Brian Krebs Concepts

Spam Nation: The Inside Story of Organized Cybercrime-From Global Epidemic to Your Front Door

by Brian Krebs · 18 Nov 2014 · 252pp · 75,349 words

access to new ideas we're developing, and sneak peeks at our hottest titles! Happy reading! SIGN UP NOW! For my BizMgr Copyright © 2014 by Brian Krebs Cover and internal design © 2014 by Sourcebooks, Inc. Cover design by The Book Designers Sourcebooks and the colophon are registered trademarks of Sourcebooks, Inc. All

…

.com Library of Congress Cataloging-in-Publication Data Krebs, Brian. Spam nation : the inside story of organized cybercrime—from global epidemic to your front door / Brian Krebs. pages cm 1. Computer crimes—United States. 2. Internet fraud—United States. 3. Spam (Electronic mail) 4. Phishing. 5. Organized crime—United States. I. Title

…

, but related to recent events we would like to know how it was possible that five (5!) reputable experts-agents (including NASA experts and Mr. Brian Krebs) from the USA (where every tenth person speaks Russian, source: Wikipedia), could not figure out that on Crutop.nu in the SPAM sub-forum, discussions

…

Network (RBN), the bulletproof hosting empire detailed in the first half of Chapter 2.7 Despduck wrote (again, with the Y capitalization in “You”): 1.Brian Krebs, believe it or not, was actually paid by RBN guys (by GlavMed mostly) to publish his research. All of his info is actually based on

…

. The alert linked to a brief message posted to the Russian blogging service LiveJournal that broadcast my precise location. The posting read: “American cybersecurity blogger Brian Krebs is now in Russia, staying at the Moscow Marriott Grand.” I ran upstairs and bolted the door to my spacious hotel room, immediately beginning to

…

that was competing directly with Vrublevsky’s firm for a lucrative credit card processing contract with Russia’s largest airline). ABOUT THE AUTHOR © KRISTOF CLERIX Brian Krebs is the editor of KrebsOnSecurity.com, a daily blog dedicated to in-depth cybersecurity news and investigation. For the third year running, KrebsOnSecurity.com was

Engineering Security

by Peter Gutmann

, Annie Antón and David Baumer, IEEE Security and Privacy, Vol.5, No.5 (September/October 2007), p.15. [219] “Web Fraud 2.0: Digital Forgeries”, Brian Krebs, 21 August 2008, http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_digital_forgeries.html. [220] “Cops Pull Plug on Rent-a-Fraudster Service

…

Morley, 8 February 2013, https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security. [413] “Security Firm Bit9 Hacked, Used to Spread Malware”, Brian Krebs, 8 February 2013, http://krebsonsecurity.com/2013/02/security-firmbit9-hacked-used-to-spread-malware. [414] “Bit9 Breach Began in July 2012

…

”, Brian Krebs, 20 February 2013, http://krebsonsecurity.com/2013/02/bit9-breach-began-in-july-2012. [415] “Bit9 Security Incident Update”, Harry Sverdlove, 25 February 2013, https://

…

Digital Signature Infrastructure”, Anne Wheeler and Lynn Wheeler, draft-wheeler-ipki-aads-01.txt, 16 November 1998. [496] “Styx Exploit Pack: Domo Arigato, PC Roboto”, Brian Krebs, 8 July 2013, http://krebsonsecurity.com/2013/07/styx-exploit-pack-domoarigato-pc-roboto. [497] “Certificates for the Masses: A Community-oriented Certification Authority”, Adam

…

.1. [640] “Persuasive Technology: Using Computers to Change What We Think and Do”, B.J. Fogg, Morgan Kaufmann, 2003. [641] “The New Face of Phishing”, Brian Krebs, 13 February 2006, http://blog.washingtonpost.com/securityfix/2006/02/the_new_face_of_phishing_1.html. 124 Problems [642] “Phishers use phone instead of

…

discussion of the relative effectiveness of conventional malwareprotection measures compared to code-signing in “Digitally Signed Malware” on page 50). As former Washington Post reporter Brian Krebs points out, “Every victim I’ve ever interviewed was running anti-virus software. All of the products failed to detect the malware until the victim

