WISH YOU A HAPPY AND SECURE YEAR 2009

Saturday, July 11, 2009

Quote of the day

Quote of the day

Patriotism is your conviction that this country is superior to all others because you were born in it.

George Bernard Shaw

New IT Term of the day

New IT Term of the day


lock-in


The phrase used to describe a Web page that disables the browser's back button and prevents the user from leaving the page via the back button. The lock-in practice was originally used by pornography Web sites, however, more mainstream Web sites also use lock-in to keep readers on the Web site once it has loaded. Also a form of mousetrapping.


BUG : Flaw Opens ATMs to Hackers

BUG : Flaw Opens ATMs to Hackers

A conference presentation would have exposed flaws in some cash machines.

By Robert Lemos

July 08, 2009

http://www.technologyreview.com/computing/22966/

Barnaby Jack, a security researcher at the computer networking giant Juniper, had planned to hack into an automatic teller machine (ATM) live onstage at the Black Hat Security Conference in Las Vegas later this month. But his presentation, designed to demonstrate the insecurity of various ATMs, attracted the attention of the financial industry as well as security professionals, and under pressure from ATM manufacturers, Juniper canceled the presentation last week, citing concerns that the vulnerabilities involved had still not been fixed.

"The vulnerability Barnaby was to discuss has far reaching consequences, not only to the affected ATM vendor, but to other ATM vendors and--ultimately--the public," wrote Brendan Lewis, director of corporate social media relations for Juniper in a statement posted to the company's official blog last week. "To publicly disclose the research findings before the affected vendor could properly mitigate the exposure would have potentially placed their customers at risk. That is something we don't want to see happen."

The presentation would have focused on exploiting vulnerabilities in devices running the Windows CE operating system, including some ATMs, according to a source familiar with the details. While the presentation was canceled to allow manufacturers more time to fix the vulnerabilities, Juniper had originally notified the company almost eight months ago, says the source, who asked not to be named.

Other security experts are not surprised that the vulnerabilities are there to find. Significant flaws in cash machines and ATM networks are plentiful, says Nicholas Percoco, senior vice president of TrustWave, an information security and compliance firm that has assessed the security of point-of-sale terminals, kiosks, and ATM networks. "It is very, very rare that a device comes to our labs--in fact, I don't think that it has happened--that we don't find a vulnerability," Percoco says.

DOS ATTACK : Cyber Attack Knocks US Govt Websites Offline

DOS ATTACK : Cyber Attack Knocks US Govt Websites Offline

By David Hamilton

WEB HOST INDUSTRY REVIEW

July 08, 2009

http://www.thewhir.com/web-hosting-news/070809_Federal_Websites_Knocked_Out_by_Cyber_Attack

The websites for several US government agencies, including some that patrol cyber crime, have been under attack since July 4, as a denial of service attack made many of these sites slow or accessible for as many as three days, signifying an unusually lengthy and sophisticated DoS attack.

The Treasury Department, Secret Service, Federal Trade Commission and Transportation Department websites were down at various periods beginning on the holiday weekend, according to the Associated Press, which spoke to officials inside and outside the government, who also noted that some sites were still experiencing problems as recently as Tuesday evening.

Not confined to government agencies, the DoS attack affected other Washington DC targets: The Washington Post (www.washingtonpost.com) and its Security Fix blog Security Fix blogger Brian Krebs said The Post had been under attack by roughly 60,000 compromised PCs from around the world, running malicious software that orders them to visit targeted websites over and over, rendering them unreachable to legitimate visitors.

SecureWorks malware research director Joe Stewart told Security Fix said the attack is hitting various sites in the US and South Korea simultaneously. The mysterious attack contained few clues of its origins, except for a cryptic line of text buried in the malware, which reads "get/china/dns."

While there has been no official statement from a name government official, security and monitoring companies have commented on the severity of the attack. Keynote Systems Internet technologies director Ben Rushlo told the Associated Press that the Transportation Department site was completely offline for two days, and the FTC site, which started to come back online late Sunday, was still inaccessible 70 percent of the time on Tuesday.

