News

Scammers would send out emails supposedly containing helpful information about the illness and its treatments. These emails would either have a virus installed which would allow them to access the recipient’s personal data, or lead them to a site that would ask them for information such as their bank details and private passwords.

Internet security companies are suspecting a similar bout of scams during the renowned ‘flu season’ as predictions emerge of a second wave of the virus. So while the hospitals prepare for a pandemic, we must prepare ourselves for an online spam invasion.

To avoid being fooled by these criminals make sure you have appropriate internet security, be cautious when opening emails or attachments from unknown senders and, for accurate swine flu information, visit official NHS sites.

Image credit: Don Hankins

Lily Allen takes a stand against illegal file sharing

“It’s not fair and I think you’re really mean… for downloading my songs without paying for them.” These would be more appropriate lyrics to Lily Allen’s recent single as she wages war on music piracy.

Allen has expressed her full support for Lord Peter Mandelson’s proposed legislation that pushes to suspend the internet connections of persistent file sharers. Lord Mandelson said:

The suspension is said to be used only as a last resort against repeat offenders who have been sent warnings against their illegal activity.

Allen recently posted a blog on her MySpace page entitled “It’s Not Alright” stating that “file sharing is a disaster” for new talent, a view that has since been backed by Elton John, James Blunt and Matt Bettany of Muse.

Stars such as Pink Floyd's Nick Mason, Annie Lennox and Ed O’Brien of Radiohead, all members of the Featured Artists Coalition (FAC) have suggested, however, that it would be unfair to punish fans who download only a small amount of music and say that it is an “important form of promotion”.

The reluctance of the FAC to back the proposed legislation has been viewed by some as an indication of their support for file sharing.

The FAC, a not-for-profit lobbying group that aims to educate and protect the rights of artists, released a statement on their website clarifying that they were not pro-illegal downloading and believe that the “work of artists should be paid for by those who enjoy it”.

The Coalition believe that punishing innocent fans is not the way forward and have stated: “In respect of this particular issue, we have agreed to disagree."

Image Credit: Benoît Derrier

Google pledges data mobility

As users finally understand the dangers of cloud computing, Google seeks to reassure them with extractable data applications. Pavla Tolonen hopes this will inspire all companies to do the same.

After the recent surge in antipathy for cloud computing services, Google has announced that they will enable all their resources to be extracted and placed on an alternative data bases – should a customer want this.

While welcomed, the move is not entirely unexpected as any ambitions Google may have for remote data storage would never work with users doubting the flexibility of their services. Cloud computing, which could easily be described as users saving photos, files and software on a remote server, has received increasing criticism for being one-sided in holding user data safe.

What is refreshingly surprising, however, is the attitude with which Google’s new Data Liberation team have approached the issue. They have revealed plans for a one-button extract tool and even incorporated a Monty Python joke while creating the name for the team assigned to convert all Google applications. Finally, Google has restored hope in their liberal, fun-seeking image.

Although this initiative is not originally a Google creation, the company seems to have successfully sparked enough debate about the inaccessibility of user information when a user wishes to leave a site.

The non-profit, inner-industry think tank Data Portability Project, has been struggling to perfect a strategy to tackle data mobility since 2007, but have now been beaten to the solution by Google.

Often data and images are hard to remove, or are completely lost if a user wishes to leave an account. This is why Google has already integrated Gmail and Blogger to the new system, so if a user wishes to leave they can get all their information at the figurative door.

Free, unenclosed data mobility is exactly where we should be headed in this industry, but how accurately this policy can be enacted will prove tricky. Several file format standards for moving files across different networks and operating systems will emerge and we will undoubtedly see a dominant format crush the competition.

Despite Google pioneering the main standard, they may not create the ideal standard for odd files like revision content, where several layers of modifications appear, making files larger to process. We will have to wait for a comprehensive system, but for now, this progress seems very promising.

Image credit: bionicteaching

The acsent of cybercrime

The Internet has given rise to a new breed of thief capable of stealing money on a scale of previously unimaginable proportions. Whereas the Great Train Robbery of 1963 made household names of men like Buster Edwards and Ronnie Biggs, for the theft of a mere£2.6 million, today’s cyber-criminals are making that sort of money every day without even leaving their living rooms.

Take last week’s story from the US: 28 year old Albert Gonzalez, a.k.a. “the soupnazi”, pleaded guilty to 19 counts of theft, for hacking into a number of well-known US firms, exploiting flaws in their security systems, and making off with over 40 million credit card details.

Once in possession of the information he sold most of the credit card details on to other crooks, but only after saving the choicest ones for himself. He cloned these ones and used them to withdraw the sort of cash your average 60s bank robber could only dream of.

