Who's Behind All this Hacking - Pt. 1 - Organized Crime

Who would want to break into my home computer?

Intruders (also referred to as hackers, attackers, or crackers) may not care about your identity. Often they want to gain control of your computer so they can use it to launch attacks on other computer systems.  Having control of your computer gives them the ability to hide their true location as they launch attacks, often against high-profile computer systems such as government or financial systems. Even if you have a computer connected to the Internet only to play the latest games or to send email to friends and family, your computer may be a target.  Intruders may be able to watch all your actions on the computer, or cause damage to your computer by reformatting your hard drive or changing your data.

Many of today's intruders are sponsored by organized crime and most of the exploits we're seeing are geared to gaining control of many thousands of machines at a time through which your computer becomes part of an online neighborhood of sorts.  Once control is gained your computer can be bought and sold to the highest bidder.  Your system becomes a commodity, not unlike our own homes. In fact, this online transaction is often referred to as buying and selling  "Electronic Real Estate."  Today it is estimated that many millions of computers are part of this underground market and that there are whole "armies" of computers, under someone else's control, ready to wage cyber war against countries, organizations, and other online communities.

Organized Crime Hacking Intel Sheet

Motivation:  Support illegal/underground activities, cartels, & other activities like; human trafficking, drug trade, terrorism, bank/credit fraud.

Funding: Funded primarily with illegal sources (stolen credit card info, personal info, selling hacked computer bot networks.) Often government involvement is “two-way”.

Capabilities: Well funded/staffed efforts underway, mostly geared towards theft of financial information of direct targets, communication with actors, transfer of monies, and the masking of activities.

Advanced Hacking Techniques.  Infected websites, malware development, botnet creation, system cracking, USB flash drive infections, hard disk encryption cracking.

Data Harvesting Capacity.  Open source data gathering and correlation, system cracking and data extraction, use of keyloggers, password stealers, data capturing services, and website redirection.

Use traditional espionage techniques with hacking.  A majority of today’s botnets are designed and maintained by organized crime.  It is estimated that up to 75% of computers are infected with a virus.  Most virus’ today come from organized crime.

I believe that it is NOW time to take our systems back. We need to do all we can to seize control of our systems and provide a barrier between our systems and those intent on taking them from us.  This really is a primary purpose of this site.  I want to give you the tools, links and practices that will help you fight the bad guys.

Talk to Your Neighbors About Their Open Wireless Access Point

I've run into this several times; We've done all we can to secure our Wireless Access Point, we've added WEP or WPA, setup MAC address restrictions, etc., only to be circumvented by the fact that our neighbor's Access Point is wide open.  There are a couple of reasons for this:

• Some folks don't care. 
• They like wide open access, it\'s easy and they want to offer the world their internet connection. 
• They don't know how to secure it. 
• I'm sure that this is the most common problem. 
• It's just too confusing, difficult, etc..
• They have other intentions. 

A little known fact is that once a computer accesses the inside of someone's network, it becomes vulnerable to whatever is happening on that network. The traffic from all machines can be captured, operating system vulnerabilities can be exploited, and your kids (or you) can become targeted by them.  The most significant problem is that your kids are not using the infrastructure you should be providing.  You've secured yours, you've locked it down, and you control it.  - They are basically "sneaking" out the window at night - using a window that someone else provided.

What should you do?

• You should find your neighbors wireless access points yourself, and talk to them about the open ones you've found.  If you have a hard time figuring out who they are, you can detect it yourself with a number of tools. One in particular is NetStumbler which can be used to scan your immediate area. With NetStumbler, you can get a signal strength meter - the stronger the signal, the closer you are.  Just use it to find the open access points..  
• Look at your kids computers, and the wireless preferences, most of the time you'll see profiles for wireless points they've accessed.  If some of these match up with the ones you found in the neighborhood, it's time for a conversation.  
• Remind your kids to use the internet connection you've provided. If you suspect that they are still using your neighbors connection; speak with your neighbor and let them know that their connection is being used and by whom. You probably would want to highly encourage them to secure the point.  

It pays to know what's going on in you neighborhood. Who's providing points of interest for your kids.  It's kind of an electronic neighborhood watch

Great Online Safety Guide for Families

Ran across this today.  It's a great source for online safety information for families.  It covers such areas:
Different Age Levels - Elementary School Children (ages 5-7), Tween Children (8-12), Teens (13-17), and college age and beyond.
Basic Subjects - Safe browsing, Protecting passwords, wireless networks, parental control software, and online faves.
Specific Risks - Internet Predators, Plagiarism and cheating, Cyber bullying and stalking, Filesharing & music/video downloading, Private information & ID theft, Social networking sites, Porn, gambling, racism, Teen online privacy, Email and instant messaging, blogging, Viruses, Worms, Spyware, and digital photography.

It's well written and is a great resource for families.  It has a great resource section too..

A must read for any family with kids on the Internet.....

CLICK HERE for the Guide

Presentation: Combat Readiness In the IT Infrastructure

Content Removed.

