police

How Anonymous spied on FBI / UK Police hacking investigation conference call

Posted on


 

http://sophosnews.files.wordpress.com/2012/02/conference-call-spy-170.jpg” alt=”Conference call spy image from Shutterstock” align=”right” hspace=”10″ vspace=”10″ />

Conference call spy image from ShutterstockLast month, we reported how a conference call, between the FBI and Scotland Yard, discussing their investigation into Anonymous hackers had been secretly recorded by the hacking collective and published on the net.

We surmised at the time that the unknown hackers might have secretly accessed the call by compromising a police investigator’s email account, as the call-in details and passcode were posted by Anonymous on their usual dumping ground – the PasteBin website.

http://sophosnews.files.wordpress.com/2012/02/fbi-email1.jpg” alt=”Conference call email, republished by Anonymous” />

Conference call email, republished by AnonymousYesterday’s announcement by the FBI about the prominent LulzSec hacker Sabu, and other alleged hacktivists, has revealed more details about what actually happened.

According to an FBI press release, a Garda (Irish police) officer who was invited to attend the conference call about ongoing hacking investigations forwarded the message to a personal email account.

Unfortunately, that personal email account was compromised by a hacker.MORE

Is Facebook the right place to report a crime?

Posted on


Ballarat, a country town in Victoria, Australia, has made the news today thanks to social networking.

Under the headline Police tell users Facebook takes the complaints, regional newspaper The Courier reports:

Flyers have been sent to several police stations in the region, urging residents to contact Facebook's abuse department for minor matters rather than involve police.

But breathless, if unofficial, evangelist website All Facebook has reworked this headline to make it more impressive. They’re shouting out loud thatAustralian Cops Want Crimes Reported Via Facebook.


But this isn’t at all what the cops are suggesting. In fact, it looks as though the cops are urging people to seek resolution from Facebook for all matters which aren’t crimes, so that they can have more time to deal with serious online matters which require police involvement.

Facebook isn’t a law enforcement agency – and even if it were, it wouldn’t have jurisdiction in Victoria, or almost all other places on earth. Crimes should be reported to the police. They’re empowered to investigate and to act against wrongdoers.

(Police in your jurisdiction may have online reporting systems for cybercrimes. It’s well worth checking. Examples include the FBI’s gloriously easy-to-remember IC3 – the Internet Crime Complaint Center – athttp://ic3.gov/, and the Queensland Police Service’s Advance Fee Fraud Reporting Form for dobbing in scammers.)

The Ballarat region, and the Ballarat police, are no strangers to Facebook-related criminality: almost exactly a year ago, the cops intervened over an odious Facebook page entitled “100 Biggest Sluts of Ballarat”, which allegedly named girls as young as 14.

Of course, this raises the question, “How do I know whether online anti-social behaviour, or the latest outbreak of fraudulent Likejacking, is a crime or not?”

Where does online behaviour cross from being odious and reprehensible to being criminal? And what about cases which might feel to be on the borderline?

I suspect that many Facebook users might assume that the simplest way to get rid of abusive content would be to ask Facebook simply to to knock it offline. No need for police reports, official statements and potential lengthy entanglement in a criminal court case in which you have to front up to your abuser from the witness box.

But it’s not always that easy to get Facebook on your side. Naked Security’s own Graham Cluley found that out three years ago when he returned from an overseas vacation to discover that he was being subjected to arson and death threats against his family.

The provocation for this behaviour was a fraudulent Facebook page using Graham’s identity to taunt British soldiers.

Graham was informed by Facebook that this was out of their bailiwick – indeed, they advised him to go to the police – and only took down the offending material when he came up with the master-stroke of pointing out that some of the malevolent material was violating Sophos’s copyright. That got Facebook’s attention at once!

So the Catch-22-esque problem faced by the Ballarat police is that to persuade people to stop phoning them with online behavioural complaints which are out of their remit, they’ve had to invite people to phone them to find out which complaints are in their remit.

Nevertheless, common sense can help shield you from a lot of odious on-line trouble. As Craig Pearce, a Sergeant with the Ballarat police, wryly points out, There’s no need to have 1600 friends on Facebook if you don’t like them.”

You should also consider joining the SophosSecurity page on Facebook, where you can keep on top of the latest security threats, and ask for help with Facebook issues amongst our thriving community of more than 95,000 people. No, we’re not suggesting you befriend them all. Keep friendships – both on-line and off-line – for people you actually know, and like, and trust.