WISH YOU A HAPPY AND SECURE YEAR 2009

Friday, November 14, 2008

Quote of the day

Quote of the day


Christmas is a time when kids tell Santa what they want and adults pay for it. Deficits are when adults tell the government what they want and their kids pay for it.

Richard Lamm

New IT Term of the day

New IT Term of the day


social engineering


(sō ´sh&l en´´j&-nēr´ing) (n.) In the realm of computers, the act of obtaining or attempting to obtain otherwise secure data by conning an individual into revealing secure information. Social engineering is successful because its victims innately want to trust other people and are naturally helpful. The victims of social engineering are tricked into releasing information that they do not realize will be used to attack a computer network. For example, an employee in an enterprise may be tricked into revealing an employee identification number to someone who is pretending to be someone he trusts or representing someone he trusts. While that employee number may not seem valuable to the employee, which makes it easier for him to reveal the information in the first place, the social engineer can use that employee number in conjunction with other information that has been gathered to get closer to finding a way into the enterprise’s network.

Phishing is a type of security attack that relies on social engineering in that it lures the victim into revealing information based on the human tendency to believe in the security of a brand name because they associate the brand name with trustworthiness.

New Crime Avenues in Cyber Finance

FRONTIERS : New Crime Avenues in Cyber Finance

Electronic Payments, Identity Theft and Eastern Europe

by Max

13 November 2008

http://www.bestsecuritytips.com/news+article.storyid+695.htm

New types of payment methods, including mobile banking, pre-paid cards, and "virtual world" transactions, are expected to be a hot area of regulatory interest, according to a newsurvey of senior anti-money laundering (AML) compliance officers in North America and Europe, conducted by risk and compliance specialist Fortent. Survey respondents also cited identity theft as "presenting the greatest emerging threat" to their institutions in the area of financial crime.

"The expansion of payment platforms, while good for business, poses new risks on both the regulatory and security fronts," says Ed Baum, Fortent's Chief Marketing Officer. "Our survey reveals that financial institutions are acutely aware that they must respond to these emerging threats."

"Financial institutions are finalizing their budgets now for next year, and the question on everyone's mind is how they are going to tackle these new threats when staff, technology, and training resources are already stretched," he adds.

The survey's key findings about financial crime threats include:

Identity theft

Cited most often by respondents (52%) as the greatest emerging financial crime threat, followed by:

· "Virtual world" payment systems (44%)

· Electronic checking (40%)

· Employee fraud (32%)

· Stored value cards (28%)

New payment products

When asked in which areas they expected to see greater regulatory interest over the next five years, 78% cited new payment products, including payment cards, mobile payments, and "virtual world" transactions. Forty-three percent (43%) also expected heightened interest in trade finance.

Retail banking

Still tops compliance officers' list as a money laundering concern (77%), due primarily to high volumes. One respondent also explained the pressure to open more accounts: "Branch personnel...are incented to open accounts in volume to meet their goals, but fail to conduct the proper due diligence required."

Geographic threats

In identifying particular geographic threats, Eastern Europe (excluding Russia) leads the world as the region that has experienced the biggest increase in suspicious activity related to money laundering, according to respondents. This region was followed by Russia, Middle East/North Africa, and the rest of Africa.

In addition, the survey showed other trends facing compliance departments today:

v There is distinct movement in organizations toward automation and standardization of compliance systems, as 70% of respondents cited a push to further automate and standardize their systems.

v Bank Secrecy Act (BSA) exams pose an ongoing challenge for financial institutions, with 71% of respondents identifying the frequency of and preparation for exams as the biggest challenge.

v "Staying ahead of criminals is always challenging, and it is even more so in this economy," says Ed Baum. "But banks know that reducing their exposure to financial crime risk - both from a regulatory and a financial perspective - is essential to staying in business."

