Advertisement

Archive for Tuesday, August 9, 2011

Experts: Rural law enforcement offices easy target for savvy hackers

Websites of two Kansas offices among those attacked

August 9, 2011

Advertisement

An online attack against dozens of rural American law enforcement agencies in which emails, credit card numbers and crime tips were stolen and posted on the Internet has left some officials wondering how they can ward off future hacking attempts, if at all.

The attack by the hackers’ collective Anonymous on agencies in five states — Arkansas, Kansas, Louisiana, Missouri and Mississippi — was likely so broad in scope because many sites were hosted by the same company, Brooks-Jeffrey Marketing, of Mountain Home, Ark. But the theft exposed a “dirty little secret” about hacking — the best hackers can beat the tools meant to stop them and many potential victims don’t know it, said Anup Ghosh, the co-founder and CEO of the software security company Invincea.

“Everyone is getting compromised. You either know it or you don’t,” Ghosh said Monday.

Hackers have evolved

Most of the technology meant to prevent hacking was developed in the mid- to late-1990s, yet hackers have continued to develop their trade, Ghosh said.

“The guys writing the attack codes have evolved their technologies considerably,” he said.

What has changed is that “hacktivists” such as Anonymous want the world to know about their crimes, breaches that were once kept quiet or that went unnoticed by hacking targets are now being trumpeted.

“The hacktivists benefit by making public the fact that they’ve compromised those networks and they’re putting the data out there essentially to embarrass those organizations and cause harm,” Ghosh said.

After posting the stolen law enforcement data online Saturday, Anonymous members taunted local sheriffs on Twitter and the group’s website, saying they wanted to embarrass and discredit law enforcement after a series of arrests targeting alleged members of the group.

Much of the pilfered information appeared to be benign, but some emails contained crime tips, profiles of gang members and other sensitive information. The attacked websites appeared to be back up Monday, and the stolen information remained online elsewhere.

In Missouri, nine county sheriffs and the state sheriffs association were hacked, and deputies’ credit card information and home addresses were made public. In small-town Gassville, Ark., hackers posted photos of teenage girls in their swimsuits that were sent to Police Chief Tim Mayfield as part of an ongoing investigation, Mayfield said. The hackers also said they used credit card numbers to make “involuntary donations” to a variety of groups. One person confirmed to The Associated Press that his credit card was used.

Kansas offices hacked

The Jefferson County Sheriff’s Office and the Kansas Sheriff’s Association were among the websites hacked by Anonymous.

It’s unclear whether any sensitive or confidential information was obtained from the Jefferson County website, said Sheriff Jeff Herrig.

“We don’t know,” said Herrig, expressing concern about the possibility that some of the leaked data could affect a case.

Sandy Horton, director of the Kansas Sheriff’s Association, said her group’s website does not contain any sensitive or personal information.

Both Herrig and Horton said the hacking caused problems with their websites, and they’ve been working on fixing any issues.

No other local law enforcement agencies were reportedly affected by the hacking, which is being investigated by the FBI.

The hackers posted 10 gigabytes worth of data.

Anonymous said Saturday it attacked 70 mostly rural law enforcement websites in the U.S. in retaliation for the arrests of some of its sympathizers.

Anonymous may have gone after the sheriff’s office because the hosting company, Little Rock-based Brooks-Jeffrey Marketing, was an easy target, said Dick Mackey, vice president of consulting at Sudbury, Mass.-based SystemExperts.

Mackey said many organizations don’t see themselves as potential targets for international hackers, causing indifference that can leave them vulnerable, he said.

“It seems to me to be low-hanging fruit,” he said. “If you want to go after someone and make a point and want to have their defenses be low, go after someone who doesn’t consider themselves a target.”

Journal-World reporter Shaun Hittle contributed to this story.

