Saturday, December 20, 2008

Quote of the day

Quote of the day

If someone feels that they had never made a mistake in their life, then it means they had never tried a new thing in their life.

Albert Einstein

New IT Term of the day

New IT Term of the day

stealth virus

A computer virus that actively hides itself from antivirus software by either masking the size of the file that it hides in or temporarily removing itself from the infected file and placing a copy of itself in another location on the drive, replacing the infected file with an uninfected one that it has stored on the hard drive.

Social Networks Are Risky Business

RISKY : Social Networks Are Risky Business

By Richard Stiennon

December 17, 2008


Why does it seem that most IT departments are woefully un-prepared for IT innovation? Why are they usually viewed as the detractors and inhibitors of technology rather than the innovators and enablers? My own analysis is that the IT department is saddled with processes based on project management that do not allow for innovation.

The typical process calls for annual plans, budgets, needs assessment, and staff assignments with the requisite meetings, status reports, and tracking metrics. Look at the technologies that have made their way into the enterprise with none of these management overlays: the Internet, email, Instant Messaging, WiFi, Blackberrys and now iPhones. When you look at that list you have to ask, “Just what did the IT department bring to the party?”

If your organization is like most, the IT department is tasked with cleaning up after the fact. The most urgent need is usually security. All of these technologies have introduced dire security threats but the benefits from them are tremendous. Most businesses today cannot even function without email. Part of my job is to help enterprises think about these new technologies and attempt to secure them before they get deployed. This is so the painful implementation of policies and security after the fact does not detract from the technology’s benefit. In that light, I am writing today about social networking.

Social networking is simply people using technology to work together, share information, and communicate. A big part of it is the discovery and exploration of people and information that should be linked. Tools that contribute to successful social networking include Facebook, Twitter, LinkedIn, Sharepoint, blogs, and hundreds of applications and spin off websites that support these. And like the other consumer technologies mentioned here, you will be just as successful at blocking the use of social networks as you were at blocking email or the Internet.

Lack of Password Control

Social networks, so called web 2.0 sites in particular, have become the masters of quick and easy signup. The norm has become to ask users for a unique name, password, and email address. To avoid excessive spamming of the groups a confirmation email is sent. Digg, Reddit, De.licio.us, are like this, making it easy for users to be anonymous. Some sites, Twitter in particular, fail to even ask for a useable email address. These sites are the most vulnerable to abuse. One aspect of social networks that is deleterious to good security behavior is the tendency for new applications built off of existing ones to ask for your passwords. It is very common for a new social site to request Google, MSN, and Yahoo! passwords so that your contact list can be harvested to recruit more members.

During the November elections a site was launched in India to take an impromptu vote from Twitter users. It required you to enter your Twitter ID and password so they could keep track of unique votes. After I blogged about the obvious risk of giving your password to a third party, the authors assured me they had no malicious intent.

Over 20,000 people voted, giving up their IDs and passwords to an unknown site. The risk of losing control over a Twitter account is exacerbated by the fact that most people re-use passwords at multiple sites. In other words, a lost account at Twitter could quickly lead to loss of control to Gmail, Yahoo! or even their corporate access. Does the CEO of Zappos, a prolific and famous Twitter-er, use a strong password for his Twitter account? Does he use a different password than his remote access credentials? I don’t know but I’d bet I’m not the only one wondering.

Chinese spy fears on broadband frontrunner

ESPIONAGE : Chinese spy fears on broadband frontrunner

Cameron Stewart

December 18, 2008

The Australian


National security concerns about Chinese espionage could threaten the new frontrunner for Australia's $15 billion publicly backed national broadband network.

Security agencies will closely examine the bid lodged by Singtel Optus, which is believed to propose the involvement of Chinese telecommunications equipment-maker Huawei Technologies to help build its network. Huawei was the subject of a US congressional investigation on national security grounds this year after legislators expressed concern about its links to the Chinese military and intelligence apparatus. The concerns led Huawei to withdraw from its joint $US2.2billion ($3.3billion) bid to buy a stake in US internet router and networking giant 3Com.

Optus emerged this week as the surprise frontrunner for the national broadband network tender when the Government excluded Telstra from the tender process after its bid failed to meet some of the project's stated requirements.

Huawei, the shadowy company based in Shenzen and founded by former People's Liberation Army officer and Communist Party member Ren Zhengfei, has triggered debate in the US, Britain and India about whether it is a legitimate international telecom player or a company bent on doing Beijing's bidding.

