Saturday, February 4, 2012

One Per Cent - Anonymous eavesdrops on FBI conference call

Paul Marks, senior technology correspondent

(Image: Rex Features
Hacktivist group Anonymous has posted online a recording of a conference call between the US Federal Bureau of Investigation and Scotland Yard - in which detectives both sides of the Atlantic discuss their progress in apprehending Anonymous's hacktivist brethren. 

The call, posted on Youtube (until Google removes it) but also circulating as an MP3 file, highlights the utter insecurity of telephone conference call systems, in which people simply dial in unseen and can listen in without speaking or otherwise making their presence known. All they need enter is a meeting code that is distributed with low security beforehand - something easily gleaned from an accidentally forwarded email, printout, or a hacked email account.
Anonymous posted on the pastebin website a copy of an email sent by an FBI official to 44 detectives throughout Europe - in the UK, Netherlands, Ireland, Germany, France and Sweden. It invited them to a conference call "to discuss the ongoing investigations related to Anonymous, Lulzsec, Antisec and other associated splinter groups".
It appears that either the sender of one of the recipients has slack email security - or, as Anonymous claim, they have been able "to continuously read" the FBI's "internal comms for some time now".
The Metropolitan Police will be keen to find out if the breach has its roots in its network infrastructure - rather than one of the other nations the email was sent to - because only last December it celebrated the award of a high level security certificate from the International Standards Organisation.

No comments:

Post a Comment