European court clears injunction, washes hands of hacker case.

The European Court of Human Rights has refused to intervene in preventing the US extradition of accused Pentagon hacker Gary McKinnon.

The ruling by the seven judge court, made Thursday, kills off McKinnon's last hope to avoid extradition to the US to face charges of hacking into US military and NASA systems, following the rejection of his appeal by the House of Lords last month.

McKinnon's lawyers appealed to the court on the grounds that his condition of detention if extradited and convicted in the US would be degrading. However, the court decided on Thursday not to allow the case to proceed, clearing an injunction that prevented McKinnon's extradition.

Read Full Story

A group of software and online payment companies are teaming up to find a better way than passwords to protect, and prove, your identity online.

Problems with passwords are well known - people require ever more passwords which means they either get forgotten, or people use the same word for several different services which is a security risk. The new group will seek to find open standards to make it easier to prove your identity online without using dozens of passwords and usernames.

Equifax, Google, Microsoft, Novell, Oracle and PayPal will work together to create "Information Cards" - online cards like those in your wallet. Different cards can contain different levels of information and can be used to log in to different websites instead of using a username and password. Some may contain just a user name and password, others address information.

Other information - such as whether or not the browser is over 21 years old - could also be verified by the website by sending a query to the independent third party. In theory this should be safer - your information will not have to be stored by several different websites.

The group hopes to extend its reach beyond consumers to identifying users of enterprise networks too.

The Information Card Foundation has applied be a working group of Identity Commons which is also trying to create an open, independent identity layer for the internet.

The difficulty for such groups is convincing the market that it is truly independent, and not just promoting the agenda of its most powerful members.

Read Full Story

The Internet has created borderless societies worldwide changing how information is shared, said the Department of Communications in a statement on Tuesday. H.E. Minister of Communications Dr Ivy Matsepe-Casaburri added that there was a need to protect and empower consumers online by ensuring secured online transactions.

In South Africa, the Electronic Communications and Transactions Act provided for the appointment of cyber inspectors, but "there is a need for building a culture of security in the face of rapid technological and socioeconomic changes and illiteracy levels particularly in developing countries is urgent," she added.

At international level, initiatives such as the ITU's High Level Expert Group aimed to develop strategies and guidance to countries in dealing with cybercrime. International Multilateral Partnership Against Cyber-Terrorism would contribute to forging partnerships and collaborations geared towards combating cyber crime, thus building confidence in the use of Internet. The outcomes would assist countries to draft their legislative framework and to develop strategies to address the challenges of cyber threats and cybercrime.

Read full story

More information about the ITU's High level Expert Group of the Global Cybersceurity Agenda can be found here

Seven Nato nations have backed a new cyber defence centre in Estonia, which last year blamed Russia for weeks of attacks on its internet structure.

Germany, Slovakia, Latvia, Lithuania, Italy and Spain will staff and fund the hub in the Estonian capital Tallinn.

Estonia came under cyber attack in 2007 after its decision to remove the bronze statue of a Red Army soldier from the centre of Tallinn.

Moscow denied involvement in the flood of data which crashed computers.

"We have seen in Estonia that a cyber attack can swiftly become an issue of national security," Nato spokesman James Appathurai said after a signing ceremony in Brussels.

"Cyber attacks can cripple societies."

The US will initially send an observer to the project, which will have some 30 staff when fully operational in August.

The centre will provide research, consultation and training on the development of cyber defences for participating national governments.

Read Story

As the global concern for cyber crime is upbeat, the need for cyber security in the country against the backdrop of the identification of Nigeria as the weakest link in the battle against such crime is the thrust of this discourse. How many fraudulent unsolicited mails do you receive daily? While for some it's just a few, for others, the mails come in torrents with some defying all logic.

That the obvious reason behind these mails is a ploy to defraud unsuspecting Nigerians does not make it any better. Welcome to the world of scammers who have perfected their game in the battle to fleece people off their hard earned money. Is the issue just tied to monetary acts alone? Recent events have shown that the world of cyber crime goes beyond raiding the treasure chest of people through Yahoo zee moves as the cyber crime is called in Nigeria, but has crossed the line into real growing concern that has the propensity to impact negatively on a nation's security base and economy.

Read full story

The argument of the seriousness of a cyber war on terror is still raging. However, the threats remain real and will likely continue. There are many new considerations which must be realized for the future to stop the impending war on cyber terrorism. The war on cyber terror is one that the world has never encountered before. Old technology and old defenses are obsolete.