Intelligence agency concerns about Chinese cyber-espionage prompted India to scrap a planned $US60 million Huawei investment in its telco in 2005.

Britain granted the company a $US140 million contract in that same year to build part of British Telecom's 21st Century Network.

Many mainstream global telecommunications companies, including Singtel Optus, already have close links with Huawei. Optus last month gave the Government its 900-page bid for the new national broadband network, which is understood to propose Huawei as one of several vendors to set up the network.

A spokeswoman for Optus confirmed the company had been working with Huawei as part of trials for the network, but would neither confirm nor deny Huawei was part of last month's final bid.

"We are not releasing the names of any potential vendors we may be working with on NBN," she said. "Huawei is a significant vendor partner of Optus and we are working with them in our test lab."

A spokesman for Huawei Australia did not return The Australian's calls but the company, the largest networking and telecommunications equipment supplier in China, has previously denied links with the Chinese Government or with the PLA.

The national security statement released by Kevin Rudd this month warned of the growing danger of cyber-espionage by foreign countries, saying Australia would take new measures to protect against hackers. The federal Government has said it will investigate the national security implications of the remaining bids from Optus, Acacia and Axia.

"The Attorney-General's Department will co-ordinate an assessment of the national security implications of the proposals in consultation with national security and law enforcement agencies," the Government's Request for Proposals states.

An eight-person expert panel is assessing the bids and will recommend a winner late next month.

However, a study by global think tank the Rand Corporation states: "Huawei maintains deep ties with the Chinese military, which serves as a multi-faceted role as an important customer, as well as Huawei's political patron and research and development partner."

The conservative US think tank the Heritage Foundation claimed in a paper this year that the PLA had direct access to Huawei's training and technology infrastructure.

Huawei set up a regional head office in Sydney in June 2004. Its Australian division employs 100 staff and reported a 66.5 per cent rise in revenue to $70 million last year.

It is a key vendor in constructing Optus's 3G mobile network in rural areas, and is supplying hardware to Queensland electricity utility Powerlink for a network launch.

Cyber crimes record 50 percent jump in India

STATISTICS : Cyber crimes record 50 percent jump in India

The Hindu

December 18, 2008


New Delhi (IANS): With India being home to the fourth highest number of internet users in the world, cyber crimes under the the Information Technology (IT) Act recorded a whopping 50 percent jump in 2007 over the previous year. What's more, the majority of offenders were under 30 years of age.

Cyber crimes have emerged as a new class of crimes, rapidly increasing due to extensive use of the internet and IT enabled services.

The maximum cyber crime cases, about 46 percent, were related to incidents of cyber pornography, followed by hacking. In over 60 percent of these cases, offenders were between 18 and 30, according to the "Crime in 2007" report of the National Crime Record Bureau (NCRB).

Cyber crimes are punishable under two categories - the IT Act 2000 and the Indian Penal Code (IPC).

The report says that 217 cases of cyber crime were registered under the IT Act in 2007 compared to 142 in 2006 - an increase of 50 percent.

Under the IPC too, 339 cases were recorded in 2007 compared to 311 cases in 2006.

"Seventeen out of 35 mega cities have reported nearly 300 cases of cyber crimes under both categories, thereby recording an increase of 32.6 percent in a year," the report says.

The report indicates that cyber crimes are no longer limited to metro cities.

"Bhopal in Madhya Pradesh has reported the highest incidence of cyber crimes under IPC sections, thus accounting for 87.8 percent of the total crimes in the country," the report says.

Cyber crimes range from tampering with computer documents, hacking and cyber pornography to false electronic evidence, unauthorised access to protected computer documents and breach of confidentiality.

Delhi Police have now trained 100 of its officers in handling cyber crime and placed them in its Economic Offences Wing.

"There is an increase in cyber crimes and our cyber crime cell is looking into the complaints. Our special team officers are working with IT experts to keep a tab on it," Delhi Police spokesperson Rajan Bhagat told IANS.

Cyber Security Management training at G B Pant University

AWARENESS : Cyber Security Management training at G B Pant University


18 December 2008

“Tough laws are required to address the misuse of cyber space and infrastructure by criminals and hackers”, Mr. Rakesh Goyal, Director General of Centre for Research and Prevention of Computer Crimes, India and MD of Sysman Computers Private Limited, said while delivering the keynote address at the inaugural function of seven days training programme on Cyber Security Management, organized by Department of Computer Engineering of G B Pant University at the University Campus at Pantnagar, Uttatrakhand.

