Monday, March 4, 2013

Abney Associates: Public schoolboy hacker who masterminded £15m fraud is put in jail's IT class/BLOGGER

Abney Associates
Nicholas Webber, 21, was jailed for five years for running a criminal website He started his criminal career at £24,000-a-year Bradfield College Prison IT Teacher Michael Fox was made redundant after the incident Fox protests he had no idea Webber was a hacker One of Britain’s most notorious cyber criminals hacked into a prison computer system from inside jail – after he was allowed to join  an IT class.
Nicholas Webber, 21, jailed for five years in 2011 for masterminding a multi-million-pound internet crime site, triggered the security scare during a lesson. It is understood his actions caused ‘major panic’ but it is not clear what, if anything, he managed to access. The prison, HMP Isis in South London, blamed his teacher, Michael Fox, who was employed by Kensington and Chelsea  College. He was banned from the prison but the college cleared him of committing any security breaches at a disciplinary hearing last March. However, he was made redundant when no alternative work could be found for him. More... Pictured with piles of cash: The public schoolboy jailed for five years for masterminding £18m internet scam Computer hacker, 21, jailed for masterminding £27 MILLION fraud in his bedroom taking credit card details from unsuspecting  internet users On Friday, Mr Fox, from Bromley, Kent, began a claim for unfair dismissal, arguing that it wasn’t his decision to put Webber, the son of a former member of Guernsey’s parliament, in his class. He says he had no idea he was a hacker.
At a hearing at Croydon Employment Tribunal, Mr Fox accused the college of not doing enough  to find him another job. ‘The perceived problem was there was a tutor who had been excluded by the prison and charged with allowing a hacking expert to hack into the prison’s mainframe,’ he said. In a statement, the college’s business development director, Shanie Jamieson, said: ‘He [Mr Fox] did not feel he had done anything wrong as the student concerned was in his view a convicted computer hacker and should not have been allowed in his classroom.’Mr Fox’s tribunal hearing was adjourned until April.
A Prison Service spokesman confirmed Webber was involved in the incident but declined to answer questions about it. He said: ‘At the time of this incident in 2011 the educational computer system at HMP Isis was a closed network. No access to personal information or wider access to the internet or other prison systems would have been possible.’The incident happened a year after the opening of the £110 million prison, which houses 18 to  24-year-olds. It has been beset by a series of technological problems caused by breakdowns in its cutting-edge biometric roll-call system where inmates have to leave an electronic thumbprint whenever they move from one part of the jail to another. Webber was only 17 when he created an internet forum for computer hackers with the potential to fleece up to £15 million from individuals and firms.
He was arrested for using fraudulent credit card details to pay for a penthouse suite at the Hilton Hotel in Park Lane, Central London. A court was told he set up GhostMarket after leaving £24,000-a-year Bradfield College, Berkshire, where he got into trouble for deleting friends’ detention records from the school computer. GhostMarket – dubbed a global ‘crimebook’ with 8,000 members worldwide – gave tips on how to create computer viruses, harvest credit card data and use it to pay for goods on eBay, as well as offering to sell details of 100,000 stolen credit cards. Police have documented £473,000 losses from 3,500 of the cards, but estimate they could have been used to steal £15 million. Webber, of Southsea, Hampshire, who once boasted online that he was ‘probably the most wanted cyber criminal just now’, also used stolen details to buy computers, video games, iPhones and iPods worth £40,000, and to pay for stays in luxury hotels.
Abney Associates


  1. Good article. I think I may be a little to late to vote though.

  2. Woah!
    I was surprise by this news.Only 21 of age, and yet now a website criminal?OMG.

    He already knows how to hacked in that age,what more he can do in the following years to come?

  3. I have read this same topic last last day.But this one delivers more cleared and vivid definitions.That's why only now,and this time,yet I understood the whole plot of that little hacker news.

  4. The stock scam wasn't emblematic of greed in the Financial District. These guys were just shrewd crooks working out of Long Island.

    The swindler known as the "Wolf of Wall Street" taught me how to pull off his boiler-room fraud, down to the smallest details. Movie director Martin Scorsese's lurid version of the tale now showing in multiplexes doesn't capture how the scams really worked.

    In early 2000, Jordan Belfort and Danny Porush (renamed Donnie Azoff in the movie) were under house arrest. Faced with overwhelming evidence, they had cut deals with the government to reduce their jail sentences by ratting on their friends. One such friend was Steve Madden, the shoe designer who had played a supporting role in many of their crimes. I was the Securities and Exchange Commission enforcement attorney assigned to put together the SEC's case against Madden.

