Tuesday, December 14, 2010
Broadband and mobile internet access is spreading to more Americans, making them more likely to access health information whenever and wherever they need it. The always-on, always-with-you internet enhances people's online experience and creates a positive feedback loop, reinforcing their interest in using the internet to gather and share information. And yet, those who are online have a trump card. They have each other. Pew Internet’s research finds that having a chronic disease increases the probability that an internet user will share what they know and learn from their peers. They unearth nuggets of information. They blog. They participate in online discussions. And they just keep going.
(Source: Pew Internet Research Center)
Full story
Pew Internet Research Center
McDonald's is working with law enforcement authorities after malicious hackers broke into another company's databases and stole information about an undetermined number of the fast food chain's customers.
McDonald's has also alerted potentially affected customers via e-mail and through a message on its Web site. "We have been informed by one of our long-time business partners, Arc Worldwide, that limited customer information collected in connection with certain McDonald’s websites and promotions was obtained by an unauthorized third party," a McDonald's spokeswoman said via e-mail on Saturday. McDonald's hired Arc to develop and coordinate the distribution of promotional e-mail messages, and Arc in turn relied on an unidentified e-mail company to manage the customer information database. This e-mail company's systems were hacked into.
(Source: Computer World)
Full story
Computer World
Friday, December 10, 2010
Google said Thursday that it expects to introduce more stringent copyright protection policies to prevent questionable web sites from participating in Google's services. The goal is to protect content creators from having their intellectual property exploited, the company said. At YouTube, Google already offers Content ID -- a set of audio and video matching tools that give content providers controls to manage their content if someone uploads it.
Participating rights holders provide reference files for comparing with the content on YouTube, and when matches are found the rights holder is given the opportunity to block, track or earn money from creations. "We're seeing media companies make the most of this revenue opportunity," noted YouTube Product Manager David King in a blog. "In the last quarter alone, claims to make money from videos increased 200 percent."
(Source: Newsfactor Network)
Full story
Newsfactor Network
Tuesday, December 07, 2010
The government is finalising an intensive e-education programme which would ensure that information communication technology (ICT) is integrated in the teaching and learning processes. This was revealed by the minister for Education and Vocational Training, Dr Shukuru Kawambwa, in Dar es Salaam over the weekend. He said the programme dubbed “Tanzania Beyond Tomorrow” was important due to the fact that the world had become a village and therefore the ICT element was expected to enable Tanzanian children to compete globally. This, according to the minister, was part of the government’s plans to streamline the education sector between 2010 and 2015. “The second phase of Sedep (2010-2015) would see the completion of school infrastructure, providing teaching and learning materials, building science laboratories and libraries, as well as building capacities of the teaching teams,” he said.
(Source: The Citizen)
Full story
The Citizen
Tuesday, November 16, 2010
Hosted by the Government of Botswana through the Department of Research, Science and Technology, Supported by the European Commission and African Union Commission and Technical Co-Sponsored by IEEE, IST-Africa 2011 will take place in Gaborone, 04 - 06 May 2011. The scientific programme for IST-Africa 2011 is based on an open Call for Papers The core thematic areas are eHealth, eInfrastructures, Technology Enhanced Learning and ICT Skills, Digital Libraries and Intelligent Content, Living Labs, Open Source Software, ICT for eInclusion and eAccessibility, ICT for Environmental Sustainability, RFID and Networked Enterprise, eGovernment, Networked Media, Transformation of Research Results into Local Innovation, Cloud Computing and IPv6. Interested presenters are encouraged to prepare an 8 page paper (4,000 - 5,000) words following the IST-Africa 2011 paper guidelines and paper template for submission online by 30 November.
All submissions will be double blind reviewed by the International Programme Committee and authors will receive feedback in January. Accepted authors will then be invited to submit a final paper taking account of feedback provided for inclusion in the conference proceedings by 18 February.
(Source: IST Africa)
Full story
IST Africa
Thursday, November 11, 2010
The British government says cyber crime is now one of the biggest risks to national security. A new cyber crime unit is to be set up which will both defend from and be able to attack other nations. As more of the world comes online, so the number and location of PCs available for hijacking is changing. Spencer Kelly investigates what the latest threats look like, and how they can be avoided. For the full story on "How to avoid the fake security tool scam", click here
(Source: BBC)
Full story
BBC
Tuesday, November 09, 2010
Identity theft and misuse of data is of top concern to people around the world as well as in the United States. That's a challenge for our society, our political leadership and the IT industry. It's also a challenge to our customers. End users are sensitive to security technology and security safeguards used for Internet banking and online transactions. Our belief is that it's best to let people see that you have good security rather than making it invisible to people. It's the equivalent of showing people the vault in the back room in your great grandmother's generation.
What people want to see now is that their Internet banking and identity data is safe. We've seen this more than we did three or four years ago. Our customers want two-factor identification not to be invisible. If you log onto your bank through a kiosk device it acknowledges that you haven't used this device before and it puts you through an extra handshake.
(Source: Forbes)
Full story
Forbes
The increased interest in e-waste recycling comes as Kenya enters a new regulatory regime, with guidelines that are meant to steer the formation of a new policy to support recyclers of obsolete mobiles, fridges, televisions, and computers, among other electronic items.
"Providing IT e-waste recycling is a logical extension of our current work in providing technology for schools across Kenya. Our engagement with HP will allow us to manage our own end of life equipment from schools and provide a local service where there is currently no provision for IT e-waste recycling, said Eoghan Crosby, the technical director at Camara. The plant is expected to handle 500 tonnes of e-waste in a year.
(Source: All Africa)
Full story
All Africa
Friday, November 05, 2010
Facebook admitted late last week that some developers have sold user IDs (UIDs) to data brokers. The popular social-networking site said it has taken steps to prevent this in the future, including a six-month suspension of some developers. In a post Friday on the company's Developer Blog, Facebook's Mike Vernal said the company has "discovered some instances where a data broker was paying developers for UIDs." He noted that the developers were less than a dozen, mostly small developers, and that none of the apps were in the top 10 on the platform. He also noted that some sharing of UIDs happened "inadvertently" due to "an issue with the way that web browsers work." He added that no evidence was found that this "sharing" resulted in the collection of private user information. With a user ID, a user's public information, including name, can be found. The Journal found that at least one data broker, RapLeaf, had correlated the user IDs with its own database of Net users, and had shared the Facebook IDs with other firms.
This kind of data correlation can help to create a user behavioral profile. RapLeaf said the sharing wasn't intentional, and has agreed to remove all the UIDs it has. The company is no longer allowed to conduct activities on the Facebook platform.
(Source: News Factor Network)
Full story
News Factor Network
Friday, October 29, 2010
A former IT staffer has been sentenced to a year and a day in prison for stealing sensitive information belonging to his co-workers and using the data to make money filling out online health surveys. Cam Giang, 31, was fired from the University of California San Francisco Medical Center earlier this year after investigators discovered that he'd been using the names, birthdays and Social Security numbers of other UCSF employees to fill out hundreds of online surveys.
The point was to collect online vouchers, worth US$100 each. He had worked at the medical center's IT department for five years and had access to the sensitive information through his job, according to court records. Between January and April of this year, Giang filled out 382 surveys before the company that was paying for them, StayWell, figured out what was going on. StayWell had been offering UC employees the gift vouchers as incentives to fill out health surveys, but it grew wise to the scam. The company received complaints from employees who couldn't fill out the survey. When StayWell investigated, it turned out that Giang had already filled out surveys in their names.
(Source: Computer World)
Full story
Computer World
Thursday, October 28, 2010
The European Commission is organizing a workshop on Understanding the role of ICT in the integration of Immigrant and Ethnic Minorities (IEM), on November 23rd, 2010, in Brussels that will encourage the sharing of good practices and research studies in the area of ICT-enabled or supported IEM participation in lifelong learning, improved employability and social integration.
Indeed, recent research has shown the importance of ICT (among which social computing applications seems to play a specifically important role) in the process of enabling the socio-economic integration of IEM people and fostering cultural diversity in our European knowledge societies. Different types of integration where ICT play a role can be distinguished, as top-down and mediated integration, which relies upon online welcoming and integration services provided by public or third sector social organisations which are increasingly taking advantage of ICT to facilitate the integration of IEM; or bottom-up integration, which relies on informal hospitality and is directly linked to social networking processes between migrants and members of the host society.
(Source: European Commission)
Full story
European Commission
ZDNet reported recently that a Western Australian man was the victim of a new bizarre twist of identity theft. According to the report, Roger Mildenhall, was contacted by a neighbor saying he had seen one of his investment houses for sale. Mildenhall looked into it and found that it was for sale . He was also surprised to learn that he sold another property in June. In this economy, you might jump for joy. Roger was dumbfounded since he never intended to sell these properties - this was done unauthorized by him.
ALL transactions were made via email, telephone, and fax. No human interaction. The report indicates that alleged scammers hacked into Mildenhall's email account. From there they were able to get to his personal and property documents.
(Source: Infosec Island)
Full story
Infosec Island
Monday, October 25, 2010
As technology advances, children are becoming quite adept at using smart phones, surfing the web, posting pictures, etc. So it may be important to sit your child down and teach them one quick lesson about the Internet:
What happens on the Internet, Stays on the Internet…FOREVER
And as parents, before you hand over that phone to provide some extra entertainment when you get stuck in line at a restaurant, you may want to make sure all other applications are locked down, you have signed out of your email and other social networking sites, and that before anything can be sent a passwords must be entered.
(Source: Infosec Island)
Full story
Infosec Island
Google Inc admitted for the first time its "Street View" cars around the world accidentally collected more personal data than previously disclosed -- including complete emails and passwords -- potentially breathing new life into probes in various countries. The disclosure comes just days after Canada's privacy watchdog said Google had collected complete emails and accused Google of violating the rights of thousands of Canadians. "If in fact laws were broken...then there's some serious question of culpability and Google may need to face significant fines," said Marc Rotenberg, the executive director of the Electronic Privacy Information Center, a Washington DC-based privacy advocacy group.
Regulators in France, Germany and Spain, among others, have opened investigations into the matter. A coalition of more than 30 state attorneys general in the United States also have launched a joint probe. It remains unclear how many people may have been affected by the privacy breach.
(Source: Reuters)
Full story
Reuters
Wednesday, October 20, 2010
Nearly half of home wi-fi networks can be hacked in less than five seconds, according to a study carried out across the UK. Of the 40,000 networks identified across six cities, just under 20,000 had no password or the most basic form of security encryption, the research for card protection and insurance company CPP found. In the “ethical hacking” experiment, researchers spent half an hour in each city using freely-available software to use as many unsecured wireless connections as possible. Nearly a quarter of the private networks (9,249) had no password, despite 82% of Britons saying their network is secure. But the study found even password-protected networks were not secure, with hackers able to breach a typical password in seconds.
(Source: Belfast Telegragh)
Full story
Belfast Telegragh
All network security equipment, the strongest of which is used by the financial industry, is exposed to a new kind of online attack, Finnish data security vendor Stonesoft said on Monday. Stonesoft said it has found a new threat category -- advanced evasion techniques (AETs) -- which simultaneously combine different evasions in several layers of networks, and in the process become invisible for security gear. While evasions -- tools hackers often use to penetrate network security -- are nothing new, AETs package them in new ways to let attackers bypass most firewalls and intrusion detection and prevention systems (IPS) without being detected.
This could give them access to data on secure corporate networks and allow them to plant further attacks. "From the point of view of cybercriminals and hackers, advanced evasion techniques work like a master key to anywhere," said Klaus Majewski, business development chief at Stonesoft. "Current protection against advanced evasion techniques is next to zero. This is a new thing and there is no protection against it currently," Majewski said.
(Source: Reuters)
Full story
Reuters
Canada is seeing e-health gains in the area of medication, with an estimated $436 million in cost savings and efficiencies this year, a report released Wednesday says. Drug information systems, which are hooked up now mainly in the western provinces and Prince Edward Island and to a lesser extent elsewhere, allow pharmacists and health-care providers to electronically access records of a patient's prescription medications. And they provide a full and accurate medication history so that potential drug interactions or allergies can be caught before they happen. The $436-million tally and report were compiled by Deloitte for Canada Health Infoway, a federally funded organization that was founded in 2001 and charged with helping provinces and territories to adopt electronic health-record projects.
"We expect that number to increase over time as drug information systems are more widely used in the country, and we get more experienced with their use," said Jennifer Zelmer, senior vice-president of clinical adoption and innovation at Infoway.
(Source: CBC)
Full story
CBC
Thursday, October 14, 2010
Countries all over the world are facing manifold challenges regarding their healthcare delivery. Due to limited budgets and increasing demand for high-quality healthcare services, new cost-efficient, reliable and interconnected systems need to be developed. E-health can make a significant contribution to ensure high-quality, sustainable healthcare systems. The Global E-Health Forum, which will take place on October 25 + 26, 2010 in Hamburg, Germany, will address these challenges.
The primary aim of the organizers of the Global E-Health Forum, the Hamburg Chamber of Commerce, IBM and the European Health Telematics Association (EHTEL), is to provide a cross-sector forum for representatives from hospitals and clinics, governments, health insurance organizations, service providers and the media. Policymakers, users, suppliers and implementation managers will have the opportunity to learn from each other and to develop collaborative working relationships.
(Source: Global E-Health Forum)
Full story
Global E-Health Forum
INTERPOL has launched an international initiative which will see the world police body provide a list of Internet domains containing severe child sexual abuse content to Internet Access Service Providers (ASPs) voluntarily participating in the scheme to reduce the availability of such material on the Web. Under the scheme, Internet users attempting to access severe child abuse material on the web will be re-directed away, either to an INTERPOL stop page or to an error page.
INTERPOL’s Trafficking in Human Beings unit, which steers the world police body’s combat against child sexual exploitation, will work with the Organization’s National Central Bureaus and international police forces amongst its 188 member countries in updating and enlarging this “Worst of” list of domains containing severe child sexual abuse material, according to criteria defined in collaboration with the pan-European police project CIRCAMP – the COSPOL (Comprehensive Operational Strategic Planning for the Police) Internet Related Child Abusive Material Project.
(Source: Interpol)
Full story
Interpol
Tuesday, October 12, 2010
PRE-TEENS should not be on Facebook, insists Queensland Premier Anna Bligh - and the social networking site needs to work harder at enforcing the 13-year age limit. "I think that parents are right when they say that primary school children should not be on Facebook and I support Queensland parents when they say that Facebook needs to do more to address their legitimate fears," Ms Bligh said. "Vigilant parents can email the company if their child is under 13 and the child's site will be shut down.
''Unfortunately, there really is nothing to stop their child setting up another site." Sandy White from Norman Park in Brisbane's inner east is the mother of Thomas, 13, and Ryan, 12. She believes the number of primary school children using Facebook is growing. "I do not allow my boys to have a Facebook account, even though they would love to. It seems the norm these days is for children as young as 10 or 11 to join up but I believe that children of that young age are defenceless to predators.
(Source: Queensland Newspapers)
Full story
Queensland Newspapers
Wednesday, October 06, 2010
Addiction counsellors have told Newsbeat they're seeing more cases of people worried about being hooked on playing video games. There are now calls for the gaming industry to offer more support to people who can't switch off. Technology or computer addiction isn't officially recognised as a clinical condition. But the group representing games companies admits there needs to be more research into the problem.
"Most of the people that are getting into difficulties tend to be in their teenage years and early 20s. "As that generation moves through and others come on behind, I think the problem is going to get bigger."
(Source: BBC)
Full story
BBC
Appropriately for a month that concludes with a holiday designed around scary things, October has been declared Cyber Security Awareness Month. President Obama recently signed a proclamation and urged everyone to back up files, keep Internet-surfing children safe, and "play an active role in securing the cyber networks we use every day." National Cyber Security Awareness Month is part of a campaign organized by the National Cyber Security Alliance (NCSA) and backed by the Department of Homeland Security.
The government agency said, "America's competitiveness and economic prosperity in the 21st century will depend on effective cybersecurity." NCSA said October's designation is part of the first Global Online Safety Campaign, called STOP | THINK | CONNECT, which began Monday. The public-private partnership is intended to "help all digital citizens employ universal behaviors to protect themselves," the organization said.
(Source: NewsFactor Network)
Full story
NewsFactor Network
Tuesday, October 05, 2010
The Department of the Prime Minister and Cabinet has sponsored a new online directory of Australia's security professionals and academia, which aims to highlight leaders in the industry. The National Security Research Directory is a brain's trust of hundreds of experts operating in a burgeoning list of fields across IT security, biometrics and counter-terrorism. It includes research topic areas such as applied cryptography, physical security and "ubervelliance" — a system with the ability to automatically locate and identify individuals and predict their movements.
Deputy national security advisor Margot McCarthy said the network will tighten coordination on matters of national security in the public and private sectors. McCarthy also announced the National Security Advisor's Group within the Department of the Prime Minster and Cabinet, which will report directly to the National Security chief information officer, Rachael Noble, on issues including cybersecurity.
(Source: ZD Net)
Full story
ZD Net
Nearly six-in-ten adults (58%) have done research online about the products and services they buy, and about a quarter (24%) have posted comments or reviews online about the things they buy. On a typical day, 21% of adults search for product information online.
This is an increase from 15% in 2007 and 9% in 2004. The 2010 data come from a telephone survey by the Pew Research Center’s Internet & American Life Project conducted between August 9 and September 13, 2010. The survey was administered to a sample of 3,001 adults, age 18 and older, using a combination of landline and cellular telephones. Interviews were conducted in English or Spanish. The sample margin of error is plus or minus 2.5 percentage points for the general population and plus or minus 2.9 percentage points for internet users (n=2,065). Among internet users, 78% say that they at least occasionally conduct product research and 32% report that they have posted online product comments.
(Source: Pew Internet Research)
Full story
Pew Internet Research
500 million users worldwide and still growing, Facebook is now ubiquitous. Because of its popularity, minors have jumped onto the social media bandwagon, too, and they use networking the same way adults do--to share pictures, connect with friends, organize events, and play social games. And that can be a problem.
For the most part, Facebook provides a fun and safe way for users of all ages to communicate with their pals. But because kids and teens are, well, kids and teens, they're the ones most at risk of falling victim to the dangers of Facebook. With a bit of strategic parental guidance, you can educate your kids about the potential hazards of social media and give them the tools they need to protect themselves from online predators, guard their personal information, preserve their online reputation, and avoid suspicious downloads that could harm your PC.
(Source: PC World)
Full story
PC World
Thursday, September 23, 2010
Students awaiting loans and grants should watch out for scam emails asking for bank details, Student Finance England warns Students were today warned to beware of scam emails purporting to be about loans and grants, after it emerged that 50 phishing websites targeting young people have been shut down during the last year.
Hundreds of thousands of people are starting university in the coming weeks, and Student Finance England, which processes English students' loans and grants, today urged students to "remain vigilant" and not disclose any personal or bank details in response to email requests that look like they are from either itself or its parent company, the Student Loans Company. Student Finance England expects to make payments to more than 600,000 students this week, and fraudsters are taking advantage of the timing to target students who are waiting for money to arrive. Heather Laing, its fraud manager, said: "Students are likely to receive a great deal of correspondence from Student Finance England at this time, with payment schedule letters or letters requesting further information coming through the door. Some students may fall victim to an email request that looks to be from Student Finance England or the Student Loans Company asking for confirmation of bank details. However, we will never ask students to confirm their bank details via email. If they do receive such a request, they should forward it on to us to investigate."
(Source: Guardian)
Full story
Guardian
For the 10th eLearning Awards, European Schoolnet and ENISA, the European Network and Information Security Agency, announce a new prize category called "Teaching online safety and citizenship".
The rapid spread of internet use among young people is making it essential to address eSafety and ePrivacy, in order to protect young people from online risks and threats and to prepare them to use digital technologies in a secure and responsible way. As a major European actor for eSafety and ePrivacy, ENISA highly encourages all teachers to address these issues with their young students. “Young people and children are today amongst the biggest user groups of online technologies in Europe. It is important to equip them with the skills and knowledge to stay safe online,” said Dr Udo Helmbrecht, Executive Director of ENISA.
(Source: ENISA)
Full story
ENISA
Tuesday, September 21, 2010
Harrisburg University has banned these social media sites, as well as MySpace and AOL Instant Messenger, for one week on the Pennsylvania campus, starting September 13.
The ban is not because of any security or privacy issue. Rather, it is an experiment to make students and faculty members think about the significance of social media and how best to benefit from this channel in its absence. "We're not trying to stop all access to these sites," says Charles Palmer, executive director of the Center for Advanced Entertainment and Learning Technologies. "We're trying to enhance people's ability to reflect on how technology impacts their daily lives and really generate valuable conversations." According to Jeffery Mechling, a prominent author and lecturer at the Harvard Kennedy School, "People depend a lot on those they trust. Making those connections easier is powerful, as social media have demonstrated. But this is a new phenomenon, so studying and understanding better is valuable."
(Source: Bank Info Security)
Full story
Bank Info Security
In UK, ISPs must pay 25 per cent of the cost of implementing new anti-piracy measures, it has been announced. The process of identifying and informing broadband customers suspected of copyright infringement will be paid for partially by ISPs and copyright holders, who will pay the other 75 per cent.
The decision comes as the government attempts to thrash out the details of how some parts of the controversial Digital Economy Act will actually work in practice. Minister for Communications, Ed Vaizey, said: "Protecting our valuable creative industries, which have already suffered significant losses as a result of people sharing digital content without paying for it, is at the heart of these measures. "The Digital Economy Act serves to reduce online copyright infringement through a fair and robust process and at the same time provides breathing space to develop better business models for consumers who buy music, films and books online.
(Source: Webuser)
Full story
Webuser
Monday, September 20, 2010
The 2011 Global State of Information Security Survey is a worldwide security survey by PricewaterhouseCoopers, CIO Magazine and CSO Magazine. It was conducted online from February 19, 2010 to March 4, 2010. Readers of CIO and CSO Magazines and clients of PricewaterhouseCoopers from around the globe were invited via email to take the survey. The results discussed in this report are based on the responses of more than 12,840 CEOs, CFOs, CIOs, CSOs, vice presidents and directors of IT and information security from 135 countries. Thirty-seven percent of respondents were from Asia, 30% from Europe, 17% from North America, 14% from South America, and 2% from the Middle East and South Africa. For the main finadins please click here
(Source: Price Waterhouse Coopers)
Germany is the first country to launch a large scale malware cleaning project backed by the government, Internet service providers and security companies.
The new Anti-Botnet Counseling Center (Anti-Botnet Beratungszentrum) is an organization dedicated to assisting German users with removing botnet infections from their computers. It was established with funding from the Federal Ministry of Interior and the technical assistance is provided by the Federal Office for Information Security (BSI). The initiative was announced late last year as a collaboration between the Federal Government and the German Internet Industry Association (eco).
(Source: Softpedia)
Full story
Softpedia
Thursday, September 16, 2010
Sometimes it's a story of a grown woman who has chosen prostitution as a path to a better life. More often, it's a story of a woman being forced to sell her body by a pimp. And then there are the children, and the mothers that miss them.
"They told me to look on Craigslist and it almost blew my mind," the mother of one missing 12-year-old told CNN. "She was there with a wig on. She was there in a purple negligee. The same day the woman spoke to CNN, her daughter was rescued by police at a seedy hotel near Washington where she was being sold for sex. And she's not alone. The National Center for Missing and Exploited Children's website contains thousands of posters of missing children. Many are girls, classified as "endangered runaways," and the center says more than fifty of them have been pushed into the sex trade. But that's just a snapshot, a tiny indicator of the true scale of the problem.
(Source: CNN)
Full story
CNN
An awkwardly-worded reply by Defence Secretary Liam Fox to questions in the House of Commons suggests that cuts in information security spending are not on the agenda for the Strategic Defence and Security Review (SDSR), which is due to report back in the Autumn. On the contrary, Britain is looking to boost its capabilities in the area. Cyber-security is an important element of the SDSR and has already had considerable consideration. Decisions on enhancing our capabilities will form part of the review, which we will announce to the House later this autumn.
Developing a military cyber-security policy should not be the responsibility of the Ministry of Defence alone, Fox added. Investing in better cyber-security will not be an option for the United Kingdom. What is being considered under the National Security Council as part of the SDSR is how that occurs. We will face increasing threats in cyberspace in the years ahead-the question is how we identify the weakest areas, which need to be looked at first, and how we develop the technologies so that, as the other technologies that might affect us continue to evolve, we are best protected.
(Source: The register)
Full story
The register
The Millennium Development Goals (MDGs) are a set of targets intended to reduce global poverty and improve living standards by 2015. Specific goals target education, fighting disease and promoting gender equality. Access to communications technology is a part of one of the targets. With five years to go until the deadline to achieve the goals, progress remains uneven. Some countries have achieved many of the goals, while others - mostly in the developing world - may not realise any. Many development experts question how the goals will be achieved and how they will be paid for. Some even question whether the approach is necessary or helpful.
But Dr Toure said that he believed technologies such as broadband could be used to "accelerate" progress on the goals and help countries achieve them. "Access to broadband in an affordable manner is our greatest challenge," Dr Hamadoun Toure, secretary general of the International Telecommunications Union (ITU), told BBC News.
(Source: BBC)
Full story
BBC
Tuesday, September 14, 2010
Make your password strong, with a unique jumble of letters, numbers and punctuation marks. But memorize it — never write it down. And, oh yes, change it every few months. These instructions are supposed to protect us. But they don’t.
Some computer security experts are advancing the heretical thought that passwords might not need to be “strong,” or changed constantly. They say onerous requirements for passwords have given us a false sense of protection against potential attacks. In fact, they say, we aren’t paying enough attention to more potent threats. Here’s one threat to keep you awake at night: Keylogging software, which is deposited on a PC by a virus, records all keystrokes — including the strongest passwords you can concoct — and then sends it surreptitiously to a remote location.
(Source: The New York Times)
Full story
The New York Times
Monday, September 13, 2010
ICT For Health Projects Exhibiting
27 September 2010 - 29 September 2010 Brussels, Belgium
The ICT for Health projects present at the ICT2010 conference. CD-Medics, Epilepsiae, HeartCycle, Hamam and Oldes will be exhibiting. Three eHealth related networking sessions will also take place on the following topics: Patient empowerment, EU-ASEAN Cooperation opportunities and Low-cost Imaging Technologies for Healthcare.
(Source: Europe's Information Society)
Full story
Europe's Information Society
With its millions of users, the world’s most popular social network has become a perfect target for hackers exploiting such a dense concentration of potential victims. Apart from phishing attacks or spam, which are now easily recognized by many Internet users, hackers are employing new methods, which for the moment at least, are proving to be successful. What to do if your Facebook profile has been hacked
Step 1: Firstly, remove all permissions that have been given to the malicious application. This is a simple process: from Account > Application settings in the top-right corner of your Facebook profile. This ensures that the application will not continue to have access to your profile once the password is changed.
Step 2: Change the login password! To keep your identity safe, it is advisable to change your password and the user name (it’s a good idea to do this from time to time anyway). This is also easy: Go to Account > and Account Settings in the menu in the top left corner of your Facebook profile. It is also advisable to use strong passwords that cannot easily be guessed.
(Source: Panda Security)
Full story
Panda Security
Friday, September 10, 2010
Every week, hackers are creating 57,000 new Web addresses which they position and index on leading search engines in the hope that unwary users will click them by mistake. Those who do, will see their computers infected or any data they enter on these pages fall into the hands of criminals. To do this, they use an average of 375 company brands and names of private institutions from all over the world, all of them instantly recognizable.
eBay, Western Union and Visa top the rankings of the most frequently used keywords; followed by Amazon, Bank of America, Paypal and the US revenue service. This way, when users search for these names, a link to the malicious website will appear among the first results returned. When they visit these sites, one of two things will happen: either malware will be downloaded onto the user’s computer, with or without their knowledge, or the website spoofs the appearance of a genuine page, a bank say, and users will unwittingly enter their details which will fall into the hands of criminals.
(Source: Panda Security)
Full story
Panda Security
A booby-trapped e-mail that promises free sex movies is racking up victims around the world, warn security firms. Some variants of the Windows worm contain a link to PDF that a recipient has been told to expect. Those clicking on the link get neither movies nor documents but give the malware access to their entire Outlook address book. When installed, the worm sends copies of itself to every e-mail address it can find.
The malicious e-mail messages have a subject line saying "Here you have" and contain a weblink that looks like it connects to a PDF document. Instead it actually links to a website hosting the malware.
(Source: BBC)
Full story
BBC
Thursday, September 09, 2010
While social media use has grown dramatically across all age groups, older users have been especially enthusiastic over the past year about embracing new networking tools. Social networking use among internet users ages 50 and older nearly doubled—from 22% in April 2009 to 42% in May 2010.
- Between April 2009 and May 2010, social networking use among internet users ages 50-64 grew by 88%--from 25% to 47%.
- During the same period, use among those ages 65 and older grew 100%--from 13% to 26%.
- By comparison, social networking use among users ages 18-29 grew by 13%—from 76% to 86%.
(Source: Pew Research Center)
Full story
Pew Research Center
Tuesday, July 06, 2010
The Safer Internet Forum has been organized by the Safer Internet Programme as an annual conference on safer internet issues since 2004. It brings together representatives of industry, law enforcement authorities, child welfare organizations and policy makers. The past editions of the Safer Internet Forum have welcomed guests not only from Europe, but also from countries such as Australia, Brazil or the Russian Federation.
The 2010 edition of the Safer Internet Forum will take place in Luxembourg on the 21-22 October. This year the Safer Internet Forum will focus on the results of two major research projects funded by the Safer Internet Programme: EUKidsOnline II, which surveyed children and parents in 25 European countries about internet use, and European Online Grooming Project, the first European research project that studies the characteristics and behaviour of sexual offenders who have used the internet to groom young people.
(Source: Europe's Information Society)
Full story
Europe's Information Society
A new targeted malware attack is threatening UK bank customers. Security firm Trusteer said that it has spotted a malware attack that compromises user credentials by creating a fake bank log-in page and then uses those credentials to perform an "authorised" monetary transfer. The attack is being spread through multiple infection methods, including web-based exploits and spam email attachments. Rather than aim to infect numerous systems around the world, however, the company said that the attack is specifically targeting the UK and focusing on very few banks at a time, anywhere from three to seven in a single run.
The UK is not the first country to be targeted for such attacks. Trusteer has spotted similar operations in South Africa and Germany.
(Source: v3.co.uk)
Full story
v3.co.uk
Thursday, July 01, 2010
Americans use a range of approaches to keep informed about what is happening in their communities and online activities have been added to the mix. Face-to-face encounters and phone calls remain the most frequent methods of interaction with neighbors. At the same time, internet tools are gaining ground in community-oriented communications. In a poll conducted at the end of last year, we asked about online connections to communities and neighbors and found that in the twelve months preceding our survey:
- 22% of all adults (representing 28% of internet users) signed up to receive alerts about local issues (such as traffic, school events, weather warnings or crime alerts) via email or text messaging.
- 20% of all adults (27% of internet users) used digital tools to talk to their neighbors and keep informed about community issues.
(Source: Pew Research Center)
Full story
Pew Research Center
Finland has become the first country in the world to make broadband a legal right for every citizen. From 1 July every Finn will have the right to access to a 1Mbps (megabit per second) broadband connection. Finland has vowed to connect everyone to a 100Mbps connection by 2015.
Finland's communication minister Suvi Linden explained the thinking behind the legislation: "We considered the role of the internet in Finns everyday life. Internet services are no longer just for entertainment. "Finland has worked hard to develop an information society and a couple of years ago we realised not everyone had access," she said. It is believed up to 96% of the population are already online and that only about 4,000 homes still need connecting to comply with the law.
(Source: BBC)
Full story
BBC
Thursday, June 17, 2010
New Zealand has joined a global taskforce to fight online child exploitation. Police Superintendent Win Van Der Velde today signed an agreement with the Virtual Global Taskforce (VGT) board in Rome. VGT is made up of international law enforcement agencies, and Deputy Commissioner Rob Pope said joining strengthened an already firm resolve to tackle the online abuse of children. Police will collaborate with VGT through its Online Child Abuse Exploitation Squad (OCEANZ). VGT is chaired by the Australian Federal Police.
(Source: New Zealand Herald)
Full story
New Zealand Herald
Experts from nearly 40 countries gathered in the Estonian capital Tallinn to discuss the latest issues in the fight against virtual attackers. Estonian President Toomas Hendrik Ilves opened the conference with a stark warning about the seriousness of cybercrime. "Our critical infrastructure, electricity grids, transportation networks and mobile phone networks are so enmeshed and tied to the internet that any open society is open to complete and utter failure," he said. "There are no smoking guns, no foot or fingerprints in virtual reality," Estonia's Minister of Defence Jaak Aviksoo added.
Skilled hackers at the conference said malware designed to be used in attacks could be purchased for a few hundred dollars online, or even downloaded for free.
(Source: BBC)
Full story
BBC
Wednesday, June 16, 2010
Police have arrested 178 people in Europe and the United States suspected of cloning credit cards in an international scam worth over 20 million euros ($24.52 million), Spanish police said on Tuesday. Police in fourteen countries participated a two-year investigation, initiated in Spain where police have discovered 120,000 stolen credit card numbers and 5,000 cloned cards, arrested 76 people and dismantled six cloning labs. The raids were made primarily in Romania, France, Italy, Germany, Ireland and the United States, with arrests also made in Australia, Sweden, Greece, Finland and Hungary.
(Source: Reuters)
Full story
Reuters
The sentence was announced by United States Attorney for the District of Maryland Rod J. Rosenstein, Special Agent in Charge Richard A. McFeely of the Federal Bureau of Investigation; Chief James W. Johnson of the Baltimore County Police Department; and Baltimore County State’s Attorney Scott Shellenberger.
This case was brought as part of Project Safe Childhood, a nationwide initiative to combat the growing epidemic of child sexual exploitation and abuse launched in May 2006 by the Department of Justice. Led by United States Attorneys’ Offices and the Criminal Division's Child Exploitation and Obscenity Section (CEOS), Project Safe Childhood marshals federal, state, and local resources to better locate, apprehend, and prosecute individuals who exploit children via the internet, as well as to identify and rescue victims.
(Source: Baltimore FBI)
Full story
Baltimore FBI
Thursday, June 10, 2010
Federal chief information officers and chief information security officers will convene Monday, June 14, at an annual information technology conference where they are sure to discuss the Office of Management and Budget's mandate to look toward cloud computing to cut IT costs, increase efficiencies and enable greater government-wide collaboration and data exchange. In examining the potential benefits and vulnerabilities of moving their services to the cloud, government CIOs and CISOs should ask and demand answers to some difficult questions.
Does your provider ensure the confidentiality, integrity and availability with mature processes, proof of past performance, understanding of and mechanisms for disaster recovery options, and encrypted backups?
(Source: GovInfo Security)
Full story
GovInfo Security
Driven by the popularity of online video among 18-29 year-olds, there have been dramatic increases since 2007 in the number of American adults watching:
- Comedy or humorous videos, rising in viewership from 31% of adult internet users in 2007 to 50% of adult internet users in the current survey
- Educational videos, rising in viewership from 22% to 38% of adult internet users
- Movies or TV show videos, rising in viewership from 16% to 32% of adult internet users
- Political videos, rising in viewership from 15% to 30% of adult internet users
One in seven adult internet users (14%) have uploaded a video to the internet, almost double the 8% who were uploading video in 2007. Home video is far and away the most popular content posted online, shared by 62% of video uploaders. And uploaders are just as likely to share video on social networking sites like Facebook (52% do this) as they are on more specialized video-sharing sites like YouTube (49% do this).
(Source: Pew Research Center)
Full story
Pew Research Center
Sixty-eight percent of service providers say outbound spam costs them up to $100,000 per year, according to a new research study by industry analyst firm Osterman Research and Commtouch. Some key findings from the research include:
- 68 percent of service providers say outbound spam costs them up to $100,000 per year; 4 percent said it is costing them more than $250,000 per year. Costs due to outbound spam include such things as IT helpdesk and anti-abuse team time.
- Almost 40 percent of respondents have had their IP addresses listed on Real Time Blackhole Lists (RBLs) in the past 12 months alone. RBLs are published lists of the addresses of computers or networks known to be sending out spam. A service provider may be blacklisted as a result of outbound spam, and thus have its customers legitimate email blocked by other service providers.
- Nearly 70 percent of service providers are in the process of evaluating solutions for their outbound spam problem. 50 percent expect to deploy a solution within the next 12 months.
(Source: Security Matters)
Full story
Security Matters
Thursday, June 03, 2010
The 12th International Conference on e-Health Networking, Application & Services aims to bring together interested parties from around the world working in the healthcare field to exchange ideas, to discuss innovative and emerging solutions and to develop collaborations. Participants include clinicians, hospital administrators, IT professionals, researchers, educators, healthcare solutions vendors, and consultants. It will also offer an important forum for discussions on e-Health projects supported by world bodies such as ITU, WHO and the EU, including FP6 and FP7 European projects.
(Source: IEEE Communications Society)
Full story
IEEE Communications Society
With over 3.4 million users of the internet in Kenya, research indicates that the importance of the internet outstrips those of several key developed countries. Even so, the latent demand for local content is underlined by the fact that surveys show that lack of local content is the main reason many Kenyans shy away from accessing the internet. On the launch of the grant facility, the CEO, Kenya ICT Board Paul Kukubo, commented, “We are pleased that we are launching this grant at a time that the ICT industry is growing and access to the internet all over the country has vastly improved.
The future for content industry is bright. Talent, creativity and skills are key drivers of competitiveness in the content sector and we expect that this grant will enable Kenyans everywhere to develop world class locally relevant content and get this industry to rapidly match the lucrative opportunities for talented content developers in developed nations.”
(Source: Afrinnovator)
Full story
Afrinnovator
Wednesday, June 02, 2010
In Africa, few countries have started their security project and fulfilled some good steps; other countries have now started implementing national mechanisms for combating cybercrime and other related threats; however, a sizeable number of African countries still do not have a strategic plan and are unable to start their first actions. These countries need to be assisted and supported, through guidance and advisory services as well as experience and information sharing with others. Knowledge and information sharing is indeed the missing link at the moment.
CERT-AFRICA is ultimately the resource outlet that will help security experts to share and enhance collaboration to address security threat by connecting leading African security experts and bringing them around a common project. While CERT-AFRICA will be inward looking for its activities, it will also be a conduit for connecting African countries to ongoing efforts within international instances such as the FIRST, the ITU, ICANN, UNCTAD, OIC, etc.
(Source: CERT Africa)
Full story
CERT Africa
The number of internet threats coming from the UK has increased in May, according to research by managed security firm, Network Box. The UK is now responsible for nearly six (5.9) per cent of the world’s internet viruses, up from three per cent in April. The only countries that produce more viruses than the UK are Korea (16.26 per cent) and the US (11.68 per cent). The US and India continue to dominate the production of the world’s spam, with the US producing 10.7 per cent, and India 7.1 per cent (similar figures from last month).
Russia has seen a decline in viruses produced from within its borders – possibly an early result of Russian hosting service, PROXIEZ-NET – notoriously used by criminal gangs – being taken down earlier this month.
(Source: Network Box)
Full story
Network Box
Internet security firm Sophos has warned Facebook users to be on the alert for a scam which sends a spam message to all of their friends on the social network. Sophos, in a pair of blog posts late Monday, said "hundreds of thousands" of Facebook users have fallen for the scam which it dubbed "likejacking." It said some Facebook users had received a message such as "This man takes a picture of himself EVERYDAY for 8 YEARS!!" and were encouraged to click on a link. "This of course posts a message to your newsfeed, your friends see it and click on it, and so it spreads," Sophos said.
That followed a similar scam that spread on Facebook the week before involving a fake posting tagged as the "sexiest video ever," according to Sophos.
(Source: AFP)
Full story
AFP
Monday, May 31, 2010
With the threat of cyber wars lurking, the International Telecommunications Union (ITU), a United Nation's arm, has asked countries to take the ‘no-first-attack' vow in order to avert chain of events. “There have been countries at (cyber) war already. A wrong attack could lead to a chain of events. Like they do with regard to nuclear arms, the countries should take a vow that they would not attack first,” Mr Hamadoun Toure, Secretary-General of ITU, said.
“We need to have an international framework to make cyber space peaceful. Some say, it might take 10 years. Even if it takes that long, we need to start now (to get there),” he said. “It will be like a cyber tsunami. It would be a catastrophe if a war were to start. In order to achieve a secure cyber space, countries should have a legal and regulatory framework, technological readiness (with a robust response team), a coordinated national effort and capacity building,” he said.
(Source: Business Line)
Full story
Business Line
According to the latest data by Trend Micro, a leading Internet security company, more than 2 million computers were hacked and 476 million spam e-mails were sent in Turkey between June 2009 and May 2010. With Internet an increasingly integral part of daily life, criminals are finding new playgrounds in cyberspace.
In 2004 there were 680 million Internet users and 3 million malwares globally. Six years later, the number of Internet users increased to around 1.7 billion, but malwares jumped 10-fold to 30 million. The nature of the Internet also makes it harder to track down a criminal of cyber crime, as it crosses borders and is hard to understand. “It is not like a bank robbery. There is no eyewitness or video footage,”
(Source: Hurriyet Daily News)
Full story
Hurriyet Daily News
Friday, May 28, 2010
"People that play these fast-paced games have better vision, better attention and better cognition," said Daphne Bavelier, an assistant professor in the department of brain and cognitive science at the University of Rochester. Bavelier was being a presenter at Games for Learning, a daylong symposium on the educational uses of video games and computer games. The event, the first of its kind, was an indication that electronic games are gaining legitimacy in the classroom.
President Barack Obama recently identified the creation of good educational software as one of the "grand challenges for American innovation," and the federal Department of Education's assistant deputy secretary for the Office of Innovation and Improvement, Jim Shelton, was to attend Thursday's conference. Panelists were to discuss how people learn and how games can be engineered to be even more educational. "People do learn from games,"
(Source: AP)
Full story
AP
A few weeks ago I came across several email messages in Spanish purporting to have been sent by Western Union: As you can see, this is a typical message sent as spam that we have seen in many guises. It tries to pass itself off as some kind of official notification from well-known companies -anyone from UPS to Apple or even Panda- with the real aim of trying to trick users into running the attached file. However, this time when I saw the message I couldn’t help but smile. Why? Because I thought there was a certain irony about the message claiming to have been sent by Western Union, a company used by virtually all cyber-criminals.
Should we be pointing an accusatory finger at companies like Western Union? There are those who would argue that this is like criminalizing the Internet just because there are users that abuse its services. Fair enough. But if Western Union is just like any other company, why is it used so insistently by criminals?
(Source: PandaLabs)
Full story
PandaLabs
Thursday, May 27, 2010
On 23 November 2010 the Belgian Privacy Commission will organize an international conference on privacy and scientific research. The conference will take place in the context of the 2010 Belgian EU presidency and focuses on several target groups, first of all the European data protection authorities, but also national and international academics and researchers. Two areas of scientific research will be examined: historical and clinical-medical research. The conference is primarily intended as a discussion forum on best practices in both areas. That is why workshops will be organized alongside the traditional plenary sessions.
"Privacy & Scientific Research: from Obstruction to Construction" was opted for as the working title of the conference, the objective of the event being a reflection on how to integrate privacy protection in scientific research without making it an obstacle. And what's more, the quality of research will only be improved thanks to privacy protection.
(Source: Commission For The Protection Of Privacy)
Full story
Commission For The Protection Of Privacy
It might go against conventional wisdom, but a new report from the Pew Internet & American Life Project is adding fuel to the argument that young people are fast becoming the gurus of online reputation management, especially when it comes to social networking sites. Among other things, the study found that they are most likely to limit personal information online — and the least likely to trust free online services ranging from Facebook to LinkedIn and MySpace.
Marlene McManus, 21, is among those young adults. On the job hunt since graduating from Clark University in Massachusetts, she's been "scouring" her Facebook page, removing photos that contain beer cups and any other signs of college exploits. She's also dropped Twitter altogether. "I have to present a public face that doesn't have the potential to hurt my image," McManus says.
(Source: AP)
Full story
AP
Wednesday, May 26, 2010
CYBER-GEDDON has been overhyped, but IT security professionals need to find new ways of dealing with the never-ending threats, says Scott McIntyre, chief security officer for Amsterdam-based ISP XS4ALL Internet. "The sky is not falling, the situation is not as bad as many make out, but we need to accept that the internet has been 'pwned' (compromised or controlled by rivals)," he told the AusCERT 2010 conference on the Gold Coast last week. "We need to maintain a sense of proportion and adjust our expectations about internet security,"' he said.
"Not everything that happens is a major crisis, you don't need huge cyber bunkers because there's a worm on the network -- this should be your daily routine by now." Mr McIntyre, who is also a member of the Dutch computer security incident response team KPN-CERT, said the industry was stuck in "a weird loop of going backwards and forwards" on the same issues.
(Source: The Australian)
Full story
The Australian
Facebook Chief Executive Mark Zuckerberg said the Internet social network will roll out new privacy settings for its more than 400 million users, amid growing concerns that the company is pushing users to make more of their personal data public. "Many of you thought our controls were too complex," said Zuckerberg in an opinion piece published on Monday in The Washington Post.
"Our intention was to give you lots of granular controls; but that may not have been what many of you wanted. We just missed the mark," said the 26-year-old Zuckerberg, who co-founded Facebook in his Harvard dorm room in 2004. In the coming weeks, Zuckerberg promised, Facebook will add privacy controls that he said would be much simpler to use. Facebook will also give users an easy way to turn off all third-party services, Zuckerberg said.
(Source: Reuters)
Full story
Reuters
Malaysia’s Information Communication and Culture Minister, Datuk Seri Dr Rais Yatim, said that the country plans to work in collaboration with a number of countries in the fight against cyber crime. “The rise in cyber security attacks over the last few years reinforces the urgency to address the issue through the establishment of appropriate global frameworks for assessment and exchange of information related to cyber security,” he said at the opening of the World Information and Communication Summit in Seoul.
Last year the International Multilateral Partnership Against Cyber Threats (IMPACT) opened its global headquarters in Cyberjaya, Malaysia. IMPACT is a platform for governments and industry players to exchange ideas and best practices and work together in combating cyber threats.
(Source: Malaysia In Focus)
Full story
Malaysia In Focus
Friday, May 21, 2010
Carders.cc, a German online forum dedicated to helping criminals trade and sell financial data stolen through hacking, has itself been hacked. The once-guarded contents of its servers are now being traded on public file-sharing networks, leading to the exposure of potentially identifying information on the forum’s users as well as countless passwords and credit card accounts swiped from unsuspecting victims.
The breach involves at least three separate files being traded on Rapidshare.com: The largest is a database file containing what appear to be all of the communications among nearly 5,000 Carders.cc forum members, including the contents of private, one-to-one messages that subscribers to these forums typically use to negotiate the sale of stolen goods. Another file includes the user names, e-mail addresses and in many cases the passwords of Carder.cc forum
(Source: Krebs on Security)
Full story
Krebs on Security
The UAE can lead international efforts to promote global cyber security and cyber peace and to avoid the use of cyberspace for conflict, said a former senior White House adviser on Tuesday. "The UAE can play a leading role in creating an international system for cyber peace. You can do that not just by computers. But you can do that by strategists and diplomats. And there is a great role for the UAE to play in helping the world step back from cyber war to create an international system for cyber peace," said Richard Clarke, who served as a counterterrorism adviser to Presidents Bill Clinton and George W. Bush.
Warning that cyber war is the next threat to UAE national security, Clarke argued physical defences akin to borders such as firewalls will remain essential, but given the high levels of cross-border connectivity in cyber world, new approaches for cyber security must include the international diplomatic dimension.
(Source: Gulf News)
Full story
Gulf News
Wednesday, May 19, 2010
Du 17 au 21 mai 2010 se tient à Ouagadougou un atelier sur la cybersécurité. Avec comme objectif de former les acteurs chargés de la sécurisation du cyberespace à la lutte efficace contre les cybermenaces, cette session connaît la participation de délégués de la Côte d’Ivoire, du Ghana, du Mali et du Nigeria. Les travaux dudit séminaire ont été ouverts par le Secrétaire général du Premier ministère, Paul Marie Compaoré.
Face aux spams, scams, virus, vers et autres cyberattaques, il est plus qu’urgent de développer des stratégies et des dispositifs de pointe à même de sécuriser les systèmes du cyberespace en le protégeant de toutes ces cybermenaces. C’est dans cette optique que l’Union internationale des télécommunications (UIT), en partenariat avec IMPACT et l’Autorité de régulation des communications électroniques (ARCE) du Burkina, organise du 17 au 21 mai 2010, un atelier sur la cybersécurité.
(Source: Le Faso)
Full story
Le Faso
Tuesday, May 18, 2010
Phishing may not be the most sophisticated form of cyber crime, but it can be a lucrative trade for those who decide to make it their day jobs. Indeed, data secretly collected from an international phishing operation over 18 months suggests that criminals who pursue a career in phishing can reap millions of dollars a year, even if they only manage to snag just a few victims per scam.
Phishers often set up their fraudulent sites using ready-made “phish kits” — collections of HTML, text and images that mimic the content found at major banks and e-commerce sites. Typically, phishers stitch the kits into the fabric of hacked, legitimate sites, which they then outfit with a “backdoor” that allows them to get back into the site at any time.
(Source: Krebs on Security)
Full story
Krebs on Security
Thousands of people have paid tribute on Facebook to an Australian teenager allegedly lured to her death by a man she met on the social networking site. The body of Nona Belomesoff was found two days after she went on a trip with the man, who told her they were going to rescue injured animals, police say. A 20-year-old man has been charged with Ms Belomesoff's murder at a creek south of Sydney.
Detectives say the case reinforces the need for vigilance when using Facebook. Ms Belomesoff, 18, is believed to have befriended Christopher James Dannevig, who police say set up a fake Facebook profile in which he claimed to work for an animal welfare group.
(Source: BBC)
Full story
BBC
Friday, May 14, 2010
Researchers at Imperva have discovered an 'experimental' botnet that uses around 300 hijacked web servers to launch high-bandwidth DDoS attacks. The servers are all believed to be open to an unspecified security vulnerability that allows the attacker, who calls him or herself 'Exeman', to infect them with a tiny, 40-line PHP script. This includes a simple GUI from which the attacker can return at a later date to enter in the IP, port and duration numbers for the attack that is to be launched. Building a Secure and Compliant Windows Desktop: Download nowBut why servers in the first place? Botnets are built from PCs and rarely involve servers.
According to Imperva's CTO, Amachai Shulman, they have no antivirus software and offer high upload bandwidth, typically 10-50 times that of a consumer PC.
(Source: Networkworld)
Full story
Networkworld
For all the Twitterers who were fretting about where their followers went earlier today, fear not. They're back. Twitter engineers have corrected a bug that was messing with users' followers on Monday. To fix the problem, Twitter engineers had to reset users' followers/following numbers to zero for a while around midday, according to Twitter's Status update.
"What we really see with social networking is that for any given tool, whether it's Twitter, Facebook or any other site, there is a hard core of very active users who care a lot about any problems, changes, or interruptions. These people are very vocal and opinionated -- passionate, in other words."
(Source: ComputerWorld)
Full story
ComputerWorld
Monday, May 10, 2010
With the 2010 FIFA World Cup less than two months away, cybercriminals (as expected) are banking on this prestigious international football event to trick users. TrendLabsSM spotted the latest threat involving this, and it came in the form of an email message currently being spammed in the wild.
The spam carried a .PDF file attachment which was found to contain details about the lottery the recipient allegedly won. It also instructed the recipient to give out personal information and send them to the contact person or email sender before the prize could be claimed. What was interesting about the purported sender of the email—one Mrs. Michelle Matins, Executive Vice President—was also the signatory for the 419 scam, aka the Nigeria scam.
(Source: Trend Micro)
Full story
Trend Micro
Cybersecurity needs a global rethink, and fast, Dell's CEO Michael Dell and Services CIO, Jim Stikeleather, have warned experts at the EastWest Institute Worldwide Cybersecurity Summit in the US. In separate presentations and briefings, the men developed the theme of piecemeal reactions to the rapid rise of crymber-criminality, which included economic crime and direct threats to critical infrastructure.
Governments haven't done enough and have fallen into the trap of seeing matters in a narrow, national way. Meanwhile, the security industry has been content to sell products without asking whether security was properly embedded into the way products are developed. "Governments and private industry need to work collaboratively to develop the appropriate international framework to secure cyberspace. We should all do this in a way that keeps our global information central nervous system intact and secure," said Michael Dell.
(Source: MIS Asia)
Full story
MIS Asia
Friday, May 07, 2010
As much heat as Facebook has taken recently for its privacy policies and the freedom with which it shares data across the Web and around the world, Facebook is still not the biggest threat to online privacy--you are. A study by Consumer Reports illustrates that users are really their own worst enemy when it comes to online privacy.
Here are some of the key findings of the Consumer Reports survey: • A projected 1.7 million online households had experienced online identity theft in the past year. • An estimated 5.4 million online consumers submitted personal information to e-mail (phishing) scammers during the past two years. • Among adult social network users, 38 percent had posted their full birth date, including year. Forty-five percent of those with children had posted their children's photos. And 8% had posted their own street address. • An estimated 5.1 million online households had experienced some type of abuse on a social network in the past year, including malware infections, scams, and harassment.
(Source: PC World)
Full story
PC World
Cybersecurity experts from around the world meeting on ways to protect the Internet say they still have fears of "nightmare" scenarios in which attacks could cripple critical computer networks. "I live in a world of nightmares," Patrick Pailloux, director general of France's Network and Information Security Agency, told participants in the first Worldwide Cybersecurity Summit which ended on Wednesday. "Each subject is a nightmare: electricity, power grids, transportation, airplanes, water supply, finance, the banking system, the health system,"
Pailloux said. Pailloux was among the 400 participants from 40 nations who attended the meeting hosted by the EastWest Institute think tank to come up with ways to protect the world's digital infrastructure from cyber threats. The cybersecurity experts, government officials and business leaders agreed that only global cooperation could protect computer networks under constant attack from ever mutating viruses, worms, spam and a host of other dangers.
(Source: AFP)
Full story
AFP
Tuesday, May 04, 2010
Websites operated by the US Treasury Department are redirecting visitors to websites that attempt to install malware on their PCs, a security researcher warned on Monday. The infection buries an invisible iframe in bep.treas.gov, moneyfactory.gov, and bep.gov that invokes malicious scripts from grepad.com, Roger Thompson, chief research officer of AVG Technologies, told The Register. The code was discovered late Sunday night and was active at time of writing, about 12 hours later.
To cover their tracks, the miscreants behind the compromise tailored it so it attacks only IP addresses that haven't already visited the Treasury websites. That makes it harder for white hat-hackers and law enforcement agents to track the exploit. Indeed, Thompson initially reported that the problem had been fixed until he discovered the sites were merely skipping over laboratory PCs that had already encountered the attack.
(Source: The Register)
Full story
The Register
Monday, May 03, 2010
A new international research report commissioned by ACCAN reports on 16 high-speed broadband applications that can provide enormous benefits to people with disabilities. The report was conducted between November 2009 and January 2010 and discusses the uses of broadband applications in Europe, the United States and Japan. The study is also timely with regard to the work being undertaken to establish the National Disability Strategy. Preliminary findings from the study have resulted in input being provided to the Department of Broadband, Communications and the Digital Economy for its involvement in the Inter-Departmental Committee on the National Disability Strategy.
(Source: Australian Communications Consumer Action Network)
Full story
Australian Communications Consumer Action Network
Cisco Systems has embarked on a "take back and recycle" program, to ensure that consumers in Africa do not use phased-out equipment. The program takes used Cisco gear as well phased-out products that may still be sitting on resellers' shelves. Cisco has already indicated that it is phasing out the Linksys brand, which is common in Africa. "The Computer For Schools Kenya (CFSK) plant can handle large quantities of e-waste in a day; has employed young people and its important for equipment manufacturers and vendors in the region to work with communities,"
While the Cisco program may save customers the cost of managing and storing excess, outdated, or used ICT equipment, most such equipment on the continent is dumped is sold at low cost -- in some cases the equipment works, making cost-conscious customers consider buying obsolete equipment.
(Source: ComputerWorld Kenya)
Full story
ComputerWorld Kenya
Friday, April 30, 2010
A new research report on online government from the Pew Research Center’s Internet & American Life Project shows that citizens are searching for information in unprecedented numbers. When they visit sites, they're increasingly making transactions and participating in discussion around policies. Forty-one percent have gone online to get forms, including tax forms, health forms or student aid forms, and 35 percent have researched government documents or statistics. Roughly one-third of all Internet users reported renewing driver's licenses and auto registrations online. In general, the use of government websites for information and transactions is nearly ubiquitous among Internet users, with 82 percent of online adults surveyed reporting one of the two activities.
(Source: Pew Research Center)
Full story
Pew Research Center
European ministers are considering establishing a new agency that would tie together law enforcement agencies and other entities dedicated to fighting cybercrime. The ministers released a set of goals they'd like to achieve over time. One of those is to gain more ratifications of the Council of Europe's Cybercrime Convention, the only international treaty covering computer crime. The treaty requires countries to adopt cybercrime laws, have contacts available 24 hours a day for fast-breaking investigations and other measures. Another medium-term goal focuses on revocation of domain names and IP (Internet protocol) addresses. The document doesn't spell out exactly the ministers' objectives there, as it is already standard procedure for many ISPs to shut down Web sites linked with bad behavior. The new agency would also be tasked with forging stronger bonds between various law enforcement and other organizations that deal with cybercrime, including Europol, Eurojust, Interpol and others.
(Source: ComputerWorld)
Full story
ComputerWorld
Thursday, April 29, 2010
Many of us take the Internet for granted, but what about locations that are too remote or economically impoverished to enjoy the hi-tech benefits of the developed world? The Shadow Chancellor in the UK, George Osborne, illustrated in a recent speech that people in the developing world - even in the poorest of circumstances - do care about having access to technology.
In a visit to a remote village in Rwanda in 2007 he and 40 other Conservative Party volunteers were working on transforming a once derelict orphanage into a school. When it was announced that they were going to fix up the buildings and improve the water supply there were cheers from the villagers, but the loudest shouts were received when it was announced that the school was to be equipped with a computer. Osborne was at first surprised with the reaction - access to a computer is not a fundamental of life. But even villagers in the remotest part of Rwanda knew about computers and the Internet and didn't want their children to be excluded - as they had been - from something that could help lift them out of poverty.
(Source: All Africa)
Full story
All Africa
The German government is planning to establish a botnet cleanup helpline for computer users affected by malware infection. ISPs are teaming up with the German Federal Office for Information Security (BSI) to set up an operation geared towards cleansing consumer systems from botnet infestation. ISPs will track down infected machines, before directing users towards a website offering advice and an associated call centre, staffed by around 40.
The project, due to start in 2010, was announced on Tuesday at the German IT summit in Stuttgart. Malware in general, and botnets in particular, are a Windows ecosystem problem. Some bloggers have taken exception to the German plan, and have described it as a state funded subsidy to Microsoft, arguing that the money would be better spent offering advice on how to switch to less virus-infected systems.
(Source: The Register)
Full story
The Register
Wednesday, April 28, 2010
Attorney General of the Federation (AGF), Mohammed Bello Adoke, has called for the establishment of computer forensic laboratories across the country either on zonal or state basis. The AGF said that the yet to be established laboratories would be federally funded and managed by government agency that would be designed to work closely with the military, police, paramilitary, state security service and all state and local law enforcement agencies.
The director, Digital Evidence and Cyber Forensic Institute, Arinze Emeka said the study on forensic analyses has become more important because present state of global technology. "You cannot do anything today without the use of the communication network. Before now, we have been used to the analog way of doing things. Virtually all functions of government in whatever manner they operate through the cyber space," he said.
(Source: NGR Guardian News)
Full story
NGR Guardian News
Blippy, a social networking site that allows users to share their purchases and discuss shopping with others, will revamp its security plans and hire a Chief Security Officer after an embarrassing incident in which the site accidentally published a few of its members' credit card numbers on Google.
Blippy Co-founder and CEO Ashvin Kumar said in a blog post this week that the slip-up occurred as a result of a technical oversight back in February that caused raw transaction data to appear within the HTML code on some Blippy pages for about half a day. Kumar said Blippy executives have hammered out a security plan that aims to prevent further security missteps. It includes hiring a Chief Security Officer and associated staff that will focus solely on issues relating to information security. Blippy will also undergo regular 3rd-party infrastructure and application security audits and create a security and privacy center, in addition to other measures included in the plan.
(Source: ComputerWorld)
Full story
ComputerWorld
Tuesday, April 27, 2010
Four U.S. senators want Facebook to make it easier for its more than 400 million users to protect their privacy as the website develops new outlets to share personal information. It marks the second time in the past three days that Schumer has expressed his misgivings about a series of changes that Facebook announced last week. The new features are designed to unlock more of the data that the online hangout has accumulated about people during its six-year history.
Schumer sent a letter Sunday to the Federal Trade Commission calling for regulators to draw up clearer privacy guidelines for Facebook and other Internet social networks to follow. The political pressure threatens to deter Facebook's efforts to put its stamp on more websites, a goal that could yield more moneymaking opportunities for the privately held company. Facebook's expansion "raises new concerns for users who want to maintain control over their information," the senators wrote in their preliminary draft.
(Source: AP)
Full story
AP
This paper presents the findings from the 2nd Global Annual Symposium on DNS Security, Stability and Resiliency, conducted 1-3 February 2010 at Kyoto University in Kyoto, Japan. Program committee members chose to focus this year's conference on the theme of measuring the health of the DNS. As the entire Internet relies daily on the DNS, understanding its health – both at a given instant and as it changes over time – is critical for being able to reasonably predict the DNS's health outlook and to decide whether to take corrective measures.
The Symposium endeavored to analyze the state of understanding DNS health, the key vital signs for the DNS and how the community might approach improving measurement and assessment of DNS health.
