AllThingsD.com

Yet now that the attacks have subsided, it’s time to see them for what they are: Nothing more than a blunt instrument that accomplishes nothing constructive.

As of today, only one of the Web sites attacked by the hacker troupe Anonymous is still apparently affected, and that belongs to the Universal Music Group recording label. It currently displays only a message saying “The Site is under maintenance. Please expect it to be back shortly.” Others that had been attacked yesterday, including the sites of the U.S. Department of Justice, the Recording Industry Association of America and the Motion Picture Association of America all seemed to be operating normally.

Thursday’s attacks, which have been described as the biggest action yet organized by Anonymous, were launched in apparent revenge for the FBI’s arrest of several people associated with the file-sharing site Megaupload.com over suspicions of online piracy. Taking place against the backdrop of a wider, more civil protest against anti-piracy legislation currently before the U.S. Congress, the atmosphere around the attacks has been politically charged.

As Molly Wood of CNET put it, the #OpMegaUpload attacks — coming as they did on the heels of Wednesday’s peaceful anti-SOPA protest — seem like an “unsettling wave of car-burning hooligans that sweep in and incite the riot portion of the play,” spurring equally unsettling reactions from the powers that be.

Many outlets have portrayed the attacks as “hacks,” implying that someone had picked a lock in order to commit some kind of sabotage. But the tactic used — a distributed denial-of-service (DDoS) attack — is more aptly compared to a blunt instrument, requiring neither skill nor knowledge, only large numbers of willing participants who team up to swarm a site with more requests than it can accommodate and thus overwhelm its ability to function normally.

The adjective “willing” is debatable, and perhaps inaccurate. Anonymous was able to generate such impressive numbers with the operation — it claimed more than 5,000 participants — by spamming a link in chat rooms and via Twitter that, when clicked, triggered a tool used to launch the attack. People tricked into following the link are given no context or information, and so may or may not have any idea that they’re participating in the execution of a crime.

For the record, it is illegal in the U.S., the U.K., Sweden and other countries to launch and participate in a DDoS attack like the one Anonymous organized. As anyone who has observed the evolution of Anonymous (and its various affiliates using the names LulzSec and AntiSec) should know, the FBI arrested 16 people last July, many of them charged with participating in a DDoS attack against PayPal in protest of its shutting down an account used by WikiLeaks.

In 2009, a New Jersey man was sentenced to a year and a day in prison for launching a DDoS attack against the Church of Scientology. And in 2010, a 23-year-old Ohio man was sentenced to 30 months in prison for launching DDoS attacks against several prominent U.S. conservatives, including the author Ann Coulter, former New York City mayor Rudolph Giuliani and Fox News commentator Bill O’Reilly.

Records like that suggest to me that DDoS attacks never accomplish anything that the people who organize and carry them out attempt to do. At most, they inconvenience the people who visit and operate the targeted sites for a few hours, until the attention spans of the attackers shift elsewhere. They also generate headlines that are forgotten by nearly everyone except the targets, and sometimes law enforcement.

And so it will be this time. Mark your calendars, because the Megaupload revenge attacks will spur a series of arrests later this year. Some of those arrested will be people who didn’t know they were committing a crime. And that certainly won’t help Anonymous’ image. Nor will it further a single bit of what passes for the Anonymous agenda.

I wrote then:

“The unvarnished fact is that the networked society to which we’ve become accustomed in the last several years has a soft, vulnerable underbelly.

And the more we rely upon it, the more people with a combination of advanced technical skills and repugnant motivations are going to look for ways to turn it against us.

Some will do so as a means of making a personal profit. Others may see it as a way of advancing a political or ideological agenda.

But others will want to use theirs skills to do serious harm to innocent people on a large scale.”

Part of these predictions or ruminations or whatever you care to call them makes me think of the hijinks of the group that started out in the spring variously known as LulzSec, Anonymous and later adopted the moniker AntiSec. This loosely affiliated group emerged from the wake of the various attacks against Sony, and seemed to have nothing to prove but that it could make mincemeat out of whatever security measures had been put in place by Sony or whatever video game outfit it had targeted on a given day.

Sony’s Playstation Network was a favorite target, and its service was at least partially offline during two months ended in July.

Then, as summer dawned, the group’s members became aware of global politics and teamed up with Anonymous, the Wikileaks-allied band of hackers known for their campaigns of digital civil disobedience. Together they declared “immediate and unremitting war” on governments and corporations, and said their top priority would be to steal and leak any classified government information, including but not limited to email and documentation. They attacked an Arizona police agency as a way of making a statement against anti-immigrant laws in that state, and published the names and home addresses of several officers.

Later they sought to earn some street cred by stealing “secret” documents from NATO, only to learn after the fact that the documents they released had not only been released before, but weren’t even really all that secret to begin with. It wasn’t long before alleged members of the group started showing up in handcuffs, which seemed not to faze them. The prospect of body bags and real-world violence during a confrontation with Mexican drug cartels, however, did.

Yet for all the headlines they garnered and the headaches they caused, the LulzSec/Anonymous/AntiSec gang wasn’t anywhere near the scariest thing to appear on the computer security landscape in 2011. To my mind, one of the top three scariest things was the disclosure of Operation Shady RAT, which Intel-unit McAfee said appeared to be the biggest large-scale compromise ever, affecting 72 organizations and governments around the world, including the U.S., Taiwan, Vietnam, South Korea, Canada and India — some of them dating back as far as 2006. McAfee said the attacker was a “state actor,” though it declined to name it. The candidate highest on the short list was, naturally, China.

