International Telecommunication Union   ITU
 
 
Site Map Contact us Print Version
 Wednesday, September 05, 2007

Eric Bangeman of Ars Technica reports on the growing power of PSP on the internet today. According to a new survey from ipoque, a German traffic management and analysis firm, P2P traffic is dominating the Internet these days with ipoque's "preliminary results" showing that P2P applications account from anywhere between 50 percent and 90 percent of all Internet traffic. The final survey results are not yet available and will presented at the Emerging Technology Conference at MIT later this month.

During the last year, BitTorrent accounted for between 50 percent to 75 percent of all P2P traffic, with eDonkey coming in second at between 5 percent and 50 percent. ipoque's data appears at odds with that of Ellacoya Networks, a company that makes deep packet inspection gear. The company said in June that P2P traffic accounts for just 37 percent of North American traffic, compared with 46 percent for HTTP traffic. Of that 46 percent, over a third consisted of streaming video, à la YouTube.

Despite the differences in how the traffic is broken out, ipoque and Ellacoya's data both illustrate much of the P2P traffic reported by both firms is video. With the surge in traffic of YouTube and other video sites, as well as the official upcoming launch of Joost, demand for high-bandwidth applications like video is definitely increasing. This has resulted to ISPs' interest in deep packet inspection and other traffic-shaping tools.

Read full article here.

Wednesday, September 05, 2007 2:55:54 PM (W. Europe Standard Time, UTC+01:00)  #     | 

APCAUCE's 2007 meeting was held on 02 September 2007 in conjunction with the 24th APNIC Open Policy Meeting and SANOG 10, in New Delhi, India. The meeting agenda and presentations are now available and may be accessed here. An Overview of the ITU Development Sector Activities on Cybersecurity was presented by Robert Shaw, Head, ICT Applications and Cybersecurity Division, ITU Telecommunication Development Sector is available on the meeting site.

Wednesday, September 05, 2007 2:32:35 PM (W. Europe Standard Time, UTC+01:00)  #     | 

Security firm Sunbelt recently discovered that the Bank of India's hacked website was serving dangerous malware, and the infamous Russian Business Network, an ISP linked to child pornography and phishing, is behind the attack. The service provider in question has developed a notorious reputation. According to VeriSign threat intelligence analyst Kimberly Zenz, the Russian Business Network (RBN) is different to other service providers because "unlike many ISPs that host predominately legitimate items, RBN is entirely illegal. A scan of RBN and affiliated ISPs' net space conducted by VeriSign iDefense analysts failed to locate any legitimate activity. Instead, [our] research identified phishing, malicious code, botnet command-and-control, denial-of-service attacks and child pornography on every single server owned and operated by RBN."

Patrik Runald, senior security specialist at F-Secure, said: "No one knows who the RBN is. They are a secret group based out of St Petersburg that appears to have political connections. The company doesn't legitimately exist. It's not registered and provides hosting for everything that's bad. Their network infrastructure is behind a lot of the bad stuff we're seeing and it has connections to the MPack Group [a well-known group of cybercriminals which used MPack software to steal confidential data]." Runald said that, in the case of the Bank of India's hacked website, RBN used an Iframe to launch another window which then pushed victims to a webpage containing malicious code. The Trojans used in this case were designed to steal passwords from PCs and upload Trojan proxies in aide of developing a botnet.

Read the full article on ZDNet.co.uk.

Wednesday, September 05, 2007 11:28:53 AM (W. Europe Standard Time, UTC+01:00)  #     | 

BBC News reports that easy to use tools that automate attacks on computers are being produced by malicious hackers, according to security experts, ranging from individual viruses to comprehensive kits that let budding cyber thieves craft their own attacks. The top hacking tools may cost up to £500, with some providing 12 months of technical support. Tim Eades from security company Sana said that malicious hackers had evolved over the last few years and were now selling the tools they used to use to the growing numbers of cyber thieves. Individual malicious programs cost up to £17 (25 euros), he said. At the top end of the scale, said Mr Eades, were tools like the notorious MPack which costs up to £500. The regular updates for the software ensure it uses the latest vulnerabilities to help criminals hijack PCs via booby-trapped webpages. It also includes a statistical package that lets owners know how successful their attack has been and where victims are based. MPack has been very popular among criminally minded groups and in late June 2007 managed to subvert more than 10,000 websites in one attack that drew on the tool.

