US hunts down hackers
2013-03-14 09:30
-
Us
An old fashioned story by Mary Louisa Molesworth (1836-1921). The author of beloved children's...
Now R150.00
buy now
Washington - The pursuit of hackers who audaciously stole and published credit reports for Michelle Obama, the attorney general, FBI director and other US politicians and celebrities crisscrossed continents and included a San Francisco-based internet company, Cloudflare, The Associated Press has learned.
The sensational crime caught the attention of Congress and US President Barack Obama, who said "we should not be surprised".
Obama said he could not confirm that the first lady's credit report was published earlier this week on a Russian website, along with what appeared to be the credit reports of nearly two dozen others, including Republican presidential candidate Mitt Romney, real estate mogul Donald Trump and celebrities Britney Spears, Jay Z, Beyoncé and Tiger Woods.
The president said determined hackers are a persistent threat.
"We should not be surprised that if you've got hackers who want to dig in and devote a lot of resources, that they can access people's private information," Obama told ABC News in an interview aired on Wednesday. "It is a big problem."
"It would not shock me if some information among people who presumably have pretty good safeguards against it, still gets out. That's part of the reason why we've got to continually improve what we do and co-ordinate between public and private sectors to make sure that people's information is safe," he added.
Vulnerability
In Congress, the Republican chair of the House Judiciary Committee cited the breach on Wednesday at a congressional hearing about the government prosecuting hackers.
Representative Bob Goodlatte said the leaks of financial information was "just the beginning of the problem" when it comes to the vulnerability of US computer networks. Goodlatte said the US has billions of dollars at stake, as foreign hackers try to steal sensitive information from businesses.
"The truth is that all citizens are vulnerable to these kinds of cyber attacks," Goodlatte said.
A spokesperson for one of the largest US credit bureaus, Tim Klein of Equifax, said an initial investigation showed that hackers exploited a website designed to give consumers a free credit report. The hackers apparently used personal details about their victims to impersonate them and generate the credit reports.
Representatives for Experian, Equifax and TransUnion have all said they were co-operating with the US criminal investigation being conducted by the FBI and Secret Service.
In San Francisco, Cloudflare operates the directory computers, known as name servers, used behind the scenes to send visitors to the Russian website where the stolen credit reports were being published, according to internet registration records. Without that service, few internet users would be able to visit the Russian website or view the stolen credit reports.
A company spokesperson, Carol Carrubba, said that Cloudflare, which she described as a performance and security company, doesn't comment on its customers.
But Carrubba said: "Even if we delete a customer's account, the content remains in place, though the site may load more slowly."
Taunting messages
Internet directories on Wednesday continued to identify Cloudflare as directing traffic to the Russian website, although any technical changes could take hours or days to update across the internet.
The FBI in San Francisco declined to say whether investigators have contacted Cloudflare to review payments or communications that had been used to set up the service.
The website address uses an internet suffix originally assigned to the former Soviet Union, and many of the pages feature unflattering pictures of the person featured and taunting messages to them. A counter on the website indicated that it had received more than 450 000 views since its existence was revealed on Monday.
Social Security numbers, a form of US government identity, posted on Jay-Z, Mel Gibson and others matched records in public databases.
Social Security numbers are not public records, although they used to be included in some court filings. Many courts require the information be edited out of filings since the numbers can be used to steal a person's identity and open credit accounts in their name.
- AP
