Archive for November 2011

Hackers Leak Facebook Law Enforcement Data Access Guidelines

A group of hackers claiming to represent Anonymous’s Antisec movement hijacked two Gmail accounts belonging to a retired California Department of Justice cybercrimes investigator, now a private investigator, and on November 18 published 38,000 private emails and identifying contact information online.

Among the data published by the hackers in a torrent file were two versions of what appears to be Facebook’s guidelines for law enforcement agencies, according to Public Intelligence, a collaborative research website dedicated to the freedom of information.

Specifically, the documents include instructions on how different law enforcement agencies should submit subpoenas and requests for user data from the world’s largest social network.

Sources close to Facebook told TPM that the newly revealed guideline documents are “outdated,” and that an updated set of law enforcement guidelines is scheduled be made publicly available to all users on Facebook’s Help Center late Wednesday.

The Obama Administration was this year supposed to submit to lawmakers a bill that would allow federal law enforcement agencies the ability to use “back doors” to observe all online communications under wiretap orders, even encrypted communications, according to a New York Times report in October 2010. That legislation has yet to be introduced.

From TPM IdeaLab @: http://idealab.talkingpointsmemo.com/2011/11/hackers-leak-facebook-law-enforcement-guidelines-1.php?ref=fpnewsfeed

Researcher uncovers cyber attack on Illinois water system

Federal investigators are looking into a report that hackers managed to remotely shut down a utility’s water pump in central Illinois last week, in what could be the first known foreign cyber attack on a U.S. industrial system.

The Nov. 8 incident was described in a one-page report from the Illinois Statewide Terrorism and Intelligence Center, according to Joe Weiss, a prominent expert on protecting infrastructure from cyber attacks.

The attackers obtained access to the network of a water utility in a rural community west of the state capital Springfield with credentials stolen from a company that makes software used to control industrial systems, according to the account obtained by Weiss. It did not explain the motive of the attackers.

In 2007, researchers at the U.S. government’s Idaho National Laboratories identified a vulnerability in the electric grid, demonstrating how much damage a cyber attack could inflict on a large diesel generator. (To see video that was leaked to CNN: here)

Lani Kass, who retired in September as senior policy adviser to the chairman of the U.S. Joint Chiefs of Staff, said the United States should take the possibility of a cyber attack seriously.

“The going in hypothesis is always that it’s just an incident or coincidence. And if every incident is seen in isolation, it’s hard — if not impossible — to discern a pattern or connect the dots,” Kass told Reuters.

“Failure to connect the dots led us to be surprised on 9/11,” she said, describing the Sept. 11, 2001 hijacking attacks as a prime example in which authorities dismissed indicators of an impending disaster and were caught unaware.

From Reuters: http://www.reuters.com/article/2011/11/19/cybersecurity-attack-idUSN1E7AH1QU20111119

Picture from kiwicommoms.com