ISIS HACKER STEALS IDS FOR 1,351 AMERICANS ON ‘KILL LIST’…

Screen Shot 2016-07-21 at 10.56.57 AM

BY TIM JOHNSON

The attack seemed like a garden-variety digital holdup.

A computer intruder, calling himself the “Albanian hacker,” left a message for the administrator of a website for an Illinois internet retailer: Pay two Bitcoins, or about $500 at the time, and the intruder would “remove all bugs on your shop!”

Such demands are typical among underground hackers who infect computers with malicious code and seize control of them, freeing them only after receiving a payment.

But this case was more than a surreptitious digital mugging. The trespasser had ties to the Islamic State Hacking Division, a terrorist cyber unit, and before it was over he’d put together a “kill list” for the Islamic State with the identities of 1,351 U.S. government and military personnel from the 100,000 names, credit card records and Social Security numbers he’d extracted from the host server.

The hacker operated in a gray area where criminal and terror interests blend messily to test malicious computer code, raise funds and identify Western targets, and it raises fresh concerns for U.S. businesses hit by cybercrime and for the government agents tasked with defeating it: If a business tries to make a problem quietly disappear, it may effectively be hindering government efforts to monitor terrorism. The need for collaboration between business and government on internet security has soared, even as distrust has risen between network managers and law enforcement.

FERIZI’S CASE IS NOTABLE BECAUSE HIS HANDIWORK GENERATED ONE OF THE FIRST “KILL LISTS” ISSUED BY THE ISLAMIC STATE.

 

The case of Ardit Ferizi, an ethnic Albanian who was raised in Kosovo, is typical of hackers who “might act on behalf of a group but are also doing it for their own profit, for criminal means,” said John P. Carlin, the assistant attorney general for national security.

Ferizi’s case is also notable because his handiwork generated one of the first “kill lists” issued by the Islamic State designed to generate fear and publicity. FBI agents used the early list of U.S. military and government employees to notify the targeted individuals. More recent lists have included thousands of ordinary civilians and even U.S. Muslims the terrorist group considers apostates.

Ferizi, 21, was extradited from Malaysia last autumn and has been held by U.S. Marshals since then. On June 15, Ferizi signed a plea agreement in Alexandria, Virginia, in which he admitted to providing material support to terrorists and to computer hacking. He also signed a statement of facts outlining details of that support.

It marked one of the federal government’s first successful cyber terrorism cases in which an individual in custody admitted a link to a foreign terrorist organization.

Ferizi’s story is gleaned from federal court records, and an interview he once gave to Infosec Institute, a Chicago-based training center for technology professionals that also does research on hackers.

100,000Number of records Ardit Ferizi is thought to have pirated from computer servers belonging to an internet retailer.

A native of Gjakova in western Kosovo, Ferizi was largely self-trained in computers. By his late teens had formed the Kosova Hacker’s Security, a group with vague pro-Muslim objectives. He adopted the moniker @Th3Dir3ctorY, and claimed that the group had hacked systems in Serbia, Greece, Ukraine, France and the United States, including Microsoft’s Hotmail servers and a research domain operated by IBM.

In early 2015, Ferizi traveled to Malaysia to study and “in part to get better access to bandwidth” to carry out cyberattacks, Carlin said.

His tools? A Dell Latitude laptop, a second MSI laptop and computer application known asDUBrute, which allows a user to seize control of another computer remotely.

Ferizi had already established contact with Junaid Hussain, a Briton who Carlin called “one of the most notorious cyber terrorists in the world.” At the time, Hussain lived in the Syrian city of Raqqa, the de facto capital of the Islamic State. A charismatic hacker of Pakistani descent, Hussain had once run a collective, TeaMpOisoN, and had a club of fanboys.

One day last August, a system administrator at the Illinois company, which is not named in court documents, contacted the FBI about a cyber ransom demand. Appealing to the feds for help was an unusual step.

“Most companies today pay the 500 bucks and go back to business,” Carlin said at a June 28 forum at the Center for Strategic and International Studies, a public policy and research group in Washington.

Cyber ransom demands have exploded, with hackers hitting hundreds of businesses every day, encrypting hard drives and turning over the decryption key only once a payment has been made. The FBI estimates such attacks cost individuals and businesses $209 million in the first quarter of 2016.

“It’s grown extremely fast,” said Dan McNemar, director of intelligence at Binary Defense Systems, a Hudson, Ohio-based company that helps defend clients from cyberattack.

Yet those hit by the ransom attacks often are reluctant to report them.

