ITU’s relationship with IMPACT continues to gain momentum, with over 130 UN Member States now part of the ITU-IMPACT coalition.

ITU-IMPACT is the first cooperative global venture to make available cybersecurity expertise and resources to enable Member States to detect, analyze and respond effectively to cyberthreats. Of particular benefit to developing countries and smaller states without the capacity and resources to develop their own sophisticated cyber response centres, the coalition also benefits technically advanced nations by providing them with a continuous global snapshot of potential and real online threats.

Under the terms of the agreement, Symantec will provide ITU with expert intelligence reports on current and future trends in ICT security, to be shared among all ITU Member States. This will facilitate awareness raising and knowledge transfer, complementing the work of ITU and strengthening its effectiveness as a global forum for governments and the private sector to build confidence and security in the use of ICTs.

A Memorandum of Understanding signed between ITU and the United Nations Office on Drugs and Crime (UNODC) at this year’s WSIS Forum event in Geneva will see the two organizations collaborate in assisting UN Member States to mitigate the risks posed by cybercrime.

The MoU will enable ITU and UNODC to work together to make available the necessary expertise and resources to establish legal measures and legislative frameworks at the national level, for the benefit of countries worldwide. It is the first time that two organizations within the UN system have formally agreed to cooperate on a global basis on cybersecurity.

“This new alliance with UNODC is a major milestone in implementing a coordinated global approach to an increasingly serious global problem. Together, our two agencies will generate powerful synergies that will help all countries fight the scourge of cybercrime and create a safer online environment for all,” said ITU Secretary-General Dr Hamadoun Touré.

An operation involving cross-border collaboration and supported by Europol has dismantled an international organized crime group based in Romania. The gang had been carrying out payment card fraud in several EU countries including Poland, Romania, Sweden and the UK.

Romanian law enforcement authorities, working in cooperation with the Europol, the European Law Enforcement Agency, arrested five members of the criminal gang after months of surveillance. The gang’s activities had involved fraudulently withdrawing cash from ATM machines with illegally skimmed and counterfeit payment cards. The card holders in countries including Poland, Romania, Sweden and the UK are said to have suffered substantial losses according to a press release issued by Europol on Wednesday.

Full Story

As February 8th marks Safer Internet Day, the statistical office of the European Union (EU) has published new figures which reveal the extent to which businesses can and do benefit from security solutions when outsourcing IT departments.

The Eurostat study found that in 2010 approximately 84 per cent of web users were protected by security software, suggesting that there are still a large number of individuals and companies that could benefit from greater internet security.

Full Story

Miscreants have begun selling a cut-price point and click Facebook rogue application generation tool, designed for script kiddies too clueless to code their own malicious application.

The rogue Facebook app creation tool kit is available is available at just $25, net security firm Websense reports.

The toolkit offers a means to direct surfers towards survey scams, spread malware or act as a tool in furtherance of click-fraud scams, all by following a simple set of instructions. Bogus applications generated via the tool, called Tinie Facebook Viral Application, would offer lures such as the supposed opportunity to check on who has been viewing a Facebook profile.

Full Story

The North Atlantic Treaty Organization and Russia should undertake joint information-warfare exercises so the two countries can better protect critical digital infrastructure, policy wonks at an international group said.

The proposal, which was included in a32-page report released Wednesday by the EastWest Institute, would help the US and Russia achieve mutual goals in much the way that previous collaborations in the International Telecommunication Union (ITU) have, its authors argued.

Full Story

Washington (CNN)-- A computer hacker responsible for creating and operating a massive scam that infected as many as 12 million computers worldwide has been identified and arrested, authorities said Wednesday.

The FBI said in a news statement a 23-year-old Slovene known as "Iserdo" was arrested last week for his role in a cyber scam that stole passwords from websites and financial institutions. Authorities believe the Slovenian citizen is responsible for creating and selling the Mariposa botnet.

