Man Indicted for ‘Cyber-Extortion’ Threat Against Insurance Firm

screen-shot-2010-04-23-at-115550-amA California man was hit with an extortion charge this week for allegedly threatening to send out millions of e-mails criticizing his insurance company, if the firm didn’t pay him as much as $3 million.

Anthony Digati, 52, faces a maximum two-year prison term if convicted of charges the Federal Bureau of Investigation is calling “cyber-extortion” (.pdf).

The authorities said Digati erected a website to damage the reputation of New York Life unless it returned his $50,000 premium, and an extra $150,000 for good measure, by a certain date. If the deadline was not meant, the price would climb to $3 million, according to the indictment unsealed late Thursday.

The bureau’s statement said that Digati threatened on his website to “make false public statements and transmit millions of spam e-mails in an effort to damage the reputation of New York Life and cost the company millions of dollars of revenue.”

The authorities declined comment. Digati, of Chino, California, declined to be interviewed when reached by telephone, as did his attorney.

Digati, who is being charged in New York, remains free on bond in connection with the charge of extortion through interstate communications.

According to Thursday’s indictment, Digati became upset with New York Life after having a claim denied. He registered the domain newyorklifeproducts.com, and sent an e-mail to more than 1,000 employees of the insurer demanding payment, adding that if he didn’t get his money by March 8, “the price will then be $3,000,000.”

He told the company through his website that he has “6 million e-mails going out to couples with children age 25-40, this email campaign is ordered and paid for,” according to the indictment.

Continue Reading “Man Indicted for ‘Cyber-Extortion’ Threat Against Insurance Firm” »

Tags: , ,
Back to top

Richard Clarke’s Cyberwar: File Under Fiction

game_over

Readers of Richard Clarke’s new book Cyberwar who want to jump to the steamy parts should start at page 64 in the chapter “Cyber Warriors.” It’s there you’ll find the Book of Revelation re-written for the internet age, with the end-times heralded by the Four Trojan Horses of the Apocalypse.

Chinese hackers take down the Pentagon’s classified and unclassified networks, trigger explosions at oil refineries, release chlorine gas from chemical plants, disable air traffic control, cause trains to crash into each other, delete all data — including offsite backups — held by the federal reserve and major banks, then plunge the country into darkness by taking down the power grid from coast-to-coast. Thousands die immediately. Cities run out of food, ATMs shut down, looters take to the streets.

That electronic Judgment Day is not the stuff of bad movies or sci-fi novels, according to Clarke, who writes, “A sophisticated cyber war attack by one of several nation-states could do that today, in fifteen minutes.”

That’s right. In less time than it takes to download Live Free or Die Hard, foreign hackers could make it real.

A former top counter-terrorism advisor under President Clinton, who later served as President Bush’s cybersecurity czar, Richard Clarke has been sounding the alarm on cyberwar for more than a decade, rarely letting up, even through two real wars and one massive domestic terrorist attack. Now Chairman of Good Harbor Consulting, Clarke is going full-out Jerry Bruckheimer in an effort to get America to take seriously what he clearly sees as a (perennially) looming existential threat to the nation.

And it turns out that in Cyberwar, like in real war, truth is the first casualty. Continue Reading “Richard Clarke’s Cyberwar: File Under Fiction” »

Tags: , ,
Back to top

McAfee Probing Bungle That Sparked Global PC Crash

mcafee
McAfee said Thursday it was trying to determine how it bungled a security update that crashed perhaps tens of thousands of PCs across the globe.

Computers from Australia and Kentucky to the United Kingdom began freezing up late Wednesday after the Santa Clara, California, security firm released an updated definition file for its corporate antivirus software. The update mistakenly identified a critical Windows file — svchost.exe — as a worm and quarantined it, crashing computers running Windows XP Service Pack 3.

While the update has been removed, McAfee said it was “investigating how the incorrect detection made it into our DAT files and will take measures to prevent this from reoccurring.” Scammers began seizing on the debacle, marketing fake antivirus services.

McAfee’s snafu was the second black eye for the company in as many weeks. McAfee, a household name for computer virus-protection, on April 8 was hit with accusations it dupes online customers into purchasing third-party services, and hands over consumer banking information to enable those transactions.

Researchers said Thursday that affected computers had to be manually corrected one by one, a process that could take 30 minutes per machine.

On Thursday, Coles, an Australian supermarket chain, said 1,100 checkout terminals crashed because of the McAfee update, so it temporarily closed several stores in that country. An Intel spokesman in California acknowledged the problem at its headquarters was “significant.” Kentucky State Police lost use of their their entire IT infrastructure, and hospitals in Rhode Island postponed elective surgeries.

“We sincerely apologize for the inconvenience this has caused our customers,” McAfee said Thursday,  declining to say how many computers it believed were affected.

