DOCSLIB.ORG

Lulzsec Hacker Pleads Guilty to Cyberattacks 9 April 2013

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Lulzsec Hacker Pleads Guilty to Cyberattacks 9 April 2013 LulzSec hacker pleads guilty to cyberattacks 9 April 2013 A British computer hacker affiliated to the group Monsegur and officials on both sides of the Atlantic Lulz Security pleaded guilty Tuesday to swooped in on his alleged collaborators, making cyberattacks on institutions including Sony, roughly half a dozen arrests. Britain's National Health Service and Rupert Murdoch's News International. Copyright 2013 The Associated Press. All rights reserved. This material may not be published, Ryan Ackroyd admitted one count of carrying out broadcast, rewritten or redistributed. an unauthorized act to impair the operation of a computer. Prosecutors say the 26-year-old accessed websites belonging to Sony, 20th Century Fox, the NHS, Nintendo, the Arizona State Police and News International between February and September 2011. He will be sentenced May 14 at Southwark Crown Court in London. Other charges against him are being dropped. Three other British hackers—18-year-old Mustafa Al- Bassam, 20-year-old Jake Davis and Ryan Cleary, 21—had previously pleaded guilty to launching distributed denial of service attacks on organizations including the CIA and Britain's Serious Organized Crime Agency. Denial of service attacks work by overwhelming sites with traffic. Prosecutors say Cleary's targets also included U.S. Air Force computers at the Pentagon. LulzSec, whose name draws on Internet-speak for "laugh out loud," shot to prominence in mid-2011 with an eye-catching attack on U.S. television network PBS, whose website it defaced with a bogus story claiming that the late rapper Tupac Shakur had been discovered alive in New Zealand. An offshoot of the loose-knit movement known as Anonymous, LulzSec and its reputed leader, known as Sabu, had some of the highest profiles in the movement. But last year U.S. officials unmasked Sabu as FBI informant Hector Xavier 1 / 2 APA citation: LulzSec hacker pleads guilty to cyberattacks (2013, April 9) retrieved 2 October 2021 from https://phys.org/news/2013-04-lulzsec-hacker-guilty-cyberattacks.html This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only. 2 / 2 Powered by TCPDF (www.tcpdf.org).
Load more

Recommended publications
  • Sample Iis Publication Page
    https://doi.org/10.48009/1_iis_2012_133-143 Issues in Information Systems Volume 13, Issue 1, pp. 133-143, 2012 HACKERS GONE WILD: THE 2011 SPRING BREAK OF LULZSEC Stan Pendergrass, Robert Morris University, [email protected] ABSTRACT Computer hackers, like the group known as Anonymous, have made themselves more and more relevant to our modern life. As we create and expand more and more data within our interconnected electronic universe, the threat that they bring to its fragile structure grows as well. However Anonymous is not the only group of hackers/activists or hacktivists that have made their presence known. LulzSec was a group that wreaked havoc with information systems in 2011. This will be a case study examination of their activities so that a better understanding of five aspects can be obtained: the Timeline of activities, the Targets of attack, the Tactics the group used, the makeup of the Team and a category which will be referred to as The Twist for reasons which will be made clear at the end of the paper. Keywords: LulzSec, Hackers, Security, AntiSec, Anonymous, Sabu INTRODUCTION Information systems lie at the heart of our modern existence. We deal with them when we work, when we play and when we relax; texting, checking email, posting on Facebook, Tweeting, gaming, conducting e-commerce and e- banking have become so commonplace as to be nearly invisible in modern life. Yet, within each of these electronic interactions lies the danger that the perceived line of security and privacy might be breached and our most important information and secrets might be revealed and exploited.
