International Telecommunication Union   ITU
Site Map Contact us Print Version
 Friday, 22 February 2008

The ITU Regional Cybersecurity Forum ended yesterday following the adoption of the Doha Declaration on Cybersecurity. The ITU Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection (CIIP) was held in Doha, Qatar, 18−21 February 2008 in collaboration with the Qatar Supreme Council of Information and Communication Technology (ictQATAR) and the Qatar Centre for Information Security (Q-CERT). Over 80 representatives from 18 countries in the Arab region as well as key regional organizations including the League of Arab States, Gulf Cooperation Council, and United Nations Economic and Social Commission for Western Asia, participated in the Forum.

"Global interconnectivity creates new interdependencies and risks that need to be managed at national, regional and international levels," said Mr Sami Al Basheer Al Morshid, Director of ITU’s Telecommunication Development Bureau. "The formulation and implementation by all nations of a national framework for cybersecurity and critical information infrastructure protection represents a significant first step in addressing the challenges arising from globally interconnected ICT infrastructures."

During the event, the role of governments in leading national cybersecurity efforts was discussed as well as the critical role of the private sector and other groups in developing policy and law aimed at the implementation and operation of a national cybersecurity strategy. The Forum stressed the importance of reviewing national cybercrime legislation to address threats in cyberspace and called for a national focal point for cyber-incident management to strengthen watch, warning, investigation, response and recovery. Discussions were also held on the necessity of promoting a national culture of cybersecurity to ensure that all users, owners and operators of information systems and networks know their responsibilities with regard to security and develop appropriate tools to combat cyber attacks.

Referring to the recent damage to undersea optical cables, said to have been caused by an adrift ship anchor according to the operator FLAG, Mr Al Basheer said that experience is the hardest teacher. "Whatever the cause, whether intentional or not, whether cybercrime or a mundane accident, the lesson we take away is that every nation needs to organize itself to take coordinated action related to the prevention of, preparation for, response to, and recovery from cyber incidents," said Mr Al Basheer.

Read more of the ITU press release here.

Friday, 22 February 2008 09:46:59 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 21 February 2008

According to reports, DDoS (Distributed Denial of Service) assaults on online gambling sites, particularly on major online poker websites, have surfaced this week. The online poker information portal advised that many online poker and casino properties have suffered outages, naming  Full Tilt Poker as probably the most visible with an inaccessible website for as long as 48 hours, probably incurring serious losses in business. As of 5 am EST Tuesday, the website is redirecting to as a consequence of the attacks. According to the organisation, the attacks on Internet gambling sites commenced on 10 February 2008 and continued through to 18 February 2008. Among the targets were Full Tilt Poker, Party Casino, Titan Poker, Virgin Games, CD Poker, Europa Casino, and a number of Russian online gambling including The extent of the outages for each site varied depending on the ferocity of the attacks and if they had any anti-DDoS attack measures in place. Full Tilt Poker is clearly still having issues while a number of the Russian web properties are still down. There have been reports that Full Tilt's poker room has crashed numerous times over the past few days, including an embarrassing outage during the final table of the FTOPS main event. The motive behind the attacks is still unknown.

Read the full report here.

Thursday, 21 February 2008 09:34:56 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 18 February 2008

In the context of promoting Risk Management and Information Security, ENISA has generated material that can help Small and Medium Enterprises (SMEs) to understand and to apply simplified Risk Management methods. The aim of this document is to provide a simplified and comprehensive view of risk management/risk assessment for use within small and medium sized enterprises (SMEs). To achieve this goal, the present document has been structured in a modular way. It is made up of various parts each devoted to particular needs of stakeholders involved in the process of risk assessment and risk management. The philosophy behind the generation of this material was to shield (non-expert) users from the complexity of risk management and risk assessment activities. In doing so, some complex security matters have been simplified to the minimum needed to achieve an acceptable security level.

For more information, see the relevant deliverable.