The second truly scary incident was the attack carried out against RSA Security, a unit of the IT company EMC, the maker of the popular SecurID tokens that so many people have on their keychains and use to create an added layer of security that goes beyond the password. Months later, the U.S. defense contractor Lockheed Martin was attacked with duplicate SecurID tokens.

Finally, the Stuxnet Trojan (used by parties officially unknown, but probably Israel with a little help from the U.S.) continued to fascinate and confound security researchers in 2011. Having caused nuclear centrifuges in Iran to explode in an attempt to set back that country’s nuclear weapons research program, Stuxnet was found to have a sibling called Duqu. Unlike Stuxnet, which messed with industrial control computers and made them do things they wouldn’t normally do, Duqu’s mission was much simpler: Steal everything in sight.

And after that, it was discovered by researchers at Kaspersky labs that Stuxnet and Duqu are part of an even bigger family, with at least three more siblings still undetected by researchers, and that all five were created by the same people and with the same tools. Chances are we’ll see at least a few of those final three in 2012, particularly as tension with Iran heats up.

So while there was much to consider scary happening on the Internet in 2011, I’m grateful for being wrong on one key prediction: That we didn’t see a significant computer attack used to physically harm innocent people on a large scale. That’s one prediction I hope to miss for years to come.

Identity Finder, a New York-based identity theft protection firm, has analyzed the information breached and summarized what the attackers appear to have made off with.

• 50,277 unique credit card numbers, of which 9,651 are not expired
  
• 86,594 email addresses, of which 47,680 are unique
  
• 27,537 phone numbers, of which 25,680 are unique

• 44,188 encrypted passwords, of which roughly 50 percent could be easily cracked
• 73.7 percent of decrypted passwords were weak
• 21.7 percent of decrypted passwords were medium strength
• 4.6 percent of decrypted passwords were strong
• Average decrypted password length: 7.1 characters
• 10 percent of decrypted passwords were less than 5 characters long
• Only 4.8 percent of decrypted passwords were 10+ characters long
• Presumably the remaining non-decrypted passwords were stronger than the decrypted subset
• 13,973 of the addresses belonged to United States victims; the remainder belonged to individuals from around the world

There are also an additional 2.7 million email messages that the attackers claim to have taken, but that have not yet been released.

Stratfor has promised to inform the customers whose information was taken no later than Dec. 28, which is tomorrow. Anonymous, ever seeking to justify its actions in the name of some higher moral purpose, said in a tweet that Stratfor, which sells subscriptions to its intelligence analysis reports to government, law enforcement agencies and businesses, isn’t “the harmless company it tries to paint itself as,” and that the emails will show that.

@techwriterjim It was conducted by #Antisec. Stratfor is not the “harmless company” it tries to paint itself as. You’ll see in those emails.

December 27, 2011 10:27 am via QwitReplyRetweetFavorite

@AnonymousIRC

AnonymousIRC

Whatever. Wired reported that someone who participated in the attack said that a total of four servers were breached, and the data on them wiped. The question that then logically arises is this: What was a firm that’s ostensibly in the business of advising business and government clients on security doing about its own?

The reason? A scary vulnerability in Java that was detected over the summer, and which Oracle has subsequently fixed, is being exploited by people who create the malware and crimeware that causes so many headaches for home users and corporate IT departments.

The risk is especially acute at large companies with big fleets of desktops and notebooks to manage. If you’re a home user, the patch is easy to install. But most employees don’t have administrative privileges on their work desktops or notebooks, so someone from the IT department has to come and install the patch for them.

That’s a big, time-consuming process, says HD Moore, chief security officer at Rapid7, a Cambridge, Mass-based company that specializes in helping companies stay ahead of new computer security vulnerabilities. He’s also the chief architect of Metasploit, which Rapid7 owns.

One of the reasons this particular vulnerability is so bad is that even after it was detected and fixed, it wasn’t fully understood how dangerous it is, Moore says. Crimeware creators somehow figured it out ahead of most security researchers, and started adding code to Web sites designed to take advantage of it. And that’s especially dangerous at this time of the year, when people are shopping online both at home and the office. “It’s kind of like a perfect storm,” Moore told me yesterday. Add to that the fact that many companies have IT staff taking vacation during the holiday season, and the timing couldn’t be worse.

Enterprise is historically bad at patching Java vulnerabilities anyway, because it doesn’t have the same automatic update tools that Windows or Adobe Flash does. “The tools for patching Java aren’t that great,” Moore told me. “A Java update just isn’t treated with the same fervor as a Windows update.”

So how bad is this one? The National Vulnerability Database rates it a 10 out of 10 on the severity scale, and also rates it as “low” on the access complexity scale — meaning it’s really easy for the bad guys to carry out an attack using it.

Security blogger Brian Krebs discovered the vulnerability being “weaponized,” that is, built into the software that computer criminals buy on the black market. For instance, those who have bought something called the Blackhole Exploit Kit, a $4,000 software toolkit used to target Windows machines, are getting automatic updates that include tools to take advantage of the Java vulnerability.

What to do until you can get all your machines updated with the latest version of Java? Simple, really: Disable it and block it at the firewall, until all the machines on the network that need the update have it, Moore says.

Rapid7, incidentally, is a security company on the rise. Just last month it raised a $50 million series C round of funding, led by Technology Crossover Ventures and joined by previous investors Bain Capital Ventures; Tim McAdam, a TCV partner, joined Rapid7′s board.

Printers are Internet-connected devices just like computers. They have their own operating systems and software, and so, in theory, are vulnerable to attacks by hackers just as computers are. There was an old urban myth that in the run-up to the first Iraq War in 1991, hacked HP printers shipped to Iraq were instrumental in shutting down Iraqi radar systems. It wasn’t true — it was published on April 1 of that year by the trade magazine InfoWorld — but the idea stuck, and at least one group of security researchers has been studying the use of Trojans installed into printers.

