Book Read Free

Future Crimes

Page 63

by Marc Goodman


  27 The sixty-five-meter: “Researchers Show How a Major GPS Flaw Could Allow Terrorists and Hackers to Hijack Commercial Ships and Planes,” Mail Online, July 27, 2013; Aviva Hope Rutkin, “ ‘Spoofers’ Use Fake GPS Signals to Knock a Yacht Off Course,” MIT Technology Review, Aug. 14, 2013.

  28 The pair were working: Sandra Zaragoza, “Spoofing Superyacht at Sea,” Know, July 31, 2013.

  29 In early 2014: Kelsey D. Atherton, “Israeli Students Spoof Waze App with Fake Traffic Jam,” Popular Science, March 31, 2014.

  30 In what investigators: Nathan Hodge and Adam Entous, “Oil Firms Hit by Hackers from China, Report Says,” Wall Street Journal, Feb. 10, 2011.

  31 “they inadvertently downloaded code”: Nicole Perlroth, “Hackers Lurking in Vents and Soda Machines,” New York Times, April 7, 2014.

  32 “allegations about Chinese hacking”: Hodge and Entous, “Oil Firms Hit by Hackers from China.”

  33 In 2013, hackers: Lee Moran, “Montana Residents Flip Out When Emergency Alert System Tells Them the Zombie Apocalypse Is Happening—Like Right Friggin Now,” New York Daily News, Feb. 12, 2013.

  34 “traffic jerked to a standstill”: “Russian Hackers Jam Automobile Traffic with Porn,” Fox News, Technology, January 15, 2010; “Russian Jailed for Six Years for Hacking into Advertising Server and Making Electronic Billboard Show Porn to Motorists,” Mail Online, March 24, 2011.

  35 The sign stood: Sevil Omer, “Racial Slur on Mich. Road Sign Targets Trayvon Martin,” NBC News, April 9, 2012.

  36 Even in 2014: Serge Malenkovich, “Hacking the Airport Security Scanner,” Kaspersky Lab. March 14, 2014,

  37 Even if a hacker: “Hacked X-Rays Could Make TSA Scanners Useless,” video, Wall Street Journal, Feb. 12, 2014.

  38 Shockingly, using a common hacker tactic: Kim Zetter, “Hacked X-Rays Could Slip Guns Past Airport Security,” Wired, Feb. 11, 2014.

  39 “Hackers have hobbled”: U.S. Department of Transportation, “Review of Web Applications Security and Intrusion Detection in Air Traffic Control Systems,” Project ID: FI-2009-049, May 4, 2009.

  40 The inspector general: Siobhan Gorman, “FAA’s Air-Traffic Networks Breached by Hackers,” Wall Street Journal, May 7, 2009.

  41 Moreover, a security audit: Thomas Claburn, “Air Traffic Control System Repeatedly Hacked,” Dark Reading, May 7, 2009.

  42 “will be highly automated”: Steve Henn, “Could the New Air Traffic Control System Be Hacked?,” NPR.​org, Aug. 14, 2012.

  43 “could have disastrous”: Donald McCallie, Jonathan Butts, and Robert Mills, “Security Analysis of the ADS-B Implementation in the Next Generation Air Transportation System,” International Journal of Critical Infrastructure Protection 4, no. 2 (Aug. 2011): 78–87, doi:10.​1016/​j.​ijcip.​2011.​06.​001.

  44 While rigging elections: “The World of 100% Election Victories,” BBC News, March 11, 2014.

  45 Not only could they change any votes: “Hacking the Vote: Internet Systems Remain Unsecure,” CNN, Nov. 5, 2012.

  46 Interestingly, while roaming around: Andrew Tarantola, “Hacked DC School Board E-voting Elects Bender President,” Gizmodo, March 2, 2012.

  47 “influence, disrupt”: Walter L. Sharp, “Electronic Warfare,” Joint Publication 3–13.1, Jan. 25, 2007.

  48 In the battle: Adam Martin, “Reuters Blogs Hacked with Fake Story About Syrian Rebel Retreat,” Wire, Aug. 3, 2012.

  49 Operation Orchard: Erich Follath and Holger Stark, “The Story of ‘Operation Orchard’: How Israel Destroyed Syria’s Al Kibar Nuclear Reactor,” Spiegel Online, Feb. 11, 2009; David E. Sanger and Mark Mazzetti, “Israel Struck Syrian Nuclear Project, Analysts Say,” New York Times, Oct. 14, 2007.

