Thursday, December 13, 2012

Analysis: a case of government versus hacktivism - 11 Dec 2012 - Computing Analysis

Analysis: a case of government versus hacktivism - 11 Dec 2012 - Computing Analysis

Analysis: a case of government versus hacktivism

11 Dec 2012

Jeremy Hammond
Alleged computer hacker and Anonymous member Jeremy Hammond is currently being held indefinitely in custody, suspected by the FBI of being one of the key members behind the security breach of private intelligence firm Stratfor.

Hammond was arrested by FBI agents in March after Lulzsec founder Hector Xavier Monsegur, better known as Sabu, turned informant. He co-operated with the authorities following his own arrest in March 2011. Sabu continued to encourage cyber-attacks against corporations, all the while providing the FBI with chat-logs and other details that enabled the arrest of Hammond, who has been detained ever since.
Hammond is accused of stealing the personal details of over 850,000 people from the firm - published by WikiLeaks as “Global Intelligence Files” following the Anonymous attack - in addition to taking credit card details and using them to donate to charities.
According to criminal law attorney Jay Leiderman of Californian firm Leiderman Devine, a firm that has represented Anonymous members in computer hacking cases, the authorities could have prevented the December 2011 Stratfor breach.
“The FBI was kind of part and parcel to this hack, they knew about it [through Sabu], they had to have known about it beforehand. They didn’t do anything to warn Stratfor or to take pains to stop it,” Leiderman toldComputing. He argued that the attack was not like breaking and entering, but rather going through an open door.
“Hack has become a sort of all-encompassing term, when in fact some of this was social engineering, some of this was good old-fashioned regular ‘there’s a hole, I’m going to walk through it’,” said Leiderman.
“If you left your front door open people wouldn’t really call it a break-in. To some extent Stratfor were unsecure to the point where it was like their front door was open and Mr Hammond allegedly, with some others, walked right in, and people are calling it a hack.
“As far as I’m aware, nothing was really hacked in the classic sense,” he added.
Leiderman believes the breach has deservedly damaged Stratfor’s reputation, especially given the organisation’s field.
“This is supposed to be a private security firm,” he said. “I think their reputation is ruined by this and one would have to query, philosophically, was it righteously, justly ruined because of their lax security.”

The Stratfor documents published by WikiLeaks contain details about the inner workings of the security firm, including links between private intelligence and government. As a result, the digital equivalent of 100,000 pages of data are being produced as evidence against Hammond, which Leiderman told Computing may take years to properly assess.

The Stratfor case isn’t Hammond’s first run-in with the law. He served two years in prison between 2007 and 2009 for breaking into the computer systems of a conservative website and taking credit card information. He’s also been arrested multiple times for offenses including property damage and disorderly conduct while taking part in protests over the past decade.His lawyers attempted to get Hammond released on pre-trial bail in order to properly review the case against him, but Federal Judge Loretta Preska denied the request on the basis that he presents “a very substantial danger to the community”.
Leiderman believes Hammond’s indefinite confinement without trial, a situation that puts him on the same perceived danger level as murderers and terrorists, is the US authorities’ attempt to send out a warning to hacktivist collectives.
“I think what’s going on is that the government is trying to be heavy handed here and they’re getting an assist from the judiciary,” Leiderman said.
“They’re trying to discourage anyone from really thinking about using a computer for anything other than email and shopping, that’s what I think. Go ahead, be good consumers, send your friends a picture of your cat and that’s it,” he added.
Leiderman believes working with hackers can actually provide benefits, something the US government and other organisations should take advantage of.
“There are a lot of good things that come from exploits and messing with people’s sites. We’ve learned how to be more secure, we find different uses and different applications for things and there’s some curiosity to be encouraged here and government really seems to be trying to stifle it in its entirety. “
The amount of evidence that needs to be assessed means a trial is unlikely until at least well into next year. If found guilty, the 27-year-old faces the possibility of a life sentence.
Computing - Insight for IT leaders Claim your free subscription today.

No comments:

Post a Comment