    [Show full text]
  • Bank & Lender Liability
    Westlaw Journal BANK & LENDER LIABILITY Litigation News and Analysis • Legislation • Regulation • Expert Commentary VOLUME 17, ISSUE 6 / AUGUST 1, 2011 Expert Analysis Once More Into the Breach: Are We Learning Anything? By Cynthia Larose, Esq. Mintz Levin Cohn Ferris Glovsky & Popeo I’m a guy who doesn’t see anything good having come from the Internet. … [The Internet] created this notion that anyone can have whatever they want at any given time. It’s as if the stores on Madison Avenue were open 24 hours a day. They feel entitled. They say, “Give it to me now,” and if you don’t give it to them for free, they’ll steal it. –Sony Pictures Entertainment CEO Michael Lynton, May 14, 20091 How ironic. This comment two years ago by Lynton created a minor firestorm and drove him to post a lengthy rebuttal on The Huffington Post,2 but at the time, Lynton was referring to content piracy, not data breaches. Given the events since Sony’s massive data breaches in April3 (and subsequent breaches in May and June), he might as well as have been referring to user informa- tion held by Sony and its various properties. As a matter of fact, the Sony Pictures hackers said, “Sony stored over 1 million passwords of its customers in plain text, which means it’s just a matter of taking it.”4 Since the April PlayStation Network breach that exposed more than 100 million user accounts, Sony has been hacked more than 10 times. Sony Europe,5 Sony BMG Greece,6 Sony Thailand,7 Sony Music Japan8 and Sony Ericsson Canada9 all suffered some intrusion and compromise of user information.
    [Show full text]
  • A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX
    In Collaboration With A PRACTICAL METHOD OF IDENTIFYING CYBERATTACKS February 2018 INDEX TOPICS EXECUTIVE SUMMARY 4 OVERVIEW 5 THE RESPONSES TO A GROWING THREAT 7 DIFFERENT TYPES OF PERPETRATORS 10 THE SCOURGE OF CYBERCRIME 11 THE EVOLUTION OF CYBERWARFARE 12 CYBERACTIVISM: ACTIVE AS EVER 13 THE ATTRIBUTION PROBLEM 14 TRACKING THE ORIGINS OF CYBERATTACKS 17 CONCLUSION 20 APPENDIX: TIMELINE OF CYBERSECURITY 21 INCIDENTS 2 A Practical Method of Identifying Cyberattacks EXECUTIVE OVERVIEW SUMMARY The frequency and scope of cyberattacks Cyberattacks carried out by a range of entities are continue to grow, and yet despite the seriousness a growing threat to the security of governments of the problem, it remains extremely difficult to and their citizens. There are three main sources differentiate between the various sources of an of attacks; activists, criminals and governments, attack. This paper aims to shed light on the main and - based on the evidence - it is sometimes types of cyberattacks and provides examples hard to differentiate them. Indeed, they may of each. In particular, a high level framework sometimes work together when their interests for investigation is presented, aimed at helping are aligned. The increasing frequency and severity analysts in gaining a better understanding of the of the attacks makes it more important than ever origins of threats, the motive of the attacker, the to understand the source. Knowing who planned technical origin of the attack, the information an attack might make it easier to capture the contained in the coding of the malware and culprits or frame an appropriate response. the attacker’s modus operandi.
    [Show full text]
  • Forces Shaping the Cyber Threat Landscape for Financial Institutions
    SWIFT INSTITUTE SWIFT INSTITUTE WORKING PAPER NO. 2016-004 FORCES SHAPING THE CYBER THREAT LANDSCAPE FOR FINANCIAL INSTITUTIONS WILLIAM A. CARTER PUBLICATION DATE: OCTOBER 2, 2017 The views and opinions expressed in this paper are those of the authors. SWIFT and the SWIFT Institute have not made any editorial review of this paper, therefore the views and opinions do not necessarily reflect those of either SWIFT or the SWIFT Institute. 1 Contents I. Executive Summary II. Introduction III. Consumer fraud: New defenses and mobile banking are transforming the landscape a) New defenses are transforming consumer fraud and carding b) As consumer bank fraud becomes harder, business customers are being targeted c) Mobile malware is the new frontier of consumer bank fraud d) ICT4C: Financial inclusion is creating new threats in the developing world IV. Targeted Attacks on Bank Networks: What is changing? a) Attackers are becoming more sophisticated, persistent b) Law enforcement still struggling to keep up c) Banks in Asia are top targets d) Vectors of compromise – new twists on old themes. e) Attacks are changing V. Conclusion: More Threats, More Complexity, More Sophistication 2 I. Executive Summary Financial institutions have long been the leading targets for cybercrime, but the tools and tactics used are changing. New technologies are increasingly incorporated into financial networks and the broader internet, transforming the attack surface that adversaries can exploit. The incentives for attackers are also shifting, forcing banks to face more numerous and sophisticated adversaries. And as cyber awareness grows in the financial sector and firms continue to invest billions in new defenses, attackers are changing their approaches to stay one step ahead.