"This is very strange. You don't see this," he told the Associated Press. "Having something 100 percent down for a 24-hour-plus period is a pretty significant event... The fact that it lasted for so long and that it was so significant in its ability to bring the site down says something about the site's ability to fend off (an attack) or about the severity of the attack."

ATTACK : Cyber Attack Continue on South Korea

ATTACK : Cyber Attack Continue on South Korea

South Korea on high alert for more cyber attacks amid suspicions of North Korea involvement

By Hyung-jin Kim

July 9, 2009

http://blog.taragana.com/n/south-korea-on-high-alert-for-more-cyber-attacks-amid-suspicions-of-north-korea-involvement-103913/

SEOUL, South Korea — Seoul was on high alert Thursday for more cyber attacks amid suspicions that North Korea was behind a recent wave of Web site outages in South Korea and the United States. The South warned that computer networks of key infrastructure could be targeted.

The National Intelligence Service said in a statement it was strengthening cyber security measures for government computer networks, citing a possible new wave of attacks that could target national infrastructure operators like energy, telecommunications and media companies.

Earlier Thursday, the country’s leading computer security company also warned another wave of attacks was expected in South Korea later in the day. There was no word on whether U.S. sites would be hit again.

Seoul-based antivirus software developer AhnLab said it has analyzed a virus program that sent a flood of Internet traffic to paralyze Web sites in both South Korea and the United States. It said seven South Korean sites were likely to be targeted on Thursday.

Twelve South Korean sites were initially attacked Tuesday, followed by strikes Wednesday on 10 others, including government offices. The U.S. targets included the White House, Pentagon, Treasury Department and the Nasdaq stock exchange.

Some South Korean sites remained inaccessible or unstable on Thursday, including the National Cyber Security Center, affiliated with the main spy agency. No major disruptions, however, were reported.

The NIS informed members of parliament’s intelligence committee Wednesday that it believes North Korea or pro-Pyongyang forces were behind the cyber attacks, a lawmaker said.

On Thursday, Rep. Park Young-sun, a member of the committee, said a senior intelligence official told her the NIS suspects the North because the country warned it won’t tolerate what it claimed were South Korean moves to participate in a U.S.-led cyber warfare exercise, according to a statement from the opposition Democratic Party.

Park also told a party meeting that the NIS official cited the fact that most of the attacked sites were those of conservative organizations that have pushed the government to take a harder line on North Korea. Among the sites targeted were those of the presidential Blue House and the ruling Grand National Party.

Park said the NIS official told her the spy agency only gave the committee members the information in the form of a progress report, suggesting no conclusions had been made. Park didn’t identify the official.

The spy agency said it could not immediately confirm Park’s remarks.

The agency’s statement Thursday didn’t mention suspected North Korean involvement and only repeated it was closely cooperating with the U.S. and other countries to discover the origin of the attacks. On Wednesday it said the sophistication of the attacks suggested they were carried out at a higher level than rogue or individual hackers.

U.S. authorities also eyed North Korea as the origin of the trouble, though they warned it would be difficult to identify the attackers quickly.

Three U.S. officials said while Internet addresses have been traced to North Korea, that does not necessarily mean the attack involved Kim Jong Il’s government in Pyongyang. They spoke on condition of anonymity because they were not authorized to speak publicly on the matter.

On Thursday, the Dong-a Ilbo newspaper reported that South Korea has detected signs that North Korea or its sympathizers in China or elsewhere committed the cyber attacks.

The paper, citing an unidentified government official, said the assessment was made after an investigation of infected computers’ IP addresses — the Internet equivalent of a street address or phone number.

South Korean media reported in May that North Korea was running a cyber warfare unit that tries to hack into U.S. and South Korean military networks to gather confidential information and disrupt service.

The communist North has recently engaged in a series of threats and provocative actions widely condemned by the international community, including a nuclear test and missile launches.

The cyber outages were caused by so-called denial of service attacks in which floods of computers all try to connect to a single site at the same time, overwhelming the server that handles the traffic, the state-run Korea Information Security Agency said.

Ku Kyo-young from the state-run Korea Communications Commission said about 20,000 computers in South Korea had been infected by Wednesday evening and the number could have increased.

