HostingCon 2016: The Silk Road Takedown, and Why Hosts Should Know their Local FBI Agent

Remember the basics when it comes to security, and take your local law enforcement out for lunch. These are two strategies that will help service providers’ deal with the increasing security risks and immediate threats to their businesses, according to industry experts who spoke at HostingCon this week.

It is critical to get to know your local law enforcement before there is an issue and they show up at your data center with a search warrant. Doing so can help them understand your business better, and what your policies are, Jane Shih, assistant general counsel, Endurance International Group said in a panel on Tuesday.

“The best way to not have FBI come in and take a whole rack of servers is education,” David Snead, general counsel of cPanel said in agreement.

Jay Sudowski, CEO of Handy Networks, says that providing education for staff is also important so that in the event that FBI does come knocking, they are prepared for what to do.

So who are these FBI agents and what are they like? The HostingCon audience got a peek behind the curtains of what FBI sees in capturing some of the world’s most wanted cyber targets – including hackers behind LulzSec and Anonymous. Chris Tarbell, former FBI agent involved in the Silk Road bust, spoke on Tuesday on his career in the FBI where he started in computer evidence and international terrorism before becoming involved in cybercrime.

These early career stints were imperative in learning where the evidence is stored on a computer and how to find things, as well as the importance of log information, he says.

In 2010, Anonymous started to be on the FBI’s radar more after its Operation Payback, where the hacking group launched massive DDoS attacks against payment providers like Visa, PayPal and MasterCard after they cut off support to WikiLeaks.

Around the same time, HBGary Federal sought to deanonymize the hacking group, only for Anonymous to hack CEO Aaron Barr’s email and within 20 minutes, shut down his entire online life, Tarbel says. Shortly after that Barr was forced to resign, in one of many examples of the true cost of cybercrime.

In 2011, another hacking group, called LulzSec, started to make headlines for its attacks on targets such as Sony, Fox, and the CIA.

Tarbell descibes getting a tip from another hacker – a kid in New Jersey who said he knew Hector Xavier Monsegur aka Sabu, the leader of LulzSec. He only knew that he lived in New York but that was enough for the FBI.

“We dug through all the logs, we found one IP address that was in New York: it was Hector,” he says.

Once they were able to track him down in his apartment, Sabu spent two hours trying to convince the FBI that he didn’t know anything about computers. He eventually agreed to become an informant for the FBI to teach them all about how groups like LulzSec hack.

With Sabu’s help, the FBI was able to arrest Jeremy Hammond, one of the FBI’s most-wanted cybercriminals, who used TOR to protect his identity, and the arrest of Silk Road founder Ross Ulbricht aka Dread Pirate Roberts in 2013. Silk Road was a $1.2 billion website that operated on TOR, used bitcoins so money couldn’t be traced. The online marketplace offered hacking services, murders for hire and drugs. Ulbricht is currently serving a life sentence with no chance of parole.

So what advice does Tarbell have for hosting providers when it comes to security? Bring it back to the basics. The number of hacks that happen because users use the same password across multiple sites is staggering. Doing simple tweaks can help prevent an organization or hosting end-user from being a hacker’s next target.

Source: TheWHIR