“Cyber Crimes do not follow geographical boundaries defined by sovereign governments. These are international crimes and thus the international community needs an International convention and law to address the menace of growing cross border cyber crimes”, said Mr. Goyal. He further introduced the need for Cyber Security Management to the participants.

The Chief Guest, Dr. B S Bhist, the Vice Chancellor of the University, said that “the process of Computerisation is irreversible and crimes come along with the benefits of technology. Thus, we need to keep ourselves secure from these crimes and misuse of computer infrastructure and assets”. He further defined the academic model to address this challenge.

Dr. S D Samantaray, Head of Department of Department of Computer Engineering introduced the initiative taken by his department and elaborated how this course was conceived and finally with much efforts by the whole team, it has taken off.

Dr. M P Singh, Dean Technology of the University provided the statistics of damage done by cyber crimes in India and world. He further informed that he would make sure that this type of programmes would be repeated for the benefit of the society.

This training programme attracted people from academics, law enforcement, judiciary, user-industry, IT Industry, Legal practitioners and students in large number.

Prof Rajeev Singh introduced the speakers and proposed the vote of thanks. The programme started on 18 December 2008 and will continue till 24 December 2004 and the sessions will be taken by IT Act Specialist Supreme Court Lawyer, Higher Officials of Min. if Information Technology / CERT-In, Academicians and Industry experts.

Friday, December 19, 2008

Cyber crimes record 50 percent jump in India

Cyber crimes record 50 percent jump in India
Friday, December 19, 2008

New Delhi: With India being home to the fourth highest number of internet users in the world, cyber crimes under the the Information Technology (IT) Act recorded a whopping 50 percent jump in 2007 over the previous year. What's more, the majority of offenders were under 30 years of age.

Cyber crimes have emerged as a new class of crimes, rapidly increasing due to extensive use of the internet and IT enabled services.

The maximum cyber crime cases, about 46 percent, were related to incidents of cyber pornography, followed by hacking. In over 60 percent of these cases, offenders were between 18 and 30, according to the "Crime in 2007" report of the National Crime Record Bureau (NCRB).

Cyber crimes are punishable under two categories - the IT Act 2000 and the Indian Penal Code (IPC).

The report says that 217 cases of cyber crime were registered under the IT Act in 2007 compared to 142 in 2006 - an increase of 50 percent.

Under the IPC too, 339 cases were recorded in 2007 compared to 311 cases in 2006.

"Seventeen out of 35 mega cities have reported nearly 300 cases of cyber crimes under both categories, thereby recording an increase of 32.6 percent in a year," the report says.

The report indicates that cyber crimes are no longer limited to metro cities.

"Bhopal in Madhya Pradesh has reported the highest incidence of cyber crimes under IPC sections, thus accounting for 87.8 percent of the total crimes in the country," the report says.

Cyber crimes range from tampering with computer documents, hacking and cyber pornography to false electronic evidence, unauthorised access to protected computer documents and breach of confidentiality.

Delhi Police have now trained 100 of its officers in handling cyber crime and placed them in its Economic Offences Wing.

This year, the officers were trained for six weeks in computer hardware and software, computer networks comprising data communication networks, network protocols, wireless networks and network security. Faculty at Guru Gobind Singh Indraprastha University (GGSIPU) were the trainers.

"There is an increase in cyber crimes and our cyber crime cell is looking into the complaints. Our special team officers are working with IT experts to keep a tab on it," Delhi Police spokesperson Rajan Bhagat told IANS.

Wednesday, December 17, 2008

Quote of the day

Quote of the day

When a whole nation is roaring patriotism at the top of its voice, I am fain to explore the cleanness of its hands and purity of its heart.

Ralph Waldo Emerson

New IT Term of the day

New IT Term of the day

stateful inspection

Also referred to as dynamic packet filtering. Stateful inspection is a firewall architecture that works at the network layer. Unlike static packet filtering, which examines a packet based on the information in its header, stateful inspection tracks each connection traversing all interfaces of the firewall and makes sure they are valid. An example of a stateful firewall may examine not just the header information but also the contents of the packet up through the application layer in order to determine more about the packet than just information about its source and destination. A stateful inspection firewall also monitors the state of the connection and compiles the information in a state table. Because of this, filtering decisions are based not only on administrator-defined rules (as in static packet filtering) but also on context that has been established by prior packets that have passed through the firewall.

As an added security measure against port scanning, stateful inspection firewalls close off ports until connection to the specific port is requested.

