The International Telecommunication Union (ITU) and the European Broadcasting Union (EBU) will jointly organize a Meeting of High-Level Experts on “Competitive Platforms for the Delivery of Digital Content” to identify global trends and to address the new technological and policy challenges in the digital content delivery environment.

ITU Member States, EBU Membership, meeting participants and other interested parties are encouraged to send in their competitive platforms for digital content related contributions to the meeting at digitalcontent@itu.int

Click here to see the meeting agenda.

Onlline registration is available here.

Information about this meeting can be found here.

A recent article in ComputerWorld Australia reports that a common e-crime reporting format to electronically report fraudulent activities will be fully operational in Australia by July, 2007.

In an interview with with Anti-Phishing Working Group (APWG) Secretary-General, the need for a structured data model to improve incident reporting, share information and allow forensic searches and investigations was highlighted. Secreatry-General Cassidy said that "the first base specification was submitted in June 2005 and the Incident Object Description Exchange Format (IODEF) XML Schema with e-crime relevant extensions will be a recognized IETF standard in about six weeks." This will futhermore be automated with greater ease using a standard schema. He also gave an example to show how it is planned to work:  an Asian country CERT (Computer Emergency Response Team) reporting an incident can send it to a European bank, which then can treat the specific request . 

The Anti-Phishing Working Group (APWG) is currently talking to ISPs to increase phishing data from the field. Cassidy continues, "Reporting is improving. The average time live for a phishing site is now four days: we should be able to reduce this to a single day. We want to make it harder for organized crime by frustrating them and pulling down the sites as quickly as possible. "We don't want it to be easy for them to make a profit so they have to return to old standbys like extortion and drugs."

Cassidy estimates there are upwards of 50 full-time phishing gangs operating worldwide at any given time. While four days may seem a long time the average was well over a week when the working group was first established. He said it can depend on reaching the right person within an organization. "We have ISPs that can bring down sites in minutes but there are some organizations that have an approval process that has to be cleared by three levels of management; even after 20 faxes and two weeks later nothing is done". "Some organizations just aren't interested".

Access the full ComputerWorld article here.

Wired News in an article reports on the recent Anti-Phishing Working Group's Counter e-Crime Operations Summit which took place in San Francisco, United States. The meeting gathered internet-crime fighters from security companies, law enforcement agencies, banks and e-commerce sites to confer on new tactics in the war on cybercrime. "And while nearly everyone agreed the internet has become an infected and dangerous breeding ground for malware and scams, no one could quite agree on what do."

Proposed solutions included:

• the online fraud problem had become so bad due to the neglect of ISPs, users and private corporations alike that the only recourse was to build government-funded free clinics for infected computers;
• the botnet threat requires some top-down authority to fix the problem, the current remediation model which mostly involves running from one computer to another installing patches cannot keep up with attackers that are now better organized and better funded than the security community;
• the increased use of ingress filtering that prevents one computer from successfully spoofing the internet IP address of another (to be widely adopted by ISPs and router manufacturers);
• etc. see the Anti-Phishing Working Group's Counter e-Crime Operations Summit for further information.

Service providers and everyday users were singled out by meeting panelists and audience members for not taking enough responsibility. Attendees slammed ISPs for not searching for rogue computers on their network or shutting off internet access to compromised PCs reported to them by security companies, charging that ISPs were endangering the internet to avoid support calls from cut off customers.

Is was stated that users don't care about security because the rogue zombie software often only uses minimal computing power, making the background spam-spouting code not their problem. A few audience members argued seriously that computer users should have to take a test to get an internet license, maintain botnet insurance and have their machines inspected for information-super highway worthiness. Others countered that individuals shouldn't have to know how to secure their own computers, the machines should simply be more inherently secure.

In the article a senior researcher for security company RSA, told Wired News that "none of those solutions would work, because new technical specifications for a security score would take years, and the other proposals wouldn't have the international reach needed to make a dent in the global internet infosphere." "The solution? Money. Governments need to provide rewards to ISPs for taking down botnets, the researcher explains."Governments are the only body with money and the incentive to take down botnets. If you are looking at either a carrot or stick approach, I would go carrot. If you are paying ISPs to get rid of the botnets, then it's international. Everyone wants to make money."