The Columbia researchers had claimed that a part inside a printer called a fuser, used to dry the ink, could be remotely instructed to overheat, eventually causing paper inside the printer to turn brown and start to smoke.

Conceptually it’s not that different from the Stuxnet attack against the Iranian nuclear research program. The attackers in that case, thought to be Israel with a little help from the U.S., attacked industrial control computers known as SCADA systems that serve as the bridge between typical Windows-based machines and industrial equipment that the SCADA systems control. In the case of Stuxnet, the SCADA systems were controlled — often they have only default passwords or no passwords at all — and the machines they were connected to could be instructed to literally destroy themselves.

Some researchers at the U.S. Department of Energy’s Idaho National Lab did just that in the video below, showing in a controlled environment that a generator could be hijacked over the Internet and made to destroy itself.

But could you do the same thing with a printer? Theoretically, I’d say it’s possible. But in this case, HP says not where its printers are concerned.

Below is an internal HP memo from Vyomesh “VJ” Joshi, the head of HP’s Imaging and Printing Group, that was circulated to employees today.

First off, he says, the fire issue is not true. As noted in the public statement, HP’s printers have a component called a thermal breaker that prevents the fuser from overheating, and it can’t be overcome by a firmware upgrade.

But Joshi also spanks the Columbia researchers for turning to the media and not calling HP first, which is the way security researchers usually operate when they identify a serious vulnerability. There is, he concedes, a vulnerability to malicious firmware modifications, especially on printers that are left unprotected on a network without a firewall running. HP aims to fix that. But usually in these situations, the media doesn’t get called until a fix is ready. “Unfortunately in this situation, a Columbia representative took it upon himself to contact the media and reports were published prior to a solution being available,” he writes.

Joshi’s full memo is below.

From: IPG, Vyomesh Joshi
Sent: Tuesday, November 29, 2011 4:40 PM
Subject: Inaccurate Printer Security Press Coverage

Dear IPG Employees,

As many of you have read today there has been sensational and inaccurate press coverage regarding potential security risks with some HP LaserJet printers. I wanted to make sure you had the most current information and context for this situation. No customer has reported unauthorized access. We have also seen speculation in the media regarding the potential for devices to catch fire due to a firmware change. This claim is inaccurate. We have issued a public statement communicating to customers and partners and refuting inaccurate information.

This information first came to us late last week from a research lab based at Columbia University. As a result, we have identified a specific vulnerability exists for some HP LaserJet devices if placed on a public internet without a firewall or if a malicious effort is made to modify the firmware of the device by a trusted party on the network. Our security team is taking immediate measures to build a firmware upgrade to resolve any potential risk and will be communicating this proactively to customers and partners who may be impacted.

Typically when a security issue is identified, responsible disclosure is followed so that vulnerabilities are not made public until a solution is available. Unfortunately in this situation, a Columbia representative took it upon himself to contact the media and reports were published prior to a solution being available.

We have always taken security very seriously. In fact, HP’s reputation for security continues to be among the highest in the industry. I want to assure you that our security experts are working around the clock to mitigate any potential risk.

We will make every effort to communicate new information as it becomes available.

Regards,

VJ

The techniques described in the trove of 200-plus marketing documents include hacking tools that enable governments to break into people’s computers and cellphones, and “massive intercept” gear that can gather all Internet communications in a country.

Read the rest of this post on the original site »

The lawyer’s opinion, and other documents released Tuesday by Parliament’s Culture, Sport and Media Committee, add to already mounting pressure on top News Corp. executives, including Deputy Chief Operating Officer James Murdoch, who has insisted he was in the dark about the extent of illegal reporting tactics at the time.

Read the rest of this post on the original site »

It’s been more than 30 years since my favorite American bard, John Prine, sang that lyric, and it came to mind as I sat down today to meet with Brian David Johnson, who is, to my recollection, the first person I’ve ever known to carry the job title “futurist.” And yes, it sounds a little specious, until you find out he works as a futurist for the chipmaker Intel, which certainly has a long-term strategic interest in anticipating the demands of the future well before they happen.

Johnson was a guest today on The Wall Street Journal’s “Digits” program, which I co-hosted with the Journal’s affable Simon Constable. Johnson is in New York to speak at Comic Con about Intel’s Tomorrow Project, which aims to ask honestly what computing may be like 15 or 20 years from now — and the implications for our daily lives.

Think back to 1996 and you probably had some idea of what 2011 would be like. But did you really? You may have had a cellphone, but would you have imagined how much of your daily life would be punctuated by its use, beyond making phone calls? If you were to zap back in time and have a conversation with the 1996 you about life in 2011, you’d probably have to rely on science fiction to get the point across. “You know the communicator and tricorder from ‘Star Trek’? Yeah, we basically have those. We call them smartphones, and they’re kind of a big deal,” the 2011 you might say. “And they’re also the talking computers from ‘Star Trek.’ And you won’t believe who makes them.”

Science fiction makes it possible, Johnson says, to have a conversation about the future, by giving us the metaphors we need to figure out what we want and don’t want to happen. Hence “The Tomorrow Project Anthology,” a collection of short stories set in the future, imagining plausible situations emerging from science fact of today. One volume of the anthology was published earlier this year, and a new one is out now.

What happens, on some hypothetical day in the future, when passwords are easily and readily hackable and all our personal information is more or less available for all the world to see and take and use? That’s what the writer Cory Doctorow asks in his story, “The Knights of the Rainbow Table,” which appears in the new volume.

