Identity Theft Expert Robert Siciliano
This article may be a little political. However bad guys are trying to win a cyberwar against us and it’s important to understand what’s being done to protect us.
The US National Security Agency is probably the most sophisticated group of security hackers in the world. Many will argue this point. The fact is, without NSA, US STRATCOM, which directs the operation and defense of the military’s Global Information Grid, and US CERT, attacks on our critical infrastructures would be successful. We’d be living in the dark, telephones wouldn’t work, food wouldn’t be delivered to your supermarket and your toilet wouldn’t flush. These are not the same bumbling government employees you see on C-SPAN.
The Obama administration is in the process of completing aninternal cyber-security review, announcing plans for cyber-security initiatives and determining who’s going to lead the charge.
The New York Times reports that the NSA wants the job and of course, this is raising hackles amongst privacy advocates and civil libertarians who fear that the spy agency already has too much power. I’m all for checks and balances. However, in order to detect threats against our nation and other global computer infrastructures from criminal hackers and terrorists, those in charge of cyber-security must have full and unlimited access to networks. There is certainly a legitimate concern here that any government agency with too much power can overstep citizens’ rights. However, coming from a security perspective, there are some very bad guys out there who would like nothing more for you to be dead.
Here’s a glowing example of how this power is used for good. Wired.com’s Kevin Poulsen (who should be required reading) reports on an FBI-developed super spyware program called “computer and Internet protocol address verifier,” or CIPAV, which has been used to investigate extortion plots, terrorist threats and hacker attacks in cases stretching back to before the dotcom bust. This is James Bond, Hollywood blockbuster technology that makes for a gripping storyline. The CIPAV’s capabilities indicate that it gathers and reports a computer’s IP address, MAC address, open ports, a list of running program, the operating system type, version and serial number, preferred Internet browser and version, the computer’s registered owner and registered company name, the current logged-in user name and the last-visited URL. That’s the equivalent of a crime scene investigator having fresh samples of blood for the victim and perpetrator, and 360 degree crystal clear video of the crime committed.
The FBI sneaks the CIPAV onto a target’s machine like any criminal hacker would, using known web browser vulnerabilities. They use the same type of hacker psychology phishers use, tricking their target into clicking a link, downloading and installing the spyware. They function like any illegal hacker would, except legally. In one case, they hacked a mark’s MySpace page and posted a link in the subject’s private chat room, getting him to click it. In another case, the FBI was trying to track a sexual predator that had been threatening the life of a teenage girl who he’d met for sex. The man’s IP addresses were anonymous from all over the world, which made it impossible to track him down. Getting the target to install the CIPAV made it possible to find this animal. Numerous other cases are cited in the Wired.com article, including an undercover agent working a case described as a “weapon of mass destruction” (bomb & anthrax) threat, who communicated with a suspect via Hotmail, and sought approval from Washington to use a CIPAV to locate the subject’s computer.
So while Big Brother may yield some scary power, criminals and terrorists are a tad scarier. I’ve always viewed the term “Big Brother” as someone who watches over and protects you. Just my take.
As always, invest in identity theft protection and Internet security solutions to keep the bad guys and the spyware out.
Robert Siciliano, identity theft speaker, discusses spyware.
I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- How Important is Cyberspace
Cyberspace has become as essential to the function of daily modern life as we know it, as blood is to the function of our bodies. And I don’t believe that’s an overstatement. If the Internet suddenly vanished, there would be deaths as a result. Our dependency on the Internet has long since passed the point of
- Identity Theft Expert; Anatomy of a Hack
Robert Siciliano Identity Theft Expert There is a battle going on round the clock, between the bad hackers and the good hackers. Most of the time, the good guys lose. Here we have an example of the bad guy actually getting caught. At age 19, an Israeli criminal hacker named Ehud Tenebaum made news as “The Analyzer,”
- Week of FUD; Hackers breach electric grid, Conficker sells out, Obama has a plan
Robert Siciliano Identity Theft Expert They say adversity university and the school of hard knocks makes your stronger, faster and streetsmart. And if it doesn’t kill you it makes you stronger. Lately, I’ve been killing my readers with lots of deadly data so I bet your security muscles are getting huge! The security community has bombarded the
- Cybersecurity Matters in The Election
The term “cyberattack” or cyberwarfare is defined as “politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.” “Weapons of Mass Disruption” are a growing concern. The U.S. and many other
- Cyber Security in This Year’s Election – The Role It Played In 2012
For more than a decade, we have been at risk of cyber war and cyber terror due to political disputes or hacktivists bent on disruption. Our information, financial systems and critical infrastructures are the main targets. In 2012, cyber security became part of our popular culture due to the elections. The Obama administration made the most
4 Responses to “Government Agencies Engaging in Criminal Hacking Techniques”
[…] things have changed the game: the speed and advancement of technology and spyware. Spyware was created as a legitimate technology for PCs. Spyware tracks and records social network […]
[…] is being used by government agents to track criminals. “Computer and internet protocol address verifier,” or CIPAV is government developed spyware that gathers a wide range of information, […]
[…] government tracks criminals using specially developed spyware that gathers a wide range of information, including IP and MAC addresses, operating systems, […]
Does my mac adresse change if I upgrade my computer with some other hardware? For example change the graphic card?
Leave a Comment
You must be logged in to post a comment.