(Source: ICANN)
Full story
ICANN
Monday, April 26, 2010
"A hacker who calls himself Kirllos has obtained and is now offering to sell 1.5 million Facebook IDs at astonishingly low prices — $25 per 1,000 IDs for users with fewer than 10 friends and $45 per 1,000 IDs for users with more than 10 friends. Looking at the numbers, Kirllos has stolen the IDs of one out of every 300 Facebook users. Quoting: 'VeriSign director of cyber intelligence Rick Howard told the New York Times that it appeared close to 700,000 had already been sold. Kirllos would have earned at least $25,000 from the scam. Howard told the newspaper that it was not apparent whether the accounts and passwords were legitimate, but a Russian underground hacking magazine reported it had tested some of Kirllos' previous samples and managed to get into people's accounts.'"
(Source: Slashdot)
Full story
Slashdot
History was made the other evening when the UK's three wannabe prime ministers took centre stage for a TV debate. This was the culmination of weeks of rehearsals, practice runs and body language training. But what if I then tell you that every mobile phone call made by one of the campaign teams preparing for this TV event was secretly recorded and analysed, enabling their rival to understand everything from the campaign strategy through to the likely rebuttal to a particular question? Illegal? Of course. Farfetched? No longer. The past few months has seen the mobile phone industry thrown into turmoil as the computer hacking community has carried out successful attacks against mobile phone call security. I wrote an article about such a hack a while back, but at that point it remained a theory rather than a practical way to listen into mobile phone calls.
(Source: IT Director)
Full story
IT Director
Friday, April 23, 2010
Facebook brings families closer together. But as with any medium, Facebook is sometimes abused, occasionally to damaging effect. The Facebook Privacy Settings options let you control who has access to your personal information. The page includes a Block List that prevents contact with the people and e-mail addresses you specify without their knowledge.
The Safety for Parents section of the Safety Center describes what to do if your child views inappropriate content on a Facebook page, how to help a child report abusive conduct, and how to delete an account of a child under the age of 13. Much of the information in this section parrots the entries on the Safety for Teens page, but it does include links to in-depth articles by Common Sense Media on security for teens online.
(Source: CNet News)
Full story
CNet News
Attackers have begun exploiting a design flaw in Adobe's PDF format to spread the Zeus botnet, only days after the publication of a proof-of-concept exploit for the flaw, according to security researchers.
On Wednesday, researchers at M86 Security said they had discovered emails claiming to originate from Royal Mail with PDF attachments exploiting the flaw. The attachment attempts to run an executable file that installs the Zeus Trojan on a user's system. Zeus attempts to steal banking information by logging a user's keystrokes. It also attempts to make a user's system part of the Zeus botnet.
(Source: ZDNet)
Full story
ZDNet
Thursday, April 22, 2010
The government is expanding its scholarship program for students in cybersecurity fields. About 108 universities participate in the 9-year-old Scholarship for Service program, which covers up to two years of tuition in exchange for two years of federal service. More schools, including community colleges, will be added in June, White House cybersecurity coordinator Howard Schmidt said Tuesday at the Interagency Resources Management Conference.
The expansion will be announced at the annual Colloquium for Information Systems Security Education — a conference that brings together academic, government and industry cybersecurity professionals — in June in Baltimore, Schmidt said.
(Source: Federal Times)
Full story
Federal Times
Patients whose medical identities are stolen face serious lingering effects. Fraudulent healthcare events can leave erroneous data in medical records. This erroneous information–like information about tests, diagnoses and procedures–can greatly affect future healthcare and insurance coverage and costs. Patients are often unaware of medical identity theft until a curious bill or a surprising line of questioning by a doctor exposes the issue. Then, the burden of proof is often with the patient and it can be difficult to get the patient’s legitimate medical records cleaned up. The consequences can also be life threatening and can lead to serious medical errors and fatalities.
1. Get a credit freeze and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
2. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk.
(Source: Infosec Island)
Full story
Infosec Island
Wednesday, April 21, 2010
Google is investigating a growing number of reports that hackers are breaking into legitimate Gmail accounts and then using them to send spam messages. The problem started about a week ago but seems to have escalated over the past few days.
"The Gmail team takes security very seriously and is investigating the reports we've seen in our user forums over the past few days," Google said Tuesday in an e-mailed statement. "We encourage users who suspect their accounts have been compromised to immediately change their passwords and to follow the advice at the following page: http://www.google.com/help/security/." Gmail accounts are often compromised after phishing attempts or via malicious programs, which can seek out and log online credentials from a hacked computer.
(Source: ComputerWorld)
Full story
ComputerWorld
Text messaging rises sharply among teens and is now their most frequent form of communication with friends. 72% of those ages 12-17 now are texters and the average young text user exchanges 1,500 texts per month.
Cell phones are mixed blessing to American families, bringing safety and connection along with disruption and irritation. Daily text messaging among American teens has shot up in the past 18 months from 38% of teens texting friends daily in February of 2008, to 54% of teens texting daily in September 2009. In fact, text messaging has become the most frequent way that teens reach their friends, surpassing face-to-face meetings, email, instant messaging and voice calling as a daily communications tool. However, cell phone calling is still the preferred mode that teens use to connect with their parents.
(Source: Pew Research Center)
Full story
Pew Research Center
Tuesday, April 20, 2010
A new type of malware infects PCs using file-share sites and publishes the user's net history on a public website before demanding a fee for its removal. The Japanese trojan virus installs itself on computers using a popular file-share service called Winni, used by up to 200m people. It targets those downloading illegal copies of games in the Hentai genre, an explicit form of anime. Website Yomiuri claims that 5500 people have so far admitted to being infected.
"If you find you are getting pop-ups demanding payments to settle copyright infringement lawsuits, ignore them and use a free online anti-malware scanner immediately to check for malware," said Mr Ferguson.
(Source: BBC)
Full story
BBC
Police hunting a hacker who had attacked a US school's systems found themselves cornering a "very intelligent" 9 year old instead, it has emerged. When passwords for teachers at Spring Hill Elementary, Virginia, were changed without authorisation the school board initially thought a hacker had broken into the school district's Blackboard system. Police were called in to investigate in mid-March and were quickly able to trace the incident back to a PC at the home of a 9 year-old school student.
The youngster's mother was initially chief suspect in the hack but after speaking to her and and her son police came to the surprising conclusion that they were dealing with a 'kindergarden' hacker.
(Source: The Register)
Full story
The Register
Monday, April 19, 2010
A computer security researcher has released a plugin for Firefox that provides a wealth of data on Web sites that may have been compromised with malicious code. The plugin, called Fireshark, was released on Wednesday at the Black Hat conference. The open-source free tool is designed to address the shortcomings in other programs used to analyze malicious Web sites, said Stephan Chenette, a principal security researcher at Websense, which lets Chenette develop Fireshark in the course of his job. Hackers often target legitimate Web sites with code that can either infect a machine with malicious software or redirect a user to a bad Web page.
(Source: InfoWorld)
Full story
InfoWorld
Is it cyberbullying if kids post mean comments and then say they were “just joking”? Is it wrong for a boy to pressure his girlfriend to send racy text messages? For teenagers, these questions don’t necessarily have clear answers. Associated Press MTV is trying to get teens themselves to support each other in standing up to behavior that crosses over into “digital abuse” — use of technologies such as texting and social networking to bully, harass and intimidate people.
The network introduced a new online tool called Over the Line this week that allows young people to post about their problem and have peers say whether the behavior is acceptable. The posts and comments are moderated, to make sure bullying doesn’t become a problem in the tool itself.
(Source: The Wall Street Journal)
Full story
The Wall Street Journal
Friday, April 16, 2010
The report, from researchers at the University of California, Berkeley and the University of Pennsylvania, is among the first quantitative studies looking at young people's attitudes toward privacy as government officials and corporate executives alike increasingly grapple with such issues.
Among the findings:
• Most people — 86 percent — believe that anyone who posts a photo or video of them on the Internet should get their permission first, even if that photo was taken in public. Among young adults 18 to 24, 84 percent agreed — not far from the 90 percent among those 45 to 54.
• Forty percent of adults ages 18 to 24 believe executives should face jail time if their company uses someone's personal information illegally — the same as the response among those 35 to 44 years old.
(Source: AP)
Full story
AP
Africa's spending in IT security has risen and is expected to continue growing as more people access affordable connectivity and companies embrace smartphones and social media in work places. According to IDC, Africa's IT spending is high compared to the GDP, with South Africa leading with IT security spending of 3.8 percent of its GDP. Mauritius, Morocco spend 1.1 percent of GDP on IT security while Egypt, Kenya, Nigeria, Tanzania and Ethiopia spend less than 1 percent.
"The focus from criminals is to steal data and monetize that; they blend their attacks across multiple vectors; URL lists and signature based security mechanisms cannot keep up with zero-day threats," said Mike Hibbert, director for Websense in Africa.
(Source: IDG Magazines)
Full story
IDG Magazines
Thursday, April 15, 2010
Microsoft today patched 25 vulnerabilities in Windows, Exchange and Office, including nine marked "critical," the company's highest threat ranking. But researchers were unanimous in urging users to immediately apply two of the 11 updates, which address major bugs in Windows Media Player and an important video file format, to block drive-by attacks that will quickly spread on the Web.
The patches also fixed eight flaws pegged as "important," the next-lowest step in Microsoft's four-stage scoring system, and another eight tagged as "moderate." Five of today's 11 update packages were marked critical, while five were labeled important and the remaining one as moderate. Security experts directed users' attention to a pair of updates that addressed issues in Windows' media infrastructure.
(Source: ComputerWorld)
Full story
ComputerWorld
Facebook is employing aggressive legal means in combination with technical measures in order to stop hackers from abusing its social-networking site, according to its chief security officer, Max Kelly. Facebook Chief Security Officer Max KellyThe company is constantly under fire from hackers trying to spam its 400 million registered users, harvest their data or run other scams. Facebook's security team started off with just a few people, said Kelly, who began working at Facebook in 2005 after a stint as an FBI computer forensic analyst.
As many as 10% of Facebook's 1,200 employees are involved in security-related functions for the site, Kelly said. Its core security team consists of 20 people, a site integrity team of around 15 people and 200 others who are part of a user operations team that monitors illegal activity.
(Source: ComputerWorld)
Full story
ComputerWorld
Wednesday, April 14, 2010
Two senators yesterday introduced a bill that seeks to build a multilateral framework to mitigate and respond to disrupting cyber attacks.
The bill, sponsored by Sens. John Kerry, D-Mass., and Kirsten Gillibrand, D-N.Y., would create an ambassador-rank coordinator position at the State Department that would advise the secretary of State on international cyberspace and cybersecurity issues. The coordinator would promote development of a strategy for international cyber engagement, including considering the utility of negotiating a multilateral framework that would provide internationally acceptable principles to mitigate cyberwarfare.
(Source: Federal Times)
Full story
Federal Times
Cell phones, texting, IM, e-mail, Facebook, MySpace -- kids are interconnected today in ways hardly imagined two decades ago. But these technology-based communication platforms also enable new forms of an age-old parenting strategy: monitoring your kids.
Is it any easier to put the proper measures in place to ensure your child's security since you already have an expertise in this area? Or do you go overboard because of you are hyperattuned to risk? And what is the right balance of freedom and guidance to provide for kids? Turns out it was tricky issue before social networking, and remains tricky now. Here are views and strategies collected from an array of security professionals.
(Source: ComputerWorld)
Full story
ComputerWorld
Tuesday, April 13, 2010
A British child protection agency said it has pressed Facebook to add "panic buttons" to its pages after the murder of a teenager was linked to the site. Jim Gamble, chief executive of the Child Exploitation and Online Protection Centre (CEOP), said the social networking giant did not agree to his demands outright at a meeting in Washington but he felt they were moving in the right direction. Speaking after a four-hour meeting Monday, Gamble said Facebook was close to "doing the right thing" but urged the website to turn "words into action."
Calls have since grown for the inclusion of the buttons -- which allow youngsters who feel threatened online to quickly contact a number of sources of help, such as CEOP or anti-bullying helplines. Politicians, police and anti-bullying groups have voiced outrage that the online giant will not bow to demands to include the system.
(Source: AFP)
Full story
AFP
Monday, April 12, 2010
The case of a teenager in Massachusetts who killed herself after a relentless, months-long bullying campaign shows how the common schoolyard behavior is evolving in dangerous new ways online.
Six students face felony charges in the death of Phoebe Prince, 15, who hanged herself in January after being subjected to verbal assault and threats of physical harm. Some harassment occurred online on Facebook, in text messages and in other high-tech forms, a contemporary development in the age-old practice, experts said.
(Source: Reuters)
Full story
Reuters
In a decision that could set new ground rules for Internet privacy in the workplace, New Jersey's Supreme Court has ruled an employer was wrong in retrieving e-mails between a former employee and her attorney, even though they were sent from a company computer.
"Courts are looking more closely at privacy claims in the digital worklplace," said Marc Rotenberg, executive director of the Electronic Privacy Information Center, a Washington, D.C.-based public-interest research group. "Just because a person is using a company computer doesn't mean they leave all their rights to privacy at the door."
(Source: AP)
Full story
AP
Thursday, April 08, 2010
Suing your parents isn't just for celebrities anymore--a 16-year-old Arkansas boy is suing his mother for hacking into his Facebook account and allegedly posting slanderous remarks. ATV-TV reports that Denise New of Arkadelphia is facing harassment charges from her 16-year-old. Her son, who lives with his grandmother, also requested a no-contact order. Prior to this issue, New and her son reportedly had a "great relationship," despite their living arrangements.
According to the boy, his mother hacked into his Facebook and email accounts, then changed both passwords. She also allegedly posted remarks that involved slander and information about his personal life. New admits to changing the passwords, but denies hacking--she claims he left his account logged in on her computer.
(Source: PC World)
Full story
PC World
Tuesday, April 06, 2010
Link-shortening services such as TinyURL seem ideal for criminals because they can disguise the names of malicious sites. Yet on Twitter — one of the most popular places for them — they may not be nearly as malicious as many industry experts fear, according to new security research. Zscaler Inc., a company that sells security services, studied 1.3 million shortened links taken from Twitter over two weeks, before Twitter began in early March to examine such links for malicious content.
Just 773 of those links — a mere 0.06 percent — led to malicious content. Link-shortening services convert long Web addresses into shorter ones. They have become more popular as people spend more time on social-networking sites and share with their friends links to photos, news articles and other tidbits. They are especially important on Twitter, which restricts its posts to 140 characters.
(Source: AP)
Full story
AP
Friday, March 26, 2010
One of the world's most notorious computer hackers was sentenced to 20 years in prison on Thursday after he pleaded guilty to helping run a global ring that stole tens of millions of payment card numbers. Albert Gonzalez, a 28-year-old college dropout from Miami, had confessed to helping lead a ring that stole more than 40 million payment card numbers by breaking into retailers including TJX Cos Inc, BJ's Wholesale Club Inc and Barnes & Noble.
It was the harshest sentence ever handed down for a computer crime in an American court, said Mark Rasch, former head of the computer crimes unit at the U.S. Department of Justice. Gonzalez and conspirators scattered across the globe caused some $200 million in damages to those businesses, said Assistant U.S. Attorney Stephen Heymann.
(Source: Reuters)
Full story
Reuters
Thursday, March 25, 2010
Four countries and two territories have won preliminary approval to have Internet addresses written entirely in their native scripts as early as this summer.
Rules are being developed to make sure that addresses in either script go to the same Web sites. Since their creation in the 1980s, Internet domain names such as those that end in ".com" have been limited to 37 characters: the 10 numerals, the hyphen and the 26 letters in the Latin alphabet used in English. Technical tricks have been used to allow portions of the Internet address to use other scripts, but until now, the suffix had to use those 37 characters.
(Source: AP)
Full story
AP
Wednesday, March 24, 2010
Countries in Asia now face the same level and type of sophisticated cyber attack as countries in the West, according to a new report from non-profit US cyber-crime research organisation Team Cymru.
Countries in Asia now face the same level and type of sophisticated cyber attack as countries in the West, according to a new report from non-profit US cyber-crime research organisation Team Cymru. "We would expect to see high concentrations of compromised machines in areas with high concentrations of Internet saturation and urban population," said Team Cymru director, global outreach, and former Scotland Yard detective, Steve Santorelli.
(Source: IDG Connect)
Full story
IDG Connect
Tuesday, March 23, 2010
International police agency Interpol launched Monday a "most wanted" site for suspected child sex offenders across the Group of Eight (G8) most industrialised nations. The "G8 Wanted Child Sex Offender" site, accessible via Interpol's homepage (www.interpol.int), draws together information from G8 members the United States, Canada, Britain, France, Germany, Italy, Japan and Russia.
It includes photographs of people wanted on charges of abuse and enables the public to access to information about how to report missing sex offenders who may have crossed borders.
(Source: AFP)
Full story
AFP
Monday, March 22, 2010
In a bid to cut down on fraud and inappropriate content, the organization responsible for administering Russia's .ru top-level domain names is tightening its procedures. Starting April 1, anyone who registers a .ru domain will need to provide a copy of their passport or, for businesses, legal registration papers.
Loopholes in the domain name system help spammers, scammers and operators of pornographic Web sites to avoid detection on the Internet by concealing their identity. Criminals often play a cat-and-mouse game with law enforcement and security experts, popping up on different domains as soon as their malicious servers are identified. Criminals in eastern Europe have used .ru domains for a while, registering domain names under fake identities and using them to send spam or set up command-and-control servers to send instructions to networks of hacked computers.
(Source: PC World)
Full story
PC World
Friday, March 19, 2010
Hollywood and Bollywood linked arms Thursday to fight piracy, with the announcement of a coalition among the Motion Picture Association of America and seven Indian companies to tackle counterfeiting in one of the world's largest film markets.
The alliance comes as Hollywood tries to tap global markets more aggressively and as Indian movie studios grow in size and stature — narrowing the gap between Indian and U.S. filmmakers, who have not always seen eye-to-eye on intellectual property issues. A year in the making, the coalition to fight film piracy in India will work with movie theaters to crack down on camcorder piracy — the source of 90 percent of all pirated DVDs — with police to tighten enforcement, with Internet service providers to fight Internet piracy and with politicians to create more effective laws.
(Source: AP)
Full story
AP
Thursday, March 18, 2010
Spam levels have not been dented by a series of strikes against controllers of networks of hijacked computers. Early 2010 has seen four such networks, or botnets, tackled via arrests, net access cutoffs and by infiltrating command systems. The successes have not inconvenienced hi-tech criminals who found other routes to send spam, say experts. And, they add, despite falling response rates, spam remains too lucrative for criminals to abandon.
"Most non-commercial spam these days is aimed solely to get you to click on a link, even out of curiosity," he said. "As soon as you click on that link, you're infected, most likely to become yet another botnet victim, have your identity and information stolen and go on to participate, all unknowingly in the infection of further victims."
(Source: BBC)
Full story
BBC
Tuesday, March 16, 2010
At the eighth Ministerial eHealth Conference in Barcelona today, EU ministers have outlined a joint vision and policy priorities on how to make eHealth more accessible, interactive and customised to patients. The Declaration outlines a vision and identifies key objectives to be achieved in the next ten years.
The Declaration calls for policy coordination amongst the various areas where eHealth can have an impact on citizens' health in order to enhance benefits for patients, healthcare systems and society. It recognises the need for stronger synergies with policy areas like competitiveness, research and regional development both at European and national levels.
(Source: Europe's Information Society)
Full story
Europe's Information Society
Monday, March 15, 2010
The government has added fresh resources to the fight against cybercrime with the launch of a £4.3m programme to help combat fraud, estimated to cost UK consumers £3.5bn per year. The programme, which aims to take down scam websites, was launched by the Department for Business, Innovation and Skills this week. Under the scheme, up to 300 of the UK's approximately 3,000 existing trading standards officers will receive "intermediate" level training in tackling cybercrime.
In addition, a new cyber enforcement team within the Office of Fair Trading (OFT) will be set up. The team will lead investigations into websites selling fake or non-existent goods, tickets or services online, and will have an attached digital forensics lab that will be available to all OFT staff.
(Source: Silicon)
Full story
Silicon
Friday, March 12, 2010
Reporters Without Borders issued the third annual report ahead of Friday's World Day Against Cyber Censorship, an awareness campaign organized by the Paris-based media advocacy group. Le Coz said repressive regimes seemed to be winning a technological tussle with dissidents who try to circumvent online restrictions. "Enemies of the Internet" list, got more sophisticated at censorship and overcoming dissidents' attempts to communicate online, said Reporters Without Borders' Washington director, Clothilde Le Coz.
Including Cisco Systems Inc., which has been criticized by activists who say that it sells networking equipment that could be used in official efforts to monitor and control Internet use. In a statement Thursday, the company reiterated that it does not provide any government with any special capabilities, and said products sold in China are the same ones sold elsewhere.
(Source: AP)
Full story
AP
Thursday, March 11, 2010
Fraudsters are continuing their switch from traditional card fraud to raiding online bank accounts, according to new research. Fraud losses on UK credit and debit cards totalled £440m in 2009 - a drop of 28% compared with the previous year - the UK Cards Association said. But the number of "phishing" attacks rose by 16% in the same period. This is when fraudsters trick people into entering their personal details on a website or in an e-mail.
Overall losses from card fraud fell last year. Chip-and-pin was highlighted as the major factor behind an 11% fall in fraud on lost and stolen cards - now at its lowest for two decades.
(Source: BBC)
Full story
BBC
From 15 to 18 March 2010 the Ministry of Health of Spain and the Regional Government of Catalonia in cooperation with the European Commission are organizing a ministerial Conference in Barcelona. It will co-locate with the World of Health IT conference. High-level eHealth conferences organised by the presiding countries since 2003 represent important annual milestones in this specific field. Spain therefore will carry on the tradition and host this Conference in Barcelona as a part of its presidency in the first half of 2010.
A platform will be provided to encourage the development of on-line health services in Europe. The politicians, health administrators, researchers and suppliers, along with health professionals, are meeting to share their experiences and to discover what is new in this fast-evolving area.
(Source: Europe's Information Society)
Full story
European Comission
Wednesday, March 10, 2010
Twitter launched a new link-screening service on Tuesday aimed at preventing phishing and other malicious attacks against users of the popular microblogging service.
Phishing scams on Twitter usually involve attackers trying to obtain the login credentials of Twitter users, and then sending spam messages from the stolen accounts in a bid to make money, Twitter said on its blog last month. Twitter also fights phishing scams by watching for affected accounts and resetting passwords, it said. Phishing attacks ballooned on Twitter last year as the service grew in popularity. Twitter's new link-screening service comes after it last year started using Google's Safe Browsing API to check for malicious content in links posted by users.
(Source: PC World)
Full story
PC World
Tuesday, March 09, 2010
The Internet was built on freedom of expression. Society wants someone held accountable when that freedom is abused. And major Internet companies like Google and Facebook are finding themselves caught between those ideals. Such may have been the case when three Google executives were convicted in Milan, Italy on February 24 over a bullying video posted on the site -- a verdict greeted with horror by online activists, who fear it could open the gates to such prosecutions and ultimately destroy the Internet itself.
Matt Sucherman, a Google vice president and general counsel, wrote in a blog post that the company was "deeply troubled" by the case, saying it "attacks the very principles of freedom on which the Internet is built."
(Source: Reuters)
Full story
Reuters
More than three-quarters of people across the world believe access to the Internet is a fundamental right, a poll carried out for the BBC indicated Monday. The poll, which questioned more than 27,000 adults across 26 countries, suggested strong support globally for access to the web. The findings come as efforts are stepped up across the world to increase net access, with the United Nations leading a push for more people to be given the opportunity to get online. Countries including Finland and Estonia have already ruled it is a human right, said the BBC.
"The right to communicate cannot be ignored," Hamadoun Toure, secretary-general of the International Telecommunication Union, told the broadcaster. "The Internet is the most powerful potential source of enlightenment ever created."
(Source: AFP)
Full story
AFP
Monday, March 08, 2010
This three-day event fosters opportunities for IT and Telecommunication professionals to network, build relationships, and explore new ideas. It brings together IT professionals, developers, decisions and policy makers, governmental officials, experts, consultants, industry leaders, bankers, law enforcement officials, academics, networks security managers, database administrators, IT marketing executives, surveyors, etc. to share their protection experience in IT security and exchange ideas on most emerging technology trends, applications and practices.
Kuwait ICT Security Forum aims to keep you at the forefront of the latest security developments. Don't miss this opportunity to learn fresh approaches and develop innovative strategies and tactics to defeat today's biggest information security threats.
(Source: Kuwait ICT Security Forum)
Full story
Kuwait ICT Security Forum
Friday, March 05, 2010
Hackers breaking into businesses and government agencies with targeted attacks have not only stolen intellectual property, in some cases they have corrupted data too, the head of the U.S. Federal Bureau of Investigation said Thursday. The United States has been under assault from these targeted spear-phishing attacks for years, but they received mainstream attention in January, when Google admitted that it had been hit and threatened to pull its business out of China -- the presumed source of the attack -- as a result.
Researchers investigating the Google attack -- thought to have affected at least 100 companies including Intel, Adobe and Symantec -- say that prime targets of the hackers were the source code management systems used by software developers to build code.
(Source: PC World)
Full story
PC World
Thursday, March 04, 2010
The government develops a new strategy to help the information technology industry cut down on waste While no one will ever confuse the polluting effects of the information and communications technology sector with, say, the oil industry, all is not green in the realm of ICT. The world throws away of hundreds of millions of mobile phones, computers, printers, batteries and gadgets annually, while energy and raw materials consumed by the industry account for more than 2% of global greenhouse gases emissions.
It is with this in mind that the Egyptian government has begun work on a green information and communication technology (ICT) strategy aimed at reducing the sector’s energy use and finding a place for the tons of hardware thrown away every year.
(Source: Business Today)
Full story
Business Today
Wednesday, March 03, 2010
Authorities have smashed one of the world's biggest networks of virus-infected computers, a data vacuum that stole credit cards and online banking credentials from as many as 12.7 million poisoned PCs. The "botnet" of infected computers included PCs inside more than half of the Fortune 1,000 companies and more than 40 major banks, according to investigators.
Spanish investigators, working with private computer-security firms, have arrested the three alleged ringleaders of the so-called Mariposa botnet, which appeared in December 2008 and grew into one of the biggest weapons of cybercrime. More arrests are expected soon in other countries.
(Source: The New Zealand Herald)
Full story
The New Zealand Herald
The United Nations (UN) agency responsible for IT and telecommunications has delivered 25 satellite phones to Chile to help restore communication links vital to bringing aid to areas devastated by the massive 8.8-magnitude earthquake on Saturday. The International Telecommunication Union (ITU) said it airlifted the satellite phones out of Geneva on Monday and expected them to be in use on Tuesday. The UN agency thanked Iridium Communications, which operates a global satellite network for mobile telecommunications, for its support of the effort. International aid groups and UN agencies in Haiti are already using Iridium 9555 satellite phones in support of Haiti relief and recovery efforts.
International aid groups and UN agencies in Haiti are already using Iridium 9555 satellite phones in support of Haiti relief and recovery efforts.
(Source: PC World)
Full story
PC World
Tuesday, March 02, 2010
Four California men were charged on Monday with using sophisticated computer programs to fraudulently obtain more than a million tickets to concerts and sporting events and reselling them for a profit estimated at $29 million.
The company was able to snap up the best seats as soon as they were made available online because the programs were able to complete transactions more quickly than real humans vying for tickets manually. For example, Fishman said, Wiseguy bought nearly half the 440 available floor tickets for a Bruce Springsteen concert at Giants Stadium in 2008. In most cases, individual buyers are restricted to a maximum of four tickets.
(Source: AP)
Full story
AP
Friday, February 26, 2010
Security experts are split over the effectiveness of Microsoft's efforts to shut down a network of PCs that could send 1.5 billion spam messages a day. The firm persuaded a US judge to issue a court order to cripple 277 internet domains used by the Waledac botnet. Botnets are usually armies of hijacked Windows PCs that send spam or malware. "We aim to be more proactive in going after botnets to help protect the internet," said Richard Boscovich, the head of Microsoft's digital crime unit.
Security firm Symantec has estimated that over 80% of unsolicited e-mail comes from botnets.
(Source: BBC)
Full story
BBC
Thursday, February 25, 2010
The International Women Day (8th of March), once again will provide the European Commission with an occasion to address the role of women in the ICT sector. However, this year, substantive changes have been introduced to the formula of the event, starting from the location: Cyprus. The intention is to move the discussion to Member States which have only recently joined the European Union adventure, exactly where women's potential is particularly untapped and where fresh ideas could bloom. This year the debate on women and ICT will be embedded in a broader initiative encompassing other ICT related issues. The event will comprise workshops targeting women willing to set up consortia and submit proposals for future calls.
(Source: Europe's Information Society)
Full story
European Comission
Wednesday, February 24, 2010
Intel was the victim of a cyber attack similar to the one experienced by Google, the company revealed Monday. "We regularly face attempts by others to gain unauthorized access through the Internet to our information technology systems," Intel said in regulatory filings posted by The New York Times. "One recent and sophisticated incident occurred in January 2010 around the same time as the recently publicized security incident reported by Google."
Attacks have included people who masqueraded as authorized users or those who used "surreptitious introduction of software," Intel said. "These attempts, which might be the result of industrial or other espionage, or actions by hackers seeking to harm the company, its products, or end users, are sometimes successful."
(Source: PC Magazine)
Full story
PC Magazine
China has issued new restrictions on Internet use, requiring those wanting to set up a website to meet regulators and provide identity documents, in a move slammed Wednesday by one rights group. The new rules come as the United States has stepped up pressure on Beijing to break down its vast system of web controls -- the so-called "Great Firewall of China" -- for the more than 380 million people now online in the country.
Washington issued those calls after US Internet giant Google said last month it was considering pulling out of China over cyberattacks and Chinese government censorship of its search results. China's Ministry of Industry and Information Technology issued the new guidelines to local authorities on February 8 and lifted a ban imposed in December on individuals acquiring .cn domain names, state media said Tuesday.
(Source: AFP)
Full story
AFP
Monday, February 22, 2010
There are two aspects you have to consider when negotiating security and privacy with a service provider. First, you have to have the correct principles encoded in your contract. Second, you have to worry about how well they are executed by the provider. If you read most service contracts you will see that "law enforcement assistance" sections are usually vague. It is up to you to negotiate terms that address key issues of data protection and safeguard your rights:
* Demand that law enforcement requests are properly documented. Show me the warrant. A phone call from agent Bob at headquarters is not a warrant.
* Demand that you are notified of any requests that may affect your data. You have the right to contest warrants in court and most corporations do contest them.
* Demand that each data access request, whether granted or not is documented.
(Source: ComputerWorld)
Full story
ComputerWorld
An online survey of 895 Web users and experts found more than three-quarters believe the Internet will make people smarter in the next 10 years, according to results released on Friday. Most of the respondents also said the Internet would improve reading and writing by 2020, according to the study, conducted by the Imagining the Internet Center at Elon University in North Carolina and the Pew Internet and American Life project.
"Three out of four experts said our use of the Internet enhances and augments human intelligence, and two-thirds said use of the Internet has improved reading, writing and the rendering of knowledge," said study co-author Janna Anderson, director of the Imagining the Internet Center.
(Source: Reuters)
Full story
Reuters
Friday, February 19, 2010
A former security researcher turned criminal hacker has been sentenced to 13 years in federal prison for hacking into financial institutions and stealing credit card account numbers.
Max Ray Butler, who used the hacker pseudonym Iceman, was sentenced Friday morning in U.S. District Court in Pittsburgh on charges of wire fraud and identity theft. In addition to his 13-year sentence, Butler will face five years of supervised release and must pay US$27.5 million in restitution to his victims, according to Assistant U.S. Attorney Luke Dembosky, who prosecuted the case for the federal government. Dembosky believes the 13 year sentence is the longest-ever handed down for hacking charges.
(Source: ComputerWorld)
Full story
ComputerWorld
Thursday, February 18, 2010
A new type of computer virus is known to have breached almost 75,000 computers in 2,500 organizations around the world, including user accounts of popular social network websites, according Internet security firm NetWitness. The latest virus -- known as "Kneber botnet" -- gathers login credentials to online financial systems, social networking sites and email systems from infested computers and reports the information back to hackers, NetWitness said in a statement.
A botnet is an army of infected computers that hackers can control from a central machine." The company said the attack was first discovered in January during a routine deployment of NetWitness software.
(Source: Reuters)
Full story
Reuters
Wednesday, February 17, 2010
A common Web programming error could give hackers a way to take over Google Buzz accounts, a security expert said Tuesday. The flaw is a "medium-sized problem" with the Buzz for Mobile Web site, said Robert Hansen, CEO of SecTheory, who first reported the issue. This type of Web programming error, called a cross-site scripting flaw, lets the attacker put his own scripting code into Web pages that belong to trusted Web sites such as Google.com. It is a fairly common flaw but one that can have major consequences when exploited on widely used Web sites.
The attacker "can force you to say things you don't want to say, to follow people," he said. "Whatever Google Buzz allows you to do, it allows him to do to you."
(Source: PC World)
Full story
PC World
Monday, February 15, 2010
A man has appeared before magistrates in Truro charged with four sex offences following an investigation into children being groomed on the internet. Michael Williams, 28, of Tresooth Lane, Penryn, was charged with sexual assault and grooming a girl under 16 and two counts of making indecent images. The inquiry centres around pupils from Falmouth School and Penryn College. Mr Williams, who was remanded in custody, is not a teacher and is not directly connected with the schools. Letters have been sent to parents of pupils at Falmouth School and Penryn College informing them of the investigation.
(Source: BBC)
Full story
BBC
Former top US intelligence officials will become cyberwarriors on Tuesday in a simulation of how the US government would respond to a massive cyberattack on the United States. "The scenario itself is secret," said Eileen McMenamin, vice president of communications for the Bipartisan Policy Center (BPC), which is hosting the event dubbed "Cyber ShockWave." "The participants don't even know what it is," McMenamin told AFP. "None of them know what's going to transpire."
Former president George W. Bush's Homeland Security chief Michael Chertoff will play the role of National Security Advisor to the president while former Director of National Intelligence John Negroponte will be Secretary of State.
(Source: AFP)
Full story
AFP
Friday, February 12, 2010
50% of European teenagers give out personal information on the web – according to an EU study – which can remain online forever and can be seen by anybody. Today, Safer Internet Day, the European Commission is passing a message to teenagers: "Think before you post!" It welcomed actions to protect children using social networking websites taken by the 20 companies who signed the Safer Social Networking Principles last year (IP/09/232 ).
Most of these companies have empowered minors to tackle online risks by making it easier to change privacy settings, block users or delete unwanted comments and content. Yet more needs to be done to protect children online, the Commission says. Less than half of social networking companies (40%) make profiles of under-18 users visible only to their friends by default and only one third replied to user reports asking for help.
(Source: Europa)
Full story
Europa
Thursday, February 11, 2010
The government has called on the mobile phone industry to do more to protect handset owners against theft. Alan Campbell, Minister for Crime Prevention, said firms "have a social and a corporate responsibility to tackle crime". Around 2% of British mobile phone users report they have suffered a theft in the last year, although for teenagers the figure is three times higher.
The government's call comes as the Home Office unveiled the winning designs in a crime prevention contest, aimed at making mobile phones less attractive to thieves. Designs included an alarm that sounds when a phone is too far from its owner and locks the handset.
(Source: BBC)
Full story
BBC
Tuesday, February 09, 2010
Deep inside millions of computers is a digital Fort Knox, a special chip with the locks to highly guarded secrets, including classified government reports and confidential business plans. Now a former U.S. Army computer-security specialist has devised a way to break those locks.
The attack can force heavily secured computers to spill documents that likely were presumed to be safe. This discovery shows one way that spies and other richly financed attackers can acquire military and trade secrets, and comes as worries about state-sponsored computer espionage intensify, underscored by recent hacking attacks on Google Inc.
(Source: AP)
Full story
AP
Monday, February 08, 2010
China has closed what it claims to be the largest hacker training website in the country and arrested three of its members, domestic media reported on Monday.
The "Black Hawk Safety Net" website taught hacking techniques and provided malicious software downloads for its 12,000 members in exchange for a fee, the Wuhan Evening News newspaper reported this weekend, citing police in Huanggang, just east of Wuhan.
(Source: Reuters)
Full story
Reuters
Nearly 500 teachers are meeting in Seville to celebrate the fifth anniversary of eTwinning, an action that creates online communities of teachers and schools across Europe. Through eTwinning, over 85 000 teachers from across Europe work together in international school activities involving more than 50 000 schools in 32 European countries. In the five years of its existence, eTwinning has grown from being a partner-finding tool for teachers to become a rich, Europe-wide community of teaching and learning ( www.etwinning.net ).
On 5 February, a prize ceremony is being held for 37 schools from 21 countries that are the top winners of this year's eTwinning Awards for excellence in eTwinning.
(Source: Europa)
Full story
Europa
Thursday, February 04, 2010
Twitter required some users to reset their passwords on Tuesday after discovering that their log-in information may have been harvested via security-compromised torrent Web sites, the company said.
For years, a malicious hacker has been setting up file-sharing torrent sites that appear legitimate and then selling them to well-meaning buyers who want to own their own download site, explained Del Harvey, Twitter's director of trust and safety, in a blog post. However, the sites are riddled with malware and backdoors that allow the malicious hacker to steal log-in credentials -- like e-mail addresses, usernames and passwords -- from users who sign up for them.
(Source: ComputerWorld)
Full story
ComputerWorld
Tuesday, February 02, 2010
Facebook and Twitter users are under attack by cybercriminals -- and the incidents are rising, Sophos says in its its 2010 Security Threat Report released Monday. In the past 12 months, Sophos says, cybercriminals have focused more attacks on social-network users. Spam and malware are leading the charge.
Fifty-seven percent of users surveyed reported getting spammed via social-networking sites -- an increase of 70.6 percent from 2008. And 36 percent say they have been sent malware via social-networking sites, a 69.8 percent increase.
(Source: NewsFactor Network)
Full story
NewsFactor Network
Thursday, January 28, 2010
China will gradually move to cut censorship of the Internet, but it will take a long time, the man credited with inventing the World Wide Web said Wednesday.
Commenting on Google's threat to pull out of China, Tim Berners-Lee said Beijing was having to move "carefully" in opening up Internet openness, but said the "genie is out of the bottle" in terms of access. "I think that openness increases steadily. Every time you open it the genie comes out of the bottle and it's very difficult to put it (back) in the bottle," he told AFP. Speaking on the sidelines of the World Economic Forum (WEF) annual meeting in Davos, Switzerland, he said: "The Internet has a tradition of bit by bit increasing openness.
(Source: AFP)
Full story
AFP
Wednesday, January 27, 2010
The design of the future German identity card has been unveiled. Credit-card sized and made of polycarbonate, it will be issued from November 2010 on. The new card aims to ease the citizens' transactions with government and businesses and to increase security as well as to enhance public confidence in electronic services.
The front side has the image of the federal eagle, whereas on its reverse side the Brandenburg Gate is depicted. The new card contains numerous security features in order to increase protection against forgery. A special feature is that the holder's details are digitally stored. It is also capable to carry a digital signature. Both features will allow card holders to complete commercial online transactions as well as official business with government offices.
(Source: eGov Monitor)
Full story
eGov Monitor
Tuesday, January 26, 2010
If you have thousands of friends on Facebook, most of them are not your real friends, reports The Sunday Times of London.
According to a recent study by Oxford University professor of Evolutionary Anthropology Robin Dunbar, a human brain is limited to keeping up with about 150 meaningful relationships, regardless of how many Facebook friends you might have. This is in line with Dunbar's earlier research on the matter, in which he concludes that there exists a theoretical "sweet spot" for the number of relationships a human can effectively manage. Throughout history, people have formed social groupings of about 150, as larger groupings quickly begin to deteriorate and lose social cohesion.
(Source: PC World)
Full story
PC World
Monday, January 25, 2010
The 'Health-e-Space' website has gone online in Moray, Scotland, aiming to encourage individuals to play an active role in personal health matters by providing them with a series of online tools and information.
The website allows anybody living in Moray to become a member and to obtain local health information, links to recommended websites and suggestions on how to live with health conditions. Its sister website, the 'Health-e-Space Community', serves as a social networking platform for people to share their health concerns and experiences among them in the Moray area.
(Source: eGov Monitor)
Full story
eGov Monitor
Friday, January 22, 2010
Egypt, Russia, Saudi Arabia and the United Arab Emirates are the first countries to win preliminary approval for Internet addresses written entirely in their native scripts. Since their creation in the 1980s, Internet domain names have been limited to the 26 characters in the Latin alphabet used in English, as well as 10 numerals and the hyphen. Technical tricks have been used to allow portions of the Internet address to use other scripts, but until now, the suffix had to use those 37 characters.
An announcement Thursday by the Internet Corporation for Assigned Names and Numbers, known as ICANN, paves the way for an entire domain name to appear in Cyrillic or Arabic by the middle of this year. Applications for strings in other languages are pending.
(Source: AP)
Full story
AP
If Your Password Is 123456, Just Make It HackMe. Back at the dawn of the Web, the most popular account password was “12345.” Today, it’s one digit longer but hardly safer: “123456.”
Despite all the reports of Internet security breaches over the years, including the recent attacks on Google’s e-mail service, many people have reacted to the break-ins with a shrug. According to a new analysis, one out of five Web users still decides to leave the digital equivalent of a key under the doormat: they choose a simple, easily guessed password like “abc123,” “iloveyou” or even “password” to protect their data.
(Source: The New York Times)
Full story
The New York Times
Thursday, January 21, 2010
For the first time, the Ministerial High Level Conference on eHealth and the World Health IT Conference and Exhibition are being held in the same week in a joint initiative called “e-Health Week 2010”, the most prestigious event in the European eHealth sector. Barcelona International Conventions Centre (CCIB) will open its doors from March 15 to 18 to receive the European meeting most attended by the healthcare sector interest groups.
March 15 will see the start of the High Level eHealth Conference, an E.U. event organised by the Spanish Presidency of the E.U., the European Commission, the Government of Catalonia and the TicSalut Foundation. The conference is presented under the motto of “eHealth for sustainable healthcare: global changes through local actions”
(Source: eHealth Week)
Full story
eHealth Week
Hundreds of tech volunteers spurred to action by Haiti's killer quake are adding a new dimension to disaster relief, developing new tools and services for first responders and the public in an unprecedented effort. "It really is amazing the change in the way crisis response can be done now," said Noel Dickover, a Washington, D.C.-based organizer of the CrisisCamp tech volunteer movement, which is central to the Haiti effort. "Developers, crisis mappers and even Internet-savvy folks can actually make a difference."
Another volunteer project forged in the quake's aftermath is a cell phone text-messaging system that has helped the U.N., Red Cross and other relief groups dispatch rescuers, food and water.
(Source: AP)
Full story
AP
Wednesday, January 20, 2010
The World Economic Forum today released its study on Scaling Opportunity: Information and Communications Technology for Social Inclusion, an analysis of how ICT is evolving to address the social and economic needs of the poor. The study notes that, as 4 billion people have access to the global communications infrastructure, the opportunity to create innovative and inclusively tailored solutions for connecting the unconnected is extraordinary.
Along with highlighting the rapid adoption rate of mobile phone usage within emerging economies, the report focuses on the question: “What’s next?”
(Source: eGov Monitor)
Full story
eGov Monitor
Hackers are attacking consumers with an exploit of Internet Explorer (IE) that was allegedly used last month by the Chinese to break into Google's corporate network, a security company said Monday.
That news came on the heels of warnings by the information security agencies of the French and German governments, which recommended that IE users switch to an alternate browser, such as Firefox, Chrome, Safari or Opera, until Microsoft fixes the flaw. In a Monday alert Websense said it identified "limited public use" of the unpatched IE vulnerability in drive-by attacks against users who strayed onto malicious Web sites.
(Source: ComputerWorld)
Full story
ComputerWorld
Tuesday, January 19, 2010
A man who ran a music-sharing website with almost 200,000 members has been found not guilty of conspiracy to defraud at Teesside Crown Court. Alan Ellis, 26, was the first person in the UK to be prosecuted for illegal file-sharing. He operated the site, called Oink, from his flat in Middlesbrough from 2004 until it was closed down in a police raid in October 2007. In that time Oink facilitated the download of 21 million music files.
(Source: BBC)
Full story
BBC
Monday, January 18, 2010
The U.S. Federal Bureau of Investigation is advising people to be careful when evaluating donation programs related to the earthquake in Haiti as one security firm is already seeing scam e-mails circulate. People should apply a "critical eye" to requests for financial donations following Tuesday's earthquake in Haiti, which caused an unknown number of deaths and severe damage to the country's infrastructure.
Scam e-mails are already emerging. Symantec noted a so-called 419-style e-mail that purported to come from the British Red Cross. A 419 scam, named after the number of a statute in Nigeria's criminal code banning the practice, is one in which an e-mail or a letter implores a person to send money for some bogus reason.
(Source: ComputerWorld)
Full story
ComputerWorld
Thursday, January 14, 2010
With communications in Haiti ravaged by an earthquake, tech-savvy residents turned to Twitter to send pictures and news of the destruction while others used the Web service to mobilize appeals for aid.
Harrowing personal accounts, heart-rending pictures and rallying cries for relief for quake-ravaged Haiti spread swiftly on Twitter as the microblogging platform once again became a key communications tool during disaster. Haiti solidarity groups sprang up on social network Facebook, meanwhile, including one that quickly attracted more than 142,000 members, and video of the aftermath of the 7.0-magnitude quake appeared on YouTube.
(Source: AFP)
Full story
AFP
Facebook is trying to strengthen security on its Web site with some outside help. Computer security company McAfee Inc. will now scan and repair the computers of Facebook users whose accounts have been compromised, the company said Wednesday. The scanning process will be added to the steps that Facebook already makes the users of such accounts go through if they want to reclaim their pages.
Facebook says spam and viruses affect a tiny percentage of its users. But hackers are increasingly targeting the social sites as they become a core part of the Web. Spokesman Barry Schnitt said Facebook spends a lot of time and resources to keep users' accounts secure.
(Source: AP)
Full story
AP
Wednesday, January 13, 2010
The cyber threat environment is constantly changing and becoming more challenging with every day that passes. Malware grew last year at the highest rate in 20 years. Multiple security reports showed that more than 25 million new strains of malware were identified in 2009.
Forecasts suggest that 2010 will again see unprecedented growth in malware and the trend is expected to continue for the foreseeable future. Not only will the cyber attack volume escalated dramatically, but the sophistication of malware delivery modalities will also become much more sophisticated and dangerous. In addition, social networking sites will become major targets of choice for cyber criminals.
(Source: Defense Tech)
Full story
Defense Tech
Despite the prevalence and popularity of social networking sites like Facebook, almost a third of respondents said that they preferred to meet friends face-to-face, although 44 percent said the internet made it easier to keep in touch with them. More than seven in 10 children said their most common use of the Internet was for gaming, while 59 percent said that they used the worldwide web in the course of doing their homework. The youngsters from Britain, Germany, France, Spain, Italy and Poland also expressed a strong sense of social responsibility, with 90 percent saying it was important to look after the planet, and 74 percent saying they recycled regularly.
They've never known a world without the Internet, but they still prefer to meet their friends offline.
(Source: Reuters)
Full story
Reuters
Tuesday, January 12, 2010
Violent video games have "a much bigger negative influence on kids" than pornography, a leading porn star has claimed. He said parents should be more worried about the harmful effects of such games. Mr Jeremy's comments were made at a session called the Great Porn Debate during the Consumer Electronics Show, CES, in Las Vegas. His comments angered gamers, who accused him of "ignorance".
Mr Jeremy also urged parents to play their part in preventing children from accessing adult websites. He said the industry already does all it can to protect youngsters. "Parents can block this stuff and need to stop blaming porn for a bad case of parenting," Mr Jeremy told BBC News.
(Source: BBC)
Full story
BBC
Hackers calling themselves the Iranian Cyber Army briefly hijacked the home page of China's top search engine, Baidu Inc, on Tuesday weeks after doing the same thing to Twitter.com.
Media carried screenshots of Baidu's home page showing a message: "This site has been hacked by Iranian Cyber Army" against a dark background and the flag of Iran. The group hacked popular microblogging website Twitter in December replacing Twitter's home page with the same headline and an anti-American message.
(Source: Reuters)
Full story
Reuters
Monday, January 11, 2010
A wireless industry group said mobile phone conversations are safe from eavesdropping, even after a German security expert released the code for unscrambling calls made using most of the world's cell phones. Concerns spread last week that cell phone calls could easily be intercepted after encryption expert Karsten Nohl unveiled his research at Europe's largest hacking conference, in Berlin.
The London-based GSM Association said on Thursday that it has spent the past few years figuring out ways to thwart hackers who might try to tap into wireless calls using Nohl's research, which it first learned of in 2007.
(Source: Reuters)
Full story
Reuters
Friday, January 08, 2010
People who post intimate details about their lives on the internet undermine everybody else's right to privacy, claims an academic. Dr Kieron O'Hara has called for people to be more aware of the impact on society of what they publish online. "If you look at privacy in law, one important concept is a reasonable expectation of privacy," he said. "As more private lives are exported online, reasonable expectations are diminishing."
The rise of social networking has blurred the boundaries of what can be considered private, he believes - making it less of a defence by law. We live in an era that he terms "intimacy 2.0" - where people routinely share extremely personal information online.
(Source: BBC)
Full story
BBC
Thursday, January 07, 2010
The new year will usher in some interesting new changes in the world of malware and cyber-attacks, according to one company's predictions for 2010. Watchful eyes will have to be kept on mobile phone apps, Google Wave accounts, file sharing and peer-to-peer networks -- cyber-criminals will target those in greater numbers, according to predictions released by Kaspersky Labs, a provider of Internet threat management solutions for combating malware.
"Given the growing sophistication of threats -- it's no longer just an e-mail saying, ‘Please click on this attachment,' and you get infected with something -- the schemes are much more elaborate than that," said Roel Schouwenberg, the company's senior malware researcher.
(Source: Government Technology)
Full story
Government Technology
Got an e-mail list of customers or readers and want to know more about each such as their full name, friends, gender, age, interests, location, job and education level? Facebook has just the free feature you're looking for, thanks to its recent privacy changes. The hack, first publicized by blogger Max Klein, repurposes a Facebook feature that lets people find their friends on Facebook by scanning through e-mail addresses in their contact list.
Using a simple scraping tool, a marketer could then turn a list of e-mail addresses into a rich, full-fledged set of marketing profiles, with names, pictures, ages, locations, interests, photos, wall posts, affiliations and names of your friends, depending on how users have their profiles set.
(Source: CNN)
Full story
CNN
Monday, January 04, 2010
Last year, the Internet began to be seen as a basic human right and some countries have instituted legal means of guaranteeing that the vast majority of their citizens have access to a quality Internet connection. Other countries, though, are going the other way, hindering their citizen's web use and in some cases moving to disconnect them altogether. In France, the heavily criticized and disputed, so-called "three strikes" law has come into effect starting January 1st. Its backers are quick to boast the laws unabridged effectiveness, but common sense points the other way.
How exactly the agency will determine users' email addresses, or even harder, the address they are actively using remains to be seen.
(Source: Softpedia)
Full story
Softpedia
Chinese authorities caught nearly 5,400 suspects last year in a crackdown on online pornography and have vowed to strengthen Internet policing.
Beijing's pervasive policing of cyberspace and attempts to block the Internet are already among the world's most stringent. In a statement late Thursday, the Ministry of Public Security said the "purification of the Internet" and fighting of online crime are closely tied to the country's stability. "Lewd and pornographic content seriously pollutes the online environment, depraves social morals and poisons the physical and psychological health of the masses of young people," the statement said. "It must be firmly controlled."
(Source: AP)
Full story
AP
Thanks to efforts from Microsoft Research, criminals involved in child-exploitation will have less places to hide, especially when it comes down to the nooks and crannies of the Internet. Ernie Allen, president and CEO of National Center for Missing & Exploited Children (NCMEC) notes that while the Internet has created new opportunities for pedophiles to access content in the privacy of their own homes, and to expose themselves less to the risks associated with their illegal activities, work has been done to identify them and bring them to justice. At the same time, PhotoDNA is designed to help stop the distribution of child-exploitation images across the web.
NCMEC will be using a technology donated by Microsoft in order to produce blueprints of known images of children abuse.
(Source: Softpedia)
Full story
Softpedia
Thursday, December 17, 2009
A court in east China has handed down jail sentences of up to three years to 11 people for their roles in online gaming scams that netted them around 140,000 dollars, state media said. Lu Yizhong and Zeng Yifu wrote malicious Trojan horse viruses to steal 5.3 million user names and passwords from online gamers, which were then used for "illegal gains", the Xinhua news agency reported late Wednesday. Defendants Yan Renhai, his girlfriend Chen Huiting and other accomplices sold or used the viruses to steal online credits, the Gulou District People's Court in Jiangsu province found, according to Xinhua.
The number of Internet gamers in China reached 217 million at the end of June, or 64.2 percent of the nation's total online population.
(Source: AFP)
Full story
AFP
Wednesday, December 16, 2009
Internet users are being warned to watch out for a computer virus targeting popular social networking sites in the run up to Christmas.
Security experts say the new virus is "particularly nasty" and compels its victims to participate manually in creating a new Facebook account to help spread the worm. "The more people who use an application such as Facebook, or any other means of social networking, the more likely they are to be targeted by bad guys to send out malicious threats such as Koobface." The internet security company recommends that users do not reply to or follow links included in unsolicited Facebook messages and users should always carefully check that the URL they are entering is really that of the site they want to access.
(Source: FOX News)
Full story
FOX News
Thirty percent of 17-year-olds with cell phones have received sexting photos or videos, while eight percent have sent them, according to a new report from the Pew Research Center. What's more, four percent of 12- to 17-year-olds admit they have texted sexually suggestive nude or nearly nude images of themselves to someone else. Another 15 percent said they have received such images.
Meanwhile, laws and law-enforcement practices have emerged around sexting. The Pew report notes that some law-enforcement officers and district attorneys have begun prosecuting teens who create and share such images under laws generally reserved for producers and distributors of child pornography.
(Source: News Factor)
Full story
News Factor
Tuesday, December 15, 2009
Australia said Tuesday it would push ahead with a mandatory China-style plan to filter the Internet, despite widespread criticism that it will strangle free speech and is doomed to fail.
Communications Minister Stephen Conroy said new laws would be introduced to ban access to "refused classification" (RC) sites featuring criminal content such as child sex abuse, bestiality, rape and detailed drug use. Blacklisted sites would be determined by an independent classification body via a "public complaint" process, said Conroy, admitting there was "no silver bullet solution to cyber-safety".
(Source: AFP)
Full story
AFP
They're the scourge of the Internet right now and the U.S. Federal Bureau of Investigation says they've also raked in more than $150 million for scammers. Security experts call them rogue antivirus programs.
The FBI's Internet Crime Complaint Center issued a warning over this fake antivirus software Friday, saying that Web surfers should be wary of sudden pop-up windows that report security problems on their computers. This software can appear almost anywhere on the Web. Typically, the scam starts with an aggressive pop-up advertisement that looks like some sort of virus scan. Often it's nearly impossible to get rid of the pop-up windows.
(Source: ComputerWorld)
Full story
ComputerWorld
Monday, December 14, 2009
ISO will develop a technical report (TR) to help emerging and developing countries implement a solid and internationally harmonized health informatics system. The report will present information in an accessible way to guide and facilitate the adoption of relevant International Standards by countries with limited resources and infrastructure.
International Standards can help by providing globally harmonized specifications for establishing the architectural framework used to design eHealth systems, plan implementation, make build-or-buy decisions, decide on acquisitions and undertake related activities.
(Source: ISO)
Full story
ISO
In the EU27, 65% of households 1 had access to the internet during the first quarter of 2009, compared with 60% during the first quarter of 2008, and 56% had a broadband internet connection in 2009, compared with 49% in 2008.
The se data 2 published by Eurostat, the Statistical Office of the European Communities , represent only a small part of the results of a survey on Information and Communication Technologies (ICT) usage in households and by individuals in the EU27 Member States, the candidate countries, Norway , Iceland and Serbia . As well as internet use and broadband connections, the survey also covers other indicators such as e-shopping, e-government and advanced communication and content related services.
(Source: Euro Stat)
Full story
European Commission
Thursday, December 10, 2009
A "friendly" hacker called c0de.breaker claims to have broken into two secure internal sites at NASA's Instrument Systems and Technology and Software Engineering divisions, and snapped screen shots to prove the protected sites were intruded.
"I didn't want to make something bad!" c0de.breaker wrote in a web posting. "Only to show NASA (has) many vulnerable subdomains to SQLI (SQL injection), XSS (cross-site scripting), etc." The hacker gained access through a combination of a SQL injection and poor access controls. The National Aeronautics and Space Administration has had major problems securing its websites for years.
(Source: Gov Info Security)
Full story
Gov Info Security
Wednesday, December 09, 2009
What do phishing, instant messaging malware, DDoS attacks and 419 scams have in common? According to Cisco Systems, they're all has-been cybercrimes that were supplanted by slicker, more menacing forms of cybercrime over the past year.
In its 2009 Annual Security Report, due to be released Tuesday, Cisco says that the smart cyber-criminals are moving on. "Social media and the data-theft Trojans are the things that are really in their ascent," said Patrick Peterson, a Cisco researcher. "You can see them replacing a lot of the old-school things."
(Source: ComputerWorld)
Full story
ComputerWorld
Tuesday, December 08, 2009
The government is preparing to set up a National Identity Management Center (NIMC) to distribute National Identity Cards (NIDC) across the country. Government officials said that the center will be located in Kathmandu and will distribute cards through thousands of government employees mobilized across the country.
Government officials are making preparations to set up the center on the basis of the recently submitted recommendations of a task force formed to study the need and structure of such a center. “We have recommended to the government to set up NIMC to distribute NIDCs as committed in the national budget and government policy and programs," Lilamani Paudel, Secretary at the Office of the Prime Minister and Council of Ministers (OPMCM), told myrepublica.com.
(Source: Republica)
Full story
BBC
Lessons in using the internet safely are set to become a compulsory part of the curriculum for primary school children in England from 2011.
The lessons are one element of a new government strategy being unveiled called "Click Clever, Click Safe". Children will also be encouraged to follow an online "Green Cross Code" and block and report inappropriate content. The measures have been drawn up by the UK Council on Child Internet Safety, a new body comprising 140 organisations. The campaign intends to encourage children to not give out personal information on the web, block unwanted messages on social networks and report any inappropriate behaviour to the appropriate bodies, which may include the website, teachers or even police.
(Source: BBC)
Full story
BBC
Monday, December 07, 2009
The Taiwan government says it will spend 2 billion New Taiwan dollars ($65 million) to support its electronic-book industry and help makers cash in on the rapidly growing world market.
Companies can receive government subsidies of up to 40 percent of costs for programs developing related technologies, according to an Industrial Development Bureau report released Thursday. Taiwan is already a leading player in the digital book market, being the exclusive supplier of e-paper displays for Amazon's Kindle and Sony's e-Reader through collaboration with foreign firms that hold cutting-edge electronic ink technologies, officials said.
(Source: AP)
Full story
AP
Friday, December 04, 2009
The U.S. government and private businesses need to overhaul the way they look at cybersecurity, with the government offering businesses new incentives to fix security problems, the Internet Security Alliance said.
The alliance, in a report released Thursday, also called for permanent international cybersecurity collaboration centers, new security standards for VoIP (voice over Internet Protocol) communications and programs to educate corporate leaders about the benefits of enhanced cybersecurity efforts. Lots of groups have called for better information security education for students, but education for enterprise leaders is often overlooked, said Joe Buonomo, president and CEO of Direct Computer Resources, a data security products vendor.
(Source: ComputerWorld)
Full story
ComputerWorld
Thursday, December 03, 2009
The 13-year-old Florida girl sent a topless photo of herself to a boy in hope of gaining his attention. Instead, she got the attention of her school, as well as the high school nearby. The incessant bullying by classmates that followed when the photo spread put an emotional weight upon Hope that she ultimately could not bear.
Her death is only the second known case of a suicide linked to bullying after “sexting” — the practice of transmitting sexual messages or images electronically. In March, 18-year-old Jesse Logan killed herself in the face of a barrage of taunts when an ex-boyfriend forwarded explicit photos of her following their split. “As far as training them on the Internet and what to look at and what not to look at, yeah, we talked about it,”
(Source: MSNBC)
Full story
MSNBC
Wednesday, December 02, 2009
If your iPhone has been jailbroken, change your passwords now, advised Paul Ducklin, Sophos Australia's chief of technology. Ducklin said the writers of this virus included a program call "Duh", which added malicious capabilities not present in last month's ikee release.
The new password installed by this virus was "ohshit", which can be used to remove the threat of further remote attacks on an infected device. Ducklin said to clean up the device by searching the file "directory/private/var/mobile/home", type in "passwd" to initiate the command, and change the password. "Otherwise the buggers can get back in anytime they want," said Ducklin.
(Source: ZDNet Australia)
Full story
ZDNet Australia
Online sales in China almost doubled in the first nine months of this year, official data showed Tuesday, as the nation becomes more switched on and confident in Internet shopping.
China's enormous Internet community spent 168.9 billion yuan (25 billion dollars), a 90 percent increase from the same period last year, the government data showed. And Di Jiankai, a director-general of the commerce ministry, told reporters the total figure for the whole year was expected to exceed 260 billion yuan. He did not providing a comparative figure for 2008. "The commerce ministry pays great attention to e-commerce," he added. "It is a very important business form we can use to boost consumption."
(Source: AFP)
Full story
AFP
Tuesday, December 01, 2009
It’s not good news for IT cities. According to a report prepared by the Computer Emergency Research Team from the Union IT ministry, a total of 692 websites have been affected in September alone.
The unit has now asked the respective state governments to secure their own websites. “We have instructed all state governments to instal security measures, especially for those sites which contain sensitive data,’’ said a senior ministry official. Of the websites hacked, a whopping 74% belong to the dotin domain Most common hacking method is to steal password from administrator Hackers also enter web server and destroy the site Another method is to try and poison the URL.
(Source: The Economic Times)
Full story
The Economic Times
A computer worm that China warned Internet users against is an updated version of the Panda Burning Incense virus, which infected millions of PCs in the country three years ago, according to McAfee.
The original Panda worm, also known as Fujacks, caused widespread damage at a time when public knowledge about online security was low, and led to the country's first arrests for virus-writing in 2007. The new worm variant, one of many that have appeared since late 2006, adds a malicious component meant to make infection harder to detect.