There were no immediate reports of financial damage or leaking of confidential national information, according to the Korea Information Security Agency. The attacks appeared aimed only at paralyzing Web sites.

KEY : Education is the Key to IT Security

KEY : Education is the Key to IT Security

FBI wants more online security education and skepticism

Symantec-hosted panel discussion reveals hacker profiles are hard to define, which is why security should be top-of-mind

By Maxine Cheung

9 July 2009

http://www.itbusiness.ca/it/client/en/home/News.asp?id=53818

NEW YORK - According to two U.S. government officials, Internet crime rates will continue to increase because end-users and enterprises lack awareness and education about the current online threat landscape.

During a Symantec hosted security panel held here Tuesday, Michael Stawasz, senior counsel for the computer crime and intellectual property section at the U.S. Department of Justice, based in Washington and Austin Berglas, supervisory special agent for the cyber crime unit at the FBI's New York office, spoke about today's cyber crime landscape and gave their advice on how users and organizations can prevent it.

With the Internet and online services being so widely accessed and available, online threats and vulnerabilities are becoming more common, said Stawasz.

“At the U.S. Department of Justice, getting our best practices out to scale for the amount of crimes that are being committed will be the biggest challenge for us at this point," Stawasz said. “Just having one or two people trained isn't enough for the whole country because you need to get more people trained.”

Berglas said that the individuals who are most vulnerable to cyber crime attacks are those who do not properly protect themselves and their computers.

While the motive behind many online attacks is for financial gain, Stawasz said there are people who commit these crimes for other reasons, such as for power and just for fun too.

Berglas agreed and gave the example of a 12-year-old kid who was redirecting traffic from a law firm's Web site to a site he had made, just for fun.

“You don't have to be that technically sophisticated to commit a cyber crime now,” he said. “You don't have to be a computer genius to partner with other criminals, or to purchase what you need to commit these crimes.”

In fact, both Berglas and Stawasz said it's difficult to define what a computer hacker or cyber criminal actually looks like, simply because the people who are doing it are so varied. Based on what he's seen, Stawasz said it's fair to say there are more male cyber criminals than there are women. Not only are juveniles committing these crimes, but adults and older adults are too, he added.

To better protect yourself from being the victim of an attack, Berglas says it's critical that users educate themselves about the threats and issues that are out in the online world today.

“People have to be careful with any personal information and documents they have on the computer,” Berglas said. “You have to be careful and users should ask themselves if they really want to click on the link from an e-mail user they don't know. Companies should be educating their customers the same way because the absolute vulnerability in this day and age is the uneducated consumer.”

Having security and anti-virus software will help any consumer and business; however Berglas says having just this, is simply not enough. Computers should also be kept up to date with security updates and users should guard their user id and passwords, he added.

It's as the popular saying goes, “If something doesn't look right, it probably isn't,” Berglas said.

Wednesday, July 8, 2009

Quote of the day

Quote of the day

When it rains all birds occupy shelter, but EAGLE is the bird that avoids the rain by flying above the cloud.

Problems are common to all but ATTITUDE makes the difference.

New IT Term of the day

New IT Term of the day


Ksplice


An extension of the Linux kernel that is used for rebootless updates. Security and source code patches are applied without needing to reboot the operating system. Ksplice is developed by Massachusetts-based company, Ksplice Inc.

BLOCKED : Internet, Twitter blocked in China city after ethnic riot

BLOCKED : Internet, Twitter blocked in China city after ethnic riot

The moves added to China's long-standing efforts to control online speech

By Owen Fletcher and Dan Nystedt

IDG News Service

07/06/2009

http://www.networkworld.com/news/2009/070609-internet-twitter-blocked-in-china.html?source=NWWNLE_nlt_daily_pm_2009-07-06

China appeared to block Twitter across the country and Internet access in a western province on Monday, after ethnic riots killed at least 140 people in the remote region.

The moves were an apparent bid to stanch the flow of information out of Xinjiang province and to prevent further rioting there. Over 800 other people were injured and the official death toll is likely to rise, the state-run Xinhua news agency said.