…

and Rune Nergârd, IEEE Security and Privacy, Vol.7, No.2 (March/April 2009), p.83. [388] “Calif. Co. Sues Bank Over $465k eBanking Heist”, Brian Krebs, 25 July 2011, http://krebsonsecurity.com/2011/07/calif-co-sues-bank-over465k-ebanking-heist/comment-page-1/#comment-24507. [389] “It’s All About

…

, Information Week TechWeb News, 28 December 2005, http://www.informationweek.com/news/showArticle.jhtml?articleID=175701011. [622] “Should E-Mail Addresses Be Considered Private Data?”, Brian Krebs, 19 October 2007, http://voices.washingtonpost.com/securityfix/2007/10/database_theft_leads_to_target.html. [623] “Deconstructing the Fake FTC E-mail Virus Attack

…

”, Brian Krebs, 5 November 2007, http://voices.washingtonpost.com/securityfix/2007/11/deconstructing_the_fake_ftc_em.html. [624] “Using Cartoons to Teach Internet Security”, Sukamol Srikwan

…

Adrian Perrig, Proceedings of the USENIX Annual Technical Conference (USENIX ‘08), June 2008, p.321. [558] “Firefox Plug-in Offers Clarity on Web Site Security”, Brian Krebs, 2 September 2008, http://voices.washingtonpost.com/securityfix/2008/09/firefox_plug-in_offers_clarity.html. [559] “VeriKey: A Dynamic Certificate Verification System for Public

…

, Proceedings of the 6th Symposium on Usable Security and Privacy (SOUPS’10), July 2010, p.1. [178] “Taming Vista’s User Account Control Pop-Ups”, Brian Krebs, 4 November 2008, http://voices.washingtonpost.com/securityfix/2008/11/taming_vistas_user_account_con.html/. [179] “The Case Against User Interface Consistency”, Jonathan Grudin

…

] “DEP / ASLR Neglected in Popular Programs”, Carsten Eiram / Secunia, 1 July 2010, http://secunia.com/blog/105. [283] “Top Apps Largely Forgo Windows Security Protections”, Brian Krebs, 1 July 2010, http://krebsonsecurity.com/2010/07/top-apps-largely-forgowindows-security-protections/. References 519 [284] “The Enhanced Mitigation Experience Toolkit”, Microsoft Corporation, 18

…

, to appear. [190] “Verified by Visa?”, Rik Ferguson, 1 December 2011, http://countermeasures.trendmicro.eu/verified-by-visa/. [191] “Loopholes in Verified by Visa & SecureCode”, Brian Krebs, 2 December 2011, http://krebsonsecurity.com/2011/12/loopholes-in-verified-byvisa-securecode/#more-12721. [192] “Re: Verfied by Visa finally gets outed”, James Fidell

…

Study”, Secure Science Corporation and Michael Ligh, 13 November 2006, http://www.securescience.net/FILES/securescience/10378/pubMalwareCaseStudy.pdf. "Malware Targets E-Banking Security Technology", Brian Krebs, 30 November 2007, http://voices.washingtonpost.com/securityfix/2007/11/new_malware_defeats_sitekey_te.html. [96] [97] "Phishing kits take advantage of novice fraudsters

This Is How They Tell Me the World Ends: The Cyberweapons Arms Race

by Nicole Perlroth · 9 Feb 2021 · 651pp · 186,130 words

P.M. on a Sunday, but ultimately, we are all on the same side. A special shout-out to Joe Menn, Andy Greenberg, Kevin Poulsen, Brian Krebs, Kim Zetter, Ellen Nakashima, and Chris Bing. The idea for this book started when Danielle Svetcov invited me to dinner. Various agents had solicited my

Dawn of the Code War: America's Battle Against Russia, China, and the Rising Global Cyber Threat

by John P. Carlin and Garrett M. Graff · 15 Oct 2018 · 568pp · 164,014 words

and Michael Kern, “Terrorist 007, Exposed,” Washington Post, March 26, 2006, www.washingtonpost.com/wp-dyn/content/article/2006/03/25/AR2006 032500020.html. 7. Brian Krebs, “Terrorism’s Hook into Your Inbox: U.K. Case Shows Link Between Online Fraud and Jihadist Networks,” Washington Post, July 5, 2007, www.washington post

