Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday December 22 2017, @09:27AM   Printer-friendly
from the pown-to-own-the-government's-surveillance dept.

The only thing better than total police state camera networks is total police state camera networks that are poorly secured:

Two Romanian hackers infiltrated nearly two-thirds of the outdoor surveillance cameras in Washington, DC, as part of an extortion scheme, according to federal court documents.

In a criminal complaint filed last week in the US District Court for the District of Columbia, the US government alleges that the two Romanian hackers operating outside the United States infiltrated 65% of the outdoor surveillance cameras operated by DC city police — that's 123 cameras out of 187 in the city. The alleged hacking occurred during a four-day period in early January.

The hacking suspects, Mihai Alexandru Isvanca and Eveline Cismaru, are also accused of using the computers behind the surveillance cameras to distribute ransomware through spam emails, according to an affidavit by Secret Service agent James Graham in support of the government's criminal complaint. The affidavit alleges the hackers meant to use the malware to lock victims' computers and then extort payments from them to regain access.

DC should ask Bucarest to get Comrade Detective on the case.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 0, Flamebait) by Anonymous Coward on Friday December 22 2017, @12:08PM (3 children)

    by Anonymous Coward on Friday December 22 2017, @12:08PM (#613178)

    Does someone find it odd that security/surveillance cameras fail to work during events when the footage is critically needed?

    There is a bus running over people and there are 5(?) cameras recording that area and none of them are working on that day. (France)

    There are 13(?) cameras on a route and none of them working on that particular day a major event happens. (Diana's murder)

    etc.

    It is all a game. Surveillance for the common, keeping them in line. No surveillance when a new pearl harbor is engineered.

    Ever wondered what they meant by when the cameras in the Jason Bourne movie point away at the airport at the critical moment?

    (((They))) have you and are mocking you.

    • (Score: 0) by Anonymous Coward on Friday December 22 2017, @02:31PM

      by Anonymous Coward on Friday December 22 2017, @02:31PM (#613201)

      Your tin foil hat is too tight.

      The only reason the bad guys cared about the cameras' computers was as a platform to use to launch ransom attacks on other computers.
      The fact that they were law enforcement cameras actually worked to their disadvantage because it triggered somebody to look into what was happening.

    • (Score: 4, Interesting) by nobu_the_bard on Friday December 22 2017, @02:42PM (1 child)

      by nobu_the_bard (6373) on Friday December 22 2017, @02:42PM (#613204)

      It's because it's interesting to put up cameras but boring and expensive to maintain them. Nobody cheers for the person that agreed to spend the ordinary amount this year to keep them operating and scheduled maintenance, they cheer for the politician that required new camera installs to protect the children or the manager that added new cameras to protect employees.

      I spend tons of time fixing lame security cameras and its really under-appreciated work until there's a car accident or a stabbing or someone breaks all of the mirrors in the building again.

      I doubt those were the only times the cameras weren't working, or that those were the only cameras not working - they were just the important times everyone cared about and tried to look up.

      • (Score: 2) by bob_super on Friday December 22 2017, @07:23PM

        by bob_super (1357) on Friday December 22 2017, @07:23PM (#613309)

        Cameras designed to deter petty theft are like automatic speed radars on the side of the road. If the target thinks they work, then they are working.

  • (Score: 2) by deimios on Friday December 22 2017, @12:36PM (2 children)

    by deimios (201) Subscriber Badge on Friday December 22 2017, @12:36PM (#613181) Journal

    Plese link to the affidavit in question: https://regmedia.co.uk/2017/12/21/us_v_isvanca_aff.pdf [regmedia.co.uk]

    It contains some really juicy details:

    Upon execution of the RDP, Special Agent Kaiser personally observed activity on Victim Device A, including multiple open desktop windows on it.

    The opened desktop windows on Victim Device A included (a) a window displaying a tracking number for the European shipping company known as “Hermes”; (b) a web browser window open to https://app.sendgrid.com [sendgrid.com] showing an activity feed for multiple email addresses; (c) a Google search page with search results for “email verifier online”; (d) a browser window open to emailx.discoveryvip.com; (e) another window for a notepad program showing code for various executable files and text files; and (f) a window showing the splash screen for a variant of ransomware known as “cerber.”

    • (Score: 3, Informative) by deimios on Friday December 22 2017, @12:39PM

      by deimios (201) Subscriber Badge on Friday December 22 2017, @12:39PM (#613183) Journal

      Google records revealed that anonimano027@gmail.com had sent and received multiple emails with vand.suflete@gmail.com. (“Vand Suflete” translates from Romanian to English as “selling souls.”)

      Umm "vând suflete" means either "I have souls for sale" or "I sell souls".

    • (Score: 2) by nobu_the_bard on Friday December 22 2017, @06:06PM

      by nobu_the_bard (6373) on Friday December 22 2017, @06:06PM (#613263)

      I skimmed through this too. It sounds like they had RDP open to the internet at least. You really, really shouldn't do this if you can help it. The account the IT user was even the same one the intruder used since he was able to get that session.

      Those times I have been forced to use RDP for remote access, I have restricted it to a whitelist of source IPs. That's an imperfect measure but better than nothing and not hard to do without much prep time. Changing the port used doesn't hurt but not a good long term solution.

      Anyway what a very interesting document to read!

  • (Score: 0) by Anonymous Coward on Friday December 22 2017, @04:15PM (2 children)

    by Anonymous Coward on Friday December 22 2017, @04:15PM (#613235)

    Romanians, Serbs, Slovaks, and Ukrainians are all just orphan Russians after all.

    /sarcasm

(1)