10 ways the Chinese Internet is different from yours

The government actions added to long-standing efforts to control online discussion of sensitive topics, especially at times of crisis.

"They cut off the Internet to shut down communications," said Wu'er Kaixi, an ethnic Uighur who fled China after helping lead pro-democracy protests there twenty years ago. The Uighurs are a minority concentrated in Xinjiang province that China has struggled to assimilate.

LAW : Kerala preparing new law to tackle cyber crimes

LAW : Kerala preparing new law to tackle cyber crimes

Jul 6, 2009

IANS

http://in.news.yahoo.com/43/20090706/860/ttc-kerala-preparing-new-law-to-tackle-c.html

Thiruvananthapuram, July 6 (IANS) Kerala Home Minister Kodiyeri Balakrishnan Monday told the state assembly that a comprehensive law is being prepared to tackle the increasing number of cyber crimes being reported in the state.

'We are working with the legal department to see that a comprehensive law is worked out. The current IT Act does not have enough teeth because it was formed a few years back, and since then the world of technology has changed dramatically. So that has to be amended,' Balakrishnan said.

Replying to a calling attention motion moved by Congress leader Thiruvanchoor Radhakrishnan, the minister said a full-fledged cyber police station has already started functioning here as the first step to tackle the menace.

Moving the motion, Radhakrishnan stressed that the use of mobile phones in educational institutions should be banned as it would go a long way in checking cyber crime.

'The mobile and the Internet have now been identified as root causes of cyber crimes and most of the victims are women and girls. A cyber fraud information centre has to be opened,' said Radhakrishnan.

Balakrishnan said: 'We have already started to computerise all police stations and also train police officials on the ways to conduct investigation into cyber frauds with the help of C-DAC (Centre for Development of Advanced Computing).'

RISK : No business is immune to cyber crime

RISK : No business is immune to cyber crime

Cyber getting crime worse

7th July 2009

http://www.thedaily.com.au/news/2009/jul/07/aap-cyber-crime-getting-worse-forum/

An international forum has heard no business is immune to cyber crime and it is only going to get worse.

About 100 experts from around the world are gathering in Brisbane on Tuesday for a high-tech crime symposium.

Queensland Police Commissioner Bob Atkinson said fraud and corporate crime using the internet was getting worse.

"Cyber crime is a global phenomenon that can be expected to continue to rise exponentially around the world as the internet continues its roll out," Mr Atkinson told a press conference.

"It is for this reason significant effort has been made to bring together an ensemble of national and international speakers and presenters together to gain a broader appreciation of a unique crime environment.

"No one nor any business is immune. If you own a computer or a phone you fall within the potential victim network."

Mr Atkinson said scams were becoming more sophisticated, using not only email and the web but mobile phone text messages.

"We see victims suffer not only embarrassment and humiliation but many victims are losing their home and life savings - everything," Mr Atkinson said.

"Additionally, we see that corporate entities are becoming more often the individual focus of highly skilled hackers and cyber criminals."

The conference has been organised for experts to share strategies and initiatives to crack down on net crime.

HACKED : South Korea govt websites hacked

HACKED : South Korea govt websites hacked

Reuters / NZPA

July 08, 2009

http://tvnz.co.nz/technology-news/south-korea-govt-websites-hacked-2835123

South Korean authorities issued a cyber security warning after the websites of several major government agencies and financial institutions were disabled by apparent hacker attacks.

The websites of the presidential office, Defence Ministry, and the National Assembly were saturated with access requests generated by malicious software on Tuesday, crippling server response to legitimate traffic, South Korea's Communications Commission said in a statement.

"The attacks consisted of massive harmful traffic to specific sites causing access slowdown or disablement, and some national institutions, banks and media sites have been targeted," it said.

Some government websites and online shopping services remained down on Wednesday and access to some US government sites from the country appeared to have been disabled.

The commission is working to block the spread of malicious software suspected of causing the attack and has advised users to keep security patches and anti-virus programmes up to date.

Police and prosecutors have begun an investigation into the incidents, South Korea's Yonhap news agency said.

