Government // Cybersecurity
News
2/3/2012
12:30 PM
Connect Directly
RSS
E-Mail
50%
50%

Anonymous Hacked FBI Conference Call

FBI confirms legitimacy of 16-minute call, posted by hacktivists, that discussed sentencing and future arrests of LulzSec and Anonymous participants.

Anonymous released audio transcripts Friday from an "Anon-Lulz International Coordination Call" conducted between cyber-crime experts at the FBI and its law enforcement counterparts abroad on Jan. 17.

The AnonymousIRC channel--a reliable source of Anonymous-related information--on Twitter announced the disclosure Friday: "#Anonymous #AntiSec intercepts #FBI comms pastebin.com/8G4jLha8 stay tuned folks for more today!!"

"The assumption has to be that an Anonymous hacker had access to one of the recipients' email accounts, and thus had secret access to the confidential call," said Graham Cluley, senior technology consultant at Sophos, in a blog post.

Indeed, the FBI and British police confirmed Friday that the leaked conference call was legitimate. That led the AnonymousIRC channel on Twitter to declare: "The #FBI might be curious how we're able to continuously read their internal comms for some time now. #OpInfiltration."

[ Hackers are set to outstrip terrorists as the biggest threat to U.S. security, say officials. See Cyber Attacks Becoming Top Terror Threat, FBI Says. ]

A Pastebin post, uploaded Friday, contained a copy of the invitation email, which provides clues to the identities of the call participants. Notably, FBI supervisory special agent Timothy Lauster Jr. sent the invitation for the Jan. 17, conference call, which included a dial-in number and access code. Invitees included the FBI's cybercrime-specialist counterparts in the French government, London's Metropolitan police, the Swedish government, and the Netherlands, including a representative from the European Union's criminal intelligence agency, Europol.

Anonymous has posted to YouTube a video containing the complete audio of the 16-minute conference call. On the call--parts of which have been bleeped out--British law enforcement agents discuss with the FBI various Anonymous and LulzSec-related cases, and agree on timetables.

One of the people discussed was Ryan Cleery, who was arrested in June 2011 on charges of launching a distributed denial of service (DDoS) attack in October 2010 against the British Phonographic Industry website, as well as an AntiSec botnet-driven DDoS attack against the United Kingdom's Serious Organized Crime Agency website in 2011. According to LulzSec, Cleery also ran one of the group's chat servers.

But according to an unnamed British law enforcement official on the call, Cleery will have to face other charges first. "We have got Ryan Cleery's indecent images, which have been found partly by our guys, and partly by the USA team that looked at his hard drive, so what we're going to propose is that they get dealt with first," the British official said on the call.

Interestingly, that legal strategy appears to have been designed to buy authorities more time for investigating two other core LulzSec members: Kayla and Tflow. Kayla, allegedly a 20-something British man with a penchant for posing as a teenage girl, was reportedly arrested by British police last year. Meanwhile, Tflow, an unnamed 16-year-old boy, was arrested by British authorities last year, and released on bail. According to the British law enforcement agent on the call, "we've set back the further arrests of Kayla and T-Flow, until we know what's happening," alluding to some type of upcoming FBI operation.

In addition, said the British law enforcement official, "we've set back the arrest of [beeped] and [beeped]" by six to eight weeks, suggesting that more arrests relating to Anonymous or LulzSec are imminent.

Interestingly, The Real Sabu--the purported leader of the now-defunct LulzSec hacktivist group--was criticized by a Twitter user on January 27, for not having mentioned his LulzSec counterpart, Topiary, on the eve of Topiary's return to court. "So much for loyalty huh," tweeted the critic. Topiary's real name, allege British police, is Jake Davis, and they arrested him in July 2011 on charges of participating in multiple online attacks, as well as for possessing 750,000 passwords.

In response, Sabu said, "If you actually knew anything you'd know his case is getting postponed tomorrow. My loyalty is unquestionable." Interestingly, that case delay wasn't public knowledge, but it was detailed during the FBI conference call on January 17.

But the FBI conference-call invitation email was apparently sent to just 44 people, all of them government officials or members of the international law enforcement community. Apparently, however, one of them has a PC that has been hacked.

It's no longer a matter of if you get hacked, but when. In this special retrospective of news coverage, Monitoring Tools And Logs Make All The Difference, Dark Reading takes a look at ways to measure your security posture and the challenges that lie ahead with the emerging threat landscape. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
myproffs
50%
50%
myproffs,
User Rank: Apprentice
2/5/2012 | 9:04:52 PM
re: Anonymous Hacked FBI Conference Call
Anonymous; We will leak giant cache of Iraq war e-mails http://myproffs.co.uk/index.ph...
JBUDDEMEYER000
50%
50%
JBUDDEMEYER000,
User Rank: Apprentice
2/3/2012 | 8:45:35 PM
re: Anonymous Hacked FBI Conference Call
are groups like Anonymous just crude precursors to new decentralized organizations of not-so-anonymous trackers, launchers, scientists and similar astro-hackers with the advent of HGG? http://littlebiggy.org/4713807
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 18, 2014
Enterprise social network success starts and ends with integration. Here's how to finally make collaboration click.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
The weekly wrap-up of the top stories from InformationWeek.com this week.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.