Quote of the day
The two greatest obstacles to democracy are, first, the widespread delusion among the poor that we have a democracy, and second, the chronic terror among the rich, lest we get it.
Edward Dowling
IT and Related Security News Update from Centre for Research and Prevention of Computer Crimes, India (www.crpcc.in) Courtesy - Sysman Computers Private Limited, Mumbai
Quote of the day
The two greatest obstacles to democracy are, first, the widespread delusion among the poor that we have a democracy, and second, the chronic terror among the rich, lest we get it.
Edward Dowling
TCB
Short for trusted computing base. TCB refers to the totality of protection mechanisms (hardware, firmware and software) that provide a secure computing environment. The TCB includes everything that must be trusted -- access control, authorization and authentication procedures, cryptography, firewalls, virus protection, data backup, and even human administration -- in order for the right level of security to work.
MOTIVE : Russian hackers target U.S., Europe for profit and politics
By Alex Rodriguez, Tribune correspondent
chicagotribune.com
December 26, 2008
www.chicagotribune.com/news/chi-russia-hackers2_rodriguezdec26,0,5001855.story
MOSCOW — Not long ago, the simple, anonymous thrill of exposing chinks in American software was enough of a payoff for a Russian hacker.
Today it's cash. And almost all the targets are in the United States and Europe, where Russia's notorious hackers pilfer online bank accounts, swipe social security numbers, steal credit card data and peek at e-mail log-ins and passwords as part of what some estimate to be a $100 billion-a-year global cyber-crime business.
And when it's not money that drives Russian hackers, it's politics—with the aim of accessing or disabling the computers, Web sites and security systems of governments opposed to Russian interests. That may have been the motive behind a recent attack on Pentagon computers.
A new generation of Russian hacker is behind America's latest criminal scourge. Young, intelligent and wealthy enough to zip down Moscow's boulevards in shiny BMWs, they make their money in cyber-cubbyholes that police have found impossible to ferret out.
From behind the partition of anonymous online hacking forums, they boast about why they use their programming savvy to spam and steal, mostly from the West.
"Why should I take a regular job after graduating and exert myself to earn just $2,000 a month, rather than grab this chance to make money?" says a Russian hacker on a cyber-crime forum that specializes in credit card fraud.
Cyber-crime, by some estimates, has outpaced the amount of illicit cash raked in by global drug trafficking. Hackers from Russia and China are among the chief culprits, and the threat they pose now extends far beyond spam, identity theft and bank heists.
Besides the recent attack on computers at the U.S. Defense Department, which may have originated in Russia, according to military leaders in Washington, Russian hackers also are believed to be behind highly coordinated attacks that brought down government Web sites in Estonia in 2007 and in U.S.-allied Georgia when war broke out between Russian and Georgian forces in August.
They're even suspected of hacking into the computer systems of Barack Obama and John McCain during the presidential campaign; technical experts hired by Obama's campaign suspected the attacks may have come from Russia or China, according to Newsweek.
So far there has been no evidence of a link between the Russian government and any of the attacks on American, Georgian and Estonian Web sites and computers. Nevertheless, the need to ramp up security of American cyberspace is being discussed with greater urgency in Washington. Earlier this month, a commission on cyber-security delivered a report to Congress calling for the creation of a new White House office that would gird the U.S. against computer attacks from hackers and foreign governments.
According to the commission, "unknown foreign entities" in 2007 hacked computers at the Departments of Defense, Homeland Security and Commerce, as well as NASA. Hackers broke into Defense Secretary Robert Gates' unclassified e-mail and probe Defense Department computers "hundreds of thousands of times each day," said the commission, a panel of leading government and computer industry experts.
A senior State Department official told the commission that the department had lost thousands of gigabytes of data due to computer attacks, and among the Homeland Security divisions reporting computer break-ins was the Transportation Security Administration. Hacking attacks compromising intellectual property have cost U.S. companies billions of dollars, the report stated.
"The damage from cyber attack is real," the report continued. "Ineffective cybersecurity, and attacks on our informational infrastructure in an increasingly competitive international environment, undercut U.S. strength and put the nation at risk."
After the Soviet collapse in 1991, Russian hackers were primarily motivated by mischief. "Back then it was simple hooliganism," said Vladimir Dubrovin, a hacker in the late 1990s and now a Russian computer security expert.
