Security trends for 2013

Year 2013 will be year of cyber security. CNN expects more cyber wars this year. Cybercrime is on the rise, and last year we saw more and more computer virus attacks. Security company Kaspersky Lab warns of more new cyber-threats against enterprises and mobile devices. Cyber security also relates to mobile.

Security becomes an increasingly important issue. Year 2013 is the year of cyber security. Security company Stonesoft predicts we will face a more targeted launch cyber-attacks, cyber espionage and hactivism. Cyber security is the fastest growing trend in information security and its importance will increase in the future. According to Stonesoft the current security systems are unable to provide adequate protection against targeted attacks: we require proactive cyber protection and willingness to face the unknown threats.

Hacktivism will continue. According to article Anonymous: ‘Expect us 2013′ the hacking group boasted its cyberattacks against the U.S., Syrian, and Israeli governments in 2012. They are also warning people to continue to expect this type of activity.

SCADA security was hit hard in 2012. Some of the big manufacturers hit hard have learned their lessons and test their devices more now. But how are some smaller manufacturers security testing? Metasploit has special category for SCADA
devices.
Good idea to test your devices against it.

There is still work to do on Cyber security standards and SCADA standards. For example in very widely used automation security standard IEC 61508 security is addresses only in informative way (NOT MANDATORY. IEC 62443-2-4: A Baseline Security Standard for Industrial Automation Control Systems is a good starting point when thinking on SCADA systems security.

Nowadays you need to think about SCADA system security more then some years ago. Previously, it was thought that it is sufficient to isolate factory process automation system from the office networks and the Internet. This is no longer enough. Nowadays you need to think about information security of production of automation systems. You can’t keep the automation systems isolated from Internet. Accidental connections to Internet from isolated networks happen. Malware can spread through USB memory sticks (Stuxnet did that). And nowadays there are more and more business reasons to connect process automation systems to other networks. So automations system do not anymore live in complete isolation from rest of the world.

Systems with SCADA vulnerabilities have become easier to find. Hackers tap SCADA vuln search engine article tells a search engine that indexes servers and other internet devices is helping hackers to find industrial control systems that are vulnerable to tampering. Search engine Shodan easily pinpoints shoddy industrial controls. Shodan makes it easy to locate internet-facing SCADA, or supervisory control and data acquisition, systems used to control equipment at gasoline refineries, power plants and other industrial facilities. The search engine can also be used to identify systems with known vulnerabilities. Shodan makes networks more vulnerable to brute-force attacks on passwords, many of which may still use factory defaults.

Thousands of SCADA Devices Discovered On the Open Internet article tells that there are all the time news of the continuing poor state of security for industrial control systems. The pair of researchers with found found not only devices used for critical infrastructure such as energy, water and other utilities, but also SCADA devices for HVAC systems, building automation control systems, large mining trucks, traffic control systems, red-light cameras and even crematoriums. Never underestimate what you can do with a healthy list of advanced operator search terms and a beer budget.

Researchers have also found crippling flaws in GPS receivers. Global Positioning System infrastructure critical to the navigation of a host of military and civilian technologies including planes, ships and unmanned drones. GPS system is also used to generate accurate clocks in SCADA system and smart grid devices. Researchers showed that they could permanently de-synchronise the date of Phasor Measurement Units used in smart grid and cause UNIX epoch rollover in a few minutes. The overall landscape of GPS vulnerabilities is startling.

crystalball

Happy now? Mobiles, cloud, big data now ‘a growing security risk’ article tells that innovations in mobile and cloud computing, social technology and the use of “big data” present an emerging risk to organisations’ IT security, experts have warned. The European Network and Information Security Agency (ENISA), which is an EU advisory body, said that those technologies would increasingly provide the platform for “most of the innovation expected in the area of IT” and warned that with their emergence would come an associated increased cyber threat. ENISA warned that the threat stemming from mobile computing comes from the fact that mobile communications take place over “poorly secured … or unsecured channels”. The most significant threat stems from hackers inserting malicious software in website browser and other software available on mobile devices. Cyber criminals could also use the capabilities of cloud computing for their own gains, such as by storing malware in those systems and using the technology as a platform to launch attacks.

Drive-by downloads attacks against web browsers have become the top web threat. More specifically, attackers are moving into targeting browser plugins such as Java (Java exploits are the major cross-platform threat), Adobe Reader and Adobe Flash. The drive-by download attacks are almost exclusively launched through compromised legitimate websites which are used by attackers to host malicious links and actual malicious code. Exploits are sold for considerable amount of money and quickly included into exploit kits.

Africa’s Coming Cyber-Crime Epidemic article tells that last decade may have just been the first step in a looming African cyber-crime wave. Africa has the world’s fastest-growing middle class, whose members are increasingly tech-savvy and Internet connected and lax law enforcement is a perfect petri dish for increased cybercrime.

European wide cyber police started. EU’s new European Cybercrime Centre (EC3) was just opened few days ago. The facility will act as the “focal point” in the EU’s fight against cybercrime, against both businesses and private citizens. EC3 will act as a hub where crime-fighters can pool expertise and information, support criminal investigations and help develop and spread best practice. It will work with industry to develop threat assessments. It will work closely with the FBI and the US Secret service, in addition to other foreign agencies.

1,930 Comments

  1. Tomi Engdahl says:

    Tor Appliance
    https://www.schneier.com/blog/archives/2013/11/tor_appliance.html

    Safeplug is an easy-to-use Tor appliance. I like that it can also act as a Tor exit node.

    I would like it to be independently audited before we start trusting it. But it’s a fascinating proof-of-concept of encapsulating security so that normal Internet users can use it.

    Reply
  2. Tomi Engdahl says:

    Web Administration Scripts
    http://www.linuxjournal.com/content/web-administration-scripts

    During the past month or so, I’ve also been dealing with an aggressive DDOS (that’s a “distributed denial of service”) attack on my server, one that’s been a huge pain, as you might expect.

    So, that’s the jumping off point for this article’s scripts: analyzing log files to understand what’s going on and why.

    Reply
  3. Tomi Engdahl says:

    This is the new Finnish cyber security center

    Million to the top, and a handful of new employees in two years. Is Finland kyber-awarness on a solid ground?

    - You could say that this is a real can-do spirit!, Kirsi Karlamaa Communications Regulatory Authority section describes starting a Kyberturvallisuuskeskusta.

    Communications Regulatory Authority early next year-starting Kyberturvallisuuskeskus based on the government last January to publish the kyber security strategy.

    In other words, the aim is that whether it’s a state of spyware, a massive denial of service attack, or even a dangerous vulnerability in Microsoft software, partner companies, the public sector and the protection of citizens to work more smoothly.

    - We hope to get cooperation Kyberturvallisuuskeskukselle the use of additional expertise and networks and increase the exchange of information and analysis capacity.

