The National Crime Agency’s Anti-Cyber Crime Campaign is Embarrassing and Ignorant

The National Crime Agency embarked on an appalling advertising campaign yesterday “aimed at educating the parents of 12-15 year old boys” who might be proponents of cyber-crime. Already we can see the ignorance flowing here, as focusing on the male gender is incorrect, and targeting such a narrow age range seems completely ludicrous. Not only that, the organization created a checklist for parents to help investigate their own children and see if they are engaging in illegal activity. This is a prior warning, the compiled list is possibly the biggest pile of nonsense I’ve read in years.

“Warning signs of cyber crime

The following behaviours may indicate a young person is at risk of getting involved in cyber crime:

  • Is your child spending all of their time online?
  • Are they interested in coding? Do they have independent learning material on computing?
  • Do they have irregular sleeping patterns?
  • Do they get an income from their online activities, do you know why and how?
  • Are they resistant when asked what they do online?
  • Do they use the full data allowance on the home broadband?
  • Have they become more socially isolated?

If a young person is showing some of these signs try and have a conversation with them about their online activities. This will allow you to assess their computer knowledge proficiency so you can understand what they are doing, explain the consequences of cyber crime and help them make the right choices.”

There’s so much wrong with the questions above that I really don’t know where to start. The idea that children spending time online is a negative concept is unbelievably outdated, and laughable. The internet is an integral part of daily life from educational activities to keeping up with friends on various social media platforms. Additionally, human beings don’t all have to be brash, loudmouth extroverts, and social isolation isn’t anything to be suspicious off. In reality, many socially isolated people are very creative and struggle to communicate with people. Anxiety is a terrible condition to deal with its impossible for non-sufferers to understand the daily torment. That’s why it’s incredibly hurtful to judge people and be suspicious of them just because they want alone time.

On another note, the one key profession society will need in the future is programmers, and they are in short supply at the high skill level. We should be actively encouraging children to attain coding skills and make their interest in this field flourish. To insinuate this passion as a negative aspect is frankly, embarrassing.

Hilariously, the NCA contradicts themselves and goes onto say:

Ways to use cyber skills positively

Skills in coding, gaming, computer programming, cyber security or anything IT-related are in high demand and there are many careers and opportunities available to anyone with an interest in these areas.”

According to their impeccable logic (insert sarcasm here), coding is a suspicious trait but it’s a way to use skills in a positive manner. If anyone can explain what the marketing team has been drinking, I’d love to know. This entire campaign makes zero sense and is a complete farce. While some feel the need to ridicule it, I find it very worrying that people in power have such an idiotic and uneducated viewpoint on the subject matter. As previously mentioned, the government, the actors, and anyone else involved in this mess should feel ashamed.

If you’re brave enough, here’s the cringe-worthy video in full:

NCA Website Temporarily Taken Offline by Lizard Squad DDOS Revenge Attack

The National Crime Agency is a UK body which tackles online cyber attacks and recently arrested 6 people for using Lizard Squad’s DDOS tool. In an act of retaliation, the hacking group conducted a DDOS attack on the NCA website. The team mockingly used the NCA’s logo in a Twitter post and publicly announced the DDOS attack. An NCA spokesperson said about the incident:

“The NCA website is an attractive target. Attacks on it are a fact of life. DDoS is a blunt form of attack which takes volume and not skill. It isn’t a security breach, and it doesn’t affect our operational capability. At worst it is a temporary inconvenience to users of our website. We have a duty to balance the value of keeping our website accessible with the cost of doing so, especially in the face of a threat which can scale up endlessly.”

Hacking via a DDOS method doesn’t usually result in long-term chaos and the majority of sites can be up and running within 1-2 hours. Of course, this greatly depends on the scale and complexity of each hacking attempt. The NCA spokesperson emphasized this and argued:

“The measures we have in place at present mean that our site is generally up and running again within 30 minutes, though occasionally it can take longer. We think that’s proportionate.”

However, Dave Larson, CTO at Corero Network Security explained the more sinister impact of DDOS attacks on network infrastructure:

“The recent reports indicating that the National Crime Agency website has been taken offline by DDoS attack, seemingly by the increasingly popular DDoS-for-hire site, Lizard Stresser is a classic example of cyber-warfare taking aim in retaliation of the recent arrests of individuals associated with the service.  

“DDoS attacks can be a nuisance, cause temporary or long term service disruptions, and take down IT security infrastructure in any organization. What is even more distributing is the potential for even greater damage in the form of smokescreen diversions allowing hackers to run additional attacks aimed at breaching sensitive data and further impacting operations.

“DDoS mitigation strategies must be viewed as more than just protecting your website, it is protecting the business, your intellectual property and your customers.” 

