The good guys strike again. I have said before that technology functionality typically outpaces the ability to secure it. Good guys are constantly trying to think like the bad guys to expose weaknesses that put you at risk.
Also, the term "hacker" has been hijacked and is associated with bad guys. A hacker is someone who knows how to break into a system to override it. This skill can be used for good, or for evil. It's at the hands of the person's moral compass.
Two cybersecurity good-guy hackers worked on cell phone vulnerabilities for roughly a year designing ways to think like bad guys to see if they could steal text messages. They recently accomplished this feat and showed how they could steal text messages from any phone within 20 seconds. Wow!
The demonstration:
1. The hacker sends a ghost text message to a target phone which does NOT show up on the phone
2. By sending the message to the target phone, they are able to obtain the unique id number on the phone
3. Once they grab the id number, the recorded phone conversations and texts from that phone
4. The demonstration took place on the GSM Network which houses roughly 80% of all phones globally. (GSM - Global System for Mobile)
So, is this affordable or scalable? What was the cost of the technology? You'll be surprised:
Roughly 36 British Sterling for the 4 Motorola phones ($56.09 US) and some sweat equity in programming.
The good-guy hackers did this as a wake up call to the mobile security industry. It should also be a wake up call to consumers, businesses, and government agencies.
Great quote from one of the researchers pulled from the Security News Daily:
“This is all a 20-year-old infrastructure, with lots of private data and not a lot of security,” Karsten Nohl.
Sources:
"Cybersecurity Experts Create Program That Steals Text Messages", Matt Liebowtiz, Security News Daily, January 4, 2011.
"GSM Phones Vulnerable to Hacking, Claim Researchers", John Plunkett, The Guardian, December 31, 2010.
Online safety. Online security. Protecting Yourself Online. Protecting Kids Online. Keeping the U.S. Safe from Cybercreeps. Cybercrime. Protecting Against Fraud.
Showing posts with label hacker. Show all posts
Showing posts with label hacker. Show all posts
Wednesday, January 5, 2011
Wednesday, December 8, 2010
Lady Gaga, Justin Timberlake, Ke$ha and Kelly Clarkson - hackers steal their songs
Two young German man, 18 and 23, have been accused of hacking computers to steal songs from superstars Gaga, Timberlake, Ke$sha, and Clarkson.
How did they do it? Well for starters, both men live at home with their parents. They allegedly installed a Trojan Horse into MP3 files and sent them to each of the stars' official offices. Once their file was opened on the computers on the stars' networks, it allowed them to steal the songs and sell them.
The investigation is ongoing.
Sources:
German hackers allegedly steal pop music, Mary Lane, Associated Press, December 3, 2010.
How did they do it? Well for starters, both men live at home with their parents. They allegedly installed a Trojan Horse into MP3 files and sent them to each of the stars' official offices. Once their file was opened on the computers on the stars' networks, it allowed them to steal the songs and sell them.
The investigation is ongoing.
Sources:
German hackers allegedly steal pop music, Mary Lane, Associated Press, December 3, 2010.
Friday, November 19, 2010
The Federal Reserve Bank hacked - Secret Service Foils the Plot
Quote of note:
U.S. Attorney Loretta Lynch said this case is an example of how "cybercriminals continue to use their sophistication and skill as hackers to attack our financial and national security sectors."
A cybercriminal managed to hack his way into the Federal Reserve bank's computers and had also stolen 400,000+ credit card numbers. Luckily for all involved the U.S. Secret Service nabbed the person believed responsible. The man was arrested at JFK Airport, his name is Lin Mun Poo and he is from Malaysia.
The man was traveling to New York to meet with other cybercriminals. He planned to sell the information he gained hacking the Federal Reserve and potentially the credit card numbers he had stolen. His next plan? He mentioned he was going to hit the ATM machines using the stolen credit card numbers.
During questioning they learned he also compromised the computers at a defense contractor.
The final tally of how bad his compromise of the Federal Reserve may not be known for a while but Federal Reserve officials said he was not able to steal money or data.
Sources:
"Hacker Breaks into Federal Reserve: Feds", Jonathan Dienst, NBC New York, November 18, 2010.
U.S. Attorney Loretta Lynch said this case is an example of how "cybercriminals continue to use their sophistication and skill as hackers to attack our financial and national security sectors."
A cybercriminal managed to hack his way into the Federal Reserve bank's computers and had also stolen 400,000+ credit card numbers. Luckily for all involved the U.S. Secret Service nabbed the person believed responsible. The man was arrested at JFK Airport, his name is Lin Mun Poo and he is from Malaysia.
The man was traveling to New York to meet with other cybercriminals. He planned to sell the information he gained hacking the Federal Reserve and potentially the credit card numbers he had stolen. His next plan? He mentioned he was going to hit the ATM machines using the stolen credit card numbers.
During questioning they learned he also compromised the computers at a defense contractor.
The final tally of how bad his compromise of the Federal Reserve may not be known for a while but Federal Reserve officials said he was not able to steal money or data.
Sources:
"Hacker Breaks into Federal Reserve: Feds", Jonathan Dienst, NBC New York, November 18, 2010.
Subscribe to:
Posts (Atom)