As a further step towards the promotion of Risk Management, ENISA has also planned to pilot this method with a number of European stakeholders. The selected pilots will be financially supported by ENISA, helping them to install Risk Management within their IT infrastructure and perform an initial Risk Assessment. Potential stakeholders (e.g., SMEs, associations, etc) who would like to run such pilots are requested to apply for a possible Risk Management introduction project. The deadline for proposals is the 29th of February 2008.

Please visit the ENISA website for more information.

Monday, 18 February 2008 14:48:15 (W. Europe Standard Time, UTC+01:00)  #     | 

OECD, through its Working Party on Indicators for the Information Society, developed Measuring the Impacts of ICT Using Official Statistics. This paper presents available (mainly official) statistics on the impacts of ICT and discusses a number of statistical issues associated with ICT impact measurement. It attempts to place ICT impacts measurement into an Information Society conceptual framework and suggests a number of areas for further work.

Read the full paper here.

Monday, 18 February 2008 09:51:07 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 15 February 2008

Once more there is controversy over a new database due to go online in September 2008, which will hold the school records of all UK school pupils aged 14years and over. Amid security concerns from a number of sources, the British government is under pressure not to implement it.

The Learning and Skills Council (LSC)  insist that it is not a "tracking system" and would in fact be using existing information that had been collected a number of times already. David Russell, national director of resources at the LSC, said "It will only hold factual information such as name, surname, age, postcode, qualifications achieved and courses attended."

Under the Managing Information Across Partners (MIAP) system - to be launched on Thursday 21st February 2008 by Higher Education Minister Bill Rammell - the number will stay with them until they retire.

However, data security watchdog, the Information Commissioner stated that no database could be totally secure and a spokesman added, "We have provided advice and assistance to help ensure that this system is watertight and secure - but no system is immune to human error and breaches can and do occur..."

Last year, the British government put another planned database of children, ContactPoint, on hold, pending a security review and changes to the system including its access controls. ContactPoint is designed for use by child protection agencies. The review was ordered after the loss by HM Revenue and Customs of two discs containing the personal and bank details of 25 million people.

Read full article at the BBC News website

Friday, 15 February 2008 16:36:42 (W. Europe Standard Time, UTC+01:00)  #     | 

The ITU-D secretariat-based derived base version of the October 2007 draft of the Study Group Q.22/1 Report on Best Practices for a National Approach to Cybersecurity: a Management Framework for Organizing National Cybersecurity Efforts is now available online.

This report provides national administrations with a management framework for addressing cybersecurity at the national level and for organizing and implementing a national cybersecurity strategy. As existing national capabilities vary greatly and threats constantly evolve, the report does not provide a prescriptive approach to securing cyberspace. Rather, the framework describes a flexible approach that can assist national administrations to review and improve their existing institutions, policies, and relationships addressing cybersecurity issues.

Although this report is focused on cybersecurity, we note that protection of physical network assets is an equally important priority. We also note that best practices in cybersecurity should in no way suppress freedom of speech, free flow of information and/or due process of law.

The five key elements outlined in this report are:

  • Developing a National Strategy for Cybersecurity;
  • Establishing National Government–Industry Collaboration;
  • Deterring Cybercrime;
  • Creating National Incident Management Capabilities; and
  • Promoting a National Culture of Cybersecurity.

This document is based on studies underway in the ITU Telecommunication Development Sector’s ITU-D Study Group Question 22/1: Securing information and communication networks: best practices for developing a culture of cybersecurity.

To continue reading the report, click here.
More information on ITU-D activities related to cybersecurity here.

Friday, 15 February 2008 15:34:49 (W. Europe Standard Time, UTC+01:00)  #     | 

A draft paper from Bill St. Arnaud,  entitled ICT and Global Warming Opportunities for Innovation and Economic Growth, is now available online. There has been considerable interest recently about how ICT (Information, Computer, Telecommunications) technologies and how they can address the global challenges of protecting the environment and supporting sustainable development. The subject of ICT and the environment covers a wide range of fields such as sustainable development, using ICT to improve practices in agriculture and forestry, monitoring atmospheric and water pollution, waste management and recycling, improved energy efficiency and, of course ICT as a source of toxic waste in its own right. Although these are all important areas of scientific research and public policy, the intent of the report is not to address the various areas on how ICT can address global environment challenges such as the emission of  Green House Gases (GHG). Instead the purpose of this brief report is to focus on the opportunities for innovation and economic growth that might arise through the use of ICT to address the challenge of GHG emissions.

