Tag Archive for: meet

Meet the hacker armies on Ukraine’s cyber front line

/in


  • By Joe Tidy
  • Cyber correspondent

When Russia initiated its full-scale invasion of Ukraine, a second, less visible battle in cyberspace got under way. The BBC’s cyber correspondent Joe Tidy travelled to Ukraine to speak to those fighting the cyber war, and found the conflict has blurred the lines between those working for the military and the unofficial activist hackers.

When I went to visit Oleksandr in his one-bedroom flat in central Ukraine, I found a typically spartan set-up common to many hackers.

No furniture or home comforts – not even a TV – just a powerful computer in one corner of his bedroom and a powerful music system in the other.

From here, Oleksandr has helped temporarily disable hundreds of Russian websites, disrupted services at dozens of banks and defaced websites with pro-Ukraine messages.

He is one of the most prominent hackers in the vigilante group, the IT Army of Ukraine – a volunteer hacking network with a Telegram group nearly 200,000-strong.

For more than a year, he has devoted himself to causing as much chaos in Russia as possible.

Even during our visit he was running complex software attempting to take his latest target – a Russian banking website – offline.

Ironically though, he admits the idea for his favourite hack actually began with a tip from an anonymous Russian, who told them about an organisation called Chestny Znak – Russia’s only product authentication system.

He was told all goods produced in Russia – including fresh food – have to be scanned for a unique number and a barcode supplied by the company from the moment of their creation at a factory, up till the moment of being sold.

Oleksandr smiles as he describes how he and his team found a way to take the service offline, using a hacking tool that floods a computer system with internet traffic – known as a targeted DDoS (Distributed Denial-of-Service) attack.

“The economic losses were pretty high, I think. It was mind-blowing,” says Oleksandr.

Image caption,

Oleksandr says he is not scared of Russian reprisals and refuses to hide his identity

In reality, it’s hard to gauge the disruption prompted by the hack, but for four days last April Chestny Znak posted regular updates about the DDoS…

Source…

UK’s offensive hacking force plans to scale operations to meet government’s demands

/in


The UK’s National Cyber Force (NCF) has revealed plans to scale operations amid rising demands from the government to ramp up offensive hacking capabilities.

In a report offering a unique insight into the NCF’s ongoing expansion, the offensive cyber force said it needs to “scale up to meet the requirements government has of it” and is rapidly expanding personnel and capabilities to meet current demand. 

The NCF is currently in the process of establishing a new permanent base of operations as Samlesbury in Lancashire, which it said will enable the force to “increase operational output”. 

Samlesbury, a 45-minute drive from GCHQ operations in Manchester, was selected as the site for the NCF headquarters in 2021.

As part of this expansion and recruitment drive, the NCF revealed that it plans to further invest in offensive hacking capabilities to contend with escalating global threats. 

The report said that “significant capability investment” will be required to “keep pace with the changing nature of technology” and mitigate increasingly sophisticated cyber threats currently faced by the UK. 

The NCF specifically highlighted rapid technological developments as a key operational challenge, noting that “fundamental changes to the future shape of the internet and globalisation of technology could raise significant complications”. 

“Our adversaries are global and use a wide array of cyber and digital technologies,” the report said. “We need to have the technical ability and readiness to reach these adversaries wherever they are and irrespective of how they are using cyber technology.”

Closer integration with defence partners, including GCHQ, the Ministry of Defence (MOD), and the Secret Intelligence Service (SIS) will also be a key objective for the NCF moving forward.

The NCF noted that it must “integrate effectively with other parts of government and with a wider range of partners and allies”. 

This includes law enforcement, government policy departments, the private sector, and a “growing number of international allies”. 

“More broadly, we are working with the private sector, academia, think tanks, and wider civil society to harness the best…

Source…

The Dark Arts: Meet The LulzSec Hackers

/in


It’s difficult to say if [Aaron Barr], then CEO of software security company HBGary Federal, was in his right mind when he targeted the notorious hacking group known as Anonymous. He was trying to correlate Facebook and IRC activity to reveal the identities of the group’s key figures. In the shadowy world of black-hat hacking, getting your true identity revealed is known as getting doxed, and is something every hacker fears. Going after such a well-known group would be sure to get his struggling company some needed publicity. It would also have the most unfortunate side effect of getting the hacking groups attention as well.

DA_06
Aaron Barr

Perhaps [Aaron Barr] expected Anonymous to come after him…maybe he even welcomed the confrontation. After all, he was an ‘expert’ in software security. He ran his own security company. His CTO [Greg Hoglund] wrote a book about rootkits and maintained the website rootkits.com that boasted over 80 thousand registered users. Surely he could manage a few annoying attacks from a couple of teenage script kiddies playing on their parent’s computer. It would have been impossible for him to know how wrong he was.

It took the handful of hackers less that 24 hours to take complete control over the HBGary Federal website and databases. They also seized [Barr’s] Facebook, Twitter, Yahoo and even his World of Warcraft account. They replaced the HBGary Federal homepage with this declaration – with a link to a torrent file containing some 50,000 emails resting ominously at the bottom. At the same time, they were able to use social engineering techniques to SSH into the rootkit.com site and delete its entire contents.

It became clear that these handful of Anonymous hackers were good. Very good. This article will focus on the core of the HBGary hackers that would go on to form the elite LulzSec group. Future articles in this new and exciting Dark Arts series will focus on some of the various hacking techniques they used. Techniques including SQL injection, cross-site scripting, remote file inclusion and many others. We will keep our focus on how these techniques work and how they can be thwarted with better security practices.

LulzSec – For…

Source…

Meet a fleet of artificially intelligent cans of Spam

/in


ai spam robots

ai spam robots

Behold! An army of cans of Spam typing up an original version of Aldous Huxley’s “Brave New World”, but swapping key words with pig-related replacements. It’s all the focus of an art project by Neil Mendoza using a neural network and machine learning to create strange unique results.

Source…