Paul Henry, vice president of Secure Computing, said there were more than 68,000 downloadable hacking tools in circulation. The majority were free to use and took some skill to operate but a growing number were offered for sale to those without the technical knowledge to run their own attacks such as Mpack, Shark 2, Nuclear, WebAttacker, and IcePack. Mr Henry said the tools were proving useful because so many vulnerabilities were being discovered and were taking so long to be patched. Many hacking groups were attracted to selling the kits because it meant they took little risk themselves if the malicious software was used to commit crimes. "The only thing you are going to find is a disclaimer that this was distributed for educational purposes and the user accepts any responsibility for any misuse," he said.

To read full article, click here.

Wednesday, September 05, 2007 11:12:11 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, September 04, 2007

World Information and Communications Development Trends, a presentation by Robert Shaw, head of the ICT Applications and Cybersecurity Division, ITU Telecommunication Development Sector, is now available. It was presented to the Ministry of Information and Communications (MIC) in Hanoi, Viet Nam on 27 August 2007 discussing issues related to transition to new technologies and Next Generation Networks (NGN). For more relevant information, visit the CYB website.

Tuesday, September 04, 2007 1:20:31 PM (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, September 03, 2007

The United States District Court of Washington ruled in favor of Kaspersky Lab, a leading developer of secure content management solutions, granting immunity from liability in the case brought by online media company Zango. According to Zango's lawsuit, Kaspersky Lab should reclassify Zango’s programs as nonthreatening and Kaspersky Labs’s security software should stop blocking Zango’s potentially undesirable programs. "Judge Coughenour of the Western District of Washington threw out Zango’s lawsuit on the grounds that Kaspersky was immune from liability under the Communications Decency Act. The ruling protects consumer choice to determine what information and software is allowed on each computing system, and enables anti-malware vendors with the right to identify and label software programs that may be potentially unwanted and harmful to a user’s computer as they see fit."

Read full article here.

Monday, September 03, 2007 9:46:38 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, August 30, 2007

Vanguard Media reported today on planned subsidies for telecom operators to erect base transceivers stations in Nigeria with the support of the Universal Service Provision Fund (USPF).

The Fund would receive parts of the annual operating levy that all operators pay to the Nigerian Communications Commission. Finally, subsidies would allow telecom operators to expand their services to isolated and under-served areas, which would enable rural communities to have access to the information society through internet and telephone.

Click here, to read more.

Thursday, August 30, 2007 4:55:22 PM (W. Europe Standard Time, UTC+01:00)  #     | 

Internet bandwidth could become a global currency under a proposed model for the future of e-commerce that exploits a novel peer-to-peer video sharing application designed by a trans-Atlantic team of computer scientists according to an article by Vidura Panditaratne on Wednesday, 29 August 2007. This application is being used by researchers from Delft University of Technology and Vrije Universiteit, Amsterdam and Harvard's School of Engineering and Applied Sciences to explore a next-generation model for safe and legal electronic commerce that uses Internet bandwidth as a global currency. An enhanced version of this application called Tribler is now available for free download online.

A version of the Tribler video sharing software serves as a model for an e-commerce system because of its flexibility, speed, and reliability. The researchers envision this model to connect users to a single global market, without any controlling company, network, or bank with bandwidth as the first true Internet "currency" for such a market. "By studying user behavior within an operational 'Internet currency' system, with a particular focus on understanding how and why attacks, fraud, and abuse occur and how trust can be established and maintained, the researchers imagine future improvements to everything from on-demand television to online auctions to open content encyclopedias."

Read more by accessing the full article.