    [Show full text]
  • Reporting, and General Mentions Seem to Be in Decline
    CYBER THREAT ANALYSIS Return to Normalcy: False Flags and the Decline of International Hacktivism By Insikt Group® CTA-2019-0821 CYBER THREAT ANALYSIS Groups with the trappings of hacktivism have recently dumped Russian and Iranian state security organization records online, although neither have proclaimed themselves to be hacktivists. In addition, hacktivism has taken a back seat in news reporting, and general mentions seem to be in decline. Insikt Group utilized the Recorded FutureⓇ Platform and reports of historical hacktivism events to analyze the shifting targets and players in the hacktivism space. The target audience of this research includes security practitioners whose enterprises may be targets for hacktivism. Executive Summary Hacktivism often brings to mind a loose collective of individuals globally that band together to achieve a common goal. However, Insikt Group research demonstrates that this is a misleading assumption; the hacktivist landscape has consistently included actors reacting to regional events, and has also involved states operating under the guise of hacktivism to achieve geopolitical goals. In the last 10 years, the number of large-scale, international hacking operations most commonly associated with hacktivism has risen astronomically, only to fall off just as dramatically after 2015 and 2016. This constitutes a return to normalcy, in which hacktivist groups are usually small sets of regional actors targeting specific organizations to protest regional events, or nation-state groups operating under the guise of hacktivism. Attack vectors used by hacktivist groups have remained largely consistent from 2010 to 2019, and tooling has assisted actors to conduct larger-scale attacks. However, company defenses have also become significantly better in the last decade, which has likely contributed to the decline in successful hacktivist operations.
    [Show full text]
  • An Analysis of the Nature of Groups Engaged in Cyber Crime
    International Journal of Cyber Criminology Vol 8 Issue 1 January - June 2014 Copyright © 2014 International Journal of Cyber Criminology (IJCC) ISSN: 0974 – 2891 January – June 2014, Vol 8 (1): 1–20. This is an Open Access paper distributed under the terms of the Creative Commons Attribution-Non- Commercial-Share Alike License, which permits unrestricted non-commercial use, distribution, and reproduction in any medium, provided the original work is properly cited. This license does not permit commercial exploitation or the creation of derivative works without specific permission. Organizations and Cyber crime: An Analysis of the Nature of Groups engaged in Cyber Crime Roderic Broadhurst,1 Peter Grabosky,2 Mamoun Alazab3 & Steve Chon4 ANU Cybercrime Observatory, Australian National University, Australia Abstract This paper explores the nature of groups engaged in cyber crime. It briefly outlines the definition and scope of cyber crime, theoretical and empirical challenges in addressing what is known about cyber offenders, and the likely role of organized crime groups. The paper gives examples of known cases that illustrate individual and group behaviour, and motivations of typical offenders, including state actors. Different types of cyber crime and different forms of criminal organization are described drawing on the typology suggested by McGuire (2012). It is apparent that a wide variety of organizational structures are involved in cyber crime. Enterprise or profit-oriented activities, and especially cyber crime committed by state actors, appear to require leadership, structure, and specialisation. By contrast, protest activity tends to be less organized, with weak (if any) chain of command. Keywords: Cybercrime, Organized Crime, Crime Groups; Internet Crime; Cyber Offenders; Online Offenders, State Crime.
