You are here: Home / Archives for Hacking

The E-Discovery Implications of the News of the World Phone Hacking Scandal | Exterro

July 21, 2011 By Leave a Comment

As reported in the UK’s Guardian Newspaper, the unnamed executive is alleged to have deleted files from an internal archive containing about 500 GB of data.  The archive contained email correspondence between News of the World editors, reporters, and private investigators dating back to 2005.

The e-discovery implications of this scandal are twofold.  For starters, the alleged deletions come amidst an active police investigation.  Should police identify the executive – and any accomplices – and obtain the necessary evidence there is a high likelihood that criminal charges will be filed for obstruction of justice.  Secondly, News Corp – the owner of News of the World – is bracing for a swarm of civil lawsuits filed by phone hacking victims and evidence related to those cases was likely deleted.

It is important to note that the e-discovery rules differ somewhat between the U.K. and the U.S. (incidentally, discovery is referred to as “disclosure” across the pond).  Generally, e-discovery requirements are far more stringent in U.S. courts than in the U.K., and rulings of evidence spoliation are far more common.  Moreover, the repercussions for evidence spoliation are considered far harsher in the U.S. (see the 2010 Victor Stanley case where Judge Grimm deemed the evidence spoliation so sweeping and egregious he recommended jail time).  However, there have been cases in the U.K., notably Rybak & Others v. Langbar International Ltd (good analysis here), when deliberate evidence spoliation has resulted in severe consequences.

The bottom line, while there may be differences in discovery rules between the U.S. and U.K., punishment awaits those in either country who deliberately delete electronic evidence that could be responsive in litigation.   In other words, News Corp’s attorneys will likely have a lot of explaining to do in court.

via The E-Discovery Implications of the News of the World Phone Hacking Scandal | eDiscovery, E-Discovery, Electronic Discovery Beat Blog | Exterro.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

FBI Opens 9/11 Phone-Hacking Investigation – WSJ.com

July 14, 2011 By Leave a Comment

The Federal Bureau of Investigation has opened a probe into whether employees of News Corp. might have hacked or attempted to hack into the private calls and phone records of Sept. 11 victims and their families, according to people familiar with the matter.

The investigation was opened Thursday morning, following a request a day earlier by Rep. Peter King (R., N.Y.) who heads the House Homeland Security Committee and whose Long Island district was home to many victims of the 2001 terrorist attacks.

The investigation will try to determine whether employees of News Corp. illegally accessed the private calls, voice-mail messages, or call records of 9/11 victims or their families, these people say. It will also look into whether any News Corp. employees bribed or sought to bribe police officials to gain access to such records.

The FBI has opened a probe into whether employees of News Corp. might have hacked or attempted to hack into the private calls and phone records of Sept. 11 victims and their families.

A scandal over phone hacking in the U.K. by News of the World, a publication recently closed by News Corp., has roiled the media empire and prompted a series of legal inquiries.

via FBI Opens 9/11 Phone-Hacking Investigation – WSJ.com.

Filed Under: From The News Tagged With: , , , , , , , , ,

LulzSec gone, Anonymous back; releases files from U.S. Counter Terrorist Program – International Business Times

June 27, 2011 By Leave a Comment

Hacking group LulzSec went out of the scene, but another collective of hackers, Anonymous, continues with its job. The hacking group has released a set of files containing documents and links to security and hacking resources on the internet. The released files also include various hacking and counter hacking tools along with the addresses of FBI bureaus in the U.S.

 

The size of the released file is 625 MB, and it seems to have come from the U.S. FEMA (Federal Emergency Management Agency) Counter Terrorism Defence Initiative training program. Although the hackers linked to the CDI SENTINAL program page, they didn’t mention the exact source of the file, ITProPortal reported.

Anonymous gained over 60,000 new followers in the last few hours, as LulzSec persuaded its Twitter followers to follow the @AnonymousIRC account after declaring its suspension.

via LulzSec gone, Anonymous back; releases files from U.S. Counter Terrorist Program – International Business Times.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

LulzSec hacks into Arizona police’s computers, posts confidential documents – International Business Times

June 24, 2011 By Leave a Comment

Hacking group LulzSec, who declared war against Government sites, banks under operation ‘Anti-Sec’, has posted confidential documents from Arizona police.

