Finland – Prolific Hacker Arrested & Sentenced

Uploaded on 2015-07-25 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Julius Kivimaki, a 17-year-old from Finland, has been found guilty of 50.700 “instances of aggravated computer break-ins”, which affected Harvard University, MIT and a host of companies. Given a two-year suspended prison sentence, his PC was confiscated and he was ordered to handover €6.588 worth of property obtained through his crimes.

Exploited vulnerabilities in software program

When he carried out his crimes throughout 2012 and 2013, Kivimaki exploited vulnerabilities in software called ColdFusion to hijack emails, block traffic to websites and steal credit card details.
He was able to install backdoors into tens of thousands of computers, which allowed him to retrieve information stored on them, adding malware to 1.400 servers. This led him to create a botnet, which he used to carry out denial-of-service (DoS) attacks on news websites like ZDNet and the chat tool Canternet.
Kivimaki was also accused of helping to steal seven gigabytes of data from the Massachusetts Institute of Technology, costing them $213.000 (€192.718).
He also used this method to access accounts belonging to MongoHQ, a Californian website database provider, which allowed him to search billing and payment card information belonging to its clients and subsequently steal credit card information.
To think that a teenager, 15 and 16 at the time, could so thoroughly compromise so many companies is worrying.

Are your systems child proof ?

This is not the first time young hackers (ethical and criminal) have been in the news. Seven-year-old Betsy Davies managed to hack a laptop via an open Wi-Fi network in just over ten minutes, having learned how to set up a rogue access point and eavesdrop on traffic in an online tutorial.
Marcus Dempsey, the ethical hacker who oversaw the demonstration, said: “The results of this experiment are worrying but not entirely surprising. I know just how easily a layman can gain access to a stranger’s device, and in an age where children are often more tech-literate than adults, hacking can literally be child’s play”.

Strengthen your cyber security practices

Businesses throughout Europe are being actively encouraged to strengthen their cyber security now and not wait until the GDPR is in place.
“Hackers won’t wait,” says founder and executive chairman of IT Governance Alan Calder. “If they see a vulnerability in your organisation, they will act on it. Businesses across Europe need to get their systems up to date with the most comprehensive information security management system standard in the world – ISO 27001.
“Implemented by thousands of businesses worldwide, the requirements found in this standard provide a holistic approach to information security, covering people, processes and technology.”
Organisations that have an ISO 27001-compliant information security management system (ISMS) will also have a solid framework for supporting adherence to the GDPR when it does come into effect.

ISO 27001 solutions

European organisations can now implement the Standard and achieve ISO 27001 certification for as little as €530 with our ISO 27001 packaged solutions, full of standards, books, toolkits, software, training and online consultancy.

IT Governanance: http://bit.ly/1IqQBdM

 

 

« Public-Private Partnerships in the Cyber Domain
Hacking Team's Malware Uses a UEFI Rootkit »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Zscaler

Zscaler

Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

XCure Solutions

XCure Solutions

XCure Solutions are a Finnish company specializing in data security, data protection and data recovery.

StrongKey

StrongKey

StrongKey (formerly StrongAuth) is a leader in Enterprise Key Management Infrastructure, bringing new levels of capability and data security at a price point significantly lower than other solutions.

Hypori

Hypori

Hypori is a virtual smartphone solution that makes truly secure BYOD a reality for organizations in healthcare, finance, government, and beyond.

DefCamp

DefCamp

DefCamp is the most important annual conference on Hacking & Information Security in Central Eastern Europe.

Randori

Randori

Randori is an attack platform that provides "red-teaming" as a service - basically, staging simulated hack attacks to test for vulnerabilities and gaps in the security response.

Quest Software

Quest Software

Simple IT management for a complex world. Whether it’s digital transformation, cloud expansion, security threats or something new, Quest helps you solve complex problems with simple solutions.

FraudScope

FraudScope

FraudScope is an AI-assisted platform that accelerates the identification of fraud, waste, and abuse.

Stealth-ISS Group

Stealth-ISS Group

Stealth–ISS Group is your extended IT, cyber security, risk and compliance team, providing strategic guidance, engineering and audit services, along with technical remediation and security operations.

Archon Secure

Archon Secure

Archon GoSilent Cube delivers a CSfC-certified, plug-and-play security solution for classified and unclassified communication when using the public Internet.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.

Baselime

Baselime

Baselime, the cloud-native observability platform. Resolve issues in your cloud application before they become problems.

Twine Security

Twine Security

Twine is pioneering the creation of AI digital cybersecurity employees to help improve efficiency for cybersecurity teams.

RELIANOID

RELIANOID

RELIANOID is an application delivery controller and load balancing system that ensures high performance and security of IT services on a massive scale.

LiveAction

LiveAction

LiveAction’s Network Intelligence platform transforms complex data into actionable insights, providing organizations with a comprehensive view of their network.