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]
  • SONY Pictures Entertainment - Hack of the Century 1
    SONY Pictures Entertainment - Hack of the Century 1 SONY Pictures Entertainment - Hack of the Century SONY Pictures Entertainment - Hack of the Century 2 Submitted to the 2016 Arthur Page Society Case Study Competition Table of Contents Executive Summary ............................................................................................................................................... 3 Hacking Overview ................................................................................................................................................. 3 Guardians of Peace ........................................................................................................................................... 3 The Interview .................................................................................................................................................... 4 Sony Inc. ................................................................................................................................................................ 4 Sony Background .............................................................................................................................................. 4 Sony Pictures Entertainment ............................................................................................................................ 4 Sony Pictures Entertainment Market ................................................................................................................... 5 Market and Industry Analysis
    [Show full text]
  • How to Use Hacker Persona's to Successfully Build Devsecops
    How to use hacker persona’s to successfully build DevSecOps Pipeline • Robin Yeman • Lockheed Martin Sr. Fellow • Lockheed Martin • twitter @robinyeman Agenda • DevOps and Pipeline • Securing the pipeline • Apply the practices 2 DevOps and delivery pipeline DevOps DevOps is “a cross-disciplinary community of practice dedicated to the study of building, evolving and operating rapidly-changing resilient systems at scale.” - Jez Humble Why DevOps Forsgren, Nicole. “DevOps Solutions | Google Cloud.” Google, Google, 22 Aug. 2019, https://cloud.google.com/devops/state-of- devops/. DevOps Pipeline Requirements / Design Version Control Build Tool(s) Continuous Integration Test Framework(s) API Library End to End Security Commit & Build Validate Deploy D Application Code & Build Application a s Integration Acceptance Production h Version Control Test Test Deploy b Environment o Commit & Build Validate Deploy Infrastructure Automation Package Infrastructure a Development Integrated r d API Library Configuration Environments Monitoring Artifact Repository Product Backlog Management Schedule Securing the delivery pipeline Threat Modeling • Identify Assets • Using IDDIL-ATC Methodology • Define the Attack Surface – Gain understanding • Decompose the System – Assess risk • Identify Attack Vectors – Justify security controls • List Threat Actors • Analysis & Assessment • Triage • Controls DevOps Pipeline Threat Model Attack Surfaces in the pipeline Requirements / Design Version Control Build Tool(s) Continuous Integration Test Framework(s) API Library
    [Show full text]
  • Attributing Cyber Attacks Thomas Rida & Ben Buchanana a Department of War Studies, King’S College London, UK Published Online: 23 Dec 2014
    This article was downloaded by: [Columbia University] On: 08 June 2015, At: 08:43 Publisher: Routledge Informa Ltd Registered in England and Wales Registered Number: 1072954 Registered office: Mortimer House, 37-41 Mortimer Street, London W1T 3JH, UK Journal of Strategic Studies Publication details, including instructions for authors and subscription information: http://www.tandfonline.com/loi/fjss20 Attributing Cyber Attacks Thomas Rida & Ben Buchanana a Department of War Studies, King’s College London, UK Published online: 23 Dec 2014. Click for updates To cite this article: Thomas Rid & Ben Buchanan (2015) Attributing Cyber Attacks, Journal of Strategic Studies, 38:1-2, 4-37, DOI: 10.1080/01402390.2014.977382 To link to this article: http://dx.doi.org/10.1080/01402390.2014.977382 PLEASE SCROLL DOWN FOR ARTICLE Taylor & Francis makes every effort to ensure the accuracy of all the information (the “Content”) contained in the publications on our platform. However, Taylor & Francis, our agents, and our licensors make no representations or warranties whatsoever as to the accuracy, completeness, or suitability for any purpose of the Content. Any opinions and views expressed in this publication are the opinions and views of the authors, and are not the views of or endorsed by Taylor & Francis. The accuracy of the Content should not be relied upon and should be independently verified with primary sources of information. Taylor and Francis shall not be liable for any losses, actions, claims, proceedings, demands, costs, expenses, damages, and other liabilities whatsoever or howsoever caused arising directly or indirectly in connection with, in relation to or arising out of the use of the Content.