“Companies do see a lot of risk when they consider coming out into the open about cyber incidents,” said Tristan Reed, a security analyst at Stratfor, an Austin, Texas-based global security consultancy. He noted that executives worry about reaction from shareholders and customers, and fear that government agencies won’t keep the information confidential.

Ferizi’s attack, however, was serious. He had placed malware on the company’s server that granted him “unfettered access to information” there, including all customer data, FBI agent Kevin M. Gallagher said in an affidavit.

Ferizi had scolded the company technician for trying to pry his malicious malware off the server, warning him in a message Aug. 19 – “please don’t touch my files!” – and signing off with a gleeful: “Greetings from an Albanian Hacker!”

In a separate message, he demanded two bitcoins, a type of encrypted digital currency, from the company in exchange for deleting his malicious code. He included a hyperlink to a Wikipedia page on bitcoins in case the administrator didn’t know what they were.

But Ferizi already had what he wanted. He’d spent the previous two months gathering and culling information from the company’s servers and passing the data to the Islamic State. According to Ferizi’s signed “statement of facts” in his case, the hacker searched the server for email addresses ending in “.gov” or “.mil,” indications that they belonged to civilian government or military employees.

On Aug. 11, the ISIS cyber army leader, Junaid Hussain, tweeted a link to a 30-page document containing vast details about 1,351 U.S. personnel, calling them “Crusaders” who were conducting a “bombing campaign against the muslims.” He said followers would “strike at your necks in your own lands!”

It was a coup for Hussain, but not one he’d live long to boast about.

A drone strike killed the British Islamic State hacker near Raqqa on Aug. 24. At the time, Hussain is said to have ranked No. 3 on a U.S. list of terror group members to be eliminated.

No direct link is publicly known between the drone attack and his release of the “kill list.”

A member of one private company’s digital intelligence team, who requested anonymity because he was dealing with terrorism, said of the Islamic State: “Their capabilities are 1,000 times what they were four years ago.”

But Daveed Gartenstein-Ross, a counter-terrorism expert at the Foundation for Defense of Democracies, said U.S. government cyber experts are “orders of magnitude better” than Islamic State-linked hackers.

Reed, the Stratfor analyst, said many issues make it difficult for companies to know whether intruders like the “Albanian hacker” are linked to terrorist groups. Determining the provenance of an attack or a digital ransom demand requires difficult forensics.

But since so much of public infrastructure in the United States is owned by the private sector, including electric utilities, the government and private businesses will find themselves needing to work together more often.

“It’s actually critical to collaborate,” Reed said.

Obama: Most illegals still won’t be deported…

Capture

By Stephen Dinan

President Obama said most illegal immigrants still won’t be deported, even after the Supreme Court’s tie ruling Thursday upheld an injunction on his broader deportation amnesty.

Mr. Obama rushed to assure illegal immigrants with ties to the U.S. that they are “low priorities,” even though they will not be able to get the work permits and taxpayer benefits his “deferred action” program had promised.

And he said the 4-4 tie was more evidence for the need to confirm Judge Merrick Garland, his pick to succeed the late Justice Antonin Scalia, to the high court.

Speaking less than two hours after the court’s ruling, Mr. Obama said it “takes us further from the country we aspire to be,” and delays a solution to a broken system that has allowed an estimated 11 million illegal immigrants to arrive and settle here.

The president also challenged voters to punish those who want stricter enforcement of immigration laws.

“Now we’ve got a choice about who we’re going to be as a country, what we’re going to teach our kids, and how we want to be represented in Congress and the White House,” Mr. Obama said at the White House.

The 4-4 ruling leaves in place a lower court’s injunction that held the president broke immigration and procedural laws by claiming the power to grant “deferred action” to nearly half of the illegal immigrants in the country.

That deferred action program would have granted a three-year work permit, enabling illegal immigrants to get Social Security numbers and access to some taxpayer benefits. It also would have ensured them a three-year stay of deportation.

Without the program, however, Mr. Obama still retains the power to decide whom to deport. And he said the millions who would have qualified for deferred action aren’t likely to be kicked out anyway.

“They will remain low priorities for enforcement,” he said.

Thursday’s ruling also leaves untouched a smaller deportation amnesty Mr. Obama announced in 2012 that applies to so-called Dreamers, who are the young adult illegal immigrants who came to the U.S. as children.

More than 700,000 Dreamers have qualified for two-year stays of deportation and work permits under that program.

