Thousands May Lose Internet After Hacking Scam

 Articles of Interest, Crimes & Criminal Activity (Organized Crime, Narcotics, Predators, Cyber Crime, Cyber Stalking, UnSolved), Firearms, Weapons & Personal Safety, Law Enforcement, National security, Terrorism, Cyber Terrorism & Related Crimes, Social Media, Technology & Digital Security  No Responses »
Jun 192012
 

Thousands May Lose Internet After Hacking Scam

 

If your computer was infected by the hackers, you won’t be able to connect to the Internet after July 9.

 

NBC News

By Lolita C. Baldor

Apr 21, 2012

 

 

 

NBC Local Media

Hackers infected more than 570,000 computers worldwide, according to the FBI. The scam netted the hackers at least $14 million.

 

 

This could be bad news, especially for Silicon Valley.

A few mouse clicks could mean the difference between staying online and losing your Internet connection this summer.

The problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.

 

Visit http://www.dns-ok.us/ to find out whether your computer is infected.

If you think your computer is infected, visit http://www.dcwg.org/fix/ to learn how to fix the problem.

 

After July 9, infected users won’t be able to connect to the Internet.

Most victims don’t even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their anti-virus software, making their machines more vulnerable to other problems.

Last November, the FBI and other authorities were preparing to take down a hacker ring that had been running an Internet ad scam on a massive network of infected computers.

“We started to realize that we might have a little bit of a problem on our hands because … if we just pulled the plug on their criminal infrastructure and threw everybody in jail, the victims of this were going to be without Internet service,” said Tom Grasso, an FBI supervisory special agent. “The average user would open up Internet Explorer and get ‘page not found’ and think the Internet is broken.”

On the night of the arrests, the agency brought in Paul Vixie, chairman and founder of Internet Systems Consortium, to install two Internet servers to take the place of the truckload of impounded rogue servers that infected computers were using.

Federal officials planned to keep their servers online until March, giving everyone opportunity to clean their computers. But it wasn’t enough time. A federal judge in New York extended the deadline until July.

Now, said Grasso, “the full court press is on to get people to address this problem.” And it’s up to computer users to check their PCs.

 

This is what happened:

Hackers infected a network of probably more than 570,000 computers worldwide. They took advantage of vulnerabilities in the Microsoft Windows operating system to install malicious software on the victim computers. This turned off anti-virus updates and changed the way the computers reconcile website addresses behind the scenes on the Internet’s domain name system.

Victim computers were reprogrammed to use rogue DNS servers owned by the attackers, which allowed the attackers to redirect computers to fraudulent versions of any website.

The hackers earned profits from ads that appeared on websites that victims were tricked into visiting. The scam netted the hackers at least $14 million, according to the FBI. It also made thousands of computers reliant on the rogue servers for their Internet browsing.

When the FBI and others arrested six Estonians in November, the agency replaced the rogue servers with Vixie’s clean ones. Installing and running the two substitute servers for eight months is costing the federal government about $87,000.

Vixie said most of the victims are probably individual home users, rather than corporations that have technology staffs who routinely check the computers.

 

Direct Link:  http://www.nbcbayarea.com/news/tech/Thousands-May-Lose-Internet-After-Hacking-Scam-148400825.html

Which Web Browser Is the Most Secure?

 Articles of Interest, Crimes & Criminal Activity (Organized Crime, Narcotics, Predators, Cyber Crime, Cyber Stalking, UnSolved), Firearms, Weapons & Personal Safety, National security, Terrorism, Cyber Terrorism & Related Crimes, Social Media, Technology & Digital Security  No Responses »
Mar 202012
 

Which Web Browser Is the Most Secure?

 

Zone Alarm News

February 28, 2012

 

Which Web Browser Is the Most Secure?

When a massive spam attack posted violent and pornographic images across the news feeds of many Facebook users last year, many wondered how hackers had launched the attack. Turns out, it was by exploiting a vulnerability in users’ web browsers.

The event shed light on an often-overlooked issue of online security, your web browser. There are many browsers available, such as Mozilla Firefox, Google Chrome, and Microsoft’s Internet Explorer. But the real question is: which browser offers the most protection from malware, adware, viruses, and hackers?

Many browsers are fighting for market share, and therefore paying more attention to their security, but popularity and security are not always equal.

A recent Accuvant study revealed that Chrome (the second most popular browser) ranks as the most secure web browser when compared to Internet Explorer (the most popular) and Firefox. Interestingly, this month the German government named Chrome the most secure browser, perhaps lending weight to the study. However, critics have pointed out that the study was commissioned by Google (creator of Chrome), and the findings may therefore be skewed.

Still, according to the study, Chrome ranks the highest in creating and putting into use new safety measures to boost its security, with Internet Explorer only slightly behind Chrome. Firefox was deemed the least secure in the study.