News of the attack caused shares of some online security firms to jump on Wednesday morning, with Ahnlab Inc up by the market's 15% daily limit and ESTsoft Corp climbing 5.31% against the junior Kosdaq market 0.36% slide.

A similar attack on major websites in Estonia two years ago prompted the NATO military alliance to review its response against possible cyber-warfare.

Tuesday, July 7, 2009

Quote of the day

Quote of the day

Perhaps the most obvious political effect of controlled news is the advantage it gives powerful people in getting their issues on the political agenda and defining those issues in ways likely to influence their resolution.

W. Lance Bennett

Author, professor at University of Washington

Source: News: The Politics of Illusion, 1983

LSE to abandon failed Windows platform

ABANDONED : LSE to abandon failed Windows platform

By Steven J. Vaughan-Nichols

Jul 1 2009

http://blogs.computerworld.com/london_stock_exchange_to_abandon_failed_windows_platform

Anyone who was ever fool enough to believe that Microsoft software was good enough to be used for a mission-critical operation had their face slapped this September when the LSE (London Stock Exchange)'s Windows-based TradElect system brought the market to a standstill for almost an entire day. While the LSE denied that the collapse was TradElect's fault, they also refused to explain what the problem really wa. Sources at the LSE tell me to this day that the problem was with TradElect.

Since then, the CEO that brought TradElect to the LSE, Clara Furse, has left without saying why she was leaving. Sources in the City-London's equivalent of New York City's Wall Street--tell me that TradElect's failure was the final straw for her tenure. The new CEO, Xavier Rolet, is reported to have immediately decided to put an end to TradElect.

TradElect runs on HP ProLiant servers running, in turn, Windows Server 2003. The TradElect software itself is a custom blend of C# and .NET programs, which was created by Microsoft and Accenture, the global consulting firm. On the back-end, it relied on Microsoft SQL Server 2000. Its goal was to maintain sub-ten millisecond response times, real-time system speeds, for stock trades.

It never, ever came close to achieving these performance goals. Worse still, the LSE's competition, such as its main rival Chi-X with its MarketPrizm trading platform software, was able to deliver that level of performance and in general it was running rings about TradElect. Three guesses what MarketPrizm runs on and the first two don't count. The answer is Linux.

It's not often that you see a major company dump its infrastructure software the way the LSE is about to do. But, then, it's not often you see enterprise software fail quite so badly and publicly as was the case with the LSE. I can only wonder how many other Windows enterprise software failures are kept hidden away within IT departments by companies unwilling to reveal just how foolish their decisions to rely on archaic, cranky Windows software solutions have proven to be.

I'm sure the LSE management couldn't tell Linux from Windows without a techie at hand. They can tell, however, when their business comes to a complete stop in front of the entire world.

So, might I suggest to the LSE that they consider Linux as the foundation for their next stock software infrastructure? After all, besides working well for Chi-X, Linux seems to be doing quite nicely for the CME (Chicago Mercantile Exchange), the NYSE (New York Stock Exchange), etc., etc.

Kill threat scam hits Australian mobile phones

NEW TECHNIQUE : Kill threat scam hits Australian mobile phones

The Sunday Mail

July 05, 2009

http://www.news.com.au/couriermail/story/0,20797,25733434-8362,00.html?from=public_rss

AN SMS scam with a deadly twist is doing the rounds of Australian phones.

The text tells phone users: "I am about to kill you, if you want to live contact (hbko@ pobox.sk) to get information on what you will have to do to live. If you ignore this message, you will die."

Users who send a message to the email listed in the SMS receive a reply asking them for $A10,000.

It is believed the scam focuses Optus users in particular, but Vodafone customers have also reported receiving the threats.

The SMS is sent from the telephone number 856 207 580 237 and victims have reported multiple calls.

A Queensland Police Service spokeswoman said police were aware of the SMS and urged phone users who receive it to delete it immediately.

She urged anyone concerned by the SMS to contact their local police station.

Billions stolen in online robbery

VIRTUAL THEFT : Billions stolen in online robbery

Space trading game Eve Online has suffered a virtual version of the credit crunch.