Botnets are a network of computers infected with a malicious kind of robot software which allow remote access, often without the owner's knowledge.

Full Story

International Multilateral Partnership Against Cyber Threats (IMPACT) received double honours from (ISC)²’s fourth annual Asia-Pacific Information Security Leadership Achievements (ISLA) Program for its efforts to build capacity against cyber threats among partner countries especially in the developing nations.

Mr. Philip Victor, Director, Training, Skills Development and Outreach, IMPACT has been selected as an Honouree in the Senior Information Security Professional category and the contribution of Mr. Sivanathan Subramaniam, Manager, GRC Profressional Services, IMPACT has been recognised in the Information Security Practitioner category.

The award giving ceremony will take place at the ISLA Gala Dinner and Ceremony on the evening of 26^th July 2010, held at The Ritz-Carlton, Millenia in Singapore.

Full Story

CTO Conference, London on 17-18 June 2010 - A two-day international forum on Cybersecurity- aimed to identify, outline and set in motion effective to crimes that take place in the cyber world. The forum was organised by the Commonwealth Telecommunications Organisation (CTO) in conjunction with the UK Department of Business, Innovation and Skills (BIS) and the UK Cabinet Office of Cyber Security (OCS).

At the conference , ITU Global Cybersecurity Agenda (GCA) - A Framework for International Cooperation in Cybersecurity, Initiative was presented and very much welcomed by CTO participants.

Delivering the key note address, Rt Hon Baroness Pauline Neville-Jones, Minister of State for Security and Counter-Terrorism, spoke of her commitment to tackling the complex issues surrounding cyber security, including Cyber-crime and Cyber-espionage. She also stressed the critical importance of international cooperation by like-minded countries and the vital role of International organisations such as the UN-sponsored Internet Governance Forum, the International Telecommunications Union and the Commonwealth Telecommunications Organisation itself.

Dr Ekwow Spio-Garbrah, the Chief Executive Office of the CTO echoed these sentiments and added that the CTO is always keen to collaborate with sister agencies such as ITU in order to develop the capacity of its members to manage and develop their ICT sectors. ICT enabling governance and society brings along with it associated risks requiring innovative strategies of which Cybersecurity is a key element. That was the primary reason for the CTO to organise this forum and the number of participants and the engagement of organsiations from both public and private sectors justifies the CTO's decision to undertake the organising of such an event.

Full Story

ITU's activities on Cybersecurity can be found here.

The term "cyberwar" has been bandied about in recent years as a catchall term for the hackers stealing credit card numbers or spreading spam, but also much more nefarious schemes such as breaking into a electricity grid. At a recent cybersecurity conference, one Microsoft security executive said we might need global rules on how to fight such threats.

Scott Charney, vice president of Microsoft's Trustworthy Computing Group, spoke at the Worldwide Cybersecurity Summit in Dallas last week and said there needs to be a distinction between cybercriminals merely stealing money and cyberwar, possibly conducted by nation-states, that is aimed at crippling a target in another country, such as a power grid or an oil pipeline. An Associated Press report on the conference, which was picked up by the Seattle Post-Intelligencer newspaper, quotes Charney as saying that international treaties designed to fight cyberwar are difficult to establish because of the murky nature of what "cyberwar" is.

The United Nations last month rejected a Russian proposal for a new cybercrime treaty, leaving in place a 2001 treaty that Russia opposes because it gives foreign governments too much leeway to pursue cybercriminals across borders.

"Lots of times, there's confusion in these treaty negotiations because of lack of clarity about which problems they're trying to solve," Charney said.

In a paper that accompanied his talk, Charney also wrote that if the concern is that countries need to brace for a cybersecurity "Pearl Harbor," that it needs to be made clear on what type of attacks governments can respond. "If the concern is an electronic Pearl Harbor, perhaps part of the response is an electronic `Geneva Convention' that protects the rights of noncombatants."