Thursday, August 30, 2007 9:42:28 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, August 29, 2007

The VietNamNet Bridge yesterday published an interview with the Ministry of Information and Communications of Vietnam. According to the Deputy Minister, developing e-government would support the government to operate more effectively, more transparently and to better serve citizens.

Planned activities based on experiences in Vietnam and other countries would aim to integrate ICT applications into public administration agencies by 2010. Doing so would require digitalizing administrative systems and procedures, and providing ICT training. To overcome the reluctance to change, the programme would seek the support and involvement of civil society, private industry and local and regional administrations.

To read more, click here.

Wednesday, August 29, 2007 5:57:38 PM (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, August 28, 2007

Pakistan's Minister for Information Technology Awais Ahmad Khan Leghari said on Thursday that the adoption of cyber crime bill by the federal cabinet was a major step towards ensuring a secure business environment and promotion of e-commerce. He said the e-crime bill which will be tabled in the parliament very soon, would help draw more business and improve Pakistan's e-readiness ranking as reflected in indices maintained by various agencies and business journals of the world.

The Federal Investigation Agency (FIA) has been given the mandate to probe cases falling under the preview of the e-crime law. He said the e-crime law would require the internet companies maintain their traffic data for at least six months to enable the agencies to investigate cases involving data stored by them. He also added that the government would create special IT tribunals in Islamabad as well as provincial headquarters to investigate and check growing incidents of crimes which remained unpunished for a lack of specific law.

The Prevention of Electronic Crimes Bill 2007 poses penalties ranging from six months to 10 years of punishment for 17 types of cyber crimes, including cyber terrorism, hacking of websites and criminal access to secure data. Thirteen of the crimes listed under the law are bailable.

Read full article here.

Tuesday, August 28, 2007 10:47:42 AM (W. Europe Standard Time, UTC+01:00)  #     | 

GigaOM, on an article by Om Malik, "All Hail SMS," discusses the growing popularity of Short Message Service (SMS), aka text messaging, despite rumors of its pending demise. The technology's relative simplicity and ease of use, despite the high tariffs imposed by carriers around the world, makes SMS usage more and more popular. According to Paul Ruppert, a veteran of mobile business and now a consultant, every year, 2.1 billion global mobile users send 3 trillion SMS messages. Even in markets like the U.S., which lagged in embracing the ease and power of texting and seemingly preferred email and Instant Messaging, text messaging has become an intimate aspect of daily lives, especially for those 15 to 25. Commonly used communications applications embedding direct-to-SMS functionality, such as the new Yahoo Mail, which comes with free text messaging to mobile phone numbers (available in the U.S., Canada, India and the Philippines), have also become apparent nowadays.

Om Malik also writes that "some (mostly entrepreneurs and venture capitalists) believe that like email, SMS is the vehicle for add-on-innovation. There are gaming companies that have turned SMS-based voting into a big business. Voice SMS is being talked about as the next big thing."

To read the full artcile, click here.

Tuesday, August 28, 2007 9:34:42 AM (W. Europe Standard Time, UTC+01:00)  #     | 

ICANN finalized on 23 August 2007 the IDN .test Evaluation Plan and is currently moving forward towards the insertion of IDN strings in the root zone. These IDN TLDs are the word "test" translated into eleven languages including: Arabic, Persian, Chinese (simplified and traditional), Russian, Hindi, Greek, Korean, Yiddish, Japanese and Tamil. The delegation of these TLDs and the evaluations, as described in the plan, is expected to commence in September 2007.

The plan has been modified based on comments received on the IDN public forum and also from consultations with ICANN Technical Advisory Committees. The last version was approved by the ICANN Board at their 14 August 2007 meeting, and the resolution directs ICANN Staff to implement the IDN .test Evaluation Plan, and report back to the ICANN Board following the conclusion of the evaluation.

Keep updated on the progress of this project by visiting http://icann.org/topics/idn.

Read the full article here.

