He is a pioneer in covering crime and conflict in cyberspace — while facing frightening physical threats and relentless digital assault as a result of his ground-breaking coverage. For example, in March of , within just 24 hours, spammers allegedly targeted Krebs' website with a massive denial of service attack and sent a letter purportedly from the FBI that said his site was hosting illegal content.
A SWAT team stormed his home and handcuffed him after the local police received a text message supposedly from him that said Russians had broken into his house and shot his wife.
What happens if you're hacked? The Secret Service has some advice
On top of that, his identity has been stolen half a dozen times. He's found fecal matter and heroin on his doorstep.
Why does he keep investigating cybercriminals? The award is presented to a journalist whose determination, perseverance and commitment to the truth has contributed significantly to the fight against fraud. FM: You wrote in your book, "Spam Nation," that "Bad press on these [cybercrime] companies from major media would force more law-enforcement agencies into taking action against them and thus reducing the threat they posed both to Americans and people all over the globe.
BK: To some degree, yes. The Internet has brought tremendous societal benefits, but it also has made it insanely easy for thieves and scoundrels to profit by hurting other people. The more light we can shine on these ne'er-do-wells, the harder it becomes for them to get away with it. FM: Most of us don't seem fazed by spam these days. We now see little of it because of improved email filters. But it's surprising to learn from your book that spam is alive and well and greatly supported by online prescription drug purchases.
What do you think spammers would move to if this source dried up? What are the factors for this? BK: I think the connection between spam and the fly-by-night Internet pharmacy programs I detail in the book is less strong than it once was, but it's still fairly prevalent. Spam remains one of the most useful and prevalent vectors for launching cyberattacks. Many of the largest breaches and attacks over the past several years have begun with a booby-trapped email or phishing scam.
This also is spam, and as I wrote about in "Spam Nation," many of the individuals who once sent Viagra spam for a living are now getting paid to pump out malware-laced emails by the millions each day. FM: Even though you have a map of the U. Why is there so much illegal cyber activity in that part of the world? Is the geographical source of these crimes shifting? BK: The map on the cover is a nod to the reality that the spam problem has typically been driven by a near-constant demand for the things advertised in junk email — be it porn, knockoff designer goods or prescription drugs that can be bought off these sites for a fraction of what Americans pay for the same drugs.
And the vast majority of that demand comes from Americans. Many of those engaged in cybercrime hail from Russia and the former Soviet states because these regions for a very long time placed a heavy emphasis on science, logic and math in their education systems. Turns out, such skills are the building blocks of programming and computing. As a result, these countries have churned out millions of people who are quite good at coding — and finding logical flaws in coding — but who lack any sort of real pipeline for parlaying those skills into high-paying jobs.
Many of the guys I tracked down and interviewed for the book had day jobs, and got into hacking and cybercrime because they viewed that activity as a way to supplement their income and to live a certain lifestyle that they could not enjoy otherwise.
- Un mal día para morir (Spanish Edition)?
- Dream Keeper!
- The Most Dangerous Hackers Today;
- Whats That, Mittens? (My First I Can Read).
- Antarès - tome 3 - Episode 3 (French Edition).
- Penetrating insights?
Also, there is little deterrent for choosing this lifestyle because so few of these folks get busted for their crimes. FM: It's remarkable that you've been able to identify and profile so many Russian cybercrime bosses. How have you been able to do that? BK: In the case of those profiled in "Spam Nation," it helped a great deal that two guys who ran competing cybercrime and spam empires paid hackers to break into each other's operations and leak to me several years worth of emails, chat records and banking documents for these organizations.
When you have that much detail about a criminal organization, it makes it pretty easy to follow the money and connect the dots — if you have the time and resources to do this sort of work, which I did. FM: You include a chapter in your book, "Meet the Spammers. BK: They mostly live in countries that do not currently have great relations with the United States, including Russia, Belarus and the Ukraine, so they have little to fear from being prosecuted for their crimes unless they leave those countries or start attacking their own people.
Most of them view cybercrime as a victimless crime — that consumers will get reimbursed for fraudulent activity and that the only ones who really get hurt are the banks, and nobody likes the banks so who cares. Some of them have a direct and intense animosity for the West and see this as a way to project Russia's power and influence abroad. FM: You write that the spam business had taken a huge hit the last few years. Briefly, what are some of the reasons for that? BK: Much of it has to do with the legwork by a ragtag bunch of academic researchers who took it upon themselves to learn which banks were helping to facilitate the processing of credit cards for the things that were most commonly being advertised in spam, such as pirated software and knockoff prescription drugs.
- Its My Money and Ill Cry if I Want To: Trying To Survive the Vast Left-Wing Conspiracy.
- Hacking the hackers.
- The Weekly Hack: Hackers claim to have secret 9/11 documents, demand Bitcoin ransom;
- The Celestine Prophecy?