Read the full Wired News article here.

MSNBC news reports in a recent article that a new mutation of the old phishing scam surfaced. Like thousands of previous phishing e-mails, this bogus bank notice asks for your personal information. But in a strange and novel twist, it tries to turn your own phone against you.

In an e-mail message from a bank you see text like: "During our regular update and verification we could not verify your current phone number". You are told to confirm your phone number right away or your account will be suspended indefinitely.Then you’re instructed to forward your phone to the number provided. It’s supposedly the phone number for the bank’s security department. "The bank will verify your phone number and will disable call forward within 20 minutes," the e-mail says. However, this e-mail is not from the bank, and the number does not go to their security department. It’s a Skype number that goes straight to the identity thieves who can be anywhere in the world.

If this new approach works, we are likely to see similar messages pretending to be from other financial institutions asking people to forward their phone number. "After an identity thief steals your credit card number, he needs a way to make money with it. He can charge things or sell the number for others to use. In either case, once the charges start piling up on your account, the bank’s computers are likely to flag these abnormal or out of profile transactions and alert the fraud department."

The Anti-Phishing Working Group, a consortium of hundreds of banks, e-tailers, technology companies and government agencies, warns that a growing number of phishing attacks are being designed to steal your personal information by downloading crime-ware onto your computer. They do that when you click the link that’s embedded in the phisher’s e-mail message, the one that’s supposed to take you to the financial institution’s Web site.

For tips on how to protect yourself, and for more information on this new scam, read the full MSNBC article.

Apple has announced that it will launch its new iPhone on 29 June in the United States. The device combines the functionality of a mobile phone with a personal digital assistant and will sell for USD 499 or USD 599, depending on how it is configured. A launch date for Europe and the rest of the world has not been announced.

One of the most interesting features of the iPhone phone is its entirely touch-sensitive interface. Though it has been much anticipated, Apple has come under fire for signing an exclusive deal with AT&T, whereby only AT&T subscribers can use the iPhone. The product was announced last January at MacWorld in San Francisco by the firm's chief executive Steve Jobs.

See the BBC News story here. The presentation by Steve Jobs at MacWorld in January 2007 here (video).

The European Association for the Co-ordination of Consumer Representation in Standardisation (ANEC) held its General Assembly on 1 June 2007 in Brussels. For the first time, the group considered issues relating to RFID and digital identity, and in particular the impact that these technologies may have on consumer interests. ITU's Lara Srivastava spoke at the assembly, emphasizing the need for a better understanding of the wide-reaching implications of RFID and the development of global solutions to the digital identity problem. Her presentation is available here.

By the start of 2007, some 79 economies around the world had launched commercial services for "mobile broadband", or cellular mobile services offering speeds of 256 kbit/s or more, with 18 of these economies launching during 2006. Popularly referred to as third-generation (3G) mobile, there are now more 100 million users worldwide that are able to use their mobile phones at broadband speeds. Across the world, there are two main technologies in operation: CDMA 1x EV-DO (which is used in 30 economies, mainly in the Americas and Europe) and W-CDMA (which is used in almost 50 economies, and is particularly popular in Europe). Around half of the economies using W-CDMA have now also launched High Speed Downlink Packet Access (HSDPA) which offers much faster speeds, up to 14.4 Mbit/s.

The new figures were announced by ITU iand UNCTAD n the second edition of the annual "World Information Society Report", which was launched on May 16 2007. The full text of the report is available online at www.itu.int/wisr. The report tracks progress in narrowing the digital divide and implementing the commitments made at the World Summit on the Information Society (WSIS).

EMI has joined the other three major music companies in letting YouTube users play with its music videos, allowing people to get clips by the likes of David Bowie, Norah Jones and Coldplay from the Google-owned site and edit them into their own videos.

London-based EMI Group, the third-largest music company, said Thursday it signed a deal with Google, the last of the four major record companies to be convinced that YouTube's technology would be sufficient to prevent rampant infringement by users. EMI and YouTube said they are still working on developing business models to generate revenue, particularly with regards to new areas such as allowing users to create 'mash-up' videos that include their own content alongside EMI music and clips. "With this deal, all four of the world's major music companies are now official YouTube partners," Chad Hurley, chief executive and co-founder of YouTube, said in a statement. The agreement follows copyright lawsuits filed by media companies that accused YouTube of allowing its users to pirate their programs on the popular video-sharing site.