  50 Though enemy jets: Lewis Page, “Israeli Sky-Hack Switched off Syrian Radars Countrywide,” Register, Nov. 22, 2007.

  51 As it turned out: Yuval Goren, “IDF Reserve Troops Receive Fictitious Calls for Duty in Gaza,” Haaretz.​com, Jan. 8, 2009.

  52 Both Israel and Hamas: Balousha Hazem, “Text Messages and Phone Calls Add Psychological Aspect to Warfare in Gaza,” Guardian, Jan. 2, 2009.

  53 “extremist ideology”: Nick Fielding and Ian Cobain, “Revealed: US Spy Operation That Manipulates Social Media,” Guardian, March 17, 2011.

  54 “up to 50 US-based controllers”: Ibid.

  55 “as a psychological warfare weapon”: Ibid.

  56 According to Freedom House: Freedom on the Net 2013, FreedomHouse.​org, Oct. 3, 2013.

  57 Each Internet operator: Sergey Chernov, “Internet Troll Operation Uncovered in St. Petersburg,” St. Petersburg Times, Sept. 18, 2013. 164 Russia’s president: Paul Roderick Gregory, “Inside Putin’s Campaign of Social Media Trolling and Faked Ukrainian Crimes,” Forbes, May 11, 2014.

  58 “Orders of Service”: Chris Elliott, “The Readers’ Editor on … Pro-Russia Trolling Below the Line on Ukraine Stories,” Guardian, May 4, 2014; Alec Luhn, “Pro-Kremlin Journalists Secretly Given Awards by Putin,” Irish Times, May 9, 2014.

  59 According to the Beijing News: Katie Hunt and Cy Xu, “China ‘Employs 2 Million to Police Internet,’ ” CNN, Oct. 7, 2013.

  60 These commentators are paid: Steven Millward, “China Plans Weibo Propaganda Blitz Using 2 Million Paid Commenters,” Tech in Asia, Jan. 18, 2013.

  61 “positive energy”: John Kennedy, “Beijing Orders Its 2.06 Million ‘Propaganda Workers’ to Get Microblogging,” South China Morning Post, Jan. 18, 2013.

  62 These workers also received training: Benjamin Carlson, “Party Trolls: Meet China’s Answer to the Internet,” Global Post, Jan. 28, 2013.

  63 Instagram, Pinterest: LWG Consulting, “Sites Affected by the Heartbleed Bug,” April 4, 2014.

  64 Moreover, 150 million apps: Arik Hesseldahl, “Heartbleed Flaw Lurks in Android Apps Downloaded by Millions,” Re/code, April 23, 2014.

  65 Even a full month: Mark Prigg, “Over 300,000 Web Sites STILL at Risk from Heartbleed Bug,” Mail Online, May 9, 2014.

  66 Of course attackers: Michael Riley, “NSA Said to Exploit Heartbleed Bug for Intelligence for Years,” Bloomberg, April 11, 2014.

  67 Criminals also took part: Hiawatha Bray, “Heartbleed Hoodlums Try to Cash in on Internet Security Bug,” Boston Globe, April 18, 2014; Mark Clayton, “ ‘Heartbleed’ Mystery: Did Criminals Take Advantage of Cyber-Security Bug?,” Christian Science Monitor, April 9, 2014.

  Chapter 10: Crime, Inc.

  1 Welcome to the world: Numerous research sources provided details on the inner workings of Innovative Marketing. The majority of the details were reported and uncovered by Dirk Kollberg, a researcher for McAfee in Hamburg, Germany, who spent months studying the organization. Additional data points were listed in David Talbot, “The Perfect Scam,” MIT Technology Review, June 21, 2011; Jim Finkle, “Inside a Global Cybercrime Ring,” Reuters, March 24, 2010; Federal Trade Commission, “Innovative Marketing, Inc., et al.,” Feb. 28, 2014; Toralv Dirro, “Malicious World,” McAfee Labs; Interpol, “Sundin, Bjorn Daniel”; United States of America v. Bjorn Daniel Sundin, Shaileshkumar P. Jain, a.k.a. “Sam Jain,” and James Reno, Northern District of Illinois Eastern Division, March 2010; Misha Glenny, “Cybercrime: Is It Out of Control?,” Guardian, Sept. 21, 2011; Misha Glenny, “Inside the World of Cybercrime, EIBF 2012, Review,” EdinburghGuide.​com, Aug. 20, 2012; Felix Richter, “Twitter’s Ad Revenue Tipped to Double This Year,” Statista, Sept. 13, 2012; David Talbot, “The Perfect Scam,” Technology Review, June 21, 2011.

