Are Cyber Criminals Hard To Catch?

Despite 100,000 cyber crimes being committed every year UK authorities only caught 12 hackers.

In fact on average just one person was convicted of an offence under the Computer Misuse Act every month for the past 23 years.

We assume that it was not the same bloke, because he would be the most luckless criminal ever.

Campaigners from the Digital Trust, which supports victims of online abuse, said police do not know how to cope with the problem.

Need more laws

Criminal justice expert Harry Fletcher, who is a director of the Digital Trust, said: “The police still concentrate their resources on traditional offences offline, but most people are more likely to be mugged online than in the street.

“The law needs to change. It should, for example, be an offence to use any technological device to locate, listen to or watch a person without legitimate purpose.

“In addition, restrictions should be placed on the sale of spyware without lawful reasons. It should also be against the law to install a webcam or any other form or surveillance device without the target’s knowledge.”

Of course just creating new laws is not going to mean that more hackers will be caught, it will just mean that there are more crimes which they could be arrested for.

The conviction rate against hackers are not bad, if the coppers do arrest someone. Between 1990 to 2006 only 183 defendants were proceeded against and 134 found guilty under the Computer Misuse Act.

Unfortunately the Trust did not see, to realize that a lot of the hacks against companies and individuals come from overseas, particularly Russian or China. Changing laws in the UK would not change anything.

Source

LinkedIn Acquires Startup Refresh

In a move that could produce even more automated suggestions and tips for LinkedIn users, the professional network has purchased California startup Refresh, the maker of an app that gathers news and insights about participants in meetings.

Launched three years ago, Refresh is designed to be a “digital briefing book” that can call up online information related to people that users are scheduled to meet. The information can be anything from blog posts, news articles or Facebook posts to personal notes or favorite sports teams.

The Refresh mobile and desktop app is aimed at helping people relate to one another more quickly, but it can also be used to refresh one’s memory when running into acquaintances unexpectedly.

The details of the deal were not disclosed. Refresh has stopped taking on new users and its app will shut down April 15.

“Refresh has surfaced insights associated with hundreds of millions of meetings, and has been central to countless connections and closed deals,” co-founder Bhavin Shah wrote on the Refresh blog in announcing the deal.

LinkedIn already has an app called Connected that was somewhat of a rival to Refresh. It can log the people users have met and offer updates and information about interests shared with “connections,” which are acquaintances in the LinkedIn lingo. It’s unclear whether Refresh features will be added to Connected or the LinkedIn website itself.

“Our team will focus its efforts on providing LinkedIn members with more insights to help them better do their jobs,” Shah wrote.

Source

Uber Suffers A Data Breach

The names and license plate numbers of about 50,000 Uber drivers were exposed in a security breach last year, the company revealed on Friday.

Uber found out about a possible breach of its systems in September, and a subsequent investigation revealed an unauthorized third party had accessed one of its databases four months earlier, the company said.

The files accessed held the names and license plate numbers of about 50,000 current and former drivers, which Uber described as a “small percentage” of the total. About 21,000 of the affected drivers are in California. The company has several hundred thousand drivers altogether.

It’s in the process of notifying the affected drivers and advised them to monitor their credit reports for fraudulent transactions and accounts. It said it hadn’t received any reports yet of actual misuse of the data.

Uber will provide a year of free identity protection service to the affected drivers, it said, which has become fairly standard for such breaches.

The company said it had filed a “John Doe” lawsuit Friday to help it confirm the identity of the party responsible for the breach.

Source

Anthem Gets Hacked

Health insurer Anthem Inc, which has nearly 40 million U.S. customers, has confirmed that hackers had breached one of its IT systems and stolen personal information relating to current and former consumers and employees.

The No. 2 health insurer in the United States said the breach did not appear to involve medical information or financial details such as credit card or bank account numbers.

The information accessed during the “very sophisticated attack” did include names, birthdays, social security numbers, street addresses, email addresses and employment information, including income data, the company said.

Anthem said that it immediately made every effort to close the security vulnerability and reported the attack to the FBI. Cybersecurity firm FireEye Inc FEYE. said it had been hired to help Anthem investigate the attack.

The company did not say how many customers and staff were affected, but the Wall Street Journal earlier reported it was suspected that records of tens of millions of people had been taken, which would likely make it the largest data breach involving a U.S. health insurer.

Anthem had 37.5 million medical members as of the end of December.

“This attack is another reminder of the persistent threats we face, and the need for Congress to take aggressive action to remove legal barriers for sharing cyber threat information,” U.S. Rep. Michael McCaul, a Republican from Texas and chairman of the Committee on Homeland Security, said in a statement late Wednesday.