See the rest of the story on CNN.com here.

Robert Alan Soloway, 27, was indicted this week by a US federal grand jury on 35 counts that include mail fraud, wire fraud, fraud in connection with electronic mail, aggravated identity theft and money laundering. Accused of being one of the Internet's most notorious spammers, he is currently being held without bail.

Soloway is the first spammer in the nation to be charged with aggravated identity theft under the CAN-SPAM Act of 2003.

See the Reuters story here.  

The Internet Engineering Task Force (IETF) recently gave its preliminary approval to a powerful technology designed to detect and block fake e-mail messages. It's called DomainKeys Identified Mail (DKIM), and it promises to give Internet users to identify and stop the seemingly endless flow of fraudulent junk e-mail by providing a method for validating an identity that is associated with a message, during the time it is transferred over the Internet. That identity then can then be held accountable for the message.

The draft standard that the Internet Engineering Task Force adopted is a promising solution because it harnesses the power of cryptographically secure digital signatures to thwart online miscreants.

Read the full article on CNET News.

The Internet Society of New Zealand (InternetNZ) has recently released the ISP Spam Code of Practice for public consultation. The Code is posted on the InternetNZ website. Four weeks have been allowed for comment to be received, with a deadline of 18 June 2007.

The Code has been prepared by a working group comprising representatives of the Telecommunications Carriers’ Forum, the Marketing Association, and InternetNZ. According to the website, InternetNZ executive director Keith Davidson says the preparation of the Code is an excellent example of how the industry is working together to fight a common enemy. "Spam is clogging up our inboxes, soaking up our bandwidth, and providing vectors for scams and malware." "The ISP Spam Code of Practice recognises that Service Providers can assist in the minimisation of Spam through their technical approach, by being a first port of call for information and complaints from internet users, and by working with law enforcement agencies."

The ISP Spam Code of Practice is complementary to the New Zealand government’s Unsolicited Electronic Messages Act in that it outlines the responsibilities of ISPs under a self-regulatory model. This was anticipated in the passing of the Act. It is planned that the Code will go live on the same date as the Act of 5 September 2007. It is also complementary to the Marketing Association’s Code of Practice for Direct Marketing, the TCF’s SMS Ant-Spam Code and the TCF’s Customer Complaints Code.

See the Internet Society of New Zealand website for further details.

Under the aegis of the Shaping Tomorrow’s Networks Initiative and in line with the stated objectives of the WSIS Geneva Declaration of Principles (December 2003), which affirms “…the common desire and commitment to build a people-centred, inclusive and development-oriented Information Society, where everyone can create, access, utilize and share information and knowledge, enabling individuals, communities and peoples to achieve their full potential in promoting their sustainable development and improving their quality of life…” the International Telecommunication Union (ITU) and the European Broadcasting Union (EBU) will jointly organize a Meeting of High-Level Experts on “Competitive Platforms for the Delivery of Digital Content” to identify global trends and to address the new technological and policy challenges in the digital content delivery environment.

ITU Member States, EBU Membership, meeting participants and other interested parties are encouraged to send in their competitive platforms for digital content related contributions to the meeting at digitalcontent@itu.int 

To register for the upcoming ITU/EBU Meeting of High-Level Experts on Competitive Platforms for the Delivery of Digital Content, please click here or contact Ms. Cristina Bueti at digitalcontent@itu.int

More information about this meeting is available here.

As part of its mandate given by the World Summit on the Information Society to build confidence in the use of ICT, ITU announces an ambitious two-year plan to curb cybercrime. The announcement was made by ITU Secretary-General Dr Hamadoun Touré at a ceremony to present the 2007 ITU World Information Society Award.

Cybercrime takes several forms, from breaching network security, financial fraud, invasion of privacy and identity theft to virus attacks, spam or online child pornography. With schools, hospitals, and government organizations increasingly dependant on online services, the vulnerability of the system and everyone connected to it becomes frighteningly apparent. As we are only as secure as the weakest link, a global concerted response is needed to ensure there are no safe havens for cybercriminals.