Tuesday, August 28, 2007 8:34:10 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, August 23, 2007

The World Health Organization launched its annual leading publication focusing on building a safer future in public health. The World Health Report 2007 shows how and why the world is at increasing risk of outbreaks of communicable diseases across borders, natural and man-made disasters and other health emergencies that can rapidly become threats to global public health security.

Information and communication technologies used in surveillance, monitoring and response networks are mentioned as tools to respond to outbreaks of infectious diseases. The report says that the prospect of a safer future would be within reach - and that this would be both a collective aspiration and a mutual responsibility.

To read more, click here.

Thursday, August 23, 2007 5:27:46 PM (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, August 22, 2007

The FBI has chosen the National Center for Supercomputing Applications at the University of Illinois at Urbana-Champaign to host a new law enforcement cybersecurity research center. The bureau said it would provide $3 million to support the first two years' operation of the National Center for Digital Intrusion Response.

The bureau said the state university's IT security scholars would work with FBI cybersecurity specialists to understand what new capabilities are required to better detect and investigate cyberattacks, develop new tools and ensure that FBI agents in the field can use them effectively. The bureau's expansion of its work with the university team reflects changes in the patterns of crime and national security threats, the FBI said. "While cyberattacks were once considered a specialized niche in law enforcement, today there are digital aspects to many crimes and national security threats; all investigators must be able to pursue criminals operating in cyberspace," the FBI said. "NCDIR will provide training, including intensive summer workshops, so all FBI agents have the opportunity to use these new tools in the field."

Some of the projects and IT security tools developed by NCSA through the funding of the National Science Foundation and other federal agencies include MyProxy, a tool for grid credential management; Framework for Log Anonymization and Information Management, an app that facilitates sharing of log data among secure systems; GridShib, at tool that supports identity federation for grids; Trustworthy Cyberinfrastructure for the Power Grid; and Illinois Terrorism Task Force's First Responder's Credentialing.

Read the full article at Government Computer News (GCN).

Wednesday, August 22, 2007 5:01:28 PM (W. Europe Standard Time, UTC+01:00)  #     | 

Australia announced a national strategy on deploying health records available over the internet to every citizen, as The Canberra Times reported yesterday. Patients would be able to securely access their medical claims and rebates over public networks as of 2008. Later on, patients would have online access to their pharmaceutical benefits schemes claims. Eventually, Australians would have access to their individual digital files, which would be automatically updated by health service providers.

A parallel initiative is focusing on ensuring effective follow-up medical care for indigenous children in remote areas. Depending on the patient’s or their parents’ authorization, health professionals would be able to access their digital records to support ongoing care.

(The full article "Aust health histories to be accessible on internet" by Danielle Cronin health reporter, Canberra Times, 21 August 2007, is not available freely online.)

Wednesday, August 22, 2007 3:45:39 PM (W. Europe Standard Time, UTC+01:00)  #     | 

On 22 July 2007, the New York Times reported on Rwanda's current Internet connectivity situation. According to the article, in 2003, Greg Wyler, an American businessman, promised the Rwandan government fiber optic cables and connectivity among schools, government institutions and homes through low-cost, high-speed Internet service. His company, Terracom,was granted a contract to connect 300 schools to the Internet, and later, the company bought 99 percent of the shares in Rwandatel, the country’s national telecommunications company, for $20 million. However, after nearly four years, the government criticizes Terracom for not having delivered and materialized most of the benefits they have hailed.

The technical, political and business realities of Africa are said to have caused this slow progress of the venture. Apart from the failed and delayed attempts to bring affordable high-speed Internet service to the masses in the continent, the lack of infrastructure is also being blamed to be the biggest drawback. Some other difficulties mentioned were insufficient bandwidth capacity on satellites, poor management and intermittent power failures. Rwandan officials also say that the company seems more interested in tapping the more lucrative cellphone market than in being an Internet service provider.