…

/NSAEBB/NSAEBB424/docs/Cyber-030.pdf. 95. Poulsen, Kingpin, 74. 96. See Misha Glenny, DarkMarket: How Hackers Became the New Mafia (Vintage, 2012), 41. 97. Brian Krebs, Spam Nation: The Inside Story of Organized Cybercrime—From Global Epidemic to Your Front Door (Sourcebooks, 2014), 17. 98. Ibid., 26. 99. Ibid., 20. 100

Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks

by Scott J. Shapiro · 523pp · 154,042 words

-Mobile website.” As the media was speculating about the wizards who had compromised Paris Hilton’s cell phone, the cybersecurity reporter for The Washington Post, Brian Krebs, received a series of texts from an unknown number. The sender claimed to be a sixteen-year-old boy, Cameron LaCroix. He also claimed responsibility

…

server, to which Cameron now had total access. “As soon as I went into her camera and saw nudes, my head went, ‘Jackpot,’” he told Brian Krebs. “I was like, ‘Holy **** dude … she’s got nudes. This ****’s gonna hit the press so ******* quick.’” Authentication Like any good guard, an operating system

…

, September 20, another massive DDoS attack was launched, this time against a cybersecurity blog, Krebs on Security. In his long career specializing in cybercrime reporting, Brian Krebs has exposed numerous illicit enterprises, especially bank and credit card fraud operations out of Eastern Europe. Krebs has faced massive retaliation for the exposés he

…

Field Office, was scanning for the next thing, too. A few weeks after the arrests of those behind VDoS, he found it. On September 20, Brian Krebs wrote an exposé on BackConnect and how it was a “bulletproof” server for botnet C2s, meaning that it would refuse to cooperate with law enforcement

…

attacks. Google placed vulnerable websites behind its immense infrastructure to absorb and filter malicious traffic. Project Shield was established to protect dissidents against repressive governments. Brian Krebs, however, needed protection from three teenagers. Within fourteen minutes of the announcement, the attacks resumed. The onslaught was a “greatest hits” of DDoS techniques. The

…

’s team got its break in the usual way—from a Mirai victim. The September 25 barrage on Brian Krebs’s blog enabled Google to record the location of every bot that had attacked it. Brian Krebs gave Google permission to share the location information with the FBI. With this information, the Anchorage cyber

…

pay $5,000 for an entire week of attacks. The service came with a money-back guarantee if the botnet didn’t work. According to Brian Krebs, the typical customer for the service “is a teenage male who is into online gaming and is seeking a way to knock a rival team

…

for redirecting traffic to a meaningless address and thus to a digital black hole. Paras learned of ProxyPipe’s action from a comment posted on Brian Krebs’s blog. Paras was impressed by the only company able to beat Mirai and contacted Coelho to congratulate him. The discussion between the two men

…

, except to note that “the principal suspect of this investigation is a UK national resident in Northern Ireland.” But based on reports from multiple sources, Brian Krebs has since reported that Sterritt was responsible for the attacks. Once again, a teenager was responsible for devastating attacks on the internet previously attributed to

…

’s imitators wrought, law enforcement was intensely interested in the Mirai authors. So were private security researchers. After all, the Mirai gang had gone after Brian Krebs—the premier cybercrime reporter. As Allison Nixon of Flashpoint put it, “They dumped the source code and attacked a security researcher using tools interesting to

…

booter services in order to trace the PayPal accounts that these services were using. When PayPal found out, it seized these accounts and balances. As Brian Krebs put it, PayPal launched “their own preemptive denial-of-service attacks against the payment infrastructure for these services.” Like other booter services, VDoS tried to

…

’s sources, Kelly Hallissey, who had befriended the hacking group of which Cameron was a member, confirmed that the teenager had indeed been the perpetrator. Brian Krebs, “Paris Hilton Hack Started with Old-Fashioned Con,” The Washington Post, May 19, 2005. “Hip Hop Debs”: Nancy Jo Sales, “Hip Hop Debs,” Vanity Fair

…

/09/DDoS-attack-iot.html. any of its rivals: One prominent rival, the vDOS botnet, advertised their rate as “up to 50 gigabits per second”: Brian Krebs, “Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years,” Krebs on Security, September 8, 2016, https://krebsonsecurity.com/2016/09/israeli-online-attack

