August 31, 2005

Try Catching the WInd

Violent pornography may be repellent to most adults but banning it from British computers will be impossible

An evil place, the internet. When not tempting terrorists with sarin recipes, it is irresponsibly serving German cannibals their dinner, leading Japanese depressives to suicide and reuniting blameless friends to commit extramarital affairs. As if we weren’t being sufficiently depraved and corrupted, the Home Office has now uncovered a shocking online stash of extreme and violent pornography. It’s a wonder that Anglo-American forces have not yet invaded the net in search of the elusive, order-restoring “off” switch. - The Times OnlineCensor the Internet? Try Catching the Wind

Violent pornography may be repellent to most adults but banning it from British computers will be impossible

An evil place, the internet. When not tempting terrorists with sarin recipes, it is irresponsibly serving German cannibals their dinner, leading Japanese depressives to suicide and reuniting blameless friends to commit extramarital affairs. As if we weren’t being sufficiently depraved and corrupted, the Home Office has now uncovered a shocking online stash of extreme and violent pornography. It’s a wonder that Anglo-American forces have not yet invaded the net in search of the elusive, order-restoring “off” switch. - The Times Online

August 29, 2005

Two Arrested Over Release of Computer Worm

Moroccan and Turkish authorities have arrested two men believed to have written and released the Zotob computer worm that created havoc on networks at more than 100 US and other corporations almost two weeks ago.

The two men, a Moroccan and a Turk, were arrested after Microsoft, the software maker, tracked the worm's electronic trail across the internet and passed on its findings to the US Federal Bureau of Investigation. Source FT.com

August 24, 2005

Phishers and security firms in malware 'arms race' | The Register

Phishers and Security Firms in Malware 'Arms Race'

Conventional phishing attacks launched via spam messages are becoming eclipsed by sophisticated malware designed to steal identities, according to a study by Anti-Phishing Working Group (APWG). APWG's July 2005 phishing reports adds that fraudsters are developing approaches specially designed to neutralise counter-phishing technologies."

The Register

August 18, 2005

Pandora's Box

"You don't want to open that Pandora's Box, because you never know what Trojan Horses will leap out". Prime Minister Ernest Bevin

It’s now over three years since government started to recognise that it needed to address the problem of consumer Internet safety. In fact, to be accurate, you can add another eighteen months between the slow drawing of recognition and actually been told that the wheels were in danger of falling off if they continued to sit on their own hands and leave the matter in the hands of industry instead.



“The problem”, said one highly-placed civil servant”, in a meeting at the first eCrime Congress in London, “is that the Treasury won’t give us any money and we’re unlikely to get any budget until April of next year.” “Next year”, by the way, was 2004.

Over half way through 2005 and what was originally called Project Endurance, a public-private partnership aimed at reducing cyber crime has reappeared as a safety campaign, “Get Safe Online” focused on improving internet security for small business and consumers.

Don’t mistake me, this is a good thing but it was supposed to have been launched in October of last year and I have to ask how many millions of pounds have been lost or identities stolen, as a consequence of internet-related crime, while attempts were made to find a budget from private sector partnership, in this case, the generosity of Microsoft, Dell, HSBC, Lloyds TSB, Yell and eBay who will match a £150,000 grant from government.

In October, one or even four years late, depending on how you view it, a website will be launched, www.getsafeonline supported by “energetic” government and business support, which will offer expert advice in simple English on how to fight viruses, spyware and the risk of phishing-driven identity theft.

Over fifteen million people now have Broadband internet access. The value of the internet economy to the treasury continues to grow rapidly with UK ecommerce sales worth £39.5bn in 2003, estimated to grow to £47bn this year and £77bn by 2008. Meanwhile, the cost of computer-related crime in 2004 grew equally rapidly to £2.4bn according to the National Hi-tech Crime unit (NHTCU) survey, which reveals only the tip of a much larger iceberg.

If we recap then, the annual value to the Treasury from internet activity must now be fairly close to £1bn. Crime is costing business £2.4bn and there’s no true figure on what it costs consumers, such as the £350 I lost on one eBay fraud. Startled into action by news that that 25% of the world's remotely controlled PCs are found in Britain, government has managed to find £150,000 to contribute to a campaign that it should have taken responsibility for several years ago and I’ll quote the then e-Envoy, Andrew Pinder, from a New Statesman-sponsored roundtable from exactly two years ago, when I put it to him that with rapid Broadband adoption, we were facing a significant problem ahead:

“Things are actually a lot better than they were three years ago. There’s a lot more e-commerce happening on the internet. All our surveys say that people are more confident about using the net than they were three years ago. More people are doing a lot more transactions online, and we are not seeing significantly increased fraud.”

Pinder continued: “Let’s stop saying “there’s no leadership, it’s all terrible, it’s far worse than it was”. There needs to be a proper debate about what should be done. To throw everything back into the lap of the government and say, “Until government does something, it isn’t going to get any better” – that’s a load of cobblers.”

Get Safe Online, then is a last ditch effort to turn back a tsunami which everyone, apart that is from government, could see coming years ago. In some respects, there’s an unhealthy analogy with “Londonistan” and the threat from domestic terrorism, a refusal to face the facts mitigated by a small amount of furious activity once it’s too late to remediate against the problem.

Like the threat from terrorism, most of us are only too aware of the risks presented by internet crime but it may be a little too late, with over half the population now online, to launch a campaign and for government to present the impression that the matter is now under proper control. It’s not. It never was and four years too late, Pandora’s box will not be closed that easily.

Omanis Warned of IT fraud

The Central Bank of Oman has issued a warning about increasing incidents of online fraud activity in the country. The bank says Omani residents are being contacted by fictitious companies from outside the country through the Internet and by Fax with offers of dubious financial enrichment schemes. - AME Info

August 09, 2005

Black Pots and Kettles Perhaps

Hacker Criticises Cyber Crime Laws

McKinnon calls for international computer laws

Gary McKinnon, the UK hacker facing extradition to the US accused of 'the biggest military computer hack of all time', is calling for international computer crime laws to be passed

[via Latest updates from Computing.co.uk]

August 05, 2005

Cisco Website is Hacked

Networking giant Cisco has had to mount a security operation on its own website after a bug was found that could expose the passwords of staff, customers and other users. Computer Weekly

Banks Make Phishing Easy

Banks are leaving customers prey to theft by failing to validate security codes from the magnetic strip on the back of cash cards, IT industry analyst Gartner has warned.

Thieves who have conned customers into giving away account information using phishing techniques, fake bank e-mails requesting that recipients visit a website and enter their data use the data to withdraw money from ATMs.

In a new report on US banking, Gartner estimates that that this fraud cost an estimated $2.75bn (£1.55bn) in the 12 months to May 2005. Computer Weekly

August 03, 2005

Spear Phishing Threat Grows

Incidents of virus-ladened emails increased from one in every 51 emails in December 2004 to one in every 35 in January 2005 and one in every 28 by June 2005, IBM's Global Business Security Index Report concludes. The Register:

August 01, 2005

Can't Trust Nobody

Phishers Steal Trust from eBay Sign In Pages

Fraudsters have exploited a flaw in the eBay web site that allows them to orchestrate phishing attacks using eBay's own Sign In page. [via Netcraft]