    At the turn of the national security agency CERT-FI’s name will fade into the background. Similarly, the Finnish Communications Regulatory Authority is less known NCSA-FI unit

    A more effective response requires more resources and will be like a certain extent. Kyberturvallisuuskeskukseen hired in 2014 and 2015, ten new experts in security sector from the current 40 twin on top. State funding for next year is one million euros and it will be followed by 1.5 million each year.

    - This is a good start-up activities to strengthen and its adequacy should be monitored in the future.

    Kyberturvallisuuskeskuksella does not play any role in any defensive or attack cyber weapons development of cyber war against the State.

    Source: http://www.itviikko.fi/tietoturva/2013/11/28/tallainen-on-suomen-uusi-kyberturvallisuuskeskus/201316503/7

    Reply
  4. Tomi Engdahl says:

    NSA Spying Risks $35 Billion in U.S. Technology Sales
    http://www.bloomberg.com/news/2013-11-26/nsa-spying-risks-35-billion-in-u-s-technology-sales.html

    International anger over the National Security Agency’s Internet surveillance is hurting global sales by American technology companies and setting back U.S. efforts to promote Internet freedom.

    Disclosures of spying abroad may cost U.S. companies as much as $35 billion in lost revenue through 2016 because of doubts about the security of information on their systems, according to the Information Technology & Innovation Foundation, a policy research group in Washington whose board includes representatives of companies such as International Business Machines Corp. (IBM) and Intel Corp. (INTC)

    “The potential fallout is pretty huge given how much our economy depends on the information economy for its growth,” said Rebecca MacKinnon, a senior fellow at the New America Foundation, a Washington policy group. “It’s increasingly where the U.S. advantage lies.”

    Any setback in the U.S. push to maintain an open Internet also could inflict indirect damage on companies such as Apple Inc. (AAPL) and Google Inc. (GOOG) that benefit from global networks with few national restrictions.

    Cisco Systems Inc. (CSCO), the world’s largest maker of computer-networking equipment, said this month that the NSA disclosures are causing some hesitation among customers in emerging markets.

    Reply
  5. Tomi Engdahl says:

    Apple dodges data privacy sueball: Fanbois didn’t RTFM*, says judge
    They never bothered to read the privacy policy… so they have no case
    http://www.theregister.co.uk/2013/11/28/apple_data_privacy_lawsuit_thrown_out/

    A US judge has thrown out an Apple user lawsuit over data privacy, saying that the former fanbois and gurlz had failed to show any evidence that they knew about Apple’s privacy policies before they bought their iPhones.

    Four iDevice users claimed in 2011 that Apple had violated its privacy policy by allowing third-party app developers to have access to personal information and by transmitting local Wi-Fi and phone tower data when Location Services were turned off.

    They claimed they had been “harmed” by this behaviour as they would never have paid so much for their iPhones if they’d known

    Two of the mobe-owners said they didn’t realise that third-party apps could collect their personal information

    Although Judge Lucy Koh acknowledged that there may have been harm done

    In order for the case to stand up under law, the complainants would have to show that Apple’s misrepresentations in its policies had directly influenced their decision to buy a fruity mobe and none of them could.

    Reply
  6. Tomi Engdahl says:

    Think unpatched Win XP hole’s not a big deal? Hope you trust your local users
    Vulnerability used to breathe life into Adobe Reader exploit, Microsoft warns
    http://www.theregister.co.uk/2013/11/28/winxp_0day/

    An unpatched vulnerability in Windows XP and Windows Server 2003 creates a means for hackers to gain admin rights on vulnerable Windows XP machines, Microsoft warned on Wednesday.

    The zero-day local privilege escalation vulnerability is not suitable for remote code execution but might allow a standard user account to execute code in the kernel. As such, the bug is not that much use on its own, but potentially troublesome when mixed in a cocktail with other software vulnerabilities in order to formulate workable attacks.

    Unfortunately this has already happened and the vulnerability has already been used in anger in conjunction with an Adobe Reader exploit to target a recently patched vulnerability in the widely used PDF reader software, anti-malware firm FireEye warns.

    Microsoft plays down the seriousness of the vulnerability while admitting it has been abused in “limited, targeted attacks”.

    Reply
  7. Tomi Engdahl says:

    Despite US opposition, UN approves rights to privacy in the digital age
    http://www.zdnet.com/despite-us-opposition-un-approves-rights-to-privacy-in-the-digital-age-7000023708/

    Summary: Despite last week’s US-led opposition to the United Nations’ “Rights To Privacy In The Digital Age,” the resolution put forward as a reaction to US surveillance activities was passed

    The United Nations on Wednesday approved 18 draft resolutions, notably “The right to privacy in the digital age,” despite opposition from the U.S. government.

    It is the first such document to establish privacy rights and human rights in the digital sphere.

    Sponsored by Germany and Brazil, it is specifically concerned with the negative impact of surveillance, “in particular when carried out on a mass scale, may have on the exercise and enjoyment of human rights.”

    The draft was approved without a vote.

    According to The Guardian, the major concession made to the US, UK, and Australia was to include a reference linking “human rights violations” to extraterritorial snooping.

    No countries moved against the measure, though last week the United States lobbied its fellow so-called “Five Eyes” nations of the UK, Australia and New Zealand to weaken the language of the resolution.

    According to the UN’s General Assembly press release today: “Following the approval, some delegates stressed the need for agreed international human rights mechanisms in relation to ensuring privacy and freedom of expression.”

    Sweden expressed disappointment regarding the outcome of the resolution’s language regarding human rights.

    The representative of Sweden said he “would have preferred a reference” to the enjoyment of all human rights — online and offline — including the freedom of expression and the right to privacy.”

    Resolution to strengthen human rights against drone use

    The Committee next went onto vote and approve a resolution specifically aimed at the use of drones and human rights violations, with an urgent stress on the legalities of drone use.

    Passed: Resolution to protect journalists against intimidation and arbitrary detention
    Next, the Committee passed a resolution to protect journalists worldwide, specifying that the arbitrary detention, harassment and intimidation of journalists would now be universally condemned — bringing to mind the UK’s recent detention of David Miranda, partner to journalist Glenn Greenwald.
    The Committee approved “Safety of journalists and the issue of impunity” without a vote.

    By far, the most impressive piece of today’s announcement is the passing of the UN’s “Rights to privacy in the digital age.”

    Reply
  8. Tomi Engdahl says:

    Online banking faces a new threat
    http://www.securelist.com/en/analysis/204792315/Online_banking_faces_a_new_threat

    The author of this post was offering a malicious program that could be used to attack “about 100 banks” by seeding add-on code onto bank websites viewed with Internet Explorer and Mozilla Firefox, with VNC connections, and other ways to attack “any bank in any country.”