It's very expensive and time-consuming for these spam partnerships to arrange new credit card processing agreements, and these researchers figured out a way to do undercover "buys" from spam in a methodical way and then map that back to the banks in Eastern Europe and the Caribbean that were processing the payments for these transactions. Then, they worked with rights and brand holders to file official complaints through Visa and MasterCard, which threatened to rain down significant fines on banks that were enabling this activity.
FM: You write that not long ago, if a spammer or hacker wanted to launch a massive Internet attack, he had to assemble a huge botnet that included legions of hacked PCs. Now they can do that with just a few bot-infected PCs, according to one of your sources. How is this possible? BK: This is not a new development. What's new is that more people understand how to launch these attacks, and there are more resources than ever online that can be abused to launch these attacks. Without getting too far into the weeds here, what's going on is that there are tens of millions of devices, such as older DSL routers online that are poorly configured, and that configuration opens them up to abuse by third parties.
For example, many older DSL routers will happily run DNS lookups for anyone on the Internet who asks — not just for their local, legitimate users. This creates a problem because DNS — the basic Internet technology that helps direct traffic on the Web — does not require any sort of authentication or validation that the machine or person making the request for information is allowed to do so, nor does it validate that the request for said information actually came from where it says it was sent from.
Worse still, DNS supports a feature whereby the response can be made to be much larger than the actual request. In short, this allows attackers to spoof a request from an Internet address that they want to attack, and when the DNS server replies, it will answer with a much larger reply than the request, and it will send the answer to the spoofed — target — address.
Send these requests from a few hundred machines to tens of thousands of misconfigured servers and routes, and all of a sudden you have a huge traffic flow aimed at the spoofed address. FM: You've broken news on recent major credit card breaches before the mainstream media reported on the cases. You seem to have developed some helpful contacts at financial institutions who clue you into these possible crimes.
Can you describe some of your methods for cracking these cases?
- The Charlton Quiz Book?
- 52 ways to rekindle your life and soul.
- The Miracle of the Birds of Peace;
- Uma Visita de Alcibíades (Portuguese Edition).
- Evgeniy Mikhailovich Bogachev.
How do you cultivate new contacts and sources? Can you describe how you discovered the Target case? BK: Usually, it is me contacting banks and telling them their cards are for sale somewhere, and then they go and acquire a handful of cards and see if they can determine whether all of those cards were used at the same place during the same time frame.
The Simple Way Apple and Google Let Domestic Abusers Stalk Victims
Most of my banking sources have reached out to me and asked me to alert them if their cards show up in a huge new batch of stolen cards. They're more than happy to help with this research and share what they found because the sooner a breached merchant owns up to a breach, the sooner the fraud on their customers' cards can be stopped. FM: You also wrote in your book that "[T]he editors at the Washington Post said they were still deeply concerned about my focus on Internet bad guys. The Post higher-ups were nervous about my reporting on a crime-heavy subject in which the standard forms of documentary evidence don't typically exist.
Also, they took the position that my focus on cybercrime — as opposed to a broader beat such as consumer technology of technology policy — was too narrow, and that I was getting too close to my sources to remain objective. BK: Not terribly different, except that I don't have people telling me what to write about and what not to write about anymore. I do, however, have a very good media lawyer with whom I consult from time to time when necessary.
FM: What are some of the processes you employ when you first get a lead on a fishy ISP, shady character or emerging cybercrime? BK: Just building a mind map of all the information and data points that I have on this actor or organization. Often, just having all of the information in one place makes it easy to see where my gaps in knowledge and data are and to see correlations between and among data points.
I do a lot of mind-mapping and white-boarding. FM: How do you learn about cybercriminals? Who they are, where they work, what they do in their free time, who they're attacking? BK: Few of them start out their lives thinking they will be cybercrooks. Most get into it gradually, and so they almost all have a side of their identities that are online going back several years, and a lot of that stuff is pretty hard to erase. The Internet has a tendency to index and remember things, so when these guys fail to fully air gap their online and offline selves, they run into problems.
Very few of these crooks do that well, and most make stupid mistakes that make it fairly easy to connect the dots once you have a few details to go on. FM: Have you considered what motivates cybercriminals to commit these infractions that are often connected to more serious crimes such as child pornography and murder? Are they motivated by simple greed, or is their reasoning much more complex? BK: A surprising number of the guys I profile in "Spam Nation" got their starts in cybercrime by promoting pornography of one kind or another. The two kingpins in the book got their start by teaming up to create a processing platform for extreme pornography that few banks wanted to be associated with rape, bestiality porn, for example , and so they quickly became an attractive place for people pushing even more offensive and repulsive content.