Today, however, most hackers in Russia are in it strictly for the money. Cyber-crime gangs approach computer programming graduates from Moscow's technical universities with offers of making sums of $5,000 to $7,000 a month, a far cry from Russia's average monthly salary of $640, says Nikita Kislitsyn, editor of Hacker, a glossy Russian magazine with how-to information for budding hackers.
Yevgeny Kaspersky, chief executive of Moscow-based Kaspersky Lab, one of the world's leading computer security firms, says Russian hacking flourishes as "a cyber-criminal ecosystem" of spammers, identity thieves and "botnets," vast networks of infected computers controlled remotely and used to spread spam, denial-of-service attacks or other malicious programs. A denial-of-service attack floods a Web site with inquiries, forcing its shutdown.
To ply online banking accounts, Russian hackers rely on viruses that record keystrokes as customers type log-ins and passwords. Russian-made viruses are believed to be behind several major online heists, including the theft of $1 million from Nordea Bank in Sweden in 2007 and $6 million from banks in the United States and Europe that same year.
Viruses and other types of "malware" are bought and sold for as much as $15,000, Kislitsyn says. Rogue Internet service providers charge cyber-criminals $1,000 a month for police-proof server access.
Botnets relied on for cyber-crime can also be used to lash out at political enemies, computer security experts say. Most analysts agree that criminal botnets were used by Russian hackers to shut down Estonian government and banking Web sites after the tiny Baltic republic angered Russians by moving a Soviet war memorial from downtown Tallinn in 2007.
"The Internet can now be used to attack small countries," Kaspersky said. "There are Russian and Chinese hackers that have the power to do that."
CHINK : VeriSign's SSL for Securing Web sites Cracked
Group says it used flaw in hashing algorithm to create fake digital certificates for Web sites
Robert McMillan
IDG News Service
December 30, 2008
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9124558
With the help of about 200 Sony Playstations, an international team of security researchers has devised a way to undermine one of the algorithms used to protect secure Web sites — a capability that the researchers said could be used to launch nearly undetectable phishing attacks.
To accomplish that, the researchers said today that they had exploited a bug in the MD5 hashing algorithm used to create some of the digital certificates used by Web sites to prove they are what they claim to be. The researchers said that by taking advantage of known flaws in the algorithm, they were able to hack VeriSign Inc.'s RapidSSL.com certificate authority site and create fake digital certificates for any Web site on the Internet.
Hashes are used to create a digital "fingerprint" that is supposed to uniquely identify a given document and can easily be calculated to verify that the document hasn't been modified in transit. But the flaw in the MD5 algorithm makes it possible to create two different documents that have the same numerical hash value.
That, the researchers said, explains how someone could create a digital certificate for a phishing site that has the same fingerprint as the certificate for a genuine Web site. They added, though, that they don't expect to see any actual attacks using the flaw that they exploited — a point that Microsoft Corp. seconded in a security advisory in which it downplayed the threat to Internet users.
Using their farm of Playstation 3 machines, the researchers built a rogue certificate authority that could issue bogus certificates. The Playstation's Cell processor is popular with code breakers because it is particularly good at performing cryptographic functions.
The researchers planned to present their findings today at the Chaos Communication Congress, a hacker conference being held in Berlin. Even before their talk took place, it already was the subject of speculation within the Internet security community.
The team that did the research work included independent researchers Jacob Appelbaum and Alexander Sotirov, as well as computer scientists from the Centrum Wiskunde & Informatica, the Ecole Polytechnique Federale de Lausanne, the Eindhoven University of Technology and the University of California, Berkeley.
Although the researchers believe that a real-world attack using their techniques is unlikely, they say their work shows that the MD5 algorithm should no longer be used by the certificate authority companies that issue digital certificates. "It's a wake-up call for anyone still using MD5," said David Molnar, a Berkeley graduate student who worked on the project.
In addition to VeriSign, TC TrustCenter AG, EMC Corp.'s RSA unit and Thawte Inc. use MD5 to generate their digital certificates, according to the researchers. They said that VeriSign also uses the algorithm on a certificate service offered through its Japanese Web site, in addition to RapidSSL.com.
Exploiting the MD5 bug to carry out an attack would be hard, because cybercrooks would first have to trick a victim into visiting the malicious Web site that hosts a fake digital certificate. That could be done, however, by using what's called a man-in-the-middle attack. Last August, for example, security researcher Dan Kaminsky showed how a major flaw in the Internet's Domain Name System could be used to launch such attacks.