  2 Crime is big business: United Nations Office on Drugs and Crimes, “Estimating Illicit Financial Flows Resulting from Drug Trafficking and Other Transnational Organized Crimes,” Oct. 2011, 7.

  3 In total: Misha Glenny, McMafia: A Journey Through the Global Criminal Underworld (New York: Vintage Books, 2009), 12.

  4 Capos, dons: Allison Davis, Patrick Di Justo, and Adam Rogers, “Crime, Organized,” Wired, Feb. 2011, 78; General OneFile, Web, May 22, 2014.

  5 Hacking is no longer ruled: “Organised Crime
in the Digital Age,” a joint study of Detica/BAE Systems and the John Grieve Centre for Policing at London Metropolitan University, March 2012.

  6 According to a 2014 study: Lillian Ablon, Martin C. Libicki, and Andrea A. Golay, “Markets for Cybercrime Tools and Stolen Data,” Rand Corporation, 4.

  7 Several executives were kidnapped: Byron Acohido, “How Kidnappers, Assassins Utilize Smartphones, Google, and Facebook,” USAToday.​com, Feb. 18, 2011.

  8 Sensing a market need: “Woman ‘Ran Text-a-Getaway’ Service,” BBC News, July 16, 2013.

  9 In San Francisco: This was based on the author’s personal observations, and I have a photograph of the incident.

  10 “It’s more discreet”: Dana Sauchelli and Bruce Golding, “Hookers Turning Airbnb Apartments into Brothels,” New York Post, April 14, 2014.

  11 While organized crime groups: The information on the organization of modern cybercrime organizations came from a variety of sources, including personal experience and investigation, consultation with senior law enforcement officials working in the field of cyber crime, and online resources such as “Cybercriminals Today Mirror Legitimate Business Processes,” Fortinet 2013 Cybercrime Report; Trend Micro Threat Research, “A Cybercrime Hub,” Aug. 2009; Information Warfare Monitor and Shadowserver Foundation, Shadows in the Cloud, Joint Report, April 6, 2010; Patrick Thibodeau, “FBI Lists Top 10 Posts in Cybercriminal Operations,” Computerworld, March 23, 2010; Roderic Broadhurst et al., “Organizations and Cybercrime,” International Journal of Cyber Criminology, Oct. 11, 2013.

  12 Active criminal affiliates: Dmitry Samosseiko, “The Partnerka” (paper presented at Virus Bulletin Conference, Sept. 2009); “The Business of Cybercrime,” Trend Micro White Paper, Jan. 2010.

  13 In other words: Cisco, Cisco 2010 Annual Security Report, 9.

  14 Actors in these online crime swarms: Broadhurst et al., “Organizations and Cybercrime.”

  15 As noted previously: Dunn, “Global Cybercrime Dominated by 50 Core Groups.”

  16 Some Crime, Inc. organizations: See Brian Krebs, “ ‘Citadel’ Trojan Touts Trouble-Ticket System,” Krebs on Security, Jan. 23, 2012.

  17 One group of cyber thieves: Bob Sullivan, “160 Million Credit Cards Later, ‘Cutting Edge’ Hacking Ring Cracked,” NBC News, July 25, 2013; “Team of International Criminals Charged with Multi-million Dollar Hacking Ring,” NBC News, July 25, 2013.

  18 Some digital criminal marketplaces: Thomas Holt, “Exploring the Social Organisation and Structure of Stolen Data Markets,” Global Crime 14, nos. 2–3 (2013); Thomas Holt, “Honor Among (Credit Card) Thieves?,” Michigan State University Today, April 22, 2013.

  19 These individuals: Ablon, Libicki, and Golay, “Markets for Cybercrime Tools and Stolen Data,” 17.

  20 These honest, but criminal, brokers: Gregory J. Millman, “Cybercriminals Work in a Sophisticated Market Structure,” Wall Street Journal, June 27, 2013.

