Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
BBC Panorama Interview with John Vranesevich, Hacker Investigator
08-29-2007, 06:31 PM,
#1
BBC Panorama Interview with John Vranesevich, Hacker Investigator
BBC Panorama
Interview with John Vranesevich, Hacker Investigator

VRANESEVICH
I actually got interested in security when I
was in junior high school. I had one of the
rare opportunities of being help administer
systems at the high school, email systems,
web servers, things like that, as part of an
independent study programme I had. And one
day I came in and one of the email servers I
was in charge of administering had a problem,
it had been broken into. Bob Davies, who was
my faculty adviser for independent studies,
basically said when I walked in the room
"What the heck have you been doing to NASA?"
And I said what do you mean, I just came from
English, and it turned out that someone
overseas had broken into our little mail
server and used it as what we call a jump
point to break into a system in NASA, and the
NASA administrator had called our school as
part of an investigation. So I sort of
became fascinated how anyone overseas would
even hear of little ?? P.A. Beaver that I
went to school, much alone used one of our
systems to break into NASA with, and I sort
of became fascinated with it and started up
my website shortly thereafter.

CORBIN
So what were you doing then with your website
and what were you doing on line?

VRANESEVICH
On line I was learning basic things. Going
back then we’re talking early 90s so the
internet it really wasn’t what it was today.
Certainly wasn’t anywhere near as
commercialised. So I was learning ??, like I
said, administering different systems, ??
systems. I would troubleshoot teachers
computers as we got them in if they had
problems with it and things like that. Just
basically learning as much as I could.

CORBIN
So then you set up your website, Anti-online,
and you started to go out there and to look
at the dark side, if you like, of what was
going on. What did you find?

VRANESEVICH
Yes, back then, what we now call the
underground was sort of in its infancy.
There were hackers out there who were
probably I would say on the average much more
skilled than the mean hacker is today.
People who were interested in systems, who
were interested about the internet, which was
a new thing, who wanted to experiment with
it. Back then we used the word hacker, it
wasn’t necessarily affiliated with the type
of maliciousness that it is today. Back then
a hacker was simply someone who liked
computers who was interested in them, who
wanted to stretch them to their limits and
wanted to develop new things for them, and
help expand the technology in the community.
Nowadays, as people are getting on line
younger and the internet is much more easy to
access, and utilities are much more easy to
run, we’re seeing a younger, less mature
individual become a quote "hacker" who hasn’t
developed the skill set that the hacker of
old developed.

CORBIN
Do you think these people are more malicious
I their intent?

VRANESEVICH
Some of them. I think most of them are
simply less mature. Teenagers have,
throughout history, been a rebellious group,
trying to fit in with their peers, trying to
find their place in society, and they’ve
always acted out, underage drinking, smoking,
things like that to fit in. And now we
simply find them doing the same things except
now they have a tool that provides them with
a lot more power than they used to have.

CORBIN
How dangerous can they be?

VRANESEVICH
They can be very dangerous. I mean we’ve
seen teenagers break into Pentagon systems.
We’ve seen teenagers shut off communications
to an airport. We’ve seen teenagers steal
hundreds of thousands of credit card numbers.
We’ve even seen terrorists contacting some of
these teenagers and attempting to hire them
to do their dirty deeds. So they have a tool
and it’s a very powerful tool. We, as a
society, have set them up with that. We want
computers in the classrooms, we want
computers in the homes. It’s a great
research tool. It opens up the world to a
teenager. But what we haven’t focused on is
the responsibility that comes with that and
the type of power that the teenager then has
and teaching them how to manage that.
CORBIN I’d like to talk now about some of the cases
that you’ve been involved in. Can you start
with Solar Sunrise. Now how did you first
become involved in that and how did it pan
out?

VRANESEVICH
Solar Sunrise initially I got involved by
watching a CNN report that basically said
that That Deputy Secretary of Defence John
Hamery had informed the President of a
possible information ?? attack from Israel.
And it was... I’m sorry, we need to redo
that.

CORBIN
Okay. Tell me about Solar sunrise.

VRANESEVICH
Solar Sunrise I initially got involved by
watching a CNN report. CNN it said that an
individual Secretary.. Deputy Defence John
Hamery had informed the President of a
possible information warfare strike from Iraq
at the time there was heightened tension
between the United States and Iraq. An
estimated 40 FBI agents were assigned to the
case working full-time. DOD had an entire
emergency group start up and begin
investigating it. I was watching all this on
?? on CNN when my beeper went off, and it was
a number that I didn’t recognise and I called
it back and it was basically some kid that
said to me "You see that shit on CNN, that’s
me they’re talking about" and I sort of then
got introduced to a hacker who went by the
handle Machiavelli who later, as we found
out, was one of three teenagers who were
actually the individuals responsible for
those attacks against the DOD systems.

