New Research On Computer Backdoors Reveals Disturbing Long Term Risks For All Netizens

Nov 052012
 

Research by the University of Toronto Citizen Lab shows that computer back doors are a permanent security risk to users through out the world.

Their research based on events in the middle east demonstrates readily available commercial software is being used by governments to infiltrate computers used by critics and dissidents.

Bloomberg news reported the case of Ahmed Mansoor who was sitting in “his study in Dubai and made the mistake of clicking on a Microsoft Word attachment that arrived in an e-mail, labeled “very important” in Arabic, from a sender he thought he recognized.

“With that click, the pro-democracy activist unwittingly downloaded spyware that seized on a flaw in the Microsoft Corp. (MSFT) program to take over his computer and record every keystroke. The hackers infiltrated his digital life so deeply they still accessed his personal e-mail even after he changed his password.

Since then, Mansoor, 42, an electrical engineer and father of four, says he has suffered two beatings by thugs in September during his campaign for citizens’ civil rights in the Persian Gulf federation of the United Arab Emirates. While those assailants remain unknown, researchers say they’ve figured out what was behind the virtual assault.

Continue reading »

The Need To Teach Cyber Security To Journalists

Jan 252012
 

There has always been pressure on journalists to reveal their sources, often the call is couched in terms of national security, but with the universal use of computers and the online communication the issue has become more important as various groups gain access to journalist notes, records and other materials stored on their computers by nefarious means.

The Columbia Journalism Review has looked at this issue and finds that there needs to be much more education about cyber security rather than the traditional lessons on not revealing sources, keeping notes and tapes physically secure and similar techniques. That is not to say these are not still relevant but the widespread use of online interception and surveillance technology means these lessons need to be augmented to incorporate modern technology.

The Review article reads:

Since 2007, Steve Doig, an investigative journalist, has been giving a talk called “Spycraft: Keeping your sources private.” He’s presented at conferences for Investigative Reporters and Editors and the National Institute for Computer Assisted Reporting, explaining a number of specific technological tips for reporters: using Tor for online anonymity, the benefits of no-contract cell phones, and how to trick keyloggers, among other tools.

Continue reading »

A Quick Reminder Of The Basics Of Internet Security

Jul 102011
 

Sophisticated internet security mechanisms are widely available but it is frightening how many people ignore the very basics of staying safe online, particularly those living in regimes with censorship, cyber monitoring, government sponsored spyware.

In some cases the danger is financial – stolen credit card and bank account details but for many netizens, dissidents and politicians in part of Asia the danger can be their freedom or even their life.

I was recently speaking to an opposition politician from an Asian country with a somewhat nasty reputation for attacks on anyone who dares to question their actions. He gave me his email and then said ”by the way do you think the government monitors our computers and emails”. I then asked about what encryption he used and some general questions about the computer system in his office. The answer: a  blank look and a comment he did not even lock the office door let  alone turn off  the computer.

So with that in mind I thought some people may need a reminder of the basics of internet security.

The first is don’t leave your computer on, unattended and in an area that others have access to. On second thoughts, just log off even if you live in a bunker.

Once past that point I hand over to Jason Alderman writing in Huffpost Tech  who has some excellent advice.

Update security software. Make sure their computers have anti-virus and anti-spyware software and show them how to update it regularly.

Think like the bad guys. Even the best software isn’t 100 percent foolproof, so teach them how to anticipate and ward off annoying — or criminal — behavior. For example:

Continue reading »

Cyber Security Likely Agenda Item For U.S. – China Summit

May 092011
 

This weeks China U.S. Strategic and Economic Dialogue  in Washington is broadening away from its traditional economic topics to include issues such as cyber security.

The meeting, May 9-10, is also the first to include Chinese military representatives.

The China Digital Times reports that one of the likely items up for discussion will be the internet and China’s role in recent cyber attacks.  It quotes the right wing Heritage Foundation as saying China has launched attacks aimed at gaining sensitve information including defense data such as plans for military aircraft. Continue reading »

New Survey: Vietnam Location Of Leading Cyber Scammers

Feb 102011
 

Despite an authoritarian Government and a tightly controlled internet Vietnam has emerged as the top country for cyber scamming and risky online dealings.

The world wide survey “Mapping the Mal Web” commissioned by software company Mcafee found that nearly sixty percent of domains in Vietnam were risky.

This puts it at the top of the riskiest country list and pretty much level with risks from non country specific “Top Level Domains” such as .info.

Other countries in the region including Laos and China were also cited as being risky domains but well below the risks posed from .vn sites.

Over all ther report found that malware volumes continued to climb in 2010, with the first six months of 2010 being the most active half year ever for total malware production.

 

Continue reading »

USA Internet Kill Switch – Political Censorship or Responsible Security Precaution

Jun 282010
 
A new cyber-security bill moving through the US Government at the moment has provisions for the President to pull the plug on the internet if he deems it necessary for national security reasons.
Critics have raised concerns about what could be seen as the ultimate on-line censorship but supporters contend it is necessary to stop a wide spread cyber attack. In addition they say the bill actually limits the President’s current powers over national communications as outlined in a 1934 bill.
The bill does not appear to allow the selective screening and interception of on-line traffic that regimes such as China and Vietnam practise instead it is an emergency security measure
Writing on the website  Daily Finance Sam Gustin argues the bill is not something to be scared of.