LATEST BLOG POSTS
Take a hacker seriously: the story of Raphael Grey
You will take a hacker seriously after reading the story of Raphael Grey. Raphael Grey managed to hack several e-commerce sites, accessing the customers’ credit card data for a month in 2000 at the age of 18. This hack allowed him to steal several million dollars before he was arrested by the British police and the American FBI at his home in rural Wales on March 23, 2000. Prior to his arrest, Grey posted thousands of payment data on the web to highlight the inherent weaknesses of the e-commerce sites of the time. Today we explore the activities of the best known hackers in the history of computer science, known as “Curador”, “Custodian”, or “The Saint”. The attack What was Grey’s hacking activity? Grey hacked several store sites via a computer, that he paid £800 for, from his home in Clynderwen, Pembrokeshire, Wales. According to the investigations, “Curador” had got its hands on a total of 26,000 payment records from 9 e-commerce sites across the UK, Canada, US, Japan and Thailand. There, he later posted on blogs and consumer sites around the world. Grey exploited an inherent weakness in the merchants’ computer systems. The gateway was in fact a software that allowed anyone remotely to access the information contained in the computers that used it. This flaw also affected payment information. Prior to the breach, Grey reportedly notified these sites, highlighting this security flaw in their platforms. Gray also contacted Bill Gates. But everyone ignored him. The hunt and arrest of Grey Did he get away with it? The publication of the payment information took place on a site created by Grey himself. The aim was to inform the public about the non-security of payment systems. However, we don’t know if Grey’s intentions were genuine or not. In any case, the notoriety and the belief that he would never be taken for his crimes put him under the lens of the police. Investigators enlisted the services of a former hacker, Chris Davis, who felt insulted by Grey’s arrogance. Gray believed, in fact, to be impregnable thanks to the Internet. However, he turned out differently. Davis tracked down Grey in less than a day and passed the information to the FBI who, along with the British police, arrested Grey. Here you can find an interview from Davis about Grey’s tracking. Conclusions: the story of Raphael Grey What did this story teach us? First and foremost, Grey was certainly a talented young man. It is not uncommon to read similar stories to him. We recently talked about “Kirk”, the teenager who hacked Twitter on our blog. You may be wondering if it’s easy to steal sensitive information like this Welsh guy did. Do not worry! Indeed, the protection of payment data has improved over time and today the security standards are very high. Finally, what is the moral of this story? When it comes to cybersecurity, information exchange is valuable. “Whitehat” or “ethical” hackers are confronted every day to study and anticipate the most subtle threats. In conclusion, alarms such as those of Grey must be taken seriously, even if they do not justify the thefts of millions and the publication of sensitive data to the public, of course.
Fake vaccines online: beware of scams
The NAS Carabinieri blocked two sites advertising and offering fake vaccines for COVID-19 and flu. In the latter case, subject to the obligation of medical prescription and sold only in pharmacies by a qualified pharmacist. On the first site, the Authorities noted the sale of 3 alleged vaccines for COVID-19 potentially purchasable from Italy. The analysis of the second website allowed the Carabinieri to highlight the presence of 2 flu vaccines. The World Health Organization has indeed issued a “Medical product alert” relating to possible counterfeit matches of these vaccines. The context of the operation Is it just an isolated fact? Unfortunately not. The operation of the Italian military is the tip of the iceberg of a wider phenomenon. It is part of an investigation at a European level under the coordination of Europol. Indeed, it has vanquished an international network selling personal protective equipment and drugs on the web. In sum, investigators from 19 member countries of the European Union, as well as Albania, Bosnia and Herzegovina, Colombia, Moldova, Norway, Serbia, the Republic of North Macedonia, Ukraine and the European Anti-Fraud Office (OLAF) blocked about 450 websites and posted under 4,000 monitoring. After all, hackers and cybercriminals ride the fear generated by the ongoing pandemic to scam network users, companies and institutions. We have dedicated a blog to a recent vaccine-themed phishing campaign. Conclusions: fake vaccines and the web To conclude, given its ability to concealing their online activity, cybercrime uses the web to defraud the public. It promises the sale of drugs and medication online. These are well-oiled scams that use psychological manipulation mechanisms. Many such scams take place on the Dark Web. Therefore, we advise our readers not to enter this network space without the supervision of an expert. The Dark Web is in fact full of viruses, malware, spyware and Trojans. Indeed, they are very easy to come into contact with. Finally, we salute each other with a final appeal, having everyone’s health at heart: As for vaccinations, we invite you to follow the instructions provided by the Authorities. Please do consult the relative institutional sites, regarding the presence of offers on the web of unauthorized or dubious medicine.
AiR-ViBeR: the hack that exploits PC fans
SolarWinds Attack: Italy activates the Cyber Security Nucleus
Following a tampering with a number of SolarWinds Orion platform updates in March, hackers have infiltrated the networks and computer systems of government and private entities around the world by spying on their moves and, in some cases, stealing highly sensitive data assets. The attack has also affected our country, unfortunately. From the early stages of the discovery, Italy activated the Cyber Security Nucleus, the collegiate body entrusted with the task of managing cyber incidents that could have a potential impact on national security. The Cyber Security Nucleus What is this? According to the current legislation that regulates the activities of the Information Security Department (DIS) of the Presidency of the Council of Ministers, the NSC is responsible for coordinating national cybersecurity architecture, as well as the response to any crises as a result of cyber-attacks . This structure was created as a permanent body of the Presidency of the Council of Ministers in 2017. The core response to the SolarWinds crisis How did the Nucleus respond to the SolarWinds crisis? The NCS has collaborated with “CyCLONe“, the newly established European connection network. “CyCLONE” aims to facilitate cooperation between national cybersecurity authorities in the event of destabilizing cyber incidents. Furthermore, all support and contact activities have been launched with the national subjects responsible for managing the essential functions and services of the State (included in the National Cyber Security Perimeter), the operators of essential services (provided for by the European NIS Directive – Network information System) and public administration bodies. Conclusions and advice The Nucleus has shown itself ready to take action to mitigate this emergency: our country is well protected and surveillance is high. Never let your guard down, however. For those who have suffered an intrusion via SolarWinds, we suggest a series of mitigation measures: Disconnect all systems on which SolarWinds has been installed and download any available updatesConduct a forensic analysis of the host and the networkEvaluate Indicators of Compromise (IoC) In any case, the NSC recommends that all organizations using the SolarWinds Orion platform use the appropriate section created on the CSIRT website (https://csirt.gov.it) containing advice, updates and possible accident mitigation measures.