…

shut WikiLeaks down: Josh Halliday and Angelique Chrisafis, “WikiLeaks: France Adds to US Pressure to Ban Website,” The Guardian, December 3, 2010. Krebs on Security: Brian Krebs, “Krebs on Security Hit with Record DDoS,” Krebs on Security, September 21, 2016, https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/. massive retaliation

…

Krebs’s house in suburban Fairfax, Virginia, apprehended Krebs, and put him in handcuffs before the journalist could convince them that it was a hoax: Brian Krebs, “The World Has No Room for Cowards,” Krebs on Security, March 15, 2013, krebsonsecurity.com/2013/03/the-world-has-no-room-for-cowards. between

…

Attack,” The Daily Targum, March 30, 2015, https://dailytargum.com/article/2015/03/rutgers-network-crumples-under-siege-by-ddos-attack. a friend later reported: Brian Krebs, “Who Is Anna-Senpai, the Mirai Worm Author?,” Krebs on Security, January 18, 2017, krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm

…

-author. conceal his identity: The post is here: “@Rutgers Community,” Pastebin, April 29, 2015, pastebin.com/9d0vRep8. Brian Krebs connected the post to Paras. See Krebs, “Who Is Anna-Senpai?” fourth attack on the Rutgers: Kelly Heyboer, “Who Hacked Rutgers: University Spending up to

…

, 67. gang known as VDoS: Krebs, “Israeli Online Attack Service.” providing these services for four years: Krebs, “Israeli Online Attack Service.” from Israel in 2012: Brian Krebs, “Alleged VDOS Proprietors Arrested in Israel,” Krebs on Security, September 10, 2016, https://krebsonsecurity.com/2016/09/alleged-vdos-proprietors-arrested-in-israel. Denial of

…

zombie computers: Ellen Messmer, “Experts Link Flood of ‘Canadian Pharmacy’ Spam to Russian Botnet Criminals,” The New York Times, July 16, 2009. over three years: Brian Krebs, “Top Spam Botnet, ‘Grum,’ Unplugged,” Krebs on Security, July 19, 2012, krebsonsecurity.com/2012/07/top-spam-botnet-grum-unplugged

…

; Brian Krebs, “Who’s Behind the World’s Largest Spam Botnet?,” Krebs on Security, February 1, 2012, http://krebsonsecurity.com/2012/02/whos-behind-the-worlds-largest-

…

, https://www.repository.cam.ac.uk/bitstream/handle/1810/252340/ Hutchings%20%26%20Clayton%202015%20Deviant %20Behavior.pdf?sequence=1&isAllowed=y. in one year: Brian Krebs, “Following the Money Hobbled VDoS Attack-for-Hire Service,” Krebs on Security, June 6, 2017, krebsonsecurity.com/2017/06/following-the-money-hobbled-vdos-attack

…

8, 2011, www.usenix.org/legacy/events/sec11/tech/full_papers/ Caballero.pdf. fourteen gigabits/second: Krebs, “Israeli Online Attack Service.” Hack Forums once did: Brian Krebs, “Hackforums Shutters Booter Service Bazaar,” Krebs on Security, October 31, 2016, https://krebsonsecurity.com/2016/10/hackforums-shutters-booter-service-bazaar/. known as nodes: See

…

. “lightspeed” and “thegenius”: United States Department of Justice, December 5, 2017, https://www.justice.gov/opa/press-release/file/1017596/download. half a million computers: Brian Krebs confirmed that Josiah had contributed to Qbot: Krebs, “Who Is Anna-Senpai?” Information on Qbot can be found at Phil Muncaster, “Massive Qbot Botnet Strikes

…

code was written in Go, a programming language developed by Google that handles concurrency processing well. The unusual choice of Go was key evidence when Brian Krebs linked Anna_Senpai to Paras. See Krebs, “Who Is Anna-Senpai?” Paras was in charge of building the C2. See United States v. Paras Jha

