PDA

View Full Version : Hackers Shut Down CIA Website



Apocalypse
06-15-2011, 11:36 PM
BOSTON (Reuters) - The public website of the Central Intelligence Agency went down on Wednesday evening as the hacker group Lulz Security said it had launched an attack.


Lulz Security has claimed responsibility for recent attacks on the Senate, Sony Corp, News Corp and the U.S. Public Broadcasting System television network.


The CIA site initially could not be accessed from New York to San Francisco, and Bangalore to London. Later in the evening service was sporadic.


"We are looking into these reports," a CIA spokeswoman said.


In the case of the CIA attack, hackers would not be able to access sensitive data by breaking into the agency's public website, said Jeffrey Carr, author of the book Inside Cyber Warfare: Mapping the Cyber Underworld.


"All they're doing is saying 'Look how good we are,'" Carr said. "These guys are literally in it for embarrassment, to say 'your security is crap.'"

http://rds.yahoo.com/_ylt=A2KJ3CdQevlNthwAZjzQtDMD;_ylu=X3oDMTByOHZpMmZ xBHBvcwMyBHNlYwNzcgRjb2xvA2FjNAR2dGlkAw--/SIG=14kbtmi6q/EXP=1308224208/**http%3a//www.washingtonpost.com/national/national-security/cia-web-site-hacked/2011/06/15/AGGNphWH_story.html%3fwprss=rss_congress

Rockntractor
06-15-2011, 11:39 PM
You don't tug on Superman's cape
You don't spit into the wind
You don't pull the mask off the old Lone Ranger
And you don't mess around with Slim, da, do, da, do...

Apocalypse
06-15-2011, 11:42 PM
Yea, if this doesn't set the CIA and FBI on their arses, nothing will. Just hold a target on your chest and say shoot me.

Considering they are targeting Gov. systems. Whats next?

FBI?
White House systems?
Military?

djones520
06-16-2011, 12:18 AM
You know, if they wanted to spend some time in prison, there was a better way to do it... :rolleyes:

These guys are gonna go down hard.

Zathras
06-16-2011, 03:40 AM
You know, if they wanted to spend some time in prison, there was a better way to do it... :rolleyes:

These guys are gonna go down hard.

And when it does happen the "Lulz" are going to be on them.

NJCardFan
06-16-2011, 10:07 AM
What these nerds don't know is that as smart as they think they are, agencies like the FBI and CIA have nerds who are smarter. This is why these people get caught and these idiots will get caught.

Odysseus
06-16-2011, 10:22 AM
The big issue is going to be where they are operating from, assuming that they are all in the same place. If they are doing the Wikileaks dance and are posting from a neutral or marginally unfriendly country, catching them would be complicated. We'd have to prove to the host government that they were the hackers and request extradition, which might be denied. The correct response is to take them at their word, that this is an act of war by a group that has declared itself to be enemy combatants (cyberwar qualifies) and treat them accordingly. Obama should ask congress for a declaration of war against LULZ Security and any nation that harbors them. Then, the host nation either hands them over or accepts that its neutrality is compromised, which allows us to act within their borders with impunity.


Yea, if this doesn't set the CIA and FBI on their arses, nothing will. Just hold a target on your chest and say shoot me.

Considering they are targeting Gov. systems. Whats next?

FBI?
White House systems?
Military?
All of the above, depending on their political outlook.


What these nerds don't know is that as smart as they think they are, agencies like the FBI and CIA have nerds who are smarter. This is why these people get caught and these idiots will get caught.

That reminds me of the line from The Right Stuff: "Our Germans are better than their Germans."

enslaved1
06-16-2011, 08:47 PM
DDoS and defacing a website. :eek: F43r teh ub3r1337 haxorz!!11!!!! :rolleyes:Sorry, not that impressed. If the CIA is really dumb enough to have a public webserver within 100 miles of any classified data (physically or networked) they really deserve to get their heads handed to them publicly. Same if anyone working for them is ignorant enough to have the same username/password combination to a public webserver attached to anything they want secret.


What these nerds don't know is that as smart as they think they are, agencies like the FBI and CIA have nerds who are smarter. This is why these people get caught and these idiots will get caught.

That's debatable. How many perpetrators of major hacks have actually been caught? How long did it take to catch them? The guy that gave wikileaks all the military stuff got busted by another hacker who opted to turn him in for fear that the continued leaks would damage the case against the guys in the "collateral murder" video. Others hacker busts that come off the top of my head came by other hackers turning informant, usually trying to cover their own butts or just get famous.

