Welcome!

Blog Feed Post

What the LulzSec Bust Says About Cyber Criminal Investigations

In a recent high-profile bust, the FBI arrested five alleged leaders of the collective Anonymous and related hacking group LulzSec. Understandably, the majority of law enforcement, white hats, and journalists rejoiced at the FBI’s newfound cyber prowess. After months of embarrassment through denial of service attacks, major data leaks, and website defacements, it looked as though law enforcement and the federal government had finally won against the rising menace of cybercrime, alleged by FBI Director Robert Mueller to soon surpass terrorism as a national security concern. They had bested Sabu, the leader of LulzSec, so thoroughly that he joined their side and helped bring down the most dangerous men in cyberspace. Headlines declared that lawmen had finally brought order to the Wild Wild Web. Yet while I applaud what the FBI achieved  an adept operation, LulzSec wasn’t taken down by digital whiz kids, and certainly not by cybersecurity practitioners employed by the Bureau, but by old fashioned investigations and human intelligence.

The key to the entire bust was Hector Xavier Monsegur, better known under the hacking alias Sabu. Outside of data dump repository and hacker hangout Pasebin, Sabu first briefly entered the spotlight when he was arrested as the alleged leader of LulzSec in July. The cybersecurity crowd reacted with highly cautious excitement. Many did not believe that the FBI had managed to apprehend the real leader, LulzSec denied the news, and Anonymous gave their standard “we are legion” and “you can’t arrest an idea” responses to setbacks. Then, suddenly, there was nothing from either camp until Sabu reemerged several months later. Given the severity of the charges against him, this seemed to confirm that the FBI had been mistaken or exaggerated his importance.

In reality, Sabu actually was the major hacker that the FBI alleged. While LulzSec’s attacks were often basic, such as SQL injections and distributed denial of service and opponents have accused Anonymous of being “script kiddies” running premade attacks, Sabu’s skills were respected worldwide. He was recognized as the elite hacker of the group and had been hacking since 1999. This level of “street cred” proved invaluable for the FBI after he turned informant.

Sabu’s initial arrest, by a pair of FBI agents with bullet proof vests instead of laptops, had more to do with old fashioned sleuthing than hacking. Sabu was famous, but  also famously obnoxious. That, combined with the illegality and questionable morality of many of LilzSec’s attacks, earned him numerous enemies in the hacking community. Hackers like The Jester would post possible leads online, complete with evidence for the FBI to examine. While generating this information took some forensics skill, all the FBI had to do was develop sources like in any intelligence operation or investigation. If anything, collecting evidence against Monsegur was even simpler as it didn’t take a forensics lab to make sense of the clues, which were posted for everyone to see. Once the FBI had a lead, it was just a question of manpower and diligence. Monsegur eventually slipped and logged into a chat room without obscuring his IP address, allowing the FBI to find him.

The rest of the operation proved even more conventional. The FBI turned Monsegur into an informant not with computers but with simple leverage. A laundry list of charges meant that Monsegur could be imprisoned for over a century, and he was the guardian of two young children whom he gained custody over while their mother, his aunt, was in prison. If he went away, there would be nobody to raise them. After some good cop, bad cop, Monsegur began cooperating within the first 24 hours.

Monsegur was describes an ideal informant, working consistent 8-16 hour days for the FBI, gathering incriminating information from the hackers who looked up to him in chat rooms. He would even investigate attacks to tip law enforcement off before they took place to prevent or minimize the damage, and once used his influence to call off an embarrassing attack on the CIA. So that nobody knew who he was working for, he would give misleading online interviews to journalists while monitored by the FBI or, in some cases, the FBI would give the interviews in his name.

In the aftermath, the government gained what looked like a stunning victory over an elusive foe and a boost to its cyber credentials when in reality, the operation that beheaded LulzSec had more in common with turning Sammy the Bull against the Gotti family than a duel in cyberspace. The FBI still can’t compete with hackers at what they do best. The feds remain grossly outnumbered and, despite marked improvements in this area, lacking in talent. The FBI struggles to recruit truly skilled hackers, even white hats, because they don’t match the squeaky-clean applicant profile, have little love for law enforcement, and would be more valued in the private sector or black market. Still, that doesn’t mean that law enforcement can’t win. As we saw when Anonymous considered challenging the cartels, cyber eventually gets real, and nobody actually lives in cyberspace. The FBI’s LulzSec busts are an example of how it can successfully target hackers doing what it does best, proving the effectiveness of human intelligence operations even against cybercrime.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

Latest Stories
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lead...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...
"MathFreeOn.com is a line coding platform for engineers and scientists. When they want to solve an engineering problem and they have to use software - they have to pay a lot of money for licenses - but with MathFreeOn you don't have to pay a lot of money. Just go to our site and write the code and you can check the result right away," explained Simon Lee, CMO of MathFreeOn, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Cla...
In his session at 19th Cloud Expo, Claude Remillard, Principal Program Manager in Developer Division at Microsoft, contrasted how his team used config as code and immutable patterns for continuous delivery of microservices and apps to the cloud. He showed how the immutable patterns helps developers do away with most of the complexity of config as code-enabling scenarios such as rollback, zero downtime upgrades with far greater simplicity. He also demoed building immutable pipelines in the cloud ...
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
In his session at Cloud Expo, Robert Cohen, an economist and senior fellow at the Economic Strategy Institute, provideed economic scenarios that describe how the rapid adoption of software-defined everything including cloud services, SDDC and open networking will change GDP, industry growth, productivity and jobs. This session also included a drill down for several industries such as finance, social media, cloud service providers and pharmaceuticals.
"Dice has been around for the last 20 years. We have been helping tech professionals find new jobs and career opportunities," explained Manish Dixit, VP of Product and Engineering at Dice, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
"ReadyTalk is an audio and web video conferencing provider. We've really come to embrace WebRTC as the platform for our future of technology," explained Dan Cunningham, CTO of ReadyTalk, in this SYS-CON.tv interview at WebRTC Summit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
@DevOpsSummit taking place June 6-8, 2017 at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @DevOpsSummit at Cloud Expo New York Call for Papers is now open.
Infrastructure is widely available, but who’s managing inbound/outbound traffic? Data is created, stored, and managed online – who is protecting it and how? In his session at 19th Cloud Expo, Jaeson Yoo, SVP of Business Development at Penta Security Systems Inc., discussed how to keep any and all infrastructure clean, safe, and efficient by monitoring and filtering all malicious HTTP/HTTPS traffic at the OSI Layer 7. Stop attacks and web intruders before they can enter your network.
The many IoT deployments around the world are busy integrating smart devices and sensors into their enterprise IT infrastructures. Yet all of this technology – and there are an amazing number of choices – is of no use without the software to gather, communicate, and analyze the new data flows. Without software, there is no IT. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Dave McCarthy, Director of Products at Bsquare Corporation; Alan Williamson, Principal...