Entries in Hackers (11)


Federal Worker Savings Plan Computers Hit in Cyber-Attack

iStockphoto/Thinkstock(WASHINGTON) -- Last month the FBI notified the Thrift Savings Plan, the contribution retirement savings plan for Federal employees, that a contractor’s computer systems had been breached in a complex cyber-attack with 123,000 Social Security numbers being compromised.

According to the Federal Retirement Thrift Investment Board (FRTIB) the FBI discovered the breach last month but it was not disclosed until Friday. The hacking was targeted against computers of Serco Inc., the company that runs the computer systems for the TSP.  Initial information indicates that the hacking incident took place in July 2011.

While the company and the FBI don’t believe any funds were compromised, the intrusion resulted in the theft of the 123,000 social security numbers. Among that group, approximately 43,587 individuals had their name, address and Social Security number compromised.

According to the FRTIB, a separate group of 79,614 people had their Social Security numbers and some Thrift Savings Plan information taken.

“In April of 2012, the Federal Bureau of Investigation (FBI) informed the FRTIB and Serco that in July of last year, a computer belonging to Serco, a third party service provider used in support of the TSP, was subjected to an unauthorized access incident. This incident resulted in the unauthorized access to the personal information of 123,201 TSP participants and payees. When the TSP learned of the cyber attack, we took immediate steps to investigate and notify our participants and other affected individuals,” the Thrift Savings Plan noted in a news release posted on their website.

The FBI’s Cyber Division and The Bureau’s Washington Field Office are investigating the breach. The FBI has provided extensive forensic information to Serco and the FRTIB to determine which accounts had been impacted.

“Serco regrets this incident and the inconvenience it may cause to some Thrift Savings Plan participants and payees whose personal data was involved.  We have fortified our information security measures and cyber defenses. We are committed to supporting the FRTIB in its mission of providing world-class retirement management solutions for current and former federal employees, members of the uniformed services, and their families,” said Ed Casey, Chairman and CEO of Serco Inc.

“We sincerely, regret that this event occurred and will provide assistance and support to the affected individuals through a call center and credit monitoring,” said Greg Long, executive director of the FRTIB.

The thrift Savings Plan has posted information and a list of frequently-asked questions on their website to help individuals who may have had their information compromised.

Copyright 2012 ABC News Radio


'Hacktivists' Target Justice Department -- Again

iStockphoto/Thinkstock(WASHINGTON) -- The activist group "Anonymous" claims they've hacked into the Justice Department's Bureau of Justice Statistics and have leaked 1.7 gigabytes worth of data.  

Posts on the group's website claim they have obtained Justice Department internal emails.  The Department of Justice said they were looking into that unauthorized access to the bureau's online service, but department believes that all the information was available from the public website and that no internal operational information has been compromised.

“The department is looking into the unauthorized access of a website server operated by the Bureau of Justice Statistics that contained data from their public website. The Bureau of Justice Statistics website has remained operational throughout this time," said a Justice Department spokeswoman.

She added, "The department’s main website,, was not affected. The department is continuing protection and defensive measures to safeguard information and will refer any activity that is determined to be criminal in nature to law enforcement for investigation.”

Anonymous' posted messages, however, claimed they were releasing the hacked information to expose internal Justice Department data and government corruption.
The FBI is launching a full field investigation of the computer intrusion.
Anonymous has previously targeted the DOJ website, hitting it with a denial of service attack earlier this year when the file-sharing website was targeted by the Justice Department for intellectual property violations.

Copyright 2012 ABC News Radio


NATO Summit: Hackers Target Websites, Arrests Made

Aaron Katersky/ABC(CHICAGO) -- A hacking group affiliated with Anonymous took responsibility for temporarily crippling the Chicago Police and NATO websites Sunday, proving authorities now have more than just street protests to worry about on the first day of the military alliance's summit.

Chicago police are working with federal authorities to investigate the attack and the extent of it, the Chicago Tribune reported.

NATO has not confirmed it was the victim of a cyber attack. All three sites now appear to be running as usual.

A lengthy statement from the hacking group, which called itself antis3curityops, was posted on Cyber War News, declaring: "We are in your harbor Chicago, and you will not forget us."

A Twitter user affiliated with Anonymous tweeted "Tango Down" with a link to the Chicago Police Department's website. "Reason: for violation of #humanrights," @Anon_Central wrote.

The attack was orchestrated using DDoS, a method in which numerous systems attack a single target website until it is forced to shut down.

Cole Stryker, author of Epic Win For Anonymous, said Sunday's hacking was likely more embarrassing than harmful to the Chicago Police Department.

"It's an egg on the face type situation," he said. "It's embarrassing when the people who are supposed to keep you safe are so easily victimized by a prankish attack like this, however I don't think it's concerning them."