I like the hacker culture to an extent and have my toes in the water in a few spots, and most of what we hear about (hacks like this which someone comes out and claims responsibility for) are genuinely for the lulz and just to give various establishments a big fat raspberry. It's the ones we don't hear about, except in a few industry news sources, when real data is accessed, that should be of much greater concern.

Adam Wood
06-16-2011, 09:12 PM
Yea, if this doesn't set the CIA and FBI on their arses, nothing will. Just hold a target on your chest and say shoot me.

Considering they are targeting Gov. systems. Whats next?

FBI?
White House systems?
Military?These guys (http://www.nsa.gov/). You want someone really pissed off at you? Piss them off. You'll learn what pissed off is all about then.

DDoS and defacing a website. :eek: F43r teh ub3r1337 haxorz!!11!!!! :rolleyes:Sorry, not that impressed. If the CIA is really dumb enough to have a public webserver within 100 miles of any classified data (physically or networked) they really deserve to get their heads handed to them publicly. Same if anyone working for them is ignorant enough to have the same username/password combination to a public webserver attached to anything they want secret.
They said it was the "public" site of the CIA. I'm assuming that's where they do recruitment for analysts and such, and my guess is that it has basically nothing whatsoever to do with Langley, Virginia.

enslaved1
06-18-2011, 07:09 PM
.

They said it was the "public" site of the CIA. I'm assuming that's where they do recruitment for analysts and such, and my guess is that it has basically nothing whatsoever to do with Langley, Virginia.

Yeah, but read the article. The impression is that this attack could get the hackers into war plans and stuff. People with a clue know it don't work that way, but it's well established that most people really don't have a clue about how darn near anything works, especially how websites and data are connected. I agree that the site likely has nothing to do with anything national security, but this situation and the way it's being spun is just another way to raise paranoia and help convince people about the need for more internet regulation and tracking. That's not too tinfoil hat is it?

Rockntractor
06-18-2011, 07:56 PM
I agree that the site likely has nothing to do with anything national security, but this situation and the way it's being spun is just another way to raise paranoia and help convince people about the need for more internet regulation and tracking. That's not too tinfoil hat is it?

I think you are probably right, we are being played.

KhrushchevsShoe
06-19-2011, 03:33 PM
Its definitely not the government doing this. Interestingly enough these guys apparently see a large amount of their funding through bitcoin donations. Thats the same currency funding the East Asian drug cartels.

Odysseus
06-19-2011, 05:21 PM
Yeah, but read the article. The impression is that this attack could get the hackers into war plans and stuff. People with a clue know it don't work that way, but it's well established that most people really don't have a clue about how darn near anything works, especially how websites and data are connected. I agree that the site likely has nothing to do with anything national security, but this situation and the way it's being spun is just another way to raise paranoia and help convince people about the need for more internet regulation and tracking. That's not too tinfoil hat is it?

Not so much war plans as personal IDs and other restricted data.


But the fact that the group could penetrate Web sites and harvest system administrators’ credentials underscores the risks of failing to secure sites, experts said.

“Web sites are the low-hanging fruit,” said Richard Stiennon, a cyber expert and author of “Surviving Cyberwar.” “But the Web sites are running on a server. Once you completely own the server that the Web site is on, you can watch the insiders log in and record their activity, and that can be a front door into the organization.”
The government servers that host the CIA site don't contain war plans, but they do contain the public faces of federal agencies. Dissemination of disinformation on the CDC site, for example, could exacerbate epidemics or cause panics. This is still dangerous.


Similar denial-of-service attacks were carried out against Sony gaming sites last week. LulzSec claims to have 1 million user names and passwords for subscribers to these sites, Stiennon said.

Which also means that they may have the financial information of those subscribers. Identity theft, anyone?


As opposed to being “uber hackers working for a foreign agency,” LulzSec basically publishes its findings for entertainment, he said.

And what is more entertaining than waterboarding a punk hacker who thought that he was immune because of his online anonymity?

Molon Labe
06-19-2011, 05:41 PM
What these nerds don't know is that as smart as they think they are, agencies like the FBI and CIA have nerds who are smarter. This is why these people get caught and these idiots will get caught.

Do you really think so? Some of these people who have launched cyber attacks aren't even Americans. They still have not been able to track down the ones who shut down the credit card companies last year.

txradioguy
06-20-2011, 04:03 AM
Do you really think so? Some of these people who have launched cyber attacks aren't even Americans.

The FBI hires hackers they have arrested and prosecuted to work for them. The tip on Bradley Manning came from a former hacker turned FBI informant.

The USAF has an entire unit at the Pentagon battling cyber intrusions.

The last part is true however...most of the attack are coming from former Soviet Block countries and China.




They still have not been able to track down the ones who shut down the credit card companies last year.

