HISTORY

Local hacker group plans to go 'legit'

legit?!

LOCUSTS.ORG, a group of young Filipino hackers, wants to set up a non-profit organization that will help Philippine authorities make the Internet more secure in this country.

Composed of students and system administrators currently either doing freelance or full-time work, Locusts.org members said they were willing to volunteer their "services" to the PH-CERT (Philippine Computer Emergency Response Team) or the National Bureau of Investigation's Computer Fraud division.

In an interview with INQ7.net Locusts.org member Eyestrain -- who has gained international notoriety after a series of attacks and subsequent media coverage -- said that the group is also thinking of setting up a mailing list on Net security.

"There are now more hackers out there trying to break into the servers here in the Philippines and Asia," said the bespectacled Eyestrain.

The group's plan to become legitimate comes in the heels of a series of attacks launched by the group known as AsianPride Crew. AsianPride Crew and Locusts.org (or at least hackers who claim to belong to these groups) have tangled in the past, taunting each other in the messages they leave on defaced sites.

During the series of attacks dubbed the "4 O Clock project" that began Saturday, AsianPride left a message on defaced websites, such as that of broadcast company ABS-CBN. AsianPride denounced "security charlatans and media whores" like Locusts.org. AsianPride even greeted Eyestrain by his alleged real name -- Alvin T. Veroy. AsianPride has also belittled Locusts.org in previous defacements as "script kiddies."

For his part, a Locusts.org member codenamed Cloner, said that "experiences" they have gained from hacking into the servers of local Internet service providers (ISPs) can help authorities go after other hackers such as AsianPride.

Both hackers agreed with the saying, "it takes a thief to catch another thief."

Locusts.org is currently composed of eight members -- some of which are students. They claim to have have hacked into a lot of systems in the Philippines and have "gained access" to servers run by local ISPs.

But unlike AsianPride, which they claimed is on a mission to deface the most "PH" websites, Locusts.org said it "practices restraint." In fact, they claimed that other groups had "set up" Locusts.org to make it appear that Locusts.org is behind the defacing of some local websites.

Eyestrain, for instance, said that the defacement of the GMA Network website was made to appear as the work of Locusts.org. The group denied being behind the attack.

"We're trying to be a legitimate security group to help the local IT industry not for profit but for the fullfillment of our passion, yet our reputation is on the line for crimes we didn't commit," Eyestrain told INQ7.net in an earlier e-mail.

The group claims it has already registered their organization with the Securities and Exchange Commission, according to their website. With a report from Joey G. Alarilla


PH-CERT wary of services of 'reformed' hacker group

Apprehension

THE PHILIPPINE Computer Emergency Response Team (PH-CERT) said it welcomes the plan of Locusts.org, a group of young Filipino hackers, to become a legitimate security solutions firm. PH-CERT, however, expressed apprehension over accepting the offer of Locusts.org to help out authorities and security organizations.

Composed of students and system administrators, Locusts.org said Tuesday that it is willing to volunteer its "services" to the PH-CERT or the National Bureau of Investigation's (NBI) computer fraud division. The group stated that they would like to help Philippine authorities make the Internet more secure in this country.

"You have to know who they are, and who you're dealing with. Are they trustworthy?" Kelsey Hartigan Go, vice president of PH-CERT, told INQ7.net.

PH-CERT is a non-profit organization organized last year to help the country become more aware of the need for Internet security. PH-CERT, however, has no other sources of funding except fees it charges members. Work at PH-CERT is also voluntary, considering that most members have day jobs.

"We need to know them first. It's like them saying. 'I'm a thief, and I want to join the police force.' It's not as easy as that," Hartigan-Go said.

In a separate interview, Locusts.org member Eyestrain acknowledged that it might be hard for the group to win the trust of authorities. He said that they have asked for help in coordinating with the computer fraud division of the NBI.

"We will relay any information we receive to them and let the NBI negotiate with the company. We won't directly go to them and offer our services. Although our past 'hacking' activities can help them to pinpoint the hacker and fix their systems," Eyestrain told INQ7.net via e-mail.

Hacking is a controversial issue and a loaded term, particularly in the Philippines, which has gained an international reputation for being a "haven for hackers." The term "hacking" itself is subject to debate, since some purists, technical experts and self-proclaimed hackers insist that the term was not originally derogatory. Instead, they would rather refer to "hackers" who manipulate computer systems to cause damage or gain profit as "crackers." In common usage, however, "hacker" has come to be accepted as a blanket term, usually pejorative -- particularly since it is the destructive activities that alarm the general public.


Script kiddie

Among so-called hackers, an even more pejorative term hurled against each other is "script kiddie," referring to the use of readily available scripts on the Internet to exploit known security vulnerabilities.