Gonzalez is facing 45 years behind bars. The fact that he previously escaped jail back in 2003 for his role as a member of the “Shadow Crew” , by becoming an informant against his fellow thieves, means that he can expect little mercy from the courts when they come to sentence him in December.

However, around the world there are possibly thousands more unscrupulous individuals happy to step into his shoes. In Eastern Europe there are gangs reportedly making around $34 million a month through cyber-crime, and the CEO of McAfee, David DeWatt, hit the news last week when he announced that cybercrime has now officially overtaken the drugs trade in terms of overall value, believing it to be worth a staggering $105 billion.

With over 3 million Britons becoming victims of cyber-crime each year it looks like we are all going to have to face up to the dark reality of this digital age, and it’s about time we do; one of the biggest reasons that it has become so huge is that many of us simply don’t take the problem that seriously.

Image credit: Tracy O

Pidgeon beats Telkom broadband

The South African financial services provider Unlimited has beaten their internet provider Telkom’s ADSL transfer speeds by sending a 4GB memory stick across 60 miles attached to a pidgeon. When the pidgeon named Winston arrived from its two hour trek from Howick to Hillcrest, the online file transfer had reached four per cent, far underperforming the bird.

Kevin Rolfe, Head of Information Technology at the Unlimited Group agreed the 11-month-old pidgeon was obviously vulnerable to threats like bad weather conditions and hawks, but said the company were willing to take their chances regarding the new file transfer system.

The company hopes to further improve transfer speeds, arguing that Winston’s trainers could probably teach him to do the same journey in 45 minutes.

Telkom has denied any responsibility regarding the slow transfer speeds displayed by Unlimited and told the BBC they had tried to offer the company solutions for this but none had been accepted. Meanwhile over 300 eager followers in South Africa tuned into the activity via Twitter and 1,357 became fans of Winston the pidgeon on Facebook.

The official website for Winston the pidgeon www.pigeonrace2009.co.za, features regular updates from the bird’s blog, on which he posts topics concerning his existence as a pidgeon. The race could also be followed live online at www.ustream.tv. Winston also states the rules of Pigeonrace2009 on the site. These include “no cats allowed” and “birdseed must not have any performance enhancing seeds within.”

His victory has been keenly embraced online, with most of the media covering the story and tweeters flocking to congratulate the bird for its feat against Telkom.

Some have even created tributes to the pidgeon, joining the criticism towards a lack of inefficient internet access, which South Africa hopes will improve after three new fibre optic cables are delivered to the continent.

Image credit: Réne (and then some)

Wordpress hit by online attacks

Peter Moore looks at the news that Wordpress has become the latest victim of online hackers

This weekend Wordpress, one of the most popular open source blogging platforms, revealed that old versions of its software had been attacked by a potentially dangerous worm.

A statement released on Wordpress’ official blog noted that:

“Right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts.”

The appearance of the worm alarmed a worldwide network of Wordpress users, which includes millions of bloggers as well as organisations such as Ebay, the Daily Telegraph and Downing Street.

This latest attack suggests that Wordpress has become a victim of its own success. Wordpress blogging software is free to download while its infrastructure has been built by a global network of coders, making it an easy and obvious target for determined hackers.

To counter the growing threat posed by these hackers, Wordpress includes vital security updates in each of its new versions, which appear continuously throughout the year.

Each of these updates help to shut security holes, but as the code is open source (freely available to be viewed and developed) hackers can easily access it, study it and use this knowledge to target weak areas of coding with dangerous worms. Writing in the Guardian, Charles Arthur speculated:

“Some people are already comparing it to Windows: such a big target that any attack is bound to hit some big fish, and plenty of little ones. And how many people have enough control or interest in their blog to go to the trouble of cleaning up? Windows botnets tell you what the situation is like on Windows. Spam comments tell you how things are in terms of cleaning up comments. And what about cleaning up the hacked content of your blog?“

This latest attack is being considered a vital moment in the emergence of Wordpress as an important ‘building block’ of the web. Over the weekend, hackers have proven that the Wordpress infrastructure is still dangerously fragile and the question remains – could this be a fatal flaw in the open source plan.

A list of ‘Things You Need to Know’ about this latest Wordpress attack has been published on Lorelle’s Wordpress blog.

Image credit: For Ever Young

Council crash

Schadenfreude is not the most attractive thing in the world, says John Hillman, but sometimes you just can’t help yourself.

As we scour the world to bring you news of the latest virus outbreaks it’s not often that we come across a story that, dare we say it, might bring a smile to the face of the average person on the street.