BBC NEWS

2009/07/03

http://news.bbc.co.uk/go/pr/fr/-/2/hi/technology/8132547.stm

One of the game's biggest financial institutions lost a significant chunk of its deposits as a huge theft started a run on the bank.

One of the bank's controllers stole about 200bn kredits and swapped them for real world cash of £3,115.

As news of the theft spread, many of the bank's customers rushed to remove their virtual cash.

Space scandal

The theft from EBank took place in early June but only now have details emerged about the amount of money stolen and why it was taken.

The theft was carried out by EBank's chief executive, a player known as Ricdic, now known to be a 27-year-old Australian who works in the technology industry. His full identity has not been revealed save that his first name is Richard.

The stolen kredits amounted to 8% of the 2.6tn that Ebank had in its virtual vaults.

"Basically this character was one of the people who had been running EBank for a while. He took a bunch of (virtual) money out of the bank, and traded it away for real money," Ned Coker, of Icelandic company CCP which runs Eve, told the Reuters news agency.

Eve Online has about 300,000 players all of whom inhabit the same online universe. The game revolves around trade, mining asteroids and the efforts of different player-controlled corporations to take control of swathes of virtual space.

It has now emerged that Ricdic used the cash to put down a deposit on a house and to pay medical bills.

"I'm not proud of it at all, that's why I didn't brag about it," Ricdic told Reuters. "But you know, if I had to do it again, I probably would've chosen the same path based on the same situation."

Ricdic has now been thrown out of the game as trading in-game cash for real money is against Eve Online's terms and conditions.

The rules governing play within Eve would not have sanctioned Ricdic if he had simply stolen the cash and used it in the game, nor if he had bought kredits with real dollars.

The scandal is not the first to play out in Eve Online. In early 2009 one of the game's biggest corporations, called Band of Brothers, was brought down by industrial espionage.

Indian Orkut Accounts Compromised For Phishing

BEWARE : Indian Orkut Accounts Compromised For Phishing

SPAMfighter News

03-07-2009

http://www.spamfighter.com/News-12663-Indi...or-Phishing.htm



According to McAfee Avert Labs, as Web 2.0-based social networking sites such as Facebook and MySpace increase in popularity, their users too are increasingly proving as convenient attack points for identity scams and other online frauds. Recently, hackers, online scammers and other cyber-criminals have been using Twitter as well to phish off private data from Web surfers.



Aside these websites, another social networking site that cyber-criminals prefer to use is Orkut, which probably represents the most widely visited and popular social networking site across the Indian sub-continent. As a matter of fact, reports state that over 15% of Orkut traffic flows from India.



Consequently, phishers have devised a stylish approach i.e. in light of a huge population of Indian users favoring Orkut but being insufficiently tech-savvy, phishers and other online scammers have secured control over their accounts through the act of hijacking the Orkut networking accounts of these India-based users.



Seemingly, phishers have modified these accounts' user profiles, connecting them to their different fraudulent (phishing) websites that entice users into revealing their private details.



For instance, these phishing sites could pretend to be Orkut in its adult version. Meanwhile, it is reported that the fake Orkut website on sex-related content named "Orkut Sex" has met with ongoing success in enticing numerous Orkut members into feeding personal user identifications into the bogus site. Accordingly, when these identification details come into the hands of scammers, the latter use them to harvest other private details of the users and subsequently make illegal money transfers.



McAfee Avert Labs, meanwhile, has observed an array of phishing sites related to Orkut namely http://orkutst[blocked].tk, http://orkutsexlogi[blocked].tk, http://priya[blocked].freehostia.com, http://s3x[blocked].kilu.de and http://album[blocked].kilu.de.

Thus, security experts at McAfee once again repeat for end-users that they mustn't disclose their monetary or any other personal information online, especially on websites such as Orkut. They also reiterate that users must ensure for all protective measures, in place, on their computers, while avoiding all forms of phishing sites.



Moreover, users on Orkut, MySpace, Facebook and other social networking sites must make themselves aware of the botherations they might encounter if a malicious spam or phishing attack chases them.

This Day in History

Thanks for your Visit