  21 Using the data: Kevin Poulsen, “Superhacker Max Butler Pleads Guilty,” Wired, June 29, 2009.

  22 In fact, a study: Donald T. Hutcherson, “Crime Pays: The Connection Between Time in Prison and Future Criminal Earnings,” Prison Journal 92, no. 3 (Sept. 2012): 315–35; Shankar Vedantam, “When Crime Pays: Prison Can Teach Some to Be Better Criminals,” NPR, Feb. 1, 2013.

  23 Such was the case: Ian Gallagher, “Public Schoolboy Hacker Who Masterminded £15M Fraud Is Put in Jail’s IT Class … and Hacks the Prison’s Computer System,” Mail Online, March 2, 2013.

  24 At the San Quentin maximum-security prison: Reuters, “San Quentin Prison Becomes an Incubator for Startups,” Huffington Post, Feb. 25, 2013.

  25 Time and time again: Russell Eisenman, “Creativity and Crime: How Criminals Use Creativity to Succeed,” in The Dark Side of Creativity, ed. David H. Cropley et al. (New York: Cambridge University Press, 2010).

  26 Modern criminals are innovating: John Leyden, “Malware Devs Embrace Open-Source,” Register, Feb. 10, 2012 .

  27 To drive sales: Ablon, Libicki, and Golay, “Markets for Cybercrime Tools and Stolen Data,” 11.

  28 Organized cyber criminals: Chris Anderson, The Long Tail: Why the Future of Business Is Selling Less of More, rev. ed. (New York: Hyperion, 2008); Goodman, “What Business Can Learn from Organized Crime.”

  29 RankMyHack.​com awards points: Riva Richmond, “Web Site Ranks Hacks and Bestows Bragging Rights,” New York Times, Aug. 21, 2011.

  30 In Montenegro: Jim Finkle, “Inside a Global Cybercrime Ring,” Reuters, March 24, 2010.

  31 In early 2014: Paul Peachey, “Cybercrime Boss Offers a Ferrari for Hacker Who Dreams Up the Biggest Scam,” Independent, May 11, 2014.

  32 The concept of crowdsourcing: Jeff Howe, “The Rise of Crowdsourcing,” Wired, June 2006.

  33 While hundreds of examples: Marc Goodman, “The Rise of Crime-Sourcing,” Forbes, Oct. 3, 2011.

  34 YouTube is replete: Ibid.

  35 In Washington, D.C.: Elizabeth Fiedler, “Retailers Fight ‘Flash Robs,’ ” NPR.​org, Nov. 25, 2011; Annie Vaughan, “Teenage Flash Mob Robberies on the Rise,” FoxNews.com, June 18, 2011.

  36 In the United States: Chris Foresman, “Senator to Apple, Google: Why Are DUI Checkpoint Apps Still Available?,” Ars Technica, May 20, 2011; “Want to Avoid a Speed Trap or a DUI Checkpoint? There’s an App for That,” Mail Online, March 21, 2011.

  37 When the 2011 London riots: Patrick Kingsley, “Inside the Anti-kettling HQ,” Guardian, Feb. 2, 2011.

  38 At the height: “LulzSec Opens Hack Request Line,” BBC, June 15, 2011.

  39 The group established: “LulzSec Hackers Sets Up Hotline for Attacks,” Reuters, June 15, 2011.

  40 As a result: Brian Krebs, “Wash. Hospital Hit by $1.03 Million Cyberheist,” Krebs on Security, April 30, 2013.

  41 Simple, they were properly incentivized: Mathew J. Schwartz, “Hackers Offer Free Porn to Beat Security Checks,” Dark Reading, June 20, 2012.

  42 The guard was disabled: Caroline McCarthy, “Bank Robber Hires Decoys on Craigslist, Fools Cop,” CNET, Oct. 3, 2008.

  43 Soon half a dozen police cars: David Pescovitz, “Bank Robber Uses Craigslist to Hire Unsuspecting Accomplices,” Boing Boing, Oct. 1, 2008; “Armored Truck Robber Uses Craigslist to Make Getaway,” King5.​com, Sept. 21, 2009.

  44 The most popular of these sites: Kickstarter, “Stats,” accessed on May 25, 2014, https:/​/​www.​kickstarter.​com/​help/​stats, indicating Kickstarter had raised $1,131,653 since launching.