(Source: PC World)
Full story
PC World
Monday, November 30, 2009
Diners who frequent a popular Downtown restaurant should review their charge-card statements because hackers broke into its computer system to loot debit- and credit-card numbers, police said today.
Between 30 and 50 people have reported fraudulent charges on their accounts, and Columbus detectives said that anyone who used a charge card at Tip Top Kitchen and Cocktails in July or August is at risk. The hackers have been traced to an overseas Internet address, and no Tip Top employees are involved, police said. The hackers found a weak point in the restaurant's computer defenses, wormed their way in, and installed "malware" that stripped the numbers.
(Source: The Columbus Dispatch)
Full story
The Columbus Dispatch
Thursday, November 26, 2009
The European Union’s first dedicated NGO Alliance for Child Safety Online (eNACSO) launched its Digital Manifesto on 14 November 2009 during the Internet Governance Forum(IGF) in Egypt. ‘The global nature of the internet places a particular responsibility on international institutions and governments to take action at national and international level to ensure children are safe online’ says Dieter Carstensen, eNACSO Chair.
The Digital Manifesto will form part of eNACSO’s ‘Agenda for Action’ document which will be launched in Brussels in May 2010.
(Source: eNACSO)
Full story
eNACSO
While the Senate bogs down in negotiations over drafting major cybersecurity reform legislation, a House panel Wednesday passed a nuts-and-bolts IT security bill that would require the president to assess the government's cybersecurity workforce, including an agency-by-agency skills assessment, and provide scholarship to students who agree to work as cybersecurity specialists for the government after graduation.
"There are some very technically, sophisticated ways in enhancing cybersecurity, but there are some simple ways, also. Some aspects of computer security are rocket science and others are fairly, simple precautionary steps which most people can take."
(Source: Gov Info Security)
Full story
Gov Info Security
Wednesday, November 25, 2009
In today’s technologically advanced world, documents and correspondences that were once sent by post are now exchanged electronically. This exchange takes place smoothly until a signature is required in the transaction. Then the entire process falls back to the real ‘e-less’ world of paper documents, faxes, snail-mail and even physical presence.
Technology, however, has not ceased to search for solutions to this barrier. The result: a method that is accurate and arguably more secure than the traditional handwritten signature, which allows documents to be signed online — e-signatures.
(Source: Business Today)
Full story
Business Today
That television set you discourage your children from watching may not be the greatest threat to their wellbeing. Instead, the mobile phone is the gateway in introducing children to the world of cyberspace, posing a great risk to their safety, a lobby group said Tuesday.
According to The Cradle, the unmonitored use of technology is increasingly exposing youngsters to the risk of harm and violence. "Only 24 per cent of children in the study reported to their parents or an authority of online or cell phone harassment,” Cradle programme manager Brian Weke told journalists. The study also revealed that 77 out of the 96, who had the incidences reported to them, took no action and ignored the seriousness of the matter.
(Source: Daily Nation)
Full story
Daily Nation
Tuesday, November 24, 2009
Four men, including the self-proclaimed "Godfather of Spam," were sentenced to prison on Monday for their roles in an email stock fraud scheme, the Justice Department said. FBI special agent said Ralsky, the self-proclaimed "Godfather of Spam," flooded email boxes with unwanted spam email and attempted to use a botnet to hijack computers to assist them in the scheme. A botnet is a network of computers infected by malicious software.
"Today's sentencing sends a powerful message to spammers whose goal is to manipulate financial transactions and the stock market through illegal email advertisements," said assistant attorney general Lanny Breuer.
(Source: AFP)
Full story
AFP
Monday, November 23, 2009
A Canadian woman on long-term sick leave for depression says she lost her benefits because her insurance agent found photos of her on Facebook in which she appeared to be having fun.
Nathalie Blanchard has been on leave from her job at IBM in Bromont, Quebec, for the last year. The Canadian Broadcasting Corp. reported Saturday she was diagnosed with major depression and was receiving monthly sick-leave benefits from insurance giant Manulife. But the payments dried up this fall and when Blanchard called Manulife, she says she was told she was available to work because of Facebook.
(Source: AP)
Full story
AP
A series of skimming crimes that hit the Nashville, TN area recently is but one of many ATM fraud schemes preying upon financial institutions and their customers.
Nashville police reported last week that they were investigating an ATM card skimming scheme where at least 600 individuals were potential victims. Investigators say five Bank of America ATMs were hit, as well as an unknown number of US Bank machines. A total of 60 people had fraudulent withdrawals from their accounts for anywhere between $100 to $5,000 dollars. Investigators suspect that the skimming schemers have now moved on to other cities. "No one vendor or ATM type is more susceptible over another," Ipson says, "so everyone needs to be aware of this threat."
(Source: Bank Info Security)
Full story
Bank Info Security
Thursday, November 19, 2009
A self-proclaimed geek from the age of 14, Andre DiMino had always been interested in computers and networking. But it wasn't until he entered his professional life many years later that he became interested in the security side of that world.
Just five years ago, hunting botnets, said DiMino, was a much different game. The botnets were fairly straightforward, he said, and the primary method of communication was the IRC (Internet Relay Chat). DiMino and other volunteers were able to act like criminals by joining a botnet, watching its traffic to get an understanding of how it was architected and learn more its particular function. They found their efforts were worthwhile as they began contacting network hosts, alerting them that were supporting the botnets and seeing them shutdown.
(Source: ComputerWorld)
Full story
ComputerWorld
The world's biggest social networking site has brushed off criticism by a senior UK police officer responsible for preventing online bullying that it is failing to combat abuse.
Jim Gamble, head of the Child Exploitation and Online Protection (Ceop) Center, said Facebook and MySpace, which between them have more than 500 million users, could work harder to stamp out bullying. The initiative came as UK charity Beatbullying highlighted Bebo, owned by AOL, and Microsoft's instant messaging service as hotspots for bullying. In a poll of 2,094 young people across England conducted by the charity, 30 percent of 11 to 16-year-olds who had been "cyberbullied" had been targeted on Bebo.
(Source: CNN)
Full story
CNN
Wednesday, November 18, 2009
Cyber war has moved from fiction to fact, says a report. Compiled by security firm McAfee, it bases its conclusion on analysis of recent net-based attacks. Analysis of the motives of the actors behind many attacks carried out via the internet showed that many were mounted with a explicitly political aim.
It said that many nations were now arming to defend themselves in a cyber war and readying forces to conduct their own attacks. "There are at least five countries known to be arming themselves for this kind of conflict," said Greg Day, primary analyst for security at McAfee Europe. The UK, Germany, France, China and North Korea are known to be developing their own capabilities.
(Source: BBC)
Full story
BBC
The first applications were accepted on Monday for internationalised domain names (IDNs), in one of the most significant steps to making the Internet more accessible around the globe.
The Internet Corporation for Assigned Names and Numbers (ICANN) has opened the application process, ending the exclusive use of Latin characters for website addresses. On the first day, "we have already received six applications from around the world for three different scripts," ICANN CEO Rod Beckstrom told an Internet Governance Forum (IGF) in Egypt's Red Sea resort of Sharm el-Sheikh.
(Source: AFP)
Full story
AFP
Monday, November 16, 2009
Criminal gangs are making millions of dollars out of the H1N1 flu pandemic by selling fake flu drugs over the internet, a web security firm said on Monday.
Sophos, a British security software firm said it had intercepted hundreds of millions of fake pharmaceutical spam adverts and websites this year, many of them trying to sell counterfeit antiviral drugs like Tamiflu to worried customers. Tamiflu, an antiviral marketed by Switzerland's Roche Holding and known generically as oseltamivir, is the frontline drug recommended by the World Health Organization to treat and slow the progression of flu symptoms. GlaxoSmithKline makes another antiviral for flu, known as Relenza.
(Source: Reuters)
Full story
Reuters
A new spam campaign is targeting a financial transfer system that handles trillions of dollars in transactions annually and has proved to be a fertile target of late for online fraudsters.
The spam messages pretend to come from the National Automated Clearing House Association (NACHA), a U.S. nonprofit association that oversees the Automated Clearing House system (ACH). ACH is a widely used but aging system used by financial institutions for exchanging details of direct deposits, checks and cash transfers made by businesses and individuals. In 2002, ACH was used for nearly 9 billion transactions worth more than $24.4 trillion.
(Source: ComputerWorld)
Full story
ComputerWorld
Friday, November 13, 2009
Testing a brand new copy of Windows 7 shows that malware still finds its way around inbuilt preventative measures.
Got Windows 7? Yes, we know an increasing number of you have. But you'll still need antivirus protection. A test by the security company Sophos has found that Windows 7 is, out of the box, vulnerable to 8 out of 10 viruses that dropped into its feed (its feed being gnarly viruses picked from the internet). But of those 8, the User Account Control (UAC) - meant to save you from yourself, you button-clicking obsessive, you - did stop one.
(Source: Guardian)
Full story
Guardian
Nearly half of England's 14-year-olds have been a victim of bullying and cyber-bullying is now the joint most common form, according to new research.
The Government-commissioned research, conducted by the National Centre for Social Research, analysed bullying among more than 10,000 secondary school pupils in England aged 14-16. The initial findings show that 47 per cent of young people report being bullied at the age of 14. After cyberbullying - where children face taunts, threats and insults via the internet and mobile phones - and name calling, the most common type of bullying was teenagers being threatened with violence, being excluded by their friends and facing actual violence.
(Source: Telegraph)
Full story
Telegraph
Thursday, November 12, 2009
For the last few days, some jailbroken iPhone users have found their home screen background a little different than they remembered. A hacker, going by the name "ikee," created a worm that changes the home screen background on jailbroken iPhones whose owners failed to change the default password after installing SSH.
Simply jailbreaking your iPhone will not make you vulnerable to this sort of hack. The iPhone OS, in general, is also immune to this hack. On jailbroken iPhones, SSH is installable with a package from Cydia that allows you to connect to your phone and make changes to the filesystem.
(Source: TUAW News)
Full story
TUAW News
Australian internet provider BigPond has become the latest internet company to be targeted by hackers on Twitter, after one of its accounts was hijacked as part of a phishing scam.
Affected users received a private message from BigPondTeam saying "Hey, look at this," and directing them to follow a link that asked them to enter their Twitter password. The attack was part of an attempt to steal their credentials and potentially gain access to other services they use - such as their bank accounts or email services.
(Source: Guardian)
Full story
Guardian
Tuesday, November 10, 2009
THE next world war could take place in cyberspace, the UN telecommunications agency chief has warned. "The next world war could happen in cyberspace and that would be a catastrophe. We have to make sure that all countries understand that in that war, there is no such thing as a superpower,'' Hamadoun Toure said.
"Loss of vital networks would quickly cripple any nation, and none is immune to cyberattack,'' added the secretary-general of the International Telecommunications Union during the ITU's Telecom World 2009 fair in Geneva. As the internet becomes more linked with daily lives, cyberattacks and crimes have also increased in frequency, experts said.
(Source: News.com)
Full story
News.com
Monday, November 09, 2009
Spain says Internet-related child pornography has risen tenfold in the past five years. Francisco Villanueva of the Interior Ministry says the number of cases has gone from 108 in 2004 to 1,024 last year. Other Internet-related crimes also rose.
Villanueva said Thursday that hacking has risen from 92 to 447 cases, and that bank fraud has more than doubled in the same period, from 509 cases to 1,954. He says piracy of intellectual property decreased slightly from 330 to 298 cases, but that if more resources are not dedicated to policing piracy, Spain could lose up to 300,000 jobs. Villanueva says Spain's cyber crime levels are similar to those of neighboring European countries.
(Source: AP)
Full story
AP
Pedophiles can exploit virus-infected PCs to remotely store and view their stash without fear they'll get caught. Pranksters or someone trying to frame you can tap viruses to make it appear that you surf illegal Web sites. Whatever the motivation, you get child porn on your computer — and might not realize it until police knock at your door.
An Associated Press investigation found cases in which innocent people have been branded as pedophiles after their co-workers or loved ones stumbled upon child porn placed on a PC through a virus. It can cost victims hundreds of thousands of dollars to prove their innocence.
(Source: AP)
Full story
AP
Thursday, November 05, 2009
China has issued rules banning the beating and confinement of youths being treated for Internet addiction after revelations of abuse at rehabilitation clinics, including the death of one teenager. The regulations posted on the health ministry's website Wednesday stressed that restraint must be used in dealing with such youngsters as "the concept of 'Internet addiction' has not been fully defined".
In August, the beating death of a teenage boy enrolled by his parents at an Internet addiction camp in southern China's Guangxi region provoked outrage across the country.
(Source: AFP)
Full story
AFP
Wednesday, November 04, 2009
An expert on cable modem hacking has been arrested by federal authorities on computer intrusion charges. According to the U.S. Department of Justice (DOJ), Ryan Harris, 26, ran a San Diego company called TCNISO that sold customizable cable modems and software that could be used to get free Internet service or a speed boost for paying subscribers.
Hackers have known for years that certain models of cable modem, such as the Motorola Surfboard 5100, can be hacked to run faster on a network, a process known as uncapping.
(Source: ComputerWorld)
Full story
ComputerWorld
Tuesday, November 03, 2009
China's police chief has called for a reinforced nationwide Internet security system, in the nation's latest effort to oversee the activities of the world's largest online population.
"The Internet is developing quickly, there are many loopholes in social management, and maintaining social stability faces unprecedented new challenges," public security minister Meng Jianzhu said in rare public remarks. Internet use has expanded at a dizzying pace in China, which now has the world's largest online population of at least 338 million users.
(Source: AFP)
Full story
AFP
Monday, November 02, 2009
If your cash card gets eaten by the automated-teller machine, it may not end up in the hands of a bank employee. European financial institutions are seeing a sharp rise in card "trapping," where criminals use various tricks in order to capture and retrieve a person's ATM card for fraudulent use.
For the first half of this year, financial institutions reported 1,045 trapping incidents, according to a new report from the European ATM Security Team (EAST), a nonprofit group composed of financial institutions and law enforcement. The figure, which covers 20 countries within the Single Euro Payments Area (SEPA), represents a 640 percent increase over the first half of 2008.
(Source: CIO)
Full story
CIO
Friday, October 30, 2009
Twitter warned users Tuesday of a new phishing scam on the social networking site. It's the latest in a series of scams that have plagued the site over the past year, designed to trick victims into giving up their user names and passwords.
"We've seen a few phishing attempts today, if you've received a strange DM and it takes you to a Twitter login page, don't do it!," Twitter wrote on its Spam message page. The message reads, "hi. this you on here?" and includes a link to a fake Web site designed to look like a Twitter log-in page. After entering a user name and password, victims enter an empty blogspot page belonging to someone named NetMeg99.
(Source: ComputerWorld)
Full story
ComputerWorld
Facebook outlined changes to its privacy policy on Thursday and asked for feedback from the social network's more than 300 million users. Members will have until November 5 to send in their comments about the proposed changes.
"This is the next step in our ongoing effort to run Facebook in an open and transparent way. After the comment period is over, we'll review your feedback and update you on our next steps." Some of the changes to Facebook's privacy policy are the result of pressure from Canada, whose privacy czar conducted an investigation into its handling of personal information.
(Source: AFP)
Full story
AFP
Thursday, October 29, 2009
I am advised to "avoid giving my credit card online" and to be "careful when banking online" and to use random, complex passwords that I never repeat and never write down. So, as long as I refrain from commerce, stay indoors and have a superhuman memory, I should be fine!
I worry about identity theft and take measures, throughout the year, to defend my identity. So here's some identify defense advice that's actually practical: * Don't sign credit cards. I sign mine "See ID". Why give a card thief my signature too?
(Source: ComputerWorld)
Full story
ComputerWorld
The 17-year-old’s body was dumped in a ditch after she sneaked out of her home on Sunday night to meet a boy she thought was 16, but who turned out to be 32. Her mother, Andrea Hall urged, “Tell your kids to be careful on the internet. Don't trust anybody and don't put your children on Facebook or other sites if they are under age. All we ask now is that people help the police in any way they can. We don't want any other child to be a victim.”
A 32-year-old man, of no fixed abode was due to appear at Newton Aycliffe Magistrates Court on Wednesday, charged with manslaughter and kidnap. The convicted sex offender was also charged with failing to notify a new address as required for sex offenders under the Sexual Offences Act 2003.
(Source: Telegraph)
Full story
Telegraph
Wednesday, October 28, 2009
Nearly a decade after it introduced a program to internationalize domain names, the Internet Corporation for Assigned Names and Numbers is expected to take another step on Friday. ICANN, during its annual meeting in Seoul, Korea, will vote on the internationalized domain names (IDN) initiative, better known as the Fast Track.
"In Seoul, we plan to move forward to the next step in the internationalization of the Internet, which means that eventually people from every corner of the globe will be able to navigate much of the online world using their native language scripts," said Rod Beckstrom, ICANN's CEO.
(Source: NewsFactor)
Full story
NewsFactor
A man is being questioned after the body of a teenager he is believed to have met on the internet was discovered in a field in County Durham.
Det Ch Insp Paul Harker said the case highlighted the dangers of meeting people on the internet, and urged parents to monitor their children's online habits. He said: "This is a very, very unusual event. My message in terms of meeting people from the internet is 'please do not do it unless you are absolutely certain it is safe'." He added: "Speak to them about it, speak to their friends, let them know the dangers of the internet."
(Source: BBC)
Full story
BBC
Tuesday, October 27, 2009
The Swiss Foreign Ministry says it was the victim of a "professional" cyber attack aimed at obtaining information from its computer network. Spokesman Georg Farago says the ministry cut the connection between its network and the Internet after the attack was discovered on Thursday. He says specialists are trying to determine the source of the attack and whether any information was stolen.
Farago said Monday it appeared the Foreign Ministry was specifically targeted. Switzerland frequently plays host to international peace talks and other high-level negotiations.
(Source: AP)
Full story
AP
Developing countries risk missing out on the benefits of information technology because of their lack of broadband infrastructure, a U.N. agency said.
Lack of broadband Internet access deprives countries of the possibility of building up offshoring industries, the United Nations Conference on Trade and Development (UNCTAD) said in a report late on Thursday. It also prevents people from tapping into all the advantages of mobile phones, whose use is exploding in poor countries. "What is known as the broadband gap for example is becoming a serious handicap for companies in many poor countries," he told a briefing to launch UNCTAD's Information Economy Report.
(Source: Reuters)
Full story
Reuters
Monday, October 26, 2009
The Internet is set for its biggest technical change in decades when a new multilingual address system is approved this week, a global regulatory body said Monday.
The Internet Corporation for Assigned Names and Numbers (ICANN) said it would declare an end to the exclusive use of Latin characters for website addresses on Friday -- the final day of its six-day conference in Seoul. When the change comes into force, it will be possible to use characters from other languages -- such as Chinese, Arabic, Korean and Japanese -- for a full Internet address, instead of for just part of an address as now.
(Source: AFP)
Full story
AFP
Nigeria's anti-corruption police is working with Microsoft to halt thousands of fraudulent emails in a crackdown on internet crime in Africa's most populous country, an agency spokesman said.
The Economic and Financial Crimes Commission (EFCC) said on Thursday its new project "Eagle Claw," expected to become fully operational within six months, is aimed at improving Nigeria's tarnished image as one of the world's top countries for internet crime. The agency said it has already shut down 800 scam websites and arrested 18 people.
(Source: Reuters)
Full story
Reuters
Networks of hacked computers are being used more than ever to click on advertisements, a scam known as click fraud that cheats search engines, publishers and ad networks out of revenue.
For the third quarter of the year, 42.6% of fraudulent clicks came from botnet-infected computers, according to Click Forensics, a company that produces tools to detect and filter out fraudulent clicks. The figure is the highest in four years, when Click Forensics began producing reports. For the same quarter a year ago, botnets accounted for 27.5% of bad clicks. Botnets are a powerful tool for hackers.
(Source: ComputerWorld)
Full story
ComputerWorld
Friday, October 23, 2009
China is building its cyberwarfare capabilities and appears to be using the growing technical abilities to collect U.S. intelligence through a sophisticated and long-term computer attack campaign, according to an independent report.
Released Thursday by a congressional advisory panel, the study found cases suggesting that China's elite hacker community has ties to the Beijing government, although there is little hard evidence. The Pentagon report described computer attacks believed to have originated in China, but concluded that "it remains unclear if these intrusions were conducted by, or with the endorsement of, the PLA or other elements of the PRC (People's Republic of China) government."
(Source: AP)
Full story
AP
The European Parliament has given the green light for member states to cut persistent file-sharers off from the net. It has dropped an amendment to its Telcoms Package which would have made it hard for countries to cut off pirates without court authority. It follows pressure from countries keen to adopt tough anti-piracy laws.
The French government has just approved plans which could see pirates removed from the net for up to a year. The UK's file-sharing policy is also likely to include a clause about disconnecting persistent offenders. The European Parliament was originally opposed to such legislation, claiming internet access was a basic human right.
(Source: BBC)
Full story
BBC
Thursday, October 22, 2009
It is being billed as the largest-ever social change event on the Web and one which its organizers believe will unite the digital world in a wider conversation about climate change.
"I would say that 99 percent of our bloggers have never written about climate change before. I think there is a lot of power in people who usually don't write about this having conversations about a major issue like climate change." The scale of involvement in the day has been impressive. So far, over 8,000 blogs have registered in 144 countries and organizers predict that there will be around 15 million readers.
(Source: CNN)
Full story
CNN
The Republic of Montenegro officially became a member of the International Multilateral Partnership against Cyber Threats (IMPACT), which is established under the International Telecommunication Union (ITU) and consists of 191 members. The President of the Board of Directors of IMPACT -Mr. Datuk Muhd Noor Amin- welcomed Montenegro's membership in IMPACT and stated that Montenegro acquired the status of a full member in this international organization.
Montenegro has recently acquired the capability to track new information on cyber threats. More particularly, the participation in IMPACT will assist Montenegro in the identification of cyber threats in the early stages of their development.
(Source: eGov Monitor)
Full story
eGov Monitor
Wednesday, October 21, 2009
Microsoft admitted Hotmail users had been tricked into revealing their passwords, 10,000 of which had been published online.
The spam is being sent from users' accounts to contacts in their address books - so recipients will think it came from one of their friends. While the new spam is not malicious in itself, it does point the contact in the direction of something that is — a "shopping" website. The trick is, the shopping site is not a real one. The scam persuades victims to order goods online by credit card, leaving them vulnerable to identity theft and fraud.
(Source: Fox News)
Full story
Fox News
Hotmail and several other Web e-mail providers were recently hit by phishing attacks that gleaned usernames and passwords.It's terribly insecure, but the string of digits 1234567 is a popular password on Hotmail, according to security researcher Bogdan Calin, who analyzed 9,843 stolen Windows Live Hotmail passwords that were posted on a Web site.
In a blog post, Calin said the following were the most common passwords in the Hotmail collection: 123456, 123456789, alejandra, 111111, alberto, tequiero, alejandro and 12345678.
(Source: ComputerWorld)
Full story
ComputerWorld
Tuesday, October 20, 2009
Surfing the Internet just might be a way to preserve your mental skills as you age. Researchers found that older adults who started browsing the Web experienced improved brain function after only a few days.
"You can teach an old brain new technology tricks," said Dr. Gary Small, a psychiatry professor. With people who had little Internet experience, "we found that after just a week of practice, there was a much greater extent of activity particularly in the areas of the brain that make decisions, the thinking brain -- which makes sense because, when you're searching online, you're making a lot of decisions," he said. "It's interactive."
(Source: Health Day)
Full story
Health Day
A 15-year-old girl who posted her profile on a vampire website was allegedly murdered by two men who created a "fictional internet alter-ego" a court heard.
Carly Ryan's body was found by a swimmer on an Australian beach in 2007. Yesterday a father and son appeared before the South Australian supreme court accused of setting a trap that led to her alleged murder. The girl posted personal details and photographs of herself on the Gothic website www.vampirefreaks.com and soon began an internet romance with a fictitious teenager called Brandon.
(Source: Telegraph)
Full story
Telegraph
Monday, October 19, 2009
The founder of lastminute.com, Martha Lane Fox, has unveiled an ambitious policy to get everyone in Britain online by 2012, backed by a study that says it would save the government up to £1bn annually in customer service costs and boost the economy by more than £20bn.
Lane Fox, who is now chair of the government-created Digital Inclusion Task Force, says that getting the 10m Britons who have never used the internet to go online could generate at least £22.6bn in economic benefit – including at least £10.6bn over the lifetimes of the 1.6m children who have never used it.
(Source: Guardian)
Full story
Guardian
Tens of millions of U.S. computers are loaded with scam security software that their owners may have paid for but which only makes the machines more vulnerable, according to a new Symantec report on cybercrime.
Cyberthieves are increasingly planting fake security alerts that pop up when computer users access a legitimate website. The "alert" warns them of a virus and offers security software, sometimes for free and sometimes for a fee. "Lots of times, in fact they're a conduit for attackers to take over your machine. They'll take your credit card information, any personal information you've entered there and they've got your machine,"
(Source: Reuters)
Full story
Reuters
Friday, October 16, 2009
It’s the F word question that all parents now dread. “Can I go on Facebook?” your eleven year-old bullies you over dinner, declaring that absolutely everybody else in her class is not only on Facebook, but also on Twitter as well as Bebo and Orkut and other peculiarly named social networks.
So how should parents in today’s social media age deal with the F word question? Is social networking bad for children’s brains? Should we allow our kids to freely expose their identities on the Internet?
(Source: Telegraph)
Full story
Telegraph
Cyber-crime just doesn't pay like it used to. Security researchers say the cost of criminal services such as distributed denial of service, or DDoS, attacks has dropped in recent months. The reason? Market economics.
Criminals have gotten better at hacking into unsuspecting computers and linking them together into so-called botnet networks, which can then be centrally controlled. Botnets are used to send spam, steal passwords, and sometimes to launch DDoS attacks, which flood victims' servers with unwanted information.
(Source: ComputerWorld)
Full story
ComputerWorld
Thursday, October 15, 2009
A survey of 16 to 24 year olds has found that 75% of them feel they "couldn't live" without the internet. The report, published by online charity YouthNet, also found that four out of five young people used the web to look for advice.
About one third added that they felt no need to talk to a person face to face about their problems because of the resources available online. The survey looked at how the web influences the well-being of people aged between 16 and 24.
(Source: BBC)
Full story
BBC
Internet users in the North East of England have the most nervous attitude towards the web, according to research that highlights the country's "digital divide".
Online engagement will soon replace social class as the most powerful determiner of economic success, damaging the career prospects of internet refuseniks, according to the social anthologist who analysed the survey. Nearly one-third (31 per cent) of in the North East are reluctant to use the internet for anything more than sending email and occasional browsing, higher than the national average of 23 per cent.
(Source: Telegraph)
Full story
Telegraph
Wednesday, October 14, 2009
Twitter users should refrain from changing their log-in data until further notice or else risk getting locked out of their accounts. Twitter is investigating instances of users who have lost access to their accounts after modifying their usernames, passwords or e-mail addresses, the microblogging company said on Tuesday.
Until the problem is resolved, Twitter users shouldn't modify their log-in data, according to an official posting on Twitter's Status Web site. "This seems to affect new users as well as long term users," the note reads.
(Source: ComputerWorld)
Full story
ComputerWorld
Studies on whether mobile phones can cause cancer, especially brain tumors, vary widely in quality and there may be some bias in those showing the least risk, researchers reported on Tuesday. So far it is difficult to demonstrate any link, although the best studies do suggest some association between mobile phone use and cancer, the team led by Dr. Seung-Kwon Myung of South Korea's National Cancer Center found.
Myung and colleagues at Ewha Womans University and Seoul National University Hospital in Seoul and the University of California, Berkeley, examined 23 published studies of more than 37,000 people in what is called a meta-analysis.
(Source: Reuters)
Full story
Reuters
Tuesday, October 13, 2009
About a third of UK employees throw sensitive documents in the bin instead of shredding them, research suggests. The study also found almost three-quarters of workers felt their organisations could do more to protect their customers' sensitive information.
The data was compiled for National Identity Fraud Prevention Week. Identity fraud costs the UK more than £1.2bn annually. The UK's Fraud Prevention Service says 60,000 people have fallen victim so far this year.
(Source: BBC)
Full story
BBC
Facebook has seen an impressive bump in traffic versus this time last year. For September 2009, the site claimed 58.6 percent of U.S. social networking tracking, a jump of 194-percent over the same period last year. Twitter's increase, meanwhile, was downright absurd, jumping 1,170 percent over the past year.
In September 2008, Facebook recorded a 19.94 share, which increased to 58.59 percent for Sept. 2009. MySpace, by contrast, dominated the social-networking sites last September, with a 66.8 percent share. Since then, however, MySpace's market share has plunged to 30.3 percent, still leaving it second in U.S. traffic.
(Source: PC Magazine)
Full story
PC Magazine
Monday, October 12, 2009
For the fourth time this year, Adobe has admitted that hackers used malicious PDF documents to break into Windows PCs.
The bug in the popular Reader PDF viewer and the Acrobat PDF maker is being exploited in "limited targeted attacks," Adobe said yesterday. That phrasing generally means hackers are sending the rigged PDF documents to a short list of users, oftentimes company executives or others whose PCs contain a treasure trove of confidential information.
(Source: ComputerWorld)
Full story
ComputerWorld
Security researchers are warning that Web-based applications are increasing the risk of identity theft or losing personal data more than ever before.
The best defense against data theft, malware and viruses in the cloud is self defense, researchers at the Hack In The Box (HITB) security conference said. But getting people to change how they use the Internet, such as what personal data they make public, won't be easy.
(Source: PCWorld)
Full story
PCWorld
Friday, October 09, 2009
Scammers have grabbed the Hotmail passwords that leaked to the Web and are using them in a plot involving a fake Chinese electronics seller to bilk users out of cash and their credit card information, a security researcher said.
"We've seen a 30% to 40% increase in these types of spam messages in the last several days," said Patrik Runald, senior manager of Websense's security research team. "By 'these types of spam,' I mean messages that are advertising great consumer electronics bargains, such as cameras and computers."
(Source: ComputerWorld)
Full story
ComputerWorld
1. There's always a friend's computer. 2. They're a form of censorship. 3. They give you a false sense of security. 4. Kids resent them -- and you. 5. Kids can defeat them. 6. They catch too much. 7. They don't catch everything.
Most parental control programs use a combination of filtering techniques to block access to unwanted sites. But each method is vulnerable, and none promises 100% accuracy. Text-based filters can't really determine the context of words or phrases, so they can block access to perfectly acceptable sites. Words like "sucking," for example, might get caught in the filter and prevent your kid from researching, say, mosquitoes.
(Source: Common Sense)
Full story
Common Sense
Meet "network man." He has basic desires of his own, but has many arbitrary preferences, such as in music or clothes, that have been influenced by the people he knows. Network man's likes and dislikes, in turn, affect the behavior of his friends, and their friends, and their friends.
People have profound influences on each other's behavior within three degrees of separation, the authors find. That means that your friends, your friends' friends, and your friends' friends' friends may all affect your eating habits, voting preferences, happiness, and more. At the fourth degree, however, the influence substantially weakens.
(Source: CNN)
Full story
CNN
The head of the U.S. Federal Bureau of Investigation has stopped banking online after nearly falling for a phishing attempt. FBI Director Robert Mueller said he recently came "just a few clicks away from falling into a classic Internet phishing scam" after receiving an e-mail that appeared to be from his bank.
In phishing scams, criminals send spam e-mails to their victims, hoping to trick them into entering sensitive information such as usernames and passwords at fake Web sites.
(Source: ComputerWorld)
Full story
ComputerWorld
Thursday, October 08, 2009
IPhone lovers and other smartphone users should take heed: A security researcher showed ways to spy on a BlackBerry user during a presentation Wednesday, including listening to phone conversations, stealing contact lists, reading text messages, taking and viewing photos and figuring out the handset's location via GPS.
And ironically, Sheran Gunasekera, head of research and development at ZenConsult, said the BlackBerry is one of the most secure smartphones available, in some ways better than the iPhone.
(Source: ComputerWorld)
Full story
ComputerWorld
Investigators in the United States and Egypt have smashed a computer "phishing" identity theft scam described as the biggest cyber-crime investigation in US history, officials said Wednesday.
The Federal Bureau of Investigation said 33 people were arrested across the United States early Wednesday while authorities in Egypt charged 47 more people linked to the scam. A total of 53 suspects were named in connection with the scam in a federal grand jury indictment, the FBI said.
(Source: AFP)
Full story
AFP
Wednesday, October 07, 2009
Privacy and security are foundational to health care reform. Patients will trust electronic health care records only if they believe their confidentiality is protected via good security.
As vice chairman of the federal Healthcare Information Technology Standards Committee, I have been on the front lines in the debate over the standards and implementation guidance needed to support the exchange of health care information. Over the past few months, I've learned a great deal from the committee's privacy and security workgroup.
(Source: ComputerWorld)
Full story
ComputerWorld
The social networking site said that its security teams had noticed an increase in scams where people's login information is collected through phishing sites, and then their accounts are accessed without permission to ask friends for money.
"While the total number of people who have been impacted is small, we take any threat to security seriously and are redoubling our efforts to combat the scam," The attacks, known as 419 scams, involve a fraudster accessing Facebook accounts and posing as the account owner.
(Source: Telegraph)
Full story
Telegraph
Tuesday, October 06, 2009
Microsoft blocked access to thousands of Hotmail accounts in response to hackers plundering password information and posting it online.
Cyber-crooks evidently used "phishing" tactics to dupe users of Microsoft's free Web-based email service into revealing account and access information, according to the US technology giant. Phishing is an Internet bane and involves using what hackers refer to as "social engineering" to trick people into revealing information online or downloading malicious software onto computers.
(Source: AFP)
Full story
AFP
In a somewhat unusual data breach, hackers recently stole the login credentials of an unknown number of customers of payroll processing company PayChoice Inc., and then attempted to use the data to steal additional information directly from the customers themselves.
Hackers broke into the site and managed to access the real legal name, username and the partially masked passwords used by customers to log into the site. They then used the information to send very realistic looking phishing e-mails to PayChoice's customers directing them to download a Web browser plug-in to be able to continue using the onlineemployer.com service.
(Source: ComputerWorld)
Full story
ComputerWorld
Friday, October 02, 2009
US Homeland Security Secretary Janet Napolitano said Thursday that her department has received the green light to hire up to 1,000 cybersecurity experts over the next three years.
Kicking off "National Cybersecurity Awareness Month," she said the new recruits would "help fulfill the department's broad mission to protect the nation's cyber infrastructure, systems and networks." "Effective cybersecurity requires all partners -- individuals, communities, government entities and the private sector -- to work together to protect our networks and strengthen our cyber resiliency," Napolitano said.
(Source: AFP)
Full story
AFP
"We were at a restaurant for my mom's birthday. I looked over and there are my daughter and my oldest son texting, holding their phones under the table," said the mom of four in Lewiston, Idaho. "I just came unglued. I was like, `Are you kidding? You're at your grandma's birthday party. Put those phones away now!'"
We all know teens love their gadgets — more for texting than talking. But the devices are posing some new challenges for parents. How can they teach their tech-savvy kids some electronic etiquette? So far, parents are learning on the fly, imposing new rules for their young offenders such as "no texting at dinner."
(Source: AP)
Full story
AP
Thursday, October 01, 2009
A long-time critic of the video game industry has sued Facebook for US$40 million, saying that the social networking site harmed him by not removing angry postings made by Facebook gamers.
Thompson is best know for bringing suit against Grand Theft Auto's Take Two Interactive, Sony Computer Entertainment America, and Wal-Mart, arguing that the game caused violent behavior. In 2005 episode of CBS's 60 Minutes, Thompson likened the popular video game to a "murder simulator" and blamed it for the 2003 shooting deaths of two police officers and a 911 dispatcher in Fayette, Alabama.
(Source: PCWorld)
Full story
PCWorld
It's your birthday. And thanks to your Facebook profile, everybody knows that. Your wall fills up with well wishes from hundreds of "friends." Sure, it's nice to be noticed. But security experts are skeptical about whether sharing information, such as birthdays, with a broad audience is a bright idea. "It's all about providing the bad guy with intelligence," said Robert Siciliano, CEO of IDtheftsecurity.com.
Many people use their birthdate in passwords and personal identification numbers, and security questions often ask for it to resend a lost password. So broadcasting a birthdate could help cybercriminals pose as others as they log on to various Web sites, experts warned.
(Source: CNN)
Full story
CNN
Wednesday, September 30, 2009
Cybersecurity researchers often scare the IT world with tales of brilliant and devious hacks: encryption cracking techniques, wi-fi booby-traps and undetected vulnerability data sold on the black market. But the most common path cybercriminals use to gain access to victims' PCs today, according to a new report, is far more mundane: buggy software that users and IT administrators fail to patch for months, long after fixes are publicly available.
The study to be released Tuesday by the security-focused SANS Institute states that the cybersecurity community is facing an epidemic of unpatched software, particularly widely used applications like Adobe Flash, Java and Microsoft programs like Word and PowerPoint.
(Source: Forbes)
Full story
Forbes
Microsoft on Tuesday began serving up scam warnings with Bing search results for topics such as fixing credit scores or rescue from home foreclosure that are prime material for online cons.
Microsoft worked with the US Federal Trade Commission (FTC), Postal Inspection Service, and Western Union to provide public service announcements (PSAs) in the form of advertising posted on relevant Bing results pages. Targeted in the campaign are key words related to searches for information about foreclosure rescue offers; promises to fix credit problems, and "lottery scams" in which people are told they've won prizes but must pay to collect.
(Source: AFP)
Full story
AFP
Tuesday, September 29, 2009
Web surfing is no longer a solo affair. Facebook, Twitter, and other social networks have quickly become an integral part of the online culture, and with them comes a whole new array of potential security threats.
Social networking is built on the idea of sharing information openly and fostering a sense of community. Unfortunately, an online network of individuals actively sharing their experiences and seeking connections with other like-minded people can be easy prey for hackers bent on social-engineering and phishing attacks. It's important to be aware of the threats, and to maintain a healthy skepticism in your online interactions.
(Source: ComputerWorld)
Full story
ComputerWorld
The US Secret Service is trying to identify the people who launched an online poll at Facebook asking whether US President Barack Obama should be assassinated. Facebook on Monday shut down the user-generated poll, which was titled "Should Obama be killed?" and offered answer choices of yes, no, maybe, and "If he cuts my health care."
"Once we found out about it, we worked with Facebook to have it removed," Secret Service spokesman Malcolm Wiley told AFP. "We are certainly investigating; just like we would with any threat case." More than 750 Facebook users had reportedly cast votes by the time the poll was yanked from the wildly popular online social networking community.
(Source: AFP)
Full story
AFP
Monday, September 28, 2009
A network of Russian malware writers and spammers paid hackers 43 cents for each Mac machine they infected with bogus video software, a sign that Macs have become attack targets, a security researcher said yesterday.
In a presentation Thursday at the Virus Bulletin 2009 security conference in Geneva, Switzerland, Sophos researcher Dmitry Samosseiko discussed his investigation of the Russian "Partnerka," a tangled collection of Web affiliates who rake in hundreds of thousands of dollars from spam and malware, most of the former related to phony drug sites, and much of the latter targeting Windows users with fake security software, or "scareware."
(Source: ComputerWorld)
Full story
ComputerWorld
Next time you're recovering from trip to the emergency room, keep an eye on the young doctors tending to you. They might be chatting about your case on Twitter, Facebook, YouTube, and blogs.
A survey of medical schools published in the Journal of the American Medical Association found that 13 percent of respondents reported breaches of doctor-patient confidentiality, and 60 percent reported "unprofessional content" posted online.
(Source: PCWorld)
Full story
PCWorld
Friday, September 25, 2009
Many major social networking sites are leaking information that allows third party advertising and tracking companies to associate the Web browsing habits of users with a specific person, researchers warn.
That's the conclusion of a study on the leakage of personally identifiable information on social networks done at AT&T Labs and the Worcester Polytechnic Institute. "In some cases, the leakage may be unintentional, but in others, there is clever and surreptitious anti-privacy engineering at work," the EFF said.
(Source: ComputerWorld)
Full story
ComputerWorld
They were crimes born of the Internet age -- romantic solicitations on popular Web site Craigslist that police say led to the fatal shooting of one woman and the robbery of another in Boston hotels this past spring. And it was high-tech, 21st-century sleuthing, along with some old-fashioned gumshoe detective work, that put police on the trail toward a suspect and eventually an arrest.
CNN looks at how technology was used to lead police to 23-year-old medical student Philip Markoff, who has been indicted on seven counts, including first-degree murder. Investigators knew they had crimes born of the Internet on their hands, but how were they able to use that same technology to help them find a suspect who went to great lengths to hide his tracks?
(Source: CNN)
Full story
CNN
Thursday, September 24, 2009
Scammers are increasingly using machine-generated Twitter accounts to post messages about trendy topics, and tempt users into clicking on a link that leads to servers hosting fake Windows antivirus software, security researchers said Monday.
The latest Twitter attacks originated with malicious accounts cranked out by software, said experts at both F-Secure and Sophos. The accounts, which use variable account and user names, supposedly represent U.S. Twitter users. In some cases, the background wallpaper is customized for each account, yet another tactic to make the unwary think that a real person is responsible for the content.
(Source: ComputerWorld)
Full story
ComputerWorld
Teens and texting is a subject that's often discussed in pathological terms. They're texting in class! They're sexting! They need thumb therapy! But texting isn't always bad. In some families, it's become a primary form of communication between parents and children. In fact, one of my favorite texts from kids is the earth-shattering query "Wuz4dina?"
Psychologist Thomas W. Phelan says one of the biggest problems with teens is getting them to communicate at all, so if they're willing to text their parents, we should embrace the trend. "Instead of seeing the whole text thing as an enemy, see it as an ally."
(Source: AP)
Full story
AP
Tuesday, September 22, 2009
Decades of war and occupation have not provided an answer to that question -- but the social networking Web site now permits both options, sparking fears about an anti-Facebook cyber-war. The Golan Heights is Syrian territory that was captured by Israel during the Six-Day War in 1967. Since then it has been internationally classified as Israeli-occupied territory.
Up until recently, Facebook fans in the Golan Heights could only choose Syria as their country of origin or else leave it blank. Pro-Israel Web site honestreporting.com sought to change that, starting a group called "Facebook, Golan residents live in Israel, not Syria."
(Source: CNN)
Full story
CNN
A new botnet has caused a sharp spike in click fraud because it is skirting the most sophisticated filters of search engines, Web publishers and ad networks, according to Click Forensics. The company, which provides services to monitor ad campaigns for click fraud and reports on click fraud incidence every quarter, said on Thursday that the botnet's architects have figured out a way to mask it particularly well as legitimate search ad traffic.
Click Forensics is calling this the "Bahama botnet" because it was initially redirecting traffic through 200,000 parked domains in the Bahamas, although it is now using sites in Amsterdam, the U.K. and Silicon Valley.
(Source: ComputerWorld)
Full story
ComputerWorld
Monday, September 21, 2009
Federal Communications Commission Chairman Julius Genachowski is expected to outline network-neutrality proposals on Monday, according to Reuters. The proposals could become rules at the FCC's October meeting.
Neutrality advocates want Internet service providers barred from blocking or slowing Internet traffic based on content. ISPs, including AT&T, Verizon Communications, and Comcast, say growing traffic needs to be managed, and they contend that neutrality could stifle innovation.
(Source: NewsFactor)
Full story
NewsFactor
Microsoft filed lawsuits against five companies Thursday, accusing them of using malicious advertisements to trick victims into installing software on their computers.
Typically, when a scareware ad pops up on a victim's screen, it looks like a Windows utility running some kind of security scan. It will then warn that it has found a critical security problem and direct the victim to a Web site where they can buy a product to fix the issue. DirectAd Solutions, Soft Solutions, qiweroqw.com, ote2008.info and ITmeter have used ads to "distribute malicious software or present deceptive websites that peddled scareware to unsuspecting Internet users".
(Source: ComputerWorld)
Full story
ComputerWorld
Thursday, September 17, 2009
In the economic downturn, teenagers around the world have focused their spending cuts on clothes, games and food, according to a survey by networking site Habbo Hotel.
The survey of 61,000 teenagers in more than 30 countries showed one teenager out of three is getting less money from their parents, with more than half of youngsters getting less to spend in the United States, Spain and Latin America. Some 19 percent of youngsters globally say the recession has most hurt their spending on console and computer games -- the industry for which teenagers are a key client group.
(Source: Reuter)
Full story
Reuter
With many who bank online now wary of phishing attacks, criminals are adding fake live-chat support windows to their Web sites to make them seem more real. RSA Security spotted the first ever of these "chat-in-the-middle" attacks in the past few hours, according to Sean Brady, a manager with the security company's identity protection and verification group.
The phishers send e-mails that direct victims to a fake Web page designed to look like a banking site. That's a standard technique, but what's different in this case is that the phishing site comes with a fake online chat option, so that scammers can talk directly with their victims.
(Source: PCWorld)
Full story
PCWorld
Wednesday, September 16, 2009
The French National Assembly has passed a draft law that would allow illegal downloaders to be thrown off the net. The law was narrowly passed by 285 votes to 225.
The French hard-line policy on piracy has drawn worldwide attention as nations around the globe grapple with the issue of piracy. The ruling majority UMP voted in favour but the Socialist Party has already announced that they will appeal to the Constitutional Court once again. The Constitutional Court insisted that a judge rather than a high authority had to rule on the issue of whether to disconnect users.
(Source: BBC)
Full story
BBC
As millions of students across the world go back to school this month, 178 students from 49 countries will turn on their computers and step onto the virtual campus of the world's first global, tuition-free online university.
"Our mission is to change people's lives." Called University of the People, the non-profit comes from Israeli entrepreneur Shai Reshef who says he founded the school to provide higher education to those who might otherwise never have access to it. "We are creating a global classroom for science and allowing people to freely collaborate. We want to put high quality teaching and learning materials into the hands of anybody and everybody who wants to become a scientist,"
(Source: CNN)
Full story
CNN
Tuesday, September 15, 2009
A computer hacker who was once a federal informant and was a driving force behind one of the largest cases of identity theft in U.S. history pleaded guilty Friday in a deal with prosecutors that will send him to prison for up to 25 years.
Albert Gonzalez, 28, of Miami, admitted pulling off some of the most prominent hacking jobs of the decade. Federal authorities say tens of millions of credit and debit card numbers were stolen. Gonzalez entered guilty pleas in U.S. District Court in Boston to 19 counts of conspiracy, computer fraud, wire fraud, access device fraud and aggravated identity theft.
(Source: AP)
Full story
AP
Monday, September 14, 2009
Cyber criminals are taking advantage of swine flu fears with e-mails promising news on the illness which then infect computers with a virus, a Spanish computer security firm warned Friday.
The e-mails invite recipients to open a document with information claiming the H1N1 flu virus was developed by pharmaceutical firms seeking to make huge profits from the outbreak, Pandasecurity said in a statement. But if the document is opened, a virus is installed on the person's computer which can steal personal information like bank account data.
(Source: AFP)
Full story
AFP
South Korea plans to train 3,000 "cyber sheriffs" by next year to protect businesses after a spate of attacks on state and private websites, a report said Sunday. The "cyber sheriffs" would be tasked with "protecting corporate information and preventing the leaks of industrial secrets," Yonhap news agency said.
In the event of cyber attacks, the National Intelligence Service, the country's main spy agency, would set up a taskforce including civilian and government experts to counter the online threats, it added. The country already has a military cyber unit. South Korea, where 95 percent of homes have broadband, is among the top countries in terms of access to the high-speed Internet.
(Source: AFP)
Full story
AFP
Friday, September 11, 2009
A third of Web users under 25 claim they don't care about their "digital tattoo" and the items they post online, says Symantec. Symantec said a "digital tattoo" is created by all the personal information web users post online and can easily be found through search engines by a potential or current employer, friends and acquaintances, or anyone who has malicious intent.
The security firm revealed that nearly two-thirds of all those surveyed had uploaded personal photographs, while 79 percent had at least part of their address online and nearly half had their mobile phone numbers online.
(Source: PCWorld)
Full story
PCWorld
In communist Cuba, where only state media exist locally, a vibrant blogger culture has emerged as a venue for critical commentary, a leading journalists' rights group said Thursday. "Despite vast legal and technical obstacles, a growing number of Cuban bloggers have prevailed over the regime?s tight Internet restrictions to disseminate island news and views online," said a report from the New-York based Committee to Protect Journalists (CPJ).
"The bloggers, mainly young adults from a variety of professions, have opened a new space for free expression in Cuba, while offering a fresh glimmer of hope for the rebirth of independent ideas in Cuba?s closed system."
(Source: AFP)
Full story
AFP
Thursday, September 10, 2009
By selling an array of virtual products from avatar clothes to e-furniture, Asia's social networking sites appear to have solved the conundrum of how to leverage big profits from their extensive user bases.
Chinese university student Tan Shengrong spends about 20 yuan ($2.90) per month purchasing outfits for her pet penguin avatar or playing games on QQ, an instant message portal on Qzone, China's most popular social networking site. It might not seem like a hefty sum, but every fen, or cent, is money in the bank for Tencent Holdings, which owns Qzone and saw an 85 percent increase in its second quarter net profit this year compared to 2008 despite the economic downturn.
(Source: Reuter)
Full story
Reuter
Hong Kong is under siege from legions of "zombies" attacking people with spam and leaving in their wake a trail of destruction costing millions of dollars a year, analysts have warned.
There are an estimated 4,000 zombies active in Hong Kong and their criminal puppet masters use them to fire off thousands of messages offering products ranging from jewellery to pornography. According to the 2008 Annual Security Report by Internet security firm MessageLabs 81.3 percent of emails sent to Hong Kong computer users last year were spam, more than in any other territory or country in the world.
(Source: INQUIRER)
Full story
INQUIRER
Wednesday, September 09, 2009
Anonymous hackers have attacked a Taiwan film festival over plans to screen a documentary on the US-based leader of China's predominantly Muslim Uighur minority, festival organisers said Tuesday. A message, posted on a blog run by one of the organisers of the Kaohsiung Film Festival, blamed Rebiya Kadeer for recent bloody unrest in northwest China's Xinjiang region, which is home to the Turkic-speaking Uighurs.
The film festival, which takes place in Taiwan's second largest city Kaohsiung, is scheduled to show "Ten Conditions of Love" on World Uighur Congress leader Kadeer in October.
(Source: INQUIRER)
Full story
INQUIRER
President Barack Obama warned American teenagers on Tuesday of the dangers of putting too much personal information on Internet social networking sites, saying it could come back to haunt them in later life. "Well, let me give you some very practical tips. First of all, I want everybody here to be careful about what you post on Facebook, because in the YouTube age, whatever you do, it will be pulled up again later somewhere in your life," Obama said.
The presidential words of advice follow recent studies that suggest U.S. employers are increasingly turning to sites such as Facebook and News Corp's MySpace to conduct background checks on job applicants.
(Source: Reuter)
Full story
Reuter
Tuesday, September 08, 2009
Web sites that collect information about visitors in order to target advertising on their own pages would be required to prominently disclose what information they gather. Web sites that share user information with outside advertising networks, which place ads on sites all over the Internet, would be required to obtain user approval before collecting data. Web sites that deal with sensitive personal information, such as medical and financial data, sexual orientation, Social Security numbers and other ID numbers, would be subject to the opt-in rule.
Rep. Rick Boucher, chairman of the House Energy and Commerce Subcommittee on Communications, Technology and the Internet, hopes to put in a bill governing Internet advertising.
(Source: AP)
Full story
AP
Parents who install a leading brand of software to monitor their kids' online activities may be unwittingly allowing the company to read their children's chat messages - and sell the marketing data gathered.
Software sold under the Sentry and FamilySafe brands can read private chats conducted through Yahoo, MSN, AOL and other services, and send back data on what kids are saying about such things as movies, music or video games. The information is then offered to businesses seeking ways to tailor their marketing messages to kids.
(Source: AP)
Full story
AP
Monday, September 07, 2009
China approved of Google's efforts to filter porn from search results on its China portal following state-led criticism of the links, the former head of Google China said Sunday.
Google.cn has long filtered out some results for sensitive searches. The search engine displays a notice that some results have been filtered for search terms such as "Tiananmen," the square in Beijing around which soldiers killed hundreds to disperse a student democracy protest in 1989, or for the names of major political leaders. The search engine currently displays no search results at all for "Xu Zhiyong," the name of a human rights lawyer recently detained for about one month. The results screen says the search "may touch on content that does not conform with the related laws, regulations and policies"
(Source: PCWorld)
Full story
PCWorld
In an age in which instant news and constant life streams from Facebook and Twitter change the way we communicate, the rules of etiquette surrounding these interactions are still evolving. What happens when I expected a phone call about something and read about it in a status update instead? What's the polite response to a distant friend posting bad news on Facebook? What to do with sensitive information?
Good etiquette on Facebook might not apply on Twitter or in an e-mail. These days, milestones like marriage, pregnancy, breakups and divorce are being described over more forms of communications than ever. Because it's so new, there is sort of a gray area of what the manners are,"
(Source: AP)
Full story
AP
Friday, September 04, 2009
Facebook warned Thursday that members who buy "friends" from an Australian online marketing company could face banishment from the social network. The Brisbane-based firm, uSocial.net, offered this week to sell a Facebook user 1,000 friends for 177 dollars and 5,000 friends -- on a standard profile account -- for 654 dollars. USocial caused a stir earlier this year with a similar offer to users of popular micro-blogging service Twitter seeking to increase their number of followers.
Facebook fired back against uSocial on Thursday and issued a reminder that it was against its terms of service for a user to access an account belonging to someone else or to share a password.
(Source: AFP)
Full story
AFP
Ben Alexander spent nearly every waking minute playing the video game "World of Warcraft." As a result, he flunked out of the University of Iowa. He needed help to break an addiction he calls as destructive as alcohol or drugs.
Internet addiction is not recognized as a separate disorder by the American Psychiatric Association, and treatment is not generally covered by insurance. But there are many such treatment centers in China, South Korea and Taiwan - where Internet addiction is taken very seriously - and many psychiatric experts say it is clear that Internet addiction is real and harmful.
(Source: AP)
Full story
AP
Thursday, September 03, 2009
A coalition of 10 U.S. privacy and consumer groups has called for new federal privacy protections for Web users, including a requirement that Web sites and advertising networks get opt-in permission from individuals within 24 hours of collecting personal data and tracking online habits.
In a broad set of new recommendations for privacy regulations released Tuesday, the groups also called on the U.S. Congress to prohibit Web sites and ad networks from collecting behavioral information about children under age 18, whenever it's possible to distinguish the age of the Web user, and to require that online businesses inform consumers about the purpose of the information collection.
(Source: ComputerWorld)
Full story
ComputerWorld
Google said Tuesday's widespread Gmail outage occurred when the company took some servers offline to perform routine maintenance, causing its remaining routers to become overloaded with traffic. "We know how many people rely on Gmail for personal and professional communications, and we take it very seriously when there's a problem with the service." wrote Ben Treynor, a Google vice president of engineering.
Gmail's problems were a top trending topic on Twitter, with users trading updates and posting links to blogs such as Mashable, which published a post called, "5 Things to Do While Gmail is Down." (No. 1: "Immediately flood Twitter with tweets alternately proclaiming 'Gmail is down!' and inquiring 'Is Gmail down?' ")
(Source: CNN)
Full story
CNN
Wednesday, September 02, 2009
Federal judge George Wu officially overturned the conviction of Lori Drew, who was convicted of cyberbullying 13-year-old Megan Meier to suicide. That conviction was based on the federal Computer Fraud and Abuse Act (CFAA), which makes it a crime to intentionally accessing a computer system with intent to commit a crime or tort.
At trial, the jury found Drew guilty of misdemeanor violations of CFAA based on the theory that accessing MySpace with intent to harrass Meier was an unauthorized access of an interstate computer.
(Source: ZDNet)
Full story
ZDNet
Unlike some people have hoped, the Internet hasn't led to big changes in the socio-economic makeup of Americans engaged in civic activities, a new study from the Pew Internet and American Life Project finds. As in offline politics, people who participate in online civic life — by contacting government officials, making political or charitable donations or signing petitions, for example — tend to be richer and better educated.
There are signs that social media sites like Twitter and Facebook are driving civic engagement among younger people. On social networks, income and education levels seem to be less correlated with whether someone engages in civic activism.
(Source: AP)
Full story
AP
Tuesday, September 01, 2009
This is a story about love and Twitter, hope and the relative safety of a Walmart parking lot. Six months ago, Brianna Karp found herself living in an old truck and camper she inherited after the suicide of a father she barely knew.
She wrote as a way to stay in touch with the world. Soon, other homeless people were leaving comments on her blog, telling their stories and cheering her on. "I was definitely surprised just how many homeless and former homeless people are online and using social media to seek opportunities," Karp said. She blogged from Starbucks while she continued to search for work, buying $5 cards each month that entitled her to sip coffee and soak up unlimited Wi-Fi.
(Source: AP)
Full story
AP
If Google Inc. digitizes the world's books, how will it keep track of what you read? That's one of the unanswered questions that librarians and privacy experts are grappling with as Google attempts to settle a long-running lawsuit by publishers and copyright holders and move ahead with its effort to digitize millions of books, known as the Google Books Library Project.
Librarians and the online world have different standards for dealing with user information. Many libraries routinely delete borrower information, and organizations such as the American Library Association have fought hard to preserve the privacy of their patrons.
(Source: ComputerWorld)
Full story
ComputerWorld
Monday, August 31, 2009
Facebook has agreed to make worldwide changes to its privacy policy as a result of negotiations with Canada's privacy commissioner. Last month the social network was found to breach Canadian law by holding on to users' personal data indefinitely.
It will also make it clear that users can deactivate or delete their account. "These changes mean that the privacy of 200 million Facebook users in Canada and around the world will be far better protected," said Canadian privacy commissioner Jennifer Stoddart.
(Source: BBC)
Full story
BBC
There's still plenty of room for innovation today, yet the openness fostering it may be eroding. While the Internet is more widely available and faster than ever, artificial barriers threaten to constrict its growth. Call it a mid-life crisis. A variety of factors are to blame. Spam and hacking attacks force network operators to erect security firewalls.
"There is more freedom for the typical Internet user to play, to communicate, to shop — more opportunities than ever before," said Jonathan Zittrain, a law professor and co-founder of Harvard's Berkman Center for Internet & Society. "On the worrisome side, there are some longer-term trends that are making it much more possible (for information) to be controlled."
(Source: AP)
Full story
AP
Friday, August 28, 2009
Users of social networking sites such as Facebook and Twitter could face higher insurance premiums because burglars may be using them to find out their personal details. The Digital Criminal report, which polled 2,000 social network users, found nearly two fifths had posted details of their holiday plans, with nearly two thirds of 16-24 year-olds doing so.
"I call it 'internet shopping for burglars'. It is incredibly easy to use social neyworking sites to target people, and then scope out more information on their actual home using other internet sites like Google Street View, all from the comfort of the sofa."
(Source: Telegraph)
Full story
Telegraph
A vulnerability in Twitter Inc.'s popular microblogging service remains unfixed and can be used by criminals to hijack accounts or redirect users to malicious Web sites, a developer claimed today. The cross-site scripting bug in Twitter allows hackers to insert malicious JavaScript into tweets simply by adding code to a field of an API used by third-party Twitter application developers.
A software developer, a U.K.-based search optimization specialist, Slater recommended that, until Twitter patches the vulnerability, users should stop following any Twitterers they don't personally know or trust. "Who's to say they're not already stealing your details? If you don't see their tweets, they can't harm you,"
(Source: ComputerWorld)
Full story
ComputerWorld
Thursday, August 27, 2009
Internet service providers (ISPs) have reacted with anger to new proposals on how to tackle internet piracy. The government is proposing a tougher stance which would include cutting off repeat offenders from the net.
TalkTalk's director of regulation Andrew Heaney told that the ISP was as keen as anyone to clamp down on illegal file-sharers. "This is best done by making sure there are legal alternatives and educating people, writing letters to alleged file-sharers and, if necessary, taking them to court. But disconnecting alleged offenders will be futile given that it is relatively easy for determined file-sharers to mask their identity or their activity to avoid detection," he added.
(Source: BBC)
Full story
BBC
Users of social networks are concerned about security but few are taking the steps necessary to protect themselves against online crime, according to a survey released on Wednesday.
Nearly 20 percent of those surveyed said they have experienced identity theft, 47 percent have been victims of malware infections and 55 percent have seen "phishing" attacks, in which hackers seek to capture password information. They also suggested that passwords be changed at least once a month and that friends or coworkers not be allowed to access one's personal computer.
(Source: AFP)
Full story
AFP
Wednesday, August 26, 2009
Fans searching for "Jessica Biel" or "Jessica Biel downloads," "Jessica Biel wallpaper," "Jessica Biel screen savers," "Jessica Biel photos," and "Jessica Biel videos" have a one in five chance of landing at a Web site that has tested positive for online threats such as spyware, adware, spam, phishing, viruses and other malware. McAfee's conclusion: Searching for the latest celebrity news and downloads can cause serious damage to personal computers.
"Consumers' obsession with celebrity news and culture is harmless in theory, but one bad download can cause a lot of damage to a computer."
(Source: NewsFactor)
Full story
NewsFactor
Internet criminals might be rethinking a favorite scam for stealing people's personal information. A report being released Wednesday by IBM Corp. shows a big drop in the volume of "phishing" e-mails, in which fraud artists send what looks like a legitimate message from a bank or some other company. If the recipients click on a link in a phishing e-mail, they land on a rogue Web site that captures their passwords, account numbers or any other information they might enter.
To protect yourself against phishing, access sensitive sites on your own, rather than by following links in e-mails, which might lead to phishing sites.
(Source: AP)
Full story
AP
Tuesday, August 25, 2009
The average gamer, far from being a teen, is actually a 35-year-old man who is overweight, aggressive, introverted — and often depressed, according to a report out this week from the Centers for Disease Control and Prevention (CDC). The study also shows that when children and teenagers become game players, a trend toward physical inactivity and corresponding health problems extends -- and is exacerbated -- into adulthood.