So these are some of the things that Simon and I talked about with Johnson in today’s closing segment on “Digits,” which you can see below. Enjoy.

*Lyrics from “Living in the Future,” by John Prine, from the 1980 album “Storm Windows.”

It started as curiosity and it turned into just being addicted to what was going on behind the scenes … I was almost relieved when they came and took the computer.

Christopher Chaney, the alleged “celeb hacker” who was arrested on charges of hacking the email accounts of Scarlett Johansson and other celebrities, said he was glad he got caught because he didn’t know how to stop.

The media giant’s News International unit has agreed to pay roughly £2 million to the Dowler family and about £1 million to a charity, the person added. Unlike dozens of other alleged phone-hacking victims, the Dowler family hasn’t filed a lawsuit against the company.

Read the rest of this post on the original site »

Today, HP presented a new strategy intended to boost its role in the business of supplying IT security to large businesses. With two big shifts hitting the corporate computing environment — cloud computing and scores of worker-selected mobile devices entering the workplace — there are a lot of new security challenges giving CIOs headaches.

“If you look at those trends, they challenge the traditional notions of enterprise security,” says Tom Reilly, HP’s VP and general manager for Enterprise Security Products. “So we want to address those challenges.”

The traditional approach in IT security was to establish strong perimeters around the network and around a company’s computers that could keep bad guys out and let good guys in, and then setting strict rules about what people allowed access can do.

Cloud computing obviates the need for a perimeter, because all the computing resources are, well, in the cloud. They live on some virtualized server in someone else’s data center. And someone who brings their iPhone to the office expects to have the same level of access to the resources they need to do the job. The old models don’t really apply anymore.

Meanwhile, attacks are surging. A study by the Ponemon Institute — which, in fairness, was sponsored by HP’s subsidiary ArcSight — found that cyberattacks against a group of 50 large companies grew by 44 percent last year versus the prior year. The companies in the sample group — all of which had 700 or more users — were hit with a combined 72 successful attacks per week, averaging more than one per company per week. The study also found that the costs to mitigate these attacks went up by 56 percent year over year.

“The bad guys are getting better, but as we change our IT environment we’re giving them more surface area from which to launch these attacks,” Reilly says.

So HP is coming into the picture with what it says is a new approach. It turns out HP has been quietly building up its security bona fides through acquisitions. Last year it paid $1.5 billion to acquire security intelligence firm ArcSight, of which Reilly was CEO. In 2009, it acquired TippingPoint, a network security outfit that came with the $2.7 billion acquisition of 3Com. Another pair of acquisitions, Fortify and SPI Dynamics, both specialize in application security.

HP’s plan is to mix these security capabilities into its Enterprise services offerings, Reilly says. Rather than try to sell each company new firewalls or other stuff, HP can come in and augment whatever security the company is already using with better information about threats and a new set of tools that can see how the company’s infrastructure is being used, not just on-premise, but within cloud-based environments, as well.

The point, Reilly says, is not so much to sell specific new security products to companies, but to take a service-based approach that helps a company get a better handle on the new security troubles it may be facing.

The trouble is that HP hasn’t generally been viewed as a player in the IT security market, and risk-averse CIOs are usually slow to embrace new vendors, because they tend to have long-term relationships with suppliers. But with the nature of the threats changing, HP is apparently hoping to use its status as an established supplier of servers, PCs and other IT products and services, to start a conversation around security with its customers.

There has been a lot of activity around security in the last few years. Intel spent more than $7 billion to acquire the security software firm McAfee earlier this year, and IBM already offers a muscular set of security products and services. It will quickly run into competitors, for sure.

If nothing else, following as it does in the wake of HP’s plans to divest itself of PCs and its mobile device business, a robust security offering is something that enterprise customers are going to expect. If there’s really going to be a new enterprise-centric HP, expect to see more moves like this. Whether or not they’ll work is another matter.

“The number of these networked devices has skyrocketed in the past two years,” said Don Bailey, of cyber-security firm iSec Partners, who has been studying the vulnerability problem along with colleague Mathew Solnik. “They aren’t just in automotive systems but in security systems, industrial control systems, medical devices.”

At a conference in August the two iSec researchers demonstrated how they could unlock and start a car by sending certain text messages to the car’s alarm system. The researchers said the real problem isn’t the possibility that hackers will start stealing cars. The ramifications are much broader. The same basic approach could be used by hackers to disrupt businesses or vital services.

Read the rest of this post on the original site »

The U.K. Parliament’s Culture, Media and Sport Select Committee released written statements from Mr. Murdoch, several former top executives and a law firm that was retained by the media company as it dealt with fallout from the scandal over allegations that the now-closed News of the World illegally intercepted voice-mail messages and bribed police to obtain information.

Read the rest of this post on the original site »

And these aren’t the kind of cyber attacks carried out by bumbling troublemakers like the LulzSec gang, which make headlines but really only cause a nuisance for companies like Sony. In these cases, networks were compromised by remote access tools — or RATs, as they’re known in the industry. These tools — and they are tools, because they have legitimate uses for system administrators — give someone the ability to access a computer from across the country or around the world. In this case, however, they were secretly placed on the target systems, hidden from the eyes of day-to-day users and administrators, and were used to rifle through confidential files for useful information. It’s not for nothing that McAfee is calling this Operation Shady RAT.

McAfee says the attacker was a “state actor,” though it declined to name it. I’ll give you three guesses who the leading candidate is, though you’ll probably need only one: China.

Dmitri Alperovitch, McAfee’s Vice President, Threat Research, makes a statement in his blog entry on the discovery that should give everyone minding a corporate or government network pause: “I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact.” He further divides the worldwide corporate landscape into two camps: Those who have been compromised and know it, and those who simply don’t know it yet.