 

“We are targeting AZDPS specifically because we are against SB1070 law and the racial profiling anti-immigrant police state that is Arizona,” LulzSec said in a press release. “Hackers of the world are uniting and taking direct action against our common oppressorss—the government, corporations, police, and militaries of the world.”

Spokesman Steve Harrison of the Arizona agency said the documents appeared to be authentic and said LulzSec most likely accessed them via the email accounts of eight officers, WSJ reported

via LulzSec hacks into Arizona police’s computers, posts confidential documents – International Business Times.

Filed Under: From The News, Tech Bytes Tagged With: , , , , , , , , ,

China Rejects Google’s Accusation of Hacking – NYTimes.com

June 7, 2011 By Leave a Comment

China’s official Communist Party newspaper issued a caustic response on Monday to Google’s charge that Chinese hackers had taken aim at influential users of its Gmail service, calling the accusations “political gaming” aimed at fomenting new discord between the Beijing and Washington governments.

The newspaper, People’s Daily, published a front-page editorial in Monday’s international editions that also suggested that Google’s actions could cost it credibility in the business world.

“Many international bystanders believe that Google’s charge is thickly tainted with political colors, and one can’t dismiss the fact that Google is taking advantage and provoking new Sino-American Internet security disputes with sinister intentions,” the editorial stated. “Today’s Google really makes one wring one’s hands. What was once a model of leading Internet innovation has now become a political tool for slandering other countries.”

via China Rejects Google’s Accusation of Hacking – NYTimes.com.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

Fired Gucci Employee Indicted for Hacking Company’s Computer Network | News & Opinion | PCMag.com

April 6, 2011 By Leave a Comment

A former employee for Gucci America was indicted this week for tampering with and remotely accessing the company’s computer system.

Sam Chihlung Yin, 34, was a network engineer with the fashion company until May 2010, when he was fired for unrelated reasons. Prior to his dimissal, he used his technical know-how to create a fake virtual private network (VPN) token. He took it with him after he was fired and tricked the Gucci IT department into activating it.

Over the next several months, Yin used his knowledge of Gucci’s network and administrator-level passwords to “gain nearly unfettered access to Gucci’s network,” according to the New York County District Attorney’s Office.

Yin shut down several servers and networks and deleted data. Gucci lost access to documents and email for nearly 24 hours, while other documents and emails were deleted permanently. This affected Gucci retail stores and online sales, resulting in $200,000 worth of damage.

via Fired Gucci Employee Indicted for Hacking Company’s Computer Network | News & Opinion | PCMag.com.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

The Thin Line Between Electronic Discovery and Hacking | Catalyst E-Discovery Blog

December 25, 2010 By 1 Comment

Is it ever appropriate to tap into someone else’s computer network in order to preserve documents for litigation?

An interesting decision from the 3rd U.S. Circuit Court of Appeals addresses this question, deciding whether a plaintiff’s attempt to preserve digital documents during litigation was appropriate under federal discovery rules or unlawful under state and federal computer anti-hacking statutes. In the Dec. 13 opinion, Joseph Oat Holdings, Inc. v. RCM Digesters, Inc., the court introduces the issue this way:

“This appeal involves an overlap between substantive claims under state and federal anti-hacking laws and alleged electronic discovery misconduct.”

The facts are somewhat involved, but I’ll give you the bullet-point version of what happened, as recounted in the court’s opinion:

In February 2005, two wastewater-treatment companies, Biothane Corporation and RCM Digesters Inc., formed a joint venture, RCM Biothane.

In June 2005, the computer networks of Biothane’s parent company, Joseph Oat Holdings Inc., and the joint venture, RCM Biothane, were connected via a virtual private network. Biothane employees in New Jersey administered the VPN and controlled the RCM Biothane server located in Oakland, Calif.

In August 2006, the parties entered into a separation agreement purporting to end the joint venture. Evidence indicated that RCM continued to operate RCM Biothane after that date.

