The top commander of the department of Defense network
operations just ordered a crackdown on
security. According to a recent article by NetworkWorld on January
16,2006, Lt. General Charles Croom is
quoted as saying, “The attacks are coming from everywhere and they’re getting
better.” His talk was the keynote address at the Department of Defense Cyber
Crime Conference held on January 9 - 14, 2005 in Clearwater, Florida. The event is sponsored by the Defense Cyber Crime Center and the Joint
Task Force. Over
500 computer crime specialists from the FBI and the military attended the
event.
The crackdown was related to a recent arrest of a “Computer
Virus Broker” named Jeanson James
Ancheta. On further investigation, a
Department of Justice press release from
Nov 3rd, 2005 offered the
following information on this incident, “In the first prosecution of its kind in the
nation, a well-known member of the “botmaster underground” has been indicted on
federal charges for profiting from the use of “botnets” – armies of computers
that are under the control of the botmaster and are used to launch destructive
attacks or to send huge quantities of spam across the Internet.
Jeanson
James Ancheta, 20, of Downey, California, was arrested this morning by special
agents with the Federal Bureau of Investigation. Ancheta was indicted yesterday
in two separate conspiracies, as well as substantive charges of attempting to
cause damage to protected computers, causing damage to computers used by the
federal government in national defense, accessing protected computers without
authorization to commit fraud and money laundering.”
The
press release goes on to describe more details of this scheme that clearly show
why the Deparment of Defense is so concerned (for more information go to: http://www.usdoj.gov/criminal/cybercrime/anchetaArrest.htm )
“Ancheta had become
an affiliate of several different advertising service companies, and those
companies paid him a commission based upon the number of installations. To
avoid detection by network administrators, security analysts and law
enforcement, Ancheta would vary the download times and rates of the adware
installations. When companies hosting Ancheta’s adware servers discovered the
malicious activity, Ancheta redirected his botnet armies to a different server
he controlled to pick up adware. To generate the roughly $60,000 he received in
advertising affiliate proceeds, Ancheta caused the surreptitious installation
of adware on approximately 400,000 compromised computers. Ancheta used the
advertising affiliate proceeds he earned to pay for, among other things, the
multiple servers used to conduct his schemes.
Ancheta used
programs powerful enough to cause the infection of computers at the Weapons
Division of the United States Naval Air Warfare Center in China Lake, as well
as computers belonging to the Defense Information Systems Agency, a component
of the United States Department of Defense. Both networks are used exclusively
by the federal government in furtherance of national defense. After being
arrested this morning at the FBI Field Office in Los Angeles, Ancheta was
transported to United States District Court in Los Angeles. It is unclear if he
will make his initial court appearance this afternoon or tomorrow. Ancheta is
charged with two counts of conspiracy, two counts of attempted transmission of
code to a protected computer, two counts of transmission of code to a
government computer, five counts of accessing a protected computer to commit
fraud and five counts of money laundering. Count 17 of the indictment seeks the
forfeiture of more than $60,000 in cash, a BMW automobile and computer
equipment that the indictment alleges are the proceeds and instrumentalities of
Ancheta’s illegal activity.”
Some recent news. Ancheta pleaded guilty to charges of conspiring to violate anti-spam and computer misuse laws, and fraud and will serve from 4-6 years in prison, under the plea agreement - plus heavy fines.