Despite these recent findings, the browser wars remain a hot-button issue, with various entities dubbing some browsers more secure than others. During the 2011 hacker conference, Pwn2Own, hackers attacked four popular browsers: Internet Explorer, Apple Safari, Mozilla Firefox, and Google Chrome. The hackers were able to quickly compromise Internet Explorer and Safari. In fact, these hackers were able to hack the browsers so thoroughly that they managed to write files on the hard drive of the computer they were attacking. Interestingly (and contrary to the Accuvant study findings), Chrome and Firefox both resisted hacking attacks during the exercise.

Regardless of the browser, manufacturers are always working to ensure users can enjoy surfing the web safely and securely—and that’s the good news. The bad news, as the Pwn2Own conference revealed, is that cybercriminals worldwide are also working hard to figure out new ways to hack your browser.

This means that it’s important for users to educate themselves about this threat and take the steps necessary to lessen their chances of falling victim to a browser security breach. What should you do? Keep the following tips in mind.

  • If you plan to download a new or different browser, make sure you are downloading a legitimate version. Go directly to the manufacturer’s site, and ignore ads or popups (which may be tricks to get you to install a corrupt version).
  • Set your online preferences to allow for software updates. Some browsers, such as Internet Explorer and Safari, will automatically update with your operating system. But others, including Firefox, automatically update themselves to deploy security patches and provide enhanced security features.
  • Set your browser’s security settings to the highest possible to prevent others from exploiting your browser.
  • Disable popups in your browsers or install security software that prevents popup windows. Deploying infected popups is a popular way that hackers trick users into downloading malware.

No matter which browser you use, always follow safe practices and be alert to any unusual or suspicious functioning when you log onto the web.

 

Direct Link:  http://blog.zonealarm.com/2012/02/which-web-browser-is-the-most-secure.html

What Kind of Germ Creates a Computer Virus?

 Articles of Interest, Crimes & Criminal Activity (Organized Crime, Narcotics, Predators, Cyber Crime, Cyber Stalking, UnSolved), Firearms, Weapons & Personal Safety, Social Media, Technology & Digital Security  No Responses »
Dec 132011
 

What Kind of Germ Creates a Computer Virus?
TIME Magazine / U.S.
By Jessica Reaves
Tuesday, June 20, 2000

I am tired of these viruses.

Every morning, I come into work, relatively chipper and ready to face the day. Problem is, more mornings than not, I’m met with the dispiriting news that a new high-tech bug is stalking my computer. By 10:30 or so, I’ve reached a state of low-grade panic; I have a third cup of coffee and imagine the virus circling my e-mail in-box like a vulture hunting for injured prey. And I know I’m in for it, because let’s face facts: In the grand scheme of the Internet world, I’m roughly the equivalent of a field mouse who’s had both its knees kicked in.

It’s taken me a long time to admit this, but here goes: I know close to nothing about computers, and my ignorance renders me virtually defenseless against the machinations of a bunch of 15-year-old kids with pocket protectors.

I know, I know. That’s an ugly stereotype of hackers. I’m sure that some of them are at least 18. But even that doesn’t really make me feel any better. And now, after enduring the onslaught of “Melissa,” the “Love Bug” and now “Stages,” I’ve just about had it. I want some answers. Who are these people and why are they so bent on destroying my hard drive and depriving me of precious e-mail?

Let’s take those questions one at a time. I’ll provide my deeply uninformed responses first, and then we’ll turn things over to the experts.

Who are these people?

Most hackers are obscenely young computer geniuses whose IQs probably trump mine by roughly 30 points. Most of these people are not what you would call social butterflies. They hack alone.

Dr. Charles Kreitzberg, CEO of Cognetics Corporation, a software company in Princeton Junction, N.J.:

“Most hackers are creative and intelligent, but they’re not necessarily people who fit comfortably into mainstream culture; they’re a counterculture group that likes to operate with relatively few face-to-face interactions.”

Why do they do it?

That’s a question doomed to yield little more than informed guesses. My feeling is that viruses are the 21st-century equivalent of the pig’s-blood scene in “Carrie.” In other words, we’re dealing with a bunch of people who didn’t have a great time in high school, and whose deepest desires fluctuate daily between wanting to be Bill Gates and wanting to destroy the entire Microsoft mainframe.

Haverford College professor Douglas Davis, who specializes in personality psychology and how people are affected by computer systems:

“In psychoanalytic terms, these hackers have a fantasy about what’s going to happen. They probably imagine their victims thinking they’re going to have a pleasurable experience (like opening a love letter or reading a joke) and it turns into something really rotten. It’s kind of like leaving an unpleasant package in someone’s mailbox and watching them open it. Hacking is, of course, a huge power trip for a young kid who gets to inflict this kind of inconvenience or actual discomfort on a whole lot of grown-ups, including the heads of the same corporations many of these kids might like to see humiliated.”

