Police arrest and charge alleged Anonymous hacker
Aug. 25, 2011
A suspect has been charged by police investigating various Internet attacks allegedly carried out by hacking collective Anonymous against companies and organizations deemed to have acted against the whistleblower website Wikileaks.
Scotland Yard has named 22-year-old student Peter Gibson of Castleton Road, Hartlepool, Cleveland as one of the suspects alleged to have orchestrated DDoS (distributed denial of service) attacks on PayPal, Amazon, Mastercard and Bank of America in December of last year.
Gibson has been charged with conspiracy to do an unauthorised act in relation to a computer, with intent to impair the operation of a computer system or prevent or hinder access to a program or data held in a computer or to impair the operation of any such program or the reliability of such data, said Scotland Yard.
Those are actions that are contrary to Section 1(1) of the Criminal Law Act of 1977, it added.
The Computer Misuse Act, which carries maximum jail sentences of ten years, was not cited by the police.
Gibson is expected to appear at the City of Westminster Magistrates' Court on September 7, 2011.
Detectives at the specialist computer-crime unit quizzed Gibson in April this year. He was one of six people arrested in connection to a U.K. police probe into "Operation Avenge Assange". The five other UK-based men – aged, 15, 16, 19, 20 and 26 were also arrested, following coordinated police raids in the West Midlands, Northants, Herts, Surrey and London, under the Computer Misuse Act in January 2011.
It is alleged that the suspects set off Distributed Denial of Service attacks using a modified piece of open source software known as the Low Orbit Ion Cannon.
The software was used to send a constant stream of data to targeted websites in an effort to greatly slow down or to completely shut down the affected sites.
In July of this year, federal law-enforcement personnel in the U.S. also arrested 16 people accused of carrying out computer crimes that damaged or breached protected systems. Fourteen of these suspects, from ten states across the U.S., were alleged to have been involved in "Operation Avenge Assange".
Anonymous's assault against PayPal, MasterCard, Visa, Amazon, and others was mounted after those companies cut off services to WikiLeaks, following publication by the whistle-blower site of classified U.S. diplomatic memos.
In other internet security news
A police investigator working on Scotland Yard's inquiry into alleged phone-hacking at the now-defunct Sunday tabloid the News of the World was arrested by senior officers from the anti-corruption unit of London's Metropolitan police late last week.
The police said that on Thursday, August 18 they arrested a serving MPS officer from Operation Weeting on suspicion of misconduct in a public office relating to unauthorized disclosure of information as a result of a proactive operation.
They didn't release the name of the officer, who was described as a 51-year-old male detective constable, and Scotland Yard only confirmed he had been arrested after releasing the man on bail until September 29, pending further investigation.
As is customary in such incidents, the officer was suspended from his job the next day. "I made it very clear when I took on this investigation the need for operational and information security. It is hugely disappointing that this may not have been adhered to," said Deputy Assistant Commissioner Sue Akers, who is in charge of Operation Weeting.
"The MPS takes the unauthorized disclosure of information extremely seriously and has acted rapidly in making this arrest," she added.
Meanwhile, a thirty-five-year-old man was also released the next day, after being in police custody on suspicion of conspiring to unlawfully intercept voicemails.
He was bailed to return at a yet-to-be-determined date in October. Reports suggest that former NotW features writer Dan Evans was the man arrested then bailed by police on Friday.
James Desborough, who joined the Sunday tabloid as a reporter in 2005 before being promoted to Hollywood editor in 2009, was also arrested last Thursday as part of the Operation Weeting probe.
In other internet security news
On August 15, and after reporting on Anonymous' hacking of BART's Web site and after the leak of user information from mybart.org, some in the Internet security community started receiving messages on Twitter and elsewhere from sources purporting to be tied to Anonymous.
They were all critical of the leak of personal info from mybart.org, pointing to dissent on Twitter and Anonymous IRC channels. "Just wanted you to know not all of Anon approves!" read one of the messages. Then today, it seems to have all become too much for one former Anonymous hacker.
Until now, he's gone by the handle "SparkyBlaze" and now he officially resigned as a Manchester, U.K., resident named Matthew who has had enough of what he calls a lot of nonsense from a group that claims to do good and no evil.
He goes on to say that "higher-up" Anons have thrown other members of the collective "to the lions," claiming that Anonymous' campaigns and leadership have been ineffective and prey on "kids" to do their dirty work and risk arrest.
Some inside the internet security community contacted SparkyBlaze and asked if the BART operation was the last straw for him. He says "That was one factor, mainly it was because I was just fed up with anon putting people's data on-line and then claiming to be the big heroes."
SparkyBlaze adds that he did find it hypocritical that Anonymous claimed to be fighting for BART users by putting their data online.
With regard to his own involvement with Anonymous, SparkyBlaze says he supported a number of operations, "and some un-ethical ones that I am not proud of but, I never exposed people's data-- and of that, I can be proud of. I want to be clear on that."
He says he was proud to be involved in attacks on sites run by Iran's government, but not so proud to have been involved in the Sony attacks a few months ago.
"If I get arrested with this I will have to deal with it. I don't care about what anon do now and I just want to say that not all anon's are bad-- just a few. Some do want change. They are just going about it in the wrong way," said SparkyBlaze.
SparkyBlaze's defection from Anonymous has made at least minor waves within the organization. A post by Commander X, purported to have led a number of recent hacks, including last week's BART operation, suggests SparkyBlaze should be considered persona non grata:
SparkyBlaze says that that posting was in response to his calling Commander X an "idiot for exposing people's data and supporting it" coupled with his Pastebin.
In other internet security news
Internet security researchers have discovered a method to break the Advanced Encryption Standard (AES) used to protect everything from top-secret government documents, confidential medical files, social insurance numbers, credit cards and online banking transactions.
The method, which was published in a paper presented Aug. 17 as part of the Crypto 2011 Conference in Santa Barbara, allows potential hackers to recover AES secret keys up to five times faster than previously possible.
This represents a major security issue to many organizations. The method introduces a technique known as 'biclique cryptanalysis' to delete just two bits of data from 128, 192 and 256-bit security encryption keys.
“This research is groundbreaking because it is the first technique discovered of actually breaking single-key AES that is slightly faster than brute force,” said Nate Lawson, a cryptographer and the principal security consultant at Root Labs. “But I must also tell you that it doesn't compromise AES in any practical way.”
Lawson also added that it would still take "trillions of years" to recover strong AES keys using the biclique technique, which is a variant of what's known as a meet-in-the-middle cryptographic attack. This method works both from the inputs and outputs of AES towards the middle, reusing partial computation results to speed up the brute-force key search.
The technique is designed to cut down on the time an attacker needs to fully recover the key.
Lawson added "This technique is a divide-and-conquer attack. To find an unknown key, they partition all the possible keys into a set of groups. This is possible because AES subkeys only have small differences between round numbers. They can then perform a smaller search for the full key since they can reuse partial bits of the key in later phases of the computation."
It's impressive work but there's still no better cipher to use than AES for now. And AES still remains the preferred cryptographic scheme of the U.S. government and a few others. The National Institute of Standards and Technology commissioned AES ten years ago as a replacement for the DES, or Digital Encryption Standard, which wasn't as secure and became obsolete.
The research is the work of Andrey Bogdanov of Katholieke Universiteit in Leuven; Microsoft Research's Dmitry Khovratovich; and Christian Rechberger of Ecole Normale Superieure in Paris.
Both Bogdanov and Rechberger took leave from their positions to work on the project for Microsoft Research that started in October 2010.
Source: Scotland Yard.
You can link to the Internet Security web site as much as you like.