Let the people think they govern, and they will be governed.
William Penn
1644-1718IT and Related Security News Update from Centre for Research and Prevention of Computer Crimes, India (www.crpcc.in) Courtesy - Sysman Computers Private Limited, Mumbai
Let the people think they govern, and they will be governed.
William Penn
1644-1718TLS
Short for Transport Layer Security, a protocol that guarantees privacy and data integrity between client/server applications communicating over the Internet.
The TLS protocol is made up of two layers:
v The TLS Record Protocol -- layered on top of a reliable transport protocol, such as TCP, it ensures that the connection is private by using symmetric data encryption and it ensures that the connection is reliable. The TLS Record Protocol also is used for encapsulation of higher-level protocols, such as the TLS Handshake Protocol.
v The TLS Handshake Protocol -- allows authentication between the server and client and the negotiation of an encryption algorithm and cryptographic keys before the application protocol transmits or receives any data.
TLS is application protocol-independent. Higher-level protocols can layer on top of the TLS protocol transparently.
Based on Netscape’s SSL 3.0, TLS supercedes and is an extension of SSL. TLS and SSL are not interoperable.
DDoS street protest covers both side of Gaza conflict
By John Leyden
9th January 2009
http://www.theregister.co.uk/2009/01/09/gaza_conflict_patriot_cyberwars/
Israeli cyberactivists are inviting pro-Israeli surfers to install a tool that attacks websites associated with Hamas.
This "Patriot" tool effectively turns the computers of sympathisers of the Israeli cause into zombies - albeit willing, complicit ones - in the control of Israeli hackers.
The hackers are working under the banner of the Help Israel Win collective, which was formed last month at the start of the conflict in Gaza. "We couldn't join the real combat, so we decided to fight Hamas in the cyber arena," one of the group's organisers, 'Liri', told Wired.
The package developed by the group is designed to overload websites associated with Hamas, such as qudsnews.net and palestine-info.info, with spurious traffic. Israeli hackers claim that 8,000 have downloaded and installed the Patriot software.
Conflict in cyberspace is one aspect of a propaganda offensive that has accompanied the war in Gaza, and the decades-long Israeli-Palestinian conflict. Help Israel Win is vague about how its Patriot software works, preferring instead to stress its opposition to Hamas, which has the stated aim of destroying the state of Israel.
The Patriot package, according to Help Israel Win, "unites the computer capabilities of many people around the world. Our goal is to use this power in order to disrupt our enemy's efforts to destroy the state of Israel. The more support we get, the more efficient we are."
SANS Institute security researchers warn that the Patriot tool leaves the door open to abuse. "While at the moment it does not appear to do anything bad (it just connects to the IRC server and sites there - there also appeared to be around 1,000 machines running this when I tested this) the owner can probably do whatever he wants with machines running this," SANS researcher Bojan Zdrnja writes.
A Help Israel Win representative conceded to Wired that "the Patriot code could be used as a Trojan. However, it is not used as such, and will never be."
"The update option is used to fix bugs in the client, and not to upload any malicious code. The project will close right after the war is over, and we have given a fully functional uninstaller to [remove] the application," a representative added.
It's not particularly clear how effective the Patriot tool has been in silencing allegedly pro-Hamas websites, but Help Israel Win has been forced to repeatedly shift its website location in response to attacks for hackers sympathetic to the Palestinian cause, Wired adds.
Security tools firm Arbor Networks reported earlier this week of an increase in botnet attacks on Israeli targets as well as confirming that Help Israel Win was offering what it described as a "simple Windows tool" to target Palestinian websites.
"This is an example of DDoS attacks being used as a form of street protest and something that is becoming increasingly common," said Arbor researcher Jose Nazario.
Other experts confirm that hackers from the wider Muslim world are piling in on behalf of the Palestinians. "Our observations suggest that a large number of Web sites have been defaced by a variety of hacker groups from Iran, Lebanon, Morocco and Turkey, and the trend is accelerating," said Bruce Jenkins, a retired Major with the US Air Force and consultant with application security firm Fortify Security.
http://www.thearynews.com/english/newsdetail.asp?nid=19868#
WASHINGTON: Cyber attacks pose the greatest threat to the United States after nuclear war and weapons of mass destruction - and they are increasingly hard to prevent, FBI experts say.
Shawn Henry, assistant director of the FBI's cyber division, told a conference in New York that computer attacks pose the biggest risk "from a national security perspective, other than a weapon of mass destruction or a bomb in one of our major cities."
"Other than a nuclear device or some other type of destructive weapon, the threat to our infrastructure, the threat to our intelligence, the threat to our computer network is the most critical threat we face," he added.
US experts warn of "cybergeddon", in which an advanced economy - where almost everything of importance is linked to or controlled by computers - falls prey to hackers, with catastrophic results.
Michael Balboni, deputy secretary for public safety in New York state, described "a huge threat out there" against everything from banking institutions to water systems and dams.
Henry said terrorist groups aim for an online 9/11, "inflicting the same kind of damage on our country, on all our countries, on all our networks, as they did in 2001 by flying planes into buildings."