Comments

KUinAussie 3 years ago

i am sick and tired of government officials trying to scare the common man by saying their personal information is at risk, and associating it with 'anonymous'.

they are not in it to hurt the innocent.

but the mainstream media wont talk about that.

they are in it to give the common man hope,

that one day soon,

they may get their livelihood back.

0

Richard Heckler 3 years ago

It's the nature of the beast aka computers.

Maybe some are freaked out what the hacking will reveal such as exactly what information is being gathered on local citizens?

Wikileaks has not been especially dangerous or put the nations security at risk but was embarrassing to national officials regarding their behavior towards international counterparts.

Elected officials and their pals put the nations security at risk in a variety of ways. Nixons illegal spying on democrats aka Watergate. Illegal sale of weapons aka Iran-Contra.

0

Richard Heckler 3 years ago

Elected officials and their pals can be experts at taking our economy down the tubes which could be security risk absolutely.

The repub party has a long history of economic destruction and crime to include Iran-Contra and Watergate. Like or not a consistent and disturbing pattern has developed by their choosing.

After spending so so many decades in Washington D.C on tax dollar payrolls republicans are sure they learned all they needed to know about OUR money and founding reckless economies. Republicans have much experience under their belts and they never quit sharing.

For openers...

  1. TABOR is Coming by Grover Norquist and Koch Bros. http://www.dollarsandsense.org/archives/2005/0705rebne.html

  2. The Reagan/Bush Savings and Loan Heist(Cost taxpayers $1.4 trillion) http://rationalrevolution0.tripod.com/war/bush_family_and_the_s.htm

  3. Wall Street Bank Fraud on Consumers under Bush/Cheney http://www.dollarsandsense.org/archives/2009/0709macewan.html

  4. Bush and Henry Paulson blew the $700 billion of bail out money? http://www.democracynow.org/2009/9/10/good_billions_after_bad_one_year

And that tax cuts do nothing to make an economy strong or produce jobs.

  1. Still A Bad Idea – Bush Tax Cuts - The ENTITLEMENT program for the wealthy at the expense of the middle class http://www.dollarsandsense.org/archives/2001/0301miller.html

In the end big debt and super duper bailouts were the results which does not seem to bother Republicans, as long as they are in power.

In fact, by the time the second Bush left office, the national debt had grown to $12.1 trillion:

  • Over half of that amount had been created by Bush’s tax cuts for the very wealthy.

  • Another 30% of the national debt had been created by the tax cuts for the wealthy under Presidents Reagan and George H.W. Bush.

• Fully 81% of the national debt was created by just these three Republican Presidents. http://www.dollarsandsense.org/archives/2010/0111orr.html

0

Flap Doodle 3 years ago

Wow, we went a whole day without seeing this set of links again. People were getting worried about you, merrill.

0

devobrun 3 years ago

Makes me wonder about the promise of safe, secure medical and financial records. The rush to computerize all information is apparently synonymous with public release of such information. There is no such thing as privacy. So what is to stop hackers from actively planting data into computer files? Not just retrieve information, but put incriminating or confounding info into computers. How 'bout generating an all points bulletin on the law enforcement web for the mayor of Saratoga, Florida? Round him (her) up on a trumped up charge. All kinds of mischief is possible. I can see a time when all information is suspect because it is all on the internet and all subject to modification.
Maybe the stock market didn't fall 6.7% yesterday. Maybe it was a computer glitch. Funny thing about living a virtual life......the truth is now just a bunch of ones and zeroes. Do you want a job with a company? Hack their HR files and see who the competition is. Insert some obscure misdemeanors into the files of the competition. Wow, a nefarious mind and hacking savvy could make you king of the world.

0

Scott Morgan 3 years ago

When we go to socialized medicine our secrets will be no more. Had a drinking problem 30 years ago, how about an abortion, checked for Aids, a little early 20s depression over a gal or boyfriend, warts, me thinks it's all going to be out there.

Already happening after folks pass away. The kids often get an open book to somebodies privacy.

0

Commenting has been disabled for this item.