  45 Criminals are of course happy: Jason Del Rey, “Kickstarter Says It Was Hacked (Updated),” Re/code, Feb. 15, 2014.

  46 The answer was: “Apple Fingerprint ID ‘Hacked,’ ” BBC News, Sept. 23, 2013.

  47 Using elements of both: John Bowman, “iPhone 5S Fingerprint Hacking Contest Offers $20K Bounty,” Your Community (blog), CBC News, Sept. 20, 2013.

  48 Finally, white wood glue: Frank, “Chaos Computer Club Breaks Apple TouchID,” Chaos Computer Club, Sept. 21, 2013.

  49 Donations have been made: Andy Greenberg, “Meet the ‘Assassination Market’ Creator Who’s Crowdfunding Murder with Bitcoins,” Forbes, Nov. 18, 2013.

  50 As a result, the master criminal-hackers: Marc Santora, “In Hours, Thieves Took $45 Million in A.T.M. Scheme,” New York Times, May 9, 2013.

  Chapter 11: Inside the Digital Underground

  1 DPR was the mastermind: Ken Klippenstein, “Dread Pirate Roberts 2.0: An Interview with Silk Road’s New Boss,” Ars Technica, Feb. 5, 2014.

  2 Clicking on any particular link: Patrick Howell O’Neill, “The Rise and Fall of Silk Road’s Heroin Kingpin,” The Daily Dot, Oct. 9, 2013.

  3 In the meantime: David Segal, “Eagle Scout. Idealist. Drug Trafficker?,” New York Times, Jan. 18, 2014; Kevin Goodman, “The Dark Net,” Huffington Post, Oct. 16, 2013; Adrian Chen, “The Underground Website Where You Can Buy Any Drug Imaginable,” Gawker, June 1, 2011; Stuart Pfeifer, Shan Li, and Walter Hamilton, “End of Silk Road for Drug Users as FBI Shuts Down Websit
e,” Los Angeles Times, Oct. 2, 2013; Gerry Smith, “Alleged Silk Road Founder Put Out Hit on 6 Enemies, Prosecutors Say,” Huffington Post, Nov. 22, 2013; Kim Zetter, “Feds Arrest Alleged ‘Dread Pirate Roberts,’ the Brain Behind the Silk Road Drug Site,” Wired, Oct. 2, 2013.

  4 That journey begins: For further information on Tor, visit the Tor Project at https:/​/​www.​torproject.​org/.

  5 While precise numbers: Alex Biryukov, Ivan Pustogarov, and Ralf-Philipp Weinmann, “Content and Popularity Analysis of Tor Hidden Services,” University of Luxembourg.

  6 As of early 2014: Geoffrey A. Fowler, “Tor: An Anonymous, and Controversial, Way to Web-Surf,” Wall Street Journal, Dec. 18, 2012.

  7 A number of reports: Raphael Cohen-Almagor, “In Internet’s Way,” International Journal of Cyber Warfare and Terrorism 2, no. 3 (July–Sept. 2012): 39–58.

  8 After the former NSA contractor: Kimberly Dozier, “Virtually Every Terrorist Group in the World Shifting Tactics in Wake of NSA Leaks: U.S. Officials,” National Post, June 26, 2013.

  9 Organizations such as: “Al Qaeda, Terrorists Changing Communication Methods After NSA Leaks, US Officials Say,” Fox News, June 26, 2013; http://​www.​youtube.​com/​watch?v=D8Mgpm1PgF4.

  10 Shockingly, the Deep Web: Michael K. Bergman, “White Paper: The Deep Web: Surfacing Hidden Value,” Journal of Electronic Publishing 7, no. 1 (Aug. 2001).

  11 According to a study: Steve Lawrence and C. Lee Giles, “Accessibility of Information on the Web,” Nature, July 8, 1999, 107, doi:​10.​1038/​21987.

  12 As a result, when you search Google: Bergman, “White Paper.”

  13 In other words: Jose Pagliery, “The Deep Web You Don’t Know About,” CNNMoney, March 10, 2014.

  14 Though you may catch: “Google Search vs. Deep Web Harvesting,” BrightPlanet, July 31, 2013.

  15 Whereas Silk Road: Andy Greenberg, “Inside the ‘DarkMarket’ Prototype, a Silk Road the FBI Can Never Seize,” Wired, April 24, 2014. 202 To that end, in mid-2014: Kim Zetter, “New ‘Google’ for the Dark Web Makes Buying Dope and Guns Easy,” Wired, April 17, 2014.

 

‹ Prev