CORBIN
So what were these teenagers doing?

VRANESEVICH
They were breaking into what I would call
sensitive US military computer systems. The
military has never come on officially and
said what type of systems were broken into.
I had the opportunity to acquire some of the
log files that these hackers had had from
breaking into systems, and some of the
systems they broke into were literally super
computers being run by the US military. So
certainly it becomes quite apparent why the
military were so worried and worked up about
the case as they were.

CORBIN
And these were just under aged kids basically
and yet they’d managed to do this.

VRANESEVICH
Well they were two 16 year olds in California
and a single 18 year old in Israel that in
their spare time enjoyed breaking into
systems.

CORBIN
Do you think this really set the alarm bells
ringing in terms of the potential of what
these people could do?

VRANESEVICH
Solar Sunrise was a turning point. Shortly
thereafter we saw a lot of review, both from
the United States from Defence internally,
from the FBI and by the government as a whole
saying well if a couple of 18 year olds or a
couple of teenagers can do this, what could a
foreign nation do to us. And shortly
thereafter we saw Project Eligible Receiver
which was an NSA sponsored event where they
actually had some NSA hackers, individuals in
the NSA who knew how to break into systems,
go after the US in a mock information warfare
attack, and what they came up with was rather
surprising to everyone and that was that the
majority of critical infrastructures here in
the United States could be attacked remotely
by a foreign terrorist group or country.

CORBIN
So still continuing on this theme, we now
come to a point at which a group calling
themselves rather mysteriously the ‘Masters
of Downloading’ became involved. Now what
happened here and what was your involvement?

VRANESEVICH
Masters of Downloading.. now I got a call by
the FBI basically asking me to assist in a
case. An individual, as we now know was a 17
year old teenager in the California area,
broke into a server on the DISA which is the
Defence Information Systems Agency. It’s a
division of the United States Department of
Defense. It’s in charge of providing
basically internet access and network
connectivity to the entire US Military.

CORBIN
It’s a pretty central system?

VRANESEVICH
It is very much a central system.

CORBIN
Pretty classified, secure system?

VRANESEVICH
Right, they’re in charge of two systems. One
is Nippernet, which is the unsecured network
where the US Military runs public web pages,
and one is Supernet which is the classified
system. The hacker managed to break into the
DISA and steal software that the DISA used to
manage some of those networks. Shortly after
he stole it, he was contacted by Khalid
Ibrahim who was an individual claiming to be
affiliated with Osama Bin Laden’s terrorist
faction -

CORBIN
Osama Bin Laden, the terrorist group?

VRANESEVICH
The well known international terrorist. And
this individual, Khalid Ibrahim, sent
Chameleon a thousand dollars up front money
in exchange for the software, and after
Chameleon sent him the software he was
promised another 10,000 dollars in additional
work.

CORBIN
So here we had a terrorist paying a hacker
essentially?

VRANESEVICH
Paying a kid.

CORBIN
Paying a kid to get him sensitive defence
information to order as it were?

VRANESEVICH
Exactly. Luckily we found out about this and
tracked down Chameleon to his parents’ home
in California and 20 FBI agents raided him at
gunpoint before he had the opportunity to
ship the software.

CORBIN
And who did Chameleon turn out to be?

VRANESEVICH
Chameleon turned out to be an individual
named Martin Mifrett who at the time was 17
years old, living out of his parents’ garage
basically, who had a computer lab set up in
his garage that he and his friend played in
and broke into systems in as it turned out.

CORBIN
And broke into the Pentagon from his parents’
garage?

VRANESEVICH
From his parents’ garage, yes.

CORBIN
What does the Chameleon case show, do you
think, in terms of the willingness of terror
groups to use this particular means of
getting information?

VRANESEVICH
I think, at this point, terrorist groups are
just now beginning to wake up to the type of
power that this could provide them.
Typically terrorist groups, small, maybe not
well funded, you're talking about things like
pipe bombs which, as their name implies,
strikes terror but doesn’t necessarily do
widespread across the board damage to a
national infrastructure. Here we see
terrorist groups who were watching news
reports every day, just like this one where
they’re hearing about young teenagers being
able to gain access to these type of things,
or being able to cause this type of damage
and concern, and I’m sure they’re beginning
to wake up to the fact that they too could
have this type of power and this type of
influence, where before a small terrorist
faction, maybe 20 individuals, could at best
cause havoc to a small community, can now
potentially cause havoc to an entire nation.

CORBIN
Carrying on with obviously the defence theme,
we’ve heard about another project. There’s a
project by the name of Moonlight Maze
presently still under investigation. What do
we know about this?

