Cyberattacks an 'existential threat' to U.S., FBI says

FBI official warns about increasing cyber-sophistication of rogue states, criminals

March 24, 2010

Computerworld - WASHINGTON - A top FBI official warned today that many cyber-adversaries of the U.S. have the ability to access virtually any computer system, posing a risk that's so great it could "challenge our country's very existence."

Steven Chabinsky, deputy assistant director of the FBI's cyber division, delivered a strong and urgent warning about the threat of cyberattacks during a presentation Tuesday at the FOSE government IT trade show here. Chabinsky also offered recommendations for countering the threat, including rules that would restrict the ability of some systems to interoperate with more vulnerable ones.

"The cyber threat can be an existential threat -- meaning it can challenge our country's very existence, or significantly alter our nation's potential," Chabinsky said. "How we rise to the cybersecurity challenge will determine whether our nation's best days are ahead of us or behind us.

"I am convinced that given enough time, motivation and funding, a determined adversary will always -- always -- be able to penetrate a targeted system," he added.

Chabinsky said that terrorism is the FBI's top cyber priority, followed by its investigation of foreign countries "that seek every day to steal our state secrets and private sector intellectual property, sometimes for the purpose of undermining the stability of our government by weakening our economic or military supremacy."

Both terrorists and foreign countries are turning to cyber-technologies "to exploit our weaknesses," Chabinsky said.

Read more: Computerworld

 

this is just the beginning of what we are about to see/experience in cyberspace


TJX Hacker Receives Record Prison Sentence

Twenty years in jail for Albert Gonzales

By Lucian Constantin, Web News Editor
March 26th, 2010, 15:28 GMT




Albert Gonzales, the most prolific credit card thief in history, was sentenced to twenty years in a federal prison yesterday. The sentence is only for the 2005 attacks against TJX, Office Max, Barnes & Noble, Dave & Busters and a few other retailers; however, the hacker is also awaiting sentencing in a different case.


According to the authorities, Gonzales and his gang stole data for over 90 million credit and debit cards, causing more than $200 in damages and affecting a total number of people bigger than the population of some large cities. Wired reports that U.S. District Judge Patti Saris, who delivered the sentence on Thursday in Boston, settled on 20 years after the prosecution pushed for the maximum of 25 and the defense proposed 15.

The judge only fined him $25,000, but that's because the amount he will be ordered to pay at an upcoming hearing will probably be in the order of tens of millions of dollars. "You’re never possibly going to be paying back all the restitution that’s going to be ordered,” the judge told Gonzales, when sentencing him.

Albert Gonzales, now 28, began his cyber-criminal life on underground forums where hackers exchange stolen credit card information and other personal information. Authorities arrested Gonzales in New York in 2003 for using fraudulent cards to withdraw cash from ATMs, but released him in exchange for his assistance in bringing down other carders.

Following a successful sting operation instrumented with his help, the U.S. Secret Services hired him as deliverer of paid information on a $75,000/year salary. However, Gonzales secretly resumed his old habits and using a different online identity, started planning what was to become the largest identity theft operation in history.

After breaching the computer network at TJX, one of the largest retail groups in the world, the hacker and his associates planted a sniffer program that siphoned credit card data passing through it in real-time. Similar information was also stolen from the networks of other retailers and uploaded to servers in Eastern Europe.

In addition, the hacker will be sentenced today for his instrumental role in a different case involving breaches at Heartland Payment Systems, Hannaford Brothers, 7-Eleven and others, which resulted in an additional 130 million credit cards being stolen. The charges related to these hacks, to which Gonzales already pleaded guilty last year, carry a possible sentence of between 17 and 25 years in prison. However, it will be served concurrently with the 20-year one.