I was a teenage hacker |
The arrest of Briton Gary McKinnon, accused of hacking into computer systems at the Pentagon and Nasa, has again thrown the spotlight on the world of hi-tech crime. The problems he allegedly perpetrated cost more than £500,000 to track and correct. @metro editor JONATHAN GODDARD tries to find out why hackers do it. FORMER hacker LC uses his skills to help police, private companies,and the FBI tackle the problem of hacking. Now 21, the security consultant was in trouble for credit card fraud and hacking into his school's computer systems between the ages of 13 and 15. 'Anyone can connect up to a server, discuss whatever they want and no one can regulate it,' says LC.
'I started getting into piracy and was then introduced to hacking' groups. 'I wasn't in trouble work-wise at school, but was a geek. The only way I could really excel was to be this hacker. Police were more interested in how a 15-year-old did these things than messing up my future.'
Hacking has been a serious problem to computer systems and sensitive information
for many years. 'And there are bad types - the script kiddies and malicious hackers, who make money from it.' Most malicious hackers break into shopping sites and steal credit card numbers. 'Gary McKinnon most likely didn't know what he was doing,' adds LC. A hacker breaks into a system, gains knowledge and keeps control of that system or disappears. 'Nowadays you have tools you can download that, within 20 seconds, allow anyone to start scanning at the press of a button. It's a power buzz' IT security consultancy Information Risk Management recently probed the online defences of 18 online banks including Barclays, HSBC, and Lloyds TSB, and found 72 per cent of them were vulnerable. The need for banks to protect against cyber-crime was highlighted in March when police foiled an attempt to steal £220million from a London-based Japanese bank, Sumitomo Mitsui. Hackers are breaking into about 30,000 PCs a day to send viruses around the globe or reveal bank account details - phishing. LC says the problem is a slow reaction to security threats. 'We need a system worldwide which every government agrees on,' he adds. 'It's like earthquakes - you're never going to stop them, but you can minimise the damage.' [Metro, June 13,2005]
Conmen 'phish' in your e-mail inbox BY SARAH GETTY ALMOST half of all Internet users have received spam emails aimed at tricking them out of money, a new poll by AOL found. 'Phishing' e-mails - designed to look like they come from a bank -ask users for their personal information and password details. Fraudsters can use the information to steal cash from users' accounts. The techniques being used are becoming increasingly sophisticated, with e-mails often directing users to false websites via hyperlinks. Yet there is little chance of getting money back if you are caught out by a phishing e-mail. More than half those who lost cash were not compensated by their bank or credit card provider. The amounts stolen are often small - about £50 - because the conmen aim to carry on undetected. They know that few people check credit card and bank statements thoroughly. Other online scams include paying for items ordered over the Internet which never arrive and sending cash following a demand from a bogus e-mail. Will Smith, from AOL, said: 'It is often difficult to spot a scam so it's crucial people protect themselves.' AOL's advice includes:
[Metro May 3, 2005] |
Hackers unravel key to Internet
Hackers have attacked US army and NASA computers after stealing codes which control the Internet. The gang is thought to have exposed security flaws in the networks but it is not known how much data was stolen or destroyed. The attackers are believed to have been based in Europe and have targeted thousands of computers some serving research labs. The revelation follows the latest arrest over last May's theft of program instructions for machines which control the Internet. The suspect,detained in Sweden on Monday,is believed to be a 16-year old already charged with hacking into a university. The stolen CISCO SYSTEMS code was posted on the Net.
[Metro May 11,2005]
BY SARAH HILLS
HACKERS have unleashed an 'industrial-strength' attack in a bid to steal sensitive information from almost 300 Government departments, it emerged yesterday.
Businesses have also been targeted during months of concerted attacks, which are launched from bogus e-mails and contain a 'Trojan' attachment.
At first glance they appear harmless but, once opened, an invader can gain fill' control of the user's machine.
A 'recent rise in sophistication' in attacks on financial, telecommunications, energy, transport and health organisations has been noted by the National Infrastructure Security Co-ordination Centre.
The Government body aims to protect essential services and systems from electronic attack.
It issued a warning yesterday urging businesses to beef up security. 'There are businesses on the periphery of the critical national infrastructure that can be targeted by these attacks,' it confirmed. These could include banks,insurers and other financial units. 'This is not a few hackers sitting in their bedrooms trying to steal bank account details from individuals. This is aimed at organisations, targeted at gaining information and is extremely well organised and structured,' said NISCC director Roger Cumming.
Security consultant Carole Theriault, who helped the NISCC analyse the Trojans, said there were 17 types.
'They were basically information-stealing files hidden in the machines. It must have been serious enough for the NISCC to put a warning out,' she added.
Many of the messages were sent from addresses in Asia and efforts are now being made to shut them down.
The messages are spoofed to appear as though they come from a credible source and hackers use distribution lists to target large numbers of people. Nothing significant has been stolen so far, said the NISCC.
eBay Sellers warned over PayPal swindle |
|
BY OLIVER STALLWOOD
The con is believed to originate from Nigeria. PayPal and eBay yesterday said its safeguards were 'a world class example of the tools that can be put in place to prevent these attacks'. Members suspecting a hoax email should send it to spoof@ebay.co.uk or spoof@paypal.co.uk.
Within a few minutes, they will get a response confirming whether or not
it is genuine. |
Related Articles |