With Terracom’s new chief executive, Christopher Lundh, a former executive of Gateway Communications in London, government officials say Terracom’s performance has improved. The government, meanwhile, is moving forward with its own plans to build a fiber optic network. It also has granted Internet service licenses to South African companies and plans to issue several more. A reduced price of Internet service to about $10 a month is also aimed for according to Nkubito Bakuramutsa, director general of the Rwanda Information Technology Authority.

To read the full article, click here.

Wednesday, August 22, 2007 1:28:47 PM (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, August 21, 2007

According to an analyst report, the internet is heading for a crash unless it increases its bandwidth capabilities. A study conducted by ABI Research claims that cable firms face the biggest challenge as their technology will reach saturation point first.

Stan Schatt, research director at ABI, told Ars Technica: "Uploading bandwidth is going to have to increase, and the cable providers are going to get killed on bandwidth as HD programming becomes more commonplace." He adds that the solution to the problem is to change to digital switching and move to IPTV.

Researchers from Cisco Systems seem to agree with this claim. Cisco found that American video websites currently transmit more data per month than the entire amount of traffic sent over the internet in 2000. The company estimates that file-sharing makes up at least one-third of today's internet traffic. The Cisco report predicted that video streaming and downloads will increase to make up to 30 percent consumer internet traffic in 2011, up from the 2006 figure of nine per cent.

With the release of the BBC's iPlayer online television service in the UK, bandwidth concerns with internet service providers increase even more. However, Orange reports that the internet overload does not appear to have started yet.

Continue reading the article here at vnunet.com.

Tuesday, August 21, 2007 8:57:19 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, August 20, 2007

Technicians and engineers from Telecoms sans Frontieres started deploying telecommunication centres in Peru to restore communications in the areas hit by the earthquakes last week, as the BBC reported. Well operating and reliable telecommunications are vital for coordinating emergency relief work and humanitarian assitance.  The technologies brought by the non-governmental organization include satellite telephones and internet modems, and equipment to set up wireless connectivity to the internet. More on BBC News

Monday, August 20, 2007 11:49:53 AM (W. Europe Standard Time, UTC+01:00)  #     | 

ITU, in collaboration with the Secretaría de Comunicaciones, Argentina, will be hosting a workshop 16-18 October 2007 entitled Regional Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection. The workshop will be held in Buenos Aires, Argentina.

The description of the event, draft agenda, invitation letter, and practical information for meeting participants will be made available on the event website.

Contact cybmail@itu.int with any general queries you may have related to the workshop.

Monday, August 20, 2007 11:10:14 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, August 17, 2007

The Russian government plans to introduce full-scale e-government services by 2010, as The Moscow Times reports. This would create a single point of entry to government services substantially reducing administrative costs and time to access information by citizens, public institutions and private organizations in the country.

To read more, click here.

Friday, August 17, 2007 2:43:25 PM (W. Europe Standard Time, UTC+01:00)  #     | 

Researchers are warning universities that they're at risk of being hit with massive distributed denial-of-service attacks when they scan their own networks. According to Doug Pearson, technical director of Ren-Isac, the Storm botnet, a massive botnet that the hackers have been amassing over the last several months, has developed a counter-attack to computers that are trying to weed it out. The botnet is set up to launch a distributed denial-of-service (DDoS) attack against any computer that is scanning a network for vulnerabilities or malware.

Ren-Isac, which is supported largely through Indiana University, recently issued a warning to about 200 member educational institutions and then put out a much broader alert, warning colleges and universities that their networks could come under heavy attack. According to the alert, this new Storm botnet tactic presents more danger to schools than it is to corporate enterprises simply because of the placement of the scanners. Pearson explains that universities and colleges often have their scanners on a public network making it visible to the Internet at large. If it was protected on a private network, the way it's done with most enterprises, the botnet would not be able to find it so there wouldn't be an IP route to send the DDoS packets.

Don Jackson of SecureWorks said in an interview that slowly but surely IT managers and consumers are getting better at blocking or at least ignoring the e-mail attacks, so the Storm worm authors are setting up a secondary attack venue.

Read the full article at InformationWeek.

