Elite US cyber team

[sunny]

Skull and crossbones reflected in a computer screen.
An elite US cyber team that has stealthily tracked Internet villains
for more that a decade pulled back its cloak of secrecy
to recruit hackers at a notorious DefCon gathering here Sunday.

[sunny]

A US Department of Defense (DoD) image shows the logo for the US Cyber Command.
The United States is launching a program to detect cyberattacks on private US companies
and government agencies running critical infrastructure such as the electricity grid
and nuclear power plants, The Wall Street Journal reported on July 7, 2010.
Vigilant shares seemingly significant findings with US spy agencies

[sunny]

The holy grail for Vigilant is finding out who is behind cyber attacks.
Inability to figure out who launches online assaults routinely leaves companies or governments without targets to fire back at. Vigilant was described by its chief Chet Uber
as a sort of cyber "A-Team" taking on terrorists, drug cartels,
mobsters and other enemies on the Internet.

[sunny]

Elite US cyber team courts hackers to fight terror

An elite US cyber team that has stealthily tracked Internet villains for more than a decade pulled back its cloak of secrecy to recruit hackers at a DefCon gathering.

Vigilant was described by its chief Chet Uber as a sort of cyber "A-Team" taking on terrorists, drug cartels, mobsters and other enemies on the Internet.

"We do things the government can't," Uber said on Sunday. "This was never supposed to have been a public thing."

Vigilant is an alliance of slightly more than 600 volunteers and its secret ranks reportedly include chiefs of technology at top firms and former high-ranking US cyber spies.

The group scours Internet traffic for clues about online attacks, terrorists, cartels and other targets rated as priorities by members of the democratically run private organization.

Vigilant also claimed to have "collection officers" in 22 countries that gather intelligence or coordinate networks in person.

"We go into bars, look for lists of bad actors, get tips from people..." Uber said.

"But, a significant amount of our intelligence comes from our monitoring the Internet. We are looking at everything on websites, and websites are public."

He was adamant that Vigilant stays within US law while being more technologically nimble than government agencies weighed down by bureaucracy and internal rivalries.

"Intelligence is a by-product of what our research is," Uber said. "Our research is into attacks, why they happen and how we can prevent them."

Vigilant shares seemingly significant findings with US spy agencies, and is so respected by leading members of the hacker community that Uber was invited to DefCon to recruit new talent.

Uber said that Vigilant came up from underground after 14 years of operation in a drive to be at "full capacity" by adding 1,750 "vetted volunteers" by the year 2012.

"We are good people not out to hurt anybody," Uber said. "Our one oath is to defend the US Constitution against all enemies foreign and domestic."

Anything that can be looked at legally on the Internet is fair game for Vigilant, with email and encrypted transactions such as online shopping off limits.

The holy grail for Vigilant is finding out who is behind cyber attacks. Inability to figure out who launches online assaults routinely leaves companies or governments without targets to fire back at.

"This is a completely unsolved problem," Uber said. "We've probably been working on it as long as the government has."

Vigilant has developed its own "obfuscation" network to view "bad actors" on the Internet without being noticed.

He told of uncovering evidence of fraud in the latest presidential election in Iran while testing a way for people to slip information out of countries with oppressive regimes.

The information obtained was given to US officials.

"They expected fraud but they didn't expect the wholesale fraud that we passed along," Uber said.

Vigilant's network claimed a role relaying Twitter messages sent by Iranian protestors in the aftermath of the election.

The group is bent on gathering intelligence by any legal means and then putting the pieces together to see bigger pictures.

"The wholesale tapping of the Internet around the world can't be done," Uber said. "We are looking at what people write, how people attack, how attacks happen...we don't care who that person is."

Uber is working on a mathematical model to spot when terrorist organizations are recruiting teenagers online. The group has 100 projects in the works.

"Our end goal is to provide software as a service to government agencies so we can get out of the business of intelligence," Uber said.

Along with technology savants, Vigilant is recruiting sociologists, psychologists, and people with other specialties.

The wall between "feds" and hackers has been crumbling at DefCon, which has become a forum for alliances between government crime fighters and civilians considered digital-age "ninjas."