Firm posts $1m reward to net cyber-extortionists

EXTORTION : Firm posts $1m reward to net cyber-extortionists

Prescription processing firm wants posse

By John Leyden

13th November 2008

http://www.theregister.co.uk/2008/11/13/express_scripts_extortion/

A US-based prescription processing and benefits firm has taken the unusual step of offering a $1m bounty for information that leads to the arrest and conviction of an unknown group which targeted it in a cyber-extortion scam.

Express Scripts went public last week with news that it received personal details on 75 end users including, in some cases, prescription data. Blackmailers threatened to expose millions of records they claimed were in their possession unless the firm paid up.

The cyber-extortionists responded to a refusal to pay up by moving onto the customers of Express Scripts with similar threats, sent in letters to these various organisations. Express Scripts responded on Tuesday by upping the ante and offering a $1m reward for information that put the unidentified miscreants behind bars.

In a related move, Express Scripts offered identity restoration services to anyone who becomes a victim of identity theft as a result of its security breach. It has set up a website to provide information to its members - insurance carriers, employers, unions and the like who run health benefit plans - to provide support at esisupports.com. It has also has hired risk consulting firm Kroll to help its members.

The cause of the breach that led to the data leak and the extent of the compromise are still under investigation. Beyond saying it "deploys a variety of security systems designed to protect their members' personal information from unauthorized access", Express Scripts (which handles a reported 50 million prescriptions a year) has said little about the breach or how it intends to prevent a repetition.

As well as posting a reward, Express Scripts has called in the FBI in its attempts to bring the blackmailers threatening its business to book.

BBC suffers DDOS attack

ATTACK : BBC suffers DDOS attack

Satanic Sluts not suspected

By Paul Hales

07 November 2008

http://www.theinquirer.net/gb/inquirer/news/2008/11/07/bbc-suffers-ddos-attack

ALL BBC WEB services including its most useful iPlayer were subjected to a DDoS attack last night.

According to a missive we have seen, all its sites were slowed down considerably last night. For a while the BBC home page was either not responding or opening extremely slowly.

In a statement to the INQ, the BBC said the attack originated in a number of different countries but didn't specify which. When the Beeb's techies blocked international access to a limited subset of servers, it resulted in a marked improvement of the serving of bbc.co.uk.

Service supplier Siemens was forced to block addresses and prevent the attack using other methods like changing the DNS settings.

The BBC told the INQ that it expects to deal with issues like this from time to time and that it has procedures in place to ensure that normal services resume as soon as possible.

"On this occasion the issue had been resolved at 11.30pm last night but we kept the light weight homepage up until this morning as a precautionary measure, " a spokesBeeb wrote.

Ex-computer network admin faces 12 years in prison

JAIL : Ex-computer network admin faces 12 years in prison

for string of tech crimes

Mercury News

11/10/2008

http://www.mercurynews.com/business/ci_10949785?nclick_check=1

A former San Jose computer network administrator faces up to 12 years in state prison for using his high-tech skills to commit a wave of burglaries, hacking incidents and identity thefts against local companies and even his neighbors.

Andrew Madrid, 34, pleaded guilty Friday to 14 counts of second degree burglary, four counts of computer hacking, three counts of identity theft and two counts of possession of methamphetamine for sale, according to Santa Clara County prosecutors.

Madrid, who was out on bail for drug and theft charges when he was arrested, is due to be sentenced by Judge Douglas Southard on Jan. 22. He has been in custody since March.

Prosecutors said he posed as a security guard and IT employee to gain access to several local companies and steal computer equipment.

Using his knowledge from years of working as a network administrator for a Sunnyvale high-tech firm, Madrid was able to pull off sophisticated crimes, including two cases where he hacked into corporate computers, stole data and used spyware to obtain security passwords.

Other times, he tapped into the unprotected wireless networks of his San Jose neighbors. In another of his schemes, he placed phony bar codes on expensive computer equipment so he could buy them at much cheaper prices.

Madrid was arrested after investigations by the local high-tech crimes task force, the Sunnyvale Department of Safety and the Los Gatos, Santa Clara and San Jose

Thursday, November 13, 2008

Quote of the day

Quote of the day


Procrastination is the art of keeping up with yesterday.

