Category: security

posts about online data security. often includes discussion as to whether we should allow governments to store personal information about our online activity

Categories
Business security

The Awards Dinners scam

I went to the Secure Computing Awards evening on Tuesday in London, coinciding with the infosec show.  The comedian was good. The company was good. Apart from the almost unbearable heat of the the venue what I really noticed was the scam that is the awards system.

This is how it works. There must have been 24 award categories with 4 or 5 companies shortlisted for most! The vast majority of these companies will have taken a table so that they could be there to collect their Award. The vast majority of them of course did not win anything. A table for ten will have been at least £1k each (not to mention the travel and accommodation costs). So whilst awards are free to attend there is a hidden cost.

Of course the winners get a gold badge and bragging rights which is why we all still do it. Fortunately for me the timing was good as I was going to be staying in London anyway.  My thanks to Omar Aguirre and his team at Optenet for their hospitality.

Categories
Business internet Regs security surveillance & privacy

cleanternet – you know it makes sense #debill #deact

This video is doing the rounds. It helps you understand why the web filtering aspect of the Digital Economy Act is a very bad thing.

http://www.cleanternet.org/

Categories
Engineer security

Bletchley Park – where it all started

Paid a visit to Bletchley Park on Saturday with a crowd of friends. For the uninitiated Bletchley Park was the nerve centre of the Allied effort to listen in on enemy communications in World War 2. Most will have heard of the Enigma Machine that the Germans used to encrypt their communications. A number were there on display, under heavy supervision, since one of them was stolen in recent years.

Continue reading “Bletchley Park – where it all started”
Categories
End User internet security social networking

Facebook messages bringing a link to a website with a virus – look out

Just seen a wall post on Facebook from a friend warning of a virus being sent out from his account.  Next minute I got a Direct Message from him with a link in it. Fortunately I had just seen his warning and was able to delete it. 

This is going to be a problem I can see. I wonder what can be done about it?

Categories
Business internet security

New scheme for replacing copper with fibre

I note the new scheme for pressurising BT to replace it’s copper local access network with fibre has not been completely going to plan as thieves today accidentally stole lengths of fibre by mistake. Doh.

The gang, who must surely be Fibre To The Home activists, are obviously from a Rural Cadre. I can only think their education suffered early on due to not having access to the internet and they found it difficult to tell the copper (Cu) apart from glass (Si). 

Also their thinking is misguided if they think that BT will replace the stolen copper with fibre.  The BT insurance policy is almost certainly “like for like”. So stolen copper has to be replaced by more copper. Doh again!

In any case on this occasion they went and pinched some Virgin Media fibre in Leeds. Obviously couldn’t spell either!! BT – Virgin Media – hard to tell the difference eh?

There is of course a serious side to all this in that thieves are apparently going around stealing copper as it has doubled in value in the last year.  BT’s network is easy game. Thanks to @bungieboy for the lead via twitter and ElReg’s Chris Williams for the detail.

Categories
Business internet security

UK cybercrime defences are good says House of Lords but Estonia’s are rubbish

Doesn’t quite match does it? The House of Lords telling us that the UK has strong defences against cybercrime. It is quite possible that your average crusted baronet has no idea what cybercrime is.

I’m being a bit unfair here in the interest of humour.

This week the House of Lords European Union Committee published its report into protecting Europe against large-scale cyber attacks. The report looked into the resilience of Europe’s and the UK’s internet infrastructure which is deemed part of critical national infrastructure.

The report argued that there is a wide variation between Member States on this issue, with the UK having “sophisticated and well-developed defences to guard against attacked and disruption”.

Estonia however, and for example, which as a nation is heavily dependent on the internet, is knackered (my word not their Lordships) if subjected to even a minor cyber attack.

The Committee made a number of findings including: the public sector should take the initiative on how cyber-security could be developed on a global basis; EU and NATO should work closer together, and the Government should encourage this to happen; and the European Commission should propose establishing national Computer Emergency Response Teams (CERTS).

More here

Categories
Business internet security

Timico abandons Chinese expansion plans

With all the fuss in the press about Google and their possible exit from the Chinese market I got a timely email this morning from the (a?) Chinese Domain Name registry.

We are the department of registration service in China. we have something need to confirm with you. We formally received an application on February 03,2010, One company which self-styled “LSHB Technology PLC” are applying to register “Timico” as Network Brand and Domain Names as below :
“timico.asia
timico.hk
timico.in
timico.mobi
timico.net.cn
timico.org.cn
timico.tw”
After our initial examination, we found that the Network Brand applied for registration are as same as your company’s name and trademark. These days we are dealing with it, hope to get the affirmation from your company. If your company and this “LSHB Technology PLC” as the same company, there is no need reply to us, We will accept their application and will register those for them immediately.

If your company has no relationships with that company nor do not authorized, please reply to us within 7 workdays, if we can’t get any information from yours over 7 workdays,we will unconditionally approve the application submitted by “LSHB Technology PLC”. Thanks for your cooperation.

Best Regards,

Amanda Hua
Senior Consultant
PX-Dnr

I could respond to this in a number of ways, in the first instance by simply ignoring it as the clever marketing scam that it is. I could also reply politely telling them that I am flattered that Timico is sufficiently on the map to be imitated by organisations in other countries but to go ahead and sell them the domains. 

Alternatively I could put out a press release in support of Google with a public affirmation that Timico has pulled its plans to move into China. I can think of better places to start our overseas expansion anyway: the Maldives, the Caribbean (that’s Carrribbean to American readers), Wales. 

Only kidding.  We already operate in Wales…

Categories
Business internet Regs security

report your terrorist website

The Home Office and the Association of Chief Police Officers (ACPO) has launched a public reporting webpage (on the Directgov website) for terrorist-related material found on the internet.

The public can report URLs of suspected terrorist material direct to a police unit who will investigate. If the website is found to be in breach of the Terrorism Act 2006 the police will issue a Section 3 Notice to have the content modified or removed presuming it is hosted in the UK.

The type of content users may report can be found here on the Home Office website and the reporting page itself here.

As part of the fight against terrorism this must be good though I imagine it will be difficult to maintain an adequate level of publicity for the scheme so that people know where to look to report a website.

Also the savvy terrorist will use hosting provider in a country that doesn’t care or doesn’t have the same laws so unless this initiative was conducted on a global scale it will probably only have a small effect.

Categories
Engineer internet security

Woke up this mornin and nearly got the IMP blues

I woke up this morning (there’s a song there…) to the news from the Daily Telegraph that ” Government announced yesterday it was pressing ahead with privately-held “Big Brother” databases”.  This is the Interception Modernisation Programme that has periodically been in the news this year with general opposition and a subject I have posted on in the past.  It would indeed have given the ISP industry a headache.

I now hear a contrary position from the Guardian which tells me “Legislation to access public’s texts and emails put on hold. Widespread concern about the safety and security of communications data prompts Home Office rethink.”

My understanding is that it is the Guardian that is right on this occasion and that the Telegraph has tapped into the wrong wires. I imagine that the Labour party has enough on its plate in the run up to an election without further alienating the voters.

When they woke up this morning someone got their wires crossed and my head it felt confused, oh yeah. ”  I think that’s what I was trying to say 🙂

Categories
Business internet security

Government confirms it won't mandate IWF list

Further to my post of a couple of weeks ago it has been confirmed that legislation is unlikely to be introduced to mandate support for the IWF blocking list.

Alan Campbell, Parliamentary Under-Secretary at the Home Office, said that it remains the hope of Government that the target of 100 per cent of consumer-facing ISPs operating a blocking list will be achieved on a voluntary basis in answer to a Parliamentary question by James Brokenshire MP this week.

Mr Campbell said that the Government recognised the work of the internet industry in reaching the figure of 98.6 per cent of consumer broadband lines being covered by blocking of sites identified by the IWF. It remains the Government’s hope, he added, that the target of 100 per cent of consumer-facing ISPs operating a blocking list will be achieved on a voluntary basis.

The ISPA met with Alun Michael MP on Monday to discuss this issue and it was agreed that ISPA was commited to the eradication of child abuse images in the UK and that it will continue to work with the IWF and Government to achieve this target.

The Parliamentary question can be found here.  Again thanks to Nick Lansman and his ISPA team for both this input and the excellent work they have been doing in the background on this issue.

Categories
Business internet security

Government confirms it won’t mandate IWF list

Further to my post of a couple of weeks ago it has been confirmed that legislation is unlikely to be introduced to mandate support for the IWF blocking list.

Alan Campbell, Parliamentary Under-Secretary at the Home Office, said that it remains the hope of Government that the target of 100 per cent of consumer-facing ISPs operating a blocking list will be achieved on a voluntary basis in answer to a Parliamentary question by James Brokenshire MP this week.

Mr Campbell said that the Government recognised the work of the internet industry in reaching the figure of 98.6 per cent of consumer broadband lines being covered by blocking of sites identified by the IWF. It remains the Government’s hope, he added, that the target of 100 per cent of consumer-facing ISPs operating a blocking list will be achieved on a voluntary basis.

The ISPA met with Alun Michael MP on Monday to discuss this issue and it was agreed that ISPA was commited to the eradication of child abuse images in the UK and that it will continue to work with the IWF and Government to achieve this target.

The Parliamentary question can be found here.  Again thanks to Nick Lansman and his ISPA team for both this input and the excellent work they have been doing in the background on this issue.

Categories
Business security

House of Lords inquiry into cyber security

Sub-Committee F (Home Affairs) of the House of Lords Select Committee on the European Union is conducting an inquiry into EU policy on protecting Europe from large scale cyber-attacks.

That opening sentence is, in my mind, a great example of beaurocracy in action. I will say however that actually this is a good subject for their venerable Lordships to be considering.

The European Union is very much concerened about “Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience” and in March 09 issued a 400 page Communication on this subject. I’m not about to read the 400 pages but an international approach to cyber security makes sense.

In fact we really need a global approach to many interent related issues: child abuse, fraud, online copyright to name but a few.  The House of Lords inquiry is in the “Call for Evidence” phase which lasts until 13th November.

The original doc is here >  Cyberattacks call for evidence 16 10 09.

Categories
End User scams security

New phishing attempt doing the rounds under guise of HMRC

It amuses me more than anything to see phishing attempts hit my inbox though it does worry me that I will one day have this uncontrollable urge to click on the link provided.

Today’s, looking as if it had come in from Her Majesty’s Customs and Revenue, was mildly believable.  It is after all coming up to that time of year where we have to think about tax returns.

The message read:
Taxpayer ID: trefd-00000159883557UK
Tax Type: INCOME TAX
Issue: Unreported/Underreported Income (Fraud Application)

Please review your tax statement on HM Revenue and Customs (HMRC) website (click on the link below):

We caught this spam but it did attempt to get delivered to many Timico employees. For the safety of the reader I haven’t reproduced the link but I’d be mildly interested in a straw poll to see how many people got the email. And how many actually responded to it!

That’s not my taxpayer ID by the way 🙂

Categories
Business security

Internet security – a synonym for sleepless nights

How do we sleep at nights? Everywhere I turn I seem to come across security issues relating to my use of the internet.

In catching up on my reading I find that a team of Japanese researchers have figured out how to crack the WPA encryption technology that up until now I had considered to offer my home wireless network a safe and secure browsing environment, at least from the next door neighbour.

As it is the wireless performance of my home router is suspect because I suspect that it is finds it harder to cope with WPA than the previously less secure but more performant WEP.

Next I’m writing a blog post and a security warning flashes up in front of my eyes on the WordPress console telling me about a vulnerability in older versions of the blogging software that has caused some bloggers to lose large numbers of posts. Fortunately I am up to date with my patches.

One of my sons then complains that his website has been identified as a source of malware by Google. I investigate and find that indeed this is the case and remove the problem. His laptop, however, is a difficult kettle of fish to clean. It has conficker and some other nasties that won’t let any of the worm removal tools on to sort it out. So we are having to reflash his laptop and I then go around the house cleaning up all 12 memory sticks that the kids have in their possession (the fruits of a number of visits to trade shows 🙂 ) .

I could go on. It’s all very well for me though because I have dozens of highly skilled engineers sat outside my office door for who all this is bread and butter stuff. Our customers can also access these resources (for a fair price). The real problem is going to be for Joe Public who, as a consumer, is going to drown in the stormy seas of internet security.

Sorry if this one seems a little on the pessimistic side – it isn’t normally my nature.

Categories
End User internet scams security

Email scams

I went in to BBC Radio Lincolnshire this morning, as is my occasional wont, this time to talk about email scams. I am not particularly a security expert but I guess being in the ISP game I would get more exposure to this than your average Radio Lincolnshire listener.

It was all about phishing emails from people after your bank account details, and especially spoof emails notionally from people you know. As a bit of background research I googled “how to hack MSN” and I was astounded to find 952,000 websites on the subject.

Similarly there was plenty on Twitter and no doubt there will be stuff out there on Facebook and others. I didn’t follow more than a couple of links and the first article had already been removed. It does certainly highlight the vulnerabilities of the web.

I get phishing email daily, mostly caught in my spam quarantine folder, and all of which get ignored/deleted. I do get some very genuine looking spam though appearing to come from reputable contacts.  In one example a business partner of Timico’s had its contact databased copied a number of years ago.  I still get spam appearing to come from this partner.  There is nothing they can do about it. The data is gone.

I have never personally met someone who has been caught out by one of these phishing attempts. Not that is until last night when a friend rang me up and during the conversation mentioned that it had only just happened to him. He was busy and stupidly responded to an email and typed in his bank account details!

Luckily for him the bank spotted an unusual transaction and refunded the cash after calling him to check. It just goes to show how easily it can happen – to the unwary.

Categories
Business internet security

Britain needs eJudge

Had a meeting yesterday with the Police Central eCrime Unit in London together with a few other leading ISPs and content providers to discuss how the industry can help tackle eCrime.

Part of the problem is the speed at which things happen in the internet world when compared with the “good old fashioned” Old Bailey style of justice where response times are slow and delay is the norm . 

For example a police officer working on a case can take days for to obtain a court order requesting data on a suspect from an ISP.  In this time the gang has moved on and is lost to the justice system. A Communications Provider needs a court order to do this as providing such data without one is in breach of privacy laws, despite the cause notionally being a good one.

The solution is likely to be to put a system in place to speed up the process.  Whilst speed of communications between police and ISP could possibly be improved it seems to me that the whole area would benefit from specialist “eJudges”. 

An eJudge would be conversant with the  workings of the internet and being able to respond in real time to requests for Court Orders.  Such a judge would not have to sit in on normal court sessions.

The bit about understanding how the internet works is a real issue.  In recent times ISPs have been the subject of court orders requiring them to “remove certain websites from the internet”. 

Whilst an ISP can take down a site hosted on its own servers it can’t completely remove it from the internet because that site is likely to be cached in many places (countries) and could be easily replicated elsewhere.

In this instance the ISP would likely be in breach of the court order even though it had removed the offending site from its own server.

I realise that it is unlikely that a court would pursue the ISP in such a case but this does hilight the ignorance of  the judiciary in these matters.  

Rumpole of the Bailey is not equipped to cope with modern criminals and specialist eJudges would be a very cost effective solution.

Categories
Business internet security

Home Secretary announcement on Communications Data

Big in the news yesterday was Home Secretary, Jacqui Smith’s announcement that the Government will not be creating a central facility to store details of our telephone and email communications.  It even made prime time BBC TV News. Instead the Government will pursue a strategy of getting individual Communications Providers to store their own customers’ information.

I wasn’t going to comment on this because there was so much press coverage, much of which included answering statements infrom the industry trade body ISPA which I had already had a hand in. It is however worth restating some of the points.

Firstly I am, as an individual, nervous about having all this information situated in a single central database.  It is a near certainty that at some time all of it will be compromised, either by negligence or by criminal activity. 

Secondly I think the Government is misguided if it believes that it will be able to excercise any sort of control over what happens on the internet.  Technology is changing so quickly that any system implemented by Government is going to be expensive whatever its purpose (monitoring/intercept, preventing P2P illegal downloads, preventing access to illegal websites, location tracking etc etc -) and would very quickly be out of date.  The costs of maintaining it would be a significant line item in any budget statement.

Moreover, based on track record, you can bet your bottom dollar that the time taken to implement any such a system(s) would be so long that it would probably have to be reinvented several times during its development and eventually end up in Regents Park Zoo in the White Elephant enclosure. 

PS I can see an idea for the next sci fi movie blockbuster here. It’s a cops and robbers story in cyberspace. Hollywood producers queue here 🙂

Categories
Business internet security

European Commission forecasts 193 Billion Euro cost of cyber attacks on networks

I note that the as cyber attacks on networks become more sophisticated the EC has forecast a 10% – 20% probability that telecoms networks will suffer a major breakdown within the next 10 years.  They have also estimated a potential global cost of 193 billion Euros as a consequence of such a breakdown.

To mitigate against such a scenario the EC is establishing a Public-Private Partnership for Resilience which “will help businesses share information with public authorities to ensure that adequate and consistent levels of preventive detection, emergency and recovery measures are in place in all Member states”.

I’m all in favour of this kind of thing though somewhat sceptical about its likely efficacy.  Industry is more likely in my mind to sort out its own shop through the likes of the IETF and LINX et al.

That said I do think that Government is goingto have to become far more deeply involved than it is in the internet space.  We are seeing it starting to happen and the Digital Britain Report (final report due out in early May which is light speed as far as Government is concerned) is part of this. 

It is easy to see that the potential cost of telecom network disruption could be huge.  I don’t know what the likely cost of last week’s BT fibre break in London is going to be but  just the costs of managing customer complaints would have been significant let alone the costs of the disruption to traffic. 

I missed out on a few news items to comment on last week due to being on holiday.  It’s good to be back though 🙂 .

Categories
Business security

Docklands security – further note

The G20 Summit is of course taking place at the Excel Exhibition Centre in the Docklands.  The big day is Thursday when the leaders are all there.  They are expecting demonstrations around Canary Wharf and Custom House, Prince Regent and Royal Victoria DLR stations will be shut (and possibly Bank).

The recommendation is not to go anywhere near there this week if you can help it.

Categories
Business datacentre security

Security Tightened at London Datacentres for G20 Summit

Security is already pretty tight at our London datacentres.  This coming week will see security stepped up further as the G20 Summit takes place in town.  I’m not going to go into any details but at least BT are less likely to have any 21CN line cards stolen next week.

I’ve also had a number of meetings rescheduled from next week due to “security concerns”

Categories
Business internet security

Conficker worm update

I hadn’t realised but the Conficker worm is programmed to go live on April 1st.  This malware has already been the source of problems for IT managers but nobody knows what it is really destined to be used for.

Currently it accesses 250 ip addresses from which it can take instructions.  On April 1st this is due to rise to 50,000 which makes managing any attack a lot harder.  The nature of the attack to come is still unknown.

The good news, and the point of this post, is to update readers on the fact that over the weekend industry security specialists have finally identified how to “fingerprint” Conficker.  This means that simple security scanners can be used to detect whether it is on your PC. 

Previously it has involved length full virus scans on computers.  A process that when multiplied by the number of PCs in an organisation could have been impossibly long and consumed huge amount of IT support effort.

Because April 1st is so close the recommendation is that you check with your security vendor to see whether they have an update and to implement that update asap.  Don’t take any risks.

Categories
Business internet security

UKCCIS board meets

On the 10th of this month the UKCCIS board met  co-chaired by three Members of Parliament including Home Secretary Jacqui Smith.  Since its formation UKCCIS has concerned itself with putting together the structure of the organisation to take it forward and it has now announced a number of working groups.

These include “Better Education” (chaired by Niel Mclean of BECTA), “Public Information and  Awareness (Clive Michel of CEOPS) and Video Games (Brian Leonard, retired civil servant). There is also a group known as “Industry Standards” run by Amanda Jordan of Corporate Citizenship.  Apparently the name of this group is subject to change.  Don’t ask me why. 

Whilst the large committe and the high profile board chairs does send out a message undelining the importance of the activity and  its level of Government backing you do wonder about the amount of time they are spending deciding on the names of the working groups!

Previous posts on UKCCIS here.  Latest UKCCIS newsletter newsletter-no-5-march-2009.

Categories
Business internet security

German court declares against data retention act

The Data Retention Act, which is about Big Brother getting out of control, is being rolled out across the European Union.  I’ve posted about it on a number of occasions, including here and here

The story has taken an interesting turn with a German court pronouncing it invalid.   Specifically:

“The court is of the opinion that data retention violates the fundamental right to privacy. It is not necessary in a democratic society. The individual does not provoke the interference but can be intimidated by the risks of abuse and the feeling of being under surveillance […] The directive [on data retention] does not respect the principle of proportionality guaranteed in Article 8 ECHR, which is why it is invalid.”

It seems to me this is going to hot up a little in the UK.

The link to the whole article is on the vorratsdatenspeicherung website 🙂

My thanks to James Blessing for this link.

Categories
End User security spam

Spam not Spam

I have recently started corresponding with Randy Abrams of anti virus company www.eset.com.  He has commented on some of my posts in the past.  He offered this postulation today:

“Sometimes I receive spam from legitimate companies. They shouldn’t be spamming me, but this isn’t the Viagra, Rolex, and other run of the mill spammers I am talking about… these are generally IT companies.

So, I am considering automatically subscribing these spammers to Industry News with an email indicating that they have been subscribed and can choose to opt out. Your thoughts. Good idea? Too good for them?   Give it a try?”

My standard response to legitimate spammers is to reply to them asking whether they have read www.trefor.net?  It seems only fair.  They are sending me unsolicited mail.  It’s amazing how many of them then do read the blog,  I get quite a lot of positive feedback this way.  I’m sure some of them are reading this post now 🙂 .  I have a fairly relaxed view on life.  We are all trying to earn a living.  We all need to be friends within sensible bounds.

Categories
Business internet security

Office of Security and Counter Terrorism

Met with the Home Office, Office of Security and Counter Terrorism (OSCT)  today.  Not unsurprisingly the OSCT has grown from zero to over 200 staff in 18 months although only three of them are internet oriented.

The department’s mantra is the 4Ps:

Pursue – police & security forces
Protect – making UK a harder target
Prepare – for the eventuality there will be another attack
Prevent – stop people becoming violent extremists in the first place

One of the subjects under discussion was part of the report produced by The International Centre for the Study for the Study of Radicalisation and Political Violence (ICSR) – blogged about the other day.  Specifically how to go about promoting more positive use of the internet.

They talked about “flooding the internet” with positive messages about Muslim groups quitely practising their religion and not indulging in fanaticism that leads to violence.  I though the idea of  flooding the internet was somewhat ambitious. 

What they really mean is that one of the proposals is to educate groups on how to make the best use of the internet to get their positive messages across. Search Engine Optimisation etc.  I could imagine the Government secretly paying Google to raise the rankings of websites promoting  peaceful activities 🙂 ! 

It is worth taking a look at at the Alliance Of Youth Movements Summit that took place in New York (New York)  in December 08. This get together was part of a drive to promote the positive use of the internet.

Categories
End User internet security

Pirate Duck Update – Gordon Brown Petition started

Notwithstanding anyone’s particular feelings about the suitability of the Pirate Duck as a technology blog post it is worth looking at what has happened since it first hit the ether yesterday afternoon.

The Facebook group Save The Pirate Duck hit 50 members the same evening. Now, 24 hours after the group was started, it has 120 members (up by 7 since I started writing this post). The group has 10 wall posts and one video link.

Pressure group, Pirate Duck People’s Coalition, has also set up an online petition urging Prime Minister Gordon Brown to help save the duck. So far there are 5 signatures and I’m sure this number will increase further – it is only a matter of time.

I have also had a request by a prominent radio station to field a spokesman for an upcoming investigative special this weekend. More details on this once it is firmed up.

Clearly democracy is flexing its muscles here and the power of the internet is being used to promote the will of the people. Anyone wishing to contribute their time, money or simply expressions of support should joing the Facebook group and sign the petition.

Also constructive ideas on how to track down the perpetrators of the crime are welcome as hitherto the team’s investigative efforts have drawn a blank and the duck remains firmly ducknapped.

Categories
Business security

Coroners And Justice Bill

Internet security issues were again covered in Parliament last week as the Coroners and Justice Bill was debated in committee.  I don’t envy Parliamentarians. The complexities of what they are having to deal with are enormous.

In this case they are trying to improve the law to further protect children from online threats. The opening line of the questioning reads like this:

“It is curious that it is illegal in this country to groom a child for sex but not illegal to groom a child for suicide.”

It is worth reading the rest of the text of that particular section of the debate here. We are bound to see increased legislation in this space I feel.

Categories
End User security

Victims of internet piracy

Internet crime came closer to home today with the kidnapping of one of the Timico NetOps  team’s key players, the Pirate Duck. 

Criminal sophistication has reached new heights with this case.  The gang responsible for the crime has set up a web page, www.wheresmyduck.com,  so that distraught owner, engineer Ian P. Christian, can reassure himself that his duck is as yet unharmed and being looked after.

Efforts to track down the owner of the domain name have been fruitless as the “Who Is” function for that domain has cunningly been disabled.  No ransom demands have been received as yet but Ian is standing by his PC anxious to hear more news.

Ian is fairly phlegmatic about this incident. “He was after all a pirate duck and he who lives by the sword…”

The victim’s twin brother is pictured below.  Any information leading to the safe retrieval of the duck will be gratefully received. The incident is being dealt with privately and the Meteropolitan Police eCrime Unit has not yet been called in.  If you want to show your support for this cause you should join the Facebook group “Save The Pirate Duck

pirateduck

Categories
End User internet security

Online identity theft cost USA $48Bn in 2008

I was amazed to read in a press release by Anti Virus firm AVG that online identity theft lead to $48Bn worth of fraud in 2008 in the USA alone. This was part of a press release issued by the company today regarding its new Identity Protection product.

You can read the press release yourself but this is certainly topical for me having only last week attended the ISPA Parliamentary Advisory Forum on ecrime. The scale of the activity clearly makes it worthy of its own specialist blog rather than just getting the occasional post in mine.

I think I will follow up with a top ten security tips for safe use of the internet. Many of these tips will be obvious and just involve a little discipline on the part of individuals. More anon.

Categories
Business security

ISPA Parliamentary Advisory Forum on e-crime

The average punter knows very little about e-crime. I can’t say I’m an expert myself but I had an eye-opening afternoon yesterday at the ISPA Parliamentary Advisory Forum on the subject. Attended by both MPs and industry stakeholders the meeting was standing room only which perhaps underlines the level of interest in the subject.

We use anti virus software in the belief that it stops nasty people putting nasty things on our PCs that will destroy our files. In the early days of e-crime this is what it was all about. Nerds sat in their bedrooms writing viruses with no real objective other than showing the world how big and powerful they were.

From around 2003 all this changed and e-crime became big business and the sad teenagers in bedrooms have turned into professional software writers working for organized gangs.

Now the crooks don’t want to break your computer. In fact they don’t even want you to know they are there. The malware that they deposit on your PC just sits there quietly logging your every keystroke. When you make purchases online your credit card information is logged and fed back to the gangs. The Conficker A virus even made your network run more efficiently so that it could better perform its job.

Until last year, when they were stopped, there were websites such as “darkmarket.com” (Google it for more info) where criminals talked to criminals, swapped trade secrets and engaged in crooked business such as the sale of stolen bank account information.

This criminal activity is organized primarily from the former Soviet Union, China and Brazil. The crooks know how to work the system. They never steal information from their own country. That way if a local police force is asked to assist with an international crime there is less incentive.

The police in Sao Paulo, for example have to deal with a high murder rate on the streets. How do you prioritise credit card fraud overseas in that case when you have limited resources to address problems on your own doorstep.

An Ukranian gang was said to stop the process of infecting a PC if it’s IP address was found to be Ukranian specifically to avoid the attentions of the local rozzers.

So what is being done in the UK to try and combat e-crime? It ain’t easy. Detective Superintendent Charlie McMurdie, who incidentally looked as if she was straight out of an action cop movie, runs the 30 strong e-crime unit at the Metropolitan Police and was speaking at the meeting.

With a team of only 30 people the police have to concentrate on big crimes. If someone rips off £50 from your credit card or bank account they aren’t interested. You are supposed to report it to the banks who then submit a collated picture to the police. In reality much of this type of crime goes unreported so nobody really knows how much of it is going on.

Where the police do get involved is with serial crimes. In other words whilst if someone pinches £50 from your e-wallet they aren’t interested, if someone does it to a thousand people then they are and this has happened in the UK.

Unfortunately, for someone who gets caught the penalties for this type of crime are often very low, community service for example, so the disincentive isn’t there. What’s more e-crime is often zero touch. In other words if someone steals TV programming and sells it to a Russian online TV Channel then the only thing affected is a potential reduction to the revenue stream of the rights holder. The man on the street is unharmed. This makes it less interesting to the police and is why the likes of BSkyB employ former policemen, effectively as revenue protection officers.

It isn’t fair to say that nothing is being done in the UK to prevent e-crime but the whole subject area is a difficult one and merits not only more effort but also improved levels of international co-operation due to the cross border nature of the game. I am afraid this is going to be an uphill struggle.