VRANESEVICH
Moonlight Maze I really can’t comment on
because it is still an active ongoing
investigation.

CORBIN
Are you involved with it?

VRANESEVICH
I am not directly involved in the case, no.

CORBIN
What do we know about it?

VRANESEVICH
Nothing that I could comment on, on the
record. There’s a ruling don’t comment about
any cases that are currently ongoing. I
certainly wouldn’t want anything I say to
jeopardise any case in any way.

CORBIN
So obviously there are a number of defence
cases, cases impacting the security area.
Now what about the commercial area. Back in
February we saw a great sort of blizzard of
attacks which impacted e-commerce, what was
all that about?

VRANESEVICH
What we saw in February was what we called
denial of service attacks. Basically what
happens is a hacker will simply flood the
connection of an internet site till the lines
can’t get through. You can kind of think of
it as a bank of a thousand telephones
constantly calling your home phone and
keeping it busy so that your friends can’t
get through to talk to you. Same basic
concept. And what we saw was a group what we
believe to be a group of hackers doing that
to some of our e-commerce sites on the
internet, as well as sites like Yahoo, E-
Trade, CNN and many others, and that again
was a wake up call because now not only are
we seeing attacks against the military
system, but we can see the type of damage it
can do to corporate systems. The damage in
lost figures were in the billions for those
attacks from lost data revenue and from these
companies being forced to upgrade their
systems to try to help mitigate these
attacks.

CORBIN
The problem is though, the more a hacker
realises the power at his or her disposal,
because they see the effect of these attacks,
the more attractive presumably it becomes to
do them.

VRANESEVICH
Right. One of the things that people and the
average individual doesn’t realise is how
easy it is to do this sort of thing. This
isn’t a case where the technology is advanced
and these individuals are finding very
creative ways around it. The technology is
very open. I have to use the comparison of a
gun. Anyone can go get a gun and begin to
shoot people. There is nothing physically or
technically that stops them from doing it.
The only thing that stops them from doing it
is that it’s not accepted activity by our
society. We, as society, care about others
in the society. We have rules and laws we
set up and we make consequences to those who
break those laws and rules. The same sort of
thing exists on the internet where there is
nothing technically that stops someone from
doing Denial of Service attacks or from
breaking into a system, or anything else for
that matter. The only thing that’s stopping
them, or supposed to be stopping them, are
rules and laws. But since the internet
community is one which is global, where
different countries have different rules,
different countries have different laws, some
things which may be acceptable in some
countries aren’t acceptable in another, you
don’t have those type of standards where you
could have in local community or even in a
country.

CORBIN
Now one of the cases that you’ve been
involved in recently involved an online store
called CD Universe, selling CDs over the net.
Now I think that’s pretty much an example of
what you're talking about. How did you get
involved in that and I want you to sort of
take me through it as to how the calls came
in and how you actively went on line to try
and find the individual responsible.

VRANESEVICH
CD Universe was a case where we got a call
from the FBI which basically said this
website, CD Universe, had been broken into
and their credit card database had been
stolen. The credit card database now we know
contained something like 350,000 credit card
numbers from individuals around the world.
So we began actively trying to investigate
the whos, the whys, the hows of the whole
case.

CORBIN
And how did you actually do that?

VRANESEVICH
We started out, the individual who was
claiming responsibility went by the handle
Maxus. He set up a web page where he
basically began releasing these credit card
numbers because his extortion attempts
against CD Universe were unsuccessful. So we
basically knew some background information.
We knew he went by the handle Maxus and we
had an email address for him because the
email address was on the website. So what we
began to do is look into the whole culture of
people who are involved in trading and using
stolen credit card numbers. We went to
forums we knew that these people frequented.
We tried to learn the hierarchy of these
forms, who were the people just looking for a
new computer for themselves and who were the
people who did this as a full-time job. And
we began doing what we called trust chains.

CORBIN
Trust chains?

