Hackers claim to have cracked Norway mass-murderer's email
Breivik's rantings handed to journo, cops, says 'Noria' crew
Customer Success Testimonial: Recovery is Everything
A hacking group claims to have broken into two email accounts maintained by Norwegian mass murderer Anders Behring Breivik, the far-right extremist who killed more than 70 people in attacks that shocked the world last month.
The hacking crew, who call themselves Noria, reportedly hacked into Breivik's email accounts after earlier taking over a Twitter profile maintained by the domestic terrorist.
The group is said to have handed over information from the hacked email accounts to a freelance journalist Kjetil Stormark, with the request that he pass on the material to police investigating the mass killings.
Information from the email accounts may well be helpful for the police in forming a better picture of who Breivik was talking to and the content of these discussions. But any fruits of what started out as an illegal hacking act would be inadmissible in court. It would have been much better from this aspect if police had obtained a court order and gained access to the accounts, thus preserving the chain of evidence. ISPs could have been asked to comply with court orders to facilitate this process. It is not even beyond the bounds of possibility that Breivik himself might have supplied his login credentials.
Breivik detonated a car bomb he placed near government buildings in Oslo, causing eight deaths, before travelling to a youth camp organised by the ruling Labour Party on the island of Utøya and killing 69 in a shooting rampage. He confessed to these crimes but denies criminal responsibility.
The terrorist distributed an anti-Islamic tract decrypting "cultural Marxism", entitled 2083 – A European Declaration of Independence, electronically on the day of the dual attacks.
More commentary on the information security aspects of the story can be found in a blog post by Sophos here. ®
COMMENTS
Not helping!
Not only may the email be inadmisable, but the defense can say that it is tampered evidence. Plus the police don't know if the email hasn't been tampered.
The only way now for the police to get good evidence is to obtain an order for the backups.
"But any fruits of what started out as an illegal hacking act would be inadmissible in court."
Too bad! the court will only have to rely on the dozens of corpses and eye witnesses then...
What are they doing? A lot.
I do not know how many e-mail accounts he had, but the police is of course working on it. There are about 100 detectives working on the case, and then we have all the forensic technicians (if that is the correct English term) and support personnel. The police have according to Norwegian law declared everybody at the island, about 700 people (mostly youths), victims of the crime. Also declared to be victims are the close relatives of those that were there, everybody at the scene of the bombing, everybody that were supposed to be there, everybody that usually works there, the rescue personnel and volunteers involved at the island and some on the bombing scene, and probably a few I have forgot.
Since they are treating each kill as a separate murder and are going to collect evidence on each of them, all of these people are to be interviewed by the police. In addition they have spent two weeks searching the entire island square inch for square inch for shell casings, other evidence and all electronic equipment that might have captured parts of the event. I suspect that they are going trough all the phone logs at and around the island as well.
Then they have set out to map all his movements and actions over the last nine years.
So, that is what they are doing. If you really wondered. About his e-mail accounts, Google contacted them almost immediately to start the work of releasing all e-mail and information associated with it. As far as I know this process is ongoing, if not resolved already, between the police, the Norwegian government, the US government and Google. Even in an open and shut case like this, an American company can't just hand over information to a foreign power, even if the information is about a citizen of said foreign power.
The last thing we need is for these other criminals to come and "help" the police. It is a waste of time and resources. There is a reason this is done by the book, and all this does is creating a web of dead ends. All accesses to these accounts has to be investigated since there is a chance they could have been done by accomplices.
In addition these hacks are of course a crime committed against Anders Behring Breivik and I think that is the last thing the police wants to investigate right now.
The people that did this are muppets, bleedin' muppets. And if I ever...what? Yes, that is my hat and coat...
IT infrastructure monitoring strategies
What you need to know about cloud backup
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Customer Success Testimonial: Recovery is Everything