"Among researchers, there is growing concern and uncertainty about the health consequences of video game playing," the CDC reported.
(Source: ComputerWorld)
Full story
ComputerWorld
The German government warned job-seekers Friday to avoid posting potentially compromising pictures or remarks on social networking sites such as Facebook, citing a study about their use by employers. Consumer affairs minister Ilse Aigner "calls on citizens who use the Internet often to think about what they put online," a spokeswoman for her ministry told a regular government news conference.
28 percent of the around 500 German companies polled searched for information about their would-be employees' hobbies, political opinions and personal lives.
(Source: AFP)
Full story
AFP
Monday, August 24, 2009
Albert Gonzalez, the man described by federal authorities as the kingpin of a gang responsible for stealing more than 130 million payment cards, is a computer addict constantly looking for ways to challenge his abilities, according to his lawyer. He has had an unhealthy obsession with computers since the age of 8. "He was self-taught, He didn't go out in the sandbox or play baseball. The computer was his best friend."
"It wasn't healthy. It's a sickness. It's a problem that has not been addressed in our society."
(Source: ComputerWorld)
Full story
ComputerWorld
Friday, August 21, 2009
The first US retreat for Internet addicts has opened its doors, welcoming a teenager that was captive to World of Warcraft online role-playing videogame. The 19-year-old boy went from pursuing quests in Azeroth to bottle-feeding baby goats and building a chicken coop as part of a reStart Internet Addiction Recovery Program at a rural five acre spread in the state of Washington.
"It is about helping people addicted to technology get through the withdrawal and help their brains get wired back to normal and connected to the world in a positive way. Games are really designed to keep people hooked. Those that stay hooked are people really vulnerable for whom the world is painful or scary."
(Source: AFP)
Full story
AFP
Facebook, for better or worse, is like being at a big party with all your friends, family, acquaintances and co-workers. There are lots of fun, interesting people you're happy to talk to when they stroll up.
Sure, Facebook can be a great tool for keeping up with folks who are important to you. But far more posts read like navel-gazing diary entries, or worse, spam. A recent study categorized 40 percent of Twitter tweets as "pointless babble," and it wouldn't be surprising if updates on Facebook, still a fast-growing social network, break down in a similar way. Here are 12 of the most annoying types of Facebook users:
(Source: CNN)
Full story
CNN
Thursday, August 20, 2009
A Canadian model has won a landmark case in a New York court after Google was forced to disclose the online identity of a blogger who anonymously posted derogatory comments about the Vogue covergirl. The ruling came after Liskula Cohen, 36, filed suit in a bid to unmask the identify of her tormentor, who posted suggestive photographs of Cohen on the blog and described her as a "ho" and a "psychotic, lying, whoring... skank."
Google said that while the company does not tolerate "cyber bullying" it is also respectful of privacy. "We sympathize with anyone who may be the victim of cyber bullying,"
(Source: AFP)
Full story
AFP
The clock is ticking, people are dying and a flu virus is sweeping the globe -- that is the scenario of a new computer game designed to make people think about how to respond to the swine flu pandemic. In "The Great Flu", players must choose whether or not to stockpile anti-viral drugs and deploy research teams to new areas of outbreak as the number of infections and deaths rises and more countries are affected.
"The game is very realistic and has an educational value. It informs people how the virus spreads, what the flu is and on the ways to fight the pandemic."
(Source: AFP)
Full story
AFP
Wednesday, August 19, 2009
A 14-year-old boy was in critical condition in hospital with kidney failure after repeated beatings at an Internet rehabilitation camp in southwest China, state media said Wednesday. The incident in Sichuan province took place just weeks after another teenage boy was beaten to death at a similar rehabilitation centre in the south of the country where his parents had sent him to cure his Internet addiction.
China has 10 million teenage web addicts, the China Daily said, citing data from the China Youth Internet Association. The association said last week that there are at least 400 private Internet rehabilitation clinics nationwide.
(Source: AFP)
Full story
AFP
US prosecutors have charged a man with stealing data relating to 130 million credit and debit cards. Officials say it is the biggest case of identity theft in American history.
They say Albert Gonzalez, 28, and two un-named Russian co-conspirators hacked into the payment systems of retailers, including the 7-Eleven chain. Prosecutors say they aimed to sell the data on. If convicted, Mr Gonzalez faces up to 20 years in jail for wire fraud and five years for conspiracy.
(Source: BBC)
Full story
BBC
Tuesday, August 18, 2009
The cyberattacks against Georgia a year ago were conducted in close connection with Russian criminal gangs, and the attackers likely were tipped off about Russia's intent to invade the country, according to a new technical analysis, much of which remains secret. The stunning conclusions come from the U.S. Cyber Consequences Unit, an independent nonprofit research institute that assesses the impact of cyber attacks.
Bombers struck targets throughout the country, and at the same time Georgian media and government sites fell under DDOS attack.
(Source: ComputerWorld)
Full story
ComputerWorld
A new hacking incident report warns there has been a steep rise in attacks at social-networking hotspots including wildly popular microblogging service Twitter. Hackers aren't just hunting for victims in the flocks of people at social networks, they're also using Twitter to command "botnet" armies of infected computers, according to Internet security specialists.
"A lot of Web 2.0 widgets, mashups and the like that users go for make it easy for all these guys to launch attacks." Facebook became an Internet star after opening its platform to widgets, mini-applications made by outside developers, and now boasts more than 250 million members.
(Source: AFP)
Full story
AFP
Monday, August 17, 2009
The Twitter micro-blogging service was knocked offline this morning for
several hours as a result of a denial of service attack (DDoS). Twitter
has confirmed and reported the attack
in a post
on its official blog earlier today: "We are defending against this
[DDos] attack now and will continue to update our status blog as we
continue to defend and later investigate." The company later reported
that the service as been resumed but they are still continuing to
defend against and recover from this attack. No further updates have
been provided yet. Several sources are also reporting problems with
Facebook today.
(Source: CircleID)
Full story
CircleID
The 24-year-old Singaporean research analyst is constantly on the lookout for attack manuals, video clips of Islamist militants in training and fiery extremist chatter that could hint at an imminent assault somewhere.
Nur Azlin is one of five research analysts at the S. Rajaratnam School of International Studies who monitor extremist websites daily to get a sense of an emerging battleground in the fight against terrorism. There are an estimated 5,500-6,000 websites worldwide peddling extremist ideas, according to the researchers.
(Source: AFP)
Full story
AFP
A researcher looking into the attacks that knocked Twitter offline last week discovered another, unrelated security problem. At least one criminal was using a Twitter account to control a network of a couple hundred infected personal computers, mostly in Brazil.
Networks of infected PCs are referred to as "botnets" and are responsible for so much of the mayhem online, from identity theft to spamming to the types of attacks that crippled Twitter. A Twitter account that was used to send out what looked like garbled messages. But they were actually commands for computers in a botnet to visit malicious Web sites, where they download programs that steal banking passwords.
(Source: AP)
Full story
AP
Friday, August 14, 2009
Foreign pornography producers are suing South Korean Internet users for breach of copyright by uploading their content onto local websites, police said Thursday. In an unusual case, a local law firm representing 50 US and Japanese porn producers has filed suit against about 10,000 heavy uploaders.
The lawsuit was filed simultaneously through 10 police stations in Seoul and the adjoining Gyeonggi province, a National Police Agency spokesman said, refusing to give details. "We selected about 10,000 user IDs that earned financial benefits from habitually uploading pornography on websites," an official of the unidentified law firm told local media.
(Source: AFP)
Full story
AFP
Children are using the Internet to watch YouTube videos, connect with friends on social network sites and look up "sex" and "porn", according to a study of the top Web searches by youngsters. The words "sex" and "porn" also made it into the top 10, ranked numbers four and six respectively.
"It also helps identify "teachable moments" when parents should be talking with their kids about appropriate online behavior and other issues in their kids' online lives," California-based Symantec's Internet safety advocate Marian Merritt said in a statement.
(Source: Reuter)
Full story
Reuter
Thursday, August 13, 2009
The investigation into the attacks against high-profile Web sites in South Korea and the U.S. is a winding, twisty electronic goose chase that may not result in a definitive conclusion on the identity of the attackers.
Computer security experts disagree over the skill level of the DDOS (distributed denial-of-service) attacks, which over the course of a few days in early July caused problems for some of the Web sites targeted, including South Korean banks, U.S. government agencies and media outlets. The DDOS attack was executed by a botnet, or a group of computers infected with malicious software controlled by a hacker. That malware was programmed to attack the Web sites by bombarding them with page requests that far exceed normal visitor traffic. As a result, some of the weaker sites buckled.
(Source: ComputerWorld)
Full story
ComputerWorld
Fraudsters are taking advantage of the widely used but obscure Automated Clearing House (ACH) Network in order to pull off their attacks. This financial network is used by financial institutions to handle direct deposits, checks, bill payments and cash transfers between businesses and individuals.
The fraud typically starts with a targeted phishing e-mail, aimed at whomever is in charge of the company's checkbook. By tricking the victim into running software, opening a harmful attachment or visiting a malicious Web site, the criminals are able to install keylogging software and steal bank account passwords.
(Source: ComputerWorld)
Full story
ComputerWorld
Wednesday, August 12, 2009
A growing number of South Korean companies are opening Twitter accounts to better connect with consumers and generate buzz for their products. However, industrial heavyweights such as Samsung Electronics, Hyundai Motor, SK Group and Lotte Group are not among them. Should they decide to join the 140-word Web phenomenon, they will have to acknowledge that they will be unable to use their own corporate brands.
A Twitter account created under Samsung's name has been currently suspended by the Internet company due to "strange activity," which could mean anything from service violations, technical abuse and spam distribution.
(Source: The Korea Times)
Full story
The Korea Times
Worried that your relationship is going south? Maybe it's time to get off Facebook. A study released by the University of Guelph in Ontario shows that the Facebook social network increases jealousy in users' romantic relationships. The study, which was published in the latest issue of CyberPsychology and Behaviour, concluded that the more time people spend on Facebook, the more jealous they get.
"This may include details about their partner's friendships and social exchanges, especially interactions with previous romantic or sexual partners." The simple availability of information -- whether it's a girlfriend's posts, or photos and details about her friends and exes -- seems to increase a person's desire to search for even more information, say researchers.
(Source: ComputerWorld)
Full story
ComputerWorld
Tuesday, August 11, 2009
The outage that knocked Twitter offline for hours was traced to an attack on a lone blogger in the former Soviet republic of Georgia - but the collateral damage that left millions around the world tweetless showed just how much havoc an isolated cyberdispute can cause.
"It told us how quickly many people really took Twitter into their hearts," Robert Thompson, director of the Center for the Study of Popular Television at Syracuse University, said Friday. Tens of millions of people have come to rely on social media to express their innermost thoughts and to keep up with world news and celebrity gossip. Twitter "is one of those little amusements that infiltrated the mass behavior in some significant ways, so that when it went away, a lot of people really noticed it and missed it."
(Source: AP)
Full story
AP
A Latvian ISP linked to online criminal activity has been cut off from the Internet, following complaints from Internet security researchers. Real Host, based in Riga, Latvia was thought to control command-and-control servers for infected botnet PCs, and had been linked to phishing sites, Web sites that launched attack code at visitors and were also home to malicious "rogue" antivirus products.
"This is maybe one of the top European centers of crap," he said in an e-mail interview. Real Host was considered a "bullet proof" hosting provider, that would allow customers to remain online even after they had been linked to malicious activity.
(Source: PCWorld)
Full story
PCWorld
Monday, August 10, 2009
A group of teenagers have reacted to warnings that using sites like Facebook, Bebo and Myspace can leave them traumatised. The Archbishop of Westminster, the Most Reverend Vincent Nichols, says the sites encourage users to value the number rather than quality of friends they have.
He’s worried this makes people get too many temporary friends instead of real, genuine ones. He said: “It’s an all or nothing syndrome that you have to have in an attempt to shore up identity. "Friendship is not a commodity, friendship is something that is hard work and enduring when it’s right.”
(Source: BBC)
Full story
BBC
The distributed denial-of-service (DDOS) attacks that knocked out Twitter for hours and affected other sites like Facebook, Google's Blogger, and LiveJournal on Thursday continued all day Friday and may persist throughout the weekend. In its latest update, posted to a discussion forum of its third-party developers at 11 p.m. U.S. Eastern Time on Friday, Twitter reports it's still fighting the attacks.
"The DDoS attack is still ongoing, and the intensity has not decreased at all," wrote Chad Etzel, from Twitter's application development platform support team.
(Source: PCWorld)
Full story
PCWorld
Friday, August 07, 2009
One of Israel's main political parties has shut down its website following an attack by Palestinian hackers, according to reports. Attackers on the official Kadima website posted images of wounded Palestinians and the aftermath of suicide bombings in Israel.
Slogans in both Hebrew and Arabic were also placed on the site, including threats to party leader Tzipi Livni. Kadima, a centrist political party that favours a two-state solution to the Middle East conflict, is the largest party in the Israeli parliament.
(Source: BBC)
Full story
BBC
Micro-blogging service Twitter and social networking site Facebook have been severely disrupted by hackers. Twitter was taken offline for more than two hours whilst Facebook's service was "degraded", according to the firms.
The popular sites were subject to so-called denial-of-service attacks on Thursday, the companies believe. Denial-of-service (DOS) attacks take various forms but often involve a company's servers being flooded with data in an effort to disable them.
(Source: BBC)
Full story
BBC
A suspected pedophile surrendered to police after German law enforcement published clips from videos of child pornography allegedly showing the man. The German Federal Criminal Investigations Office also posted several photos and audio samples of the man's voice as they reached out to the public for clues leading to his arrest.
Police said they found about 42 videos in which the suspected pedophile abused children, believed to be between the ages of 5 and 7 at the time. The Investigator's Office said the man used violence against the children in some of the clips. The German Federal Criminal Investigations Office has been using technology to combat child pornography for several years.
(Source: CNN)
Full story
CNN
Thursday, August 06, 2009
The US Marine Corps on Tuesday renewed a ban on Twitter and other social networking sites as the Pentagon weighed a similar prohibition over cybersecurity concerns. The Marines had already banned the use of social media on military networks but issued a more detailed order this week defining which sites were out of bounds and noting possible exceptions to the rule, Marine Corps spokesman Lieutenant Craig Thomas told AFP.
"These Internet sites in general are a proven haven for malicious actors and content and are particularly high risk due to information exposure, user generated content and targeting by adversaries," the Marine Corps said in an order posted on its website.
(Source: AFP)
Full story
AFP
In hindsight, it seems so obvious. We look back at the creepy online ramblings of a tortured soul like George Sodini and realize we should have known all along of the horrors to come. That is, if anyone actually read Sodini's Web page before he sprayed bullets into a suburban Pittsburgh fitness class, killing three women and then himself.
Certainly, anyone happening upon Sodini's tortured online thoughts before his rampage Tuesday would have had ample cause for alarm. His date of death is listed right at the top, under his name and birthdate: "DOD 8/4/2009." Later, a description of his first attempt at what he calls "this project," in January. "It is 8:45 p.m.: I chickened out! I brought the loaded guns, everything. Hell!" And then, on Monday: "Tomorrow is the big day."
(Source: AP)
Full story
AP
Wednesday, August 05, 2009
Police are searching for a missing schoolgirl, believed to have run away with a man she met on the internet site Bebo. Clare Haver, 14, of Bourne, Lincolnshire, has been missing since July 25 and is thought to be with 23-year-old Michael Ellis. Police revealed today that Ellis has mental health issues and appealed for Haver to return to her family.
She met jobless Ellis, of Lincoln, on the social networking site Bebo seven months ago. The week before last he joined her while she was on a camping trip with a friend in Skegness.
(Source: Times)
Full story
Times
Parents have been warned of a new teenage trend of "sexting", in which children exchange explicit photos of themselves by text. More than a third of secondary school children have been sent messages containing sexual content, a survey showed.
Researchers found youngsters were regularly being sent sex texts or "sexts" - often by their school friends. The messages contain images of sex acts involving young people but more generally of boys and girls exposing themselves. Material is sent to mobile phones via texts, transferred using Bluetooth or uploaded to social networking groups. Girls are bullied into taking, and sharing, explicit pictures of themselves, the charity warned.
(Source: Telegraph)
Full story
Telegraph
Tuesday, August 04, 2009
A teenager was allegedly beaten to death by trainers at a rehabilitation camp in southern China where his parents had sent him to cure his Internet addiction, reports said Tuesday.
The three supervisors who allegedly beat Deng Senshan, 16, were arrested after the boy's death early Sunday, his father Deng Fei told the Global Times. "We are investigating a case where a high school student was beaten to death by his camp supervisors. The case is still under investigation," a police officer in Nanning, Guangxi region, was quoted as saying.
More than 10 million of the country's 100 million teenage web surfers are Internet addicts, the China Daily said, citing a survey by the China Youth Internet Association last year.
(Source: The Economic Times)
Full story
The Economic Times
High-tech Japan is gearing up for elections, but you won't hear a tweet from Prime Minister Taro Aso or his main rivals. When election campaigning officially begins on August 18, a cyberspace ban will make it illegal for politicians to update their Internet blogs, share their political views by email or put new videos online.
It is an odd situation in one of the world's most wired countries, where more than 60 percent of the population regularly uses the Internet. Japanese politicians "are missing a real chance to try to generate interest among young voters by not allowing cyber campaigning," said Professor Jeff Kingston, director of Asian Studies at Temple University in Tokyo.
(Source: AFP)
Full story
AFP
Monday, August 03, 2009
Chinese hackers crashed the website of Australia's biggest film festival, organisers said on Saturday, escalating tensions over a visit here by the exiled leader of the Uighur minority. Online bookings for the Melbourne International Film Festival had to be shut down after the site was bombarded with phony purchases which resulted in the entire program being sold out, said festival spokeswoman Asha Holmes.
A Chinese citizen living in the United States had alerted organisers to the viral campaign, which originated from a website in China titled "A Call to Action to All Chinese People", said Holmes.
(Source: AFP)
Full story
AFP
A powerful new type of Internet attack works like a telephone tap, except operates between computers and Web sites they trust.
Hackers at the Black Hat and DefCon security conferences have revealed a serious flaw in the way Web browsers weed out untrustworthy sites and block anybody from seeing them. If a criminal infiltrates a network, he can set up a secret eavesdropping post and capture credit card numbers, passwords and other sensitive data flowing between computers on that network and sites their browsers have deemed safe.
(Source: AP)
Full story
AP
Thursday, July 30, 2009
Facebook, MySpace and other social networking sites are inceasingly being targeted by cyber-criminals drawn to the wealth of personal information supplied by users, experts warn. Data posted on the sites -- name, date of birth, address, job details, email and phone numbers -- is a windfall for hackers, participants at Campus Party, one of the world's biggest gatherings of Internet enthusiasts, said.
A vicious virus Koobface -- "koob" being "book" in reverse -- has affected thousands Facebook and Twitter users since August 2008, said Asier Martinez, a security specialist at global IT solutions provider Panda Security.
(Source: AFP)
Full story
AFP
Microsoft released a security patch on Tuesday aimed at preventing hackers from exploiting a vulnerability in its Web browser, Internet Explorer.
The US software giant said that the security update would be automatically installed for Internet Explorer users who have automatic updating enabled on their computers but would need to be installed manually by other users. "These vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer," Microsoft said.
(Source: AFP)
Full story
AFP
Wednesday, July 29, 2009
The U.S. Department of Health and Human Services (HHS) is about to rule whether health care entities will need to notify patients if their de-identified data -- patient data that has been stripped of all potential for identifying individuals, which is often used for research and development -- is breached. As it stands now, de-identified data is not subject to the new breach-notification rules imposed by the HITECH privacy provisions of the 2009 American Recovery and Reinvestment Act (ARRA) stimulus package. The debate pits privacy activists on the one side -- who often support notification -- with health care organizations on the other, which say the quality of health care hangs in the balance.
(Source: ComputerWorld)
Full story
ComputerWorld
China has banned Web sites from advertising or linking to games that glamorize violence, another step in China's censorship campaign aimed at ensuring social stability ahead of the 60th anniversary of communist rule on Oct. 1.
A notice posted on the Culture Ministry Web site on Monday said games that promote drug use, obscenities, gambling, or crimes such as rape, vandalism and theft are "against public morality and the nation's fine cultural traditions." "Such online games promote the glorification of mafia life ... and are a serious threat to the moral standards of society causing vulnerable young people to be adversely affected," the notice said. The ban on the Web sites starts immediately.
(Source: AP)
Full story
AP
Tuesday, July 28, 2009
Amid concerns that the U.S. has a shortage of cybersecurity professionals, a new consortium of U.S. government and private organizations aims to identify students with strong computer skills and train them as cybersecurity guardians, warriors and "top guns."
The U.S. Cyber Challenge initiative will bring together three cybersecurity competitions for high school or college students and launch new in-person competitions, said Alan Paller, research director at the SANS Institute, a cybersecurity training organization. The organizers of the U.S. Cyber Challenge also plan to offer scholarships to promising students and hook them up with internships and jobs, Paller said.
(Source: ComputerWorld)
Full story
ComputerWorld
An undersea cable plugging east Africa into high speed Internet access went live Thursday, providing an alternative to expensive satellite connections.
SEACOM, the cable provider company, opened its 17,000 kilometer submarine cable, capable of 1.28 terabytes per second, allowing the region true connectivity. Most Africans rely on expensive and slow satellite connections, which make the use of applications such as YouTube and Facebook extremely trying. "This is going to reduce the cost of doing business in Africa, within Africa and with international parties" said Suveer Ramdhani, SEACOM spokesman in South Africa.
(Source: CNN)
Full story
CNN
Monday, July 27, 2009
Russia's most powerful business lobby moved to clamp down on Skype and its peers this week, telling lawmakers that the Internet phone services are a threat to Russian businesses and to national security.
In partnership with Prime Minister Vladimir Putin's political party, the lobby created a working group to draft legal safeguards against what they said were the risks of Skype and other Voice over Internet Protocol (VoIP) telephone services.
(Source: Reuter)
Full story
Reuter
The number of Internet users in China is now greater than the entire population of the United States, after rising to 338 million by the end of June, state media reported Sunday.
China's online population, the largest in the world, rose by 40 million in the first six months of 2009, the official Xinhua news agency reported, citing a report by the China Internet Network Information Center. The number of broadband Internet connections rose by 10 million to 93.5 million in the first half of the year, the report said.
(Source: AFP)
Full story
AFP
Friday, July 24, 2009
The news report begins with shots of a tense space shuttle launch. Engineers hunch over computer banks and techno music pounds in the background. There is a countdown, a lift-off, and then you see a young man in a black T-shirt and sunglasses, apparently reporting from space.
This is the Hacker News Network, and after a decade offline it is lifting off again, this time with a quirky brand of video reports about security. They're the guys who famously told the U.S. Congress that they could take down the Internet in about 30 minutes, and who helped invent the way that security bugs are reported to computer companies.
(Source: ComputerWorld)
Full story
ComputerWorld
The first undersea cable to bring high-speed internet access to East Africa has gone live. The fibre-optic cable, operated by African-owned firm Seacom, connects South Africa, Tanzania, Kenya, Uganda and Mozambique to Europe and Asia.
Five institutions are already benefiting from the faster speeds - national electricity company Tanesco, communications company, TTCL, Tanzania Railways and the Universities of Dar es Salaam and Dodoma.
(Source: BBC)
Full story
BBC
Thursday, July 23, 2009
Federal agencies are facing a severe shortage of computer specialists, even as a growing wave of coordinated cyberattacks against the government poses potential national security risks, a private study found.
The study describes a fragmented federal cyber force, where no one is in charge of overall planning and government agencies are "on their own and sometimes working at cross purposes or in competition with one another." The report, scheduled to be released Wednesday, arrives in the wake of a series of cyberattacks this month that shut down some U.S. and South Korean government and financial Web sites.
(Source: AP)
Full story
AP
Hackers will soon gain a powerful new tool for breaking into Oracle Corp's (ORCL.O) database, the top-selling business software used by companies to store electronic information.
Security experts have developed an easy-to-use, automated software tool that can remotely break into Oracle databases over the Internet to simulate attacks on computer systems, but cybercrooks can use it for hacking. The tool's authors created it through a controversial open-source software project known as Metasploit, which releases its free software over the Web.
(Source: Reuter)
Full story
Reuter
Wednesday, July 22, 2009
Being the chief executive has its privileges. And one of them may be a blissful ignorance of your company's data breach risks.
According to a study to be released Tuesday by the privacy-focused Ponemon Institute, companies' chief executives tend to value cybersecurity just as--if not more--highly than their executive colleagues. But compared to lower-level execs, CEOs also tend to underestimate the frequency of cyberthreats their organization faces.
(Source: Forbes)
Full story
Forbes
The popularity of Facebook and other popular social networking sites has given hackers new ways to steal both money and information, the security company Sophos said in a report released on Wednesday.
About half of all companies block some or all access to social networks because of concerns about cyber incursions via the sites, according to the study. "Research findings also revealed that 63 percent of system administrators worry that employees share too much personal information via their social networking sites, putting their corporate infrastructure -- and the sensitive data stored on it -- at risk," the Sophos report said.
(Source: Reuter)
Full story
Reuter
Tuesday, July 21, 2009
Lawmakers in France's lower house of parliament are to start debate Tuesday on a new version of a bill aimed at cracking down on online piracy by cutting the Internet connections of those who illegally download movies and music.
An earlier version of the bill was found to be unconstitutional. Legislators in the National Assembly are to debate the amended bill through Friday, but decided not to take a vote on it until they return from summer recess in September.
(Source: AP)
Full story
AP
"Internet Addiction Disorder." According to Wikipedia, "IAD was originally proposed as a disorder in a satirical hoax by Ivan Goldberg, M.D., in 1995. He took pathological gambling as diagnosed by the Diagnostic and Statistical Manual of Mental Disorders (DSM-IV) as his model for the description of IAD. However, IAD receives coverage in the press, and its classification as a psychological disorder is being debated and researched."
In China, it is considered to be an epidemic. Last year China estimated that of the country's 40 million underage Internet users, some 10% were "addicted" to the Web. Surveys discovered that about 42% of these kids said they felt "addicted" while only 18% of US children felt similarly.
(Source: ComputerWorld)
Full story
ComputerWorld
Monday, July 20, 2009
The popular social networking site Facebook is not doing enough to protect the personal information it gets from subscribers, and it gives users confusing and incomplete information about privacy matters, Canada's privacy commissioner said on Thursday.
"It's clear that privacy issues are top of mind for Facebook, and yet we found serious privacy gaps in the way the site operates," Privacy Commissioner Jennifer Stoddart said in a report on an investigation into Facebook.
(Source: Reuter)
Full story
Reuter
Seth Owusu knew at a young age that he wanted to help his countrymen. "I came from Ghana," Owusu recalls. "It all started when I was in primary school and we had some missionaries come to the school."
Just after he graduated from a technical college, Owusu established Entire Village Computer Organization, a small nonprofit organization that donates refurbished used computers to schools. EVCO goes much further than simply dropping off the computers in villages.
(Source: CNN)
Full story
CNN
Friday, July 17, 2009
Facebook founder Mark Zuckerberg announced the number of people using the online social networking service has climbed to 250 million.
Palo Alto, California-based Facebook was founded in 2004 and has become the most popular online social networking service, eclipsing News Corporation-owned MySpace.
"The rapid pace of our growth is humbling and exciting for us," Zuckerberg said in a message posted at Facebook's official blog. "For us, growing to 250 million users isn't just an impressive number; it is a mark of how many personal connections all of you have made."
(Source: AFP)
Full story
AFP
The U.K. was the likely source of a series of attacks last week that took down popular Web sites in the U.S. and South Korea, according to an analysis performed by a Vietnamese computer security analyst. The address is registered to Global Digital Broadcast in the U.K. "Having located the attacking source in U.K., we believed that it is completely possible to find out the hacker," Nguyen wrote.
The results contradict assertions made by some in the U.S. and South Korean governments that North Korea was behind the attack. Security analysts had been skeptical of the claims, which were reportedly made in off-the-record briefings and for which proof was never delivered.
(Source: ComputerWorld)
Full story
ComputerWorld
The microblogging service Twitter is taking legal advice after hundreds of documents were hacked into and published by a number of blogs.
"We are in touch with our legal counsel about what this theft means for Twitter, the hacker and anyone who accepts...or publishes these stolen documents, " said Twitter's Biz Stone. In a blog posting he wrote that "About a month ago, an administrative employee here at Twitter was targeted and her personal email account was hacked.
(Source: BBC)
Full story
BBC
Thursday, July 16, 2009
As such, Facebook is quickly becoming a hotbed of activity for all kinds of malware and financial scams. With 200 million registered users, Facebook represents an ocean of fish which are all accessible in one convenient place. It helps that many Facebook users are relatively unsophisticated at the web and especially the complex security issues surrounding it, and are thus more susceptible to attacks delivered via the social network.
Facebook says it's doing its part to fight the problem, but it can't monitor every bit that passes through its servers. Less than 1 percent of its users have been victimized over the last five years, it says. That sounds good, until you realize that could be up to 2 million people, hardly a drop in the bucket.
(Source: Yahoo)
Full story
Yahoo
A British hacker who has been fighting extradition to the United States for seven years today made an eleventh-hour appeal to a British court to be tried in the U.K. instead of in a U.S. federal court.
Gary McKinnon, 43, has admitted that in 2001 he broke into U.S. Department of Defense, NASA and U.S. Army computer systems. However, McKinnon has been using a series of legal maneuvers and appeals to fight extradition to the U.S. since he was indicted in November 2002 in the U.S. District Court for the Eastern District of Virginia on charges related to the computer hacks.
(Source: ComputerWorld)
Full story
ComputerWorld
Wednesday, July 15, 2009
Microsoft Corp warned that cybercriminals have attacked users of its Office software for Windows PCs, exploiting a programing flaw that the software giant has yet to repair. The world's largest software maker issued the warning on Tuesday as it released patches to address nine other security holes in its software.
Cybercriminals target Microsoft programs because they are so widely used, allowing them to go after the largest number of potential victims with one set of code. (Windows runs more than 90 percent of the world's PCs. Office has some 500 million users).
(Source: Reuter)
Full story
Reuter
The number of botnets and of computers controlled by them in China has fallen in recent years, though the country remains a top host for the networks of compromised computers, according to the government and independent researchers.
Over 1.2 million computers in China were newly infected with software that enabled their control by a botnet last year, about one-third the figure for the previous year, according to a report published late last month by China's National Computer Network Emergency Response Technical Team (CNCERT). That followed an equally steep fall from 2006, when the team estimated there were 10 million new infections in China.
(Source: ComputerWorld)
Full story
ComputerWorld
Tuesday, July 14, 2009
Cyber criminals are aping executives when it comes to sales, marketing and risk management in the world of online treachery, according to a report released by networking giant Cisco.
"A lot of techniques they are using today are not new; it is really about how they may be doing some of the same old things," said Cisco chief security researcher Patrick Peterson.
Criminals have taken to sending blanket text messages to numbers based on area codes of local banks directing people to call into a service center to address supposed concerns about their accounts.
(Source: AFP)
Full story
AFP
The police are to examine claims that a huge mobile phone hacking operation was launched by the News of the World, targeting thousands of people. The Guardian says the Sunday paper's reporters paid private investigators to hack into phones, many of them owned by politicians and celebrities. It is alleged details were suppressed by the police and the High Court.
Prime Minister Gordon Brown said: "This raises questions that are serious and will obviously have to be answered." Metropolitan Police Commissioner Sir Paul Stephenson has ordered a senior officer to "establish the facts".
(Source: BBC)
Full story
BBC
Monday, July 13, 2009
The defendant in the case of a MySpace hoax that ended in a girl's suicide applauded a federal judge for tentatively dismissing her conviction that could have resulted in up to three years in prison.
Prosecutors had argued that Drew and an accomplice, who was granted immunity, pretended to be a teenage boy named Josh, and used that identity to at first flirt with 13-year-old Megan Meier, an emotionally troubled classmate of Drew's daughter, before turning on her.
(Source: People)
Full story
People
South Korean police said they have arrested a hacker for staging cyber attacks similar to those that crippled domestic and US websites this week.
The 39-year-old identified only as Choi is accused of paralysing the homepage of the government Game Rating Board by using a distributed denial-of-service (DDoS) method.
Choi was an agent for software developers seeking approval from the board for new games. Because he failed to finish one job on time, he crashed the site to create an excuse for his tardiness. Choi is accused of buying a hacking programme from an ethnic Korean in China.
(Source: AFP)
Full story
AFP
Friday, July 10, 2009
Computer security experts were divided Thursday on whether North Korea was behind the ongoing attacks on US and South Korean websites, an assault that highlighted the vulnerabilities of the Web.
The so-called distributed denial of service (DDoS) attack used an army of malware-infected computers known as a "botnet" in a bid to paralyze US and South Korean websites by overwhelming them with traffic.
Around a dozen websites in the United States, including those of the White House, State Department and Pentagon, and another dozen in South Korea were among those targeted in the attack which began on Sunday.
(Source: AFP)
Full story
AFP
New York's attorney general charged Thursday that Tagged.com stole the identities of more than 60 million Internet users worldwide — by sending e-mails that raided their private accounts. Andrew Cuomo said he plans to sue the social networking Web site for deceptive marketing and invasion of privacy.
"This company stole the address books and identities of millions of people," Cuomo said in a statement. "Consumers had their privacy invaded and were forced into the embarrassing position of having to apologize to all their e-mail contacts for Tagged's unethical — and illegal — behavior."
(Source: AP)
Full story
AP
Thursday, July 09, 2009
A denial of service attack that took down some of South Korea's highest profile Web sites on Wednesday is set to resume Thursday evening, according to computer security specialist AhnLab. The attack will restart at 6pm local time (9am GMT) and be directed at a smaller number of sites that those hit a day earlier. They will include government Web sites and the home pages of the Chosun Ilbo newspaper and Kookmin Bank.
A denial of service attack involves sending a massive volume of traffic to a Web site so that it becomes overloaded. While some users will occasionally be able to access the site being attacked most will see nothing until a network time-out message appears.
(Source: ComputerWorld)
Full story
ComputerWorld
A botnet comprised of about 50,000 infected computers has been waging a war against U.S. government Web sites and causing headaches for businesses in the U.S. and South Korea.
The attack started Saturday, and security experts have credited it with knocking the U.S. Federal Trade Commission's (FTC's) Web site offline for parts of Monday and Tuesday. Several other government Web sites have also been targeted, including the U.S. Department of Transportation (DOT).
(Source: ComputerWorld)
Full story
ComputerWorld
A Long Island, New York, social worker is facing two misdemeanor charges after allegedly posting a sexually suggestive ad on Craigslist that gave interested parties the home phone number of a 9-year-old girl.
Officials told CNN affiliate News 12 in Long Island that the Craigslist ad read "I need a little affection... I'm blond, I'm cute and I'll be waiting." Interested parties were directed to an e-mail address where they were given the girl's name and home phone number. Callers were unaware they were trying to reach a 9-year-old.
(Source: CNN)
Full story
CNN
Wednesday, July 08, 2009
A series of cyber-attacks that targeted and paralyzed government networks and leading portal servers Tuesday and Wednesday are raising concerns that the world's self-proclaimed Internet powerhouse is prone to hacking and other cyber security threats.
The prosecution and police launched an investigation Wednesday to track the origin of hackers who hijacked a dozen local Internet sites, including those run by Cheong Wa Dae, the National Assembly, the Ministry of National Defense and top Web portal Naver, from Tuesday evening to Wednesday morning.
(Source: The Korea Times)
Full story
The Korea Times
A U.S. district court has ordered key players in an international spam ring to give up $3.7 million that they made by sending out illegal e-mail messages pitching bogus hoodia weight-loss products and a “human growth hormone” pill they claimed reversed the aging process.
In a Federal Trade Commission law enforcement action, the court found that the five defendants, located in Canada and St. Kitts, violated the FTC Act and the CAN-SPAM Act by participating in the spam operation. The court order bars the defendants from violating the CAN-SPAM Act and from making false or unsubstantiated claims about the health benefits of any food, drug, or dietary supplement.
(Source: Federal Trade Commission)
Full story
Federal Trade Commission
Friday, July 03, 2009
The Obama administration is moving cautiously on a new pilot program that would both detect and stop cyber attacks against government computers, while trying to ensure citizen privacy protections.
Any involvement of the NSA - the agency oversees electronic intelligence-gathering - in protecting domestic computer networks worries privacy and civil liberties groups who oppose giving such control to U.S. spy agencies.
(Source: AP)
Full story
AP
One of Britain's biggest online paedophile inquiries is to be challenged in the court of appeal amid allegations from campaigners that hundreds of men have been wrongly convicted in a mass miscarriage of justice.
Senior officers in Ceop, the child exploitation and online protection unit, who co-ordinated the inquiry, have been anticipating the test case for some time. They are adamant that Ore was an extremely successful operation, which led to more than 2,600 British men who downloaded images of child abuse, or attempted to, being brought to justice. The vast majority of them pleaded guilty.
(Source: Guardian)
Full story
Guardian
Thursday, July 02, 2009
Lori Drew, 50, pretended to be a boy on the MySpace website to befriend Megan Meier, who hanged herself after the virtual friendship ended. Sentencing will take place this week in the first federal cyber bullying case in the US which was brought to trial after a teenage girl took her own life.
The US National Crime Prevention Council in a report last year found that 43% of teens are exposed to cyber bullying in one form or another yet only one in 10 kids told their parents. "Cyber bullying can have such a devastating effect on our young people from depression to falling grades and low self esteem. This case shows however that cyber bullying is not something that just young people commit but we as adults can also be at fault," said the council's Michelle Boykin.
(Source: BBC)
Full story
BBC
The head of the U.S. Secret Service on Tuesday signed a memorandum of understanding with the head of the Italian police and the chief executive officer of the Italian Postal Service to set up an international task force to combat cyber crime.
"This is not a borderless crime and we believe there needs to be a reaction at an international level. We'll provide all our resources to make that happen," Mark Sullivan, the director of the U.S. Secret Service, said after signing the accord at a ceremony at the Italian interior ministry.
(Source: CIO)
Full story
CIO
Wednesday, July 01, 2009
China has announced it would indefinitely postpone a mandate requiring all personal computers sold in the country to be accompanied by a controversial content-filtering application, state media reported.
A June 24 letter from the U.S. Department of Commerce to the Chinese government listed "numerous concerns raised by global technology companies, Chinese citizens, and the worldwide media about the stability of the software, the scope and extent of the filtering activities and its security weaknesses."
Despite such communication, there has been no indication so far from the Chinese government that the rule will be revoked, only delayed.
(Source: CNN)
Full story
CNN
A blind Boston-area teenager was sentenced to more than 11 years in prison Friday for hacking into the telephone network and harassing the Verizon investigator who was building a case against him.
Matthew Weigman, 19, was part of a group of telephone hackers that met up on telephone party lines and was associated with more than 60 "swatting" calls to 911 numbers across the country. Weigman, known as "Little Hacker," became involved in telephone hacking around age 14 and continued to operate until last year.
(Source: PCWorld)
Full story
PCWorld
Tuesday, June 30, 2009
Within hours of the death of pop star Michael Jackson, spam trading on his demise hit in-boxes, a security firm said as it warned that more junk mail was in the offing. Just eight hours after news broke about Jackson, Abingdon, England-based Sophos PLC started tracking the first wave of Jackson spam, which used a subject line of "Confidential -- Michael Jackson."
The spam wasn't pitching a product or leading users to a phishing or malware Web site. Instead it was trying to dupe users into replying to the message in order to collect e-mail addresses and verify them as legitimate.
(Source: ComputerWorld)
Full story
ComputerWorld
Monday, June 29, 2009
Police in western Switzerland have broken a paedophile online network operating in nearly 80 different countries, the official Swissinfo.ch news website reported Sunday.
At least 32 people across Switzerland are now under investigation due to suspected connections with the case, the website quoted police in the canton of Vaud as saying.
A police official said cybercrime experts in Lausanne were alerted by Interpol more than a year ago that pornographic details were hidden on a website for hip-hop music run by a webmaster in western Switzerland.
(Source: Mathaba)
Full story
Mathaba
Friday, June 26, 2009
Britain warned on Thursday of a growing risk to military and business secrets from computer spies and pledged to toughen cyber security to protect the 50 billion pounds ($82 billion) spent a year online in its economy.
Launching Britain's first national cyber security strategy, security minister Alan West said hostile states and criminals were increasingly attacking British interests online and al Qaeda and like-minded groups were seeking the ability to do so.
"We know that various state actors are very interested in cyber warfare," West, a junior minister at the Home Office (Interior Ministry), told reporters. "The terrorist aspect of this is the least (concern), but it is developing."
(Source: Reuter)
Full story
Reuter
China on Thursday stepped up accusations that Google is spreading obscene content over the Internet, a day after U.S. officials urged Beijing to abandon plans for controversial filtering software on new computers.
The growing friction over control of online content threatens to become another irritant in ties at a time the world is looking for the United States and China to cooperate in helping to pull the global economy out of its slump.
China's Foreign Ministry on Thursday accused Google's English language search engine of spreading obscene images that violated the nation's laws, less than 24 hours after disruptions to the company's search engines and other services within China.
(Source: Reuter)
Full story
Reuter
Thursday, June 25, 2009
Recently scammers have become more aggressive on the site. They will set up new accounts and post spam messages on hot topics in hopes of gaining clicks when people search through Twitter.
And while hacked Twitter accounts are still rare, they're a much more effective way to reach victims, according to Rik Ferguson, a researcher with Trend Micro. "If you can take over an account that has a couple of thousand followers then you can get a much better return on your investment."
(Source: ComputerWorld)
Full story
ComputerWorld
Wednesday, June 24, 2009
China will limit the number of messages that a mobile number can send per day to battle rampant spam messages clogging cell phones, state media said on Friday.
Spam messages, largely consisting of real estate offers, ads for English lessons, fake tax receipts and other frauds have grown very quickly in China in recent years. It is not unusual to receive dozens of messages a day, including the odd gun ad.
One mobile number cannot send more than 200 messages per hour or 1,000 per day on weekdays, according to the agreement. On holidays, 500 messages per hour and 2,000 per day may originate from one number.
(Source: Reuter)
Full story
Reuter
The US military announced a new "cyber command" designed to wage digital warfare and to bolster defenses against mounting threats to its computer networks. The move reflects a shift in military strategy with "cyber dominance" now part of US war doctrine and comes amid growing alarm over the perceived threat posed by digital espionage coming from China, Russia and elsewhere.
President Barack Obama has put a top priority on cyber security and announced plans for a national cyber defense coordinator. A recent White House policy review said that "cybersecurity risks pose some of the most serious economic and national security challenges of the 21st century." Obama has promised privacy rights would be carefully safeguarded even as the government moves to step up efforts to protect sensitive civilian and military networks.
(Source: AFP)
Full story
AFP
Monday, June 22, 2009
A woman who won a retrial after a $220,000 verdict against her for sharing music files has now been ordered to pay $1.92 million by a jury in Minnesota.
In 2007, when she lost the original suit, Jammie Thomas-Rasset was one of the first people to receive a guilty verdict in a case backed by the Recording Industry Association of America, which has filed more than 20,000 lawsuits against people in a bid to stop online music trading and copyright infringement.
On Thursday, a jury ordered her to pay $80,000 for each of the 24 songs she is accused of illegally trading over the Kazaa Internet service. The jury could have ordered her to pay between $750 and $150,000 per song. In a statement, the RIAA said it was pleased that the jury found the defendant liable and that it continues to be willing to settle the case.
(Source: ComputerWorld)
Full story
ComputerWorld
The United Nations has appealed to parents, the Internet industry and policy-makers to join hands to eradicate hate speech from cyberspace.
Addressing a day-long seminar titled "Unlearning Intolerance" on the danger of "cyberhate," UN chief Ban Ki-moon lauded the benefits of the Internet but regretted that "there are those who use information technology to reinforce stereotypes, to spread misinformation and propagate hate." "Some of the newest technologies are being used to peddle some of the oldest fears," he warned, decrying what he called "digital demonization... targeting innocents because of their faith, their raace, their ethnicity, their sexual orientation."
(Source: UN)
Full story
United Nations
Thursday, June 18, 2009
Social networks like Facebook and Twitter are exploding in popularity, bringing people from all walks of life together online. At the same time though, overall Internet use keeping family members apart.
Forty-three percent of all online users are involved with a social networking site, and that's up from just 27% a year ago, according to a report released today by The Conference Board, a non-profit research association. The report also notes that more than half of those who use social networks log on at least once a day, and the majority log on several times a day.
(Source: ComputerWorld)
Full story
ComputerWorld
Wednesday, June 17, 2009
An alleged spammer could face jail time in connection with a Facebook lawsuit after a judge referred him to the U.S. Attorney General's Office for criminal proceedings.
Judge Jeremy Fogel of the U.S. District Court for the Northern District of California referred Sanford Wallace (who has been dubbed a "spam king" for his long and aggressive history in e-mail marketing) l to the U.S. Attorney General's Office for criminal proceedings for allegedly violating an injunction that prohibited him from accessing Facebook.
Facebook filed a lawsuit against Wallace and two other men in February for spamming and phishing schemes through the social-networking site. The following week, Judge Fogel issued a temporary restraining order barring Wallace and two other alleged spammers, Adam Arzoomanian and Scott Shaw, from accessing Facebook's network.
(Source: PCWorld)
Full story
PCWorld
Tuesday, June 16, 2009
A federal grand jury in New Jersey today indicted three people, and five people were arrested in Italy, all in connection with hacking into the IT systems of thousands of companies around the world to gain free access to telephone services, according to the U.S. Attorney's Office in Newark, N.J.
A multinational team of investigators worked jointly to round up the alleged hackers and their financial backers in the scheme to gain access into the systems of many companies -- 2,500 in the U.S. alone -- to steal access codes that the victim companies used to route phone calls through telecom systems, the office said.
The value of all the stolen services was unclear, though the U.S. Attorney's Office said the thieves routed more than $55 million worth of telephone calls over telecommunications networks in the U.S. "This was an extensive and well-organized criminal network that worked across continents," said New Jersey's acting U.S. attorney, Ralph J. Marra Jr., in a statement.
(Source: ComputerWorld)
Full story
ComputerWorld
Monday, June 15, 2009
After a two weeks meeting in Bonn Germany, it appears that an ambitious and effective global pact to reduce greenhouse gas emissions is in sight.
“A big achievement of this meeting is that governments have made it clearer what they want to see in the Copenhagen agreed outcome,” said Yvo de Boer, Executive Secretary of the UN Framework Convention on Climate Change.The Copenhagen outcome is to follow on the first phase of the 1997 Kyoto Protocol, which expires at the end of 2012. The negotiating text under consideration covers issues of a shared vision for long-term cooperative action, enhanced action on adaptation, mitigation and finance, as well as technology and capacity-building.
The gathering in Germany, which brought together more than 4,600 participants from government, business and industry, environmental groups and research institutions, was the second in a series of five major UN negotiating sessions slated for this year ahead of Copenhagen. The next meeting is scheduled to be held from 10 to 14 August in Bonn, followed by sessions in Bangkok from 28 September to 9 October and Barcelona from 2 to 6 November.
Source: UN
Full Report
Press Release
Every time you swipe your credit card and wait for the transaction to be approved, sensitive data including your name and account number are ferried from store to bank through computer networks, each step a potential opening for hackers.
And while you may take steps to protect yourself against identity theft, an Associated Press investigation has found the banks and other companies that handle your information are not being nearly as cautious as they could. The government leaves it to card companies to design security rules that protect the nation's 50 billion annual transactions.
(Source: AP)
Full story
AP
While most viruses target PC users, there has been rise in the number of attacks on Mac systems. Graham Cluley, a security expert with anti-virus firm Sophos, told the BBC that the small number of Mac viruses had made some users complacent.
Security experts have discovered two novel forms of Mac OS X malware. OSX/Tored-A - an updated version of the Mac OS Tored worm - and a Trojan called OSX/Jahlav-C were both found on popular pornographic websites. Users logging on to these sites are asked to download a "missing Video ActiveX Object" but are sent a virus payload instead.
(Source: BBC)
Full story
BBC
Thursday, June 11, 2009
The continuing fallout from a hacking incident at U.K.-based Web hosting company VAserv should serve as a powerful reminder that companies need proper data backup and disaster recovery procedures.
The incident, which could result in a fire sale of VAserv to another hosting provider, is also an especially stark example of the kind of havoc that a malicious attacker can wreak on businesses.
Late Sunday, an unknown hacker or hackers attacked VAserve's virtual server infrastructure and deleted about 100,000 sites, or about half of those being hosted by the company, according to The Register.
(Source: ComputerWorld)
Full story
ComputerWorld
Wednesday, June 10, 2009
The takedown last week of a rogue ISP by the U.S. Federal Trade Commission (FTC) slashed spam volumes by about 15% and reduced the spam spewed by a pair of big-name botnets by as much as to just 64%, a security firm said today.
"Spam dropped 15% across the board," said Bradley Anstis, director of technology strategy at Marshal8e6. "We especially noticed [the drop] over the weekend," he said, adding that the decline picked up steam slowly.
Last Tuesday, a federal court ordered the plug pulled on 3FN, an ISP operated by Belize-based Pricewert, after the FTC complained that the company hosts spam botnet command-and-control servers, as well as sites operated by child pornographers, identity thieves and other criminals.
(Source: ComputerWorld)
Full story
ComputerWorld
A Chinese developer of pornography filtering software protested reports linking the program to China's broader Internet censorship on Wednesday, after the government ordered that his software be distributed with all PCs sold in the country.
The government edict requiring PC makers to distribute the program touched off concerns that it could be used to block access to politically sensitive material online in addition to pornography.
China says the initiative is meant to protect children from "harmful" online content. The software blocks only illegal materials such as pornography and some content related to gambling and drugs, said Bryan Zhang, the general manager of Jinhui.
(Source: PCWorld)
Full story
PCWorld
Tuesday, June 09, 2009
A woman has been arrested by police in the UK following investigation into the distribution of child abuse images. The police raided the home of the 39 yr old nursery worker and closed the 60 place nursery during enquiries. Plymouth Commanding officer Ch Supt Jim Webster stated that the the allegations made against the nursery worker raised "serious concerns" and in response all the parents of children at the nursery are being contacted.
Ch Supt Jim Webster added, "... our work today is to find out what's happened, where the images have come from, where they've been sent to and any risk to anybody in Plymouth..."
(Source: BBC)
Full story
BBC website
A Hampton, New Hampshire, man has pleaded guilty to fraud charges for his role in a scheme to empty brokerage accounts by installing malicious Trojan horse software on victims' computers.
According to court documents, Alexey Mineev set up several "drop accounts" that were then wired funds stolen from banking and brokerage accounts between July and December 2007. He pleaded guilty to one count of money laundering on Wednesday, according to Mike Ruocco, deputy to Judge Paul Gardephe of the U.S. District Court for the Southern District of New York, who is presiding in the case.
The criminals would infect PCs with malicious Trojan software that would steal account numbers and passwords whenever victims logged into their accounts online.
(Source: ComputerWorld)
Full story
ComputerWorld
Monday, June 08, 2009
Movie directors, composers, authors, legal experts, policy-makers and others are meeting in Washinton this week to discuss the "threats and opportunities" the Internet poses to copyright in the digital age.
Some 500 delegates from more than 55 countries are scheduled to attend the 2nd World Copyright Summit being held on Tuesday and Wednesday at the Ronald Reagan Convention Center. Web and software giants Google and Microsoft and representatives of movie, music and book rights societies are also among those attending the summit organized by the International Confederation of Societies of Authors and Composers (CISAC), whose president is Bee Gees brother Robin Gibb.
Organizer CISAC, listing the "key issues" for the summit, cited "How the digital media environment is providing common threats and opportunities to all creative repertoires."
French Culture Minister Christine Albanel, Hollywood director Milos Forman and US Senator Patrick Leahy, chairman of the Senate Judiciary Committee, are among the nearly 100 speakers slated to address the gathering. Looming over the summit is the threat posed to artists by digital piracy.
(Source: AFP)
Full story
AFP
Friday, June 05, 2009
"In the week we used the system we found it very useful to pupils, teachers, therapists and parents alike. It allows children to take control of the conversation without having to rely on help from us.", Sue Williams, head teacher at Capability Scotland's Corseford School in Kilbarchan, said.
'How was school today?' is software to help children with disabilities such as cerebral palsy communicate faster. The system is the result of a project between computing scientists from the Universities of Aberdeen and Dundee, and Capability Scotland. Pupils from Corseford School in Renfrewshire were first to trial it.
Scientists claim to have developed the first technology of its kind to allow children with communication problems to converse better.
(Source: BBC)
Full story
BBC
British YouTube users are amongst the most sensitive in the world, executives at the site have claimed. Amid demands for an independent regulator to police its content they said Britons are amongst the most likely to object to footage hosted on the site.
The company has reacted by introducing special “Britain-only” policies following a raft of complaints from users over gang-related videos. Victoria Grand, head of policy at YouTube, told The Times: “The UK is a big flagging country. We get a lot of videos flagged up in the UK because of issues that British people are concerned about which maybe aren’t an issue in the US, such as the brandishing of guns.”
(Source: TimesOnline)
Full story
TimesOnline
Wednesday, June 03, 2009
As many as 40,000 Web sites have been hacked to redirect unwitting victims to another Web site that tries to infect PCs with malicious software, according to security vendor Websense.
The affected sites have been hacked to host JavaScript code that directs people to a fake Google Analytics Web site, which provides data for Web site owners on a site's usage, then to another bad site, said Carl Leonard, threat research manager for Websense.
Those Web sites have likely been hacked via a SQL injection attack, in which improperly configured Web applications accept malicious data and get hacked, Leonard said.
(Source: ComputerWorld)
Full story
ComputerWorld website
Spending more time on social networks and blogs? With the latest figures showing the number of minutes spent on social networking sites in the United States has almost doubled over the past year.
Nielsen Online, which measures web traffic, said the number of minutes on social networks in the United States rose 83 percent in April from the same month a year ago, but found users were quick to move on and sites could quickly fall from favor.
The total number of minutes spent on Facebook surged 700 percent year-on-year to 13.9 billion in April this year from 1.7 billion a year ago, making it the No. 1 social networking site for the fourth consecutive month. News Corp's MySpace was second most popular but the number of minutes spent on this site fell 31 percent to 4.97 billion from 7.3 billion a year ago, although it remained the top social networking site when ranked by video streams.
(Source: Reuters)
Full story
Reuters website
Monday, June 01, 2009
An Australian woman who cyber-stalked an American Idol contestant was jailed for 26 months. Tanya Maree Quattrocchi pleaded guilty to stalking 2004 American Idol runner-up Diana DeGarmo by hacking into her My Space account and hijacking email accounts belonging to the singer, national news agency AAP reported.
Victorian County Court judge Lisa Hannan described Quattrocchi's offences as serious and said she had no option but to send her to jail. "It is important that you understand the fact you perpetrated your offending using cyberspace does not diminish its significance," Melbourne's Herald Sun newspaper quoted Hannan as saying. She said the victims of such crimes had no doors to lock or alarms to activate, adding: "They are constantly vulnerable."
(Source: AFP)
Full story
AFP website
Accessing your bank account using your mobile phone might seem safe, but security experts say would-be hackers can access confidential information via a simple text message seemingly from your service provider.
People in the industry aware of the risk see it as extremely small, as only a few people use handsets to access their bank accounts, but it is growing as mobile Internet usage rises.
(Source: Reuters)
Full story
Reuters website
Friday, May 29, 2009
President Barack Obama is calling digital security a top priority, whether it's guarding the computer systems that keep the lights on in the city and direct airliners to the right runway or those protecting customers who pay their bills online.
Obama is expected to lay out broad goals for dealing with cyber threats while depicting the U.S. as a digital nation that needs to provide the education required to keep pace with technology and attract and retain a cyber-savvy work force. He also is expected to call for a new education campaign to raise public awareness of the challenges and threats related to cyber security.
(Source: AP)
Full story
AP website
A mother has been reunited with her son, 27 years after she claims he was kidnapped, after her sister saw him on the social networking site Facebook.
Avril Grube, 62, who lives in Poole, Dorset, says she was given custody of her son Gavin Paros after her marriage to a Hungarian man broke down in 1982. His father, who died in 2006, had visiting rights but took him to Hungary and Ms Grube has not seen him since. But Mr Paros met his mother again this week after being found on Facebook.
Avril Grube and her sister Beryl Wilson who lives in Liverpool, had spent years trying to trace her son, even contacting the Hungarian Embassy and taking their case to former Prime Minister Margaret Thatcher.
(Source: BBC)
Full story
BBC website
Thursday, May 28, 2009
ID theft victims are much more likely to get hit with fraudulent charges on their credit cards or debit cards, according to a new study from the Identity Theft Resource Center that tracks the effects of ID theft.
While repairing the damage from ID theft involves some cost for things like police reports, photocopying, travel, etc., ranging from an average of $739 for dealing with damage done to an existing account to $951 to fix the aftermath of a fraudulently opened new account, the real pain comes from the time spent dealing with the mess. It took 58 hours on average to deal with ID theft involving existing accounts, and a painful 165 hours for new accounts, the study found.
(Source: PCWorld)
Full story
PCWorld website
Spammers seem to be working a little bit harder these days, according to Symantec, which reported Tuesday that unsolicited e-mail made up 90.4 percent of messages on corporate networks last month. That represents a 5.1 percent increase over last month's numbers, but it's nothing out of the ordinary. For years, spam has made up somewhere between 80 percent and 95 percent of all e-mail on the Internet.
Symantec reported that nearly 58 percent of spam is now coming from so-called botnets --networks of hacked computers that can be misused by criminals to steal financial information, launch attacks or send spam. The worst of the spamming botnets -- called Donbot -- generates 18.2 percent of all spam, according to Symantec.
These botnet computers can be rented out on the black market by anybody, but in recent months some spammers have been moving away from botnets, experimenting with a new way to sneak their unwanted e-mail past corporate filters, according to Adam O'Donnell, a researcher with antispam vendor Cloudmark.
(Source: PCWorld)
Full story
PCWorld website
Wednesday, May 27, 2009
As part of this year’s focus on education, the UN Global Alliance for Information and Communication Technology and Development (GAID) presented the newly formed University of the People, a non-profit institution offering higher education to the masses.
For hundreds of millions of people around the world higher education is no more than a dream, Shai Reshef, the founder of the University of the People, told reporters. They are constrained by finances, the lack of institutions in their region, or they are not able to leave home to study at a university for personal reasons. Mr Reshef said that this University opened the gate to these people to continue their studies from home and at minimal cost by using open-source technology, open course materials, e-learning methods and peer-to-peer teaching. Admission opened just over two weeks ago; and without any promotion some 200 students from 52 countries have already registered, with a high school diploma and a sufficient level of English as entry requirements. Students will be placed in classes of 20, after which they can log on to a weekly lecture, discuss its themes with their peers and take a test - all online. There are voluntary professors, post-graduate students and students in other classes who can also offer advice and consultation.
Source: United Nations
Full Report
A Taiwanese man has been arrested for allegedly swindling more than 200 million Taiwan dollars (6.25 million US) from 50 women in one of the largest cyber scams in the country, police said.
The suspect, Chuang Shih-chung, claimed to be working for a Malaysian investment firm and encouraged the women he met on online dating sites to buy overseas stocks through him, said the Criminal Investigation Bureau.
At least 50 women from across Taiwan have fallen victim to the 31-year-old, who was arrested on Tuesday with four accomplices, the bureau said, adding that more victims have subsequently contacted the police.
(Source: AFP)
Full story
AFP website
With US government and private computer networks facing increasing attack, the White House announced that President Barack Obama would unveil a report on US cyber security on Friday.
"The report is an important first step towards securing our nation's cyber infrastructure," White House spokesman Robert Gibbs told reporters. "The administration recognizes the very serious threats public- and private-sector networks face from cyber crime and cyber attack," he said.
"Recognizing these threats, the president has elevated cyber security to a major administration priority," Gibbs added.
(Source: AFP)
Full story
AFP website
Tuesday, May 26, 2009
A Chinese man who extorted virtual items and currency from a fellow Internet cafe user to improve his performance in online games was sentenced over the weekend, local media said.
With three friends, the man beat up the victim and forced him to turn over virtual currency worth 100,000 yuan (US$14,700), China's official Xinhua news agency reported late Sunday. The attackers also extorted virtual equipment for online games from the victim, local media said. The men were each fined and the main attacker sentenced to three years in prison by a court in northeastern Liaoning province.
Selling in-game weapons, armor and other items to players for real-world cash is a common way for China's online gaming companies to a turn a profit. Internet cafes in China are often packed with chain-smoking teenagers who play World of Warcraft or similar Chinese games for long hours.
(Source: PCWorld)
Full story
PCWorld website
The American Academy of Pediatrics has released a report showing that there are some significant factors which increase the likelihood of online sexual abuse of girls. The researchers suggest that 'girls are more likely to experience online sexual advances or have offline encounters if they have previously been abused or have a provocative avatar'.
Sites such as Facebook and MySpace allow individuals to describe themselves as well as post photographs and the type of photographs and accompanying texts give individuals their online identity and directly affects online behaviour and interaction.
The authors suggest that....."self-presentations can change the way Internet users interact in a manner that increases the risk for online sexual advances.."
(Source: CNN)
Full story
CNN website
Thursday, May 21, 2009
Militants and hate groups increasingly use social networking sites such as Facebook, MySpace and YouTube as propaganda tools to recruit new members, according to a report by the Simon Wiesenthal Center.
The report was based on "over 10,000 problematic Web sites, social networking groups, portals, blogs, chat rooms, videos and hate games on the Internet which promote racial violence, anti-semitism, homophobia, hate music and terrorism."
Examples of what the report calls "digital terrorism and hate" range from a Facebook group named "Death to gays" in Croatian to a YouTube video of a Koran being burned and various Web sites promoting militant groups such as Hezbollah, the Taliban, al Qaeda and Colombia's FARC.
(Source : REUTERS)
Full story
REUTERS website
Researchers from Cambridge University have found that many photos were still accessible on a number of social networking sites including Facebook, even after having been deleted.
The researchers reported that Flickr and Google's Picasa performed better, while Microsoft's Windows Live Spaces removed the photos immediately.