And with this latest research, it's now potentially easier to attack Web sites that are secured using Secure Sockets Layer (SSL) encryption, which relies on trustworthy digital certificates. "You can use Kaminsky's DNS bug combined with this to get virtually undetectable phishing," Molnar said.
"This isn't a pie-in-the-sky talk about what may happen or what someone might be able to do, this is a demonstration of what they actually did with the results to prove it," HD Moore, director of security research at BreakingPoint Systems Inc., wrote in a blog post about the researchers' findings.
Cryptographers have been gradually chipping away at the security of MD5 since 2004, when a team lead by Shandong University's Wang Xiaoyun demonstrated flaws in the algorithm.
Given the state of research into MD5, certificate authorities should have upgraded to more secure algorithms such as SHA-1 "years ago," said Bruce Schneier, a noted cryptography expert and chief security technology officer at BT PLC.
RapidSSL.com will stop issuing MD5-based digital certificates by the end of January and is looking for ways to encourage its customers to move to new certificates after that, said Tim Callan, VeriSign's vice president of product marketing. But first, Callan added, VeriSign wants to get a good look at the new research.
Molnar and his team have communicated their findings to VeriSign indirectly, via Microsoft, but they have yet to speak directly to VeriSign, out of fear that it might take legal action to quash their talk. In the past, companies sometimes have obtained court orders to prevent security researchers from talking at hacker conferences.
Callan said he wished that VeriSign had been given more information ahead of time. "I can't express how disappointed I am that bloggers and journalists are being briefed on this but we're not, considering that we're the people who have to actually respond," he said.
While Schneier said he was impressed by the math behind this latest research, he said that there are already far more important security problems on the Internet — weaknesses that expose large databases of sensitive information to attackers, for example.
"It doesn't matter if you get a fake MD5 certificate, because you never check your certs anyway," he said. "There are dozens of ways to fake that, and this is yet another."
BREACH : RBS WorldPay breach exposes 1.5 million
Payment processor buries bad news
By John Leyden
29th December 2008
http://www.theregister.co.uk/2008/12/29/rbs_worldpay_breach/
RBS WorldPay belatedly admitted last week that hackers broke into its systems.
The attack against the electronic payment services firm leaves to to 1.5 million payroll and gift card holders in the US at risk of fraud. Up to 1.1 million social security records were also exposed as a result of the breach.
The affected pre-paid cards include payroll cards and open-loop gift cards. PINs for all PIN-enabled cards are being reset as a precaution. RBS WorldPay has pledged to make sure its customers are not left out of pocket as a result of any fraud stemming from the attack. The firm is also offering 12 months complimentary membership to a credit monitoring service to those whose personal information was exposed as a result of the breach.
RBS WorldPay notified law enforcement and regulators about the attack on 10 November but waited until 23 December before publishing advice to potentially affected customers. The timing of its announcement raises suspicions that the firm is releasing bad news at a time when it is likely to go largely unnoticed.
The attack has been linked to the fraudulent misuse of 100 payroll cards, all of which have since been deactivated.
Details of the attack itself, much less who might have pulled it off, remain sketchy. RBS WorldPay has pledged to improve its security defences to prevent similar attacks in future.
RBS WorldPay's statement on the attack, and its response, can be found here (PDF format)
http://www.rbsworldpay.us/RBS_WorldPay_Press_Release_Dec_23.pdf
SCENARIO : Crime to boom as downturn blooms
By Mark Ward, Technology correspondent,
BBC News
2008/12/30
http://news.bbc.co.uk/go/pr/fr/-/2/hi/technology/7797946.stm
With the economic downturn affecting every corner of the globe, it is perhaps no surprise that it is likely to affect hi-tech criminals over the next 12 months.
In contrast to many ordinary people, hi-tech criminals are likely to see opportunities to prosper rather than suffer in the downturn.
So say some experts looking forwards to 2009 and what it will mean for the computer security world.
"Crime tends to rise when you have more unemployment," said Mikko Hypponen, chief research officer at F-Secure.
"If you look, in general, where the attacks are coming from you can find social reasons behind them," he said.
"It's not a technical problem, it's social," he said.
Easy money
Layoffs of many people familiar with net technology may tempt more into crime, he said, simply because their chances of being caught are slim. Equally, he said, the punishments for those that are caught are not harsh.
