Death or GloryDiAmante AstilleroShannon BonaJohn LoCasio VSB 2006-008Marcelo Mazzocato December 6, 2011
A person who enjoys exploring High Tech of programmable the details Super Spy? systems andor to stretch how their capabilities, asTech Savvy Anti-Social opposed to most users, who Teen? prefer to learn only the minimum necessary.
ATTITUDE•Thrill SKILLS•“Moral Obligation” •Programming•Boredom •Write HTMLs•Freedom •Use and run a Unix PERSONAL PREFERENCES •Science Fiction •Meditation •Martial Arts
•Writing open-source software•Testing and debugging open-source software•Keeping the infrastructureworking
1932- PolishCryptologist Brokethe Enigma Machine -Enabled the allies to read substantial amounts of Morse Code Marian Rejewski -Dwight D. Eisenhower considered this hack “decisive” in the Allied victory in WWII Henryk Zygalski Jerzy Rozycki
1971- John T. Draper (Captain Crunch) hacks AT&T’s long distance calling system Used the toy whistle found in Cap n’ Crunch cereal to generate a 2600 hertz signal allowing him to make free long distance calls John T. Draper (Captain Crunch)
1983 - the group KILOBAUD is formed First Hacker group publically acknowledged Kick started the creation of various groups The 414’s Legion of Doom Masters ofNeal Patrick of The 414’s Deception
The late 80’s were plagued with many worms 1986- Congress passes the Computer Fraud and Abuse Act Arrest of Lloyd Blankenship aka “The Mentor” Author of The Hacker ManifestoLloyd Blankenship
Free Software vs. Open Source-The Freedom to… -The Freedom to… …run the program for any …redistribute copies for purpose your neighbors …study how it works, and …make changes change it to do what you -Also includes source want codes …redistribute copies for -Includes licenses your neighbor protecting the integrity …redistribute copies of the code’s author including your changes to your neighbor
June 2002- The Bush Administration files a bill to create The Department of Homeland Security Responsible for protecting the nations critical IT infrastructure
2011 April 17th: PlayStation network is hacked The Hacker Groups, Lulz Security and LulzRaft are formed September: Bangladesh hacker “Tiger- M@te” infiltrates 700,000 websites in one shot October 26th: Sesame street channel on YouTube was hacked for 22 minutes November 1st: Palestinian territory phone and internet networks are hacked
CLAIM TO FAME: KIIS-FM Radio Station ContestMOTIVE: Fun andCuriosity CriminalExploits andEspionageTARGETS: Radio Station,High Profile GovernmentSystems
EARLY LIFE: Consultant at the Pentagon White Hat by Day… Black Hat by NightCRIMES: -Win A Porsche by Friday Contest -Wiretapped Celebrities -Cracked Military Computer Discovered FBI investigation of former Philippines President Fernidad Marcos
Penalty: -4 year sentence -$56,000 restitution -Restricted from computer for 3 yearsFurtherThoughts… Is it worth it? More Likely than not, Poulsen wasn’t going to use the information he extracted from the FBI. Is personal satisfaction worth 4 years of one’s life?
“Well, its power at your fingertips. You can control all 1st JuvenileCLAIM TO FAME:computers from the sent to these prison for hacking government, from the military, from large corporations. And ifMOTIVE: Sense of Power doing, you you know what youre can travel through the internet at your will, with no restrictions.TARGET: -US Department powerDefense Thats power; its a of trip” -School Systems -NASA
Implications: -US Security Breach -NASA forced to shut “I certainly learned that theres a down computers serious lack of computer security. If theres a will, theres a way, and if a $40,000 in damages computer enthusiast such as myself was determined to get into anywhere, be itCRIMES: -$1.7 Microsoft, its been from the Pentagon or million stolen NASA demonstrated that its possible and they will do it. And theres intrusions to -Series of next to nothing they can do about it, because theres school systems people with skill out there, and theyll get what -Created a backdoor in they want.” DTRA Accessed sensitive emails, usernames and passwords
PENALTY: 6 months in Juvenile DetentionFURTHERTHOUGHTS… In a Post 9/11 world, would James receive the same sentencing?
Claim to Fame: Receivedlongest sentence forcyber crimeTARGETS:-ATMS -Credit Card holders IMPLICATIONS: Millions of victims globally PENALTY: Serving time until 2025
2004 – - Caught “Cashing Installed Operation 2003 Sentenced Moderator on 2011 – 2000’s – to Two Early – Arrested after 2008 Firewall: Tookto be an Informant Down “Shadow 2007 – & Under year terms Out” Ceased Surveillance Had Millions of Concurrent 20 shadowcrew.com being Crew” Credit Card Data2000 2003 2006 2009 2011 Meanwhile Prosecution, asked To Avoid Obtained over 40 million Credit Card Data to become an informant
“As a leader? Unparalleled. Unparalleled in his ability tocoordinate contacts and continents and expertise. Unparalleledin that he didn’t just get a hack done — he got a hack done, he got the exfiltration of the data done, he got the laundering of the funds done. He was a five-tool player.” –Seth Kosto, Assistant U.S. Attorney (New Jersey)FurtherThoughts…Gonzalez not only betrayed the FBI whogave him a job instead of jail time, butalso the Black Hat Community.However, hackers such as Jonathan Jamesstill were willing to collaborate withhim. What are your thoughts on therelationships in the Black Hat Community?
Kevin Poulsen Senior Editor of “Dark Dante” Wired Magazine CommittedJonathan James Suicide in 2008 “c0mrade”Albert Gonzalez
An Inner Look at the Authorities’ Responses “Tagging a damage amount or number of machines compromised to a single virus (let alone a single person) is very difficult. Data can be transmitted across the globe in a matter of seconds, and computers are infected with malware just as quickly. As a result, accurately counting the number of machines infected by a particular worm is impossible and can only be estimated.” -Nicholas Newman, National White Collar Crime CenterLOCAL CASES •BANK / ATM FRAUD •FICTIOUS EMPLOYEE •HOTEL / REWARDS
Other Notable Names…FRED COHEN 1st VirusROBERT T MORRIS 1st Worm (Internet Virus)SHAWN FANNING
Definition Open source software is software whose source code is published and made available to the public, enabling anyone to copy, modify and redistribute the source codeProblems with Open Source Code
Problem with stopping hacking Reputational Technology Symantec Firewalls Company Security Policies
Mobile Device Hacking Apple vs. Android Bio-hacking Advanced Malware Combined Technology HackingWhat direction do you see hacking goingin the future? Think about both the“Black Hat” and “White Hat” Communities.