Tag Archives: 2600

Bank Robbery as a Relative Notion

bremertonA long, long time ago in a place far, far away (called the 1980’s) a (infamous) series of collective /  anarchistic technofetishists known as “hackers” developed.

At the time, the home-based consumer computer (not to mention the telephone system with its BBS’s – Bulletin Boards!) was new and exciting: the (now old and removed POTS (Plain Old Telephone System) was THE game in town, with the intent of gathering information and the joy of learning new routines the primary goal. Various stratagems and means were utilized, inclusive of dumpster-diving (going through the telephone companies trash), ‘social engineering’ (a fancy word for sweet talking somebody into giving you restricted access) along with regular stops to nearest ‘Rat’ (Radio) Shack and ‘trade gatherings’ where others of ‘their’ kind would come together.

This is all mentioned in light of the recent news development regarding a group of hackers involved in a massive worldwide effort regarding banks to the (publicly reported and admitted) amount of $45 million.

As the so-called experts point out:

Hackers got into bank databases, eliminated withdrawal limits on pre-paid debit cards and created access codes. Others loaded that data onto any plastic card with a magnetic stripe — an old hotel key card or an expired credit card worked fine as long as it carried the account data and correct access codes.

A network of operatives than fanned out to rapidly withdraw money in multiple cities, authorities said. The cells would take a cut of the money, then launder it through expensive purchases or ship it wholesale to the global ringleaders. Lynch didn’t say where they were located.

Some things still haven’t changed; nothing new here.

The idea of using a plastic code with a pre-coded magnetic tape is as old as dirt itself: as to how this is done, much of this can be found through various sources.

As to accessing banking records to undertake such things (after all, the only way in which this job could be pulled is by matching the actual account information to the physical magnetic cards used for downloading cash), during the 1990’s Citibank’s interoffice telephone exchange was openly used by “hackers” for free conferencing calls, openly planning their next round of activities, exchanging chit-chat or teaching each other on the latest trends and routines – no different from any other major corporate personnel utilizing a corporate telephone network (its worth noting that, at the time, users had to be mindful of the (slight) distance delays differential owing to the then weird practice of Citibank having all its calls routed through it’s Paris, France office network).

Any system or service is only as secure as it’s people make it to be.

As for accessing bank records, why stop at digging in, when you can have the information come to you? Some years ago, there were a group of hackers who went one step further: actually setting up fake ATM’s in shopping malls and other public areas. The average user would go to withdraw money, only to be told that the machine was out of service; the information the user had entered was then stored and taken to be placed on a magnetic printer strip for later withdrawal (these were among a sub-grouping who, as part of their routine, would withdraw cash from ATM machines while wearing masks of  such individuals as Ronald Reagan,  zombies, Richard Nixon, or a host of others for the amusing benefit of bank security cameras).

During the 1990’s, banks had a situation wherein “hackers” (ah, that word again) would be accused of replacing security cameras with one of their own, ‘shoulder surfing’ over user’s to capture this account information (an insidious procedure which may sound perfectly suitable for nefarious purposes, but in fact can be a real pain to undertake). The smarter ones, however, would set up capture items in and around the keyboard such that users were not aware that their information was being captured,…

And then there were the legendary moves on the part of certain “hackers’ of the Russian Federation who captured inter-bank transfers, placing ‘blocks’ or ‘capture point / redirects’ on the ports where the data were being swapped (in simplistic terms, placing listening devices to the internet / telephone networks, decrypted the data being sent and then using that data to actually access the raw accounts being managed). The results of this effort? Estimates range widely, with bank losses estimated to reach at high as $50 million in just one such incident alone! Interestingly, the impacted banking houses sought to drop the charges (naturally they settled for financial restitution – but remarkably, settled for an amount far less than what many suspected was actually taken, suggesting that the action was deeply than anyone wished to admit and that the skill set involved insured that the money was untraceable – or, more likely the appropriate officials were sufficiently given ‘inducements’ top avoid any further prosecutorial action) in exchange for the “hackers” to be their security consultants so as to avoid any further public publicity over the matter, for if the public were to truly know the extent of the lack of security, banking confidence would plummet.

And can you blame them? I’d hate to be the one to tell my clients ‘gee, several millions of (insert your currency of choice here) was taken from your account, but you still want to do business with us – right?’

Which brings us to the other side of the coin, so to speak,…

As reported two months ago, HSBC was directly involved in what governmental officials stated was ‘money laundering’ (http://www.bbc.co.uk/news/business-21840052) for major narco-criminal enterprises worldwide (which is interesting how this particularly publicized group of “hackers” targeted money reserves set aside for pre-paid cards, wisely avoiding other accounts,…).