This has been a particularly nasty year on the cyber security front. (I hate to say it, but I told you so.) Prior to this, the big attack whose full impact has not yet been fully sized up was the one against the RSA SecureID system, which uses popular keychain devices that create a constantly changing series of numbers that in turn create a second password for access to system resources. They’re widely used in government and military circles and among defense contractors. Google has been a regular target in recent years.

The RSA attack and Operation Shady RAT are examples, Alperovitch says, of an “Advanced Persistent Threat.” The phrase has come to be a buzzword that, loosely translated into English, means the worst kind of cyber attack you can imagine. Unlike the denial-of-service attacks and network intrusions carried out by LulzSec and its ilk, which require only minimal skill and marginal understanding of how networks and servers work, an APT is carried out by someone of very high skill who picks his targets carefully and sneaks inside them in a way that is difficult to detect, which allows access to the target system on an ongoing basis that may persist for years.

How did these attacks happen? Its very simple: Someone at the target organization received an email that looked legitimate, but which contained an attachment that wasn’t. This is called “spear phishing,” and it has become the weapon of choice for sophisticated cyber attackers. The attachments are not what they appear to be — Word documents or spreadsheets or other routine things — and contain programs that piggyback on the targeted user’s level of access to the network. These programs then download malware which gives the attackers further access. This all happens in an automated way, but soon after, live attackers log in to the system to dig through what they can find, copy what they can, and make a getaway — though they often leave the doors unlocked so they can come back for repeat visits.

Alperovitch notes — correctly, to my mind — that the phrase has been picked up and overused by the marketing departments of numerous security companies. His larger point is that too often those attacked in this way refuse to come forward and disclose what they’ve learned, thereby allowing the danger to continue for everyone else.

Alperovitch says that the data taken in Operation Shady RAT adds up to several petabytes worth of information. It’s not clear how it has been used. But, as he says, “If even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook), the loss represents a massive economic threat not just to individual companies and industries but to entire countries that face the prospect of decreased economic growth.” It’s also bad for a target’s national security, because defense contractors dealing in sensitive military matters are often the targets. The best thing that can happen is that victims start talking about their attacks and sharing information with each other so that everyone can be ready for the next one, which is surely coming.

The photo, which appeared on the U.K.-based tech site shinyshiny.tv, is of Jake Davis, an 18-year-old resident of Britain’s Shetland Islands, specifically the island of Yell. The original photo appeared in the Instagram account of a user known as timbr. Update: Timbr turns out to be Tim Bradshaw of the Financial Times.

After reports surfaced suggesting that police may have been tricked into arresting the wrong person, police say they’re certain they have their man.

Davis appeared in a City of Westminster court this morning and was granted bail; he is next scheduled to appear in court on Aug. 30. He faces five charges related to distributed denial-of-service attacks against several sites, including, notably, the U.K.’s Serious Organized Crimes Agency in June.

Using the online handle “Topiary,” Davis had functioned as the group’s spokesman and gave interviews to the media about its activities. The group attracted a great deal of media attention for its numerous attacks against, among others, Sony, PBS, Nintendo, Britain’s National Health Service, the U.S. Senate, the U.S. Central Intelligence Agency, private affiliates of the FBI, and the Arizona Department of Public Safety.

The arrest in the U.K. followed a string of arrests in the United States, in which 16 people have been accused of being involved with the distributed denial-of-service attack against PayPal, the payment unit of eBay. LulzSec had in recent days been organizing a protest against PayPal, encouraging people to kill their accounts with the service.

LulzSec’s Twitter account has been quiet since July 27, the day the arrest was announced. And the Twitter account belonging to Topiary has been wiped of all messages, save for one saying “You cannot arrest an idea.” The Twitter account belonging to AnonymousIRC, the group under whose banner LulzSec briefly operated, included a message of support.

http://bit.ly/obmiaW | Stay strong, @atopiary. We will continue this, as your last tweet is truth. We, the people, silent no more. #AntiSec

August 1, 2011 3:56 am via TweetDeckReplyRetweetFavorite

@AnonymousIRC

AnonymousIRC

The issuance of such subpoenas, which would broadly seek relevant information from the company, requires approval by senior Justice Department leadership, which hasn’t yet happened, the person said.

The issuance of subpoenas would represent an escalation of scrutiny on the New York-based media company. While the company has sought to isolate the legal problems in the U.K., it has been bracing for increased scrutiny from both the Justice Department and the Securities and Exchange Commission, according to people familiar with the company’s strategy.

Read the rest of this post on the original site »

The hacking group Anonymous claimed via its Twitter feed to have breached servers belonging to NATO, the North Atlantic Treaty Organization military alliance that has largely been responsible for the military defense of Europe since the end of World War II.

So far, three PDF copies of documents the group claimed to have taken in the attack were circulating on a sharing site devoted to PDF documents. Two were marked “NATO Restricted” and appear to have been removed from the PDFCast site.

I haven’t seen the first two, but the Telegraph described one as a working paper on communications systems used by NATO forces in Afghanistan, and was said to include technical and procurement information. A second concerned a plan to outsource communications for NATO forces stationed in Kosovo. If it sounds exciting, then I have some news for you: It’s not.

“Restricted” may sound important. As the Register points out, in the taxonomy of document labels, “Restricted” is for documents of relatively low importance. Anonymous is crowing like it has just broken into a trove of NATO’s deepest secrets. It appears instead they’ve taken some documents relating to relatively mundane workaday operations.

Higher up the scale are documents that get stamped “Confidential,” then “Secret” and then “Top Secret.”