Those that did turn to hi-tech crime would find, he said, an underground service economy that will sell them all the bits they need to get started as a net criminal.
Some security firms fear that making people redundant could also trigger a wave of crime as aggrieved workers strike back at their employers.
This could mean that the intellectual property that a company relies on to keep going, such as its customer database, is copied and walks out of the door when employees pack up and leave.
"The damage that insiders can do should not be underestimated. It can take just a few minutes for an entire database that has taken years to build to be copied to a CD or USB stick," said Adam Bosnian, a spokesman for Cyber-Ark.
"With a faltering economy companies need to be especially vigilant about protecting their most sensitive data against nervous or disgruntled employees," he said.
Card games
"I would imagine that fraud is going to increase next year," said Carl Clump, chief executive of Retail Decisions that helps firms spot and tackle credit card fraud.
Even with the global economic slump, he said, fraud had been increasing year on year and there was no reason to expect that 2009 would buck that trend.
Widespread economic malaise would only act as a fillip to that rising tide, he said.
"It's a lucrative area and it's relatively easy to do," said Mr Clump.
Security initiatives such as chip and pin may have tackled fraud at some points, said Mr Clump, but that meant fraudsters had focussed on the next weakest area.
In particular, he said, many fraudsters have moved on to so-called Card Not Present fraud which is typically carried out via e-tail sites on the net.
Figures released in September by the Association of Payment and Clearing Services (APACS) which represents the UK's card firms showed that CNP fraud was up 18% on 2007 to £161.9m. Over the same period losses from UK online banking fraud rose by 185%.
Those unwilling to become spammers or phishers, said Mr Clump, might well be a tempted into low-grade fraud - especially if they have lost their job or are struggling to make ends meet.
"In times like these people take desperate measures," he said.
Dan Hubbard, chief technology officer at Websense, said the grim times could tempt people to make choices they would not make in better times.
"Gambling tends to go up when economies are down," he said.
This might make people more willing to work alongside web criminals and act as money launderers or mules.
Mr Hubbard said the ongoing development of the web, mash-ups and semantic technologies could introduce new vulnerabilities.
"These will all add another level of complexity to the web," he said.
"It will create a rich user experience but behind the scenes it is grabbing data from all over the place," he warned.
Unless that was properly managed and thoroughly checked for security loopholes it could prove tempting for criminal groups.
"There are more targets than ever," said Mr Hubbard.
Quote of the day
One man gives freely, yet grows all the richer, another withholds what he should give, and only suffers want.
Bible, Proverbs 11:24
TACACS
Short for Terminal Access Controller Access Control System, an authentication protocol that was commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access to the network.
TACACS is now somewhat dated and is not used as frequently as it once was. A later version of TACACS was called XTACACS (Extended). These two versions have generally been replaced by TACACS+ and RADIUS in newer or updated networks. TACACS+ is a completely new protocol and is therefore not compatible with TACACS or XTACACS.
TACACS is detailed in RFC 1492.
TRENDS : Top Online Security Threats for 2009
by Lidija Davis
December 27, 2008
http://www.readwriteweb.com/archives/top_online_security_threats_for_2009.php
Twenty years after the release of the Morris Worm, one of the first worms discovered on the Internet, the Web has proven to be the primary place where bad guys lurk, looking for poorly secured websites to plant malicious code. And, they find plenty.
According to the 2009 Security Threat Report from Sophos, one new infected Web page is discovered every 4.5 seconds. With that in mind, we thought we'd take a look at the top security threats you should be looking out for in 2009.
SQL Injection Attacks
The Sophos research showed that over the past year the number of SQL injection attacks against innocent websites increased, a trend Sophos expects will continue next year.
Web insecurity, notably weakness against automated remote attacks such as SQL injections, will continue to be the primary way of distributing web-borne malware.
A recent report from the Internet Crime Complaint Center also points to an increase in SQL injection attacks in 2008, specifically relating to financial services and the online retail industry. Unfortunately, cyber criminals prey on the needs of Web users at any given time, and this time the economic crisis is their meal ticket.
The article is well worth reading if you're interested in how attackers compromise websites by SQL Injection or if you want ideas on how to reduce the likelihood of intruders gaining access to your private data.