To date most approaches for using ICT to reduce GHG emissions have focused on "sackcloth and ashes" approach of reducing energy consumption or emission abatement techniques such as tele-commuting, tele-presence, etc.  Various industry consortia and government programs have been set up to promote innovation in these areas. Although these may be worthwhile endeavours, they have been in existence for some time and so far, have made little progress in reducing energy consumption or GHG emissions. Rather than focusing on energy efficiency or abatement techniques, the document aims to demonstrate that ICT can provide much greater opportunities for innovation and economic growth through a strategy of "zero carbon" for the ICT industry itself and using ICT e-products and e-services as a reward mechanism to encourage consumers and businesses to reduce their overall carbon footprint including heating, transportation, etc.

Read the complete draft paper here.
For additional information, please contact the author  or visit the Green/IT and Cyber-infrastructure blog.

Friday, 15 February 2008 09:54:30 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 13 February 2008

Safer Internet Day, 12th February 2008, was marked around Europe with events to educate children and parents about Internet dangers. A spokeswoman for the Child Exploitation and Online Protection (CEOP),  which is coordinating the UK's involvement, said its efforts were focused on getting schools to run assemblies that discuss the issue, had these comments: "it is about them talking about the issue, the personal information they put online and their social networking profiles". Dr David King, chair of the Information Security Awareness Forum (ISAF) voices his concerns about the growing number of messages aimed at young people, "There are a lot of messages coming out from lots of different places but the question is who do you listen to?". ISAF plans to produce best practice guides for businesses and to run events to raise awareness about computer security and will collaborate with web-safety campaign Get Safe Online to promote security awareness.

Read full article at the BBC News website.

Wednesday, 13 February 2008 11:44:01 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 12 February 2008

According to the Washington Post, new research from Damballa suggests that the Storm worm has its roots in "Bobax worm," a computer worm that first surfaced as early as 2004. Bobax spread by exploiting various vulnerabilities in the Microsoft Windows operating system, and turned infected machines into spam-spewing zombies. Damballa researcher Chris Davis asserts that the Storm worm actually first surfaced in late 2006 as seen on this SANS Internet Storm Center alert on 29 December 2006. On 19 January, F-Secure reported receiving a flood of spam advertising new versions of Storm. Researchers soon discovered that all infected systems were controlled using the eDonkey peer-to-peer file (P2P) communications protocol, the same technology and networks used by millions of people to share movies and music online. Paul Royal, Damballa's principal researcher said "they basically took Bobax and made all of them become Storm victims, and then started the propagation of Storm through that method. So Storm used a big botnet to bootstrap itself, and it was the vehicle by which Storm became very popular very quickly." Damballa estimates that roughly 17,000 systems remain infected with Bobax.

Read the full article on the Washington Post.

Tuesday, 12 February 2008 11:26:52 (W. Europe Standard Time, UTC+01:00)  #     | 

UNCTAD Information Economy Report 2007-2008, Science and technology for development: the new paradigm of ICT, Chapter 7, Promoting Livelihoods Through Telecentres, provides a comprehensive report on the importance of telecentres in supporting sustainable livelihoods, stating that this will depend largely on their capacity to support local development and not only access to ICT.

More information at the UNCTAD website.

Tuesday, 12 February 2008 10:47:10 (W. Europe Standard Time, UTC+01:00)  #     | 

InSafe, the European network of Internet safety awareness nodes, holds its 5th Safer Internet Day today, 12 February 2008, dedicating some time in schools to reflect on some of the Information and Communication Technologies issues and more importantly raising awareness of them. A competition launched in October 2007 invited young people between 5-19yrs of age to share their online lives and compete for prizes. This year's theme is "Life online is what YOU make of IT." With this, the youth were encouraged to draw from their creativity to illustrate their views of the online world.

More information about the Safer Internet Day 2008 on the InSafe website.