But anyone in the UK who has rushed back from the shops, one minute over their allotted parking time, to find an intransigent uniformed council official smugly attaching a parking ticket to their car and grinning at them as they hopelessly plead for mercy, can’t help but chuckle at the plight of the Ealing Council worker who plugged a virus infected memory stick into his office PC and caused 1,838 of them to be lost.

However, having indulged my inner Jeremy Clarkson, the story in today’s Guardian highlights just how vulnerable even large scale organisations allow themselves to become by not making sure that they are protected with robust anti-virus software.

The infected memory stick unleashed a wave of chaos throughout the council’s computer system. Phone lines were brought down and internal communications made impossible. It cost Ealing over £500,000 in lost revenue, from lost library fines to uncollected rents, with a staggering £90,000 from the unpaid parking tickets alone.

The Tory run council has stated that it managed to protect frontline services and deal with the problem quickly and efficiently. However, £500,000 is going to leave a big hole in their finances – one which they’re going to have to fix. So how do you think they’ll do that? By increasing the number of traffic wardens perhaps? Next time I go to Ealing I think I’ll be taking the bus (sorry Jeremy).

Image credit: Paul & Aline

Jessica Biel most dangerous online celebrity

A new report from McAfee has announced that US actress Jessica Biel is now the most dangerous celebrity when it comes to searching for related content online. But to many Brits this will come as quite a shock, says John Hillman , as over here we simply don't know her well enough, or do we?

After a year in which Brad Pitt and Angelina Jolie looked unassailable, a surprise newcomer has emerged to claim the rather dubious honour of “world's most dangerous online celebrity”.

Jessica Biel has been named in McAfee’s annual report as the celebrity whose search results are most likely to lead you to a site containing malware.

Likewise, if you look at the figures for the UK alone, it emerges that local celebrity Jordan is the most dangerous name to search for here.

It appears that anyone looking for Biel related content has a staggering one-in-five chance of landing on a page that will attempt to attack your computer.

This incredibly high figure shows us that online criminals have identifies Biel as a serious traffic generator and are using her to propagate online threats. McAfee’s report states that:

“Cybercriminals are star watchers, too. They latch onto popular celebrities to encourage the download of malicious software in disguise.”

So what do we know about Jessica Biel and why is she suddenly more popular than the Brangelina axis? She is the star of such cinematic classics as The Texas Chainsaw Massacre (remake/tribute/whatever), I Now Pronounce You Chuck and Larry and Summer Catch.

Judging by the films she’s made and the type of audience they attract, and also by the way she looks, it is safe to say that this report should serve as a warning to all parents with teenage sons to make sure that their home PC is fully protected from threats. I could be wrong but I don’t think she’s the type of actress your grandmother will be Googling very often.

-------------------------------------------
Image Credit: Maggiejumps

Cybercrime- alternative career choice?

While the global economy still reels from the effects of the recession, it seems that some unemployed IT specialists are turning in cybercrime.. Murali Podila investigates.

In the wake of the discovery that a 130m credit and debit cards have been stolen in USA, researchers at the University of Brighton have concluded that there has been a dramatic increase in cybercrime over the recent years. This is backed up by recent statistics from the Internet Security threat report 2008 that show a 468% increase in computer viruses between 2007 and 2008.

The report also highlights an alarming increase in India, China, Brazil and Russia. Brazil, Russia and China are considered to be world leaders in cybercrime, whilst there has been a sizeable 50 fold increase in cybercrime in India. This increase has been due to low salaries and high turnover in the IT industry in India and also an increase in call center cybercrime. This involves hacking into the banks and then taking out money.

There are many ways to commit cybercrime. A popular way is a Denial of Service (DoS) attack that targets a website or web server by sending more traffic to it than it can handle. An ‘upside’ of DoS attacks is that they don’t steal any private information, which is where malware comes in. Malware are things such as viruses, worms, Trojans. This usually involves an executable file being replicated on a network thus causing things like deletion of important files.

Of all methods of cybercrime, the most recent and profitable is by using things like spyware, botnets and keystroke loggers. There are many ways that spyware can be profitable, the main way being spam and popups ads. Another worrying method is to gather bank account information or passwords by using key loggers.

Although there has been an increase in virus detection and protection, human error is still one of the major reasons why there are so many cybercrimes occurring.

-------------------------------

Image credit: Martin Kingsley

Future wars possibly online

Cyberwars may sound incredibly scifi-based but governments are bracing themselves for the new computer frontier.

Pavla Tolonen wonders if we’ll all survive.

As we get richer, lazier and more likely to surrender in a fight due to our sugar and carb-infested existence, we are also more prone to complain online and avoid real combat in any way possible. This behaviour, apparently, may also apply to actual warfare.