WATCH: Debunking the Myth of ‘Democratic’ Socialism

Capture

UPDATE 06/08/2016: I’ve received thousands of emails about the situation below. The following video was entirely removed from Youtube based on a BS “copyright” claim from an angry liberal at Mashable who didn’t like the fact that he was roundly criticized. My personal youtube account was punished with a manual copyright strike, and business privileges like live-streaming were removed from my account which had always been in good standing. It required a lawyer, a counter-claim and a whoooole lot of truth-telling, but the BS was dismissed and the video has now officially been reinstated. It’s horrible that this is such a common tactic from the left, and it’s horrible that mere truth-telling has to be defended, but we did, and we won. Thanks for the support!

Here’s how you know people generally disfavor socialism. Proponents of socialism take a parent to child approach by wrapping a distasteful thing (socialism) inside something seen as more palatable (democracy). Voila, cheese covered broccoli. Except Democratic Socialism is still socialism, with all the trappings and pitfalls of a miserable population, a crap economy, and a huge gap between rich and poor. Also, spoiler alert: the USA is a REPUBLIC. Stop saying we’re a democracy already. I explain in detail below.

Democratic socialism, nationalistic socialism, or just socialism-socialism eventually lead to one thing: misery. Here, I’ll put it in simpler terms for you…

Word+Socialism= Socialism.

More math for you….

Socialism + Anything = Bad idea that’s never worked, will never work, can never work. So stop it.

Socialism seeks to make everyone equally poor, equally dependent, equally terrible. Because success isn’t fair. Rich isn’t fair. Well, except for those cronies up at the top who fooled you into buying their ketchup covered broccoli and telling you it was nutrition.

jeremy clarkson

Yet here we are. We have an openly socialist running for president. Face the facts here. Bernie Sanders rhetoric (nay, most of the Democrat Party) is indistinguishable from Lenin. Socialism is a bad idea. It’s made for the lazy who just would rather not work, but thanks. It’s made for whiners. It’s made for fools. Just don’t be one, you’re going to make the rest of us pay for it. And not just in a metaphorical sense…

Read more: http://louderwithcrowder.com/watch-debunking-the-myth-of-democratic-socialism/#ixzz4B0Uwhp96
Follow us: @scrowder on Twitter | stevencrowderofficial on Facebook

 

US still uses floppy disks to control nuclear bombers & ballistic missiles

Three-quarters of federal agencies’ IT budgets go on operation and maintenance rather than upgrades, and some legacy technologies, such as floppy disks used by the Pentagon for nuclear missiles, are over 50 years old.
*

The overview of how the US government continues to use archaic technologies in some vital areas was given in a report released on Wednesday by the Government Accountability Office (GAO). The report said that the budget for IT modernization has fallen by $7.3 billion since 2010 while operations costs continued to grow. Of approximately 7,000 IT investments reviewed, the majority (5,223) do not spend a penny on upgrading their systems.

One of the legacy technologies identified by GAO is 8-inch floppy disks, which are used by the DoD to operate the functions of American nuclear forces. A computer system, on which deployment of ICBMs, nuclear bombers and tanker aircraft depends, runs on 1970s computers that use the floppy disks. The Pentagon plans to get rid of them by 2017, thereport said.

Even more ancient technologies are still in use by the Department of Treasury, and unlike the DoD it has no plans to have them upgraded anytime soon. The department uses so-called master files to track accounts of individual taxpayers and businesses. The system run on an IBM mainframe is about 56 years old and is written in assembly language, a low-level computer programming language. It is hard to read or write by inexperienced coders and is currently reserved for specialized applications such as device drivers, computer viruses or boot instructions. The Treasury wants to replace the master files with something more modern, but has no specific timetable for doing this.

Archaic technologies are used by other federal agencies. The Department of Veterans Affairs has a 53-year-old system for tracking employee attendance and a 51-year-old computer network that deals with benefit claims. Both systems are written in Common Business Oriented Language (COBOL) – a programming language developed in the 1950s and 1960s.

Social Security has a three-decade-old system tracking benefits eligibility and amounts, also written in COBOL. The Department of Justice has a COBOL system for security and custody levels, inmate program and other prison information.

“Legacy federal IT investments are becoming obsolete,” the GAO concluded.

The GAO reports says the Office of Management and Budget (OMB) must come up with a specific plan to modernize federal IT investments, including a timeline for replacing obsolete legacy systems.

“Until this policy is finalized and implemented, the federal government runs the risk of continuing to maintain investments that have outlived their effectiveness and are consuming resources that outweigh their benefits,” the report said.

Texas Man’s Life Destroyed by Illegal Alien Sex Offender Who Stole His Identity

BY ROB PRICE

An illegal alien with a long criminal history, including being a registered sex offender, has pleaded guilty to identity theft bringing an end to a long, painful era for the person whose identity he stole.