VRANESEVICH
Trust chains. Something about hackers which
makes my job and law enforcement’s job a
little easier is that there is an expectation
of anonymity. In the everyday world, if we
see someone walking around with a mask and a
trench coat and a dark hat and gloves on we
get a little suspicious. Why is he trying to
hide himself? This is not the type of person
I want to be around. If I walked into the
local supermarket with a ski mask on it would
certainly raise some eyebrows. But online
that’s normal. Hackers try to hide their
identity, every hacker does, and it’s
accepted as part of the culture. But just as
hackers can hide their identity that means
that we can too. So what we began to do is
pose as individuals involved in this scheme.
We learn the jargon that these people use, we
learn how they begin transactions, how they
interact with one another and we simply
mimicked that, and what we started to do was
creating people, one after the other, that
got involved in this scene and we began
making friends, and we began setting up
fictitious deals, and we just worked our way
up until we started to get to the top, and of
course we could use other fake people that we
created to add credibility to us, like the
one with one keyboard that said you know, I’m
interested in buying some credit card
numbers. On another keyboard I’d have
another person we set up say yeah I’ve dealt
with him in the past, he’s legitimate. So by
doing this we were able to rather quickly
climb up the ladder until we actually got in
contact with Maxus’ number two. We know
Maxus had distributed a lot of cards to and
what was happening then our individuals were
actually starting to resell Maxus’ numbers
wherefore $500 for a lot of 50 credit card
numbers you could begin your own fraud
business if you will. So we simply set up a
buy with him, and then we contacted Max and
said the email address we knew from the
beginning of the investigation you could say
for dealing with your number 2 man, we’ve
dealt with all these people in the past, half
of those people were fictitious individuals
that we created, and eventually we built up
trust with him that he was willing to deal
with us directly, and when it came to that
point we were able to get his bank account
information which enabled us to trace it back
to an individual named Maxim Ivankauf who was
located in Latvia.

CORBIN
And what’s happened to Maxim Ivankauf?

VRANESEVICH
I imagine Maxim Ivankauf right now is just
sitting with a bank account that is rather
heftily filled. Unfortunately because of
differences in laws and extradition and so on
and so forth, the United States doesn’t
necessarily have the best affiliations with
Latvian authorities.

CORBIN
So he’s safe.

VRANESEVICH
He’s safe and probably rather wealthy right
now.

CORBIN
And this of course is a growing problem.

VRANESEVICH
Absolutely. We see a lot of credit card
coming from Russia. It’s something that
although it’s illegal the Russian Mafia
obviously has significant power over there
currently, and this is a great way to fund
operations.

CORBIN
Well this brings us back to the whole
question of law enforcement. Now the FBI is
well known for operating in this area. They
have skills at it. But how easy is it for
them to really get to grips with this kind of
crime?

VRANESEVICH
It’s proven to be not very easy at all for
them. They’ve a lot of skill, a lot of
experience, in dealing with real world
problems. If they can pick up fibres or
fingerprints from a crime scene, they can
trace it back to the year, make, model of the
car that the fibre came from and the thumb
that left the fingerprint. But when you go
online, you have that same sort of evidence,
they’re having a lot harder of a time, and
that’s simply because it’s new. By
definition governments worldwide are reactive
organisations. As new things develop, as new
social problems arise, governments come up
with ways to deal with those, and what we’re
seeing here is a rapidly expanding problem, a
rapidly expanding form, and governments are
desperately trying to catch up and they’re
simply not able to catch up at the speed with
which the technology is expanding.

CORBIN
And the hackers are always a step ahead of
them.

VRANESEVICH
Absolutely. One of the advantages hackers
have over law enforcement worldwide and over
militaries worldwide, is that they share
information. If one hacker finds out a way
to break into a system, he shares it with all
hackers. If they find a way around a
defence, they share it with all hackers.
They communicate on a regular basis. And
what we see in governments and law
enforcement, in militaries is that that sort
of free exchange of information does not
exist because traditionally militaries have
had to be secretive about their defences.
Militaries had to be secretive about their
weapons, law enforcement had to be secretive
about they way they track criminals. So you
have all these different organisations even
within actual branches of the military or law
enforcement that are doing research about
this, but they’re not sharing their learning
with other groups.

CORBIN
So in reality, how much of a backlog of cases
is there? I mean FBI says they’re on top of
this, but are they?

VRANESEVICH
FBI has currently backlogged 800 cases that
they’ve chosen to accept and investigate.

CORBIN
800 cases?

VRANESEVICH
800 cases.

CORBIN
In a backlog?

VRANESEVICH
In a backlog and those are ones that they’ve
chosen to investigate. FBI doesn’t
investigate every computer crimes case that
is reported to them.

CORBIN
So they’re pretty much snowed under.

VRANESEVICH
I would say so.

CORBIN
And do the FBI always prosecute? What do
they tend to do, what’s the tactic?

VRANESEVICH
We haven’t seen a lot of prosecutions and in
fact in the United States we really haven’t
yet seen a computer crimes case that has
fully worked its way through the judicial
system. Every case we’ve seen where there’s
been a prosecution there’s been a plea
bargain.

CORBIN
A sort of deal.

VRANESEVICH
A deal, basically worked out where the
individual admits to his crimes, explains how
he did it, agrees to provide restitution and
serves a much lesser sentence than if they
went through the courts.

CORBIN
Do you think that the FBI, recognising the
problems, are really just trying to find out
as much as they can, and that is the way
they’re trying to tackle it?