Hacking has become widespread mostly due to the fact that hackers can collaborate and take advantage of the tools others have made freely available -- thanks in no small part to the pervasiveness of computing and the advent of the Internet. While some purists would say that script kiddies should not be glorified as "true hackers," it seems cold comfort to a company that a "mere script kiddie" defaced their site. Moreover, just as the public wants the technology behind everyday devices such as cell phones or PCs to be transparent to the user, technical distinctions between a hacker and a cracker, or between a hacker and a script kiddie, would be the last thing they would want to know. Instead, they would care about the impact of the service interruption -- why it happened and when the service would be restored.

Eyestrain, however, acknowledged that proclaiming oneself to be a hacker could be big headache.

"Actually we're not 'hackers.' That term is a very delicate one to use. If you call yourself a hacker, other people will laugh at you. Sometimes it will provoke others to attack you, saying that they are much better. What fascinates me about 'hacking' or whatever others called it the satisfaction of our urge to uncover the answers to our questions on computer security," he claimed.

He said that most of the members of Locusts.org were system administrators, claiming that one of them even works at antivirus and security solutions firm Trend Micro.

While admitting to past "indiscretions," Locusts.org claims that it has learned from the past and that its expertise can now benefit companies and the authorities.

Hartigan-Go admitted that it is not the first time that local hacker groups have offered their services to the Internet security group.

The question, however, is not only if this group has really reformed, but also whether they can convince others that they are worthy of trust.


Trend Micro won't tolerate alleged 'hacking' activities

Company Policy

ANTIVIRUS and security solutions firm Trend Micro is ready to fire any employee engaged in hacking activities, local officials said Thursday.

This was in reaction to a claim made by local hacker Eyestrain that an employee working with the antivirus firm is a member of their group called Locusts.org.

The group claims that it is now transforming itself into a legitimate security solutions firm.

"Let this be clear to everybody that we don't hire people who do illegal things. We have a (company) policy. There is no way that we hire, or let alone tolerate this illegal activity. We're attaching a copy of our virus policy to let it be known that all employees are required to sign in this contract that contains the following policy," the antivirus firm said in a statement e-mailed to INQ7.net.

"As we all know, much of Trend Micro's success is built on its ability and reputation as a company to provide products and services that protect its customers from computer viruses and malicious code and content. Accordingly, it is imperative and obvious that we must always take every reasonable and prudent precaution to ensure that no one at Trend Micro is ever responsible for the creation or spread of a computer virus or any malicious code or content. Breach of this obligation could be tragic to our company," the company added.

INQ7.net has learned that company executives were taken aback, and have reacted strongly, upon finding out that Eyestrain is claiming that one of their employees has violated company policy. The policy roughly states that they should not be part of any hacker groups or have relationships with them.

Employees caught doing such activities, the company added, will face disciplinary actions, including possible termination.

The company's employee handbook states that "no employee may write, modify or merge any computer viruses or malicious programs, which includes hacking activities which, in all intents, involves creation or propagation of malicious tools or programs."


NBI says Locusts.org liable for cybercrimes

Liabilities

THE NATIONAL Bureau of Investigation's (NBI) Anti-Fraud and Computer Crimes Division (AFCCD) said that it has evidence linking local hacker group Locusts.org to numerous computer crimes.

Locusts.org had earlier disclosed plans to transform itself into a legitimate computer and Internet security organization. The group said that it plans to offer its services to the NBI and the Philippine Computer Emergency Response Team (PH-CERT).

"The offer is good but we have to consider that there were numerous computer crimes that could be attributed to Locusts.org," Palmer Mallari, supervising agent of the AFCCD, told INQ7.net.

He said that the group has allegedly been involved in using stolen credit card numbers, website defacements, the launching of viruses, and other computer crimes, which is now punishable in the Philippines under the E-Commerce Law.

Mallari said that if Locusts.org members want to come out in the open, they still have to face possible raps that will be filed against them.

"But we should strike a balance between prosecuting or getting them as possible witnesses," Mallari said.

Locusts.org spokesperson Eyestrain is not surprised at he NBI's reaction.

"Handa naming panagutan ang liabitilies namin. Expected na namin 'yan. Kaso, kapag hindi kami nag-act, hindi matitigil yung pagwasak sa reputation ng information technology industry natin (We are willing to be liable for the consequences of our actions. We expected that. But if we don't act, the damage to the reputation of our information technology industry won't stop,)" Eyestrain said in Filipino-English.

"We know we have done (something) wrong... But we have proof, which can help them pursue other groups out to destroy computer systems," he added.

Mallari, however, said that the AFCCD could only go after hacker groups like Locusts.org only after a private complaint is filed. Without a complaint, the local authority can only go as far as gathering information on the activities of the local hackers.

Since the start of the year, at least 15 computer crime cases had been filed with the local courts here in Manila, according to Mallari. But no suspected computer crackers have been convicted yet.

One case involves former employees of the Thames International Business School accused of allegedly stealing "proprietary" information from the school's computers. The case has been filed with the Department of Justice with the help of the NBI.