Tuesday, 12 February 2008 09:18:16 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 07 February 2008

The Global e-Sustainability Initiative (GeSI) recently published its third annual Progress Report 2007. GeSI shares relevant information with its stakeholders and the civil society to support the economic and technological progress on information and communication technologies (ICTs) worldwide. This report highlights GeSI’s recent work on sustainability, specific accomplishments in climate change mitigation, managing supply chains, determining materiality, reducing e-waste, and leading public policy.

With support by the United Nations Environment Programme (UNEP) and the International Telecommunication Union (ITU), GeSI is dedicated to the sustainable development of the ICT sector. For more information on GeSI's activities, click here.

Thursday, 07 February 2008 18:46:02 (W. Europe Standard Time, UTC+01:00)  #     | 

With the rise of initiatives such as the One Laptop Per Child (OLPC) and Classmate, security experts warn that this development could mean an explosion in botnets in the developing world. However, Ivan Krstic, OLPC's director of security hardware, points to the choice of Linux as the operating system for the computers emphasizing that for an attack with an overall control, it would have to be written to the system kernel, and those vulnerabilities are patched very quickly making it difficult to get them to run bots. There is an option to run Windows XP on the machine though making all connotations of Windows security apply.

"The bigger problem in the long term may be the developing world's choice of operating system. 'Most of the machines we are shipping have Windows on them. That's the operating system most countries want,' says Intel. It adds that teachers will receive training from Intel to monitor the network and will be able to see if changes have been made to the machines: 'Some schools using the computers will have a teacher who is responsible for security on their networks, others will have an IT person.' As a last resort the Classmate, like the OLPC XO, can be wiped clean and restored to its factory settings. But while Windows has its problems, Linux may not offer much better protection, says Guillaume Lovet, a botnet expert for Fortinet. 'The first botnets were Stacheldraht, Trinoo and TFN, and were built in Linux,' says Lovet. He also dismisses claims that the low bandwidth and internet use in parts of the developing world - the World Economic Forum's 2007 Africa Competitiveness Report estimated that African internet use was just 3.4% of the world total - would act as a brake on the development of botnets. 'It doesn't take any bandwidth to control or make a botnet,' Lovet says. 'Aggregated bandwidth is what is important, and that would still be massive. You could still build a huge cyber-weapon with only a thousand of these machines.'"

Intel and OLPC point out that the laptops will often only have intermittent connectivity which could lower the risk of getting infected. This could lower the chances of getting security upgrades as well though. Rolf Roessing, a security expert for KPMG, notes "if we are to bring IT to Africa then it will not work unless we bring security with it. Computer security in the west grew because of a loss of innocence and there are still weaknesses in the developed world because of a lack of awareness. If you bring IT to developing countries then you have to develop awareness, too."

Read the full article on The Guardian.

Thursday, 07 February 2008 14:50:42 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 06 February 2008

The European Journal of ePractice yesterday published its second issue on "New e-ways of doing the Government's job" with some case studies that show Administrations are willing to experiment. From interoperability, to Radio Frequency Identification (RFID) via online portals to bridging the digital gap, public actors take home important insights every day thanks to e-Government applications and services. The second issue of this journal includes topics of interest in e-Government such as:

  • Interoperability and the exchange of good practice cases
  • Using online auctions to sell surplus property
  • Some best practices in e-Government
  • Using RFID in healthcare organizations
  • Example of a city library trying to bridge the digital divide

For more information on the European Journal of ePractice as part of, an interactive initiative created by the European Commission, click here.

Wednesday, 06 February 2008 19:00:52 (W. Europe Standard Time, UTC+01:00)  #     | 

Technology Review provides a detailed analysis of the recent Internet outage in the Middle East and Asia. The report recounts how the undersea cable damage largely affected the ISPs in the region as well as outsourcing companies who increasingly rely on these connections. It also briefly discusses how undersea cable repairs are done, and further emphasizes the concerns related to these kinds of damage. "In the wake of the fiber breaks, [ISP Association of India secretary R. S.] Perhar says that his organization is encouraging ISPs and companies dependent on fast connections to continue diversifying their bandwidth sources as much as possible, and to lobby for new cable to be laid." Tim Strong, analyst at Telegeography Research adds that "with more cables, it's getting better over time, but there will still be a lack of physical, geographical redundancy."