Third Party Advertising Agencies and Scareware
In February 2008, Sophos confirmed a 'poisoned Web advertising campaign' on BBC competitor ITV's website that affected both Windows and Mac machines. While we've all seen Scareware, the pop ups designed to scare people into buying anti-virus software, this is the first time it has been seen for the Mac.
According to Sohpos, a Flash file was injected into traffic served up by ITV.com via third party advertising agencies. Designed to promote a program called Cleanator (Windows) or MacSweeper (Macs), the programs claimed to detect "compromising files" and encouraged users to purchase a full version of the package.
As websites often use third parties to serve up their advertising, Graham Cluley, senior technology consultant at Sophos suggests taking care when selecting agencies. "Website owners should ask the third party agencies they use what procedures they have implemented to positively vet the adverts that they deliver for malicious content or unsavory links.
Social Networking Sites
With social networking on the rise, the bad guys have found yet another playground on the Web. The Sophos report reveals 1800 Facebook users had their profiles defaced in August by an attack that installed a Trojan while displaying an animated graphic of a court jester.
Gated sites appeal to the bad guys because they form a "launching pad" for mass distributing malware attacks and spam, like the recent Koobface Trojan which attacked both MySpace and Facebook and transformed victim machines into zombie computers to form botnets.
Twitter too has become a tool for cyber criminals to distribute malware and marketing messages. In many cases, the bad guys steal members' usernames and passwords and bombard the victims' friends with marketing messages or direct them to third party websites. With Twitter especially, it is difficult to discern where links are going due to the 140 character limit and the use of services that shorten URLs.
On the flip side however, Chris Boyd of FaceTime Security Labs at this years RSA Conference explained that social networking sites are incredibly useful for security researchers. "The people that create these things have been on social networking sites since the beginning; they need to be on them a lot to understand them intimately enough to exploit them. But many times they leave a trail online that we can use to track them, to find out things like their names, ages and friends."
Apple Macs Becoming "Soft Targets"
While Mac malware is miniscule compared to Windows malware, Sophos recommends Mac users follow safe computing best practices and avoid complacency even though cyber criminals are more likely to stick to attacking Windows computers in the foreseeable future due to the higher financial incentive.
With so many Windows home users seemingly incapable of properly defending themselves against malware and spyware, it seems sensible to suggest that some of them should consider switching to the Apple Mac platform. This is not because Mac OS X is superior, but simply because there is significantly less malware currently being written for it.
Along with the scareware attack mentioned earlier, there have been other attempts to infect Mac computers in 2008: the OSX/Hovdy-A Trojan, the Troj/RKOSX-A Trojan, and the OSX/Jahlav-A Trojan.
Smartphones: A New Toy for Cyber Criminals
While most malware and spam is produced as a result of financial incentive, with smartphones, Sophos believes malware will more likely be written by those wanting to make headlines. As neither the iPhone or the G1 has yet been the target of a significant attack, someone will want to be the first and claim the title.
Apple iPhone
According to Sohpos, iPhone users are more vulnerable to phishing attacks than their desktop counterparts for three reasons:
· They may be more willing to click on links because entering URLs on a touch screen is more difficult
· The iPhone version of Safari doesn't display URLs embedded in emails before they are clicked on making it more difficult to tell whether a link leads to a phishing site
· The iPhone browser doesn't display full URLs making it easier for the bad guys to trick users
Google Android
Hackers are only just getting a real look at the Android OS so there is not much to report however, one security flaw was revealed only days after the G1 went on sale. The flaw, discovered by Charles Miller, a principal security analyst at Independent Security Evaluators, was in the browser partition of the phone. According to the New York Times, the flaw enabled keystroke logging software to be installed, making it an easy trick to steal identity information and passwords.
Additionally, while many are impressed with Google's open attitude to applications, others are concerned about the ease in which malicious software could be distributed and caution when it comes to downloading third party apps is advised.
Sophos predicts as more people purchase smartphones, creating threats will become increasingly attractive to cyber criminals: Imagine a generic Mac OS X attack made for the iPhone that could also cripple the Mac computer.
Other Interesting Stats from the Sophos Report
v There were five times as many malicious e-mail attachments at the end of 2008 than at the beginning of 2008
v The United States hosts the most malware on the Web at 37 percent
v Computers in the United States relay the most spam at 17.5 percent
Cyber criminals will always be ahead of security experts simply because most of what the anti-malware providers discover is generally published for the public; the bad guys aren't as open with what they do. But, being aware of trends, keeping security patches up to date, and installing firewalls will do much to thwart the majority of attacks.