A third document which just emerged via the @AnonymousIRC Twitter feed is a 59-page document concerning NATO security procedures. It is marked “NATO Unclassified” which is actually even lower on the totem pole than “Restricted.” The only restriction is that they’re subject to NATO copyright and can only be released with NATO permission. Not that NATO is going to care very much. This very document has been floating around since 2006.

We are sitting on about one Gigabyte of data from NATO now, most of which we cannot publish as it would be irresponsible. But Oh NATO….

July 21, 2011 3:57 am via Power TwitterReplyRetweetFavorite

@AnonymousIRC

AnonymousIRC

Hi NATO. Yes we haz more of your delicious data. You wonder where from? No hints, your turn. You call it war; we laugh at your battleships.

July 21, 2011 6:23 am via Power TwitterReplyRetweetFavorite

@AnonymousIRC

AnonymousIRC

This one isn’t restricted but ironic: http://t.co/A86jUGX | It describes security procedures within NATO. Well, seems nobody ever read them.

July 21, 2011 7:29 am via Power TwitterReplyRetweetFavorite

@AnonymousIRC

AnonymousIRC

NATO issued a statement saying that it is aware of the claim of the breach and is investigating. And it certainly will, but it’s not as if significant alarm bells are likely to be ringing at NATO Headquarters over this, at least not from the documents seen so far, though the group claims to be holding back on releasing some documents it says “most of which we cannot publish as it would be irresponsible.” It promises more releases in the coming days.

Meanwhile, if that weren’t enough, Anonymous and its ally LulzSec jointly taunted the FBI today. Responding to a quote given to National Public Radio in the story below, the groups issued a joint statement saying, “Your threats to arrest us are meaningless.” The statement appears below the radio story.

For those not keeping score, LulzSec is the group that claimed credit for attacking Sony umpteen times, then went on to attack other game companies and the U.S. Senate, then stole emails and other documents from servers belonging to the Arizona State Police. It also stole internal documents from AT&T.

LulzSec in recent weeks claimed it had been absorbed by the larger group Anonymous, but the lines appear to be blurring again, as it is at times active under its own banner. Two people connected to LulzSec’s activities were among 16 arrested in a nationwide FBI operation earlier this week. Fourteen others were arrested in connection with a denial of service attack against PayPal in sympathy with WikiLeaks.

The new statement is in reaction to a statement by an FBI assistant director saying the bureau wants to “send a message” about computer crime. The hacker group’s reaction essentially dares law enforcement to take further action. Something tells me they may get their wish.

This morning, News Corp. CEO and majordomo Rupert Murdoch, his son James (who is also a top company exec) — as well as former employee and full-time lightning rod Rebekah Brooks — march on down to the British Parliament to answer questions from a committee there about the ever-growing PhoneGate scandal.

For those living under a rock, News Corp. is embroiled in ever more serious controversy about who knew what and when (also where, why and how much) in the hacking of phones of a myriad of well-known people in the U.K. by its News of the World tabloid newspaper.

Besides celebrities and politicians, that has included the voicemails of a murdered girl, an appalling act that has galvanized public opinion and the weak spines of legislators into action in this inquiry.

It’s sordid, it’s ugly and it makes for what could be an explosive event, starring the man who brought you “Titanic,” Glenn Beck, “Glee” and, most recently, the sale of Myspace.

There’s no question, getting the 80-year-old Murdoch on the ropes will be the aim of the committee members holding the hearing, and how one of the world’s most famous and legendary media moguls performs — or does not — will be a big deal to both interested observers and News Corp. shareholders.

By way of full disclosure, that’s not me, but this site is owned by Dow Jones, which is owned by News Corp. In other words, somewhere up the corporate food chain, Murdoch is my boss.

In any case, that has never stopped me or AllThingsD.com from telling it like it is, so here is the liveblog of what is sure to be a doozy of a media event:

6:36 am PT:: It all starts for the Murdochs, as soon as the former Scotland Yard head John Yates has completed questioning about the police’s obvious bungling of the various investigations over the years.

Rupert Murdoch and his son, James Murdoch, are on, looking grave and dressed in grey.

Sitting behind them are Rupert Murdoch’s wife, Wendi Deng, and his top adviser at News Corp., Joel Klein, who is heading up the phone hacking scandal internally at the company.

The hearing — in a room that looks like a high school debate could take place there — starts off politely enough.

But the first question is directed toward James Murdoch about his clearly incomplete investigation when phone hacking allegations were first made many years ago. He begins with an apology.

“These actions do not live up to the standards of News Corp.,” says the younger Murdoch.

He is interrupted by his father, Rupert Murdoch, who notes rather dramatically: “This is the most humble day of my life.”

The questioner quickly asks the obvious query, after James Murdoch claims News Corp. was not in full possession of the facts when execs had told a previous committee there was no reason to believe there was more widespread hacking.

Were News Corp. execs lying?

James Murdoch continues to insist that the bulk of evidence came out — “real evidence” — in later civil trials. And also, that News Corp. is now investigating the situation fully.

He throws around words like “proactive action” and “transparency,” which is probably cold comfort now to those hacked when things were less clear to News Corp.’s senior management.

Now up, Rupert Murdoch, who is asked quickly about statements he made about not tolerating wrongdoing and who had lied to him at News Corp. about the phone hacking.

Apparently, he “didn’t know” a lot about the hacking that took place, while also defending the non-hacking employees of his company.

But the questioner is still on him about exactly what he did know about the situation, which seems to be — at least according to his testimony — a lot of I-don’t-knows.

6:53 am: It continues about what Rupert Murdoch knew and when he knew it and what he did. Or not.