The 9 Most Useful Computer Security Blogs

UPDATED
I currently read many blogs and have a bunch of RSS feeds directed to my blackberry via viigo software so I can keep up on what’s going on in the cloud we call the Internet.  It is rare, however, to find blogs that are consistent and thorough with their postings and content.  The following is my list of the 9 most important and useful blogs related to Computer Security:
1.  The Microsoft Security Response Center (MSRC).  The MSRC blog was launched in February 2005 and provides a real-time way for the Microsoft Security Response Center to communicate with customers.  Topics include day-to-day “behind the scenes” information that helps customers understand Microsoft’s security response efforts, updates during early stages of security incidents.
2.  Fraud, Phishing and Financial Misdeeds blog.  Having worked around financial crimes for a number of years, Ed Dickson noticed they seemed to be on the rise, one reason for this is technology, which grows more rapidly than the laws designed to protect us from it.  Ed’s blog is a resource to educate people on Identity Theft, it also strives to educate the common person on the rapidly growing problem of crimes enabled (made too easy) by technology and the Internet.
3.  TaoSecurity blog.  Richard Bejlitch is the author of one of my favorite books on Information Security, “The Tao of Network Security Monitoring.”  His blog focuses on digital security and the practices of network security monitoring, incident response, and forensics.
4.  Wired Magazine’s Threat Level.  This excellent blog is dedicated to dissecting the news to find some really interesting gems related to computer, government, and general security information.
5.  SANS Computer Forensics, Investigation, and Response.  A team of GIAC certified forensics professionals share their thoughts on fighting crime and unravelling incidents “One Byte At A Time”.   This is an excellent source if you really want to get into the guts of your computer.
6.  Avira’s Tech blog.  Avira, the maker of antivir (one of the most highly rated, free for home use, virus scanners) keeps its readers up-to-date on the latest virus news.
7.  Krebs on Security.  This is Brian Krebs security blog.  He offers excellent commentary on computer security related topics.  Much of what he covers surrounds cybercrime, vulnerabilities, and hacking groups with established footholds.
8.  The Museum of Hoaxes.  This blog is dedicated to examining dubious claims and mischief of all kinds.  If you’re checking into an email you received from a prince in Nigeria, this is an excellent place to start.
9. Hoax Slayer.  Tracks many of the email hoaxes and other Internet based hoaxes.  Great site, with quick navigation and search.

Tip: Create a Boot CD or USB Drive to Save Your System

There have been dozens of times over the years where I’ve had to boot a dead system or break into a suspect’s system to recover data or restore the functionality of a system.  It used to be pretty tough – often I had to remove the hard disk and mount it on another system to do this.  Now, it’s much easier.  Today there are several tools that will allow you to create a Boot CD or USB drive that you can insert into a system and boot the computer without having to boot off of the hard drive.  The plus is, if the system has a virus or malfunction, you are not running off of the infected hard drive – but off of the CD or USB drive.  You also keep from modifying the contents of the hard disk so that you can maintain a forensic path to data discovery.  There are two boot CD’s and USB Drives that I carry with me today:

The first one is an Ultimate Boot CD I created with BartPE that has your basic disk imaging, virus scanning, and other operating system tools installed on it.  BartPE allows a user to boot Windows, even if a hardware or software fault has disabled the installed operating systems on the internal hard drive — for instance, to recover files. It can also be used to scan for and remove rootkits, viruses and spyware (that have infected boot files), or to reset a lost administrator password.  Here’s a tutorial on installing BartPE



The second one is a Knoppix based CD that has tons of capabilities for data retrieval, system interrogation, and a number of tools that will allow me to perform a security check of the network I’m in.  The particular CD I use is the BackTrack live CD distribution.  It contains over 300 tools for network penetration testing (both wired and wireless), system imaging, remote network monitoring, packet capturing (like Network Miner), and forensic system analysis.  It is very useful and the interface is easier than I was expecting.  Here’s a video on installing BackTrack onto a USB thumb drive.

Here's an intro video to Backtrack


I find these tools very useful and use them often to solve all sorts of problems.  I always find that I am creating new ones because I keep giving them away.

3 Tools for Backing Up Your Data

Computers die.  Either from old age, misuse, or some nasty virus.  They just croak and it’s never fun.  I know, I’ve been there.  Had my system all full of cool tools, massive quantities of photos, documents I’ve written, songs I’ve collected – all gone.  Poof!!!   In my experience I’ve found that all computers die eventually.  That’s why it is critically important that you backup your systems.  Here I offer three strategies of making sure your stuff remains even if your system croaks.
1.  Use an external drive (or network drive).  These are relatively cheap for tons of storage.  You can spend around $150.00 and get half a terabyte of storage.  Check out the Maxtor One Touch – it even has software that will help you backup your data with the touch of a button.
2.  Use an online service.  Mozy Remote Desktop Backup service provides a lot of storage for $3.95 plus $.50 per Gigabyte per month.  They’ve had great reviews and a very easy to use interface.
3.  Use your domain provider.  I am amazed at how cheap online domain registration and storage costs now days.  I spend $3.95 per month  to maintainpaulfdixon.com along with unlimited email addresses, unlimited storage, and unlimited bandwidth at justhost.com.  The service provides some very easy to install click installations of online photo galleries, popular blogging tools (like this wordpress blog), ftp and other file storage alternatives.  It is simple to setup and very easy to maintain if you keep on top of it.
The bottom line is =  you have to put some out some effort but it is well worth it.

The FBI's Security Guide for Protecting Children Online

The FBI has put together an excellent resource for protecting your children on-line.  This guide is written for parents and it contains an excellent analysis of how to tell if your kid is doing something on-line that they should not be doing and what to do if you find out.  In summary, they want parents to know:
The signs your child may be at risk to on-line threats:

• Your child spends large amounts of time on-line, especially at night.
• You find pornography on your child’s computer.
• Your child receives phone calls from men you don’t know or is making calls, sometimes long distance, to numbers you don’t recognize
• Your child receives mail, gifts, or packages from someone you don’t know.
• Your child turns the computer monitor off or quickly changes the screen on the monitor when you come into the room.
• Your child becomes withdrawn from the family.
• Your child is using an on-line account belonging to someone else.

Click Here for the guide.