Robert's admin blog: National Security Agency Vs Hysteria.sk

This cause is relatively well known in Slovakia, but clock ticks and people forgetting and I think it's not OK.This is very important part of Slovakia underground. Saying old adage: "Nations which haven't learn from their old mistakes, they are doomed to repeat them."

To many words about this cause was sayed in radio, TV, newspapers etc. I would most probably not anything new, therefore I decided to make this article only as the sum of links, resources where you can find information about this. I also make a mirror of articles, videos and pictures here becouse most of links are no longer avaible on the web.

Last update: 10.1.2009 16:01

(sorry for my english, all links and linked articles are in slovak or czech language, you can use some translators or you can use translate.google.com)

Why we do this post ?

Many of links to videos and articles are no longer avaible. We want to make a information mirror.

OK now we can start talk about it. First I must advise of one document, where you can find that Slovak republic spend 3.5 million slovak crowns for improving security of information systems in 2005. Nothing interesting ? Of course National Security Agency need very huge security becouse they are working with very sensitive personal data of large number of people so the security is very important. Question is "How they improve security if those things can happend ? Who earn 3.5 million crowns for this ?" (document)

All starts when 25.april 2006 on server blackhole.sk was published article about hack to National Security Agency of Slovak Republic (Article). This article took off big hunt on the hackers on Slovakia. Few days after article on blackhole.sk and after information in TV news, you could find this text on the webmail page of NSA SR.

Translated text from webmail: "national security agency. They talk about us in the morning news and newspapers, they describe security hole in our system and we are not able to patch our system. It can be better if we turn it off ? horrible, blame netlab plus and nnu and greetings for everyone who unpack their rootkits here, welcome friends."

Of course this text is not from NSA, hackers put this text on the website and protect this site from exploits of known security hole in their system.

26.4.2006 - Pravda newspapers - Hackers penetrate computers in NSA

"Attack was considered as form of security failures and will necessarily make safety measures that would minimize the incidents. "
Ivan Goldschmidt, office manager of NBU, 26.4.2006

"This is injury of the NSA image, but they didn't get any classified information"
Robert Kalinak, Minister of Interior of the Slovak Republic, 26.4.2006

It is the "image problem", rather than security, although no such authority can be happy that their e-mails are published. "It is a large annoyance to the NSA and reflects they aren't professionals."
Jan Mojzis, director of the National Security Office, 26.4.2006

We are put little emphasis on information security, but this is not an issue that we can sell to voters.
Robert Kalinak, Minister of Interior of the Slovak Republic, 26.4.2006

26.4.2006 - Zive.sk - National Security Agency hacked

26.4.2006 - ITnews - Hacker penetrate NSA – wat is the facts

26.4.2006 - SME newspapers - Office argues that if the hackers repeat attack, they intervene

Based on our analysis, there has been disruption of servers that provide publicly available data, falls on them the data stored in the unprotected form, which may normally be captured in the Internet environment and outside our network.
Ivan Goldschmidt, office manager of NSA, 26.4.2006

"We probably know source of the attacks." If the activity will continues, We will intervene".
Ivan Goldschmidt, office manager of NSA, 26.4.2006

26.4.2006 - SME newspapers - Government support NSA opinion as responsible

We can't underestimated this information,however the opinion expressed by the NSA to media is liable.
Martin Maruska, a spokesman for the government of the Slovak Republic, 26.4.2006

26.4.2006 - SME newspapers - What happened in National Security Agency?

T.Bella also wrote article about NSA on portal pocitace.sme.sk.