  5. Pundits who claim that 2013 was a bad year for technology are wrong to focus on the shiny stuff

    Writing in Quartz, an admirable sister publication of the Atlantic magazine, the other day, the experienced technology watcher Christopher Mims struck a gloomy note. Under the headline "2013 was a lost year for tech", he lamented that "all in, 2013 was an embarrassment for the entire tech industry and the engine that powers it – Silicon Valley. Innovation was replaced by financial engineering, mergers and acquisitions, and evasion of regulations. Not a single breakthrough product was unveiled."

  6. For the tech industry, 2014 will mean out with the old and in with the new.

    The shifting technology landscape, which is favoring cloud computing and Big Data analytics, has fostered a new set of influential tech companies and forced old-guard tech giants to rethink their businesses.
    The big trends of 2014 will build on the paradigm-changing technologies of recent years, including cloud, mobile and social.

  7. And Pretty Soon You Have Some Real… What?
    I planned to spend the month of January clearing out files and getting old interests off of my computer to make room for new ones rather than doing any writing but a telephone call from a person well informed about banking, bank regulations, the American legal system, and many other things (including USA, Inc.), and it changed my plans. He called and asked a simple question: “What’s your opinion of Bitcoin?” I’ve had many other friends ask… and have avoided an answer – until now.

  8. There's very little to argue with here, but other than the World Cup, Microsoft's top security predictions for 2014 could easily be a list for 2013 or even 2015. Usually lists like Microsoft's 2014 top security predictions make me painfully aware of how little progress the security industry makes as time rolls on, said security expert Ken Pickering.

    In a blog post entitled, “Top Cyber Threat Prediction for 2014,” Redmond’s Tim Rains, a director of Trustworthy Computing, offered a glimpse into the future as his company sees it -- with a little help from his companions.

  9. It's no secret that 2013 wasn't a great year for Internet privacy.

    Users had their information stolen en masse from private databases, including a security breach in November that reportedly resulted in 42 million unencrypted passwords being stolen from Australian-based Cupid Media, which was followed by a massive hack of Target credit and debit card information.

  10. Kashmir Hill reported here at the end of October, to taking their case to President Obama and members of Congress directly in anopen letter published today. At risk is the public’s trust in the internet itself and all of the economic and cultural benefits it contains.

    The letter, signed by AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter and Yahoo, urges the U.S. to “take the lead and make reforms that ensure that government surveillance efforts are clearly restricted by law, proportionate to the risks, transparent and subject to independent oversight.” Microsoft’s general counsel, Brad Smith, released a statement asserting that, “People won’t use technology they don’t trust. Governments have put this trust at risk, and governments need to help restore it.”

  11. A NEW team is being set up to crackdown on cyber crime in Gloucestershire, including harassment on social media sites, hacking and internet fraud.

    Gloucestershire Police will be identifying and training a specialist network of its officers to combat the growing number of offences committed on the internet in the county.

    New figures reveal there were hundreds of internet fraud and other online offences against victims in Gloucestershire in the last ten months.

    The statistics show 89 people or businesses fell prey to hackers and 240 people were targeted by fraudsters on internet auction sites between April and December last year.

    IN addition, the number of people making reports of offences in which social media sites were mentioned, which typically include allegations of harassment, increased from 55 in 2010 to 2011 to 78 in 2012 to 2013.

    Between April and December in 2013, there were 75 offences involving computer software such as malware and viruses, 100 offences of computer software service fraud and 12 dating scam offences and seven lottery scams.

    Detective chief superintendent Bernie Kinsella said cybercrime was right at the top of the force’s agenda because of the increased number of offences and the impact it was having on society.

    “You just have to look at the number of people affected right here in Gloucestershire to realise how big a concern this is,” he said.

    "These cases could cover malicious communications via Twitter and Facebook and internet trolling, for example.

    “The law is complex and we're determined all officers are trained to understand and implement it consistently.

    "It's vital we do more to clamp down on these crimes and send a clear message out to those abusing others via the internet that we won't stand for it."

    The new team will be partly funded by the increase in the police’s council tax precept and officers are being identified to train and specialise in overseeing investigations.

    Part of the new team’s role will also include working with agencies such as the Child Exploitation and Online Protection Centre to bring down online criminal gangs, such as those carrying out sexual abuse and internet fraud.

  12. NEW DELHI, India ­— It’s a simple equation: India has millions of tech geeks who would love to work in the US.

    But they need visas.