The internal systems at the city and police department would not have been affected by the attack, Stryker said.

The online disruptions were just the latest incidents in the chaos that has erupted around the two-day NATO summit of world leaders in Chicago.

Three men were arrested on terrorism charges Saturday. They are accused of building Molotov cocktails and planning attacks at President Obama's Chicago campaign headquarters and at the home of Chicago Mayor Rahm Emanuel during the NATO Summit, prosecutors said.

Brian Church, 20, of Ft. Lauderdale, Fla., 24-year-old Vincent Betterly of Oakland Park, Fla., and 24-year-old Jared Chase of Keene, N.H., are charged with conspiracy to commit terrorism, providing support for terrorism and possession of an explosive or incendiary device.

"These men were here to hurt people," Cook County State's Attorney Anita Alvarez said in a news conference.

The defendants are self-proclaimed members of the "Black Bloc" group.

In addition to materials to make Molotov cocktails, police say the defendants had various weapons, including a mortar gun, swords, a hunting bow, throwing stars, knives and brass knuckles.

"This plot does not represent protest behavior, this is criminal behavior," said Chicago Police Superintendent Garry Mccarthy.

The men argue the materials police collected in an overnight raid Wednesday were used to brew beer.

In a different case, two militia men from Wisconsin were arrested after police found shotguns, shells, extended clips, knives and batons inside their vehicle during a traffic stop. Both men were wearing militia uniforms and were riding in a car that flew a militia flag, police said.

Police said they believe the men were in town to protest NATO.

A Chicago man was also charged with conspiring to build a Molotov cocktail and will appear in court today, the Sun-Times reported.

Copyright 2012 ABC News Radio


DHS: Hackers Mounting Organized Cyber Attack on US Gas Pipelines

iStockphoto/Thinkstock(WASHINGTON) -- For the past six months, an unidentified group of hackers has been mounting an ongoing, coordinated cyber attack on the control systems of U.S. gas pipelines, prompting the Department of Homeland Security to issue alerts.

According to U.S. officials, it's unclear if a foreign power is trying to map the gas systems or if hackers are attempting to harm the pipelines. A previous attack on the oil and gas sector seemed to originate in China.

The hackers are using a technique called "spear-phishing," according to the DHS, in hopes of stealing passwords and gaining access to the pipelines' control systems. Spear-phishers send targeted emails to specific individuals that seem to come from friends or associates, and when opened, attachments or links in the emails release malware into the victim's computer.

"Various sources provided information to the Industrial Control Systems Cyber Emergency Response Team," stated the DHS in a recent newsletter, "describing targeted attempts and intrusions into multiple natural gas pipeline sector organizations. Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign with spear-phishing activity dating back to as early as December 2011."

According to the DHS, the spear-phishers, who were first detected in March, have targeted a small, select group of employees at U.S. gas companies.

DHS officials and a spokesman have acknowledged they are working with the FBI to find out who may be behind the intrusions and malicious emails.

"The cyber intrusion involves sophisticated spear-phishing activities targeting personnel within the private companies," DHS spokesman Peter Boogaard said in a statement. "DHS is coordinating with the FBI and appropriate federal agencies, and DHS's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is working with affected organizations to prepare mitigation plans customized to their current network and security configurations to detect, mitigate and prevent such threats."

Boogaard said ICS-CERT has been working with "critical infrastructure owners" in the oil and gas industry since March 2012 to combat the cyber attacks. According to Homeland Security officials, in recent weeks ICS-CERT has held several classified briefings with oil and gas sector companies and organizations to share information about the intrusions.

The oil and gas sector has been targeted before. In February 2011 the computer security firm McAfee discovered a computer intrusion labeled "Night Dragon" that was traced to China. As part of that attack, individuals tried to obtain sensitive data and financial documents from the oil and gas companies about bids and future drilling exploration projects.

The FBI declined to comment on the case when contacted by ABC News.

Copyright 2012 ABC News Radio


BART Police Officers' Personal Info Posted by Hackers

A demonstrator wears a mask during a protest inside the Bay Area Rapid Transit (BART) Civic Center station on August 15, 2011 in San Francisco. (Photo by Justin Sullivan/Getty Images)(SAN FRANCISCO) -- The hacking group Anonymous claims to have struck again, finding and publishing the private information of 102 police officers who work for BART, the Bay Area Rapid Transit system in the San Francisco area.

It was the hacking group's latest attempt to derail the transit system after a BART officer shot and killed a homeless man in early July. BART tried to quell subsequent customer protests by shutting down cellular service for underground San Francisco train stations.