Friday, August 17, 2007 10:51:00 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, August 16, 2007

Two Ethiopian hospitals have been linked with a specialist hospital in India, which allows doctors to obtain real-time second opinion over the internet, as BBC News reported on 16 July 2007.

The pilot project focusing on a hospital in Addis Ababa and on a provincial one located 300 km away from the capital would likely be followed-up by connecting a total of 20 more hospitals into the network. For the first five years, India will run the project free of charge.

The technical platform facilitates sharing of patients' data between healthcare professionals (such as X-rays, laboratory tests, etc.); health workers in remote areas have better access to medical expertise without moving over long and time-consuming distances.

In order to improve secondary education and access to medical expertise, 23 African countries are already in the loop for a similar project agreed between India and the African Union.

To read the full article, click here.

Thursday, August 16, 2007 2:13:02 PM (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, August 15, 2007

The New York Times reported on 14 August 2007 that Google and Microsoft are separately developing a system of online health records, which would allow individuals to store, retrieve and provide personal health data to doctors, hospitals, insurers, laboratories, etc. as desired.

Data would been directly uploaded onto these records by health service providers, but access to the information (through PCs, mobile telephones and other digital devices) would be controlled by the patient. The health data stored on the personal online record would also lead their owners to locating relevant health-related information on the web (including advertisements that would likely fund the system).

Other companies specialized in digital health records and search engines are working on similar systems. To eventually reach end-users significant security and privacy issues will have to be resolved in fine-tuning these services

To read more, click here.

Wednesday, August 15, 2007 2:18:33 PM (W. Europe Standard Time, UTC+01:00)  #     | 

Information technology flourishes in northern Indian states, as the Financial Express reports on 13 August 2007. In order to better evaluate the capacities of using information and communication technologies (ICTs) in India to participate in a globally networked economy, the department of information technology and the National Council of Applied Economic Research released its latest e-Readiness Assessment report in January 2007.

States and union territories ranked at the top have implemented, among others, some e-Governance initiatives for land and property records, transportation, birth and death registration, and ICT applications for agriculture. Further activities to boost the level of e-Readiness as well as e-Governance are mentioned in the article such as providing an enabling political and regulatory environment, infrastructure, capacity building and sharing experiences with other states.

To learn more of the national e-Governance plan, click here.

Wednesday, August 15, 2007 11:00:23 AM (W. Europe Standard Time, UTC+01:00)  #     | 

InfoWorld reports that security experts warn Germany's new antihacker law could result to more cybercrime and not less. The law, which aims to mitigate the rise of computer attacks in the public and private sectors, was approved in May by the German government and implemented on Saturday. Although Germany already has approved numerous laws to curb attacks on IT systems, the most recent one aims to close any remaining loopholes. Punishable cybercrimes include DOS (denial-of-service) attacks and computer sabotage attacks on individuals, which would extend the existing law that limited sabotage to businesses and public authorities.

The new law defines hacking as penetrating a computer security system and gaining access to secure data, without necessarily stealing data. Offenders are defined as any individual or group that intentionally creates, spreads or purchases hacker tools designed for illegal purposes. They could face up to 10 years in prison for major offenses.

Security experts from different clubs and vendors such as Chaos Computer Club, F-Secure and Kaspersky Lab, all share the same concern on the legal uncertainty the new law creates. According to them with the new law, their development of hacker tools to test and ensure network system security, which is essential to their business, could get them in trouble and bring them to court in the future.

Other groups of computer experts that develop hacking tools to test the security of computers and network systems have already pulled the out their operations in Germany. KisMAC and Phenoelit, hacker groups that offer a tool to detect security holes in networks, stopped its work in Germany and plans to resume in neighboring Netherlands.

To read the full article, click here.

Wednesday, August 15, 2007 10:11:48 AM (W. Europe Standard Time, UTC+01:00)  #     | 

On an article by InformationWeek, researchers are blaming the virulent Storm worm for a widespread denial-of-service attack that hit Canadian Web sites over the weekend, saying the attack could have been a test of the might of a botnet more than 1.7 million zombies strong.