Read the full article here.

Wednesday, 06 February 2008 16:33:22 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 05 February 2008

A presentation on "ICTs and e-Environment - Overview of BDT Scoping Study for Developing Countries" has been posted online today on the ITU-D ICT Applications and Cybersecurity Division (CYB) website. The presentation is based on the report "ICTs and e-Environment", which provides an overview on the contribution of information and communication technologies (ICTs) and related strategies as tools to assist developing countries in mitigating and adapting to environmental and climate change. The report will be available after final review on the division website.

Tuesday, 05 February 2008 17:32:26 (W. Europe Standard Time, UTC+01:00)  #     | 

A presentation on the "Overview of ITU-D Activities Related to Cybersecurity and Critical Information" has been posted online today on the ITU-D ICT Applications and Cybersecurity Division (CYB) website. The presentation by Robert Shaw, head of the ICT Applications and Cybersecurity division, provides background information on cybersecurity, a case study on the recent Interent outage, key activities of ITU-D, and an outline of the Framework for Organizing a National Approach to Cybersecurity. For more information on CYB's activities involving cybersecurity, visit the division website.

Tuesday, 05 February 2008 11:09:25 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 04 February 2008

The International Telecommunication Union (ITU) extended its call for papers for the ITU Symposia on ICTs and Climate Change to 29 February 2008.

The first symposium will be held in Kyoto, Japan (15-16 April 2008, hosted by the Ministry of Internal Affairs and Communication) and will be followed by finalizing the initial proposals at a second symposium in London, UK (17-18 June, hosted by British Telecom). These symposia will bring together key specialists in the field, from top decision-makers to engineers, designers, planners, government officials, regulators, standards experts and others. To contribute to this work, stakeholders are invited to submit an abstract, of maximum 300 words, for a paper or presentation which is relevant to one of more of the topics above.

The topics of interest at the symposia include:

  • Climate change and the impact of ICTs
  • Use of ICTs in monitoring climate change
  • ICTs for mitigating the local effects of climate change
  • ICTs and concerted action against global warming
  • ICT standardization in the field of climate change

For more information on the ITU Symposia on ICTs and Climate Change, click here. For information on ITU's e-environment activities, click here.

Monday, 04 February 2008 13:12:33 (W. Europe Standard Time, UTC+01:00)  #     | 

The Global e-Sustainability Initiative (GeSI) recently commissioned a research study to assess current carbon impacts of the information and communication technology (ICT) sector and to analyse the role of ICTs in catalyzing transformation to a low-carbon economy. With a focus on both developed and emerging economies, the study aims to:

  • Deliver a globally comprehensive picture of direct and indirect carbon emissions of telecommunications, computing, services and software.
  • Define common themes across the lifecycle of ICTs, identifying critical trends, scenarios and impact assessments for the ICT sector to 2020.
  • Create a ‘road map’ to allow the ICT sector to act now on reducing global energy usage and greenhouse gas emissions.

To know more about the study, click here.

The Global e-Sustainability Initiative (GeSI) is an initiative of Information and Communications Technology (ICT) companies aimed at improving the sustainability impact of the ICT industry, and is supported by the International Telecommunication Union and the United Nations Environment Programme.

Monday, 04 February 2008 12:42:20 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 01 February 2008

The ITU Telecommunication Standardization Sector announces the Study Group 15 tutorials on energy saving techniques to be held on 13-15 February 2008. This activity is in the context of ITU-T's efforts to address climate change issues. "A checklist for developers of standards is already under development in SG 15. The technologies considered in the list include optical transport networks and access network transport technologies such as digital subscriber line (DSL) and Gigabit-capable Passive Optical Networks (GPON). Together these technologies represent a significant consumption of energy worldwide. The idea is that the checklist is applied before the work commences, during the work and after the completion of the work. The use of the checklist should ideally be complemented by involving energy efficiency experts and users in the process."