The notion of an electronic Pearl Harbor has come up before on this blog. I wrote about it after attending the RSA Conference 2010 in San Francisco in March. There a panel of cybersecurity experts warned that a cyberattack could occur that could cripple U.S. infrastructure if we're not prepared for it. Richard Clarke, a national security advisor to the previous three U.S. presidents, also proposed a cyber security treaty, but lumped together criminal cyber attacks and state-sponsored attacks.

Full Story

Purveyors of fake anti-virus or “scareware” programs have aggressively stepped up their game to evade detection by legitimate anti-virus programs, according to new data from Google.

In a report being released today, Google said that between January 2009 and the end of January 2010, its malware detection infrastructure found some 11,000 malicious or hacked Web pages that attempted to foist fake anti-virus on visitors. The search giant discovered that as 2009 wore on, scareware peddlers dramatically increased both the number of unique strains of malware designed to install fake anti-virus as well as the frequency with which they deployed hacked or malicious sites set up to force the software on visitors.

Fake anti-virus attacks use misleading pop-ups and videos to scare users into thinking their computers are infected and offer a free download to scan for malware. The bogus scanning programs then claim to find oodles of infected files, and victims who fall for the ruse often are compelled to register the fake anti-virus software for a fee in order to make the incessant malware warnings disappear. Worse still, fake anti-virus programs frequently are bundled with other malware. What’s more, victims end up handing their credit or debit card information over to the people most likely to defraud them.

Full Story

Wednesday was a busy day at the [U.S.] Federal Communications Commission, with National Broadband Plan related notices on the CableCard , Universal Service Fund , and roaming access issues out the door. Another interesting item was a Notice of Inquiry on whether the agency should launch a voluntary cybersecurity certification program.

In a nutshell, the proposed program's private sector auditors or the FCC would periodically run security evaluations of various telecommunications services. Companies that passed the program's muster could then market their networks as FCC cyber security compliant.

It's not hard to make a pitch for these kind of programs, given all the cybersecurity horror stories. The agency's Notice outlines what's at stake:

But the open-ended questions that the FCC asks in its inquiry suggest that the Commission knows that the case for this kind of project isn't open and shut. Would the program "create a significant incentive for providers to increase the security of their systems and improve their cybersecurity practices?" the NOI asks. And it also wonders if "public knowledge of providers' cybersecurity practices would contribute to broader implementation by industry."

Another question the FCC might want to ask is, should individual government agencies coordinate this kind of activity, or should a broader cross-industry certification program be established? The probe comes in tandem with an inquiry on the survivability of the nation's broadband networks.

Full Story

The US President directed a 60-day, comprehensive, “clean-slate” review to assess U.S. policies and structures for cybersecurity. Cybersecurity policy includes strategy, policy, and standards regarding the security of and operations in cyberspace, and encompasses the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities, including computer network operations, information assurance, law enforcement, diplomacy, military, and intelligence missions as they relate to the security and stability of the global information and communications infrastructure.

The President’s cybersecurity policy official should, working with departments and agencies, strengthen and integrate interagency processes to formulate and coordinate international cybersecurity-related positions. In addition, the Federal government—continuing the long-term history of collaboration with the private sector—should develop a proactive engagement plan for use with international standards bodies. This would include taking stock of current policies and coordinating the development, refinement, or reaffirmation of positions to ensure that the full range of cybersecurity-related economic, national security, public safety, and privacy interests are taken into account.

The US Cyberspace Policy Review can be found here

ITU's activities on Cybersecurity can be found here.

Congress, back this week from spring break, isn't wasting time tackling some key cybersecurity and IT security-related initiatives.

Within the next few weeks, Congressional committees will hold sessions to tackle some of the hottest infosec-related items, including the confirmation hearing on Army Lt. Gen. Keith Alexander to be military cyber commander, markup sessions on bills to fund cybersecurity research and development and realign the National Institute of Standards and Technology's laboratories and a hearing on combating cyber crime and identity theft.

