This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.bbc.co.uk/news/technology-34002053
The article has changed 3 times. There is an RSS feed of changes available.
| Version 0 | Version 1 |
|---|---|
| Ashley Madison: Who are the hackers behind the attack? | Ashley Madison: Who are the hackers behind the attack? |
| (about 2 hours later) | |
| A lot of data has been released about Ashley Madison but some facts of the breach of the dating website's database remain stubbornly elusive, not least who are the hackers behind the attack? | A lot of data has been released about Ashley Madison but some facts of the breach of the dating website's database remain stubbornly elusive, not least who are the hackers behind the attack? |
| They call themselves the Impact Team and seem to have formed solely to carry out the attack on the infidelity website. There is no evidence of the group stealing data elsewhere before it announced itself with the Ashley Madison attack on 15 July. | They call themselves the Impact Team and seem to have formed solely to carry out the attack on the infidelity website. There is no evidence of the group stealing data elsewhere before it announced itself with the Ashley Madison attack on 15 July. |
| Comments made by Noel Biderman, chief executive of Avid Life Media, which owns Ashley Madison, soon after the hack became public suggested it knew the identity of at least one of the people involved. | Comments made by Noel Biderman, chief executive of Avid Life Media, which owns Ashley Madison, soon after the hack became public suggested it knew the identity of at least one of the people involved. |
| "It was definitely a person here that was not an employee but certainly had touched our technical services," he told security blogger Brian Krebs. | "It was definitely a person here that was not an employee but certainly had touched our technical services," he told security blogger Brian Krebs. |
| Stronger skill set | Stronger skill set |
| Since then, little new information has been made public about the hack, leading some to assume that the information Avid had about a suspect would soon lead to an arrest. | Since then, little new information has been made public about the hack, leading some to assume that the information Avid had about a suspect would soon lead to an arrest. |
| But it did not, and now gigabytes of information have been released and no-one is any the wiser about who the hackers are, where they are located and why they attacked the site. | But it did not, and now gigabytes of information have been released and no-one is any the wiser about who the hackers are, where they are located and why they attacked the site. |
| The group is technically pretty competent, according to independent security researcher The Grugq, who asked to remain anonymous. | The group is technically pretty competent, according to independent security researcher The Grugq, who asked to remain anonymous. |
| "Ashley Madison seems to have been better protected than some of the other places that have been hit recently, so maybe the crew had a stronger skill set than normal," he told the BBC. | "Ashley Madison seems to have been better protected than some of the other places that have been hit recently, so maybe the crew had a stronger skill set than normal," he told the BBC. |
| They have also shown that they are adept when it comes to sharing what they stole, said forensic security specialist Erik Cabetas in a detailed analysis of the data. | They have also shown that they are adept when it comes to sharing what they stole, said forensic security specialist Erik Cabetas in a detailed analysis of the data. |
| The data was leaked first via the Tor network because it is good at obscuring the location and identity of anyone using it. However, Mr Cabetas said the group had taken extra steps to ensure their dark web identities were not matched with their real-life identities. | The data was leaked first via the Tor network because it is good at obscuring the location and identity of anyone using it. However, Mr Cabetas said the group had taken extra steps to ensure their dark web identities were not matched with their real-life identities. |
| The Impact Team dumped the data via a server that only gave out basic web and text data - leaving little forensic information to go on. In addition, the data files seem to have been pruned of extraneous information that could give a clue about who took them and how the hack was carried out. | The Impact Team dumped the data via a server that only gave out basic web and text data - leaving little forensic information to go on. In addition, the data files seem to have been pruned of extraneous information that could give a clue about who took them and how the hack was carried out. |
| Identifiable clues | Identifiable clues |
| The only potential lead that any investigator has is in the unique encryption key used to digitally sign the dumped files. Mr Cabetas said this was being employed to confirm the files were authentic and not fakes. But he said it could also be used to identify someone if they were ever caught. | The only potential lead that any investigator has is in the unique encryption key used to digitally sign the dumped files. Mr Cabetas said this was being employed to confirm the files were authentic and not fakes. But he said it could also be used to identify someone if they were ever caught. |
| But he warned that using Tor was not foolproof. High-profile hackers Ross Ulbricht, of Silk Road, and Hector Monsegur, of Anonymous, were both caught because they inadvertently left identifiable information on Tor sites. | But he warned that using Tor was not foolproof. High-profile hackers Ross Ulbricht, of Silk Road, and Hector Monsegur, of Anonymous, were both caught because they inadvertently left identifiable information on Tor sites. |
| The Grugq has also warned about the dangers of neglecting operational security (known as opsec) and how extreme vigilance was needed to ensure no incriminating traces were left behind. | The Grugq has also warned about the dangers of neglecting operational security (known as opsec) and how extreme vigilance was needed to ensure no incriminating traces were left behind. |
| "Most opsec mistakes that hackers make are made early in their career," he said. "If they keep at it without changing their identifiers and handles (something that is harder for cybercriminals who need to maintain their reputation), then finding their mistakes is usually a matter of finding their earliest errors." | "Most opsec mistakes that hackers make are made early in their career," he said. "If they keep at it without changing their identifiers and handles (something that is harder for cybercriminals who need to maintain their reputation), then finding their mistakes is usually a matter of finding their earliest errors." |
| "I suspect they have a good chance of getting away because they haven't linked to any other identifiers. They've used Tor, and they've kept themselves pretty clean," he said. "There doesn't seem to be anything in their dumps or in their missives that would expose them." | "I suspect they have a good chance of getting away because they haven't linked to any other identifiers. They've used Tor, and they've kept themselves pretty clean," he said. "There doesn't seem to be anything in their dumps or in their missives that would expose them." |
| The Grugq said it would need forensic data recovered from Ashley Madison around the time of the attack to track them down. But he said that if the attackers were skilled they might not have left much behind. | |
| "If they go dark and never do anything again (related to the identities used for AM) then they will likely never be caught," he said. | "If they go dark and never do anything again (related to the identities used for AM) then they will likely never be caught," he said. |
| Mr Cabetas agreed and said they would probably be unearthed only if they spilled information to someone outside the group. | Mr Cabetas agreed and said they would probably be unearthed only if they spilled information to someone outside the group. |
| "Nobody keeps something like this a secret. If the attackers tell anybody, they're likely going to get caught," he wrote. | "Nobody keeps something like this a secret. If the attackers tell anybody, they're likely going to get caught," he wrote. |