An Ohio man was arrested and charged with two counts of computer intrusion for the web site attacks targeting the Utah Chiefs of Police Association and the Salt Lake City Police Department in January.
They're going to wreak some havoc, and it makes everyone miserable; but when element of their goal is to get publicity, they leave too many trails and at last get caught.Pete Lindstrom, VP of study, Spire Security
According to the Associated Press, the fellow is reportedly a member of CabinCr3w, an offshoot of the Anonymous hacking collective. The FBI was ready to trace a Twitter account that were used to take credit for the breaches and communicate with reporters in Salt Lake City concerning the events to a workplace computer utilized by John Anthony Borell III.
Borell was arrested and detained in a halfway house in Ohio before appearing in court in Salt Lake City on Monday, where he pleaded “not guilty.†If convicted, he may be subject to as much as 10 years in prison and a $250,000 fine.
The attacks yielded the non-public information of cops and citizens who had complained about local criminality, including phone numbers and addresses. The Salt Lake City Police Department's website was restored after $33,000 was spent on repairs and new safety features.
The sites were hacked at round the same time as other attacks on police websites occurred around the Usa and in Greece.
Experts: Hacktivism trend to continue
Law enforcement agencies haven't been the one recent targets, however. The 2012 Verizon Data Breach Investigations Report revealed a huge upswing in “hacktivism†in 2011. Despite the arrests made internationally of people connected to teams similar to the Anonymous hacking group and LulzSec earlier this year, hacktivists have continued to behave and experts expect with the intention to be a continual trend.
“It's inevitable that a minimum of among the people involved with the ‘hacktivists,' in the event you would, are going to get caught,†said Andrew Storms, director of security operations at nCircle Network Security. However, he added, that may not likely stop the groups. “There are enough people accessible involved in helping out that there'll always be a line of folks willing to step up,†he said.
Storms also believes this migration to hacktivism is a part of a natural evolution of activism. “There have always been activists,†he said, and there is no reason to believe they would not start using available technology to profit them almost like every other group. Major companies, governments and criminals alike have updated their systems and processes, so it is sensible that the financially, politically and socially active have, too.
Businesses and governments were trying to stay alongside of cybercriminals intent on making money through breaches for years. The adaptation now's that companies and governments should the best way to prepare for attacks by groups who aren't seeking to profit.
While cybercriminals commonly use automated attacks to gather information similar to payment card or checking account numbers, hacktivists focus more on personal information regarding employees, customers, partners or system architectures, and publish it and not using a monetary benefit. Storms said that if a company wasn't posed to offer protection to financial information, they're already behind in terms of defending against hacktivists.
“What's different this is that the actions have garnished a lot news, we all know about it. … Really what it's done is it heightened the attention,†said Storms, that's good, because that facilitates communication between IT/security professionals and business executives on how important it's to maintain security updated and progressing as often as possible.
One specific way companies can prepare is thru situational awareness, said Pete Lindstrom, vp of study at Spire Security. Victims of breaches learn as much about their attackers as possible, from the IP address used to the physical location of the attacker, and share it with other organizations so their systems could be monitored for similar activity.
Research from compiled data just like the Verizon DBIR and IP reputation information is becoming more crucial in a brand new wave of security efforts.
“Stuff we've done piecemeal during the past is now becoming more mature for fogeys to check out to spot this threat,†Lindstrom said.
He's confident that police action against those involved is excellent news. Although hacktivists will continue to operate, they'll also stay caught due to the nature in their goals.
“They're going to wreak some havoc, and it makes everyone miserable; but when component to their goal is to get publicity, they leave too many trails and at last get caught,†he said.
Nessun commento:
Posta un commento
Comments links could be nofollow free