Other topics in the tutorials include energy efficient Ethernet and opportunities and techniques for power saving in DSL and PON. Also, a general introduction to the issues surrounding ICTs and climate change, (to be addressed in two upcoming ITU Symposia on ICTs and Climate Change), and an update on the outcome of the UN Climate Change Conference in Bali, December 2007, will also be discussed.

More updates on this event on the ITU-T Newslog.
More information on ITU-D's activities involving ICTs and the environment (e-Environment) here.

Friday, 01 February 2008 14:11:17 (W. Europe Standard Time, UTC+01:00)  #     | 

The recent Internet outage has left the experts speculating that there may be greater demand for telecom capacity in the future. Reports indicated difficulty with receiving data sent from the United States to countries affected by the cable damage with an average 50% increase in the time it takes to download Web sites and a 10% decrease in the availability of Web sites overall, Keynote Systems said. Abelardo Gonzalez, a product manager at Keynote, believes the damaged cable incident will spur many global companies to think about new ways of staying connected to the Web in case of emergencies. He adds that companies should look into having backup connectivity through multi-honing their ISPs or even through having a satellite uplink for last-resort connections.

The damage to the cables has raised concerns about future incidents in which a greater number of cables could experience more significant levels of destruction. Paul Polishuk, the president and chairman of the board of the IGI Group of Companies, says one problem with many of the underwater cable systems is that many of the cables join together at shared landing points that could leave large swathes of telecom infrastructure vulnerable to potential terrorist attacks. Andrew Odlyzko, the director of the University of Minnesota's Digital Technology Center, shares Polishuk's concern about the cables' vulnerability and thinks that any significant damage to cables at major landing points would have serious economic consequences as evident on the 2006 earthquakes that severely disrupted Taiwan's Internet access.

Read the full article on Network World.

Friday, 01 February 2008 10:33:23 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 31 January 2008

The Guardian reports on how tens of millions of internet users across the Middle East and Asia have been left without access to the web due to a fault in a single undersea cable believed to be a major internet pipeline connecting to Europe. The outage was said to have first struck yesterday morning and has severely restricted internet access in India, Egypt and Saudi Arabia.

"The line in question runs under the Mediterranean, from Palermo in Italy to Alexandria in Egypt. It is not clear what caused the break. The cable is one of only a handful of connections, and part of the world's longest undersea cable, 24,500 miles long, running from Germany, through the Middle East and India before terminating in Australia and Japan... Egyptian officials said that around 70% of the country's online traffic was being blocked, while officials in Mumbai said that more than half of India's internet capacity had been erased, which could have potentially disastrous consequences for the country's burgeoning hi-tech industry. 'There has been a 50% to 60% cut in bandwidth,' Rajesh Charia, president of the Internet Service Providers' Association of India told Reuters."

According to the report, the outage will take several days to fix, and could have a drastic impact on communications, businesses and the hi-tech industry as well as banks and stock market trading around the region and across the globe.

More details on the digital blackout here.

Thursday, 31 January 2008 11:43:09 (W. Europe Standard Time, UTC+01:00)  #     | 

Nnamdi Chizuba Anisiobi, age 31, of Nigeria; Anthony Friday Ehis, age 34, of Senegal; and Kesandu Egwuonwu, age 35, of Nigeria have pleaded guilty to charges related to spam e-mail that promised U.S. victims millions of dollars from an estate and a lottery, the U.S. Department of Justice announced Wednesday. The three were arrested in Amsterdam on Feb, 21, 2006. One of the case scenarios was an e-mail sent by the defendants to thousands of potential victims purporting to be from an individual suffering from terminal throat cancer who needed assistance distributing approximately US$55 million to charity. According to the DOJ, the fraud victims lost $1.2 million by giving the defendants advance fees. "Anisiobi pled guilty to one count of conspiracy, eight counts of wire fraud and one count of mail fraud. Ehis pled guilty to one count of conspiracy and five counts of wire fraud. Egwuonwu pled guilty to one count of conspiracy, three counts of wire fraud and one count of mail fraud. The maximum penalty for mail and wire fraud is 20 years in prison. The conspiracy charge carries a maximum penalty of five years in prison." A fourth defendant, Lenn Nwokeafor, was also reported to have fled to Nigeria. He was subsequently arrested by the Nigerian Economic & Financial Crimes Commission on July 27, 2006, and is now being held by the Nigerian authorities pending extradition to the U.S..