Imagine if every time you had to apply for a job, a background check revealed you were a drug dealing sex offender and you had to prove that you were not. Your name, date of birth, Social Security number, parents’ names, etc., all match with the criminal record. Getting or keeping a job would be a very difficult task.

This is what life has been like for the past twenty years for 46-year-old Marcus Cavillo, a Texas man living in Grand Prairie, Texas. On Monday, Fernando Neave-Ceniceros pleaded guilty to using the identity of Cavillo over the past two decades. Neave’s criminal history was all recorded under the false identity that he stole because he did not want to be deported for being an illegal alien from Mexico, Assistant U.S. Attorney (AUSA) Brent Anderson told Breitbart Texas in a phone interview on Tuesday.

“This is absolutely one of the worst identity theft cases I have ever seen,” said the 25-year veteran prosecutor. He said the impact on the real Cavillo’s life has been horrific.

The criminal history of the fake Cavillo, began at age 17 in 1993 in Ford County, Kansas, when Neave was arrested and convicted on drug trafficking charges. Six years later he was convicted again on a misdemeanor count of battery and the felony charge of indecent liberties with a child under the age of 16 but over the age of 14.

In 2004 and 2008, he was convicted for failing to register as a sex offender. He was next convicted in 2009 for the sale of opiates and in 2010 for bribery. He has been in the Kansas prison system since that time.

All of these crimes are reported under the name of Marcus Cavillo.

After fighting the identity theft issues for years, the real Marcus Cavillo contacted the U.S. Attorney’s Office in Kansas for help after he read about an identity theft case involving a Houston teacher, Candida Gutierrez, Associated Press reporter Roxana Hegeman wrote,published by the Claims Journal’s in 2015. That case also involved a person living in Kansas, Benita Cardona-Golzalez, Breitbart News reported in 2013. While Gutierrez’ identity theft case made the Texas school teacher’s life difficult, it only involved credit related issues. The Cavillo case marked an innocent man as a sex offender.

That effort paid off and on Monday, Neave pleaded guilty to stealing Cavillo’s identity.

The real Cavillo has been unable to keep a job over the years since Neave’s crimes began. The sex offender charge and status has been particularly damaging to the man who was guilty of nothing. While working as a cable installer, Cavillo was fired with no notice. When he asked why, he was told “You know what you did,” the Associated Press reported. The theft of his identity made him a victim. It made it difficult to keep a job, support his children, or even pay his bills.

“My whole life has been put on hold because of this person, and it has gotten worse and worse and worse,” Cavillo told Hegeman. His life and future were now in the hands of AUSA Anderson.

This week, his prayers were answered and he is now back on the road to rebuilding his life that was destroyed through no fault of his own.

Cavillo first found out about the impostor’s criminal record while applying for a job. After being turned down for several jobs, Cavillo finally asked an agent at a temporary job service company why he was being denied work. The person showed him a copy of the criminal background check they had run listing the numerous crimes and felonies committed by the then unknown impostor. “I almost broke down,” he told the Associated Press reporter. “Oh my God! This is why I couldn’t get this job.”

Anderson told Breitbart Texas that Cavillo had expressed his appreciation for his work. “I was just doing my job,” Anderson said.

As for Neave, the plea agreement (attached below) was for a sentence of one year and a day. The formal sentencing is scheduled for July 25, court records obtained by Breitbart Texas revealed. While Neave is still in a Kansas prison, the federal judge has not yet decided if the federal sentence will run concurrently with the existing state sentence, Anderson said.

During this process, the federal government was finally able to get the real Cavillo a new Social Security number. The Texas man is now self-employed as a home service worker and specializes in power washing houses, according to an Associated Press report.

Following the sentencing hearing, Anderson has a lot of work in front of him. He will have to contact the counties involved in Neave’s convictions and have all of those records changed to reflect the illegal alien sex offender’s real name. “In the Kansas prison, they still refer to him as Cavillo,” Anderson explained. “They are required by state law to use the name under which the conviction is registered.”

“The system seems to be doing so little for these people,” the federal prosecutor said about identity theft victims. “The vast majority of these cases involve foreign nationals who are not legally present in the U.S.”

Anderson said the issue is rampant in southwestern Kansas where meat packing plants employ thousands of workers who are not legally in the United States. He said he personally has prosecuted over a thousand foreign nationals in cases like this.

As for Fernando Neave-Ceniceros, “His status as a convicted sex offender classifies him as an aggravated felon in the federal immigration system,” the AUSA explained. “He will almost certainly be deported after his sentence is completed.”

Marcus Cavillo has had his opportunity stolen from him for over twenty years.