LOOK BACK : 2008 was a good year for bad guys
'Boom year' for hi-tech criminals
By Mark Ward, Technology correspondent,
BBC News
2008/12/28
http://news.bbc.co.uk/go/pr/fr/-/2/hi/technology/7797280.stm
If 2007 was witness to the rise of the professional hi-tech criminal, then 2008 was the year they got down to work.
"The underground economy is flourishing," said Dan Hubbard, chief technology officer at security company Websense.
"They are not just more organised," said Mr Hubbard, "they are co-operating more and showing more business savvy in how they monetise what they do."
Statistics gathered by firms combating the rising tide of computer crime reveal just how busy professional cyber thieves have been over the last twelve months.
Sophos said it was now seeing more than 20,000 new malicious programs every day. 2008 was also the year in which Symantec revealed that its anti-virus software now protected against more than one million viruses.
The vast majority of these malicious programs are aimed at Windows PCs. Viruses made their debut more than 20 years ago but the vast majority of that million plus total have been created in the last two-three years.
Tidal wave
Criminal gangs generate so many viruses for two main reasons. Firstly, many variants of essentially the same malicious program can cause problems for anti-virus software which can only reliably defend against threats it is aware of.
Secondly, in the past security firms have tended to focus on the big outbreaks. By staging a series of small outbreaks the criminals hope to go unnoticed while their family of viruses racks up victims.
Another statistic from Sophos reveals how the tactics of the online criminal groups are changing.
Before 2008 the preferred method of attack was a booby-trapped attachment circulating by e-mail.
Provocative, pornographic and personal subject lines were used to trick people into opening the attachment. Anyone doing so risked having hi-tech criminals hijack their home computer and turn them to their own nefarious ends.
In 2008, said Graham Cluley from Sophos, the main attack vector started to shift. Increasingly, he said, attackers have tried to subvert webpages by injecting malicious code into them that will compromise the computer of anyone that visits.
By the close of 2008, said Mr Cluley, Sophos was discovering a newly infected webpage roughly every 4 seconds.
The type of page being booby-trapped had also changed, he said. Prior to 2008 gambling, pornographic and pirated software sites were much more likely to be unwitting hosts for the malicious code used to hijack visitors' machines.
In 2008 the criminals turned their attention to mainstream sites that had very large audiences and were vulnerable to the code-injection attack.
Bug report
For Mikko Hypponen, chief research officer at F-Secure, 2008 was the year in which some hi-tech criminals got much more sophisticated.
The best example of this, he said, was the virus known as Mebroot.
"We saw it very early in the year and it continues to be a very complicated case," he said.
One of its most remarkable features is its built-in bug reporting system, said Mr Hypponen. When Mebroot is detected or malfunctions revealing its presence it sends off a report to its creators who then turn out a new version with the bug fixed.
"It's amazing that the bad guys were capable of pulling this off," said Mr Hypponen.
Dan Hubbard from Websense said 2008 was also notable for some hi-tech criminals turning away from viruses completely and embraced another way to make money.
Many, he said, were turning out bogus security programs that look legitimate but do not work. Once installed they purport to carry out a detailed scan of a machine and always turn up many instances of spyware and other malicious programs.
Cleaning up a machine using one of the bogus security programs always involves a fee, said Mr Hubbard.
"They are testing legal boundaries that are a grey area right now," said Mr Hubbard.
In mid-December 2008 the US Federal Trade Commission won a restraining order to shut down several firms that ran so-called "scareware" scams.
Research by Israeli security company Finjan suggests that up to five million people around the world have fallen victim to such scams.
A US court granted the FTC an injunction which stopped those behind the scareware products advertise their products, from making false claims about their efficacy and froze assets in the hope that duped customers could be refunded.
2008 also saw other big successes against criminals. In mid-November spam volumes around the world plummeted briefly following the closure of US network firm McColo.
Despite this, said Mr Hypponen, 2008 was a good year for the bad guys. The successes, he said, came due to action by ISPs, other net bodies and the media rather than from the action of law enforcement agencies.
This was mainly due, he said, to the trans-national nature of hi-tech crime that made it very difficult to quickly carry out an investigation and make arrests.
"The vast majority of these cases do not seem to go anywhere," he said.