Against this background, ITU Secretary-General Dr Hamadoun Touré set out a comprehensive Global Cybersecurity Agenda to tackle the issue within a framework of international cooperation. "With more than one billion Internet users in the world today, not only is the number of crimes committed in cyberspace increasing at an alarming rate, but the sophistication in the way these crimes are committed keeps evolving," Dr Touré said.

The goal of the Agenda is to foster a common understanding of the importance of cybersecurity and bring together all relevant stakeholders (governments, intergovernmental organizations, the private sector, and civil society) to work on concrete solutions to deal with cybercrime. This is all the more important as criminals use weaknesses wherever they can be found and leverage them internationally. While there are a number of existing frameworks, they are enforceable only within geographical boundaries, either national or regional, thus leaving room for criminals to use loopholes to their advantage and in almost total impunity as they shift their operations to countries where appropriate and enforceable laws are not yet in place. It is vital to work on bringing together these initiatives within a framework of international cooperation and focus on solutions that leverage the broad range of existing expertise and initiatives in order to avoid duplication and make real progress in building confidence and security in the use of ICT.

"Today, the loss is estimated to run into several billion dollars, both from fraud on the Internet and from costs related to fixing networks that have suffered cyberattacks. But with children, students, and senior citizens communicating by Internet or mobile phone, tomorrow’s losses can be devastating. Just one word change on a patient’s medical file in a hospital could kill that patient, and hackers who can thwart sophisticated banking systems have no trouble breaking into a hospital’s network," said Dr Hamadoun Touré, ITU Secretary-General. This is becoming a major concern for public authorities.

The Global Cybersecurity Agenda, which will have a two-year timetable, rests on five pillars:

The 2nd WSIS Action Line C5 Facilitation Meeting, dedicated to building confidence and security in the use of ICTs, was held 14-15 May 2007 at ITU Headquarters in Geneva, Switzerland. The meeting was open to all stakeholders and held in conjunction with a cluster of events 14-25 May surrounding World Telecommunication and Information Society Day (May 17th).

Full documentation for the meeting, including the final agenda, all presentations, meeting contributions, audio archives, is available on the event website.

Enquiries related to the event or generally with regards to ITU cybersecurity activities can be directed to cybersecurity@itu.int.

ITU and UNCTAD are delighted to announce the publication of the World Information Society Report 2007, published on 16 May 2007. The Report seeks to benchmark progress in meeting the WSIS targets, to be achieved by 2015 at the latest, and evaluates the evolution of the digital divide. It presents 200 pages of analysis of the latest trends in ICTs, exploring whether consumers are 'cutting the cord', the death of dial-up and growth in broadband and 3G. It evaluates the digital divide using a variety of techniques and finds that the strong growth of mobile telephony offers the greatest potential to bridge the digital divide.

Using the methodologies endorsed by the World Summit on the Information Society, it finds strong growth in digital opportunity around the world. Asian and European countries continue to lead in digital opportunity, but there are shining examples of strong progress in the take-up of ICTs in Africa - five of the ten top gainers in digital opportunity are African economies. Last year's World Information Society Report benchmarked the gender divide and regional divides. This year's Report uses the Digital Opportunity Index to benchmark gaps in access and use of ICTs by different age groups in the age divide in Singapore.

Growth of the Information Society is not without risks, however, and online security threats remain a cause for concern, however. Building confidence and security in the use of ICTs was a key aim of WSIS, and the report examines the evolution in cyberthreats, including spam, spyware, botnets, identity theft, breaches of privacy and other risks associated with online transactions.

The Report also examines national strategies that various countries have adopted to promote growth in ICT development, illustrating these with reference to a wealth of country case studies. It presents examples of successful projects promoting WSIS implementation around the world. The Report combines theory with authoritative analysis from the ITU and UNCTAD and country examples from around the world. It is due to be presented to the UN Commission on Science and Technology for Development, holding its Tenth Panel Meeting in Geneva next week to discuss progress in WSIS implementation.

For more information, please see here. Articles will follow all next week, to highlight different aspects of the Report.