Don Marquis

(1878-1937, Humorist)

New IT Term of the day

New IT Term of the day


snort


Snort is an open source network intrusion prevention system (IPS) capable of performing real-time traffic analysis and packet-logging on IP networks. It can perform protocol analysis, content searching & matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts and more.

Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that uses a modular plug-in architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user-specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient. Snort has three primary uses. It can be used as a straight packet sniffer like tcpdump, a packet logger (useful for network traffic debugging and so), or as a full-blown network intrusion prevention system.

Obama preparing comprehensive technology policy

TECH-SAVVY : Obama preparing comprehensive technology policy

By Hiawatha Bray

The Boston Globe

November 12, 2008

http://www.iht.com/articles/2008/11/12/business/otech.php

Barack Obama's Internet-fueled campaign has transformed the way Americans choose a president. Now, the president-elect's administration plans to change the way Americans - and government - use technology.

If Obama gets his way, all Americans would have broadband Internet access, whether they live in big cities or remote villages. Online life would be safer, with better defenses against cybercriminals. And there would be greater access to government, with online services to let anyone question members of the president's cabinet or track every dime of the U.S. budget.

"I think it's not going to happen in the first 100 days, but I think a lot of this can happen in the first term," Ben Scott, policy director of Free Press, a media reform organization based in Washington, said.

Calls and e-mails to the Obama transition team were not returned. But judging by the campaign's position paper on technology policy, the president-elect believes Internet technology should be as thoroughly integrated into U.S. agencies as it was in his campaign, where the Web was used to communicate, raise money and get out the vote in a way unprecedented in U.S. politics.

Obama is in the process of choosing the country's first chief technology officer, a post that's long existed in most corporations but never in government.

Obama has also said he wants to put YouTube-like videos of government meetings online and has proposed a Google-like database of grants and contracts, so people can see where their money is going. And he would require his cabinet members to hold regular online town hall meetings, where they would field questions from the Internet audience.

"His use of the technology in the campaign would imply a lot of positive things for government as well," said Phil Bond, a former under secretary of commerce in the administration of President George W. Bush's who heads the industry lobbying group Information Technology Association of America. "I think we're going to see a lot of things we can't even imagine today."

But before they can benefit from online government, many Americans still must get online. The U.S. ranks 15th out of 30 industrialized countries in the percentage of citizens with access to the Internet. Obama promises to make Internet access as commonplace as telephone service.

Obama has called for tax and loan incentives to spur construction of broadband networks. He wants to divert some of the $7 billion Universal Service Fund, collected by the U.S. government to subsidize phone service in rural areas, to build high-speed Internet lines that could also carry phone traffic.

"You don't have to take that money out of budget," said Scott of Free Press, which backs the idea. "It's basically already there."

But Obama is bound to face resistance from rural phone companies. He is also in for a fight on a proposal to reallocate licensed radio and TV frequencies to create new wireless broadband networks. Last week, the Federal Communications Commission approved the sale of wireless networking devices that will transmit over unused TV frequencies.

Promising a comprehensive cybersecurity strategy to make U.S. computer networks safer from criminals, terrorists, or enemy nations, Obama has said he plans to appoint a national cybersecurity adviser.

Art Coviello, president of RSA in Bedford, Massachusetts, the data security division of EMC, said the Bush administration drew up a sound cybersecurity plan but failed to implement it. He is expecting better from an Obama administration.

"He was the first presidential candidate who held a round table on national security that had cybersecurity as a priority," Coviello said.

But any comprehensive cybersecurity strategy must be international in scope, warned Tom Kellermann, vice president of security awareness at Core Security Technologies in Boston.

"Many hackers use less-developed countries as bastions or havens for their acts," Kellermann said, adding that it would take complex multinational negotiations to build global firewalls against online crime.

The president-elect is a staunch supporter of "net neutrality," the idea that Internet providers should be barred by law from discriminating against particular kinds of data. But there is intense debate over whether a law is needed.