Governments across the globe have no doubt already solidified a selection of cybercrime policies, but now reports are trickling in suggesting that real war conflict may be settled online.

Now, we’re not talking about Mikhail Saakashvili taking on Dmitry Medvedev in World of Warcraft or Command & Conquer, but a fully-fledged attack on global databases, and they say it has already begun.

This month’s DDOS (denial-of-service) attacks on micro-blogging site Twitter showed how significantly a global network of millions of users can be disabled in a mere matter of seconds. Yet, still, experts are cavorting in the exuberance of cloud computing, in which users store data online.

Fair enough, it may be efficient and probably quite safe, but where are all the users who cry about user’s rights and the horrible tentacles of big brother. Surely keeping all your important documents on a foreign server far away from your own reach is simply you handing them over, nonchalantly hoping they will never be accessed and tampered with. Don’t be fooled, free email accounts really do have a price - they tax your prerogative.

To be fair, cloud computing is certainly an effective way to share software and interoffice documents, but as service providers increase their capacity to uphold more facilities online, we should not entirely follow by keeping all our activities on their server.

Service providers do not ultimately owe you anything as you are a free consumer, therefore you are entrusting them with your information with no real leverage. As you owe them for the service, they can take the right upon themselves to control the system, and all your information.

Of course email account providers like Yahoo, Hotmail and GoogleMail guarantee your personal details, but the bigger their data bases become, and the more they move towards comprehensive cloud computing, the higher the risk is that somebody attempts to attack them for it.

So with computing, just like anything else, remember to spread the risk over several sources. Buy an external hard-drive (or at least a USB stick), invest in more than one email address and keep any important printed files at home.

Image credit: tnarik

Australian hacker pandemic

The latest arrest of an Adelaide hacker is really just the tip of the iceberg says John Hillman.

News today an Australian hacker has been charged with infecting over 3,000 computers, in an attempt to capture banking and credit card data, will not come as a surprise to the Australian Computer Society.

Neither will the fact that he has been charged with creating a botnet of 74,000 computers. This was so that he could bombard systems around the world with unwanted web traffic.

Australia is in the grip of a wave of cyber-crime. Recent data revealed that the problem down-under is so great that you are now more likely to become a victim of cyber crime than burglary, assault or robbery.

Personally that’s no bad thing; forced to make a choice between having someone steal money from my account or coming face-to-face with a burglar at 3 a.m. I’m sure that most of us would choose the former. But it does highlight just how prevalent the problem has become.

Even though this man now faces being sentenced for up to 10 years each for each of his multiple crimes, the fact that he did it suggest that the possible gains from such activities outweigh the risks, in the criminal’s mind at least. Police believe that his arrest will soon lead to many others.

Things are so bad that the ACS’s Chairman, Kumar Parakala, recently said that cyber-crime in Australia was endangering their digital economy and had become:

“A major impediment to our further growth in this area, and requires a corresponding investment by Government and commercial interests to help Australians increase and maintain confidence in online transactions.”

This follows from last June when a major tax-refund scam targeted Australian taxpayers, directing them to a replica tax office website in an attempt to gain their personal information, in an activity known as phishing.

The problem has been caused, according to the ACS, by a general level of ignorance about cyber-security amongst the government, business community and the general public, making them soft targets for the organised criminal activities of the gangs. It is, said Parakala:

“...an unfortunate by-product of high speed, always on, internet services.”

Security software would go a long way to reducing these attacks by preventing hackers from accessing your PC and warning you when you are visiting bogus phishing websites.

Music downloading still rampant

John Hillman reports on the findings of a new survey by UK Music, showing that young people are still taking big risks when it comes to free music

Malware threats don’t appear to be stopping young people from illegal downloading.Why? So it may be illegal and it might destroy your computer but here’s the thing, according to one respondent:

"It was my parent's computer, so if anyone was going to get in trouble, it wasn't going to be me. Excellent."

There you have it, 61% of respondents said that still they downloaded music through peer-to-peer networks, and this despite the popularity of new sites such as Spotify.

The survey looked at 14-24 year olds and was carried out by the University of Hertfordshire on behalf of UK Music.

The dangers of P2P file sharing are that you are basically opening your computer up for others to access, without knowing who they are.

When you consider that 70 of the world’s most popular websites hosted malicious content or contained a link to sites that did it’s pretty obvious that your child’s file sharing activities, even on well known sites, can put your family’s digital privacy in danger.

One of the safest precautions is the addition of good family protection software that cblocks your children from accessing inappropriate content online and restricts the amount of time they can actually spend online.