    Kaspersky Lab immediately began to dig deeper, and discovered that the program the malicious users were offering was Trojan-Banker.Win32/64.Neverquest. By mid-November Kaspersky Lab had recorded several thousand attempted Neverquest infections all around the world. This threat is relatively new, and cybercriminals still aren’t using it to its full capacity.

    The program checks the computer for any copies of itself that may already be installed on the computer. If there aren’t any, it then launches a VNC server and sends its first request to the command center in order to receive a configuration file.

    The configuration file contains a set of malicious JavaScripts and a list of websites that, when launched in IE or Firefox, will install the corresponding scripts.

    There are 28 sites on the list, including those that belong to large international banks – sites of German, Italian, Turkish and Indian banks, as well as payment systems.

    After gaining access to a user’s account with an online banking system, cybercriminals use a SOCKS server and connect remotely to the infected computer via a VNC server, then conduct transactions and wire money from the user to their own accounts, or — in order to keep the trail from leading directly to them — to the accounts of other victims.

    Conclusion

    Neverquest supports just about every possible trick described in our previous article on online bank attacks: web injection, remote system access, social engineering, and so on.

    Protection against threats such as Neverquest requires more than just standard antivirus; users need a dedicated solution that secures transactions. In particular, the solution must be able to control a running browser process and prevent any manipulation by other applications.

    Reply
  9. Tomi Engdahl says:

    Cyberattack Leads to $1 Million Bitcoin Heist
    http://mashable.com/2013/11/25/cyberattack-leads-to-heist-of-1-million-in-bitcoin/

    Another Bitcoin company has fallen victim of a massive cyberheist. BIPS, one of the largest European Bitcoin payment processors, lost 1,295 Bitcoin (currently worth $1 million) after a cyberattack.

    As the price of Bitcoin continues to rise, cybercriminals are targeting companies with large holdings of Bitcoins in their servers. The attack on BIPS happened just a few weeks after inputs.io, which allegedly lost 4,100 BTC, worth more than $1 million at the time.

    Hackers launched their initial Distributed Denial of Service (DDoS) attack on BIPS on Nov. 15, the company wrote in a Reddit post. The hackers attacked again on Nov. 17, overloading BIPS servers and somehow getting access to several online wallets, which allowed them to steal the 1,295 BTC.

    The company released a statement saying the attack compromised “several consumer wallets.”

    “Attacks are not isolated to us, and if you are storing larger amounts of coins with any third party, you may want to find alternative storage solutions as soon as possible,”

    “Web Wallets are like a regular wallet that you carry cash in and not meant to keep large amounts in,”

    Henriksen’s conclusion that online wallets aren’t safe echoes what the founder of inputs.io said after his website’s loss of 4,100 Bitcoin.

    “I don’t recommend storing any Bitcoins accessible on computers connected to the Internet,” he wrote at the time.

    Reply
  10. Tomi Engdahl says:

    Why Bitcoin Is Doomed To Fail, In One Economist’s Eyes
    http://yro.slashdot.org/story/13/11/28/1451237/why-bitcoin-is-doomed-to-fail-in-one-economists-eyes

    “Economist Edward Hadas writes in the NYT that developers of bitcoin are trying to show that money can be successfully privatized but money that is not issued by governments is always doomed to failure because money is inevitably a tool of the state. ‘Bitcoin exemplifies some of the problems of private money,’ says Hadas”

    Reply
  11. Tomi Engdahl says:

    Texas Hacker Debunks Link Between Bitcoin Founder and Online Drug Market
    http://www.wired.com/wiredenterprise/2013/11/trammell/

    Israeli academics Dorit Ron and Adi Shamir thought they may have uncovered an intriguing link between the anonymous creator of the bitcoin digital currency and the illicit online drug marketplace the Silk Road. But it turns out the idea was bunk.

    It’s an object lesson in the perils of jumping to conclusions in the world of bitcoin, which has suddenly become a rather popular digital money and payment system. This world is a paradoxical place that is both transparent and very murky.

    The Israeli researchers had linked this account — via several steps — to an address that sent money to the Dread Pirate, and this address, it turns out, was controlled by a Japanese bitcoin exchange called Mt. Gox.

    Reply
  12. Tomi Engdahl says:

    ENISA wants mobes to wander freely between carriers in emergencies
    If your network’s crocked, another one picks up the load in the national interest
    http://www.theregister.co.uk/2013/11/29/enisa_in_country_mobile_roaming_plan/

    The European Union Agency for Network and Information Security (ENISA) has floated the idea that all mobile phones should be able to roam to another network within their country of residence, in order to enhance the resilience of mobile networks.

    The thinking behind the report is simple: “Every day millions of European citizens rely on mobile telephony for work, social life, but also to contact emergency services. Hence outages of a mobile network can have a severe impact on the economy and on society.”

    ENISA’s remit is to keep Europe’s communications lines open and secure, which makes mobile resilience of interest.

    The document’s central idea is that it would be lovely if all EU members had at least some form of roaming, so that subscribers hit by outages could still connect their phones to a network. Roaming could be be regulatory fiat

    The report’s nine recommendations also suggest mutual aid agreements so that all of a nation’s telcos sign up to the same rules. Prioritising voice and SMS traffic over data is also suggested.

    Reply
  13. Tomi Engdahl says:

    Windows opening to give a hacker to elevate their user rights, “already used”

    A new and as yet the place mat vulnerability in Windows XP and Windows Server 2003 systems allow remote code execution broader access rights to the user’s own rights suffice.

    To exploit the vulnerability the attacker must already have access to the target system, that is, the vulnerability does not in itself be possible remote code execution remotely.

    The vulnerability is located in NDProxy.sys file, which is the system standard driver operations of the network utilization.

    Microsoft security review, the vulnerability exploited in a small scale, targeted attacks. The vulnerability does not apply to newer versions of Windows.

    Microsoft is proposing a temporary solution NDProxy.sys driver turned off. It also at the same time to prevent the use of VPN services.

    Source: http://www.tietoviikko.fi/kaikki_uutiset/windowsaukko+antaa+hakkerin+nostaa+kayttooikeuksiaan+quothyodynnetaan+joquot/a950867

    Reply
  14. Tomi Engdahl says:

    Dutch DPA: privacy policy Google in breach of data protection law
    http://www.dutchdpa.nl/Pages/pb_20131128-google-privacypolicy.aspx

    The combining of personal data by Google since the introduction of its new privacy policy on 1 March 2012 is in breach of the Dutch data protection act [Wet bescherming persoonsgegevens]. This is the conclusion of the investigation by the Dutch data protection authority [College bescherming persoonsgegevens].