Source

U.S. And Britain Ramping Up Cyber Defense

The U.S. and Britain are increasing their collaboration to thwart digital threats. They are planning to launch more attacks against each other to test their defenses and scare away possible enemies.

The U.S. and the U.K. have been working together to prevent cyber attacks for some time, but are going to increase the collaboration. They will combine their expertise to set up “cyber cells” on both sides of the Atlantic to increase sharing information about threats and to work out how to best protect themselves and create a system that lets hostile states and organization know they shouldn’t attack, said U.K. prime minister David Cameron in an interview published by the BBC.

Cyber attacks “are one of the biggest modern threats that we face,” according to Cameron who is visiting Washington for talks with U.S. president Barack Obama. One of the topics high on the agenda is digital security.

The countries will increase the “war games” launched at each other to test defenses. “It is happening already but it needs to be stepped up,” Cameron said, adding that British intelligence service GCHQ and the U.S. equivalent NSA have know-how that should be shared more.

“It is not just about protecting companies, it is also about protecting people’s data, about protecting people’s finances. These attacks can have real consequences to people’s prosperity,” he said.

However, in order to protect companies and citizens better, increased snooping powers to track terrorists on social networks are necessary, said Cameron. He is planning to discuss this issue with Obama and U.S. companies including Google and Facebook.

The increased cooperation between the countries comes in the wake of the Sony hack and the apparent hacking of the U.S. Central Command’s Twitter account by ISIS (Islamic State of Iraq and Syria), which posted tweets threatening families of U.S. soldiers and claiming to have hacked into military PCs.

Source

Symantec Uncovers Advanced Spying Malware

An advanced malicious software application has been discovered that since 2008 was used to spy on private companies, governments, research institutes and individuals in 10 countries, anti virus software maker Symantec Corp said in a report on Sunday.

The Mountain View, California-based maker of Norton anti virus products said its research showed that a “nation state” was likely the developer of the malware called Regin, or Backdoor. Regin, but Symantec did not identify any countries or victims.

Symantec said Regin’s design “makes it highly suited for persistent, long-term surveillance operations against targets,” and was withdrawn in 2011 but resurfaced from 2013 onward.

The malware uses several “stealth” features “and even when its presence is detected, it is very difficult to ascertain what it is doing,” according to Symantec. It said “many components of Regin remain undiscovered and additional functionality and versions may exist.”

Almost half of all infections occurred at addresses of Internet service providers, the report said. It said the targets were customers of the companies rather than the companies themselves. About 28 percent of targets were in telecoms while other victims were in the energy, airline, hospitality and research sectors, Symantec said.

Symantec described the malware as having five stages, each “hidden and encrypted, with the exception of the first stage.” It said “each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible to analyze and understand the threat.”

Regin also uses what is called a modular approach that allows it to load custom features tailored to targets, the same method applied in other malware, such as Flamer and Weevil (The Mask), the anti virus company said. Some of its features were also similar to Duqu malware, uncovered in September 2011 and related to a computer worm called Stuxnet, discovered the previous year.

Symantec said Russia and Saudi Arabia accounted for about half of the confirmed infections of the Regin malware and the other countries were Mexico, Ireland, India, Iran,Afghanistan, Belgium, Austria and Pakistan.

Source

Office 365 Goes Video Streaming

Microsoft unveiled Office 365 Video, a YouTube-like streaming service where enterprises and large organizations can post in-house video content for communication and training.

“Office 365 Video provides organizations with a secure, company-wide destination for posting, sharing and discovering video content,” said Mark Kashman, a senior product manager with the Office 365 team, in a blog posting.

Kashman touted Video as a tool for internal communications, citing the examples of new-employee orientation, management messaging and worker training. Employees will also be able to contribute to a “Community” section, though most companies will probably frown on cat antic clips.

The service rolls out over the next few days to companies that have registered for Office 365′s First Release early distribution program, then through early 2015 to others.

Video will be available only to subscribers of Office 365′s plans for enterprises — E1 through E4 — and universities (A2 through A4). It will not be offered to consumer subscribers or firms with small business-oriented plans like Business Essentials, Business and Business Premium.

Kashman also said Office 365 plans for government agencies will get Video at some point, but he did not proffer a timeline.

The other requirement is SharePoint Online, an off-premises component of the enterprise and academic plans, but missing from the increasingly popular Office 365 ProPlus, the rent-not-buy plan used by organizations that have decided to retain their back-end services, like SharePoint and Exchange, on premises.

Although Office 365 Video has elements of consumer streaming services like Google’s YouTube, it’s strictly an in-house affair: It will be available only to employees, and then only those whom IT administrators have assigned access rights.

Source

Self-Healing Software On The Way

Researchers at the University of Utah have developed self-healing software that detects, expunges and protects against malware in virtual machines.