In September 2006, Biothane sued RCM for trademark infringement, unfair competition, breach of contract, and various other counts.

On Oct. 11, 2006, RCM’s attorney sent Biothane a litigation hold letter. On Oct. 20, he sent a second letter reiterating his request that Biothane preserve all electronic data.

Around the same time that Biothane received the litigation hold letter, it began to systematically copy the files from the joint venture’s server, to which it still had access. Internal memos referred to this as the “information copy project” and instructed employees to do this “under the rader.” A Biothane V.P. later testified that he ordered the copying in response to RCM’s litigation-hold letter and believed he had a responsibility to preserve these files.

When it discovered the copying, RCM, claiming the servers had reverted to its control, filed a motion to amend its counterclaim to add counts alleging violations of California, New Jersey and U.S. anti-hacking laws. RCM also filed a motion asking for discovery sanctions against Biothane for its copying of the files.

Ruling on the request for sanctions, a U.S. magistrate judge found that Biothane’s copying of the documents was “willful” but not in “flagrant bad faith.” He concluded that Biothane “accessed defendants’ computer to preserve business documents, not for the purpose of gaining an advantage in this litigation.” Finding that Biothane could have believed it was justified in accessing the documents, the magistrate judge imposed a fairly modest sanction of paying RCM’s costs, but not attorneys’ fees, incurred in discovery directed to finding out what documents were taken from RCM’s computer system.

via The Thin Line Between Electronic Discovery and Hacking | Catalyst E-Discovery Blog.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

F.B.I. Memos Reveal Cost of a Hacking Attack – NYTimes.com

December 14, 2010 By Leave a Comment

Repelling a hacker attack can be costly as PayPal, Visa and MasterCard undoubtedly found out last week as they tried – with mixed success – to keep their Web sites from being knocked offline by supporters of Wikileaks.

How much money exactly? An unrelated attack several years earlier on Google may provide some insight.

In 2005 Google was battling the Santy worm, a bit of malicious software that caused infected computers across the globe to automatically enter search queries – so many, in fact, that Google was overwhelmed. Details of the episode are chronicled in internal F.B.I. memos obtained by The New York Times through a Freedom of Information Act request.

On Dec. 22, 2005, Google complained to the F.B.I. that the attack had slowed its search engine’s performance. For 12 to 18 months previous, Google said it had been plagued by variants of the worm, which used search queries to find vulnerable Web sites and deface them by exploiting a security hole in community forum software PHP Bulletin Board.

Under pressure from antivirus groups, Google had tried to filter queries containing phrases linked to the worm, but with limited success.

“As Google filters out certain string search phrases, within minutes, the subjects modify the search phrase to once again bypass Google’s filters,” an F.B.I. agent in San Francisco wrote to colleagues in recommending that an investigation be opened.

Moreover, Google’s efforts to stop the worm had unintended consequences. Its filters blocked legitimate searches, the agent wrote.

In a measure in the seriousness of the attack, Google devoted an entire engineering team to the battle. Preliminary estimates put the cost to the company in terms of man hours and lost revenue at up to $500,000, according to the report.

via F.B.I. Memos Reveal Cost of a Hacking Attack – NYTimes.com.

Filed Under: From The News Tagged With: , , , , , , , , ,

Why your companies need Ethical Hacking? | mycomputer2u.com

July 12, 2010 By Leave a Comment

Many people refers to hacking as a horrible think and some think which they should avoid but the term ethical hacking makes people scratch their head and think why they would want to get hacked but ethical hacking saves many companies millions.

Ethical hacking is an important step in the security process of a company. How can a company be sure that they are safe against a real damaging hacking? Company can hire cyber security experts that will try to hack the network and find the areas which are insecure so that company can take necessary actions to become more secure. They normally checks for actually hacking into customer files and leaks that allows viruses which can be harmful to net network. These can cost companies an enormous amount of money as well as reputation, thus making ethical hacking an important part of the security process of any company. Ethical hacking is mostly done by the individuals who are trained in the cyber security.

via Why your companies need Ethical Hacking?.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,