    Reply
  15. Tomi Engdahl says:

    Google : failure to comply before deadline set in the enforcement notice
    http://www.cnil.fr/english/news-and-events/news/article/google-failure-to-comply-before-deadline-set-in-the-enforcement-notice/

    On 20 June 2013, the CNIL’s Chair had ordered Google to comply with the French data protection law within 3 months. On the last day of this period, Google responded to the CNIL. Google contests the reasoning of the CNIL and has not complied with the requests laid down in the enforcement notice

    Reply
  16. Tomi Engdahl says:

    Google Can Bring an End to Censorship in 10 Days. Here’s how.
    https://en.greatfire.org/blog/2013/nov/google-can-bring-end-censorship-10-days-heres-how

    On November 20, 2013, Eric Schmidt, Google’s Executive Chairman, was quoted as saying during a speech in Washington:

    “We can end government censorship in a decade. The solution to government surveillance is to encrypt everything.”

    If we are to take Mr. Schmidt seriously, we must ask what Google is doing in practice in the most censored of all Internet markets: China. The answer, unfortunately, is disappointing.

    While Google has stopped moving the boundaries in China, other players have made a difference. The code-sharing site Github uses encrypted-only access and, perhaps not intentionally, broke the pattern of Internet control in China.

    1. Google needs to first switch its China search engine (google.com.hk) to HTTPS by default. It has already done this in the US and in other markets but not in China.

    2. While we provide a pretty comprehensive list of websites that are blocked in China, Google holds the best list of blocked websites, everywhere in the world. If the website that a user tries to visit from the search results on Google is blocked in the country that the user is in, Google should redirect the user to a mirrored version of the same website hosted by Google.

    “Google! Do it! If they don’t block you, freedom wins. If they do block you, there will be much more opposition to censorship inside China and the system will be forced to change, thus freedom wins too!”

    We are gambling with Google’s stack that they are big enough and important enough that the Chinese authorities would not dare block it in mainland China completely. They tried it once before and backed down after a day.

    The Github story provides a precedent for our willingness to bet the house.

    Every time somebody conducts a search on Google and clicks a link that should take them to a website only to find that it is blocked, Google knows that the site is blocked within the cross-site tracking of Google analytics. They also have an index of the entire content of the internet. It would be easy for Google to make a change to its search engine, so that when a person clicks on a link that Google knows is blocked, they would redirect that user to an unblocked version of the page, hosted on an unblockable proxy.Every time somebody conducts a search on Google and clicks a link that should take them to a website only to find that it is blocked, Google knows that the site is blocked within the cross-site tracking of Google analytics. They also have an index of the entire content of the internet. It would be easy for Google to make a change to its search engine, so that when a person clicks on a link that Google knows is blocked, they would redirect that user to an unblocked version of the page, hosted on an unblockable proxy.

    Reply
  17. Tomi Engdahl says:

    Activists to Google: You could end Chinese internet censorship in 10 days
    http://nakedsecurity.sophos.com/2013/11/27/activists-to-google-you-could-end-chinese-internet-censorship-in-10-days/

    Google Executive Chairman Eric Schmidt said recently that encrypting everything can end government censorship in a decade.

    To hell with 10 years, says anti-censorship group GreatFire.org – Google could do it in 10 days, and the group is happy to show how.

    Reply
  18. Tomi Engdahl says:

    Bitcoin online bank robbery – “because that’s where the money is”
    http://nakedsecurity.sophos.com/2013/11/26/bitcoin-online-bank-robbery-because-thats-where-the-money-is/

    But I bet you one thing: if real banknotes didn’t exist, and all you had was a list of serial numbers like the one you just copied down, you’d look after that list pretty carefully.

    You certainly wouldn’t hand the list to a stranger on the street and say, “Be a good chap, won’t you, and keep this in your pocket until I see you next week,” any more than you’d hand him your wallet full of cash to store for you.

    But Bitcoins – the unregulated digital currency that has been hugely in the news lately, both for its soaring street value and its usefulness in paying the CryptoLocker malware ransom – are, very loosely speaking, stored and traded like our imaginary list of banknote serial numbers.

    There are no offical Bitcoin banknotes or coins; just strings of digital data that act as cryptographic serial numbers, denoting which Bitcoins (or fractional parts of Bitcoins) are yours.

    So, if you’re into Bitcoins, you want to watch that digital Bitcoin wallet of yours pretty closely, especially given the steepling surge in the cryptocurrency’s value in the past month.

    Reply
  19. Tomi Engdahl says:

    87% of SMBs suffered a cyberattack last year, only 44% see security as a priority
    http://nakedsecurity.sophos.com/2013/11/28/87-of-smbs-suffered-a-cyberattack-last-year-only-44-see-security-as-a-priority/

    Earlier this year, the Department for Business, Innovation and Skills (BIS) reported that 93% of large businesses fell prey to a cyberattack in 2012.

    Similarly, small and medium-size businesses (SMBs) also suffered, with 87% being targeted – up 10% from the previous year.

    Now, the reasons why SMBs are at risk has been examined in detail in a recent Sophos-sponsored report by the Ponemon Institute.

    Given the job roles of the respondents, some of the findings are quite staggering with 44% of those surveyed saying that a strong security policy is not a priority and 58% claiming that management do not see cyber attacks as a significant threat.

    Other barriers to implementing an effective IT security strategy were also identified with 42%, unsurprisingly perhaps, citing a lack of budget as a large factor. Another major issue identified by the survey was a lack of skilled personnel.

    Considering the fact that respondents in the survey are all responsible for managing the security function, I find it quite alarming that 1 in 3 admitted that they did not know whether their organisation had been subjected to a cyber attack in the last twelve months. Such a lack of knowledge would seem to suggest a deficiency either in the monitoring and reporting of incidents or with the IT management itself.

    Interestingly, 31% of the individuals surveyed said that there was no particular person within their company with responsibility for making security decisions.

    Another discovery was that SMBs struggle to assign a monetary value to information assets. If an organisation does not apply a cost to its assets then how can it determine their value and, hence, the appropriate level of security protection to apply to it?

    Reply
  20. Tomi Engdahl says:

    Bitcoin Survival Guide: Everything You Need to Know About the Future of Money
    http://www.wired.com/wiredenterprise/2013/11/bitcoin-survival-guide/all/

    If you own some bitcoins, what you really own is a private cryptography key that’s associated with an address on the internet

    Crypto systems like this do get cracked, and the software behind Bitcoin could have flaws in it. But at this point, Bitcoin has been tested pretty thoroughly, and it seems to be pretty darned secure.

    If all that makes sense and you wanna give it try, the first thing you do is get a wallet. We like blockchain.info, which offers an app that you can download to your phone. Then, once you have a wallet, you need some bitcoins.

    In the U.S., the easiest way to buy and sell bitcoins is via a website called Coinbase. For a one percent fee, Coinbase links to your bank account and then acts as a proxy for you, buying and selling bitcoins on an exchange.

