The Security Circus

Wikileaks

• Published <1000 US Gov't diplomatic cables froma leak of 250,000

• Distributed an encrypted "Insurance" file by BitTorrent• Widely assumed to contain the complete,

uncensored leaked data• Encrypted with AES-256--no one is ever getting in

there without the key• Key to be released if Assange is jailed or killed,

but he is in UK now resisting extradition to Sweden and the key has not been released

Anonymous

http://www.indybay.org/newsitems/2011/08/16/18687809.php

Operation Payback

• 4chan's Anonymous group• Attacked Scientology websites in 2008• Attacked the RIAA and other copyright

defenders• Using the Low Orbit Ion Cannon with

HiveMind (DDoS)• "Opt-in Botnet"

HB Gary Federal

• Aaron Barr• Developed a questionable

way to track people down online

• By correlating Twitter, Facebook, and other postings

• Announced in Financial Times that he had located the “leaders” of Anonymous and would reveal them in a few days

Social Engineering & SQLi

• http://tinyurl.com/4gesrcj

Leaked HB Gary Emails

• For Bank of America– Discredit Wikileaks– Intimidate Journalist Glenn Greenwald

• For the Chamber of Commerce– Discredit the watchdog group US Chamber

Watch

– Using fake social media accounts

• For the US Air Force• Spread propaganda with fake accounts

• http://tinyurl.com/4anofw8

Drupal Exploit

OpBART

• Dumped thousands of commuter's emails and passwords on the Web– http://www.djmash.at/release/users.html

• Defaced MyBart.org– http://www.dailytech.com/Anonymous

%20Targets%20Californias%20Infamous%20BART%20Hurts%20Citizens%20in%20the%20Process/article22444.htm

Booz Allen Hamilton

• "LulzSec" hacked it in July 2011• Dumped 150,000 US Military email addresses

& passwords– http://www.forbes.com/sites/andygreenberg/

2011/07/11/anonymous-hackers-breach-booz-allen-hamilton-dump-90000-military-email-addresses/

Missouri Sheriff's Association

• Hacked by AntiSec, another part of Anonymous

• Published credit cards, informant personal info, police passwords, and more– https://vv7pabmmyr2vnflf.tor2web.org/

Th3j35t3r

• "Hacktivist for Good"• Claims to be ex-military• Originally performed DoS attacks on Jihadist

sites• Bringing them down for brief periods, such

as 30 minutes• Announces his attacks on Twitter, discusses

them on a blog and live on irc.2600.net

Jester's Tweets from Dec 2010

Th3j35t3r v. Wikileaks

• He brought down Wikileaks single-handed for more than a day

– I was chatting with him in IRC while he did it, and he proved it was him by briefly pausing the attack

Wikileaks Outage

• One attacker, no botnet

Th3j35t3r

• After his Wikileaks attack• He battled Anonymous• He claims to have trojaned a tool the Anons

downloaded• He claims to pwn Anon insiders now

Jester's Tweets

Westboro Baptist Outage

• 4 sites held down for 8 weeks• From a single 3G cell phone

– http://tinyurl.com/4vggluu

LulzSec

• The "skilled" group of Anons who hackedUS Senate AZ PolicePron.com Booz HamiltonSony NATOInfragard The SunPBS Fox NewsH B Gary Federal Game websites

Ryan Cleary

• Arrested June 21, 2011• Accused of DDoSing the UK’s Serious Organised Crime

Agency• http://www.dailymail.co.uk/news/article-2007345/Ryan-Cleary-Hacker-

accused-bringing-British-FBI-site.html

T-Flow Arrested July 19, 2011• http://www.foxnews.com/scitech/2011/07/19/leading-member-lulzsec-

hacker-squad-arrested-in-london/

Topiary Arrested

• On 7-27-11• http://www.dailymail.co.uk/news/article-

2021332/Free-Radicals-The-Secret-Anarchy-Science-sales-rocket-Jake-Davis-seen-clutching-copy.html

– http://mpictcenter.blogspot.com/2011/08/how-i-out-hacked-lulzsec-member.html

Stay Out of Anonymous

• http://mpictcenter.blogspot.com/2011/08/stay-out-of-anonymous.html

Case Studies

Dan Kaminsky

• Link Ch0a

Jacob Applebaum

• Link Ch 0b

Boris Sverdkik

Security Curmudgeon

• Link Ch 0e

Byron Sonne

• Link Ch 0g

Gregory D. Evans

Sam Bowne