The former top commander of the department of Defense network operations ordered a crackdown on security. According to an article by NetworkWorld on January 16,2006, Lt. General Charles Croom was quoted as saying, “The attacks are coming from everywhere and they’re getting better.” His talk was the keynote address at the Department of Defense Cyber Crime Conference held on January 9 - 14, 2005 in Clearwater, Florida. The event is sponsored by the Defense Cyber Crime Center and the Joint Task Force. Over 500 computer crime specialists from the FBI and the military attended the event.
The crackdown was related to an arrest of a “Computer Virus Broker” named Jeanson James Ancheta.
On further investigation, a Department of Justice press release from Nov 3rd, 2005 offered the following information on this incident, “In the first prosecution of its kind in the nation, a well-known member of the “botmaster underground” has been indicted on federal charges for profiting from the use of “botnets” – armies of computers that are under the control of the botmaster and are used to launch destructive attacks or to send huge quantities of spam across the Internet.
Jeanson
James Ancheta, 20, of Downey, California, was arrested this morning by special
agents with the Federal Bureau of Investigation. Ancheta was indicted yesterday
in two separate conspiracies, as well as substantive charges of attempting to
cause damage to protected computers, causing damage to computers used by the
federal government in national defense, accessing protected computers without
authorization to commit fraud and money laundering.”
The
press release goes on to describe more details of this scheme that clearly show
why the Deparment of Defense is so concerned (for more information go to: http://www.usdoj.gov/criminal/cybercrime/anchetaArrest.htm )
“Ancheta had become
an affiliate of several different advertising service companies, and those
companies paid him a commission based upon the number of installations. To
avoid detection by network administrators, security analysts and law
enforcement, Ancheta would vary the download times and rates of the adware
installations. When companies hosting Ancheta’s adware servers discovered the
malicious activity, Ancheta redirected his botnet armies to a different server
he controlled to pick up adware. To generate the roughly $60,000 he received in
advertising affiliate proceeds, Ancheta caused the surreptitious installation
of adware on approximately 400,000 compromised computers. Ancheta used the
advertising affiliate proceeds he earned to pay for, among other things, the
multiple servers used to conduct his schemes.
Ancheta used programs
powerful enough to cause the infection of computers at the Weapons Division of
the United States Naval Air Warfare Center in China Lake, as well as computers
belonging to the Defense Information Systems Agency, a component of the United
States Department of Defense. Both networks are used exclusively by the federal
government in furtherance of national defense. After being arrested this
morning at the FBI Field Office in Los Angeles, Ancheta was transported to
United States District Court in Los Angeles. It is unclear if he will make his
initial court appearance this afternoon or tomorrow. Ancheta is charged with
two counts of conspiracy, two counts of attempted transmission of code to a
protected computer, two counts of transmission of code to a government
computer, five counts of accessing a protected computer to commit fraud and
five counts of money laundering. Count 17 of the indictment seeks the
forfeiture of more than $60,000 in cash, a BMW automobile and
computer equipment that the indictment alleges are the proceeds and
instrumentalities of Ancheta’s illegal activity.”
Some later news. Ancheta pleaded guilty to charges of conspiring to violate anti-spam and computer misuse laws, and fraud and will serve from 4-6 years in prison, under the plea agreement - plus heavy fines.
No comments:
Post a Comment