Check Point Software is credited with coining the term stateful inspection in the use of its FireWall-1 in 1993.

Training key to tackling e-crime

EDUCATION : Training key to tackling e-crime

By Tom Young

15 December 2008


E-crime must become part of standard police training if law enforcement authorities are to successfully tackle the huge problem of computer crime, according to the head of the Metropolitan Police e-crime unit.

The UK is facing a growing wave of internet crime, according to the latest annual Virtual Criminology Report from security specialist McAfee. Published this week, the report’s findings include a threefold increase in the number of malware variants.

The study highlights a lack of policing capability as a key challenge in tackling the cyber crime problem.

“The internet often holds the evidence that could bring cyber criminals to rights,” says the report. “Yet digital tracing and forensics are often overlooked or ignored because those involved, from investigations through to trial, are untrained in how to comprehensively unearth and exploit it.”

Detective Superintendent Charlie McMurdie of the Met’s e-crime co-ordination unit, said that law enforcement must make e-crime knowledge a mainstream activity

“Our unit will not be the first port of call, so we need to introduce an e-crime capability from the ground up,” she said.

“It must be part of basic training so that cops are aware of cyber crime from the day they join the force.”

The Met Police unit has recently received £7m funding from the Home Office and will become operational in the first half of 2009.

The government initially refused funding but a string of high-profile public- and private-sector data breaches bought the issue of information security to the public’s attention.

McMurdie warned that the unit will not be a panacea and said it will need significant help from industry if it is to be successful.

“Industry needs to step up to the mark. We have to use their skills to our advantage and help them to provide us with well-packaged evidence so our job is as easy as possible,” she said.

Nobody knows the true scale of e-crime in the UK, though it is widely accepted that internet fraud alone costs the UK economy millions of pounds a year.

Expertise in the police is not encouraged correctly, London School of Economics security expert Peter Sommer writes in the report.

“Police career rewards go to managers rather than front-line specialists,” he said.

“Some of the best digital investigators are still detective constables or sergeants.”

New law needed to tackle cyber criminals

UAE : New law needed to tackle cyber criminals

Hassan Hassan

December 15. 2008


ABU DHABI // The rapid growth of the internet is being matched by similar advances in the criminal mindset, the Minister of Justice warned yesterday at a cyber crime conference.

Dr Hadef bin Jua’an al Dhaheri said the law must be used to stop cyber criminals committing “all forms of crimes from killing, forgery and fraud to temptation and debauchery”.

He added that computers and IT had huge potential for good but, at the same time, were dangerous forces when used for “destruction, sabotage and crime”.

Other speakers at the conference said tougher laws and international co-operation were needed to fight internet child pornography and other illegal activities.

The audience heard that a harmonisation of law across international borders would help tackle criminals who often worked outside the country they were targeting.

Speakers at the International Conference on Cyber Crime also identified stronger policing to prevent cyber crimes, and greater co-operation among international bodies to catch those who committed criminal acts online.

Dr Marco Gercke, a criminal law lecturer at the University of Cologne, said the international community had recognised that harmonisation of online law was the key to success and would make cross-border prosecution far easier.

He cited the Budapest Convention on Cybercrime, an international agreement that has identified a set of core offences. However, he said police also needed the resources to catch such criminals.

“Compliance with international standards and having the right tools are crucial elements in the fight against such crimes. You can have the best laws that criminalise certain offences but if the police don’t have tools to investigate cyber crime, they won’t be able to identify the offenders,” said Dr Gercke.

He added that preventative measures, such as bank security codes and passwords, would not prevent many illegal internet activities, as criminals often found ways of circumventing security.

Dina Founes, the legal director of Microsoft Middle East and Africa, said the motivation of many cyber criminals had shifted from penetrating government networks to financial gain, targeting personal finances and defrauding people in elaborate internet schemes.

Another challenge for police was a lack of co-operation between the private sector, which provides internet services, and the public sector which enforces the law. Mrs Founes said this problem could result in obstacles during investigations.

“Internet providers may not be able to provide information without a court order,” she said, adding that appropriate legislation provided a framework for the police and companies to co-operate nationally as well as internationally.

She said that besides the Budapest Convention, a model presented by the International Centre for Missing and Exploited Children legislation to ensure the online safety of children and prevent child pornography, should be followed internationally.

“In short, we have achieved great success in fighting against cyber crime through efforts such as the initiative of Budapest, but our goal is to keep up our fight against cyber crime to make computers safe and secure.