The Chinese news Agency Xinhua has reported that, in the early hours of Monday, 14 May 2007, China launched a communications satellite for Nigeria, the first of its kind in Africa and the first time a foreign buyer has purchased both a satellite and its launching service, as part of a US$ 311 million deal.

The launch heralds a new era in Sino-African relations, and was attended by the Nigerian Minister of Science and Technology with other high-ranking officials and broadcast live by the Nigeria Television Authority.

Experts say that the satellite program will revolutionize telecommunications, broadcasting and broadband multimedia services in Africa. It is projected that it should create more than 150,000 jobs for Nigerians, save broadband users more than 95 million U.S. dollars a year, as well as providing Internet access to remote rural villages, and save more than 660 million U.S. dollars in phone call charges, Xinhua reports. The satellite has a lifespan of 15 years.

The satellite is one of around thirty foreign satellites that China has been commissioned to launch. For more information, please see here.

The Guardian (United Kingdom) reports that Europe's $4.9 billion satellite navigation system is in deep crisis and will require more public funds to get back on track, according to the European Union.

The Galileo project - Europe's rival to the U.S. Global Positioning System, or GPS - has already seen major delays because the eight companies in the consortium are arguing over how to divide the workload. The consortium of companies from France, Germany, Spain, Britain and Italy had been given until 10 May 2007 to set up a joint legal entity to run the project or risk losing control of it. But German Transport Minister Wolfgang Tiefensee, speaking on behalf of the EU, said he had "little hope left" the consortium will end the infighting in time.

Like GPS, Galileo is envisioned to be a network of satellites orbiting Earth that will beam radio signals to receiving devices on the ground, helping users pinpoint their locations.

See more on this story in The Guardian.

A United States House of Representatives subcommittee approved a bill on spyware this week, which recommends up to five years in prison for convicted distributors of malicious spyware.

Past versions of the Internet Spyware Prevention Act have failed to pass a vote in the United States Senate. Observers have pointed out, however, that the increasing militancy among users fed up with unwanted software intrusion may make this latest attempt more successful. And there is a lot at stake. Creating trust in the internet will ensure its future development. More on this story is available here.

The ITU is taking a leading role in cybersecurity initiatives, particularly in light of calls for global action made at the World Summit on the Information Society. More information on ITU's work in this area is available here.

The charity Save the Children has conducted a survey of primary teachers, in response to growing concerns that the combination of modern life, digital toys and networks, junk food and so on, is having a negative effect on childhood.

According to teachers, children are struggling to make friends at school because they spend too long playing computer games and listening to MP3 players, More than 70 per cent of teachers said that increased use of games consoles, mobile phones, the internet and MP3 players has harmed children's ability to interact with their peers.

A third said that, since they started teaching, they had seen an increase in the number of pupils who struggle to make friends and more children who stand alone in the playground or classroom. An increase in "solitary pastimes" has damaged children's social skills and fuelled feelings of loneliness among a generation of young people, they say.

See more on this story in the Telegraph (UK).

Our changing “digital life” was the subject of a recent report by the ITU available here.

Linden Lab, the creators of Second Life (SL), a booming virtual world hailed by many as the first step toward an immersive 3-D internet, attempted yesterday to calm angry residents who have petitioned for them to fix technical bugs that have been affecting the performance of their world.

The cyber-residents  claim that Second Life is growing so fast that it's straining Linden Lab's resources to the limit, including its developers' ability to fix old bugs and roll out new software versions that don't introduce new problems.

A town-hall meeting was held on 3 May 2007 inside Second Life. At the meeting, the company asked for patience. Ondrejka, CTO at Linden Lab, insisted that conditions will improve if Linden Lab developers and Second Life residents can work together to ride out the current hiccups: "Patience obviously helps, but more than that, please help the community build the pieces it needs to make Second Life a better place," he told the audience. "If you are a programmer ... come work for us. If you have bugs and can reproduce them, add them into our public JIRA [Linden Lab's bug-tracking system]. As Bill and Ted would say, be excellent to each other."

See more on this story from MIT's Technology Review here. 

The issue of social networking, virtual worlds, and digital identity was explored in the 2006 ITU Internet Report entitled "digital.life".

