LOLCats and PC viruses - Japan gets a lesson in cybersecurity

The national police reboot their anti-hacker tactics after months of public ridicule from what appears to be a rogue hacker

By Jay Alabaster, IDG News Service |  Government

The events that led up to the arrest started in June of last year, when messages of mass killings and public attacks began appearing in online postings. After authorities arrested and released the wrong suspects, the hacker, who police now say is Katayama, chided them through emails to the press, including one that led them to the memory card on the cat. The card contained a copy of a powerful program authorities believe Katayama created and employed, which allowed him to anonymously control remote computers and make the postings.

The national press have covered each new development in detail. Police have felt pressure and responded with uncharacteristic speed.

In December the NPA offered ¥3 million (US$32,000) for information about the individual behind the high jinks, its first-ever reward for a hacker. The agency's wanted posters, ever-present in Japanese train stations and post offices, usually feature a blurry image of a hooded figure, snipped from security camera footage, with a list of crimes and birthmarks. But the hacker poster was something new - its only picture is a pair of cartoon hands on a laptop, followed by a long block of text detailing technical skills including C# programming and the use of a "Syberian Post Office," a tool for making online postings anonymously.

Earlier this month, before the latest arrest, the NPA released an "emergency program" for battling cybercriminals, specifically mentioning its failures in the hacking case as motivation. New measures include police officials "joining hacking communities" and forming relationships with hackers to glean information, as well as figuring out how to peg criminals who use tools like Tor.

It is still unclear if police have their man in Katayama, though officials have said they possess irrefutable proof. He has steadfastly denied being the mastermind behind the cyberattacks, citing his lack of ability as proof.

"If you compare the skills of the 'actual criminal' and Katayama, it's obvious he is far more talented than Katayama. It is clear if you look at Katayama's abilities that he is not the criminal here," the suspect's lawyer told reporters.

The program used to take control of remote computers and post threats online, "iesys.exe," was custom-built in the C# programming language, and has been painstakingly analyzed by authorities. The Tokyo Metropolitan Police Department has taken the rare step of posting detailed descriptions of the software, including the classes and variables used in its source code.

"Detailed information about this virus has been made public with the intention of encouraging the public to provide further information about it," reads a special section of the department's Web page devoted to the virus.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Ask a Question
randomness