A Facebook spokesperson stated: "When a user deletes a photograph from Facebook it is removed from our servers immediately. However, URLs to photographs may continue to exist on the Content Delivery Network (CDN) after users delete them from their Facebook, until they are overwritten. overwriting usually happens after a short period of time".
(Source: BBC)
Full story
BBC website
Wednesday, May 20, 2009
The UK Child Exploitation and Online Protection (CEOP) Centre reports in its Annual Review that it had assisted in protecting '139 children and disrupte 82 paedophile networks' during the past year.
The types of crimes, in the UK and abroad, include a wide range of offences from possession of indecent images of children and rape.
Jim Gamble, CEO of CEOP, stated, "..This is not about technology - this is about people. There is no distinction between the online and offline worlds......This is about the behaviour of offenders manipulating any environment to abuse children..."
CEOP's Annual Review showed that there was a "fast and growing trend" of grooming through social networking sites and warns that mobile Internet access was "placing new and additional responsibilities on parents".
Mr Gamble added, "...Child protection is everybody's business and we should afford our children the same protection online that we would give them in the park or playground".
(Source; BBC)
Full story
BBC website
New York State Attorney General, Andrew Cuomo's office reports that a group of 7 individuals operated a 24hour prostitution service called 'Room Service Entertainment' from Craigslist's erotic services section.
Cuomo's office added that Craigslist was the "sole vehicle through which the company operated". The advertisements listed included either a pornographic or semipornographic photograph with a phone number "to arrange a date". If found guilty of enterprise corruption, the group of 7 could all face up to 25 years in prison.
In a written statement, Andrew Cuomo stated, "Until Craigslist gets serious about putting real protections in place, it will continue to be an environment where criminal operations thrive with impunity".
(Source: CNN)
Full story
CNN website
Tuesday, May 19, 2009
The sentencing of a Lori Drew, convicted of three misdemeanours counts of accessing protected computers without authorisation to obtain information to cause emotional damage to Megan Meier.
Mrs Drew was accused of fraudently using the MySpace site to pose as a teenage boy who pretended to be interested in Megan Meier. Tragically Meier committed suicide after the "boy" made disparaging remarks about her online.
Source: CNN
Full story
CNN website
Sunday, May 17, 2009
ContactPoint, the 224 million pounds database containing details of all children in England has finally been launched following two delays due to data security concerns. This information will be available to 390,000 childcare professionals who must have undergone 'stringent security training'.
Although the UK government argues that such a database will allow for improved coordination in the services provided to children, a 2007 report by auditors Deloitte and Touche stated that it could never be secure.
(Source: BBC)
Full story
BBC website
Friday, May 15, 2009
Recent sexting (the sending of naked or partially clothed photos of an individual to others via mobile phones) cases in the USA have led to concern about whether such online behaviour should be classified as a criminial offence or simply a 'misdemeanour'.
Such cases have resulted in police arrests of several adolescents and criminal charges of child pornography.
Sending or distributing explicit images of child under 18 is illegal in many countries.
Parents are being encouraged to warn their children about the possible consequences of sexting (for both the sender and receiver).
A recent National Campaign to Prevent Teen and Unplanned Pregnancies survey of more than 1000 teenagers in the USA, found that one-fifth of 13-19 year olds had actually sent compromising images of themselves via text or online. A third of boys and a quarter of girls reported that they had had nude or semi nude images, originally meant to be private, shared with them.
Speaking to the BBC, WiredSafety founder, Parry Aftab stated, "It is dangerous behaviour that we don't want children to be encouraged to do.....Not only could these images end up in the hands of paedophile groups and place kids at higher risk of being targeted, but they could also be subject to extortion by those who have ended up with the images".
(Source: BBC)
Full story
BBC Website
Wednesday, May 13, 2009
In order to increase efficiency in municipal parking services in Turkey, the Municipality of Istanbul and Turkcell Mobile Phone Company, have come up with a project that aims at solving the parking problem in Istanbul by using mobile technologies, especially mobile phones. Subscribers to the service use SMS function of their mobile phones to park their cars and the parking bills are sent to them within their mobile phone bills.
Source: epractice.eu
Project Website
Saturday, May 09, 2009
UK children's charities want to ensure that children do not have access to those online goods which are aimed at adults. To that effect, a private members bill going through the House of Lords will oblige web retailers to have such a system in place.
Charities have fully endorsed this bill following concerns about children purchasing alcohol, knives and violent video games online.
Trading standards officers from a London Council performed tests on a sample of websites in order to establish whether there were age verification checks being made. In a controlled test, a 16-year old managed to purchase pre-paid credit cards which were registered under his true date of birth and address. This adolescent successfully bought knives, drink and adult-rated DVDs as well as games from 12 different online retailers.
Only three of the retailers asked the 16-year old to confirm his age, and when he "lied" was not challenged or asked for proof.
Zoe Hilton, policy advisor for the NSPCC, speaking on behalf of the Children's Charities Coalition on Internet Safety, stated, "..Retailers' increasingly successful efforts to control the sale of age-restricted products over the counter on the High Street are being seriously undermined by their failure to take similarly effective steps to limit sales of exactly the same items on the Internet".
(Source: BBC)
Full story
BBC website
Thursday, May 07, 2009
Craigslist, a centralised network of online communities featuring online classified ads, may face criminal action in South Carolina if it fails to delete ads which 'promote prostitution and pornography'. Attorney General Henry McMaster, sent a communication to Craigslist CEO, Jim Buckmaster asking him to remove such items listed under "erotic services" and "casual encounters" in the South Carolina section.
Sherriff's deputies in Richland County, South Carolina, have made up to 121 prostitution-related arrests from Craigslist ads, claims attorney general spokesman Mark Plowden.
(Source: CNN)
Full story
CNN website
Eight paedophiles from Scotland were convicted of child abuse and producing indecent images of children. The charges against them include abusing infants from three months old to conspiracy and possession of more than 125,000 images of child abuse.
The accusers were caught after one of them, Neil Strachan, took his computer to be repaired. The repair technician found indecent images of children. 7000 more images were uncovered, with emails showing that other children were at serious risk. Local Scottish detectives were granted warrants by courts in the USA to have access to email records from Microsoft.
Investigation into the digital camera used to record the abuse exposed another of the accusers' identities. Sophisticated tracking equipment pinpointed this individual's broadband Wi-Fi signals in a specific area of Edinburgh, Scotland. Further investigation by the police revealed the identities of all eight paedophiles.
(Source: Guardian)
Full story
Guardian website
Wednesday, May 06, 2009
The first ever 02 Digital Families Report released yesterday showed that for families, the Internet was more important than food and other household bills. The telecommunications company, 02 polled 500 families in the UK in order to find out which items they were reluctant to cut back on, and found that more than 67% opted for Internet access over school uniforms (59%), family holidays (30%) and their weekly food shopping (24%).
(Source: Telegraph)
Full story
Telegraph website
Tuesday, May 05, 2009
A secret report by the UK Border and Immigration Agency's national intelligence unit reveals that a 59-bed local authority children's home was used by criminal gangs to traffic Chinese children into prostitution and drug trafficking spanning four continents.
The 'restricted' report indicates that children arrive at the children's home, located by Heathrow airport, only to vanish straight away.
UK Home Secretary, Jacqui Smith, is being asked to respond to questions on how the local authority home fell under the control of child traffickers.
(Source: Guardian)
Full story
Guardian website
Monday, May 04, 2009
Friday, May 01, 2009
A UK man successfully delivered his baby boy by following instructions on a YouTube video. Marc Stephens had the foresight to watch the videos a few hours ahead of time, however his skills would be called upon as his wife went into labour before the ambulance arrived.
Mr Stephens told the BBC, "I Googled how to deliver a baby, watched a few videos and basically swotted up".
(Source: BBC)
Full story
BBC Website
Although the IWF 2008 Annual Report suggests that there has been a 10% decrease in the number of child abuse websites in the past year, it is important to note that there has been an increase in the serious nature of those abuse images which are still available.
The IWF report shows that among the remaining 1,536 child abuse sites, 74% were for profit while 26% allowed users to share or swap images, and states, "..1,536 domains remains a problem of a scale which can be seriously targeted and significantly disrupted through international efforts".
Peter Robbins, Chief Executive of the IWF said, "These websites, although reducing in number, represent an extremely serious problem."
The methods used by such sites to avoid detection were reported to be more and more sophisticated and include the scrambling of domain names and attempts to hide methods of payment in order to try to remain one step ahead of law enforcement.
(Source: BBC)
Full Story
BBC website
Thursday, April 30, 2009
An American girl chatting on Facebook with a British teenage boy alerted her mother after he admitted that he planned to commit suicide. Without having his address, the girl's mother contacted local police which then led to a series of calls to the White House, the British Embassy in Washington and finally the police in the UK town where the boy was found alive.
(Source: BBC News)
Full Story
BBC Website
Wednesday, April 29, 2009
The ITU Regional Cybersecurity Forum for Africa and Arab States, dedicated to “Connecting the World Responsibly”, aims to identify some of the main challenges faced by countries in Africa and Arab States in enhancing cybersecurity and securing critical information infrastructures.
It will consider best practices, information sharing mechanisms and concrete actions for cybersecurity development, taking into consideration the key principles of matching the borderless, transnational nature of cyber-threats with meeting specific national and regional requirements. The Forum will consider initiatives at the regional and international levels to increase cooperation and coordination amongst different stakeholders. The forum programme will include interactive sessions on the projects and related tools that ITU is working on to assist Member States in developing and implementing cybersecurity capabilities.
Capacity building activities will be undertaken in the following main areas:
Development of a legal framework;
Development of watch and warning and incident management capabilities, including the establishment of a national computer incident response team (CIRT); and,
Actions to be considered when developing a national cybersecurity strategy and harmonization within the key principles of international cooperation.
The event is expected to bring together government representatives, industry actors, and other stakeholder groups from countries on the African continent and the Arab States to discuss, share information, and collaborate on the elaboration and implementation of national policy, regulatory and enforcement frameworks for cybersecurity. It will benefit information and communication policy makers from ministries and government departments; institutions and departments dealing with cybersecurity policies, legislation and enforcement; and representatives from operators, manufacturers, service providers, industry and consumer associations involved in promoting a culture of cybersecurity.
The forum will be conducted in English, Arabic and French with simultaneous interpretation. Participation in the Forum is open to all ITU Member States, Sector Members, Associates, and other interested stakeholders, including representatives from regional and international organizations.
More detailed information about the event (including the draft forum agenda, online pre-registration, fellowship requests (for eligible LDCs) can be found on the ITU Regional Cybersecurity Forum for Africa and Arab States website at www.itu.int/ITU-D/cyb/events/2009/tunis/.
Register for the ITU Regional Cybersecurity Forum for Africa and Arab States here.
We look forward to seeing you at the event!
The Times reports that a young German man, David Heiss, became infatuated with Joanna Witton while playing on a cyber war website set up by Joanna and her boyfriend, Matthew Pyke, in the UK.
After seeing her photo on Facebook, Mr Heiss made up his mind that she was the girl for him, sending her a stream of disturbing messages despite her protests that she was already in a relationship.
Travelling to the UK from Germany, Mr Heiss tracked the couple down, committing the murder on his second visit. The killing of the victim was said by the prosecution to be driven by "...obsession for Joanna Witton, who was Matthew's girlfriend, and hatred for Matthew, because he was Joanna's boyfriend".
(Source: The Times)
Full Story
Timesonline website
Tuesday, April 28, 2009
"Digital technologies, or Information and Communications Technologies as they are commonly known, offer massive opportunities: Innovation and technology are "the backbone of the modern economy," says Senator the Hon Stephen Conroy, Minister for Broadband, Communications and the Digital Economy and the deputy leader of the Government in the Senate.
As part of the Government of Australia's efforts at reducing carbon emissions by 2020, the energy sector providers plan to use broadband to improve the way they monitor and manage power distribution. Using broadband to connect power consumers with power generators will allow them to harness means of distribution in a more efficient and reliable manner. Smart grids connected by broadband will also raise the potential to not only monitor energy use but to allow remote adjustment of lights or temperature. This implies the very real possibility of significant carbon emission reductions for the country.
Full Report
Friday, April 24, 2009
Following earlier reports of users not being able to delete their personal information, Facebook has now allowed voters to decide on the best way to proceed. In reviewing their policies with users, the popular social networking site has agreed to allow its users greater control of their personal data.
After a vote, 75% of responders were in favour of these proposed changes, which will allow users to own their own information and also have the right to remove it if they so choose.
Founder, Mark Zuckerberg explained that the networking site was aiming for a more "...transparent and democratic approach"
(Source: Telegraph)
Full story
Telegraph website
Miguel Angel Mancera, the Attorney General of Mexico City, stated that seven suspects including a Roman Catholic priest, were accused of distributing over 100,000 child sex abuse images (including pictures and videos) of children worldwide. Among the material taken away by law enforcement were CDs, DVDs and computers.
(Source: CNN)
Full story
CNN website
A new report of the mobile industry shows that some progress has been made by the 26 mobile operators signed up to the "European Framework for Safer Mobile Use by Younger Teenagers and Children” brokered by the Commission in February 2007 (IP/07/139). These operators serve around 580 million customers, 96% of all EU mobile customers. "The new report of the mobile phone industry association shows that mobile operators have started to take seriously their responsibilities to keep children safe when using phones," said EU Telecoms Commissioner Viviane Reding.
50% of 10 year-old, 87% of 13 year-old and 95% of 16 year-old children in the EU have a mobile phone, but half of European parents worry mobile phone use might expose their children to sexually and violently explicit images (51%) or bullying by other children (49%), according to a survey. The European Commission today called on mobile operators to do more to keep children safe while using mobile phones by putting in place all the measures in the voluntary code of conduct, signed by 26 mobile operators in 2007. The report published by the GSM Association, the trade body of the mobile phone industry, showed that national self-regulatory codes based on the framework agreement brokered by the European Commission now exist in 22 Member States, 90% of them in line with the 2007 agreement, and 80% of operators have put in place measures to control child access to adult content.
Read the full EC press release from 20 April 2009 here.
More information on the GSMA report onimplementation of the framework agreement on "Safer Mobile Use by Younger Teenagers and Children" can be found here.
Thursday, April 23, 2009
Chris De Wolfe, MySpace co-founder is reported by the Telegraph to be stepping down as chief executive.
In 2008, Facebook was reported to be the number one social networking site, relegating MySpace, (with 130 million users globally), to second place.
As well as tough competition from Facebook, a more recent social networking site, Twitter, appears to be holding its own against MySpace.
(Source:Telegraph)
Full story
Telegraph website
The Guardian reports that, in one of the first cases of its kind, images of a UK man sexually abusing Thai girls were used to identify him despite the fact that he had taken steps to hide his face.
Photographs were uncovered during a police search of Dean Hardy's home, where images were stored on memory cards from cameras and the hard drive of a computer.
A forensic anthropologist examined the freckles and blemishes visible in the images and found them to be identical with those on Mr Hardy's left hand.
Judge Stone, sentencing, referred to this case as "...sex tourism of the most offensive kind."
(Source: Guardian)
Full story
Guardian website
Wednesday, April 15, 2009
The Government of Malta has officially announced the launch of three new eGovernment services and an eGovernment Services Directory. The three services are the eHealth portal, the online certificates website and the scholarships service.These initiatives are aimed at improving the service delivery channels available between the Government and citizens.
"We have compiled this e-Government Services Directory to help users look for the e-services they require. The user may consider this directory as a manual and a complete list of the e-government services launched to date. We will continue to update it with every service launched and an updated version will always be available at www.mygov.mt." said Austin Gatt, the Maltese Minister for Information, Transport and Communications (MITC).
The ongoing transformation on the Maltese Government's IT resources is merely part of a much larger restructuring programme in the Government's approach to offering public services.
Source: epractice.eu
See: Full Press Release
Friday, April 10, 2009
ITU is pleased to announce the launch of its 2009 Cybersecurity and ICT Applications Essay Competition.
The 2009 ITU Cybersecurity and ICT Applications Essay Competition is open to current students and recent graduates in economics, political science, law, literature, telecommunications, computer science, information systems and related fields between the ages of 20 and 30 years old. The winners of the 2009 Essay Competition will be offered the opportunity of a consultancy contract within the ITU Development Sector's ICT Applications and Cybersecurity Division for three months. The winners will be given a contribution towards the cost of an economy class flight from their place of residence. In addition, they will be paid the sum of CHF 6000 towards living expenses for the duration of the contract.
To enter the competition you need to submit an essay on one of the following essay topics:
- Mobiles for Development: Enabling Low-Cost e-Applications for Rural and Remote Areas (e-Health, e-Government, e-Environment)
- Protecting Children and Youth in the Internet and Mobile Age: Innovative Technical and Social Solutions
- Connecting the World Responsibly: Empowering Women and Girls Through Creative Uses of ICTs
- Personal Information Online (internet/mobiles): Responding to User Safety Concerns
All applications should be submitted online through the competition website.
The deadline for applications is 14 June 2009.
We look forward to reviewing your applications and wish you the best of luck in the competition!
Friday, April 03, 2009
The EU's Commissioner in charge of Information and Communication Technology Viviane Reding, has called on the European ICT sector, which accounts of 2% of carbon emissions, to become the engine in the drive against carbon emissions, by setting trends that can be followed in the wider economy to affect the other 98% of emissions.
"Personally, I would recommend the ICT sector to lead the way for the rest of the economy by reducing its own carbon footprint by 20 percent as early as 2015", said Reding. "I see from the response of European ICT companies to the Commission's ongoing work that Europe is already well ahead in using ICT to green the economy, with some ICT companies already voluntarily working to reduce CO2 emission by 50 to 80 percent."
Commissioner Reding cited buildings and transport as other sectors where ICTenabled energy efficiency could have an impact. Recent studies suggest that better use of ICT could reduce energy consumption of buildings in the EU by up to 17% and to reduce carbon emissions in transport logistics by up to 27%.
Read Full Report
Source:European Union
1 April 2009 was the start of a new anti-piracy law in Sweden where, according to traffic data, an immediate and significant drop (over 30 per cent) occurred in the nation's overall Internet traffic.
"The combined traffic passing through Sweden's Internet Exchange Points usually peaks around 160 Gbit/s, but on Wednesday it peaked at around 110 Gbit/s. That's a huge drop in traffic, and is presumably a direct result of less file sharing taking place. ... Another interesting observation is that there was more traffic than usual during the last days before the law took effect. Were people hoarding films and music? On Tuesday (the day before the law went live) traffic peaked at nearly 200 GBit/s, roughly 25% above normal levels."
Read the full story and view the related statistics at CircleID.
Thursday, March 26, 2009
An advertising campaign by Beatbullying for its new website CyberMentors was helped by the testimony from boxing champion Joe Calzaghe.
Joe Calzaghe, a spokesperson for Beatbullying, spoke about the misery he suffered during his school years from bullying and how it affected him and changed his personality.
Adding, "For two years I was bullied, called names and ignored by former friends which turned me from a happy, out-going kid who enjoyed school and schoolwork, into an introverted wreck, detached from his studies and scared of his own shadow during school hours".
(Source: BBC)
Full story
BBC Website
Wednesday, March 11, 2009
In the USA, the North Carolina Attorney General, Roy Cooper, summoned MySpace to provide the identities of these registered sex offenders to law enforcement.
Commenting on the responsibility of social networks, Cooper added that, "...MySpace, Facebook and other social networks need to do much more to protect kids online".
North Carolina state passed a law in 2008 banning sex offenders from registering on networks involving children and young people.
(Source:CNN)
Full Story
CNN Website
Tuesday, March 03, 2009
Students and Teachers in Andhra Pradesh will now have access to an online learning platform that enables teachers to integrate learning projects into their classroom curriculum and students to develop critical 21st century skills, including creativity, communication, teamwork, and technology skills. This is made possible by the signing of a Memorandum of Understanding between Oracle Education Foundation (OEF) and Institute for Electronic Governance (IEG), a non-profit organization under the government of Andhra Pradesh, India.
Through this link-up, 500 government schools and over 25,000 students and teachers will gain access to the ThinkQuest online learning platform over the next two years. In the first phase of the rollout, IEG and OEF will train 120 teachers from 60 schools on the ThinkQuest platform and instruct them how to best integrate 21st century skills instruction and project learning into their curricula.
First launched in India in 2004, ThinkQuest currently supports over 146,000 students and teachers in 1,100 schools across the country, including Kendriya Vidyalayas, Navodaya Vidyalayas, DPS, DAV, and other schools.
Read the full text here.
Thursday, February 26, 2009
The Anti]Phishing Working Group (APWG) and IPC has released a new idustry advisory document titled: "What to do if your site has been hacked by phishers". The purpose of the document is to provide website owners with specific actions they can take when they have been notified that their website or webserver has been infiltrated and used for phishing.
The document notes that "Some phishers use compromised computers to host malicious or illegal activities, including identity theft, fraudulent financial activities, as well as collecting personal information and business identities from their victims for future use. Others attack or 'hack' into and gain administrative control over the legitimate web sites of businesses and organizations of all sizes. Such hacked web sites disguise the bad acts the phishers perform. More importantly, web site hackers are fully aware that the web sites they hack and 'own' are reputably legitimate."
"Law enforcement and anti]phishing responders respect and operate under established business, technical, and legal constraints when they seek to remedy or take down hacked web sites. These measures protect legitimate web site operators but unfortunately serve the attacker as well by extending the duration of the attack. The Anti]Phishing Working Group (APWG) offers this document as a reference guide for any web site owner or operator who suspects, discovers, or receives notification that its web site is being used to host a phishing site. The document explains important incident response measures to take in the areas of identification, notification, containment, recovery, restoration, and follow]up when an attack is suspected or confirmed. This document serves a guideline for web site owners."
See the full APWG "What to do if your site has been hacked by phishers" Industry Advisory here.
Monday, February 23, 2009
The ITU has launched new partnerships to help 13 Pacific Island countries develop information and communications technology (ICT) in the region.
In a joint communiqué issued at the end of the Pacific ICT Ministerial Forum, held in Tonga, senior officials from the 13 countries called for greater coordination to minimize overlap in ICT initiatives and maximize the impact of investments in development projects. The ministers, including two Prime Ministers, called for rapid implementation of regional connectivity projects and for reinforced efforts to create more ICT professionals and a workforce with technical skills.
“The Pacific Island countries have clearly stated their objectives and priorities,” said Director of the ITU Telecommunication Development Bureau, Sami Al Basheer Al Morshid. “ITU is fully committed to work with our partners in delivering results for the Pacific Island States,” added Mr. Al Basheer, who announced several new partnerships to assist the countries. “We are building on the expertise and resources of all interested partners to reinforce our collective impact on ICT development in the Pacific.” The Pacific Island ministers also directed officials to work towards establishing a shared regulatory resource centre and encouraged regional States to make full use of ICT for early warning and response systems to improve disaster preparedness.
See the full ITU press release here.
Monday, February 16, 2009
A new report from ITU, highlights some harsh realities for the global ICT industry. The report, Confronting the Crisis: Its Impact on the ICT Industry, considers how the industry can position itself for recovery in the future.
Confronting the Crisis: Its Impact on the ICT Industry draws on analysis from leading industry experts and international institutions. As the established order is overturned, it says, convergence in the ICT industry will accelerate, with the emergence of new players with new business models. Firms’ ability to weather the economic storm will depend on their ability to invest for the future and explore new opportunities to benefit from the eventual upturn. For an industry founded on innovation, the current turmoil will create openings for nascent ICT companies.
Confronting the Crisis finds that although credit is now less abundant and more expensive, with financing costs for operators on average 3 − 4 per cent higher year-on-year, savvy operators can take advantage of the economic turmoil to reposition their services for the upturn. Funding is still available for players with sound business models, established demand and early projected cash flows. Alternative sources of financing are now needed, with a growing role for government financing and economic stimulus packages.
Many analysts contributing to Confronting the Crisis underlined the need for ICT as vital services and suggested that fixed-mobile substitution and consumers’ decision to switch to mobile telephony may gain momentum in developed markets during a prolonged recession. The report also notes that long project lead times for the satellite industry mean that it has been less affected in the short term, with strong recent growth in demand from developing countries. The financial difficulties facing the private sector could add to pressure for government intervention in the financing of national backbone infrastructure. Governments are already stepping in to diminish the impact on the transition to next-generation networks (NGN), which can carry voice, data and media services simultaneously. Several administrations have announced commitments to invest in their national backbone infrastructure, while others, such as the European Union, have included the roll-out of broadband networks in their economic stimulus packages. Although the financial crisis may delay investment in NGN, it has also led to a widespread reaffirmation of the importance of building advanced telecommunication infrastructure as part of an economic stimulus package.
See the full press release from 16 February 2009.
The report is available for download here.
Tuesday, February 10, 2009
Press release issued simultaneously by ITU and European Commission.
Geneva, 10 February 2009 — ITU and the European Commission have joined forces to mark Safer Internet Day. This year, the focus is on protecting children online.
Children are among the most active — and most vulnerable — participants online. According to recent surveys, over 60 per cent of children and teenagers talk in chat rooms on a daily basis. Three in four children online are willing to share personal information about themselves and their family in exchange for goods and services. One in five children will be targeted by a predator or paedophile each year. Protecting children in cyberspace is, therefore, clearly our duty.
"Children are very resourceful in making the most of online services such as social networking sites and mobile phones," said Viviane Reding, European Commissioner for Information Society and Media. "But many still underestimate the hidden risks of using these, from cyber-bullying to sexual grooming online. Today, I call upon all decision-makers, from both the public and the private sector, to listen and learn from children and to improve awareness strategies and tools to protect minors." Ms Reding added: "The Internet binds the whole world together. The safety of children who use it is a concern for everyone. I am therefore very happy that ITU is associated with us in doing this, today on Safer Internet Day, and all year round."
"Child online safety must be on the global agenda," said ITU Secretary-General Hamadoun Touré. "We must ensure that everyone is aware of the dangers for children online. And we want to promote and strengthen the many outstanding efforts that are being made around the world, such as the Safer Internet Programme, to limit these dangers." This year, the 6th edition of Safer Internet Day includes more than 500 events in 50 countries worldwide. ITU and the European Commission will collaborate on this and future events, such as World Telecommunication and Information Society Day, 17 May 2009, which is dedicated to "Protecting Children in Cyberspace". The European Commission’s Directorate General for Information Society and Media has declared its full support for ITU’s Child Online Protection (COP) Initiative. The EC’s Ins@fe Network will launch a Safer Internet Day virtual exhibition which will host pavilions where visitors can learn more about initiatives undertaken by the 50 participating countries. ITU will host an online pavilion in support of EC’s efforts to raise awareness among youngsters aged 12 to 17 regarding the risks they may face online.
ITU and Child Online Protection (COP)
ITU’s motto is "committed to connecting the world", but we are also committed to connecting the world responsibly. That means working together to ensure cybersecurity, enable cyberpeace, and — more importantly — protect children online. While child online protection programmes exist in many developed countries, there are very few in the developing world today — and very little coordination between them. ITU established the Global Cybersecurity Agenda (GCA) and launched the Child Online Protection (COP) initiative. COP aims to bring together partners from all sectors of the global community to ensure a safe and secure online experience for children everywhere.
See the press release here.
Telecommunication company, 02 has launched a new book, 'Who Wants 2 No?', aimed at 8-12 year olds in an effort to promote greater Internet safety among children.
Available to schools and libraries, this book also aims to encourage children's literacy skills by providing an enjoyable story as well as an important safety message.
Ronan Dunne, CEO, Telefónica 02 UK Limited added, "....Technology is available to help keep children safe, but is only part of the solution. It's also important that children learn how to be smart and stay safe as part of their online experiences...."
(Source:www.02.com)
Read full article
Monday, January 26, 2009
Despite the number of data breaches which have occured in the UK over the past year, the UK Government has now authorised 390,000 professionals (including local authorities, police, health service and children's charities) direct access to contact details on all under 18-year-olds in England.
This 224 million pounds ContactPoint database was developed following the death of Victoria Climbie in 2000, when Social Services were highly criticised for lack of coordination and adequate follow-up of children at risk.
It is hoped that this database will go some way to preventing children from slipping through the net.
The Conservatives voiced their concern by stating that this database was "another expensive data disaster waiting to happen". The Liberals were equally opposed, calling it an "intrusive and expensive project".
(Source: BBC NEWS)
Full Story
BBC website
Wednesday, September 03, 2008
The ITU's Telecommunication Development Bureau launched the study report "ICTs for e-Environment - Guidelines for Developing Countries, with a Focus on Climate Change", which is intended to strengthen the capacity of developing countries to mitigate and adapt to environmental change, including climate change, through the use of information and communication technologies (ICTs).
Although ICTs require energy resources, they also offer a number of opportunities to advance global environmental research, planning and action. This includes monitoring and protecting the environment as well as mitigation of and adaptation to climate change. The report also looks extensively at the use of ICTs in many different aspects of work on the environment, including environmental observation, analysis, planning, management and protection, mitigation and capacity building.
In order to assess the adoptability of selected ICT applications for environmental management in developing countries in general, the report proposes a ranking system with parameters such as (a) environmental scope, (b) technology, (c) transferability, and (d) impact.
Furthermore, the ICTs for e-Environment report considers over 150 ICT applications in one of its annexes, including the name of the ICT applications, description, area of work, sponsor, region, active dates, and relevant web references.
Not all countries have the capacity to take advantage of these technologies in order to use the full potential of ICTs for environmental action. The report states that there is a clear need for a more comprehensive and integrated approach to global environmental action through access to ICTs and the use of information technologies and management practices to eliminate duplication of efforts. This can be done by consolidating action at national levels on the many and varied environmental conventions and initiatives that developing countries have already agreed to in principle. ICTs provide a unique opportunity to do so while assisting in building local capacity to use these tools and practices.
There is also a need to assign the environment a more important profile in ICT strategic planning initiatives at the national level and, in particular, in e‑Governance and e-Goverment initiatives so that the use of ICTs for the environment is integrated into planning processes from the beginning, along with other national priorities and initiatives.
The report proposes a methodology to undertake rapid national e‑Environment assessments as well as to develop and implement national e‑Environment strategies. Among other proposals, the report recommends the preparation of an e‑Environment toolkit comprised of best practices as one practical method to assist developing countries to take advantage of ICTs for environmental research, planning and action. Strengthening ongoing research activities is another proposal as well as placing more focus on the environment sector in e‑Government initiatives. Working on a regional basis may be the best approach for smaller, landlocked or island jurisdictions, such as small island developing states.
Whatever approach is taken to support the use of ICTs for environmental action in sustainable development, it must be undertaken in close collaboration with key development partners at the national and international level and in consultation with actors in the public and private sectors as well as civil society.
Tuesday, August 19, 2008
The ITU-D recruited an expert to produce a study report concerning "Electronic Government for Developing Countries", which is intended to help address challenges in formulating e-Government policies. The draft version as of August 2008 is now available online on the ITU-D ICT Applications and Cybersecurity Division (CYB) website.
The purpose of this report is to examine the adoption of e-Government services in countries with developing economies. As the day-to-day business of a public administration is to build on data and information, using the latter is critical to help ensuring its accountability, managing its operations, and to allow its citizens to participate in the country's governance. With the revolutionary changes that ICTs are bringing to our global society, public administrations worldwide continue to develop more sophisticated ways to digitize their operations and practices so that they can offer the public access to government services in more effective and efficient ways.
The seven key recommendations outlined in this report are:
- Developing a strategic plan to guide e-Government services;
- Understanding the needs of citizens and of all public administration segments;
- Using well established system development practices for e-Government services;
- Creating a learning organization;
- Developing effective ICT governance mechanisms;
- Developing ICT capabilities, including human resources capacity building and suitable ICT infrastructure; and
- Developing an e-Government security and disaster recovery plan.
To continue reading the report and its case studies, click here. More information on ITU-D activities related to ICT applications, click here.
Wednesday, June 18, 2008
The International Telecommunication Union organised two Symposia on ICTs and Climate Change. The first was held in Kyoto, Japan 15-16 April 2008, hosted by MIC Japan, and the second was held in London, UK, on 17-18 June, hosted by BT.
These symposia brought together key specialists in the field, from top decision-makers to engineers, designers, planners, government officials, regulators, standards experts and others. Among others, the ITU's Telecommunication Development Bureau presented a summary of the study report on "ICTs for e-Environment - Guidelines for Developing Countries, with a Focus on Climate Change".
For more information on presentations, meeting summarie and the outcomes of the symposia, click here.
Thursday, June 12, 2008
As part of its effort to combat climate change, the European Commission announced on 13 May 2008 that it would promote the use of ICT (Information and Communications Technologies) to improve energy efficiency throughout the economy, starting with buildings, lighting and the power grid. The Commission will encourage the ICT industry to demonstrate leadership in reducing its own CO2 emissions and by identifying and creating solutions that will benefit the whole economy. "To meet Europe's energy efficiency goals by 2020, we need a high growth, low carbon economy. Research and rapid take-up of innovative energy efficient ICT solutions will be crucial to lowering emissions across the whole economy," said Viviane Reding, Commissioner for Information Society and Media. "There is a win-win situation in which ICT will promote the competitiveness of EU industry while leading the fight against climate change."
For more information, click here or read the European Commission document on Addressing the challenge of energy efficiency through Information and Communication Technologies.
Monday, May 19, 2008
The Federal Trade Commission has approved four new rule provisions under the Controlling the Assault of Non-Solicited Pornography and Marketing
Act of 2003 (CAN-SPAM), which aim to clarify the Act’s requirements.
The new rule provisions address four topics: (1) an e-mail recipient cannot be required to pay a fee, provide information other than his or her e-mail address and opt-out preferences, or take any steps other than sending a reply e-mail message or visiting a single Internet Web page to opt out of receiving future e-mail from a sender; (2) the definition of “sender” was modified to make it easier to determine which of multiple parties advertising in a single e-mail message is responsible for complying with the Act’s opt-out requirements; (3) a “sender” of commercial e-mail can include an accurately-registered post office box or private mailbox established under United States Postal Service regulations to satisfy the Act’s requirement that a commercial e-mail display a “valid physical postal address”; and (4) a definition of the term “person” was added to clarify that CAN-SPAM’s obligations are not limited to natural persons.
Continue reading the news release here.
BBC News recently reported the arrest of five hackers described as being among the most active on the internet. The hackers, who include two 16-year-olds, are accused of disrupting government websites in the United States, Asia and Latin America. Spanish police say the hackers co-ordinated attacks over the internet and hacked into 21,000 web pages over two years.
Read the full report here.
On an article published Wednesday, 14 May 2008, on the Guardian, Will Ashley-Cantello writes about how the youth are both fully aware of the need to reduce environmental impacts and equipped to making this change happen. Ashley-Cantello points out that the second generation internet has fast become the most powerful tool the environment movement has. "Around 96% of Americans between 11 and 18 are members of an online social network. So when you consider that protecting the environment is a passion of many young people, the potential power of influence of Web 2.0 for the green movement is phenomenal." According to the Forum for the Future, 78% of university applicants in 2007 believed that "lifestyles need to change across the board, or in many areas, for human civilisation to survive the next 100 years". It is,
therefore, imperative that our young citizens are given a fair hearing on the decisions that current leaders are making - and online social
networking can help achieve this.
A new social networking site, Footprintfriends.com, was set up exclusively to join together young people who share a passion for protecting our natural environment. As a moderated site, it aims to be an enabler for young people aged 11 to 18 to act on their environmental concerns. The site has already attracted hundreds of young people since launching last August. It is set to expand rapidly after establishing a new partnership with the British Standards Institute, which is using the site to promote a Sustainable Students competition, involving about 20,000 schools.
Read the full article here.
The Guardian recently reports on a survey into ways in which colleges and universities can make computing greener and more sustainable. Preliminary findings of the study is about to be published soon. "Higher Education Environment Performance Improvement (Heepi) and SustainIT, an NGO set up to focus on the environmental and social impact of IT, are researching how sustainable further and higher education IT is, and how education best practice compares with the private sector. The report being written for the Joint Information System Committee (Jisc) says green IT is best achieved through the collaboration of IT and estates management." Among the findings is that increased energy and computing costs can be offset by technologies such as grid computing and virtualisation. According to Peter James, author of the report and is also part-time professor of environmental management at Bradford University and associate director of SustainIT, "Eighty to 90% of a computer's capacity is wasted. By linking PCs together we can run complex computing tasks broken down into manageable chunks when the computers are not in normal classroom use."
The publication of Heepi and SustainIT's interim report in June marks the start of a series of up to seven campus IT open days to be held throughout the UK until October and designed to allow IT managers a chance to see the latest sustainable initiatives for themselves. At least one event will be focused on the further education sector and based around the virtualisation programme at Stockport college.
Read the full article here.
Friday, May 16, 2008
As part of the ITU Cybersecurity Internship Programme, ITU launches the 2008 Cybersecurity Essay Competition. The purpose of the ITU Cybersecurity Internship Programme, and related 2008 ITU Cybersecurity Essay Competition, is to increase cybersecurity awareness and give young people, especially from developing countries, exposure to the main issues related to cybersecurity and to the ongoing work of ITU in this area. It is hoped that the fellowships granted to promising students and recent graduates from ITU Member States through the cybersecurity essay competition will help build cybersecurity capacity in developing countries as these interns will be exposed to ITU cybersecurity activities, learn about the main international and regional actors in this field, and constructively contribute with their country-specific insights into ITU cybersecurity-related work. The competition is open to current students and recent graduates in economics, political science, law, literature, computer science, information systems and related fields, between the ages of 20 and 30 years old.
For more information about the programme and competition, visit the programme website.
OECD, together with the Danish Ministry of Science, Technology and Innovation, and the National IT and Telecom Agency, will hold a Workshop on ICTs and Environmental Challenges at Eigtveds Pakhus, Copenhagen, Denmark on 22-23 May 2008.
The aim of this workshop is to:
- Take stock of the impacts of information and communication technologies (ICTs) on the environment.
- Identify areas for further analysis of the application and use of ICTs to further environmental goals.
- Identify opportunities and best practices in the use of ICTs, the Internet and sensor networks in environmental management, energy efficiency, cleaner technologies and improved resource management.
- Consider policy implications and the development of goals and priorities in efficient buildings, transport and distribution systems that harness the potential of ICT-based systems and sensor networks.
- Contribute to preparation of the OECD Seoul Ministerial on the Internet Economy, the Hokkaido G8 meeting, and the planned OECD conference in 2009 and the United Nations Climate Change Conference in 2009.
For more information about this workshop, click here or visit the The Danish Ministry of Science, Technology and Innovation and the National IT and Telecom Agency's website.
Wednesday, May 14, 2008
According to an article on The Citizen (Dar es Salaam) on 10 May 2008, toll-free mobile services are on its way to selected remote areas in Africa aiming to save lives by connecting people with emergency medical cases to health personnel. Under the initiative launched in Nairobi on Wednesday, health workers will also be trained through mobile phone sessions on day to day skills like collecting and sharing basic household health information.
Telecommunication equipment provider Ericsson and mobile phone service provider Zain have entered into a partnership that will ensure they provide network access, mobile phone handsets, sim cards and toll-free emergency numbers in remote areas in order to stimulate demand for cellular phone
solutions in those areas. The initiative is being rolled out in Tanzania, Uganda and Kenya. In Kenya, Ericsson and Zain subsidiary, Celtel, are rolling out a pilot programme in North Garissa in Dertu village targeting some 5,200 inhabitants.
According to the President of Ericsson, Mr Carl-Henri Svanberge, the partnership also includes the Earth Institute and will benefit 400,000 people in Africa. "The partnership will provide the development of a comprehensive voice to data coverage and a telecommunication strategy in the villages to drive up mobile connectivity," said Mr Svanberge. The phones
will use solar charges which according to Ericsson are capable of
charging 30 mobile phones a day.
Read the full article
here.
Wednesday, May 07, 2008
McKinsey & Company, with its McKinsey & Company Report: Revolutionizing Data Center Efficiency, provides critical analyses, key findings, and recommendations on data center efficiency.
Some of the key points in the report include:
- The rapid recent (and projected) growth in the number and size of Data centers creates two significant challenges for enterprises: 1.) Data center facilities spend (CapEx and OpEx) is a large, quickly growing and very inefficient portion of the total IT budget in many technology intensive industries such as financial services and telecommunications. Some intensive data center users will face meaningfully reduced profitability if current trends continue; 2.) For many industries, data centers are one of the largest sources of Greenhouse Gas (GHG) emissions. As a group, their overall emissions are significant, in-scale with industries such as airlines. Even with immediate efficiency improvements (and adoption of new technologies) enterprises and their equipment providers will face increased scrutiny given the projected quadrupling of their data-center GHG emissions by 2020.
- The primary drivers of poor efficiency are poor demand and capacity planning within and across functions (business, IT, facilities), significant failings in asset management (6% average server utilization, 56% facility utilization), and boards, CEOs, and CFOs are not holding CIOs accountable for critical data center facilities CapEx and data center operational efficiency.
- Improving efficiency is the best near term means to solving the twin challenges of rising spend and GHG emissions. The report proposes a three part solution to double IT energy efficiency by 2012 and to arrest the growth of GHG emissions from data centers: 1.) Rapidly mature and integrate asset management capabilities to reach the same par as the Security function; 2.) Mandate inclusion of true total cost of ownership (including data center facilities) in business case justification of new products and applications to throttle excess demand; and 3.) Formally move accountability for data center critical facilities expense and operations to the CIO and appoint internal “Energy Czars” with an operations and technology mandate to double IT energy efficiency by 2012.
- To achieve this doubling of energy efficiency CIOs, equipment manufacturers, as well as industry groups in dialog with regulators should quickly establish automotive style “CAFE” metrics that will measure the individual and combined energy efficiency of corporate, public sector and 3rd party hosted data centers. The report proposes one metric that would deliver immediate financial and transparency benefits to executive management of enterprises and could become a government recognized measure of efficiency.
A related OECD meeting on ICT and the Environment will be held in Copenhagen, Denmark on 22-23 May 2008. A paper on Khazzoom-Brookes postulate and datacenters is also available online. This paper presents how Khazzoom-Brookes have demonstrated that improved efficiency actually results in increased energy consumption as it decreases the overall cost of a product or service and therefore increases demand.
Read more on the McKinsey report here.
Friday, May 02, 2008
According to a press release of the European Commission, published on 25 April, a pan-European survey on electronic services in healthcare (eHealth) shows that 87% of European doctors (General Practitioners) use a computer, 48% with a broadband connection. The survey shows that there are considerable differences between the countries, with broadband penetration ranging from 93% in Finland to 5% in Romania. An increasing number of doctors in Europe store and send patients' data such as lab reports electronically.
In using such eHealth applications, doctors and medical services have already improved healthcare in Europe through, for instance, more efficient administration and shorter waiting times for patients. According to the report, a majority of European doctors agree that information and communication technologies (ICTs) improve the quality of healthcare services that they provide.
Doctors not using ICT mention a lack of training and technical support as major barriers. In order to increase the use of eHealth, they ask for more ICT in medical education, more training and better electronic networking among healthcare practitioners that are willing to share clinical information. The report also highlights where doctors could make better use of information and communication technologies (ICTs) to offer services such as telemonitoring, electronic prescriptions and cross border medical services.
For more information, click here.
Thursday, May 01, 2008
The 6th "Med-e-Tel Conference and Exhibition" took place on 16 -18 April 2008 in Luxembourg with about 450 participants from over 50 countries. Med-e-Tel focuses on eHealth and telemedicine applications and a wide range of other medical information and communication technology (ICT) applications and on the convergence of ICT with medical applications, which lead to higher quality of care, cost reductions, workflow efficiency, and widespread availability of healthcare services. Abstracts and presentations of annual events are soon available on the organizer's website.
Monday, April 28, 2008
The ITU/MIC Kyoto Symposium on ICTs and Climate Change closed 16 April with agreement that the International Telecommunication Union (ITU) should play a significant role in the global efforts to combat climate change. The Symposium had six substantive sessions, including:
- Climate change: ICTs to the rescue?
- Corporate responsibility: Towards a climate-neutral ICT sector
- ICTs for monitoring climate change
- ICTs as a clean technology
- Towards a high bandwidth, low carbon future
- Adapting to climate change
A number of actions were recommended for ITU such as assisting countries, in particular developing ones, to raise awareness on how information and communication technologies (ICTs) can help adapting and mitigating to climate change. Specific areas mentioned are, among others, strengthening the capacity of developing countries to use ICTs for sustainable development, disaster and emergency preparedness, actions on food insecurity, use of remote sensing, assistance to rural communities and coordinated action to assist the most vulnerable countries. Experts also recognized that each country should consider promoting the use of ICT applications for government services (e-Government) from national to local levels, as well as reducing the emission of greenhouse gases through environmentally friendly use of ICTs in other sectors such as public health, education, business and employment.
More information on the Symposium is available in the chairman’s report, the meeting summary and the ITU background report. Presentations from this event can be viewed here. The chairman’s report will be forwarded to upcoming meetings of the World Economic Forum, the Organisation for Economic Cooperation and Development (OECD) ministerial meeting in the Republic of Korea, the G8 meeting in Japan and the UN Framework Convention on Climate Change (UNFCCC).
The second ITU symposium on ICTs and climate change, will be held 17-18 June in London, hosted by BT. The London event will also be broadcast as a live Webinar. To register online at this event, see here.
Information Security experts recently revealed that government networks in Blighty and UN computers have been hacked and ensnared in a botnet. According to Websense, the attacks happened in March using some sort of SQL injection. It was said that the number of computers compromised is impossible to know but an estimate could be around 100,000 URLs. "A victim reaching a hacked site will be redirected a different page, hosted on a Chinese server. The IP address keeps changing within the JavaScript making it hard to locate."
Read the full article here.
Friday, April 25, 2008
The United Nations (UN) recently launched the e-Government Survey 2008: From E-Government to Connected Governance assessing the e-government readiness of the 192 Member States of the UN. The study results are based on a quantitative composite index of e-readiness, including website assessment, telecommunication infrastructure, and human resource endowment.
One of the key outcomes of the study is that information and communication technologies (ICTs) can help reinvent government in such a way that existing institutional arrangements can be restructured and new innovative approaches can flourish, paving the way for a transformed government.
The focus of the report, in Part II, is e-government initiatives directed at improving operational efficiency through the integration of back-office functions. Whilst such initiatives, if successful, will deliver benefits to citizens, the primary purpose is to improve the effectiveness of government and governmental agencies. Models of back-office integration, irrespective of the delivery mode, fall into three broad categories: single function integration, cross functional integration, and back-office to front-office integration. The level of complexity, expressed in terms of the number of functions within the scope and number of organizations involved, is the primary factor influencing a successful outcome - with a tendency amongst the more ambitious projects to fail to deliver the full anticipated benefits. The key variables involved in the delivery of back-office integration are the people, processes and technology required.
The report is available at the website of the Department of Economic and Social Affairs of the UN's Public Administration Programme. For more information, click here.
Tuesday, April 22, 2008
According to China's Computer Emergency Response Team (CN-CERT)'s 2007 annual report released last week, the greatest threat to the nation's portion of the internet are Trojan horse programs and bot software. Based on CN-CERT's findings, "the number of Chinese Internet addresses with one or more infected systems increased by a factor of 22 in 2007... [and] of 6.23 million bot-infected computers on the Internet, about 3.62 million are in China's address space." The report alse reveals that "domain name registration in the nation had almost tripled in the past year, attacks that tampered with legitimate Web sites grew 1.5 times, and malicious drive-by attacks jumped 2.6 times."
The report is currently only available in Chinese.
Read the full article here.
Monday, April 21, 2008
Six new standards enabling a more secure ICT environment have been approved by ITU. Experts say that the standards represent an important achievement reflecting the needs of business in establishing risk management strategies and the protection of consumers.
Three ITU-T Recommendations cover a definition of cybersecurity, a standardized way for vendors to supply security updates and guidelines on spyware. While the other three focus on countering the modern day plague of spam by providing a toolbox of technical measures to help consumers and service providers.
Recommendations on spam are a direct response to a call from the World Telecommunication Standardization Assembly (WTSA), the quadrennial event that defines study areas for ITU-T. Members asked that ITU-T define technical measures to tackle this plague of the digital world following growing global concern at additional costs and loss of revenue to Internet service providers, telecoms operators and business users.
Read the full news article on the ITU-T newslog.
Dan Kaminsky, director of Penetration Testing IOActive, Inc., gives a presentation on wildcard and NXDOMAIN redirection services. It discusses typosquatting, DNS ad injection, and provides several examples showing how these phishing trends work. Basically, it is quite possible for non-existent domains to be created validly on any random server, and to be near undetectable. Kaminsky concludes that "even small amounts of failed net neutrality can lead to catastrophic side effects on Internet security" and that "even if everything was 100% SSL, if the ISP could require code on the box, they could still bypass the crypto, and alter the content."
Access Dan Kaminsky's full presentation here.
On 15 November 2006, a Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on fighting spam, spyware and malicious software had been released. "The Commission Communication on a Strategy for a secure Information Society aims at improving the security of network and information at large and invites the private sector to address vulnerabilities in network and information systems that can be exploited to spread spam and malicious software. The Commission Communication on the Review of the EU Regulatory Framework proposes new rules to strengthen security and privacy in the electronic communications sector." This
Communication deals with the evolution of spam, and threats such as spyware and malicious software. It also takes stock of efforts made so far to fight these threats and identifies further actions that can be taken, including strengthening Community law, law enforcement, cooperation within and between Member States, political and economic dialogue with third countries, industry initiatives, and R&D activities.
Among the proposed actions in this Communication are:
- Member States and competent authorities are called upon to lay down clear lines of responsibility for national agencies involved in fighting spam, ensure effective coordination between competent authorities, involve market players at national level, drawing on their expertise and available information, ensure that adequate resources are made available to enforcement efforts, and subscribe to international cooperation procedures and act on requests for cross border assistance.
- Companies are encouraged to ensure that the standard of information for the purchase of software applications is in accordance with data protection law, contractually prohibit illegal use of software in advertisements, monitor how advertisements reach consumers and follow up on malpractice, and e-mail service providers to apply a filtering policy which ensures compliance with the recommendation and guidance on e-mail filtering.
- The Commission aims to continue efforts in raising awareness and fostering cooperation between stakeholders. It also aims to continue to develop agreements with third countries including the issue of the fight against spam, spyware and malware, introduce new legislative proposals that strengthen the rules in the area of privacy and security in the communications sector, present a policy on cyber crime, involve ENISA expertise in security matters, and support research and development in its FP7 program.
With the accelerating development and spread of spam, spyware and malicious software, "the Commission is using its role as an intermediary to create greater awareness about the need for greater political commitment to fight these threats."
Read the full Communication here.
More on European Union Laws here.
Wednesday, April 16, 2008
A presentation on "e-Environment Opportunities for ITU " has been posted online today on the ITU-D ICT Applications and Cybersecurity Division (CYB) website.
The presentation was made by Robert Shaw, head of the ICT Applications and Cybersecurity division, for the ICTs and Climate Change Symposium in Kyoto, Japan on 15-16 April 2008. It discusses definitions, the ITU report on "ICTs for e-Environment", background and objectives, environmental issues, trends of ICTs for environment, the effects of ICTs, e-Environment and sustainable development, implications for developing countries, and opportunities for ITU. More relevant information on the ITU activities on climate change website and on the CYB e-Environment website.
Monday, April 14, 2008
As an input to its activities on economics of network and information security (NIS), ENISA has commissioned a study identifying barriers and
incentives for NIS. The overarching aim of the report is to analyse the economic impact of NIS, to assess added value and contribution to the smooth functioning of the Internal Market for e-Communication. In February 2008, the report entitled "Security Economics and the Internal Market" by Prof. Ross Anderson, Rainer Böhme, Richard Clayton and Tyler Moore was submitted to ENISA, aiming:
- To identify existing economic barriers for addressing Network and Information Security (NIS) issues in a single, open and competitive Internal Market for e-Communication;
- To assess these barriers’ potential impact on the smooth functioning of the Internal Market for e-Communication;
- To identify and analyse incentives (regulatory, non-regulatory, technical, educational, etc.) for lifting these barriers identified to cause
distortion of the smooth functioning of the Internal Market for e-Communication;
- And to provide a range of recommendations to relevant actors (decision-makers both at EU and national level, industry, academia, etc.) for policy options, possible follow-up actions and initiatives.
The report identifies relevant groups of stakeholders and assesses their role and responsibilities. In addition, the report offers explanatory
and where possible causal linkages.
More information on the ENISA website.
Read the full report here.
The European Network and Information Security Agency, ENISA's report gives an overview on information security certifications of products, people and processes. It addresses common concepts, definitions, certifications of different types, as well as clarifies the mandatory and legal
background for some certifications. It also explores the analogies and disparities between a number of existing certification schemes. Finally, it
analyses current trends in certification and offers six recommendations to improve network and information security in Europe through a wider use of security certification.
Recommendations:
- ENISA recommends that organisations should certify their information security management systems, choose certified security products where possible and encourage information security employees to choose
one or more appropriate personal information security certifications. - Starting from ISO 27001 as the standard of choice for the certification of information security management systems in private and public organisations, the development of the complementary standards of the
27000 family should be encouraged. However, their value must be verified on a case-by-case basis.
The case of small or medium-sized organisations deserves particular attention.
- Special attention should be paid to areas where Common Criteria evaluation has become mandatory, and to the impact on the market.
The EC should reconsider the feasibility and benefits of extending the intergovernmental Mutual Recognition Agreement on Common Criteria to all Member States as a shared tool contributing to a more secure e-Communication market.
Government, vendors and security experts should analyse ways of building solid business models for product certification according to various schemes.
Framework Programme 7 should consider sponsoring research to analyse the economics of the certification of products. - The European Institutions should consider the feasibility of strengthening accreditation schemes related to people certification in IT security as well as a more systematic reference to recognised standards.
The European Institutions should also encourage the development of people certification adapted to different types of professional use of IT systems, from the enduser level (Computer Driving Licence) to the most professional (e.g. IT security officer). - The European Institutions should consider ways to reinforce bridges between education (schools and universities) and the certification process (private training and certificate providers) throughout a professional career.
- At a more individual level, ENISA recommends that the decision to seek a certificate should be based on the following questions: Do I want information security to be my certified profession? Do I want to prove that I can work in information security? Do I want to prove expertise in a very specific area of security? Or do I just want to prove IT skills which include aspects of security?
For more information, please refer to the full
report.
A presentation by Martin J. Levy of Tier1 Research and Josh Snowhorn of Terremark on Datacenter Power Trends - NANOG 42 Power Panel at the NANOG 42 meeting discusses colocation centre problems, how these came about, what is expected to happen, and how colo is considered the bottleneck of the Internet. As cited from the Gartner Research in 2006, "some organizations are in the unenviable position of paying more to power and cool a rack a servers than they paid for the rack and the servers themselves. Clearly things are moving out of balance." Case studies and possible solutions to these datacenter problems are also included in the presentation.
Read the full presentation here.
More on the NANOG 42 meeting here.
Friday, April 11, 2008
Wednesday, April 09, 2008
In Al Gore's new slideshow on climate change posted yesterday on TED.com, he presents evidence that climate change may could be even worse than scientists were recently predicting, and challenges us to act with a sense of "generational mission" - the kind of feeling that brought forth the civil rights movement - to set it right.
Mr. Gore was awarded the Nobel Peace Prize for 2007, along with the Intergovernmental Panel on Climate Change (IPCC), "for their efforts to build up and disseminate greater knowledge about man-made climate change, and to lay the foundations for the measures that are needed to counteract such change."
Monday, April 07, 2008
A recent paper of Andrew Odlyzko of the Digital Technology Center at the University of Minnesota discusses “the Internet’s role in aggravating and alleviating the energy crises”. The article points out that, since the days of the horse-drawn coach and the penny post in England, people have believed that travel and communications would be substitutes, i.e. an increase in one would result in a decrease in the other. Nevertheless, history has shown that both travel and communications have grown in parallel with economic growth and have been complementing and stimulating each other. This has happened despite – and even because of – technological developments in each of these two areas.
One could conclude from past experience, therefore, that the Internet – as a new form of communication – would cause a continued increase in travel, leading to ever-greater consumption of energy. The article highlights, however, that there is a key difference between the current situation and the past: the very high and growing price of energy. Because of this unique context, the article concludes that the Internet - and greater broadband deployment - may actually bring about a reduction in energy consumption by helping to reduce the need for travel as well as by bringing about other efficiencies.
To read the full article, click here.
Thursday, April 03, 2008
A report by the UK media regulator, Ofcom, has reported that 'millions of children are using social networking websites intended for older users.'
Despite the minimum age requirement of between 13 and 14 yrs set by Bebo, MySpace and Facebook, the report found that more than 25% of UK 8-11yr olds have a social network profile.
The Home Office is due to disclose a set of guidelines for such sites involving best practice, security and privacy on Friday 4th April.
This report by Ofcom showed a "significant difference" between the perception of risks in using social network sites between parents and children.
James Thicket, director of market research, Ofcom stated, "While people are aware of the status of their profile, there is a general lack of awareness of the issues attached to them around privacy and safety". He also added, "People put aside concerns about privacy and safety believing they have been taken care of by someone else".
The lack of child protection in such social network sites is further demonstrated by the following Ofcom figures:
41% of children allowed their profile to be viewed by anyone -
16% of parents did not know if their child's profile could be seen by strangers -
The vulnerability of children (especially younger ones) to online predators cannot be ignored and Mr Thickett goes on to say,
"Children are using these sites with a far lower awareness of some of the issues and rules that these sites entail".
Ofcom plan to monitor and review the new guidelines agreed by social networks and the Home Office.
Dr Rachel O'Connell, Bebo chief safety officer, said, "We're working with the regulatory bodies. It's critical to our business that we adhere to these guidelines".
For more information see BBC and The Guardian.
Tuesday, April 01, 2008
The impact of human activities on the environment – and on climate change in particular – are issues of growing concern confronting life on Earth. Concurrently, information and communication technologies (ICTs) are being rapidly deployed around the world. Although ICTs require energy resources, they also offer opportunities to monitor, learn about and protect the environment, reduce carbon emissions, and mitigate climate change.
A scoping study on using ICTs for environmental matters has been commissioned last year by the ITU's Telecommunication Development Bureau. This ICTs for e-Environment report approaches the issues from a development perspective and is based on consultations with key actors and extensive online research. It documents current activities and initiatives and makes a set of recommendations for strengthening the capacity of developing countries to make beneficial use of ICTs to mitigate and adapt to environmental change, including climate change.
The draft report and an overview presentation are available at ITU's ICT Applications and Cybersecurity Division dealing with e-Environment matters.
For more information about ITU activities relating to climate change, click here.
The International Telecommunication Union (ITU) issued a press release on the upcoming Symposia on ICTs and Climate Change that aim at reaching a better understanding of the relationship between information and communication technologies (ICTs) and climate change.
The International Symposia on ICTs and Climate Change, featuring high-level experts drawn from industry, government and academia as well as key writers on the topic, will seek to provide guidance to the global ICT sector on how to monitor, mitigate and adapt to climate change. The meetings will take place April 15−16 in Kyoto, Japan, co-organized and hosted by the Ministry of Internal Affairs and Communications (MIC); and 17−18 June 2008 in London, UK, supported and hosted by BT. These events will be available as a webinar so that remote participants can see and hear presentations from wherever they are in the world. Provision will also be made for remote participants to submit comments and questions.
It is estimated that ICTs contribute around 2-2.5 per cent of global greenhouse gas emissions. These percentages are likely to grow as ICTs become more widely available. At the same time ICTs can be a major linchpin in the effort to combat climate change. ICTs have the potential to serve as a potent, cross-cutting tool to limit and ultimately reduce greenhouse gas emissions across economic and social sectors, in particular by the introduction and development of more energy efficient devices, applications and networks, as well as their environmentally sound disposal. ICT can therefore be a key enabler to a low carbon economy while also promoting growth.
In December 2007, ITU representatives made a statement at the UN Conference on Climate Change in Bali, Indonesia, illustrating how ICTs are both a cause and a potential cure for climate change. UN Secretary-General, Ban Ki-moon previously underlined ITU’s role in meeting one of the most important challenges facing mankind. "ITU is one of the very important stakeholders in the area of climate change," he said. Dr Hamadoun I. Touré, ITU Secretary-General, said, "Unequivocal and authoritative scientific evidence, recent climate events and an increased public awareness have elevated climate change to the highest rungs of the political agenda — globally, regionally and at national levels. Climate change is a concern for all of humanity and requires efforts on the part of all sectors of society, including the ICT sector. ITU is committed to achieving climate neutrality and to working with our membership to promote the use of ICTs as an effective tool to combat climate change."
For more information on all ITU activities related to climate change, including e-environment, click here.
Thursday, March 27, 2008
The Guardian newspaper reports that the first UK national strategy for child Internet safety (which includes a streamlined system for classifying computer games and codes of practice for social networking sites) will be set out today, 27th March 2008.
This comprehensive and detailed report carried out by child psyhologist, Dr Tanya Byron, showed that parents are worried about online predators and children are worried by cyber bullying.
One of her proposals includes new codes of practice to regulate social networking sites, such as Bebo and Facebook, and standards on privacy and harmful content.
Dr Byron states that these social networking sites should be asked to agree on codes of practice on harmful content and calls for an independent body to evaluate whether the site is meeting such standards.
She is planning to say that the online explosion has rendered parents as "...the Internet immigrants" and children as "...the Internet natives.." leaving parents lagging behind as as result of the fast past of technology.
Dr Byron is reported to have said yesterday, "Ironically parents' concerns about risk and safety of their children in the streets and outside has driven a generation of children indoors, where it could be argued they are being exposed to a whole new set of risks".
Suprisingly, the British Board of Film Classification system fails to provide any indication about the actual content of computer games or to explain their age rating.
Full article here.
Wednesday, March 26, 2008
The UK government is pledging action to protect teachers from bullying through mobile phones and the Internet.
During the NASUWT Annual Conference 24-27 March 2008, Secretary of State for Children, Schools and Families, Ed Balls, is expected to address union members declaring that the cyber bullying of teachers should be regarded as a "serious disciplinary offence".
A "cyber bullying taskforce" for England will be responsible for preventing teachers from being targeted by pupils.
