack in the United States. But we can not underestimate the intention of the terrorists," he preached. 
After the attacks on twin towers of New York on September 11, 2001, the FBI has invested heavily in developing their technical and structural to combat terrorism. 
More than 100 anti-terrorism task forces were created in a joint effort with other federal security and intelligence, military units and local police forces, reported CNN. Now the FBI is developing a similar model to combat cyber criminals: created the squadron of cybersecurity (cybersquad), with 56 physical drives and more than a thousand agents and analysts with the task of policing the internet. 
The focus of the FBI has be the main threat groups: terrorists, coalitions of organized crime and cyber espionage sponsored by governments. "The hackers sponsored by governments are patient and calculating," Mueller said. 
"They have the time, money, resources to investigate and can expect. You can discover a security breach, only to discover later that the real damage has been caused in a much higher level," he said.
 The director of FBI did not mention China specifically, but other speakers at the conference did a week. There are predictions that the United States and China will be the names of the exponential Cyber ​​War - as were the United States, Afghanistan and Iraq in the War on Terror, and the United States and Russia in the Cold War.
 But it does not matter nor the U.S. nor China go to war declared, with large-scale mutual attacks: the two countries are heavily dependent economically, one of the other. While the war is announced, the vernacular of the country will thicken cyber with new vocabulary, coined mainly by American authorities and the media:
1) cyberwar (cyberwar),
2) cyberattacks (cyber attack or cyberataque)
3) cyber crime (cyber crime),
4) cybercriminal (cybercriminal),
5) cyberthreat (cyber threat)
6) cyberterror (cyber terror),
7) cyberterrorism (cyber terrorism or cyberterrorism);
8 ) cyberbattle (cyber battle),
9) hachtivists cyber (cyber hackers militants, who, according to U.S. officials, are the "wrong" side, as the group Anonymous, who sided with the Wikileaks)
10) cyberespionage (cyber espionage);
11) cyberspace (cyberspace),
12) cybersecurity (cybersecurity),
13) cybersquad (cyber squad );
14) cyber criminal syndicates (unions of cyber crime).

#freecb3rob: Sven Olaf Kamphuis going to be extradited to the Netherlands in 2 days

The 35-year-old Dutchman Sven Olaf Kamphuis has been arrested for his suspected role in cyber-attacks against Spamhaus, according to the Dutch Public Ministry. The arrest took place in Spain. The media believe the man to be CyberBunker spokesman Sven Olaf Kamphuis.
The latest news that got released was that he is going to be extradited to the Netherlands in two days