Johannes Ullrich of the SANS Institute and the Internet Storm Center, said in an interview that "the DoS part was basically an unintentional side effect. It was a whole lot of spam -- enough to make the servers slow down. Once [that much spam] is set loose, it's hard to tell what's going to happen."

The Storm worm has been bombarding the Internet with massive amount of spam e-mails in the form of phony electronic greeting cards for the past several months. This emails lure unsuspecting users to malicious Web sites where their machines are infected with malware that turns them into bots, which adds them up to the massive botnet that the Storm worm authors have been putting together. However, the latest attack used e-mails with limited amount of text instead of the e-card ruse though, which confirms the attack was a test-run, according to Ullrich.

In the first half of this year, it has been reported that the Storm authors had a botnet about 2,815 strong according to the researchers at SecureWorks. That number had skyrocketed to 1.7 million by the end of July. Researchers at both SecureWorks and Postini said they think the Storm worm authors are cultivating such an enormous botnet to do more than send out increasing amounts of spam. All of the bots are set up to launch DoS attacks and that's exactly what they're anticipating.

Read the full article here.

Wednesday, August 15, 2007 8:59:38 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, August 14, 2007

On 16 July 2007, the European Commission issued a set of draft recommendations on eHealth interoperability. This supports the idea that connecting people, systems, and services would be vital for the provision of good healthcare in Europe.

The lack of interoperability in systems and services has long been identified as one of the major challenges to the wider implementation of the Union's e-Health applications.

The goal of this Recommendation is to contribute to enabling the provision of a means of authorised healthcare professionals to gain managed access to essential health information about patients, subject to the patients' consent, and with full regard for data privacy and security requirements. Such information could include the appropriate parts of a patient's electronic health record, patient summary and emergency data from any place in Europe: within countries, in cross-border regions, and between countries.

The proposed actions cover the following areas:

  • The overall (political/legal) level of eHealth interoperability inclusing privacy and confidentiality
  • Creating the organisational framework (or process) for e-Health interoperability
  • Applications (including semantic) interoperability
  • Architectural and technical interoperability including security, certification and accreditation
  • Monitoring and evaluation

For full information, click here.

Tuesday, August 14, 2007 1:15:44 PM (W. Europe Standard Time, UTC+01:00)  #     | 

The first Global Information Society Watch 2007 report was released at the United Nations' Palais des Nations in Geneva on 22 May 2007 and during the The Third Annual SANGONeT "ICTs for Civil Society" Conference and Exhibition in Johannesburg, South Africa on 18 July 2007. The report discusses the state of the field of information and communication technology (ICT) policy at local and global levels and particularly how policy impacts on the lives of people living in developing countries.

Studies of the ICT policy situation in twenty-two countries from four regions are featured: Africa (Democratic Republic of Congo, Egypt, Ethiopia, Kenya, Nigeria, South Africa and Uganda); Asia (Bangladesh, India, Pakistan and the Philippines); Latin America (Argentina, Brazil, Colombia, Ecuador, Mexico and Peru); and Eastern Europe (Bosnia and Herzegovina, Bulgaria, Croatia and Romania), with one report from a Western European country (Spain).

The report concludes that when it comes to ICTs for development, there are some conspicuous similarities between the countries. Excluding Spain, the other twenty-one countries each show obvious evidence of the "digital divide" which impacts on the majority of people negatively. The report also includes provocative, analytical essays on five international institutions (including ICANN and the World Intellectual Property Organisation) questioning the extent to which they allow all stake-holders to participate in their processes. There is a special section on how to measure progress as well.

Read more on the Global Information Society Watch.

Tuesday, August 14, 2007 11:04:02 AM (W. Europe Standard Time, UTC+01:00)  #     | 

On Sydney Morning Herald's Veto for Parents on Web Content, it was announced that ISPs in Australia will be obligated to filter web content at the request of parents. This is part of the $189 million Federal Government crackdown on online bad language, pornography and child sex predators. According to the Prime Minister, John Howard, the Government would increase funding for the federal police online child sex exploitation team by $40 million to aid investigators to track those who prey on children through chat rooms and sites such as MySpace and Facebook. The Government is also expected to pay $90 million to provide every concerned household with software to filter internet content.