Thursday's Senate Armed Services Committee confirmation hearing comes nearly 10 months after Alexander was nominated by President Obama to be the first military cyber commander. If confirmed, he would retain his current job, director of the National Security Agency, and be promoted to full general. No one is suggesting that Alexander won't be confirmed, but concerns have been raised that having the same officer overseeing the cyber command and NSA poses potential conflicts: Should the top spy also be the general in charge of protecting the computer systems and networks employed to support the nation's warfighters?

Indeed, it's been questions about that dual role that has delayed the confirmation process. As we reported last month, the committee sent a questionnaire to Alexander on March 6 seeking answers about how he would balance the two jobs. Though the NSA is a DoD agency, it works with civilian agencies to secure federal IT, raising additional concerns about potential military involvement in civilian matters. "They are working through some of the hard problems and that is what the reason for the delay is," James Lewis, senior fellow at the Center for International and Strategic Studies and expert on government and military cybersecurity policy, told GovInfoSecurity.com.

Full Story

WASHINGTON, D.C. – Senate Foreign Relations Committee Chairman John Kerry (D-MA) and Senator Kirsten Gillibrand (D-NY) today introduced legislation that will strengthen the ability of the United States to develop a clear and coordinated strategy for international cyberspace and cybersecurity policy. The bill will create the framework for coordinating our efforts with other countries to defend against cyberattacks that threaten our power stations, telecommunications systems and financial markets.

"Just as the physical safety of America is under constant threat from those who would do us harm, we are also engaged in a battle over the control of information in cyberspace and need to build better defenses against potential attacks on our infrastructure," said Chairman Kerry. "We must do everything we can to forestall the possibility of cyberwarfare and create a multilateral framework that will persuade countries to cooperate on pressing cyber issues. This bill is the first step to better organize U.S. efforts to develop a coordinated strategic approach to international cyberspace and cybersecurity issues by designating a single diplomat responsible for U.S. cyber policy overseas."

Full Story

Researchers at RSA have identified the network framework that endows some of the worlds most notorious botnets with always-on connections that are virtually immune from takedowns.

At the network's heart are the servers that shepherd tens of thousands of infected PCs so they continue to send spam, spread malware, and stay updated with the latest bot software. By maintaining multiple conduits between these master control channels and the outside world, malware gangs are able to create highly redundant networks that are extremely difficult for authorities and whitehats to shut down.

Full Story

Full Story

Find out more about ITU's Child Online Protection Initiative

Some 17,000 culture vultures registered to the UK's National Theatre website need to reset their passwords after the site was hacked.

The 20 February attack hit systems storing the logins of 17,000 (or around three per cent) of the 500,000 plus registered with the site. Only email, password, name and contact information was disclosed by the hack. Motives and perpetrators remain unidentified. A spokeswoman emphasised that database systems holding credit and debit card details were not affected by the hack. The NT has sent out email alerts (copy below) to affected customers on Monday apologising for the security snafu.

Full Story

Germany's highest court on Tuesday overturned a law allowing authorities to retain data on telephone calls and e-mail traffic for help in tracking criminal networks.

A law ordering data on calls made from mobile or landline telephones and e-mail exchanges be retained for six months for possible use by criminal authorities violated Germans' constitutional right to private correspondence, the Federal Constitutional Court ruled. In its ruling, the court said the law failed to sufficiently balance the need for personal privacy against that for providing security.

“The disputed instructions neither provided a sufficient level of data security, nor sufficiently limited the possible uses of the data,” the court said.

Full Story

Microsoft has won a court-issued take-down order against scores of domains associated with controlling the spam-spewing Waledac botnet.

The software giant's order allows the temporary cut-off of traffic to 277 Internet domains that form command and control nodes for the network of compromised machines. Infected (zombie) machines are programmed to regularly poll these control points for instructions and spam templates.