“As technology continues to evolve and cyber criminals are becoming increasingly more sophisticated, we must remain focused and one step ahead. Partnership between industry and law enforcement alongside meaningful laws are critical to ensure that we stay ahead of cyber criminals.”

Cyber Attacks Are Growing More Sophisticated, Targeted

TREND : Cyber Attacks Are Growing More Sophisticated, Targeted

By Michael Dinan,

TMCnet Editor

December 15, 2008


Cyber-criminals – men and woman who use computers to do things like make bogus offers or steal information, money and identities – are becoming more and more sophisticated and are developing increasingly specialized attacks, a panel of experts from the world’s largest maker of networking gear said today.

Officials from Cisco Systems Inc. said during an IPTV broadcast this morning that people who use technology as a tool to drive their own illegal businesses are innovating in ways far more complex than the old e-mail viruses.

According to Patrick Peterson, a Cisco fellow and chief security researcher, the criminals now are blending e-mail and the Web to attack specific entities, such as smaller credit unions and universities.

“The sophistication is mind-boggling,” Peterson said. “It’s impossible to imagine that criminal enterprises can do this kind of sophistication.”

Peterson was joined by David Goddard, Cisco’s vice president of security assurance, and Tom Gillis, its vice president of security product marketing, in an hour-long, free broadcast available here.

With botnets, phishing and spam attacks, cyber-criminals possess the technology to infiltrate Web sites and post their own content, though at other times, criminals are using legitimate means – such as popular e-mail sites from Yahoo!, Hotmail or Gmail – to hijack personal accounts. Once inside a user’s personal account, for example, the criminals may use contact lists to spread harmful hyperlinks that pull other people’s PCs into a network of infected computers.

According to Gillis, what’s spurring the increasingly complicated, bold and targeted attacks is a familiar motivator: money.

“Money is often the root behind innovation,” Gillis said. “If someone has an attack that works, they get rich.”

The broadcast dovetails with Cisco’s release today of its 2008 “Cisco Annual Security Report.”

According to the report, which includes protection recommendations to individuals as well as government officials, the overall number of disclosed vulnerabilities grew by 11.5 percent over 2007. Also, the report says, vulnerabilities in virtualization technology nearly tripled from 35 to 103 year over year, and attacks are becoming increasingly blended and cross-vector.

Cisco researchers say they saw a 90 percent growth in threats originating from legitimate domains, nearly double what was seen in 2007. Also, the volume of malware successfully propagated through e-mail attachments is declining. Over the past two years, the number of attachment-based attacks decreased by 50 percent from the previous two years.

As TMCnet reported, experts say that the increasingly popularity of mobile devices that are Internet-ready, such as the Apple iPhone or BlackBerry smartphones, also is increasing security threats.

According to Terry McCabe, chief technology officer at Airwide Solutions – an international company headquartered in Burlington, Massachusetts that provides next-generation mobile messaging and wireless internet infrastructure, applications and solutions – also says that in this slower economy, more consumers are using their mobile devices to comparison shop, as well as check their bank balances and portfolios.

Already, McCabe told TMCnet during an interview, mobile malware has evolved from annoying text message spam to snoopware that enables the hacker to listen in on conversations, install spyware that allows him to access phone logs and contacts, and send text messages and multimedia spam to other devices.

“However, the most frightening aspect about mobile malware is its potential to use an infected smartphone or other device as a proxy or gateway into an organization’s core network,” McCabe told TMCnet. “By hijacking a handheld device, hackers can breeze past a traditional firewall and make their way onto a company’s mail server, customer database, CRM tools, and other critical parts of the network. And this damage may result from something simple, such as an employee receiving a message to download a free game or antivirus update.”

Specific threats, according to Cisco’s report, include spam, phishing, botnets, social engineering and reputation hijacking.

While targeted spear-phishing represents about 1 percent of all phishing attacks, it is expected to become more prevalent as criminals personalize spam and make messages appear more credible, according to Cisco. Also, botnets reportedly have emerged as a nexus of criminal activity on the Internet. This year, numerous legitimate Web sites were infected with IFrames, malicious code injected by botnets that redirect visitors to malware-downloading sites.

The report also finds that the use of social engineering to entice victims to open a file or click links continues to grow.

According to the IPTV broadcast panel, the economic recession increases the likelihood that disgruntled workers from the hard-hit financial services industry, especially, may be preparing to launch attacks.