According to the article, the more efficient compulsory filtering of internet service providers (ISPs) was proposed in March last year by the then Labor leader, Kim Beazley, which the Communications Minister, Helen Coonan, and ISPs criticised as expensive then. Three months later Senator Coonan announced the Government's Net Alert policy, promising free filtering software for every home that was interested. She also announced an ISP filtering trial to be conducted in Tasmania, but that trial was scrapped.

The ISP filtering measure, according to Mr. Howard is a world first by any Government, and is expected to offer funding to help cover the cost. An ISP filter option will be made available to parents when they sign up with an ISP. This service will be compulsory to all ISPs. The measures are expected to be implemented by the end of this month.

US authorities have reported last month that more than 29,000 convicted sex offenders had profiles on MySpace. In Australia, about 26 per cent of Australia's 3.8 million MySpace users are under 18. To protect the users, MySpace has written to all state and territory governments, and the Commonwealth, asking them to create a national child-sex offender database that requires email addresses to enable them to track sex offenders and remove their profiles on the system.

Read the full article here.

Tuesday, August 14, 2007 10:34:03 AM (W. Europe Standard Time, UTC+01:00)  #     | 

A Report entitled Personal Internet Security from the House of Lords Science and Technology Committee has been made available on Friday discussing primarily the issues pertaining to individual experiences of the Internet. In the report, the U.K., ISPs and others, has been said to unfairly hold Internet users responsible for online safety. According to the panel, this "laissez-faire" attitude toward personal security is what weakens user confidence. The report proposes that ISPs should be held responsible and avoid them from ignoring spam and malware notices, and that information technology vendors be held liable for not making products secure.

Network security, appliances and applications, how businesses and individuals use the Internet and policing of the online world were studied and dealt with in the Lords inquiry. It also noted that the U.K. government is at fault for not showing leadership in assembling available information and interpreting it for the public. "The Government are not themselves in a position directly to gather the necessary data, but they do have a responsibility to show leadership in pulling together the data that are available, interpreting them for the public and setting them in context, balancing risks and benefits. Instead of doing this, the Government have not even agreed definitions of key concepts such as 'e-crime'." The report recommends the establishment of a cross-departmental group in the Government, "bringing in experts from industry and academia, to develop a more co-ordinated approach to data collection in future. This should include a classification scheme for recording the incidence of all forms of e-crime. Such a scheme should cover not just Internetspecific crimes, such as Distributed Denial of Service attacks, but also e-enabled crimes - that is to say, traditional crimes committed by electronic means or where there is a significant electronic aspect to their commission."

The committee points out the need for more support for research from the industry as well. "The development of one or more major multidisciplinary research centres, following the model of CITRIS, is necessary to attract private funding and bring together experts from different academic departments and industry in a more integrated, multi-disciplinary research effort."

End-users are still predominantly viewed as unable to protect their own security according to the report. And private companies are driven by strong incentives to either promote security for profit or to oppose it as imposing costs on them according to lawmakers. The committee, thus, proposes that ISPs, being the link between the users and the network, could take more control over the network traffic by blocking or filtering traffic containing malicious code. "We do not advocate immediate legislation or heavy- handed intervention by the regulator," says the lawmakers, adding that the market must be nudged to provide better security.

Further recommendations of the committee include criminalizing trade in botnet services, no matter what their use, creating a unified, Web-based reporting scheme for e-crime, more action on creating a central e-crime police unit, fast ratification of the Council of Europe CyberCrime Convention, and educating courts on Internet crime.

Read the full article on Factiva Content Watch.
To access the report, click here.

Tuesday, August 14, 2007 9:56:33 AM (W. Europe Standard Time, UTC+01:00)  #     |