VRANESEVICH
That’s part of it, and I think part of it too
is that this is new. Much like DNA evidence,
which now is becoming rather accepted, was a
new thing, this is a new thing, and defence
attorneys are worried that all this technical
evidence would have to be brought before a
jury would confuse them and they would just
trust the government and find the person
guilty, and reversally, prosecution is
worried that they’ll bring all this technical
evidence in front of the jury, the jury won’t
understand any of it and will simply acquit
the individual.

CORBIN
So what tactics are the FBI actually
employing?

VRANESEVICH
What the FBI are starting to try to do it
appears is actually set up a rather extensive
network of informers. I guess the tactic is,
instead of trying to dig our way through all
this technical evidence that’s left behind
which may or may not have been altered by a
hacker, which may or may not even exist in
every case, let’s go back and deploy some
techniques that we’ve been using for decades,
and that’s the people aspect. You don’t need
to dig through evidence if someone brags and
you have the individual that they brag to
willing to testify, that takes all that out
of the picture. So what we’re seeing with a
lot of mainly juvenile cases, or teenagers
that have been caught doing this type of
thing, they get raided by the FBI and FBI
goes in usually at gunpoint, questions the
individual, ceases the equipment and we find
no charges are brought. So I think what we
can assume in most of those cases that those
individuals have agreed to assist on other
cases that are perhaps more serious.
CORBIN So they’ve turned informer basically in
return for not being prosecuted?

VRANESEVICH
Right, they basically in exchange for not
being prosecuted, agreed to assist the FBI
for any number of years or months or
projects.

CORBIN
But of course this doesn’t lead to high
profile cases and punishment which perhaps
means that they aren’t deterred at the end of
the day. You know, why should people stop
doing it?

VRANESEVICH
There is very little deterrence factor.
Unfortunately what we see is most of these
individuals get raided by the FBI. A few
weeks pass, perhaps a couple of months and
they end up getting hired by a big security
firm, and start making salaries well above
the average Pizza Hut delivery boy. So
really the deterrent.. good question. Here
in the United States we have campaigns like
‘Be cool, stay in school’, ‘This is your
brain on drugs’. We have commercials worry
about teen pregnancy. But I have yet to see
a commercial that talks about the
consequences of breaking into Pentagon
system, or breaking into any computer system.
And truly I’ve had teenagers contact me who
don’t know where the line is. "I know I’m
allowed to visit a webpage, I think I’m
allowed to look at the network a little bit,
but where’s the line between what I’m allowed
to do and what’s illegal?" They simply
don’t know and I think part of the problem is
that the governments don’t know yet either.

CORBIN
Is there a sort of a copycat factor here as
well that when a crime is committed and
publicity is given to it, others sort of pile
in?

VRANESEVICH
Exactly, and one of the reasons, and one of
the prime motivations why people hack is what
we call here peer motivation, and that’s
you're doing it for peer recognition, a
feeling of self-superiority, a feeling of
belonging which, as I said before, most
teenagers go for at some time in their life,
and here’s a teenager that can do something
from his parents’ bedroom that will cause CNN
to do 24 hour a day coverage, or the BBC to
do 24 hour a day coverage, and sure, why not
jump on the bandwagon and have their picture
on there as well.

CORBIN
Now one of the areas we haven’t talked about
is viruses, that they can be very damaging
too. Now what did you make of the recent
Love Bug virus that seemed to spread so
widely and certainly capture people's
imagination.

VRANESEVICH
The Love Bug virus personally I think was an
accident. That really, although the
authorities began to brag quite early that
they quote, "track down the evil malicious
person behind it", really probably only took
them five to ten seconds to do that because
within the source code that individual gave
his email address, his webpage, the country
he lived in, the town he lived in, and the
name of himself and all of his friends. So
there’s really very little investigation
involved there.

CORBIN
But the actual love bug virus, surely, I mean
what does it show in terms of the
possibilities of such viruses and the damage
that they can do?

VRANESEVICH
Well sure, we saw within six hours millions
of systems across the world were infected.
It’s a disease that spreads very rapidly
globally. What we’re sort of seeing now is
back in the physical world what we saw in the
past is something like the plague. Any time
a virus or a new strain of bacteria would
appear entire countries and populations would
die out. Here we are in the computer area
where we don’t have the computer version of
penicillin yet, and every time a new virus
peaks its head up, we find a huge segment of
the population becoming infected. Luckily
things like Melissa and the Love Bug didn’t
have what we would call necessarily
devastating pay loads and that they would
corrupt a few files, perhaps email themselves
to your friends. What we’re waiting for are
viruses that come out that will devastate
your computer system to a point where it’s
not recoverable.

