Crackdown on Security
of Defense Crackdown on Security
The security threat to computer systems, especially those of large
companies, corporations and government departments has been growing every year, which is why they spend increasing
amounts of money and resources every year to strengthen the security of their computer systems. They also stage
security crackdowns to catch perpetrators, such as Department of Defense crackdown earlier this year.
January 2006 security crackdown
The top commander of the department of Defense
network operations just ordered a crackdown on security. According to a recent article by NetworkWorld on January
16, 2006, Lt. General Charles Croom is quoted as saying, "The attacks are coming from everywhere and they’re
getting better." His talk was the keynote address at the Department of Defense Cyber Crime Conference held on
January 9 - 14, 2005 in Clearwater, Florida. The event is sponsored by the Defense Cyber Crime Center and the Joint
Task Force. Over 500 computer crime specialists from the FBI and the military attended the event.
The arrest of James Ancheta
The crackdown was related to a recent arrest
of a "Computer Virus Broker" named Jeanson James Ancheta. On further investigation, a Department of Justice press
release from Nov 3rd,
2005 offered the following information on this incident, "In the first prosecution of its kind in the nation, a
well-known member of the "botmaster underground" has been indicted on federal charges for profiting from the use of
"botnets" – armies of computers that are under the control of the botmaster and are used to launch destructive
attacks or to send huge quantities of spam across the Internet.
authorities have become more serious about cyber security and how to counteract new
Jeanson James Ancheta, 20, of Downey, California,
was arrested this morning by special agents with the Federal Bureau of Investigation. Ancheta was indicted
yesterday in two separate conspiracies, as well as substantive charges of attempting to cause damage to protected
computers, causing damage to computers used by the federal government in national defense, accessing protected
computers without authorization to commit fraud and money laundering."
James Ancheta's scheme
The press release goes on to describe more
details of this scheme that clearly show why the Deparment of Defense is so concerned (for more information go
"Ancheta had become an affiliate of several
different advertising service companies, and those companies paid him a commission based upon the number of
installations. To avoid detection by network administrators, security analysts and law enforcement, Ancheta
would vary the download times and rates of the adware installations. When companies hosting Ancheta’s adware
servers discovered the malicious activity, Ancheta redirected his botnet armies to a different server he
controlled to pick up adware. To generate the roughly $60,000 he received in advertising affiliate proceeds,
Ancheta caused the surreptitious installation of adware on approximately 400,000 compromised computers. Ancheta
used the advertising affiliate proceeds he earned to pay for, among other things, the multiple servers used to
conduct his schemes.
Ancheta used programs powerful enough to
cause the infection of computers at the Weapons Division of the United States Naval Air Warfare Center in China
Lake, as well as computers belonging to the Defense Information Systems Agency, a component of the United
States Department of Defense. Both networks are used exclusively by the federal government in furtherance of
national defense. After being arrested this morning at the FBI Field Office in Los Angeles, Ancheta was
transported to United States District Court in Los Angeles. It is unclear if he will make his initial court
appearance this afternoon or tomorrow. Ancheta is charged with two counts of conspiracy, two counts of
attempted transmission of code to a protected computer, two counts of transmission of code to a government
computer, five counts of accessing a protected computer to commit fraud and five counts of money laundering.
Count 17 of the indictment seeks the forfeiture of more than $60,000 in cash, a BMW automobile and computer
equipment that the indictment alleges are the proceeds and instrumentalities of Ancheta’s illegal
Some recent security news
Ancheta pleaded guilty to charges of conspiring
to violate anti-spam and computer misuse laws, and fraud and will serve from 4-6 years in prison, under the plea
agreement - plus heavy fines.
In their fight against cyber crime authorities will often use some of the very
spyware programs that they're fighting against. One of those is keylogger, as explained in the next