    [Show full text]
  • Timeline of ANTISEC As Created and Operated Under FBI Supervision
    TIMELINE 4 June 2011 - First passing mention of ANTISEC in relation to Anonymous is made on LulzSec twitter (http://goo.gl/cwO2G) 7 June 2011 - SABU visited by FBI and arrested quietly 8 June 2011 - By 10AM this day, SABU was fully cooperating with feds 19 June 2011 - AFTER arrest, SABU resumes tweeting after a prolonged break (last recorded tweets being random in March and May of 2011 -- http://goo.gl/frJpR). His first tweet is to announce the formation of ANTISEC (http:// goo.gl/725mr). He announces ANTISEC as "The biggest, unified operation amongst hackers in history." <-- Does "unified" = conspiracy? Original ANTISEC Release Statement - http://pastebin.com/ 9KyA0E5v 20 June 2011 - LulzSec announces Tango Down of site for UK's Serious Organised Crime Agency (SOCA.gov.uk) "in the name of #ANTISEC" (http://goo.gl/RdbnM) <-- Note, Topiary would later be arrested and charged with DDOS attack on SOCA website 22 June 2011 - LulzSec tweets "ofcial ANTISEC theme song" (http:// goo.gl/dfTiw). 23 June 2011 - LulzSec releases Chinga La Migra on AZ law enforcement in protest of AZ SB1070 (http://goo.gl/9s2dG). Both release and tweeted announcement referenced #ANTISEC (http:// goo.gl/f558l) 23 June 2011 - SABU tweets "Friday will be beginning of #ANTISEC dumps. Big ups to all hackers involved in this massive project!" http://goo.gl/6IJAI 24 June 2011 - Logs from IRC channel #pe are leaked publicly. SABU appears as an authority figure. Are they leaked with a purpose of establishing him even more in the Anonymous community as a leader? http://gu.com/p/3v5c5 24 June 2011 - ANTISEC releases a call to arms video (http:// www.youtube.com/watch?v=dNaAaPvyYqI).
    [Show full text]
  • The Anatomy of an Anonymous Attack the Anatomy of an Anonymous Attack
    White Paper Imperva’s Hacker Intelligence Summary Report The Anatomy of an Anonymous Attack The Anatomy of an Anonymous Attack Executive Summary During 2011, Imperva witnessed an assault by the hacktivist group ‘Anonymous’ that lasted 25 days. Our observations give insightful information on Anonymous, including a detailed analysis of hacking methods, as well as an examination of how social media provides a communications platform for recruitment and attack coordination. Hacktivism has grown dramatically in the past year and has become a priority for security organizations worldwide. Understanding Anonymous’ attack methods will help organizations prepare if they are ever a target. Our observation of an Anonymous campaign reveals: › The process used by Anonymous to pick victims as well as recruit and use needed hacking talent. › How Anonymous leverages social networks to recruit members and promotes hack campaigns. › The specific cyber reconnaissance and attack methods used by Anonymous’ hackers. We detail and sequence the steps Anonymous hackers deploy that cause data breaches and bring down websites. Finally, we recommend key mitigation steps that organizations need to help protect against attacks. Methodology This report is based on an Anonymous attack observed by the Imperva Application Defense Center. The target organization of the attack had a Web application firewall deployed which recorded and repelled the attacks. By analyzing traffic logs, we analyzed the attacks on these applications and categorized them according to the attack method, as well as identified patterns and trends within these attacks. We also analyzed Anonymous social media communications in the days leading up to and after the attack. We believe this is the first end-to-end record of a full Anonymous attack.
    [Show full text]