Owners of attack for hire website arrested

Alleged vDOS Proprietors Arrested in Israel

On some corners of the internet, you can pay for services that attack legitimate websites to try to disrupt their service.  One of these sites, vDOS, was recently busted up by authorities in Israel.  They arrested the alleged owners, two 18 year olds who have been running the site for four years.  The site is accused of running DDOS attacks that earned the owners over half a billion dollars. They were found out through multiple sleuthing methods.  They refered to each other on facebook by their hacker call signs.  Their phone number was set up to receive texts from customer service notifications.

The database of who had been paying for the hacks also became publicly available. The data contains attempted DDOS’s that weren’t wiped from their logs.  It shows what site was targeted by what username, when, and for how long.

Interestingly, after the site went down the site domain was hacked through a BGP hijack. The company responsible said it was in response to their servers being attacked by vDOS and hoping that would lessen the traffic. The company CEO said this was just a defensive maneuver but I would still classify this as offense.

It seems a lot of fighting is going on all the time on the internet and the only defense might be to stay educated on all the new ways hackers are attacking system. Sometimes, going on the offense may pay off too if done correctly.

https://krebsonsecurity.com/2016/09/alleged-vdos-proprietors-arrested-in-israel/

Article link: http://thehackernews.com/2016/09/usb-kill-computer.html

Wow!  Talk about your Super Spy type stuff.  (Queue Mission Impossible Theme Music now: https://www.youtube.com/watch?v=XAYhNHhxN0A).   

So now do we not only have to worry about the digital data that can be stolen or compromised, but now comes this new item that will basically destroy the internal components of your computer.   

This killer USB stick, once plugged into a USB drive, will charge capacitors within it and then release a deadly charge back into the system that will destroy internal components.  The company claims they developed the device for companies to test their devices for USB power surge attacks.  

You’ve been hacked and now, destroyed.   Trying to piece together what information has been compromised from a functional machine can sometimes be impossible.  Now, you might be left trying to figure out what happened without even having the machine available to you.   

It’s mind boggling that any person can get one of these devices for $49.95 over the Internet.   How do we combat hacking and theft, and now destruction, when the tools necessary to wreak havoc come so cheap!   Just another item in the constant dance to keep us on our toes!

I found this article rather interesting for a few reasons.  Putin makes a comment that brings up a valid point, and he said something to the effect of; it doesn’t really matter who hacked the emails, what matters is the information that was made public.  I tend to agree with him.  If servants of the public (politicians) who are paid by the public and made a public oath begin to exchange emails that evidence corrupt practices then that information should be made public.  An election should be conducted on the basis of full transparency.  If the public votes then all information should be made available for the public to digest ESPECIALLY if its information pertaining to the election.

That is the foundation of free markets.  Any and all information must be made available for a market to function properly, if not the market is broken and will fail.  That is a universal truth about free markets.  So I consider whoever hacked the email that ended up getting Debbie Schultz ousted did, in fact, do a societal good.

I can foresee hacktivist groups becoming more and more prevalent as corruption becomes more and more visible, regardless of borders…

http://www.baltimoresun.com/news/maryland/politics/blog/bs-md-russia-hacking-20160908-story.html

This isn’t an article (its a scholarly paper) but I thought it would be interesting to revisit last week’s post after I had done some research.  As a refresher, last week I posted an article around machine learning algo’s being able to predict cyber intrusions and in essence learn what is a relevant attack by analyzing (a) was there misuse of the system and (b) what was the loss.  I also posited that this could potentially reduce the need for the human element with regards to IDPS system which rely on the human element.

Last week I went back to work and asked the team working on such algo’s and I’ve learned a few things from them; (1) the algorithm uses statistical ensembles, which is essentially a mathematical physics solution that provides probability distribution for a set a systems and their properties and (2) on top of the statistical ensemble they use partition functions which essentially describe the statistical properties and their equilibrium in the set of systems.  I find this fascinating because the Black-Scholes Model for asset pricing also uses physics equations.