"Leaked personal data, emails and passwords for 102 #BART police officers," said a post Wednesday on Twitter put up by "@YourAnonNews." The post included a link to a website listing home addresses and personal email accounts with their passwords.

BART management did not immediately respond to calls requesting confirmation that its employee database had been hacked.

BART has been mired in controversy since the July 3 shooting of Charles Blair Hill on a train platform. Officers said Hill came at them with a knife, but protesters said they were outraged after his death. Demonstrators stopped trains, organizing their efforts by smartphone and text messages, and said their First Amendment rights were violated when BART cut off cellular signals.

Anonymous, a shadowy and loosely organized group, says it has been an organizer of the protests. It claimed to have crashed a BART marketing website, and encouraged people to come to a downtown rally at BART stations late Monday. BART closed the stations in response, though it did not cut off cellphone transponders.

The Federal Communications Commission said it was investigating BART's right to cut off cellular service. The ACLU of Northern California held off on filing suit against BART but sent an angry letter to the FCC, calling BART the "first known government agency in the United States to block cell service in order to disrupt a political protest."  

Copyright 2011 ABC News Radio


Deadly Game: Hackers Pranking Authorities, Provoking SWAT Team Response

Comstock/Thinkstock(WASHINGTON) -- Swatting is the practice of making prank calls that sound so violent that they provoke a SWAT team response.

Hunter Gelinas, 15, of Naples, Florida, learned all about it firsthand when a SWAT -- or special weapons and tactics -- team stormed his house.  Swatters had hacked his Xbox account and used the console's Internet connection to send a message to authorities.

"They were saying that Hunter had been stabbed and the parents and other people being held hostage at the house," his mother, Dale Ann Gelinas, said.

Hunter recalls: "I come out of my room and they've got their guns pointed at me and stuff...I was like, 'Oh my God, I'm going to die.'"

Swatters are usually young computer hackers working alone or in groups, according to the team of FBI officials who profile them.  They choose their victims carefully -- though, at times, it is completely random.

Swatting has spread throughout the United States and Canada in recent months.

"Once you catch a swatter or a group that is committing these crimes, they are usually responsible for multiple swatting incidents," said Kevin Kolbye, the assistant special agent in charge of the FBI's Dallas office, which headed the first federal swatting case in 2007.

Kolbye has been piecing together what appeared to be isolated swatting cases around the country since 2004.

Swatters aren't motivated by money, he said.

"Some of the motivation for swatting has been revenge against their victims or ego or bragging rights," Kolbye said.  "There has been very little monetary gains in swatting."

The FBI is cracking down on the practice.  One of their biggest arrests was Matthew Weigman, a blind 19-year-old hacker from Massachusetts, who is now serving 11 years in federal prison for swatting.

The FBI's biggest concern is that, one day, the criminal crank calls will turn deadly.

"They [SWAT officers] are responding to a hostage or a possible homicide situation," Kolbye said.  "They are very aware that they are going into a very dangerous situation.  They are in a heightened state, the safety's off and their finger is close to the trigger."

In addition to the possible danger to the victims, there is the financial cost.  The FBI says each swatting incident costs law enforcement an average of $10,000 in resources.

Copyright 2011 ABC News Radio


LulzSec Claims Hack of Arizona Dept of Public Safety Computers

Jupiterimages/Thinkstock(PHOENIX) -- The group of hackers who has taken credit for cyber attacks against the U.S. Senate, CIA, Sony, and Nintendo added a new website to their list Thursday.

LulzSec claims it hacked into the Arizona Department of Public Safety's computers, gaining access to hundreds of emails, intelligence bulletins, and personal information, which the group leaked.

On its website, the group posted that it is "targeting AZDPS specifically because we are against SB1070 and the racial profiling anti-immigrant police state that is Arizona."

Among the documents leaked are nuclear threat briefings, threats against elected officials, and racial profiling reports.  The addresses, phone numbers, and names of public safety family members were also made public.

LulzSec says it plans to release more documents and information on a weekly basis.

Copyright 2011 ABC News Radio


LulzSec Takes Credit for Hacking CIA Public Website

CIA dot gov(WASHINGTON) -- The CIA's public website couldn't be accessed Wednesday, and hackers claimed responsibility.

The group Lulz Security (LulzSec) appeared to take credit for the hack on Twitter Wednesday.

"Tango down - - for the lulz," the group stated in its Twitter feed.

Similar attacks for which the group has taken credit were reported earlier this week on the U.S. Senate's site.  The group claims it is trying to highlight website weaknesses, though the CIA's classified information is reportedly still secure.

According to cybersecurity officials, LulzSec and Anonymous have also recently attempted to compromise the FBI website.

As of Wednesday night, the CIA website apparently has been restored, but a CIA spokesperson said earlier in the day, "We are looking into the reports."

