WISH YOU A HAPPY AND SECURE YEAR 2009
Patriotism is your conviction that this country is superior to all others because you were born in it.
George Bernard Shaw
lock-in
The phrase used to describe a Web page that disables the browser's back button and prevents the user from leaving the page via the back button. The lock-in practice was originally used by pornography Web sites, however, more mainstream Web sites also use lock-in to keep readers on the Web site once it has loaded. Also a form of mousetrapping.
A conference presentation would have exposed flaws in some cash machines.
By Robert Lemos
July 08, 2009
http://www.technologyreview.com/computing/22966/
Barnaby Jack, a security researcher at the computer networking giant Juniper, had planned to hack into an automatic teller machine (ATM) live onstage at the Black Hat Security Conference in Las Vegas later this month. But his presentation, designed to demonstrate the insecurity of various ATMs, attracted the attention of the financial industry as well as security professionals, and under pressure from ATM manufacturers, Juniper canceled the presentation last week, citing concerns that the vulnerabilities involved had still not been fixed.
"The vulnerability Barnaby was to discuss has far reaching consequences, not only to the affected ATM vendor, but to other ATM vendors and--ultimately--the public," wrote Brendan Lewis, director of corporate social media relations for Juniper in a statement posted to the company's official blog last week. "To publicly disclose the research findings before the affected vendor could properly mitigate the exposure would have potentially placed their customers at risk. That is something we don't want to see happen."
The presentation would have focused on exploiting vulnerabilities in devices running the Windows CE operating system, including some ATMs, according to a source familiar with the details. While the presentation was canceled to allow manufacturers more time to fix the vulnerabilities, Juniper had originally notified the company almost eight months ago, says the source, who asked not to be named.
Other security experts are not surprised that the vulnerabilities are there to find. Significant flaws in cash machines and ATM networks are plentiful, says Nicholas Percoco, senior vice president of TrustWave, an information security and compliance firm that has assessed the security of point-of-sale terminals, kiosks, and ATM networks. "It is very, very rare that a device comes to our labs--in fact, I don't think that it has happened--that we don't find a vulnerability," Percoco says.
By David Hamilton
WEB HOST INDUSTRY REVIEW
July 08, 2009
http://www.thewhir.com/web-hosting-news/070809_Federal_Websites_Knocked_Out_by_Cyber_Attack
The websites for several US government agencies, including some that patrol cyber crime, have been under attack since July 4, as a denial of service attack made many of these sites slow or accessible for as many as three days, signifying an unusually lengthy and sophisticated DoS attack.
The Treasury Department, Secret Service, Federal Trade Commission and Transportation Department websites were down at various periods beginning on the holiday weekend, according to the Associated Press, which spoke to officials inside and outside the government, who also noted that some sites were still experiencing problems as recently as Tuesday evening.
Not confined to government agencies, the DoS attack affected other Washington DC targets: The Washington Post (www.washingtonpost.com) and its Security Fix blog Security Fix blogger Brian Krebs said The Post had been under attack by roughly 60,000 compromised PCs from around the world, running malicious software that orders them to visit targeted websites over and over, rendering them unreachable to legitimate visitors.
SecureWorks malware research director Joe Stewart told Security Fix said the attack is hitting various sites in the US and South Korea simultaneously. The mysterious attack contained few clues of its origins, except for a cryptic line of text buried in the malware, which reads "get/china/dns."
While there has been no official statement from a name government official, security and monitoring companies have commented on the severity of the attack. Keynote Systems Internet technologies director Ben Rushlo told the Associated Press that the Transportation Department site was completely offline for two days, and the FTC site, which started to come back online late Sunday, was still inaccessible 70 percent of the time on Tuesday.
"This is very strange. You don't see this," he told the Associated Press. "Having something 100 percent down for a 24-hour-plus period is a pretty significant event... The fact that it lasted for so long and that it was so significant in its ability to bring the site down says something about the site's ability to fend off (an attack) or about the severity of the attack."
South Korea on high alert for more cyber attacks amid suspicions of North Korea involvement
By Hyung-jin Kim
July 9, 2009
SEOUL, South Korea — Seoul was on high alert Thursday for more cyber attacks amid suspicions that North Korea was behind a recent wave of Web site outages in South Korea and the United States. The South warned that computer networks of key infrastructure could be targeted.
The National Intelligence Service said in a statement it was strengthening cyber security measures for government computer networks, citing a possible new wave of attacks that could target national infrastructure operators like energy, telecommunications and media companies.
Earlier Thursday, the country’s leading computer security company also warned another wave of attacks was expected in South Korea later in the day. There was no word on whether U.S. sites would be hit again.
Seoul-based antivirus software developer AhnLab said it has analyzed a virus program that sent a flood of Internet traffic to paralyze Web sites in both South Korea and the United States. It said seven South Korean sites were likely to be targeted on Thursday.
Twelve South Korean sites were initially attacked Tuesday, followed by strikes Wednesday on 10 others, including government offices. The U.S. targets included the White House, Pentagon, Treasury Department and the Nasdaq stock exchange.
Some South Korean sites remained inaccessible or unstable on Thursday, including the National Cyber Security Center, affiliated with the main spy agency. No major disruptions, however, were reported.