    Yes, you can keep your purchases anonymous — or at least mostly anonymous. If you use a service like Coinbase or Mt. Gox, you’ll have to provide a bank account and identification. But other services, such as LocalBitcoins, let you buy bitcoins without providing personal information. Ironically, the best way to do this is to meet up with someone here in the real world and make the trade in-person.

    Once you get your hands on some bitcoins, be careful. If somebody gets access to your Bitcoin wallet or that private key, they can take your money. And in the Bitcoin world, when money is gone, it’s gone for good.

    This can be a problem whether you’re running a wallet on your own machine or on a website run by a third party.

    The feds have stopped short of trying to kill Bitcoin, but they’ve created an atmosphere where anybody who wants to link the U.S. financial system to Bitcoin is going to have to proceed with extreme caution

    Reply
  21. Tomi Engdahl says:

    European Parliament culls public Wi-Fi access after email hack
    http://www.techienews.co.uk/973408/european-parliament-culls-public-wi-fi-access-email-hack/

    A white hat hacker managed to break into multiple email accounts thereby forcing the European Parliament to cutoff its public Wi-Fi access.

    The French security researcher apparently performed man-in-the-middle attacks on multiple email accounts in a bid to expose the poor security at the Parliament.

    “As a precaution, the Parliament has therefore decided to switch-off the public Wi-Fi network until further notice,”

    Reply
  22. Tomi Engdahl says:

    Disabled Woman Denied Entrance To US Due To Private Medical Records
    http://news.slashdot.org/story/13/11/29/025218/disabled-woman-denied-entrance-to-us-due-to-private-medical-records

    Comments:

    Irrational fear is the new patriotism.

    No, it is not new. Irrational fear has ALWAYS been the keystone to American “patriotism”. Hell, just look at the whole McCarthyism thing.

    irrational fear has been the keystone to all patriotism

    Meh. Canadian medical privacy is kind of ridiculously done–they put diagnosis (rather than just prescription) on the slips they give the pharmacist, which means for most of small-town Canada, there is near-zero medical privacy.

    Although I don’t really understand why they want to keep depressed people out, it’s just a tourist visa, not even a long term thing.

    Bruce Schneier calls it “the war on the unusual” – I like “the war on diginity” because it better encompasses the kafka-esque nature of the unthinking and unyielding bureaucracy that produces this sort of result.

    Reply
  23. Tomi Engdahl says:

    The UK government wants to block “extremist” content, but who decides what that is?
    http://gigaom.com/2013/11/28/the-uk-government-wants-to-block-extremist-content-but-who-decides-what-that-is/

    Summary:
    A government minister has confirmed plans, mentioned recently by the prime minister in a poorly reported parliamentary exchange, to force ISPs to censor access to “extremist” online material. But that term is open to interpretation.

    This came not long after Cameron convinced ISPs to institute on-by-default blocks against (legal) pornography. Now we know that really was the top of a slippery slope: on Wednesday, crime and security minister James Brokenshire told the Internet Service Providers Association conference in London that the government would soon come up with concrete proposals for censoring “extremist” content.

    This will be achieved in much the same way as child pornography is currently censored, according to The Guardian.

    In the case of child abuse, a well-meaning but ultimately not very accountable organization called the Internet Watch Foundation runs a blacklist that ISPs use to automatically block illegal content.

    In the case of “extremist” material, that power may end up in the hands of a body within the Counter Terrorism Internet Referral Unit, which already records reports of “illegal terrorist or extremist content.”

    UK authorities’ definition of extremism has always been quite broad.

    The ISPs are obviously not happy. As one source complained to The Guardian: “There is always a concern about mission creep… When it comes to incitement it’s not as clear cut as child exploitation.”

    Reply
  24. Tomi Engdahl says:

    Group Thinks Anonymity Should Be Baked Into the Internet Itself
    http://www.technologyreview.com/news/521856/group-thinks-anonymity-should-be-baked-into-the-internet-itself/

    Following NSA surveillance revelations, talks advance on making the privacy-protecting tool Tor an Internet standard.

    The Internet’s main engineers have asked the architects of Tor—networking software designed to make Web browsing private—to consider turning the technology into an Internet standard.

    If widely adopted, such a standard would make it easy to include the technology in consumer and business products ranging from routers to apps. This would, in turn, allow far more people to browse the Web without being identified by anyone who might be spying on Internet traffic.

    Reply
  25. casio g-shock analog digital chronograph military mens watch aw591ml 1a says:

    It includes a bracelet design for men, having solar style.
    During the event life cycle of the Casio G Shock technology, there have been 200 experimental prototypes designed for endurance testing.
    I think it really is because it is the antithesis of ruggedness.

    Reply
  26. Vince says:

    Link exchange is nothing else however it is just placing
    the other person’s blog link on your page at appropriate place and other person will also do similar in support of you.

    Reply
  27. Tomi Engdahl says:

    Official Vodafone Iceland Breach Contents Report & Breakdown
    http://www.cyberwarnews.info/reports/official-vodafone-iceland-breach-contents-report-breakdown/

    Earlier today the official Vodafone Iceland was breached, left defaced and a heap of data leaked from its servers. This report breaks down the contents of each of the files which contains over 70,000 user personal details as well as a heap fo administrator details and Icelandic equivalent of social security numbers.

    the MySQL file greind.sql appears to have a small log of sms history that’s dated 2011 as well as a sms logger.

    Reply
  28. Tomi says:

    Bypassing Seagate ATA Security Lock
    http://hackaday.com/2013/11/29/bypassing-seagate-ata-security-lock/

    Here’s a common story when it comes to password retrieval: guy sets up a PC, and being very security-conscious, puts a password on his Seagate hard drive. Fast forward a few months, and the password is, of course, forgotten. Hard drive gets shuffled around between a few ‘computer experts’ in an attempt to solve the problem, and eventually winds up on [blacklotus89]‘s workbench. Here’s how he solved this problem.

    Two hours and two Python scripts later, [blacklotus] was able to dump the contents of his drive.

    Reply
  29. Tomi says:

    This type of crime is the only one that is growing in Finland

    Fraud increased last year by nearly 20 per cent from the previous year.

    Security provider F-Secure’s doing this on the basis of an international survey, one in ten internet users have been scammed and lost money for the inconvenience, Washington Post says.

    The police are particularly concerned about the activities of professional criminal gangs. The internet is very easy to reach massive amounts of people at the same time, the costs are non-existent.

    Source: http://www.iltalehti.fi/uutiset/2013120117780950_uu.shtml

    Reply
  30. Tomi says:

    Blighty’s top moneymen: Hackers are SLURPING CASH direct from banks
    Bank of England warns financial institutions to take cyber-crime threat seriously
    http://www.theregister.co.uk/2013/11/29/uk_banks_cyber_threat_warning/

    Several UK banks have suffered actual financial losses as a result of cyber-attacks in the last six months, according to a Bank of England study.