The technology industry is rapidly changing and changing with it are the methods used by cyber terrorists. Prevention techniques must be dynamic and change as quickly as the technology does. The old computer security models, data processing, and auditing in use today are outdated. Cyber Terrorism is more difficult than other forms of terrorism. In the case of cyber terrorism, if the terrorist fails, he does not die. He can learn from his mistakes and ensure the success of his deeds in the future.

One of the unexpected problems that cyber terrorism has created is that the fear of an attack could possibly lead Americans to give up rights they would not normally relinquish. For example, the fact that many of the terrorists use cryptography in their communications is not a reason to ban this technology per se.

Read full story

A concerted international effort could see the end of websites that profit by selling images of child sex abuse, a leading action group has said.

The UK's Internet Watch Foundation conducted research to identify how many sites trade such images and concluded there are 2,755 such sites worldwide.

Of these, 80% are judged to be fully commercial operations.

The IWF said this "manageable" number could be eliminated if net firms, governments and police worked together.

Read Full Story

By Darren Waters Technology editor, BBC News website

More than a quarter of eight to 11-year-olds in the UK have a profile on a social network, research shows.

Most sites, such as Bebo, MySpace and Facebook, set a minimum age of between 13 and 14 to create a profile but none actively enforce the age requirement.

Almost half of all eight to 17-year-olds online have a profile, regulator Ofcom found in a survey of 5,000 adults and over 3,000 children.

Ofcom says parents need to learn more about their children's online lives.

The Ofcom report looks into the impact of social networks on people's lives in the UK as part of a wider media literacy campaign and surveyed 5,000 adults and more than 3,000 children.

"Social networks are clearly a very important part of people's lives and are having an impact on how people live their lives," said James Thickett, director of market research at Ofcom.

He added: "Children's lives are very different from what they were 20 years ago. Social networks are a way of creating a social bond."

The Home Office has been working with social networking firms and is expected to publish a set of guidelines for the sites around best practice, security and privacy on Friday.

The report is expected to recommend that profiles created by children are set to private by default, or are only viewable by friends nominated by the user.

The three leading social networks, MySpace, Bebo and Facebook, all say they remove profiles of users that are found to be too young on their sites.

But at present no technology is used to actively verify the age of users.

The Home Office guidelines are set to encourage social networking sites to investigate age verification technologies and to give better signposting to users about privacy settings, and warnings about the implications of posting personal details.

A spokesman for MySpace said the firm "proactively ensures that profiles of 14 and 15-year-olds are automatically made private so that users are protected from adults they don't already know in the offline world".

The company said in the future all of its users under 18 would have profiles set automatically to private.

Read Full Story

Two groups working separately to boost Europe's defenses against online crime will present proposals this week, almost a year after most of the nation of Estonia's links to the Internet were disrupted for days or weeks.

At a two-day conference starting Tuesday in Strasbourg, France, the Council of Europe will to review implementation of the international Convention on Cybercrime and discuss ways to improve international cooperation.

Read full story

In this excerpt from Infrastructure Protection in the Ancient World, two CSOs argue that we still need to heed the security lessons that Romans learned 2,000 years ago.

Read full story

Read full article 

The era of computer began with the analytical engine of Charles Babbage. But with the latest increase and advancement in technology, modern computer started consisting of integrated circuits and microprocessors. Technology is changing like seasons, every year new technology gets introduced. One such technology is the Internet - world’s largest database of any information whether its science, commerce, art or anything for which information can be collected.

So we can say that the Internet is the biggest library in the world. Life is a mix of good and bad. The same is true about the Internet. This world of Internet is filled with Trojan horses and viruses to cyber stalking, trademark counterfeiting and cyber terrorism, email fraud, defamation etc, all this without the police control over the Internet unlike the conventional societies. No policemen can patrol the Internet to search for the cyber criminals.

Read full story

India and Vietnam on Monday, 24 March 2008 signed a Memorandum of Understanding (MoU) for bilateral cooperation on security matters which would include international terrorism, illicit drug trafficking and trans-national crime. The MOU was signed following delegation-level talks between the Union Home Minister, Shivraj Patil and the visiting Vietnamese Minister for Public Security, General Le Hong Anh.

Read full story

The EDUCAUSE/Internet Security Task Force provided a briefing to the CSIS Commission on Cyber Security for the 44th Presidency on March 12, 2008, during the event "Improving Cybersecurity: Recommendations from Private Sector Experts". A 1-page summary of the briefing is available, as well as the complete transcript.