This isn't a tv show where the crime is solved in an hour. Hackers wouldn't be able to pull off the stuff they do if they weren't very VERY smart when it comes to computers.

djones520
06-20-2011, 04:06 AM
The FBI hires hackers they have arrested and prosecuted to work for them. The tip on Bradley Manning came from a former hacker turned FBI informant.

The USAF has an entire unit at the Pentagon battling cyber intrusions.

The last part is true however...most of the attack are coming from former Soviet Block countries and China.





This isn't a tv show where the crime is solved in an hour. Hackers wouldn't be able to pull off the stuff they do if they weren't very VERY smart when it comes to computers.

That we do, but it's no real secret that our government is still in the "stone age" when it comes to cyber-warefare compaired to other nations.

txradioguy
06-20-2011, 04:07 AM
That we do, but it's no real secret that our government is still in the "stone age" when it comes to cyber-warefare compaired to other nations.

LOL! Those that don't learn from history...

djones520
06-20-2011, 04:09 AM
LOL! Those that don't learn from history...

Agreed, we'll catch up fast now that we've got our mind set to it. But a lot of damage can still be done in the meantime.

Odysseus
06-20-2011, 10:34 AM
Agreed, we'll catch up fast now that we've got our mind set to it. But a lot of damage can still be done in the meantime.

This is the pattern of American history. We kick back, fat happy and complacent, until something hits the fan and we wake up to the dangers that we face. The classic example of this is Pearl Harbor, and I thought that 9/11 was another one, but we're still avoiding the hard truths there. Cyberwar is another area where we have extreme vulnerabilities that we are only beginning to address. Unfortunately, things happen so fast on the net, that by the time we figure out the attacks are occurring, we'll have been defeated.

Molon Labe
06-23-2011, 09:08 PM
The FBI hires hackers they have arrested and prosecuted to work for them. The tip on Bradley Manning came from a former hacker turned FBI informant.

The USAF has an entire unit at the Pentagon battling cyber intrusions.

The last part is true however...most of the attack are coming from former Soviet Block countries and China.

This isn't a tv show where the crime is solved in an hour. Hackers wouldn't be able to pull off the stuff they do if they weren't very VERY smart when it comes to computers.



I'm not a believer that the best and the brightest in this country or elsewhere in the world all work for Federal governments. In my experience people at the top of the game work in private industry. Some of the best "geeks" fit the stereotype too and don't do anything at all.

The tip from Manning from my recollection came from a private chat he was having and the guy turned him in. Manning would have probably been caught years later if not for that.

txradioguy
06-24-2011, 03:49 AM
The tip from Manning from my recollection came from a private chat he was having and the guy turned him in. Manning would have probably been caught years later if not for that.

He was bragging on a chat site to a fellow hacker...who'd been busted by the FBI and was working as an informant for them.

When Manning started bragging about having sent the Iraq video to WikiLeaks and that he'd obtained all the State Department emails and was going to send them to Assange as well...the informant contacted the Feds.

Odysseus
06-24-2011, 11:26 AM
He was bragging on a chat site to a fellow hacker...who'd been busted by the FBI and was working as an informant for them.

When Manning started bragging about having sent the Iraq video to WikiLeaks and that he'd obtained all the State Department emails and was going to send them to Assange as well...the informant contacted the Feds.

They'd have gotten him eventually. The systems log users and and actions. They'd have looked at the logs and seen that he had burned DVDs of the data that was released.

Madisonian
06-24-2011, 07:08 PM
Manning's problem as with most stupid criminals is that they never stop at 1. If he had not done multiple breeches, he probably would have never been caught and its the greed or arrogance that gets you busted.

If this is the worse these individuals ever do, I applaud them for their stones and sense of irony if nothing else.

Apocalypse
06-26-2011, 09:19 AM
Seems the heat is on now.


LulzSec says it's disbanding



A publicity-seeking hacker group that has left a trail of sabotaged websites over the last two months, including attacks on law enforcement and releases of private data, said unexpectedly on Saturday it is dissolving itself.


Lulz Security made its announcement through its Twitter account. It gave no reason for the disbandment, but it could be a sign of nerves in the face of law enforcement investigations. Rival hackers have also joined in the hunt, releasing information they say could point to the identities of the six-member group.


One of the group's members was interviewed by The Associated Press on Friday, and gave no indication that its work was ending. LulzSec claimed hacks on major entertainment companies, FBI partner organizations, the CIA, the U.S. Senate and a pornography website.


Kevin Mitnick, a security consultant and former hacker, said the group had probably concluded that the more they kept up their activities, the greater the chance that one of them would make some mistake that would enable authorities to catch them. They've inspired copycat groups around the globe, he noted, which means similar attacks are likely to continue even without LulzSec.