    “The combination of high interconnectedness, reliance on centralised market infrastructure and complex legacy IT systems are leaving our banks vulnerable to cyber attacks,” Armstrong said. “A holistic approach that is designed to tightly integrate cyber-defences with processes, people and physical measures is crucial to ensure financial organisations are protected against the latest evolution of threat and attack vectors.”

    Reply
  31. Tomi says:

    Dial 00000000 To Blow Up the World
    http://news.slashdot.org/story/13/12/01/047207/dial-00000000-to-blow-up-the-world

    “For 20 years the password for the U.S. nuclear arsenal was ’00000000.’”

    Reply
  32. Tomi says:

    Bitcoin Miners Bundled With PUPs In Legitimate Applications Backed By EULA
    http://tech.slashdot.org/story/13/11/30/177206/bitcoin-miners-bundled-with-pups-in-legitimate-applications-backed-by-eula

    “Bitcoin miners are being integrated with third party potentially unwanted programs (PUPs) that come bundled with legitimate applications. These miners surreptitiously carry out Bitcoin mining operations on the user’s system consuming valuable CPU time without explicitly asking for user’s consent.”

    Reply
  33. Tomi Engdahl says:

    Techies vs. NSA: Encryption arms race escalates
    http://bigstory.ap.org/article/techies-vs-nsa-encryption-arms-race-escalates

    Encrypted email, secure instant messaging and other privacy services are booming in the wake of the National Security Agency’s recently revealed surveillance programs. But the flood of new computer security services is of variable quality, and much of it, experts say, can bog down computers and isn’t likely to keep out spies.

    In the end, the new geek wars —between tech industry programmers on the one side and government spooks, fraudsters and hacktivists on the other— may leave people’s PCs and businesses’ computer systems encrypted to the teeth but no better protected from hordes of savvy code crackers.

    “Every time a situation like this erupts you’re going to have a frenzy of snake oil sellers who are going to throw their products into the street,” says Carson Sweet, CEO of San Francisco-based data storage security firm CloudPassage. “It’s quite a quandary for the consumer.”

    The revelations are sparking fury and calls for better encryption from citizens and leaders in France, Germany, Spain and Brazil who were reportedly among those tapped. Both Google and Yahoo, whose data center communications lines were also reportedly tapped, have committed to boosting encryption and online security. Although there’s no indication Facebook was tapped, the social network is also upping its encryption systems.

    For those who want to take matters into their own hands, encryption software has been proliferating across the Internet since the Snowden revelations broke.

    Heml.is — Swedish for “secret” — is marketed as a secure messaging app for your phone. MailPile aims to combine a Gmail-like user friendly interface with a sometimes clunky technique known as public key encryption. Younited hopes to keep spies out of your cloud storage, and Pirate Browser aims to keep spies from seeing your search history. A host of other security-centered programs with names like Silent Circle, RedPhone, Threema, TextSecure, and Wickr all promise privacy.

    Many of the people behind these programs are well known for pushing the boundaries of privacy and security online.

    The quality of these new programs and services is uneven, and a few have run into trouble.

    “What we found is the encryption services range in quality,” says George Kurtz, CEO of Irvine, Calif.-based CrowdStrike, a big data, security technology company. “I feel safe using some built by people who know what they are doing , but others are Johnny-come-latelies who use a lot of buzzwords but may not be all that useful.”

    Even so, private services report thousands of new users, and nonprofit, free encryption services say they have also see sharp upticks in downloads.

    And for many users, encryption really isn’t enough to avoid the U.S. government’s prying eyes.

    In any case, most attacks don’t happen because some cybercriminal used complicated methods to gain entry into a network, he adds.

    “Most attacks occur because someone made a mistake. With phishing emails, it just takes one person to unwittingly open an attachment or click on a malicious link, and from there, cybercriminals are able to get a foothold,” Peterson says.

    Reply
  34. Tomi Engdahl says:

    What Piracy? Removing DRM Boosts Music Sales by 10 Percent
    http://torrentfreak.com/what-piracy-removing-drm-boosts-music-sales-by-10-percent-131130/

    DRM was once praised as the ultimate tool to prevent music piracy, but new research shows that the opposite is true. Comparing album sales of four major labels before and after the removal of DRM reveals that digital music revenue increases by 10% when restrictions are removed.

    Reply
  35. Tomi Engdahl says:

    Thoughts on Bitcoin
    http://blog.samaltman.com/thoughts-on-bitcoin

    Maybe bitcoin will be the world reserve currency, maybe it will totally fail, or maybe it will survive in some niche capacity. I don’t know how to weight the probabilities (although I think in the immediate term it’s likely to go down), but I do have a thought about the metric to watch: growth in legitimate transactions. A currency without the major use case being legitimate transactions is going to fail.

    Right now, the dominant use case of bitcoin seems to be speculation, with a secondary use case for illegal transactions.

    Legal transaction volume is still tiny, and many of those involve the seller immediately converting bitcoins to dollars, with the buyer not desiring to use bitcoin as a new currency but instead a version of either money laundering or tax avoidance.

    The fact that the few merchants willing to accept bitcoin generally convert to dollars right away suggests an underlying lack of faith in bitcoin—or at least a problem with the volatility. It’s also a reflection of the reality that a business still needs to deal in dollars with most of the world.

    Reply
  36. Tomi Engdahl says:

    Your browser may be up to date: But what about the PLUGINS?
    Watch out when shopping online this Xmas, plead security pros who’d love to help
    http://www.theregister.co.uk/2013/12/02/browser_insecurity/

    Two in five (39 per cent) of computers submitted for testing to a free browser security test from Qualys were affected by critical vulnerabilities, mostly related to browser plug-ins.

    The findings, based on 1.4 million BrowserCheck computer scans, paint a picture of e-commerce buyers left wide open to attacks by cybercriminals just before the busiest online shopping period of the year. Browser vulnerabilities are routinely used to push malware at victims from compromised (often otherwise legitimate) websites through drive-by download attacks.

    Chrome has close to 40 per cent of its instances afflicted with a critical vulnerability. Similar numbers apply to Firefox and Internet Explorer, which have 35 per cent and 41 per cent of their instances vulnerable to attacks.

    Qualys CTO Wolfgang Kandek says that browser plug-ins were a bigger part of the problem than core security software.

    “Browsers themselves are only partly to blame though; we see most of them quite up-to-date, with Chrome leading the pack with 90 per cent, Firefox at 85 per cent and Internet Explorer trailing with 75 per cent,” Kandek explained. “The larger part of the problems are contributed by the plug-ins that we use to extend the capabilities of our browsers, led by Adobe Shockwave and followed by Oracle Java and Apple Quicktime.”

