Fredkc
22nd November 2010, 14:49
WASHINGTON — (http://www.msnbc.msn.com/id/40306517/ns/us_news-security/) How did a hacker, Lin Mun Poo, in Malaysia manage to penetrate a computer network operated by the Federal Reserve Bank of Cleveland?
And what was the same accused cybercriminal doing this summer when he allegedly tapped into the secure computers of a large Defense Department contractor that managed systems for military transport movements and other U.S. military operations?
Those are among the puzzling questions raised by allegations against Lin Mun Poo, a 32-year-old Malaysia native whose case illustrates the mounting national secrets threats posed by overseas cyberattacks, U.S. law enforcement and intelligence officials tell NBC News.
Poo was arrested by Secret Service agents last month shortly after flying into New York's John F. Kennedy airport with a "heavily encrypted" laptop computer containing a "massive quantity of stolen financial account data," including more than 400,000 credit card, debit card and bank account numbers, according to a letter filed by federal prosecutors last week laying out a "factual proffer" of their evidence against Poo.
Oh! And in his spare time, he hacked "several major US banks, and The Federal Reserve!
Then he got a big time Pentagon contractor, who does system management for military transport. Gee, if you want to know what the military is up to, look where they get sent, right?
Now for something quite revealing. If you want a clue about how far behind the curve "security" people really are...
"If a guy from Malaysia can get into networks like this, you can imagine what the Chinese and Russians, the people with real capabilities, are able to do," said one former senior U.S. intelligence official
First of all, anyone who thinks that being in any particular age group, in some country, or another, from any socio-economic, or cultural background somehow removes them from the world of computer hacking, is so out of touch with reality, they really have no business advising anyone about security.
No, that wasn't me being politically correct. It's that computers are not that mysterious. Fact is that anyone on this planet, past the age of 12, willing to put in the time, can grasp what's needed to do this.
It gets worse:
In fact, the penetration of sensitive national security computers by overseas hackers — many of them believed to be state sponsored — is rapidly emerging as one of the country’s most alarming national security threats, officials said. And the threat is not just from foreign governments and for-profit hackers. Officials have also expressed worries that terrorist groups may be capable of the same sorts of sophisticated penetrations.
"rapidly emerging"??
Welcome to 1990, "officials"!! Successful efforts to subvert modern US domestic servers, both commercial and military has been in full bloom since the late 1990's.
China Web hijacking... (http://redtape.msnbc.com/2010/11/china-web-hijacking-shows-net-at-risk.html)
The cyber cold war between China and the U.S. just got a little chillier. Twice this year, China demonstrated its ability to "substantially manipulate" the Internet, a congressional commission said in a report issued on Tuesday. In one incident, traffic headed to 15 percent of the world's websites was redirected through Chinese servers for about 20 minutes.
The high-level hijacking included bits and bytes headed for the U.S. Senate, the Army, the Navy, the Marine Corps, the Air Force, the secretary of defense, NASA, and other government offices, along with commercial entities like Dell, Yahoo, Microsoft, and IBM, the report said.
"rapidly emerging"??
This isn't a simple test, this is a demonstration of power. Both stories are linked here. Both contain a wealth of interesting info.
What is most interesting to me is the fact that the fear-based, reactive mode of security practiced nowadays is a bankrupt mindset. And so far, all you'll see them talking about in these articles is simply more of what already doesn't work.
Welcome to Monday :)
Fred
Afterthought: Any bets they give this guy about a 20 year prison sentence?
When what they should be doing is giving him immunity, and a $2 million/year, 20 year contract to consult on security. ;)
And what was the same accused cybercriminal doing this summer when he allegedly tapped into the secure computers of a large Defense Department contractor that managed systems for military transport movements and other U.S. military operations?
Those are among the puzzling questions raised by allegations against Lin Mun Poo, a 32-year-old Malaysia native whose case illustrates the mounting national secrets threats posed by overseas cyberattacks, U.S. law enforcement and intelligence officials tell NBC News.
Poo was arrested by Secret Service agents last month shortly after flying into New York's John F. Kennedy airport with a "heavily encrypted" laptop computer containing a "massive quantity of stolen financial account data," including more than 400,000 credit card, debit card and bank account numbers, according to a letter filed by federal prosecutors last week laying out a "factual proffer" of their evidence against Poo.
Oh! And in his spare time, he hacked "several major US banks, and The Federal Reserve!
Then he got a big time Pentagon contractor, who does system management for military transport. Gee, if you want to know what the military is up to, look where they get sent, right?
Now for something quite revealing. If you want a clue about how far behind the curve "security" people really are...
"If a guy from Malaysia can get into networks like this, you can imagine what the Chinese and Russians, the people with real capabilities, are able to do," said one former senior U.S. intelligence official
First of all, anyone who thinks that being in any particular age group, in some country, or another, from any socio-economic, or cultural background somehow removes them from the world of computer hacking, is so out of touch with reality, they really have no business advising anyone about security.
No, that wasn't me being politically correct. It's that computers are not that mysterious. Fact is that anyone on this planet, past the age of 12, willing to put in the time, can grasp what's needed to do this.
It gets worse:
In fact, the penetration of sensitive national security computers by overseas hackers — many of them believed to be state sponsored — is rapidly emerging as one of the country’s most alarming national security threats, officials said. And the threat is not just from foreign governments and for-profit hackers. Officials have also expressed worries that terrorist groups may be capable of the same sorts of sophisticated penetrations.
"rapidly emerging"??
Welcome to 1990, "officials"!! Successful efforts to subvert modern US domestic servers, both commercial and military has been in full bloom since the late 1990's.
China Web hijacking... (http://redtape.msnbc.com/2010/11/china-web-hijacking-shows-net-at-risk.html)
The cyber cold war between China and the U.S. just got a little chillier. Twice this year, China demonstrated its ability to "substantially manipulate" the Internet, a congressional commission said in a report issued on Tuesday. In one incident, traffic headed to 15 percent of the world's websites was redirected through Chinese servers for about 20 minutes.
The high-level hijacking included bits and bytes headed for the U.S. Senate, the Army, the Navy, the Marine Corps, the Air Force, the secretary of defense, NASA, and other government offices, along with commercial entities like Dell, Yahoo, Microsoft, and IBM, the report said.
"rapidly emerging"??
This isn't a simple test, this is a demonstration of power. Both stories are linked here. Both contain a wealth of interesting info.
What is most interesting to me is the fact that the fear-based, reactive mode of security practiced nowadays is a bankrupt mindset. And so far, all you'll see them talking about in these articles is simply more of what already doesn't work.
Welcome to Monday :)
Fred
Afterthought: Any bets they give this guy about a 20 year prison sentence?
When what they should be doing is giving him immunity, and a $2 million/year, 20 year contract to consult on security. ;)