NASUWT leaders (the largest UK wide teachers' union) want mobile phones classified as "potentially offensive weapons" as well as a ban on online allegations. Until now the government taskforce has focused on the effects of cyber bullying on children, but with the increasing numbers of teachers being harassed online, the situation for teachers can no longer be ignored.
The cyber bullying taskforce includes representatives from anti-bullying and children's charities, the Internet industry and teachers' groups.
The general secretary of NASUWT, Chris Keates, stated, "I am pleased the government accepts that we need strong policies in schools which focus on teachers. Increasingly, teachers' lives are being destroyed by what pupils are doing" and added, "pupils who once had to content themselves with exhibiting poor behaviour when face to face with the teacher, now increasingly use technology to support their indiscipline. Relying on industry self-regulation to resolve this problem is the equivalent of waiting for hell to freeze over".
Read full article at BBC website.
Tuesday, March 25, 2008
Another "security lapse" has allowed unauthorised access to personal photos posted on Facebook. What makes this situation all the more worrying is that it happened after a recent upgrade to the website's privacy controls.
This incident was verified by the Associated Press after they were alerted by computer technician, Byron Ng.
Facebook spokeswoman, Brandee Barker stated, "We take privacy very seriously and continue to make enhancements to the site".
This latest lapse is yet another warning about the dangers of sharing photographs and personal information online, even when such websites attempt to assure its members that their information cannot be accessed by everyone.
Even after such warnings, increasing numbers of teenagers and young adults are still publishing personal details on the Internet.
MySpace.com, the only online social network larger than Facebook, also experienced a similar security lapse last year.
Full story at CNN website.
A blog entry by Jessica Hupp at VirtualHosting.com addresses the impact on the environment in web development and use of computer equipment in general.
It provides a sample collection of environmentally friendly applications, tools, networks and directories, web hostings, and others. The list mentions tools and resources concerning information and communication technology infrastructure, hardware, software, and so on.
For more information, click here.
Reuters recently reports on cyber warfare, from the Cold War Soviet oil pipeline explosion to the current information security situation. "The pipeline explosion was probably the first major salvo in what has since become known as cyber warfare. The incident has been cropping up in increasingly urgent discussions in the U.S. on how to cope with attacks on military and civilian computer networks and control systems - and how and when to strike back. Air traffic control, power plants, Wall Street trading systems, banks, traffic lights and emergency responder communications could all
be targets of attacks that could bring the U.S. to its knees."
According to Director of National Intelligence Michael McConnell's testimony to a Senate committee, "[the US] information infrastructure - including the Internet, telecommunications networks, computer systems and embedded processors and controllers in critical industries - increasingly is being targeted... by a growing array of state and non-state adversaries." The Pentagon adds that it detects three million attempts to infiltrate its computer networks every day. On a report of the US Government Accountability Office, an audit of 24 government agencies, including Defense and Homeland Security, had shown that "poor information security is a widespread problem with potentially devastating consequences" pertaining to the inevitable involvement of civilians with private companies owning more than 80 percent of the infrastructure.
"Unlike traditional defense categories (i.e. land, sea and air), the military capabilities required to respond to an attack on U.S.
infrastructure will necessarily involve infrastructure owned and operated by the private sector," according to Jody R. Westby, CEO of Global Cyber Risk and a champion of better public-private coordination to cope with cyber attacks.
The article further discusses the importance of public-private coordination and the power of botnets in this warfare. A scenario of the damage extent and how the cyber warfare may unfold was also drawn from an interview with Westby.
Read the full article here.
Wednesday, March 19, 2008
An unexplained "security breach" at the US supermarket chain, Hannaford Bros., resulted in 1800 reported (to date) cases of fraud after about 4.2 million unique card numbers were exposed. This is reported to be one of the largest data breaches ever.
Although the supermarket chain is said to have become aware of the breach on February 27, 2008, investigators report that it actually began on December 7, 2007 and Hannaford Bros. vice president of marketing, Carol Eleazer stated that, "it wasn't contained until 10 March, 2008".
The company's president and CEO, Ronald C. Hodge stated, " We have taken aggressive steps to augment our network security capabilities. Hannaford doesn't collect, know or keep any personally identifiable customer information from transactions".
The US Secret Service, whose duties include investigating electronic crimes such as data breaches, confirmed that they are investigating this case.
Beth Givens, director of Privacy Rights Clearinghouse said that debit card holders involved in this incident were most at risk of fraud. Banks generally cover costs from fraudlent charges on credit cards but it might prove more difficult in proving fraud once a criminal has cleared out an individual's bank account.
Visa and MasterCard state in their contracts with retailers that they do not divulge the source when a data breach occurs. Such a law does nothing to help either the customer or the retailer in these situations.
Following criticism of the delay in notifying the public about this breach, Carol Eleazer said, " We moved with all deliberate speed to get out to customers with information that we could have confidence in..."
Read full article at CNN website.
Tuesday, March 18, 2008
Once again parents in the UK are being warned by teachers about the possible dangers to children by Internet and mobile phone misuse.
A survey of the Association of Teachers and Lecturers' members reports that more than half are aware of pupils being "cyber bullied" and 16% have been victims themselves.
Dr Mary Bousted, General Secretary of the Association of Teachers and Lecturers calls for more serious consequences and policies which might deter such behaviours. She then went on to suggest that as most cyber bullying takes place outside school hours, it might be difficult for teaching staff to take action.
What about the parental role? With parents complaining that their young children are watching pornography in the school playground on their mobile phones, it seems that the call to engage parent-teacher dialogue is not before time.
Unfortnately the situation is more complex, as Dr Bousted points out the difficulty in punishing children for such behaviours without the complete support of the parents, adding, "...it's not just students who can behave inappropriately through the Internet, it's parents as well".
Read full article at BBC website.
Monday, March 17, 2008
The Washington Post's Security Fix features an article on vishing scams reporting three recent vishing attacks and how these attacks were done. According to the article, a series of well-orchestrated wireless phone-based phishing attacks against several financial institutions took place last week illustrating how scam artists are growing more adept at fleecing consumers by exploiting security holes in seemingly unrelated Internet technologies.
"The scams in this case took the form of a type of phishing known as "vishing," wherein cell-phone users receive a text message warning that their bank account has been closed due to suspicious activity, and that they need to call a provided phone number to reactivate the account. Victims who called the number reached an automated voice mail box that prompted callers to key in their credit card number, expiration date
and PIN to verify their information (the voice mail systems involved in these sorts of scams usually are run off of free or low-cost Internet-based phone networks that are difficult to trace and shut down)."
The article also pointed out the importance of installing the latest security updates on the Web servers as well as the use of non-obvious passwords to help mitigate these kinds of vishing attacks.
Read the full article on the Washington Post.
Once more there is some discussion about privacy laws regarding the content of e-mails.This time it concerns the publishing of letters reportedly sent by e-mail by an aide to the Mayor of London, Ken Livingstone. The American writer GK Chesterton is said to have argued that the best reason for leaving the country and moving to the city was to avoid everyone knowing your business.
Such a move might be laughable now, as it appears that privacy no longer exists. The author Clive James suggests,
"...every computer you sit down at, is a direct pipeline to universal publicity for any thought you dare to express..."
Indeed with the planned closure of around 3000 post offices in London, sending a letter by post may soon be a thing of the past.
Full article at BBC website.
Friday, March 14, 2008
Bill St. Arnaud writes about fiber to the home (FTTH) connections on his blog on Green IT/Broadband and Cyberinfrastructure. A presentation quoted of PriceWaterhouseCoopers and the European FTTH Council of 28 February 2008 takes into account CO2 emissions that are produced in the construction and deployment of fiber and measure them against the savings of three ICT applications in the area of telecommuting,telemedicine and home assistance. Among others, the main findings are that the environmental impact of the deployment of a typical FTTH network would be positive in less than 14 years regarding the selected services mentioned above. Additional existing or future applications would further emphasize these results.
For more information on the European FTTH Council, click here.
Thorsten Holz writes about Measuring and Detecting Fast-Flux Service Networks on the Honeyblog, a weblog that deals with IT-security related stuff, honeypots/honeynets, malware and bots/botnets. Findings on a lab project focusing on fast-flux service networks (FFSNs), a mechanism used by attackers to build an overlay network on top of compromised machines, were published in a paper at NDSS'08.
The paper presents the first empirical study of fast-flux service networks (FFSNs), a newly emerging and still not widely-known phenomenon in the Internet. "Through [their] measurements [they] show that the threat which FFSNs pose is significant: FFSNs occur on a worldwide scale and already host a substantial percentage of online scams. Based on analysis of the principles of FFSNs, [they] developed a metric with which FFSNs can be effectively detected. " Possible mitigation strategies are also discussed in the document.
Read the full paper here.
More about the paper on Honeyblog.
Thursday, March 13, 2008
Time Warner's AOL Internet Divison is buying the social networking site, Bebo, for $850m cash.
Social networking sites are valuable to online advertisers as the information posted by members is very valuable to online advertisers who can then target them with those products and services which match their profiles.
Bebo is reported to have 40 million members worldwide, many of whom are within the 13-24 year old age range and thus attractive to advertisers. ComScore report that Bebo is the UK's second most popular social networking site after Facebook. In the US, Bebo is the third biggest social networking site, after MySpace and Facebook. ComScore report that Bebo is the world's ninth most popular social site.
Read full article at bbc website.
On 11 March 2008, the Initiative for the Regional Integration of South American Infrastructure (IIRSA) and the Inter-American Communications Commission (CITEL) jointly organized at the Inter-American Development Bank (IDB) headquarters a workshop on International Roaming Services for Mobile Telecommunications, the first component of an IDB Technical Cooperation to support the project known as Implementation of a Roaming Agreement in South America, included in IIRSA’s Implementation Agenda Based on Consensus. Following this event was the XII meeting of the Permanent Consultative Committee on Telecommunications I (PCC.I) of CITEL, held at the IDB’s headquarters, in Washington D.C., from 12 through 14 March 2008, during which telecommunication-related topics deemed important for the region were discussed, such as the coordination of standards for telecommunication networks and services, convergence, analysis of cybersecurity issues and critical infrastructure and the use of telecommunications in emergencies, among others.
A presentation on the Overview of ITU-D Activities Related to Cybersecurity and Critical Information Infrastructure Protection was given by Robert Shaw, head of the ICT Applications and Cybersecurity division, during the CITEL meeting, providing background information on ITU, cybersecurity, related ITU key activities underway, and an outline of the Framework for Organizing a National Approach to Cybersecurity. Specific cybersecurity-related activities and initiatives as well as a case study on botnets were also presented.
Another presentation on Management Framework for Organizing National Cybersecurity/CIIP Efforts was given by Joe Richardson, further discussing the ITU Framework for Organizing National Cybersecurity/CIIP Efforts and the ITU National Cybersecurity/CIIP Self-Assessment Toolkit.
For more information on CYB's activities involving cybersecurity, visit the division website.
Tuesday, March 11, 2008
The ICANN Security and Stability Advisory Committee (SSAC) recently released an advisory on fast and double flux attacks. "'Fast flux' is an evasion technique that cyber-criminals and Internet miscreants use to evade identification and to frustrate law enforcement and anticrime efforts aimed at locating and shutting down web sites used for illegal purposes." This Advisory describes the technical aspects of fast flux hosting and fast flux service networks. It explains how the DNS is exploited to abet criminal activities that employ fast flux hosting, identifying the impacts of fast flux hosting, and calling particular attention to the way such attacks extend the malicious or profitable lifetime of the illegal activities conducted using these fast flux techniques. It describes current and possible methods of mitigating fast flux hosting at various points in the Internet. The Advisory discusses the pros and cons of these mitigation methods, identifies those methods that SSAC considers practical and sensible, and recommends that appropriate bodies consider policies that would make the practical mitigation methods universally available to registrants, ISPs, registrars and registries (where applicable for each).
Read the full advisory here.
Wednesday, March 05, 2008
The Global Digital Solidarity Fund (DSF) today launched the project of "1000 Telemedicine Units for Africa". This eHealth initiative aims to support financing telemedicine units in Africa as well as to enable health professionals to obtain continuing education. The project consists of equipping district hospitals with diagnostic tools and internet connectivity to enable real-time or deferred exchanges with experts at a distance and to update medical knowledge of health professionals through e-Learning tools.
To date, DSF partners in this project are the Network of French-speaking Africa for Telemedicine (RAFT) of the University Hospitals of Geneva and the Africa Health Infoway (AHI) of the World Health Organization.
For more information on DSF, click here.
Monday, March 03, 2008
The UK industry watchdog, the Press Complaints Commission (PCC), will undertake an investigation into the use of material taken from personal profiles on social networks by newspapers.
Tim Toulmin, director of the PCC has said that his organisation had received complaints from people about material "that is being re-published when they themselves are the subject of news stories", and suggests that guidelines are necessary in order to guide the press in their use of social network content. Due to the present lack of boundaries, the PCC has commissioned Ipsos MORI to conduct research into public attitudes. In addition, Mr Toulmin points out that social networking sites have a responsibility to advise their users about the implications of uploading personal information to public, or semi-private spaces and goes one step further, saying, "..the press do have obligations over and above those that govern the online community".
However, Bob Satchwell, Director of the Society of Editors stated that the press should be subject to the same regulation as the public.
The recent media interest in the large number of suspected suicides among young people in Brigend, UK, has caused concern about the way social network profiles were being used by journalists.
The British Journal of Photography has stated that the publication of images on social networks does not automatically grant rights to republish photographs elseware.
Read full article on BBC website
The European Commission recently proposed a new Safer Internet programme to enhance the safety of children in the online environment. Encompassing recent communications services from the Web 2.0, such as social networking, the new programme will fight not only illegal content but also harmful behaviour such as bullying and grooming. With a budget of €55 million, the programme, which builds further on the successful Safer Internet programme started in 2005, will run from 2009 to 2013.
The proposed new programme will:
- Reduce illegal content and tackle harmful conduct online.
- Promote a safer online environment.
- Ensure public awareness.
- Establish a knowledge base.
Read the full press release here.
For more information on the Safer Internet Programme, click here.
Wednesday, February 27, 2008
Websense Security Labs has discovered that Google’s popular web mail service Gmail is being targeted in recent spammer tactics. Spammers in these attacks managed to create bots that are capable of signing up and creating random Gmail accounts for spamming purposes. Websense believes that from the spammers’ perspective, there are four main advantages to this approach. First, signing up for an account with Google allows access to its wide
portfolio of services. Second, Google’s domains are unlikely to be blacklisted. Third, they are free to sign up. And fourth, it may be hard to keep track of them as millions of users worldwide are using various Google services on a regular basis. According to Websense, these accounts could be used by spammers at any time for abusing Google’s infrastructure. A wide range of attacks could be possible as the same account credentials can be used to target various services offered by Google.
A detailed analysis report is provided showing the entire process of the CAPTCHA breaking hosts. Read more about the analysis report here.
The Australian federal Government's plan to have internet service providers filter pornography and other internet content deemed inappropriate for
children is going full-steam ahead. The Government wants to evaluate content filters in a controlled environment. Trials are to be conducted soon in a closed environment in Tasmania. Enex TestLab was selected more than six months ago after the Australian Communications and Media Authority closed a tender for an organisation to test ISP-based content filters. ISP-based filters will block inappropriate web pages at service
provider level and automatically relay a clean feed to households. To be exempted, users will have to individually contact their ISPs. The trial will evaluate ISP-level internet content filters in a controlled environment while filtering content inappropriate for children, Enex said. "We invite vendors of all types (hardware appliances, software - proprietary or open-source) of ISP-based internet content filters to participate." The testing is slated for completion by July and will be followed by live field trials.
The internet sector has consistently voiced concern about the Government's ISP filters. Internet Industry Association chief executive Peter Coroneos has said any clean feed policy would have to be balanced against the likely financial and performance costs, and ACMA's first annual report to Senator Conroy confirmed his fears. On the performance impact of filters, ACMA said: "In the case of personal computers the cost of upgrading processing power may be modest (although significant in terms of household income). "However, for ISPs the cost of upgrading or augmenting the expensive hardware that they typically deploy may be substantial, particularly for small providers."
Read the full article on the Australian IT.
Tuesday, February 26, 2008
According to a report from vendor Mcafee, the growing number of cyber criminals in areas of Asia and Eastern-Europe is the result of a lack of IT jobs for qualified professionals. Joe Telafici, vice president of operations at Mcafee says that "the motivation to engage in illegal behavior is strong in Eastern Europe where technical skills were widely taught during the Cold War but economic
opportunities are limited. The same is true in Asia, where population growth has stretched strong economic performance to the limits." In China, 43 per cent of IT graduates are unemployed, and hacker "training" web sites are creating a pool of effective malware authors and paying them like
a legitimate business.
Read the full article here.
GigaOm Earth2Tech’s 101 Cleantech Startups provides a map showing cleantech hot spots around the globe. The different sectors such as solar, energy storage, biofuels and electric vehicles are all represented by a logo, and each pin on the map has all of the vital stats for each startup (founding year, investors, technology, etc.).
For more information, visit GigaOm's Earth2Tech website.
View the map here.
Monday, February 25, 2008
The ITU-T newslog featured the following entry last Friday:
Senior technical experts have laid down the gauntlet on energy saving in information and communication technologies (ICTs) following a recent meeting in Geneva. Following tutorials on power saving, at a February meeting of ITU-T’s Study Group 15, experts agreed to work towards a proposed percentage reduction of power consumption in broadband technologies. The aim is for the agreed figure to form part of a Resolution from the upcoming World Telecommunication Standardization Assembly. Reduction of power consumption should and can be done without the degradation of services according to experts.
The UN Secretary-General, Ban Ki-moon has also underlined ITU’s role here saying: "ITU is one of the very important stakeholders in the area of climate change." ITU representatives made a statement at the UN Conference on Climate Change in, illustrating how ICTs are both a cause and a potential cure for climate change.
Speaking during the event attended by over 100 representatives from the ICT industry worldwide for each of its three, hour-long sessions, the Deputy Secretary-General of ITU, Houlin Zhao expressed appreciation that the meetings had proven so popular at such an early stage of the work. He pointed out that ICTs are responsible for 2.5 per cent of carbon emissions. This is roughly the equivalent of the airline industry and would require our urgent attention, he said.
The issue of power saving will be discussed within the wider context of climate change at ITU Symposia on ICTs and Climate Change to be held 15-16 April 2008 in Kyoto (Japan) and hosted by the Ministry of Internal Affairs and Communications and 17-18 June 2008 in London (Great Britain) and hosted by British Telecom. The events are part of a new initiative by ITU to better understand how ICTs can help mitigate and adapt to climate change as well as monitoring its impact.
Experts speaking at the SG 15 tutorials pointed to inefficiencies in terms of end-device power consumption level compared to the signal power. The deployment of passive optical network (PON) technology is of particular concern as operators worldwide rollout this new technology that some predict will massively increase power demands. Some simple measures, for example specifying power saving modes in network terminations such as: ‘asleep’, ‘standby’, as well as ‘on’ and ‘off’, were cited by speakers. It was also noted that next-generation networks (NGN) can lower greenhouse gas emissions by reducing network complexity, and introducing equipment that is more tolerant to natural climatic conditions and therefore does not require air conditioning. Smart buildings, energy supply and transport industries must all play their part in achieving greenhouse gas reductions.
A first and completed task of the ITU experts has been to create a power saving checklist for standards authors. Malcolm Johnson, Director of the Telecommunication Standardization Bureau, ITU congratulated SG 15 for responding so quickly to the request to address climate change. He urged all Study Groups to start the process of reviewing their Recommendations (ITU’s name for standards) according to the new checklist and assign appropriate metrics regarding reduction of greenhouse gases.
The checklist is intended to ensure that standards are drafted taking into account the most economic and energy-efficient solution, particularly related to energy saving in networks. Experts propose that each new ITU-T Recommendation should contain a clause that identifies its impact on climate change and demonstrates ways that it contributes towards emission reduction, covering both production and the use of the equipment.
To ensure that this work is completed with the highest degree of efficiency there is broad consensus that ITU action has to be taken into account collaborating in partnerships with other bodies working in the field and that everything is done to avoid duplication of work.
For activities carrying out in ITU's Telecommunication Development Sector on ICTs and climate change and e-environment, click here.
Friday, February 22, 2008
The ITU Regional Cybersecurity Forum ended yesterday following the adoption of the Doha Declaration on Cybersecurity. The ITU Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection (CIIP) was held in Doha, Qatar, 18−21 February 2008 in collaboration with the Qatar Supreme Council of Information and Communication Technology (ictQATAR) and the Qatar Centre for Information Security (Q-CERT). Over 80 representatives from 18 countries in the Arab region as well as key regional organizations including the League of Arab States, Gulf Cooperation Council, and United Nations Economic and Social Commission for Western Asia, participated in the Forum.
"Global interconnectivity creates new interdependencies and risks that need to be managed at national, regional and international levels," said Mr Sami Al Basheer Al Morshid, Director of ITU’s Telecommunication Development Bureau. "The formulation and implementation by all nations of a national framework for cybersecurity and critical information infrastructure protection represents a significant first step in addressing the challenges arising from globally interconnected ICT infrastructures."
During the event, the role of governments in leading national cybersecurity efforts was discussed as well as the critical role of the private sector and other groups in developing policy and law aimed at the implementation and operation of a national cybersecurity strategy. The Forum stressed the importance of reviewing national cybercrime legislation to address threats in cyberspace and called for a national focal point for cyber-incident management to strengthen watch, warning, investigation, response and recovery. Discussions were also held on the necessity of promoting a national culture of cybersecurity to ensure that all users, owners and operators of information systems and networks know their responsibilities with regard to security and develop appropriate tools to combat cyber attacks.
Referring to the recent damage to undersea optical cables, said to have been caused by an adrift ship anchor according to the operator
FLAG, Mr Al Basheer said that experience is the hardest teacher. "Whatever the cause, whether intentional or not, whether cybercrime or a mundane accident, the lesson we take away is that every nation needs to organize itself to take coordinated action related to the prevention of, preparation for, response to, and recovery from cyber incidents," said Mr Al Basheer.
Read more of the ITU press release here.
Thursday, February 21, 2008
According to reports, DDoS (Distributed Denial of Service) assaults on online gambling sites, particularly on major online poker websites, have surfaced this week. The online poker information portal Poker-king.com advised that many online poker and casino properties have suffered outages, naming Full Tilt Poker as probably the most visible with an inaccessible website for as long as 48 hours, probably incurring serious losses in business. As of 5 am EST Tuesday, the website is redirecting to www2.fulltiltpoker.com as a consequence of the attacks. According to the ShadowServer.org organisation, the attacks on Internet gambling sites commenced on 10 February 2008 and continued through to 18 February 2008. Among the targets were Full Tilt Poker, Party Casino, Titan Poker, Virgin Games, CD Poker, Europa Casino, and a number of Russian online gambling including Pokerlistings.ru. The extent of the outages for each site varied depending on the ferocity of the attacks and if they had any anti-DDoS attack measures in place. Full Tilt Poker is clearly still having issues while a number of the Russian web properties are still down. There have been reports that Full Tilt's poker room has crashed numerous times over the past few days, including an embarrassing outage during the final table of the FTOPS main event. The motive behind the attacks is still unknown.
Read the full report here.
Monday, February 18, 2008
In the context of promoting Risk Management and Information Security, ENISA has generated material that can help Small and Medium Enterprises (SMEs) to understand and to apply simplified Risk Management methods. The aim of this document is to provide a simplified and comprehensive view of risk management/risk assessment for use within small and medium sized enterprises (SMEs). To achieve this goal, the present document has been structured in a modular way. It is made up of various parts each devoted to particular needs of stakeholders involved in the process of risk assessment and risk management. The philosophy behind the generation of this material was to shield (non-expert) users from the complexity of risk management and risk assessment activities. In doing so, some complex security matters have been simplified to the minimum needed to achieve an acceptable security level.
For more information, see the relevant deliverable.
As a further step towards the promotion of Risk Management, ENISA has also planned to pilot this method with a number of European stakeholders. The selected pilots will be financially supported by ENISA, helping them to install Risk Management within their IT infrastructure and perform an initial Risk Assessment. Potential stakeholders (e.g., SMEs, associations, etc) who would like to run such pilots are requested to apply for a possible Risk Management introduction project. The deadline for proposals is the 29th of February 2008.
Please visit the ENISA website for more information.
OECD, through its Working Party on Indicators for the Information Society, developed Measuring the Impacts of ICT Using Official Statistics. This paper presents available (mainly official) statistics on the impacts of ICT and discusses a number of statistical issues associated with ICT impact measurement. It attempts to place ICT impacts measurement into an Information Society conceptual framework and suggests a number of areas for further work.
Read the full paper here.
Friday, February 15, 2008
Once more there is controversy over a new database due to go online in September 2008, which will hold the school records of all UK school pupils aged 14years and over. Amid security concerns from a number of sources, the British government is under pressure not to implement it.
The Learning and Skills Council (LSC) insist that it is not a "tracking system" and would in fact be using existing information that had been collected a number of times already. David Russell, national director of resources at the LSC, said "It will only hold factual information such as name, surname, age, postcode, qualifications achieved and courses attended."
Under the Managing Information Across Partners (MIAP) system - to be launched on Thursday 21st February 2008 by Higher Education Minister Bill Rammell - the number will stay with them until they retire.
However, data security watchdog, the Information Commissioner stated that no database could be totally secure and a spokesman added, "We have provided advice and assistance to help ensure that this system is watertight and secure - but no system is immune to human error and breaches can and do occur..."
Last year, the British government put another planned database of children, ContactPoint, on hold, pending a security review and changes to the system including its access controls. ContactPoint is designed for use by child protection agencies. The review was ordered after the loss by HM Revenue and Customs of two discs containing the personal and bank details of 25 million people.
Read full article at the BBC News website
The ITU-D secretariat-based derived base version of the October 2007 draft of the Study Group Q.22/1 Report on Best Practices for a National Approach to Cybersecurity: a Management Framework for Organizing National Cybersecurity Efforts is now available online.
This report provides national administrations with a management framework for addressing cybersecurity at the national level and for organizing and implementing a national cybersecurity strategy. As existing national capabilities vary greatly and threats constantly evolve, the report does not provide a prescriptive approach to securing cyberspace. Rather, the framework describes a flexible approach that can assist national administrations to review and improve their existing institutions, policies, and relationships addressing cybersecurity issues.
Although this report is focused on cybersecurity, we note that protection of physical network assets is an equally important priority. We also note that best practices in cybersecurity should in no way suppress freedom of speech, free flow of information and/or due process of law.
The five key elements outlined in this report are:
- Developing a National Strategy for Cybersecurity;
- Establishing National Government–Industry Collaboration;
- Deterring Cybercrime;
- Creating National Incident Management Capabilities; and
- Promoting a National Culture of Cybersecurity.
This document is based on studies underway in the ITU Telecommunication Development Sector’s ITU-D
Study Group Question 22/1: Securing information and communication networks: best practices for developing a culture of cybersecurity.
To continue reading the report, click here.
More information on ITU-D activities related to cybersecurity here.
A draft paper from Bill St. Arnaud, entitled ICT and Global Warming Opportunities for Innovation and Economic Growth, is now available online. There has been considerable interest recently about how ICT (Information, Computer, Telecommunications) technologies and how they can address the global challenges of protecting the environment and supporting sustainable development. The subject of ICT and the environment covers a wide range of fields such as sustainable development, using ICT to improve practices in agriculture and forestry, monitoring atmospheric and water pollution, waste management and recycling, improved energy efficiency and, of course ICT as a source of toxic waste in its own right. Although these are all important areas of scientific research and public policy, the intent of the report is not to address the various areas on how ICT can address global environment challenges such as the emission of Green House Gases (GHG). Instead the purpose of this brief report is to focus on the opportunities for innovation and economic growth that might arise through the use of ICT to address the challenge of GHG emissions.
To date most approaches for using ICT to reduce GHG emissions have focused on "sackcloth and ashes" approach of reducing energy consumption or emission abatement techniques such as tele-commuting, tele-presence, etc. Various industry consortia and government programs have been set up to promote innovation in these areas. Although these may be worthwhile endeavours, they have been in existence for some time and so far, have made little progress in reducing energy consumption or GHG emissions. Rather than focusing on energy efficiency or abatement techniques, the document aims to demonstrate that ICT can provide much greater opportunities for innovation and economic growth through a strategy of "zero carbon" for the ICT industry itself and using ICT e-products and e-services as a reward mechanism to encourage consumers and businesses to reduce their
overall carbon footprint including heating, transportation, etc.
Read the complete draft paper here.
For additional information, please contact the author or visit the Green/IT and Cyber-infrastructure blog.
Wednesday, February 13, 2008
Safer Internet Day, 12th February 2008, was marked around Europe with events to educate children and parents about Internet dangers. A spokeswoman for the Child Exploitation and Online Protection (CEOP), which is coordinating the UK's involvement, said its efforts were focused on getting schools to run assemblies that discuss the issue, had these comments: "it is about them talking about the issue, the personal information they put online and their social networking profiles". Dr David King, chair of the Information Security Awareness Forum (ISAF) voices his concerns about the growing number of messages aimed at young people, "There are a lot of messages coming out from lots of different places but the question is who do you listen to?". ISAF plans to produce best practice guides for businesses and to run events to raise awareness about computer security and will collaborate with web-safety campaign Get Safe Online to promote security awareness.
Read full article at the BBC News website.
Tuesday, February 12, 2008
According to the Washington Post, new research from Damballa suggests that the Storm worm has its roots in "Bobax worm," a computer worm that first surfaced as early as 2004. Bobax spread by exploiting various vulnerabilities in the Microsoft Windows operating system, and turned infected machines into spam-spewing zombies. Damballa researcher Chris Davis asserts that the Storm worm actually first surfaced in late 2006 as seen on this SANS Internet Storm Center alert on 29 December 2006. On 19 January, F-Secure reported receiving a flood of spam advertising new versions of Storm. Researchers soon discovered that all infected systems were controlled using the eDonkey peer-to-peer file (P2P) communications protocol, the same technology
and networks used by millions of people to share movies and music online. Paul Royal, Damballa's principal researcher said "they basically took Bobax and made all of them become Storm victims, and then started the propagation of Storm through that method. So Storm used a big botnet to bootstrap
itself, and it was the vehicle by which Storm became very popular very quickly." Damballa
estimates that roughly 17,000 systems remain infected with Bobax.
Read the full article on the Washington Post.
InSafe, the European network of Internet safety awareness nodes, holds its 5th Safer Internet Day today, 12 February 2008, dedicating some time in schools to reflect on some of the Information and Communication Technologies issues and more importantly raising awareness of them. A competition
launched in October 2007 invited young people between 5-19yrs of age to share their online lives and compete for prizes. This year's theme is "Life online is what YOU make of IT." With this, the youth were encouraged to draw from their creativity to illustrate their views of the online
world.
More information about the Safer Internet Day 2008 on the InSafe website.
Thursday, February 07, 2008
With the rise of initiatives such as the One Laptop Per Child (OLPC) and Classmate, security experts warn that this development could mean an explosion in botnets in the developing world. However, Ivan Krstic, OLPC's director of security hardware, points to the choice of Linux as the operating system for the computers emphasizing that for an attack with an overall control, it would have to be written to the system kernel, and those vulnerabilities are patched very quickly making it difficult to get them to run bots. There is an option to run Windows XP on the machine though making all connotations of Windows security apply.
"The bigger problem in the long term may be the developing world's choice of operating system. 'Most of the machines we are shipping have Windows on them. That's the operating system most countries want,' says Intel. It adds that teachers will receive training from Intel to monitor the network and will be able to see if changes have been made to the machines: 'Some schools using the computers will have a teacher who is
responsible for security on their networks, others will have an IT person.' As a last resort the Classmate, like the OLPC XO, can be wiped clean and restored to its factory settings. But while Windows has its problems, Linux may not offer much better protection, says Guillaume Lovet, a botnet expert for Fortinet. 'The first botnets were Stacheldraht, Trinoo and TFN, and were built in Linux,' says Lovet. He also dismisses claims that the low bandwidth and internet use in parts of the developing world - the World Economic Forum's 2007 Africa Competitiveness Report estimated that African internet use was just 3.4% of the world total - would act as a brake on the development of botnets. 'It doesn't take any bandwidth to control or make a botnet,' Lovet says. 'Aggregated bandwidth is what is important, and that would still be massive. You could still build a huge cyber-weapon with only a thousand of these machines.'"
Intel and OLPC point out that the laptops will often only have intermittent connectivity which could lower the risk of getting infected. This could lower the chances of getting security upgrades as well though. Rolf Roessing, a security expert for KPMG, notes "if we are to bring IT to Africa then it will not work unless we bring security with it. Computer security in the west grew because of a loss of innocence and there are still weaknesses in the developed world because of a lack of awareness. If you bring IT to developing countries then you have to develop awareness, too."
Read the full article on The Guardian.
Wednesday, February 06, 2008
The European Journal of ePractice yesterday published its second issue on "New e-ways of doing the Government's job" with some case studies that show Administrations are willing to experiment. From interoperability, to Radio Frequency Identification (RFID) via online portals to bridging the digital gap, public actors take home important insights every day thanks to e-Government applications and services. The second issue of this journal includes topics of interest in e-Government such as:
- Interoperability and the exchange of good practice cases
- Using online auctions to sell surplus property
- Some best practices in e-Government
- Using RFID in healthcare organizations
- Example of a city library trying to bridge the digital divide
For more information on the European Journal of ePractice as part of ePractice.eu, an interactive initiative created by the European Commission, click here.
Technology Review provides a detailed analysis of the recent Internet outage in the Middle East and Asia. The report recounts how the undersea cable damage largely affected the ISPs in the region as well as outsourcing companies who increasingly rely on these connections. It also briefly discusses how undersea cable repairs are done, and further emphasizes the concerns related to these kinds of damage. "In the wake of the fiber breaks, [ISP Association of India secretary R. S.] Perhar says that his organization is encouraging ISPs and companies dependent on fast connections to continue diversifying their bandwidth sources as much as possible, and to lobby for new cable to be laid." Tim Strong, analyst at Telegeography Research adds that "with more cables, it's getting better over time, but
there will still be a lack of physical, geographical redundancy."
Read the full article here.
Tuesday, February 05, 2008
Monday, February 04, 2008
The International Telecommunication Union (ITU) extended its call for papers for the ITU Symposia on ICTs and Climate Change to 29 February 2008.
The first symposium will be held in Kyoto, Japan (15-16 April 2008, hosted by the Ministry of Internal Affairs and Communication) and will be followed by finalizing the initial proposals at a second symposium in London, UK (17-18 June, hosted by British Telecom). These symposia will bring together key specialists in the field, from top decision-makers to engineers, designers, planners, government officials, regulators, standards experts and others. To contribute to this work, stakeholders are invited to submit an abstract, of maximum 300 words, for a paper or presentation which is relevant to one of more of the topics above.
The topics of interest at the symposia include:
- Climate change and the impact of ICTs
- Use of ICTs in monitoring climate change
- ICTs for mitigating the local effects of climate change
- ICTs and concerted action against global warming
- ICT standardization in the field of climate change
For more information on the ITU Symposia on ICTs and Climate Change, click here. For information on ITU's e-environment activities, click here.
The Global e-Sustainability Initiative (GeSI) recently commissioned a research study to assess current carbon impacts of the information and communication technology (ICT) sector and to analyse the role of ICTs in catalyzing transformation to a low-carbon economy. With a focus on both developed and emerging economies, the study aims to:
- Deliver a globally comprehensive picture of direct and indirect carbon emissions of telecommunications, computing, services and software.
- Define common themes across the lifecycle of ICTs, identifying critical trends, scenarios and impact assessments for the ICT sector to 2020.
- Create a ‘road map’ to allow the ICT sector to act now on reducing global energy usage and greenhouse gas emissions.
To know more about the study, click here.
The Global e-Sustainability Initiative (GeSI) is an initiative of Information and Communications Technology (ICT) companies aimed at improving the sustainability impact of the ICT industry, and is supported by the International Telecommunication Union and the United Nations Environment Programme.
Friday, February 01, 2008
The ITU Telecommunication Standardization Sector announces the Study Group 15 tutorials on energy saving techniques to be held on 13-15 February 2008. This activity is in the context of ITU-T's efforts to address climate change issues. "A checklist for developers of standards is already under development in SG 15. The technologies considered in the list include optical transport networks and access network transport technologies such as
digital subscriber line (DSL) and Gigabit-capable Passive Optical Networks (GPON). Together these technologies represent a significant consumption of energy worldwide. The idea is that the checklist is applied before the work commences, during the work and after the completion of the work. The use of the checklist should ideally be complemented by involving energy efficiency experts and users in the process."
Other topics in the tutorials include energy efficient Ethernet and opportunities and techniques for power saving in DSL and PON. Also, a general introduction to the issues surrounding ICTs and climate change, (to be addressed in two upcoming ITU Symposia on ICTs and Climate Change), and an update on the outcome of the UN Climate Change Conference in Bali, December 2007, will also be discussed.
More updates on this event on the ITU-T Newslog.
More information on ITU-D's activities involving ICTs and the environment (e-Environment) here.
The recent Internet outage has left the experts speculating that there may be greater demand for telecom capacity in the future. Reports indicated difficulty with receiving data sent from the United States to countries affected by the cable damage with an average 50% increase in the time it takes to download Web sites and a 10% decrease in the availability of Web sites overall, Keynote Systems said. Abelardo Gonzalez, a product manager at Keynote, believes the damaged cable incident will spur many global companies to think about new ways of staying connected to the Web in case of emergencies. He adds that companies should look into having backup connectivity through multi-honing their ISPs or even through having a satellite uplink for last-resort connections.
The damage to the cables has raised concerns about future incidents in which a greater number of cables could experience more significant levels of destruction. Paul Polishuk, the president and chairman of the board of the IGI Group of Companies, says one problem with many of the underwater cable systems is that many of the cables join together at shared landing points that could leave large swathes of telecom infrastructure vulnerable to potential terrorist attacks. Andrew Odlyzko, the director of the University of Minnesota's Digital Technology Center, shares Polishuk's concern about the cables' vulnerability and thinks that any significant damage to cables at major landing points would have serious economic consequences as evident on the 2006 earthquakes
that severely disrupted Taiwan's Internet access.
Read the full article on Network World.
Thursday, January 31, 2008
The Guardian reports on how tens of millions of internet users across the Middle East and Asia have been left without access to the web due to a fault in a single undersea cable believed to be a major internet pipeline connecting to Europe. The outage was said to have first struck yesterday morning and has severely restricted internet access in India, Egypt and Saudi Arabia.
"The line in question runs under the Mediterranean, from Palermo in Italy to Alexandria in Egypt. It is not clear what caused the break. The cable is one of only a handful of connections, and part of the world's longest undersea cable, 24,500 miles long, running from Germany,
through the Middle East and India before terminating in Australia and Japan... Egyptian officials said that around 70% of the country's online traffic was being blocked, while officials in Mumbai said that more than half of India's internet capacity had been erased, which could have potentially disastrous consequences for the country's burgeoning hi-tech industry. 'There has been a 50% to 60% cut in bandwidth,' Rajesh Charia, president of the Internet Service Providers' Association of India told Reuters."
According to the report, the outage will take several days to fix, and could have a drastic impact on communications, businesses and the hi-tech industry as well as banks and stock market trading around the region and across the globe.
More details on the digital blackout here.
Nnamdi Chizuba Anisiobi, age 31, of Nigeria; Anthony Friday Ehis, age 34, of Senegal; and Kesandu Egwuonwu, age 35, of Nigeria have pleaded guilty to charges related to spam e-mail that promised U.S. victims millions of dollars from an estate and a lottery, the U.S. Department of Justice announced Wednesday. The three were arrested in Amsterdam on Feb, 21, 2006. One of the case scenarios was an e-mail sent by the defendants to thousands of potential victims purporting to be from an individual suffering from terminal throat cancer who needed assistance distributing approximately US$55 million to charity. According to the DOJ, the fraud victims lost $1.2 million by giving the defendants advance fees. "Anisiobi pled guilty to one count of conspiracy, eight counts of wire fraud and one count of mail fraud. Ehis pled guilty to one count of conspiracy and five counts of wire fraud. Egwuonwu pled guilty to one count of conspiracy, three counts of wire fraud and one count of mail fraud. The maximum penalty for mail and wire fraud is 20 years in prison. The conspiracy charge carries a maximum penalty of five years in prison." A fourth defendant, Lenn Nwokeafor, was also reported to have fled to Nigeria. He was subsequently arrested by the Nigerian Economic & Financial Crimes Commission on July 27, 2006, and is now being held by the Nigerian authorities pending extradition to the U.S..
Read the full article on The New York Times.
Wednesday, January 30, 2008
The Wall Street Journal recently reports on President Bush's move to improve protection against cyberattacks. Despite promising a frugal budget proposal next month, an estimated $6 billion has been allocated to build a secretive system protecting U.S.
communication networks from attacks by terrorists, spies and hackers. "Administration officials and lawmakers say that the prospect of cyberterrorists hacking into a nuclear-power plant or paralyzing Wall Street is becoming possible, and that the U.S. isn't prepared. This is 'one area where we have significant work to do,' Homeland Security Secretary Michael Chertoff said in a recent interview."
Read the full article on the Wall Street Journal.
Monday, January 28, 2008
Net-Security.org recently interviewed Nitesh Dhanjani and Billy Rios, well-known security researchers that have recently managed to infiltrate the phishing underground. The interview gives readers a rundown on how Dhanjani and Rios saw an extraordinary amount of sensitive customer account information, obtained the latest phishing kits, located and examined the tools used by phishers, trolled sites buying and selling identities, and even social engineered a few scammers. They also expose on this interview the tactics and tools that phishers use, illustrate what happens when your confidential information gets stolen, discuss how phishers communicate and how they phish each other.
Read the full interview here.
Speech recognition technology has been an accelerating technological development and is now making its way to the mass market. Among these companies providing speech recognition technology is Vlingo Corporation. "Vlingo’s service lets people talk naturally, rather than making them use a limited number of set phrases. Dave Grannan, the company’s chief executive, demonstrated the Vlingo Find application by asking his phone for a song by Mississippi John Hurt (try typing that with your thumbs), for the location of a local bakery and for a Web search for a consumer product. It was all fast and efficient. Vlingo is designed to adapt to the voice of its primary user, but I was also able to use Mr. Grannan’s phone to find an address. The Find application is in the beta test phase at AT&T and Sprint." Other companies offering speech recognition technology to their customers include Nuance with its Nuance Voice Control system recently released last August, and Microsoft with its purchase of TellMe Networks last March. According to Opus Research, speech recognition has reached a $1.6 billion market in 2007, and they further predict an annual growth rate of 14.5 percent over the next three years. "Dan Miller, an analyst at Opus, said that companies that have licensed speech recognition technology would probably see faster revenue growth, as more consumers used the technology."
Speech recognition technology has also been available on personal computers since 2001 in applications like Microsoft Office but with a weaker following. It is also already used in high-end G.P.S. systems and luxury cars from Cadillac and Lexus, and is now spreading to less expensive systems and cars. The speech technology chief at I.B.M. Research, David Nahamoo, adds that the company has an automotive customer testing speech recognition to help drivers find songs quickly while driving. SimulScribe, on the other hand, uses speech recognition to convert voice mail into e-mail.
More on this article on the The New York Times.
According to Security experts at Sophos, 6,000 new infected webpages are discovered every day, 83 per cent of which belonging to innocent
companies and individuals that are unaware of their sites being compromised. Sophos further reports that the well-known iFrame vulnerability in Internet Explorer remained the preferred vector for malware attacks throughout last year with China (51.4 per cent) and the US (23.4 per cent) leading in the net security firm's list of malware-hosting countries. According to PandaLabs, "around half a million computers are infected by bots every day... [and] approximately 11 percent of computers worldwide have become a part of criminal botnets, which are responsible for 85
percent of all spam sent."
Read the full article on The Register.
Read relevant article on Slashdot.
Thursday, January 24, 2008
E360 Insight, LLC filed a complaint against Comcast Corporation on 15 January 2008 accusing the latter of unfairly blocking e360’s e-mail from reaching subscribers. According to e360, in one typical instance, e360 received an error message stating that it’s e-mail was blocked from reaching subscribers because Comcast’s filters determined that e-mail from e360’s servers had been "sent in patterns which are characteristic of spam." According to Direct magazine's report, "the complaint claims that Comcast’s alleged interference with e360’s business relationships cost the firm $4.5
million a year from 2005 through 2007. The complaint also accuses Comcast of sending e360 bogus bounce information, causing the marketer to remove e-mail addresses from its file that were still active. The suit claims the false bounce information cost it almost $2.5 million." E360 asks for more than $12 million in compensatory damages and $9 million in punitive damages from the accused.
Read the full complaint here.
Tuesday, January 22, 2008
The past week marks the one-year anniversary of the emergence of the spam-enabling Storm worm, a tenacious strain of malicious software that probably speaks more about the future of online crime than almost any other malware family
circulating online today. A chronological account from security firm Trend Micro visually sums up Storm's evolution. Dmitri Alperovitch, director of Secure Computing, said federal law enforcement officials who need to know have already learned the identities of those responsible for running the Storm worm network, but that U.S. authorities have thus far been prevented from bringing those responsible to justice due to a lack of cooperation from officials in St. Petersburg, Russia, where the Storm worm authors are thought to reside.
Alperovitch believes the majority of Storm worm victims are Microsoft Windows users who for whatever reason have ignored the best advice of security professionals by not running anti-virus software and/or regularly applying software security updates. Indeed, the infection statistics seem to support that analysis. According to Vincent Gullotto, head of Microsoft's security research and response team, Microsoft's "malicious software removal tool" -- shipped as part of its monthly patch updates -- has removed an average of 200,000 versions of the Storm worm from Windows systems each month since November, when the software giant first started shipping removal routines for Storm.
According to Trend, nearly 12,000 pieces of Storm-connected malware were unleashed online over the past year (this includes the Trojan that
drops the payload, the Storm worm itself, as well as regular -- sometimes hourly -- updates pushed out to infected machines to stay a step ahead of any anti-virus software installed on the host system.) As big as Storm got this past year, Symantec's numbers help put things in a bit more perspective. Storm-related malware made up slightly more than one-quarter of one percent of all potential malicious code infections in 2007, Symantec said.
Read the full article on the Washington Post.
Romanian artist Alex Dragulescu, a research assistant at the Massachusetts Institute of Technology's Sociable Media Group, puts a face to threats such as Storm and Netsky. "Dragulescu created his so-called 'threat art' in conjunction with live malware intercepted by e-mail security firm MessageLabs. Each is disassembled into a dump of binary code and then run through a program Dragulescu wrote. That program spends a few hours crunching through all the data, looking for patterns in the code that will determine the shape, color and complexity of each piece of threat art."
According to the Washington Post's article, the configuration of these created organisms is driven largely by the botnets' actions. Dragulescu explains that if there is a repeated attempt to write to a system memory address, a particular Windows API call that tries to write to a file or [blast out e-mail], for instance, the program tracks that and looks for the prevalence, number and behavior of those occurrences.
Dragulescu's other threat art include his "spam architecture," or his "spam plants," the latter of which take its form from rules that look at the ASCII values (computer code that represent the English alphabet) of each spam sample.
For more of Dragulescu's images, check out his Web site and the MessageLabs threat art page.
Read the full article on the Washington Post.
Monday, January 21, 2008
Information Week reports that the CIA admitted on Friday at a New Orleans security conference that cyberattacks have caused at least one power outage affecting multiple cities outside the United States. According to Alan Paller, director of research at the SANS Institute, CIA senior analyst Tom Donahue confirmed that online attackers had caused at least one blackout. Information about which foreign cities were affected by the outage and other information related to the attack were not disclosed. According to Paller, a written statement from Donahue read, "We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these
attackers had the benefit of inside knowledge. We have information that cyberattacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."
The conference was on sharing data about cyberattacks on critical utilities and resources, and methods of attack mitigation. Discussions also include the new SCADA, Supervisory Control And Data Acquisition, and Control Systems Survival Kit, a document of best practices for SCADA systems.
Read the full article here.
Friday, January 18, 2008
FCW.com reports that "foreign hackers, primarily from Russia and China, are increasingly seeking to steal Americans’ health care records, according to a Department of Homeland Security analyst." Two cases of intrusions to the health care systems' servers have been recorded in the past year which alarmed security officials. In early 2007, a Centers for Disease Control and Prevention Web site was infected with a virus, and in April, a Military Health System server holding Tricare records was hacked. Mark Walker, who works in DHS’ Critical Infrastructure Protection Division, said the hackers are seeking to exfiltrate health care data probably for espionage. DHS is increasing its analysis staff to monitor threats in several industries, including health care, and will be issuing more alerts about cyberthreats to health care data, he said. He added further that DHS wants to build a database of health information system intrusions so it can better analyze the threats and develop countermeasures.
More on this report here.
A growing concern among security companies as well as the public this year is the burgeoning market for "protection racket." The computer security
industry was said to have deteriorated with one sharing everything about newly discovered weaknesses to some within it involved in a protection racket. Researchers such as Paul Henry, vice-president of technology at Secure Computing, describe this trend as "a move by a small minority of security companies now paying hackers for exclusive access to newly discovered vulnerabilities. This ensures their customers are protected while the software vendor works out a solution and rolls out a patch, a process that can take weeks." This worries security experts because hackers are now being given a so-called legitimate route of selling vulnerabilities to a single company who then protect their own. "They don't have to run the risk of going to jail any more by actually using a vulnerability, they can just threaten you with it and they get paid. It's extortion," says Henry.
Security researchers are said to be drawn to this new practice due to bad treatment from well-known software companies. Henry explains that "there
have been cases where people reporting vulnerabilities to software companies have been treated terribly and threatened with legal action because the vendors just don't want to look stupid. Security researchers that have found a vulnerability won't get paid by a vendor, and if they think they actually might end up talking to their lawyers and being threatened, then it's hardly surprising they end up selling vulnerabilities to security companies."
Read the full article on The Guardian.
Thursday, January 17, 2008
Wednesday, January 16, 2008
A documentary, "The New Face of Cybercrime," created by Academy award nominated director Fredric Golding and presented by Fortify Software, provides a face to the criminals' intent on hacking into systems today. Candid interviews with many industry leaders and executives of large organizations taking steps against these attacks are also included, providing perspective on how they think about these threats and what they are doing about them throughout their companies.
Tuesday, January 15, 2008
The Storm Worm botnet, using its huge collection of infected computers, is now sending out phishing emails directing people to fake banking sites that it also hosts on the computers it remotely controls, according to F-Secure and Trend Micro. Apparently, Storm has never been involved in phishing up to this point, however, the new campaign may indicate, according to F-Secure, that Storm's controllers have figured out how to divide the massive army into clusters which it is now renting out to others. F-Secure and Trend Micro both reported that the phishing scam was using a technique known as fast-flux DNS to keep the phishing site alive. Fast-flux works by constantly changing the IP address in the internet's phone book system (known as DNS) and having multiple computers in the botnet host the phishing site. This makes it very difficult to blacklist a IP address and since the site isn't being hosted by a company that researchers could contact to take down the site, the site lives longer.
According to Paul Ferguson, an advanced threat researcher for security giant Trend Micro, the spam emails were sent from a different segment of the botnet than the phishing sites were hosted. The site used for phishing was just registered on Monday. Anti-phishing filters, such as the ones bundled into Opera, Firefox and IE7, have gotten pretty good at quickly adding sites to their blocked list, however, "the issue becomes how do you work to take it down and find the perpetrators," said Ferguson.
Read Ferguson's article on this incident on Trend Micro's Malware Blog.
Read the full article on Wired Blog Network.
Pushdo trojan, a fairly new and prolific threat being circulated in fake "E-card" emails, is classified as a more sophisticated "downloader" trojan due to its control server. According to the analysis of Secureworks, when executed, Pushdo reports back to one of several control server IP addresses embedded in its code. The server listens on TCP port 80, and
pretends to be an Apache webserver. Any request that doesn't have the correct URL format will be answered with the following content:
The Bender Bending Rodriguez text is simply misdirection to mask the true nature of the server - if the HTTP request contains the following parameters, one or more executables will be delivered via HTTP:
The Pushdo controller is preloaded with multiple executable files - the one we looked at contained 421 different malware samples ready to be delivered. The Pushdo controller also uses the GeoIP geolocation database in conjunction with whitelists and blacklists of country codes. This
enables the Pushdo author to limit distribution of any one of the malware loads from infecting users located in a particular country, or provides the ability to target a specfic country or countries with a specific payload.
Pushdo's detection of the physical hard drive serial number as a identifier not only provides a unique ID for the infected system,
but can also reveal information such as whether the code is running in a virtual machine or not. This could be a way for the malware author to spy on anti-virus companies using automated tools to monitor the malware download points.
Another anti-anti-malware function of Pushdo is that it looks at the names of all running processes and compare them to a list of anti-virus and personal firewall process names. Instead of killing off these processes, however, Pushdo merely reports back to the controller which ones are running, by appending "proc=" and a list of the matching process names to the HTTP request parameters. This enables the authors to determine which anti-virus engines or firewalls are preventing the malware from running or phoning home, by their absence from the statistics. This way the Pushdo author doesn't have to maintain a test environment for each AV/firewall product.
Recently, an e-card email containing a newer variant of Pushdo was received. Apparently taking notice that the Bleeding Snort project had published a signature (sid 2006377) to detect the Pushdo request variables in transit, the author has now changed the request to be less fingerprintable. An example of the new
request format is:
GET /40e800142020202057202d4443574d414c393635393438366c0000003c66000000007600000002 HTTP/1.0
Apparently, the author of Pushdo is intent on evading detection for as long as possible, in order to have the maximum amount of time to seed Cutwail spambots into the wild. Although it is unclear just how large the Cutwail botnet has become, the ambition of the project rivals that of other more well-known spam botnets, such as Storm.
Read the complete analysis on Pushdo here.
Read the blog entry detailing the trouble Sophos are having with the Pushdo trojan.
A new-generation worm-botnet known as Nugache, according to Dave Dittrich, might be the most advanced worm/botnet yet. It has no C&C server to target, has bots capable of sending encrypted packets and has the possibility of any peer on the network suddenly becoming the de facto leader of the botnet. However, despite numerous worms, viruses, bots and Trojans over the years having one or two of the features that Storm, Nugache, Rbot and other such programs possess, none has approached the breadth and depth of their feature sets. Rbot, with more than 100 features that users can choose from when compiling the bot, enables two different bots compiled from an identical source have nearly identical feature sets, yet look completely different to an antivirus engine.
A disturbing concern, experts say, is that there are several malware groups out there right now that are writing custom Trojans, rootkits and attack toolkits to the specifications of their customers, who are in turn using the malware not to build worldwide botnets like Storm, but to attack small slices of a certain industry, such as financial services or health care. A popular example of this is Rizo, a variant of Rbot. Like Nugache and Storm, Rizo has been modified a number of times to meet the requirements of various different attack scenarios. "Within the course of a few weeks, different versions of Rizo were used to attack customers of several different banks in South America. Once installed on a user's PC, it monitors Internet activity and gathers login credentials for online banking sites, which it then sends back to the attacker. It's standard behavior
for these kinds of Trojans, but the amount of specificity and customization involved in the code and the ways in which the author changed it over time are what have researchers worried."
To read the full article on Nugache, click here.
More security related news at Schneier on Security.
Thursday, December 20, 2007
The article, Beware, botnets have your PC in their sights, by New Scientist republished by TMCnet, provides a brief discussion of the cybersecurity situation in developing countries and how the current conditions may later evolve into an enormous cybersecurity problem in the coming years. Although hackers and cybercriminals tend to attack computers in developed countries at the moment due to more stable and consistent Internet connectivity, it is foreseen that developing countries may be next in line with the increasing technological developments and initiatives such as the One Laptop Per Child (OLPC) programme and Intel's low-cost Classmate computer. "If thousands of Classmates are distributed without adequate security,
or if a previously unknown flaw in BitFrost, OLPC's security system, emerges, the new generation
of cheap PCs will lead to problems... The ITU is assuming that attacks of this kind are a foregone conclusion
and is organising a global effort to help developing countries fortify
themselves against them." ITU, with its Botnet Mitigation Toolkit and Cybersecurity efforts, aims to increase international cooperation among states and provide the training and expertise needed to build CERTs in developing countries.
Read the full article here.
More information on ITU Cybersecurity related activities here.
Wednesday, December 19, 2007
The OPTA Commission has imposed a fine of 1 million Euros on three Dutch enterprises, operating under the company name DollarRevenue, and their two directors, due to their unlawful installion of software on more than 22 million computers belonging to Internet users in the Netherlands and elsewhere. They primarily used misleading files, making Internet users believe that they were about to download apparently innocent files, whereas they actually contained DollarRevenue software. "They also used botnets, thereby installing files without user intervention. Each day 60,000 installations occurred on average. A total of more than 450 million program files were illegally placed on 22 million computers." With the enterprises and their directors having deliberately contravened provisions of the Universal Service and End Users Decree [Besluit universele dienstverlening en eindgebruikers], based on the Telecommunications Act [Telecommunicatiewet] and designed to promote safe Internet usage and to protect the privacy of Internet users, fines totalling 1 million Euros were imposed.
Read the full article on the OPTA website.
Tuesday, December 18, 2007
Monday, December 17, 2007
Friday, December 14, 2007
According to McAfee, the website of the French Embassy in Libya is currently under attack through IFRAME injection. With the visit by Libyan President Muammar Khadafi in the country, controversy is stirring up which has apparently triggered interest among people behind the attack. The iframe routes the victim to sites hosted through Hong Kong provider, then it redirects the victim to Russia and Ukraine where exploit and downloaders are used (Exploit-YIMCAM and downloader-AUD). McAfee warns people not to attempt reaching the site as it is still dangerous.
For more information, visit the McAfee Blog.
Thursday, December 13, 2007
The International Telecommunication Union (ITU) highlighted the role played by information and communication technologies (ICTs) as both a cause and a potential cure for climate change at the UN Conference on Climate Change in Bali, Indonesia, on 12 December.
ICTs can be used for remote monitoring of climate change and the gathering of crucial scientific data such as using telemetry or remote sensing by satellite. Smart and emerging technologies can be integrated into energy-efficient products, notably in next-generation networks (NGN) where ITU's Standardization sector (ITU-T) is carrying out vital specialized work.
Activities at the ITU's Development Sector (ITU-D) refer to promoting a role for information and communications technologies in the protection of the environment, together with partners from other international organizations and the industry. ITU-D also provides assistance to developing countries in emergency telecommunications as well as in the area of e-waste.
At the UN Conference, ITU raised awareness on standby services of ICT equipment such as computers and PC screens, DVD players, TVs and battery chargers, which places a burden on energy consumption. "Always-on" services, like broadband or mobile phones on standby, have increased energy consumption compared with fixed-line telephones, which do not require an independent power source.
ITU underlined an active commitment to promote the use of ICTs as a positive force to reduce greenhouse emissions and to find ways to mitigate the effects of climate change. In this regard, ITU can support and facilitate scientific studies aimed at implementation of new measures against the negative effects of climate change. As part of a unified effort of the UN system, ITU can contribute in its areas of expertise to support Member States and to foster partnerships with the private sector to develop more energy-efficient technologies.
For more information, click here.
Tuesday, December 11, 2007
PC Tools recently discovered a social-engineering attack that uses trickery rather than a software flaw to access victim's valuable information. It is a new program that can mimic online flirtation and then extract personal information from its unsuspecting conversation partners. The program is believed to be making the rounds in Russian chat forums such as CyberLover. According to PC Tools, the "bot" cannot be easily distinguished from a real potential suitor, and the software can work quickly establishing up to 10 relationships in 30 minutes. It then compiles a report on every person it meets complete with name, contact information, and photos, which then may be made available for fraudulent activities. "Although the program is currently targeting Russian Web sites, PC Tools is urging people in chat rooms and social networks elsewhere to be on the alert for such attacks. Their recommendations amount to just good sense in general, such as avoiding giving out personal information and using an alias when chatting online."
Read the full article here.
Monday, December 03, 2007
Kelly Jackson Higgins, Senior Editor of Dark Reading wrote on how cyberwarfare has evolved into a growing underground market. According to experts, international cyber-spying is considered as the biggest threat for 2008 with the malware economy mimicking legitimate software markets. Malware suppliers are reportedly offering tools that make it easy for criminals with little technical know-how to commit their crimes, and many now advertise their 'products,' and offer support services as a value-add. These, as well as cyber-spying trends, are among the many findings of McAfee's annual Virtual Criminology Report released on 29 November 2007. The report was based on input from more than a dozen
security experts from NATO, the FBI, SOCA, The London School of Economics, and the International Institute for Counter-Terrorism.
"What struck me through most of this report is the threat is more evolutionary than revolutionary -- things we've talked about as potentially developing are now status quo," says David Marcus, senior research and communications manager for McAfee. "That's the disturbing part. Cyberwarfare, or state-sponsored malware, is business as usual." According to the report, what further concerns governments is that this malware, as well as the burgeoning market for zero-day exploits, sold in the black market can also be used for targeting government, banks or other sensitive infrastructures, such as the power grid.
Read the full article here.
The CSI Survey 2007, the 12th of its kind, by the Computer Security Institute, aims to raise the level of security awareness, as
well as help determine the scope of computer crime in the United States. The survey strongly suggests in this year’s results that mounting threats are beginning to materialize as mounting losses. The survey results are based on the responses of 494 computer security practitioners in U.S. corporations, government agencies, financial institutions, medical institutions and universities.
Among the key findings from this year’s survey are:
- The average annual loss reported in this year’s survey shot up to $350,424 from $168,000 the previous year. Not since the 2004 report have average losses been this high.
- Almost one-fifth (18 percent) of those respondents who suffered one or more kinds of security incident further said they’d suffered a “targeted attack,” defined as a malware attack aimed exclusively at their organization or at organizations within a small subset of the general population.
- Financial fraud overtook virus attacks as the source of the greatest financial losses. Virus losses, which had been the leading cause of loss for seven straight years, fell to second place. If separate categories concerned with the loss of customer and proprietary data are lumped together, however, then that combined category would be the second-worst cause of financial loss. Another significant cause of loss was system penetration by outsiders.