The reality is that the only innocents involved in the entire arena are the average bank account holders (the ‘little people’), for many banks themselves are involved in criminal activities of their own, ranging from money laundering, to passing along sub-prime housing funds, or just simply overcharging people with various account charges just because, well, the banks can do this sort of thing (I deliberately fail to mention the investors as insurance will cover the costs of such losses; as to those who may object I merely point out that it’s all just business and to please check your company pride at the door,…).

Much of what is taking place in recent years regarding banking is increasingly a matter of degree and viewpoint. As banks become larger, they will utilize whatever resources they can to ensure their protection, which may include the hiring of those who penetrated their security, indulging in questionable investment practices and serving ‘interesting’ clientele.

It’s all part of doing “normal” business in the 21st century.

Similarly, as banks handle larger and larger amounts of “money” (and we won’t get into the discussion of ‘Bitcoin’ and the significance of that development as it relates to international banking and financial systems as after all, when you think about, what truly defines the financial value of any given currency?) banks are involved in realms and investment practices which they did not dream of doing but twenty (20) years ago  – witness the role of banks in the recent housing bubble and the sub-prime mess along with their various other financial / investment practices (we’re still awaiting the final report on the offshore accounts held in the Bahama involving high-ranking international governmental officials and other ‘outstanding’ members of society – $32 TRILLION and rising,…!).

Realize this: we’ve reached a point in our culture(s) and society(ies) where –  like the intrinsic value of money and the actual stability of our financial systems – the very notion of a bank robbery is now relative.

Here’s one brief overview of this incident: http://www2.macleans.ca/2013/05/10/sophisticated-network-of-global-thieves-drain-cash-machines-in-27-countries-of-45m/

The Passing of an Age: The End of PSTN

capncrunch

Back in November of 2012 AT&T quietly petitioned the FCC (Federal Communications Commission) to formally and fully retire the old traditional PSTN (that’s Publicly Switched Telephone Network to you) and clear the way for the new IP-based (Internet Protocol) telephone network.

None of this should come as any surprise, for PSTN is increasingly becoming more and more to difficult to maintain: the old-time switches are outdated, fewer and fewer personnel are trained to understand how such systems work (although I’m certain that a number of avowed ‘hobbyists’ would be happy to assist!) and thus AT&T feels – and arguably so – that it’s time to pull up the lines and move on. Everyone’s using cell phones, cable and FIO’s networks more and more and thus the need for the traditional PSTN is becoming less a priority then twenty some years ago (http://arstechnica.com/information-technology/2013/01/the-telephone-network-is-obsolete-get-ready-for-the-all-ip-telco/).

It is the passing of an age.

The PSTN brings back memories of midnight dumpster diving – seeking out access numbers and codes; of playing with payphones (calling their numbers and through a series of codes, accessing their secrets and access points) along with using conference call routines for free calls, both domestically and internationally – along with a whole endless load of other hi-jinks.

The PSTN was a training school: a very large classroom reaching across thousands of miles where, for a few tricks and routines, you’d be able to join in the fun and explore regardless of who you were (I’ll never forget visiting one of the old-time cool BBS’s and seeing a messages from “Shark” who’d posted a message, ‘Now that I got my Amiga I can spill my brains all over the place!’ – and this from a connection Shark obtained via the Citibank branch in Paris!). The PSTN was the place where techno-festishists with serious nihilistic bents would hang out and see who could go the farthest and the fastest with a coolness and casual bent.

PSTN was where some of the best and brightest would be found.

Well before the days of the Internet or the World Wide Web, you had Telnet and PTSN: there wasn’t a whole lot else going down. With a lineman’s handset, the world was your oyster: you’d learn how to Brownbox, Cheesebox, Greenbox, Bluebox or Red Box the system to your advantage, depending on what you’d wanted to do.

And some would get a little cute: as but one example, you’d go to the nearest Rat Shack (that’s Radio Shack to you) and get some diodes, one of their (now discontinued – and for good reason!) automatic callers and viola! Free and unlimited phone calls! Beat using those old long distance calling cards: you’d just make sure you’d avoid using the same phone over and over,…

Somehow, I’ll never fully believe that the PTSN will be completely down: given it’s size and scope, I’m certain they’ll probably be isolated reaches out there still operating. Like The Road Warrior, it will always be out there – perhaps in some remote deserted areas, or within some dark and dank urban landscapes, there will always be a half-abandoned, derelict payphone, standing there, ringing out into the night waiting for somebody to pick up and listen in to the line, with the fun still going on…

PS: if any of you are wondering why there’s a picture of Captain Crunch in this blog, feel free to contact me – otherwise, it’s something you either know or don’t.

But it still doesn’t hurt to ask and explore – and in that vitally important vein, that’s why some things never will – nor should – ever change,…!