Comment
0
Tweet
0
Print
RSS Feeds

Top South America hackers rattle Peru's Cabinet

Wednesday - 9/3/2014, 8:52am  ET

This screenshot shows a July 3, 2014 tweet by the hacking group LulzSecPeru after it claimed to have hacked Peru's government’s CERT network emergency center. The Peruvian hackers have broken into military, police, and other sensitive government networks in Argentina, Colombia, Chile, Venezuela and Peru. Now they have stolen emails from the Peruvian Council of Ministers’ network that fueled accusations top Cabinet ministers acted more like industry lobbyists than public servants. (AP Photo)

FRANK BAJAK
AP Technology Writer

LIMA, Peru (AP) -- The Peruvian hackers have broken into military, police, and other sensitive government networks in Argentina, Colombia, Chile, Venezuela, defacing websites and extracting sensitive data to strut their programming prowess and make political points.

Now the team calling itself LulzSecPeru has created a national political uproar.

Emails the hackers stole from the Peruvian Council of Ministers' network and dumped online last month fueled accusations that top Cabinet ministers have acted more like industry lobbyists than public servants. That helped precipitate a no-confidence vote last week that the Cabinet barely survived.

The hackers, who describe themselves as two young men, are a homegrown version of the U.S. and U.K-based LulzSec "black hat" hacker collective that has attacked the Church of Scientology and agitated on behalf of the WikiLeaks online secret-spillers and Occupy Wall Street.

A lot of "hacktivism" out of the United States and western Europe has waned or been driven underground by police pressure and arrests, said Gabriella Coleman, an anthropologist at McGill University, in Montreal, Canada, who has studied the phenomenon.

"The hackers in Latin America, however, never really stopped," Coleman said.

LulzSecPeru is widely considered the region's most accomplished hacktivist team, said Camilo Galdos, a Peruvian digital security expert. Until now, their signature exploit was hijacking the Twitter accounts of Venezuela's president and ruling socialist party during elections last year.

Nothing they'd done, however, had the impact of the online dump of an estimated 3,500 emails from the account of then-Prime Minister Rene Cornejo, dating from February to July. "Happy Hunting!" the hackers wrote when they linked to the upload destination.

The prime minister who had just succeeded Cornejo, Ana Jara, said some of the purloined emails may have concerned matters of "national defense."

But what reporters found instead was evidence of the inside influence of Peru's fishing and oil industry lobbies, putting the country's energy and finance ministers in the hot seat.

In one missive, a fishing industry executive asked the finance minister if the anchoveta season can be extended. She later got her wish.

The energy minister, in a testy email exchange, impatiently dismissed objections by the environment minister to his coziness with an Australian oil company with offshore concessions. Oil industry technicians -- not regulators -- are best qualified to deem whether environmental impact studies are necessary for exploratory seismic testing, he said.

The revelations helped prompt a "no confidence" vote in Congress that came within one vote of forcing the entire Cabinet to resign.

The "CornejoLeaks" spectacle, as the press dubbed it, delighted the hackers.

"We're mixed up in everything. "There is no limit to the hacking." one of the duo, who goes by the nickname Cyber-Rat, boasted in an encrypted online chat with The Associated Press, which reached him through the Twitter account where the team announces its hacks.

Cyber-Rat said he's 17 and will quit before becoming an adult to avoid landing in prison. He handles the social networking, cultivates the Anonymous activists who help publicize LulzSecPeru's hacks and admits to "a tendency toward narcissism." His partner goes by Desh501, says he is between 19 and 23 and a university student.

Desh is the technical whiz, and more reserved.

"I'm very private. I don't have hacker friends in person, only virtually," Desh typed.

Both say they are autodidacts. Cyber-Rat said he started programming at age 8; Desh at age 6.

Cyber-Rat said their hacking is "a quest for (the) ecstasy of doing something unprecedented," shaming administrators who claim their networks are bulletproof.

Desh said he is motivated by reached him through the Twitter account where the team publicizes its hacks, to "1. the abuse of power. 2. the lack of transparency."

Some of their hacks are clearly political. They defaced the website of the Peru-based Antamina copper mine in 2012 after the multinational consortium's slurry pipeline burst, sickening dozens.

And they defaced the Venezuelan ruling party's website again in February in support of anti-government protesters, entering through one of the backdoors they say they secretly leave in networks they penetrate.

Desh said they also retain access to the Chilean Air Force network, from which they extracted the published sensitive documents on arms purchases. They called last month's action payback for Chile's spying on Peru's air force in a case uncovered in 2009.

The hackers, who provided as credentials documents they said they obtained in one of their Venezuela hacks,  said they neither enrich themselves nor do damage with their exploits

But many believe LulzSecPeru did do harm when it accessed the network of the company that manages Peru's top-level internet domain. In October 2012, it dumped online a database of thousands of names, phone numbers, email addresses and passwords. The affected sites included banks, security companies, Google -- every domain ending with ".pe"

   1 2  -  Next page  >>