CORBIN
And you think that will happen?

VRANESEVICH
I think we’re starting to see that. Within
the past couple of weeks we saw a few strains
of the Love Bug which were starting to delete
files on the system. Killer Resume is a
perfect example of that. And we’ve
unfortunately also seen some viruses that no
longer require you to click on an attachment
to become activated. Simply by reading the
email they become activated, and I think one
of the things that we’re going to see within
the near future is an email coming to your
inbox, you begin to read it and while you're
doing that it begins formatting your system.

CORBIN
Now there’s one other area that we’ve looked
at and it doesn’t really fall into either
hacking or viruses, but it’s a programme and
that is the software produced by the so-
called Cult of the Dead Cow. Now what are
the dangers of this software and what do you
think these people are trying to do in
inventing something like this?

VRANESEVICH
Well the Cult of the Dead Cow invented a
programme called Back Orifice and then later
a second version called BO2K or Back Orifice
2000, and basically what it is, is written
for the hacker community and allows a hacker
to gain complete access to your system. It
can be hidden in a game for example, where
you get an email, it has a game attached to
it, you install it, you play the game,
nothing looks strange. Unfortunately, behind
the scenes, it’s installing Back Orifice or
Back Orifice 2000 which can then allow a
hacker to have complete control of your
system.

CORBIN
It sounds scary.

VRANESEVICH
Right, a lot of people have fallen victim to
it, and claim what they will about their
initial intentions, every time this programme
was created - it was released first at Defcon
which is the worlds largest annual hacker
convention held in Las Vegas - and it is
released with great fanfare and laser light
shows and rock music and a well choreographed
stage production for this hacker community
where they literally get the entire crowd to
chant their names and it is almost like a
cult-like atmosphere. So I think real
motivation tends to go back to what we would
call peer motivation, self-superiority
issues, recognition, acceptance, and in this
case within the hacker community downright
fame.

CORBIN
So they’re pretty well regarded.

VRANESEVICH
By hackers, yes. They’ve provided the
nation’s and the world’s youth a very easy
point and quick way to break into anyone’s
computer system.

CORBIN
They, of course, say they’re doing it to
point out the holes in the Microsoft system,
the lack of security, the fact that it’s easy
to do something like this. Well they’ve got
a point haven’t they?

VRANESEVICH
Not really because technically Back Orifice
didn’t exploit a bug in Windows. It’s like
saying you download email software and the
fact that email software allows email to come
onto your system is some sort of
vulnerability. Well now you can start an
email programme and that’s what the programme
is designed to do. The same thing is true
with Back Orifice. It’s not a problem that’s
inherently on Windows. It’s a problem that
happens when you install their software. So
if anything here, it’s the bug, it’s not
Microsoft, it’s the Cult of the Dead Cow.
And shortly after they’ve released the
software they teamed up with a company called
Network Five Recorder who for $10 a pop has
software that will detect Back Orifice and
prevent your computer from getting it.

CORBIN
Ahhh, so it looks like a commercial concern.
Invent the bug and then invent the cure.

VRANESEVICH
Yes, it’s what we in the United States would
call racketeering.

CORBIN
Okay, now John some see you as a person who
started out with your website as a hacker, if
you like a white hat, whatever you want to
call it, somebody interested in this area for
good. But I mean what’s happened now to you
in terms of the way that other hackers regard
you?

VRANESEVICH
I think it’s rather safe to say that I’m not
taken in very high regard within the hacker
culture. Probably in the last year alone I’m
responsible for over 100 people being raided.
These are people's friends, people's mentors,
people's allies, and obviously any time you
interfere with someone’s social structure
like that they tend to back life quite
heavily towards you.

CORBIN
They call you public enemy number one.

VRANESEVICH
Yes, that’s what they called.. last Defcon
they actually had wanted posters, several
hundred of them hanging up everywhere with my
face so it gets interesting sometimes.

CORBIN
But how has it actually impacted on your
life, the fact that you are a hated figure
out there in the hacker community?

VRANESEVICH
Well our network, webservers, email servers
and work stations get attacked somewhere in
the neighbourhood of 340 times an hour which
last year alone added up to 3.2 million
attempts against our systems, so that can
keep us pretty busy.

CORBIN
What about personally though, what’s happened
to you?

VRANESEVICH
Personally death threats are a regular common
occurrence. My family, pictures of my
sister for example who is 17 were posted
online. They got a hold of a picture of her
along with her address and phone number and
invitations to rape her that caused the local
police to begin monitoring their house. I’ve
had death threats from individuals claiming
to be responsible for terrorist groups or
affiliated with terrorist groups, so
sometimes it gets interested.

CORBIN
Do you think that one should take those
seriously?