As Rupert Murdoch keeps up with this tone of not being clued in to what have turned out to be critical events, James Murdoch wants to keep jumping in with the details, which he is eager to impart.

“At what point did you find out criminality was endemic at News of the World?” asks the questioner.

Rupert Murdoch does not like the word endemic, but stresses that he was “shocked, appalled and ashamed” by the case of the murdered girl, Milly Dowler.

The questioner seems frustrated by Rupert Murdoch’s answers, which are, for the typically razor-sharp media mogul, unusually slow.

Like a persistent terrier who wants to perform, James Murdoch is back again offering to serve up the deets.

7:04 am: Now, it is onto the closing down of News of the World: Was the tabloid shut down because of the criminality?

“We had broken our trust with our readers,” says Rupert Murdoch. “We felt ashamed for what had happened.”

A new questioner is on, with a bizarre query about why Rupert Murdoch came in the back door of the Prime Minister’s house at 10 Downing Street on a recent visit there.

It’s a cloddish effort to show him as a powerful puppetmaster to pols, but only serves as a punch line.

Back on track, with questions about whether there was hacking in the U.S., which Rupert Murdoch said he could not believe had happened.

More questions about how badly the company acted, which came down to the questions about whether he was “ultimately” responsible for the hacking.

“Nope,” says Rupert Murdoch, who keeps insisting he relied on others, some of whom apparently “misled” him.

It’s an astonishing admission and, really, excuse, given he has been chairman, CEO and a very strong leader of News Corp. for more than a half-century.

7:16 am: A new questioner, who asks who decided to close down News of the World. It was Murdoch himself, his son and other execs.

Next up, why did News Corp. pay off a victim of hacking, which James Murdoch did without informing his father or the News Corp. board.

James Murdoch essentially points out that it is typical to do this in companies of the global scale of News Corp.

These are apparently very busy, busy, busy people, who do not seem to have time to notice how such juicy and best-selling scoops might have been magically produced by News of the World.

Onto ethical conduct guidelines, which News Corp. has in a pamphlet form, says James Murdoch, but pages which some at the company have obviously never cracked.

Rupert Murdoch is asked again about his culpability in the case, which he continues to maintain he does not shoulder the blame.

James Murdoch does note that the company “will think more forcefully … about our journalism and ethics.”

Given the situation, in which every day brings a new revelation of bad acts by News Corp. employees, this promise of better behavior seems to be a case of much too little and very, very late.

Rupert Murdoch still uses the opportunity to stress the need for a free press, despite its excesses.

7:31 am: More about the payments to settle with phone hacking victims and how soon the company realized the problems were more widespread.

James Murdoch talks about how he might have acted differently had he known more then as he does now.

“If we knew now what we knew then,” says James Murdoch, “we would have taken more action and moved more aggressively.”

But what else is he going to say? It’s a could-have, would-have, should-have line of questioning that is eliciting very little in the way of true information.

Finally, a good point about “willful blindness,” which is a term from the Enron scandal about avoiding knowing about problems you really should have known about.

“Is that a question?,” asks James Murdoch. It is a statement, actually, and a decent enough one.

“We didn’t do that,” says Rupert Murdoch firmly this time.

Still, soon enough, Rupert Murdoch is insisting he was not as involved as people have imagined him to be with the management of his newspapers.

A new questioner is pressing this important point, but Rupert Murdoch is not biting on a query about his legendarily hands-on managing style.

“I’d say, ‘What’s doing?’” he explains about his conversations with editors, but adding he might not have been told about payoffs to phone hacking victims.

The questions are in the deep weeds here, but it’s still interesting that Rupert Murdoch continues to maintain that his life was too busy to wallow in the details, however controversial and important those details might be.

7:55 am: More and more don’t-knows pile up and up in a giant mountain of acts perpetrated by someone somewhere, but not the Murdochs.

“I can tell you I was surprised as you were,” says James Murdoch about certain payments to various hackers and those who were hacked.

Was it Les Hinton, who then ran News International and later Dow Jones, from which he recently resigned?

Could be! Maybe! Mistake were made! Who knows!

Well, someone does!

It moves onto Brooks, the tarnished News International exec and editor whom Rupert Murdoch does note he still trusts. Finally, some certainty!

Brooks is definitely one of the more compelling characters in this drama, although the media focus on her striking red hair color seems odd and vaguely sexist, as if she is some flame-haired she-devil from media hell. She might certainly be guilty in this mess, but her fabulous hair has nothing to do with it.

(Rupert’s mane is grey, by the way, and James’ is brown, if you really need to know.)

Fascinatingly, Murdoch’s backing of Brooks has been strong and consistent, despite intense criticism of her by many in this scandal.

The payment of legal fees of perpetrators and payments to the victims in the hacking seems to obsess one questioner, who wants News Corp. to stop doing it.

Murdoch says he’d like to if contracts did not preclude that, which essentially means News Corp. will keep up forking over the legal fees and payments.

8:12 am: The attention turns to how James Murdoch found out about the various emails that showed there was more evidence of hacking than was first thought about and what he felt about it.

He says very little, noting that the matter is under police investigation. It’s not don’t-know now, but can’t-say.

The hearing is beginning to feel a little rope-a-dope, with the Murdochs apologizing and taking blows, saying very little — either claiming lack of knowledge or lack of ability to comment about the ongoing police inquiry — and tiring out the questioners.

It is a classic tactic of the boxing champion Muhammad Ali and it works in the ring.

Whether that will be the case with PhoneGate remains to be seen, but it certainly has made what could have been a more explosive hearing much less so.

Instead, it seems to have turned into a what didn’t the Murdochs know and when didn’t they know it hearing.