…

When It’s Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches (Cambridge, MA: MIT Press, 2018), 59–78. a million Windows machines worldwide: Brian Krebs, “‘Operation Tovar’ Targets ‘Gameover’ ZeuS Botnet, CryptoLocker Scourge,” Krebs on Security, June 2, 2014, https://krebsonsecurity.com/2014/06/operation-tovar-targets-gameover-zeus-botnet

…

botnets: Purdue CERIAS, “2020–04–08 CERIAS-Mirai-DDoS,” at 35:30. VDoS founders in Israel: Krebs, “Alleged vDOS Proprietors.” they went dark as well: Brian Krebs, “Are the Days of ‘Booter’ Services Numbered?,” Krebs on Security, October 27, 2016, krebsonsecurity.com/2016/10/are-the-days-of-booter-services-numbered. 10

…

News Sites from Cyberattacks—for Free,” Wired, February 24, 2016, www.wired.com/2016/02/google-wants-save-news-sites-cyberattacks-free. the attacks resumed: Brian Krebs, “How Google Took on Mirai, KrebsOnSecurity,” Krebs on Security, February 3, 2017, krebsonsecurity.com/2017/02/how-google-took-on-mirai-krebsonsecurity/#more-37945. “greatest

…

Keep the Internet Safe?” Lawfare, Wednesday, May 2, https://www.lawfareblog.com/whois-going-keep-internet-safe; “Who Is Afraid of More Spams and Scams?” Brian Krebs, https://krebsonsecurity.com/2018/03/who-is-afraid-of-more-spams-and-scams/#more-42946. a d-order: 18 U.S.C. §2703(d). applying

…

University Press, 2008). “I’ve run against”: Graff, “How a Dorm Room.” raided the boy’s house: Graff, “How a Dorm Room.” 350 gigabits/second: Brian Krebs, “Who Is Anna-Senpai, the Mirai Worm Author?,” Krebs on Security, January 18, 2017, krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm

…

-author. “is a teenage male”: Brian Krebs, “‘Operation Tarpit’ Targets Customers of Online Attack-for-Hire Services,” Krebs on Security, December 13, 2016, https://krebsonsecurity.com/2016/12/operation-tarpit-targets-customers

…

://www.usenix.org/system/files/conference/usenixsecurity17/sec17-antonakakis.pdf. a teenage boy: Shortly after the Dyn attack, Hack Forums removed their Booting Services board: Brian Krebs, “Hackforums Shutters Booter Service Bazaar,” Krebs on Security, October 31, 2016, https://krebsonsecurity.com/2016/10/hackforums-shutters-booter-service-bazaar/. TalkTalk: Mark Tighe, “Larne

…

(April–June 2018), August 22, 2018, https://www.nipolicingboard.org.uk/sites/nipb/files/publications/ ni-performance-report-apr-june-2018.pdf. for the attacks: Brian Krebs, “New Charges, Sentencing in Satori IoT Botnet Conspiracy,” Krebs on Security, June 26, 2020, krebsonsecurity.com/2020/06/new-charges-sentencing-in-satori-iot-botnet

…

, at over $180,000”); United States v. Paras Jha and Dalton Norman, Government’s Sentencing Memo, filed September 11, 2018, 29. $16 billion per annum: Brian Krebs, “Mirai IoT Botnet Co-Authors Plead Guilty,” Krebs on Security, December 13, 2017, https://krebsonsecurity.com/2017/12/mirai-iot-botnet-co-authors-plead-guilty

…

Computer, July 22, 2017, https://www.bleepingcomputer.com/news/security/hacker-bestbuy-admits-to-hijacking-deutsche-telekom-routers-with-mirai-malware/. a bunch of teenagers: Brian Krebs, “New Charging, Sentencing in Satori,” Krebs on Security, June 25, 2020, https://krebsonsecurity.com/2020/06/new-charges-sentencing-in-satori-iot-botnet-conspiracy/. “They

…

dumped the source code”: Brian Krebs (BrianKrebs), “Expert: IoT Botnets the Work of a ‘Vast Minority,’” VoIP-Info Forum, January 24, 2018, www.voip-info.org/forum/threads/expert-iot-botnets

