Finland – Prolific Hacker Arrested & Sentenced

Uploaded on 2015-07-25 in TECHNOLOGY--Hackers, NEWS-News Analysis, FREE TO VIEW

 

ryan.jpeg

“Ryan” from “Lizard Squad, who is believed to be Julius Kivimäki.

Julius Kivimaki, a 17-year-old from Finland, has been found guilty of 50.700 “instances of aggravated computer break-ins”, which affected Harvard University, MIT and a host of companies.
Given a two-year suspended prison sentence, his PC was confiscated and he was ordered to handover €6.588 worth of property obtained through his crimes.

Exploited vulnerabilities in software program

When he carried out his crimes throughout 2012 and 2013, Kivimaki exploited vulnerabilities in software called ColdFusion to hijack emails, block traffic to websites and steal credit card details.
He was able to install backdoors into tens of thousands of computers, which allowed him to retrieve information stored on them, adding malware to 1.400 servers. This led him to create a botnet, which he used to carry out denial-of-service (DoS) attacks on news websites like ZDNet and the chat tool Canternet.
Kivimaki was also accused of helping to steal seven gigabytes of data from the Massachusetts Institute of Technology, costing them $213.000 (€192.718).
He also used this method to access accounts belonging to MongoHQ, a Californian website database provider, which allowed him to search billing and payment card information belonging to its clients and subsequently steal credit card information.
To think that a teenager, 15 and 16 at the time, could so thoroughly compromise so many companies is worrying.

Are your systems child proof ?

This is not the first time young hackers (ethical and criminal) have been in the news. Seven-year-old Betsy Davies managed to hack a laptop via an open Wi-Fi network in just over ten minutes, having learned how to set up a rogue access point and eavesdrop on traffic in an online tutorial.
Marcus Dempsey, the ethical hacker who oversaw the demonstration, said: “The results of this experiment are worrying but not entirely surprising. I know just how easily a layman can gain access to a stranger’s device, and in an age where children are often more tech-literate than adults, hacking can literally be child’s play”.

Strengthen your cyber security practices

Businesses throughout Europe are being actively encouraged to strengthen their cyber security now and not wait until the GDPR is in place.
“Hackers won’t wait,” says founder and executive chairman of IT Governance Alan Calder. “If they see a vulnerability in your organisation, they will act on it. Businesses across Europe need to get their systems up to date with the most comprehensive information security management system standard in the world – ISO 27001.
“Implemented by thousands of businesses worldwide, the requirements found in this standard provide a holistic approach to information security, covering people, processes and technology.”
Organisations that have an ISO 27001-compliant information security management system (ISMS) will also have a solid framework for supporting adherence to the GDPR when it does come into effect.

ISO 27001 solutions

European organisations can now implement the Standard and achieve ISO 27001 certification for as little as €530 with our ISO 27001 packaged solutions, full of standards, books, toolkits, software, training and online consultancy.

IT Governanance: http://bit.ly/1IqQBdM

 

 

« Public-Private Partnerships in the Cyber Domain
Hacking Team's Malware Uses a UEFI Rootkit »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Synovum

Synovum

Synovum was formed with the intention to provide high quality advice, consultancy, training and project management services to clients in all sectors of industry.

Kore Telematics

Kore Telematics

Kore is a leading managed service provider for IoT and M2M applications.

JPCERT/CC

JPCERT/CC

JPCERT/CC is the first Computer Security Incident Response Team (CSIRT) established in Japan.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

The Security Awareness Company (SAC)

The Security Awareness Company (SAC)

The Security Awareness Company provides cyber security awareness training programs for companies of all sizes.

Avatao

Avatao

Avatao is an online training platform for building secure software, offering a rich library of hands-on IT security exercises for software engineers to teach secure programming.

Omada

Omada

Omada is a leading provider of IT security solutions and services for identity management and access governance.

Italtel

Italtel

Italtel is a multinational ICT company that combines networks and communications services with the ability to innovate and develop solutions for digital transformation.

ValidSoft

ValidSoft

ValidSoft is a security software company, providing telecommunications-based multi-factor authentication, identity and transaction verification technology.

Prove Identity

Prove Identity

Prove (formerly Payfone) is a leader in mobile & digital identity authentication for the connected world.

Netsurion

Netsurion

Netsurion powers secure and agile networks for highly distributed and small-to-medium enterprises and the IT providers that serve them.

Telsy

Telsy

Telsy is a security partner for ICT solutions and services. We help you implement effective security solutions that increase your risk mitigation ability and your responsiveness.

NSR

NSR

NSR provide trusted solutions that deliver positive business outcomes for our clients in cybersecurity and data protection challenges.

Almond

Almond

Almond is positioned as a key independent French player in audit and consulting in the fields of Cybersecurity, Cloud and Infrastructure.

FortKnoxster

FortKnoxster

FortKnoxster is a cybersecurity company within the Crypto & FinTech space. Our encryption technologies are blockchain integrated.

Applied Insight

Applied Insight

Applied Insight work closely with government agencies and industry to overcome technical and cultural hurdles to innovation, empowering them with the latest cloud, data and cyber capabilities.