Wednesday, December 11, 2013
FireEye researchers had monitored a server, one of 23, used by the Ke3chang group in August. This enabled them to observe the malware in action, although FireEye says no data was stolen as far as they were aware during this period of observation. Naturally the security firm contacted the relevant authorities as soon as it realised what was underway. The circumstantial evidence collected at the time leads FireEye to believe that Chinese hackers were carrying out the attacks, although it admits it could also have been 'other actors' making it look like the Chinese were to blame. In the murky world of international espionage, such things are never usually clear cut. If it were a matter of misdirection, then it would appear to be a cleverly crafted one with Chinese words on the CnC control panels, servers registered in China and linguistic clues within the malware binaries pointing towards a Chinese coder.
It was the start of 1978, and the end of the Sex Pistols, when John Lydon (aka Johnny Rotten) famously left the stage in San Francisco saying "ever get the feeling you've been cheated?" As someone who takes more than a passing interest in the IT security business, I can't help but think that maybe the cloud is having something of a Johnny Rotten moment right now. OK, maybe 'cheated' is a bit strong, but there's certainly quite a bit of misdirection going on.
Monday, December 09, 2013
The Distributed Denial of Service (DDoS) attack is becoming the crowbar of the online criminal. In the past we have got rather used to DDoS attacks being one of the favoured approaches of hacktivists, with perhaps the Low Orbit Ion Cannon (LOIC) and later the High Orbit Ion Cannon (HOIC) as used by Anonymous to take down sites being the best known examples. However, recent evidence suggests that taking down a site is increasingly no longer the be all and end all of a DDoS attack, instead it's just a means to a much more profitable end.
During the last three months, the National Fraud Intelligence Bureau (NFIB) 'Action Fraud' system has received more than 150 reports of CryptoLocker attacks. And that figure is going nowhere but upwards, if the warning from the National Crime Agency that 'tens of millions' SMBs are being targeted is accurate. But the cloud could hold the key to preventing this attack from, quite literally, holding you data to ransom.
Friday, December 06, 2013
In his essay 'A Few Thoughts on Cryptographic Engineering' Matthew Green, a cryptographer and research professor at Johns Hopkins University, asks "how the hell is NSA breaking SSL?" If this is news to you, following the Edward Snowden revelations in The Guardian, then you obviously haven't read the New York Times piece about the NSA 'Bullrun' briefing sheet which quite plainly states that the agency has been circumventing exactly the type of encryption protection of everyday Internet communications that we take for granted, such as SSL (Secure Sockets Layer).
Saturday, November 30, 2013
Black Friday has historically been a very American phenomenon, marking the start of the seasonal Xmas shopping rush and happening the Friday after Thanksgiving. In the past it has led to scenes of semi-rioting and chaos in some stores as the Walmartarati fight over bargain electrical goods. The UK got a taste of the madness yesterday, and can expect more on Cyber Monday...
Wednesday, November 27, 2013
According to BitcoinWatch the current market capitalization of the virtual currency stands at an incredible $10.4 billion. A single Bitcoin is now worth more than $800. In the ongoing aftermath of the Silk Road takedown many people wrongly assume Bitcoin is some kind of criminal currency, used to trade in anything and everything illegal online. However, be in no doubt that cyber-criminals are, indeed, attracted to Bitcoin: they are targeting it in virtual bank robberies.
Monday, November 25, 2013
ISACA, which specialises in helping business get the most value while managing risk related to information and technology, asked more than 4,000 consumers about their holiday season shopping habits and their opinions on privacy. This revealed that shoppers in India and the UK were the most resistant to location-based marketing on smartphones, with more than 70% declaring tactics such as sending unrequested special offer messages when they walk past the store concerned would be considered invasive.
Wednesday, November 20, 2013
A Channel 4 News investigation in the UK has revealed that in a 24 hour period just one smartphone made 350,000 requests to 315 different servers and made 30,000 requests to 76 servers when otherwise sitting totally idle for 45 minutes. Oh, and then there was the location data being sent to advertising agencies based overseas, and handset ID data heading to various apps. In fact, the investigation simply reiterated the fact that an average smartphone will send out hundreds of thousands of pieces of information every day, giving away its location and unique identity.