Such attacks, from the inside, are difficult to track, Goddard said.

“If there is an intelligent person, especially with technical abilities and they want to commit a crime in an organization, it’s certainly very difficult to capture them,” he said.

Browsers fail password protection tests

FAIL : Browsers fail password protection tests

Toxic soup of potential vulnerabilities

By John Leyden

15th December 2008


A beta version of Google Chrome has tied with Safari for last place in tests of how the browsers dealt with password security.

The tests - put together by security consultancy Chapin Information Services - ran the most popular browsers against a set of 21 checks.

None performed particularly well.

Opera 9.62 passed only seven of the 21 tests but that still made it the "joint winner" in an outstandingly mediocre field.

Firefox 3.0.4 also passed a third of the tests while IE 7 scored five out of 21. Bringing up the rear Safari 3.2 for Windows and Goodle Chrome passed just two of the tests.

Curiously Google Chrome was the only browser to pass one test " not filling in a form when auto-complete is set to off".

The tests collectively measured how well browsers kept passwords saved by users safe from phishing fraudsters and malicious hackers, preventing the potential disclosure of online login credentials. The exercise looked at how strong the security architecture of each of the browsers might be without looking in depth at whether these might give rise to vulnerabilities, much less specific exploits.

However a combination of password management and security shortcomings in a browser might be used together to snaffle online login credentials. Chapin singles out three flaws in Chrome, present in the beta, and unfixed in the final version, to illustrate this potential risk.

Chrome fails to check the location of password requests or the destination to which they are dispatched. In addition, invisible form elements can trigger password management functions in the browser without user involvement. "These three problems, combined with seventeen others so far identified in Chrome's password manager, form a toxic soup of potential vulnerabilities that can coalesce into broad insecurity," company founder Richard Chapin warns.

Opera performs the best of the five browsers tested at withstanding this type of attack, which Chapin highlights because he discovered a similar class of vulnerability in version 2 of Firefox two years ago.

Chapin's tests set a high standard but looking at the results it is tempting to think that users would be well advised never to save passwords for sensitive websites.

More details of the tests can be found at http://www.info-svc.com/news/2008/12-12.

Monday, December 15, 2008

Quote of the day

Quote of the day

When there is growth, changes are automatic, if I fear change, how can there be growth?

New IT Term of the day

New IT Term of the day


Short for Secure Sockets Layer, a protocol developed by Netscape for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http:.

Another protocol for transmitting data securely over the World Wide Web is Secure HTTP (S-HTTP). Whereas SSL creates a secure connection between a client and a server, over which any amount of data can be sent securely, S-HTTP is designed to transmit individual messages securely. SSL and S-HTTP, therefore, can be seen as complementary rather than competing technologies. Both protocols have been approved by the Internet Engineering Task Force (IETF) as a standard.

UK police need crime breathalysers for PCs

TOOL : UK police need crime breathalysers for PCs

Cyber cops chase next gen digital forensics

By Nick Heath

11 December 2008


UK police are hoping to one day develop a breathalyser-style tool for computers that could instantly flag up illegal activity on any PC it's attached to.

Detective superintendent Charlie McMurdie, architect of the UK's Police Central E-crime Unit (PCeU), said frontline police ideally need a digital forensic tool as easy to use as the breathalyser, to help them deal with growing numbers of computers being seized during raids on suspects' homes.

McMurdie said such a tool could run on suspects' machines, identify illegal activity - such as credit card fraud or selling stolen goods online - and retrieve relevant evidence.

She told silicon.com: "Do we need to seize five computers in a suspect's house or could we use a simple tool to preview on site and identify there's that one email we are looking for and we can then use that and interview the person now, rather then waiting six to 12 months for the evidence to come back to us?

"For example, look at breathalysers - I am not a scientist, I could not do a chemical test on somebody when they are arrested for drink driving but I have a tool that tells me when to bring somebody in."

The eventual development of such a tool could help ease a backlog of digital forensic work that has officers waiting up to a year for evidence to be recovered from seized machines.

The tool is part of a package of measures envisaged by McMurdie as one day coming out of the £7m PCeU, which from spring next year will co-ordinate law enforcement of all online offences and lead national investigations into the most serious e-crime cases.

McMurdie also discussed the possibility of setting up a "central forensic server", where digital forensic experts from across the UK could log in and analyse whatever systems were plugged into it.

She described how it could help tackle corporate e-crime, saying: "Say one of the banks is attacked and we need to have a look at one of their hard drives: that bank would have something that they can plug their system in to and that connects to this central forensic server.