The .com domains, registered in China, will be sin-binned by VeriSign, at least temporarily decapitating the network. Microsoft estimates that Waledac was one of the 10 largest botnets in the US and a major distributor of spam for online (unlicensed) pharmacies, knock-off goods and other tat, as explained in a blog posting by its legal team.

"Waledac is estimated to have infected hundreds of thousands of computers around the world and, prior to this action, was believed to have the capacity to send over 1.5 billion spam emails per day. In a recent analysis, Microsoft found that between December 3-21, 2009, approximately 651 million spam emails attributable to Waledac were directed to Hotmail accounts alone, including offers and scams related to online pharmacies, imitation goods, jobs, penny stocks and more."

Full Story

A digital attack against the UK causing even minor damage would have a "catastrophic" effect on public confidence in the government, GCHQ has privately warned Whitehall.

The Cheltenham spy agency's new Cyber Security Operations Centre (CSOC) makes the prediction in a document prepared for Cabinet Office and seen by The Register. Growing reliance on the internet to deliver public services will "quickly reach a point of no return", meaning "any interruption of broadband access becomes intolerable and will have serious impacts on the the economy and public well being", CSOC says.

"A successful cyber attack against public services would have a catastrophic impact on public confidence in the government, even if the actual damage caused by the attack were minimal," it adds.

Full Story

Criminal hackers have penetrated the networks of almost 2,500 companies and government agencies in a coordinated campaign that began 18 months ago and continues to steal email passwords, login credentials, and other sensitive data to this day, a computer security company said.

The infections by a variant of the Zeus botnet began in late 2008 and have turned more than 74,000 PCs into remote spying platforms that have siphoned highly proprietary information out of at least 10 federal agencies and thousands of companies, according to research from NetWitness, a Herndon, Virginia-based network forensics firm. Many of the victims are Fortune 500 firms in the financial, energy, and high technology industries.

Full Story

Computer experts from some 30 organizations worldwide have once again compiled a list of the 25 most dangerous programming errors along with a novel way to prevent them: by drafting contracts that hold developers responsible when bugs creep into applications.

The list for 2010 bears a striking resemblance to last year's list, which was the first time a broad cross section of the world's computer scientists reached formal agreement on the most common programming pitfalls. The effort is designed to shift attention to the underlying mistakes that allow vulnerabilities to happen in the first place.

Full Story

Scams which attempt to trick users into volunteering personal credentials in return for free pornography have moved over onto social networks.

More than nine out of ten (92 per cent) of such adult phishing scams recorded in January took place on social networking sites such as Facebook and Bebo, according to the latest monthly security report from Symantec. Once fraudsters have snaffled personal credentials, surfers are often redirected to sites punting scareware scams rather than smut.

Scareware scams more commonly rely on manipulating search engine results for search terms in the news, such as the death of an athlete practising for the luge event at the winter Olympics. These results are poisoned so that surfers looking for videos of this tragedy (as explained by Sophos here) are instead redirected to anti-virus scan scam portals, which warn of non-existent malware risks in a bid to trick users into buying worthless scamware.

Full Story

The UK government has launched a specialist cyber-enforcement team and allocated extra funding for Trading Standards as part of a campaign designed to clamp down on online scams.

OFT figures suggest online scams claim 3 million UK marks every year and result in losses of £3.5bn. Approaches most often arrive in the form of scam emails. The government is investing £4.3m over three years in a bid to clamp down on this growing source of crime. The money will allow the training and appointment of specialist trading standards enforcers in every region of England and in Scotland and Wales and the establishment of local computer labs.

Full Story

Reported today on BBC:"Police chiefs are urging people looking for work during the recession to be alert to online scams that trick them into laundering money. The Serious Organised Crime Agency (Soca) says websites are currently being used to recruit 'money mules'. The 'mules are ordinary people who send and receive payments through their bank accounts to facilitate business."

Neil Schwartzman has also informed us of a related report by RSA FraudAction Research Lab based on several months of tracking various reshipping scams engineered by online fraudsters.

Full Story