…

. especially severe: Anthony Faiola, “Mass Flight of Tech Workers Turns Russian IT into Another Casualty of War,” The Washington Post, May 1, 2022. “Fucking Visa”: Brian Krebs, Spam Nation (Naperville, IL: Sourcebooks, 2014), 251. Bitcoin: For the original white paper, see the (pseudonymous) Satoshi Nakamoto, “Bitcoin: A Peer-to-Peer Electronic Cash

…

embarrassment. Vesselin Bontchev, Katrin Totcheva, Sarah Gordon, and Cameron LaCroix for their time and candor—endnotes indicate those places where I relied on these interviews; Brian Krebs, for a long telephone conversation about cybercrime that greatly affected my thinking; and Elliott Peterson, for several conversations about how the FBI investigates cybercrimes and

Pax Technica: How the Internet of Things May Set Us Free or Lock Us Up

by Philip N. Howard · 27 Apr 2015 · 322pp · 84,752 words

In-Depth Look at the 5% of Most Active Users (Toronto: Sysomos, August 2009), accessed September 30, 2014, http://www.sysomos.com/insidetwitter/mostactiveusers/. 29. Brian Krebs, “Twitter Bots Target Tibetan Protests,” Krebs on Security, March 20, 2012, accessed September 30, 2014, http://krebsonsecurity.com/2012/03/twitter-bots-target-tibetan-protests

…

Pummeling WikiLeaks and Assange,” Register, August 13, 2012, accessed September 30, 2014, http://www.theregister.co.uk/2012/08/13/antileaks_wikileaks_attack_response/. 29. Brian Krebs, “Amnesty International Site Serving Java Exploit,” Krebs on Security, December 22, 2011, accessed September 30, 2014, http://krebsonsecurity.com/2011/12/amnesty-international-site-serving

…

://www.theguardian.com/commentisfree/2011/apr/21/syria-twitter-spambots-pro-revolution. 37. Qtiesh, “Spam Bots Flooding Twitter to Drown Info About #Syria Protests.” 38. Brian Krebs, “Twitter Bots Drown Out Anti-Kremlin Tweets,” Krebs on Security, December 8, 2011, accessed September 30, 2014, http://krebsonsecurity.com/2011/12/twitter-bots-drown

…

Plagues Mexico’s Election,” MIT Technology Review, June 21, 2012, accessed September 30, 2014, http://www.technologyreview.com/news/428286/twitter-mischief-plagues-mexicos-election/; Brian Krebs, “Twitter Bots Target Tibetan Protests,” Krebs on Security, March 20, 2012, accessed September 30, 2014, http://krebsonsecurity.com/2012/03/twitter-bots-target-tibetan-protests

The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World From Cybercrime

by Renee Dudley and Daniel Golden · 24 Oct 2022 · 392pp · 114,189 words

, 2020, itwire.com/business-it-news/security/big-us-travel-management-firm-cwt-pays-out-us$4-5m-to-ransomware-gang.html. “We can confirm”: Brian Krebs, “Ransomware Group Turns to Facebook Ads,” Krebs on Security, November 10, 2020, krebsonsecurity.com/2020/11/ransomware-group-turns-to-facebook-ads/. 330 miles per

…

Has Sought to Disrupt the World’s Largest Botnet, Hoping to Reduce Its Potential Impact on the Election,” Washington Post, October 9, 2020. false information: Brian Krebs, “Attacks Aimed at Disrupting the Trickbot Botnet,” Krebs on Security, October 2, 2020, krebsonsecurity.com/2020/10/attacks-aimed-at-disrupting-the-trickbot-botnet/. “an

Cybersecurity: What Everyone Needs to Know

by P. W. Singer and Allan Friedman · 3 Jan 2014 · 587pp · 117,894 words

blogger was the savior of the Internet. But, as with all superheroes, he actually needed a little bit of help. In 2008, Washington Post reporter Brian Krebs, who blogs at the Security Fix site, became curious about a single company that was poisoning the Internet and why everyone else was letting them

…

own. Attackers adapt. Moreover, attackers exploit boundaries of control and responsibility, setting up a collective action problem. By bringing together the necessary actors and information, Brian Krebs was able to spur effective action, leveraging cooperation against the right fulcrum. While cyberspace seems diffuse and decentralized—simultaneously one of the key advantages and