27.4.2006 - SME newspapers - Hackers have been deeper then NSA admitted

Encrypted line is still in preparation, and will not be used for the transfer of classified information. And therefore it was able to see by hackers.
Ivan Goldschmidt, office manager of NBU, 27.4.2006

27.4.2006 - SME newspapers - Hackers will be accused, not NSA

General Prosecutor's Office instructed to investigate and prosecute the hackers. This is not to investigate the NSA staff, that neglect security and make this attack possible.
27.4.2006

Proceedings of hackers is contrary to the laws, and everywhere in the world affects them.
Robert Kalinak, Minister of Interior of the Slovak Republic, 27.4.2006

Goldschmidt admitted breach of security rules at the office and the investigation should reveal the person who make siple password "nbusr123" for the software. At the same time, he said that the Office has suffered damage, since they must repair system.
Ivan Goldschmidt, office manager of NBU, 27.4.2006

Kalinak on the question of whether he think that the NSA has suffered damage, when in fact now being implemented what they should have implemented already, did not respond.
Robert Kalinak, Minister of Interior of the Slovak Republic, 27.4.2006

27.4.2006 - SME newspapers - Anonym hacker: Penetrate NSA computers was not a problem

Yes, access is still possible (even through webmail, and directly through the server). Today (yesterday, notes. Editors) afternoon around the 1:00 PM someone changed the Main page webmail NSA.
Anonymous Hacker, 27.4.2006

28.4.2006 - Topky.sk - NSA: Personal Data Protection Office send a letter to the NSA

In our opinion, came to the inconsistent application of security rules under the laws on the protection of classified information.
Gyula Veszelei, President of the Office for the Protection of Personal Data, 28.4.2006

I think, you agreed it was very pern days after publication of the article on blackhole.sk. Followed by a recession in which this is the case ceased to speak and write fairly well. Blackhole released special edition T-Shirts with the NSA password in the front and blackhole logo on the back. This t-shirt provoke government very well.

It was very funny, one reporter from TV JOJ had this t-shirt in the main news during his report. Slovak underground celebrate disability and impassivity of the slovak government. But, something happens. In 18.july 2006 police confiscate onyx.hysteria.sk server from areal of GTS Nextra company. Server hysteria.sk was mainly for anonymous communication in comunity of slovak underground. It had also host www.kyberia.sk portal which was used by thousands people. This act from police start huge wave of heartburning from slovak underground comunity and from ordinary people. (judicial order for confiscation hysteria.sk server)

After two days on blackhole.sk was published "juridical look" on server confiscation.

21.7.2006 - SME newspapers - Dlugošová: Police cant use data unrelated with attack to NSA

Users of hysteria and kyberia was scared about abuse inforation from server from their accounts, storages and emails. They chat public or private about this cause and they was disgusted.

"The police does not have the right to use, records and stored personal information about persons who have no connection with the crime"

said the TASR attorney Richard Dlugošová.

24.7.2006 - SME newspapers - NSA open three new positions related with computer and network security

"First of all, we want to employability experts to prevent similar things which happend in April. NSA turn off their sites becouse they repair systems and change content of their pages "
Ivan Goldschmidt, office manager of NBU, 24.7.2006

24.7.2006 - SME newspapers - NSA refuses to have been unauthorized access to the websites of public areas

Website of NSA, and the public NSA servers has been disconnected from the Internet from Friday to Monday by administrators for its normal service. Similarly, disconnecting it regularly since April 2006 and can be expected in the future, even during working days in the evening and night hours. Incident, which is described as "turn off the office from the Internet" was recorded outside the infrastructure owned and managed by NSA, so it will not be broad commented.

Ivan Goldschmidt, riaditel kancelárie NBU, 24.7.2006

Vice-President of the Police Corps Jaroslav Spisiak today reported on the partial results of its inquiry into National-security office. The same time reminded the journalists that Hackers are criminals and they will treat them like with criminals. I wish this suggests that some media, which comunicated with Hackers in april, coud be parties to the crime.
Jaroslav Spisiak, 1st police vice-president of the Police Corps, 24.7.2006

Police criminal review and analysis showed that hackers did not obtain any classified information.
Jaroslav Spisiak, 1st police vice-president of the Police Corps, 24.7.2006

"Server Onyx policia confiscated becouse administrators of hysteria.sk didn't want to break anonymity of their users and they didn't provide any inforation to police. Then we must confiscate the server and do analysis and indentificate those who attack NSA"

Jaroslav Spisiak, 1st police vice-president of the Police Corps, 24.7.2006

24.7.2006 - ITnews - Monday Morning: Web pages of NSA works, hysteria.sk blame netlab of bungling

24.7.2006 - SME newspapers - Hackers about NSA: password nbusr123 still works !