Read the full article on The New York Times.

Thursday, 31 January 2008 09:47:59 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 30 January 2008

The Wall Street Journal recently reports on President Bush's move to improve protection against cyberattacks. Despite promising a frugal budget proposal next month, an estimated $6 billion has been allocated to build a secretive system protecting U.S. communication networks from attacks by terrorists, spies and hackers. "Administration officials and lawmakers say that the prospect of cyberterrorists hacking into a nuclear-power plant or paralyzing Wall Street is becoming possible, and that the U.S. isn't prepared. This is 'one area where we have significant work to do,' Homeland Security Secretary Michael Chertoff said in a recent interview."

Read the full article on the Wall Street Journal.

Wednesday, 30 January 2008 09:24:31 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 28 January 2008 recently interviewed Nitesh Dhanjani and Billy Rios, well-known security researchers that have recently managed to infiltrate the phishing underground. The interview gives readers a rundown on how Dhanjani and Rios saw an extraordinary amount of sensitive customer account information, obtained the latest phishing kits, located and examined the tools used by phishers, trolled sites buying and selling identities, and even social engineered a few scammers. They also expose on this interview the tactics and tools that phishers use, illustrate what happens when your confidential information gets stolen, discuss how phishers communicate and how they phish each other.

Read the full interview here.

Monday, 28 January 2008 13:07:00 (W. Europe Standard Time, UTC+01:00)  #     | 

Speech recognition technology has been an accelerating technological development and is now making its way to the mass market. Among these companies providing speech recognition technology is Vlingo Corporation. "Vlingo’s service lets people talk naturally, rather than making them use a limited number of set phrases. Dave Grannan, the company’s chief executive, demonstrated the Vlingo Find application by asking his phone for a song by Mississippi John Hurt (try typing that with your thumbs), for the location of a local bakery and for a Web search for a consumer product. It was all fast and efficient. Vlingo is designed to adapt to the voice of its primary user, but I was also able to use Mr. Grannan’s phone to find an address. The Find application is in the beta test phase at AT&T and Sprint." Other companies offering speech recognition technology to their customers include Nuance with its Nuance Voice Control system recently released last August, and Microsoft with its purchase of TellMe Networks last March. According to Opus Research, speech recognition has reached a $1.6 billion market in 2007, and they further predict an annual growth rate of 14.5 percent over the next three years. "Dan Miller, an analyst at Opus, said that companies that have licensed speech recognition technology would probably see faster revenue growth, as more consumers used the technology."

Speech recognition technology has also been available on personal computers since 2001 in applications like Microsoft Office but with a weaker following. It is also already used in high-end G.P.S. systems and luxury cars from Cadillac and Lexus, and is now spreading to less expensive systems and cars. The speech technology chief at I.B.M. Research, David Nahamoo, adds that the company has an automotive customer testing speech recognition to help drivers find songs quickly while driving. SimulScribe, on the other hand, uses speech recognition to convert voice mail into e-mail.

More on this article on the The New York Times.

Monday, 28 January 2008 11:15:19 (W. Europe Standard Time, UTC+01:00)  #     | 

According to Security experts at Sophos, 6,000 new infected webpages are discovered every day, 83 per cent of which belonging to innocent companies and individuals that are unaware of their sites being compromised. Sophos further reports that the well-known iFrame vulnerability in Internet Explorer remained the preferred vector for malware attacks throughout last year with China (51.4 per cent) and the US (23.4 per cent) leading in the net security firm's list of malware-hosting countries. According to PandaLabs, "around half a million computers are infected by bots every day... [and] approximately 11 percent of computers worldwide have become a part of criminal botnets, which are responsible for 85 percent of all spam sent."

Read the full article on The Register.
Read relevant article on Slashdot.

Monday, 28 January 2008 09:55:20 (W. Europe Standard Time, UTC+01:00)  #     |