VRANESEVICH
Some of them I do and most of them I don’t.
I haven’t been pipe bombed yet so I take that
as a good sign.

CORBIN
Is it worth it?

VRANESEVICH
Absolutely. I’m certainly not going to be
intimidated by a criminal or a criminal
faction that doesn’t want to be stopped. If
anything that’s a motivator.

CORBIN
So do you think that there really is a hard
core, a criminal element out there? Some
people say it’s just kids having fun, what’s
the harm?

VRANESEVICH
I absolutely believe that there’s a very
strong criminal element. Cases like credit
card fraud are incredibly rampant. You know,
cases of stealing military data are probably
incredibly rampant. We see those things have
happened, we’ve seen indicators, and we see
things getting more and more serious as time
progresses.

CORBIN
Where will it all end up?

VRANESEVICH
Good question. Hopefully it will end up in a
giant awareness campaign and governments
worldwide begin stalking their systems
better, begin protecting their systems
better. We see educational campaigns in the
schools where when we push computers into a
classroom we also push education on the
responsibility in the use of the those
computers, and we start seeing some of these
criminals become prosecuted, and we start
seeing the deterrent factor. Certainly we’re
always seeing crime, we will always see
crime, and no matter what there’ll be crime,
but I think this is one area where that crime
definitely needs to be taken under control.

CORBIN
One thing I haven’t asked you about is the
recent case in Britain. Now there’s a Welsh
hacker called Curador? Do you know anything
about him? Has he been in touch?

VRANESEVICH
Yes, Curador actually called several times
and curiously left us his phone number which
needless to say made it rather easy to track
him down. Curador was pretty much a copycat
of Maxus I would say, breaking into systems.
We don’t have any evidence that he used any
of the credit card numbers he stole, or sold
any of the credit card numbers. He was
simply posting them on line for others to use
as they would. So I have a feeling that a
prosecution against him is imminent and will
probably be rather successful.

CORBIN
John, what exactly is your relationship with
the FBI and how do you use the information
that you’ve garnered over the years to help
solve these cases?

VRANESEVICH
We do a lot of different things with law
enforcement and the military here in the US.
One of the things is assisting in
investigations where basically we get a phone
call and asked to come in as a consultant on
a case. We also do some education, a lecture
down at Quantico at the FBI training academy
to other agents and law enforcement personnel
in some of the techniques we use here to
profile hackers and to track them down. We
also do research, trying to find new ways to
track down hackers for organisations like the
Department of Defense which we have a few
research contracts through which will again
assist in future investigations.

CORBIN
And do you keep files on active hackers if
you like, how many do you know about?

VRANESEVICH
Yes, we currently have files on probably
7,000 individual hackers worldwide and
probably 128-230 different hack groups or
clans that we keep an active eye on.

CORBIN
7,000 active hackers out there?

VRANESEVICH
Yes, I suspect the number is probably a lot
higher. There are areas where we have
weaknesses, particular areas like China and
Indonesia where things tend to be a lot more
disguised, a lot more hidden, and because of
some severe language barrier we haven’t yet
gained good insight to yes.

CORBIN
But you're pretty confident they’re all out
there, there’s someone virtually in every
country where there’s a computer?

VRANESEVICH
Oh more than someone, a lot of someones. We
find that really the number of hackers in the
country is proportional to the number of
people on line. There are more hackers in
the United States than any other country
because there are more people on the internet
than the United States than any other
country, and it pretty much goes down the
chain in proportion to the population.

CORBIN
So as more people get online, it stands to
reason, as it were, that there will be more
hackers online.

VRANESEVICH
Absolutely .

CORBIN
Now we talked just now about the whole
Masters of Downloading, but we’re
particularly interested obviously in the
British angle. Now what do we know about the
Masters of Downloading, in particular a group
within them that might have come from
Britain?

VRANESEVICH
Shortly after one of the Chief Members of the
Masters of Downloading, Chameleon, got
raided, and we sort of saw this whole faction
break off, and they called themselves the
Millworm, and Millworm managed to break into
the Bhabha Atomic Research Centre in India,
shortly after India had done their first
nuclear test. Here in the United States that
was pretty significant because the Pentagon
was very widely criticised for not knowing
that India was planning nuclear tests, and
surely about a week afterwards, this group
called Millworm announced that they had
downloaded a large sum of that research data.

CORBIN
So the hackers had got in where the
professional intelligence officers had failed
to go.

VRANESEVICH
Absolutely and exactly how far they got in
we’re not really sure. We know that the
language of the research was actually in a
language called Bengali which is a pretty
standard one for Indian research scientists
to use. We know that the Pentagon was
actively seeking the data the hackers stole
and we know that the hackers were never
prosecuted. So what happened to that data
and what happened to those individuals it’s
hard to say.

