Welcome!

Blog Feed Post

What the LulzSec Bust Says About Cyber Criminal Investigations

In a recent high-profile bust, the FBI arrested five alleged leaders of the collective Anonymous and related hacking group LulzSec. Understandably, the majority of law enforcement, white hats, and journalists rejoiced at the FBI’s newfound cyber prowess. After months of embarrassment through denial of service attacks, major data leaks, and website defacements, it looked as though law enforcement and the federal government had finally won against the rising menace of cybercrime, alleged by FBI Director Robert Mueller to soon surpass terrorism as a national security concern. They had bested Sabu, the leader of LulzSec, so thoroughly that he joined their side and helped bring down the most dangerous men in cyberspace. Headlines declared that lawmen had finally brought order to the Wild Wild Web. Yet while I applaud what the FBI achieved  an adept operation, LulzSec wasn’t taken down by digital whiz kids, and certainly not by cybersecurity practitioners employed by the Bureau, but by old fashioned investigations and human intelligence.

The key to the entire bust was Hector Xavier Monsegur, better known under the hacking alias Sabu. Outside of data dump repository and hacker hangout Pasebin, Sabu first briefly entered the spotlight when he was arrested as the alleged leader of LulzSec in July. The cybersecurity crowd reacted with highly cautious excitement. Many did not believe that the FBI had managed to apprehend the real leader, LulzSec denied the news, and Anonymous gave their standard “we are legion” and “you can’t arrest an idea” responses to setbacks. Then, suddenly, there was nothing from either camp until Sabu reemerged several months later. Given the severity of the charges against him, this seemed to confirm that the FBI had been mistaken or exaggerated his importance.

In reality, Sabu actually was the major hacker that the FBI alleged. While LulzSec’s attacks were often basic, such as SQL injections and distributed denial of service and opponents have accused Anonymous of being “script kiddies” running premade attacks, Sabu’s skills were respected worldwide. He was recognized as the elite hacker of the group and had been hacking since 1999. This level of “street cred” proved invaluable for the FBI after he turned informant.

Sabu’s initial arrest, by a pair of FBI agents with bullet proof vests instead of laptops, had more to do with old fashioned sleuthing than hacking. Sabu was famous, but  also famously obnoxious. That, combined with the illegality and questionable morality of many of LilzSec’s attacks, earned him numerous enemies in the hacking community. Hackers like The Jester would post possible leads online, complete with evidence for the FBI to examine. While generating this information took some forensics skill, all the FBI had to do was develop sources like in any intelligence operation or investigation. If anything, collecting evidence against Monsegur was even simpler as it didn’t take a forensics lab to make sense of the clues, which were posted for everyone to see. Once the FBI had a lead, it was just a question of manpower and diligence. Monsegur eventually slipped and logged into a chat room without obscuring his IP address, allowing the FBI to find him.

The rest of the operation proved even more conventional. The FBI turned Monsegur into an informant not with computers but with simple leverage. A laundry list of charges meant that Monsegur could be imprisoned for over a century, and he was the guardian of two young children whom he gained custody over while their mother, his aunt, was in prison. If he went away, there would be nobody to raise them. After some good cop, bad cop, Monsegur began cooperating within the first 24 hours.

Monsegur was describes an ideal informant, working consistent 8-16 hour days for the FBI, gathering incriminating information from the hackers who looked up to him in chat rooms. He would even investigate attacks to tip law enforcement off before they took place to prevent or minimize the damage, and once used his influence to call off an embarrassing attack on the CIA. So that nobody knew who he was working for, he would give misleading online interviews to journalists while monitored by the FBI or, in some cases, the FBI would give the interviews in his name.