Photo: Associated Press

See Also:

Tags: , ,
Back to top

ACTA Backs Away From 3 Strikes

A proposed global intellectual-property treaty no longer nudges the international community to develop “three strikes” protocols to suspend internet connections of customers caught downloading copyrighted works, according to a draft of the Anti-Counterfeiting Trade Agreement released Tuesday.

The official draft of the proposed intellectual property accord was released after months of leaks and assertions by the Obama administration that it was a classified national security secret.

Still, critics of the proposal said Tuesday that a controversial theme in the draft (.pdf) remains: that the United States was “attempting to export a regulatory regime that favors big media companies at the expense of consumers and innovators,” according to Public Knowledge, a Washington, D.C., digital rights group.

The group and others were, in part, referring to the U.S. Digital Millennium Copyright Act. Under the DMCA, internet service providers are responsible for the infringing material hosted on their networks if they fail to remove the content at the rights holder’s request.

That is a sea change to Canadian copyright statutes, for example. “That is inconsistent with Canadian law, which has no such requirement,” said Michael Geist, an ACTA expert at the University of Ottawa.

A biggest surprise in the official draft, which is being hammered out by the United States, Canada, the European Union, Japan and dozens of others, is the removal of a controversial U.S.-backed footnote that appeared in an unofficial, yet previously leaked version. The footnote provided for “the termination in appropriate circumstances of subscriptions and accounts on the service provider’s system or network of repeat infringers.”

Continue Reading “ACTA Backs Away From 3 Strikes” »

Tags: , , , , , ,
Back to top

Second Banker Accused of Stealing High-Frequency Trading Code

stockpic

It was only a matter of time before another banker, lured by the prospects of riches, would get busted on allegations of stealing source code connected to a high-frequency, stock-and-commodities trading platform.

The latest arrest concerns a former Societe Generale trader who was being detained Tuesday on New York federal court charges of stealing the computer code of the Paris-based banking concern’s high-frequency trading software.

Monday’s arrest of Samarth Agrawal, 26, came nine months after a Goldman Sachs programmer was arrested on similar charges that he, too, stole his employer’s source code for software his employer used to make sophisticated, high-speed, high-volume stock and commodities trades.

The Securities and Exchange Commission is investigating the use of these programs that many believe give their users an unfair advantage over other traders. Nevertheless, stealing the code to these suspect programs remains illegal.

Continue Reading “Second Banker Accused of Stealing High-Frequency Trading Code” »

Tags: , , ,
Back to top

Google: U.S. Demanded User Info 3,500 Times in 6 Months

google_le_requests

Search engines and ISPs have for years refused to tell the public how many times the cops and feds have forced them to turn over information on users.

Google broke that unwritten code of silence Tuesday, unveiling a Government Requests Tool that shows the public how often individual governments around the world have asked for user information, and how often they’ve asked Google to remove content from their sites or search index, for reasons other than copyright violation.

The answer for U.S. users is 3,580 total requests for information over a six-month period from July 2009 to December 2009. That number comes to about 20 a day, and includes subpoenas and search warrants from state, local and federal law enforcement officials. Brazil just edges out the U.S. in the number of requests for data about users, with 3,663 over those six months. That’s due to the continuing Brazilian popularity of Google’s social networking site, Orkut.

Google VP David Drummond announced the tool in a blog post Tuesday, casting it as a tool to cut down on censorship — not surprising, given that Google says it’s been censored by 25 of the 100 countries it operates in.

Continue Reading “Google: U.S. Demanded User Info 3,500 Times in 6 Months” »

Tags: ,
Back to top

Report: Google Hackers Stole Source Code of Global Password System

The hackers who breached Google’s network last year were able to nab the source code for the company’s global password system, according to The New York Times.

The single sign-on password system, which Google referred to internally as “Gaia,” allows users to log into a constellation of services the company offers — Gmail, search, business applications and others — using one password.

The hackers, who are still unknown, were able to steal the code after gaining access to the company’s software repository, which stores the crown jewels for its search engine and other programs.

Because the hackers grabbed the software, and do not appear to have grabbed customer passwords, users aren’t directly affected by the theft. But the hackers could study the software for security vulnerabilities to devise ways to breach the system that could later affect users.

Google announced in January that it and numerous other companies had been hacked in a sophisticated attack. The hackers had targeted source code repositories at many of the companies, including Google.

According to the Times, the theft began when an instant message was sent to a Google employee in China who was using Windows Messenger. The message included a link to a malicious website. Once the employee clicked on the link, the intruders were able to gain access to the employee’s computer and from there to computers used by software developers at Google’s headquarters in California.

The intruders seemed to know the names of the Gaia software developers, according to the Times. The intruders had access to an internal Google corporate directory known as Moma, which lists the work activities of every Google employee.