"Say there is a copper who is a forensic expert in Devon and Cornwall, he could hook into the central server and deal with it from Devon and Cornwall, rather than travelling up to London."

McMurdie said UK police have also been talking to the FBI and US Computer Emergency Readiness Team units about their use of remote searches of hard drives over the net.

PCeU leaders are also in talks with the Association of Chief Police Officers about setting up regional centres for e-crime training.

Digital records of UP Assembly car passes lost

VIRUS : Digital records of UP Assembly car passes lost

The Hindu

14 December 2008


New Delhi (PTI): Records of gate passes issued to vehicles entering the Uttar Pradesh Assembly premises were lost following a virus attack in the computer system, posing a serious security threat.

All digital records of details pertaining to gate passes allotted to vehicles for the year 2007 were deleted following a virus infestation in the computer, Public Information Commissioner Harish Kumar Verma said in reply to an RTI filed by Urvashi Sharma, a Lucknow resident.

Uttar Pradesh has 404 members in the Legislative Assembly and 100 in the Legislative Council.

"If the secretariat is not aware of the vehicles which were allotted the gate passes, any car or motorcycle can make it to the premises of the building with just the UP Government label. And seeing to the recent terror attacks in Mumbai and the Parliament attack in 2001, it is an open invitation to militants," Sharma said.

She further said, "Usually there are a lot of Ambassador cars with red beacons making it to the UP secretariat premises. Security guards only see the car from outside, but the people inside are not checked. Only the red light and the UP government label are checked by the guards at the gates."

The car, which was used by terrorists to enter Parliament in 2001, had a red beacon on top and a Parliament sticker along with a special Parliament label, Sharma added.

Australia to Test Web Filter to Block Banned Content

FILTER : Australia to Test Web Filter to Block Banned Content


December 14, 2008


SYDNEY, Australia — The Australian government plans to test a nationwide Web filter that would require Internet service providers to block access to thousands of sites containing illegal content, officials say.

The proposed filter is part of an $82 million cybersafety plan begun in May with the goals of protecting children and stopping adults from downloading content that is illegal to possess in Australia, like child pornography or terrorist materials.

But the plan has prompted opposition from online advocacy groups and industry experts who say it would slow browsing speeds and do little to block undesirable content.

In November, the minister of communications, Stephen Conroy, invited Internet service providers and mobile phone operators to participate in a live trial of the program, which is set to begin this month. The department of communications will use the results to decide how to proceed with the plan.

The proposed system consists of two tiers. Under the first, all Australian service providers would be required to block access to about 10,000 Web sites on a list maintained by the Australian Communications and Media Authority, the federal monitor that oversees film classifications.

The second tier would require service providers to offer an optional filter that individuals could apply to block material deemed unsuitable for children.

The government says the list, which is not available to the public, includes only illegal content, mostly child pornography. But technology, left-wing and other advocacy groups, and technology businesses worry that the filter could be used to block sites focused on what some consider controversial topics, like gambling or euthanasia. “Even if the scheme is introduced with the best of intentions, there will be enormous political pressure on the government to expand the list,” said Colin Jacobs, the vice chairman of Electronic Frontiers Australia, a technology advocacy organization. “We worry that the scope of the list would expand at a very rapid rate.”

The proposal has set off a flurry of anxious chatter on social networking sites like Facebook, where thousands of users said they planned to take part in protests this weekend.

More than 85,000 users have also signed an online petition created by GetUp!, an advocacy group that calls the mandatory filter “a serious threat to our democratic values.”

Mark White, the chief operating officer at iiNet, one of the largest Australian Internet service providers, said the filter would have a limited effect because it would not monitor illegal activity on peer-to-peer or file-sharing networks, where most child pornography and other illicit content is exchanged. The filter would also slow Internet browsing speeds for all, regardless of whether they were trying to view forbidden sites, he said. IiNet has agreed to take part in the trial.

This concern has been supported by the government’s own research. A July report by the communications authority found that lab tests of six unidentified Internet filtering programs showed mixed results. The best filter slowed browsing speeds by 2 percent; the other five made them 22 percent to 87 percent slower.

The study found that filtering programs were effective at blocking prohibited material around 92 percent of the time, but that about 3 percent of legitimate sites were mistakenly caught in the filters.

The country’s largest service provider, Telstra, has also expressed doubts about the plan. Its chief operating officer, Greg Winn, said recently week that using filters for service providers to stop prohibited content was “like trying to boil the ocean.” As soon as the filter was applied, he said, someone would find a way to break it.