In the aftermath, the government gained what looked like a stunning victory over an elusive foe and a boost to its cyber credentials when in reality, the operation that beheaded LulzSec had more in common with turning Sammy the Bull against the Gotti family than a duel in cyberspace. The FBI still can’t compete with hackers at what they do best. The feds remain grossly outnumbered and, despite marked improvements in this area, lacking in talent. The FBI struggles to recruit truly skilled hackers, even white hats, because they don’t match the squeaky-clean applicant profile, have little love for law enforcement, and would be more valued in the private sector or black market. Still, that doesn’t mean that law enforcement can’t win. As we saw when Anonymous considered challenging the cartels, cyber eventually gets real, and nobody actually lives in cyberspace. The FBI’s LulzSec busts are an example of how it can successfully target hackers doing what it does best, proving the effectiveness of human intelligence operations even against cybercrime.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

Latest Stories
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. MangoApps provides modern company intranets and team collaboration software, allowing workers to stay connected and productive from anywhere in the world and from any device. For more information, please visit https://www.mangoapps.com/.
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, wh...
Enterprise networks are complex. Moreover, they were designed and deployed to meet a specific set of business requirements at a specific point in time. But, the adoption of cloud services, new business applications and intensifying security policies, among other factors, require IT organizations to continuously deploy configuration changes. Therefore, enterprises are looking for better ways to automate the management of their networks while still leveraging existing capabilities, optimizing perf...
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discuss how businesses can gain an edge over competitors by empowering consumers to take control through IoT. We'll cite examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He'll also highlight how IoT can revitalize and restore outdated business models, making them profitable...
SYS-CON Events announced today that ContentMX, the marketing technology and services company with a singular mission to increase engagement and drive more conversations for enterprise, channel and SMB technology marketers, has been named “Sponsor & Exhibitor Lounge Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York City, New York. “CloudExpo is a great opportunity to start a conversation with new prospects, but what happens after the...
Many banks and financial institutions are experimenting with containers in development environments, but when will they move into production? Containers are seen as the key to achieving the ultimate in information technology flexibility and agility. Containers work on both public and private clouds, and make it easy to build and deploy applications. The challenge for regulated industries is the cost and complexity of container security compliance. VM security compliance is already challenging, ...
The pace of innovation, vendor lock-in, production sustainability, cost-effectiveness, and managing risk… In his session at 18th Cloud Expo, Dan Choquette, Founder of RackN, will discuss how CIOs are challenged finding the balance of finding the right tools, technology and operational model that serves the business the best. He will discuss how clouds, open source software and infrastructure solutions have benefits but also drawbacks and how workload and operational portability between vendors...
The essence of data analysis involves setting up data pipelines that consist of several operations that are chained together – starting from data collection, data quality checks, data integration, data analysis and data visualization (including the setting up of interaction paths in that visualization). In our opinion, the challenges stem from the technology diversity at each stage of the data pipeline as well as the lack of process around the analysis.
As machines are increasingly connected to the internet, it’s becoming easier to discover the numerous ways Industrial IoT (IIoT) is helping to shape the business world. This is exactly why we have decided to take a closer look at this pervasive movement and to examine the desire to connect more things! Now if you need a refresher on IIoT and how it is changing the world, take a moment and listen to Greg Gorbach with ARC Advisory Group. Gorbach believes, "IIoT will significantly change the worl...
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit y...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo New York Call for Papers is now open.
Designing IoT applications is complex, but deploying them in a scalable fashion is even more complex. A scalable, API first IaaS cloud is a good start, but in order to understand the various components specific to deploying IoT applications, one needs to understand the architecture of these applications and figure out how to scale these components independently. In his session at @ThingsExpo, Nara Rajagopalan is CEO of Accelerite, will discuss the fundamental architecture of IoT applications, ...
In his session at 18th Cloud Expo, Bruce Swann, Senior Product Marketing Manager at Adobe, will discuss how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects). Bruce Swann has more than 15 years of experience working with digital marketing disciplines like web analytics, social med...
SYS-CON Events announced today that Enzu, a leading provider of cloud hosting solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to foc...
Customer experience has become a competitive differentiator for companies, and it’s imperative that brands seamlessly connect the customer journey across all platforms. With the continued explosion of IoT, join us for a look at how to build a winning digital foundation in the connected era – today and in the future. In his session at @ThingsExpo, Chris Nguyen, Group Product Marketing Manager at Adobe, will discuss how to successfully leverage mobile, rapidly deploy content, capture real-time d...