The NIS informed members of parliament’s intelligence committee Wednesday that it believes North Korea or pro-Pyongyang forces were behind the cyber attacks, a lawmaker said.
On Thursday, Rep. Park Young-sun, a member of the committee, said a senior intelligence official told her the NIS suspects the North because the country warned it won’t tolerate what it claimed were South Korean moves to participate in a U.S.-led cyber warfare exercise, according to a statement from the opposition Democratic Party.
Park also told a party meeting that the NIS official cited the fact that most of the attacked sites were those of conservative organizations that have pushed the government to take a harder line on North Korea. Among the sites targeted were those of the presidential Blue House and the ruling Grand National Party.
Park said the NIS official told her the spy agency only gave the committee members the information in the form of a progress report, suggesting no conclusions had been made. Park didn’t identify the official.
The spy agency said it could not immediately confirm Park’s remarks.
The agency’s statement Thursday didn’t mention suspected North Korean involvement and only repeated it was closely cooperating with the U.S. and other countries to discover the origin of the attacks. On Wednesday it said the sophistication of the attacks suggested they were carried out at a higher level than rogue or individual hackers.
U.S. authorities also eyed North Korea as the origin of the trouble, though they warned it would be difficult to identify the attackers quickly.
Three U.S. officials said while Internet addresses have been traced to North Korea, that does not necessarily mean the attack involved Kim Jong Il’s government in Pyongyang. They spoke on condition of anonymity because they were not authorized to speak publicly on the matter.
On Thursday, the Dong-a Ilbo newspaper reported that South Korea has detected signs that North Korea or its sympathizers in China or elsewhere committed the cyber attacks.
The paper, citing an unidentified government official, said the assessment was made after an investigation of infected computers’ IP addresses — the Internet equivalent of a street address or phone number.
South Korean media reported in May that North Korea was running a cyber warfare unit that tries to hack into U.S. and South Korean military networks to gather confidential information and disrupt service.
The communist North has recently engaged in a series of threats and provocative actions widely condemned by the international community, including a nuclear test and missile launches.
The cyber outages were caused by so-called denial of service attacks in which floods of computers all try to connect to a single site at the same time, overwhelming the server that handles the traffic, the state-run Korea Information Security Agency said.
Ku Kyo-young from the state-run Korea Communications Commission said about 20,000 computers in South Korea had been infected by Wednesday evening and the number could have increased.
There were no immediate reports of financial damage or leaking of confidential national information, according to the Korea Information Security Agency. The attacks appeared aimed only at paralyzing Web sites.
FBI wants more online security education and skepticism
Symantec-hosted panel discussion reveals hacker profiles are hard to define, which is why security should be top-of-mind
By Maxine Cheung
9 July 2009
http://www.itbusiness.ca/it/client/en/home/News.asp?id=53818
NEW YORK - According to two U.S. government officials, Internet crime rates will continue to increase because end-users and enterprises lack awareness and education about the current online threat landscape.
During a Symantec hosted security panel held here Tuesday, Michael Stawasz, senior counsel for the computer crime and intellectual property section at the U.S. Department of Justice, based in Washington and Austin Berglas, supervisory special agent for the cyber crime unit at the FBI's New York office, spoke about today's cyber crime landscape and gave their advice on how users and organizations can prevent it.
With the Internet and online services being so widely accessed and available, online threats and vulnerabilities are becoming more common, said Stawasz.
“At the U.S. Department of Justice, getting our best practices out to scale for the amount of crimes that are being committed will be the biggest challenge for us at this point," Stawasz said. “Just having one or two people trained isn't enough for the whole country because you need to get more people trained.”
Berglas said that the individuals who are most vulnerable to cyber crime attacks are those who do not properly protect themselves and their computers.
While the motive behind many online attacks is for financial gain, Stawasz said there are people who commit these crimes for other reasons, such as for power and just for fun too.
Berglas agreed and gave the example of a 12-year-old kid who was redirecting traffic from a law firm's Web site to a site he had made, just for fun.
“You don't have to be that technically sophisticated to commit a cyber crime now,” he said. “You don't have to be a computer genius to partner with other criminals, or to purchase what you need to commit these crimes.”
In fact, both Berglas and Stawasz said it's difficult to define what a computer hacker or cyber criminal actually looks like, simply because the people who are doing it are so varied. Based on what he's seen, Stawasz said it's fair to say there are more male cyber criminals than there are women. Not only are juveniles committing these crimes, but adults and older adults are too, he added.
To better protect yourself from being the victim of an attack, Berglas says it's critical that users educate themselves about the threats and issues that are out in the online world today.
“People have to be careful with any personal information and documents they have on the computer,” Berglas said. “You have to be careful and users should ask themselves if they really want to click on the link from an e-mail user they don't know. Companies should be educating their customers the same way because the absolute vulnerability in this day and age is the uneducated consumer.”
Having security and anti-virus software will help any consumer and business; however Berglas says having just this, is simply not enough. Computers should also be kept up to date with security updates and users should guard their user id and passwords, he added.
It's as the popular saying goes, “If something doesn't look right, it probably isn't,” Berglas said.
