Finland – Prolific Hacker Arrested & Sentenced

Uploaded on 2015-07-25 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

 

ryan.jpeg

“Ryan” from “Lizard Squad, who is believed to be Julius Kivimäki.

Julius Kivimaki, a 17-year-old from Finland, has been found guilty of 50.700 “instances of aggravated computer break-ins”, which affected Harvard University, MIT and a host of companies.
Given a two-year suspended prison sentence, his PC was confiscated and he was ordered to handover €6.588 worth of property obtained through his crimes.

Exploited vulnerabilities in software program

When he carried out his crimes throughout 2012 and 2013, Kivimaki exploited vulnerabilities in software called ColdFusion to hijack emails, block traffic to websites and steal credit card details.
He was able to install backdoors into tens of thousands of computers, which allowed him to retrieve information stored on them, adding malware to 1.400 servers. This led him to create a botnet, which he used to carry out denial-of-service (DoS) attacks on news websites like ZDNet and the chat tool Canternet.
Kivimaki was also accused of helping to steal seven gigabytes of data from the Massachusetts Institute of Technology, costing them $213.000 (€192.718).
He also used this method to access accounts belonging to MongoHQ, a Californian website database provider, which allowed him to search billing and payment card information belonging to its clients and subsequently steal credit card information.
To think that a teenager, 15 and 16 at the time, could so thoroughly compromise so many companies is worrying.

Are your systems child proof ?

This is not the first time young hackers (ethical and criminal) have been in the news. Seven-year-old Betsy Davies managed to hack a laptop via an open Wi-Fi network in just over ten minutes, having learned how to set up a rogue access point and eavesdrop on traffic in an online tutorial.
Marcus Dempsey, the ethical hacker who oversaw the demonstration, said: “The results of this experiment are worrying but not entirely surprising. I know just how easily a layman can gain access to a stranger’s device, and in an age where children are often more tech-literate than adults, hacking can literally be child’s play”.

Strengthen your cyber security practices

Businesses throughout Europe are being actively encouraged to strengthen their cyber security now and not wait until the GDPR is in place.
“Hackers won’t wait,” says founder and executive chairman of IT Governance Alan Calder. “If they see a vulnerability in your organisation, they will act on it. Businesses across Europe need to get their systems up to date with the most comprehensive information security management system standard in the world – ISO 27001.
“Implemented by thousands of businesses worldwide, the requirements found in this standard provide a holistic approach to information security, covering people, processes and technology.”
Organisations that have an ISO 27001-compliant information security management system (ISMS) will also have a solid framework for supporting adherence to the GDPR when it does come into effect.

ISO 27001 solutions

European organisations can now implement the Standard and achieve ISO 27001 certification for as little as €530 with our ISO 27001 packaged solutions, full of standards, books, toolkits, software, training and online consultancy.

IT Governanance: http://bit.ly/1IqQBdM

 

 

« Public-Private Partnerships in the Cyber Domain
Hacking Team's Malware Uses a UEFI Rootkit »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Renaissance

Renaissance

Renaissance is Ireland's premier value added distributor of IT security solutions and a leading independent provider of business continuity consultancy.

Ilex International

Ilex International

Ilex International is a European software vendor which specialises in Identity & Access Management solutions.

Governikus

Governikus

Governikus provides solutions for secure data transport, authentication, the use of electronic signatures and cryptography as well as for long-term storage.

SureVine

SureVine

Surevine builds secure, scalable collaboration solutions for the most security conscious organisations, enabling collaboration on their most sensitive information.

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) undertakes cyber security research and plays a leading role in securing Pakistan’s Cyberspace.

Korn Ferry

Korn Ferry

Korn Ferry is a global organizational consulting firm, synchronizing strategy and talent to drive superior performance for our clients in key areas including cybersecurity.

Wontok

Wontok

Wontok deliver innovative value-added data security services that fill the gaps left in traditional security solutions.

MorganFranklin Consulting

MorganFranklin Consulting

MorganFranklin Consulting is a management advisory firm that works with businesses and government to address complex and transformational technology and business objectives including cybersecurity.

Bugbank

Bugbank

Bugbank (aka Vulnerability Bank) is a leading SaaS platform for internet security services in China.

Cloud4C

Cloud4C

Cloud4C is a leading automation-driven, application focused cloud Managed Services Provider.

Dope Security

Dope Security

Dope Security is a fly-direct Secure Web Gateway that eliminates the data center stopover architecture required by legacy providers, instead performing security directly on the endpoint.

HLB Mann Judd (Fiji)

HLB Mann Judd (Fiji)

HLB Mann Judd (Fiji) (formerly known as HLB Crosbie & Associates) is a well-established firm of accountants and business advisers in Fiji.

Radiance Technologies

Radiance Technologies

Radiance solutions provide technological advantage and operational superiority for our nation in the areas of intelligence, cyber and advanced weapon systems.

VLC Solutions

VLC Solutions

VLC Solutions is an independent solutions and technology service provider offering Cloud Services, Cybersecurity, ERP Services, Network Management Services, and Compliance Solutions.

Globesecure Technologies

Globesecure Technologies

Globesecure Technologies is a networks and cyber security company. We are here to resolve business security challenges and secure the digital transformation journey of our clients.

Versent

Versent

Versent is an Australian-born technology company, focused on architecting, building & operating cloud native applications, data streams, platforms, and services.