Using Microsoft, Russia Suppresses Dissent
Clifford J. Levy writes on The New York Times:
It was late one afternoon in January when a squad of plainclothes police officers arrived at the headquarters of a prominent environmental group here. They brushed past the staff with barely a word and instead set upon the computers before carting them away. Taken were files that chronicled a generation’s worth of efforts to protect the Siberian wilderness.
The group, Baikal Environmental Wave, was organizing protests against Prime Minister Vladimir V. Putin’s decision to reopen a paper factory that had polluted nearby Lake Baikal, a natural wonder that by some estimates holds 20 percent of the world’s fresh water.
Instead, the group fell victim to one of the authorities’ newest tactics for quelling dissent: confiscating computers under the pretext of searching for pirated Microsoft software.
Across Russia, the security services have carried out dozens of similar raids against outspoken advocacy groups or opposition newspapers in recent years. Security officials say the inquiries reflect their concern about software piracy, which is rampant in Russia. Yet they rarely if ever carry out raids against advocacy groups or news organizations that back the government.
Mark Fiore: Clever
More Mark Fiore brilliance.
Via The San Francisco Chronicle.
Cyber Jihad Group Linked to 'Here you have' Worm
Robert McMillan writes on ComputerWorld:
A fast-spreading e-mail worm that crashed systems Thursday may be linked to a cyber jihad organization called Tariq ibn Ziyad, according to security vendor SecureWorks.
The "Here you have" worm spread like wildfire through some computer networks, bringing e-mail servers down and reportedly disrupting large U.S. organizations including Disney, Proctor and Gamble, Wells Fargo, and NASA (National Aeronautics and Space Administration). It's known as "Here you have" because that is sometimes the subject line of the messages used to spread the malware.
Much of the worm's code is identical to an earlier piece of malware that was released last month, and both worms refer to a Libyan hacker who uses the name Iraq Resistance, who has been trying to form a hacking group called Brigades of Tariq ibn Ziyad, said Joe Stewart, director of malware research with SecureWorks.
"Either this person is involved with this virus, or somebody wants to make it seem like this person's group is involved in this virus," Stewart said. "There are a lot of pointers to that group."
DHS Cybersecurity Watchdogs Miss Hundreds of Vulnerabilities on Their Own Network
Kevin Poulsen writes on Threat Level:
The federal agency in charge of protecting other agencies from computer intruders was found riddled with hundreds of high-risk security holes on its own systems, according to the results of an audit released Wednesday.
The United States Computer Emergency Readiness Team, or US-CERT, monitors the Einstein intrusion-detection sensors on nonmilitary government networks, and helps other civil agencies respond to hack attacks. It also issues alerts on the latest software security holes, so that everyone from the White House to the FAA can react quickly to install workarounds and patches.
But in a case of “physician, heal thyself,” the agency — which forms the operational arm of DHS’s National Cyber Security Division, or NCSD — failed to keep its own systems up to date with the latest software patches. Auditors working for the DHS inspector general ran a sweep of US-CERT using the vulnerability scanner Nessus and turned up 1,085 instances of 202 high-risk security holes [.pdf].
“The majority of the high-risk vulnerabilities involved application and operating system and security software patches that had not been deployed on… computer systems located in Virginia,” reads the report from assistant inspector general Frank Deffer.
Report: RBS WorldPay Hacker Gets Four Years' Probation
Robert McMillan writes on PC World:
The mastermind behind one of the biggest hacking paydays in history has been sentenced to four years' probation and an US$8.9 million fine, according to published reports.
Victor Pleshchuk, 28, was sentenced to four years' probation on Wednesday, according to Bloomberg News. He is considered the leader of a group of criminals who organized a 2008 precision strike on RBS WorldPay, the payment processing division of the Royal Bank of Scotland.
In addition to the reduced sentence of probation, Pleshchuk must also pay back more than 275 million rubles ($8.9 million) to RBS WorldPay, Bloomberg reports.
Russia is trying to fight a reputation for being soft on cybercrime, but this light sentence won't do much to change that perception. Security experts say that Pleshchuk falls into the same category of highly accomplished cybercriminals as Albert Gonzalez, best known for hacking into retailer TJX Companies and the Heartland Payment Systems payment processing network. In March, Gonzalez was sentenced to 20 years in federal prison.
After Google Incident, Wi-Fi Data Collection Goes on
Robert McMillan writes on PC World:
Four months ago, amidst a backlash from government regulators and privacy advocates, Google stopped collecting Wi-Fi data with its Street View cars.But that doesn't mean Google has stopped collecting wireless data altogether, and neither have other companies such as Apple.
Instead of sending out cars to sniff out wireless networks, Google is now crowdsourcing the operation, with users of its Android phones and location-aware mobile applications doing the reconnaissance work for it. In the past few months, Apple has quietly started building a similar database, leveraging its large base of users to log basic Wi-Fi data. There are others: A Boston company, Skyhook Wireless, has been logging wireless access points for years, as has its competitor, Navizon of Miami Beach, Florida.
It's a trend that's been spurred by the intense interest in applications such as FourSquare and Facebook Places. As it becomes increasingly important for programs that run on your phone to know exactly where you are -- to be location-aware in industry parlance -- having a way of figuring out exactly where you are becomes critical. But the companies collecting this data haven't come under much scrutiny, many users do not understand how the data is being collected or why, and security experts are just now starting to discover some of the ways that this information could be misused.
New Lawsuit to Challenge Laptop Searches at U.S. Border
Ellen Nakashima writes in The Washington Post:
Criminal defense lawyers, press photographers and a university student are challenging the Obama administration's search policy permitting officers at U.S. borders to detain travelers' laptop computers and examine their contents even without suspecting the traveler of wrongdoing.
In a federal lawsuit to be filed Tuesday in the Eastern District of New York, the plaintiffs allege that the Department of Homeland Security policy violates constitutional rights to privacy and free speech.
At issue is the government's contention - upheld by two federal appeals courts - that its broad authority to protect the border extends to reviewing information stored in a traveler's laptop, cellphone or other electronic device, even if the traveler is not suspected of involvement in criminal activity. In the government's view, a laptop is no different than a suitcase.
After the Sept. 11, 2001, terrorist attacks, the George W. Bush administration took an expansive view of the government's authority at the border in an effort to stop terrorists from entering the country, and to find evidence of terrorist plots.
The Obama administration has followed suit, the plaintiffs said, with a pair of DHS policies issued by U.S. Customs and Border Protection (CBP) and U.S. Immigration and Customs Enforcement in August 2009 that reaffirmed the policy of suspicionless searches at the border.
Happy Labor Day
Let's hope we can dig ourselves out of this Great Recession