[sunny]

US gets suspect extradited from Estonia to face charges in hacking case touching 280 cities
By: Mike Baker

RALEIGH, N.C. - In November 2008, with America transfixed by a presidential election and a collapsing economy, a group of international hackers infiltrated the computer network of a major financial services company in what authorities describe as one of the most sophisticated attacks ever concocted.

Their work was both furtive and impressive: Around the time Barack Obama was securing his White House victory, the hackers entered RBS WorldPay servers, accessed prepaid payroll card numbers, cracked their encrypted PIN codes, raised the balances on the cards and distributed dozens of them to a team of people around the world.

Then, in the span of 12 hours around Nov. 8 of that year, the group hit 2,100 ATM terminals in 280 cities spanning the world, from the United States to Russia to Italy to Japan. Prosecutors say they withdrew $9 million — a haul that rivals 1,000 typical bank robberies in the United States.

Despite the technical and international challenges of the case, U.S. investigators believe they were able to trace the scheme back to its origin. On Friday they brought one of the accused ringleaders from Estonia to Atlanta to face arraignment on several fraud charges — a rare appearance in U.S. courts for an accused international hacker.

Sergei Tsurikov, 26, of Tallinn, Estonia, pleaded not guilty at his arraignment to conspiracy to commit computer fraud, computer fraud, conspiracy to commit wire fraud, wire fraud and aggravated identity theft.

FBI officials said in interviews with The Associated Press that they weren't so much drawn to the case by the dollar ammount of the RBS heist but by the co-ordination. It exemplified the international scope and increasing acumen of cyber attacks.

"As people become more techically proficient and get access to the Internet, we see this crime showing up in more and more places," said Pat Carney, who supervised the RBS case at the FBI's headquarters.

With such an increasing need for cyber defences, the FBI has ramped up its focus, training some 900 agents in how to handle such crimes. In the RBS case, they quickly mobilized a group of FBI experts on the topic to descend on Atlanta, where RBS is based, and track down the culprits.

While U.S. authorities have been able to crack down on cyber crimes originating in the United states, the FBI has had to increasingly rely on foreign partners to restrict attacks coming from overseas, in places like Egypt, Turkey and Hong Kong. Federal officials praised authorities in Estonia for assisting in both the investigation and extradition in the hacker case.

The increasing scope of foreign attacks comes as college students around the world are focusing heavily on technology degrees only to emerge into a difficult job market with low pay, officials said.
"When you can't find a legitimate job making big money, you find some way to make money," said Colleen Moss, the head of the FBI's Cyber Crime Squad in North Carolina. "There's a lot of high-tech trained folks out there who either don't have a job or aren't making what they'd like to."

The RBS case began when a 29-year-old Moldovan man, Oleg Covelin, found a vulnerability in the computer network run by RBS, the FBI said. He passed the details along to Tsurikov in Estonia, according to FBI officials, and he conducted "reconnaissance" to assess the vulnerability before sharing his findings with a colleague in Russia.

After breaking into the system, the team distributed 44 counterfeit cards to a network of "cashers" around the world.

Though the hackers attempted to cover their tracks, RBS noticed the activity and reported it to the FBI. They managed to trace the culprits, relying on cyber forensics, international banks and foreign authorities.

"What made this case different was the scope, the timing and the co-ordination," said Doris Gardner, an FBI special agent who worked on the case. "It was very sophisticated."

Tsurikov was indicted last year in the case along with Viktor Pleshchuk of St. Petersburg, Russia, Covelin of Chisinau, Moldova, and three others from Estonia. The three leading suspects have been convicted in Estonia. In the United States they face up to 20 years in prison for wire fraud charges and between 5 and 10 years for computer fraud charges.

Tsurikov is the first to face his U.S. charges. Officials said extradition of the others is in progress. Tsurikov's lawyer didn't immediately return a call Friday seeking comment.

[hacksecrets]

พี่ไทยเราเก่งกว่าตั้งแยะ หากไทยเรารวมตัวกันเมื่อไหร่ แม้แต่มหาอำนาจยังต้องขวัญผวา....หึหึหึ

[sunny]