I spy on the FBI
It’s usually politicians who have an uncanny ability to put a foot in their mouths in the most spectacular of fashions. For example, in an attempt to woo the electorate a senior politician may stand up and say their party represents good old-fashioned family values.
Invariably within days of the very public announcement some party members will be discovered in a range of compromising positions like naked in some bushes with a member of the same sex, or trussed hand and foot wearing nothing but an apple in the mouth (it happened to the UK Conservative party).
Anonymous – always one step ahead?
However, it seems the FBI is now trying to catch up. After it announced that hacker group Anonymous was not the force it once was, a FBI server was hacked into by Anonymous North India and the details posted online. As well as providing the physical location, FBI HQ, Pennsylvania Avenue in Washington DC – it’s a huge building within walking distance of the White House and Capitol Hill, the seat of US government – the hackers provided access details to the FBI server.
They not only published the online location but also a list of seven ports on the FBI intranet to access the server. Poking their tongue out they said: ‘Really guys, where’s ur security.’ Then rubbing salt into the wounds they also published a list of email addresses and passwords for FBI agents and FBI offices around the country.
In response Austin P. Berglas, a special agent in the New York cyber division told the Huffington Post that the arrest last year of five major hackers had effectively tied the hands of the hacker group Anonymous. He reasoned that the arrests had created distrust within Anonymous and it was no longer carrying out the same level of attacks.
It’s not clear what special agent Berglas’ thoughts are on the FBI hack. Perhaps his assertion that Anonymous is a diminished force was an attempt to downplay the hack. Neither is it known how sensitive the information on the server was. However, it illustrates that if a skilled hacker wants to crack a system, they generally can.
During a conversation with some hackers several years ago they laughed at the attempts of law enforcement officers and corporate IT defences. One of them said “We’re always one step ahead.” And in response to an FBI suggestion that keystroke loggers would be planted in the computers of hackers they replied with anger and said they would respond in kind.
Phishing and identity theft protection
Berglas pointed out that most hacking exploits are the result of spear phishing attempts. Despite many companies spending millions on IT security the most common entry method is to trick users into clicking on malicious links within emails commonly known as phishing.
At BullGuard we’re constantly endeavouring to educate users on the potential damage that hacking can cause and the most common techniques hackers use. We place identity theft protection at the top of the list because this can not only empty bank accounts but also ruin lives. And even law enforcement officers are not immune.
All you need is an email address and password to begin the process of lifting someone’s identity. It’s a starting point and for the determined hacker it’s like opening the front door. Of the almost 300 FBI email addresses and passwords that Anonymous posted, we wonder how many were exploited by hackers to cause further embarrassment to the FBI?
Posted by Steve Bell