Copyright 2011 ABC News Radio


Hackers Break into Website

Jupiterimages/Thinkstock(WASHINGTON) -- Hackers broke into the website over the weekend and were able to access files placed on the server, the Senate Sergeant at Arms confirmed Tuesday, but the breach did not compromise the security of the network.

"The intruder did not gain access into the Senate computer network and was only able to read and determine the directory structure of the files placed on," the office of the Sergeant at Arms, which monitors cyber security, said in a statement. "That server is for public access on the public side of the Senate's network firewall, and any files that individual Senate offices place there are intended for public consumption."

The vulnerability in the system was traced back to an individual senator's office, though the Sergeant at Arms did not name the senator. It will also conduct a review into the breach.

"Although this intrusion is inconvenient, it does not compromise the security of the Senate's network, its members or staff," the statement added. "Specifically, there is no individual user account information on the server supporting that could have been compromised."

"Lulz Security," which claims to have hacked into, posted the directory names on its web site and on the surface it did not seem to contain any proprietary information.

"We don't like the US government very much. Their boats are weak, their lulz are low, and their sites aren't very secure," the group wrote on its Web site. "In an attempt to help them fix their issues, we've decided to donate additional lulz in the form of owning them some more! This is a small, just-for-kicks release of some internal data from - is this an act of war, gentlemen? Problem?"

This isn't the group's first foray into hacking a government website. In March, Lulz Security also claims to have breached the Web site of the Atlanta chapter of InfraGard, a grassroots group that works with the FBI to counter cyber crime threats. Hackers stole nearly 180 passwords and posted them on the Internet. Lulz Security at the time said the breach was in response to the Pentagon considering whether some cyber attacks should be designated as acts of war. "Lulz" is a hacker/gamer term roughly meaning "just for laughs."

Copyright 2011 ABC News Radio


Sony Playstation Hack: What You Should Know to Protect Yourself

Kiyoshi Ota/Getty Images(NEW YORK) -- Listen up, PlayStation fans: It's time to take stock of your online accounts.

In the aftermath of the Sony PlayStation security breach that affected a reported 77 million network users, cyber-threat experts caution that you can't be too careful.

In a message to customers Tuesday, Sony said that personal information, including names, addresses, birth dates, email addresses and PlayStation logins and passwords, may have been stolen in a hack that has taken its network offline for the past week.

While the company said there is no evidence that credit card information was compromised, it added that "we cannot rule out the possibility."

Sony said it is investigating the breach and expects to restore parts of its service within the week. But while the company takes care of internal damage control, security experts say its customers should do some due diligence of their own.

Hackers could not only use the stolen information to attempt to break-in to users other online accounts, they could use email addresses to send you official-looking messages filled with malware or directing users to dangerous Web links.

Worst of all, they could hit you where it hurts the most -- your wallet.

Beth Jones, a senior threat researcher for the security firm Sophos Labs, said PlayStation users might even want to go so far as canceling the credits connected to their accounts.

"I'll be honest, for myself, because I'm paranoid, I would immediately cancel the card, just because as far as you're concerned, that card could possibly be compromised," she said. "We're keeping our fingers crossed that it wasn't compromised, but for some of us that really are paranoid, I would cancel it."

Keeping an eye on credit reports and bank statements is always a best practice, but Jones said that after attacks like this people should take an even closer look at their financial statements and online accounts.

And your online passwords? Change 'em. Given how frequently people recycle their passwords or use the same one for several accounts, Jones said, PlayStation users should assume that hackers have their old passwords and choose a new one -- pronto.

Phishing attacks over email could be another possibility.

Sony has said that it will not contact customers in any way, including via email, asking for credit card numbers, Social Security numbers or other personally identifiable information. If customers are asked for those kinds of information, they should know that the requests are not authorized by Sony, the company said.

But now that hackers have 77 million email addresses, Jones said spammers could easily create official-looking emails that appear to be from banks or credit card companies, carrying malicious Web links. Once clicked, those links could bury malicious code on people's computers or attempt to trick them into turning over important personal information, such as credit card information, bank account log-in data, and social media accounts.

Experts caution that you should be wary of unsolicited messages, especially when they include attachments and request information. If you receive a message from a company or your bank, skip the link in the email and go straight to their website, they say.

Jones also said you should consider changing the security questions connected to your accounts. Several sites use the same questions, and hackers could use them to try to gain access to other online accounts.

As for the scale of the PlayStation attack, some reports have called this the "biggest security breach ever," but Jones said that while it's significant, it's not quite as big other past security breaches. What makes this attack so jarring is the name of the company connected to it.

Copyright 2011 ABC News Radio 

ABC News Radio