A web attack of that scale has not yet happened in the United States but computer hacking - once something of a sport for brilliant delinquents - is rapidly evolving around the world as a weapon of war.
Russian hackers allegedly mounted huge assaults on internet networks in Estonia and Georgia last year, while Palestinian sympathisers have orchestrated attacks against hundreds of Israeli websites in the last few days.
Evan Kohlmann, an investigator with Global Terror Alert, based in Washington, said websites and social networking tools already allow underground Islamist leaders and militant organisations to recruit and communicate in safety worldwide.
Jihadist websites can be destroyed, but "you knock one out and another pops up the next day."
More efforts are being made to infiltrate the sites and disrupt the clandestine networks, Kohlmann said.
In response, young militants are learning how to code software, or they are getting help from freelance experts, including those in Russia, who may well have nothing to do with Islamist causes.
"Right now, we're at the cusp of this," Kohlmann said.
Financial cyber criminals, who use the Internet to steal identities, siphon billions of dollars, and sometimes paralyse businesses, are also becoming more sophisticated.
"It used to be we'd chase people around, literally carrying duffel bags of cash," said Donald Codling, the FBI's cyber unit liaison with the Department of Homeland Security.
"Nowadays the guy can use his SIM chip and he can move money all over the world and his confederates can withdraw that money from an ATM in a currency of his or her choice. It's extraordinarily difficult for us to catch them."
Codling, like other cyber crime fighters, expressed grudging admiration for the skills of his foes, who he said are highly motivated and often a step ahead.
By AL BAKER
NYTimes
09 January 2009
http://www.nytimes.com/2009/01/09/nyregion/09kelly.html?_r=2&ref=technology
New York police officials are studying the feasibility of disrupting cellphone communications between terrorists during any attack, after revelations that gunmen in Mumbai received electronic transmissions during their killing spree in November.
Police Commissioner Raymond W. Kelly raised the possibility in Washington at a Senate hearing on Thursday, but he noted there were technological hurdles to shutting down cellular service in a narrow location, like a hotel or movie theater.
At the hearing of the Senate Committee on Homeland Security and Governmental Affairs, Mr. Kelly testified, “Law enforcement needs to find ways to disrupt cellphones and other communications” during an unfolding crisis like the one in Mumbai.
But he stressed, under questioning by senators, that care must be taken in pursuing such plans, suggesting that widespread shutdowns could hamper emergency personnel or keep civilians from making emergency calls.
Later, Paul J. Browne, the Police Department’s chief spokesman, said the department wanted to preserve the option of monitoring conversations between terrorists should that prove more advantageous than cutting them off. He said that any plan to shut electronics transmissions was “only in the discussion stage.”
Mr. Browne said, “Our communications and technology people are looking for ways to disrupt cellphone and hand-held devices in a pinpointed way.”
He added: “We are not at a point where we are testing any equipment. We are talking to the industry and to people in other government agencies and among ourselves. What is known about this? What is possible? And what is being tested along these lines?”
Electronic jamming of cellphones or of global positioning systems is complicated but possible, and might already be in use by foreign military agencies, said Eric Lustig, a data systems manager at Eastern Communications, a Queens company that provides radio equipment to government agencies and other clients.
Cellular service in a big region, like a borough, could be simply shut down, he said. More compact sites, like an official motorcade, could be jammed by devices in the cars.
“You cannot draw straight lines around, or a circle around, an area where you would do it, but it is certainly possible to jam an area,” Mr. Lustig said. “If you are talking about a tall building, you would knock out cellphone communications for a far larger area. If you just wanted to knock out cellphones in a movie theater, it could be done.”
Mr. Lustig said it would be much more difficult to jam a satellite phone than a cellular phone, since the antenna is pointed at the sky.
9 Jan 2009
http://timesofindia.indiatimes.com/Cities/Mumbai_cops_probing_Wi-Fi_security/articleshow/3956633.cms
MUMBAI: City policemen will be soon seen roaming in the streets with laptops in their hands in search of unsecured Wi-Fi connections.
In an initiative taken by the Mumbai police, in the backdrop of terror mails sent before blasts and terror attacks, policemen will be sent to various locations in the city in search of unsecured Wi-Fi connections.
"If a particular place's Wi-Fi is not password protected or secured then the policemen at the spot has the authority to issue notice to the owner of the Wi-Fi connection directing him to secure the connection," DCP Sanjay Mohite said.
The notice will be issued by the police under section 149 of the Criminal Procedure Code which is to prevent the commission of a cognizable offence.
The step was taken at a conference today where around 80 police personnel were present to learn about Wi-Fi connections and cyber crime.
Terror mails were sent through unsecured Wi-Fi connections prior to the Delhi and Ahmedabad blasts.
While the mail sent before the Ahmedabad blasts was traced to the residence of US national Kenneth Heywood in Navi Mumbai, the mail sent prior to the Delhi blast was traced to a residence in suburban Chembur.
The Wi-Fi connections in both the cases were unsecured, which was used to send the terror mails.
Thanks for your Visit