- Insider abuse of network access or e-mail (such as trafficking in pornography or pirated software) edged out virus incidents as the most prevalent security problem, with 59 and 52 percent of respondents reporting each respectively.
- When asked generally whether they’d suffered a security incident, 46 percent of respondents said yes, down from 53 percent last year and 56 percent the year before.
- The percentage of organizations reporting computer intrusions to law enforcement continued upward after reversing a multi-year decline over the past two years, standing now at 29 percent as compared to 25 percent in last year’s report.
For the complete detailed survey results, click here.
A Taxonomy of Privacy by Daniel J. Solove, an associate professor at the George Washington University Law School, won the Privacy Enhancing Technologies award 2006. This paper attempts to identify privacy problems in a comprehensive and concrete manner, and it aims to guide the law toward a more coherent understanding of privacy and to serve as a framework for the future development of the field of privacy law.
“Privacy is a concept in disarray,” Solove says. “Abstract incantations of ‘privacy’ are not nuanced enough to capture the problems involved. The law has often failed to adequately protect privacy, and privacy problems are frequently misconstrued or inconsistently recognised. Without an
understanding of what the privacy problems are, how can privacy be addressed in a meaningful way?”
His taxonomy defines threats to privacy from the perspective of the individual, in four categories of potentially harmful activities — information collection, information processing, information dissemination and invasion. With the help of this more comprehensive taxonomy, Solove hopes that privacy considerations can be better recognised and balanced against opposing interests.
Read the full paper here.
Thursday, November 29, 2007
The United Nations Children’s Fund (UNICEF) reported on 26 November about the launch of 20 broadband-enabled teacher resource centres in the Maldives to help the Ministry of Education to provide quality education to every child of a population spread across 1,000 small islands.
Using information and communication technologies (ICTs) enables administrators and teachers to be part of one learning community across the country. Teachers can simultaneously receive online training, access and exchange information through the common network. Moreover, the internet and state-of-the-art technologies are aimed to enhance interactive education and to increase motivation of both students and teachers, as UNICEF noted.
Wednesday, November 28, 2007
Information and communications technologies (ICTs) are contributing to climate change, but can also provide problem-tackling tools, as the United Nations News Centre reported from a conference on the impact of ICTs on climate change organized by the UN Global Alliance for ICT and Development and AIT Global Inc., a global association of management and information technology professionals,on 27-28 November.
Experts and industry leaders highlighted that servers, personal computers and monitors account for more that 60 per cent of global ICT-related carbon emissions, and that product design, manufacturing and internal operations would be essential to minimizing emissions. Even though the paperless office environment has not yet been achieved, industry could develop energy-efficient appliances that shut down automatically when not being used. ICT could also improve the energy efficiency of all economic sectors, for example diagnosing the carbon emissions of products or processes and suggesting their redesign.
To read the full article, click here.
ENISA recently launched its latest Position Paper, "Botnets - The Silent Threat", a 12-page paper identifying roles and structures of criminal
organizations for creating and controlling botnets, and trends in this type of cyber crime as well as online tools to identify and counter malicious code. ENISA points out that browser exploits account for more than 60% of all infections, email attachments for 13%, operating system exploits for 11%, and downloaded Internet files for 9%. It also emphasizes that the main problem is uninformed users. ENISA, thus, calls for "a more coordinated, cross country cooperation among multi-national law enforcement agencies, Internet Service Providers (ISPs) and software vendors" to combat botnets, and further adds that education of the everyday user is a key measure.
For further information, read ENISA's press release or access the full ENISA Position Paper.
Tuesday, November 27, 2007
USA Today reports on the current spam statistics, and reiterates how spam continues to exponentially increase despite anti-spam softwares, filters and legislations. According to market researcher IDC, "the total number of spam e-mail messages sent worldwide, 10.8 trillion, will surpass the number of person-to-person e-mails sent, 10.5 trillion." Spam sent is also said to have reached 60 billion to 150 billion messages a day. As for phishing, the Anti-Phishing Working Group said new phishing sites soared to 30,999 as of July 2007, from 14,191 in July 2006. MessageLabs adds that one in 87 e-mails is tagged as phishing scams now, compared with one in 500 a year ago.
The fight against spam has nonetheless expanded and grown too. Built-in spam defenses of Google's Gmail, social-networking sites such as Facebook and MySpace which enable users to control who has access to their personal profile, to exchange e-mail with friends, family and business associates, and phishing filters provided by Microsoft on its Internet Explorer browser are some of the common filters made available to users. In the same effort to stop spam, Yahoo, eBay and PayPal recently announced their use of DomainKeys, an e-mail-authentication technology. Other anti-spam technologies include CertifiedEmail from Goodmail Systems, a new breed of e-mail services, and Boxbe. "The multilayered-defense approach has worked to stop such scourges as image spam, which varied the
content of individual messages — through colors, backgrounds, picture sizes or font types — to slip through spam filters. Image spam made up half of all spam in January. Since software makers came up with a solution, image spam has dropped to 8% of all spam, Symantec says."
Read the full article here.
Friday, November 23, 2007
Monday, November 19, 2007
Wednesday, November 14, 2007
The UN International Strategy for Disaster Reduction (ISDR) on 15 November 2007 is launching PreventionWeb.net, a new website for increasing knowledge-sharing on natural disaster risk reduction issues. The website will feature news reports, publications, fact sheets, examples of best practices and country reports targeted to both the general public and specialists. Users can also search for information related to disaster risk reduction such as early warning, climate change, health, education, etc.
For more information, please click here.
Tuesday, November 13, 2007
The U.S. Center for Information Technology Leadership (CITL) conducted a study on The Value of Provider-to-Provider Telehealth Technologies. Assuming some specific healthcare settings such as emergency departments, correctional institutions, nursing homes and physician offices the cost-benefit analysis focused on three technology systems, i.e. store-and-forward, real-time video, and a hybrid model combining the first two.
The CITL study found that benefits outweighed costs for all three systems, but the research organization recommends the hybrid model as the most cost-effective one for the U.S. The report is available at citl.org.
John Kenneth Schiefer, a 26-year-old computer security consultant from Los Angeles has admitted to hacking into computers entrusted to him to create a botnet of as many as 250,000 PCs, which he used to steal money from and identities of unsuspecting consumers and corporations. "Schiefer agreed to plead guilty to four felony charges in connection with the case and faces up to 60 years in prison and a $1.75-million fine, according to court documents filed Friday in federal court in Los Angeles." According to Assistant U.S. Atty. Mark Krause in Los Angeles, Schiefer is the first person to be accused under federal wiretapping law of operating a botnet.
Schiefer stole user names and passwords for EBay Inc.'s PayPal online payment service to make unauthorized purchases and passed the stolen account information on to others. According to the plea agreement, a conspirator named "Adam" who is allegedly a minor was involved in Scheifer's scam. Scheifer and his accomplices were reported to have used illicit software which they planted on people's PCs to spirit account information from a storage area in Windows-based computers. A Dutch Internet advertising company also hired his services to install its programs on people's computers when they consented, but he installed it on more than 150,000 PCs without permission, earning more than $19,000 in commissions.
The federal investigation began in 2005, and the indictment includes "four counts of accessing protected computers to commit fraud, disclosing illegally intercepted electronic communications, wire fraud and bank fraud." Schiefer's initial appearance in Los Angeles will on Nov. 28 and his arraignment on Dec. 3. There is a similar case in May 2006 involving a Downey man, Jeanson James Ancheta who was sentenced to almost five years in federal prison after pleading guilty to four felony charges for using botnets to spread spyware and send spam.
To read the full article, visit the Los Angeles Times.
Related article also availabe here.
Monday, November 12, 2007
Microsoft releases the Asia Pacific Legislative Analysis: Current and Pending Online Safety and Cybercrime Laws, a study providing a high-level snapshot of the status of computer security, privacy, spam and online child safety legislation in the Asia Pacific region. Detailed analyses of these laws specific to Australia, China, Hong Kong, India, Indonesia, Japan, Malaysia, New Zealand, The Philippines, Singapore, South Korea, Taiwan, Thailand and Vietnam are also provided in this paper. For more information regarding this document, contact Julie Inman Grant, Regional Director, Corporate Affairs of Internet Safety and Security at Microsoft Asia Pacific. More Cybersecurity Legislation and Enforcement related resources are available at the CYB website.
Friday, November 09, 2007
The International Telecommunication Union (ITU) organizes the first conference in the ITU Arab region on "Sharing experience on best practices in ICT services for persons with disabilities", in cooperation with the Regional Office for the Eastern Mediterranean of the World Health Organization (WHO/EMRO). The conference will take place in Cairo (Egypt) on 13 - 15 November 2007 under the auspices of the Ministry of ICT of the Government of Egypt and H. E. the Minister Dr. Tarek Kamel.
The conference is open to administrations, policy makers, regulators, and all industries involved in the development of dedicated information and communication technologies (ICTs) for persons with disabilities in addition to physicians and doctors from the public health sector. The main objective of the conference is to raise awareness on the importance of accessibility to all, including persons with disabilities, to ICTs.
For more information, please click here.
Thursday, November 08, 2007
Baltimoresun.com reports on Bush's announcement of a plan to prevent cyberspace attacks on U.S. interests. A $154 million budget was requested as preliminary funding for the initiative, which current and former government officials say is expected to become a seven-year, multibillion-dollar program to track threats in cyberspace on both government and private networks. Lawmakers who recently received briefings on the initiative, however, continue to have many questions, and some remain concerned about the legality of the program and whether it provides sufficient privacy protections. According to a former government official familiar with the proposal, the total start-up costs of the program are about $400 million. "The proposal 'will enhance the security of the Government's civilian cyber networks and will further address emerging threats,' Bush wrote
to Congress as part of his request for additional money for cyber security and other counterterrorism measures. The initiative would first develop a comprehensive cyber security program for the government and then do the same for private networks, the former government official said."
Read the full article here.
Email Submission Operations: Access and Accountability Requirements by Carl Hutzler, Dave Crocker, Pete Resnick, Eric Allman, and Tony Finch has recently been released as Best Current Practice (BCP) 134. This document provides recommendations for constructive operational policies between independent operators of email submission and transmission services to mitigate the propagation of spam and worms. Its goal is to improve lines of accountability for controlling abusive uses of the Internet mail service. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. For more information, click here.
Tuesday, November 06, 2007
According to the Government Accountability Office (GAO), the government's infrastructure sectors' plans lack protection against cyberattacks and disaster, pointing out that none of the sectors included all 30 cybersecurity criteria, such as key vulnerabilities and measures to reduce them. Among the 17 sectors of the government, information technology and communications had the strongest cybersecurity plans, and the agriculture, food and commercial sectors were the least comprehensive, according to David Powner, director of GAO's information technology management issues.
The Homeland Security Department provided a national plan last year for the sectors as a guide for their individual plans. Greg Garcia, DHS’ assistant secretary for cybersecurity and communications, said that DHS acknowledged the shortcomings based on GAO's findings, but he explained that these sector plans, released in May, represent only early efforts. Garcia further added that "sectors are not meant to be uniformly comprehensive in their cybersecurity efforts, and they must balance cybersecurity risk against other risk management efforts and unique aspects of their infrastructure 'based on its dependence on cyber elements.'" GAO recommended that DHS fully address the cybersecurity criteria by September 2008.
Read full article here.
Roger A. Grimes of InfoWorld interviewed Paul Laudanski, founder and leader of CastleCops which is a volunteer organization dedicated to fighting malware, spam, and phishing. Paul talked about the effects of DDoS and provided pointers on how to mitigate and ride the attack. He said that the primary thing to be decided in cases of attacks is whether the company wants to stay in business during the attack or not. If so, all the attack traffic need to be absorbed along with the legitimate traffic, meaning the broadband connection, routers, firewall, Web servers, and back-end databases have to be able to deal with the attack. He also suggested knowing ahead of time how the company's ISP handle DDoS events. They further discussed how to possibly pursue criminal charges after the attacks. "To be honest, being able to locate and prosecute the DDoS attacker is a long shot. The lack of cohesive communications between all the parties that need to be involved in an investigation, the legal implications of the global nature of the assault, and the growing sophistication of bot nets all fight against a successful prosecution. But as Paul and CastleCops can tell you, it can be done."
Read the full article on InfoWorld.
Monday, November 05, 2007
"Buses equipped with wi-fi are being used to deliver web content to remote rural villages in the developing world. In rural India and parts of Rwanda, Cambodia and Paraguay, the vehicles offer web content to computers with no internet connection." United Villages is an initiative that provides communties in Asia, Africa, and Latin America with a digital access to locally-relevant products and services using a low-cost, store-and-forward "drive-by WiFi" technology. Mobile Access Points (MAPs) are installed on existing vehicles (e.g. buses and motorcycles) and automatically provide access for
WiFi-enabled Kiosks along the roads. Whenever a MAP is within range of a real-time wireless Internet connection, it transfers the data from and for those Kiosks. The United Villages project also allows users to request specific information or content for a few additional rupees. The wi-fi vehicles also deliver as well as collect e-mails, and brings e-Commerce to the villagers.
Read the full article on BBC News.
More on United Villages on their website.
The article, Myth of privacy busted; Web advertisers scan e-mails, by Louise Story published on the International Herald Tribune, reports on the issue of online advertisers probing on privacy for marketing puposes. "At a meeting of the U.S. Federal Trade Commission about online privacy
Thursday, the regulator's commissioner, Jon Leibowitz, said the agency
would be exerting a tighter grip over online advertising. Leibowitz said that rules about the privacy policies of sites may
need to be established... But some people from the online industry said the FTC should stay out." According to Randall Rothenberg, president and chief executive of the Interactive
Advertising Bureau, if the FTC regulates online advertising, this could limit recent ''extraordinary pattern
of innovation.''
After eight years since the FTC's public
workshop on the use of consumer data in online ads, a lot of the
hypothetical scenarios described back then are now a widespread reality. However, many executives in the advertising industry do not see anything
wrong with online targeting, arguing that the practice benefits
consumers, who see more relevant ads. They add further that for
consumers, providing some innocuous personal data is a small
trade-off for free access to the rich content of the Internet, much of
which is ad-supported. A growing concern, even among online companies, about what information is being used to deliver ads to people is quite evident however.
''The market is getting edgier and edgier, and what is accepted in
the marketplace gets dodgier and dodgier,'' said Martin Abrams, the
executive director of the Center for Information Policy Leadership. ''We have
really moved to a world where we say consumers need to police the
market, and, increasingly, it is a harder world to police.''
Read the full article here.
After the infamous Estonian cyberattack early this year, CyTRAP Labs proposes the 7 lessons learnt from the attacks, and points out how Estonia responded accordingly to these issues. Among the lessons and issues pointed out were:
- Critical incidence response matters, which suggests the need to have a systematic and clearly understood procedure in place that allows a quick identification of what a critical incident response is and what kind of responses must be invoked rapidly (i.e. automatisms) to have a chance to defend against an emerging threat. Estonian responders first focused on the targets rather than sources. Filtering technology was used to throttle back on traffic aimed at target systems, which, at its peak, reached between 100 to 1,000 times the normal amount of traffic.
- The need for the team to make critical decisions fast. In Estonia, it was decided to protect certain systems. Once those were identified, all connections to those systems from outside the country were blocked. In addition, efforts were undertaken to lure away attackers from critical systems those that were less critical ones.
- Critical infrastructure can mean something different. For Estonia, where much business is being done on the net, critical infrastructure meant financial and communication services by private business were under attack and these are critical to the country’s well-functioning economy. Soon after 27 April 2007, people were unable to buy such essentials as gas and groceries using their payment cards.This is in contrast to what we usually accept as being critical infrastructure, namely electricity and transportation networks.
- No new attack techniques emerged. The level of traffic was not surprising and the mitigation tactics used were tried and true. But what will happen if the attackers are using fast-flux networks or DNS amplification attacks?
- Coordination is vital. All the above can be further complicated if the defense has to be coordinated in real time with several hundred or thousands of ISPs. As Estonia’s experience illustrates, coordination and cooperation with a centralized incident response is critical to achieve success. This was the case with CERT-EE working closely with private ISPs and banks, etc. Unfortunately, in many countries such centralized approach will be difficult to achieve unless the right things are put in place now.
- Trusted social networks as the key to coordinate a successful response. Even CERT-EE needed help and support from others, and social networks came in handy. How else can one convince an ISP in another country to take off a server that is part of a fast-flux network? Developing trust takes time and effort while both parties have to give. A certain degree of sharing or disclosure may result in further growth of trust needed to defend better next time.
- Post mortem analysis - learning to improve. Without analyzing past events learning cannot occur. The challenge with the Estonian example is that other countries must learn from the Estonian experience. This type of international collaboration must be improved beyond government CERTs.
Hence, without getting the major ISPs and financial institutions involved in other countries, post mortem analysis might not help us much in preparing for the next attack of this kind or worse.
This list was made in reference to the presentation of Hillar Aarelaid, eSStonia - the case of the Estonian DDoS attacks, given at the GovCERT.NL IT Security Symposium, Response & Responsibility, in Noordwijk, Netherlands.
Read the full article here.
The House of Lords Science and Technology Committee recently states that the UK government has failed to understand the threat to the continued growth of the internet posed by cybercrime as evident in their response to the committee's report on personal internet security, published on 10 August. The Lords' report had warned of the danger that public confidence in the internet would be lost, due to "perception that the internet is a lawless 'Wild West'." In the government's reply, presented to Parliament on 24 October, the government rejected this as well as the recommendation that there should be a data-breach notification law to provide businesses with incentives to take better care of customer data. According to the government, this kind of law that forced companies to admit when they had been the victims of cybercrime does not prove to be effective, but reassures businesses that they will consider finding "more formal ways" of reporting security breaches to the Information Commissioner's Office (ICO) "when problems arise". The government also rejected calls for software and hardware vendors to be liable for the security of their products, and for banks to guarantee e-fraud refunds.
Read the full article at ZDNet.co.uk.
Friday, November 02, 2007
Wiley InterScience recently launched the journal Security and Communication Networks.
A call for papers has been opened for its special issue focusing on Clinical Information Systems Security, which addresses the need for a secure and trusted computerized approach in managing personal health information, both from a demand and supply side.
The topics of interest in this special issue include, but are not limited to:
- Authentication techniques for CIS
- Authorization mechanisms and approaches for patient-centric data
- Public Key Infrastructures to support diverse clinical information environments and networks
- Cryptographic protocols for use to secure patient-centric data
- Secure communication protocols for the communication of clinical data
- Wireless sensor networks security
- Body sensor networks security
- CIS Database security
- Interoperability across diverse CIS environments (national and multilateral)
- Government and international regulatory and compliance requirements
For more information on submission, dates and peer review, please visit Insecure.org.
Researchers at the U.S. Department of Energy's Pacific Northwest National Laboratory, together with other partners, demonstrated how using information and communication technologies (ICTs) and telecommunications networks could result in considerable savings in power-grid infrastructure and electricity consumption, reported the Network World on 22 October.
The test network allowed consumers to select their usage preferences via a web portal. Smart controls-based devices such as virtual thermostats were interconnected with a service-oriented architecture (SOA) through middleware, and using broadband internet. The so-called GridWise project showed that both the power demand at the SOA electricity marketplace could be managed more evenly and customers were in better control of their energy consumption.
For more information on the project, please click here.
Tuesday, October 30, 2007
A bogus email is circulating claiming to be from the Federal Trade
Commission and referencing a "complaint" filed with the FTC against the
email’s recipient. The email includes links and an attachment that
download a virus. As with any suspicious email, the FTC warns
recipients not to click on links within the email and not to open any
attachments. This mailcious email appears to have a phony sender’s
address, "frauddep@ftc.gov" and also
spoofs the return-path and reply-to fields to hide the email’s true
origin. While the email includes the FTC seal, it has grammatical
errors, misspellings, and incorrect syntax. Recipients should forward
the email to spam@uce.gov and then delete it. Emails sent to that address are kept in the FTC’s spam database to assist with investigations.
More information on this spam report at the Federal Trade Commission website.
Monday, October 29, 2007
The United Nations International Fund for Agricultural Development (IFAD) last Friday launched a project aimed at helping farmers in Gabon diversify their incomes by developing and marketing new products from staple crops and by obtaining better access to value chains for products with significant market potential. The project aims to directly benefit 28,000 farmers, half of whom are women and a third young people.
Through training, farmer exchange visits and a new market information system, the project will also help farmers’ organizations better defend the economic interests of their members and market their goods more efficiently, according to IFAD's press release.
The Global Fund To Fight AIDS, Tuberculosis and Malaria launched a new website, MyGlobalFund.org, to foster sharing of best practices in the fight against the three pandemics; spreading ideas and stimulating research; and encouraging partnerships.
For more information on the Global Fund, please click here.
World War 2.0, a news video on Wired Science, presents the realities of internet warfare and how a botnet attack against Estonia might have been a manifestation of this new war technique. Botnets are so powerful, and hackers are very skilled and experienced that they can "destroy servers of a whole state." Josh Davis traced back when the attack against Estonia started and how security officials in Estonia fought back. Bill Woodcock, founder of Packet Clearing House, provides a brief explanation on how a botnet operates and how the attack against Estonia happened. Jaak Aaviksoo, Estonian Defense Minister, Ago Väärsi, technical manager at Postimees.ee, and Hillar Aareland, head of the Estonian CERT, were also interviewed as well as Russian internet security expert Emin Azizov and IT director of the United Civilian Front Eugeni Grigorian. Learn more about the attack by watching the video report here.
Friday, October 26, 2007
John E. Dunn of Techworld reports on the Austrian Police's intention to use specially-crafted Trojans to remotely monitor criminal suspects.
"According to reports in Austrian media, the minister of justice Maria Berger, and Interior Minister Gunther Plater, have drafted a proposal that will be amended by legal experts and the cabinet with the intention of allowing police to carry out such surveillance legally with a judge’s warrant... According to Berger, Trojans would only be used in cases of serious crime, such as terrorism and organised racketeering. The Swiss authorities have declared the intention of using the same controversial technique, but only in cases of the most extreme nature, such as terrorism... The Austrian, German and Swiss governments have yet to explain how they would circumvent security programs that might be used by criminals to protect themselves, whether this would involve collusion with security software companies, and what would happen if such software-busting Trojans were subsequently reverse engineered and deployed by criminals
themselves."
Read the full article on Techworld.
Monday, October 22, 2007
Brandon Enright, a network security analyst at University of California, San Diego, recently presented his findings at the Toorcon hacker conference in San Diego indicating the steady shrinking of the Storm Worm Botnet. According to Enright, it is now about 10 percent of its former size. Enright has been tracking Storm since July. "He has developed software that crawls through the Storm network and he thinks that he has a pretty accurate estimate of how big Storm really is. Some estimates have put Storm at 50 million computers, a number that would give its controllers access to more processing power than the world's most powerful supercomputer." Enright asserts that the numbers are far less terrifying though saying that in July, Storm appeared to have infected about 1.5 million PCs with 200,000 of which being accessible at any given time. He said that "a total of about 15 million PCs have been infected by Storm in the nine months it has been around, although the vast majority of those have been cleaned up and are no longer part of the Storm network."
According to Enright, the Storm Worm botnet started to dwindle in July when antivirus vendors began stepping up their tracking of Storm variants and got a lot better at identifying and cleaning up infected computers. With Microsoft's added Storm detection (Microsoft's name for Storm's components is Win32/Nuwar) into its Malicious Software Removal tool available with every Windows system, which was released on September 11, Storm infections dropped by another 20 percent overnight. Enright's most recent data counts 20,000 infected PCs available at any one time, out of a total network of about 160,000 computers.
To read the full article, click here.
The International Herald Tribune reports on Russian hackers being one of the biggest threats to internet security.
"Internet security experts say that only the United States and China rival Russia in hacker activity. But Russia has only 28 million
Internet users, according to rough estimates, compared with 210 million in the United States and 150 million in China, meaning that Russia has a higher percentage of scammers. VeriSign, the Internet services company, considers Russian hackers to be the worst, in part because they tend to have ties to organized crime outfits that embezzle money with stolen bank and credit card information... While the West has complained about Russian laws and enforcement, some Russian officials take issue with the criticism. Aleksei Likhachev, a member of Parliament, acknowledged that there had been fewer criminal cases in Russia than elsewhere, but said officials were still learning how to conduct such inquiries. 'It is just that this work is much younger and much less developed in Russia,' he said."
Read the full article, Russian hackers: On the right side of soft laws.
After Japan's Internal Affairs and Communications Ministry signed a joint statement with the German Federal Economics and Technology Ministry in
July, Japan continues to exert concerted effort to tackle the issue of spam. "The ministry has regularly exchanged opinions on the issue at multilateral meetings, such as those of the International Telecommunication Union and the Asia-Pacific Economic Cooperation Conference... France and other countries, with which Japan has established a close partnership on the issue, have gone a step ahead of Japan by introducing an "opt-in" system, under which people are not permitted to send ad e-mails without the prior consent of the people to whom they intend to send them." Opinions concerning fines and punishment for spammers appear to be quite divided among countries though with some countries charging heavier fines than others.
Read the full article here.
An article on CIO, Who's Stealing Your Passwords? Global Hackers Create a New Online Crime Economy, provides a detailed account of Don Jackson's discovery of Gozi, 76service.com and the new online crime economy. It also illustrates the evolution of online crime from trojans to sophisticated networks selling bot services. Don Jackson is a security researcher for SecureWorks, one of dozens of boutique security firms that have emerged to deal with the Internet security. From an executable file, Gozi, that Jackson discovered on a friend's computer, he was led to this professionally-run business-like network, later identified as the 76service.com, where he uncovered a "3.3 GB file containing more than 10,000 online credentials taken from 5,200 machines—a stash he estimated could fetch $2 million on the black market." It was also mentioned that "Lance James’ company Secure Science discovers 3 million compromised login credentials—for banks, for online email accounts, anything requiring a username and password on the Internet—and intercepts 250,000 stolen credit cards. On an average week, Secure Science monitors 30-40GB of freshly stolen data, 'and that’s just our company,' says James."
Read the full account of Don Jackson on the CIO website.
Economist.com recently features a report discussing innovation and how industries have become more open to and involved with it. Among these industries are the automotive and the IT industries. Larry Page, co-founder of Google, "had earlier hosted a gathering of leading environmentalists, political thinkers and energy experts to help shape an inducement to get things moving: the Automotive X Prize, expected to be unveiled in early 2008." This project urges both automotive and IT experts to develop the clean, software-rich car. "The organisers will offer at least $10m to whoever comes up with the best 'efficient, clean, affordable and sexy' car able to obtain the equivalent of 100 miles-per-gallon using alternative energy."
The article further discusses the current situation regarding Research and Development around the world, and continues to stress the importance of innovation. "Analysis done by the McKinsey Global Institute shows that competition and innovation (not information technology alone) led to the extraordinary productivity gains seen in the 1990s. 'Those innovations—in technology as well as products and business processes—boosted productivity. As productivity rose, competition intensified, bringing fresh waves of innovation,' the institute explains."
Read the full article here.
Thursday, October 18, 2007
On an interview with Interpol by CNN, Kristin Kvigne, assistant director of Interpol's trafficking in human beings unit, discussed how Interpol currently addresses the growing concern on child pornography and child abuse online. A brief rundown on investigations related to the recently identified child pornographer Christopher Paul Neil was also discussed. According to Kvigne, the latest technological tools utilized by Interpol have greatly aided in the progress of their on-going investigation and manhunt. The Interpol officer further stressed that "Interpol has got great tools in place for preventing people with prior convictions, et cetera, to enter into countries unknown. Countries can use the notice system that Interpol has in alerting other countries as to their traveling potential sex offenders. And Interpol would like to see that used more by law enforcement globally." According to the interview, "Interpol has half a million more pictures of child sex abuse. In fact, more than half a million, with maybe 10,000 or 20,000 kids in them -- 10,000 or 20,000 victims. They've rescued roughly 600." More on Interpol related news here.
Incidentally, Facebook, a popular social networking website, recently expressed its renewed efforts to protect its users from online predators. "The precautions will include a new safety disclosure for parents and a more efficient complaint process to report unsolicited sexual advances and inappropriate content, New York Attorney General Andrew Cuomo announced Tuesday at a news conference. Facebook will also allow an independent examiner -- chosen and paid for by the company, but approved by the attorney general -- to report on its compliance for the next two years." According to CNN, this recent announcement followed an investigation into Facebook launched by Cuomo wherein tests conducted by investigators "revealed 'significant defects' in safety controls and the company's response to complaints." Read the full article on the CNN website.
BBC Hardtalk interviewed the international president of the growing UK-based Internet company, Bebo aimed at young people. The interview tackles the current issues regarding internet security among young people on social networking sites amidst concern about numerous registered paedophiles in such websites.
More details on this interview here.
A paper on wealth of Internet miscreants, "An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants," is available online on the ICSI Center for Internet Research website. The paper discusses "an active underground economy which specializes in the commoditization of activities such as credit card fraud, identity theft, spamming, phishing, online credential theft, and the sale of compromised hosts. Using a seven month trace of logs collected from an active underground market operating on public Internet chat networks, [the researchers] measure how the shift from “hacking for fun” to “hacking for profit” has given birth to a societal substrate mature enough to steal wealth into the millions of dollars in less than one year."
To access the paper, click here.
Tuesday, October 16, 2007
John Leyden recently reports on the WabiSabiLabi, an IT company providing space for auction of vulnerabilities and exploits, on The Register. According to the report, "it has exceeded expectations with the submission of more than 150 vulnerabilities in its first two months of operations." Among the vulnerabilities in the marketplace are 51 bugs in Windows, 19 flaws in Linux, 29 web application vulnerabilities, two Mac-related flaws, 10 flaws in enterprise software from SAP, and one IBM-related vulnerability. The company, however do not accept all submitted vulnerabilities. It has recently rejected 40 due to the use of "illegal methodology." Selling prices range between 100 to 15,000 euros each, and currently, 1,000 researchers have registered on the site.
Read the full article on The Register.
Monday, October 15, 2007
The Washington Post recently reported on the Russian Business Network, an Internet business based in St. Petersburg which has become a world hub for Web sites devoted to child pornography, spamming and identity theft. Cybercrime groups including those responsible for about half of last year's incidents of phishing are said to be operating from the company's computer network system.
"The company 'is literally a shelter for all illegal activities, be it child pornography, online scams, piracy or other illicit operations,' Symantec analysts wrote in a report. 'It is alleged that this organized cyber crime syndicate has strong links with the Russian criminal underground as well as the government, probably accomplished by bribing officials...' But Alexander Gostev, an analyst with Kaspersky Lab, a Russian antivirus and computer security firm, said the Russian Business Network has structured itself in ways that make prosecution difficult. 'They make money on the services they provide,' he said -- the illegal activities are all carried out by groups that buy hosting services... In addition, Gostev said, criminals using the Russian Business Network tend to target non-Russian companies and consumers rather than Russians, who might contact local authorities. 'In order to start an investigation, there should be a complaint from a victim. If your computer was infected, you should go to the police and write a complaint and then they can launch an investigation,' Gostev said. Now, he added, his company and the police both have information, but no victim has filed a complaint."
Read the full article here.
Friday, October 12, 2007
A MAAWG document was recently released entitled "MAAWG Best Practices for the Use of a Walled Garden." This white paper discusses the criteria for exit and entry, remediation and subscriber education regarding walled garden. The primary goal of these practices is to help end-users become aware of and remove unwanted programs or malware residing on their personal computers and to stop the network from being used for abusive purposes. To access the white paper, click here. More information on MAAWG activities here.
Wednesday, October 10, 2007
Lani Kass, a former major in the Israeli Defense forces, an instructor at the National War College and also a senior mentor to Operation Checkmate, recently gave a talk at the Air Force Association Air and Space Conference on the future of warfare discussing what cyberspace and cyberwarfare.
"We have been using the electromagnetic spectrum longer than we have been using air and space," she said, noting that the telegraph, one of the most bedrock aspects of cyberspace, was developed around the time of the Civil War. What makes cyber different from the other realms, she said, is that it doesn't take a lot to fight in it. You don't have to build or buy expensive ships, airplanes, tanks or spacecraft. All you need is a laptop or a link to the Internet... That's important since people half a world away can do things now that can limit or eliminate the control of land, air, sea and space that make protections of modern freedoms possible, she said. "If you don't dominate cyber, you cannot dominate in air, or in space, you cannot dominate on land or at sea," she said. "Quite frankly, if you're a developed country, you cannot conduct your daily way of life. Your life essentially comes to a screeching halt."
Cyber Strike commander Lt. Gen. Robert J. Elder also spoke that afternoon of the efforts at Barksdale to make the cyber vision reality. This involves "determining and gathering the people to do the work, determining the new career and training avenues that need to be forged, assessing systems and software for the new missions, establishing command and control procedures and forging alliances with academia and industry, such as the $100 million Cyber Innovation Center being created north of Barksdale."
Read the full article on The Shreveport times.
Tuesday, October 09, 2007
Friday, October 05, 2007
Yesterday, Microsoft announced to launch HealthVault, an online platform to securely store personal health-related information online. The business model relies on performing vertical internet search tailored for health queries. Several organizations signed up to participate in the project including hospitals, disease prevention organizations, and health care companies.
For more information, see articles online of the New York Times, the Economist, discussions in several blogs and the company's press information.
A social networking space to address climate change, OneClimate.net, was recently launched by OneWorld. The idea is to act as a ‘Climate Facebook’ to inspire people to protect planet Earth through exchange of experiences, asking questions, etc.
To read the press release, click here.
The Information for Development Program (infoDev) of The World Bank identified trends in 53 African countries related to the use of information and communication technologies (ICTs) in education.
The report indicates a shift from small-scale pilot projects supported by donors and NGOs to a systematic policy and multi-stakeholder approach. While the degree of e-readiness varies from country to country, there is a growing commitment to using ICTs in education throughout administrations on the continent.
The survey finds some notable trends in the areas as follows:
- Public-private partnerships
- Digital content
- Open source software and operating systems
- Regional initiatives
- National research and education networks
- Internet connectivity
- Wireless networks
To read the summary report, click here.
To read the full article, click here.
Thursday, October 04, 2007
Inveneo is a non-profit social enterprise whose mission is to get the tools of ICT into the hands of organizations and people who need them most - those in remote and rural communities in the developing world. To do this, Inveneo creates and sells highly affordable and sustainable ICTs that are specifically designed for organizations- governments, NGOs, private enterprises - that serve these rural communities with vital services that include education, healthcare, economic development, relief and telecentres.
During September 2007, CNN showed a programme about the work of Inveneo in rural Uganda where the co-founder, Kristin Peterson stated that she regarded providing ICT to rural areas as important as providing food.
According to an article by Sharon Gaudin on InformationWeek, cybercriminals are splitting up their giant botnets, which have been diligently built up in the recent months, into smaller pieces to make them more agile, more easily hidden from detection, and easier to manage.
Iftach Amit, director of security research at security company Finjan tells InformationWeek that "smaller botnets get the job done, but smaller botnets generate a lot less traffic. That makes them harder to detect because they make much less noise. They fly under the radar when you're looking for anomalies in behavior." He adds that many botnets are operated from a single command center. If security researchers or law enforcement find that command center, the botnet is effectively shut down. However, if the hacker splits the botnet up into several smaller botners, each with its own command center, if one goes down, the others remain operational.
No apparent news yet link the Storm worm botnet to this trend. It was noted, however, that the Storm worm botnet is not controlled by one command center, which has made it difficult for researchers to shut it down.
Read the full article here.
Heise Online recently reported "on a ruling, dated March 27, 2007, which has only now been published and is likely to have legal ramifications, the local court of the Berlin district of Mitte has barred the Federal Ministry of Justice from retaining personal data acquired via its website beyond the periods associated with the specific instances of use of the site... The local court also opposed the view espoused by operators and some data privacy watchdogs that security reasons justify a recording regime that over short periods of time maps the behavior of all Net users and allows individual users to be picked out." Slashdot adds that "German privacy activists have started a campaign Wir speichern nicht, ("we don't log your data!") which provides manuals how to turn off the IP logging on your server."
In response to this ruling, Patrick Breyer of the German Working Group on Data Retention, who was the plaintiff in the relevant case, has called on all public authorities, departments and agencies of the German Federal State and of the federal states comprising the Federal Republic to abandon their "illegal data retention policies" by the end of this year at the very latest or have additional lawsuits filed. Breyer has made a model complaint available on his website.
Read the complete news report here.
Wednesday, October 03, 2007
HKDNR, together with the Office of Telecommunications Authority (OFTA), HK Police Force, Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) and other agencies, dedicates much effort in implementing all possible measures to strike .hk domain names that are related to phishing or spamming sites.
"HKDNR is kept updated daily on a spamvertised domain list so that more comprehensive monitoring can be maintained and immediate action can be carried out against these domains. Any domains that are verified as phishing / spamming will be suspended immediately. According to the information published in mid June in AbuseButler on the top 800 spamvertised domains worldwide over the previous 4 weeks, the number of reports on .hk spamvertised domains accounted for 2.3 % of the total reports received. In early August, the number of reports on .hk spamvertised domains dropped to 0.3 % of the total reports received."
Read the full article at the HKIRC Newsletter (September 2007).
Monday, October 01, 2007
The Anti-Malware Engineering Team, the team that builds the core antivirus, antispyware, anti-rootkit, and related technology used across a number of Microsoft products and technologies, posted on their blog recent "Storm" worm statistics based on the latest release of the Malicious Software Removal Tool (MSRT) developed and updated by Microsoft’s Malware Protection Center (MMPC). According to the Anti-Malware Engineering Team, as of 2PM on Tuesday, PDT, 18 September 2007, "the Renos family of malware has been removed from 668,362 distinct machines. The Zlob family has been removed from 664,258 machines. And the Nuwar family has been removed from 274,372 machines. In total, malware has been removed by this month’s MSRT from 2,574,586 machines." It has also been reported that another anti-malware researcher who has been tracking these recent attacks presented data that shows that the team knocked out approximately one-fifth of "Storm's" Denial of Service (DoS) capability on 11 September. No continued decrease was evident though since the first day which was presumably due to a newer version of the software that the criminals
behind the deployment of the "Storm" botnet has apparently immediately released.
Read the full article here.
A report released by the Living Tongues Institute for Endangered Languages in Oregon talks about the alarming rate of extinction of the world's languages.
"While half of all languages have gone extinct in the last 500 years, the half-life is dropping: half of the 7,000 languages spoken today won't exist by the year 2100," according to Slashdot. The NY Times, on its article Languages Die, but Not Their Last Words, adds that "83 languages with 'global' influence are spoken and written by 80 percent of the world population. Most of the others face extinction at a rate, the researchers said, that exceeds that of birds, mammals, fish and plants."
Read Languages Racing to Extinction in 5 Global "Hotspots" further here.
Continue reading the NY Times article on language extinction here.
The United Nations Food and Agriculture Organization (FAO) on 28 September launched a new interactive web-based site, underscoring the important role information and communication technology (ICT) can play in promoting agriculture and rural development. Users can exchange experiences, opinions and good practices on the platform, http://www.e-agriculture.org/, which was developed by the FAO and its partners.
The platform is part of the Community of Expertise - a global initiative to boost sustainable agricultural development and food security through increased use of ICT –that includes policymakers, rural service providers, development practitioners, farmers, researchers and ICT specialists.
"We are confident that the e-agriculture Community of Expertise will help facilitate further global discussions and decisions facing farmers, Governments and the international community at large related to the role that ICT can have in agriculture and rural development," said the Director of FAO's Knowledge Exchange and Capacity Building Division, Anton Mangstl.
More than 3,400 people from 135 countries participated in an online survey and in virtual forums to help develop the platform.
Although the digital divide is shrinking, only 18 per cent of the global population has access to the Internet. The UN International Telecommunication Union (ITU) estimates that one billion people worldwide - most of whom depend in some way on agriculture for their livelihoods - still lack connection of any kind to ICT.
To access the press release from the United Nations News Centre, click here.
For more information on e-agriculture activities related to the World Summit on the Information Society (WSIS), click here.
Om Malik of GigaOm writes about the popularity of the One Laptop Per Child project among kids and the problem of internet connectivity and infrastructure in the emerging economies. He sites the success and impact of the OLPC project on children in Brazil as expressed by the Brazilian Culture Minister Gilberto Gil on his speech at the Emerging Technologies (EmTech) Conference at MIT. However, the nation is not yet ready to pick up on this demand because of the lack of network infrastructure in the country. "We can’t just distribute computers. We have to build a backbone. Just making the technology accessible is not enough. Technology leads to language, to spiritual dimensions. It’s the whole process that matters. It’s not just one item, computers are not enough," says Gil.
However, John Roese, chief technology office of Nortel (NT), wrote on his blog about OLPC and the concept of hyperconnectivity saying that "while OLPC is not a Nortel product, it is a tool to stimulate the R&D teams to consider new communication models of hyper connectivity, new programming models and new collaboration methods. It also represents a new type of client, as well as new economic and networking models that are possibly a reflection of the future nature of broadband networking."
Read the full article here.
Thursday, September 27, 2007
CNN, on their article "Sources: Staged cyber attack reveals vulnerability in power grid," reports on how an experimental cyber attack conducted by researchers caused a generator to self-destruct. CNN captured a video of the generator shaking and smoking, and then shutting down. This new revelation has consequently alarmed the federal government and the electrical industry on the possibilities if such an attack were
carried out on a larger scale. "Sources familiar with the experiment said the same attack scenario could be used against huge generators that produce the country's electric power. Some experts fear bigger, coordinated attacks could cause widespread damage to electric infrastructure that could
take months to fix." The staged cyber attack, dubbed "Aurora," was conducted in March at the Department of Energy's Idaho lab.
Learn more about the staged cyber attack and continue reading the article here.
Wednesday, September 26, 2007
OECD has recently released its September 2007 issue of its newsletter. "OECD Information and Communication Policy News was launched in June
2006. Every quarter, it brings the latest news, statistics and best practice recommendations from the OECD on Information and Communication
Policy, including policy for communication infrastructures and services, the information economy, security and privacy, and consumer protection." For more information, visit the OECD website.
Tuesday, September 25, 2007
Sophos recently reported on the hefty jail sentences that the pump-and-dump stock spam gang faces today. 47-year-old Michael Saquella (also known as Michael Paloma), 63-year-old Lawrence Kaplan, 38-year-old Henry Zemla and 26-year-old Justin Medlin
have all pleaded guilty to being part of an international gang that spammed out fraudulent news stories to create artificial demand in stocks, pumping up the share price of 15 small companies (Beverly Hills Film Studios; Body Scan; Cor Equity Holdings; Courtside Products; eDollars, IFINIX; Integrity Messenger; Latin Heat Entertainment; Motion DNA; PokerBook Gaming; TKO Holding; Trans-Global Holdings; V3 Global; Xtreme Technologies; and Zuma Beach Entertainment) and raising more than $20 million from investors. The four men are now facing between 5-10 years in prison.
"Pump and dump stock campaigns work by spammers purchasing stock at a cheap price and then artificially inflating its price by encouraging others to purchase more (often by spamming "good news" about the company to others). The spammers then sell off their stock at a profit. Sophos experts report that pump-and-dump stock campaigns account for approximately 25 percent of all spam, up from 0.8 percent in January 2005. Earlier this year, Sophos reported how the US Securities and Exchange Commission (SEC) had suspended trading in 35 companies as they were found to be commonly referenced in pump-and-dump stock email campaigns."
Read the full article here.
Monday, September 24, 2007
Sunday, September 23, 2007
A story at Slashdot points to a article with a quote from McAfee CEO David DeWalt, who says that cyber-crime has become a US$105 billion business that now surpasses the value of the illegal drug trade worldwide. Despite the increase in government compliance requirements and the proliferation of security tools, companies continue to underestimate the threat from phishing, data loss, and other cyber vulnerabilities, DeWalt said. 'Worldwide data losses now represent US$40 billion in losses to affected companies and individuals each year, DeWalt says. But law enforcement's ability to find, prosecute, and punish criminals in cyberspace has not kept up: "If you rob a 7-11 you'll get a much harsher punishment than if you stole millions online," DeWal remarked. "The cross-border sophistication in tracking and arresting cyber-criminals is just not there."'
Friday, September 21, 2007
The Consumer Electronics Association (CEA) launched a press release on 19 September 2007 on a study commissioned to investigate the impact of telecommuting and e-commerce on energy consumption, greenhouse gas emissions, and liquid fuel consumption.
The study found that one day of telecommuting - using consumer electronics such as personal computers and wireless networks - would save the equivalent of up to 12 hours of an average household's electricity use in the United States. The findings also indicate that the level of CO2 reduction would be equal to removing 2 million vehicles from the road every year.
To read the study, click here.
Wednesday, September 19, 2007
The International Trade Centre's e-Trade Development Unit published its latest newsletter today, which highlights the topics as follows:
- ITC joins the UN Global Alliance for ICT and Development;
- Mali K7: an African Record Company aims at the Global Market;
- Training on e-Commerce targets SMEs in Tehran;
- Interview with Mr. Walid Kooli, e-Commerce focal point in Tunisia;
- Report from the field: ETDU in Iran;
- Knowledge Process Outsourcing (KPO) event mobilizes African firms;
- Helping Developing Countries migrate towards Paperless Trade;
- Paperless trade - how does it work?
- Bangladesh designs a strategy for its technology sector.
The Portuguese Government and the European Commission are jointly organising the fourth Ministerial eGovernment Conference entitled “Reaping the Benefits of eGovernment” in Lisbon from 19 to 21 September 2007.
Topics to be covered during the workshops at the conference include the analysis of experience and results of the e-government initiatives at European level such as:
- Research and Technological Development in Electronic Government;
- Public Sector Innovators;
- eGovernment standards;
- Benefits for All derived from Electronic Government;
- Benefits of the electronic infrastructure in e-government, e-health and e-learning.
Tuesday, September 18, 2007
Monday, September 17, 2007
The Washington Post reports on Google's call for new international standards on the collection and use of consumer data. "Peter Fleischer, global privacy counsel for Google, told a U.N. audience in Strasbourg, France, that fragmentary international privacy laws burden companies and don't protect consumers. He argued for an international body such as the United Nations to create standards that individual countries could then adopt and adapt to fit their needs. 'The ultimate goal should be to create minimum standards of privacy protection that meet the expectations and demands of consumers, businesses and governments,' Fleischer said, according to a transcript of the speech provided by Google."
Investigations over Google's privacy practices are currently conducted by the European Union. There have been controversy and criticisms on Google's privacy policies and its planned $3.1 billion merger with DoubleClick,
an online advertising broker that sells banner and video ads. Critics argue that the merger which would enable the company to collect information on which sites users visit, would hurt competition in online advertising, and that it would aggregate too much consumer data in the hands of one
company. According to Marc Rotenberg, executive director of the Electronic Privacy Information Center and a
critic of the DoubleClick merger, "Google, under investigation for violating global privacy standards, is calling for international privacy standards... It's somewhat like someone being caught for speeding saying there should be a public policy to regulate speeding."
Fleischer proposes the privacy framework developed by the Asia-Pacific Economic Cooperation forum, which he refers to as a balance between information privacy, and business needs and commercial interests. However, critics say that the APEC standards are too lenient. Rotenberg adds further that the APEC rules put the burden on consumers, who must demonstrate that a company's privacy policy has harmed them. Guidelines developed in 1980 by the Organization for Economic Cooperation and Development which influenced the European Union's privacy laws and are usually preferred by privacy advocates, generally focus on the violation of privacy as a right rather than a demonstration of harm caused by the violation.
To read the full article, click here.
Read more about Peter Fleischer's views on privacy on his blog.
The Wall Street Journal Online reports on the five-year sentence given to Irving Escobar, a ring leader in a TJX Cos. linked credit-card fraud. He "was sentenced to five years in prison and has been ordered to pay nearly $600,000 in restitution for damages resulting from stolen financial information, Florida officials said. The sentencing follows a guilty plea by Mr. Escobar, 19 years old, of Miami, to charges that he participated in a 10-person operation that used counterfeit cards bearing the stolen credit-card data of hundreds of TJX customers to purchase approximately $3 million in goods and gift cards."
Read more on this news article here.
Friday, September 14, 2007
Bruce Schneier has posted an entry on his blog arguing that if we want home users to be secure, we need to design computers and networks that are secure out of the box, without any work by the end users. “There simply isn't any other way.”
Interpol proposed on Wednesday the creation of global and regional anti-crime centres to fight criminal activity online and respond quickly to emergency cybercrime alerts. During an international cybercrimes conference in New Delhi, Interpol Secretary-General Ronald K. Noble said that the Internet should not be allowed to become a place where criminals have the upper hand and can escape punishment. Officials from 37 countries discussed identity theft, online bank fraud, Internet gaming and the risks of online terrorist activity during the two-day conference organized by Interpol.
To read the full article, click here.
Thursday, September 13, 2007
At the first Regional Conference on Literacy taking place in Mali this week, Angola's Minister of Education underlined the importance of literacy skills to foster health prevention in Africa as the Angola Press Agency reported yesterday via All Africa.
In order to reach the objectives of the National Plan of Education for All by 2015, information and communication technologies (ICTs) are now used as tools to promote autodidactic learning and to train citizens on matters related to health primary care, personal hygiene, HIV/Aids and environment.
To read more, click here.
The European Union proposes that internet searches for bomb-making instructions should be filtered and blocked across the European Union. "Internet providers should also prevent access to any site giving instructions on how to make a bomb, EU Justice and Security Commissioner Franco Frattini said in an interview... The EU executive is to make this proposal to member states early in November as part of a raft of anti-terrorism proposals. These include the screening of private data of passengers flying into the 27-nation bloc and the creation of an early warning system to alert police forces to thefts of explosives. Representatives of the Internet industry are meeting the EU on Tuesday, the sixth anniversary of al Qaeda's September 11 attacks on the United States, at a European Security Research and Innovation Forum. The Internet has taken on huge importance for militant groups,
enabling them to share know-how and spread propaganda to a mass audience, as well as to link cell members."
Read the full article on Reuters.
Wednesday, September 12, 2007
The e-Government Global Dialogue, Citizen-Centric Government: One-Stop Multi-Channel Service Delivery for All, will be held on Tuesday, 18 September 2007, 8:00-10:30 am ET at Room MC2-137, 1818 H Street NW in Washington, DC. It will also be accessible via live webcast.
"The government of the future is a citizen-centric government and the one-stop approach is a quintessential expression of citizen
centricity. This seminar, initiated by the Moscow City Government is integral part of Single Window Conference taking place in Zelenograd district of Moscow on Sep 18-20, which will bring together some 300 government officials and other stakeholders from multiple Russian regions as well as the audiences in other transition and developing countries. The seminar will enable policy-makers to get a snapshot of international experience, analyze critical success factors, lessons learned and implementation challenges in citizen service center projects, and explore a symbiotic relationship between the citizen service centres and other service delivery channels. Case studies of citizen service center projects will also be presented, and the following issues will be discussed in more detail: the profile, skills, professional background for one-stop citizen service centers; the legal status / organizational form of citizen service centers; and the relations and linkages between citizen service centers and the government agencies."
More information about this event is available here.
Interested participants may also join via the Live Webcast / Online Discussion.
John E. Dunn reports on Techworld how the global market for criminal malware operates like a supermarket, complete with special offers and volume discounts, as a security company has discovered. On Panda Software’s latest quarterly report, the going rate for a reasonably sophisticated but generic Trojan is between £175 ($350) and £350 ($700), while the email list with which to target victims for the program costs from £50 ($100) per million names. The malware writers even offer specials – in one case the company discovered a site selling a ‘payment capture’ Trojan for £200 ($400) to the first 100 customers to sign up, a saving of £50 ($100) off the normal rate. "In recent months we have witnessed the growing professionalisation of digital crime," said Panda Software’s lab chief Luis Corrons. "The first step for cyber-crooks was when they started looking for profits from their activity instead of just notoriety. Now they are creating a vast online malware market, where there are even specialised segments. New business models are appearing, as we speak," he said.
Corrons adds that the malware industry now appears to be turning from being just a shop from which malware can be bought, to one where services are offered. For between one and five dollars per executable, malware could be cloaked - encrypted - against the anti-virus software programs it was likely to encounter on a for-hire basis. Finally, criminals could rent spam servers for £250 a time to distribute their assembled malware package, the company said. Corrons also provides details of the cost of hiring DDoS attacks in his blog.
Read the full article here.
An article on The Economist discusses RBN (Russian Business Company), the threats it poses to global cybersecurity, and the lack of cooperation from the Russian government. VeriSign classifies RBN as "“the baddest of the bad"”. The anonymity of the group and its senior figures who are only known through their nicknames, and the apparent backing of politicians have led to the continuing success of its operations. "'“RBN is a for-hire service catering to large-scale criminal operations,”' says the report. It hosts
cybercriminals, ranging from spammers to phishers, bot-herders and all manner of other fraudsters and wrongdoers from the venal to the vicious. Just one big scam, called Rock Phish (where gullible internet users were tricked into entering personal financial information such as bank account details) made $150m last year, VeriSign estimates." Another difficulty RBN poses is its ability to fight back. This had been evident in the Rock Phish attack to the National Bank of Australia in October 2006. After taking active measures against the attack, RBN fought back by taking down the bank’s home-page for three days.
Despite VeriSign having tracked down the physical location of RBN’s servers and the Western law enforcement officers' pressure on their Russian counterparts to pursue the investigation vigorously, RBN remains confident and active. According to VeriSign, "only strong political pressure on Russia will make the criminal justice system there deal with this glaring example of cyber-illegality."
To read the full article, go to The Economist.
A new mobile system where one makes calls directly between phones, for free, is being trialled by TerraNet, a Swedish company, in hopes of dramatically improving communications in the developing world. "TerraNet has developed the idea using peer-to-peer technology that enables users to speak on its handsets without the need for a mobile phone base station. The technology is designed for remote areas of the countryside or desert where base stations are unfeasible. Projects backed by TerraNet recently launched in Tanzania and Ecuador. The TerraNet technology works using handsets adapted to work as peers that can route data or calls for other phones in the network. The handsets also serve as nodes between other handsets, extending the reach of the entire system. Each handset has an effective range of about one kilometre. This collaborative routing of calls means there is no cost to talk between handsets. When a TerraNet phone is switched on, it begins to look for other phones within range. If it finds them, it starts to connect and extend the radio network. When a number is dialled a handset checks to see if the person being called is within range. If they are, the call goes through. While individually the phones only have a maximum range of 1km, any phone in between two others can forward calls, allowing the distance to double. This principle applied many times creates a mini network. However, TerraNet founder Anders Carlius admitted that this has created big problems with having enough available frequencies. The system can also be used to make calls to other TerraNet mesh networks via a net-connected PC fitted with an inexpensive USB dongle."
Currently, this new system only works with a special handset, but "Mr Carlius said he hopes that it will eventually be a feature available on all phones, like Bluetooth. He said that were this to happen, it could potentially spell the end for the current Global System for Mobile (GSM) communications model which is used by about 70% of all mobile phones." Most large mobile companies seem skeptical at the moment, but according to Mr Carlius, mobile phone manufacturer Ericsson had invested around £3m in TerraNet.
Read the full article on BBC News.
A Swedish security researcher, Dan Egerstad, has recently revealed how he collected 100 passwords from embassies and governments worldwide by sniffing Tor exit routers. Egerstad explains on his blog how he did it, and calls attention to and re-iterates the lack of appreciation for cybersecurity among organizations worldwide.
Read related article on Ars Technica here.
Computerworld reports on a worm targeting Windows PCs that is spreading through Skype's instant messenger, making the Voice over IP (VoIP)'s chat software the next target. Dubbed Ramex.a by Skype spokesman Villu Arak, but pegged Pykspa.d by Symantec, the worm takes a typical instant messenger (IM) line of attack: After hijacking contacts from an infected machine's Skype software, it sends messages to those people that include a live link. Recipients who blithely click on the URL, which poses as a JPG image but is actually a download to a file with the .scr extension, wind up infected. Arak also listed instructions for removing the worm from infected PCs, but they included changes to the Windows registry, a chore most users are hesitant to try. Ramex.a/Pykspa.d injects code into the Explorer.exe process to force it to run the actual malware, a file named wndrivsd32.exe, periodically. The worm also plugs in bogus entries in the Windows hosts file so that installed security software won't be able to retrieve updates.
Skype is only the latest IM client to fall victim to hackers. Both Yahoo Messenger and Microsoft Corp.'s MSN/Live Messenger have been targeted this summer. Exploit code designed to hijack Windows PCs running Yahoo Messenger appeared as early as June, and Yahoo has been forced to patch the IM client several times since. Microsoft, meanwhile, has scheduled fixes for its MSN Messenger and Windows Live Messenger software for tomorrow, presumably to quash a webcam bug that was disclosed late last month.
Read more of this article here.
Tuesday, September 11, 2007
Spamnation reports that the popular scambaiting site 419Eater and the anti-scam site Scamwarners are the latest anti-spam sites to fall victim to a distributed denial of service (DDoS) attack. Artists against 419 was also hit recently as well as another useful anti-scam site, CastleCops, along with other sites hosting antispam forums.
Spamnation asserts that the Zhelatin (Storm Worm) gang is responsible for a number of other DDoS attacks this year, including an attack against anti-spam sites and download sites operated by a rival spam gang. Zhelatin are known to have spare capacity at the moment. There have been reports that they have built up a botnet containing more than a million computers, not all of which are currently being used for stock and pill spam.
For spam gangs like Zhelatin, a DDoS attack appears to be another opportunity to exploit. When the Zhelatin botnet gets to break in a site, it's more likely that the attack has been commissioned by one of their customers. In the same way that a customer can order a stock spam run, they can request a DDoS attack (although it has been claimed that DDoS attacks cost more than regular spam runs, because there is a greater risk that ISPs or law enforcement will react aggressively to shut down the machines involved).
Read full article here.
Monday, September 10, 2007
The Food and Agriculture Organization (FAO) accepted the role and responsibilities of facilitating activities related to the action line under C.7 ICT Applications - e-Agriculture at the World Summit on the Information Society (WSIS) follow-up meetings held in February 2006 in Geneva.
In May 2007, a pilot web-based platform, www.e-agriculture.org was launched providing a dynamic space for those interested in shaping e-agriculture policies and practices to network, share information, experiences, and opinions, and to find out about new and useful systems, tools, and methodologies.
From 12 September to 3 October 2007, the Consultative Group on International Agricultural Research (CGIAR) invites all e-Agriculture Community members to participate in its online consultation on "Opening Access to CGIAR Research and Knowledge: From Data, Information and Collaboration to Food" at the online forum. The objective is to make it easier for CGIAR staff, partners and potential partners to access, use and add value to the research and to the scientific outputs of the CGIAR.
With the objective to support the use of ICTs and knowledge management in the agricultural sector, a strategy has been drafted on global public goods.
- Integrated access to global public goods stewarded by the CGIAR (technical standards/portal work);
- Networking and capacity building to ensure the best possible linkages between CGIAR, NARS and other partners for public goods generation and sharing;
- Value-added information products and services.
Peter Gutmann of the Department of Computer Science, University of Auckland presents how "malware has come a long way since it consisted mostly of small-scale (if prolific) nuisances perpetrated by script kiddies. Today, it's increasingly being created by professional programmers and managed by international criminal organisations. The Commercial Malware Industry looks at the methods and technology employed by the professional malware idustry, which is turning out "product" that matches (and in some cases even exceeds) the sophistication of standard commercial software, but with far more sinister applications."
The presentation discusses extensively how the malware industry has evolved from The Numbers Racket to organized crimes and even further now into the Spam, Carding, Phishing and Botnet businesses, among others. Provided in the presentation as well are case studies and examples, statistics, and technical mechanisms of these growing internet crimes as services.
Read more on Peter Gutmann's work here.
The ITU News Nº 7 September-October 2007 edition features in its Cybersecurity Watch the Cybersecurity Work Programme for Developing Countries. The purpose of the Cybersecurity Watch column is to share information on ITU activities and initiatives related to cybersecurity and countering spam. More information on ITU activities in the domain of cybersecurity can be found at here. ITU–D's ICT Applications and Cybersecurity Division has information on its ongoing projects, resources and publications to assist ITU Member States, including an overview of the ITU Cybersecurity Work Programme for Developing Countries, as well as information on the toolkits mentioned in the article at the CYB website. Details on related workshops and other events can be found here.
Researchers say the growing botnet has enough distributed power to launch a damaging attack against major businesses or even countries. The Storm worm botnet has grown so massive and far-reaching that it easily overpowers the world's top supercomputers. That's the latest word from security researchers who are tracking the burgeoning network of machines that have been compromised by the virulent Storm worm, which has pounded the Internet non-stop for the past three months. Despite the wide ranging estimates as to the size of the botnet, researchers tend to agree that it's one of the largest zombie grids they've ever seen. According to Matt Sergeant, chief anti-spam technologist with MessageLabs, "in terms of power, [the botnet] utterly blows the supercomputers away. If you add up all 500 of the top supercomputers, it blows them all away with just 2 million of its machines. It's very frightening that criminals have access to that much computing power, but there's not much we can do about it." Sergeant adds that researchers at MessageLabs see about 2 million different computers in the botnet sending out spam on any given day, and he estimates the botnet generally is operating at about 10% of capacity. Adam Swidler, a senior manager with security company Postini, told InformationWeek that while he thinks the botnet is in the 1 million to 2 million range, he still thinks it can easily overpower a major supercomputer.
Cyber criminals who control the botnet have a tremendous amount of destructive power. Early this summer, the Baltic nation of Estonia was pounded in a cyberwar that saw distributed denial-of-service attack primarily targeting the Estonian government, banking, media, and police sites.
Last month, Ren-Isac, a collaboration of higher-education security researchers, sent out a warning that the Storm worm authors had another trick up their sleeves. The botnet actually is attacking computers that are trying to weed it out. It's set up to launch a distributed denial-of-service attack against any computer that is scanning a network for vulnerabilities or malware. The warning noted that researchers have seen "numerous" Storm-related DoS attacks recently. MessageLabs' Sergeant said the botnet also has been launching DoS attacks against anti-spam organizations and even individual researchers who have been investigating it. "If a researcher is repeatedly trying to pull down the malware to examine it the botnet knows you're a researcher and launches an attack against you," he said.