China hacked Norway's Visma to steal client secrets: investigators
FM: A Dec. How do cybercriminals find minor flaws like this, and how can organizations make sure small mistakes don't become major problems? BK: Stolen credentials and passwords, in particular, are some of the most intractable problems in cybersecurity today. It's bad enough that many banks do not even offer their customers the ability to authenticate themselves with anything more than a user name and password which, when phished, lost or stolen, can be used to impersonate that person.
However, the lack of two-factor authentication within organizations for employees with access to sensitive customer and employer data is a recipe for disaster. I wrote about this recently after receiving a letter from my ISP informing me that my Social Security number, address, phone number and other information were stolen after a customer service representative was tricked into giving away her network credentials to someone impersonating an information technology technician at the ISP.
Had my ISP required that employee to authenticate using a second factor — such as a mobile phone — this breach very likely would never have occurred. The same goes for JPMorgan. FM: What are some ideal anti-breach systems that any organization can build? BK: What you're asking about doesn't exist. Security is a moving target, and staying secure means adapting your defense to the latest attacks. But more importantly, it means finding creative but meaningful ways to get your board of directors and C-level executives intensely involved and invested in making security a priority.
In , someone leaked vital yet outdated source codes for Norton Antivirus, and claimed to be working with Anonymous. Regardless of how you feel about their politics or agenda, governments around the world have been cracking down on members of Anonymous wherever they can be found.
The botnet this fellow authored managed to infect millions of computers around the globe and infect them with ransomware , as well as steal all the data they had stored on their system. Unfortunately, it seems as though Russian authorities have no intention of collecting: He now lives openly in Anapa, a run-down resort town on the Black Sea in southern Russia with a number of luxury cars and his own private yacht.
To be clear, the Russian government has never admitted to working with him, but their refusal to arrest him and his sudden excess free time and money certainly begs the question. These days, he operates under usernames like slavik, lucky, pollingsoon, and others. As for what his next big move will be? The origin of the Shadow Brokers is something of a mystery.
If nothing else, this group lives up to their name in one regard: they leave us grasping at shadows. But while their nature is shrouded in mystery, their activities have been all too real. In August of , a twitter handle apparently owned by the group, shadowbrokerss, announced a webpage and a GitHub repository that apparently contained instructions on how to participate in an auction where the winner would receive a number of tools used by — drumroll please — the Equation Group!
And since we apparently have no leads as to who these people are, all we can do is speculate and try to prepare for their next attack. While their hacking branch, called Bureau , has doubtless been responsible for countless cyberattacks and crimes, they have performed a few high-profile attacks that warrant special mention. The first and perhaps most famous was the Wannacry ransomware attack. While the Shadow Brokers may have co-created it thanks to their access to NSA cyber-warfare tools, it was the North Koreans who crafted and deployed it, infecting around , devices and causing four billion dollars in damages.
In this attack, countless personal emails and details were leaked to the public, and Sony spent around fifteen million dollars repairing damage. Failing to hit that mark will lead to a predictably grim outcome. If only the group itself more closely resembled the mental image their name conjured, then this list might not be quite so depressing. They got their start in , hacking the Georgian government to throw it into chaos just before the Russian army invaded the country.
Despite being one of the most disruptive hackers in the world, Fancy Bear almost never takes credit for their own work: more often than not they operate under the alias of Anonymous or ISIS. However, a little bit of digging into their methodology and tools typically betrays the true face of the attacker.
Of course, Moscow has denied that Fancy Bear is affiliated with them in any way, which is why we cannot be absolutely certain all the above activities were authored by Russian authorities…. At 29 years, this Latvian has certainly rustled his fair share of jimmies. Well before the hacks that put him in the public eye, he was famous in hacker circles working under the moniker M4G, who was a regular in hacker communities and even run a semi-popular blog on hacking, albeit one that didn't detail his more illicit activities.
It is tame by comparison… but, it was part of of a three-year hacking spree Alexsey Belan is said to have engaged in between to , targeting e-Commerse websites in California and Nevada, including the aforementioned Yahoo. During this time, he hacked and stole data from a grand total of million accounts: million from Yahoo, and million from other, miscellaneous sources.
When international law enforcement came a-knocking, though, he had already made a clean getaway.
The secret lives of hackers (video) | Khan Academy
And while no one knows for sure where he might be hiding Unit is a model of efficiency and skill, with a proven track record in public service and counter-terrorism activity, and remarkably for the cybersecurity world, actually has more women members than men. While first founded in as the 2nd Intelligence Service Unit, it has since expanded into the largest Unit in the Israeli Defense Force. While many of their activities are clandestine which is sort of the MO for organizations like this , a few of their exploits have slipped to the surface. They also engage in active battle against pro-Palestinian hacktivists, like during the OpIsrael attacks.
Up until recently, China had categorically denied being involved in illicit online activities or even having a hacker group operate to their benefit.