On Friday afternoon, said server administrators hysteria.sk that as retaliation for server confiscation, "they disconnecting NSA from the internet". NSA reply for the question, why their site don't work, said that "We disconnect it from internet becouse we complement the content.".

Friday disconnect from the Internet by hysteria.sk went directly to the device company in the Slovak Netlab peering center. They said entire traffic routed to www.nbusr.sk we redirect to "the lost". Redirected was the entire Internet traffic to the server except server for electronic signature. How they get into devices in Netlab peering center ? Simple - the devices of Netlab had the same password, which had been found in the April penetration of the NSA network. Why were on both sides used the same password, which, moreover, remained unchanged three months, it is a good question. Changing records in peering center has been able to dispose of the NSA site for a few hours - why did not work the whole weekend, nobody knows. According to the declaration of hysteria.sk they didn't want to cause damage, but the highlight of the state security office, which carries the word directly in their name.
....
Government Offices don't like to admit its mistake and so this case is not different. Except Slovak police, reinforce from FBI and The Secret Service join to the "Big Hackers hunt" in Slovak Republic, if NSA request their help.
....
Truly nice to continue, hysteria.sk has tried to show in principle to the terrible security state of NSA, which handled the most sensitive personal information. So it's very sad that government didn't try to find who is responsible for this horrible security in National Security Agency of Slovak republic.

27.7.2006 - Root.cz - Hysteria.sk: confiscated by the name of law

We didn't know about server confiscation, we learn that from GTS nextra server housing. Administrators and owners hysteria.sk server knew about server confiscation after they contact Nextra becouse server did not response.
Zyx, one of administrators hysteria.sk

After four days we can met with one of inquisitors of this case. "Yesterday, we managed to finally meet is investigators, so we are we a little wiser"
Zyx, one of administrators hysteria.sk

Prosecutor said us, reason for confiscate server was proxy server which runs on hysteria. My opinion is this reason is too small for steps like these becouse anyone who uses proxy server on hysteria could click on the link somewhere on the forum, internet or chat. I am in doubt if visit of some url on the net is adequate reason for server confiscation and prosecution. If only reason is access through proxy on Hysteria, then I think they will not find anything becouse proxy access log was turned off.
Zyx, one of administrators hysteria.sk

Pajkus (prevádzkovateľ hysteria.sk) zároven vystupil v realcii radia FM kde objasnil fungovanie hysterie ako takej a rovnako svoj postoj k danej kauze.

26.7.2006 - Radio FM - Pajkus, hysteria.sk owner talks in show about this case

This story continues for few long months. In short version what happened next. Police try to copy data from server. I say "try" becouse they have some problems with it. Pajkus, owner of hysteria.sk, perseveringly comunicate with police and want to know state of investigation. He want server back. Users and administrators of hysteria gradually loose their hope for get server back. One day users and people saw some text on web page of hysteria.sk.

so, after eight years I close hysteria project. I think it's not needed. If you looking for prielom, or anything from the hysteria web, you can google it or download from mirrors. Server is confiscated by the police becouse of things about NSA. You can learn about it on hell.sk/onyx. I want to appologise to people who loose their data. Who want to his money back for shell account, set mail forward, send files from old backup please send email to me or to administrators.

Pajkus, 4.9.2006

Server is still confiscated and nobody knows what happened. Reportage from main TV JOJ news.

In short time on you can see report "How to hackers disconnect NSA from the internet" on main hysteria.sk web. It was becouse when hysteria says they disconnect NSA from the net, gazetteer of NSA says thath NSA admins disconnect NSA from the internet. So hysteria.sk published short article how did they disconnect it. It's horrible thath few months after first penetration was still able to hack their network devices.

10.10.2006 - TASR - Investigation of hackers attact to NSA is stll in progress

Article from Hysteria about disconnect NSA network

According to Pajkus statements 1.1.2007, police closed expertise onyx and returning it back to the investigators. Sometimes in the middle of January should get server back of it forfeit for state.

last week four people ware convene to the police, yesterday they met with investigator but all refused to talk.

Maybe it's not so bad ?

It looks we can get server back. This is the story: 3 weeks ago when we ware on interrogation with Suplatom, he was quite friendly. I call to Suplata and ask him, like last year, if I could get RAM modules from the server. I said we need this ram and on ram there is no information. He said he check it and was so angry becouse he know that on ram there are no information. I want call him next day but he was ill for 2 weeks. I call him last wednesday and he said I can come and get ram modules. I came there and he said if is not better if I get whole server, I was so surprised I think we never saw server again, ofcourse I want whole server. He said OK and come on Monday for whole server. So I came on Monday and I ask him if he need some paper/document or something. He open document about this case, and look on some confiscation report and there was some boy from GTS Nextra who gave them this server in july. He said he can't give mi server becouse he can give it only to owner. I said if normal people have documents which says that their computers are realy their etc. He said no. So I said look, don't play with paragraphs and give me the server, shake with my hand and say goodbye. He was so angry for this and said "I will not brake the law!". Then I said I bring him procuration from the boy in Nextra. He said OK and make a Copy of confiscation order and then said NO. I proposed we can go to Nextra and put server there. He said he have 2 cars in the streets and one must stay here. I said we can go in my car... etc etc finaly he said tomorov in monday boy from nextra came and get the server. So hold your fingers.

Pajkus, owner of hysteria.sk, 25.2.2007

Nobody believe in this !! Server hysteria is back.

Everyone celebrating ! In next days people can download their files from the server. Server is now one of the servers of kyberia.sk project.

27.3.2007 - SME - NSA invest into the system security

28.3.2007 - Zive.sk - NSA: There are periodical attacks on our network

We think it's happy end but it's not true. Everyone hopes police will learn from this, they can't confiscate foreign things without ask owner. It was only silent moments before big storm.

2.4.2007 - Zive.sk - NSA: How they use 36 million for improve network security

26.6.2007 police confiscated all servers of company Websupport.sk becouse they think this company is related to attacks in NSA. Servers ware also confiscate without any information to owner.

27.6.2007 - SME - Police cut off companies from the internet

The made 3500 slovak domains unavaible. Many companies like i-shops can't work and can't earn money. Luckily for them Websupport made servers from backups and minimalize demage which police did.

28.6.2007 - SME - Internet users protest in the front of government department

Newspapers SME Report - VIDEO MIRROR

Mad users run to the streets and 28.6.2007 internet users protested in the front of government department. Motto of the protest was "If you are lame, don't blund" and became hit of the slovak internet for few months.

28.6.2007 - SME - NSA Hack: Police accuse two people. Servers already works

Hacker attacks in last year didn't corrupt security of information systems, their functionality and didn't make data leakage.

For SITA, headmaster of office National Security Agency Ivan Goldschmidt.

"We can tell, there ware every day attemts to corrupt information systems of NSA in 2007 - so-called Hackers attacks in various quantity and quality" said Goldschmidt. He also said NSA working on improve security systems which are able to break hackers attempts to disturb functionality of systems - emails, web pages, offices etc.

With regard to the confidentiality of information systems, in Sovakia there is no leakage of classified information due to unauthorized access, said Goldschmidt. This system is secure against outside access, and constantly passing through the screening process, he added Goldschmidt.
Ivan Goldschmidt, 13.1.2008

30.12.2008

After more then one year, police did not give most of hard drives to the websupport back. Investigation about attack to NSA is still in progress and it's hard to say when and how it will end. Two mans still facing to accusation related with NSA attack.

No one is so hopelessly enslaved as those who falsely believe that they are free. – J. W. Goethe

Chronological report