X
Tech

Gonzales just tip of iceberg in Heartland attack

Albert Gonzales, previously accused of breaking into TJX's computer systems, was indicted on charges that a separate group he was involved in breached Heartland Payment Systems. Also indicted but unidentified and still at large were "Hacker 1" and "Hacker 2," labels that suggest Thing 1 and Thing 2 from "The Cat in the Hat" (and indeed Gonzales bears an uncanny resemblance to those life-hackers).
Written by Richard Koman, Contributor

Albert Gonzales, previously accused of breaking into TJX's computer systems, was indicted on charges that a separate group he was involved in breached Heartland Payment Systems. Also indicted but unidentified and still at large were "Hacker 1" and "Hacker 2," labels that suggest Thing 1 and Thing 2 from "The Cat in the Hat" (and indeed Gonzales bears an uncanny resemblance to those life-hackers).

USA Today reports that Hacker 1 and Hacker 2 were likely expert hackers who did the actual SQL injection attacks on the servers.

n the attacks on Heartland, prosecutors say Gonzalez helped with the comparatively simple tasks of transferring malicious programs onto the company's computer servers. Meanwhile, Hacker 1 and Hacker 2 conducted the more delicate SQL injection probes remotely across the Internet.

While it's not exactly clear whether the feds believe Gonzales continued to help attack Heartland after being arrested in 2008 over the TJX break-in, that seems extremely unlikely. Gonzales is probably being nailed for the scope-out work he would have done prior to being busted last year.

But let's not forget, these three were selling this data to even bigger criminals, most likely on Russian online forums. So was he the mastermind, or a low-level purveyor of data to any and all bidders?

The two groups Gonzalez is accused of associating with appear to be "nothing more than the tip of the spear," says Eric Laykin, managing director of Duff & Phelps, a financial advisory firm. "In order for criminal gangs to thrive in Russia, Eastern Europe and China, they require feet on the street here in the U.S. to scout out victims and locate the vulnerabilities that can be exploited."

Editorial standards