Lawrence Baldwin, chief forensic officer of MyNetWatchman.com, said he doesn't have a handle on how big the overall botnet has become but he's calculated that 5,000 to 6,000 computers are being used just to host the malicious Web sites that the Storm worm spam e-mails are linking users to. And he added that while the now-well-known e-cards and fake news spam is being used to build up the already massive botnet, the authors are using pump-and-dump scams to make money. Swidler said that since mid-July, Postini researchers have recorded 1.2 billion e-mails that have been spit out by the botnet. A record was set on Aug. 22 when 57 million virus-infected messages -- 99% of them from the Storm worm -- were tracked crossing the Internet. According to researchers at SecureWorks, the botnet sent out 6,927 e-mails in June to the company's 1,800 customers. In July, that number ballooned to 20,193,134. Since Aug. 8, they've counted 10,218,196.
Read full article at InformationWeek.
Friday, September 07, 2007
On early May this year following the controversial uprooting of the 6-foot-tall bronze statue in downtown Tallinn, the capital of Estonia, the nation faced a series of massive botnet attacks. Estonian government, banking, media, and police sites were flooded by overwhelming internet traffic from all over the world which led to DDoS attacks forcing the sites to shut down and remain inaccessible outside the country for extended periods of time. In mid-May, the major botnet attacks suddenly stopped, and the bots appeared to have been set to run for exactly two weeks after which the infected computers abandoned the attacks and reverted to more traditional botnet activities, like spamming and extortion.
This recent attack on Estonia has proven the power of botnets and it DDoS capabilities. Using rented botnets, hundreds of thousands or even millions of infobombs may be launched at a target, all while maintaining total deniability to bring down a country's information infrastructure.
For more details on the botnet attack against Estonia, read full article here.
An article on how bots attack may also be accessed here.
Thursday, September 06, 2007
Following the devastating earthquake measuring 7.9 on the Richter scale that struck Southern Peru on 15 August 2007, killing more than 500 people and injuring as well as displacing thousands more, ITU deployed 50 satellite terminals to help restore vital communication links in remote and underserved areas. These links are critical in coordinating rescue and relief operations.
According to Ms Cayetana Aljovin, Vice-Minister for Communications of Peru, the equipment is being deployed in areas where telecommunications are not available. But these are most needed to facilitate emergency teams as well as government organizations in establishing communications to coordinate their work. "We take very seriously the role of telecommunications in mitigating disasters," said Mr Sami Al Basheer Al Morshid, Director of ITU’s Telecommunication Development Bureau. "Whenever a country is affected by a disaster, we quickly mobilize and dispatch transportable telecommunications resources that can be used for general communications by government authorities and to provide e-services such as telemedicine that are crucial for saving human lives. We hope that this contribution will go a long way towards helping Peru cope with this massive earthquake".
Emergency telecommunication is the key for government and humanitarian aid agencies involved in rescue operations, medical assistance and rehabilitation. Mountainous terrain in Peru has severely hampered access and the coordination of rescue operations. The restoration of telecommunication resources have helped bridge these gaps and provided the much needed link for the transmission and reception of high speed data for e-applications and for voice communications. This has provided succour to both government authorities and relief agencies as well as to the affected population.
ITU has been responsible for transporting and deploying all the terminals as well as paying for the air time for using them.
Twelve of the terminals are Global Area Network (GAN) terminals and 38 are regional broadband global network satellite terminals (RBGAN). The 12 GAN terminals are capable of providing voice, data and video services, and the 38 RBGAN terminals provide high-speed data communications.
For further information, please visit Emergency Telecommunications or contact Sanjay Acharya, Chief of Media Relations and Public Information, | ITU | Tel: +41 22 730 6135 | e-mail: pressinfo (ad)itu.int | Cosmas Zavazava, Head of Division Emergency Telecommunications,| ITU | Tel: + 41 22 730 5447 | e-mail: cosmas.zavazava (ad)itu.int | Roberto Bastidas-Buch, ITU Area Office Tegucigalpa | Tel: +504 220 1074 | e-mail: roberto.bastidas (ad)itu.int.
For ITU press releases, please click here.
Wednesday, September 05, 2007
Eric Bangeman of Ars Technica reports on the growing power of PSP on the internet today. According to a new survey from ipoque, a German traffic management and analysis firm, P2P traffic is dominating the Internet these days with ipoque's "preliminary results" showing that P2P applications account from anywhere between 50 percent and 90 percent of all Internet traffic. The final survey results are not yet available and will presented at the Emerging Technology Conference at MIT later this month.
During the last year, BitTorrent accounted for between 50 percent to 75 percent of all P2P traffic, with eDonkey coming in second at between 5 percent and 50 percent. ipoque's data appears at odds with that of Ellacoya Networks, a company that makes deep packet inspection gear. The company said in June that P2P traffic accounts for just 37 percent of North American traffic, compared with 46 percent for HTTP traffic. Of that 46 percent, over a third consisted of streaming video, à la YouTube.
Despite the differences in how the traffic is broken out, ipoque and Ellacoya's data both illustrate much of the P2P traffic reported by both firms is video. With the surge in traffic of YouTube and other video sites, as well as the official upcoming launch of Joost, demand for high-bandwidth applications like video is definitely increasing. This has resulted to ISPs' interest in deep packet inspection and other traffic-shaping tools.
Read full article here.
Security firm Sunbelt recently discovered that the Bank of India's hacked website was serving dangerous malware, and the infamous Russian Business Network, an ISP linked to child pornography and phishing, is behind the attack. The service provider in question has developed a notorious reputation. According to VeriSign threat intelligence analyst Kimberly Zenz, the Russian Business Network (RBN) is different to other service providers because "unlike many ISPs that host predominately legitimate items, RBN is entirely illegal. A scan of RBN and affiliated ISPs' net space conducted by VeriSign iDefense analysts failed to locate any legitimate activity. Instead, [our] research identified phishing, malicious code, botnet command-and-control, denial-of-service attacks and child pornography on every single server owned and operated by RBN."
Patrik Runald, senior security specialist at F-Secure, said: "No one knows who the RBN is. They are a secret group based out of St Petersburg that appears to have political connections. The company doesn't legitimately exist. It's not registered and provides hosting for everything that's bad. Their network infrastructure is behind a lot of the bad stuff we're seeing and it has connections to the MPack Group [a well-known group of cybercriminals which used MPack software to steal confidential data]." Runald said that, in the case of the Bank of India's hacked website, RBN used an Iframe to launch another window which then pushed victims to a webpage containing malicious code. The Trojans used in this case were designed to steal passwords from PCs and upload Trojan proxies in aide of developing a botnet.
Read the full article on ZDNet.co.uk.
BBC News reports that easy to use tools that automate attacks on computers are being produced by malicious hackers, according to security experts, ranging from individual viruses to comprehensive kits that let budding cyber thieves craft their own attacks. The top hacking tools may cost up to £500, with some providing 12 months of technical support. Tim Eades from security company Sana said that malicious hackers had evolved over the last few years and were now selling the tools they used to use to the growing numbers of cyber thieves. Individual malicious programs cost up to £17 (25 euros), he said. At the top end of the scale, said Mr Eades, were tools like the notorious MPack which costs up to £500. The regular updates for the software ensure it uses the latest vulnerabilities to help criminals hijack PCs via booby-trapped webpages. It also includes a statistical package that lets owners know how successful their attack has been and where victims are based. MPack has been very popular among criminally minded groups and in late June 2007 managed to subvert more than 10,000 websites in one attack that drew on the tool.
Paul Henry, vice president of Secure Computing, said there were more than 68,000 downloadable hacking tools in circulation. The majority were free to use and took some skill to operate but a growing number were offered for sale to those without the technical knowledge to run their own attacks such as Mpack, Shark 2, Nuclear, WebAttacker, and IcePack. Mr Henry said the tools were proving useful because so
many vulnerabilities were being discovered and were taking so long to be patched. Many hacking groups were attracted to selling the kits
because it meant they took little risk themselves if the malicious software was used to commit crimes. "The only thing you are going to find is a disclaimer that this was distributed for educational purposes and the user accepts any responsibility for any misuse," he said.
To read full article, click here.
Tuesday, September 04, 2007
Monday, September 03, 2007
The United States District Court of Washington ruled in favor of Kaspersky Lab, a leading developer of secure content management solutions, granting immunity from liability in the case brought by online media company Zango. According to Zango's lawsuit, Kaspersky Lab should reclassify Zango’s programs as nonthreatening and Kaspersky Labs’s security software should stop blocking Zango’s potentially undesirable programs. "Judge Coughenour of the Western District of Washington threw out Zango’s lawsuit on the grounds that Kaspersky was immune from liability under the Communications Decency Act. The ruling protects consumer choice to determine what information and software is allowed on each computing system, and enables anti-malware vendors with the right to identify and label software programs that may be potentially unwanted and harmful to a user’s computer as they see fit."
Read full article here.
Thursday, August 30, 2007
Vanguard Media reported today on planned subsidies for telecom operators to erect base transceivers stations in Nigeria with the support of the Universal Service Provision Fund (USPF).
The Fund would receive parts of the annual operating levy that all operators pay to the Nigerian Communications Commission. Finally, subsidies would allow telecom operators to expand their services to isolated and under-served areas, which would enable rural communities to have access to the information society through internet and telephone.
Click here, to read more.
Internet bandwidth could become a global currency under a proposed model for the
future of e-commerce that exploits a novel peer-to-peer video sharing application designed by a trans-Atlantic team of computer scientists according to an article by Vidura Panditaratne on Wednesday, 29 August 2007. This application is being used by researchers from Delft University of Technology and Vrije Universiteit, Amsterdam and Harvard's School of Engineering and Applied Sciences to explore a next-generation model for safe and legal electronic commerce that uses Internet bandwidth as a global currency. An enhanced version of this application called Tribler is now available for free download online.
A version of the Tribler video sharing software serves as a model for an e-commerce system because of its flexibility, speed, and reliability. The researchers envision this model to connect users to a single global market, without any controlling company, network, or bank with bandwidth as the first true Internet "currency" for such a market. "By studying user behavior within an operational 'Internet currency' system, with a particular focus on understanding how and why attacks, fraud, and abuse occur and how trust can be established and maintained, the researchers imagine future improvements to everything from on-demand television to online auctions to open content encyclopedias."
Read more by accessing the full article.
Wednesday, August 29, 2007
The VietNamNet Bridge yesterday published an interview with the Ministry of Information and Communications of Vietnam. According to the Deputy Minister, developing e-government would support the government to operate more effectively, more transparently and to better serve citizens.
Planned activities based on experiences in Vietnam and other countries would aim to integrate ICT applications into public administration agencies by 2010. Doing so would require digitalizing administrative systems and procedures, and providing ICT training. To overcome the reluctance to change, the programme would seek the support and involvement of civil society, private industry and local and regional administrations.
To read more, click here.
Tuesday, August 28, 2007
Pakistan's Minister for Information Technology Awais Ahmad Khan Leghari said on Thursday that the adoption of cyber crime bill by the federal cabinet was a major step towards ensuring a secure business environment and promotion of e-commerce. He said the e-crime bill which will be
tabled in the parliament very soon, would help draw more business and improve Pakistan's e-readiness ranking as reflected in indices maintained by various agencies and business journals of the world.
The Federal Investigation Agency (FIA) has been given the mandate to probe cases falling under the preview of the e-crime law. He said the e-crime law would require the internet companies maintain their traffic data for at least six months to enable the agencies to investigate cases involving data stored by them. He also added that the government would create special IT tribunals in Islamabad as well as provincial headquarters to investigate and check growing incidents of crimes which remained
unpunished for a lack of specific law.
The Prevention of Electronic Crimes Bill 2007 poses penalties ranging from six months to 10 years of punishment for 17 types of cyber crimes, including cyber terrorism, hacking of websites and criminal access to secure data. Thirteen of the crimes listed under the law are bailable.
Read full article here.
GigaOM, on an article by Om Malik, "All Hail SMS," discusses the growing popularity of Short Message Service (SMS), aka text messaging, despite rumors of its pending demise. The technology's relative simplicity and ease of use, despite the high tariffs imposed by carriers around the world, makes SMS usage more and more popular. According to Paul Ruppert, a veteran of mobile business and now a consultant, every year, 2.1 billion global mobile users send 3 trillion SMS messages. Even in markets like the U.S., which lagged in embracing the ease and power of texting and seemingly preferred email and Instant Messaging, text messaging has become an intimate aspect of daily lives, especially for those 15 to 25. Commonly used communications applications embedding direct-to-SMS functionality, such as the new Yahoo Mail, which comes with free text messaging to mobile phone numbers (available in the U.S., Canada, India and the Philippines), have also become apparent nowadays.
Om Malik also writes that "some (mostly entrepreneurs and venture capitalists) believe that like email, SMS is the vehicle for add-on-innovation. There are gaming companies that have turned SMS-based voting into a big business. Voice SMS is being talked about as the next big thing."
To read the full artcile, click here.
ICANN finalized on 23 August 2007 the IDN .test Evaluation Plan and is currently moving forward towards the insertion of IDN strings in the root zone. These IDN TLDs are the word "test" translated into eleven languages including: Arabic, Persian, Chinese (simplified and traditional), Russian, Hindi, Greek, Korean, Yiddish, Japanese and Tamil. The delegation of these TLDs and the evaluations, as described in the plan, is expected to commence in September 2007.
The plan has been modified based on comments received on the IDN public forum and also from consultations with ICANN Technical Advisory Committees. The last version was approved by the ICANN Board at their 14 August 2007 meeting, and the resolution directs ICANN Staff to implement the IDN .test Evaluation Plan, and report back to the ICANN Board following the conclusion of the evaluation.
Keep updated on the progress of this project by visiting http://icann.org/topics/idn.
Read the full article here.
Thursday, August 23, 2007
The World Health Organization launched its annual leading publication focusing on building a safer future in public health. The World Health Report 2007 shows how and why the world is at increasing risk of outbreaks of communicable diseases across borders, natural and man-made disasters and other health emergencies that can rapidly become threats to global public health security.
Information and communication technologies used in surveillance, monitoring and response networks are mentioned as tools to respond to outbreaks of infectious diseases. The report says that the prospect of a safer future would be within reach - and that this would be both a collective aspiration and a mutual responsibility.
To read more, click here.
Wednesday, August 22, 2007
The FBI has chosen the National Center for Supercomputing Applications at the University of Illinois at Urbana-Champaign to host a new law enforcement cybersecurity research center. The bureau said it would provide $3 million to support the first two years' operation of the National Center for Digital Intrusion Response.
The bureau said the state university's IT security scholars would work with FBI cybersecurity specialists to understand what new capabilities are required to better detect and investigate cyberattacks, develop new tools and ensure that FBI agents in the field
can use them effectively. The bureau's expansion of its work with the university team reflects changes in the patterns of crime and national security threats, the FBI said. "While cyberattacks were once considered a specialized niche in law enforcement, today there are digital aspects to many crimes and national security threats; all investigators must be able to pursue criminals operating in cyberspace," the FBI said. "NCDIR will provide training, including intensive summer workshops, so all FBI agents have the opportunity to use these new tools in the field."
Some of the projects and IT security tools developed by NCSA through the funding of the National Science Foundation and other federal agencies include MyProxy, a tool for grid credential management; Framework for Log Anonymization and Information Management, an app that facilitates sharing of log data among secure systems;
GridShib, at tool that supports identity federation for grids; Trustworthy Cyberinfrastructure for the Power Grid; and
Illinois Terrorism Task Force's First Responder's Credentialing.
Read the
full article at
Government Computer News (GCN).
Australia announced a national strategy on deploying health records available over the internet to every citizen, as The Canberra Times reported yesterday. Patients would be able to securely access their medical claims and rebates over public networks as of 2008. Later on, patients would have online access to their pharmaceutical benefits schemes claims. Eventually, Australians would have access to their individual digital files, which would be automatically updated by health service providers.
A parallel initiative is focusing on ensuring effective follow-up medical care for indigenous children in remote areas. Depending on the patient’s or their parents’ authorization, health professionals would be able to access their digital records to support ongoing care.
(The full article "Aust health histories to be accessible on internet" by Danielle Cronin health reporter, Canberra Times, 21 August 2007, is not available freely online.)
On 22 July 2007, the New York Times reported on Rwanda's current Internet connectivity situation. According to the article, in 2003, Greg Wyler, an American businessman, promised the Rwandan government fiber optic cables and connectivity among schools, government institutions and homes through low-cost, high-speed Internet service. His company, Terracom,was granted a contract to connect 300 schools to the Internet, and later, the company bought 99 percent of the shares in Rwandatel, the
country’s national telecommunications company, for $20 million. However, after nearly four years, the government criticizes Terracom for not having delivered and materialized most of the benefits they have hailed.
The technical, political and business realities of Africa are said to have caused this slow progress of the venture. Apart from the failed and delayed attempts to bring affordable high-speed Internet service to the masses in the continent, the lack of infrastructure is also being blamed to be the biggest drawback. Some other difficulties mentioned were insufficient bandwidth capacity on satellites, poor management and intermittent power failures. Rwandan officials also say that the company seems more interested in tapping the more lucrative cellphone market than in being an Internet service provider.
With Terracom’s new chief executive, Christopher Lundh, a former executive of Gateway Communications in London, government officials say Terracom’s performance has improved. The government, meanwhile, is moving forward with its own plans to build a fiber optic network. It also has granted Internet service licenses to South African companies and plans to issue several more. A reduced price of Internet service to about $10 a month is also aimed for according to Nkubito Bakuramutsa, director general of the Rwanda Information Technology Authority.
To read the full article, click here.
Tuesday, August 21, 2007
According to an analyst report, the internet is heading for a crash unless it increases its bandwidth capabilities. A study conducted by ABI Research claims that cable firms face the biggest challenge as their technology will reach saturation point first.
Stan Schatt, research director at ABI, told Ars Technica: "Uploading bandwidth is going to have to increase, and the cable providers are going to get killed on bandwidth as HD programming becomes more commonplace." He adds that the solution to the problem is to change to digital switching and move to IPTV.
Researchers from Cisco Systems seem to agree with this claim. Cisco found that American video websites currently transmit more data per month than the entire amount of traffic sent over the internet in 2000. The company estimates that file-sharing makes up at least one-third of today's internet traffic. The Cisco report predicted that video streaming and downloads will increase to make up to 30 percent consumer internet traffic in 2011, up from the 2006 figure of nine per cent.
With the release of the BBC's iPlayer online television service in the UK, bandwidth concerns with internet service providers increase even more. However, Orange reports that the internet overload does not appear to have started yet.
Continue reading the article here at vnunet.com.
Monday, August 20, 2007
Technicians and engineers from Telecoms sans Frontieres started deploying telecommunication centres in Peru to restore communications in the areas hit by the earthquakes last week, as the BBC reported. Well operating and reliable telecommunications are vital for coordinating emergency relief work and humanitarian assitance. The technologies brought by the non-governmental organization include satellite telephones and internet modems, and equipment to set up wireless connectivity to the internet. More on BBC News.
Friday, August 17, 2007
The Russian government plans to introduce full-scale e-government services by 2010, as The Moscow Times reports. This would create a single point of entry to government services substantially reducing administrative costs and time to access information by citizens, public institutions and private organizations in the country.
To read more, click here.
Researchers are warning universities that they're at risk of being hit with massive distributed denial-of-service attacks when they scan their own networks. According to Doug Pearson, technical director of Ren-Isac, the Storm botnet, a massive botnet that the hackers have been amassing over the last several months, has developed a counter-attack to computers that are trying to weed it out. The botnet is set up to launch a distributed denial-of-service (DDoS) attack against any computer that is scanning a network for vulnerabilities or malware.
Ren-Isac, which is supported largely through Indiana University, recently issued a warning to about 200 member educational institutions and then put out a much broader alert, warning colleges and universities that their networks could come under heavy attack. According to the alert, this new Storm botnet tactic presents more danger to schools than it is to corporate enterprises simply because of the placement of the scanners. Pearson explains that universities and colleges often have their scanners on a public network making it visible to the Internet at large. If it was protected on a private network, the way it's done with most enterprises, the botnet would not be able to find it so there wouldn't be an IP route to send the DDoS packets.
Don Jackson of SecureWorks said in an interview that slowly but surely IT managers and consumers are getting better at blocking or at least ignoring the e-mail attacks, so the Storm worm authors are setting up a secondary attack venue.
Read the full article at InformationWeek.
Thursday, August 16, 2007
Two Ethiopian hospitals have been linked with a specialist hospital in India, which allows doctors to obtain real-time second opinion over the internet, as BBC News reported on 16 July 2007.
The pilot project focusing on a hospital in Addis Ababa and on a provincial one located 300 km away from the capital would likely be followed-up by connecting a total of 20 more hospitals into the network. For the first five years, India will run the project free of charge.
The technical platform facilitates sharing of patients' data between healthcare professionals (such as X-rays, laboratory tests, etc.); health workers in remote areas have better access to medical expertise without moving over long and time-consuming distances.
In order to improve secondary education and access to medical expertise, 23 African countries are already in the loop for a similar project agreed between India and the African Union.
To read the full article, click here.
Wednesday, August 15, 2007
The New York Times reported on 14 August 2007 that Google and Microsoft are separately developing a system of online health records, which would allow individuals to store, retrieve and provide personal health data to doctors, hospitals, insurers, laboratories, etc. as desired.
Data would been directly uploaded onto these records by health service providers, but access to the information (through PCs, mobile telephones and other digital devices) would be controlled by the patient. The health data stored on the personal online record would also lead their owners to locating relevant health-related information on the web (including advertisements that would likely fund the system).
Other companies specialized in digital health records and search engines are working on similar systems. To eventually reach end-users significant security and privacy issues will have to be resolved in fine-tuning these services
To read more, click here.
Information technology flourishes in northern Indian states, as the Financial Express reports on 13 August 2007. In order to better evaluate the capacities of using information and communication technologies (ICTs) in India to participate in a globally networked economy, the department of information technology and the National Council of Applied Economic Research released its latest e-Readiness Assessment report in January 2007.
States and union territories ranked at the top have implemented, among others, some e-Governance initiatives for land and property records, transportation, birth and death registration, and ICT applications for agriculture. Further activities to boost the level of e-Readiness as well as e-Governance are mentioned in the article such as providing an enabling political and regulatory environment, infrastructure, capacity building and sharing experiences with other states.
To learn more of the national e-Governance plan, click here.
InfoWorld reports that security experts warn Germany's new antihacker law could result to more cybercrime and not less. The law, which aims to mitigate the rise of computer attacks in the public and private sectors, was approved in May by the German government and implemented on Saturday. Although Germany already has approved numerous laws to curb attacks on IT systems, the most recent one aims to close any remaining loopholes. Punishable cybercrimes include DOS (denial-of-service) attacks and computer sabotage attacks on individuals, which would extend the existing law that limited sabotage to businesses and public authorities.
The new law defines hacking as penetrating a computer security system and gaining access to secure data, without necessarily stealing data. Offenders are defined as any individual or group that intentionally creates, spreads or purchases hacker tools designed for illegal
purposes. They could face up to 10 years in prison for major offenses.
Security experts from different clubs and vendors such as Chaos Computer Club, F-Secure and Kaspersky Lab, all share the same concern on the legal uncertainty the new law creates. According to them with the new law, their development of hacker tools to test and ensure network system security, which is essential to their business, could get them in trouble and bring them to court in the future.
Other groups of computer experts that develop hacking tools to test the security of computers and network systems have already pulled the out their operations in Germany. KisMAC and Phenoelit, hacker groups that offer a tool to detect security holes in networks, stopped its work in Germany and plans to resume in neighboring Netherlands.
To read the full article, click here.
On an article by InformationWeek, researchers are blaming the virulent Storm worm for a widespread denial-of-service attack that hit Canadian Web sites over the weekend, saying the attack could have been a test of the might of a botnet more than 1.7 million zombies strong.
Johannes Ullrich of the SANS Institute and the Internet Storm Center, said in an interview that "the DoS part was basically an unintentional side effect. It was a whole lot of spam -- enough to make the servers slow down. Once [that much spam] is set loose, it's hard to tell what's going to happen."
The Storm worm has been bombarding the Internet with massive amount of spam e-mails in the form of phony electronic greeting cards for the past several months. This emails lure unsuspecting users to malicious Web sites where their machines are infected with malware that turns them into bots, which adds them up to the massive botnet that the Storm worm authors have been putting together. However, the latest attack used e-mails with limited amount of text instead of the e-card ruse though, which confirms the attack was a test-run, according to Ullrich.
In the first half of this year, it has been reported that the Storm authors had a botnet about 2,815 strong according to the researchers at SecureWorks. That number had skyrocketed to 1.7 million by the end of July. Researchers at both SecureWorks and Postini said they think the Storm worm authors are cultivating such an enormous botnet to do more than send out increasing amounts of spam. All of the bots are set up to launch DoS attacks and that's exactly what they're anticipating.
Read the full article here.
Tuesday, August 14, 2007
On 16 July 2007, the European Commission issued a set of draft recommendations on eHealth interoperability. This supports the idea that connecting people, systems, and services would be vital for the provision of good healthcare in Europe.
The lack of interoperability in systems and services has long been identified as one of the major challenges to the wider implementation of the Union's e-Health applications.
The goal of this Recommendation is to contribute to enabling the provision of a means of authorised healthcare professionals to gain managed access to essential health information about patients, subject to the patients' consent, and with full regard for data privacy and security requirements. Such information could include the appropriate parts of a patient's electronic health record, patient summary and emergency data from any place in Europe: within countries, in cross-border regions, and between countries.
The proposed actions cover the following areas:
- The overall (political/legal) level of eHealth interoperability inclusing privacy and confidentiality
- Creating the organisational framework (or process) for e-Health interoperability
- Applications (including semantic) interoperability
- Architectural and technical interoperability including security, certification and accreditation
- Monitoring and evaluation
For full information, click here.
The first Global Information Society Watch 2007 report was released at the United Nations' Palais des Nations in Geneva on 22 May 2007 and during the The Third Annual SANGONeT "ICTs for Civil Society" Conference and Exhibition in Johannesburg, South Africa on 18 July 2007. The report discusses the state of the field of information and communication technology (ICT) policy at local and global levels and particularly how policy impacts on the lives of people living in developing countries.
Studies of the ICT policy situation in twenty-two countries from four regions are featured: Africa (Democratic Republic of Congo, Egypt, Ethiopia, Kenya, Nigeria, South Africa and Uganda); Asia (Bangladesh, India, Pakistan and the Philippines); Latin America (Argentina, Brazil, Colombia, Ecuador, Mexico and Peru); and Eastern Europe (Bosnia and
Herzegovina, Bulgaria, Croatia and Romania), with one report from a Western European country (Spain).
The report concludes that when it comes to ICTs for development, there are some conspicuous similarities between the countries. Excluding Spain, the other twenty-one countries each show obvious evidence of the "digital divide" which impacts on the majority of people negatively. The report also includes provocative, analytical essays on five international institutions (including ICANN and the World Intellectual Property Organisation) questioning the extent to which they allow all stake-holders to participate in their processes. There is a special section on how to measure progress as well.
Read more on the Global Information Society Watch.
On Sydney Morning Herald's Veto for Parents on Web Content, it was announced that ISPs in Australia will be obligated to filter web content at the request of parents. This is part of the $189 million Federal Government crackdown on online bad language, pornography and child sex predators. According to the Prime Minister, John Howard, the Government would increase funding for the federal police online child sex exploitation team by $40 million to aid investigators to track those who prey on children through chat rooms and sites such as
MySpace and Facebook. The Government is also expected to pay $90 million to provide every concerned household with software to filter internet content.
According to the article, the more efficient compulsory filtering of internet service
providers (ISPs) was proposed in March last year by the then Labor leader, Kim Beazley, which the Communications Minister, Helen Coonan, and ISPs criticised as expensive then. Three months later Senator Coonan announced the Government's Net
Alert policy, promising free filtering software for every home that was interested. She also announced an ISP filtering trial to be conducted in Tasmania, but that trial was scrapped.
The ISP filtering measure, according to Mr. Howard is a world first by any Government, and is expected to offer funding to help cover the cost. An ISP filter option will be made available to parents when they sign up with an ISP. This service will be compulsory to all ISPs. The measures are expected to be implemented by the end of this month.
US authorities have reported last month that more than 29,000 convicted sex offenders had profiles on MySpace. In Australia, about 26 per cent of Australia's 3.8 million MySpace users are under 18. To protect the users, MySpace has written to all state and territory governments, and the Commonwealth, asking them to create a national child-sex offender database that requires email addresses to enable them to track sex offenders and remove their profiles on the system.
Read the full article here.
A Report entitled Personal Internet Security from the House of Lords Science and Technology Committee has been made available on Friday discussing primarily the issues pertaining to individual experiences of the Internet. In the report, the U.K., ISPs and
others, has been said to unfairly hold Internet users responsible for online safety. According to the panel, this "laissez-faire" attitude toward personal security is what weakens user confidence. The report proposes that ISPs should be held responsible and avoid them from ignoring spam and malware notices, and that information technology vendors be held liable for not making products secure.
Network security, appliances and applications, how businesses and individuals use the Internet and policing of the online world were studied and dealt with in the Lords inquiry. It also noted that the U.K. government is at fault for not showing leadership in assembling available information and interpreting it for the public. "The Government are not themselves in a position directly to gather the necessary data, but they do have a responsibility to show leadership in pulling together the data that are available, interpreting them for the public and setting them in context, balancing risks and benefits. Instead of doing this, the Government have not even agreed definitions of key concepts such as 'e-crime'." The report recommends the establishment of a cross-departmental group in the Government, "bringing in experts from industry and academia, to develop a more co-ordinated approach to data collection in future. This should include a classification scheme for recording the incidence of all forms of e-crime. Such a scheme should cover not just Internetspecific crimes, such as Distributed Denial of Service attacks, but also e-enabled
crimes - that is to say, traditional crimes committed by electronic means or where there is a significant electronic aspect to their commission."
The committee points out the need for more support for research from the industry as well. "The development of one or more major multidisciplinary research centres, following the model of CITRIS, is necessary to attract private funding and bring together experts from different academic departments and industry in a more integrated, multi-disciplinary research effort."
End-users are still predominantly viewed as unable to protect their own security according to the report. And private companies are driven by strong incentives to either promote security for profit or to oppose it as imposing costs on them according to lawmakers. The committee, thus, proposes that ISPs, being the link between the users and the network, could take more control over the network traffic by blocking or filtering traffic containing malicious code. "We do not advocate immediate legislation or heavy- handed intervention by the regulator," says the lawmakers, adding that the market must be nudged to provide better security.
Further recommendations of the committee include criminalizing trade in botnet services, no matter what their use, creating a unified, Web-based reporting scheme for e-crime, more action on creating a central e-crime police unit, fast ratification of the Council of Europe CyberCrime Convention, and educating courts on Internet crime.
Read the full article on Factiva Content Watch.
To access the report, click here.
Monday, August 13, 2007
On ZDNet Australia's article, "Knowledge is greatest threat to critical infrastructure," researchers and security experts agree that Australia's critical infrastructure still proves to be vulnerable due to insufficiency and lack of educational resources. The article discusses the problem with the security of Supervisory Control and Data Acquisition (SCADA) systems, "the central nervous system for sensors, alarms and switches that provide automated control and monitoring functions for utilities such as water, gas and electricity, as well as large manufacturers."
Jill Slay of the University of South Australia's Defence and Systems Institute, said at the inaugural International Federation for Information Processing (IFIP) Critical Infrastructure Protection conference that Australia needed more stringent audits of SCADA network access, better training and stricter controls over contractors. She believes Federal Government initiatives such as the Trusted Information Sharing Network are good but, at present, are insufficent to keep the SCADA operators aware and updated of current threats and response strategies.
The article also points out that due to the threat of terrorism, there has been increased security concerns on essential services as SCADA systems have increasingly been accessible over TCP/IP protocol corporate networks to improve process automation and visibility of data. According to the article, "the Federal Government's approach to SCADA security has been to garner industry support through cooperative initiatives such as its
Trusted Information Sharing Network, a community of practice networks dedicated to fostering knowledge-sharing and training between government, industry and academia," however "the amount of information available on SCADA systems online provides such a large amount of information out there for those who want to find network vulnerabilities in critical infrastructure."
To read the full article, proceed here.
Friday, August 10, 2007
The Journal Record reported on a hospital group in Oklahoma City, USA that is developing a technology program to better connect its hospitals and clinics in the metropolitan area with its seven rural hospitals. This program uses the existing hospitals’ infrastructure, and will cost USD 30,000 to develop. It will initially focus on fetal monitoring and on sharing records amongst hospitals, which will allow doctors to assist patients at different locations in remote areas.
Read the full article here.
Thursday, August 09, 2007
On 30 July 2007 in Berlin and 27 June 2007 in Tokyo, the Federal Ministry
of Economics and Technology of Germany, the Ministry of Internal Affairs and Communications of Japan and the Ministry of Economy, Trade and Industry of Japan signed a Joint Statement expressing the following:
"Information and Communications Technologies (ICT), including the Internet, are key enablers in the development of the economies in both Germany and Japan. Spam poses a potential threat to this economic development. It must be made clear that spam has no legitimate role in the German or Japanese e-economy.
The Federal Ministry of Economics and Technology of Germany, the Ministry of Internal Affairs and Communications of Japan and the Ministry of Economy, Trade and Industry of Japan see mutual benefit in strengthening friendship and cooperation between their two countries through cooperation concerning anti-spam policies and strategies. The aim is to support international cooperation in and among a variety of organizations such as the Organization for Economic Cooperation and Development, the International Telecommunication Union, the United Nations Conference on Trade and Development, the Internet Engineering
Task Force, the International Consumer Protection and Enforcement Network, and the Asia-Europe Meeting.
Under this Joint Statement, cooperation in matters of mutual interest will be able to take place through the exchange of ideas, information, personnel, skills and experience and collaborative activities that will be of benefit to both sides. Because spam has implications for many groups of stakeholders, every effort will be made to ensure that all
interested parties, both public and private, are consulted as appropriate. Particular areas of cooperation will include:
a) Exchanging information about anti-spam activities such as anti-spam policies and strategies, as well as technical and educational solutions to spam;
b) Encouraging the adoption of effective anti-spam technologies and network management
practices by German and Japanese Internet Service Providers and major business network managers, and further cooperation between government and private sectors;
c) Supporting German and Japanese marketers or bulk email senders in adopting spam-free
marketing techniques;
d) Identifying and promoting user practices and behaviours which can effectively control and limit spam and supporting the development of multi-stakeholder public information and awareness campaigns to foster increased adoption of anti-spam practices and behaviours by end users in Germany and Japan;
e) Cooperating to strengthen anti-spam initiatives being considered in international
fora."
To access the Joint Statement in different languages, click here.
Friday, August 03, 2007
SRI and Georgia Tech have been working on a new tool, BotHunter, that aims to quickly locate bot traffic inside a network. "BotHunter introduces a new kind of passive network perimeter monitoring scheme, designed to recognize the intrusion and coordination dialog that occurs during a successful malware infection. It employs a novel dialog-based correlation engine, which recognizes the communication patterns of malware-infected computers within the network perimeter. A government/military version of this software has been in use successfully for about a month, and a public version has recently been released. A highly interactive honeynet using BotHunter is also run by SRI. Dozens of new infections are detected each day, and the site proves to be very helpful in understanding the behavior of the received malware. It generates a list of potentially evil IP addresses and DNS queries as well."
For more information on this new software, visit the BotHunter site.
An Informational draft RFC by John Curran was recently published, outlining an IPv4 to IPv6 transition plan. The paper provides a clear guidance to organizations regarding specific
expectations that change over time, and vary greatly by organization. A
timeline of the different phases was set with the intention of allowing
enough time for the necessary planning and deployment steps which each
organization must undertake. The author proposes the transition to predominantly IPv6-connectivity by Januaray 2011 in response to meeting the overall requirements of allowing the Internet to scale as
specified in "The Recommendation for the IP Next Generation Protocol"
[RFC1752].
On the contrary, Randy Bush provides a very informative presentation, IPv6 Transition & Operational Reality, regarding the reality of such a transition. The presentation discusses the different myths about IPv4 and IPv6, the emergence of a market for IPv4 addresses, and the transition from allocation to entitlement among others.
For more background data and interesting comments from Geoff Huston, read his IPv4 Address Report or his ISP column articles on The End of (IPv4) World, and Transition to IPv6.
Wednesday, August 01, 2007
The UNESCO Office in Bangkok launched an interactive online forum targeted to educators, teachers, administrators, policy makers and others to foster discussions on topics relating to the use of information and communication technologies in education.
Tuesday, July 31, 2007
To aid in choosing a good DNSBL, Swa Frantzen proposes at the SANS Internet Storm Center several tips and tricks in gauging which blacklists are effective. Presented as well are several criteria that must be considered by the blacklist administrators. Among the criteria they suggest are:
- Speed of reaction
- Selection criteria
- Goal of the blacklist
- Ease of getting unlisted
- Working Email contact to get unlisted
- Out of band contact details
- Blocking for the right reasons
- Duration of a block
- Automatic delisting
- Granularity of the block
- Security of the blacklist provider
- Extortion
- Warning to those getting listed
To read the full article, click here.
Saturday, July 28, 2007
In order to ensure transparent procurement at reduced costs in Chinese hospitals, the China Medical Equipment Association (CMEA) under the auspice of the Ministry of Health will draw up a recommended list of medical equipment to be used for purchasing decisions. The list will be based on an open and fair assessment of medical equipment considering the needs of the partners involved (including the government, hospitals and manufacturers), according to CMEA. Purchases should be made by the Ministry's International Communication and Cooperation Center.
Furthermore, China earmarked 1.2 bln yuan (about 157.9 million USD) to purchase medical equipment for hospitals in the country's poor rural areas through government procurement and public bidding. As mentioned by an official of the Ministry of Health, the list of new equipment would include electro-cardiographs, ultrasound scanners, operation beds and respiratory mechanics.
For more information, see Xinhua News Agency and here.
Friday, July 27, 2007
A report released Monday by Government Accountability Office (GAO), a congressional research and investigation agency, reveals that cybercrime (computer crime, identity theft and phishing) costs the U.S. economy US$117.5 billion a year.
"These projected losses are based on direct and indirect costs that may include actual money stolen, estimated cost of intellectual property stolen, and recovery cost of repairing or replacing damaged networks and equipment," says the report, released through the offices of Reps. Bennie G. Thompson (D-Miss.), chairman of the committee on Homeland Security, and James R. Langevin (D-R.I.), chairman of the subcommittee on Emerging Threats, Cybersecurity, Science and Technology. However, according to the lead author of the report, GAO Director of IT Management Issues David A. Powner, the staggering losses pegged to cybercrime may even
be worse than estimated. "Whatever is reported by organizations, most of that will likely be underreported because of disincentives to report losses," he says.
The GAO report also acknowledges that certain personnel policies at federal law enforcement agencies may be hurting the fight against cybercrime. "[S]taff rotation policies at key law enforcement agencies may hinder the agencies' abilities to retain analytical and technical capabilities supporting law enforcement," the report observes. "In order to address the challenge of ensuring adequate law enforcement analytical and technical capabilities," it continues, "we are recommending that the Attorney General and the Secretary of Homeland Security reassess and modify, as appropriate, current rotation
policies to retain key expertise necessary to investigate and prosecute cybercrime."
Read the full article at E-Commerce Times.
Secure Science Corporation, in their GPCode Evolution Report, describes the more obscure, previously undocumented traits belonging to the most recent Ransom-based Trojan (known as Glamour). "The code is a modified version of the Prg/Ntos family which was detailed in depth during their Encrypted Malware Analysis in November 2006. While a majority of the functionality has not changed since then, this recent variant is distinctive enough to warrant additional research. In particular, the trojan is now equipped with the ability to encrypt a victim's files on disk. The motive for adding this feature is clearly monetary, as the victim is advised that the files will remain encrypted unless $300 is turned over to the authors, in exchange for a decryption utility." According to their report, in the past 8 months, 152,000 victims have been infected, and over 14.5 million records were discovered to be logged by the trojan.
Read more about this report on the Secure Science Blog. Access the GPCode Evolution Report here. Secure Science Corporation has also provided the source code for the decrytor and is available here.
Wednesday, July 25, 2007
More and more citizens in Singapore are using government services online, of which 98% can be accessed on a 24/7 hour basis. Such e-government services include, inter alia, online business licensing services that allow entrepreneurs to register their business online, which would result in significant company savings.
To protect Singapore's critical infrastructure from cyber attacks the government established a national cyber threat monitoring scheme in March 2007. International collaboration through computer emergency response teams (CERTS) represents another approach of combating the threats from cyberspace. Through both a public education campaign on cybersecurity and a legal environment dealing with computer misuse, spam, electronic transactions, etc. Singapore aims to increase confidence in using its e-government services.
To read the full article "S'pore: E-govt success lures cyber terrorists" by L. Tann, ZDNet Asia, click here.
Sophos recently released its global statistics naming the top 12 spam-relaying countries for the period between April to June 2007. The US and China tops the list, while Europe, on the other hand, houses six of the top 12 countries mentioned in the statistics, which when combined, account for even more spam-relaying than the U.S. The statistics reveal as well that the overall global volume of spam rose by 9% during the second quarter, when compared to the same period in 2006.
"'While the US remains top spam dog, the latest chart emphasises the urgent need for joined-up global action to combat this growing problem,' said Carole Theriault, senior security consultant at Sophos. 'For every spam campaign, the spammers, the compromised computers used, and the people being deluged by the unsolicited mail are often located in totally different parts of the world. A consolidated effort is needed not only to pursue and prosecute spammers, but also to convince computer users everywhere of the importance of blocking rather than responding to spam messages. Everyone has a part to play if we are to win the global battle against spam.'"
Statistics on spam relayed by continent, however, show Asia as the top spam-relaying continent with the number of Asian nations relaying smaller amounts of spam. Europe, which topped the chart in the first quarter of 2007, has reduced its percentage by 6.6 percent and fallen to second place. Asia, North America, South America and Africa have all seen rises in spam-relaying activity.
Read the full article here.
Tuesday, July 24, 2007
A growing, sophisticated technique of propagating cyber-crime, dubbed as fast-flux service networks, has increasingly been elevating the threats we face today on the Internet. "Fast-flux service networks are a network of compromised computer systems with public DNS records that are constantly changing, in some cases every few minutes. These constantly changing architectures make it much more difficult to track down criminal activities and shut down their operations." Despite the awareness of researchers and ISPs of fast-flux for over a year now, all of the current researches on fast-flux is new.
According to the Honeynet Project & Research Alliance, criminal organizations behind two infamous malware families, Warezov/Stration and Storm, have recently adopted this so-called fast-flux service networks into their infrastructures. "The purpose of this technique is to render the IP-based block list, a popular tool for identifying malicious systems, useless for preventing attacks," says Adam O'Donnell, director of emerging technologies at security vendor Cloudmark.
To fight against fast-flux, "ISPs and users should probe suspicious nodes and use intrusion detection systems; block TCP port 80 and UDP port 53; block access to mother ship and other controller machines when detected; 'blackhole' DNS and BGP route-injection; and
monitor DNS."
Access the full article at the Dark Reading website.
Read more about fast flux service networks on the the Honeynet Project & Research Alliance's new report on the emerging networks and techniques.
Monday, July 23, 2007
The Africa Health Infoway is a World Health Organization (WHO) project supported by the Department for International Development (DfiD) that aims to provide a technology platform that supports the collection of sub national health data and statistics for analysis, dissemination and use to facilitate decision making in health, and strengthen capacity of African countries to use information in decision making. It is a district-based public health information network for African health which focuses on infostructure and connectivity, district health information systems, and knowledge translation into policy and action.
For more information on the Africa Health Infoway, click
here.
The OECD's Ministerial meeting on the Future of the Internet Economy has been opened to an Online Public Consultation, providing an opportunity for all stakeholders to comment on the topics and issues to be discussed at event. The public consultation is scheduled to be open until 14 September 2007, and stakeholders and players may share their views and opinions with the OECD through their Online Questionnaire.
"The Ministerial represents an opportunity for high-level stakeholders from government, business, the technical community, and civil society to consider broad social, economic and technical trends shaping the development of the Internet Economy, and to discuss policies that can respond to evolving societal needs. The participation of all players in the dialogue is important to ensure that the Ministerial is able to benefit from a wide range of viewpoints and expertise."
For more information on the public consultation, go here or visit the OECD website.
KPMG, a global network of professional firms providing audit, tax, and advisory services, released a report on Cross-Border Investigations: Effectively Meeting the Challenge.
KPMG, along with the research firm Penn, Schoen and Berland Associates Inc. approached multinational businesses in diverse industries around the world, and asked those charged with the responsibility for cross-border investigations within those companies how they responded to their current challenges. As the trade barriers fall and international commerce expands, and as the speed of conducting business and remitting funds increases, companies that conduct business across international boundaries are recognizing the corresponding increase in the risk of fraud and misconduct. They thus face several challenges such as taking the appropriate first steps, cultural and legal differences, investigation resources, and the availability and
accessibility of electronic data.
The report proposes that an effective approach can lower the risk of the occurrence of fraud or misconduct, thus lowering the possibility of being hit with serious sanctions, can demonstrate to regulators, shareholders, stakeholders, bond-ratings agencies, and the capital markets that the business takes accountability and control seriously, thereby mitigating damage to reputations, can exhibit the business's commitment to overall corporate governance activities, and can assist in a rapid and efficient response before issues spiral beyond control.
This report aims to provide insights into possible responses to the described challenges. It points out as well that an effective cross-border investigations plan demonstrates not only an organization's sound risk management practices, but also its overall commitment to good corporate governance.
Read the full report here.
Friday, July 20, 2007
The OECD Committee for Information, Computer and Communications Policy (ICCP), through its Working Party on Information Security and Privacy (WPISP) has developed the Recommendation on Electronic Authentication and the Guidance for Electronic Authentication. The project was made possible with the participation of Jane Hamilton from Industry Canada and with the support of delegates from Australia, France, Hungary, Korea, Norway, the United States, the OECD Secretariat and the Business and Industry Advisory Committee (BIAC) to the OECD. On 12 June 2007, the OECD Council adopted the Recommendation, and the Guidance for Electronic Authentication, was adopted by the ICCP Committee in April and declassified on 12 June 2007 by the OECD Council.
The Recommendation encourages efforts by OECD member countries to establish compatible,
technology-neutral approaches for effective domestic and cross-border electronic authentication of persons and entities. It also reaffirms the important role of electronic authentication in fostering trust online and the continued development of the digital economy.
The OECD Guidance on Electronic Authentication aims to assist OECD member countries and non-member economies in establishing or amend their approaches to electronic authentication with a view to facilitate cross-border authentication. The Guidance sets out the context and importance of electronic authentication for electronic commerce, electronic government and many other social interactions. It provides a number of foundation and operational principles that constitute a common denominator for cross-jurisdictional interoperability.
Both the Recommendation and the Guidance conclude a work stream initiated in response to the "Declaration on Authentication for Electronic Commerce" adopted by Ministers at the Ottawa Ministerial
Conference held on 7-9 October 1998 and serve as a bridge to future OECD work on identity management.
The ITU Telecommunication Standardization Sector with its Focus Group on Identity Management (FG IdM) works to facilitate the development of a generic Identity Management framework, by fostering participation of all telecommunications and ICT experts on Identity Management. To read more about the ITU-T FG IdM activities, go here.
Read the full article on the OECD Recommendation on Electronic Authentication and the Guidance for Electronic Authentication here.
Thursday, July 19, 2007
The Internet Society of New Zealand (InternetNZ) released the ISP Spam Code of Practice in May 2007 for public consultation, and it had been open to comments until 18 June 2007. The Code was developed by the InternetNZ / Telecommunication Carriers' Forum (TCF) / The Marketing Association (MA) Working Party which has representation from a cross section of service providers and other interested parties.
The ISP Spam Code of Practice was created in keeping with the requirements of the Unsolicited Electronic Messages Act 2007 of the New Zealand government. It had also been developed with regard to the MA’s Code of Practice for Direct Marketing and the TCF’s SMS Anti-Spam Code, which both deal with Spam related issues, as well as to the TCF’s Customer Complaints Code.
Both consumers and service providers are expected to benefit from the adoption of this Code. The Code aims to establish practices that will lead to the minimization of Spam in New Zealand. It also aims to provide information to end users about both preventative and curative steps against Spam. Anticipated benefits to the service providers include the generation of higher levels of customer satisfaction and improved operational efficiency due to the reduced volumes of spam.
Public submissions on the Code can be found here.
Visit the Internet Society of New Zealand website for further details.
With the rise of innovative use of information and communication technologies (ICTs), the United Nations Conference on Trade and Development (UNCTAD) cites the "challenges and threats" that go with ICT development and gives emphasis on the importance of information security and risk management in chapter 5 of its Information Economy Report (IER) 2005.
The chapter elaborately presents an appreciation of the following policy points:
- Information Security (IS) needs to be conducted from a Risk Management process perspective; managing IS from a technological, problem-response, reactive perspective is sub-optimal for firms and public institutions.
- Information Security threats mainly come in the form of "social engineering", thus purely technology based defenses are misguided - i.e. they are the Maginot Line of cybersecurity.
- Information Security threats regularly and easily transcend national boundaries, and thus the need for international cooperation and coordination, both at a technical and a policy level, is unambiguous.
- Information Security policy should be a component of the national e-policy and should be appropriately incentivized to adopt a Risk Management framework through regulation.
An overview of international policy discussions on information security concludes this chapter together with a discussion of policy recommendations for Governments and some insights to future developments and relevance for intergovernmental processes and the international community.
Read the full chapter of the IER 2005 here.
Wednesday, July 18, 2007
CRITIS'07 together with IFIP WG 11.10 on Critical Infrastructures Protection, IEEE Computer Society Task Force on Information Assurance, and Joint Research Center Ispra of the European Commission will be holding the 2nd International Workshop on Critical Information Infrastructures Security on October 3-5, 2007 at Benalmadena-Costa (Malaga), Spain. This event aims to bring together researchers and professionals from universities, private companies and Public Administrations interested or involved in all security-related heterogeneous aspects of Critical Information Infrastructures.
Speakers that will grace the event include Jacques Bus of the European Commission, INFSO Unit "Security", Adrian Gheorghe of Old Dominion University, US, and Paulo Veríssimo of Universidade de Lisboa, Portugal. A panel discussion on Resilient Critical Information Infrastructures: a myth or a realistic target? will be held as well.
Visit the CRITIS'07 site for more information.
The new manual on Prosecuting Computer Crimes has been relesed by the Computer Crime & Intellectual Property Section of the United States Department of Justice in March 2007. This 53-page document discusses different cyber crimes and the corresponding penalties that are seen befit for the offenses. Definitions, background information as well as related statutes can also be found in the manual. Offenses discussed include obtaining national security information, compromising confidentiality, trespassing in a government computer, accessing to defraud and obtain value, damaging a computer or information, trafficking in passwords, and threatening to damage a computer. A legislative history on this subject has also been made available.
"When you've got a full-blown security breach on your hands, what do you do? If you've been smart, you'll already have a computer security incident response team -- and a plan -- in place. But many companies are too resource-strapped to have a full-blown, fully-tested incident response strategy." DarkReading proposes six steps on what to do when your security is breached.
1. Assemble an incident response team.
Experts believe that a computer security incident response team (CSIRT) must already be set up even before an event occurs. If a team is not yet in place, the company must create one quickly, and make sure all the stakeholders are there.
2. Assess the initial damage and the risk for more.
"According to BackGrounD Software, a Canadian forensics firm that does security breach damage assessment, the costs of a breach should include not only the technical costs associated with finding and fixing the breach, but also loss of productivity and loss of business. You'll need a plan that not only outlines your strategy for recovering your systems, but that includes steps for recovering customers."
3. Develop a notification plan.
An important decision to be made is who to notify when. Law enforcement, for instance, are contacted first when there is a potential crime involved. Other parties to be notified are customers that might have been affected by the incident and consultants, such as security experts or a computer forensics firm, who must be called in as early as possible.
4. Begin remediating the problem.
It is very important to fully understand the problem and its potential impact before any remediation is done. Otherwise, evidences might be damaged or the problem might aggravate. BackGrounD Software suggests, "disconnect your server(s) from the network, and if there is a potentially malicious code running, disconnect media devices as quickly as possible (i.e. disks, SAN, NAS). You never know how far the intruder has managed to get, so the faster you disconnect the equipment, the more of a chance you have to save your data." The next steps in remediating the problem then depend on the resources and skills available within the team or the company.
5. Document everything.
Experts also stress the importance of documentation as it is often overlooked. Documentation aids in recovering the affected system and in strategizing against future incidents.
6. Develop a strategy for stopping the next attack.
As DarkReading puts it, "if one attacker finds a vulnerability, there's a good chance that he may have accomplices -- or that another attacker might find the same vulnerability." Thus, it is necessary to develop a strategy to block possible holes still existing in the system.
To read the full article, access it here.
Tuesday, July 17, 2007
Gangs of hackers, who are presumed to be based in Eastern Europe, initiated various website assaults now known as "The Italian job." More than 10,000 web pages of popular web sites have been penetrated and infected by this attack, and it is believed to have started in the middle of last month. Most of the infected sites are Italian websites, but the expanse of the attacks has reached Spain and the US as well.
A "tool kit" worth $815 which is sold online in Russia was used by the hackers to embed "keylogger" codes on the computers of those who visited the sites. These codes enable the hackers to access the infected machines and track valuable user information such as bank details and passwords. The gravity of this attack has been evidently tremendous as it was aimed at established websites to steal banking identities.
David Perry, director of Trend Micro, says: "This is a paradigm shift. We can expect to see this kind of thing being replicated now for the next five or six months." He explained that the Italian job has become very effective because the bug has been particularly programmed to adapt to various types of weaknesses in computer security systems. "It looks for a wide spectrum of vulnerabilities in a computer, acting like a sort of Swiss Army knife with many different ways to pierce through the protection."
Access the full article at theage.com.au.
Symantec recently reported that it has detected phishing sites hosted on government servers. In the last month, it has found phony sites hosted on government servers in Thailand, Indonesia, Hungary, Bangladesh, Argentina, Sri Lanka, Ukraine, China, Brazil, Bosnia-Herzegovina, Columbia and Malaysia. This new disturbing trend compromises the credibilty of government-hosted sites and jeopardizes the security within government online transactions.
Basically, these phishing sites managed by data thieves are used to mimic authentic business or government sites in order to gather valuable information from users such as credit card details or account passwords. These information are in demand in the underground market, and these could easily result to identity theft or account fraud.
Government servers that are involved in low-risk jobs are often the target of this sort of scams. However, despite these servers being relatively low-risk, this still poses a problem. "Under the Federal Information Security Management Act, information technology security in the federal government is based on a philosophy of risk management. It does not aim for absolute security — which is impossible anyway — but for the proper level of security. Administrators do a risk-based assessment of their IT systems, prioritizing them by their vulnerabilities, their role in the agency’s mission and the criticality of that mission." Nonetheless, the impact and dangers of these phishing sites that are faced by the citizens should very well be considered in the process of risk-assessment as well.
Read the full article here.
Monday, July 16, 2007
The Computer Science and Telecommunications Board (CSTB) released on 26th June 2007 Toward a Safer and More Secure Cyberspace, "a broad research agenda that includes traditional, problem-specific studies as well as unconventional ideas necessary to combat current
and future cybersecurity threats. The report examines the
vulnerabilities of the Internet and offers a strategy for future
research aimed at countering cyber attacks. The report also explores the nature of online threats and some of the reasons why past research for improving cybersecurity has had less impact than anticipated."
To purchase or skim through the publication online, go to the National Academies Press.
OECD recently released their Communications Outlook Report, a discussion and an analysis of market structures and recent policy developments. Among the topics discussed was the chapter on main trends in pricing in telecommunication services. It has been noted that with the dramatic increase in Broadband speeds, subscription costs have either remained constant or have been reduced. Based on monthly subscriptions, Sweden has the cheapest broadband plan with $10.47 a month, and US ranks fourth with $15.93 a month. With regard to the newest broadband technology: Fiber, Japan NTT residential connection (100 Mbps down/up) costs $49 a month, and in the US, Verizon FiOS (30 megabits down/5 megabits up) costs $191.20.
More on the OECD Communications Outlook Report here.
Related article may also be accessed at GigaOM.
Wednesday, July 11, 2007
The Ugandan Government is finalising new cyber laws aimed at protecting computer users from cyber crime, including personal intrusion, national security, fraud and con activities.
"Liberalised information can lead to unwanted uses and usage leading to cyber crime. It is necessary to have legal infrastructure within which the technologies can be used. There are three bills which have been drafted, the Electronics Transactions Bill, Digital Signatures Bill and the Computer Misuse Bill," the information and communications technology minister, Ham Mulira, explained.
Read the full article at allAfrica.com.
For more information on ICT policy developments in Africa, please see the Balancing Act website.
Tuesday, June 26, 2007
Thursday, June 21, 2007
Thursday, June 07, 2007
Wednesday, May 30, 2007
An electronic version of the 2007 Cybersecurity Guide for Developing Countries is available in English. Non-finalized versions are also available in Arabic, Chinese, French, Russian and Spanish. NB: A printed copy of this publication is available on request.
The 2006 version of the guide is available in English and French.
Monday, May 21, 2007
The ITU will be hosting a workshop on 17th Sepember 2007 entitled ITU Workshop on Frameworks for National Action: Cybersecurity and Critical Information Infrastructure Protection:
At the start of the 21st century, modern societies have a growing dependency on information and communication technologies (ICTs) which are globally interconnected. However, with these growing dependencies, new threats to network and information security have emerged. There is a growing misuse of electronic networks for criminal purposes or for objectives that can adversely affect the integrity of critical infrastructures within States. To address these threats and to protect these infrastructures, a coordinated national framework is required - combined with regional and international cooperation. This workshop will review several related ITU initiatives and present two case studies by expert speakers from the United States of America and the European Union on their respective approaches. Attendance at the workshop is open to all interested participants within available space. Further information is available from cybmail@itu.int.
This is the newly unveiled newslog for the ITU's Bureau for Telecommunication Development ICT Applications and Cybersecurity Division. More will be posted here soon.
Tuesday, February 06, 2007
In today's interconnected world of networks, threats can now originate anywhere − our collective cybersecurity depends on the security practices of every connected country, business, and citizen. The International Telecommunication Union (ITU), a specialized agency within the United Nations system, would like to draw Safer Internet Day participants' interest to a number of information resources dedicated to cybersecurity and spam.
The ITU Cybersecurity Gateway is an easy-to-use online information resource on national and international cybersecurity related initiatives worldwide. A vast number of resources and links are available and organizations are invited to join in partnership with the ITU and other stakeholders to build confidence and security in the use of information and communication technologies (ICTs).
The StopSpamAlliance is a joint initiative to gather information and resources on combating spam. This initiative was undertaken by Asia-Pacific Economic Cooperation (APEC), the EU's Contact Network of Spam Authorities (CNSA), International Telecommunication Union (ITU), the London Action Plan, Organisation for Economic Co-operation and Development (OECD) and the Seoul-Melbourne Anti-Spam group. The StopSpamAlliance.org website contains an overview about each of these organization’s activities in countering spam and related threats.
The outcome documents from the two phases of the World Summit on the Information Society (WSIS) emphasize that building confidence and security in the use of information and communication technologies (ICTs) is a necessary pillar for building a global information society. ITU has been asked to play the main facilitator role for to assist stakeholders in building confidence and security in the use of ICTs. To stress the importance of the multi-stakeholder implementation of this task, ITU has named this the Partnerships for Global Cybersecurity (PGC) initiative.
In commenting on the Safer Internet initiative, newly elected ITU Secretary-General Hamadoun Toure stressed the need for greater cooperation between regulators, government, security firms, communication service providers, and end users in dealing with the challenges to building a safe and secure information society.
The International Telecommunication Union wishes you all a very successful Safer Internet Day 2007!
Enquiries related to ITU activities in the area of cybersecurity can be directed to cybersecurity@itu.int.
About ITU
The International Telecommunication Union (ITU) is an international organization (specialized agency) within the United Nations System where governments and the private sector coordinate global telecommunication networks and services. Through its standards, development, and policy research activities, ITU has a long-standing track record in security for information and communication systems. There are currently more than seventy ITU recommendations focusing on security.
Friday, February 02, 2007
Two resolutions relating to cybersecurity and defining ITU's activity in that domain were adopted by ITU Member States at its Plenipotentiary Conference in Antalya, Turkey, held in November 2006. These are:
Wednesday, January 31, 2007
14-15 May 2007 The ITU has a new Secretary-General, Dr. Hamadoun Toure, who has indicated in his first public statements and to senior ITU staff that he considers cybersecurity and particularly follow-up to WSIS Action Line C5 to be a key strategic area of focus for future ITU activities.
The next annual facilitation/consultation meeting for WSIS Action Line C5 will be held 14-15 May 2007 at ITU in Geneva in conjunction with a cluster of events to be organized around 17 May (World Telecommunication and Information Society Day). The meeting is open to all participants with an interest in C5 activities. More details concerning the draft agenda and administrative arrangements for the event will be circulated shortly along with a list of other WSIS-related meetings to be held 14-25 May 2005 in Geneva.
Further information will be posted at the WSIS C5: Partnerships for Global Cybersecurity website. Enquiries can be directed to cybersecurity@itu.int.
Monday, January 29, 2007
Friday, November 24, 2006
Friday, November 10, 2006
The Asia Pacific Economic Cooperation (APEC), the EU Contact Network for Spam enforcement Authorities (CNSA), the International Telecommunication Union (ITU), the London Action Plan for Spam Enforcement (LAP), the Organisation for Economic Cooperation and Development (OECD), and the Seoul-Melbourne Anti-Spam group, six leading international anti-spam initiatives/organizations, launched at the United Nations Internet Governance Forum (IGF) in Athens, Greece, a new online information resource to assist stakeholders in their fight against spam.
This new website (http://www.stopspamalliance.org/) aims to help coordinate international action against spam more effectively and improve information sharing in this area. It will contain information on anti-spam laws and enforcement activities, consumer and business education, best practices for fighting spam, and international cooperation.
For further information, please visit http://www.stopspamalliance.org/
Read also the
OECD news release for the launch of the StopSpamAlliance website.
Thursday, September 28, 2006