Hackers Stole IDs for Attacks using FaceBook and Twitter

Are Your Credit or Debit Cards Safe?

Are Your Credit or Debit Cards Safe?

WASHINGTON — Russian hackers hijacked American identities and U.S. software tools and used them in an attack on Georgian government Web sites during the war between Russia and Georgia last year, according to new research to be released Monday by a nonprofit U.S. group.

In addition to refashioning common Microsoft Corp. software into a cyber-weapon, hackers collaborated on popular U.S.-based social-networking sites, including Twitter and Facebook Inc., to coordinate attacks on Georgian sites, the U.S. Cyber Consequences Unit found. While the cyberattacks on Georgia were examined shortly after the events last year, these U.S. connections weren’t previously known. * Everyone needs to be careful of what they post on Twitter and Facebook. I’ve notice some people use their real names, tell where they live {not just the area but the address}. Some even tell when they go out of town……..I know…it’s just your friends you trust you are telling………..but it’s not just your friends……..it’s your friends and their friends.

The research shows how cyber-warfare has outpaced military and international agreements, which don’t take into account the possibility of American resources and civilian technology being turned into weapons.

Identity theft, social networking, and modifying commercial software are all common means of attack, but combining them elevates the attack method to a new level, said Amit Yoran, a former cybersecurity chief at the Department of Homeland Security. “Each one of these things by itself is not all that new, but this combines them in ways we just haven’t seen before,” said Mr. Yoran, now CEO of computer-security company NetWitness Corp.

The five-day Russian-Georgian conflict in August 2008 left hundreds of people dead, crushed Georgia’s army, and left two parts of its territory on the border with Russia — Abkhazia and South Ossetia — under Russian occupation.

The cyberattacks in August 2008 significantly disrupted Georgia’s communications capabilities, disabling 20 Web sites for more than a week. Among the sites taken down last year were those of the Georgian president and defense minister, as well as the National Bank of Georgia and major news outlets. * If this happened here what would your family do? Do you have a meeting place in case you can’t go home? Do you keep money on hand in case your bank is taken down? Do you have enough supplies on hand in case you can’t go to the store for a week or more?

Taking out communications systems at the onset of an attack is standard military practice, said John Bumgarner, chief technical officer at the USCCU and a former cyber-sleuth at the National Security Agency and the Central Intelligence Agency.

The USCCU assesses the economic and national-security implications of cybersecurity threats and briefs top U.S. officials, officials in key industries and international institutions.

“U.S. corporations and U.S. citizens need to understand that they can become pawns in a global cyberwar,” said Mr. Bumgarner, who wrote the report.

The White House completed a review of cybersecurity policy in April. Among the issues Obama administration officials are now studying is how laws of war and international obligations need to be reworked to account for cyberattacks.

Homeland Security department spokeswoman Amy Kudwa said she couldn’t comment on a report that she hadn’t seen and hadn’t been released yet.

Last year was the first time such cyberattacks were known to have coincided with a military campaign.

The Georgian attacks, according to the group’s findings, were perpetrated by Russian criminal groups and had no clear link to the Russian government. However, the timing of the attacks, just hours after the Russian military incursion began, suggests the Russian government may have at least indirectly coordinated with the cyberattackers, Mr. Bumgarner’s report concluded.

“Russian officials and the Russian military had nothing to do with the cyberattacks on the Georgian Web sites last year,” said Yevgeniy Khorishko, a spokesman at the Russian Embassy in Washington.

The USCCU plans to release a nine-page report on the attacks to the public on Monday.

Mr. Bumgarner traced the attacks back to 10 Web sites registered in Russia and Turkey. Nine of the sites were registered using identification and credit-card information stolen from Americans; one site was registered with information stolen from a person in France.

The 10 sites were used to coordinate the “botnet” attacks, which harnessed the power of thousands of computers around the world to disable the Georgian government sites as well as those of large Georgian banks and media outlets. The botnet attack commandeered thousands of other computers and instructed them to try to access the target Web sites all at once, overwhelming them.

The Russian and Turkish computer servers used in the attacks had been previously used by cybercriminal organizations, according to the USCCU.

Early reports last year pinned the attacks on the cyber equivalent of the Russian mafia, known as the “Russian Business Network.” Mr. Bumgarner said it wasn’t possible to connect the attacks directly to that group. Security experts disagree on whether the group still exists.

Some of the software used to carry out the attacks was a modified version of Microsoft code commonly used by network administrators to test their computer systems, Mr. Bumgarner found. The code remains freely available on Microsoft’s Web site, he said, declining to name it.

A Microsoft spokesman declined to comment on the finding because he hadn’t seen the report.

Once the botnet attacks had launched, Mr. Bumgarner said, other would-be attackers noticed them and started to collaborate on various Web forums, including Twitter and Facebook.

Mr. Bumgarner used data-mining tools to review Facebook pages (which some people don’t keep private) and Twitter for certain Russian words that indicated they were likely involved in the attack. He saw users on those sites and others swapping attack code and target lists, and encouraging others to join. * PLEASE keep your information PRIVATE

“It’s a difficult problem to handle,” said Facebook spokesman Barry Schnitt, because it is impossible to detect such collaboration without monitoring conversations. Facebook has mechanisms to verify user identities and users can report inappropriate activities on the site, he said, but it doesn’t monitor communications of its users.

Twitter didn’t respond to requests to comment.

Posted on The Wall Street Journal

* Remarks in RED are my thoughts

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Advertisements

The URI to TrackBack this entry is: https://independenteyesonamerica.wordpress.com/2009/08/18/hackers-stole-ids-for-attacks/trackback/

RSS feed for comments on this post.

6 CommentsLeave a comment

  1. […] dari sini, bahwa beberapa hacker Rusia mencuri identitas milik warga Amerika Serikat dan menggunakannya untuk […]

  2. […] dari sini, bahwa beberapa hacker Rusia mencuri identitas milik warga Amerika Serikat dan menggunakannya untuk […]

  3. Everyone needs to be careful of what they post on Twitter and Facebook. I’ve notice some people use their real names, tell where they live

    LOL, Isn’t it a violation of Facebook’s Terms of Service NOT to use your REAL name?

    Talk about social media fail number 1.

    Social media fail number 2 – the default settings on ALL personal information SHOULD be OFF or not to share. Yet every social media site out there if you can turn it off (some of them YOU CAN NOT) you have to go out of your way to do so.

    Linkedin expects you to use real information also, can you say Identity theft.

    • Yes I Know you are to use your real name to sign up for Facebook and Twitter to use them per the terms………BUT……you can come up with a Screen name. Notice I show up a independent eye on America That isn’t my real name nor does my real name show up on FaceBook. Just be careful and don’t tell people you are going out of town.

  4. […] independent eyes on america wrote an interesting post today onHackers Stole IDs for Attacks using <b>FaceBook</b> and <b>Twitter</b> <b>…</b>Here’s a quick excerpt […]

  5. […] independent eyes on america wrote an interesting post today onHackers Stole IDs for Attacks using <b>FaceBook</b> and Twitter <b>…</b>Here’s a quick excerpt […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: