Day: July 18, 2011
The Anonymous hacktivist group has announced that it will launch its very own social network, to be called AnonPlus, after accounts it held with Google+ were suspended for violating terms and conditions.
Google+ has recently been enforcing a policy of shutting down profiles which contain fake names or those that represent organisations rather than individuals, so it’s not exactly surprising to see Anonymous-related profiles being zapped.
AnonPlus, Anonymous’s answer to the likes of Google+, is far from ready, however.
A team of 17 Java developers has been announced on the site’s holding page, alongside a manifesto announcing the “new social network where there is no fear of censorship” and “no more oppression”, but it seems that any working infrastructure for AnonPlus is some considerable way off still.
It’s hard not to be cynical about the prospects of a new social network being built from scratch.
Yes, Google – with all the resources it has available – appears to have done a good job with Google+, but surely the chances for a loosely-knit amateur collective like Anonymous who reject organisational constructs, will have a much steeper challenge.
Anyone remember Diaspora? They had the advantages of support from many and even some funding, but they seem to have gone awfully quiet lately, don’t they?
It will be interesting to see if AnonPlus becomes popular if/when it launches with the very people it is intended to help – those who are being prevented by oppressive regimes from sharing information freely and safely with the rest of the world.
Toshiba announced this weekend that a web server run by its US sales subsidiary had been hacked, and the email addresses, telephone numbers and passwords of hundreds of customers had been compromised.
The Japanese electronics firm said that the server was run by Toshiba America Information Systems Inc., and held personal data relating to 7,520 customers. Fortunately, according to the firm, the personal information exposed did not include any credit card data.
Nevertheless, you don’t want your email address and password falling into hands of malicious hackers.
Not only could cybercriminals “try out” your passwords to see if they unlock any of your other online accounts (too many people use the same password on multiple websites), but they could also target you with attacks pretending to come from Toshiba.
After all, you have a business relationship with Toshiba – so you would be less suspicious of opening an email or clicking on a link which appeared to have been sent by them. Especially if some clever social engineering made the email appear particularly enticing.
A Toshiba spokesperson told the Wall Street Journal, that the Toshiba subsidiary’s IT staff first noticed a problem with the web server on July 11th, and confirmed on July 13th that it had been hacked.
"We will continue the investigation and intend to thoroughly protect customers' information and manage (related computer) systems to prevent a recurrence."
All customers potentially affected by the hack are said to have been informed of the problem by the firm.
If you run a website it’s essential to ensure it is as secure as possible from hacker attacks.
A gang of hackers known as SwagSec announced at the tail end of last week that they had hacked into Lady Gaga’s UK website and made off with a database of names and email addresses of fans. To prove their point, they published the stolen data online.
The press reported that a source close to Lady Gaga said that she was:
"upset and hopes police get to the bottom of how this was allowed to happen"
If she was upset, she made no mention of the hack on her Twitter page, and posted no apology to her UK fans for the poor website security. She wasn’t, however, too upset to tweet about Emmy award nominations or to drop a line to Cher about doing a duet remix.
Although it’s right that the authorities should be informed regarding SwagSec’s illegal activities, there should surely be some recognition at Gaga HQ that perhaps the website was doing a lousy job at securing its fans’ information?
Lady Gaga’s record label, Universal, said it had confirmed that the hack had occurred and said that police had been informed:
"The hackers took a content database dump from http://www.ladygaga.co.uk and a section of email, first name and last name records were accessed. There were no passwords or financial information taken. We take this very seriously and have put in place additional measures to protect personally identifiable information. All those affected have been advised."
The risk to users who had their details compromised, of course, is that they could have been the subject of targeted attacks. Imagine how many of them might have opened an attachment or clicked on a link if they received an email claiming to be about free tickets for a Lady Gaga concert, or a sneak preview of her new video.
But although Universal says that it has contacted everyone who was affected – can they be confident that they know the extent of SwagSec’s hack? After all, the hack is claimed to have occurred weeks ago, but was only made public by SwagSec at the end of last week.
Wouldn’t it be more open and transparent to have a message to fans of the Lady Gaga UK website, telling them all what occurred. I went looking and couldn’t find anything to warn the wider array of Lady Gaga fans.
You may remember that the SwagSec hacking group defaced Amy Winehouse’s website earlier this month as well.
One wonders what eccentric female troubadour they will target next..
The US Deputy Defense Secretary William Lynn has revealed that a foreign intelligence agency was behind a hack attack that stole classified information about a top secret weapons system.
According to Aviation Week, the weapons system, which is under development, might have to be redesigned after the files were stolen from a military contractor’s computer network.
Plans and confidential blueprints were included in the haul of 24,000 files said to have been copied by the hackers.
The revelation came to light as William Lynn gave a speech at the National Defense University (NDU) in Washington DC, outlining his department’s “first ever strategy for operating in cyberspace”. Recognising that the problem extended beyond its own networks, the Pentagon is piloting a program to share classified intelligence about threats with select military contractors and their ISPs.
NDU was somehow an appropriate venue for the speech – Lynn told his audience that the National Defense University itself had fallen victim to hackers after its “website and its associated server were recently compromised by an intrusion that turned over system control to an unknown intruder.”
Lynn’s speech contained much jaw-jaw about the nature of cyberwar – and how it could vary from destructive attacks to information theft:
"Tools capable of disrupting or destroying critical networks, causing physical damage, or altering the performance of key systems, exist today. The advent of these tools mark a strategic shift in the cyber threat - a threat that continues to evolve. As a result of this threat, keystrokes originating in one country can impact the other side of the globe in the blink of an eye. In the 21st Century, bits and bytes can be as threatening as bullets and bombs."
"But disruptive and destructive attacks are only one end of a continuum of malicious activity in cyberspace that includes espionage, intellectual property theft, and fraud. Although in the future we are likely to see destructive or disruptive cyber attacks that could have an impact analogous to physical hostilities, the vast majority of malicious cyber activity today does not cross this threshold."
"In looking at the current landscape of malicious activity, the most prevalent cyber threat to date has been exploitation - the theft of information and intellectual property from government and commercial networks."
I have always been nervous of the tendency amongst governments to point fingers at foreign nations and blame them for an internet attack. For instance, Lynn claims that a foreign government was involved in the hack, but does not say which one.
You have to ask yourself, why the reluctance to say which country? And if you don’t know which country, how do you know it was any country?
Of course, the US Deputy Defense Secretary has shown himself to be tight-lipped on matters to do with internet attacks in the past. For instance, he declined to confirm or deny if the USA had been responsible for the Stuxnet virus.
And we shouldn’t be naive. Just because it’s hard to prove that a particular country was behind a particular cyber attack, doesn’t mean that that country is whiter-than-white when it comes to such things.
My suspicion is that all countries are using the internet to their advantage when engaged in espionage – whether it be for political, economic or military ends.
What surprises me, however, is that Lynn claims that these sort of “sophisticated capabilities” (the ability to hack into military contractor computer systems and steal files) is almost exclusively within the abilities of nation states, and that the only thing stopping countries from using the internet to destroy their enemies is the risk of a military counter-attack:
"Today, sophisticated cyber capabilities reside almost exclusively in nation-states. Here, U.S. military power offers a strong deterrent against overtly destructive attacks. Although attribution in cyberspace can be difficult, the risk of discovery and response for a major nation is still too great to risk launching destructive attacks against the United States. We must nevertheless guard against the possibility that circumstances could change, and we will have to defend against a sophisticated adversary who is not deterred from launching a cyber attack."
Of course, terrorists probably wouldn’t fear a counter-attack like this. Why haven’t they launched a destructive strike against the United States? Well, Lynn has an answer for that:
"If a terrorist group gains disruptive or destructive cyber tools, we have to assume they will strike with little hesitation. And it is clear that terrorist groups, as well as rogue states, are intent on acquiring, refining, and expanding their cyber capabilities."
Hmm. So, thank goodness that only governments know how to get their hands on the most dangerous and destructive internet weapons and that the rest of the world just isn’t as sophisticated..
Marine Gen. James Cartwright, Vice Chairman of the Joint Chiefs of Staff, told the press gathered at NDU that he believed a defensive approach to cyberwar is insufficient, and that the current situation of the Pentagon being 90% focused on defensive measures and 10% on offensive, should be reversed.
One thing is clear amongst all this talk – computer security needs to be taken seriously. Cybercriminals, whether state-sponsored or not, are regularly going beyond damaging and defacing websites to stealing sensitive information which could have more than a financial value. You would be foolish to ignore such a threat, and ensure that you have strong defences in place.
Meanwhile, the US Department of Defense says that it is now treating cyberspace as an operational domain – alongside land, air, sea and space. As such, I think we can expect to see more speeches warning about the perils that the United States faces from other nations and terrorist forces.
Microsoft has announced a new feature for Hotmail users that should help in the fight against email fraudsters and spammers.
It wouldn’t surprise me if many of us haven’t received an email which appears to come from a friend, but actually contains a bogus cry for help claiming they are stranded in a foreign country or a spammy advert.
Often in these cases your friend’s email account has been compromised because they chose a weak password, or had been using the same password in multiple places – only to have one of them phished, or were careless with their computer security.
One famous example of this happening occurred two years ago, when the Hotmail account of UK politician Jack Straw (who was the country’s Justice Secretary at the time) sent out hundreds of emails attempting to defraud his contacts.
Hotmail’s new feature is designed to make it quicker and easier for control of the hacked email accounts to be returned to their rightful owners.
Recipients of emails from clearly compromised accounts can now report them directly to Hotmail, as a new “My friend’s been hacked!” reporting option has been added under the “Mark as” menu.
In addition, accounts can also be reported as compromised if you mark a message you have received as junk:
If you make use of these options, you’re giving Hotmail a heads-up that the account could have been compromised and they can use the warning (and other signals they pick up from the account’s behaviour) to determine if they need to stop the account from being abused, and begin the process of returning control of the account to its rightful owner.
What’s especially warming about this initiative is that it’s not just a Hotmail to Hotmail thing.
Dick Craddock, the Microsoft Group Program Manager responsible for Hotmail says that Hotmail is also sharing these notifications with Gmail and Yahoo, which means that you could still be helping a hacked friend even if they don’t also use Hotmail.
Let’s hope we see other web email providers follow Hotmail’s lead and offer similar ways for their own users to report possible account compromises. After all, minutes matter if your email account has been breached – the long an account is under the control of malicious hackers, the more harm that can be done.
Hotmail says it has only had the functionality enabled for a few weeks, and it has already helped it identify and recover thousands of hacked accounts.