Some who support the idea of banning some sites, like Clive Hamilton, a senior ethics professor at the Australian National University, said that kind of reasoning was flawed, though.

“The laws that mandate upper speed limits do not stop people from speeding,” he said. “Does that mean that we should not have those laws?”

Meanwhile, Mr. Conroy, the communications minister, said he and the government were open to comments from Internet industry groups and the public.

In an e-mail message, Mr. Conroy said the government was taking note of the industry’s concerns about the technical limitations of the proposed filter. He added that the trial would provide “an invaluable opportunity for I.S.P.’s to inform the government’s approach.”

Indian infotech sector is main focus of Chinese spying

ESPIONAGE : Indian infotech sector is main focus of Chinese spying

Josy Joseph

DNA India

December 15, 2008


BANGALORE: A few months ago, a major Bangalore-based infotech company lost out on a $8 million contract. The company was expecting a business delegation to visit India before signing the contract, but 15 days before the date set for the deal, the meeting was abruptly called off.

The same team went to China instead. When the Indian firm investigated the matter, it discovered a gaping hole in its security. The computers of several of its top executives had been compromised by Chinese hackers and privileged information leaked to a Chinese competitor, who walked away with the deal by quoting a lesser price.

Welcome to war of another kind - corporate espionage. Chinese companies are increasingly spying on the Indian IT industry, the only major business area where India leads the Chinese by several years. With many companies reportedly becoming victims of Chinese espionage, Indian intelligence officers are beginning to take a close, hard look at the influx of Chinese nationals into Bangalore, India’s IT hub.

The Chinese presence in the Bangalore-Mysore belt largely comprises students in Mysore University. Besides, there are several Chinese citizens who are training or working at Indian IT firms.

Intelligence officers are probing whether the sudden surge of Chinese interest in Bangalore and Mysore is part of a larger game plan to steal India’s IT advantage through massive industrial espionage. The main aim, obviously, is to replicate Indian IT’s successes in mainland China, grab major contracts, and gain the upper hand in a hostile future competitive scenario.

Investigators are tight-lipped on the progress of their inquiry. But a source says they are looking at parallels between the presence of Chinese nationals in Karnataka and what has been reported about Chinese espionage in industrial complexes around the world.

Across Europe, Australia, and US, many espionage cases involving the Chinese have been reported at industrial clusters and cutting-edge firms. In most of these cases, investigations have revealed the key role played by Chinese students and workers in obtaining information for firms and institutions back home.

Recent instances of Chinese hacker attacks on major Indian IT companies only serve to illustrate the seriousness of the threat. The top brass of one IT firm were unnerved when they landed in China and discovered that their hosts knew everything about their plans. The Chinese knew what their proposed branch intended to do, what salaries would be offered to locals, the number of jobs on offer, et al. “The Indian officials were surprised and came back to carry out a security audit,” said the source. “They found that their computers had been compromised for a long time.”

Investigators suspect the Chinese are probably using their traditional network of students, workers, and tourists to extract sensitive information and gain access to any next-generation technology that Bangalore firms may be working on. “It may have started with Huawei Telecom, but today many Chinese firms have a presence in Bangalore,” said security analyst Rahul Bhonsle, an ex-army officer who, way back in 2000, wrote about the threat to the IT sector from China. “Some of them are definitely fronts for intelligence operations.”

Over the past two years, the government has rejected several of Huawei’s proposals, including a deal with MTNL, citing security concerns. In 2006, a high-powered government committee had recommended that no Chinese investment be allowed in critical sectors.

“In tomorrow’s asymmetric information warfare scenario, it [a critical presence in India’s IT sector] would give them a great advantage,” said Bhonsle. “Besides, it is possible for a sleeper to wreak havoc in, say, some banking software created by an Indian firm and deployed with an international banking major.”

Investigators are also beginning to look at a significant number of joint ventures, collaborations and other work relations being built up between Indian IT firms and Chinese companies. “Many of them could be just a cover for industrial espionage,” said a source involved in the investigation.

One prime area of concern is the memoranda of understanding (MoU) that Mysore University has signed with Chinese universities such as Wuhan and Huanghaui. The MoU are primarily meant as student exchange programmes and students do two years of study in Mysore University and obtain a BTech degree. The MoU of October 2007 has led to some 100 Chinese students coming to the university.

This Day in History

Thanks for your Visit