PAKISTAN : Paki Cyber criminal economy set to expand in 2009
Pakistan Times
Dec 27, 2008
http://www.pak-times.com/2008/12/27/cyber-criminal-economy-set-to-expand-in-2009/
Islamabad: The Pakistan Economy Watch said on Saturday said global financial turmoil has boosted Internet underworld and unleashed a new wave of crimes that is engulfing the globe. The development is enhancing cost of doing business everywhere and creating new challenges to already dull economies.
New task force, increased budget, awareness campaign must to combat threat
Government of Pakistan should immediately form a high-powered task force, upgrade the existing setup and launch an awareness campaign about expanding online criminal market set to hurt limping businesses, said Dr. Murtaza Mughal, President, Pakistan Economy Watch. “Private sector should also come forward and cooperate as it will be major looser by the end of the day,” he said.
2009 will see a record increase in identity thefts, credit and debit card frauds, network breaches, phishing, unauthorised telecom interceptions and database accesses, damaging, deletion, deterioration, alteration and suppression of critical information, misuse of devices, forgery, spam, adware, malware, Trojans, worms, viruses, frauds, threats, and online attacks, he warned.
Tens of thousands of computer engineers, experts, friendly hackers, technicians, and scientists have lost jobs in developed world due to the global crunch. Some are getting allowances that are not enough while others are left high and dry.
With such a high skill-level, backed by company’s information, the recently fired experts have become darling of cyber criminals. Internet mafia has hired many while others are operating in small groups. Some are working individually, said Dr. Murtaza Mughal adding that they pose seriously threat due to their potential to shake the whole world.
Growing e-crime wave sweeping across Pakistan
Supported by abilities of disgruntled IT employees, the underworld is now bolder and sophisticated, they will operate from west but prefer to hit east where the level of IT knowledge is alluring for them. The companies and websites offering stolen financial data have hike prices manifold due to increased demand by unemployed IT experts. Majority of such outfits are based in Russia and former Eastern Europe. Some are also operating from India.
Not a single country is fully prepared to face the menace. There will be no institution immune to online attacks during 2009. Apart from unsuspecting masses, finance, banking and credit card providers will suffer the most while the situation will prove a blessing for companies providing IT security.
Pakistan Economy Watch asked masses to avoid keeping sensitive information, bank records, financial transactions’ detail, agreements and passwords in computers. Online transactions and loading information on websites has become a risky business as around 1500 fraudulent sites are uploaded daily. Credit and debit cards should be used with extra caution.
There is growing evidence that some of the staff operating legitimate financial websites have compromised confidential information for petty gains. Bank data breach has become a routine. Hundreds of such stories are revolving in markets and offices of Islamabad. Other cities are no exception. “Majority of PCs and notebooks in Pakistan are infected with a hidden programmes that record and transmit your every keystroke, don’t become a victim,” warned Dr. Mughal.
(The above is a grim situation. Further, economic bankruptcy of Pakistan, ineffectiveness of elected government and Terror factories on it’s soil, makes it more gloomy - Editor).
HIT : Wi-Fi Security eBook became a big hit
CRPCC Team
28 December 2008
“The eBook – Securing Wi-Fi Network – 10 Steps to DIY Security has became a big hit. As per our calculations, about 4 million copies are distributed and downloaded”, said Ankur Goyal, co-author of the eBook, which he authored along with Rakesh Goyal.
The eBook is available free and can be downloaded from various sites including www.sysman.in.
“We have taken a different model to distribute the eBook. We contacted various egroups on Internet and requested them to distribute the eBook in their groups. Since, most of their members use Wi-Fi network to connect to Internet, most of these group owners distributed the eBook in their groups for the benefit of their members. We thank these group owners to consider the interest of their group members” said Ankur Goyal in an interview.
It was observed by the traffic on the site that about 1.2 million eBooks were downloaded from www.sysman.in site.
The eBook was released on 10 December 2008 and reaching to 4 million readers in just 2 weeks in remarkable and only possible with the power on internet. In the physical world, this was just not possible. We are still working to reach-out more and more people all-over-the world in their own interest, so that they can secure their wi-fi network themselves by DIY.
The eBook has been published with backing and encouragement from Information Security Education and Awareness Project (ISEAP) of Ministry of Information Technology, Government of India; CERT-In, Ministry of Information Technology, Government of India; Data Security Council of India (DSCI) of NASSCOM and Mumbai Police Cyber Crime Investigation Cell.
Thanks for your Visit