USPS OIG CCU Introduction

Just wanted to make a shout out to my friends at the USPS Office of Inspector General Computer Crimes Unit.  Thanks for the tour of the amazing facility and the brief last week.  You have it going on!  I miss you guys!  I included a link to their web page so you can see some of the work in which they've been involved.

Make ready your tinfoil hat

NSA chief General Keith Alexander spoke in front of the House Armed Services subcommittee on Emerging Threats and Capabilities on Tuesday, 20Mar12.  Georgia Democratic Congressman Hank Johnson asked Alexander if the NSA could hunt down every email bashing Dick Cheney, and Alexander testified, "No.  The "NSA does not have the ability to do that in the United States."  He added, “We don’t have the technical insights in the United States. In other words, you have to have some way of doing that either by going to a service provider with a warrant or you have to be collecting in that area. We’re not authorized to do that, nor do we have the equipment in the United States to collect that kind of information.” 

According to a Wired article, this contradicts James Bamford’s story, The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say), as well as stories from The New York Times, the Los Angeles Times, and USA Today, which collectively described the NSA’s post-9/11 foray into wiretapping the nation’s telecommunication’s infrastructure to spy on Americans without getting warrants.

James Bamford said, in his recent op-ed, Post-9/11, NSA 'enemies' include us ~ “somewhere between Sept. 11 and today, the enemy morphed from a handful of terrorists to the American population at large, leaving us nowhere to run and no place to hide.”

Make ready your tinfoil hat, because total information awareness may be here now.

Cyber Investigators 1, Russian hackers -8

According to the Computerworld article listed here, eight hackers were investigated and arrested Monday, 19Mar12 by the Russian Federal Security Service (FSB), based on a joint investigation by the FSB, Group IB and and the Ministry of the Interior (MVD) of Russia.  Group IB is the first Russian company providing comprehensive investigation of IT security incidents and breaches of information security.

The hackers stole $4.5 million in the last quarter alone. They used the Caberb Trojan, which utilized various vulnerabilities to access victim machines. The Trojan then used a man-in-the-middle attack to detect passwords and logins credentials.  Rdpdor malware was used to establish a RDP, to see exactly what the victim's were doing or to take over their machines.  It sounds so simple!

The hackers completed fraudulent transactions using the stolen credentials and sent the money to their own special account.  It appears the entire hacking group was caught.  The investigation took about 1.5 years to complete.

Check out Group IB's website  at http://group-ib.com/news_2012_03_20.html.

Way to go, cyber guys!

Guidance Software Tech Forum

Had a great time last night at the Guidance Software Tech Forum. They hold these meetings on a Tuesday night, every other month.  It's a great way to get together in person with others in the field and I always come away with new knowledge and ideas.  I'm ENCE certified, and have taken all my GS training right there in their VA facility. 

We've been covering Encase 7 in the GS Tech Forums.  I haven't used 7 yet, as I've been so busy working and haven't had time to play with something new.  Encase 7 is way different than Encase 6, so I don't want to jump right into it on my cases yet, until I know it a little better, as I'd probably be very frustrated.  So these Tech Forum's are a great way to get a couple hours of training, and meet others in the field, all at the same time. 

I've been finding it very hard to find time to write posts here.  I've been reading other blogs and researching questions that arise as I'm doing my work.  Hopefully in the near future I'll be able to make this blog more interesting!  I do have some ideas rolling around in the back of my mind...

Welcome to Lotis Corner

Hey cyber world!  I just wanted to introduce myself: I'm Lynn, I do computer forensics/cyber investigations in Washington, DC.  I've been around a while, but have kept kinda quiet, in the grand scheme of things (meaning, I haven't had a cyber blog before).  But I know that networking is essential, especially in a profession as small as ours.  And so I'm starting this blog to ask questions, to network, to share information, and to get to know my fellow cyber guys and gals.

Always feel free to comment on this blog, I'd love to hear from everyone.  I've setup comment moderation, so I don't get any bot spam, and I hate those captcha things, so I'm turning that off.  I'll be waiting to hear from you!