Some further thoughts…… by way of a blog / "open letter" to ICTTF attackers
Firstly, let’s get some context on this. The ICTTF International Cyber Threat Task Force is a not for profit organisation formed as a “Cyber Security Community”. The general purpose is to promote and assist with the fight against cyber threats. That is cyber criminality, cyber warfare and cyber scum (paedophiles, stalkers, etc)
We do this by providing a facility to share information, ideas and transfer knowledge in various media formats to deal with these threats i.e. our website www.icttf.org We do this with no political or national affiliation and do not even align ourselves with any sponsors on the site.
Our site has been hugely successful and positively received around the globe. With up to 30,000 visitors a day and over 1,000 members around the world we are going from strength to strength.
Since we launched the cyber security community site, we have like any other online enterprise had to deal with the issues of scaling and developing according to users demands. We have to cater for “interest peaks” along with attacks from cyber criminal gangs, all this on a modest budget.
At all times the positive comments and feedback we received form members was incentive enough to keep going. The late nights with site upgrades or thwarting attacks is worth it.
Success always attracts detractors and with the upcoming ICTTF Cyber Threat Summit on July 5th at the Dublin Convention Centre we prepared for some more attacks and “interest peaks”.
Recently, we have received much more sustained attacks using a number of different vectors, these attacks have caused us to walk in the shoes of clients we normally advise.
What a horrible feeling! Someone out there wants to take you down. Who? Why? Is it an attack? Could we have done more to prevent it? Was it something we said? Believe me when you are under such a sustained attack it can make any organisation feel impotent.
Fortunately the ICTTF have the skills to deal with much of this in house. In some cases it has been a matter of adding another layer of bricks on the wall, on another level it’s about making sure you know who has placed their ladder against your wall and why have they gone to so much trouble to get such a big ladder. Mmmm what is their motive?
So recently we received a number of emails purporting to be from Lulzsec threatening to take down the site. Yaaaaawwwwwwwwwn!
DDoS and LOIC attacks and such like are about as intellectually impressive as boasting about the size of the breasts on your avatar girlfriend! They proved only that you managed to follow the 2 min video tutorial. The fact that you had to use a video to teach you tells us how great you are. BTW That was “sarcasm” oooops three syllables maybe I’ve lost you now?
I have made recent comments in the media “belittling” the technical prowess of the Lulzsec attacks. Really these comments were to emphasise that it probably was some pubescent twat running scripts rather than any type of sophisticated stuxnetesque “act of war” by a nation state. Lulzsec has helped to magnify the issue that a lot of organisations are locking the front and back doors but forgetting about the windows.
Now if these recent attacks were Lulzsec or a pseudo copycat Lulzsec it doesn’t really matter. Who cares! The MO’s are pretty similar and unsophisticated.
For the record no member information was compromised. Now to get back on point, I am not inviting every script kiddie to have a pop at ICTTF. Quite the opposite, let me explain.
We are not the people you are angry at and in no way represent them. We use our combined intellectual capacity to fight against, yes the word is “fight”. This is warfare. To fight against cyber scum selling child porn not to mention terrorist related cyber activities such as indiscriminate murder. So if you or your friends support these kinds of activities then “BRING IT ON!”
If you are not, I hope you guys can use your “power” for good and share your knowledge in a more constructive way.
I am not going to share any of the attack details with LE, suffice as to say the hop through the Pfizer server in NY was a mistake. Judging by the amount of "shemale" porn on your desktop you are a little confused in life. My apologies for switching on your webcam last night but it was the only way I could take a picture of you! Put it this way, you are young so don’t make more mistakes that may change the direction and path of your life. At ICTTF we do not dial 911
So to conclude, there is no such thing as 100% secure. There is no site that cannot be taken down if the resources and motive are there to do that. We expect to be hit again, we even expect to be taken down again but like Jake La Motta we will get back up.
I hope the spirit of this blog entry is fully understood and I hope all our members continue to enjoy the site and make more positive contributions.
Many thanks for reading my blog