In my opinion, this particular hack was nothing more than an inconvenience and predatory response to the 6 arrests. Arguably, Lizard Squad hopes this sends a warning message out to government bodies trying to infiltrate the group and arrest its leading members. Personally, I feel this is more of a PR stunt and not a valid attempt to make the NCA’s website inoperable.

What do you think of Lizard Squad?

https://twitter.com/LizardLands/status/638617494702399488

Thank you The Register for providing us with this information.

UK National Crime Agency Arrests Five in Cybercrime Sweep, While Threats Continue

As part of an international operation targeting cybercriminals using remote access tools (RATs) to hijack computers, five people were arrested in the UK. There is an international effort to promote cybersecurity for both consumers and businesses, along with trying to crack down against cybercriminals.

The National Crime Agency (NCA) arrested the five suspects on Nov. 19 and Nov. 20, with a 20-year-old, one 30-year-old, two 33-year-olds, and a 40-year-old suspect detained in the national sweep.

Here is what Andy Archibald, director of the NCA’s National Cyber Crime Unit, said (via press statement):

“This operation demonstrates once again that all of UK law enforcement is working to respond effectively to cyber crime, and together we will continue to collaboratively target those who use technology to misuse other people’s devices, steal their money, or unlawfully access confidential information. Anyone who is tempted to get involved in this type of crime should understand that it can result in prison time, and substantial restrictions on your life afterwards.”

The first layer of protection against installing RAT software, and malware, is to be careful when clicking on links and attachments in emails – or while browsing the Internet. However, cyberattacks are increasing in sophistication, as the criminals behind these operations perfect their craft, with serious money available to them when successful.

Peter Goodman, from the East Midlands Deputy Chief Constable, had this to say:

“Cybercriminals are using very sophisticated technology to breach online security systems and to conceal their digital tracks. However, the police forces in the UK and overseas have the expertise to identify and disrupt those who are determined to access computers in order to steal data or to commit serious offences, wherever they are in the world.”

(Thank you to the NCA for providing us with this information. Image courtesy of NCA Twitter)

UK National Crime Agency Disrupts ‘Shylock’ Malware

Distribution of the “Shylock” malware has been disrupted by the UK National Crime Agency (NCA), in an effort to prevent a growing number of users from being compromised.

The Shylock malware reportedly infected more than 30,000 PCs across the world, with a specific focus on targeting bank accounts of UK residents.  Shylock, which included Shakespeare’s The Merchant of Venice passages hidden within its code, targeted PCs running Microsoft Windows.

The NCA confiscated servers responsible for distributing the malware – and the malware was able to steal banking login credentials.  Shylock could also capture data entered on select websites, and then upload it back to its home servers.

Here is what Andy Archibald, NCA’s National Cyber Crime Unit deputy director, said in a statement announcing the police operation:

“This phase of activity is intended to have a significant effect on the Shylock infrastructure and demonstrates how we are using partnerships across sectors and across national boundaries to cut cybercrime impacting the UK.  We continue to urge everybody to ensure their operating systems and security software are up to date.”

At the very least, security experts recommend users update their PCs and mobile OSes with the latest security updates, along with running anti-virus and anti-malware software.  Also, end-users need to be aware of clever phishing attacks using social engineering to trick them into clicking fraudulent links or downloading malicious programs.

Thank you to The Guardian for providing us with this information

Image courtesy of Getty Images

Four Men Arrested Over Silk Road Links

Silk Road, the illegal drug and services website that was operating on the Tor network, was taken off-line last week. This was shortly after the sites founder was arrested and questioned by the FBI.

Now we see the story developing as four more men have been arrested in the UK for their role in the online marketplace. Three men in their early 20’s from Manchester, plus a man in his 50’s from Devon have been detained on suspected drug offences. Further arrests are expected later in the week.

Given that The Silk Road was one of the world’s largest (if not the largest) websites for the sale of illegal drugs and related products and services, this marks a big step for the UK’s newly setup National Crime Agency (NCA), effectively the UK equivalent of the FBI.

Of course it is only the first step in fighting online money laundering, drug trafficking and more as there have been numerous other sites fighting to fill the void that the site closer left. Customers are simply going elsewhere and the arrest will have little effect on the customers and distributors related to the site, even with a few arrests.

Keith Bristow, the NCA’s director general said “These arrests send a clear message to criminals; the hidden internet isn’t hidden and your anonymous activity isn’t anonymous. We know where you are, what you are doing and we will catch you.”

With site owner Ross Ulbricht arrested and a few other people now taken in for questioning, it is becoming clear that the so-called anonymous service that is the Tor network, isn’t so anonymous any more.

Thank you BBC for providing us with this information.