Read full story

Governments need to do more than just protect themselves against cyber attacks, says Bill Thompson. In common with other administrations the UK government is concerned about the security of the realm and its ability to cope with natural disasters, foreign aggression and terrorism.

Over the years the importance of computer systems, networks and of course the internet have become apparent even at the highest level of the administration. So it is unsurprising that the National Security Strategy announced by the Prime Minister last week contains a number of references to the network and to the growing fear of what it calls "cyber-attack".

The strategy notes that "the internet is itself a trans-national, fast-changing and loosely-governed entity, but is also part of our critical national infrastructure" before stating the obvious by pointing out that "it is both a target and an opportunity for hostile states, terrorists and criminals".

Read full story

Read full story

As per the information tracked by, and reported to Indian Computer Emergency Response Team (CERT-In), Department of Information Technology, a number of Government websites have been hacked during the period January, 2005 to February, 2008; of which one pertained to a defence related pay office in January, 2006.

The websites hacked included those belonging to Ministry of Railways, Air Cargo Customs (Mumbai), Forward markets Commission, National Institute of Health and Family Welfare, National Institute of Social Defence, Department of Administrative Reforms and Public Grievances, Wireless Planning & Coordination Wing, Bharat Sanchar Nigam Limited, Telecom Regulatory Authority of India, Department of Information Technology and Anthropological Survey of India.

The websites were hacked by exploiting technical vulnerabilities in the operating systems, web server, database software and application software.

Read full story

Read full story

The centre must take some effort to streamline Indian cyber laws so that the laws are strong. Although the government has proposed some amendments to the Information Technology Act, 2000 they have not yet become part of the law.

Read full story

The head of the world's largest police organization, Interpol, says he is satisfied with China's security preparations for the Beijing Olympics. He was speaking at Interpol's Asian Regional Conference in Hong Kong, where senior law enforcement officials from across Asia discuss ways to strengthen cooperation in combating crime - ranging from sex attacks on children to cyber crime.

Read full story

Former US DARPA Director Stephen Lukasik, Dr. Sy Goodman , Professor of International Affairs and Computing at the Georgia Institute of Technology and Dr. Anthony Rutkoswki, VeriSign, VP for Regulatory Affairs and Standards undertook multiple briefings to US Congress staff and congressmen dealing with the subjects of cybersecurity and infrastructure protection - under the auspices of the American Association for the Advancement of Science (AAAS).

Dr. Lukasik is especially noted for his authorization and support for Internet development in the 1970s, establishing US domestic policies as the FCC's Chief Scientist, and as leader of efforts in the 1990s to bring about cybersecurity capabilities.

In addition to his multiple Georgia Tech security roles, Dr. Goodman spoke as Chair of the National Academy of Science Committee on Improving Cybersecurity Research in the U.S.

Dr. Rutkoswki treated important new developments occurring in the ITU-T concerning the subject of service provider identity and known as Trusted SPID. Trusted SPID - which emerged as a roadmap from the Seoul ITU-T meetings - may well be the most significant and essential cybersecurity development in a decade. The value proposition is simple and long a part of the ITU's role - institute trust in the network infrastructure and services by providing a global means of knowing basic identity information about the providers who comprise those infrastructures and services.

Dr. Goodman and Dr. Rutkoswki are members of the High-Level Experts Group for the Global Cybersecurity Agenda.

Related Links:

Dr. Seymour Goodman’s Presentation

Dr. Anthony Rutkoswki's Presentation

Dr. Stephen Lukasik's Presentation 

More information about the ITU Global Cybersecurity Agenda can be found here or by contacting Ms. Cristina Bueti at gca@itu.int

UNCTAD Information Economy Report 2007-2008, Science and technology for development: the new paradigm of ICT, Chapter 8, Harmonizing Cyber Legislation  at  the Regional Level: The Case of ASEAN.

More information can be found here.

NATO is to start building its own security software to protect against the kind of attacks that had Estonia's national infrastructure on its knees last summer.

Read full story

Read full story

A new site lets users create profiles for the different sides of their personality.

Online social networks have allowed people to easily stay in touch with large groups of friends, but the flip side has been well publicized. Some users have struggled over what to do when certain people--such as a boss or an ex-boyfriend--ask to be listed as a friend on their profile.

Adding someone as a friend gives him access to the user's profile, photos, and daily musings. Worries about privacy were renewed recently when Facebook's Beacon advertising initiative began broadcasting information about users' purchasing habits throughout its networks. Now Moli, a recently launched social-networking site, aims to win over concerned users.

Read full story