…

good balance. The key point is that cybersecurity requires coordination and action outside of the immediate victims or even owners of the networks under attack. Brian Krebs didn’t have the power of the government behind him, but his actions mattered because he mobilized a network that could target key choke points

…

, http://www.whitehouse.gov/sites/default/files/cybersecurity.pdf. APPROACH IT AS A PUBLIC-PRIVATE PROBLEM: HOW DO WE BETTER COORDINATE DEFENSE? “cyber-criminal gangs” Brian Krebs, “Major Source of Online Scams and Spams Knocked Offline,” Security Fix (blog), Washington Post, November 11, 2008, http://voices.washingtonpost.com/securityfix/2008/11/major

Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It

by Marc Goodman · 24 Feb 2015 · 677pp · 206,548 words

throughout Target stores nationwide and secretly exfiltrated the data to Russia, a breathtaking fraud that continued until the story was broken by the security researcher Brian Krebs. No doubt the Target attack is the highest-profile penetration of an HVAC system to date, but it is not the only one. We might

…

. 23 For example, in October 2013: “Adobe Hack: At Least 38 Million Accounts Breached,” BBC, Oct. 30, 2013. 24 But what changed in that attack: Brian Krebs, “Adobe to Announce Source Code, Customer Data Breach,” Krebs on Security, Oct. 3, 2013. 25 Yep, the company that is selling: Darlene Storm, “AntiSec Leaks

…

, and the Law (Boston: Cengage Learning, 2010), 206. 27 These newly emerging: Mark Milian, “Top Ten Hacking Countries,” Bloomberg, April 23, 2013. 28 New syndicates: Brian Krebs, “Shadowy Russian Firm Seen as Conduit for Cybercrime,” Washington Post, Oct. 13, 2007; Verisign iDefense, The Russian Business Network: Survey of a Criminal ISP, June

…

; Damien Scott and Alex Bracetti, “The 11 Worst Online Security Breaches,” Complex.com, May 9, 2012. 15 More recently, in 2013, the data broker Experian: Brian Krebs, “Experian Sold Customer Data to ID Theft Service,” Krebs on Security, Oct. 20, 2013. 16 Experian learned of the compromise: Byron Acohido, “Scammer Dupes Experian

…

, Warn Kaspersky,” Independent, Feb. 26, 2014; Larry Barrett, “Banking Trojans Emerge as Dominant Mobile Malware Threat,” ZDNet, Feb. 24, 2014. 17 To date, mobile malware: Brian Krebs, “Mobile Malcoders Pay to (Google) Play,” Krebs on Security, March 6, 2013. 18 As a result, more than five hundred: Juniper Networks, Third Annual Mobile

…

swarms: Broadhurst et al., “Organizations and Cybercrime.” 15 As noted previously: Dunn, “Global Cybercrime Dominated by 50 Core Groups.” 16 Some Crime, Inc. organizations: See Brian Krebs, “ ‘Citadel’ Trojan Touts Trouble-Ticket System,” Krebs on Security, Jan. 23, 2012. 17 One group of cyber thieves: Bob Sullivan, “160 Million Credit Cards Later

…

Request Line,” BBC, June 15, 2011. 39 The group established: “LulzSec Hackers Sets Up Hotline for Attacks,” Reuters, June 15, 2011. 40 As a result: Brian Krebs, “Wash. Hospital Hit by $1.03 Million Cyberheist,” Krebs on Security, April 30, 2013. 41 Simple, they were properly incentivized: Mathew J. Schwartz, “Hackers Offer

…

Kill,” Mail Online, May 12, 2012. 20 Tor hidden sites: Forward-Looking Threat Research Team, “Deepweb and Cybercrime,” Trend Micro, 2013, 16. 21 Once stolen: Brian Krebs, “Peek Inside a Professional Carding Shop,” Krebs on Security, June 4, 2014. 22 Given the vast amounts: Max Goncharov, “Russian Underground Revisited,” Forward-Looking Threat

…

Research Team, Trend Micro Research Paper. 23 The cards are sold: Brian Krebs, “Cards Stolen in Target Breach Flood Underground Markets,” Krebs on Security, Dec. 20, 2013; Dancho Danchev, “Exposing the Market for Stolen Credit Cards Data,” Dancho