Comcast admitted this year that it had delayed the flow of data generated by the popular file-swapping program BitTorrent, used by many Internet users to trade in television shows and movies, to ease congestion on its network. The FCC ordered a halt to the practice. Comcast has appealed to a U.S. court.

A U.S. net neutrality law would prohibit such restrictions by service providers, and has strong support from online activists worried about digital censorship."That's been a key point of our agenda for some years," Scott of Free Press said. But

Adam Thierer, senior fellow at the libertarian-leaning policy group Progress & Freedom Foundation, said such a law is unnecessary and perhaps dangerous. "It will allow the FCC to begin comprehensively regulating the broadband marketplace," he said, "including broadband speech."

Cyber criminals target Facebook users

BEWARE : Cyber criminals target Facebook users

Asher Moses

Sydney Morning Herald

November 10, 2008

http://www.smh.com.au/news/technology/security/cyber-criminals-target-facebook-users/2008/11/10/1226165454265.html

Facebook has been infiltrated by Nigerian scammers and other cyber criminals who use compromised accounts to con users out of cash.

Now that even non-tech savvy internet users know not to respond to, or click on links in, emails from strangers, online thieves have turned to social networks and are finding it is easier to trick people when posing as their friends.

On Friday, Sydneysider Karina Wells received a Facebook message from one of her friends, Adrian, saying he was stranded in Lagos, Nigeria, and needed her to lend him $500 for a ticket home.

Adrian used relatively good English but, after chatting further, words such as "cell" instead of "mobile phone" tipped Wells off that she was not talking to her friend but someone who had taken over his account.

Using sites such as Facebook allows scammers to research and target victims more effectively and avoid having their messages blocked by spam filters, said Paul Ducklin, head of technology at Sophos Asia Pacific.

It is likely the scammer obtained Adrian's Facebook login details after he was infected with a virus delivered by email or in an infected web page.

There are a number of viruses which, once installed on a computer, send back to the hacker a detailed log of everything entered using the keyboard, including online banking details and passwords for services such as Facebook.

Wells played along with the scammer, who asked her to transfer the money into a Western Union account.

"Naturally I was concerned as, to all intents and purposes, this seemed to be legitimate," she said.

"I pretended that I would help, obtained all the details of where he was and forwarded them to both Facebook and the relevant authorities."

But while the Nigerian scammer used the compromised Facebook account coupled with social engineering tactics to try to convince Wells to hand over money, many are using compromised accounts to spread malware.

Typically, the victim receives a Facebook message from a friend with a subject such as "LOL. You've been catched on hidden cam, yo" or "Nice dancing! Shouldn't you be ashamed?"

The body of the message contains a video clip link that appears to go to a legitimate site such as Facebook or YouTube but, when clicked on, it takes the user to a bogus web page.

Before the users can play the video they are told they need to download a video player upgrade, which is in fact a password-stealing virus.

The next time the victim logs into Facebook the malware-laden message is sent to all of their friends and the infected link is automatically added in comments on friends' pages.

Other less sophisticated attacks on Facebook members use spam emails, some appearing to come from Facebook itself, to spread viruses.

In September security firm WebSense reported on spam emails, purportedly sent from an @facebookmail.com address, that tell the victim they have received an invitation from Facebook to add a friend.

"The spammers included a zip attachment that purports to contain a picture in order to entice the recipient to double-click on it. The attached file is actually a Trojan horse," WebSense said.

Judge rules against White House in e-mail case

LAW : Judge rules against White House in e-mail case

PETE YOST

AP

11 Nov 2008

http://ap.google.com/article/ALeqM5hsG0My2Q3Eu9Sj2PSupnj4xeQXxAD94CBMK01

WASHINGTON (AP) — A federal judge on Monday ruled against the Bush administration in a court battle over the White House's problem-plagued e-mail system. With two-and-a-half months remaining before the Bush administration leaves office, U.S. District Judge Henry Kennedy ruled that two private groups may pursue their case as they press the government to recover millions of possibly missing electronic messages.

Kennedy rejected the government's request to throw out the lawsuits filed by Citizens for Responsibility and Ethics in Washington and the National Security Archive.