Dr. Kreitzberg:

“Obviously, there’s a wide spectrum of hackers, and most are not evil people trying to create havoc. If you look at most viruses, they don’t create terrible destruction. It’s much more like Zorro leaving his Z — these people want to let you know they were there, and that they were successful. Having said that, there is a lot of spurious philosophy evident in their content that’s reminiscent of the 1960s. Back then, the counterculture believed that the military industrial complex was evil, and there was a movement to eat away at it from the outside. Today, hackers look at big business as evil, and when they manage to slow or even stop those corporations, they see themselves as revolutionaries, like David felling Goliath.”

Yeah, well, I’m certainly pleased these hackers get to flex their biblical knowledge and hit one home for the little people and everything. But here’s a word of advice for any hackers who want to become just a tad more user-friendly: Next time you feel like hacking something, guys, stick to the real Goliaths and for Pete’s sake, stay the heck out of my tiny little cubicle.

Direct Link: http://www.time.com/time/magazine/article/0,9171,47866,00.html#ixzz1gSxs0sO5

DARPA gets serious with Internet security

 Articles of Interest, Crimes & Criminal Activity (Organized Crime, Narcotics, Predators, Cyber Crime, Cyber Stalking, UnSolved), Law Enforcement, National security, Terrorism, Cyber Terrorism & Related Crimes, Social Media, Technology & Digital Security  No Responses »
Nov 182011
 

DARPA gets serious with Internet security
By Michael Cooney
November 8, 2011

Network World – WASHINGTON — The Defense Advanced Research Projects Agency (DARPA) had a big hand in creating the Internet and now its wants to get serious about protecting it.

At its Colloquium on Future Directions in Cyber Security this week, DARPA Director Regina Dugan said that since 2009, the agency has steadily increased its cyber research efforts. Its budget submission for fiscal year 2012 increased cyber research funding by $88 million, from $120 million to $208 million. In addition, over the next five years, the agency plans to increase its top-line budget investment in cyber research from 8% to 12%.

“DARPA’s role in the creation of the Internet means we were party to the intense opportunities it created and share in the intense responsibility of protecting it. Our responsibility is to acknowledge and prepare to protect the Nation in this new environment,” said Dugan. “We need more and better options. We will not prevail by throwing bodies or buildings at the challenges of cyberspace. Our assessment argues that we are capability limited, both offensively and defensively. We need to fix that.”

The agency has been intently studying the cyber community to come up with what it calls the DARPA Cyber Analytic Framework which, among other things, found that over the past 20 years the effort and cost of information security software has grown exponentially — from software packages with thousands of lines of code to packages with nearly 10 million lines of code. By contrast, over that same period, and across roughly 9,000 examples of viruses, worms, exploits and bots, the analysis revealed a nearly constant average of 125 lines of code for malware.

Dugan said the current U.S. approach to cybersecurity that layers security on top of a standard architecture is not working. “These efforts represent the wisdom of the moment. But if we continue only down the current path, we will not converge with the threat,” she said.

So what to do? Well there are a number of efforts within DARPA that will move the cybersecurity effort forward. DARPA has built an expert cybersecurity team composed of people from the “white hat” hacker community, academia, labs and nonprofits, and major commercial companies, in addition to the defense and intelligence communities.

It has also enlisted the help of security experts such as the inventor of L0phtCrack, a Microsoft password auditing tool, and ex-BBN scientist Peiter “Mudge” Zatko, who now runs a DARPA program called Cyber Fast Track, which brings what he calls unique security technologies into the military realm.

“Having some of the best minds developing unique technologies and paying for what they do best is a key driver for Cyber Fast Track,” Zatko told the Colloquium audience. “Within the first two months of the program we have received 30 submissions, we have funded eight of them and handled the negotiations for those within seven days — four day has been the median. So we can now get prototypes delivered within months rather than years.”

Other security experts enlisted include Dan Roelker, whose background includes a stint at Raytheon where he started the DC Black Ops security unit. He also helped start Sourcefire, the intrusion detection company, and was a lead Snort developer. For DARPA he is now developing what he calls offensive security software.

“The current hacker vs. hacker mentality doesn’t work very well and it doesn’t scale,” Roelker said. One of the main areas his research is looking at is automation, where DARPA can develop technology that lets a single operator handle multiple security missions.

Still others, such as Tim Fraser, who came from Microsoft’s anti-malware group, are looking at ways to exploit and reuse code from current malware strings. The idea, Fraser said, is to extract malware features, study their evolution of malware and come up with an automated way to compare malware components and rapidly figure what’s old and what’s new. That method would conserve analysts’ time, reduce costs and let analysts concentrate on the new component of a threat, he stated.

Direct Link: http://www.computerworld.com/s/article/9221643/DARPA_gets_serious_with_Internet_security?taxonomyId=82&pageNumber=1

 Older Entries