…

19, 2012. 81 The rewards, however: Gregg Keizer, “Google to Pay Bounties for Chrome Browser Bugs,” Computerworld, Jan. 29, 2010. 82 Not to be outdone: Brian Krebs, “Meet Paunch: The Accused Author of the BlackHole Exploit Kit,” Krebs on Security, Dec. 6, 2013. 83 Dark Net chat rooms: Nicole Perlroth and David

…

Grugq sold: Andy Greenberg, “Shopping for Zero-Days: A Price List For Hackers’ Secret Software Exploits,” Forbes, March 23, 2012. 85 Companies such as Vupen: Brian Krebs, “How Many Zero-Days Hit You Today,” Krebs on Security, Dec. 13, 2013. 86 The result, as pointed out: Josh Sanburn, “How Exactly Do Cyber

…

, “Your Outlet Knows: How Smart Meters Can Reveal Behavior at Home, What We Watch on TV,” Bloomberg, June 10, 2014. 58 According to an investigation: Brian Krebs, “FBI: Smart Meter Hacks Likely to Spread,” Krebs on Security, April 9, 2012. 59 Like all computers: Katie Fehrenbacher, “Smart Meter Worm Could Spread like

…

, 2012. 70 In April 2012: Brock Parker, “Hackers Convert MIT Building in Giant Tetris Video Game,” Boston.com, April 24, 2012. 71 From their headquarters: Brian Krebs, “Fazio Mechanical Services,” Krebs on Security, Feb. 12, 2014; Gregory Wallace, “HVAC Vendor Eyed as Entry Point for Target Breach,” CNNMoney, Feb. 7, 2014; Danny

The Hacker and the State: Cyber Attacks and the New Normal of Geopolitics

by Ben Buchanan · 25 Feb 2020 · 443pp · 116,832 words

after he and his colleagues began posting analysis online that the cybersecurity community started to take notice.27 In July 2010, the well-respected journalist Brian Krebs wrote a small story about one of the exploits at the core of the worm.28 After that, Microsoft started examining the malicious code, as

…

Stolen by Chinese Hacker Could Identify Spies,” New York Times, July 24, 2015. 45. Nakashima, “Hacks of OPM Databases Compromised 22.1 Million People.” 46. Brian Krebs, “China to Blame in Anthem Hack?” Krebs on Security, February 6, 2015; United States of America v. Fujie Wang, John Doe, US District Court Southern

…

District of Indiana, indictment filed May 7, 2019. 47. Brian Krebs, “Premera Blue Cross Breach Exposes Financial, Medical Records,” Krebs on Security, March 17, 2015. 48. Krebs, “China to Blame in Anthem Hack?” 49. Aruna Viswanatha

…

It Was Hacked, Equifax Had a Different Fear: Chinese Spying,” Wall Street Journal, September 12, 2018. 50. For strong initial coverage of the breach, see Brian Krebs, “Breach at Equifax May Impact 143M Americans,” Krebs on Security, September 7, 2017. The eventual number of affected Americans reached 145 million. Stacy Cowley, “2

…

. Sanger, Confront and Conceal, 205. 27. Eugene Kaspersky, “The Man Who Found Stuxnet: Sergey Ulasen in the Spotlight,” Kaspersky Lab blog, November 2, 2011. 28. Brian Krebs, “Experts Warn of New Windows Shortcut Flaw,” Krebs on Security, July 15, 2010. 29. One of these companies was Siemens, which made the industrial controllers

…

, 2017. 32. Taipei Times Staff, “Lai Orders Information Security Review,” Taipei Times, October 8, 2017. 33. Brian Krebs, “Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M,” Krebs on Security, July 24, 2018. 34. Brian Krebs, “FBI Warns of ‘Unlimited’ ATM Cashout Blitz,” Krebs on Security, August 12, 2018. 35. The best

…

25, 2019. 36. Gitesh Shelke, “Cosmos Bank Data from Nine Years Compromised in Rs 94.42 Crore Heist,” Times of India, August 19, 2018. 37. Brian Krebs, “Indian Bank Hit in $13.5M Cyberheist after FBI ATM Cashout Warning,” Krebs on Security, August 17, 2018. 38. Screenshots taken nine days after the