Covert Communications: Using Gaming Networks to Plot Terror

With all of the monitoring software that has been turned from legend into fact in the recent years, it can be perplexing that terroist organizations are still able to remotly plan and, as we have seen in recent days, execute attacks on high profile targets. However, officials in Belgum have come up with a way they were able to plan attackes such as Paris: using gaming networks such as Sony’s Playstation Network used on their Playstation 4

This is just the most recent in commercial networks and applications being used to plan terrorist activities. Before the use of the Playstation Network, terrorist organizations have been seen using a mobile application called WhatsApp, which uses the internet to send messages from person to person, and has been shown to be difficult to monitor due to its high traffic and method of sending messages.

The Playstation Network, however, has proven more difficult than WhatsApp when it comes to intercepting terrorist communications, due to their lack of ability to intercept peer-to-peer IP based voice chat. This would mean that a terrorist meet up could happen in something as simple as an online game, and authorities would never know about it.

This doesn’t mean that they haven’t tried to gain legal access to VoIP communications. In 2010, the FBI pushed to have all lanes of communication monitoried, though the FCC had declined to give them access to the network then.

The main issue, however, is beyond the legal scope. While we are able to profile potential terror affiliates based on their internet usage, it is very hard to do so based on their console usage (uless we already know a terror affiliate uses a certain account). This, along with the Playstation Network having over 110 million users (for scope, that would make it the 11th largest country in the world), makes it a really hard field to narrow down.

And that is just for voice communication. If you start thinking about it, there are even ways to conduct non-verbal communication over a gaming network, from in-game destructables to placing items to form words or symbols that could mean something, that would not be traceable later, as they would be reset according to the loading of the game.

With these in mind, communicating over gaming networks may be the next large step in clandestine communications between persons or bodies that do not want anyone listening in to their conversations, as there are currently no real steps to trace anything that might happen there. This could lead to governments and groups not being able to trace the traditonal methods of communication, and increases the likelyhood of an unexpected attack on a high profile target.

-Will G. Eatherly

Sources:

Daily Mail article on topic: http://tinyurl.com/pxxekka

List of Countries according to population: http://tinyurl.com/qb8f8mv

Forbes article on topic: http://tinyurl.com/omftmlk

 

Anonymous: Operation KKK

 

anonymous-psn-hacker

 

Anonymous, a well known “hacktivist” group, deemed by critics as cyber terrorists, has targeted government agencies, corporations, and radical groups alike. They recently threatened to release the identities of up to one thousand members of the Ku Klux Klan. This is part of the group’s “Operation KKK,” which was started back in 2014. On October 28th, Anonymous posted this poll on the Operation KKK Twitter page:

hoods

Immediately following, Anonymous vowed to release the identities of Klan members they had found by hacking into the KKK Twitter account.

This is the second wave of cyber attacks against the KKK. On November 18, 2014, Anonymous declared cyber warfare against the KKK after they stated that they would attack protesters in Ferguson, MO. In their first offensive, Anons attacked servers hosting Klan and affiliate websites, hacked the KKK’s Twitter account and released person information of members.

Anonymous stated that the identities of Klan members are going to be released on November 5th. They have also stated that they are going to release the names of those who are associated with law enforcement and criminal justice first. Within the last 24 hours, names of alleged KKK members were released by a person who claimed to be a part of Anonymous. These names included the Mayor of Lexington, KY, who denies affiliation with the Klan.  Anonymous denies affiliation with the individual who released the information and stated on Twitter that “ was in no way involved with today’s release of information that incorrectly outed several politicians.”

https://twitter.com/Operation_KKK

http://www.scmagazine.com/anonymous-threatens-to-expose-the-identities-of-kkk-members/article/450214/

Robert Abbott

 

Facebook Gives Out Bounties to White Hat Hackers

In today’s world there are dozens of big name companies being hacked every year through countless vulnerabilities in software that we all depend on.  This has created a rather bleak public opinion of the term ‘hacker.’  Yet, as Facebook is clearly aware, not all hacking is bad hacking – it just depends on how you use the holes that you have exploited.

Facebook is a company that should be very concerned about cyber security, over a billion (yes, I said a billion) people around the world use this social media behemoth – meaning they have a lot of private information to keep track of.  Recognizing this, Facebook started an ongoing public program back in 2011 to give hackers a chance to turn away from the dark side – albeit with a little monetary reward as incentive.  They give hackers a chance to quietly report any exploits that they have found directly to Facebook in exchange for a cash bounty.

Colloquially these hackers are known as ‘white hat’ hackers, and there are surprisingly a lot of them.  Facebook dished out a total of 1.3 million dollars in 2014 alone through this program, with bounties ranging from as low as $500 to as high as $30,000.  Just recently, a hacker named Laxman Muthiyah discovered a way to delete a users photos through Facebook’s graphing API.  Grateful for the find, Facebook gave him a whopping $12,500 for reporting it without making it public.

Despite this monetary reward, these hackers can’t be all in it for the money.  By exploiting Facebook’s holes on their own or by selling them, they could surely turn a much higher profit than what Facebook is offering.  Yet, the reward coupled with a sense of morality are what drive these hackers to continue to do good rather than evil.

– Keegan Parrotte

Facebook? More like FakeBook.

Jordan omo

Csec

10/20/2014

              So in recent news there is a bit of buzz regrading certain Facebook accounts. Specifically Facebook accounts created by the DEA (Drug Enforcement Agency) and no, these are not accounts for DEA agents these are fake accounts used to catch other criminals. This is all coming to light because of a letter written by Joe Sullivan (CSO of Facebook) which states.

           “We recently learned through media reports that the Drug Enforcement Administration (“DEA”) created fake Facebook accounts and impersonated a Facebook user as part of its investigation of alleged criminal conduct unrelated to Facebook. Although we understand that the U.S. Department of Justice is currently reviewing these enforcement practices, we write to express our deep concern about the DEA’s conduct and ask that the DEA cease all activities on Facebook that involve the impersonation of others.”

          The DEA was first discovered doing this with an account created for a woman who was arrested using information from her phone. After creating the profile the officer added photo’s of the woman, and added friends on her behalf, including a man who is a known fugitive. All of these actions are in direct violation of Facebooks policies and terms of service.

You May Soon Regret Sending that Snapchat

Snapchat has been quite popular among smartphone users in the past two years. It has given users the ability to send possibly embarassing photos of themselves to others without the fear of anyone else seeing them ever again. For a while, Snapchat blocked the ability to screenshot the photos, and during that time, websites like SnapSaved have allowed users to secretly save every snapchat that they receive.

That has been great for users, until now. SnapSaved.com has announced that

[We] would like to inform the public that snapsaved.com was hacked… We had a misconfiguration in our Apache server. SnapChat has not been hacked, and these images do not originate from their database.

This can spell trouble for many people. With Snapchat being used by people of all ages and many of these people using SnapSaved.com, this is a huge privacy leak. Nearly two hundred thousand Snapchats were leaked.

A blogger named Kenny Withers has been keeping updated posts of 4Chan about the leak, and claims that there is a torrent of 13GB of all the photos and videos. It is believed that a large amount of these photos are of intimate nature. This leak comes as a harsh reminder to users that even though it seems like the photo “disappears,” it really doesn’t go away.

You can read the original article here: http://nakedsecurity.sophos.com/2014/10/13/the-snappening-snapchat-images-flood-the-internet-after-snapsaved-com-hack/