[AusNOG] Fwd: LulzSec Leader Arrested in Sydney - One of our own

Radek Tkaczyk radek at tkaczyk.id.au
Thu Apr 25 20:38:00 EST 2013 

>> I'm also wondering why the AFP was actually involved.

Hacking and computer crime falls under commonwealth legislation and therefore must be investigated by the AFP. AFP investigate crimes against the commonwealth, so therefore it is their jurisdiction.
(or so says my wife who is a prosecutor for the Commonwealth DPP)

Regards,

Radek

From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Skeeve Stevens
Sent: Thursday, 25 April 2013 5:51 PM
To: Damian Guppy
Cc: <ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Fwd: LulzSec Leader Arrested in Sydney - One of our own

To be frank.  I actually respect the AFP, and they seem to have some decent people these days... but, the guys doing the press-conference interview were not among them.

But then again, considering the low level of knowledge amongst the reporters, maybe they were well matched.

The constant over-exaggeration of just how damaging a website hack could be was hopeless.

I like how they point out that it was a widely known exploit, yet make no comment about the GOVERNMENT DEPARTMENTS inability to defend itself.

I'm also wondering why the AFP was actually involved.  They said it wasn't a Federal government website... so I assume that means it was a state government website, which bring the question - why were the NSW Police Fraud Team (who look after computer crime) involved in this.

Or was this the AFP trying to use the publicity to generate more funding? Or trying to develop precedence strength for the computer crimes laws.

The truth is that current policing has very little idea what is going on in this space, and generally have a classical policing view of things.  They are also seriously under-skilled as most people they get who become good end up in private practice earning a lot more... similar to the retention of quality military personnel.








...Skeeve

Skeeve Stevens - eintellego Networks Pty Ltd
skeeve at eintellegonetworks.com<mailto:skeeve at eintellegonetworks.com> ; www.eintellegonetworks.com<http://www.eintellegonetworks.com/>

Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve

facebook.com/eintellegonetworks<http://facebook.com/eintellegonetworks> ; linkedin.com/in/skeeve<http://linkedin.com/in/skeeve>

twitter.com/networkceoau<http://twitter.com/networkceoau> ; blog: www.network-ceo.net<http://www.network-ceo.net/>

[http://eintellegonetworks.com/logos/ein09.png]

The Experts Who The Experts Call
Juniper - Cisco - Cloud

On Thu, Apr 25, 2013 at 5:09 PM, Damian Guppy <the.damo at gmail.com<mailto:the.damo at gmail.com>> wrote:
What is most interesting about all this is how little the AFP's supposed profile of 'aush0k' actually matches up with the truth(which is easily verifiable). Either the AFP is grossly incompetent at dealing with these sort of crimes, or they are intentionally missleading the public.

--Damian

On Thu, Apr 25, 2013 at 1:50 PM, Skeeve Stevens <skeeve+ausnog at eintellegonetworks.com<mailto:skeeve+ausnog at eintellegonetworks.com>> wrote:
+1 (except spelling ;-)


...Skeeve

Skeeve Stevens - eintellego Networks Pty Ltd
skeeve at eintellegonetworks.com<mailto:skeeve at eintellegonetworks.com> ; www.eintellegonetworks.com<http://www.eintellegonetworks.com/>

Phone: 1300 239 038<tel:1300%20239%20038>; Cell +61 (0)414 753 383<tel:%2B61%20%280%29414%20753%20383> ; skype://skeeve

facebook.com/eintellegonetworks<http://facebook.com/eintellegonetworks> ; linkedin.com/in/skeeve<http://linkedin.com/in/skeeve>

twitter.com/networkceoau<http://twitter.com/networkceoau> ; blog: www.network-ceo.net<http://www.network-ceo.net/>

The Experts Who The Experts Call
Juniper - Cisco - Cloud

On Thu, Apr 25, 2013 at 3:47 PM, Matt Perkins <matt at spectrum.com.au<mailto:matt at spectrum.com.au>> wrote:
I feel bad about this whole mess. Firstly there is a young guy who like some of us here may have had an ego and done something stupid when they were young. The consequences for this bloke are likely Jail. A place that likely does not fit well with a young geek + all the pitfalls and hurdles he will face appon release etc.

Secondly you need to feel sorry for the people he worked with and the people his "hack's" effected. Some of these people. It didn't just ruin there day.  It may have lost them a job. An opportunity or even a business. Stuff that may also effect there life for a long time, Insurance premiums (PI) loss of good will etc.  For all of those that say well spend more time on security and you will be safe. Well. Good luck to you. I hope you never get pushed on a dead line or just cock up.

Who I dont feel sorry for are the guys that never get cought. That are not doing this for a laugh or a joke or to big note themselves.  They are the ones makeing millions off toll fraud & cc fraud and costing our sector millions more each day. These guys are the real guys that the AFP should go after.  But they are in the too hard basket.

My thoughts are with the alleged hacker and his victim's today. There are no winners here.

Matt.



(to use a  On 25/04/13 2:05 PM, Tim March wrote: T

He worked for Content Security who were apparently contracted to provide support on behalf of Tenable, see links...

    http://www.scmagazine.com.au/News/340988,sydneys-lulzsec-hacker-named.aspx?utm_source=feed&utm_medium=rss&utm_campaign=SC+Magazine+All+Articles+feed

    http://www.tenable.com/blog/our-company-our-mission-bringing-cybercriminals-to-justice

Not sure where the whole LulzSec thing came from - the group has been largely disbanded since Sabu got nailed and assisted the FBI taking down other key players.

aush0k (Flannery) is reasonably well known in local troll/skiddy circlies and the knowledge I have is that the LulzSec association thing is crap. Someone sent me these links, which were posted a couple of weeks before the arrest...

    http://pastebin.com/buqMxcvs

    http://pastebin.com/BJTPFhHA

I'm currently working on the theory that he got doxed by someone he'd pissed off and they reported him to AFP.

2c.




T.

On 25/04/13 11:27 AM, Narelle wrote:

On Apr 25, 2013 7:11 AM, "James Hodgkinson" <yaleman at ricetek.net<mailto:yaleman at ricetek.net>
<mailto:yaleman at ricetek.net<mailto:yaleman at ricetek.net>>> wrote:
 >
 > That, and the guy worked as a support staffer for Nessus... which
means he'd likely be running scans on these systems day by day.

Not according to his ex-employer:

"He was a low-level support tech who was on a three-month probation,"
Wurth said. "He had no access to any type of customer data apart from
support tickets. That will be cleared up with the AFP."

From:

IT security firm names Sydney's 'LulzSec' itNews
http://www.itnews.com.au/News/340983,it-security-firm-names-sydneys-lulzsec-hacker.aspx

Cheers

Narelle



_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog


_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130425/9c3db97d/attachment.html>

More information about the AusNOG mailing list