CORBIN
So maybe a trade off, maybe the Pentagon gets
the information from the hackers and no
prosecution is forthcoming.

VRANESEVICH
Potentially.

CORBIN
So have we heard any more about this British
group since?

VRANESEVICH
No, we really haven’t. Since that whole
incident occurred and the individuals in
Britain realised it was being investigated by
the US Pentagon, plus officials over in
Britain, the Ministry of Defence in
particular, they pretty much became rather
quiet and have been ever since. There was
only one case where we saw an individual who
we believe was part of the group Millworm,
raise his head and that was when one of the
individuals who we believed to be in Britain
attacked the webpage of the United States
Senate and defaced it.

CORBIN
And when was that?

VRANESEVICH
That would have been in May of last year.

CORBIN
When you discovered that Chameleon was in
effect selling information to a member of a
terrorist group, did you manage to track him
down at all? What happened?

VRANESEVICH
We spent a great deal of time trying to track
down and verify who Khalib Ibraham was. The
best we were able to confirm is that he was
indeed in Israel.

CORBIN
In Israel?

VRANESEVICH
In Israel. We actually contacted him through
email and confronted him with what he was
doing. At first he denied it and what we
decided to do was go live with the story
about this individual on our website and
basically tell everyone as much as we knew
about this individual to try to expose him,
put an end to his operations. Shortly
thereafter he began quite bluntly admitting
his claimed affiliations and his actions and
we began seeing some rather severe death
threats from this individual who claimed to
be part of a terrorist faction.

CORBIN
And he was threatening you.

VRANESEVICH
Threatening me, my family, and other
individuals who had been working on this
case.

CORBIN
What did he say?

VRANESEVICH
He said all sorts of great things that I
don’t think I can repeat on the air but the
gist of it was I have a great deal of money.
I have proven that with Chameleon. If I can
send a 17 year old a thousand dollars, do you
not think that I can send someone twice or
ten times that much to shut you up.

CORBIN
Do you take that seriously?

VRANESEVICH
At the time I did. Obviously we knew he had
money. We knew he was involved in this to
some degree. Of course the FBI got involved
and things sort of slowly died down and
haven’t heard much since.

CORBIN
What worries you about the sort of atmosphere
out there, the culture of some of these
people, and the way it differs perhaps from
the past, and what do you think really
motivates them and drives them now?

VRANESEVICH
It used to be they were motivated by the love
of technology. They wanted to help it
progress. They wanted to help develop it,
they wanted to be able to say I had a part in
creating this incredible new form that brings
people across the world together, makes the
world more of a global village as we call it.
Now we’re starting to see that change as more
and more people come on line, younger and
younger people come on line who are by
definition less mature. We’re starting to
see much more of a malicious attitude where
it’s sort of like the tough men gang
mentality, don’t mess with me or I’ll ruin
you, and unfortunately computers now are
providing the power where these individuals
can ruin people, or at least severely disrupt
our lives or disrupt our nation’s
infrastructure even.

(End of Interview)

http://web.textfiles.com/hacking/vranesevich.txt
[Image: paulbanneroc1.gif]
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Who Was John Wheeler? CFR, MITRE Corp.; More than a dead body lacyv 0 1,545 01-04-2011, 08:28 AM
Last Post: lacyv
  The 9/11 Hijackers are Alive? Video Interview With Dr. David Ray Griffin h3rm35 0 811 03-12-2010, 12:43 AM
Last Post: h3rm35
  John O'Neill & Jerome Hauer, Anthrax and the Myth of Osama bin Laden MrScratch 0 576 09-27-2009, 09:44 AM
Last Post: MrScratch
  Megrahi was framed by John Pilger TriWooOx 0 496 09-15-2009, 07:14 PM
Last Post: TriWooOx
  Exclusive Interview mexika 1 641 08-02-2009, 04:12 PM
Last Post: ---
  CIA destroyed 92 interview tapes TriWooOx 1 653 03-03-2009, 10:27 AM
Last Post: ---
  John Bolton to be target of citizen's arrest hammer 0 424 05-28-2008, 10:50 PM
Last Post: hammer
  We Are Change UK Interview Phil Hayton and WTC7 hammer 0 440 04-25-2008, 09:55 PM
Last Post: hammer
  Points of View - David Shayler Interview 1-3 hammer 7 737 03-18-2008, 11:17 PM
Last Post: ---
  A BURIED 60 Minutes INTERVIEW / INDICTMENT rockclimber 0 419 12-01-2007, 04:22 AM
Last Post: rockclimber

Forum Jump:


Users browsing this thread: 1 Guest(s)