Continue Reading “Report: Google Hackers Stole Source Code of Global Password System” »

Tags: , ,
Back to top

Cops Pull Plug on Rent-a-Fraudster Service for Bank Thieves

callservicebiz

Two Belarusian nationals suspected of operating a rent-a-fraudster service for bank and identity thieves have been arrested overseas, according to New York authorities, who unsealed an indictment for one of the suspects on Monday.

Dmitry Naskovets, 25, and Sergey Semashko, 25, are suspected of creating and operating CallService.biz, a Russian-language site for identity criminals who trafficked in stolen bank-account data and other information. The website displayed an FBI logo Monday and the message, “This domain has been seized by the Federal Bureau of Investigation.”


Naskovets has been charged in U.S. District Court for Southern New York with one count each of aggravated identity theft and conspiracy to commit wire fraud and credit card fraud. Semashko has been charged by Belarusian authorities.

Naskovets was arrested in the Czech Republic last Thursday, at the request of U.S. authorities who have filed for extradition. Semashko was arrested the same day in Belarus.

According to the indictment (.pdf), the two entrepreneurs launched the site in Lithuania in June 2007 and filled a much-needed niche in the criminal world — providing English- and German-speaking “stand-ins” to help crooks thwart bank security screening measures.

In order to conduct certain transactions — such as initiating wire transfers, unblocking accounts or changing the contact information on an account — some financial institutions require the legitimate account holder to authorize the transaction by phone.

Continue Reading “Cops Pull Plug on Rent-a-Fraudster Service for Bank Thieves” »

Tags:
Back to top

School District Allegedly Snapped Thousands of Student Webcam Spy Pics

A webcam spying scandal at a suburban Philadelphia school district is broadening, with lawyers claiming the district secretly snapped thousands of webcam images of students using school-issued laptops without the pupils’ knowledge or consent.

Some of the images included pictures of youths at home, in bed or even “partially dressed,” according to a Thursday filing in the case. Pupils’ online chats were also captured, as well as a record of the websites they visited.

Pennsylvania high school officials are accused of spying on their students through webcams on district issued Macbooks. Here is a picture a webcam took of a sophmore sleeping at home

Pennsylvania high school officials are accused of spying on students with webcams on district-issued Macbooks. Here is sophomore Blake Robbins sleeping at home in an image secretly and allegedly taken by his school's laptop. (Posted here with permission of Robbins' attorneys)

When the story first broke in February, the district said the cameras were activated only handful of times when a laptop was reported stolen or missing — an assertion lawyers suing the district say is false.


“Discovery to date has now revealed that thousands of webcam pictures and screen shots (.pdf) have been taken from numerous other students in their homes, many of which never reported their laptops lost or missing,” attorney Mark Haltzman wrote in a Thursday federal court filing.

In February, the Lower Merion School District deactivated the webcam-tracking program secretly lodged on 2,300 student laptops.

The move came a day after the 6,900-pupil district, which provides students from its two high schools free MacBooks, was sued in federal court on allegations it was undertaking a dragnet surveillance program targeting its students — an allegation the district has repeatedly denied.

The suit was based on a claim by sophomore Blake Robbins that school officials reprimanded him for “improper behavior” based on photos the computer secretly took of the boy at home last fall. One picture shows him asleep at home in October.

Continue Reading “School District Allegedly Snapped Thousands of Student Webcam Spy Pics” »

Tags: , ,
Back to top

Bush’s Illegal Wiretapping Tab: $612,000

picture-21

The two American lawyers who were illegally wiretapped by the Bush administration asked a federal judge Friday to order the government to pay $612,000 in damages, plus legal fees for their attorneys.

The demand (.pdf) comes two weeks after U.S. District Judge Vaughn Walker said the former administration wiretapped the lawyers’ telephone conversations (.pdf) without a warrant, in violation of federal law.

It was the first ruling addressing how Bush’s once-secret NSA spy program, adopted in the wake of the 9/11 terror attacks, was carried out against American citizens. Other lawsuits considered the program’s overall constitutionality — absent any evidence of specific eavesdropping — and were dismissed.

The government in 2004 was intercepting the telephone communications of lawyers Wendell Belew and Asim Ghafoor. They were counsel to a Saudi charity, the Al-Haramain Islamic Foundation, which the government has declared a terror organization.

They learned of the eavesdropping after the government erroneously sent them records. Both the Bush and the Obama administrations declared those records state secrets, so the documents were removed from the case.

Walker allowed the case to proceed, based on other evidence of eavesdropping (.pdf).

The lawyers are seeking $204,000 each, in addition to $204,000 for the charity, whose U.S. assets are frozen because of its terror designation. Judge Walker did not immediately rule on the request.

Continue Reading “Bush’s Illegal Wiretapping Tab: $612,000″ »

Tags: , , , , ,
Back to top
« OLDER POSTS
See more Threat Level