Called Advanced Adaptive Applications (A3), the software suite was created in collaboration with US defence contractor Raytheon BBN over a period of four years.

It was funded by DARPA through its Clean-Slate Design of Resilient, Adaptive, Secure Hosts programme, and was completed in September, Science Daily reported on Thursday.

A3 features “stackable debuggers”, a number of debugging applications that cooperate to monitor virtual machines for indications of unusual behaviour.

Instead of checking computer object code against a catalogue of known viruses and other malware, the A3 software suite can detect the operation of malicious code heuristically, based on the types of function it attempts.

Once the A3 software detects malicious code, it can apparently suspend the offending process or thread – stopping it in its tracks – repair the damage and remove it from the virtual machine environment, and learn to recognise that piece of malware to prevent it entering the system again.

The self-healing software was developed for military applications to support cyber security for mission-critical systems, but it could also be useful in commercial web hosting and cloud computing operations.

If malware gets into such systems, A3 software could detect and repair the attack within minutes.

The university and Raytheon demonstrated the A3 software suite to DARPA in September by testing it against the notorious Shellshock exploit known as the Bash Bug.

A3 detected and repaired the Shellshock attack on a web server within four minutes. The project team also tested A3 successfully on another six examples of malware.

Eric Eide, the research associate professor of computer science who led the A3 project team along with computer science associate professor John Regehr, said: “It’s pretty cool when you can pick the Bug of the Week and it works.”

The A3 self-healing software suite is open source, so it’s free for anyone to use, and the university researchers would like to extend its applicability to cloud computing environments and, perhaps eventually, end-user computing.

Professor Eide said: “A3 technologies could find their way into consumer products someday, which would help consumer devices protect themselves against fast-spreading malware or internal corruption of software components. But we haven’t tried those experiments yet.”

Source

Will The Drupal Flaw Be Catastrophic?

The Drupal web content management system has been exposed as having backdoor access that could deliver your site to hackers.

The problem is not particularly new. Drupal warned about it earlier this month, but it still needs tackling as millions of websites may be at risk.

Drupal said that sites running version 7 really ought to have upgraded to 7.32 by now, because not doing so leaves them as open as a torn tea bag.

Initially the alert was about the threat, but the firm has updated its earlier advice and is now warning of in-the-wild attacks.

That earlier advice was about a problem in a database API. “A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution,” warned Drupal in a security alert.

“Depending on the content of the requests this can lead to privilege escalation, arbitrary PHP execution, or other attacks. This vulnerability can be exploited by anonymous users.”

More recent information from the firm points users toward the released upgrade, and informs them that attacks started not long after the initial announcement.

“You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is seven hours after the announcement,” it said, adding that, even when updated, sites will have some cleaning up to do.

“If you have not updated or applied this patch, do so immediately, then continue reading this announcement; updating to version 7.32 or applying the patch fixes the vulnerability but does not fix an already compromised website,” it explains.

“If you find that your site is already patched but you didn’t do it, that can be a symptom that the site was compromised – some attacks have applied the patch as a way to guarantee they are the only attacker in control of the site.”

Gavin Millard, EMEA technical director at Tenable Network Security, advised people to follow Drupal’s advice.

“The so-called ‘Drupageddon’ vulnerability could have easily led to exploitation of any systems running the vulnerable code. With such an easy to exploit flaw, the chance of exfiltration of data or further exploitation are high,” he said.

“For those who have good security controls, reviewing of logs and traffic directed at the sites following the vulnerability being announced and the patch applied is common sense and highly advisable, with appropriate action taken if indicators of compromise are found.

“For those who don’t have such a good level of security or visibility into the logs, the advice from the Drupal team should be heeded. If you don’t know if you were exploited you should assume that you have been.”

Source

Google Goes To The Supreme Court

Google has asked the U.S. Supreme Court to rule on contentious litigation against Oracle arguing that the high court must act to protect innovation in high tech.

Google’s request seeks to overturn an appeals court ruling that found Oracle could copyright APIs of its Java programming language, which Google used to design its Android smartphone operating system.

Oracle sued Google in 2010, claiming that Google had improperly incorporated parts of Java into Android. Oracle wants $1 billion on its copyright claims. Oracle claimed Google’s Android trampled on its rights to the structure of 37 Java APIs. A San Francisco federal judge had decided that Oracle could not claim copyright protection on parts of Java, but earlier this year the U.S. Court of Appeals for the Federal Circuit in Washington disagreed.

In its filing this week, Google said the company would never been able to innovate had the Federal Circuit’s reasoning been in place when the company was formed.

“Early computer companies could have blocked vast amounts of technological development by claiming 95-year copyright monopolies over the basic building blocks of computer design and programming,” Google wrote.

Source

« Previous Page — Next Page »