Essentially the algorithm is instructed to (1) map all possible states of equilibrium for the set of systems and its characteristics, (2) if there is any variance outside of those designated equilibrium states to then investigate and use partition functions to map the characteristics.  Here is where the learning comes into play, using ANN or a type of machine learning/information intelligence – the algo will use the historical series, multi-correlation regression and time series to build prediction models.  As the size and complexity of the system(s) grows the models change and the machine “learns” and its learning tasks grow.  The system is no fluid and as more inputs are placed into the ANN the more accurate and reliable the output, thus improving the ANN’s generalization ability.  One should keep in mind the paper points to certain flaws in a single network ANN as such the instructions (algo) fed to the ANN which dictates how it behaves is based on an ensemble (which consists of multiple systems).

The paper details results of such an ANN employed at the database level and is referred to as, a “statistical database anomaly prediction system.”  The results were “[the system] has been presented to learn previously observed user behavior in order to prevent future intrusions in database systems…”

The idea of a prediction system that can learn the behavior of agents is fascinating.  This could be a paradigmatic shift in the field.  As Professor Mackey said though, these ANN’s aren’t placed in operation, rather they’re still being researched and tested.

What makes me think it has the possibility to disrupt the demand for the human element?  This stems out of economics, and the reality of the production function or the relation between economic inputs and outputs.

(Q) is a function of L (labor), K (human capital / capital), M (raw material) and T (technology)

It is the basis of microeconomics that where this is a macro increase or change in technology the short run micro-utility (or the value society gets from the introduction of that new technology is diminished then rise exponentially to a point then slows at an increasing rate).  I’ll provide two good examples…

(1) In the cockpit of a commercial passenger air plane there used to be three people, a pilot, co-pilot and engineer, since we started transporting people in the air that was the way of the world.  As technology grew and the cockpit instruments became more sophisticated, the need for the engineer in the cockpit decreased.  Today there is only two people in the cockpit, the pilot and co-pilot.  The system replaced the engineer, the job of airline instruments engineer does not exist today, the system tracks and re-calibrates the instruments used during flight.

(2) E-ZPass, we’re witnessing this phase out.

It would be prudent to believe that this type of machine learning and anomaly prediction system would replace at least one human in the field once implemented.

 

Article:

http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.98.7461&rep=rep1&type=pdf

 

PS:  I used many articles during my research and have them in an email if anyone is interested.

 

 

According to researchers at Israel’s Ben-Gurion University, they have discovered a way to disable the emergency system across an entire state for an extended period using a telephony denial of service (TDoS) attack targeting 911 call centers. Since 1968, the emergency infrastructure relies on routing and connecting 911 calls to nearby public call centers, known as public safety answering points (PSAP). However, a hacker could cause mobile phones to call 911 automatically without a user’s knowledge, essentially clogging up the PSAP’s queues and preventing legitimate callers from reaching the service. Discussing possible solution to prevent or minimize the impact of possible attack, researchers said a mandatory “call firewall” could be implemented to identify and block DDoS activities. Another solution would have PSAPs implement “Priority Queues” that would priories callers with more reliable identifiers when connecting someone to a call-taker. However, the biggest issue lies in the current regulations set in place by the FCC.

 

I found this article interesting because these researchers discovered the issue before the loss happens. It might save millions of lives. Even hackers don’t attack every 911 call centers, if he/she is a criminal who kidnap a person, he/she can attack the nearest center to prevent victim to contact 911. The author also gives explanation of DDos, hackers attempt to overload a website’s connections by sending in data requests from multiple sources. Making a DDoS attack-known as “dosing”-is relatively simple. Botnets are available to hire on websites not reachable via dark web. Therefore, I hope FCC can pay enough attention on this and fix it as soon as possible.

 

Link: http://www.ibtimes.co.uk/us-911-emergency-phone-system-vulnerable-ddos-attacks-say-researchers-1580674