Beware the NSA Botnet

From Tech Dirt:
Over the weekend, the Dutch media operation NRC published yet anhad infected 50,000 computer networks with malware. The only really new thing here is the number. We already knew the NSA's TAO (Tailored Access Operations) group was infecting computers around the globe using packet injection, via a system it calls "quantum injection", and that it's used these to install malware on key computers inside Belgacom, the Belgian telco giant. However, the latest report basically shows that the NSA has been able to compromise computers and networks in the same manner all around the globe . . .
other Ed Snowden slide, showing how the NSA
Posted by on No comments:
Labels:

Bitcoin Gets Galactic Boost

From The Verge:
Richard Branson believes in Bitcoin, and he's putting his money where his mouth is. The billionaire CEO has announced that his commercial space startup Virgin Galactic will now accept payment from future astronauts in the virtual currency.
"Virgin Galactic is a company looking into the future, so is Bitcoin," Branson writes in a blog post on the Virgin site. "So it makes sense we would offer Bitcoin as a way to pay for your journey to space."
Posted by on No comments:
Labels:

Google Exec: "Encrypt Everything!"

From The Verge:
Since revelations of the NSA's widespread data collection and monitoring earlier this year, Google has staunchly denied working with the government agency and has taken it to task on a number of occasions. After calling the NSA surveillance "outrageous" earlier this month, Google executive chairman Eric Schmidt has come out against the agency again in an interview with Bloomberg News. "The solution to government surveillance is to encrypt everything," Schmidt said in a speed at the Johns Hopkins University School of Advanced International Studies. "We can end government censorship in a decade."
Posted by on No comments:
Labels:

The Surveillance Industry Index

Privacy International has released a Surveillance Industry Index.  From PI:
Privacy International is pleased to announce the Surveillance Industry Index,
the most comprehensive publicly available database on the private surveillance sector.
Over the last four years, Privacy International has been gathering information from various sources that details how the sector sells its technologies, what the technologies are capable of and in some cases, which governments a technology has been sold to. Through our collection of materials and brochures at surveillance trade shows around the world, and by incorporating certain information provided by Wikileaks and Omega Research Foundation, this collection of documents represents the largest single index on the private surveillance sector ever assembled. All told, there are 1,203 documents detailing 97 surveillance technologies contained within the database. The Index features 338 companies that develop these technologies in 36 countries around the world.
This research was conducted as part of our Big Brother Incorporated project, an investigation into the international surveillance trade that focuses on the sale of technologies by Western companies to repressive regimes intent on using them as tools of political control.
What we found, and what we are publishing, is downright scary . . .
Posted by on No comments:
Labels:

Police Pay Cryptolocker Ransom

From The Herald News:
A computer virus that encrypts files and then demands that victims pay a “ransom” to decrypt those items recently hit the Swansea Police Department.
The department paid $750 for two Bitcoins — an online currency — to decrypt several images and word documents in its computer system, Swansea Police Lt. Gregory Ryan said.
“It was an education for (those who) had to deal with it,” Ryan said, adding that the virus did not affect the software program that the police department uses for police reports and booking photos. . . .

CryptoLocker, a new Windows ransomware virus sweeping across the country, hit the Swansea Police Department on Nov. 6. The virus encrypted several files that could only be decrypted through the purchase of Bitcoins, an unregulated digital currency, to pay for the special “decryption key.” A countdown clock appeared on a computer screen showing how much time the department had to buy the key before all the files were deleted.
Posted by on No comments:
Labels: ,

Bitcoin Blows Past $600

From CNBC:
Bitcoin touched a fresh all-time high on Monday as the digital currency continued to gain favor with investors.  The virtual currency rose to just under $619 on Mt. Gox exchange Monday afternoon in Asia, up by over 25 percent from the same time on Sunday.
Its latest gains come as the potential for regulation hangs over the market. The U.S. Senate Committee on Homeland Security and Governmental Affairs (HSGAC) is set to begin a hearing at 3.00 p.m. Washington time on Monday. The event will bring representatives from different federal agencies and representatives from the bitcoin community to discuss virtual currencies.
Posted by on No comments:
Labels:

Executive Computer Illiteracy a Threat to Consumer Data Security

Here's an interesting new study from Threat Track Security, a "blind survey of 200 security professionals dealing with malware analysis within U.S. enterprises."  From the release:
ThreatTrack Security today published a study that reveals mounting cybersecurity challenges within U.S. enterprises. Nearly 6 in 10 malware analysts reported they have investigated or addressed a data breach that was never disclosed by their company.

These results suggest that the data breach epidemic - totaling 621 confirmed data breaches in 2012, according to Verizon's 2013 Data Breach Investigations Report - may be significantly underreported, leaving enterprises' customers and data-sharing partners unaware of a wide array of potential security risks associated with the loss of personal or proprietary information. Moreover, the largest companies, those with more than 500 employees, are even more likely to have had an unreported breach, with 66% of malware analysts with enterprises of that size reporting undisclosed data breaches. 
Despite their gravity, the reasons behind these breaches are rather funny:
malware analysts revealed a device used by a member of their senior leadership team had become infected with malware due to executives:
  • Visiting a pornographic website (40%)
  • Clicking on a malicious link in a phishing email (56%)
  • Allowing a family member to use a company-owned device (45%)
  • Installing a malicious mobile app (33%)
Posted by on No comments:
Labels:
Subscribe to: Posts (Atom)