    Reply
  37. Tomi Engdahl says:

    US border control accessed private medical records
    Disabled woman denied Christmas cruise due to past depression
    http://www.theinquirer.net/inquirer/news/2310115/us-border-control-accessed-private-medical-records

    A CANADIAN WOMAN has alleged that she was refused passage to the US because US border control had access to her private medical information that it should not have had.

    The obvious conclusion, based on a Canadian Broadcasting Company report, is of course that Canadian medical records have been subject to ongoing surveillance by the US National Security Agency (NSA), though at this stage, that remains speculation.

    Reply
  38. Tomi Engdahl says:

    We need anonymity to make democracy safe – Stallman talks bitcoin
    http://rt.com/news/bitcoin-not-anonymous-stallman-522/

    Although enthusiasm for ‘crypto-currency’ bitcoin is expanding, it is not going to save people’s privacy from US NSA spy agency data mining. A truly anonymous online currency is needed, Richard Stallman, president of the Free Software Foundation told RT.

    Just as bitcoin soared above $1,200 mark, almost matching current gold prices, some 1500 proponents of the digital currency gathered in London to discuss the problems of the ‘crypto-money’ and how it could change the world.

    The speakers included well-known freedom of information activists, such as Cody Wilson and Richard Stallman, bitcoin developer Michael Parsons, Cryptoauction founder Daryl Cusack, as well as RT’s Stacy Herbert of Keiser Report.

    Bitcoin supporters – from investors and academics, to political radicals and internet geeks – have apparently been keen to discuss the challenges that face the currency, which they believe could become a global alternative for cash.

    Five years since its creation by an enigmatic programmer nicknamed Satoshi Nakamoto, bitcoin has been recognized as legitimate cyber currency garnering increasing popularity.

    However, while more and more online and offline services are mulling accepting payments in bitcoin, the currency still faces uncertainty. Seeing how it quadrupled in value just in one month, some fear that bitcoin is yet another large economic bubble.

    However, another issue that concerns people in the wake of the global US National Security Agency (NSA) spying revelations is whether the transactions made with “miraculous” cyber money are protected from a watchful eye.

    Richard Stallman: Bubbles can happen in bitcoin just as they can happen in housing, or in tulips, or anything that people speculate in. Bubbles can happen, and that’s nothing special or different. Is bitcoin a miracle? I’m not sure what that would mean – there are good and bad things about bitcoin. One good thing about bitcoin is, you can send money to someone without getting the permission of a payment company.
    On the other hand, there is a potential problem with bitcoin, which is, it might get used for tax evasion.

    RS: Well, its advantage is that you can send the money without getting some company to send it for you.

    RS: I have to point out that bitcoin is not anonymous – that’s not part of its design. People don’t necessarily give their names when they do bitcoin transactions, but the government can probably figure out, who is doing the transaction. How are you going to get bitcoins after all, unless you set up a bitcoin money computer, which is how bitcoins are made, you are going to get them by buying them from someone. If you are an ordinary person, the way you could do it is by paying with a credit card to a company that will exchange government currency for bitcoins. The credit card identifies you, so when you get bitcoins in return, the government can see who you are.

    Reply
  39. Tomi Engdahl says:

    Bitcoin Thefts Surge, DDoS Hackers Take Millions
    http://yro.slashdot.org/story/13/12/01/1948257/bitcoin-thefts-surge-ddos-hackers-take-millions

    “In November, Denmark-based Bitcoin Internet Payment System suffered a DDoS attack. Unfortunately for users of the company’s free online wallets for storing bitcoins, the DDoS attack was merely a smokescreen for a digital heist that quickly drained numerous wallets, netting the attackers a reported 1,295 bitcoins — worth nearly $1 million”

    Reply
  40. Tomi Engdahl says:

    I thought I was being DDOSed. Turns out I’m not that important…
    The real pain came in dealing with UK cops
    http://www.theregister.co.uk/2013/12/02/damon_ddos_by_china/

    Most but not all of the incoming connections are from China and Taiwan; some, however is from the UK and places closer to home.

    Incidentally, I contacted the police to let them know for stats purposes, first trying the NCA, which directed me to my local plod (well, I used 101 instead), who directed me to Action Fraud “a central point of contact for information about fraud and financially motivated internet crime”), which took some details and at least seemed to understand what a DoS attack was.

    I don’t expect them to be able to do anything to help

    Reply
  41. Tomi Engdahl says:

    IBM heading to information security

    IBM is expanding its operations in the security market. The company was started in October of cooperation to develop the content distribution technology with Akamai to provide better security, denial of service attacks.

    Akamai servers goes up to 15-20 percent of network traffic. Its technology is the future part of IBM’s cloud security services offering.

    IBM’s security unit of the Director Julian Meyrick says that the partnership behind the success of Akamai DDOS attack prevention.

    Attacks fight directly to the cloud, and sometimes even completely invisible.

    “One of their clients was attacked two days without anyone noticing anything special operation of the network,” he says.

    The number of attacks is increasing. IBM’s more than 4 000 customers on the basis of the material, large companies will have to fight every week an average of 1 400 cyber attacks in some degree.

    Akamai, in turn, reported in the second quarter, 54 percent of the increase in denial of service attacks.

    Source: http://www.tietoviikko.fi/kaikki_uutiset/ibm+puskee+tietoturvaan/a947476

    Reply
  42. Tomi Engdahl says:

    Cornucopia
    http://www.terminalcornucopia.com/#weapons

    In early-2013, independent security researcher, Evan “treefort” Booth, began working to answer one simple question: Can common items sold in airports after the security screening be used to build lethal weapons? As it turns out, even a marginally “MacGyver-esque” attacker can breeze through terminal gift shops, restaurants, magazine stands and duty-free shops to find everything needed to wage war on an airplane. Just how easy is it to build these weapons?

    What if Terrorists See This?!
    That’s a great question. An even better question is: What if they already know all this? All of these findings have been reported to the Department of Homeland Security (TSA) to help them better detect these types of threats.

    Reply
  43. Tomi Engdahl says:

    Revealed: Australian spy agency offered to share data about ordinary citizens
    http://www.theguardian.com/world/2013/dec/02/revealed-australian-spy-agency-offered-to-share-data-about-ordinary-citizens

    • Secret 5-Eyes document shows surveillance partners discussing what information they can pool about their citizens

    • DSD indicated it could provide material without some privacy restraints imposed by other countries such as Canada

    • Medical, legal or religious information ‘not automatically limited’

    • Concern that intelligence agency could be ‘operating outside its legal mandate’

    Reply
  44. Tomi Engdahl says:

    Glenn Greenwald responds to accusations of profiteering, monopolization of Snowden documents — Questions/responses for journalists linking to the Pando post – and other matters
    http://utdocuments.blogspot.com.br/2013/12/questionsresponses-for-journalists.html

    Reply
  45. Tomi Engdahl says:

    Toolbar enslaves PCs for Bitcoin mining
    What’s mined is not yours but theirs
    http://www.theinquirer.net/inquirer/news/2316375/toolbar-enslaves-pcs-for-bitcoin-mining

    A POPULAR web browser toolbar has been found to enslave its users’ PCs to mine Bitcoins.