The government had argued that the courts did not have the authority to order the White House to retrieve any missing e-mails.

Kennedy, an appointee of President Clinton, said the two private groups seek precisely the relief outlined in the Federal Records Act and upheld in a previous case by the U.S. Court of Appeals for the District of Columbia Circuit.

CREW and the National Security Archive want a court order directing the archivist of the United States to initiate action through the attorney general to restore deleted e-mails.

Meredith Fuchs, the National Security Archive's general counsel, said that because of the ruling, a court order directing the White House to preserve 65,000 computer backup tapes remains in place.

Fuchs said that when the Bush administration surrenders its records to the government on Jan. 20, the incoming administration of Barack Obama can "do the right thing here and clean up this mess by ensuring that any missing e-mails are restored from computer backup tapes."

A White House document obtained by The Associated Press in August says the White House is missing as many as 225 days of e-mail dating to 2003.

The nine-page draft document about the White House's e-mail problems invites companies to bid on a project to recover missing electronic messages. The end date for the work was listed as April 19, 2009. The White House has not said whether it has hired a contractor.

CREW executive director Melanie Sloan called the court ruling "a clear victory for the American people. The Executive Office of the President does have to answer for the missing e-mail."

White House spokesman Scott Stanzel said the opinion is under review and that presidential aides are conferring with the Justice Department about the next steps in the case.

Sheila Shadmand, a Washington lawyer representing the National Security Archive, said the ruling enables protection of records "before they get carted off or destroyed as the current administration packs its bags to leave."

In February, a former White House computer expert told Congress the White House had no complete inventory of e-mail files, that there was no automatic system to ensure that e-mail was archived and preserved, and that until mid-2005 the e-mail system had serious security flaws.

Researchers at the National Security Archive disseminate historical materials to the public. CREW argued that the Bush administration is harming the private organization's efforts to gain future access to important historical documents that would shed light on the conduct of public officials.

EDUCATION : DSCI organizes Cyber Security Awareness Program

EDUCATION : DSCI organizes Cyber Security Awareness Program

CRPCC Team

12 Nov 2008

Data Security Council of India (DSCI) organized a 3 days Cyber Security Awareness Program in Delhi between 10 November 2008 and 12 November 2008 in partnership with Department of Information Technology, Ministry of CIT, Government of India.

The program was well attended by practicing professionals from IT industry, Police force, Government, BPOs, Banks & FI and Cyber café.

Inaugurating the program, Mr. Jainder Singh, Secretary, DIT highlighted the importance of Information Security practices to secure the national infrastructure. He further lauded the need to multiply similar programs in a much bigger ways.

As per agencies, the NASSCOM president Mr. Som Mittal said that Several Indian banks have come under Severe phishing attacks in the past few months with the number rising sharply in Sept-Oct, 2008. Criminals using the internet have attacked many banks, Mittal told reporters on the sidelines of the program.

"We have cyber laboratories training police officers, and other people about data protection best practices and standards," Data Security Council of India (DSCI), Chief Executive Officer Dr. K K Bajaj told reporters. Mr. Shyamal Ghosh, Chairman, DSCI informed about data protection initiatives of DSCI.

Dr. Gulshan Rai, Director incharge of CERT-In, introduced various dimensions of Cyber Security and said unless all dimensions are addressed, any hole in the security will be an easy gateway for criminals.

Mr. Rakesh Goyal of Sysman Computers and CRPCC discussed the do-it-yourself security of wi-fi wireless networks in his interesting presentation. He further discussed how to secure your e-mails.

Mr. Muktesh Chandra, Additional CP of Delhi highlighted the challenges faced by law enforcement agencies in implementing IT Act-2000.

Mr. Sameer Ratolikar, CISO of Bank of India discussed the best practices for secure banking, followed by his Bank and Mr. Sunil Dhaka of ICICI Bank presented the steps taken by ICICI Bank to address the safety concerns of Internet banking.

This Day in History

Thanks for your Visit