On questioner gets this irony. “That’s frankly unsatisfactory,” he says about the Murdochs continuing shock and surprise at the thorny situation they find themselves in.

Maybe it seems a little hard to believe, but the persistent story from James Murdoch is that they were told by their lawyers, the police and others that nothing was awry once the initial phone hacking investigation was complete and only found out about the larger problem in later civil lawsuits.

But, asks the questioner to Rupert Murdoch, should his editors and managers at News of the World have known about it?

Of course, they should have.

But, once again, the legendary media baron, who made his fortune and fame in disseminating news and information across the world in newspapers, on television, on satellite and on the Web — at least for now — can’t say.

So, was he “kept in the dark” about the situation? Rupert Murdoch acknowledges he might have asked more questions, although he noted his British newspapers were only a small part of his massive empire.

But, he adds, “Anything that is seen as a crisis comes to me.”

Well, not the phone hacking crisis, it seems.

But, they’re sorry. So sorry. And, of course, humbled.

8:54 am: Suddenly, there is a disturbance, in which someone seems to have possibly attempted to accost the Murdochs.

But it is not clear what has happened, as the hearings are suspended for 10 minutes.

James Murdoch leaps up quickly to protect his father, which he has been doing in this hearing verbally already, where the strategy seems to be to let him largely do all the talking.

Even faster on her feet and with arms raised toward a man in a plaid shirt and carrying a pie plate with shaving cream is Rupert Murdoch’s wife, Wendi.

The man seems to have managed to get some of the foam on Rupert Murdoch, but Wendi Deng appears to have partially thwarted her husband from receiving a full pie in the face.

It’s the first striking visual of this hearing, protecting the patriarch and the king of the empire from harm, no matter what.

Here is a video of the incident:

According to Britain’s Channel 4: “As the man was being led away in handcuffs escorted by a single police officer, he refused to give his name, saying: ‘As Mr Murdoch himself said, I’m afraid I cannot comment on an ongoing police investigation.’”

9:09 am: The room is cleared, so it is only the Murdoch crew behind James and Rupert Murdoch, and now the committee is even more solicitous.

Rupert Murdoch is without his jacket and his wife is being commended for her most excellent left hook.

Still, it’s back to business and the questioner does zero in on a major disconnect over how two media execs as famously aggressive and involved as the Murdochs were so passive in this hacking situation.

It “was a terrible shock,” says James Murdoch.

The same is said about what would be even more disturbing and recent allegations of the hacking of the victims of the 9/11 bombings.

Both father and son say there is no evidence of this so far, but they were surely looking into it.

While it certainly did not come through in what have largely been feckless questions from the committee, the final questioner does correctly ask the pair if they might want to pay more attention.

The last question is for Rupert Murdoch and finally gets to the real query everyone wants to ask.

Noting Murdoch is “captain of the ship,” she asks if he has considered resigning.

“No,” answers Murdoch firmly.

“Why not?” she presses.

“People let me down and it’s for them to pay,” says Rupert Murdoch. “But I think, frankly, I am the best person do clean this up.”

He finishes up with a statement about being sorry, how he was also betrayed and how phone hacking and bribery is wrong.

“Saying sorry is not enough, things must be put right,” he says.

Finally, something we do know.

Back in 2006, one of the most dramatic moments of the “pretexting” scandal at Hewlett-Packard was when a very high-profile board member — legendary Silicon Valley venture capitalist Tom Perkins — quit in indignation over the company’s efforts to obtain the phone records of reporters.

“I resigned solely to protest the questionable ethics and the dubious legality of the chairman’s methods,” he said at the time about HP’s sneaky indiscretions, which included spying on a journalist from The Wall Street Journal.

But yesterday, in an interview with the New York Times, Perkins sounded a very different tone as a current independent board member of News Corp., which owns the Journal (and this site too) and, more importantly, is knee-deep in its own phone-hacking disaster.

Noting that the directors are “fully supportive of the top management,” Perkins added: “There’s no reason to believe top management was lying. That’s my very strong belief.”

Ironic? You bet, but apparently not to Perkins.

“This is not like the HP situation,” he told the Times. “The board supports top management.”

The investigation was opened Thursday morning, following a request a day earlier by Rep. Peter King (R., N.Y.) who heads the House Homeland Security Committee and whose Long Island district was home to many victims of the 2001 terrorist attacks.

The investigation will try to determine whether employees of News Corp. illegally accessed the private calls, voice-mail messages, or call records of 9/11 victims or their families, these people say. It will also look into whether any News Corp. employees bribed or sought to bribe police officials to gain access to such records.

Read the rest of this post on the original site »

The Murdochs initially declined to attend next Tuesday’s hearing, held by the Culture, Media and Sport Committee. On Thursday morning, James Murdoch, deputy chief operating officer of News Corp., had told the committee he was unavailable on the scheduled date, offering alternative dates in August. His father, Rupert, also had said he was unavailable, but that he would be prepared to give evidence in a coming public judge-led inquiry and after that he would be prepared to discuss how best to give evidence to the parliamentary committee.

Read the rest of this post on the original site »

The company said this Sunday’s edition of News of the World will be the last for the 168-year-old paper.

James Murdoch, News Corp.’s deputy chief operating officer, said in a statement that the newspaper’s reputation has been “sullied by behavior that was wrong.”

Read the rest of this post on the original site »

News Corp. has been under pressure for several years amid investigations into the use of a private detective by its News of the World tabloid to break into the mobile-phone voice mail of celebrities and political leaders.

Public rebuke of the company reached a new level this week with the allegation that, in 2002, the paper used the same tactic to access the voice mail of an abducted 13-year-old girl who, it turned out, had been murdered.

Read the rest of this post on the original site »