    And the US issues just 65,000 of these per year, under its so-called H-1B program for high-skilled workers.

    For freelance techies, the temptation is overwhelming.

    And that, naturally, has opened up a world of opportunity for fraudsters.

    Hundreds of small companies in India and the US claim to be able to arrange an H-1B visa — for the right price. Some Indians hand over money and never see the broker again — a scam similar to the loan brokerage racket featured in the movie “American Hustle.”

    True, most H1-B visas go to Indians, but the majority of these are snapped up by big outsourcing firms like Cognizant, Tata Consultancy Services and Infosys.

    That only serves to amp up the desperation felt by freelance techies.

    Some are lucky enough to get a visa — only to find that the promised job in the US doesn’t materialize. Then the visa holders are forced to return to India after spending thousands of dollars just surviving.

    No official figures are available for the number of frauds in India, but an unclassified document released by Wikileaks showed that in 2009, US consular officials cited H-1B scams as one of the two most common fraud categories in India.

    Jaspal Singh, a Delhi-based software professional, told GlobalPost that in 2010 he fell victim to a New York-based company called IT Holdings Inc.

    “They took $2,500 from me for visa filing, but they did not file anything,” he said. “After few months they refunded $500.”

    Singh was not the only victim. Nitin Mohan, also from Delhi, lost $1,000 to IT Holdings Inc in Jun 2010, he told GlobalPost. After months spent trying to persuade them to refund his money, he eventually posted a thread on Trackitt, an immigration site. Four other people came forward with similar stories.

    Although Mohan tried to file a criminal complaint, attempts to contact the New York Police Department from India proved fruitless. He has written off his loss. The IT Holdings Inc website is defunct and a phone number listed as its main contact point is not in service.

    “They just disappeared,” Mr Mohan said. “They could be out there acting as a different company and nobody would know.”

    Techies use internet forums such as and on to post reviews of working conditions at some of the thousands of IT companies around the world.

    Another victim claims to have lost $3,400 to a company that promised to file an H-1B application but vanished instead. Others say they are promised free or cheap training when they arrive in the US, but this was either substandard or never materialize.

  13. Big data is proving a powerful tool in companies’ never-ending struggle to keep data and networks secure.

    Big data, or more specifically data analytics, allows vast amounts of information from disparate sources and often in different formats to be analysed for patterns and anomalies.

    Gartner predicts that, by 2016, 25 per cent of large global companies will have adopted big data analytics for cyber security or fraud detection, up from 8 per cent today.

    Avivah Litan, vice-president and distinguished analyst at Gartner, said enterprises could achieve significant savings in time and money by using big data analytics to stop crime and security infractions. They should achieve a positive return on investment within the first six months of implementation, which she said was too big to ignore.

    From helping pinpoint phishing attempts to screening out scam calls to financial institutions, big data is proving its worth.

    Mathew Benwell, senior information security specialist, IT risk management, at the University of Adelaide, said the university turned to general data analytics tool Splunk when an external security audit revealed problems in dealing with phishing attacks.
    ‘‘Like many organisations, the threat of phishing attacks pose a growing problem,’’ he said. ‘‘These attacks could result in compromised accounts, which at times can have a big impact.’’

    Mr Benwell said the university had tried a number of traditional security and event management products but had adopted Splunk for its do-it-yourself simplicity.

    He said further security applications had emerged since. ‘‘Our use cases are expanding across more IT teams. It is very much about using the electronic log data to try and build useful security analytic.

    A quite different example of how data analytics tools can aid in security comes from Verint.

    Mark Lazar, Verint’s global vice president for identity and fraud solutions, said the company's Impact 360 product uses passive voice biometrics to help call centre operators combat persistent attacks from fraudsters who talk their way past caller verification checks to gain access to bank accounts. From a recording of a caller’s voice the system is able to identify that person on subsequent calls.

    Data analytics make this information even more powerful.

    “We can take a fraudster’s voice and track it across time and across accounts and see what they are doing to attack a call centre and from that we can develop patterns of how they do their calling: what is the frequency of the calls, what is the order in which they do certain kind of transactions. Those patterns are very different from the patterns that genuine customers use when they're calling.”

    Gartner's Litan said the real security benefits of big data are yet to emerge. “Big data analytics is ahead of most organisations' abilities to successfully adopt them, and most vendors have barely begun to prove their software's effectiveness, so it's still early days for this market,” she said.

    She urged organisations to start small, but think big and develop a road map that encompasses multiple applications.

    “The return on investment on big data analytics is typically too big to ignore.”