    Web browser toolbars generally are a pain. Many of them promise the earth, but in reality all they do is redirect searches, mine users’ data and slow down computers. One, however, has been discovered taking its users’ computer resources to mine Bitcoins for its developers.

    According to security company Malwarebytes, the Myfreeproxy toolbar is designed to let users easily toggle a proxy server, allowing them to anonymise web browsing or watch foreign internet streaming broadcasts such as Hulu or Netflix US.

    However, buried in plain sight in the end user licence agreement (EULA) is a clause giving the program permission to install a Bitcoin miner on the user’s machine.

    Of course, technically, this isn’t a virus.

    The World Community Grid uses a similar technique to put your computer to work helping scientists find cures for diseases including cancer and HIV

    Reply
  46. Tomi Engdahl says:

    Why People Are So Bad At Picking Passwords
    http://it.slashdot.org/story/13/12/02/130226/why-people-are-so-bad-at-picking-passwords

    “Studies suggest red-haired women tend to choose the best passwords and men with bushy beards or unkempt hair, the worst. These studies also reveal that when it comes to passwords, women prefer length and men diversity.”

    “All too often, Mr Thorsheim adds, people use words or numbers intimately linked to them. They use birthdays, wedding days, the names of siblings or children or pets. They use their house number, street name or pick on a favourite pop star.”

    Reply
  47. Tomi Engdahl says:

    The gentle art of cracking passwords
    http://www.bbc.co.uk/news/technology-24519306

    On the internet, the most popular colour is blue, at least when it comes to passwords.

    If you are wondering why, it is largely because so many popular websites and services (Facebook, Twitter and Google to name but three) use the colour in their logo. That has a subtle impact on the choices people make when signing up and picking a word or phrase to form a supposedly super-secret password.

    It’s just one of the many quirks to be found in the password-picking habits of us humans. There are plenty of others.

    These facts have come to light thanks to the vast number of passwords that have been stolen from websites and online services, says security researcher Per Thorsheim.

    Adobe, LinkedIn and game website RockYou have all been hit in breaches that involved the theft of login names and passwords. Add to this the steady drip of security breaches at other firms and you have a vast corpus of data that can shed light on what passwords people pick.

    The number one conclusion from looking at that data – people are lousy at picking good passwords.

    They use birthdays, wedding days, the names of siblings or children or pets. They use their house number, street name or pick on a favourite pop star.

    This bias is most noticeable when it comes to the numbers people pick when told to choose a four digit pin.

    “Now brute forcing is absolutely the last tactic we would use,” says Mr Thorsheim.

    Password security depended on computer power never getting to the point where billions of those sequential combinations could be tried in a reasonable amount of time.

    Many security researchers look to improve their password cracking methods so they can advise companies about what they need to do to make people choose phrases that are more secure.

    Targeted attacks are likely to scour social media for words, names and dates important to a victim. Knowing the names of someone’s children, pets, parents or street can help unpick a password very quickly.

    The bad guys try to crack passwords, says security researcher Bruce Marshall, because they too know another truth about people – they are lazy.

    This means that there is a very good chance, 70% according to some studies, that a password associated with an email address on one site might well be used to log in on one or more other online services.

    “If a criminal is cracking passwords then most likely they gathered them from a specific site and are trying to gain access to additional accounts,” says Mr Marshall.

    Reply
  48. Tomi Engdahl says:

    Accused of Cyberspying, Huawei Is ‘Exiting the U.S. Market’
    http://killerapps.foreignpolicy.com/posts/2013/12/02/accused_of_cyberspying_huawei_is_exiting_the_us_market

    The CEO of the world’s biggest telecommunications equipment maker, which for years has been labeled by U.S. officials as a proxy for Chinese military and intelligence agencies, says he’s giving up on America.

    Reply
  49. Tomi Engdahl says:

    Scientist-developed malware covertly jumps air gaps using inaudible sound
    Malware communicates at a distance of 65 feet using built-in mics and speakers.
    http://arstechnica.com/security/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/

    Computer scientists have developed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.

    The proof-of-concept software—or malicious trojans that adopt the same high-frequency communication methods—could prove especially adept in penetrating highly sensitive environments that routinely place an “air gap” between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.

    “In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network,” one of the authors, Michael Hanspach, wrote in an e-mail. “Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network.”

    The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied on software originally developed to acoustically transmit data under water. Created by the Research Department for Underwater Acoustics and Geophysics in Germany, the so-called adaptive communication system (ACS) modem was able to transmit data between laptops as much as 19.7 meters (64.6 feet) apart. By chaining additional devices that pick up the signal and repeat it to other nearby devices, the mesh network can overcome much greater distances.

    Reply
  50. Tomi Engdahl says:

    Edward Snowden revelations prompt UN investigation into surveillance
    UN’s senior counter-terrorism official says revelations ‘are at the very apex of public interest concerns’
    http://www.theguardian.com/world/2013/dec/02/edward-snowden-un-investigation-surveillance

    The UN’s senior counter-terrorism official is to launch an investigation into the surveillance powers of American and British intelligence agencies following Edward Snowden’s revelations that they are using secret programmes to store and analyse billions of emails, phone calls and text messages.

    The UN special rapporteur Ben Emmerson QC said his inquiry would also seek to establish whether the British parliament had been misled about the capabilities of Britain’s eavesdropping headquarters, GCHQ, and whether the current system of oversight and scrutiny was strong enough to meet United Nations standards.

    The inquiry will make a series of recommendations to the UN general assembly next year.

    In an article for the Guardian, Emmerson said Snowden had disclosed “issues at the very apex of public interest concerns”. He said the media had a duty and right to publish stories about the activities of GCHQ and its American counterpart the National Security Agency.

    “The astonishing suggestion that this sort of responsible journalism can somehow be equated with aiding and abetting terrorism needs to be scotched decisively,” said Emmerson, who has been the UN’s leading voice on counter-terrorism and human rights since 2011.

    “It is the role of a free press to hold governments to account, and yet there have even been outrageous suggestions from some Conservative MPs that the Guardian should face a criminal investigation. It has been disheartening to see some tabloids giving prominence to this nonsense.”

    Reply

Leave a Reply to Tomi Cancel reply

Your email address will not be published. Required fields are marked *

*

*