According to a recent article in the United Kingdom's The Register, distributed denial of service (DDoS) attacks are falling out of favour with black hat hackers because using compromised machines to send spam is a more lucrative, and less risky, way of making money illicitly.

"Networks of compromised PCs can be used for purposes including relaying junk mail or flooding targeted websites with spurious traffic. Security firm Symantec reckons the noticeable fall in denial of service attacks it witnessed in the second half of 2006 is down to the growing difficulty in launching such attacks, and getting victims to pay up even if these assaults are successful. Stealthier misuse of compromised PCs, such as sending spam", poses far less risk, the security firm argues."

"Symantec recorded an average of 5,213 denial of service (DoS) attacks per day in the second half of 2006, down from 6,110 in the first half of last year. The United States was the target of most DoS attacks accounting for 52 per cent of the worldwide total."

"DoS attacks are loud and risky. Whenever a bot-network owner carries out a denial of service attack they run the risk of losing some of their bots. This could happen either because an attacking computer is identified and disinfected, or if it is simply blocked by its ISP from accessing the network," a Symantec researcher notes in a posting to Symantec's Security Response Weblog.

Furthermore was mentioned that "up-front costs in setting up a botnet before any hope of payment, as well as the possible loss of an entire bot network if a command and control server is identified, also act as a deterrent. It is likely that bot network owners are now moving away from DoS extortion and towards more lucrative ventures like spam. Not surprisingly, we saw a noted increase in spam volumes in the last six months of 2006", the researcher continued.

Read the full article in The Register here.

Orange UK has followed other major UK operators in simplifying its data charging tariffs.

Unmetered data access is now available, even to those on pre-paid contracts.

However, the operator has stated that the service constitutes a "browsing service" rather than "internet access", which means that it leaves room for blocking any services it does not like.

Unlike Vodafone, Orange seems to accept the impossibility of enforcing restrictions. Nonetheless, the operator says: "We would discourage any customer from using VoIP through the mobile internet due to the quality of service they may experience. We are looking to launch our own high quality IM service in the next few months which will deliver a far superior customer experience to currently available services. Our terms and conditions will state that the bundle should not be used for these services."

See the full story in The Register here.

See also the ITU New Initiatives Workshop on the Future of Voice (January 2007)

According to a recent Press Realease by The Infocomm Development Authority of Singapore (IDA), Singapore is already looking into a new five-year infocomm security roadmap (2008-2012) as it embarks on the final year of the current three-year Infocomm Security Masterplan (2005-2008). The Infocomm Security Masterplan was launched on 22 February 2005 as a strategic roadmap to chart Singapore's national efforts in developing capabilities to prevent cyber-security incidents and protect the critical infrastructure from cyber-threats. According to Dr. Vivian Balakrishnan, Second Minister for Information, Communications and the Arts, Singapore "cannot afford to be complacent, especially with new and dangerous threats evolving and growing at such an alarming rate. Instead of simply taking one step forward, we need to be many steps ahead in our efforts to combat cyber threats."

Providing a glimpse of the new five-year Masterplan to be launched in 2008, Dr. Balakrishnan shared that the new infocomm security roadmap will build on Singapore's existing efforts to focus on more international collaborations to improve Singapore's ability to combat cyber threats. The collaborations will look into knowledge exchanges and regular communication between governments on cyber threat trends and protection of critical infrastructure. When launched in 2008, the new security roadmap will also secure Singapore's ultra high-speed and pervasive Next Generation National Infocomm Infrastructure (NGNII) to provide a secure and trusted environment for the creation of new value-added services such as location-based marketing, goods tracking and localised information services and the pervasive adoption of online services such as those in the area of banking, healthcare and education.

Under the current Masterplan, the government has developed various security initiatives to equip public officers with more timely information and knowledge to assess and improve on their cyber defence. This allows them to better protect, detect and respond to cyber threats. An example is the Cyber-WatchCentre which monitors cyber threats real-time and round-the-clock. By mid 2008, the centre will ensure end-to-end security for all public officers, allowing government agencies to better anticipate cyber attacks and respond to them speedily.

For more information on these inititiatives, view the IDA Press Release.